Forgot your password?
typodupeerror

More PDF Blackout Follies 309

Posted by timothy
from the it's-even-secret-what-they-want-secret dept.
georgewilliamherbert writes "The latest installment of "As the PDF Blackouts Turn" hit today, with a U.S. government apparently releasing a redacted version of their court filing in the Balco grand jury leak case which merely stuck a black line over the text, which remains available in the document. As with prior documents, entering text cut/paste mode in a normal PDF browser such as Acrobat allows a reader to access the concealed text. Previous incidents include an AT&T filing in the NSA case." This works with Xpdf and KPDF, too; for KPDF, use the selection tool (under the Tools menu) around the redacted section, copy to clipboard, then paste into the text-manipulator of your choice.
This discussion has been archived. No new comments can be posted.

More PDF Blackout Follies

Comments Filter:
  • Maybe (Score:5, Funny)

    by GmAz (916505) on Thursday June 22, 2006 @10:38AM (#15582378) Journal
    Perhaps the people making these "blacked out documents" should be taught a little about Vector Graphics and that a black box is not the same as a sharpie. One word for them 'n00b'!!
    • Re:Maybe (Score:4, Insightful)

      by gEvil (beta) (945888) on Thursday June 22, 2006 @10:47AM (#15582461)
      You don't even need to go into vector graphics with these people. All you need to do is attempt to convince them that white text is still text, or that black text on a black background is still text. Either way, the text is still there. The only way to ensure that it's gone is to ACTUALLY GET RID OF THE TEXT.
    • Re:Maybe (Score:5, Funny)

      by Mirlas (760973) * on Thursday June 22, 2006 @11:14AM (#15582667)
      Maybe we need to go back to good-old fashioned text files.
      It was good enough back in the days of wood-burning computers;
      it should be good enough now.

      • Maybe we need to go back to good-old fashioned text files.
        It was good enough back in the days of wood-burning computers;
        it should be good enough now.


        Definitely! Then we can redact things with fancy ANSI terminal codes ^[[30;40mlike this super secret hidden message[[m!

        w00t! No one will EVER figure how to defeat that!

      • Re:Maybe (Score:5, Funny)

        by OldManAndTheC++ (723450) on Thursday June 22, 2006 @01:19PM (#15583567)

        It was good enough back in the days of wood-burning computers

        Oh man, that brings back some memories! Late nights cranking out code on my Bunyan 2500 - that puppy went through three cords of oak a week, and it kept the place warm to boot. And we didn't need any of that fancy book learnin' to make it work either; if you were a good hand at whittling, you could be a programmer. Never had a lick of trouble with the Bunyan, except for the occasional splinter. Oh sure, you had to keep some kindling around to get her started, but once she got goin' she could do anything - add, multiply, and of course, branch.

        Internet? Pfft. We modulated the smoke exhaust by opening and closing the flue - you could see it for miles, unless it was raining, or windy. Hell, we had peer to peer networks back before most of you guys were even a swimmer in your dad's testicals.

        There's still a few Bunyans around, if you know where to look. Auditors like them, since they're so good at logging, and keeping a paper trail. I think the Vatican still has one, though they only fire it up when they elect a new Pope. Ah, the good old days...

    • Re:Maybe (Score:5, Insightful)

      by frdmfghtr (603968) on Thursday June 22, 2006 @04:34PM (#15584906)
      Perhaps the people making these "blacked out documents" should be taught a little about Vector Graphics and that a black box is not the same as a sharpie. One word for them 'n00b'!!


      Sometimes I wonder if these incidents are really "accidents" or somebody's way of feigning ignorance of technology to get the facts out to the public.
  • by dubmun (891874)
    we should all just write everything down in pencil. Boo to technology.

    Or... they could just find a better technological solution. Seems like a no brainer to me.
  • by alshithead (981606) on Thursday June 22, 2006 @10:40AM (#15582396)
    Perhaps after another dozen or so incidents they'll decide a little training is appropriate for the folks who are doing the redacting.
    • by cavtroop (859432) on Thursday June 22, 2006 @10:51AM (#15582495)
      No, more than likely they will just pass a new law, stating that "Copying and pasting of blacked out (redacted) lines is a felony" or somesuch...
      • by Anonymous Coward on Thursday June 22, 2006 @11:17AM (#15582697)
        I think that's called the DMCA
      • Circumvention (Score:3, Insightful)

        by Mateo_LeFou (859634)
        If black squares count as a "technical measure" protecting access to a work... ? Someone actually should go ahead and launch this suit, to draw attention to the DMCA's shittiness.
        • Re:Circumvention (Score:3, Insightful)

          by jZnat (793348) *
          I don't think that court documents like these are copyrighted, so you can't even apply the DMCA to it. The leading source of public domain material these days seems to be the government itself...
      • Perhaps after another dozen or so incidents they'll decide a little training is appropriate for the folks who are doing the redacting.

