Dear Amped blog readers, welcome! This week’s tip is dedicated to a rather hidden feature of Amped Authenticate: the possibility to use TSV (Tab-Separated Values) as the output format for the Smart Report and Batch Processing tools, instead of the classical HTML format. All those thinking “why should we even care?!”, raise your hands! I see many of you! Keep reading to find out why this feature could be way more important than you think.
It’s no secret, digital forensics is constantly gaining weight in investigations, and image forensics is no exception: more and more often, you have to deal with pictures as part of your investigative work. Sometimes it’s just a few of them, so you can dedicate some time to each one, and that’s the ideal situation if you have Amped Authenticate in your hands. Authenticate will expose a lot of information that’s stored in your file metadata and coding properties, it will generate plots and maps, all of this to help you unveil the processing history of the image and localizing manipulations.
There are cases, however, where you may need to analyze hundreds or even thousands of images for a single case. I’m sure you agree, it’s a bit messy to do that one-by-one. That’s why when developing Authenticate we invested in the Batch Processing tool, which allows you to run a selection of filters on many images, and in the Smart Report tool, which automatically triages images based on their metadata, and focuses the analysis on suspicious cases.
While Batch Processing and Smart Report already save you hours of otherwise monotonous work, if you save their output to the standard HTML format it means you’ll likely have someone reading the results. There could be cases, instead, where you need to make automatic decisions based on Authenticate’s output. If you have to analyze the output programmatically, choosing TSV as the output format for the report is probably a better choice. It’s pretty easy to switch between the two output formats:
To make it practical, the video below shows what you get by using the default HTML as the output for the Smart Report tool, running on some images in a folder.
It’s nice to see and navigate, but suboptimal when your final goal is to send this output to a program which parses it. Instead, this is what you get running the same tool with TSV output.
Okay, the table is probably less appealing to your eyes, but trust me, it’s way more crunchable for a program! Not only: you can use your spreadsheet’s filter functionality to rapidly restrict the view to, say, all Authenticate’s filters which raised a warning, as we show below.
Although we showed screenshots for the Smart Report‘s output, the whole reasoning applies to the Batch Processing‘s output as well.
Last but not least: if you normally deal with lots of images in your work, remember that Amped Authenticate has an integration in Griffeye Analyze DI Pro!
That’s all for today! We hope you’ve found this issue of the Video Evidence Pitfalls series interesting and useful! Stay tuned and don’t miss the next ones. You can also follow us on LinkedIn, YouTube, Twitter, and Facebook: we’ll post a link to every new Tip Tuesday so you won’t miss any!