Me and my team used these yellow tracking dots to reconstruct shredded documents for a DARPA shredder challenge over a decade ago. You can see our program highlight the dots as we reconstruct the shredded docs. https://www.youtube.com/watch?v=uzZDhyrjdVo
Thanks to that, we were able to win by a large margin. :)
Oh wow, I remember hearing about this challenge on Daily Planet when I was still in elementary school. It's super cool seeing a follow up, it brought back a hidden memory.
what was the process of getting each of the shredded pieces scanned for your program to use. I'm guessing that process could have a write up on it just as much as the solver. there's definitely a personality type that can handle that type of mess
DARPA scanned the shreds. The funny thing is, they didn't want to shred the original paper, so first they photocopied the paper in a high quality color copier, shredded it, and scanned it. And that's where the little yellow dots came from. :D
interesting. now my brain is churning on why would they not want the originals shredded. what does that say about the value they placed on the originals? why would they open a contest up with documents of such perceived value as the content? being DARPA, i'm sure there's a reason though
You might be reading into it too much. I think the originals were just random pieces of different kinds of paper. Graph paper, yellow lined, paper, blank white paper... I don't remember exactly, but I think the copies could be special paper with a colored backside so they would know which way was up really easily for the scanning process.
> My printer does not print tracking dots. Can I hide this fact?
> If there are really no tracking dots, you can either create your own ones (deda_create_dots) or print the calibration page (deda_anonmask_create -w) with another printer and use the mask for your own printer
The thought of being able to “spoof” the tracking dots of another printer has interesting implications for deniability. Though I guess in this case you’d still need access to the original printer to print the anonmask…
Per Wikipedia, the dots' "arrangement encodes the serial number of the device, date and time of the printing", so all you really need to spoof somebody else's printer is the serial number. Which can likely these days even be accessed remotely through printer settings.
No need to examine the printer. Just find a sheet of paper that printer printed, decode the dots, and then print your super illegal whatever with their printer's dots and a timestamp that makes sense for whatever you're framing them for doing. Nobody's ever gonna believe "the dots were a lie." They sound too much like fingerprints.
Better than nothing, but you probably don't want to produce a document that purports to have been printed by three different printers that were likely only in the same place during a relatively short period surrounding when you went to see them. You'd be better off just making up serial numbers.
Nah, it's even better. "These messages were printed on a variety of different printers on three separate dates, but all of the printers were in an Office Depot during that time. Now we just need to go through the footage of those days to see who was in that store on all three days." Meanwhile, you're in another state on those days, doing crime.
Except if you can manipulate the timestamps, then they aren't relevant anymore, so the search space is much bigger than the intersection of each set of days.
It's the intersection of all the people who visited each printer at least once any time.
Yeah, but the police (and then the prosecutors if they find someone who matches) are operating under the theory that the tracking dots are correct. They really want the dots to be correct. They don't want the dots to be wrong. This is why nonsense like "fiber matching" lasted so long: the people prosecuting the crimes want it to be right so badly that they're practically on your team.
Or post a thread on r/inkjetssuck or some such, and just have people from all over the world go into the big box stores to get serials to post as a reply
Got it. Then why the first step of go to the effort of getting real serial numbers from the big box store. If the dots signature going to be randomized?
It depends on how it gets the serial number. If it reads it from internal memory then spoofing your own serial number on each document print is the obvious workaround.
Once you are at the level of forensic investigations that go down to the tracking dots, most attempts at spoofing anything will be relatively obvious and provide further evidence that narrows down the list of suspects to those aware of such techniques.
You might fool someone who does such analysis casually but I'd expect an actual experienced investigator to e.g. go "the tracking dots are clearly brand X, but the raster used for greyscale is obviously from Y, soooo"
Had the experience of poking at tracking dots recently for circumstances I won't share here.
Do y'allself a favor and get a blue LED flashlight and point it at a color print. It's shocking how many are printed. It looks like a spattering of sand across the entire page!
Not to mention failure to accurately print what you sent to the printer. There must be some use case where these "invisible" dots actually undermine the intended output.
Adding some context to this, because it's a really interesting read that's worth the time if you ask me: it's about how some recently 'discovered' early playtest versions of Pokemon cards were found to be fake, or at least very suspicious, based on the presence (and decoding) of these dots.
I also find it interesting because the person who posted the discovery and breakdown of the dots stood to personally lose thousands of dollars they'd spent on the fakes, but posted their findings anyway.
What happens if I print the same page in multiple printers? Like, have the first printer print the actual contents, and then have the other printers add just a little bit of stuff in still-white areas. Does one printer mess the dots of the others?
