Slashdot Mirror
Xerox Confirms To David Kriesel Number Mangling Occuring On Factory Settings
An anonymous reader writes with a followup to last week's report that certain Xerox scanners and copiers could alter numbers as they scanned documents: "In the second Xerox press statement, Rick Dastin, Vice President at Xerox Corporation, stated: 'You will not see a character substitution issue when scanning with the factory default settings.' In contrast, David Kriesel, who brought up the issue in the first place, was able to replicate the issue with the very same factory settings. This might be a serious problem now. Not only does the problem occur using default settings and everyone may be affected, additionally, their press statements may have misled customers. Xerox replicated the issue by following Kriesel's instructions, later confirming it to Kriesel. Whole image segments seem to be copied around the scanned data. There is also a new Xerox statement out now."
Swapping numbers while copying may seem like bizarre behavior for a copier, but In comments on the previous posting, several readers pointed out that Xerox was aware of the problem, and acknowledged it in the machine's documentation; the software updates promised should be welcome news to anyone who expects a copier to faithfully reproduce important numbers.
The old analog process never had this problem.
69 dude!
Now if 6 turned out to be 9, ...if all the hippies cut off all their hair,
I don't mind, I don't mind,
I don't care, I don't care.
Dig, 'cos I got my own world to live through
And I ain't gonna copy you.
“He’s not deformed, he’s just drunk!”
What???? A copier changes numbers? A copier is supposed to copy.
Am I the only one who finds this truly frightning; that the photocopier has a bug in a sub system that is basically reading the content of the documents being photocopied? I didn't even know photocopiers did this normally. This is another prime example of how organizations like the NSA can theoretically get their fingers into cracks we didn't even know existed. I would never have thought that something I photocopy could be intercepted, but apparently it can. The bug part of this issue is just a small thing relative to the larger issue, IMHO!
By the way, I read in another comment about the new slashdot ipad app. I'm posting this comment from it. What a breath of fresh air compared to the slashdot mobile site!
Yes, he did. If you'd care to read the story you would've known the answer without having to ask here and then complain about something that's not even applicable here.
The potential for damage with this kind of error almost can't be overstated. Besides errors in billing, construction, manufacture or products, medicine dosages, etc. already outlined, there are other likely problems:
Publications may contain wrong data.
Scientific conclusions may be based on wrong data.
Government policy may be based on wrong data.
Money may go to wrong accounts or be taken from wrong accounts.
You think you paid your taxes? The government may not agree.
Did this tool try to notify Xerox first or did he just start shouting from the mountain tops?
It isn't a security issue so the only purpose served by his going public without him contacting Xerox is to stroke his ego.
How would any of you like it if someone found a bug in your stuff and instead of notifying you, went to your managers and bad mouthed you?
You'd think he was a prick.
Why does he owe this courtesy to Xerox? Xerox isn't his coworker, Xerox doesn't have feelings. Xerox is a corporation. And corporations don't always fix problems, even serious ones, until they receive wider attention.
So should he have quietly alerted Xerox, then monitored their progress in fixing the problem, keeping the company apprised of how it was doing -- sort of an unpaid QA position? I guess that's an option, but not the only acceptable one.
I am not a crackpot.
Am I the only one who finds this truly frightning; that the photocopier has a bug in a sub system that is basically reading the content of the documents being photocopied?
Yes, you should find that frightening. That's not new, though, pretty much all photocopiers these days don't actually "photocopy" the document, they scan it to memory and then print the scan. Your documents are saved to memory on the photocopier. Yep, that's a security flaw.
http://www.thedailygreen.com/environmental-news/latest/digital-copier-security-461009
http://www.cbsnews.com/8301-18563_162-6412439.html
http://message.snopes.com/showthread.php?t=60313
http://www.geoffreylandis.com
Time to buy a Ricoh.
At least they don't monkey with the compression to the level it actually distorts the image.
This signature is lame.
It isn't a security issue so the only purpose served by his going public without him contacting Xerox is to stroke his ego.
It isn't a security problem? Seriously?
What if a doctor copies a prescription or your medical journal? Government officials copies personal information for use with a visa? Police officers copies statements? Or any other place where you'd want to copy something, that must be copied correctly?
Sure, it's not a computer security issue, but it's definitly, among other things, a security issue.
