Researcher Wants To Protect Whistleblowers Against Hidden Printer Dots

An anonymous reader writes: "Gabor Szathmari, a security researcher for CryptoAUSTRALIA, is working on a method of improving the security of leaked documents by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers," reports Bleeping Computer. "Szathmari's work was inspired by the case of a 25-year-old woman, Reality Leigh Winner, who was recently charged with leaking top-secret NSA documents to a news outlet." According to several researchers, Winner might have been caught after The Intercept had shared some of the leaked documents with the NSA. These documents had the invisible markings left behind by laser printers, which included the printer's serial number and the date and time when the document was printed. This allowed the NSA to track down Winner and arrest her even before she was able to publish the leaked documents. Now, Szatmari has submitted a pull request to the PDF Redact Tools, a project for securely redacting and stripping metadata from documents before publishing. Szathmari's pull request adds a code routine to the PDF Redact Tools project that would allow app operators to convert documents to black and white before publishing. "The black and white conversion will convert colors like the faded yellow dots to white," Szathmari said in an interview. Ironically, the project is managed by First Look Media, the parent company behind The Intercept news outlet.

any laser will watermark the document

even black and white laser printers can watermark the document. The pixels are small enough that you won't notice them and at normal 300dpi scanning they won't transfer, just like the yellow dots, but if you get hold of the originals, there's data on there that can be used to track back to the printer in question. Inkjets do it too, both black and color models.

Re:any laser will watermark the document

[RabidReindeer]

Long before laser printers, investigators were tying people to typewriters based on unique per-unit imperfections and wear patterns. You can do something similar based on drum and toner distribution variances even on a monochrome non-watermarked printer.

Granted, the judas dots also report the date and time, which helps nail a culprit on a shared resource, but the safest thing to do would be to OCR the printed documents rather than photocopy them.

Re:any laser will watermark the document

[Z00L00K]

A dot matrix printer is the solution to the problem then.

In some countries it's however illegal to try to identify sources that have leaked to the press.

Re:any laser will watermark the document

[msauve]

Even if the PDF docs are B/W, with no dots, what does it matter? It's the printers which do the marking, so the next printer to output it will still mark it. What reportedly got her discovered was that she leaked a printed copy - this wouldn't do anything about that. The claim that's what inspired this is nothing but marketing, trying to hype the work based on current events.

I suppose he's thinking of the case where one scans to PDF, and distributes the electronic version.

Re:any laser will watermark the document

[TWX]

So the solution is to either scan/OCR the smuggled-out document and destroy the printed-copy original before presenting to the third-party source, or else to utilize a third-party source that's smart enough to do this themselves.

The dot-pattern in the printer is not meaningful if it doesn't exist, and since it takes a forensic examination of the printout to identify the dot pattern it's not something that a security guard is going to be able to routinely check at a building security point.

Fundamentally it comes down to understanding the technology one is using, and to mitigate the pitfalls. If you're ignorant or stupid then you'll probably get caught.

Re:any laser will watermark the document

[TWX]

Because you can so surreptitiously print-off dozens of pages of incriminating documents in a cublcle-farm on a dot matrix printer that you had to bring-in with you and that no one has ever heard run before...

Re:any laser will watermark the document

[TWX]

And now you know why.

Re:any laser will watermark the document

[PPH]

This.

And even if you feed a color printer a black and while document, what's to stop it's firmware from inserting the yellow dots? AFAIK, these watermarks aren't part of the PDF content. The printer generates them.

Of course, I could mess up the watermarking process by refusing to replace my printer's yellow ink cartridge.

Re: any laser will watermark the document

No. If you're printing the hardcopy yourself you're doing it wrong.

Look up the phrase Canary Trap, there's a lot of ways to fingerprint a document which are more difficult to detect than watermarking.

Re:any laser will watermark the document

[demonlapin]

If you can smuggle out a fat pile of documents, you can smuggle out a USB drive. Print at home.

Re:any laser will watermark the document

[demonlapin]

And he's discovered the attack vector: put water in the yellow ink reservoir.

Re:any laser will watermark the document

[blindseer]

People have been caught with leaked documents by tracing back who had access to these files, looking at folds, smudges, and other imperfections in the printed page, and so on. The watermark only adds another level of data to trace back the source.

This has been true in other cases. People could track back typewritten pages to certain models of typewriters by the font, spacing, and so on. Adding further analysis to things like wear patterns and manufacturing defects on the letters can add some additional data to work with. In the end it takes more than just tracing it back to the device to trace it back to the person since these devices (printers, typewriters, whatever) can be shared among several people.

We'll see this in tracing firearms. Law enforcement might have access to things like serial numbers, fired bullets, and other records but this is meaningless if people do things like, falsify the registration, file off serial numbers, steal/sell/borrow the weapon, change the barrel (making tracking by patterns on a fire bullet useless), beat up and abuse the weapon (which can alter wear patterns on the fired bullet, wear off serial numbers, etc.), and so on.

Fundamentally it comes down to understanding the technology one is using, and to mitigate the pitfalls. If you're ignorant or stupid then you'll probably get caught.

That I can agree with. If one doesn't know that the gun bought to commit a crime has had the bullet patterns recorded with law enforcement before the gun was even sold, and a recovered bullet and manufacturer records can trace it back to the owner, then this can get one caught by the police quickly. What this cannot do is trace it back to the person that fired the gun since the owner may not be the same person that fired the bullet. It can shortcut a lot of work that has to be done but it cannot eliminate it completely to get a conviction.

These firearm records have in fact been so useless in tracking criminals that they've been abandoned by many governments. They cost too much to maintain and they almost never trace back to the criminal. Anyone that claims them to be useful is an idiot or ignorant. Because of this I have to wonder about the utility of these color printer watermarks. They may have worked in a handful of cases but once people figure this out then it's trivial to circumvent and it becomes worthless and expensive.

