Martin Harran, Developer, Visual JPEG

Martin, you've been demonstrating Visual JPEG at DFRWS. Could you tell us about the concept behind it, and how you came up with the idea?

It’s a tool to make life easier for people examining files.

The background of this was that for a Master’s research project, I was looking at ways of working with JPEGs with Digiprove, a company that uses digital certificates for files, and they wanted to get a way of building the digital certificate actually inside the file instead of travelling as a separate item. And I did come up with a way of doing that, but I found it frustrating that I had to work a lot with JPEGs, and I was having to use things like hex editors. It’s so much hard work. And I just said no, there has to be an easier way of doing this.So I developed a couple of little visual tools, just for myself, no intention of doing anything else with them. And when my supervisor who lectures in forensics saw them, he said “Martin, these look good, and a lot of people could be interested in using them.” So really what I’ve come to DFRWS for is to talk to people, to show them the tools. I’ve had a good response from people, they can see potential in it. I think I’ve come up with a couple of new angles as well on how information can be hidden inside JPEGs, which I’m going to dig a bit deeper into.

So next step, I’ve got a website, and it was really just put together very quickly for the conference, so that there was a place for people to go afterwards to get my contact details. And I’m looking for some beta testers, because I’m not a forensics guy. I know what was useful for me and I think I know what’ll be useful for other forensics people, but I need them to tell me what really would be useful. So I’ll be very much looking for feedback from people.

How does your digital certificate work?


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.

Unsubscribe any time. We respect your privacy - read our privacy policy.


The company in Dublin, DigiProve, what they do is, let’s say you’ve a document and you want it certified in some way with today’s date on it. Now that may be perhaps for copyright purposes, but you can show that you had possessed that today, in case somebody copies it out later on. But they actually take a hash count of a file and they issue a digital certificate with a hash file inside the digital certificate, so that you can show that a hash was taken on the 24th of March and the file hasn’t changed. But the problem was that I could get a file certified, but then if I send the file to somebody else I’ve got to remember to send the digital certificate as well. So what they wanted to do was to actually put the digital certificate inside the file itself, and I came up with a way of doing that.

Basically what you do is, you take a hash count of the file, you create the digital certificate and you put that inside the file. And then you have a reader which extracts the digital certificate from it and hashes the rest of the file again, so it’s recounting the file without counting the digital certificate into it, so it should be the same hash value. And we’ve tested that and it works.

There’s actually an application almost ready to go live, it’s going to be launching over the summer on iPhone, where basically you can take a photograph with your iPhone and you can certify it there and then.

It could be useful for other things too, for example I remember a couple of years ago my daughter-in-law had a car crash; she wasn’t hurt but her car was very badly damaged. And my son-in-law, who happens to be a guard, just happened to come onto the scene, and he immediately took photos of the cars so that she would be able to show where her car was and where the other car was. But then the problem with digital evidence in courts is proving that it wasn’t manipulated or anything else. But if he’d been able that day to date-stamp those with a digital certificate, they could prove that they were taken that day, that they weren’t taken a day later or anything like that.

That sounds really helpful, especially for law enforcement officers. Do you envisage any other uses of Visual JPEG?

The other thing that we’re looking at is regulators, because I can see the value of stuff like this in legal enquiries too. You remember the Indian lady who died in Galway hospital, she couldn’t get an abortion and she died. And in the enquiry into her death, they discovered that some of the entries in her record were made after she had died. Now there wasn’t anything nefarious, it was just typical nurses on a hospital ward: scribble down the notes and then fill them up afterwards. Or you’ve had cases with the police, where the police have been accused of altering a statement afterwards. But now as more and more stuff gets recorded electronically, if things do get a date stamp, a timestamp and a digital certificate put in with them, then everybody knows they weren’t altered afterwards, or everybody can see it if they were altered. So we’re starting to look at a lot of markets like that and see if we can encourage people to use it.

Are there any other topics you're interested in researching?

I’m also looking a little bit into how robust files are as they travel round the internet. For example, there was a whole to-do about a year ago: Facebook strip out all the metadata on the images you upload. And they said originally they would keep the title and they would keep the copyright, but they don’t. They strip out everything. And there’s this whole question about whether they are intending copyright.

