[OPLIN 4cast] OPLIN 4Cast #551: Secret messages

OPLIN Support via OPLIN4cast oplin4cast at lists.oplin.org
Wed Jul 19 10:30:08 EDT 2017


Email not displaying correctly? View it in your browser.
<http://www.oplin.org/4cast/>
[image: OPLIN 4Cast]

OPLIN 4Cast #551: Secret messages
July 19th, 2017

[image: SECRET in various sized fonts] Here’s one for the folks who like
spy stories. On June 5, *The Intercept* published a top secret National
Security Agency report on election-related Russian spearphishing. Within
hours, the FBI requested an arrest warrant for Reality Winner, an NSA
contractor, for stealing the classified document. Security researchers
explained the quick police work by the presence of almost invisible dots
the laser printer had added to the document identifying the printer used
and the time of printing. It has been know for many years that laser
printers add these dots; the Electronic Frontier Foundation (EFF) has
published information about these dots and how to decode them since 2005.
So if you’re in the spy business, pay attention to technology — it can
either make you or break you.

   -
   - Computer printers have been quietly embedding tracking codes in
   documents for decades
   <https://qz.com/1002927/computer-printers-have-been-quietly-embedding-tracking-codes-in-documents-for-decades/>
   (Quartz | Keith Collins)  “When color printers were first introduced,
   [former Xerox researcher Peter Crean] said, governments were worried the
   devices would be used for all sorts of forgery, particularly counterfeiting
   money. An early solution came from Japan, where the yellow-dot technology,
   known as printer steganography, was originally developed as a security
   measure. Fuji, which has been in a joint-venture partnership with Xerox
   since 1962, was the first to implement the codes in printers. Fuji-Xerox
   manufactures most of Xerox’s printing and copying devices, and has done so
   for several decades.”
   - The sketchy printer tracking feature that likely helped reveal the
   alleged NSA leaker
   <http://mashable.com/2017/06/06/printer-dots-nsa-leak/> (Mashable |
   Brett Williams)  “Xerox admitted to providing the tracking dots to the
   Secret Service back in 2005
   <https://www.eff.org/press/archives/2005/10/16> to combat counterfeiting
   — but as the EFF noted at the time, there were no laws to prevent the
   tracking from being used for other means. Importantly, the tracking dots
   are only reportedly produced by laser color printers, which are more likely
   to be found in office settings for professional use. Your compact inkjet
   unit for home print jobs won’t be tagging all your documents with ID info.”
   - Why printers add secret tracking dots
   <http://www.bbc.com/future/story/20170607-why-printers-add-secret-tracking-dots>
   (BBC Future | Chris Baraniuk)  “Similar kinds of steganography – secret
   messages hidden in plain sight – have been around for much longer. Slightly
   more famously, many banknotes around the world feature a peculiar
   five-point pattern called the Eurion constellation
   <http://www.bbc.com/future/story/20150624-the-secret-codes-of-british-banknotes>.
   In an effort to avoid counterfeiting, many photocopiers and scanners are
   programmed not to produce copies of the banknotes when this pattern is
   recognised.”
   - How The Intercept outed Reality Winner
   <http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html>
   (Errata Security | Robert Graham)  “The situation is similar to how Vice
   outed the location of John McAfee
   <https://www.wired.com/2012/12/how-vice-got-john-mcafee-caught/>, by
   publishing JPEG photographs of him with the EXIF GPS coordinates still
   hidden in the file. Or it’s how PDFs are often redacted by adding a black
   bar on top of image, leaving the underlying contents still in the file for
   people to read, such as in this NYTime accident with a Snowden document
   <https://www.techdirt.com/articles/20140128/08542126021/new-york-times-suffers-redaction-failure-exposes-name-nsa-agent-targeted-network-uploaded-pdf.shtml>.
   Or how opening a Microsoft Office document, then accidentally saving it,
   leaves fingerprints identifying you behind, as repeatedly happened with
   the Wikileaks election leaks
   <https://arstechnica.com/security/2016/06/guccifer-leak-of-dnc-trump-research-has-a-russians-fingerprints-on-it/>
   .”

*Articles from Ohio Web Library <http://ohioweblibrary.org>:*

   - Secret sharers: In an age of leaks, forgeries, and internet hoaxes,
   archivists must guard information while keeping hackers at bay.
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=lfh&AN=65398240>
   (*American Scholar*, Autumn 2011, p.39-46 | Elena S. Danielson)
   - Trends in steganography.
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=buh&AN=94803632>
   (*Communications of the ACM*, March 2014, p.86-95 | Elžbieta Zielińska,
   Wojciech Mazurczyk and Krzysztof Szczypi)
   - Translation-based steganography.
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=f5h&AN=37591898>
   (*Journal of Computer Security*, 2009, p.269-303 | Christian Grothoff,
   Krista Grothoff, Ryan Stutsman, Ludmilla Alkhutova and Mikhail Atallah)

------------------------------
The *OPLIN 4cast* is a weekly compilation of recent headlines, topics, and
trends that could impact public libraries. You can subscribe to it in a
variety of ways, such as:

   - *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
   subscribing to the following URL: http://www.oplin.org/4cast/
   index.php/?feed=rss2.
   - *Live Bookmark.* If you're using the Firefox web browser, you can go
   to the 4cast website (http://www.oplin.org/4cast/) and click on the
   orange "radio wave" icon on the right side of the address bar. In Internet
   Explorer 7, click on the same icon to view or subscribe to the 4cast RSS
   feed.
   - *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
   OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
   http://lists.oplin.org/mailman/listinfo/OPLIN4cast
   <http://lists.oplin.org/mailman/listinfo/OPLIN4cast>.

© 2016 Ohio Public Library Information Network
[image: Find us on Slideshare] <http://www.slideshare.net/oplin>  [image:
Find us on Facebook] <http://www.facebook.com/oplin.org>  [image: Find us
on Google+] <https://plus.google.com/107751358238995507967>  [image: Find
us on Twitter] <http://www.twitter.com/oplin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20170719/a66ac575/attachment.html>


More information about the OPLIN4cast mailing list