> The DEDA toolkit allows anyone to anonymize documents by removing the tracking dots at the software level
Sounds like the tracking tech is implemented in the proprietary drivers. If only the free software movement had filled its original purpose (freeing printer drivers¹) for more models…
Edit: looks like it may be in the firmware on the printer itself, not drivers on computers, as h-node warns of tracking even on printers with full compatibility with blobless, FSF-endorsed distros eg. Trisquel GNU/Linux-libre: https://h-node.org/printers/view/en/2215/HP-DeskJet-2700-ser...
DEDA is for anonymizing post scanning as far as I can tell, so it still relies on whoever you're providing the documents to knowing they need to do it.
> looks like it may be in the firmware on the printer itself
One thing that has me baffled is why there's so much speculation and black-box approach when it should definitely be possible to reverse engineer those firmwares to directly get definite answers to all possible questions. Why does no one seem to even consider dumping the firmware from a printer and reverse-engineering it?
Wholly aside from the privacy and control implications of this antifeature, these dots are actually a significant impediment to the normal use of my laser printer. Sure, they aren't visible when printing on to white paper in a single pass, but when printing on transparency or coloured paper they are very visible, and especially so when running multiple passes (for composition of images without a computer).
They also affect me when I use the printer for producing PCBs using the toner transfer method - the dots act as an etch resist and impose an uncorrectable noise of copper dots on to an otherwise excellent result.
For multipass composition, could you put a colour cartridge in the Black toner slot? You may have to swap the little page count spy chip from one to the other.
There was no need to use the yellow tracking dots to track Reality Winner... the NSA would certainly have the ability to audit anything printed in their facility and know exactly what was printed on any given day.
This is correct. People are making the mental leap because they know this technique exists and they want it to be something cool.
The reality is even in corporate environments print servers for sensitive areas will retain audit logs and/or copies of documents sent to the print spool. Even if that completely fails, you can do a forensic recovery on the hard drive inside the printer where all documents are buffered.
The tracking dots certainly made things much faster for the NSA: they could immediately locate the printer and the date, without the need to audit the huge number of printers and employees they have. You say "on any given day" but they wouldn't know the day, only a rather large possible range of days.
I doubt that more than a dozen people printed that document. It was a TS/SCI doc IIRC, so all of those printers are in SCIFs with rigorous access control, so it's not like someone grabbed it off the printer -- you have to release the job from the printer console anyway.
How exactly would auditing all prints even work, assuming they were even logged? Wouldn't the auditor need to have security clearances to see what pretty much everyone in the NSA is working on, which goes against need-to-know principles? Or I guess an auditor needs to know these things to do their job...
> Maybe she thought physical paper would be safer from digital surveillance than an email. So she printed the documents at her office [my emphasis] and then mailed them
You can't just plug in a USB key a copy it off. If she'd been randomly searched when leaving, then accidentally removing a printout (with a bunch of other doc's) would earn a breach and possibly loss of access, but it isn't as incriminating as a USB or camera.
I think that "because the corporations that make printers have a secret agreement with intelligence agencies to track printed papers, going back decades and based ultimately on coercive threats outside the rule of law" is a more cynical truth than "because the companies that make printers want to sell you more ink."
As I understand it, the original rationale for the tracking dots was the fear of counterfeiting, which may be less of an issue with black and white laser printers. That doesn't mean that I can say with any consequence that your printer doesn't have any tracking mechanism, but it might not.
Concern about counterfeiting just served as a usefully palatable justification for introducing the tracking technologies. After that, it's easy. All you have to do is let some small to medium counterfeiters continue to operate so the justification continues to look reasonable. Heck you can even do your more or less best to try to catch them all, since you can be confident you won't ever completely succeed
The worst damage crime does isn't direct. The real damage is the PR cover it provides for government repression
"It's been posited by researchers that tiny discrepancies in the spacing between words or even the kerning of letters could be used to encode information."
I know some DTP types that this technique would drive them crazy. They spend so much time adjusting the leading/kerning to get the text appear in the layout they way they want. Having that thrown out the window by the printer would absolutely drive them insane. For science, I want to try this out now. It would be awesome to do it as an April Fools joke.
I knew about this aspect of printers more than a decade ago, before I ever got into tech, so I'm 100% sure it was/is semi-widely known. It's really sad that the Intercept and other news orgs are so technically oblivious that they would screw their source like this.
Is was very widely and publicly known. I usually hesitate to say things like this, but the conclusion is unavoidable: either the whistleblower and the people working at the Intercept are colossal idiots, or the whole narrative is fake.
Interestingly enough, back in the early nineties, when I was working in a print bureau, the vendors would warn us how traceably colour copiers/printers of the era were, so it seems like an example of an "open secret".
Same. When the company I worked at in the mid-nineties got our first color copier, the sales rep told us explicitly about the yellow dots, including how to use the zoom and contrast features to see them (i.e copy a copy on the highest level of zoom). They just didn't want us copying banknotes, which was, of course, the first thing we did.
