PDF Forensic Report - Job Reference



Similar documents
White Paper. Kofax Implementation of TIFF with JPEG Compression

A JPEG Decoder Implementation in C Chris Tralie ELE 201 Fall 2007

JPEG File Interchange Format

Digital Image Integrity

Otis Photo Lab Inkjet Printing Demo

Making TIFF and EPS files from Drawing, Word Processing, PowerPoint and Graphing Programs

Introduction. Monitor calibration X-Rite ColorMunki X-Rite i1 Display Pro (A) srgb (B) 8 bit jpeg file (C) 1400 pixels wide x 1050 high

SERIES T: TERMINALS FOR TELEMATIC SERVICES Still-image compression JPEG-1 extensions

Image Optimization GUIDE

Preserving Technical Photo Metadata

FOSS, 24th April 2014 Digital Image Management

DIVIDER G U I D E L I N E S

Each figure of a manuscript should be submitted as a single file.

MassArt Studio Foundation: Visual Language Digital Media Cookbook, Fall 2013

Image Resolution. Color Spaces: RGB and CMYK. File Types and when to use. Image Resolution. Finding Happiness at 300 dots-per-inch

SCANNING, RESOLUTION, AND FILE FORMATS

balesio Native Format Optimization Technology (NFO)

Office of Creative Services. Tuck Visual Identity. A reference guide to Tuck s logos and visual identification standards

Get the Best Digital Images Possible. What s it all about anyway?

Preparing TIFF-images for publication

MMGD0203 Multimedia Design MMGD0203 MULTIMEDIA DESIGN. Chapter 3 Graphics and Animations

What Resolution Should Your Images Be?

Scanning and OCR Basics

Links. Blog. Great Images for Papers and Presentations 5/24/2011. Overview. Find help for entire process Quick link Theses and Dissertations

Digital photo management using iview MediaPro 3 and Capture One PRO

INTERNATIONAL TELECOMMUNICATION UNION TERMINAL EQUIPMENT AND PROTOCOLS FOR TELEMATIC SERVICES

Adobe Certified Expert Program

Preparing Images for PowerPoint, the Web, and Publication

Basic File Recording

Unit R082 Creating digital graphics. File Formats and the Properties of Digital Images and Graphics

All about pixels: why you should avoid inserting artificial pixels and how to generate enough good pixels

Periodontology. Digital Art Guidelines JOURNAL OF. Monochrome Combination Halftones (grayscale or color images with text and/or line art)

Best practices for producing high quality PDF files

What resolution should I use? Resizing an Image for Print

In addition, a decision should be made about the date range of the documents to be scanned. There are a number of options:

Logo Standards Guideline

Digital Imaging and Image Editing

14.1 Scanning photographs

Guidance on Using Scanning Software: Part 2. VueScan

EVIDENCE PHOTOGRAPHY TEST SPECIFICATIONS MODULE 1: CAMERA SYSTEMS & LIGHT THEORY (37)

A Adobe RGB Color Space

Digital Image Requirements for New Online US Visa Application

BICA PHOTOGRAPHICS. Price List

Comparison of different image compression formats. ECE 533 Project Report Paula Aguilera

Digital Forensics Tool Testing Image Metadata in the Cloud. Philip Clark

Printing to the Poster Printer

Preparing graphics for IOP journals

Digital Photo Print Guide

ICC Profiles Guide. English Version 1.0

TABLE OF CONTENTS. SECTION ONE: OVERVIEW... 4 Who are these guidelines for?... 4 What is a visual identity guideline?... 4

Reduce File Size. Compatibility. Contents

Technical Tip Image Resolutions for Digital Cameras, Scanners, and Printing

Print Services User Guide

How To Use The Arles Image Page Creator On Pc Or Mac Or Macbook Or Macintosh (Or Mac) With A Web Browser (Or Ipc) With An Ipc (Or Pc Or Ipc).Html (Or Your Mac)

TEXT FILES. Format Description / Properties Usage and Archival Recommendations

Digimarc for Images. Best Practices Guide (Chroma + Classic Edition)

