[Cryptography] stego mechanism used in real life (presumably), then outed
John Denker
jsd at av8n.com
Tue Jun 6 17:59:15 EDT 2017
In case you missed it:
Quoting from:
http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html
> that most new printers print nearly invisibly yellow dots that track
> down exactly when and where documents, any document, is printed.
> Because the NSA logs all printing jobs on its printers, it can use
> this to match up precisely who printed the document.
This seems like a pretty good explanation for the rapid arrest of
NSA contractor Reality Winner.
============
When it comes to journalistic tradecraft, the picture is a bit
muddled.
-- In the last few years, there have been a number of high-grade
leaks from sources whose identities have remained concealed.
-- OTOH there are more than a few cases of sources whose identities
did not remain concealed for long.
There are lots of forensic marking techniques. Now that the yellow
tracking dots are well known to leakers and would-be leakers, I
reckon there will be a push to deploy other techniques.
https://www.eff.org/pages/list-printers-which-do-or-do-not-display-tracking-dots
============
All this casts /communication/ security in a different light.
It does no good to encrypt the communication channel, if the
payload itself is compromising.
More information about the cryptography
mailing list