Schneier on Security

A blog covering security and security technology.

« MySpace Increases Security | Main | Employee Theft at Australian Mint »

June 26, 2006

Yet Another Redacting Failure

This sort of thing happens so often it's no longer news:

Conte's e-mails were intended to be blacked out in a 51-page electronic filing Wednesday in which the government argued against the Chronicle's motion to quash the subpoena. Eight of those pages were not supposed to be public.
But the redacted parts in the computer file could be seen by copying them and pasting the material in a word processing program.

Another news article here.

Posted on June 26, 2006 at 12:29 PM • 14 Comments • View Blog Reactions

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

This kind of scenario always reminds me of the old story of The Phage In The Letter - http://www.panix.com/~iayork/phage.shtml . These days, it'd be easy to imagine something similar involving an embedded font in a Postscript or PDF document.

Posted by: Matthew Skala at June 26, 2006 02:12 PM

They will never learn...

Posted by: funny at June 26, 2006 02:29 PM

Isn't this just a modern variant of the "Miss Frazer, send this guy the bug letter" inadvertent-forwarding-of-an-attachment goof?

Posted by: Tanuki at June 26, 2006 03:11 PM

Sounds like there should be a "Save for publish" mode/functionality in the word processors they use. When composing or editing a document, it's great to have unlimited undos and for it to be as hard to lose information as possible. But when publishing something, you don't want people reading you're notes.

Posted by: a at June 26, 2006 05:43 PM

Sounds like a typical windows user

Posted by: Q at June 26, 2006 07:26 PM

"Save for publish" mode/functionality

In MS Word, this is called 'save as'. Save the file as a new file -- ie change it's name in the save-as dialogue -- and it will trim down the undo history etc.

Still saves whatever user id info you put into Word when you configured it.

Posted by: artificial life at June 26, 2006 10:36 PM

I'm not sure that "SAVE AS" loses all the history crap in a Word file.

The safest method is to do a cut & paste into a new file, THEN do a "SAVE AS".

The only problem with this is that Word sometimes messes up the formating and you have to spend some time fixing it back up.

Posted by: Jojo at June 26, 2006 11:07 PM

Its safer to not use a nondisclosed format.

Posted by: Greg at June 27, 2006 03:57 AM

Any saved format with tagged sequences that do not always render their information visibly is vulnerable to information leaks. Even HTML.

Most people simply do not understand the issues implied by the wysiwyg and convenience features i electronic documents.

Posted by: Bo at June 27, 2006 05:00 AM

I know this sounds crazy but why can't they just replace the redacted words with 'X' chars or something. It's obvious that if they can cut and paste into Word that this is a text document so it makes no sense to draw little boxes parts of the text but leave the original text in there.

Posted by: Adam Lock at June 27, 2006 07:21 AM

this was discussed a few months ago in this forum:

NSA report on how to safely publish sanitized documents converted from word to PDF:

http://www.nsa.gov/snac/vtechrep/I333-TR-015R-2005.PDF

Posted by: PDF at June 27, 2006 09:51 AM

Yet Another Ridacting Failure -- also known as a YARF?

What'd they do? Just select the sensitive information and change the text background to black? Doh.

Posted by: Xyz at June 27, 2006 10:14 AM

I know there has to be a google hack to search for text in redacted PDF files...
I know someone out there in cyberland is now making a program that automatically scrubs PDF files. I remember seeing a program that scrubs your word documents.

Posted by: jammit at June 27, 2006 11:56 AM

This type of thing is too useful to be fixed. How "clever" it is to redact something that you'd rather have public and subsequently respond with "Oops, I'm sorry. It's that darn MS Word."

Posted by: Anonymous at June 28, 2006 10:17 AM