Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

More PDF Blackout Follies

Posted by timothy on Thu Jun 22, 2006 10:35 AM
from the it's-even-secret-what-they-want-secret dept.
Censorship Security Government The Courts United States News
georgewilliamherbert writes "The latest installment of "As the PDF Blackouts Turn" hit today, with a U.S. government apparently releasing a redacted version of their court filing in the Balco grand jury leak case which merely stuck a black line over the text, which remains available in the document. As with prior documents, entering text cut/paste mode in a normal PDF browser such as Acrobat allows a reader to access the concealed text. Previous incidents include an AT&T filing in the NSA case." This works with Xpdf and KPDF, too; for KPDF, use the selection tool (under the Tools menu) around the redacted section, copy to clipboard, then paste into the text-manipulator of your choice.
+ -
story

Related Stories

[+] Entertainment: FBI Wiretapping Audit Secrets Uncovered Via Ctrl+C 231 comments
mytrip notes a story in Wired's Threat Level blog on the latest boneheaded government moves with redaction. (We've been discussing redaction follies here for years.) This time it's an FBI report (PDF) on implementing CALEA — you can select text from redacted areas, copy it, and paste into a text editor, as University of Pennsylvania professor Matt Blaze discovered. From Wired: "Once again, supposedly sensitive information blacked out from a government report turns out to be visible by computer experts armed with the Ctrl+C keys — and that information turns out to be not very sensitive after all... [Among] the tidbits considered too sensitive to be aired publicly: The FBI paid Verizon $2,500 apiece to upgrade 1,140 old telephone switches. Oddly the report didn't redact the total amount paid to the telecom — slightly more than $2.9 million dollars — but somehow the bad guys will win if they knew the number of switches and the cost paid."
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

More PDF Blackout Follies 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Maybe (Score:5, Funny)

    by GmAz (916505) on Thursday June 22 2006, @10:38AM (#15582378) Journal
    Perhaps the people making these "blacked out documents" should be taught a little about Vector Graphics and that a black box is not the same as a sharpie. One word for them 'n00b'!!

    • Re:Maybe (Score:5, Funny)

      by Mirlas (760973) * on Thursday June 22 2006, @11:14AM (#15582667)
      Maybe we need to go back to good-old fashioned text files.
      It was good enough back in the days of wood-burning computers;
      it should be good enough now.

  • History repeats itself (Score:5, Funny)

    by alshithead (981606) on Thursday June 22 2006, @10:40AM (#15582396)
    Perhaps after another dozen or so incidents they'll decide a little training is appropriate for the folks who are doing the redacting.

    • Re:History repeats itself (Score:5, Insightful)

      by cavtroop (859432) on Thursday June 22 2006, @10:51AM (#15582495)
      No, more than likely they will just pass a new law, stating that "Copying and pasting of blacked out (redacted) lines is a felony" or somesuch...

    • Re:History repeats itself (Score:5, Insightful)

      by richg74 (650636) on Thursday June 22 2006, @10:55AM (#15582525) Homepage
      This is in principle a good idea. However, the implementation may suffer from a fundamental problem.

      My grandfather used to say that there is one irreducible requirement for training a dog: you have to be smarter than the dog.

    • Re:History repeats itself (Score:5, Insightful)

      by squiggleslash (241428) on Thursday June 22 2006, @11:19AM (#15582703) Homepage Journal

      Alternatively, perhaps the technology is at fault. If the same mistake is made over, and over, and over again, many user interface experts would start investigating whether it's the UI, not the user that's at fault. The argument is that the mistake is being made because the correct solution is not intuitively obvious.

      I'd be curious to know what tool the users are using to black out the text. Are they just exporting from Word but, before exporting, "blocking it out" in Word? If so, how? Are they putting black blocks over text, or setting attributes of the relevent text? If these are the wrong techniques, what can be done to make the right techniques obvious (and the wrongness of these techniques equally obvious)?

      I've designed enough crappy UIs in the past and justified them with "It's user error! All they have to do is hit the OK or CANCEL buttons, of course it's not going to work if they close the window instead!" and other such stuff that, with hindsight, was utterly wrong and elitist of me, to know that technically skilled people are not the best judge of intuitiveness. The fact is, I'm a programmer. You're probably technically minded too. The average user isn't. We can't avoid making assumptions about what the user thinks works that are, on occasion, completely, 180 degrees, wrong. What we can do is own up to them and try to determine how to steer the user in the right direction.

