Comments

PhillipJune 29, 2007 2:32 PM

Forgive me Bruce, but neither of these sites talk about invisible ink? They talk about how to make your ink glow in the dark, which admittedly is kind of cool.

Joe PattersonJune 29, 2007 2:41 PM

To paraphrase an excellent writer I'm sure you've heard of, "There are two kinds of covert channels in this world: covert channels that will go undetected by your kid sister, and covert channels that will go undetected by major governments. This article is about the former."

Even given that, I'm sure there are better ways to do this. I'm not even sure it would work (i.e., the guy in the second article, when he's talking about using it for a covert channel, admits he hasn't tried doing any of this)

But, for coolness factor, glow-in-the-dark printing is kinda neat.

Joe PattersonJune 29, 2007 2:51 PM

@Phillip

The second site talks about it near the end. He notes that two of the glow-in-the-dark compounds are either clear or white in daylight, and supposes that they might be undetectable or faint if mixed with white or clear ink and printed on white paper. I suppose that mixing, say, orange GITD compound with orange ink and printing on orange paper would have a similar result.

Personally, I suspect that it might be hard to see in daylight, and reasonably easy to see in the dark, but far from undetectable.

TravisJune 29, 2007 3:18 PM

As the author of the Hizook post, I can assure you that Joe is right... this method probably wouldn't go undetected by governments.

But it would be a fun activity for children, and as I mentioned in the post, "Essentially, this is a fun twist to the typical disappearing, reappearing ink."

TanukiJune 29, 2007 3:22 PM

Hmmm... Biology is full of odd things. Perhaps a Batesian-mimic-of-a-font in upfront-visible ink used to convey the real information?

[exits left, arranging bees-on-a-honeycomb to transmit low-data-rate encrypted information]

Reader XJune 29, 2007 4:15 PM

Anybody try this yet? The comments in the first link (to another blog) include some hoax complaints.

Chris SJune 29, 2007 4:19 PM

It's not *by itself* a covert channel. But I can imagine filling my yellow cartridge with the white-by-day ink, and then printing a secret message with that -- followed by overprinting with an innnocuous message with black ink. Perhaps I can even do both printing passes at the same time.

Upon a cursory check, or a random inspection, the message will be innocuous. But when received by someone knowledgeable about the covert channel, they can view the message in ultraviolet light.

Interestingly, I carry an ultraviolet pocket flashlight at all times to inspect paper currency I receive.

dragonfrogJune 29, 2007 5:13 PM

It's more of a covert channel that allows you to go "surprise!" later - you could have one picture printed on a sheet of paper, and then the lights go out and all of a sudden it glows with another picture.

The "adversary" you're trying to hide from in this case is an audience that's willingly going along with your concealment, because they also want the surprise effect to work - because if it didn't, it wouldn't be as much fun...

David ConradJune 29, 2007 8:51 PM

With squid ink? From invisible squids? It is Friday, after all.

Here's a good way to create a covert channel to keep a message safe from frat boys. Print your message on one side of a sheet of paper, and a picture of a hawt nekkid chik on the other side.

AnonymousJune 30, 2007 4:25 AM

Interesting way to get sensitive data out of a secure place. Print an extremely innocent document, then overprint the secure information over it in 'glow'.

The cursory checks will fail since the nice card you printed for your niece is innocent, yet the confidential information embedded therein is not.

Though I'm sure there are easier ways of getting info out in most cases.

I prefer the 'recreational' use of the product though.

John HenryJune 30, 2007 8:00 PM

"Invisible" ink is commercially available for use with inkjet cartridges. It is invisible when printed but shows up under UV light. It allows additional information such as a product code or even a barcode to be printed over a preprinted label or carton.

Also commercially available is "invisible" ink that frlouresces or becomes visible only under light of a certain, controlled wavelength. It is used for anti-counterfeiting.

John Henry

RonKJuly 1, 2007 6:08 AM

Why not just print single yellow pixels in a distinctive pattern like many printers do automatically in order to watermark their output? It would seem to be a lot easier than changing inks. The only downside I can think of is that you need a scanner to read it and (possibly) sophisticated algorithms to generate and find the patterns.

If you want to be even sneakier, subvert the existing watermarking software inside the printer (don't ask me how) to skip some of the dots in the watermarking pattern, and use the selection of the missing dots as the covert channel. Not much bandwidth, but the devil to detect, I'd guess.

Clive RobinsonJuly 1, 2007 8:41 AM

One variation that might have merit,

How about using an ink that when subject to the light from a scanner / photocopier causes the font to change in a known way?

If subtle then it can be used to trace an original document (very usefull).

If not then make certain information effectivly impossible to copy by that method?

Both ideas I think would find interest in Goverment departments that are at the best of times information leaky.

Then again getting back to the covert channel why use an ink that produces visable light?

The same idea but using an ink that emits in the long infra red would be very very usefull for watermarking documents in a department etc.

With a little thought you could come up with some very interesting products for the security market.

CJJuly 2, 2007 2:42 AM

@Clive Robinson:

I've seen something similar done, although I don't know whether it was an attribute of the ink itself or of the background pattern of the paper. When photocopied, the word 'COPY' appears all over the paper.

bobJuly 2, 2007 6:50 AM

@Chris: because you will have just sent your most critical document to the printer queue.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..