Slashdot Mirror
Researcher Wants To Protect Whistleblowers Against Hidden Printer Dots (bleepingcomputer.com)
An anonymous reader writes: "Gabor Szathmari, a security researcher for CryptoAUSTRALIA, is working on a method of improving the security of leaked documents by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers," reports Bleeping Computer. "Szathmari's work was inspired by the case of a 25-year-old woman, Reality Leigh Winner, who was recently charged with leaking top-secret NSA documents to a news outlet." According to several researchers, Winner might have been caught after The Intercept had shared some of the leaked documents with the NSA. These documents had the invisible markings left behind by laser printers, which included the printer's serial number and the date and time when the document was printed. This allowed the NSA to track down Winner and arrest her even before she was able to publish the leaked documents. Now, Szatmari has submitted a pull request to the PDF Redact Tools, a project for securely redacting and stripping metadata from documents before publishing. Szathmari's pull request adds a code routine to the PDF Redact Tools project that would allow app operators to convert documents to black and white before publishing. "The black and white conversion will convert colors like the faded yellow dots to white," Szathmari said in an interview. Ironically, the project is managed by First Look Media, the parent company behind The Intercept news outlet.
Long before laser printers, investigators were tying people to typewriters based on unique per-unit imperfections and wear patterns. You can do something similar based on drum and toner distribution variances even on a monochrome non-watermarked printer.
Granted, the judas dots also report the date and time, which helps nail a culprit on a shared resource, but the safest thing to do would be to OCR the printed documents rather than photocopy them.
by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers,
This is incorrect. The purpose of the dots and why they are limited to color printouts is because they are intended to be used to identify currency counterfeiters.
wiki
During the 1990s Xerox and other companies sought to reassure governments that their printers would not be used for forgery.
Anons need not reply. Questions end with a question mark.
Every agency office should install a special "whistleblowers only" printer in a prominent location near the office entrance.
No, it doesn't allow it to be "traced back" because there is no registry of analog copiers. Color laser printers are special because you need no other detective work for finding the printer: the yellow dots are designed to make that identification trivial.
For other printing technologies (inkjet, black and white printers, etc.), you can only prove that a document came from a particular printer once you have "traced it back" via some other means.
Yes, she'd prefer the USA to be run along the values of George Washington and not a Tsar - definitely political but what exactly is wrong with that?
It's not just R vs D here. It's gone international. Do you really want to back a side other than the home team?
There is kind of a conundrum here.
The best way to prove authenticity is to reveal as much metadata as possible. This is also how you get caught.
In fact getting caught is a great proof of authenticity. And we now know that all documents with the same printer dots as the ones that got the guy caught are likely to be authentic.