Re:any laser will watermark the document

[Uberbah]

Long before laser printers, investigators were tying people to typewriters based on unique per-unit imperfections and wear patterns.

I wonder if that's like the pseudoscience behind bite mark "experts".

Re: any laser will watermark the document

[TWX]

Of course there are lots of ways to identify a document back to the originating person. The reason for mentioning printing in the first place is that perhaps in this instance there was no particular means by which to electronically remove the document, such as more thorough logging of the insertion of flash media or copy-access of files, but there could have been a demonstrable need in the office to print, such that printing a limited number of documents for smuggle-out would not really stand out, and where checkpoint security guards might not be in a position to thoroughly check paperwork ad people come and go.

In such circumstances the information perhaps must be removed on-paper, but once it's out then it's in the smuggler's interest to do something to obfuscate the origin of the document. At a minimum simply either OCR-scanning and then generating a text version, or else manually transcribing to an electronic version, to remove some of what can easily be removed.

Re:any laser will watermark the document

[dwywit]

Just put your magenta ink cartridge in the yellow's slot, although some cartridge chips might trigger a "wrong colour in slot #3" warning.

Instead of water, then, mix all the colours up - pour out half the ink from each cartridge, then pour the magenta into yellow, the yellow into cyan, and the cyan into magenta.

Oh, wait. The operator is trying to be surreptitious.

Re:any laser will watermark the document

[techno-vampire]

No. As a typewriter, either manual or electric, gets used, the hammers wear in distinctive ways, and sometimes shift position. Given a sample, it's not hard to see that (as an example) the left edge of a lower-case t's crossbar is worn, the bottom of the upper-case P doesn't quite go all the way down and the lower-case e has shifted up and to the right. Once you know that, you can look for those specific imperfections on a document and if you see all of them and no others, you can be sure that the typewriter in question was used to create the document. And, unlike some other forms of identification, it's very rare for two experienced investigators to come to different conclusions, either in court cases or blind trials.

Re:any laser will watermark the document

[denzacar]

Because of this I have to wonder about the utility of these color printer watermarks. They may have worked in a handful of cases but once people figure this out then it's trivial to circumvent and it becomes worthless and expensive.

Worthless? Expensive? To whom?

Watermarking is done by the manufacturer as a part of printer's firmware.
The cost of writing it is long amortized. While its implementation is currently costing about as much as a single copy/paste would.
I.e. There is no cost.
There is also no cost of record keeping as all you need to know is printed right there in the watermark.

As for circumvention...
It's like saying there's no point in collecting fingerprints because there are such things as gloves and cloth rags to wipe the prints away.

BTW, firearms records are not there for "tracking criminals". They are there for tracking GUNS and people who buy and sell them, possibly illegally.
Which, just like with printers, narrows down the pool of suspects from EVERYONE - to just the people who had access.
In the much talked about Reality Leigh Winner case, the pool of possible suspects was immediately narrowed down to only 6 and she was arrested in a matter of weeks... from the leaks.

Re:any laser will watermark the document

[RockDoctor]

a dot matrix printer that you had to bring-in with you and that no one has ever heard run before...

--

Do not look into laser with remaining eye.

Or, in this case, "do not listen to dot matrix printer with remaining ear."

Re:any laser will watermark the document

[david_thornley]

The yellow dots identify the printer that printed the document. If you hand something over to a newspaper and they print it on their color printer, the dots will identify the newspaper's printer.

Re:any laser will watermark the document

[Rakarra]

Obviously you have never worked at secure facility. USB ports are locked down, either disabled completely or restricted to HID.

Bradley Manning was able to write documents to CD that he smuggled out as audio discs. Granted, that particular incident may have caused a review in who has access to what devices on a system.

Called a black and white PHOTOCOPY

[gurps_npc]

Turns colored dots into black ones. Problem solved.

Re:Called a black and white PHOTOCOPY

[Quarters]

How does making the markings easier to identify help in anonymizing the document?

Re:Called a black and white PHOTOCOPY

[Impy+the+Impiuos+Imp]

Presumably light colors are mapped to white rather than black.

Re:Called a black and white PHOTOCOPY

[jellomizer]

Unless you can find an analog copier. The digital ones will put the watermark of the copier on it. And the analog copier often has defects due to analog technology that could allow it to be traced back.

Re:Called a black and white PHOTOCOPY

[AHuxley]

Photocopy machines now image every document copied. They also CCTV everyone using them and have paper counter.

Re:Called a black and white PHOTOCOPY

[Z00L00K]

Just use a copier in a public place. I have even paid for copies made in a bookstore once of a document I had.

Re:Called a black and white PHOTOCOPY

[ooloorie]

And the analog copier often has defects due to analog technology that could allow it to be traced back.

No, it doesn't allow it to be "traced back" because there is no registry of analog copiers. Color laser printers are special because you need no other detective work for finding the printer: the yellow dots are designed to make that identification trivial.

For other printing technologies (inkjet, black and white printers, etc.), you can only prove that a document came from a particular printer once you have "traced it back" via some other means.

Re:Called a black and white PHOTOCOPY

Sigh - use a cheap consumer camera or phone. Photograph some secret documents. Pictures will be slightly unsharp, obliterating any small "dots" that the original printer put there. Text will still be readable.

Now, of course any digital camera add its own identifications but:
1. You can buy your cheapie camera/phone anonymously at a flea market, stopping the trace there. Toss it after use.
2. You can easily strip all EXIF from an image so the pixels are all that is left. In theory, there may be information hidden in pixels too, but the cameras tend to be Japanese/Korean not American. So less such nonsense.
3. Further obscurity by converting the image between formats several times, using different sw each time. Perhaps do some smoothing & sharpening to loose small details. Definitely convert to b&w. One of the steps might be "show it on screen", then do a screendump. The dump would remove all metainformation an image editor otherwise attempt to preserve.

