Researchers Reveal Details Of Printer Tracking Dots, Develop Free Software To Defeat It

from the whistleblowers-of-the-world,-rejoice,-but-still-be-careful dept

As Techdirt has reported previously in the case of Reality Leigh Winner, most modern color laser printers place tiny yellow tracking dots on every page printed — what Wikipedia calls “printer steganography“. The Electronic Frontier Foundation (EFF) first started warning about this sneaky form of surveillance back in 2005. It published a list of printers and whether it was known that they used tracking dots. In 2017, the EFF stopped updating the list, and wrote:

It appears likely that all recent commercial color laser printers print some kind of forensic tracking codes, not necessarily using yellow dots. This is true whether or not those codes are visible to the eye and whether or not the printer models are listed here. This also includes the printers that are listed here as not producing yellow dots.

Despite the EFF’s early work in exposing the practice, there has been limited information available about the various tracking systems. Two German researchers at the Technical University in Dresden, Timo Richter and Stephan Escher, have now greatly extended our knowledge about the yellow dot code (via Netzpolitik.org). As the published paper on the work explains, the researchers looked at 1286 printed pages from 141 printers, produced by 18 different manufacturers. They discovered four different encoding systems, including one that was hitherto unknown. The yellow dots formed grids with 48, 64, 69 or 98 points; using the grid to encode binary data, the hidden information was repeated multiple times across the printed page. In all cases the researchers were able to extract the manufacturer’s name, the model’s serial number, and for some printers the date and time of printing too.

It’s obviously good to have all this new information about tracking dots, but arguably even more important is a software tool that the researchers have written, and made freely available. It can be used to obfuscate tracking information that a printer places in one of the four grid patterns, thus ensuring that the hard copy documents cannot easily be used to trace who printed them. Printer manufacturers will doubtless come up with new ways of tracking documents, and may already be using some we don’t know about, but this latest work at least makes it harder with existing models.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Researchers Reveal Details Of Printer Tracking Dots, Develop Free Software To Defeat It”

Subscribe: RSS Leave a comment
40 Comments
Anonymous Anonymous Coward (profile) says:

Or

Assuming your document is something juicy that the government does not want revealed due to embarrassment, email your document, using the most current form of encrypted email, from a public computer (library, coffee shop, print center) to someone who does not have a printer and have them take that digital document to someone who has a used printer, bought at a flea market, or Goodwill, or other some such, print the document, then physically take it to a fourth party, who will then (wear gloves for all the physical aspects of this, of course) take it to a Mailboxes R Us location and send it on to a fifth party (no return address, I have been told that no return address is illegal but I have sent a whole lot of mail with no return address that was received by the sent to party), who will then swap the mailing envelope and return it to you via some sort of physical mail or messenger. Then you can submit your documents to whomever you want that doesn’t have a printer. That makes 5 co-conspirators, which is pretty dangerous, even if they are hard to track.

Or, you could just use a public library computer (wearing your Halloween costume, only on Halloween, which is the only date to do such things, except April 1st) and send it via encrypted email (no need for printers on your end) to someone like Wikileaks, or The Intercept, or the New York Times, or…well there are a lot of places who would love to receive it, and a lot of government types who would love to meet you. Up close and personal like.

Any better methods?

BTW, I have a serious complaint about printer manufacturers adding something I did not intend to my printed photographs. They are works of art, and I object to their trying to infringe upon my copyright by adding, surreptitiously their art to my art. Could we DMCA these dot?

Anonymous Coward says:

Re: Or

no return address, I have been told that no return address is illegal but I have sent a whole lot of mail with no return address that was received by the sent to party

Protip: putting a fake apartment number is an easy way to make a fake address. Ex: find a 4-story building in the city it will be mailed from, write "Apt. 503" at its address. Postal databases have lists of valid street addresses, but usually not apartment numbers.

Bamboo Harvester (profile) says:

Re: Re: Or

I always put an apartment number on any documents I’m forced to give a mailing address for.

They still get delivered to me, but it lets me see who is selling my information to who.

The most egregious was a Vermont hospital selling my info (in less than a week!) to a VT-based clothing company for pre-pubescent girls.

Toom1275 (profile) says:

Re: Re: Re: Or

For gmail addresses, you can make custom valid variants of your address unique to the service you sign up for, so if you start seeing spam, you know who sold you out.

For example:

say you have your gmail accout BHarv@gmail.com

Sign up for the hospital with BHarv+VTHosp@gmail.com
Register for a one-time thing with BHarv+OneTime1234@gmail.com

Messages sent to those two plus-addresses will still be received by the main email, but if you start getting spam from VT girl clothes company, then you’d likely see them being sent to BTHarv+VTHosp@gmail.com.