FILE PREPARATION GUIDE

PRINT SPECIFICATIONS PRINT ADVERTISEMENT SPECIFICATIONS BLEED AD SPECIFICATIONS DIGITAL SPECIFICATIONS MEDIA GLOBAL

Digital Preservation. Guidance Note: Graphics File Formats

Trinity College Library Dublin

How to resize, rotate, and crop images

Epson Color-Managed Workflow: Getting the Color You Expect in Your Prints

Using Adobe Acrobat X Professional

Introduction to File Carving

A Adobe RGB (1998) Color Image Encoding. Version May 2005

Scanning in Windows XP: Basics Learning guide

Optimizing Adobe PDF files for display on mobile devices

Design rule. for. Camera File system

Color Workflows for Adobe Creative Suite 3. A Self-Help Guide

Best Practices: PDF Export

How to Prepare Images for Electronic Presentation * by Thomas Field (rev )

Digital Image Authentication from JPEG Headers

Contents. A July 2008 i

KB COPY CENTRE. RM 2300 JCMB The King s Buildings West Mains Road Edinburgh EH9 3JZ. Telephone:

File System Forensics FAT and NTFS. Copyright Priscilla Oppenheimer 1

Statistical Modeling of Huffman Tables Coding

REVISED JUNE PLEASE DISCARD ANY PREVIOUS VERSIONS OF THIS GUIDE. Graphic Style Guide

The legal admissibility of information stored on electronic document management systems

ACADEMIC TECHNOLOGY SUPPORT

NVCC Alexandria Campus

Resizing Photos on Windows computers By John Allen

Instructions for Creating a Poster for Arts and Humanities Research Day Using PowerPoint

Digital Asset Management

UNIVERSITY OF CALICUT

Understanding HD: Frame Rates, Color & Compression

Transcription:

PDF Forensic Report - Job Reference Final report of for Dated: Specialist field: Photography Forensics On behalf of the claimant: On the instruction of: Subject matter: The client is looking to establish whether a photograph has been digitally manipulated Investigator information Name: Address: Data Recovery Services Ltd, Unit 1 Avon House, 19 Stanwell Road, Penarth, CARDIFF CF64 2EZ Telephone no: 029 2070 6360 E-mail: service@datarecoveryspecialists.co.uk Page 1 of 14

1.0 Introduction 1.01 The Writer Name: Experience: I am an experienced investigator in digital photographic forensics and data recording and storage. I have been working in this capacity for 8 years. Prior to this I was a computer programmer and analyst. During my employment with Data Recovery Services Ltd, I have gained considerable experience in numerous forensic tools such as X-Ways Forensic Suite, Image Error Level Analysis, Stellar Phoenix Data Recovery, Access Data FTK Forensic Suite, Adobe CS5 Creative Suite and numerous other applications relevant to my work. 1.02 Summary Background of the Case The Client has engaged us to analyse the digital photograph "xxx.jpg", which is a photograph of a xxx, to establish whether it has been digitally manipulated. A xxx is a is a widely accepted analytical technique used to detect xxx. 1.03 Summary of my Conclusions It is my opinion that these photos look tampered with. As with all digital photos that have been printed or transferred to other programs, there is uncertainty as to the original source. These photos are also very low resolution and high image noise, so our findings cannot be considered absolutely definitive. However, there is significant evidence to support claims that these images have been digitally manipulated. Page 2 of 14

1.04 Tools Used Image Error Level Analysis Error level analysis can help you work out if a photo has been digitally altered. Photos in a jpeg file format actually lose quality each time they are resaved. We can take advantage of this to try and work out if an image has been digitally manipulated. Error level analysis allows you to see the difference in quality level, represented by brightness. Things which are very bright have been edited most recently, whilst duller parts have been resaved multiple times. This allows you to see not just which parts of the image have been changed, but in what order the changes occurred. The figures in the Index comprise the original photograph, followed by the image error level analysis and any specific areas of interest. Adobe Photoshop CS5 Adobe Photoshop CS5 photographic manipulation software is used to interrogate pixel aspect ratios and zoom into areas of particular interest. Pixel aspect ratio is a mathematical ratio that describes how the width of a pixel in a digital image compares to the height of that pixel. JPEG Snoop Version 1.5.2 JPEG Snoop is a software package that allows a user to identify whether a picture has been retouched. It analyses a range of data and grades an image from Class 1 (definitely processed/edited) to Class 4 (uncertain if edited or original). Whilst it cannot define whether a photo is "original", it can ascertain if it has been tampered with. JPEG Snoop uses an internal database that compares an image against a large number of compression signatures. If the compression signature matches any photo editing software, we can be reasonably certain that the image has been edited. Page 3 of 14

