Tracing Paper (2020)

Tracing Paper (2020)(logicmag.io)

272 points by reimbar 5 years ago | 101 comments

boogies 5 years ago |

> The DEDA toolkit allows anyone to anonymize documents by removing the tracking dots at the software level

Sounds like the tracking tech is implemented in the proprietary drivers. If only the free software movement had filled its original purpose (freeing printer drivers¹) for more models…

¹https://www.fsf.org/blogs/community/201cthe-printer-story201...

Edit: looks like it may be in the firmware on the printer itself, not drivers on computers, as h-node warns of tracking even on printers with full compatibility with blobless, FSF-endorsed distros eg. Trisquel GNU/Linux-libre: https://h-node.org/printers/view/en/2215/HP-DeskJet-2700-ser...

rtkwe 5 years ago | |

DEDA is for anonymizing post scanning as far as I can tell, so it still relies on whoever you're providing the documents to knowing they need to do it.

pabs3 5 years ago | | |

Apparently DEDA has some downsides, and pdf-redact-tools/dangerzone are better options:

https://lists.inventati.org/message/20200308.154747.1b4d1245... https://github.com/firstlookmedia/pdf-redact-tools https://github.com/firstlookmedia/dangerzone

grishka 5 years ago | |

> looks like it may be in the firmware on the printer itself

One thing that has me baffled is why there's so much speculation and black-box approach when it should definitely be possible to reverse engineer those firmwares to directly get definite answers to all possible questions. Why does no one seem to even consider dumping the firmware from a printer and reverse-engineering it?

bearbin 5 years ago |

Wholly aside from the privacy and control implications of this antifeature, these dots are actually a significant impediment to the normal use of my laser printer. Sure, they aren't visible when printing on to white paper in a single pass, but when printing on transparency or coloured paper they are very visible, and especially so when running multiple passes (for composition of images without a computer).

They also affect me when I use the printer for producing PCBs using the toner transfer method - the dots act as an etch resist and impose an uncorrectable noise of copper dots on to an otherwise excellent result.

angry_octet 5 years ago | |

For multipass composition, could you put a colour cartridge in the Black toner slot? You may have to swap the little page count spy chip from one to the other.

spicybright 5 years ago |

EFF got my donation for their resource on yellow dot identification on printed documents. Got a cool shirt out of it too.

https://www.eff.org/pages/list-printers-which-do-or-do-not-d...

spoonjim 5 years ago |

There was no need to use the yellow tracking dots to track Reality Winner... the NSA would certainly have the ability to audit anything printed in their facility and know exactly what was printed on any given day.

mike_d 5 years ago | |

This is correct. People are making the mental leap because they know this technique exists and they want it to be something cool.

The reality is even in corporate environments print servers for sensitive areas will retain audit logs and/or copies of documents sent to the print spool. Even if that completely fails, you can do a forensic recovery on the hard drive inside the printer where all documents are buffered.

not2b 5 years ago | |

The tracking dots certainly made things much faster for the NSA: they could immediately locate the printer and the date, without the need to audit the huge number of printers and employees they have. You say "on any given day" but they wouldn't know the day, only a rather large possible range of days.

angry_octet 5 years ago | | |

I doubt that more than a dozen people printed that document. It was a TS/SCI doc IIRC, so all of those printers are in SCIFs with rigorous access control, so it's not like someone grabbed it off the printer -- you have to release the job from the printer console anyway.

oh_sigh 5 years ago | | |

How exactly would auditing all prints even work, assuming they were even logged? Wouldn't the auditor need to have security clearances to see what pretty much everyone in the NSA is working on, which goes against need-to-know principles? Or I guess an auditor needs to know these things to do their job...

Aeolun 5 years ago | |

Hmm, that would only work if they knew exactly which documents were used to inform the press.

throwanem 5 years ago | | |

Which they did, because the Intercept gave them copies with the authentication request. That's how they had the yellow dots.

thewakalix 5 years ago | |

Who said she printed it at work?