        No, more than likely they will just pass a new law, stating that "Copying and pasting of blacked out (redacted) lines is a felony" or somesuch...

        Train them to use the blackout method, but to replace the redacted text with "If you can read this, you're under arrest!"

    • by richg74 (650636) on Thursday June 22, 2006 @10:55AM (#15582525) Homepage
      This is in principle a good idea. However, the implementation may suffer from a fundamental problem.

      My grandfather used to say that there is one irreducible requirement for training a dog: you have to be smarter than the dog.

      • by DarkSarin (651985) on Thursday June 22, 2006 @12:17PM (#15583165) Homepage Journal
        Fortunately this does not apply to humans--not directly.

        I can easily train people that are smarter than myself, if the conditions are right. For instance, I know a fair bit about statistics and data analysis, and would be perfectly comfortable training certain folks in the field, as long as they didn't know more than I do. Even then, it perfectly possible for me to come up with a unique idea that someone smarter than myself hasn't (note that I didn't say couldn't) considered.

        In the public schools there are frequent cases of a teacher training a student more intelligent than themself. It is unavoidable, although it could be reduced by making sure only the smartest teachers were highered.

        Smarter? Not a requirement. More experienced? Having unique knowledge? Yes, that is required, but maybe not irreducibly.

        HAND
    • by squiggleslash (241428) on Thursday June 22, 2006 @11:19AM (#15582703) Homepage Journal

      Alternatively, perhaps the technology is at fault. If the same mistake is made over, and over, and over again, many user interface experts would start investigating whether it's the UI, not the user that's at fault. The argument is that the mistake is being made because the correct solution is not intuitively obvious.

      I'd be curious to know what tool the users are using to black out the text. Are they just exporting from Word but, before exporting, "blocking it out" in Word? If so, how? Are they putting black blocks over text, or setting attributes of the relevent text? If these are the wrong techniques, what can be done to make the right techniques obvious (and the wrongness of these techniques equally obvious)?

      I've designed enough crappy UIs in the past and justified them with "It's user error! All they have to do is hit the OK or CANCEL buttons, of course it's not going to work if they close the window instead!" and other such stuff that, with hindsight, was utterly wrong and elitist of me, to know that technically skilled people are not the best judge of intuitiveness. The fact is, I'm a programmer. You're probably technically minded too. The average user isn't. We can't avoid making assumptions about what the user thinks works that are, on occasion, completely, 180 degrees, wrong. What we can do is own up to them and try to determine how to steer the user in the right direction.

      • by gEvil (beta) (945888) on Thursday June 22, 2006 @11:44AM (#15582910)
        What happens when I actually want to print white text on a black background? Will I have to go through some convoluted process because setting the background as black doesn't actually change the background to black, but rather also eliminates any text contained within it?
        • by squiggleslash (241428) on Thursday June 22, 2006 @11:48AM (#15582948) Homepage Journal

          If the user interface is designed well, you'll know exactly what to do, just as you'll know intuitively how to really redact text.

          If you're asking me to tell you how such a properly designed UI will work, you're asking the wrong person. It'd be interesting to get someone like Bruce Tognazzini [asktog.com] to give their take on it. Right now, all we can be fairly sure of is that the UI isn't working because people are constantly choosing the wrong tool for the job.

      • by DarkVader (121278) on Thursday June 22, 2006 @12:04PM (#15583059)
        You know, considering the state our government is in, I would much prefer that someone would build into all software going to the government an "unredact" feature to make it even easier to recover government coverups.

        Barring that, PLEASE don't educate them, or make it easier for them to really redact anything.
    • by Eadwacer (722852) on Thursday June 22, 2006 @11:53AM (#15582984)
      Sometimes history doesn't repeat itself. Sometimes it picks up a big club and says "Weren't you listening the first time?" - Terry Pratchett.
    • by indifferent children (842621) on Thursday June 22, 2006 @12:58PM (#15583443)
      Maybe Adobe Acrobat needs a new menu item: Edit->Redact Then you only have to train people to use that feature rather than the backgound-color feature.
  • People...learn...? (Score:3, Interesting)

    by Elros (735454) on Thursday June 22, 2006 @10:40AM (#15582400) Homepage
    You would think that people would have learned after the first time around. Apparently not.

