How a Few Yellow Dots Burned the Intercept's NSA Leaker

On Monday, news outlet The Intercept released documents on election tampering from an NSA leaker. The documents revealed that a Russian intelligence operation sent spear-phishing emails to more than 100 local election officials days before the election, which ran through a hack of a U.S. voting software supplier. Hours later, the Department of Justice charged 25-year-old government contractor Reality Leigh Winner with sharing top secret material with the media. The DoJ said it Winner had "printed and improperly removed classified intelligence reporting, which contained classified national defense information" before mailing the materials. But how could the DoJ know that it was Winner who had printed the documents, or that the documents were printed at all? ArsTechnica explains: [...] The Intercept team inadvertently exposed its source because the copy showed fold marks that indicated it had been printed -- and it included encoded watermarking that revealed exactly when it had been printed and on what printer. The watermarks in the scanned document The Intercept published yesterday -- were from a Xerox Docucolor printer. Many printers use this or similar schemes, printing faint yellow dots in a grid pattern on printed documents as a form of steganography, encoding metadata about the document into its hard-copy output. Researchers working with the Electronic Frontier Foundation have reverse-engineered the grid pattern employed by this class of printer; using the tool, Ars (and others, including security researcher Robert Graham) determined that the document passed to The Intercept was printed on May 9, 2017 at 6:20am from a printer with the serial number 535218 or 29535218. Further reading: How The Intercept Outed Reality Winner.

Re:This wasn't the only way

[Jason+Levine]

How can someone work for the NSA and NOT be aware that they track everything? If I was an NSA leaker, I certainly wouldn't be e-mailing my leaks from my work computer/e-mail account. I'd set up a throwaway account (and even then would be looking over my shoulder every second).

Re: Reality Winner

Sadly, she is being charged under the Espionage Act. There is no defense, no mitigating circumstances, and she will spend many long years in prison as an example. Even if you disagree with her actions , this sounds inappropriate. Like the Soviet Union or China.

Re:Take a photo

[Train0987]

Or maybe don't leak classified information that you're sworn to protect in the first place?

Re:Lesson to learn

[Gr8Apes]

Then again, they also (reportedly) gave away her location (Augusta GA) to the government person they were trying to verify the documents with.

Wait, they have top secret government documents, and they're going to verify them with the government? And then give information of their source to the government? And then release the original photos of documents to the public? Did they also hand over the originals to the government so they could grab fingerprints and other forensic evidence off of them?

There is no excuse for how many failures the Intercept committed in protecting a formerly anonymous source. I'm going out on a limb here and say that this will be the last time they receive info from an actual anonymous source that isn't a complete idiot. Then again, as noted, Winner appears to qualify as a complete idiot, emailing them from work in the first place.

Re:This wasn't the only way

[h4ck7h3p14n37]

Diversity hire. Someone with her background definitely should not have received a Top Secret clearance.