Wolfenstein98k 5 years ago |

Welp, that gives a second (and much less cynical) reason for why you can't print in pure black n' white without colour being topped up.

hguant 5 years ago | |

I think that "because the corporations that make printers have a secret agreement with intelligence agencies to track printed papers, going back decades and based ultimately on coercive threats outside the rule of law" is a more cynical truth than "because the companies that make printers want to sell you more ink."

nerdponx 5 years ago | | |

Why not both?

tyingq 5 years ago | |

Heh. I have a b/w Brother Laser that cannot do color. I guess it would have to use the trickier methods described at the end of the post.

not2b 5 years ago | | |

As I understand it, the original rationale for the tracking dots was the fear of counterfeiting, which may be less of an issue with black and white laser printers. That doesn't mean that I can say with any consequence that your printer doesn't have any tracking mechanism, but it might not.

read_if_gay_ 5 years ago | |

Less cynical?

afrodc_ 5 years ago | | |

I'm assuming the more prevalent cynical belief is that it's a money grab to sell more ink

Jedd 5 years ago | |

Technically you're not printing in 'black n white', only black, hence monochromatic printer.

The white is, of course, the areas on the paper that you're not printing, assuming you're feeding in white paper.

dylan604 5 years ago |

"It's been posited by researchers that tiny discrepancies in the spacing between words or even the kerning of letters could be used to encode information."

I know some DTP types that this technique would drive them crazy. They spend so much time adjusting the leading/kerning to get the text appear in the layout they way they want. Having that thrown out the window by the printer would absolutely drive them insane. For science, I want to try this out now. It would be awesome to do it as an April Fools joke.

erdos4d 5 years ago |

I knew about this aspect of printers more than a decade ago, before I ever got into tech, so I'm 100% sure it was/is semi-widely known. It's really sad that the Intercept and other news orgs are so technically oblivious that they would screw their source like this.

leephillips 5 years ago | |

Is was very widely and publicly known. I usually hesitate to say things like this, but the conclusion is unavoidable: either the whistleblower and the people working at the Intercept are colossal idiots, or the whole narrative is fake.

wly_cdgr 5 years ago | | |

Or the Intercept is a whistleblower honeypot

rodgerd 5 years ago |

Interestingly enough, back in the early nineties, when I was working in a print bureau, the vendors would warn us how traceably colour copiers/printers of the era were, so it seems like an example of an "open secret".

pacaro 5 years ago | |

Same. When the company I worked at in the mid-nineties got our first color copier, the sales rep told us explicitly about the yellow dots, including how to use the zoom and contrast features to see them (i.e copy a copy on the highest level of zoom). They just didn't want us copying banknotes, which was, of course, the first thing we did.

s1mon 5 years ago |

Somehow when I last read about this technology I had thought it was only triggered when copying or printing counterfeit currency, but really the history is that it was the fear of counterfeiting which helped the US government get printer manufacturers to add this tracking info to most color laster printers. Ugh. Good to know... https://www.snopes.com/fact-check/household-printers-trackin...

tartoran 5 years ago |

Similar type of thing was used to trace typewriters behind the iron curtain before the communism collapsed. All owners of typewriters had to register their typewriters with the police and they all had peculiarities that would trace back to each typewriter. They'd load a page and type all the characters and that was it. I guess it had more of an psychological impact as the matching would be quite difficult. I guess they were afraid of independent people writing manifests or disseminating information.

Illegal information was circulating somewhat freely though, maybe not very sensitive stuff (people were self censoring very political stuff as they were afraid of repercussions from authorities), but lots of things from the west were circulating: magazines, books, videotapes and so on.

Growing up there it was drilled in us that counterfeit money is an extremely grave offense and it is punishable severely, and the same story with drugs. I was surprised to find out that counterfeit money was circulating in the states and when I received such a bill I asked a police officer what am I supposed to do with that. He told me to just keep it:) He said I shouldn't bother to report it as nobody would really care about it.

leephillips 5 years ago | |

I guess attitudes toward this crime have changed.

https://www.nytimes.com/2020/05/31/us/george-floyd-investiga...

nerdponx 5 years ago | |

It's still very very illegal to produce counterfeit money. Individuals typically aren't prosecuted for having it because they might have received it thinking it was legitimate.

callumprentice 5 years ago |

I printed a page of text and then scanned it back in. I spent quite some time messing around with the resulting image and couldn't see any dots. My printer is an almost new, Canon color laser so I would've expected it to be spying on me.

