Alleged National Security Agency (NSA) leaker Reality Leigh Winner was reportedly identified after the FBI determined she had printed out a top secret report010 Archivesshared it with The Intercept -- but she might have been undone in part by a subtle code found on document itself, left by the printer.
By the timeThe Interceptpublished an explosive report on June 5 alleging Russian cyberattacks on the U.S. voting system, the FBI had already arrested Winner as the suspect. The affidavit supporting the application for a warrant revealed that the documents provided to the NSA by The Interceptwere clearly "folded or creased," which led officials to believe that the docs had been printed and physically secreted out of a "secured space." Investigators were then able to narrow down the list of suspects to six people who had printed the doc before settling on Winner.
Security blogger Rob Graham laid out the process the FBI could have used to definitively pinpoint Winner as the leaker in a blog post, claiming laser color printers produce subtle "yellow dot patterns" every time they're used. The patterns, which contain the distinct identifying information of the print job, can be easily decoded if you know how to look for them.
The document tracking wasn't the only factor reportedly used to ID Winner -- the contractor allegedly used her work email account to correspond with The Intercept, and a reporter allegedly provided identifying information in contacts with government sources.
SEE ALSO: New leaked NSA hacking report is 'House of Cards' IRLGraham wrote that the document posted by The Intercept-- which was presumably also the copy provided to the NSA for verification -- is a PDF created from pictures of a printed version of the doc that was later scanned into the system. That's important: because it was a physical copy printed by a laser color machine, it carries the identifying yellow dot patterns.
The Electronic Freedom Foundation (EFF) has been tracking the matter for some time now, and has compiled a list of manufacturers that make laser color printers that produce the yellow dots. Xerox admitted to providing the tracking dots to the Secret Service back in 2005 to combat counterfeiting -- but as the EFF noted at the time, there were no laws to prevent the tracking from being used for other means.
Importantly, the tracking dots are only reportedly produced by laser color printers, which are more likely to be found in office settings for professional use. Your compact inkjet unit for home print jobs won't be tagging all your documents with ID info.
The blog post proves just how simple it is to determine where and when the doc was printed -- by downloading the NSA doc from The Interceptarticle and taking a screenshot of white space, anyone can use a simple photo editing program like Paintbrush to invert the colors to reveal the patterns. Then, by reproducing the pattern using an EFF tool, you can easily find its identifying features. Checking those against the printer's log would easily show who was behind the job.
Other infosec experts proved Graham's point on Twitter, sharing screenshots of their quick work with the tracking method.
This Tweet is currently unavailable. It might be loading or has been removed.
This Tweet is currently unavailable. It might be loading or has been removed.
We contacted several of the printer companies named in the EFF catalogue, but hadn't received comment at time of publish.
Graham claims that the yellow-dot trackers on docs can be thwarted by converting files to black-and-white with an image editor, which would conceivably prevent prying eyes from finding the identifying patterns, and clearly put the onus of the "outing" on The Intercept.It's a simple step to take in such high pressure situations, but one that isn't obvious to take without knowledge of the practice.
The yellow dots likely made it much easier to ID Winner, but there were other factors that led to her being tabbed; she reportedly had email contact with The Interceptfrom her work computer, too. The ultimate lesson here: Don't leak from work.
Topics Cybersecurity Politics
Waitin’ on the Student Debt Jubilee
A major clue has us thinking 'Game of Thrones' trailer will be arriving very, very soon
First look at Windows Story Remix, the app that turns anyone into a Hollywood director
Trump is going on a tweet
CPU Price Watch: 9900K Incoming, Ryzen Cuts
Snap CEO Evan Spiegel is here to lose money and earn your trust
It's 2017, and Samsung is still launching flip phones
The laptop ban could expand to flights coming from Europe
Colman Domingo’s Craigslist love story with husband Raúl has the internet swooning
A Russian blogger was sentenced for playing 'Pokémon Go' in a church
NYT Connections Sports Edition hints and answers for April 23: Tips to solve Connections #212
Turns out that a 'Ghostbusters' monster was actually a real dinosaur
A Russian blogger was sentenced for playing 'Pokémon Go' in a church
Homeowner sues Zillow for allegedly undervaluing her home
The Bose QuietComfort Ultra headphones are on sale for $100 off
Spring raises $65 million to fund a shopping mall on your smartphone
Cry of the week: Jimmy bests Chuck on 'Better Call Saul'
Snap CEO Evan Spiegel is here to lose money and earn your trust
The best day to book your flight, according to Google
UberEats will solve your late night snack cravings in London
Best camping deals: Coleman tents, sleeping bags, lanterns, and grills are up to 59% off at AmazonTrains by Jill TalbotErrant Daughters: A Conversation between Saidiya Hartman and Hazel Carby by Saidiya HartmanStaff Picks: Dolls, Dakar, and Doomsday Preppers by The Paris ReviewCole Porter’s College Days by Brian CullmanThe Other Billy Collins by Anthony MadridWatch Series 9, Watch Ultra 2: Apple thinks it can save them with a software fixHow to watch ABest audiobook deal: Get 4 months of Audible Premium Plus for 60% offHow to Imitate George Saunders by Benjamin NugentKamau Brathwaite: 1930–2020 by Vijay SeshadriThe Phone Call by Jill Talbot2024 might be the year of stalkerBest camping deals: Coleman tents, sleeping bags, lanterns, and grills are up to 59% off at AmazonGrindr Unwrapped reveals the defining gay pop culture moments of 2023How to watch Duke vs. Troy football livestreams: kickoff time, streaming deals, and moreThe Body Is a Place: An Interview with Lidia Yuknavitch by Cornelia ChanningRedux: A Piece of a Beginning by The Paris ReviewSilicon Valley Hustling: An Interview with Anna Wiener by Pete TosielloComics as Poetry by Ivan Brunetti Before 'Game of Thrones' Season 8, a look back at the earliest reviews Paul McCartney gives us all the ultimate #MannequinChallenge Edward Snowden warned us about a president like Donald Trump Brits are begging Obama to move to the UK and become Prime Minister The 'Here we go again' meme is perfect for every frustrating situation Chilling moments from day one in Trump's America Irish couple live tweets journey to receive legal abortion in England Selena Gomez delivers a surprise Coachella performance with Cardi B Michelle Obama doesn't want to run for president, and yet we continue to ask her HQ Trivia replaces popular host Scott Rogowsky Here's how many Americans crashed Canada's immigration site All the pilot parallels in the 'Game of Thrones' Season 8 premiere Donald Trump and the media: An unstoppable DDoS attack Twitter secretly verified Jack Dorsey's mom and thousands of others despite 'pause' Rise up: America’s students stage school walkouts following Trump victory A ridiculous number of people watched the 'Game of Thrones' Season 8 premiere 'Game of Thrones': Sam dropped THAT bomb on Jon (recap) Aaron Sorkin pens impassioned letter to daughter on Trump win Powerful Mannequin Challenge video highlights the Black Lives Matter movement Dear People Magazine: Please stop pretending the Trump presidency is normal
2.613s , 8228.4921875 kb
Copyright © 2025 Powered by 【2010 Archives】,Exquisite Information Network