Back when I saw the first scanner based copiers roll out I'd thought we see something similar to this happen. Whenever you eliminate the analog signal path it becomes much easier to corrupt the thing in unnoticeable ways, even unintentionally! It's clearly the way to go, because of how much complexity it removes, but as soon as you start storing data on a medium and read it back you start having these problems, it only gets worse as you try and conserve that storage medium with compression or other tricks/hacks. It's just a fact of life in the digital age: the tradeoffs are still better than the previous way of doing things. (Well that is unless your name was "Mr. Buttle" and the ministry of information drilled a hole in your ceiling).
I am just really glad to see that Xerox is taking the initiative, working with closely with the person who found the problem, and opening it's doors to others who want to help out. It's all too often that a big company has a big obvious problem with a product and not only doesn't admit there's a problem, but refuses to help or work with those experiencing them.
Corporations are people too!
It's not a security problem in the sense that people knowing about it won't be able to exploit it. In other words, public knowledge of the problem won't hurt security any more than it already has been, which is what the earlier post was talking about.
But public knowledge of this may save a few lives, when the doctor first checks if all the numbers are copied correctly before handing it to another doctor.
Coming soon ... Xerox voting machines.
"How would any of you like it if someone
found a bug in your stuff and instead of
notifying you, went to your managers and
bad mouthed you?"
This is exactly what happens in most industries from food service, retail, transport(like my driving? Call...), and manufacturing. I'm sure there are more examples too but these are just some of the fields in which I have been a direct employee or as a manager where I was able to participate in the complaint process as a third-party observer more than a few times as coworkers had complaints placed against them.
Why should IT or large scale industry be any different?
Ever notice that Cobra Commander sounds an awful lot like Star scream?
It's not a security problem in the sense that people knowing about it won't be able to exploit it. In other words, public knowledge of the problem won't hurt security any more than it already has been, which is what the earlier post was talking about.
First, I do understand your point regarding the common usage of "security" in this domain. However, the term "security" can also mean "safety," although in English "security" is more commonly used to freedom or protection from malicious harm or loss and "safety" is commonly taken to mean protection from accident or nature. (Paging pedants to show just how stupid and wrong I am.) Moreover, in some languages, the English words "safety" and "security" translate the same.
I am not a crackpot.
As if people with the affected equipment might want to know, right? Why does Xerox's "feelings" even matter in all of this?
Sorry, I just can't seem to parse your post and grasp the meaning. Could you perhaps elaborate a bit?
Your are making the mistake of imagining that the person who discovered this flaw owes Xerox something.
He does not.
He discovered the information, and he is free to (a) remain silent (b) tell Xerox (c) tell the press (d) tell everyone (e-z) anything else he likes. He might CHOOSE (b) but he is certainly under no obligation to do so, and it is of course incorrect for anyone to fault him if he does not choose (b).
We see this same mistake being made by the inferior minds who advocate the farsical concept of "responsible disclosure" when it comes to security issues. There is no such thing. There never has been. It's simply a fabrication by the mouthpieces of corporations who fret about bad publicity or negative impact on their stock price. Those who say they practice it are conceited and arrogant: they are making the foolish mistake of presuming that they, and they alone, possess this information, even though that's almost certainly not true. (What one can discover, another can discover.)
In all these cases, what we find are people who are afraid of the truth. They are afraid to speak it, afraid to hear it, afraid to have it propagated, afraid that others may have it: afraid, afraid, afraid. This is antithetical to the scientific method, to free speech, to forward progress: we must have the truth, no matter how inconvenient or unpleasant, if we're going to get anywhere.
I'm sure that some of the people at Xerox are furious about this. That's just too damn bad. If they want to find the root cause of their anger, they should look in a mirror, as it is their incompetence, sloppiness, laziness and negligence that has made all this happen.
Soylent Green is people too!
Inheritance is the sincerest form of nepotism.
Do you work, or have you worked, directly for Xerox on these sorts of products?
No, but I do possess a skill most people in this modern world seem not to possess: I can read stuff.
If you have not, how did you come upon this information? Is it based on actual specifications or design documents? Or is it based on speculation?
http://arstechnica.com/information-technology/2013/08/confused-photocopiers-randomly-rewriting-scanned-documents/
Kudos though for spending so much time thinking of how to validate your horribly thought out position.
They reason that you come forward quietly to a corp before going public on a real security issue is so that the bad guys do not exploit it while the company makes a patch. People knowing about this issue before a patch can only help the issue.
On top of that Xerox knew about this problem already and were just keeping a lid on it.
If you are a paid Xerox shill then you are a failure at your job. Otherwise you are just an idiot.
Why is it so hard to only have politicians for a few years, then have them go away?
You seriously think nobody will be able to exploit this problem?
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
They meant to admit this to the public last week, but their press release got its letters changed around for some reason...
