A recent article at Reason.com talks about how a specific font (ZXX) can hide information from the NSA.
http://reason.com/blog/2013/06/21/dont-want-the-nsa-to-read-your-email-use
This is a pretty silly claim.
The first reason is pretty obvious: If it’s in digital text, then since the underlying character values are all the same as normal text and the font is irrelevant, well, the font is then irrelevant.
But for images or printed copies on paper, the only thing needed is for the OCR software to recognize the font and then match the glyphs (characters) to the proper letters, and again the font is irrelevant. Perhaps it might take the NSA a while to clue into it, but they’d eventually “get it”. Given that they store so much data, how long it takes for them is almost irrelevant.
It’s all pretty simple. Which makes me wonder whether the Reason.com article is purposeful disinformation or whether it is simply not well thought out by someone who isn’t very techno-savvy. It’s probably more likely that it’s just not well thought out, but given the simplicity of the issue, that’s somewhat hard to believe, leaving the question of whether it is purposeful disinformation open.
I agree! That really is the most ridiculous thing I have ever heard. The obvious being that emails are either plain text or html. In plain text, there are no font choices to be made for composing your email. And in html, it has a source, just like any other html, which is in plain text.
And in printed matter and images, using a cryptic looking font is nothing more than a simple character substitution cypher (pretty damn weak), which I used to have a blast breaking those as a child. So yeah, no OCR, databases of fonts, or special software needed…just a 9 year old that likes puzzles and knows all of the most common 1, 2 and 3 letter words in whatever language it’s supposed to translate to, and their pattern of usage. (for example, any English speaker knows that any 1 character word, that it’s either “I” or “A”, and if it’s “A”, then many of the 3 character words beginning with the same character are usually “and” or “are”, which in turn makes many of the 3 character words ending in “e” but not beginning with “a” to be “the”. And as you start guessing those correctly, it becomes like Wheel of Fortune to guess the rest. And the longer the string of text, the easier it is to decipher it. And that’s why simple substitution ciphers suck for security.)