If you are really paranoid, use an analog camera with b&w film that you develop yourself. Lots of photo artist/hobbyists still do that.

Re: Called a black and white PHOTOCOPY

[drewsup]

Good luck with that, the last analogue copiers came out mid/late 90's and are certainly crushed and recycled by now

Re:Called a black and white PHOTOCOPY

[FormOfActionBanana]

Didn't they always image every document copied??

Re:Called a black and white PHOTOCOPY

[AHuxley]

In the past the UK had photocopiers in very secure areas. No paper count, no CCTV, no ID to copy, no hidden internal camera record what was been copied per page.
Spies could just make as many copies of secret documents they could walk out with every day.
New paper was ready the next day.
Once that issues was finally understood a lot of internal and external changes got made to photocopy equipment for the mil/gov.

Re:Called a black and white PHOTOCOPY

[demonlapin]

Analog ones only stored one run of the drum.

Re:Called a black and white PHOTOCOPY

[GameboyRMH]

I'm not sure that would anonymize the document, for example what if the dot pattern were printed over a black background? B/W conversion would leave the dot pattern in place, just in white instead of yellow.

Re:Called a black and white PHOTOCOPY

[interstellarsurfer]

Inkjet printers use the hidden dot serial scheme too, all digital printers do. IIRC it was put in place originally to help protect against counterfeit currency. The fact that it makes investigation of every other kind trivial is just a bonus for the three letter agencies.

Re:Called a black and white PHOTOCOPY

[ooloorie]

Inkjet printers use the hidden dot serial scheme too, all digital printers do.

When you fabricate facts, try to stick to something that's less easy to falsify.

IIRC it was put in place originally to help protect against counterfeit currency.

That was the political justification; whether it was the actual motivation is anybody's guess. But, I suppose, gullibility goes along with your evident penchant for fabrication.

Re:Called a black and white PHOTOCOPY

[RockDoctor]

Inkjet printers use the hidden dot serial scheme too, all digital printers do.

I've used a daisy-wheel printer (to print out my honours thesis), but that was only analogue in it's character-to-glyph engine - the epyonymous daisy-wheel. The rest of the printer was as digital as the Teletype () terminal I printed my rough copies on, which only had a RS-232C DB-25 data connection to the mainframe. Just ever-so-slightly digital. To be honest, I think if you wanted to find an analogue printer, you'd need to go back to setting up type manually - which I've done too. Try using a steam-powered (literally) Linotype ( as well) machine and you're still looking at a (Steam Punk) digital storage to assemble the line of print and cast it.

False confidence

[c]

I'd operate under the assumption that the NSA has hacked their hardware and software to put document tracking information into things like font rendering and image dithering artifacts.

OCR into a plain text file and strip out any formatting. It's the only way to be even remotely sure.

Re:False confidence

[drinkypoo]

It's probably enough to a) strip all the non white/black pixels with a threshold filter and b) convert down to a very low resolution, like 72dpi, suitable for screen viewing, especially if you c) run it through another threshold filter at the end. This will make it look like crap, but preserve formatting which helps verify the validity of a document.

Re:False confidence

What if they add random casual text that is specific to a given document for a given user ? Or changing random words with synonyms, only to make the document unique ? Even little grammar/typing mistakes would do, as long as the message stays similar... Probably one should make pass it through a chatbot to be "remotely sure" ;-) In short : "add noise, a lot of noise" ?

Re:False confidence

[swimboy]

That sounds like sending a fax to me.

Re:False confidence

[AHuxley]

Re "hardware and software to put document tracking information"
Expect layers of new software and hardware to create documents that will show a or a few staff who had access or created access.
The problem is the US media likes documents to send to different outside experts to prove they are real.
Font, date, designs, format, spelling, names mentioned, layout are all expected and then get reported on.
The US is now using the demand for real documents as a method to ensure their per document surveillance will make it out to be published.
The need for documents has been used as an easy tracking tool.
Expect changes to font, layout and other per document changes to be automated on document creation too.
Every document is been saved per person getting a file or opening a file in real time. A very slight but unique change per person per file.

Re: False confidence

They already do that, it's called a Canary Trap. But that doesn't tell you who stole it, it just narrows it down to the people who were authorized to have it.

All of this is spycraft which has been known and widely discussed for decades, and longer. It's why Journalists are supposed to know to never give out originals or direct quotes from leaked documents, they should always be transcribed by hand. And even then it's not always enough to hide the origin.

Re:False confidence

[c]

My gut feeling is no. They could do some neat stuff with, say, playing with word spacing or kerning that would still flow through if formatting were preserved. The number of bits that need to be coded is so small...

Of course, and OCR filter assumes they don't mess with the actual document content. If they go that far, nothing short of paraphrasing will hide the source

Re:False confidence

[Type44Q]

I'd operate under the assumption that the NSA has hacked their hardware and software to put document tracking information into things like font rendering and image dithering artifacts.

Three words: National Security Letters.

Re:Reality Winner

[Quarters]

No, no one. Well maybe just you. The rest of us are intelligent enough to realize that security clearances aren't determined by discriminatory items such as a person's name.

Re:Reality Winner

[110010001000]

I think the purpose of a background check is to be "discriminatory". What a dope.

Call it "2024" instead of "1984".

[Impy+the+Impiuos+Imp]

"This is useful to detect whistle blowers in the US."

Again, we are sacrificing billions around the world to dictatorships who will just use the exact same products to clamp down on their own people.

If 1984 were to be rewritten, it should have been from the point of view of many billions living in grinding dictatorship, being spied on by their governments simply using commercial products sold to them by some hundreds of millions living in relative freedom, embedding spying tech in those products to catch mundane crooks in their own society.

Actually no...

[Gravis+Zero]

by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers,

This is incorrect. The purpose of the dots and why they are limited to color printouts is because they are intended to be used to identify currency counterfeiters.

wiki

During the 1990s Xerox and other companies sought to reassure governments that their printers would not be used for forgery.