Actually, this is the case when earlier disclosure helps security, because when more people are aware of this problem, more people will take action to prevent it from happening (like setting higher quality setting as default).
At the federal level, our entire legal system is based on the concept that a machine copy of a document is as good as the original. In addition to all the other problems pointed out by other readers -- engineering errors, medical errors, financial errors, this type of error also greatly harms our legal system as well. A problem since the legal system is essentially the operating system for our society. I don't see how Xerox is going to survive the wave of lawsuits that is going to follow. They need to immediately warn everyone to stop using their systems, and then recall all affected units. Going forward, I suspect that the name "Xerox" will now mean: "to mangle or randomly distort".
Numbers are the bedrock of the capitalist regime. They are sacred. Do not transform them when copying them. Better to mangle words cause we all know they have semiotic plasticity anyway. But for the love of the capitalism and all it portends, please keep the numbers pure. That is all.
How soon until they'll patent this as a feature and try to sue someone else?
I am a Xerox technician.
Yes, some models store and compress jobs before printing.
I expect a copier to copy an image of the page, not to perform an OCR scan and reprint it.
What's next? An NSA back door so the scanned text can be fired off to the US spy network?
I do not fail; I succeed at finding out what does not work.
The copiers are failing to copy numerals properly.
It does seem to me that you would be able to intentionally create specific errors in parts of documents as long as you had carte-blanch control over the contents of other parts of it.
"His name was James Damore."
Any compression at all, any modification at all, is unacceptable in a copier. How do you not get that?
That is an absurd position. There's no issue with lossless compression, and it's beneficial to the customer, because it allows you to scan and copy much larger documents without memory issues. The reason that this is a problem is that it's lossy compression algorithm that clearly is flawed.
- Vincit qui patitur.
http://www.dkriesel.com/en/blog/2013/0808_number_mangling_not_a_xerox-only_issue
And one of the comments to that posting says:
I have experimented with the open source jbig2enc library available at http://github.com/agl/jbig2enc, which has a encoding parameter called the “threshold”, described like this:
“sets the fraction of pixels which have to match in order for two symbols to be classed the same. This isn't strictly true, as there are other tests as well, but increasing this will generally increase the number of symbol classes”
The included command tool accepts values for this parameter between 0.4 and 0.9, with 0.85 as the default.
I have found replaced digits in single-page numerical tables encoded with this parameter set as high as 0.82. As with the other examples you have found, the errors are not in any ways obvious to the eye which is, of course, the real problem.
Since JBIG2 has been supported in PDF since 2001, it would be surprising if only Xerox have fallen into this trap.
Just as well for Rick, he outsourced this work to HCL. They'll clean up the mess left by those lazy, grasping American engineers in no time at all!
Stick Men
I guess we all know which it is now.
Why is it so hard to only have politicians for a few years, then have them go away?
What's really bizarre is that they chose to invent some half-assed lossy compressor instead of using PNG (lossless) or JPEG (lossy, but a helluva lot better than their algorithm apparently).
.: Semper Absurda
it doesn't happen on high quality though.
why it would copy at other than high quality is anyones guess..
world was created 5 seconds before this post as it is.
Thirty plus years as a professional engineer - the lifeblood is "blueprints". This has always been a significant issue, regardless of the technology involved, there WILL be reproduction errors. Be it because of dirt on the optics, spilled coffee on the originals, scratches on the mylar / sepia, or bad diazo paper; EVERYBODY with any sense knows to check and double check anything which does "not add up". Hence why checksum was developed for electronic data processing. ... ad infenitum; I WANT the original file translated into the oldest format available, preferrably human readable! With electronic signatures; but the suit weasels in industrial corporations use my PE status to make me the scapegoat for all their deliberate ignorance and just plain stupidity.
The worst is to try to use a pdf of a tiff of a pdf of a jpg of a
Time to Go Galt and let their progeny "pick grit with the chickens" (Sen. Al Simpson).
You've got to elaborate a bit more than the short, uninformative sentences that you put up. What are you talking about? What is this "horribly thought out position" that you accuse me of having?
Let me break it down for you. You accuse me of being either:
a) a shill, or
b) an idiot,
even though I've pointed out some of the safety issues that stem from not being able to correctly copy when it would be assumed that you could, and by extension critizised Xerox (the company) for not comming forward with this, when they, as you put it "sat on the information".
Now, as dos1 pointed out above:
Actually, this is the case when earlier disclosure helps security, because when more people are aware of this problem, more people will take action to prevent it from happening (like setting higher quality setting as default).
