Here’s one for the folks who like spy stories. On June 5, The Intercept published a top secret National Security Agency report on election-related Russian spearphishing. Within hours, the FBI requested an arrest warrant for Reality Winner, an NSA contractor, for stealing the classified document. Security researchers explained the quick police work by the presence of almost invisible dots the laser printer had added to the document identifying the printer used and the time of printing. It has been know for many years that laser printers add these dots; the Electronic Frontier Foundation (EFF) has published information about these dots and how to decode them since 2005. So if you’re in the spy business, pay attention to technology — it can either make you or break you.
- Computer printers have been quietly embedding tracking codes in documents for decades (Quartz | Keith Collins) “When color printers were first introduced, [former Xerox researcher Peter Crean] said, governments were worried the devices would be used for all sorts of forgery, particularly counterfeiting money. An early solution came from Japan, where the yellow-dot technology, known as printer steganography, was originally developed as a security measure. Fuji, which has been in a joint-venture partnership with Xerox since 1962, was the first to implement the codes in printers. Fuji-Xerox manufactures most of Xerox’s printing and copying devices, and has done so for several decades.”
- The sketchy printer tracking feature that likely helped reveal the alleged NSA leaker (Mashable | Brett Williams) “Xerox admitted to providing the tracking dots to the Secret Service back in 2005 to combat counterfeiting — but as the EFF noted at the time, there were no laws to prevent the tracking from being used for other means. Importantly, the tracking dots are only reportedly produced by laser color printers, which are more likely to be found in office settings for professional use. Your compact inkjet unit for home print jobs won’t be tagging all your documents with ID info.”
- Why printers add secret tracking dots (BBC Future | Chris Baraniuk) “Similar kinds of steganography – secret messages hidden in plain sight – have been around for much longer. Slightly more famously, many banknotes around the world feature a peculiar five-point pattern called the Eurion constellation. In an effort to avoid counterfeiting, many photocopiers and scanners are programmed not to produce copies of the banknotes when this pattern is recognised.”
- How The Intercept outed Reality Winner (Errata Security | Robert Graham) “The situation is similar to how Vice outed the location of John McAfee, by publishing JPEG photographs of him with the EXIF GPS coordinates still hidden in the file. Or it’s how PDFs are often redacted by adding a black bar on top of image, leaving the underlying contents still in the file for people to read, such as in this NYTime accident with a Snowden document. Or how opening a Microsoft Office document, then accidentally saving it, leaves fingerprints identifying you behind, as repeatedly happened with the Wikileaks election leaks.”
Articles from Ohio Web Library:
- Secret sharers: In an age of leaks, forgeries, and internet hoaxes, archivists must guard information while keeping hackers at bay.
(American Scholar, Autumn 2011, p.39-46 | Elena S. Danielson)
- Trends in steganography. (Communications of the ACM, March 2014, p.86-95 | Elžbieta Zielińska, Wojciech Mazurczyk and Krzysztof Szczypi)
- Translation-based steganography. (Journal of Computer Security, 2009, p.269-303 | Christian Grothoff, Krista Grothoff, Ryan Stutsman, Ludmilla Alkhutova and Mikhail Atallah)