I'm beginning to think the MIB show up to any nerd's house who starts an equivalent of OpenWRT project, for printers. Can't have untracked speech, need to be able to surgically strike certain founts of inconvenient memes. This sort of thing is why my craigslist sourced b&w laser printer is on its own VLAN with a CUPS server playing go-between. Nobody consented in an informed manner to Niantic's operation for the last decade+. Nobody consents to their every print being traceable. There is nothing, nothing about the product or process which warns the device owner or user that "Lack of obvious visible identifiers in the output does not mean it is identifier-free (steganographic identifier)." Just like nobody consents to the Universal Machines in our products being locked down to the point that even we the owners can't repurpose them as we see fit. We as peoples have come to accept the barrage of insults from commercial and state entities, that it's either a shit-sandwich or no-sandwich at all (plus a beating). Louis Rossmann's Consumer Action Taskforce (CAT) is becoming a great anthology of what I am talking about in this regard.
It's time to fight back! Let's start hacking the good printers out there, get their firmwares replaced with something viable, and start divorcing this nonsense. These tracking dots and other steganographic tracking methods exist precisely to track people like me and silence me, people who point out the occulted control methods, people who spread memes deemed information hazards and malinformation by the giant onyx squid.
Besides, if I wanted to counterfeit I would [naïvely] get one of those tight tolerance watchmaker CNCs and have printing stamps made out of aluminum or something. Printing to paper in the usual home-office way seems to me an asinine method which is easily detected by most people who handle bills regularly.
The point of these technologies is to stop the low hanging fruit and trace the source of ransom notes, leaked documents, and the like.
For counterfeiting, a technical person's first thought is: "how does the Bureau of Engraving and Printing actually do it?" and then they do that - and you nailed it: offset printing.
Laser printers and inkjets can't even remotely compare.
That's a lot more work, skill and initial investment required than just trying to slap a dollar bill on a copier. Which means a lot fewer people will try, especially since the people with these skills can usually easily make enough, and possibly more, money through legitimate means.
There were people who did counterfeiting "right", down to getting real printing presses, suitable paper etc. https://www.businessinsider.com/frank-bourassa-on-how-he-cou... (it's strongly implied that he got away with 6 weeks in prison and likely got to keep a decent amount of the profit).
Then there's needing to contend with possible serial number scanning occurring at automated stations and at financial institutions, cataloging the movements of specific bills, detecting clones (improbable or impossible physical note appearances), and detecting zombies (decommissioned/known-destroyed numbers, and numbers never emitted). Randomly generating numbers is likely to trip clone and zombie sensors at various surveillance points.
Bill scanning to verify authenticity is already occurring, why not record the fact Bank of xAI ATM #67387 tendered two Franklins with serial numbers $SERIALA and $SERIALB to you (verified by PIN and card, and possibly bolstered by Face ID incognito); maybe older systems only do the verification locally and lack OCR, but I'm positive new systems are plenty powerful enough to run pared down OCR on serial numbers... wait they have been doing it with cheques all these years with handwritten dollar values, so why not OCR serial numbers coming and going? You see? The net deepens. I probably can't suggest methods of washing this data without possibly committing some obscure crime, so I will leave you to your creative imaginations...
The github references this document: Timo Richter, Stephan Escher, Dagmar Schönfeld, and Thorsten Strufe. 2018. Forensic Analysis and Anonymisation of Printed Documents. In Proceedings of the 6th ACM Workshop on Information Hiding and Multimedia Security (IH&MMSec '18). ACM, New York, NY, USA, 127-138.
I can't affirm knowledge of steganographic identifiers in B&W printers. I wanted to state I would be surprised if B&W printers did not embed tracking information. There's too much national security value in spamming origination details on everything. There is always, always a safety or security argument to do so, followed with "but what's the harm, you're not doing anything you shouldn't be doing... are you? "
It's my understanding that the secret service requested (required?) that the printer manufacturers start adding the dots once the printers got good enough to easily recreate paper bills. Because they are primarily a tool for tracking counterfeiters, they are not needed with black a white printers and thus are not included.
The tracking dots aren't for anti-counterfeiting. The secret service has a separate chunk of code in every color printer that detects if you are printing money and prints out a page that says essentially, "you can't do that." (at least that was the case 20 years ago when I worked for HP).
The tracking dots are used by the FBI if someone prints out classified information and passes it around, or other copyrighted/illegal documents.
The EURion constellation[0] is how that detection mostly works as I understand it. Neat bit of tech. It's real obvious on euro bills once you know what to look for. Fun fact: not all printers give a hoot about this pattern, so it's a neat trick to annoy people with if your printer doesn't.
That is not to be confused with (dynamical) and non-visible tracking info on printed sheets, which in fact can have everything coded in. By that, even 1-bit printouts can be identified up to the source. If the printer model and #salt is printed alongside, the prosecution has evidence for the cases the printer involved.
List hasn't been updated since 2017, was probably one guy making inferences from FOIA requests. We'll have to wait until the next time a Chinese university publishes some US government secrets.
Decades ago I worked on some software that would adjust the kerning on characters to hide information. As far as I know the project never went anywhere.
Somebody (more likely a group of somebodies), somewhere is responsible for having gone to each and every printer manufacturer and done or said something to make them
implement this functionality.