2.0 Chain of Custody 2.01 Original Evidence I was given access to the original evidence on the xxx. The original evidence was emailed to me at 09.01 and comprised of a single digital photograph in jpeg format named xxx.jpg 2.02 Imaging and Investigation The investigation of the images was conducted in Image Error Level Analysis software, Adobe Photoshop and JPEG Snoop. The evidence is shown in the Index and comprises the original presented photograph, followed by the image error level analysed image, zoomed screenshots and JEG Snoop logs. 2.03 Evidence Storage and Handling During investigation the original evidence was maintained on an external hard drive with limited physical access. Whilst handling the evidence great care has been taken to ensure that it is not corrupted and that its integrity is maintained. 3.0 Examination Details 3.01 Examination The examination process was completed in accordance with the Association of Chief Police Officers (ACPO) Guidelines for Electronic Evidence and the Civil Procedure Rules. The guidelines consist of four principles: 1. No action taken by law enforcement agencies or their agents should change data held on a computer or storage media which may subsequently be relied upon in court. 2. In exceptional circumstances, where a person finds it necessary to access original data held on a computer or on storage media, that person must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions. 3. An audit trail or other record of all processes applied to computer based electronic evidence should be created and preserved. An independent third party should be able to examine those processes and achieve the same result. 4. The person in charge of the investigation (the case officer) has overall responsibility for ensuring that the law and these principles are adhered to. These guidelines are widely accepted in courts of England and Scotland, but they do not constitute a legal requirement and their use is voluntary. However the Civil procedure Rules are clear in that we must provide a balanced, impartial and unbiased report. Our responsibility is to the Court and we cannot be "lead" by our client. Page 4 of 14

4.0 Items of Evidential Value 4.01 Digital Manipulation Image error level analysis shows that there is positive evidence to show that the xxx has been digitally replaced in it's entirety. Figure 1.0 shows the highlighted areas, which suggest digital manipulation. However the algorithms used for error level analysis can be unreliable, especially where images have been rescaled or compressed. Further interrogation shows that the pixel aspect ratio is consistent throughout all the photographs. This would be expected given that the image has been reproduced from a scan. Similarly there are no obvious inconsistencies in the light source or focus. However there are inconsistencies in the colouration surrounding the xxx and also the outline as shown at Figure 2.0. Meta-data to establish creation, modification and access times (known as EXIF information) is only available on the original jpeg file and cannot be interrogated from reproduced or scanned files. Therefore we have no information to establish the history of this file. Lastly when assessed using JPEGsnoop, the image is defined as Class 1 - Image is processed/edited as shown in the logs at Figure 3.0. 5.0 Discussion 5.01 Discussion of the Facts Of course, most digital pictures have been compressed at some point, and editing in Photoshop has more or less become normal. Improvements in photo manipulation software such as Photoshop and GIMP have made image alteration both easier to commit and harder to detect. Despite these huge advances, it is still possible to determine whether a photograph has been digitally manipulated. Whilst none of the tools and techniques alone would give us a definitive conclusion, used in conjunction we can provide an expert opinion. All our findings suggest that the yellow label on this image has been digitally manipulated. Page 5 of 14

