Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Printer Privacy Government Security Your Rights Online

Researcher Wants To Protect Whistleblowers Against Hidden Printer Dots (bleepingcomputer.com) 218

An anonymous reader writes: "Gabor Szathmari, a security researcher for CryptoAUSTRALIA, is working on a method of improving the security of leaked documents by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers," reports Bleeping Computer. "Szathmari's work was inspired by the case of a 25-year-old woman, Reality Leigh Winner, who was recently charged with leaking top-secret NSA documents to a news outlet." According to several researchers, Winner might have been caught after The Intercept had shared some of the leaked documents with the NSA. These documents had the invisible markings left behind by laser printers, which included the printer's serial number and the date and time when the document was printed. This allowed the NSA to track down Winner and arrest her even before she was able to publish the leaked documents. Now, Szatmari has submitted a pull request to the PDF Redact Tools, a project for securely redacting and stripping metadata from documents before publishing. Szathmari's pull request adds a code routine to the PDF Redact Tools project that would allow app operators to convert documents to black and white before publishing. "The black and white conversion will convert colors like the faded yellow dots to white," Szathmari said in an interview. Ironically, the project is managed by First Look Media, the parent company behind The Intercept news outlet.
This discussion has been archived. No new comments can be posted.

Researcher Wants To Protect Whistleblowers Against Hidden Printer Dots

Comments Filter:
  • Turns colored dots into black ones. Problem solved.

    • by Quarters ( 18322 )

      How does making the markings easier to identify help in anonymizing the document?

    • Unless you can find an analog copier. The digital ones will put the watermark of the copier on it. And the analog copier often has defects due to analog technology that could allow it to be traced back.

      • by Z00L00K ( 682162 ) on Saturday June 10, 2017 @09:02AM (#54591353) Homepage Journal

        Just use a copier in a public place. I have even paid for copies made in a bookstore once of a document I had.

      • by ooloorie ( 4394035 ) on Saturday June 10, 2017 @09:02AM (#54591355)

        And the analog copier often has defects due to analog technology that could allow it to be traced back.

        No, it doesn't allow it to be "traced back" because there is no registry of analog copiers. Color laser printers are special because you need no other detective work for finding the printer: the yellow dots are designed to make that identification trivial.

        For other printing technologies (inkjet, black and white printers, etc.), you can only prove that a document came from a particular printer once you have "traced it back" via some other means.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        Sigh - use a cheap consumer camera or phone. Photograph some secret documents. Pictures will be slightly unsharp, obliterating any small "dots" that the original printer put there. Text will still be readable.

        Now, of course any digital camera add its own identifications but:
        1. You can buy your cheapie camera/phone anonymously at a flea market, stopping the trace there. Toss it after use.
        2. You can easily strip all EXIF from an image so the pixels are all that is left. In theory, there may be information hi

      • Good luck with that, the last analogue copiers came out mid/late 90's and are certainly crushed and recycled by now

    • by AHuxley ( 892839 )
      Photocopy machines now image every document copied. They also CCTV everyone using them and have paper counter.
      • Didn't they always image every document copied??

        • by AHuxley ( 892839 )
          In the past the UK had photocopiers in very secure areas. No paper count, no CCTV, no ID to copy, no hidden internal camera record what was been copied per page.
          Spies could just make as many copies of secret documents they could walk out with every day.
          New paper was ready the next day.
          Once that issues was finally understood a lot of internal and external changes got made to photocopy equipment for the mil/gov.
        • Analog ones only stored one run of the drum.
  • by c ( 8461 ) <beauregardcp@gmail.com> on Saturday June 10, 2017 @08:08AM (#54591067)

    I'd operate under the assumption that the NSA has hacked their hardware and software to put document tracking information into things like font rendering and image dithering artifacts.

    OCR into a plain text file and strip out any formatting. It's the only way to be even remotely sure.

    • It's probably enough to a) strip all the non white/black pixels with a threshold filter and b) convert down to a very low resolution, like 72dpi, suitable for screen viewing, especially if you c) run it through another threshold filter at the end. This will make it look like crap, but preserve formatting which helps verify the validity of a document.