The Wanderer (profile) says:

Re: Re: Re:3 Or

As mouseover of the link will reveal, it’s a mailto: URL (instead of, e.g., a http: URL); it will open in the configured default mail client, to compose an E-mail to that E-mail address.

(Which does mean that, if that’s a valid E-mail address, you just exposed it to the bots which crawl the Web looking for addresses to spam.)

Anonymous Coward says:

Re: Or

IME, the best way to get the goat of someone like you is to point out that you probably increasing the chance that they will put surveillance on you by doing all that. Especially since anyone speaking out like this almost certainly isn’t really doing anything they would care about – not that this would stop them from collecting your info in their indiscriminate trawling of Internet data, but their algorithmic approach to detecting things of interest means that they only notice anomalies – like someone trying to spoof them.

You might want to believe they are looking for what you are doing, but trust me, they aren’t. Individual political agitators aren’t on their radar, not because they are upholding some great ideals about democracy (no sane person actually believes popular government is, or has ever been, a real or even possible thing – governments and corporations are, by nature, headless bureaucracies in which the official leaders have no actual standing and no individual or specific group of individuals decide anything), but because you simply don’t count (see immediately previous rant on the illusion of individual agency).

Really, your best defense is to be as blatant as possible, all the time, getting them to watch you for a while before they write you off as a crank (the ‘California Cocaine Smugglers Truck’ ploy, a form of Kansas City Shuffle where you get the police to search your empty vehicle so often that they stop bothering). Do You Believe That?™

Anonymous Coward says:

We need an OpenWRT for printers

Printer firmware is awful, not just because of tracking dots. It’s usually outdated, and likely totally insecure (as soon as someone cares to look – stay tuned!). The ideal solution is a firmware-replacement project like CHDK or OpenWRT. We could make sure these things all support TLS, SSH, IPv6, PostScript, PDF and printing status feedback, without vendor-specific drivers needed on the PC, and that they get security updates. “Enterprise” UI features, like swipe-card-based printing (it’s crazy overpriced now), would be easy to add.

Anonymous Coward says:

Re: Re: We need an OpenWRT for printers

Patents on the "inventions" you want to add

Maybe, but with that attitude we should just stop writing software. We could say the same about Linux, OpenWRT, and everything else. (None of the stuff I mentioned was an "invention" either; they were trivial combinations of existing technologies, not patentable under Alice.)

license on the psotscript

PostScript 3, the newest version, is 21 years old–so no patent concerns. We just need a free engine, like Ghostscript. (Trademark might apply… it may be why Brother calls theirs "BR Script".)

copyright on the existing firmware (it’s encrypted!),

It wouldn’t use copyrighted parts, so only DMCA-type laws would matter. The reverse-engineering could be done outside the USA, and/or anonymously. (Do all vendors encrypt it? Encrypted firmware is rare in other consumer electronics like routers.)

the hardware on printers varies radically.

That could be a huge problem. Although, things like paper-feeders can’t be hugely complicated, and once we figure out the forward/reverse commands the same algorithms should apply everywhere. Linux might already run on the SoC, with support for GPIO, USB host, …

The imaging parts would be the main challenge. I’d start with a common model of black-and-white laser, ideally something available new and used with replacement parts (toners, drums) still current; and with a color version in the same product line.

Anonymous Coward says:

Re: Re: Re: We need an OpenWRT for printers

Actually the low level hardware should be easy to drive, as it is number of steps per revolution, or encoder counts per revolution etc. or even just on/off control, along with optical or other presence sensors. What can be more tricky is figuring out how to drive any interface chips on the board, up to and including any FPGAs, which may provide functionality to generate pixel arrays.

That is given the document, turning it into pixels is a well solved problem, as that is what is done to display it on screen. The motor and sensor level of controlling the machine is also a well solved problem, though time constraints on the software exists. The magic that needs figuring out is any and all hardware assists and ancillary processors on the board to help with those two tasks.

Anonymous Coward says:

Re: Re: Re:2 We need an OpenWRT for printers

That is given the document, turning it into pixels is a well solved problem

Wikipedia says cheap printers don’t even do it. (The printer driver sends pixels.)

How about turning those into an electric charge on the drum? Apparently the laser hits it via a rotating mirror, and the laser needs to be switched on and off at up to 65 MHz to make an image, then it needs to be repeated for the next line. It doesn’t sound easy (though any optics lab will be doing crazier stuff with lasers), and I’m not expecting a "standard" interface there.

Anonymous Coward says:

Re: Re: Re:3 We need an OpenWRT for printers

Wikipedia says cheap printers don’t even do it. (The printer driver sends pixels.)

So, the document still needs to be turned into pixels, and it does not really matter where that is done, and you do not want to be using the proprietary drivers.

and the laser needs to be switched on and off at up to 65 MHz

And that is where what I call magic happens, probably an FPGA, fast memory and DMA into and out of its buffers. That is specialized hardware. These days it might be easier to build a new controller using FPGAs, and use the ARM libraries to implement your own processor on board. How to control micros and lasers is well known, and in principle standard control algorithms, doing it fast enough be a challenge.