If I remember correctly from the FOIA documents we got, it was a meeting or series of meetings with a Japanese printer industry association during the 1990s.
I forgot if we learned whether the government side was a specific government or governments, or the consortium called Central Bank Counterfeit Deterrence Group
which has been involved in other related stuff (like making some software and devices refuse to process images that are detected to be images of currency!).
The original somebody was likely the US Secret service, who are also responsible for US dollar currency forgery policing.
When color printers/copiers first appeared there was a concern about people photocopying money. The old joke was that your color photocopier "would pay for itself in no time".
thats only for evidence/prosecution for fraud/criminal intents. If one say's "NO WAY I said and printed that contract" ... "Lemmy check...oh! You did. Its your printer. Look!".
I think its not like "somebody gone to each..", but rather "... a good idea".
you can publish anonymously. no one hinders you. But in case it is illegal, prosecuters have evidence - which isn't malicious or bad per c'est. And, knowing which printer has been used for the illegal thing, doesn't mean the location of the printzer is known, too. So, no probs or conflict with that from my side.
If you really afraid, just overlay your PDFs with noise of yellow dots before printing. Or apply a digimarc pattern onto that with gibberish. That will mitigate recognition unless the digimarc pattern is recognized and removed, which is kind of difficult if unknown (https://www.digimarc.com/). There are possibilities.
Wait, you can publish anonymously as long as the government approves of your speech and doesn't hinder you?
Then they throw bogus charges on you because "the process is the punishment" and to discourage other people saying things they don't like. Prior restraint is what some would call that.
a. there are easy possibilities to poison the printed tracking code
b. the location of the printer is not trackable by default (but for sure can be added through drivers. But then, tracking will be the smallest problem)
c. there are laws what can be said and what not. Also, what is legal, free speech & thought, or, what is art, is defined. Other than that might give you problems. And it should. No one is above the law in a proper democracy, except your name is Trump of course.
so, you can print what you want. But if its illegal, than I'm glad you get the punishment. But, for being able to punish you, the executive needs your location and know it's been you. How can they find out it was you, other then with "caught in the act"? If they have enough hints who you are and for being able to locate you, then the tracking code is just an evidence that you produced it.
What if you use your neighbor's printer? What if you use the poisoning technique? Knowledge is all, when being a criminal. Others are not touched by that, and if, poisoning, old disposable printers or usage of neighbor's devices and the classical reproduction methods aka printing (industrial) are still tools, one can use. I don't understand the alarmism.
Simply being prosecuted maliciously without evidence is enough to ruin one’s life. It’s not a matter of illegal or legal.
With the ability to identify perceived enemies of an administration, this weapon can be leveraged against anyone saying entirely legal things that the administration doesn’t like.
prosecution without evidence -> what does it have to do with tracking code?
How does the government know, the one've written what they dislike is you, in case they find a peace on the street and read the tracking code? Its an evidence, but, they dont know who printed it, where the printer is, and, hence, its absolutely not a imminent problem.
It will be a problem, though, if you register your device (serialnumber + name/address). But then, the printer-producer is the last firewall - and - its darwin' law then.
If one wants to criticize, distribute illegal writings and whatever else, then one should be literate in what one does and use caution. In a democracy, there are rules for all to adhere to. In areas without rules, one is literate enough to know how to keep safe or just not criticizing anyway.
btw, in europe its not realpolitik. In U.S. it wasn't until Trump - but, the populous have voted!
Of which countries are you talking, where such is realpolitik?
thats HP and no one should buy HPs printers anymore until they stop their doings. Their aggressive behavior towards the customer and lurkin' into paying monthly subscription, data & update politics, mandatory always-on-internet-connection...
Thats on top. So, as an informed individual being, one should avoid HP. The other printer producers do not insinst on registration or wifi-before-first-use politics. But, who knows.
.. again, how can the government find out who you are by having just a code? If there's no mandatory registration (f.e. not HP)? If one knows how to poisen the tracking code? If one use a new/used printer and dispose afterwards? If one use the "neighbor from the first floor" printer?
There is no possibility to find out who printed that, if one takes a little bit caution and have little bit of knowledge. Even print-out-once-copy-many would make the code unreadable (f.e. normal quality and/or black & white) ...
... thats also the reason why your yellow ink catridge/tank is the first to go empty. Each printout, no matter B&W or in YMCK, will have this yellow dots all over the place.
You typically would keep the tank sizes same in volume and reduce the amount of other inks. By that other inks are empty approx. in the same time with yellow.
Similar question can be asked: Why some (consumer) supply tanks are units and can only be exchanged together in one, even there's still dye left in one of the colors? Why do cartridges signaling "empty" even there's still enough in them?
because its easier to produce (e.g. no redesign of the inners to fit the tank, no extra sausage for individual tank production, no stock-keeping, etc..),
because its easy and convenient to replace the tanks for the customer without the needs of opening the device
.. there are a lot of why-reasons one can think of and which we don't know. But, the fact that its been done that way, should tell us, there are other people thought about this already and decided to do it like its done.