  • which? (Score:5, Funny)

    by Anonymous Coward on Thursday June 22 2006, @10:41AM (#15582408)
    with a U.S. government apparently releasing a redacted version of their court filing

    Which U.S. government?

  • Works in Safari directly (Score:5, Informative)

    by Deep Fried Geekboy (807607) on Thursday June 22 2006, @10:41AM (#15582413)
    You can open them directly in Safari and cut/paste into TextEdit too.

  • Even more shocking (Score:5, Funny)

    by $RANDOMLUSER (804576) on Thursday June 22 2006, @10:42AM (#15582416)
    What's this in TFA about Barry Bonds and steroids? I had no idea.

  • Redacting right is HARD (Score:5, Informative)

    by nweaver (113078) on Thursday June 22 2006, @10:43AM (#15582428) Homepage
    Redacting electronic documents right is HARD. See, for example, The NSA's guide to redacting word documents as PDF [fas.org].

  • blonde joke (Score:5, Funny)

    by k4_pacific (736911) <k4_pacific@NOsPam.yahoo.com> on Thursday June 22 2006, @10:50AM (#15582493) Homepage Journal
    Q: How can you tell when a blonde NSA agent has been redacting PDFs?

    A: There is magic marker ink all over the screen!

  • The New Way for Gov't Transparency (Score:5, Interesting)

    by thatguywhoiam (524290) on Thursday June 22 2006, @10:53AM (#15582505)
    I love this idea.

    Leave PDF the way it is. In fact, make it really hard to actually redact something, but put a tool front-and-center that looks like its redacting something.

    Then - remove any delete capability from Outlook. Trash is fine, but not delete.

    Then - configure all Windows machines to be inherently wide open, so that we may all peer into gov't computers. Oh wait, this is already true.

    Sometimes I think those in positions of high gov't power should forfeit practically all privacy for the duration of their term. Put a webcam on these fuckers 24/7. Does that sound... draconian? Unreasonable? Maybe. But after losing billions of dollars in things like Iraq military contract debacles, I don't trust any of these people. They certainly don't trust us.

  • Someone missed the memo (Score:5, Interesting)

    by Tozog (599414) on Thursday June 22 2006, @10:53AM (#15582511)
    Here's how the NSA recommends redacting files:

    http://www.nsa.gov/snac/vtechrep/I333-TR-015R-2005 .PDF [nsa.gov]

  • Hush! Hush! (Score:5, Funny)

    by Anonymous Coward on Thursday June 22 2006, @11:02AM (#15582583)
    Why are we publicizing this flaw? We have a US Government in power that increasingly wants to peer into the lives of innocent citizens, while becoming less transparent itself in order to cover up deceit, fraud, abuse, and just plain bumbling incompetence. If these Keystone Kops want to believe that they are criminal masterminds, let them, but don't help them actually cover stuff up!

  • This frightens me!!!!! (Score:5, Interesting)

    by waif69 (322360) on Thursday June 22 2006, @11:06AM (#15582609) Journal
    Having worked for the gov't and knowing that some documents that I have signed and worked on should be redacted, this scares the crap out of me. It's not that I did anything that was illegal or "evil" as google would put it, I just don't want the "bad guys" (terrorists, etc.) knowing my name is attached to anything that resulted in their cohorts arrested or killed on the battlefield (also includes CONUS since 9/11).

    Normal average government workers should NOT be redacting, the people who redact should be those who know that if they screw-up, they may be screwing themselves or good friends in the process. Have people do it(redact) who have something to lose.

    Just my 2 cents.

  • We have to act! (Score:5, Funny)

    by Waffle Iron (339739) on Thursday June 22 2006, @11:08AM (#15582622)
    Clearly, these information leaks are a major security threat that is aided and abetted by these renegade PDF viewers. I'm encouraging my representatives in Congress to introduce a "Digital Millennium Redaction Act" that will prohibit the manufacture, sale, discussion or hyperlinks to any PDF viewers which enable the illicit extraction of redacted data from PDF documents. Such viewers are little more than the preferred tools for information thieves, hiding in the guise of "productivity applications". It's despicable.

    This law would instruct the FCC to create a program to certify approved PDF viewers; such viewers must make it impossible for users to steal the redacted data in a file, along with technical measures to prevent tampering with the viewers by hackers. Certified viewers will be made available to the public by software companies on a list of government-approved PDF vendors. After it becomes illegal to own a non-certified pirate PDF viewer, these dangerous information leaks will thankfully become a thing of the past.

