Former NSA contractor designs ‘surveillance-proof’ font
(CNN) — Can graphic design help protect your privacy? Sang Mun, a designer and former NSA contractor, thinks so.
Just months after Edward Snowden controversially lifted the lid on digital surveillance being conducted by the U.S. and other governments, the issue of online privacy is back in the spotlight.
Earlier this month Facebook CEO Mark Zuckerberg expressed concern that users’ trust in internet companies had been damaged by the revelations. Google’s Eric Schmidt also called for greater transparency from the U.S. government over surveillance.
Sang Mun’s response was more direct — the Korean designer has created four new fonts called ZXX that aim to disrupt the Optical Character Recognition (OCR) systems used by Google and others to analyze text.
“I decided to create a typeface that would be unreadable by text scanning software (whether used by a government agency or a lone hacker),” Mun told CNN via email, “misdirecting information or sometimes not giving any at all.”
Mun, who worked with the NSA during his time in the Korean military, says that a number of global developments motivated him to act: “The news about the NSA secretly building the country’s biggest data center; the House passing the controversial Cyber Intelligence Sharing and Protection Act (CISPA); the social network media accumulating abundant information on every individual’s life; Google announcing its work-in-progress Glass project — and the list goes on.”
“Sometimes these ideas about privacy can feel large and abstract to the average person. I thought that addressing these issues through the design of a typeface — a building block of language and communication — would bring home the conversation to the average person,” Mun says.
The four different fonts — Camo, False, Noise and Xed — were developed through a rigorous process of drawing a testing, Mun says: “The challenge was to make the OCR legible typeface illegible to computer vision, while keeping it readable to the human eye.”
Each font uses a different optical trick to make them difficult to scan: ‘Camo’ adds camouflage-like patterns over letters, ‘Noise’ overlays the letters with dots, ‘Xed’ puts a neat X across each character, and ‘False’ uses a small letter beneath a larger ‘false’ one.
Matthew Green, Research Professor of Computer Science at Johns Hopkins University, says that of the four different fonts, ‘False’ could be most promising, but that in his view camouflaged fonts are not terribly effective at protecting people’s privacy: “For standard optical character recognition that’s tuned to read traditional typefaces and handwriting, yes, I think (these fonts) will be confusing … But if the NSA really wants to detect this data? Not really. The problem here is that the fonts don’t appear to be randomized, which means every time I type the letter ‘A’ I’ll get the same letter. To an OCR program these letters are just shapes. The funny-looking A shape is no more difficult to detect than a real A shape.”
Ross Anderson, Professor in Security Engineering at the University of Cambridge Computer Laboratory, shares Green’s criticisms: “I don’t think any of this is more than privacy theater. The fonts could probably be broken.”
Mun concedes that the fonts’ actual effectiveness may be limited, but that he hopes they will alert people to the issue of digital surveillance: “ZXX is a call to action, both practically and symbolically, to raise questions about privacy. Intercepting and storing world citizens’ words and thoughts is simply a vulgar intrusion on our daily lives … It’s our duty to call out crimes against democracy.”
Sang Mun’s fonts are available for download here. Ross Anderson’s font can be found here.