If you want to be able to change YMCK individually, then look for a model with individually replaceble tanks or choose a professional device with 8+ dyes. But they're expensive.
This gonna be pretty important in the next years... people, if you plan on printing protest flyers and pamphlets, either get them done in a professional print shop (if you know someone you can trust, that is), or at the very least buy the printer in cash, never ever connect it to the Internet, and only connect it via USB to a Linux computer - macOS and Windows both will install printer drivers automatically that might phone back to the mothership and link your printer ID to some sort of identifier.
Tracking dots can be used to confirm that a specific printer was used to print a specific page. However, going from only a serial number to finding the name and address of its owner is going to be very difficult to impossible. You might be able to track it down to the retailer, but if you buy your printer in person from a stack at Costco, nobody has any idea which printer has which serial number.
>However, going from only a serial number to finding the name and address of its owner is going to be very difficult to impossible.
Printers send telemetry to the mothership, including serial number. Anyone under NSL cannot disclose that fact, so it's possible (probable) that if OEMs are pulling serial numbers, computer names, usernames, registered owner names, IP address logs, that they are NSL to retain and/or redirect that data feed.
It explains why everything, everything is so ****ing leaky with your information (beyond just advertising). Where do you think our modern machine learning came from? It was in order to process this stupendously gigantic mountain of data! I'm sure Utah was running some less efficient prototype of the learning we see in the public today back in the time of the GWOT!
So no, it's not just to confirm, as a few privileged individuals [at best] can go to terminals and pull up gobs of information. This is one of the reasons seeing-sphere-company's stock has done so well recently (money money for me)!
This also gets into the evil of parallel construction, where unconstitutional or at least beyond-voter-awareness method is used, and they make up a different reason afterwards.
Until you install the windows print driver. Which phones home to the manufacturer with your ip address, other computer details, and the discovered printer’s serial number.
Sure! Here's HP¹. You can look up others on your own:
```
Product Usage Data – We collect product usage data such as pages printed, print mode, media used, ink or toner brand, file type printed (.pdf, .jpg, etc.), application used for printing (Word, Excel, Adobe Photoshop, etc.), file size, time stamp, and usage and status of other printer supplies. We do not scan or collect the content of any file or information that might be displayed by an application.
Device Data – We collect information about your computer, printer and/or device such as operating system, firmware, amount of memory, region, language, time zone, model number, first start date, age of device, device manufacture date, browser version, device manufacturer, connection port, warranty status, unique device identifiers, advertising identifiers and additional technical information that varies by product.
Melted toner pallets are shiny and contrast well against paper. I'd set the document background to be a sold yellow before printing it (assuming the privacy invading dots are guaranteed to be yellow).
Me and my team used these yellow tracking dots to reconstruct shredded documents for a DARPA shredder challenge over a decade ago. You can see our program highlight the dots as we reconstruct the shredded docs. https://www.youtube.com/watch?v=uzZDhyrjdVo Thanks to that, we were able to win by a large margin. :)
Oh wow, I remember hearing about this challenge on Daily Planet when I was still in elementary school. It's super cool seeing a follow up, it brought back a hidden memory.
Super cool demo btw
and here I thought the library shredder/scanner in Vinge's Rainbows End was just sci-fi loosely based on gene sequencing...
(I mean it is, but seeing this almost real-world implementation is fun!)
what was the process of getting each of the shredded pieces scanned for your program to use. I'm guessing that process could have a write up on it just as much as the solver. there's definitely a personality type that can handle that type of mess
DARPA scanned the shreds. The funny thing is, they didn't want to shred the original paper, so first they photocopied the paper in a high quality color copier, shredded it, and scanned it. And that's where the little yellow dots came from. :D
interesting. now my brain is churning on why would they not want the originals shredded. what does that say about the value they placed on the originals? why would they open a contest up with documents of such perceived value as the content? being DARPA, i'm sure there's a reason though
You might be reading into it too much. I think the originals were just random pieces of different kinds of paper. Graph paper, yellow lined, paper, blank white paper... I don't remember exactly, but I think the copies could be special paper with a colored backside so they would know which way was up really easily for the scanning process.
no it was a deliberate what if meant in jest that probably really could have been kept to myself
Did they scan both sides of the shreds?
> My printer does not print tracking dots. Can I hide this fact?
> If there are really no tracking dots, you can either create your own ones (deda_create_dots) or print the calibration page (deda_anonmask_create -w) with another printer and use the mask for your own printer
The thought of being able to “spoof” the tracking dots of another printer has interesting implications for deniability. Though I guess in this case you’d still need access to the original printer to print the anonmask…
Per Wikipedia, the dots' "arrangement encodes the serial number of the device, date and time of the printing", so all you really need to spoof somebody else's printer is the serial number. Which can likely these days even be accessed remotely through printer settings.