      • by swimboy ( 30943 )

        That sounds like sending a fax to me.

      • by c ( 8461 )

        My gut feeling is no. They could do some neat stuff with, say, playing with word spacing or kerning that would still flow through if formatting were preserved. The number of bits that need to be coded is so small...

        Of course, and OCR filter assumes they don't mess with the actual document content. If they go that far, nothing short of paraphrasing will hide the source

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      What if they add random casual text that is specific to a given document for a given user ? Or changing random words with synonyms, only to make the document unique ? Even little grammar/typing mistakes would do, as long as the message stays similar... Probably one should make pass it through a chatbot to be "remotely sure" ;-) In short : "add noise, a lot of noise" ?

    • by AHuxley ( 892839 )
      Re "hardware and software to put document tracking information"
      Expect layers of new software and hardware to create documents that will show a or a few staff who had access or created access.
      The problem is the US media likes documents to send to different outside experts to prove they are real.
      Font, date, designs, format, spelling, names mentioned, layout are all expected and then get reported on.
      The US is now using the demand for real documents as a method to ensure their per document surveillance will
    • I'd operate under the assumption that the NSA has hacked their hardware and software to put document tracking information into things like font rendering and image dithering artifacts.

      Three words: National Security Letters.

  • "This is useful to detect whistle blowers in the US."

    Again, we are sacrificing billions around the world to dictatorships who will just use the exact same products to clamp down on their own people.

    If 1984 were to be rewritten, it should have been from the point of view of many billions living in grinding dictatorship, being spied on by their governments simply using commercial products sold to them by some hundreds of millions living in relative freedom, embedding spying tech in those products to catch mun

  • Actually no... (Score:5, Informative)

    by Gravis Zero ( 934156 ) on Saturday June 10, 2017 @08:30AM (#54591163)

    by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers,

    This is incorrect. The purpose of the dots and why they are limited to color printouts is because they are intended to be used to identify currency counterfeiters.

    wiki [wikipedia.org]

    During the 1990s Xerox and other companies sought to reassure governments that their printers would not be used for forgery.

    • What you said hints at the big picture. Removing the means of identification would protect criminals, who are far more common than actual whistle blowers (of which Reality Winner is not). Forgery is just one crime, but there are a whole lot of other crimes where printer signature is significant. I'd argue that the majority of those happen to be white collar crimes.
      • Oh, yes, another technology that's fine to use, because you have nothing to hide. Let's put a GPS on your car as well, and log everywhere you drive. After all, it will help catch criminals, and it should bother law abiding citizens.

        This technology has been around for so long that we've come to accept it, but seriously: think about it. Every document that you print can be tracked back to you, along with the exact time that you printed it. This may be only a small part of it, but it is part of the totalitaria

        • Every document that you print can be tracked back to you, along with the exact time that you printed it.

          Every document I print cannot be traced back to me since it is unlikely the government has a record of all the serial numbers of every printer and who bought which one. Arguably, with a good deal of investigation they might be able to find out that a printer with a specific serial number was shipped to a certain store near me, and - assuming I used a credit-card - that I bought a similar model printer fr

      • by doom ( 14564 )

        ... than actual whistle blowers (of which Reality Winner is not ...

        More and more, I come to appreciate these flashing lights that conservadroids wear to make identification either.

        • I am pretty much as far left as a lefty ever lefted.

          Have you actually read the material she leaked? You might want to. You're making the left look even sillier. Really, read it.

          • by doom ( 14564 )
            God damn. And I was sure that whistle-blower denialism was an infallible indicator. I should've waited for you to shout "traitor" and insist she was really an agent planted by them.
            • by KGIII ( 973947 )

              I miss drugs. I really do.

              1) Few people are technically traitors. For example, even if Trump is guilty of EVERYTHING people claim, he is not technically a traitor.
              2) I'm pretty sure you're insane. It's okay, some of my best friends are insane. She didn't release a damned thing of interest/value.

              You're welcome to make a whole bunch of assumptions about my beliefs and voting habits. In fact, I encourage you to do so.