Somehow when I last read about this technology I had thought it was only triggered when copying or printing counterfeit currency, but really the history is that it was the fear of counterfeiting which helped the US government get printer manufacturers to add this tracking info to most color laster printers. Ugh. Good to know...
https://www.snopes.com/fact-check/household-printers-trackin...
Similar type of thing was used to trace typewriters behind the iron curtain before the communism collapsed. All owners of typewriters had to register their typewriters with the police and they all had peculiarities that would trace back to each typewriter. They'd load a page and type all the characters and that was it. I guess it had more of an psychological impact as the matching would be quite difficult. I guess they were afraid of independent people writing manifests or disseminating information.
Illegal information was circulating somewhat freely though, maybe not very sensitive stuff (people were self censoring very political stuff as they were afraid of repercussions from authorities), but lots of things from the west were circulating: magazines, books, videotapes and so on.
Growing up there it was drilled in us that counterfeit money is an extremely grave offense and it is punishable severely, and the same story with drugs. I was surprised to find out that counterfeit money was circulating in the states and when I received such a bill I asked a police officer what am I supposed to do with that. He told me to just keep it:) He said I shouldn't bother to report it as nobody would really care about it.
It's still very very illegal to produce counterfeit money. Individuals typically aren't prosecuted for having it because they might have received it thinking it was legitimate.
I printed a page of text and then scanned it back in. I spent quite some time messing around with the resulting image and couldn't see any dots. My printer is an almost new, Canon color laser so I would've expected it to be spying on me.
Is there some software or a web site that will scan an image and decode the dots?
Hey, author of TFA here. Try inverting the color and upping the blue, you might see the patterns. Here's a scan I did from a magazine https://i.imgur.com/x1TXa30.png
It's also possible they are using a different technique. As I mentioned towards the end of the article, the dots have been around for a while and some vendors are apparently looking into other methods
On what grounds do they argue we still need this? I thought money generally has enough safeguards these days that consumer color printers are no longer a threat.
I am not a printer company executive nor an employee of a federal agency (I swear!), so I couldn't tell you precisely the logic behind it. My venture is that while it's true there are lots of physical safeguards to prevent the spread of counterfeits, these dots and other stenographic techniques can be used in investigations to trace the source. If you know what printer was used and what serial it has, you could theoretically track it through the vendor's supply chains.
I also believe that international trade agreements and banking regulations, such as the Japanese measures mentioned in the article, require dots and similar methods even if they have perhaps technically been superseded.
On some older PS/PECL laser printers the firmware lived in a small DIMM-like board (for upgrades) with a mask ROM on it. Pretty much all of these are PowerPC (some might have mips). There's probably not much in the way of low-level security there. Just saying.
The last HP Inkjet that I had would go through the Yellow cartridge faster than black, even when printing only Black and White. Which is how I discovered these fun little dots.
They didn't go into too much detail about how the dots are actually printed (what type of ink, how heavy, etc.), but they imply in the article that at least some tracking dots require a UV light to detect.
I'd be curious to know how the dots actually get printed.
Hi, author here! The dots themselves aren't printed with UV ink it's just that the UV light makes it easier to see them due to the yellow ink used.
There were images I sent the magazine of the dots from some magazines I scanned, but they didn't run them. If you scan a page and invert it, the patterns are more legible https://i.imgur.com/x1TXa30.png
You should see rows of tightly packed blue dots in repeating patterns - the machine identification codes for a Xerox printer, to be precise. You may have to turn off f.lux to see them
Interesting protip: fluorescent compounds are added to all sorts of things: mouthwash bottles, toothpaste, white paper, laundry detergent, and the “bright” colours of printer ink.
I'm not sure if normal scanners detect UV light, but that would break a good chunk of their tracking purpose these days if they were not detectable in scans.
On a monochrome printer, I guess you can still to steganography by messing with the dithering, I guess? However, since the stated aim of the fingerprinting is to catch money counterfeiters, I guess they are less interested in monochrome.
My experience with Logic has been negative. I started purchasing issues after reading one promising excerpt at a bookstore. However the overt biases of what topics they select to cover/how they cover them, the frequent reliance on vague anonymous sources of dubious quality, clear political biases, and low signal to noise ratio led to me stopping after a few issues. Admittedly this particular article isn’t one I took issue with, but my sentiment about the magazine overall still holds.
A throwaway printer is probably your best practical option.
Other than that, using a vintage dot-matrix printer with a low enough resolution (e.g. a 9-pin head) that it's unlikely to have either the smarts or the resolution needed to make this work.
Of course, this just means that if you are conspicuously buying a curated collection of vintage printers, you're providing another type of evidence.
Maybe you could 3D print a plate containing the document you want to print, raised and mirrored (like a printing press, but without movable type), and then ink the plate and press it onto a blank piece of paper.