No need to examine the printer. Just find a sheet of paper that printer printed, decode the dots, and then print your super illegal whatever with their printer's dots and a timestamp that makes sense for whatever you're framing them for doing. Nobody's ever gonna believe "the dots were a lie." They sound too much like fingerprints.
Or just go to a big box retailer, grab a couple of serial numbers off of the packaging, and then randomize per page.
Better than nothing, but you probably don't want to produce a document that purports to have been printed by three different printers that were likely only in the same place during a relatively short period surrounding when you went to see them. You'd be better off just making up serial numbers.
Nah, it's even better. "These messages were printed on a variety of different printers on three separate dates, but all of the printers were in an Office Depot during that time. Now we just need to go through the footage of those days to see who was in that store on all three days." Meanwhile, you're in another state on those days, doing crime.
> on all three
Except if you can manipulate the timestamps, then they aren't relevant anymore, so the search space is much bigger than the intersection of each set of days.
It's the intersection of all the people who visited each printer at least once any time.
Yeah, but the police (and then the prosecutors if they find someone who matches) are operating under the theory that the tracking dots are correct. They really want the dots to be correct. They don't want the dots to be wrong. This is why nonsense like "fiber matching" lasted so long: the people prosecuting the crimes want it to be right so badly that they're practically on your team.
Or post a thread on r/inkjetssuck or some such, and just have people from all over the world go into the big box stores to get serials to post as a reply
Assumes single page documents
Why is the randomizing step needed?
why randomize a mac address?
If everything you print has the same fictitious serial number, it's still a stable identifier that can be triangulated.
Got it. Then why the first step of go to the effort of getting real serial numbers from the big box store. If the dots signature going to be randomized?
Maybe just to get the vaild format.
just to throw of the scent. why do people bounce around TOR nodes?
It depends on how it gets the serial number. If it reads it from internal memory then spoofing your own serial number on each document print is the obvious workaround.
Once you are at the level of forensic investigations that go down to the tracking dots, most attempts at spoofing anything will be relatively obvious and provide further evidence that narrows down the list of suspects to those aware of such techniques.
You might fool someone who does such analysis casually but I'd expect an actual experienced investigator to e.g. go "the tracking dots are clearly brand X, but the raster used for greyscale is obviously from Y, soooo"
Have these dots been used as evidence in a court?
They've been used to figure out who leaked government documents in a few cases IIRC.
Had the experience of poking at tracking dots recently for circumstances I won't share here.
Do y'allself a favor and get a blue LED flashlight and point it at a color print. It's shocking how many are printed. It looks like a spattering of sand across the entire page!
I'm surprised there's not been a class action against printer manufacturers for all the extra yellow toner that's been used.
Not to mention failure to accurately print what you sent to the printer. There must be some use case where these "invisible" dots actually undermine the intended output.
Are we talking about laser, color laser and/or ink printers?
It's not even just for printers anymore.
https://datadotusa.com/technology.htm
Not exactly the same thing. This is more akin explosive tracers, i.e., lots of small particles that contain some identifying information.
For those who missed it, this is an interesting and related topic: https://news.ycombinator.com/item?id=42880704
Adding some context to this, because it's a really interesting read that's worth the time if you ask me: it's about how some recently 'discovered' early playtest versions of Pokemon cards were found to be fake, or at least very suspicious, based on the presence (and decoding) of these dots.
I also find it interesting because the person who posted the discovery and breakdown of the dots stood to personally lose thousands of dollars they'd spent on the fakes, but posted their findings anyway.
Or, alternatively, to prove thousands of dollars in damages.
What happens if I print the same page in multiple printers? Like, have the first printer print the actual contents, and then have the other printers add just a little bit of stuff in still-white areas. Does one printer mess the dots of the others?
Yes. How would it know not to?
To be clear, it's possible/probable that some or all of it could still be read depending on details I don't know.
I'm beginning to think the MIB show up to any nerd's house who starts an equivalent of OpenWRT project, for printers. Can't have untracked speech, need to be able to surgically strike certain founts of inconvenient memes. This sort of thing is why my craigslist sourced b&w laser printer is on its own VLAN with a CUPS server playing go-between. Nobody consented in an informed manner to Niantic's operation for the last decade+. Nobody consents to their every print being traceable. There is nothing, nothing about the product or process which warns the device owner or user that "Lack of obvious visible identifiers in the output does not mean it is identifier-free (steganographic identifier)." Just like nobody consents to the Universal Machines in our products being locked down to the point that even we the owners can't repurpose them as we see fit. We as peoples have come to accept the barrage of insults from commercial and state entities, that it's either a shit-sandwich or no-sandwich at all (plus a beating). Louis Rossmann's Consumer Action Taskforce (CAT) is becoming a great anthology of what I am talking about in this regard.
It's time to fight back! Let's start hacking the good printers out there, get their firmwares replaced with something viable, and start divorcing this nonsense. These tracking dots and other steganographic tracking methods exist precisely to track people like me and silence me, people who point out the occulted control methods, people who spread memes deemed information hazards and malinformation by the giant onyx squid.
