Slashdot Mirror

← Back to Stories (view on slashdot.org)

IBM Seeks Patent On Digital Witch Hunts

Posted by Soulskill on from the everyone-sees-a-unique-version-of-this-story dept.

theodp writes "Should Mark Zuckerberg want to identify a snitching Facebook employee, Elon Musk wish to set a trap for loose-lipped Tesla employees, or Steve Jobs want to 'play Asteroid,' they'll be happy to know that a new IBM 'invention' makes it easier than ever to be paranoid. In a newly-disclosed patent application for Embedding a Unique Serial Number into the Content of an Email for Tracking Information Dispersion (phew!), Big Blue describes how it's automated the creation of Canary Traps with patent-pending software that makes ever-so-slight changes to e-mail wording to allow you to spy on the unsuspecting recipients of your e-mail."

14 of 136 comments (clear)

  1. That's a neat trick! by Tumbleweed · · Score: 4, Funny

    I'm pretty sure witches are analog.

    1. Re:That's a neat trick! by SilverHatHacker · · Score: 4, Insightful

      Everyone knows witches are made of wood.

      --
      Funny may not give karma, but +5 Informative never made anyone snort coffee out their nose.
    2. Re:That's a neat trick! by darkmeridian · · Score: 3, Insightful

      That's what the digital witches want you to believe.

      --
      A NYC lawyer blogs. http://www.chuangblog.com/
  2. What an advance! by WindowlessView · · Score: 4, Insightful

    Anyone get the feeling that lately technology is increasingly about chasing our technological tails rather than actually doing much of anything?

    --
    Leave the gun, take the cannolis.
    1. Re:What an advance! by Threni · · Score: 3, Interesting

      To be honest I assumed this sort of thing was already being done. It's just fingerprinting, using whatever medium is being used.

    2. Re:What an advance! by conlaw · · Score: 3, Insightful

      The next time you send an "infelicitously worded" email, you can just blame it on IBM.

      Speaking of "infelicitously worded," did you notice that the all of the changed examples (i.e., the second through fourth) start to sound like an instruction manual that has been poorly translated into English?

  3. Security through obscurity. Again. by girlintraining · · Score: 3, Insightful

    Security through obscurity doesn't work. I don't know how many stupid asinine ideas like this I'll have to see before I quit this career, but I suspect the number will be higher than I care to contemplate. This is ridiculously easy to subvert -- just run it through the thesaurus algorithm a few more times. Viola, new unique copies, that don't match what they have on record.

    Next on the docket -- "Why you can read your coworkers e-mail but not the NSA's. Explorations in the bleedingly obvious."

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:Security through obscurity. Again. by Dhalka226 · · Score: 5, Insightful

      In your rush to bash people for not having an infallible solution, you're making two awfully big assumptions:

      1. That they're intending this to have any effect whatsoever on people actively trying to disguise the source of the leak; and,
      2. That a solution isn't worthwhile if it doesn't survive whatever geek-haxxor workarounds you can come up with.

      This is exceptionally poor security for classified information. That's not its intent. It's poor security against people actively disguising themselves by "run[ning] it through the thesaurus algorithm a few more times." So be it.

      It's still going to catch that guy who wants to show how in the know he is and forwards it to his buddies who post it on a website, and I'm sure there are far higher incidences of that than industrial espionage or whatever it is you're maligning them for not tackling.

      I wouldn't personally implement a system like this, but the fact that it doesn't cover all potential circumstances doesn't mean it's worthless. I don't know why Slashdotters always have such a hard time grasping that.

    2. Re:Security through obscurity. Again. by nacturation · · Score: 3, Funny

      Viola, new unique copies, that don't match what they have on record.

      When I leak your post to the world, I'll be sure to change that to "Cello, new unique copies..."

      --
      Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
  4. Not new by Anonymous Coward · · Score: 5, Interesting

    My girlfriend works in the bid and proposal department at Oshkosh Corps. They regularly deal with top secret government contracts for armored vehicles. Each persons copy of whatever paperwork has different sets of typos, so if there are any leaks, they know exactly who it came from.

    And yes, they have caught corporate spies with this before.

    1. Re:Not new by kpainter · · Score: 3, Insightful

      Each persons copy of whatever paperwork has different sets of typos, so if there are any leaks, they know exactly who it came from.

      For those that don't know, for each new 'typo', they add a few more zeros in the contract dollar amount. That is also why a government contract for armored vehicles would be Top Secret.

  5. Two obvious comments by Gnavpot · · Score: 3, Insightful

    1. How can this be patent worthy? Individual changes to documents to make them traceable have been performed for years - even in anonymous questionnaires...

    2. Patented. Good. Perhaps that will prevent others from using this method. If we are really lucky, IBM won't use it either.

  6. How long . . . by DrMrLordX · · Score: 3, Insightful

    How long will it be until Apple patents goading a supplier into assassinating employees responsible for losing sensitive product prototypes?

  7. Obscurity isn't worthless by Cajun+Hell · · Score: 4, Insightful

    just run it through the thesaurus algorithm a few more times

    But do leakers do that? Always?

    People get caught when their guard is down. People fuck up. People think, "nobody's out to get me."

    Sometimes they're wrong. Every single day, people die by that principle. They won't get mugged. They can drive home drunk and probably not crash. They can forgo the condom this time. It's true they're not guaranteed to lose. But sometimes they still do.

    You're right that it's not a general solution that you can count on, to find your opponent. But at the same time, you know plenty of damn fools will get caught by it.

    It's not security through obscurity; it's advantage through security.

    --
    "Believe me!" -- Donald Trump