So, again I must say: sorry, what?
The fact that this is even POSSIBLE makes me worry that there's covert firmware deliberately tampering with things.
First of all, how does it even know what a number *looks like*?
And how the hell does it SWAP numbers?
I've never known decompression artifacts to do that. It's just plain loony.
Something seems decidedly fishy here.
Unless, as with the hackable door locks, someone sues for a gag order.
You might not owe a corporation favors, but they certainly can try to FORCE you to grant them.
Flawed or sabotaged?
I think everything else you wrote was good but in the case of disclosing security attack vectors, letting everyone know or only letting hackers know, before giving the company a chance to fix the security hole results in a great many more hackers using the attack vector than if it had been reported without public disclosure. We have no idea who figured out the attack vector first, the researcher could very possibly be first, or be one of the first, to discover it. Do hackers always share attack vectors with other hackers immediately after finding them?
Security bugs are very different from functionality bugs and should not be compared. Similarly the disclosure of these bugs should follow different paths.
Think globally but act within local variable scope.
Hey, if Soylent Green were made of corporations, I'd buy it!
Socialism: a lie told by totalitarians and believed by fools.
Dishevel thought he was replying to the same AC you were replying too, however his nerdrage exceeded his ability to reply to the correct post and not make a public fool of himself. Sad, really.
Socialism: a lie told by totalitarians and believed by fools.
I personally know the people who configure aircraft and ATC systems. They do stuff like modelling the runway locations and airspace profiles around airports. Scanning and emailing printed data is something which they would do from time to time. There must be thousands of examples of safety critical data which is handled in this way.
http://michaelsmith.id.au
With compression you can store more bitmaps for longer, and transmit them for less.
http://michaelsmith.id.au
I believe the idea is that making this public knowledge before it is fixed does not increase exposure. All of the risk has already happened and people who know about the issue can't make it happen more.
From this file, located on Xerox's site:
Different devices represent different levels of ris
k. It’s axiomatic that as functionality increases
so does the potential risk. For
those devices, countermeasures are built into the m
achine to reduce the risk.
Not all copiers have hard disk drives. Those that d
o not are not at risk.
Some copiers and multifunction devices have hard di
sk drives, but do not use the hard disk drive to sa
ve document images. These are also not a risk.
Those copiers and multifunction devices that do use
hard disk drives to temporarily store images, shou
ld have an "image overwrite" feature that destroys the copied image immediately." That function should be built in, (which Xerox does), or installable via a security kit. If neither solution exists for the product, it is at risk.
Also, most copiers and multifunction devices that have hard disks include a disk encryption feature which encrypts all stored
customer image data with the state-of-the art AES encryption algorithm.
Xerox has developed a disk removal program so that prior to a device being returned a Xerox technician will remove the disks and leave them with the customer. This program charges a flat fee per machine for the service. Contact Xerox Customer Support for information on fees and availability in your geography.
Clearly, some Xerox "copiers and multifunction devices" store image data in non-volatile memory, in the course of their operation. Stop being a jackhole.
Well, the time required, for one. The image bed is essentially a scanner. Higher resolution means a slower scan. Second, even at low qualities, my experience is that a lot of the time, scanning at "low quality" settings will still give you better results than using an analog copier anyhow. Scanning at lower quality is just a tradeoff of quality for speed, with speed being optimized for.
It is pitch black. You are likely to be eaten by a grue.
Because programming is an art, maaaaaan!
Invent some half-assed lossy compressor, such as JBIG which is an ISO standard that was ratified so long ago that the patents applying to it have all expired?
One thing of note is that JBIG is very commonly used in higher-end faxes as it's significantly quicker than previous lossless compression algorithms. I wonder how many faxes have been silently modified in transit by this compression?
And, before you ask, there are many industries where faxes are still heavily used, such as in law - where silent modification of numbers in a table could prove to be very expensive...
Specialist Mac support for creative pros, Melbourne
It is done to make the engineering easier. The machine has three uses: printing documents, copying documents and scanning to a file. (Basically). So instead of building those three separate functional modes, you just build two and simulate the third. The scanner half scans to a file, and the printer half prints a document. The "copier" function is just those two functions piped into one another. Adding in compression makes the two halves of the machine perform faster with less memory, and *shouldn't* affect the copier function, except to make it easier to run at full speed.