    --
    "And the geek shall inherit the earth."
    • by Billosaur (927319) * <wgrotherNO@SPAMoptonline.net> on Thursday June 22, 2006 @10:48AM (#15582473) Journal

      You would think that people would have learned after the first time around. Apparently not.

      You're giving people too much credit; as has been noted in this forum many times, the average computer user is not exactly bright and doesn't read Slashdot, so they would have no idea that this is a problem. People just assume that if something appears to work a certain way, it in fact works that way.

      • by jimktrains (838227) on Thursday June 22, 2006 @10:55AM (#15582528) Homepage
        "Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so." - Douglas Adams
      • by gstoddart (321705) on Thursday June 22, 2006 @11:20AM (#15582716) Homepage
        You're giving people too much credit; as has been noted in this forum many times, the average computer user is not exactly bright and doesn't read Slashdot

        You're giving people too little credit. Most people who use computers are probably fairly bright -- they're lawyers, doctors, accountants, and all sorts of things most people on Slashdot can't do. Reading Slashdot doesn't make you bright (in fact, given much of hte drivel, just the opposite.)

        But, they expect computers to work like a friggin' toaster, and to them, if the text it blanked out, it's not readable. They're not going to realize the 'black' is a representation of a rectangle in a different document layer, and that the actual internal tree of the PDF still contains the actual text. Really, how could they?

        They understand computers by metaphor and analog to the real world. They don't know or care about the actual internal stuff. Since the paradigms have been done to look like the real-world, these people assume that the rest of the things also apply.

        Many people use computers who don't have a full grasp on all of their intricacies. However, I haven't looked inside of a TV in 20+ years, but I'm comfortable using one.

        Cheers
        • Acceptance of Risk (Score:5, Insightful)

          by Kadin2048 (468275) <slashdot.kadin@NOsPam.xoxy.net> on Thursday June 22, 2006 @11:39AM (#15582875) Homepage Journal
          While you make a good point, the people who have to use computers to accomplish their jobs, but do not make an attempt to understand how they work (and just treat them like "black boxes") are taking an enormous risk. They are hitching the metaphorical wagon of their livelihood to a team of horses that they don't know shit about.

          If you were somebody who made your living in television, but didn't understand anything about it, you would likewise be taking a great risk. You might, for instance, look like a big idiot when you show up to work at your anchor desk wearing a horizontally pinstriped shirt (which looks like ass on TV because of the Moire effect between the lines on the shirt and the TV scanlines). If you had understood the technology a little better, you might not have done that. That's a trivial example -- undoubtedly if you were a TV anchor, you'd learn or be told at some point not to wear a shirt like that without having to learn about scanlines -- but I hope you see my point.

          Whenever you use a technology without learning about it, you accept a certain amount of risk. Sometimes, you gamble and win: you just use the technology, get your job done, and nobody's the wiser. You're faster, more efficient, more competitive, you look like a hero to your boss, whatever. But if the technology doesn't work, then you're SOL -- but that's the price you pay for not understanding it. That's the risk you accepted when you said to yourself "eh, I don't really care what goes on inside there."

          In the case of PDF, we have a lot of people using a certain technology without knowing anything about how it works, and thus -- like the TV anchor in his pinstriped shirt (or a weatherman wearing chroma-key blue or green) -- you get these gaffes.

          I'm not saying that everybody needs to learn about how everything they use all day works, down to the bare metal. Virtually nobody needs to know that, except perhaps people who are doing things that are so dangerous that they can't afford to fuck up. However, people should be aware of the tradeoff they're making and the risk they're accepting when they forgo figuring out the internal details of a system and simply accept it as a whole, on faith that it will always work a certain way. As long as people are aware of that decision, and make it consiously, and accept the results, you can't ask for more.

          Generally speaking: faith is a fine thing, as long as you know when you're relying on it. It's when you thought you were relying on something else, and find out that you had nothing but faith, that a problem has occured.
          • They are hitching the metaphorical wagon of their livelihood to a team of horses that they don't know shit about.

