Stay intimated with the recent happenings and occurrences all over the world...your satisfaction is our priority.

Tuesday, 6 June 2017

Reality Winner was outed by invisible dot patterns added by printers

There's been much speculation on exactly how NSA leaker Reality Winner was exposed after giving The Intercept documents that showed the extent to which the security agency suspects Russian meddling (previously) in last year's general election. On one hand, the filing against her talks of the "creases" seen in the scans The Intercept posted, tipping them off to it being a workplace printout from an insider--an insinuation of casual sloppiness on the reporters' part. On the other hand, it seemed clear Winner did everything at a work computer anyway and was surely doomed once the story came out and internal investigations began.

The truth is all of the above, but with a cherry on top: the printouts contained invisible dot patterns added by the printer to identify the worker who sent the print job. All surviving photocopying, scanning and PDF compression to be published, plain as day, on the world-wide web. Errata Security explains how, in detail.

The document leaked by the Intercept was from a printer with model number 54, serial number 29535218. The document was printed on May 9, 2017 at 6:20. The NSA almost certainly has a record of who used the printer at that time.

The situation is similar to how Vice outed the location of John McAfee, by publishing JPEG photographs of him with the EXIF GPS coordinates still hidden in the file. Or it's how PDFs are often redacted by adding a black bar on top of image, leaving the underlying contents still in the file for people to read, such as in this NYTime accident with a Snowden document. Or how opening a Microsoft Office document, then accidentally saving it, leaves fingerprints identifying you behind, as repeatedly happened with the Wikileaks election leaks. These sorts of failures are common with leaks. To fix this yellow-dot problem, use a black-and-white printer, black-and-white scanner, or convert to black-and-white with an image editor.

It seems to me that media simply should not public replicas of the documents they are sent, even at the cost of foregoing the credibility it establishes. You just never know what might be quietly revealed (or surreptitiously encoded), even in a crop or excerpt.

It's not even an NSA thing: most new printers add these dots to every job.. The EFF has a list of printers that identify you, but it looks rather out of date.

Share:

Popular Posts

Powered by Blogger.