The general premise is that there is an arbitrary, recoverable signal which has been convolved with the data signal. The generating function for this signal is a matter of record if you have access to the utility logs, but difficult to obtain otherwise without being physically at the time and place where the effect occurred.
I strongly suspect that it can be compromised under both of the following conditions:
1. You take recording A, then you take recording B at a time and place which you want to assert that recording A took place at. You recover the thumbprint from recording B, suppress the thumbprint in recording A, then apply the thumbprint from B to A.
This is not a trivial process, but you only really need a plausibly consistent result. A reasonably basic understanding of signal processing theory, a copy of MATLAB, and many pots of coffee should do the job. Then, you could automate most of it for the next guy.
2. You take many recordings at a series of locations of interest, while taking data about the power grid from nearby locations and from distribution nodes. You then attempt to predict the signal at a location from the characteristics of the surrounding area.
This is almost certainly possible, as generalization from distribution logs to the local effect is what makes their fingerprinting technique possible in the first place. It is not a trivial undertaking, and it's questionable how well it would be generalizable. But at the same time, it's largely a question of if you want the data badly enough to do the legwork, and whether you have a reasonably functional understanding of machine learning.
Regarding point 2, the article gave me the impression that they used historical measurements of the the mains frequency as part of the analysis. Since Britain is on a single grid, the local conditions shouldn't affect the recorded signal. I'm sure it is possible to find patterns (frequency drops slightly in the morning as the public utility tries to keep up with increasing demand), but you wouldn't know, for example that the utility overestimated demand on the particular morning that the audio was alleged to have been recorded (and thus that the frequency was actually higher).
As for point 1, there are a number of plausible angles to approach this, but I think that the forensic adversary has a huge advantage: Synchronous detection. The approximate time of the recording is known, as is the historical record of mains frequency. That allows for the possibility of huge processing gain, which might allow for recovery even after the amplitude of the mains hum is filtered to below the quanta of the audio system. I almost think you might have to Fourier Transform the whole audio record and zero out any component at f_mains +/- delta (and harmonics). That, of course, would look pretty suspicious to a forensic analyst.
Even that might not be enough if mains hum has a determinable effect on the data compression algorithm used to store the audio data.
Edit: The point I was trying to make in the first paragraph is that if you wanted to forge a recording, you'd need to have the grid frequency data. Having it for anywhere would be good enough and not having it for anywhere simply wouldn't.
Actually, it should be trivial to defeat without MATLAB:
1. Take the recording of interest
2. Use any audio processing software to apply a 400Hz-4kHz bandpass filter. If you don't have audio processing software or a computer, you can play back the recording over a phone.
3. Play back the recording via cheap computer speakers (no subwoofer) or over a telephone, and re-record
Low-end speakers don't have much output below 100Hz, so the new thumbprint from location (2) will replace the old thumbprint. The harmonics of the old will still be there, but bandpassing starting at 400Hz will cut out the strongest ones and make recovery of the original thumbprint very difficult.
> The general premise is that there is an arbitrary, recoverable signal which has been convolved with the data signal. The generating function for this signal is a matter of record if you have access to the utility logs, but difficult to obtain otherwise without being physically at the time and place where the effect occurred.
No and no. It's not convolved but mixed, and the signal is the same everywhere (on one grid), it's specific to time, not place, it's easy to obtain as long as you have the foresight to record it.
So yeah, somebody should record these fluctuations and put them up on the torrents for criminals and dirty cops to abuse :)
I strongly suspect that it can be compromised under both of the following conditions:
1. You take recording A, then you take recording B at a time and place which you want to assert that recording A took place at. You recover the thumbprint from recording B, suppress the thumbprint in recording A, then apply the thumbprint from B to A.
This is not a trivial process, but you only really need a plausibly consistent result. A reasonably basic understanding of signal processing theory, a copy of MATLAB, and many pots of coffee should do the job. Then, you could automate most of it for the next guy.
2. You take many recordings at a series of locations of interest, while taking data about the power grid from nearby locations and from distribution nodes. You then attempt to predict the signal at a location from the characteristics of the surrounding area.
This is almost certainly possible, as generalization from distribution logs to the local effect is what makes their fingerprinting technique possible in the first place. It is not a trivial undertaking, and it's questionable how well it would be generalizable. But at the same time, it's largely a question of if you want the data badly enough to do the legwork, and whether you have a reasonably functional understanding of machine learning.