              Again, I remind you, I'm as left as a lefty ever lefted. I'm left enough to make a European bl

    • by Z00L00K ( 682162 )

      Just be aware that there's no reason to turn off the feature just because the printing is in black and white. Many color printers still uses all colors to print black and white prints, even though it's wasting toner. I have discovered that myself - printing a large pile of papers black and white and the level for all colors went down.

      • Many color printers still uses all colors to print black and white prints,

        If you print a black-and-white document in color mode, the yellow dots will be there.

        If you print any document in an actual black-and-white mode on the printer, the black cartridge is all that will be used (i.e., no yellow dots).

        So, you need to select the correct printing mode.

        • by Z00L00K ( 682162 )

          I did set the driver to B&W mode and it still used color cartridge toner too.

          Of course it may depend on the printer how it works, just don't rely on the yellow dots being omitted just because you set B&W since the amount needed for those dots is minimal and not possible to be measured.

        • Black and white is a mode of the driver.
          Steganographic dots are included on the firmware layer.

          Besides that... grayscale or even pure black and white are no protection from steganography.
          Stegatone encodes about 2k bytes/square inch. [hp.com]

      • This might also explain why my printer refuses to print in B&W when it's out of one of the color inks.

        The black cartridge is a bit larger than the color ones, and I rarely use the inkjet for B&W printing. Once in a while I find myself in a situation where I want a printout, don't care if it's color or not, while I'm low on ink and my laser printer is acting up. The inkjet printer refuses to print and I'm forced to take the time out of my day to run for office supplies when I'd rather just do that

    • Originally, yes, if you try to copy currency now, it will lock out a board that needs to be sent to factory, along with a lot of questions to answer by the factory and secret service, and your copier will be bricked in the meantime

    • by AmiMoJo ( 196126 )

      Whatever the reason, it's open to abuse.

      I wonder if it would be better to add some fake dots too.

    • by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers,

      This is incorrect. The purpose of the dots and why they are limited to color printouts is because they are intended to be used to identify currency counterfeiters.

      1) They where originally designed to identify currency counterfeiters.
      2) They are as well quite often used to track down leakers (both government and business).

    • The purpose of the dots and why they are limited to color printouts is because they are intended to be used to identify currency counterfeiters.

      That is the justification, not the intended purpose or the actual functions. Those three concepts are entirely different.

      TFA is correct: the yellow dots are "used to watermark documents and track down leakers". That is one of their functions, even if it wasn't the justification.

      I suspect it was also their intended purpose (i.e., the political justification was proba

  • Is it just me, or does the part about "...working on a method of improving the security of leaked documents..." sound rather ironic considering that the ones in question were secure documents that shouldn't be released in the first place?
  • by Vermonter ( 2683811 ) on Saturday June 10, 2017 @08:32AM (#54591177)
    A color printer will print faint yellow dots for a water mark. Simply print the documents on yellow paper, then photocopy them on to white paper (and a low quality scan setting to be safe).
  • ... use yellow paper?
    • I've seen this a few times, as I read the thread. Paper may not reflect the same spectrum as ink does, regardless of the reflected wavelengths that your eyeball is able to receive. What is yellow to you may not be the same to a machine that is able to receive more of the spectrum than your eyeballs can.

  • Easy (Score:5, Funny)

    by Kohath ( 38547 ) on Saturday June 10, 2017 @08:52AM (#54591305)

    Every agency office should install a special "whistleblowers only" printer in a prominent location near the office entrance.

  • Don't use a color printer to leak shit.
  • by nospam007 ( 722110 ) * on Saturday June 10, 2017 @08:59AM (#54591335)

    Who besides old geezers use printers anymore?
    Convert the data to a textfile.
    Use TOR at a Starbucks coffeeshop with a beard, sunglasses and a Trump hat and send the fucker to the New York Times Leaker page.

    • by AmiMoJo ( 196126 )

      Original document copies lend credibility to the leak. It's like the headers in an email leak, they give the reader some confidence that the leak isn't fake because of the extra effort required to produce them and the increase probability of a scammer making a detectable mistake.

    • How did you exfiltrate the text to Starbucks?