Is there some software or a web site that will scan an image and decode the dots?

xkeysc0re 5 years ago | |

Hey, author of TFA here. Try inverting the color and upping the blue, you might see the patterns. Here's a scan I did from a magazine https://i.imgur.com/x1TXa30.png

It's also possible they are using a different technique. As I mentioned towards the end of the article, the dots have been around for a while and some vendors are apparently looking into other methods

rkagerer 5 years ago | | |

On what grounds do they argue we still need this? I thought money generally has enough safeguards these days that consumer color printers are no longer a threat.

callumprentice 5 years ago | | |

Thank you so much. I’ll give this a try when I get home. Much appreciated.

formerly_proven 5 years ago |

On some older PS/PECL laser printers the firmware lived in a small DIMM-like board (for upgrades) with a mask ROM on it. Pretty much all of these are PowerPC (some might have mips). There's probably not much in the way of low-level security there. Just saying.

teagee 5 years ago |

This must result in a non-trivial amount of ink/toner used in the name of security

annoyingnoob 5 years ago | |

The last HP Inkjet that I had would go through the Yellow cartridge faster than black, even when printing only Black and White. Which is how I discovered these fun little dots.

xiii1408 5 years ago | |

They didn't go into too much detail about how the dots are actually printed (what type of ink, how heavy, etc.), but they imply in the article that at least some tracking dots require a UV light to detect.

I'd be curious to know how the dots actually get printed.

xkeysc0re 5 years ago | | |

Hi, author here! The dots themselves aren't printed with UV ink it's just that the UV light makes it easier to see them due to the yellow ink used.

There were images I sent the magazine of the dots from some magazines I scanned, but they didn't run them. If you scan a page and invert it, the patterns are more legible https://i.imgur.com/x1TXa30.png

redisman 5 years ago | | |

Error: Secret UV ink is empty. Please contact NSA for a new cartridge.

joshspankit 5 years ago | | |

Interesting protip: fluorescent compounds are added to all sorts of things: mouthwash bottles, toothpaste, white paper, laundry detergent, and the “bright” colours of printer ink.

z77dj3kl 5 years ago | | |

I'm not sure if normal scanners detect UV light, but that would break a good chunk of their tracking purpose these days if they were not detectable in scans.

imglorp 5 years ago | | |

And how do they get printed on a monochrome printer like a laser?

runemadsen 5 years ago |

Logic Magazine is a lovely magazine and I highly recommend everyone to subscribe!

throwawaysea 5 years ago | |

My experience with Logic has been negative. I started purchasing issues after reading one promising excerpt at a bookstore. However the overt biases of what topics they select to cover/how they cover them, the frequent reliance on vague anonymous sources of dubious quality, clear political biases, and low signal to noise ratio led to me stopping after a few issues. Admittedly this particular article isn’t one I took issue with, but my sentiment about the magazine overall still holds.

ohazi 5 years ago |

Are there any open-source printer reverse-engineering + firmware projects that look promising?

jimbob45 5 years ago |

So I guess if you wanted to print something untraceably, the solution might be to print your message out on newspaper from a non-local city?

hguant 5 years ago | |

Type writer, mimeograph, stencils - if you're just doing text or intend for large distribution.

Buy a cheap printer with cash, from a location several hundred kilometers from you.

Go to a non-local Staples, FedEx, Kinkos with a USB stick, pay with cash for copies/printing. Better yet, pay someone else to do it for you.

rodgerd 5 years ago | |

A throwaway printer is probably your best practical option.

Other than that, using a vintage dot-matrix printer with a low enough resolution (e.g. a 9-pin head) that it's unlikely to have either the smarts or the resolution needed to make this work.

Of course, this just means that if you are conspicuously buying a curated collection of vintage printers, you're providing another type of evidence.

emehrkay 5 years ago | | |

Imagine The Wire episode when Presbo tells McNulty, Daniels, and Lester that the C-level execs were printing out their instructions on burner printers

bobbylarrybobby 5 years ago | |

Maybe you could 3D print a plate containing the document you want to print, raised and mirrored (like a printing press, but without movable type), and then ink the plate and press it onto a blank piece of paper.

sigkill 5 years ago | | |

I mean, at this point, might as well just 3d print a moveable type...

xiii1408 5 years ago | |

EFF seems to think that all modern laser printers have some form of tracking dots, whether or not they've actually been able to detect them [1].