            Millions of Americans hitch the physical "wagon" (or SUV, or sedan, or minivan) of their livelihood to a bundle of "horsepower" that they don't know shit about every single day, and then they drive that wagon at 75 MPH.*

            In the case of their cars, the consequences for misuse are serious injury or death. In comparison, the consequences for learning next to nothing about their computers seem slight
        • by Nef (46782)
          Here's my problem with this scenario though. You could probably describe most of the inner workings of said TV, be it SD or HD, LCD /CRT/Plasma, without much difficulty. I'll grant you, you probably couldn't recreate the thing (unless you were an EE or something similar) but you have a basic understanding of how things work.

          This represents a fundamental difference between how geeks/nerds think, and how the population at large thinks. Those technically inclined, whether they're gear-heads, pencil-pushe
  • which? (Score:5, Funny)

    by Anonymous Coward on Thursday June 22, 2006 @10:41AM (#15582408)
    with a U.S. government apparently releasing a redacted version of their court filing

    Which U.S. government?
  • by Deep Fried Geekboy (807607) on Thursday June 22, 2006 @10:41AM (#15582413)
    You can open them directly in Safari and cut/paste into TextEdit too.
  • by FudRucker (866063) on Thursday June 22, 2006 @10:42AM (#15582415)
    i keep an older version of adobe's acrobat reader for Linux version 5.0 and copy & paste in to a text editor works in it too...

    i hate the new acrobat reader. some claim it calls home to the mothership(Adobe) which i dont approve of either (spyware)...
    • i hate the new acrobat reader. some claim it calls home to the mothership(Adobe) which i dont approve of either (spyware)...

      Then you should try Foxit Reader [foxitsoftware.com]. Apart from being free, light-weight and best for everyday use, it also has got a 'Fox' in its name. :)

  • by $RANDOMLUSER (804576) on Thursday June 22, 2006 @10:42AM (#15582416)
    What's this in TFA about Barry Bonds and steroids? I had no idea.
  • by nweaver (113078) on Thursday June 22, 2006 @10:43AM (#15582428) Homepage
    Redacting electronic documents right is HARD. See, for example, The NSA's guide to redacting word documents as PDF [fas.org].
    • by fistfullast33l (819270) on Thursday June 22, 2006 @10:44AM (#15582441) Homepage Journal
      From the document:

      This page intentionally left blank.

      I was going to say, those guys are goooood.
    • by Rob T Firefly (844560) on Thursday June 22, 2006 @10:49AM (#15582481) Homepage Journal
      Turning leaked information back into a secret, that's the HARD bit.
    • Redacting electronic documents right is HARD. See, for example, The NSA's guide to redacting word documents as PDF.

      Im reading the instructions and skimming through them and what do I see?? A bretheren of clippy. At one point it seems like she/he is writing down all the secrets. Either one of two things is going on. The document is a fake or I should join the government because they need all the help they could get.
    • Two things: 1) Why not have a handy context menu option, "Redact selection", available with a right click on the selected object? 2) Awwww, the NSA uses the little kitty cat assistant instead of Clippy. Just like my mom. Until I gave her openoffice.
      • Why not have a handy context menu option, "Redact selection"

        Because management and clueless users will demand that there be an "unredact selection" menu option, also. I'll let you sort out the implications of that. Either that or original copies of documents everywhere will have text permanently blocked out by the above-mentioned clueless users and management types.
      • by More Trouble (211162) on Thursday June 22, 2006 @11:13AM (#15582665)
        Looks like you're redacting that document. NSA Office Kitty can help! First, tell us what you're trying to hide:

        • gov'ment impropriety
        • financial cheating
        • illicit sex
        • other
    • You gotta give those poor cubicle folk some credit for trying ... at least they aren't putting Wite-Out on the screen, right?

      Seriously though, if the government gets TOO embarrassed about this sort of thing, they'll do something even more stupid, and mandate all official documents to use some proprietary DRM/TPM/HDCP/BVD format that only Windows Vista can display.
    • Redacting electronic documents right is HARD. See, for example, The NSA's guide to redacting word documents as PDF [fas.org]

      At least it's obvious that the folks who know what they're doing, know that MS products aren't the best solution. From the doc:

      Microsoft Word XP/2003: Microsoft has attempted to remedy certain issues with Metadata in Office XP and up by including a menu option to remove personal information (metadata). There
      is also a tool available for free from MS, Remove Hidden Data 1.0 (for XP) and 1.1 (for

    • It's not hard; people just have to manually delete (not obscure) data they want redacted. Then all outgoing Word files should be scrubbed of metadata. There are commercial packages, included in many groupware suites, that do this automatically. At the law firm where I work, every single Word file that gets emailed to an address outside the firm is automatically scrubbed of metadata by the server. If you try to save a document with Track Changes enabled, a dialog box warns you. If you try to email a document
    • by MrCopilot (871878) on Thursday June 22, 2006 @12:17PM (#15583172) Homepage Journal
      17 Pages. Note to NSA.