[/rant]
Besides, if I wanted to counterfeit I would [naïvely] get one of those tight tolerance watchmaker CNCs and have printing stamps made out of aluminum or something. Printing to paper in the usual home-office way seems to me an asinine method which is easily detected by most people who handle bills regularly.
The point of these technologies is to stop the low hanging fruit and trace the source of ransom notes, leaked documents, and the like.
For counterfeiting, a technical person's first thought is: "how does the Bureau of Engraving and Printing actually do it?" and then they do that - and you nailed it: offset printing.
Laser printers and inkjets can't even remotely compare.
That's a lot more work, skill and initial investment required than just trying to slap a dollar bill on a copier. Which means a lot fewer people will try, especially since the people with these skills can usually easily make enough, and possibly more, money through legitimate means.
There were people who did counterfeiting "right", down to getting real printing presses, suitable paper etc. https://www.businessinsider.com/frank-bourassa-on-how-he-cou... (it's strongly implied that he got away with 6 weeks in prison and likely got to keep a decent amount of the profit).
Ya gotta do what the cartels do: bleach out singles and print $100 on it so it feels right
Then there's needing to contend with possible serial number scanning occurring at automated stations and at financial institutions, cataloging the movements of specific bills, detecting clones (improbable or impossible physical note appearances), and detecting zombies (decommissioned/known-destroyed numbers, and numbers never emitted). Randomly generating numbers is likely to trip clone and zombie sensors at various surveillance points.
Bill scanning to verify authenticity is already occurring, why not record the fact Bank of xAI ATM #67387 tendered two Franklins with serial numbers $SERIALA and $SERIALB to you (verified by PIN and card, and possibly bolstered by Face ID incognito); maybe older systems only do the verification locally and lack OCR, but I'm positive new systems are plenty powerful enough to run pared down OCR on serial numbers... wait they have been doing it with cheques all these years with handwritten dollar values, so why not OCR serial numbers coming and going? You see? The net deepens. I probably can't suggest methods of washing this data without possibly committing some obscure crime, so I will leave you to your creative imaginations...
99.9% of ATMs in the United States do not have bill scanning capability and are purchased for $1000-$2000.
Hyosung isn't putting this capability on these cheap units, neither is NCR on even more expensive units.
I'm really curious what proportion of printers can be decoded with public tools. Are there any stats on which manufacturers codes have been cracked?
The github references this document: Timo Richter, Stephan Escher, Dagmar Schönfeld, and Thorsten Strufe. 2018. Forensic Analysis and Anonymisation of Printed Documents. In Proceedings of the 6th ACM Workshop on Information Hiding and Multimedia Security (IH&MMSec '18). ACM, New York, NY, USA, 127-138.
There is a copy here: https://ericbalawejder.com/assets/hexview/Forensic-Analysis-...
It sounds like they mostly understand the dot patterns wherever they found them, with some caveats that are explained in the paper.Do black and white laser printers produce tracking dots?
Also, what is the meaning of this tracking, must every corner of our lives be tracked just on principle?
I can't affirm knowledge of steganographic identifiers in B&W printers. I wanted to state I would be surprised if B&W printers did not embed tracking information. There's too much national security value in spamming origination details on everything. There is always, always a safety or security argument to do so, followed with "but what's the harm, you're not doing anything you shouldn't be doing... are you? "
It's my understanding that the secret service requested (required?) that the printer manufacturers start adding the dots once the printers got good enough to easily recreate paper bills. Because they are primarily a tool for tracking counterfeiters, they are not needed with black a white printers and thus are not included.
The tracking dots aren't for anti-counterfeiting. The secret service has a separate chunk of code in every color printer that detects if you are printing money and prints out a page that says essentially, "you can't do that." (at least that was the case 20 years ago when I worked for HP).
The tracking dots are used by the FBI if someone prints out classified information and passes it around, or other copyrighted/illegal documents.
The EURion constellation[0] is how that detection mostly works as I understand it. Neat bit of tech. It's real obvious on euro bills once you know what to look for. Fun fact: not all printers give a hoot about this pattern, so it's a neat trick to annoy people with if your printer doesn't.
[0] https://en.wikipedia.org/wiki/EURion_constellation
mostly, the software in printers/scanners and Adobe's Photoshop alikes is looking out for the "EURion" pattern.
https://en.wikipedia.org/wiki/EURion_constellation
That is not to be confused with (dynamical) and non-visible tracking info on printed sheets, which in fact can have everything coded in. By that, even 1-bit printouts can be identified up to the source. If the printer model and #salt is printed alongside, the prosecution has evidence for the cases the printer involved.
https://www.eff.org/pages/list-printers-which-do-or-do-not-d...
List hasn't been updated since 2017, was probably one guy making inferences from FOIA requests. We'll have to wait until the next time a Chinese university publishes some US government secrets.