Index Fig 1.0 - Results of Image Error Level Analysis Page 6 of 14

Fig 2.0 - Zoom to show inconsistencies in colouration and outline Page 7 of 14

Fig 3.0 - Results of JPEG Snoop JPEGsnoop 1.5.2 Filename: [xxx.jpg] Filesize: [127561] Bytes Start Offset: 0x00000000 *** Marker: SOI (xffd8) *** OFFSET: 0x00000000 *** Marker: APP0 (xffe0) *** OFFSET: 0x00000002 length = 16 identifier = [JFIF] version = [1.1] density = 72 x 72 DPI (dots per inch) thumbnail = 0 x 0 *** Marker: APP2 (xffe2) *** OFFSET: 0x00000014 length = 3160 Identifier = [ICC_PROFILE] ICC Profile: Marker Number = 1 of 1 Profile Size : 3144 bytes Preferred CMM Type : 'Lino' (0x4C696E6F) Profile Version : 0.2.1.0 (0x02100000) Profile Device/Class : Display Device profile ('mntr' (0x6D6E7472)) Data Colour Space : rgbdata ('RGB ' (0x52474220)) Profile connection space (PCS) : 'XYZ ' (0x58595A20) Profile creation date : 1998-02-09 06:49:00 Profile file signature : 'acsp' (0x61637370) Primary platform : Microsoft Corporation ('MSFT' (0x4D534654)) Profile flags : 0x00000000 Profile flags > Profile not embedded Profile flags > Profile can't be used independently of embedded Device Manufacturer : 'IEC ' (0x49454320) Device Model : 'srgb' (0x73524742) Device attributes : 0x00000000_00000000 Device attributes > Reflective Device attributes > Glossy Device attributes > Media polarity = negative Device attributes > Black & white media Rendering intent : 0x01000000 Profile creator : 'HP ' (0x48502020) Profile ID : 0x00000000_00000000_00000000 Page 8 of 14

*** Marker: APP1 (xffe1) *** OFFSET: 0x00000C6E length = 214 Identifier = [Exif] Identifier TIFF = 0x[4D4D002A 00000008] Endian = Motorola (big) TAG Mark x002a = 0x002A EXIF IFD0 @ Absolute 0x00000C80 Dir Length = 0x0007 [Orientation ] = Row 0: top, Col 0: left [XResolution ] = 72/1 [YResolution ] = 72/1 [ResolutionUnit ] = Inch [Software ] = "Adobe Photoshop CS5 Macintosh" [DateTime ] = "2011:10:12 22:20:23" [ExifOffset ] = @ 0x00A4 Offset to Next IFD = 0x00000000 EXIF SubIFD @ Absolute 0x00000D1C Dir Length = 0x0003 [ColorSpace ] = srgb [ExifImageWidth ] = 2000 [ExifImageHeight ] = 1200 *** Marker: DQT (xffdb) *** Define a Quantization Table. OFFSET: 0x00000D46 Table length = 67 ---- Precision=8 bits Destination ID=0 (Luminance) DQT, Row #0: 12 8 7 12 17 29 37 44 DQT, Row #1: 9 9 10 14 19 42 44 40 DQT, Row #2: 10 9 12 17 29 41 50 41 DQT, Row #3: 10 12 16 21 37 63 58 45 DQT, Row #4: 13 16 27 41 49 79 75 56 DQT, Row #5: 17 25 40 47 59 76 82 67 DQT, Row #6: 36 47 57 63 75 88 87 74 DQT, Row #7: 52 67 69 71 82 73 75 72 Approx quality factor = 63.69 (scaling=72.62 variance=1.16) *** Marker: DQT (xffdb) *** Define a Quantization Table. OFFSET: 0x00000D8B Table length = 67 ---- Precision=8 bits Destination ID=1 (Chrominance) DQT, Row #0: 12 13 17 34 72 72 72 72 DQT, Row #1: 13 15 19 48 72 72 72 72 DQT, Row #2: 17 19 41 72 72 72 72 72 DQT, Row #3: 34 48 72 72 72 72 72 72 DQT, Row #4: 72 72 72 72 72 72 72 72 DQT, Row #5: 72 72 72 72 72 72 72 72 DQT, Row #6: 72 72 72 72 72 72 72 72 DQT, Row #7: 72 72 72 72 72 72 72 72 Approx quality factor = 63.70 (scaling=72.61 variance=0.22) Page 9 of 14