Re:Actually no...

[Z00L00K]

Just be aware that there's no reason to turn off the feature just because the printing is in black and white. Many color printers still uses all colors to print black and white prints, even though it's wasting toner. I have discovered that myself - printing a large pile of papers black and white and the level for all colors went down.

Re: Actually no...

[drewsup]

Originally, yes, if you try to copy currency now, it will lock out a board that needs to be sent to factory, along with a lot of questions to answer by the factory and secret service, and your copier will be bricked in the meantime

Re:Actually no...

[AmiMoJo]

Whatever the reason, it's open to abuse.

I wonder if it would be better to add some fake dots too.

Re:Actually no...

[ooloorie]

The purpose of the dots and why they are limited to color printouts is because they are intended to be used to identify currency counterfeiters.

That is the justification, not the intended purpose or the actual functions. Those three concepts are entirely different.

TFA is correct: the yellow dots are "used to watermark documents and track down leakers". That is one of their functions, even if it wasn't the justification.

I suspect it was also their intended purpose (i.e., the political justification was probably a lie).

Re:Actually no...

[ooloorie]

Many color printers still uses all colors to print black and white prints,

If you print a black-and-white document in color mode, the yellow dots will be there.

If you print any document in an actual black-and-white mode on the printer, the black cartridge is all that will be used (i.e., no yellow dots).

So, you need to select the correct printing mode.

Re:Actually no...

[Z00L00K]

I did set the driver to B&W mode and it still used color cartridge toner too.

Of course it may depend on the printer how it works, just don't rely on the yellow dots being omitted just because you set B&W since the amount needed for those dots is minimal and not possible to be measured.

Re:Actually no...

[blindseer]

This might also explain why my printer refuses to print in B&W when it's out of one of the color inks.

The black cartridge is a bit larger than the color ones, and I rarely use the inkjet for B&W printing. Once in a while I find myself in a situation where I want a printout, don't care if it's color or not, while I'm low on ink and my laser printer is acting up. The inkjet printer refuses to print and I'm forced to take the time out of my day to run for office supplies when I'd rather just do that on the weekend. This happened more often than I'd like and I realize it happened because I was not buying ink when I should. I have recently acquired a new laser printer and so this should not happen again for a long time.

Then again it might just be stupid software in the printer that does not know the difference between B&W printing and color printing when checking ink levels.

Re:Actually no...

[denzacar]

Black and white is a mode of the driver.
Steganographic dots are included on the firmware layer.

Besides that... grayscale or even pure black and white are no protection from steganography.
Stegatone encodes about 2k bytes/square inch.

Re:Actually no...

[denzacar]

For fake dots to work, you'd need to "jam" the dot-code by adding dots to the message.
Doing that would require calibration for every single printer AND probably a special driver (or a customizable one) for every single printer.

And it would only work if steganographic dots are NOT randomly distributed OR they are distributed in a very predictable pseudo-random fashion.
Still... Yellow dots are just one way of including steganographic data in printouts.

       

One solution conveys data using blocks of output pixel shapes
[3]. Some techniques employ a watermark to convey visual
information [4][5]. One such idea uses two halftoned versions of
the same image that must be overlaid to reveal the hidden bitonal
watermark; the complementary halftones are called "conjugate
pairs" [6][7]. Dispersed-dot dithering approaches also hide data by
manipulating image edges [8], or by toggling pairs of pixels [9].
At Purdue, Allebach has pursued the policy of not disturbing the
data and instead has focused on embedding data in sub-pixel
offsets available in some electrophotographic printers; he calls this
the "printer mechanism" in his feasibility studies [10].
Clustered-dot halftones have been used to carry information
by creating asymmetric shapes in the clusters, such as ovals [11],
and manipulating shape orientation to encode a bit. Limited
information can be embedded in clustered-dot screens by altering
their phase and frequency [12]. For recovering individual ink
patterns from color clustered-dot printed halftones, a solution for
separating the scan of such halftones is reported [13]. Anoto [14]
covers an entire page with dots of the same size and shape where
every dot is shifted from a nominal position as a form of encoding,
but is not in any way used to halftone an image or encode an
arbitrary payload.

Re:Actually no...

[ooloorie]

Black and white is a mode of the driver. Steganographic dots are included on the firmware layer.

And the sky is blue!

Besides that... grayscale or even pure black and white are no protection from steganography.

Besides that... the sky is blue!

Re:Actually no...

[RespekMyAthorati]

Then again it might just be very smart software in the printer that does know the difference
between B&W printing and color printing when checking ink levels
but reports a bogus "low ink" message to trick you into buying cartridges that you don't need..

FTFY.

Irony much?

[McFortner]

Is it just me, or does the part about "...working on a method of improving the security of leaked documents..." sound rather ironic considering that the ones in question were secure documents that shouldn't be released in the first place?

There is an easy enough solution

[Vermonter]

A color printer will print faint yellow dots for a water mark. Simply print the documents on yellow paper, then photocopy them on to white paper (and a low quality scan setting to be safe).

Re: There is an easy enough solution

[KGIII]

A copier which possibly retained a high resolution scan of the original.

Re:Retro tech?

[jellomizer]

Back in the day typewriters were traced back because of manufacturing defects so the e may be typed 1/24th of an inch higher and 1/12th inch to the left.
A dot matrix printer could have pins that are in tolerance but have defects that could allow it to traced. The same with line impact printers.

Re:Reality Winner

[avandesande]

How can you call her a whistle blower? The value of the information to the American public was small or non-existent and it tipped off the Russian that we were on to them.

Perhaps...

[thegreatbob]

... use yellow paper?

Re: Perhaps...

[KGIII]

I've seen this a few times, as I read the thread. Paper may not reflect the same spectrum as ink does, regardless of the reflected wavelengths that your eyeball is able to receive. What is yellow to you may not be the same to a machine that is able to receive more of the spectrum than your eyeballs can.

