[OPLIN 4cast] OPLIN 4Cast #551: Secret messages
OPLIN Support via OPLIN4cast
oplin4cast at lists.oplin.org
Wed Jul 19 10:30:08 EDT 2017
Email not displaying correctly? View it in your browser.
<http://www.oplin.org/4cast/>
[image: OPLIN 4Cast]
OPLIN 4Cast #551: Secret messages
July 19th, 2017
[image: SECRET in various sized fonts] Here’s one for the folks who like
spy stories. On June 5, *The Intercept* published a top secret National
Security Agency report on election-related Russian spearphishing. Within
hours, the FBI requested an arrest warrant for Reality Winner, an NSA
contractor, for stealing the classified document. Security researchers
explained the quick police work by the presence of almost invisible dots
the laser printer had added to the document identifying the printer used
and the time of printing. It has been know for many years that laser
printers add these dots; the Electronic Frontier Foundation (EFF) has
published information about these dots and how to decode them since 2005.
So if you’re in the spy business, pay attention to technology — it can
either make you or break you.
-
- Computer printers have been quietly embedding tracking codes in
documents for decades
<https://qz.com/1002927/computer-printers-have-been-quietly-embedding-tracking-codes-in-documents-for-decades/>
(Quartz | Keith Collins) “When color printers were first introduced,
[former Xerox researcher Peter Crean] said, governments were worried the
devices would be used for all sorts of forgery, particularly counterfeiting
money. An early solution came from Japan, where the yellow-dot technology,
known as printer steganography, was originally developed as a security
measure. Fuji, which has been in a joint-venture partnership with Xerox
since 1962, was the first to implement the codes in printers. Fuji-Xerox
manufactures most of Xerox’s printing and copying devices, and has done so
for several decades.”
- The sketchy printer tracking feature that likely helped reveal the
alleged NSA leaker
<http://mashable.com/2017/06/06/printer-dots-nsa-leak/> (Mashable |
Brett Williams) “Xerox admitted to providing the tracking dots to the
Secret Service back in 2005
<https://www.eff.org/press/archives/2005/10/16> to combat counterfeiting
— but as the EFF noted at the time, there were no laws to prevent the
tracking from being used for other means. Importantly, the tracking dots
are only reportedly produced by laser color printers, which are more likely
to be found in office settings for professional use. Your compact inkjet
unit for home print jobs won’t be tagging all your documents with ID info.”
- Why printers add secret tracking dots
<http://www.bbc.com/future/story/20170607-why-printers-add-secret-tracking-dots>
(BBC Future | Chris Baraniuk) “Similar kinds of steganography – secret
messages hidden in plain sight – have been around for much longer. Slightly
more famously, many banknotes around the world feature a peculiar
five-point pattern called the Eurion constellation
<http://www.bbc.com/future/story/20150624-the-secret-codes-of-british-banknotes>.
In an effort to avoid counterfeiting, many photocopiers and scanners are
programmed not to produce copies of the banknotes when this pattern is
recognised.”
- How The Intercept outed Reality Winner
<http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html>
(Errata Security | Robert Graham) “The situation is similar to how Vice
outed the location of John McAfee
<https://www.wired.com/2012/12/how-vice-got-john-mcafee-caught/>, by
publishing JPEG photographs of him with the EXIF GPS coordinates still
hidden in the file. Or it’s how PDFs are often redacted by adding a black
bar on top of image, leaving the underlying contents still in the file for
people to read, such as in this NYTime accident with a Snowden document
<https://www.techdirt.com/articles/20140128/08542126021/new-york-times-suffers-redaction-failure-exposes-name-nsa-agent-targeted-network-uploaded-pdf.shtml>.
Or how opening a Microsoft Office document, then accidentally saving it,
leaves fingerprints identifying you behind, as repeatedly happened with
the Wikileaks election leaks
<https://arstechnica.com/security/2016/06/guccifer-leak-of-dnc-trump-research-has-a-russians-fingerprints-on-it/>
.”
*Articles from Ohio Web Library <http://ohioweblibrary.org>:*
- Secret sharers: In an age of leaks, forgeries, and internet hoaxes,
archivists must guard information while keeping hackers at bay.
<http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=lfh&AN=65398240>
(*American Scholar*, Autumn 2011, p.39-46 | Elena S. Danielson)
- Trends in steganography.
<http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=buh&AN=94803632>
(*Communications of the ACM*, March 2014, p.86-95 | Elžbieta Zielińska,
Wojciech Mazurczyk and Krzysztof Szczypi)
- Translation-based steganography.
<http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=f5h&AN=37591898>
(*Journal of Computer Security*, 2009, p.269-303 | Christian Grothoff,
Krista Grothoff, Ryan Stutsman, Ludmilla Alkhutova and Mikhail Atallah)
------------------------------
The *OPLIN 4cast* is a weekly compilation of recent headlines, topics, and
trends that could impact public libraries. You can subscribe to it in a
variety of ways, such as:
- *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
subscribing to the following URL: http://www.oplin.org/4cast/
index.php/?feed=rss2.
- *Live Bookmark.* If you're using the Firefox web browser, you can go
to the 4cast website (http://www.oplin.org/4cast/) and click on the
orange "radio wave" icon on the right side of the address bar. In Internet
Explorer 7, click on the same icon to view or subscribe to the 4cast RSS
feed.
- *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
http://lists.oplin.org/mailman/listinfo/OPLIN4cast
<http://lists.oplin.org/mailman/listinfo/OPLIN4cast>.
© 2016 Ohio Public Library Information Network
[image: Find us on Slideshare] <http://www.slideshare.net/oplin> [image:
Find us on Facebook] <http://www.facebook.com/oplin.org> [image: Find us
on Google+] <https://plus.google.com/107751358238995507967> [image: Find
us on Twitter] <http://www.twitter.com/oplin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20170719/a66ac575/attachment.html>
More information about the OPLIN4cast
mailing list