Korean graphical designer in “font protest” against PRISM surveillance


About a year ago, a Korean graphical designer named Sang Mun came out with a typeface called ZXX.

He intended that the visual form of some of its characters should make it tricky for espionage agents to recover messages from screenshots or via scans of printed documents.

His Sans and Bold styles are perfectly regular, if mildly trendy:

But he also has four “protest” styles, called Camo, False, Noise and Xed:

The theory is that the alternative styles don’t photograph or scan in very well, thus thwarting, or at least frustrating, optical character recognition (OCR) software.

Sang Mun doesn’t seem to have been too serious about actually preventing surveillance, but rather about using graphical design as a form of technological protest.

He notes simply that “ZXX is a call to action, both practically and symbolically, to raise questions about privacy.”

But a workable form of font-based counter-surveillance has been proposed seriously in the past.

Back in the 1990s, security boffins Markus Kuhn and Ross Anderson of the University of Cambridge came up with a similar idea to protect your computer screen against Van Eck snooping.

In those days, computer screens were almost always made with cathode ray tubes (CRTs), like old-school televisions.

They used a magnetically-deflected beam of electrons fired at a coated glass surface that would scintillate when electrified, thus painting out an electrofluorescent message.

When operating, the entire device would emanate a smorgasbord of electromagnetic radiation that depended upon how the display beam had been modulated.

This stray radiation was, in effect, an alternative analog representation of what was actually displayed on the screen.

In theory – and, to modest levels of satisfaction, in practice – these emanations could be transformed back into an approximate reconstruction of the control signals that produced them in the first place, and could therefore be used to produce a lossy copy of the original image on another monitor.

By playing around with how they rendered text on the screen, Kuhn and Anderson were able to produce fuzzy but still-legible text on their master monitor that was all but invisible on their emanation-cloned monitor.

Their font tweaks caused the emanations to be particularly lossy just where it mattered, in those parts of the signal representing on-screen text.

They called this a Tempest Font, after the codename TEMPEST used to describe compromising emanations from electromagnetic equipment.

As you can probably imagine, Sang Mun has re-launched his own take on Tempest Fonts in the wake of the recent PRISM revelations.

As mentioned above, he hasn’t claimed that his typeface can protect you in any serious fashion against surveillance, whether by PRISM or anything else.

Indeed, ZXX can’t and won’t protect you against very much at all, though annoyingly it might make your messages hard for the legitimate recipients to read.

Sang Mun’s various typeface styles all use consistent glyphs for each character, so that the character ‘A’, no matter how stylised or distorted, always renders in the same way.

Also, the fonts are intended to be human-readable, so that the glyph for ‘A’ actually represents ‘A’ in some practical and recognisable way.

So, OCR software wouldn’t have too much trouble adapting to the ZXX font family, even it struggled to decode it at first.

Worse still for anti-surveillance is that before a ZXX-formatted message is actually displayed as Sang Mun intended, for example when it is still in PDF or HTML source form, it’s likely to look as plain as a pikestaff:

The wacky ZXX font styles are only visually complex once the message has been converted, or rendered, from text into a pixel-by-pixel image.

So if you’ve seem Sang Mun’s artistic protest reported as some kind of practical way to “fool the NSA”, or to be “NSA proof” (I’m not going to link to any such articles for fear of embarrassing the publications or the authors)…

…be careful.

Shrouding a message for transmission is best achieved by using some sort of strong encryption, not by the digital equivalent of trying to write it upside down with the pen held in your wrong hand.