OCR removes authenticity

[mi]

OCR the printed documents rather than photocopy them

It is much harder to prove authenticity in this case. Like rewriting the text by hand — it just is not as convincing.

That said, when it comes to accusing Trump, authenticity obviously yields to outrageousness in importance...

Re:OCR removes authenticity

[RabidReindeer]

One printout is just as unconvincing as another. The thing that brought down Dan Rather was that in his case the computer printout in question used anachronistic fonts. But an email dump with full headers can be cross-referenced back to its sources, even if you have it replicated by monks on an illuminated manuscript.

The important thing here is that the original printer isn't going to be made accessible to people trying to confirm the truth of the leaks - only to people trying to trace them.

Re:OCR removes authenticity

[mi]

One printout is just as unconvincing as another.

Not true. Though neither is proof, an actual copy is more convincing than notes taken by someone, who claims to have seen the document. Or, for another example, the posted scan of a copy of Obama's birth certificate was less convincing, than a scan of original. And so on — the further away it is from the source, the less convincing it is.

Re:OCR removes authenticity

[GuB-42]

There is kind of a conundrum here.
The best way to prove authenticity is to reveal as much metadata as possible. This is also how you get caught.
In fact getting caught is a great proof of authenticity. And we now know that all documents with the same printer dots as the ones that got the guy caught are likely to be authentic.

Re: Retro tech?

[jddj]

Send it through an older fax machine. Bet Goodwill has one.

Easy

[Kohath]

Every agency office should install a special "whistleblowers only" printer in a prominent location near the office entrance.

Re: Reality Winner

100% this. I am NOT a fan of Donald Trump and if he were impeached I'd be thrilled. I do think the Russians were involved on some level in the election and I do think there might have been some shady things going on with his staff.

But at the same time, she's leaking sensitive information that's not her place to decide on. It may be part of an ongoing investigation where we don't have all the facts yet, it may be enough to reveal a source or method, or it may have been disproved by new information she didn't have access to.

It wasn't her place to leak this. There is currently an ongoing investigation in congress. If she wanted to get this out, contact one of the progressives or anti-Trump Republicans on the committee, meet them in a SCIF, and tell them the information in a classified setting.

Leaking this doc doesn't help anyone. It doesn't help her cause... if anything, it hurts it, and it has the potential to hurt ongoing intelligence collection.

Easy solution

[Megane]

Don't use a color printer to leak shit.

Why?

[nospam007]

Who besides old geezers use printers anymore?
Convert the data to a textfile.
Use TOR at a Starbucks coffeeshop with a beard, sunglasses and a Trump hat and send the fucker to the New York Times Leaker page.

Re:Why?

[AmiMoJo]

Original document copies lend credibility to the leak. It's like the headers in an email leak, they give the reader some confidence that the leak isn't fake because of the extra effort required to produce them and the increase probability of a scammer making a detectable mistake.

Re:Why?

[radarskiy]

How did you exfiltrate the text to Starbucks?

Re:Retro tech?

[l20502]

So what? As long as you can dumpster dive a bunch of them it shouldn't be an issue.

Re:Retro tech?

[Z00L00K]

I still have an Epson FX-100.

Re: multistep process

[Z00L00K]

Print on yellow paper.

biting off the nose to spite one's face

[s.petry]

What you said hints at the big picture. Removing the means of identification would protect criminals, who are far more common than actual whistle blowers (of which Reality Winner is not). Forgery is just one crime, but there are a whole lot of other crimes where printer signature is significant. I'd argue that the majority of those happen to be white collar crimes.

Re:biting off the nose to spite one's face

[bradley13]

Oh, yes, another technology that's fine to use, because you have nothing to hide. Let's put a GPS on your car as well, and log everywhere you drive. After all, it will help catch criminals, and it should bother law abiding citizens.

This technology has been around for so long that we've come to accept it, but seriously: think about it. Every document that you print can be tracked back to you, along with the exact time that you printed it. This may be only a small part of it, but it is part of the totalitarian wet-dream.

Re:biting off the nose to spite one's face

[Somebody+Is+Using+My]

Every document that you print can be tracked back to you, along with the exact time that you printed it.

Every document I print cannot be traced back to me since it is unlikely the government has a record of all the serial numbers of every printer and who bought which one. Arguably, with a good deal of investigation they might be able to find out that a printer with a specific serial number was shipped to a certain store near me, and - assuming I used a credit-card - that I bought a similar model printer from the same store but that's still not a direct connection (especially - as is likely - if more than one of that model printer had been sold in that store). Were I really worried about such things, I'd go to the next state (or even two or three states over) and buy a printer with cash to get my print-outs; good luck tracing a print-out back to me then.

The yellow-dots aren't there to identify people, they are there to identify forgeries (specifically, counterfeit monies). They basically say, "Hey, this wasn't printed on a proper press but instead slid out from a consumer-grade printer". The government was only able to identify Reality Leigh Winner because they happen to own the printer and thus can easily match up the serial number.

Re:biting off the nose to spite one's face

[doom]

... than actual whistle blowers (of which Reality Winner is not ...

More and more, I come to appreciate these flashing lights that conservadroids wear to make identification either.

Re: biting off the nose to spite one's face

[KGIII]

I am pretty much as far left as a lefty ever lefted.

Have you actually read the material she leaked? You might want to. You're making the left look even sillier. Really, read it.

Re: biting off the nose to spite one's face

[KGIII]

I like how you attempt to twist the end. You call it a hopelessly naive retard.

You know what? I maintain that a person without hope is the lowest point of humanity. If you don't have hope, why bother commenting?

Nah... I have hope in humanity. Really, I do. I just figure it's probably going to *actually* be several hundred generations. If we can live that long, I have hope.

Re: biting off the nose to spite one's face

[doom]

God damn. And I was sure that whistle-blower denialism was an infallible indicator. I should've waited for you to shout "traitor" and insist she was really an agent planted by them.