  • Congratulaitons. (Score:5, Informative)

    by sammy baby (14909) on Thursday June 22 2006, @11:14AM (#15582672) Journal
    Congratulations, Slashdot! The FBI will be along shortly to raid your offices on suspicion of violating the DMCA, the Patriot Act, and probably some other bullshit piece of legislation we don't even know about.

    Oh, yeah - it's a no-knock warrant, so put your pants on now.

    • Re:People...learn...? (Score:5, Insightful)

      by Billosaur (927319) * <wgrotherNO@SPAMoptonline.net> on Thursday June 22 2006, @10:48AM (#15582473) Journal

      You would think that people would have learned after the first time around. Apparently not.

      You're giving people too much credit; as has been noted in this forum many times, the average computer user is not exactly bright and doesn't read Slashdot, so they would have no idea that this is a problem. People just assume that if something appears to work a certain way, it in fact works that way.

      • Re:People...learn...? (Score:5, Insightful)

        by jimktrains (838227) on Thursday June 22 2006, @10:55AM (#15582528) Homepage
        "Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so." - Douglas Adams

      • Re:People...learn...? (Score:5, Insightful)

        by gstoddart (321705) on Thursday June 22 2006, @11:20AM (#15582716) Homepage
        You're giving people too much credit; as has been noted in this forum many times, the average computer user is not exactly bright and doesn't read Slashdot

        You're giving people too little credit. Most people who use computers are probably fairly bright -- they're lawyers, doctors, accountants, and all sorts of things most people on Slashdot can't do. Reading Slashdot doesn't make you bright (in fact, given much of hte drivel, just the opposite.)

        But, they expect computers to work like a friggin' toaster, and to them, if the text it blanked out, it's not readable. They're not going to realize the 'black' is a representation of a rectangle in a different document layer, and that the actual internal tree of the PDF still contains the actual text. Really, how could they?

        They understand computers by metaphor and analog to the real world. They don't know or care about the actual internal stuff. Since the paradigms have been done to look like the real-world, these people assume that the rest of the things also apply.

        Many people use computers who don't have a full grasp on all of their intricacies. However, I haven't looked inside of a TV in 20+ years, but I'm comfortable using one.

        Cheers

    • Re:A redacted document? Say it ain't so! (Score:5, Informative)

      by The Only Druid (587299) on Thursday June 22 2006, @11:08AM (#15582629)
      "Redacted" is a legal term of art (i.e. it has a special meaning in the legal context).

      For lawyers/courts/etc., redacted (Per Black's Legal Dictionary) means:
      n), n. 1. The careful editing of a document, esp. to remove confidential references or offensive material. (Cases: Criminal Law 663; Federal Civil Procedure 2011; Trial 39. C.J.S. Criminal Law 1210-1211; Trial 148-153.) 2. A revised or edited document. -- redactional, adj. -- redact, vb.>


      The lesson here is this: if you see a word used in a legal context (or any professional context) and it sounds entirely wrong...ask yourself first whether it might have a special meaning before complaining.

    • They're correct. (Score:5, Informative)

      by Kadin2048 (468275) <(slashdot.kadin) (at) (xoxy.net)> on Thursday June 22 2006, @11:09AM (#15582640) Homepage Journal
      Their use of redact is completely correct.

      If I am releasing a document for publication and decide to remove information from it, this is redaction. It's editing for publication, which can include the removal of information. It could also include the addition of new information, but that's not what typically happens. Redaction can be a form of self-censorship, but it's not always the same.

      Censorship is when a third party, generally a person in authority, suppresses information which is considered objectionable. The 'authority' can be the same as the author (e.g. 'self-censorship'), or the suppression can be indirect -- it need not be editing per se.

      It's my understanding that "redact" is used only in reference to written documents that are being edited, while 'censor' is more general and can refer to anything. The terms are closely related, especially in their typical use, but they're not exactly the same. "Redact" is actually a more specific and precise word for what's going on in this instance. We can argue about whether censorship is also going on, but redaction definitely is.

      Anyway, arguing about definitions by citing dictionaries is always a bit pedantic, since dictionaries are not authoritative except as a historical reference: they can tell you what a word meant at the time the dictionary was written, but not what it means right now, since a word's definition is determined by its usage. All language is inherently arbitrary: they're just sounds we make or things we write down in order to convey ideas, and the relationship between the sounds/characters and ideas is not fixed, but infinitely variable. If everyone were to decide tomorrow that 'redaction' meant the same thing as 'censorship,' that's what it would mean, and next year's dictionaries would have to be updated to reflect that.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.