*** Marker: SOF0 (Baseline DCT) (xffc0) *** OFFSET: 0x00000DD0 Frame header length = 17 Precision = 8 Number of Lines = 1200 Samples per Line = 2000 Image Size = 2000 x 1200 Raw Image Orientation = Landscape Number of Img components = 3 Component[1]: ID=0x01, Samp Fac=0x22 (Subsamp 1 x 1), Quant Tbl Sel=0x00 (Lum: Y) Component[2]: ID=0x02, Samp Fac=0x11 (Subsamp 2 x 2), Quant Tbl Sel=0x01 (Chrom: Cb) Component[3]: ID=0x03, Samp Fac=0x11 (Subsamp 2 x 2), Quant Tbl Sel=0x01 (Chrom: Cr) *** Marker: DHT (Define Huffman Table) (xffc4) *** OFFSET: 0x00000DE3 Huffman table length = 31 ---- Destination ID = 0 Class = 0 (DC / Lossless Table) Codes of length 01 bits (000 total): Codes of length 02 bits (001 total): 00 Codes of length 03 bits (005 total): 01 02 03 04 05 Codes of length 04 bits (001 total): 06 Codes of length 05 bits (001 total): 07 Codes of length 06 bits (001 total): 08 Codes of length 07 bits (001 total): 09 Codes of length 08 bits (001 total): 0A Codes of length 09 bits (001 total): 0B Codes of length 10 bits (000 total): Codes of length 11 bits (000 total): Codes of length 12 bits (000 total): Codes of length 13 bits (000 total): Codes of length 14 bits (000 total): Codes of length 15 bits (000 total): Codes of length 16 bits (000 total): Total number of codes: 012 Page 10 of 14

*** Marker: DHT (Define Huffman Table) (xffc4) *** OFFSET: 0x00000E04 Huffman table length = 181 ---- Destination ID = 0 Class = 1 (AC Table) Codes of length 01 bits (000 total): Codes of length 02 bits (002 total): 01 02 Codes of length 03 bits (001 total): 03 Codes of length 04 bits (003 total): 00 04 11 Codes of length 05 bits (003 total): 05 12 21 Codes of length 06 bits (002 total): 31 41 Codes of length 07 bits (004 total): 06 13 51 61 Codes of length 08 bits (003 total): 07 22 71 Codes of length 09 bits (005 total): 14 32 81 91 A1 Codes of length 10 bits (005 total): 08 23 42 B1 C1 Codes of length 11 bits (004 total): 15 52 D1 F0 Codes of length 12 bits (004 total): 24 33 62 72 Codes of length 13 bits (000 total): Codes of length 14 bits (000 total): Codes of length 15 bits (001 total): 82 Codes of length 16 bits (125 total): 09 0A 16 17 18 19 1A 25 26 27 28 29 2A 34 35 36 37 38 39 3A 43 44 45 46 47 48 49 4A 53 54 55 56 57 58 59 5A 63 64 65 66 67 68 69 6A 73 74 75 76 77 78 79 7A 83 84 85 86 87 88 89 8A 92 93 94 95 96 97 98 99 9A A2 A3 A4 A5 A6 A7 A8 A9 AA B2 B3 B4 B5 B6 B7 B8 B9 BA C2 C3 C4 C5 C6 C7 C8 C9 CA D2 D3 D4 D5 D6 D7 D8 D9 DA E1 E2 E3 E4 E5 E6 E7 E8 E9 EA F1 F2 F3 F4 F5 F6 F7 F8 F9 FA Total number of codes: 162 *** Marker: DHT (Define Huffman Table) (xffc4) *** OFFSET: 0x00000EBB Huffman table length = 31 ---- Destination ID = 1 Class = 0 (DC / Lossless Table) Codes of length 01 bits (000 total): Codes of length 02 bits (003 total): 00 01 02 Codes of length 03 bits (001 total): 03 Codes of length 04 bits (001 total): 04 Codes of length 05 bits (001 total): 05 Codes of length 06 bits (001 total): 06 Codes of length 07 bits (001 total): 07 Codes of length 08 bits (001 total): 08 Codes of length 09 bits (001 total): 09 Codes of length 10 bits (001 total): 0A Codes of length 11 bits (001 total): 0B Codes of length 12 bits (000 total): Codes of length 13 bits (000 total): Codes of length 14 bits (000 total): Codes of length 15 bits (000 total): Codes of length 16 bits (000 total): Total number of codes: 012 *** Marker: DHT (Define Huffman Table) (xffc4) *** OFFSET: 0x00000EDC Huffman table length = 181 ---- Destination ID = 1 Page 11 of 14

