Interesting People mailing list archives
Re: "Redacted" DoJ PDFs still leaking confidential data
From: David Farber <dave () farber net>
Date: Sat, 17 May 2008 17:39:28 -0700
________________________________________ From: Matt Blaze [mab () crypto com] Sent: Saturday, May 17, 2008 8:12 PM To: Peter Swire Cc: David Farber Subject: Re: [IP] "Redacted" DoJ PDFs still leaking confidential data Hi Peter, The problem arises from ad-hoc methods of redacting, such as pasting boxes over redacted text. There are easy (but apparently not widely known) ways to do it better. The NSA has a redaction manual (linked in the blog post below), and the most recent version of Adobe Acrobat has a "redaction" function built in. -matt On May 17, 2008, at 20:00, Peter Swire wrote:
Dave: It is a public service for Matt Blaze to show the ineffectiveness of the DOJ’s redaction process. In light of the government tendency to err on the side of secrecy, could Matt or other readers point us to high-quality and easy-to-use ways to redact government (or other) documents? Do changes need to be made to widely-used word processing and similar software? If redaction is easy to hack, then DOJ and other agencies will try to prevent release of documents entirely. Transparency, the Freedom of Information Act, etc. – strong reasons to have redaction be workable, or else the public will see even less. Peter Prof. Peter P. Swire C. William O'Neil Professor of Law Moritz College of Law The Ohio State University Senior Fellow, Center for American Progress (240) 994-4142, www.peterswire.net <snip> Data leaks from ineffectively redacted PDFs go back for years, and the DoJ itself has been burned by this several times already; one would think the government might have learned by now. In this case, the "sensitive" data is fairly innocuous (and, I'd argue, was data the public has a legitimate right to know in any case). But if this represents the DoJ's normal redaction practices, next time it could just as easily be a court filing containing the names of confidential informants. Last night, after I blogged about it, the DoJ took the entire web site for its Office of the Inspector General off the air, presumably to check for other leaky PDFs. For the original leaky PDF and context, see my blog post at http://www.crypto.com/blog/calea_retrobugs/ -matt Archives
------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- "Redacted" DoJ PDFs still leaking confidential data David Farber (May 17)
- <Possible follow-ups>
- Re: "Redacted" DoJ PDFs still leaking confidential data David Farber (May 17)
- Re: "Redacted" DoJ PDFs still leaking confidential data David Farber (May 17)
- Re: "Redacted" DoJ PDFs still leaking confidential data David Farber (May 17)
- Re: "Redacted" DoJ PDFs still leaking confidential data David Farber (May 18)