I think the idea is that nobody is going to be fooled by a B&W $20 bill, so they don't have to print the dots.
"money be green, fool!" --D'Angelo Barksdale, The Wire
the only people to be fooled by B&W money are most likely drug related, at least, the only ones willing to attempt to fool others with it.
Until you colour it in with a crayon.
No yellow dots on monochrome printers.
Decades ago I worked on some software that would adjust the kerning on characters to hide information. As far as I know the project never went anywhere.
Need a web ui as a self hostable docker so we can take total advantage of this !!
You may also be interested in: https://en.wikipedia.org/wiki/EURion_constellation
And the lesser known, newer, invisible, digital watermark based version of it. Unfortunately very little information is available about that one. http://www.cl.cam.ac.uk/users/sjm217/projects/currency/
Somebody (more likely a group of somebodies), somewhere is responsible for having gone to each and every printer manufacturer and done or said something to make them implement this functionality.
If I remember correctly from the FOIA documents we got, it was a meeting or series of meetings with a Japanese printer industry association during the 1990s.
I forgot if we learned whether the government side was a specific government or governments, or the consortium called Central Bank Counterfeit Deterrence Group
https://rulesforuse.org/
which has been involved in other related stuff (like making some software and devices refuse to process images that are detected to be images of currency!).
Notably, they didn't go to congress to have a law publicly debated and voted on. It was all hidden from the public.
The original somebody was likely the US Secret service, who are also responsible for US dollar currency forgery policing.
When color printers/copiers first appeared there was a concern about people photocopying money. The old joke was that your color photocopier "would pay for itself in no time".
thats only for evidence/prosecution for fraud/criminal intents. If one say's "NO WAY I said and printed that contract" ... "Lemmy check...oh! You did. Its your printer. Look!".
I think its not like "somebody gone to each..", but rather "... a good idea".
Preventing anonymous publishing is not a good idea, it is malicious.
Wishing to publish anonymously is not exclusive to those perpetrating fraud or other crimes. Privacy is important to a free society.
you can publish anonymously. no one hinders you. But in case it is illegal, prosecuters have evidence - which isn't malicious or bad per c'est. And, knowing which printer has been used for the illegal thing, doesn't mean the location of the printzer is known, too. So, no probs or conflict with that from my side.
If you really afraid, just overlay your PDFs with noise of yellow dots before printing. Or apply a digimarc pattern onto that with gibberish. That will mitigate recognition unless the digimarc pattern is recognized and removed, which is kind of difficult if unknown (https://www.digimarc.com/). There are possibilities.
Wait, you can publish anonymously as long as the government approves of your speech and doesn't hinder you?
Then they throw bogus charges on you because "the process is the punishment" and to discourage other people saying things they don't like. Prior restraint is what some would call that.
you've read, that:
a. there are easy possibilities to poison the printed tracking code
b. the location of the printer is not trackable by default (but for sure can be added through drivers. But then, tracking will be the smallest problem)
c. there are laws what can be said and what not. Also, what is legal, free speech & thought, or, what is art, is defined. Other than that might give you problems. And it should. No one is above the law in a proper democracy, except your name is Trump of course.
so, you can print what you want. But if its illegal, than I'm glad you get the punishment. But, for being able to punish you, the executive needs your location and know it's been you. How can they find out it was you, other then with "caught in the act"? If they have enough hints who you are and for being able to locate you, then the tracking code is just an evidence that you produced it.
What if you use your neighbor's printer? What if you use the poisoning technique? Knowledge is all, when being a criminal. Others are not touched by that, and if, poisoning, old disposable printers or usage of neighbor's devices and the classical reproduction methods aka printing (industrial) are still tools, one can use. I don't understand the alarmism.
Simply being prosecuted maliciously without evidence is enough to ruin one’s life. It’s not a matter of illegal or legal.
With the ability to identify perceived enemies of an administration, this weapon can be leveraged against anyone saying entirely legal things that the administration doesn’t like.
It’s not alarmism, it’s simply realpolitik.
its alarmism.
prosecution without evidence -> what does it have to do with tracking code?
How does the government know, the one've written what they dislike is you, in case they find a peace on the street and read the tracking code? Its an evidence, but, they dont know who printed it, where the printer is, and, hence, its absolutely not a imminent problem.
It will be a problem, though, if you register your device (serialnumber + name/address). But then, the printer-producer is the last firewall - and - its darwin' law then.
If one wants to criticize, distribute illegal writings and whatever else, then one should be literate in what one does and use caution. In a democracy, there are rules for all to adhere to. In areas without rules, one is literate enough to know how to keep safe or just not criticizing anyway.
btw, in europe its not realpolitik. In U.S. it wasn't until Trump - but, the populous have voted!
Of which countries are you talking, where such is realpolitik?
> How does the government know, the one've written what they dislike is you, in case they find a peace on the street and read the tracking code?
https://news.ycombinator.com/item?id=43557589
thats HP and no one should buy HPs printers anymore until they stop their doings. Their aggressive behavior towards the customer and lurkin' into paying monthly subscription, data & update politics, mandatory always-on-internet-connection...
