Laser printer dot code revealed
Yellow marks on documents can identify
when and where they were printed.
Roxanne Khamsi
You may want to think twice about printing this
article. Many colour laser printers mark the pages
they produce with tiny yellow dots that, according to
technology watchdogs, can reveal information about you
and your computer.
The Electronic Frontier Foundation (EFF), based in San
Francisco, California, announced this week that it had
cracked the code of dots on documents made by Xerox
DocuColor printers.
"We've discovered exactly what information is there and
how you can read it," explains EFF technologist Seth
Schoen.
A grid of yellow dots, best seen under blue light,
reveals the time and date that a document was printed.
Other people had noticed the yellow dots, but Schoen
says the meaning of the markings had been unclear. So
EFF researchers collected pages from various copy
centres in California this summer and analysed them,
using blue light to highlight the dots, which are
barely visible under normal light. It took just a week
to crack the code.
EFF and its partners report that the dots contains
information about the date and time that a page was
made, as well as the serial number of the printer used.
These are encoded in a simple grid, in which the eight
rows represent different values that are added up to
reveal 5 kinds of information held in 15 columns. The
final column, which is often blank, codes for something
that is still a mystery to EFF researchers.
They think the information is probably used in police
inquiries about counterfeiting and to track down the
source of printed documents in crime cases. Their
findings are published in a Dot Decoding Guide on the
EFF website.
But which part of the machine generates these dots?
"It's definitely the hardware. The dots show up
regardless of what operating system and what kind of
document you have," says Schoen.
Bill McKee, a spokesman for Xerox, which is based in
Stamford, Connecticut, told ne...@nature.com that he
"can confirm there is a coding system" on pages printed
by DocuColor machines. But he says that "because of
security we cannot disclose any details". He adds that
Xerox does not routinely hand out customer information
but "will assist an investigating agency when asked".
EFF submitted a request this summer using the Freedom
of Information Act to find out whether the US Secret
Service has used the dots to track down the source of
documents.
"We're not happy that this code is there," says Schoen.
A covert code of dots raises grave privacy concerns, he
claims. "We first and foremost want to let people know
what their printers are doing."
EFF has also collected pages from volunteers in
countries ranging from Australia to Israel in order to
catalogue the printers from a variety of manufacturers
that mark pages. The group states that many of the
printers from other companies also seem to produce
pages with anomalous dots.
Schoen notes that the absence of dots does not
necessarily prove that there's no tracking technology.
But he hopes that they will find a machine that does
not mark the pages it prints: "If there is a printer
that doesn't do this we'd like to see that product
derive a competitive advantage in the market."
There is a way to solve that. When you buy a printer,
just withdraw cash from your bank account, and pay
with that at the computer store. Unlike checks or
credit cards, they cannot trace a transaction made in
cash.
Only if there are no cameras at the check-out that can identify you with the
purchase.
>
> Only if there are no cameras at the check-out that can identify you with the
> purchase.
>
>
What about disabling the cameras near
the checkout first? Someone could use
a handgun with a silencer to silently
shoot out and disable the cameras,
before the purchase is made.
"Charles Newman" <charles...@comcast.spamkiller.net>
> > > There is a way to solve that. When you buy a printer,
> > > just withdraw cash from your bank account, and pay
> > > with that at the computer store. Unlike checks or
> > > credit cards, they cannot trace a transaction made in
> > > cash.
"Kelo Disaster" <goin...@gone.net> wrote in message
> > Only if there are no cameras at the check-out that can identify you with
> the
> > purchase.
"Charles Newman" <charles...@comcast.spamkiller.net>:
> But there is still one other solution. If you live close enough to Mexico,
> just go
> into Mexico and buy your printer there. Mexico uses 110 volts and 60Hz,
> just like the USA, so a printer bought in Mexico would work. A printer
> bought in Mexico and brought back into the USA would certainly not be
> traceable. USA courts would have no jurisdiction in Mexico.
I doubt if anyone bothers to keep track of who buys which
machine. The usual method of using the scheme would be to
determine after the fact of counterfeiting -- or excessively
free speech, or whatever -- that printed pages came from the
same machine, and if the machine and user could be located
and seized, that they came from a particular machine. Regimes
attempting totalitarian control like the Soviet Union, Iran
and Saudi Arabia have sometimes fixed copiers to do something
similar. There are many ways such information can be used.
The really disturbing thing about this business is that the
government and the participating corporations did it without
telling anyone. One can't help wondering in what other ways
Big Brother is watching us.