Re: biting off the nose to spite one's face

[KGIII]

I miss drugs. I really do.

1) Few people are technically traitors. For example, even if Trump is guilty of EVERYTHING people claim, he is not technically a traitor.
2) I'm pretty sure you're insane. It's okay, some of my best friends are insane. She didn't release a damned thing of interest/value.

You're welcome to make a whole bunch of assumptions about my beliefs and voting habits. In fact, I encourage you to do so.

Again, I remind you, I'm as left as a lefty ever lefted. I'm left enough to make a European blush. I'm the guy who insists we can afford/demand/earn single payer health care. Not only that, I'm the guy who actually pays taxes and says he should pay more in taxes than he does. Hell, I do pay more in taxes than I own - technically and only technically. And only 'cause I'm kinda lazy. Also, I get away with claiming that 'cause you can donate to the US government, by means of taxation. In my case, I sold my business. On my way out, I donated to NASA. Yup. You can donate to NASA. You can't earmark it, and it has to go to the general funds, but you can donate to NASA. I have done so, putting my money where my mouth is.

Re: Reality Winner

[I'm+New+Around+Here]

Because the document is really nothing more than all the bogus stories that have been printed and reported since the election. There is no actual evidence of the claims they make, other than a possible IP address. Everything else is supposition based on "We know the Ruskies were in on it, somehow.".

Re:Ironically

[Z00L00K]

Even dots that don't move betrays you, they are likely the serial number of the printer in question.

If you want to make a mess, then pick up discarded papers that has passed the printer before and run your print on them. It's not uncommon that some prints have waste blank pages included.

Easier

[argStyopa]

Look, just throw the stupid document on a copier and they're gone.

This isn't rocket science. What sort of a moron would print a document IN THE NSA and then hand that original to a reporter?

She needs to go to prison for the maximum span.
I personally believe Snowden should be pardoned, and they should stop pursuing Assange, but not every leak is sacrosanct, nor is every leaker a saint.
She clearly did this as a political act, despite signing documents affirming she would keep information confidential.

Basically, leaking info is like using a legally-carried handgun: you should do it only if you accept that the consequences of not using it are worse than the punishment you'll receive, and be perfectly ok with that result.

Re:Easier

[dbIII]

She clearly did this as a political act

Yes, she'd prefer the USA to be run along the values of George Washington and not a Tsar - definitely political but what exactly is wrong with that?

It's not just R vs D here. It's gone international. Do you really want to back a side other than the home team?

Re:Easier

[Required+Snark]

So how long should Trump be in jail for leaking code word secret information to the Russian ambassador when they were in the Oval Office?

Sounds like a hanging offense to me.

And before you try and pull that "he's the President, it was legal" crap, he arguably broke his oath of office. And anyone capable of rational thought should realize that "high crimes" should include blabbing secrets no matter who your are.

Re:Easier

[EmptyHead]

I don't know why they call it whistle blowing when it is a mass document dump. Mr/Miss Manning dumped about 300,000 documents just to hurt the USA as much as possible. There is nothing admirable about that. Snowden wasn't much better. If they were passing information to a congressmen with a security clearance - AFTER attempting internal channels, I'd be a lot more sympathetic, but they are dumping it out there for all the world to see, especially the bad guys.

Need to bring back the death penalty for this treason - although the definition of treason has been narrowed to an unenforceable extreme. You'd basically have to give it to the enemy on a battlefield while stating that your wish to betray your country for treason while being broadcasted on TV for it to kick in nowadays.

Re:Easier

[RespekMyAthorati]

Never has there been a more apt username.

Re:Easier

[painandgreed]

This isn't rocket science. What sort of a moron would print a document IN THE NSA and then hand that original to a reporter?

She needs to go to prison for the maximum span.

Given that she did just about nothing to hide her identity and, in fact, seemed to be purposely laying clues by doing things like using her work computer to contact the site, and general suspicions about her personality due to her name change, I really begin to wonder if she didn't mean to get caught in some sort of seeking of Herostratic glory.

How to protect your documents

[AHuxley]

Contractors will always have a lot staff ready for any level of US security.
Look into the past of every staff member. Education, politics, languages, university, mil, gov, internet, protests, work, hobbies, interests.. walk the resume and interview everyone in person. Educators, friends. See what a person was like.
Learn from the issues the UK had from 1930-70's. Learn how the UK solved its internal security issues.
Learn why the USA was so good at security from the 1950's-80's.
Once a person has a job with security considerations keep on looking at their work and how they use the "internet", their politics, education, interests, hobbies, friends..
Keep looking, all year, every year.
Two contractors now working together is not a new security policy.
Create perfect bait projects and files just for staff given their politics, see if they respond.

Don't strip them, add different dots

[140Mandak262Jamuna]

After stripping the hidden yellow dots, we should get the option to add a different set of yellow dots.

The Ice Station Zebra option should add cartoons of Disney characters as faint yellow dots after stripping the original finger printing.

Re:Reality Winner

> The value of the information to the American public was small or non-existent [...]

Because the up-to-now "theoretical" vulnerabilities of voting machines seem to have a "practical" side? That's uninteresting to the public?

Imbeciles

[kbg]

It's clear that the staff at The Intercept are complete and utter imbeciles. It really seems that they didn't even know about the hidden printer dots which everyone (and I mean everyone) has known about for the last decades. Everyone at the Intercept should be fired and not ever work as a journalist again. This is just really really stupid. Even if you didn't know about the printer dots, sharing the documents with NSA is just mindboggling. Everyone should be fired.

Re:Reality Winner

Names are typically very representative of culture, in particular parents culture. In this case "Reality Winner" pretty directly points to `hippy idealist nutcase' culture. Mohammed is typically muslim, whilst something like Eriksen in the US would typically be Scandinavian and of a higher cultural educational level (not having changed their name to a local one as most US poor or low culture immigrants do) etc. If you select or avoid people according to their surname then that will lead to unreasonable discrimination which is why recruiting places in civilised countries often avoid showing the surname on CVs during recruitment.