EFF seems to think that all modern laser printers have some form of tracking dots, whether or not they've actually been able to detect them [1].
They don't say anything about inkjet, though. Unclear if this is because of a fundamental limitation of inkjet printers, lack of interest, or just because inkjet printers kind of suck compared to laser. :P
So, if I am getting it correctly - this is only for color printing right? Why would they implement it on software level, would not hardware be easier and harder to remove?
and harder to implement with next to no benefits, a person aware of existence of such tracking dots will try to circumvent/reverse engineer it. https://github.com/dfd-tud/deda
Whether it is the Blockchain, Tor or other privacy guards that wane us in anonimity - we, especially us techies, often underestimate typical chokeholds which a government can easily control (eg your ISP, your cell phone tower, your cell phone maker, payment provider, ...), because it usually does and government agents usually don't make a fuzz about it because it's a valuable trap.
Without the fuzz over enough time passed we, even NSA experts, seem to forget about those traps.
The moral of the story for us techies: Don't wane people in anonimity if they use X or do Y. There will be a percentage of people who do things, they wouldn't have done without that info, and some of said percentage will be blackmailable (think miners having "inciminating pictures" on their machines because they were stored on the blockchain once).
Worse than a privacy infringing government are blackmailable citizens (One could argue the former causes the latter, I argue the latter steers the former into worse).
The handling at The Intercept was amateur journalism at best, and at worst a cynical ploy (incriminate their source, hence confirmation, generate a media storm and clicks). They ignored fundamental techniques to protect sources: retyping documents without formatting, spell checking them, sharing only small snippets of text, in person instead of allowing retention, confirming via an external expert.
Of course, even without the printout they would have got her, she had terrible OPSEC.
Odd how HN is often favourable to Greenwald and Assange but not to Winner, who seems to have no fanbase. She doesn't appear to be a spy but a straightforward leaker?
It's something that people who deal with highly sensitive information and sources should know, absolutely. But it's still not a big deal for anyone who's not going up against a well resourced government.
Maybe you just want to go about your life without every innocuous aspect of it being secretly interfered with? You might be able to ignore it for a long time because it doesn't harm you, but it only takes one shitty change in the wider system for it to be turned entirely against you.
That's already happened. License plate trackers, cell sites logs, phone and car location data tracks everywhere you go. Google analytics inside a google browser running on google's OS on google hardware, all to gather data on you to make slightly more money selling ads. Not to mention other data aggregators who will sell that data to anyone with a credit card. Every aspect of our lives are already being overtly interfered with, but no I really should care a lot about some stupid printer dots.
What a reasonable and not-at-all unhinged threat model. I should be kept up at night worried that currency counterfeiters will break into my house, steal my printer, use it to print fake money, the cops will find that money, use these dots to get metadata to find me, then what no-knock raid me?
idk I think I'll just accept that risk, it's a lot more likely that my ex will stab me after all
These types of threat models require a bit of creative flair:
0315 am, a drone flies over your house and hovers just long enough to upload firmware to your WiFi-enabled printer. Having not memorized your printers serial number, and certainly not checking it every day, you don’t notice the new firmware or orientation of dots.
Your printer, along with an identical model bought later and cloned to yours, are now forensically indistinguishable. Your printer driver phones TonerCo for a refill. It arrives with the fanfare of fast shipping.
11 months later, your address and credit card purchase are enough to convince the right judge to grant a no-knock warrant. Your printer has embroiled you, or someone just as innocent as you, in a very bad time.
We don't know what all the data is, but it at least used to be Date-Time-Serial. For governments and corporations with asset controls that record the serial of devices sent around, this is actually useful and can be used to sniff out moles like in the example. For individuals, you either need a massive amount of background data like purchase history (which is what you all should actually care about instead of these stupid dots), or you need to physically raid the place and get the serial off the printer.
And anyways in your example, there are far easier ways for the government to figure out that stuff that doesn't involve chasing down printers.
I figure the serial number could be enough if it was linked to a credit card purchase. However, it might only link to a lot number that a store purchased.
I don't think stores are tracking the serial numbers of the printers they sell, so yeah at best you're gonna get a big list of everyone who bought that SKU in the approximate time. And if you buy it with cash, or secondhand, then they're screwed.
Now, it probably phones home and that's probably how they catch people but there are ways around that.
Sounds like the tracking tech is implemented in the proprietary drivers. If only the free software movement had filled its original purpose (freeing printer drivers¹) for more models…
¹https://www.fsf.org/blogs/community/201cthe-printer-story201...
Edit: looks like it may be in the firmware on the printer itself, not drivers on computers, as h-node warns of tracking even on printers with full compatibility with blobless, FSF-endorsed distros eg. Trisquel GNU/Linux-libre: https://h-node.org/printers/view/en/2215/HP-DeskJet-2700-ser...