Class = 1 (AC Table) Codes of length 01 bits (000 total): Codes of length 02 bits (002 total): 00 01 Codes of length 03 bits (001 total): 02 Codes of length 04 bits (002 total): 03 11 Codes of length 05 bits (004 total): 04 05 21 31 Codes of length 06 bits (004 total): 06 12 41 51 Codes of length 07 bits (003 total): 07 61 71 Codes of length 08 bits (004 total): 13 22 32 81 Codes of length 09 bits (007 total): 08 14 42 91 A1 B1 C1 Codes of length 10 bits (005 total): 09 23 33 52 F0 Codes of length 11 bits (004 total): 15 62 72 D1 Codes of length 12 bits (004 total): 0A 16 24 34 Codes of length 13 bits (000 total): Codes of length 14 bits (001 total): E1 Codes of length 15 bits (002 total): 25 F1 Codes of length 16 bits (119 total): 17 18 19 1A 26 27 28 29 2A 35 36 37 38 39 3A 43 44 45 46 47 48 49 4A 53 54 55 56 57 58 59 5A 63 64 65 66 67 68 69 6A 73 74 75 76 77 78 79 7A 82 83 84 85 86 87 88 89 8A 92 93 94 95 96 97 98 99 9A A2 A3 A4 A5 A6 A7 A8 A9 AA B2 B3 B4 B5 B6 B7 B8 B9 BA C2 C3 C4 C5 C6 C7 C8 C9 CA D2 D3 D4 D5 D6 D7 D8 D9 DA E2 E3 E4 E5 E6 E7 E8 E9 EA F2 F3 F4 F5 F6 F7 F8 F9 FA Total number of codes: 162 *** Marker: SOS (Start of Scan) (xffda) *** OFFSET: 0x00000F93 Scan header length = 12 Number of img components = 3 Component[1]: selector=0x01, table=0x00 Component[2]: selector=0x02, table=0x11 Component[3]: selector=0x03, table=0x11 Spectral selection = 0.. 63 Successive approximation = 0x00 Page 12 of 14