They don't say anything about inkjet, though. Unclear if this is because of a fundamental limitation of inkjet printers, lack of interest, or just because inkjet printers kind of suck compared to laser. :P

[1] https://www.eff.org/pages/list-printers-which-do-or-do-not-d...

peddling-brink 5 years ago | |

Or a non-fancy laser printer?

Anunayj 5 years ago | |

Also i'd like to mention https://github.com/dfd-tud/deda

Giorgi 5 years ago |

So, if I am getting it correctly - this is only for color printing right? Why would they implement it on software level, would not hardware be easier and harder to remove?

Anunayj 5 years ago | |

and harder to implement with next to no benefits, a person aware of existence of such tracking dots will try to circumvent/reverse engineer it. https://github.com/dfd-tud/deda

beckingz 5 years ago |

Using ink without consent is a violation of our 4th amendment rights.

idownvoted 5 years ago |

Whether it is the Blockchain, Tor or other privacy guards that wane us in anonimity - we, especially us techies, often underestimate typical chokeholds which a government can easily control (eg your ISP, your cell phone tower, your cell phone maker, payment provider, ...), because it usually does and government agents usually don't make a fuzz about it because it's a valuable trap.

Without the fuzz over enough time passed we, even NSA experts, seem to forget about those traps.

The moral of the story for us techies: Don't wane people in anonimity if they use X or do Y. There will be a percentage of people who do things, they wouldn't have done without that info, and some of said percentage will be blackmailable (think miners having "inciminating pictures" on their machines because they were stored on the blockchain once).

Worse than a privacy infringing government are blackmailable citizens (One could argue the former causes the latter, I argue the latter steers the former into worse).

angry_octet 5 years ago | |

She was a linguist, not a techie.

The handling at The Intercept was amateur journalism at best, and at worst a cynical ploy (incriminate their source, hence confirmation, generate a media storm and clicks). They ignored fundamental techniques to protect sources: retyping documents without formatting, spell checking them, sharing only small snippets of text, in person instead of allowing retention, confirming via an external expert.

Of course, even without the printout they would have got her, she had terrible OPSEC.

Simulacra 5 years ago |

That's how they got the spy Reality Winner.

pjc50 5 years ago | |

Odd how HN is often favourable to Greenwald and Assange but not to Winner, who seems to have no fanbase. She doesn't appear to be a spy but a straightforward leaker?

broahmed 5 years ago | |

Don't know if you noticed, but it's mentioned in the first paragraph of the article :)

tralarpa 5 years ago | |

For whom was she spying?

thesimon 5 years ago | | |

The NSA.

some_random 5 years ago |

I really don't see what the big deal is. We live in an age of intense, personal, for-profit surveillance, why should I care about printer watermarks?

tyingq 5 years ago | |

The example of reporters unintentionally exposing sources is a pretty good reason to publicize that it exists.

hguant 5 years ago | | |

It's really just incredibly shitty op-sec from The Intercept, which should have known better. This isn't really a novel technique.

some_random 5 years ago | | |

It's something that people who deal with highly sensitive information and sources should know, absolutely. But it's still not a big deal for anyone who's not going up against a well resourced government.

avdlinde 5 years ago | |

You personally might not, but the article gives plenty reasons why some might.

some_random 5 years ago | | |

Well I have no plans to print counterfeit cash or tickets, commit treason, or raid an FBI field office so I think I'm good.

tehjoker 5 years ago | |

Imagine distributing political literature or posting things around town. Why should the government get to know who is doing that?

Of course, document control for government and corporations is probably the bigger reason they do it.

some_random 5 years ago | | |

We don't know what all the data is, but it at least used to be Date-Time-Serial. For governments and corporations with asset controls that record the serial of devices sent around, this is actually useful and can be used to sniff out moles like in the example. For individuals, you either need a massive amount of background data like purchase history (which is what you all should actually care about instead of these stupid dots), or you need to physically raid the place and get the serial off the printer.

And anyways in your example, there are far easier ways for the government to figure out that stuff that doesn't involve chasing down printers.