Also, don't underestimate the size of raw image data. A black and white, 300 dpi letter sized page needs something close to 1mb of ram to store. No problem. Double that to 600 dpi and the amount of ram quadruples. Start adding in multi bitdepth pixels, or color, across multiple pages, and the amount of data starts getting silly. Not even just the RAM needed to store it, but the speed of the RAM and the data paths needed to push the data around and still print at the rated X pages per minute of the printer. Not the world's most difficult problems to solve, but they are made a lot easier if you throw in some nice compression. Even easier if the compression can be lossy.
The end result is that you can build a machine that is cheaper and performs up to the expectations of the user. The user really doesn't want to hear that their 1200 x 1200 dpi printer can only do that resolution at 4 pages per minute when the thing is advertised as being 47 pages per minute.
You only need to look at a modern photocopier to see that this is a highly plausible method of operation.
There is no direct optical path between the glass on the top of the copier and the drum that is used to print the image.
Or, see what happens when you put a document in the feeder and ask for 10 copies. You get them all nicely collated.
Older analogue copiers can not do this, without a collating output tray, as they can only directly make a copy of whatever's on the glass.
In a digital copier (just about every copier you're likely to see today) it scans the entire document into memory (often compressing it so that you can fit bigger documents in the limited memory) and then prints the multiple copies with all the pages in the right order.
Yes, I used to work for a copier company and I have direct technical knowledge of how this stuff works.
Specialist Mac support for creative pros, Melbourne
Yes, faxes? Remember them?
They're still widely used in many industries today. In fact, I applied for an Apple Developer account in a company name not too long ago and, unlike with an individual account, there is some paperwork involved that Apple insist must be faxed to them. Apparently it's more secure. Anyway, I'm not ranting about that issue today, but more the widespread use of faxes in the area of Law.
Lawyers love faxes. They fax everything they can. A lot of them are using email more and more these days, but faxes are still a critical part of their business.
Most faxes can use JBIG compression. High-end faxes use JBIG2 compression. This compression is what's been blamed in this Xerox issue. How many faxes have been received over the years that have been subject to silent modification of the information?
It's not hard to imagine a legal situation where just one number modified on a page could prove to be very expensive...
Specialist Mac support for creative pros, Melbourne
And corporations don't always fix problems, even serious ones, until they receive wider attention.
And even if they did, how many people would know about the fix to ask for it? At least now it's gotten enough publicity that a lot of users know about the problem and can use the workarounds until an official fix is available (if one is even possible, given the nature of the problem). If I had one of these copiers, I'd sure be reviewing my recent uses to make sure this wasn't going to substantially affect me. All of that's possible only because he told the world, unless you really believe from the bottom of your heart that Xerox themselves would have made this knowledge so public.
Dewey, what part of this looks like authorities should be involved?
One word: Bravo. You spared my lazy bum a comment :)
The copiers are using JBIG2, not JBIG, which is lossless. JBIG2 on the other hand has lossless and lossy modes. In both modes the algorithm employs "similar symbol matching," but in the lossless mode differences for each instance of a symbol from a reference are stored while the lossy mode stores only the reference symbols.
ImageMagick doesn't seem to support JBIG2 so I haven't been able to play around with it at all. I just wonder if even the lossless mode is safe since it sounds bug prone (i.e. unless they have unit tests on many images to guarantee bit-perfect reproduction, all bets are off).
.: Semper Absurda
Yes, the mistake was mine. I did mean to say JBIG2 which is, as you say, lossy. It's also been an ISO standard since 2001.
Re: their lossless mode - if they can mathematically guarantee that the output == the input under all input conditions, then we're safe with it. If it uses pattern matching and substitution (like the lossy mode does) then all bets are off.
I wonder why ImageMagick doesn't support JBIG2 - from the wikipedia article, Patents for JBIG2 are owned by IBM and Mitsubishi. Free licenses should be available after a request. JBIG and JBIG2 patents are not the same.
Specialist Mac support for creative pros, Melbourne
I have formerly worked for FXA as an analyst and can confirm that most digital copiers now "scan and print" when they "copy".
Sara
Designer, Gamer, Macgrrl in an XP World
I wish it did, I wanted to see if I could reproduce the error. Who knows, but its possible the companies are only willing to license individual users, not all the users of a project. I don't know how the ISO standards work - FRAND licensing or something?
.: Semper Absurda
You can generally pay some amount and get an ISO document - for the JBIG2 standard document I think it was something like 180 CHF.
According to JPEG (the standards group, not the file format)
Specialist Mac support for creative pros, Melbourne
however I kept nagging stating I wanted to publish within a few hours
Has this guy ever worked for a large corporation? They can't decide they need to take a dump within a few hours let alone anything requiring thought and consideration.
Sara
Designer, Gamer, Macgrrl in an XP World