Thats on top. So, as an informed individual being, one should avoid HP. The other printer producers do not insinst on registration or wifi-before-first-use politics. But, who knows.
.. again, how can the government find out who you are by having just a code? If there's no mandatory registration (f.e. not HP)? If one knows how to poisen the tracking code? If one use a new/used printer and dispose afterwards? If one use the "neighbor from the first floor" printer?
There is no possibility to find out who printed that, if one takes a little bit caution and have little bit of knowledge. Even print-out-once-copy-many would make the code unreadable (f.e. normal quality and/or black & white) ...
spread the word! W00t W00t! :)
... thats also the reason why your yellow ink catridge/tank is the first to go empty. Each printout, no matter B&W or in YMCK, will have this yellow dots all over the place.
So why don't the manufacturers make their printers with a yellow tank bigger than the other colors?
You typically would keep the tank sizes same in volume and reduce the amount of other inks. By that other inks are empty approx. in the same time with yellow.
Similar question can be asked: Why some (consumer) supply tanks are units and can only be exchanged together in one, even there's still dye left in one of the colors? Why do cartridges signaling "empty" even there's still enough in them?
You can sell more of units and save on dye/ink.
But why would a manufacturer want to keep the tank sizes equal, in the first place? I see no practical advantage.
If anything, having them different would prevent mistakes: customers cannot install a yellow tank in the place of a blue one, because it does not fit.
because its easier to produce (e.g. no redesign of the inners to fit the tank, no extra sausage for individual tank production, no stock-keeping, etc..),
because its easy and convenient to replace the tanks for the customer without the needs of opening the device
.. there are a lot of why-reasons one can think of and which we don't know. But, the fact that its been done that way, should tell us, there are other people thought about this already and decided to do it like its done.
If you want to be able to change YMCK individually, then look for a model with individually replaceble tanks or choose a professional device with 8+ dyes. But they're expensive.
This gonna be pretty important in the next years... people, if you plan on printing protest flyers and pamphlets, either get them done in a professional print shop (if you know someone you can trust, that is), or at the very least buy the printer in cash, never ever connect it to the Internet, and only connect it via USB to a Linux computer - macOS and Windows both will install printer drivers automatically that might phone back to the mothership and link your printer ID to some sort of identifier.
For reference how this was done in the totalitarian countries of the eastern block: https://en.m.wikipedia.org/wiki/Samizdat
Get a silkscreen kit if you really care that much. Also allows you to print T-Shirts.
Wouldn't it be way easier to just track the people handing out the flyers?
That depends on whether:
1. You're looking for a very specific person.
2. You want to unconstitutionally punish somebody for free speech, and you don't care who, you just want to cheaply find a convenient victim.
In that respect, tracking-dots are an invitation to #2, since they don't really need much in the way of human labor-hours or focus.
Tracking dots can be used to confirm that a specific printer was used to print a specific page. However, going from only a serial number to finding the name and address of its owner is going to be very difficult to impossible. You might be able to track it down to the retailer, but if you buy your printer in person from a stack at Costco, nobody has any idea which printer has which serial number.
>However, going from only a serial number to finding the name and address of its owner is going to be very difficult to impossible.
Printers send telemetry to the mothership, including serial number. Anyone under NSL cannot disclose that fact, so it's possible (probable) that if OEMs are pulling serial numbers, computer names, usernames, registered owner names, IP address logs, that they are NSL to retain and/or redirect that data feed.
It explains why everything, everything is so ****ing leaky with your information (beyond just advertising). Where do you think our modern machine learning came from? It was in order to process this stupendously gigantic mountain of data! I'm sure Utah was running some less efficient prototype of the learning we see in the public today back in the time of the GWOT!
So no, it's not just to confirm, as a few privileged individuals [at best] can go to terminals and pull up gobs of information. This is one of the reasons seeing-sphere-company's stock has done so well recently (money money for me)!
This also gets into the evil of parallel construction, where unconstitutional or at least beyond-voter-awareness method is used, and they make up a different reason afterwards.
Until you install the windows print driver. Which phones home to the manufacturer with your ip address, other computer details, and the discovered printer’s serial number.
Source?
Sure! Here's HP¹. You can look up others on your own:
```
```¹ https://web.archive.org/web/20190828162443/https://www8.hp.c...
https://news.ycombinator.com/item?id=43557589
"Register your printer for 6 free months of ink!"
Or, you know, just print massive quantities of valid but randomized tracking dots all over the document using a printer you bought with cash?
Remember the Russian civilians arrested for protesting the war by waving yellow pieces of paper?
Could we just print using yellow paper to make the dots indistinguishable from the background?
Melted toner pallets are shiny and contrast well against paper. I'd set the document background to be a sold yellow before printing it (assuming the privacy invading dots are guaranteed to be yellow).
[flagged]