We sort of knew the implication already G*rd*n. I remember some recent
version of the MS OS came with what was called "the NSA backdoor",
discovered by hackers, and also that Intel chips came hardwired with
some other favours to the gov't. We can only count (yet) on the
inability of gov't systems to process huge quantities of activities
and info flowing thru communities. I guess they are working on that
too.
Well, Belgium is trying to get a system up and running in which the user
would have to swipe their national ID card on their computer to access the
web. It is not really that new, many businesses use a similar system to log
terminal users but the implications are, as ever, more widespread.
Digital cameras include a unique identifier in every shot they take, based
on the serial number of the equipment. Technically it is then possible to
identify which camera took a particular photograph. Mobile phones call home
every fifteen minutes (even when switched off) or so to let the network know
where to reach you. very sensible as it saves the network hitting every cell
each time you get a call but like alot of conveniences, it comes with a
hidden price-tag. This is already being used as the basis for tracking
systems and, when more phones have inbuilt GPS your movements can be tracked
within a few yards.
Data mining is being used by businesses running loyalty card schemes or from
credit-card transactions to better target salesforces for other products.
When your bank calls to ask you if your credit cards have been stolen
because they have detected unusual spending patterns, ask yourself, how do
they know what are your 'usual' spending patterns?
"Privacy is dead, get used to it" as some IT industry bigwig declared.
Its a possible cause but older batteries will lose their charge regardless,
the simple way to stop the phone calling home is to remove the battery.
>
> > where to reach you. very sensible as it saves the network hitting every
> cell
> > each time you get a call but like alot of conveniences, it comes with a
> > hidden price-tag. This is already being used as the basis for tracking
> > systems and, when more phones have inbuilt GPS your movements can be
> tracked
> > within a few yards.
>
> That be can defeated with a GPS jammer. You can make one from about
> $50 worth of parts. With the jammer running, any GPS device would be
> unable to read back its location.
Or don't upgrade to the new generation of GPS-enabled phones.
There are always ways around things, like not registering ownership on
pay-as-you-go phones, paying cash, etc, etc.
But as the technology becomes in-built into every device merely because it
can be, then abuse is inevitable.
IBM are runnning TV ads here showing a Truck driver being stopped by a girl
sitting at a help-desk in the middle of the road. He asks what she is doing
and she tells him he is lost., he is on the wrong road. He asks how she
knows and she tells him a radio-chip in the consignment on board told her,
the load is being tracked and that is how she knew. Most trucks are now
being fitted with satellite tracking, the boss knows where it is at any
moment. Next up is a 'smart-card' licence which has to be inserted into the
dash before the engine starts. The card records all the truck drivers
working hours and should he exceed the legal limits (Europe has strict laws
on commercial drivers) the engine will not start. These systems have been in
use on fork-lift trucks for a few years now, to stop unauthorised drivers
using them.
Add in a trendy nightclub in the UK which runs a scheme where you register
your credit card details, get a chip inserted in your arm then you never
have to prove membership at the door or pay cash for a drink again, they
scan your arm and the software bills your credit card automatically.
The UK is planning a national road charging network to 'reduce congestion'.
This will involve transmitters in all cars, linked by satelite to a database
which will record all movements and charge accordingly.
In the City of London all drivers pass through check points fitted with
number-plate recognition cameras, these automatically read and check car
number plates and flag up any which are reported stolen, lost, owned by
targetted criminals, terror suspects, etc to a central control room. Using
the CCTV network, the control room can monitor the vehicle and direct police
straight to it. That has been running for about ten years. the checkpoints
are now trialling facial recognition cameras and software developed from
that used to monitor football crowds for known hooligan elements.
It was reported that if you walk down Oxford Street in central London, your
progress will be recorded by over 300 seperate surveilance cameras.
Like the man siad 'Privacy is dead, get used to it'
>
> Its a possible cause but older batteries will lose their charge regardless,
> the simple way to stop the phone calling home is to remove the battery.
oh that's a beaut
> >
> > > where to reach you. very sensible as it saves the network hitting every
> > cell
> > > each time you get a call but like alot of conveniences, it comes with a
> > > hidden price-tag. This is already being used as the basis for tracking
> > > systems and, when more phones have inbuilt GPS your movements can be
> > tracked
> > > within a few yards.
> >
> > That be can defeated with a GPS jammer. You can make one from about
> > $50 worth of parts. With the jammer running, any GPS device would be
> > unable to read back its location.
>
> Or don't upgrade to the new generation of GPS-enabled phones.
while not entirely on point
To dream that you are using gps enabled phones, represents your
indecisiveness and your
inability to make commitments
mk5000
"im finally here. even the response to me hasn't gotten to the shut
down the mall level, it's really cool to hear people singing along with
me"--johnta austin
I wonder what the the cell phone companies must think when you
battery goes completely dead, and the phone cannot "phone home",
as it were,
> Or don't upgrade to the new generation of GPS-enabled phones.