In other words, in the grandparents terminology, names are a "discriminatory item", or in longer form, a piece of information which could be used for immoral (and probably illegal) descrimination and which you shouldn't take into account when recruiting.

Re:Reality Winner

[Frosty+Piss]

How can you call her a whistle blower? The value of the information to the American public was small or non-existent and it tipped off the Russian that we were on to them.

Absolutely

The value of the leak is not in what it says, which any smart person probably assumed was happening anyway, but in that we knew it at all, which is to say the Russians now know that path has been detected where as before they did not.

There is one small thing which is that the Administration can not continue to deny the level of Russian interference with stuff like this out, but that's not really a bomb-shell because no one believed them anyway.

Actually, yes...

[Frosty+Piss]

by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers,

This is incorrect. The purpose of the dots and why they are limited to color printouts is because they are intended to be used to identify currency counterfeiters.

1) They where originally designed to identify currency counterfeiters.
2) They are as well quite often used to track down leakers (both government and business).

Re:Reality Winner

[dbIII]

After "Darl McBride" of SCO infamy, "Oral Roberts" and so many more it's clear that weird names are just something people do in America.
Her actions in putting her own country before Russia should be considered before making fun of her name.

There's more news to come I'm sure - stay tuned for more Russian backchannel action.

Re:Reality Winner

[dbIII]

No.
It tipped off the public.
The Russians appear to have already known and already put pressure on to stop the investigations.

Sweet

More liberals making a mockery of themselves. Today's example: Publicly white-knighting for a treasonous cunt and advocating for better privacy protection for secure documents by making it easier to leak them to the press. And he STILL won't get any fucking pussy!

Film at 11, jerking off in their parents basement after coming home from the "security researcher" job at the uni. (Emptying bins in the security research lab I guess counts these days!)

Intel Specialist? Really?

[Frosty+Piss]

Well...

Being an "Intel Specialist", if she was worth her salt, she could have simply memorized bits of the content over a few days and recreated it at the library in a text document.

Or, if she was inventive, she could simply have made it all up and created a realistic document. I'm surprised this doesn't happen more often, if you know the format it's very easy to create believable stuff, and the formats and classification markings are documented in publicly available government regulations / instructions as a matter of public record.

Re: Reality Winner

[dbIII]

But at the same time, she's leaking sensitive information that's not her place to decide on.

It may be a stupid action, I have no idea, but when this material of national importance is being denied at the highest levels maybe it's time to get the word out and put the country first instead of the chain of command.

Re:How do yellow dots work in B&W printers?

[FormOfActionBanana]

Those can't be used to print fake currency so the feature was never required.

Re:Reality Winner

You posted as AC, and you STILL said 'effin'. LOL

Re: Reality Winner

[KGIII]

This is true. I often ignore posts from Anonymous Coward. It depends on how much time I have. If I don't have much time, I mentally filter them out. If I have time, I read them. Oftentimes, they don't say much that is worth my time. So, I sometimes miss out on good posts, but I consider it worth it.

Re: Reality Winner

Her parents called her Sara. She changed her name to "Reality"

Re: Reality Winner

It is ABSOLUTELY her place to decide on.

In fact, it's her DUTY to release information like this. It's the duty of ANYONE who has classified information to make the decision that the public needs to know, and if so to release it to the press.

Here's a better idea/hint for whistle blowers

[Artem+S.+Tashkinov]

Don't leak raw documents - digitize and run them though any OCR.

Moral of the Story:

[Roger+Wilcox]

Don't trust The Intercept with your leaked documents--those fuckers will rat you out to the NSA.

Journalists have a moral responsibility to protect their sources when necessary, and The Intercept fails.

The Intercept wants everyone to know: "We won't break your story. We'll turn you in."

Re:Multiple printers.

[Swave+An+deBwoner]

"It's definitely this Anonymous Coward guy. My store had a big sale on printers last week and he shows up at checkout with five of them. I told him there's a limit of two per customer because of the sale but he raised such a loud stink that we just let him buy all five at the sale price. I knew he was trouble."

Just get a Dynatyper

[RogueWarrior65]

When I was in high-school in the early 1980s, I had a few teachers who refused to accept term papers that came off a dot-matrix printer because as everyone should know, the quality of the content is far less important than the appearance. So, a couple of us nerds bought a nifty little gadget called a Dynatyper. http://www.computerhistory.org...
Problem solved.
But seriously, any parent that would name their kid "reality" a) has a screw loose and b) is setting the kid up to have a vastly over-inflated ego.

Re: multistep process

[blindseer]

What of a person that prints with a pattern of dots that makes the watermark unreadable? I can envision someone creating a printer driver that does exactly this and release it on the internet. The government might try to arrest the people that did this and have them put in prison but once it is out there it can't be taken back.

This watermark scheme will be defeated. Recent events put a spotlight on them and so I expect a trivial means to circumvent it to be out in about... 5... 4... 3...

Re:Retro tech?

[blindseer]

Was not this in fact a plot point in some recent spy movies? I know fiction is not fact but if some filmmakers can figure this out then others can figure it out too.

Re:Reality Winner

[reboot246]

If all of that turns out to be true, we should question her sanity. What she did borders on treason, not whistle blowing.

Actually, NSA just looked at the print queue logs

"An F.B.I. affidavit said a visible crease mark on the file, a scan of which The Intercept provided to the government while trying to authenticate it, prompted investigators to surmise it was a printout. Audit trails showed six people had printed copies, but only one — Ms. Winner — had also used a work computer to exchange emails with The Intercept. A search warrant application said she had found the report by plugging keywords into the N.S.A.’s system that fell outside her normal work duties — and had printed no other files."

