Interesting People mailing list archives
Re: "Redacted" DoJ PDFs still leaking confidential data
From: David Farber <dave () farber net>
Date: Sat, 17 May 2008 17:39:08 -0700
________________________________________ From: Steven M. Bellovin [smb () cs columbia edu] Sent: Saturday, May 17, 2008 8:21 PM To: David Farber Cc: peter () peterswire net Subject: Re: [IP] Re: "Redacted" DoJ PDFs still leaking confidential data On Sat, 17 May 2008 17:07:40 -0700 David Farber <dave () farber net> wrote:
In light of the government tendency to err on the side of secrecy, could Matt or other readers point us to high-quality and easy-to-use ways to redact government (or other) documents? Do changes need to be made to widely-used word processing and similar software?
Matt's blog posting points to an NSA guide on the subject: http://www.fas.org/sgp/othergov/dod/nsa-redact.pdf The instructions were, as far as I know, correct in late 2005 when they came out. Tools have changed since then, and it was never a high-assurance solution. Here is a brief mailing list discussion about that document. --- From: "Steven M. Bellovin" <smb () cs columbia edu> To: John Levine <johnl () iecc com> Cc: cryptography () metzdowd com Subject: Re: NSA explains how to redact documents electronically Date: Wed, 25 Jan 2006 01:53:24 -0500 Sender: owner-cryptography () metzdowd com X-Mailer: exmh version 2.6.3 04/04/2003 with nmh-1.0.4 In message <20060125030247.93612.qmail () simone iecc com>, John Levine writes:
http://www.fas.org/sgp/othergov/dod/nsa-redact.pdf One wonders how long it will be till someone finds an error...Even if it's right, it's so complicated that it seems rather optimistic to expect people to follow it correctly every time.
I agree. It's also very dependent on the exact options that Microsoft and Adobe have currently implemented. Minor changes could screw this up completely.
I don't claim to be a big security guru, but if I were planning to distribute a redacted PDF document, I'd render it to a bitmap, then turn the bitmap back into a PDF and ship that, a digital version of printing it out and scanning it back in. On Unixish systems, one can do that in about five minutes with freeware tools like ghostscript and xpdf.
That's more or less what they did when they declassified Skipjack, though they may have used a real printer and scanner instead. Some people laughed at NSA's technical ineptitude -- didn't they know how to print to PDF directly? Others realized that NSA understood the problem at a much deeper level. ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- "Redacted" DoJ PDFs still leaking confidential data David Farber (May 17)
- <Possible follow-ups>
- Re: "Redacted" DoJ PDFs still leaking confidential data David Farber (May 17)
- Re: "Redacted" DoJ PDFs still leaking confidential data David Farber (May 17)
- Re: "Redacted" DoJ PDFs still leaking confidential data David Farber (May 17)
- Re: "Redacted" DoJ PDFs still leaking confidential data David Farber (May 18)