Thinking on it, you probably do not want to use any programmable device supplied by the printer manufacturer, as they are ideal places to hide the document marking. Interestingly these days, with the cheap board houses, and free software, even getting a multilayer board designed and made is possible for an individual to carry out.

Anonymous Coward says:

Re: Re: Re:4 We need an OpenWRT for printers

Thinking on it, you probably do not want to use any programmable device supplied by the printer manufacturer, as they are ideal places to hide the document marking.

Maybe if your adversary is the NSA. This seems to be each printer manufacturer adding trackers (each is different), at government request. Worrying that the hardware itself will add trackers seems over-paranoid (and if we’re this paranoid, can you trust "cheap board houses"?). It’s almost certainly done in the firmware.

Once you’re creating your own boards, you might as well create a whole printer. There are open 3D printers, just not 2D.

Anonymous Coward says:

Re: Re: Re:5 We need an OpenWRT for printers

When an FPGA is in use, it is programmable hardware, and that is where tracking can be implemented. As to the board houses, all you get them to do is make the circuit board. You get, solder on and program your own devices, so there is no need to trust the board house. Full surface mount assembly can be carried out in the home shop, just add a temperature controller to a toaster oven, and it helps if you get the board house to make the solder stencil for you.

The difficult to build parts of a laser printer are the optical system, and the paper transport mechanism, which are purely mechanical systems, and they come with a reasonable case as well. This can be much cheaper, and quicker than designing building and debugging several iterations of the hardware to get it right.

Anonymous Coward says:

Re: Re: Re:6 We need an OpenWRT for printers

When an FPGA is in use, it is programmable hardware, and that is where tracking can be implemented.

Yeah, but why would you upload a tracking-enabled bitstream into it? For the attack to work, the FPGA would have to say it accepted your open-source bitstream, while actually leaving some tracking code active. That would have to be done in hardware–or by some persistent bitstream, but most FPGAs don’t persist. Why would the manufacturer go to such lengths to stop you from avoiding tracking, when people aren’t even replacing firmware now?

Full surface mount assembly can be carried out in the home shop

I forgot about that. Even pick-and-place machines aren’t expensive now. You’re right, if the board shop doesn’t handle the chips, it will be hard for them to subvert the system.

Interestingly, it’s not that difficult to etch boards at home either. It just takes some acid and… a laser printer (should we worry about the whole "trusting trust" thing?).

Anonymous Coward says:

Re: Re: Re:7 We need an OpenWRT for printers

Home made boards are limited to single sided, or double sided without the plate through holes. Especially for surface mount chips, and very high speed operations, more layers are required to deal with the connection density, and transmission line aspects of high speed signals. Serial data transfers, using multiple serial channels for more capacity have become the norm because they make it much easier to build a working system, as they do not require tight timing tolerances between signal paths.

Yeah, but why would you upload a tracking-enabled bitstream into it?

Because you only option may be to upload the manufacturers bit stream, because you cannot identify the device in use, and because reverse engineering such bitstreams is even harder than reverse engineering machine code. A gate level description is not much use for recognizing larger scale functional blocks like processors. That is why I said build a new board.

Anonymous Coward says:

Re: Re: Re:8 We need an OpenWRT for printers

Because you only option may be to upload the manufacturers bit stream, because you cannot identify the device in use, and because reverse engineering such bitstreams is even harder than reverse engineering machine code.

Ok, makes sense, but I hope we can avoid the wifi-firmware situation of having to work with binary blobs (only one chip family, ath9k, had open firmware—it’s getting a bit old, but still obtainable and popular with RF researchers).

That said, you can extract the bitstream from multiple printers and make sure they’re all identical. If so, and if the FPGA specifications don’t list a serial numbering capability (and there are no i²c or other persistent devices attached), and all evidence of tracking disappears when we rasterize the image ourselves… then there’s probably no tracking, at that level.

Anonymous Coward says:

Re: Re: Re:5 We need an OpenWRT for printers

To be fair, if you’re a political activist then your opponents will always be those supporting the current government. In which case, you must do all you can to remain anonymous, or at least personally remain off TLA radar scopes. As once you become a nuisance, bringing down the attention and might of those agencies against individuals is like shooting fish in a barrel.

Bamboo Harvester (profile) says:

Tech revealed

Now that it’s “in the wild”, I can see this becoming a sticking point in court cases, just like Stingray use and Breathalyzer technical specs.

Defense attorneys are going to start seeking full Discovery on all cases involving printed documents on the tracking method, system, and encryption methods.

It’ll be interesting to see what makes and models cause Dismissal – those will be the ones with currently undiscovered tracking systems.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...