Reality-Winner-bar

Earlier this year I blogged about Printer Identification Codes, which are one of the IT world’s best-kept secrets. As it seems, a US secret service has now used this technology to track down a whistleblower.

For over a decade it has been known that some (but not all) color laser printers add tiny yellow dots to every document they print. These dots, which are barely visible to the naked eye, encode a message that includes an identification of the printer as well as the date and time of the printing process. This means: If one knows the code, one can easily determine the origin of a printout just by looking at it.

 

The yellow dot code

These yellow dots, also known as Printer Identification Code, have been around for about 25 years. However, only in 2004 an article in the PC Magazine informed the public about this technology, causing considerable media response. In the years after, the Electronic Frontier Foundation and others examined Printer Identification Codes and found out a few details about them. However, neither a printer producer nor a state authority has ever published any information about this suveillance method.

Printer Identification Codes are not to be confused with digital water marks on banknotes, which allow photocopy machines and graphics editors to detect and refuse copying of bank notes.

In January this year I wrote a blog post about Printer Identification Codes. My new book Versteckte Botschaften (2nd edition), which is going to be published soon, contains a chapter about this subject, too.

Versteckte-Botschaften

Virtually all the information I found about Printer Identification Codes is over ten years old. There has not been much media coverage in the last decade.

 

Reality Winner

Today the page views of my blog article about Printer Identification Codes have skyrocketed. The reason is that, according to media reports, a young female whistleblower named Reality Leigh Winner was tracked down with this technology (thanks to John Haas for the hint).

Reality-Winner

Winner, a federal contractor with top secret security clearance, who had been assigned to a US government agency facility in Georgia, is accused of printing a classified intelligence report and mailing it to the web portal The Intercept. Apparently, the printer she used makes use of a yellow dot code, which enabled law enforcement to track her down.

When confronted with the allegations, Winner admitted to leaking the classified document intentionally. She was arrested on Saturday in Augusta, Georgia. More information about this case is available here.

 

Can you find the yellow dots?

When I wrote my blog article and my book chapter, I looked out for printed documents bearing these yellow dots. To see the dots one can scan in a printout at a high resolution (600 dpi or more) and magnify it. For more detailed instructions, check here. Using a spyglass allegedly works, too.

To be honest, I didn’t find a single dotted pattern on the print-outs I examined. As it seems, the color printers I use (e.g., at home and in my office) don’t support this technology. Or did I not look carefully enough?

Why I was not successful in finding a dotted document, some of my readers were. E.g., Karsten Hansky sent me the following scan of a Hewlett Packard HP1515n print-out (the dots are recolored to grey):

Druckertest-Hansky-1

Blog reader Armin Schikorra sent me the following scan (Dell C2665dnf Color MFP v3017, time-at-completed 1483813386, time-at-creation 1483813385, Serial#AH3017068, ServiceTag 5XDYF42, Version 201410241149, Express Code 12902736386): Schikorra-scan-1b

In the following picture the same dots are better visible:

Schikorra-scan-2

I think, after a decade with alomost no research activity it is high time to find out more about Printer Identification Codes. Maybe this article can stimulate some new research.

1 / 2 / Auf einer Seite lesen

Kommentare (11)

  1. #1 merzmensch
    6. Juni 2017

    As far as I know, this technology, which is popular in the printers and copy machines in the USA, is not supported in Europe. Say, the same model you’ve brought in Europe won’t print this code. At least, it was so for 2-3 years. I analyzed my printed copies and found nothing. But my printer is already ca. 7 years old. Perhaps times change.

  2. #2 Klaus Schmeh
    6. Juni 2017

    John Haas via email:
    Yellow Dots of Mystery: Is Your Printer Spying on You?

  3. #3 Piper
    7. Juni 2017

    Come on, this really smells a little bit fishy..

    Since Edward Snowden, does the NSA still allow that external hired persons have access to documents which are “Secret”?

    Can the NSA really be that stupid?

    Not talking about that the NSA gave access to persons to “Secret” rated documents, who would use their own (NSA/Their Company) Email account to send scans of “Secret” rated documents to a leaking website, which has nothing better to do than sending those documents to the FBI.

    So:

    a) This person, Reality Winner, must be totally stupid and is not qualified for such a job

    and/or

    b) The NSA, after the experiences with Edward Snowden, havent changed anything and still gives access to “SECRET” rated documents to everyone

    or

    c) The Intercept website, of which i haven’t heard before, must just be a honey trap to trick whistleblowers, since they have no fear to work together with the FBI.

    Just my thoughts, feel free to post your thoughts too, how real this leak is nor not.

  4. #4 Chris B.
    Vienna, Austria
    7. Juni 2017

    Some more (technical) information including an online decoder can be found here:

    https://w2.eff.org/Privacy/printers/docucolor/

  5. #5 gedankenknick
    7. Juni 2017

    @merzmensch:
    You are wrong. I live in Europe. I´ve own a Kyocera Ecosys M6526 Multifunktion Color Laser Printer. In Black/White-Mode it wont print yellow dots. In color mode it prints a yellow-dot-code! I tested it an look with my “reflected light microscope”. So I´m sure.

    I think, the first idea was to identify printers used to print false money easier. Because with the first better color laserprinter everybody could make fake money very easy, sometimes even in copyshops. So the National Bank had a problem, an the government had to do something… So the printer-companies were told set marks in the color prints…

  6. #6 Fliegenschubser
    7. Juni 2017

    I just checked a document i printed some weeks ago in the office. It clearly has the yellow dots, no doubt about that. Printed by a Konica-Minolta Bizhub.

  7. #7 Thomas
    7. Juni 2017

    Was it a private or a professional printer in Winner’s case? Where/by whom was the dot code registered?

  8. #8 Klaus Schmeh
    7. Juni 2017

    Mark Romo via Facebook:

    I had to read the article a couple of times before I realized Reality Winner was the woman’s name. :/ How unusual. I thought my friend’s name, Sonny Day, was odd, but Reality Winner gets the cake.

  9. #9 Klaus Schmeh
    7. Juni 2017

    Dave Kocur via Facebook:

    When I saw the name trending, I honestly thought it was a late entry into the Belmont Stakes.

  10. #10 Gerhard
    Nord-Italien (=Niedersachsen)
    8. Juni 2017

    Sooooo geheim ist das nicht. Die Zeitschrift CT hat das schon vor Jahren erklärt. Weil man so die Geldfälscher entlarvt hat.

  11. #11 Klaus Schmeh
    8. Juni 2017

    This scan was provided to me by reader Rudolph.