  • Easier (Score:4, Interesting)

    by argStyopa ( 232550 ) on Saturday June 10, 2017 @09:16AM (#54591443) Journal

    Look, just throw the stupid document on a copier and they're gone.

    This isn't rocket science. What sort of a moron would print a document IN THE NSA and then hand that original to a reporter?

    She needs to go to prison for the maximum span.
    I personally believe Snowden should be pardoned, and they should stop pursuing Assange, but not every leak is sacrosanct, nor is every leaker a saint.
    She clearly did this as a political act, despite signing documents affirming she would keep information confidential.

    Basically, leaking info is like using a legally-carried handgun: you should do it only if you accept that the consequences of not using it are worse than the punishment you'll receive, and be perfectly ok with that result.

    • Re:Easier (Score:5, Insightful)

      by dbIII ( 701233 ) on Saturday June 10, 2017 @10:28AM (#54591859)

      She clearly did this as a political act

      Yes, she'd prefer the USA to be run along the values of George Washington and not a Tsar - definitely political but what exactly is wrong with that?

      It's not just R vs D here. It's gone international. Do you really want to back a side other than the home team?

    • So how long should Trump be in jail for leaking code word secret information to the Russian ambassador when they were in the Oval Office?

      Sounds like a hanging offense to me.

      And before you try and pull that "he's the President, it was legal" crap, he arguably broke his oath of office. And anyone capable of rational thought should realize that "high crimes" should include blabbing secrets no matter who your are.

  • by AHuxley ( 892839 ) on Saturday June 10, 2017 @09:25AM (#54591489) Journal
    Contractors will always have a lot staff ready for any level of US security.
    Look into the past of every staff member. Education, politics, languages, university, mil, gov, internet, protests, work, hobbies, interests.. walk the resume and interview everyone in person. Educators, friends. See what a person was like.
    Learn from the issues the UK had from 1930-70's. Learn how the UK solved its internal security issues.
    Learn why the USA was so good at security from the 1950's-80's.
    Once a person has a job with security considerations keep on looking at their work and how they use the "internet", their politics, education, interests, hobbies, friends..
    Keep looking, all year, every year.
    Two contractors now working together is not a new security policy.
    Create perfect bait projects and files just for staff given their politics, see if they respond.
  • After stripping the hidden yellow dots, we should get the option to add a different set of yellow dots.

    The Ice Station Zebra option should add cartoons of Disney characters as faint yellow dots after stripping the original finger printing.

  • It's clear that the staff at The Intercept are complete and utter imbeciles. It really seems that they didn't even know about the hidden printer dots which everyone (and I mean everyone) has known about for the last decades. Everyone at the Intercept should be fired and not ever work as a journalist again. This is just really really stupid. Even if you didn't know about the printer dots, sharing the documents with NSA is just mindboggling. Everyone should be fired.

  • Well...

    Being an "Intel Specialist", if she was worth her salt, she could have simply memorized bits of the content over a few days and recreated it at the library in a text document.

    Or, if she was inventive, she could simply have made it all up and created a realistic document. I'm surprised this doesn't happen more often, if you know the format it's very easy to create believable stuff, and the formats and classification markings are documented in publicly available government regulations / instructions as

  • Don't leak raw documents - digitize and run them though any OCR.
  • Don't trust The Intercept with your leaked documents--those fuckers will rat you out to the NSA.

    Journalists have a moral responsibility to protect their sources when necessary, and The Intercept fails.

    The Intercept wants everyone to know: "We won't break your story. We'll turn you in."

  • When I was in high-school in the early 1980s, I had a few teachers who refused to accept term papers that came off a dot-matrix printer because as everyone should know, the quality of the content is far less important than the appearance. So, a couple of us nerds bought a nifty little gadget called a Dynatyper. http://www.computerhistory.org... [computerhistory.org]
    Problem solved.
    But seriously, any parent that would name their kid "reality" a) has a screw loose and b) is setting the kid up to have a vastly over-inflated ego.

"...a most excellent barbarian ... Genghis Kahn!" -- _Bill And Ted's Excellent Adventure_

Working...