[kaladin-jasnah]

> They, for example, replace digits with others in scans. The replacement digits are layouted perfectly into the page, so the errors are hard to see.

Is this with JBIG2? I remember reading about JBIG2 also used in the FORCEDENTRY zero click exploit that which was (?) used in the Pegasus spyware. Unrelated tidbit, I guess.

[LorenPechtel]

The Xerox problem was with image compression. The compressor would look at an incoming block, decide it was similar enough to one already noted and reuse the existing token. With small fonts and similar characters one difference was within the tolerance and after seeing something like 888 it could then decide 8B8 was the same thing. As it could only happen when things lined up perfectly the alterations would also be lined up perfectly.

[twbarr]

Yes, this algorithm is called JBIG2.

[vessenes]

Yes.