funsec mailing list archives

Re: Israel's population registry leak

From: Skyler King <SKing () checkpoint com>
Date: Thu, 14 May 2009 19:21:24 -0700

I thought MS watermarks it's src code given out to organizations (but not inviduals in the organization) now after the 
2k src code leak.

sky

________________________________
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Imri Goldberg
Sent: Monday, May 11, 2009 9:30 AM
To: funsec
Subject: [funsec] Israel's population registry leak

In Israel, many people know that the population registry is available to download from various p2p networks. It turns 
out that new versions are leaked every now and then.
A few years ago, a website offered to sell the registry, and the police was tasked to find who leaked the information. 
It turns out that the police was unable to determine which of 22 organizations, companies and offices that had access 
to the information leaked it. (see http://www.haaretz.com/hasen/spages/1082775.html )

When I read it, I was reminded of the standard method of uncovering leaks: add a watermark, and distribute different 
versions to each organization. A watermark can even be part of a data: a changed digit in the ID number of some fake 
person in this specific case.

I also read this kind of suggestions regarding screener leaks from time to time, but I don't recall it actually 
happening. I do recall reading some fiction (a James Clavell book) about purposefully distributing different versions 
of some document to suspect parties in an effort to uncover a leak. Every time I read about a leak, I think, why didn't 
they add a watermark?! It's in the books!

Cheers,
Imri

--
Imri Goldberg
--------------------------------------
www.algorithm.co.il/blogs/<http://www.algorithm.co.il/blogs/>
--------------------------------------
-- insert signature here ----

Scanned by Check Point Total Security Gateway.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Israel's population registry leak Imri Goldberg (May 14)
- Re: Israel's population registry leak Young, Keith (May 14)
  - Re: Israel's population registry leak Valdis . Kletnieks (May 14)
- Re: Israel's population registry leak Rob, grandpa of Ryan, Trevor, Devon & Hannah (May 14)
- Re: Israel's population registry leak Skyler King (May 14)