> There are always ways around things, like not registering ownership on
> pay-as-you-go phones, paying cash, etc, etc.
> But as the technology becomes in-built into every device merely because it
> can be, then abuse is inevitable.
> IBM are runnning TV ads here showing a Truck driver being stopped by a girl
> sitting at a help-desk in the middle of the road. He asks what she is doing
> and she tells him he is lost., he is on the wrong road. He asks how she
> knows and she tells him a radio-chip in the consignment on board told her,
> the load is being tracked and that is how she knew. Most trucks are now
> being fitted with satellite tracking, the boss knows where it is at any
Not if they use a GPS jammer, they wont
> moment. Next up is a 'smart-card' licence which has to be inserted into the
Anything that is computerised can be hacked. All the driver would have to do
is break into the computerised system and changed the hours driven to
zero. Anyone with a knowledge of computers could do that.
Barring that, the driver could just simply "hot wire" the system. I am sure
that a lot of drivers will learn how to hot-wire their own trucks.
> dash before the engine starts. The card records all the truck drivers
> working hours and should he exceed the legal limits (Europe has strict laws
> on commercial drivers) the engine will not start. These systems have been in
> use on fork-lift trucks for a few years now, to stop unauthorised drivers
> using them.
That is computerised and can be hacked. All the truck driver would have
to to is to break into that computer, and change the hours driven to zero.
> Add in a trendy nightclub in the UK which runs a scheme where you register
> your credit card details, get a chip inserted in your arm then you never
> have to prove membership at the door or pay cash for a drink again, they
> scan your arm and the software bills your credit card automatically.
> The UK is planning a national road charging network to 'reduce congestion'.
> This will involve transmitters in all cars, linked by satelite to a database
> which will record all movements and charge accordingly.
/
However, since those work on the GPS system, those can be jammed, too.
The GPS receiver cam be jammed, where you cannot be tracked. A lot of the
rental cars use that now, to charge the hell out of you, if you either speed
excessively, or drive over state/provincial/inernational borders.
I work for an E-zine in Australia, and I use rental cars a lot. To avoid
being tracked, I use a company-issued GPS jammer, which is really am
amazing achievement. Our R&D created a GPS jamming unit desguised as a
Walkman-type radio. It will even play tapes, and pick up the local radio
stations, but it has a GPS jammer hidden inside it. It just flick this on,
and the rental company (usually yank-owned), cannot track me. What this
device does is transmit a signal strong enough to jam any GPS-based device,
without about 100 meters. Company-issued GPS jamming units have saved.
Using these has saved my company, Anonymous Demonic Media, a lot of money.
This is becuase I have gone to cover a few figure skating competitions, which
has required me on a few occasions to drive my car over international borders.
Using a GPS jammer has helped our employees evade the US$1 per mile that the
yank-owned rental car companies charge if you drive over state, provincial,
or international borders. In one trip alone, using the GPS jammer, I save us
all over $1000 when I went to go Ciudad Obregon, Mexico, to cover a figure
skating event a couple of years ago. Its about 500 miles from Tucson to
Obregon, by using the GPS jammer, I was able to save the USD$1 per mile that
I would have been charged otherwise. It is COMPANY POLICY to economise,
wherever possible.
By concealing the GPS jammer inside a Walkman-type radio, it can get past
Customs in any country. Because it can pick up the local radio stations,
and play tapes, your typical Customs agent will have NO CLUE that it there
is a GPS jammer hidden inside the device.
You got me, I cant commit, it has always been my problem, moving from one
phone to another, casually discarding the last in search of newer and better
companions. I can't help it, I just get such a buzz from inserting my
simcard into a shiny new cellphone. But the thrill never lasts and,
disappointed with the limited call-time I succumb to the siren call of the
latest toy. Can I get help anywhere?
I dont think they are that much bothered, I suppose the phone is logged at
its last location, then when you switch back on it does its handshake
routine and the system updates the location.
Sure, in the older trucks you could simply pull the fuse on the 'tachograph'
system and carry on without recording anything at all. But thne there would
be a discrepancy between the miles travelled (recorded on the odometer) and
the mileage recorded as travelled on the tachograph discs. But hot-wiring
newer trucks with engine-management systems, digital dashes and such is a
bit tougher. And the on-board recorder would still log the miles travelled.
>
>
> > dash before the engine starts. The card records all the truck drivers
> > working hours and should he exceed the legal limits (Europe has strict
laws
> > on commercial drivers) the engine will not start. These systems have
been in
> > use on fork-lift trucks for a few years now, to stop unauthorised
drivers
> > using them.