I’ve seen some research done, for example, on Google Plus which doesn’t strip out the metadata. Facebook does. If you send stuff through Dropbox it’s OK, it doesn’t lose anything. So I’m also doing some research into that, saying that if you have a file and you send it around, use different mechanisms, does the thing stay intact, or does it get altered along the way?

Martin Harran is a Master’s student at Letterkenny Institute of Technology. His current project, VisualJPEG, is at beta stage and he is looking for testers. To find out more, sign up as a beta tester or contact Martin, please visit his official website.

Forensic Focus interviewed Martin at DFRWS, the annual Digital Forensics Research Workshop, which took place in Dublin from the 23rd-26th of March. The next workshops will be held in Philadelphia in August 2015, and Switzerland in March 2016. You can find out more and register here.

Leave a Comment

Latest Videos

Digital Forensics News Round-Up, June 12 2024 #dfir #digitalforensics

Forensic Focus 12th June 2024 5:51 pm

Digital Forensics News Round-Up, June 12 2024 #dfir #digitalforensics

Forensic Focus 12th June 2024 5:39 pm

Internal investigations and eDiscovery face rising challenges in the data collection landscape. There is an urgent need to preserve and analyze data; rising costs for server infrastructure and overhead and the increasing complexity and volume of data from emerging sources is overwhelming. Laptops, computers, phones, tablets, cloud sources, and messaging applications – data is stored anywhere and everywhere with employee communications being the riskiest data sources.

The scope and specific challenges of data collection affect organizations and law firms differently, presenting a need for a variety of solutions to best fit their needs. With Cellebrite’s suite of SaaS (Software-as-a-Service) cloud-based collection solutions, corporate investigators and eDiscovery practitioners can close investigations and get to review faster.

Cellebrite's market-leading SaaS based solutions minimize business disruption and save organizations money by:

- Eliminating the need for large upfront costs and maintenance expenses
- Minimizing overhead costs without hosting the solution, no hardware shipping, and no technical calls for assistance
- Minimal and predictable data collection costs, allowing you to scale your usage according to your specific needs and budgetary considerations
- Stay up to date with continuous updates to data sources with updates pushed to the Cellebrite cloud
- Close investigations and review discovery faster with cloud-based innovation
- Manage customer requests and provide transparency throughout your organization across the globe

Watch Cellebrite's webinar where Monica Harris, Product Business Manager, showcases how Cellebrite’s range of SaaS-based solutions have you covered whether you need remote collection across all devices, including computers, cloud sources, chat applications, and mobile devices or full-file system advanced collection capabilities across the widest range of mobile devices and applications.

Internal investigations and eDiscovery face rising challenges in the data collection landscape. There is an urgent need to preserve and analyze data; rising costs for server infrastructure and overhead and the increasing complexity and volume of data from emerging sources is overwhelming. Laptops, computers, phones, tablets, cloud sources, and messaging applications – data is stored anywhere and everywhere with employee communications being the riskiest data sources.

The scope and specific challenges of data collection affect organizations and law firms differently, presenting a need for a variety of solutions to best fit their needs. With Cellebrite’s suite of SaaS (Software-as-a-Service) cloud-based collection solutions, corporate investigators and eDiscovery practitioners can close investigations and get to review faster.

Cellebrite's market-leading SaaS based solutions minimize business disruption and save organizations money by:

- Eliminating the need for large upfront costs and maintenance expenses
- Minimizing overhead costs without hosting the solution, no hardware shipping, and no technical calls for assistance
- Minimal and predictable data collection costs, allowing you to scale your usage according to your specific needs and budgetary considerations
- Stay up to date with continuous updates to data sources with updates pushed to the Cellebrite cloud
- Close investigations and review discovery faster with cloud-based innovation
- Manage customer requests and provide transparency throughout your organization across the globe

Watch Cellebrite's webinar where Monica Harris, Product Business Manager, showcases how Cellebrite’s range of SaaS-based solutions have you covered whether you need remote collection across all devices, including computers, cloud sources, chat applications, and mobile devices or full-file system advanced collection capabilities across the widest range of mobile devices and applications.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_SE7Cl5jkigk

Maximising Data Collection With SaaS Innovations

Forensic Focus 10th June 2024 12:42 pm

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feeds settings page to add an API key after following these instructions.

Latest Articles