*** Decoding SCAN Data *** OFFSET: 0x00000FA1 Scan Decode Mode: No IDCT (DC only) NOTE: Low-resolution DC component shown. Can decode full-res with [Options- >Scan Segment->Full IDCT] Scan Data encountered marker 0xFFD9 @ 0x0001F247.0 Compression stats: Compression Ratio: 58.27:1 Bits per pixel: 0.41:1 Huffman code histogram stats: Huffman Table: (Dest ID: 0, Class: DC) # codes of length 01 bits: 0 ( 0%) # codes of length 02 bits: 13058 ( 35%) # codes of length 03 bits: 22794 ( 61%) # codes of length 04 bits: 1390 ( 4%) # codes of length 05 bits: 258 ( 1%) # codes of length 06 bits: 0 ( 0%) # codes of length 07 bits: 0 ( 0%) # codes of length 08 bits: 0 ( 0%) # codes of length 09 bits: 0 ( 0%) # codes of length 10 bits: 0 ( 0%) # codes of length 11 bits: 0 ( 0%) # codes of length 12 bits: 0 ( 0%) # codes of length 13 bits: 0 ( 0%) # codes of length 14 bits: 0 ( 0%) # codes of length 15 bits: 0 ( 0%) # codes of length 16 bits: 0 ( 0%) Huffman Table: (Dest ID: 1, Class: DC) # codes of length 01 bits: 0 ( 0%) # codes of length 02 bits: 17860 ( 95%) # codes of length 03 bits: 257 ( 1%) # codes of length 04 bits: 261 ( 1%) # codes of length 05 bits: 302 ( 2%) # codes of length 06 bits: 70 ( 0%) # codes of length 07 bits: 0 ( 0%) # codes of length 08 bits: 0 ( 0%) # codes of length 09 bits: 0 ( 0%) # codes of length 10 bits: 0 ( 0%) # codes of length 11 bits: 0 ( 0%) # codes of length 12 bits: 0 ( 0%) # codes of length 13 bits: 0 ( 0%) # codes of length 14 bits: 0 ( 0%) # codes of length 15 bits: 0 ( 0%) # codes of length 16 bits: 0 ( 0%) Huffman Table: (Dest ID: 0, Class: AC) # codes of length 01 bits: 0 ( 0%) # codes of length 02 bits: 56246 ( 39%) # codes of length 03 bits: 6578 ( 5%) # codes of length 04 bits: 55227 ( 39%) # codes of length 05 bits: 11536 ( 8%) # codes of length 06 bits: 5613 ( 4%) # codes of length 07 bits: 3373 ( 2%) # codes of length 08 bits: 1084 ( 1%) # codes of length 09 bits: 1217 ( 1%) # codes of length 10 bits: 291 ( 0%) # codes of length 11 bits: 239 ( 0%) # codes of length 12 bits: 130 ( 0%) # codes of length 13 bits: 0 ( 0%) # codes of length 14 bits: 0 ( 0%) # codes of length 15 bits: 1 ( 0%) # codes of length 16 bits: 1417 ( 1%) Huffman Table: (Dest ID: 1, Class: AC) # codes of length 01 bits: 0 ( 0%) Page 13 of 14

# codes of length 02 bits: 22241 ( 77%) # codes of length 03 bits: 1600 ( 6%) # codes of length 04 bits: 2439 ( 8%) # codes of length 05 bits: 1130 ( 4%) # codes of length 06 bits: 777 ( 3%) # codes of length 07 bits: 62 ( 0%) # codes of length 08 bits: 334 ( 1%) # codes of length 09 bits: 114 ( 0%) # codes of length 10 bits: 76 ( 0%) # codes of length 11 bits: 51 ( 0%) # codes of length 12 bits: 0 ( 0%) # codes of length 13 bits: 0 ( 0%) # codes of length 14 bits: 0 ( 0%) # codes of length 15 bits: 0 ( 0%) # codes of length 16 bits: 0 ( 0%) YCC clipping in DC: Y component: [<0= 0] [>255= 0] Cb component: [<0= 0] [>255= 0] Cr component: [<0= 0] [>255= 0] RGB clipping in DC: R component: [<0= 0] [>255= 0] G component: [<0= 0] [>255= 0] B component: [<0= 0] [>255= 0] Average Pixel Luminance (Y): Y=[166] (range: 0..255) Brightest Pixel Search: YCC=[ 1020, 0, 0] RGB=[255,255,255] @ MCU[ 0, 0] Finished Decoding SCAN Data Number of RESTART markers decoded: 0 Next position in scan buffer: Offset 0x0001F246.2 *** Marker: EOI (End of Image) (xffd9) *** OFFSET: 0x0001F247 *** Searching Compression Signatures *** Signature: 01C4C08033B3048D429A186989CC9BFE Signature (Rotated): 01643F4E607AAF6ECEF7724A715A00DC File Offset: 0 bytes Chroma subsampling: 2x2 EXIF Make/Model: NONE EXIF Makernotes: NONE EXIF Software: OK [Adobe Photoshop CS5 Macintosh] Searching Compression Signatures: (3327 built-in, 0 user(*) ) EXIF.Make / Software EXIF.Model Quality Subsamp Match? ------------------------- ----------------------------------- ------- --------- -------------- NOTE: EXIF Software field recognized as from editor Based on the analysis of compression characteristics and EXIF metadata: ASSESSMENT: Class 1 - Image is processed/edited Page 14 of 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information