Source: https://www.nytimes.com/2017/06/06/us/politics/reality-leigh-winner-leak-nsa.html

Re:Reality Winner

[dbIII]

by leaking sensitive documents to the press

Yes.
There have been a lot of denials of what her information claims to be true so she released it to citizens to deny official propaganda.
It's about putting country before King - something George Washington was keen on.

You've chosen the losing team

Actually no, it was your duty to vote and not mine. However you appear to be putting a Party ahead of your country - how Soviet of you!

Re: Reality Winner

[dbIII]

Snowden and Manning leaked during the Obama administration, so it looks like I did do the same thing instead of your projected view of what you would do.

Re:Reality Winner

[grcumb]

How can you call her a whistle blower? The value of the information to the American public was small or non-existent and it tipped off the Russian that we were on to them.

Without completely disagreeing with the first clause, I feel compelled to note that the Russians have been aware the US is on to them for some time. There's nothing in the publicly released parts of the analysis that they didn't know.

And the question of whether whistle-blowers can blow the same whistle twice is sufficiently abstruse that I feel it's safe to say that in the grander scheme of things, I don't give a flying fuck. She acted in the public interest and provided us with material that reinforced an admittedly already strong case that Russia was engaged in a concerted attempt to infiltrate American electoral systems.

She was also a whack job. These statements are not contradictory in any way.

Re: Reality Winner

[GameboyRMH]

True, but here she made a stupid decision to leak information of little to no value. Russians running an unsuccessful phishing attack against a voting machine company isn't news, that's just Tuesday. If it were successful and being covered up, that would be different.

Re:Reality Winner

[GameboyRMH]

This has nothing to do with the vulnerabilities of voting machines. This was an unsuccessful phishing attack against a company, which in terms of computer security newsworthiness ranks about the same as a port scan.

Re:yellow dots can be morphed

[GameboyRMH]

This. I think the only surefire way to take care of these dots is to either reduce resolution to the point that they're unreadable, or to seek-and-destroy them by pasting over the entire pattern area with nearby colors wherever it occurs.

Re: multistep process

[blindseer]

The dots are inserted by the printer firmware, not the driver.

I don't doubt that but the driver can insert dots too. Unless the firmware is complex enough to see these dots and know enough to not print them then the driver can insert dots that can render the firmware inserted dots unreadable.

Re: Reality Winner

[minstrelmike]

There will be absolutely no information whatsoever released to the public from her trial. We have secret courts here in America, too.

Re: Reality Winner

[Sniperca]

Well how much of a good idea would it be, to base any possible protections for whistle blowers. If, Their status for being a WB was based on how effective they are.. It needs to be encouraged to release evidence of wrong doing.. But how is everyone supposed to judge what they do, based on how many people like what they say.. "Well I found evidence that my boss if cheating on his taxes, by only a half mil a year... Do I or don't I? Will anyone other than some paperless at the irs going to care?"

Re: Reality Winner

[Sniperca]

Lol, Hey at least you are sane about it.. Some just imitate a rabid skunk. when they see a post from AC. I just finds it a little funny how people argue about discrimination. Currently about if her name is bad for her.. All the while, How many people in here flat out refuse to read anything from AC?

Re: multistep process

[RockDoctor]

What of a person that prints with a pattern of dots that makes the watermark unreadable?

Hmmm, that might just about be feasible. It'd interfere with readability, and not exactly be inconspicuous, but you could make occasional complaints about "the bloody printer is still spilling yellow toner" ... sort of workable. But ...

I can envision someone creating a printer driver that does exactly this and release it on the internet.

... not installable. Monitored computer on a secured commercial (let alone military or SpookTLA) network, you'll be prevented from installing random drivers from anywhere other than the IT department's update drive - where they vet what is available for installation pretty closely.

You can't consider any site anything like secure if the site induction doesn't include "here are your coveralls, there are the change cubicles, here is your polythene sealable bag for your personal goods ; get changed ; there are no pockets ; all your goods go into the bag, follow the instructions to seal. You'll be locking the bag into a locker in this building before we enter the secure site. Bring your ID card and fingerprints and nothing else (which is why there are no pockets). Anything less means that you actually trust the people you're using to some degree - which is a no-no in security.

Re: Reality Winner

[avandesande]

Basically you are arguing that the release of classified information is up to the person handling it. Do you believe that a government should be able to have secrecy or not? It's as simple as that.

Possession should get you fired

[sabbede]

If you work for a government agency they should be able to detect installations. Which should result in an instant termination and a thorough investigation.

Re:Reality Winner

[david_thornley]

In addition, anybody who actually decides to learn about voting machines will learn about their insecurity and why many or most of them should never be used, without Winner's input.

Re: Reality Winner

[Rakarra]

Liberals defending treason and sedition, same shit different day.

Weird, I thought it was the conservatives who liked to tell everyone that the big bad government couldn't tell us what to think, that the feds and the spooks couldn't decide what was moral and the rest of us just had to fall in line. We are all endowed by our creator with reason, and above all, we are led, but not ruled.

Would you have said the same thing if there were "leaks" left-and-right by conservatives during the Obama administration?

I was absolutely fine with Snowden, the Ur-example others have used. I've no problems with the leaks exposing the drone programs and surveillance programs.

I'd just like to see an actual trial for this stupid cunt.

You sound like an extremely disgusting person. Do you talk like that to people in Real Life? Does it get you beaten up a lot?

Ditto!

[s.petry]

The flat out denial of facts makes it pretty easy to spot the progressive/SJW/leftard/commie (all pretty interchangeable in the US at this point). Winner didn't try to use the chain of command to no avail, and leaked inconsequential information which at best could be used as "politically embarrassing" (according to even the far left media).

The only people applauding her are the same ones applauding all of the Stalinist tactics being used to smear the current President and his administration. More and more people are seeing those tactics for what they are, and see the useful idiots for who they are.