>
> That is computerised and can be hacked. All the truck driver would
have
> to to is to break into that computer, and change the hours driven to zero.
Except the data is transferred by satalite link back to base and recorded
there as well. With the projected road use charges planned in the Uk and
Europe, that data would also be held by the government as well, directly.
Any monitoring system can be beaten, especially a 'stand-alone' one, what is
of concern is the multi-tracking and logging which is now possible using
different systems which, when compared, show unrecorded usage.
Sure, the hire company got ripped. But I think it is different when the
State is involved, they can create an offence of not having all the mileage
and positions recorded, as they already do with the European tachograph
regulations at present. It doesn't matter that you may have exceeded your
driving hours, or speed limits, or even not done so, not having a tachograph
chart showing that information over a given mileage is an offence anyway and
treated as though you *had* committed offences over that period, a bit like
refusing to give a blood sample in a drink-drive arrest (in the UK) is
treated as seriously has giving the sample and being found over the limit
anyway.
"brique" <briqu...@freeuk.c0m>:
> ...
> Like the man siad 'Privacy is dead, get used to it'
_Their_ privacy isn't dead.
Joseph K. <ni...@none.com>:
> We sort of knew the implication already G*rd*n. I remember some recent
> version of the MS OS came with what was called "the NSA backdoor",
> discovered by hackers, and also that Intel chips came hardwired with
> some other favours to the gov't. We can only count (yet) on the
> inability of gov't systems to process huge quantities of activities
> and info flowing thru communities. I guess they are working on that
> too.
These systems can easily be defeated by professionals. They
mainly work against ordinary people minding their legitimate
business.
Hal's story is a hoax. I had a quick look at his home page, and he seems
to be a very biased person - so much so I wouldn't put much stock in
anything he says.
Alex Russell
The computer back at the "base" could be broken into and the records
erase. Anything that is computerised can be hacked.
> there as well. With the projected road use charges planned in the Uk and
> Europe, that data would also be held by the government as well, directly.
And that can be broken into as well. You just simply alter the
computer records in the government tracking systems in Europe, so that
there is no descepancy between the odometer, and and computers at a
base station.
Just be sure to use Evidence Eliminator, aftewards, so that when they
come and seize your computer, they wont be able to get anything that
can be used against you in court. THis program "wipes" your disk, so
that anything that is erased, STAYS erased. If they cannot get the
evidence, they cannot prosecute you.
And as a last resort, the sattelite link back the base can be jammed
as well. You could use anohter jammer, so that your tracking device
cannot report transmit data back to the base.
Governments are always interested in the actions of ordinary people
minding their legitimate business, that's what makes them universally a
bad idea and never more than a necessary evil. The only question is
whether or not no government is always a worse evil. Hard to say.
William C Colley
Who is your "they" Mr. Gorden? The more famous, rich, or powerful
someone is the more likely they are to be public figures, and those
individuals in "security " positions are often subject to more intense
scruitny than those in non-security positions. Doesn't necessarily make
them more accountable though.
William C Colley
> What about disabling the cameras near
> the checkout first? Someone could use
> a handgun with a silencer to silently
> shoot out and disable the cameras,
> before the purchase is made.
Sorry for the off topic, but...
Contrary to the common belief, silenced guns do not make a silent
thudding sound. They do make a loud bang, audible to quite long distances,
despite what you might have seen on movies ;)
t
I think you are being a bit optimistic in assuming the average trucker will
go to such lengths to erase evidence of a journey. I mean, every night
hackign your way itno hald-a-dozen systems and deleting like mad, could get
a bit boring after a while.
>
> Just be sure to use Evidence Eliminator, aftewards, so that when they
> come and seize your computer, they wont be able to get anything that
> can be used against you in court. THis program "wipes" your disk, so
> that anything that is erased, STAYS erased. If they cannot get the
> evidence, they cannot prosecute you.
Personally, I wouldn't use Evidence Eliminator to wipe my cats arse. There
are far superior methods available than that gimcrack marketing-mans
confabulation.
Ummm.. I think some-one is having a wind-up...
Doesn't matter if they know who owns the printer ahead of time. The most
common scenerio is that they will track you down the old fashioned way,
then use the printer dots to confirm it was your printer that printed
whatever it is they don't like.
Alex Russell
>> > news:dqudncPqLKU...@comcast.com...
Don't you people ever read the news? That such technology was being
included in new printers is not news in 2005. It was rather
controversial a few years ago when it hit the news, however.
Wiliam R. James