Four academics from the Technical University in Dresden, Germany (TU Dresden) have created an app that detects and masks the hidden dot patterns that laser color printers secretly hide on all printed documents.
These dots encode information about the printer hardware, the printed document itself, and the date of the print. Almost all modern commercial color laser printers add them to documents without informing their users.
Most users couldn't care less about such dots, especially since they're not visible to the human eye. But for whistleblowers, they are a real problem, as they could help oppressive governments or shady employers track down the source of a leak to a specific printer, date, or time, narrowing down the number of potential suspects.
Researchers release DEDA app
To help users keep their privacy intact, TU Dresden researchers have come up with an algorithm for detecting these dot patterns and adding extra dots on top, masking and anonymizing the source of the printed doc.
They released a Python CLI app that can perform this process. The app's name is DEDA, which stands for which stands for tracking Dots Extraction, Decoding and Anonymisation toolkit.
The app can add small dots here and there, to make small partial alteration to a hidden dot pattern, or can blot out the pattern entirely to ensure full anonymity.
DEDA is a tool created for whistleblowers
In a press release published two weeks ago, the TU Dresden researchers said they created and released DEDA to ensure that citizens have full freedom of speech.
Their reasons are tied to the fact that while hidden printer dots pose no inconvenience to regular users, they are a danger for whistleblowers, persons who sometimes leak crucial documents revealing appalling abuses of power.
"Every person should have the freedom of speech, which should also include uncovering unacceptable situations within companies or government bodies," said Timo Richter, one of DEDA's four creators.
"We believe that citizens should be aware of the existence of such codes, and the surveillance that they make possible," said Stephan Escher, another researcher involved in the DEDA project.
Hidden printer tracking dots have been known since 2005
Privacy-focused organizations like the Electronic Frontier Foundation have warned about hidden printer dots since as early as 2005, and the organization has been maintaining a list of printers that have been privately-tested and confirmed to use the dots.
Printer dots became a mainstream topic in 2016 when US authorities tracked down an NSA leaker named Reality Leigh Winner because of the hidden printer dots embedded in a document she gave out to a news agency.
In 2017, Gabor Szathmari, a security researcher for CryptoAUSTRALIA, contributed code to PDF Redact Tools that is capable of detecting and removing hidden printer tracking dots.
The DEDA app is available on GitHub. Researchers presented their work —entitled "Forensic Analysis and Anonymisation of Printed Documents"— at the ACM Information Hiding and Multimedia Security 2018 conference that took place in Innsbruck, Austria two weeks ago.
Comments
UG26 - 5 years ago
Notice how every manufacturer has obeyed a secret government order to add this tracking code to their products. This represents proof that there is no such thing as democracy, due process, or the rule of law:
The state only needs to issue a verbal threat that "we can make your business far more difficult and costly, by abusing our regulatory powers if you don't comply." Upon hearing that, every company will obey, regardless of whether its legal or not. The only exception was LavaBit (which shut down rather than obey an immoral or unlawful secret order.) If everyone took the same stand, freedom would ring throughout the land.
https://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-email
https://www.theguardian.com/technology/2013/aug/08/lavabit-email-shut-down-edward-snowden
https://www.youtube.com/watch?v=UQBWGo7pef8
===========================================================
Related news:
ALL MAJOR CLOUD SERVICES cooperated with unlawful mass surveillance, then LIED TO THE PUBLIC about it:
https://www.theguardian.com/world/2014/mar/19/us-tech-giants-knew-nsa-data-collection-rajesh-de
This is why you should only use products based on open source technologies, and only use services which are decentralised. (I know, that's easier said than done. Where alternatives do not exist, we have to build them.)