      There is a much Simpler Solution.

      1.)Print Document.
      2.)Locate and uncap Sharpie.
      3.) Blackout Text.
      4.) Scan to DocRedacted.pdf
      Wow less than the average government paragraph. Seems like the way they have been doing it for years why change now?

  • Cache (Score:4, Informative)

    by Rob T Firefly (844560) on Thursday June 22, 2006 @10:44AM (#15582437) Homepage Journal
    Coral cache of the PDF [nyud.net]

    Anyone into mirroring it?
  • PDF Redaction (Score:4, Informative)

    by Fedallah (25362) on Thursday June 22, 2006 @10:44AM (#15582440) Homepage
    This is pretty ridiculous. Products have existed for years to take care of this sort of thing, such as http://www.appligent.com/products/product_families /redaction.php [appligent.com].

    How does this keep happening?
  • by TWX (665546) on Thursday June 22, 2006 @10:45AM (#15582443)
    ...before they are told to just take a print-screen of the document, page by page, then use a graphics program to install the black boxes over words, then import each image as a page into their PDF creator...
    • ...then import each image as a page into their PDF creator...

      While not a bad suggestion, there is a major problem with it. Many offices will use Paint for this process, with the final image saved as a bitmap. Ever tried making a PDF file out of 8.5x11 inch bitmap images? The resulting filesize tends to be pretty nasty. Of course, there are ways around this, but the requisite knowledge of graphics is far beyond the knowledge necessary to understand that white text is still text--e.g., if you can properly
  • Shit... use the default pdf viewer in ubuntu evince 0.5.2

    Just select the text and bang,.... there it is for reading.

    -Steve
  • by blcamp (211756) on Thursday June 22, 2006 @10:46AM (#15582452) Homepage

    Really nice to know that these folks has taken an apparent cue on safe and secure documents from the folks in Redmond.

    On a serious note... this is seriously scary. Imagine if the NSA and other agencies are redacting all of their documents this way an passing them around the world to field offices, embassies and elsewhere.

    Imagine the implications during legal proceedings here in the States. Yikes.

  • blonde joke (Score:5, Funny)

    by k4_pacific (736911) <k4_pacificNO@SPAMyahoo.com> on Thursday June 22, 2006 @10:50AM (#15582493) Homepage Journal
    Q: How can you tell when a blonde NSA agent has been redacting PDFs?

    A: There is magic marker ink all over the screen!

  • by thatguywhoiam (524290) on Thursday June 22, 2006 @10:53AM (#15582505)
    I love this idea.

    Leave PDF the way it is. In fact, make it really hard to actually redact something, but put a tool front-and-center that looks like its redacting something.

    Then - remove any delete capability from Outlook. Trash is fine, but not delete.

    Then - configure all Windows machines to be inherently wide open, so that we may all peer into gov't computers. Oh wait, this is already true.

    Sometimes I think those in positions of high gov't power should forfeit practically all privacy for the duration of their term. Put a webcam on these fuckers 24/7. Does that sound... draconian? Unreasonable? Maybe. But after losing billions of dollars in things like Iraq military contract debacles, I don't trust any of these people. They certainly don't trust us.

  • by Tozog (599414) on Thursday June 22, 2006 @10:53AM (#15582511)
    Here's how the NSA recommends redacting files:

    http://www.nsa.gov/snac/vtechrep/I333-TR-015R-2005 .PDF [nsa.gov]
    • The animated moggie Word assitant really adds a professional touch ;)
  • Pretension (Score:2, Funny)

    by GonzoTech (613147)
    http://www.sfgate.com/cgi-bin/object/article?f=/c/ a/2006/06/21/MNGUAJI4B85.DTL&o=0 [sfgate.com] The two reporters "are the only individuals, other than the leaker himself, who would have personal knowledge of the leaker's identity," Hershman and Raphael said.

    Is it just me or do they look a little pretensious?

  • by hey! (33014) on Thursday June 22, 2006 @11:00AM (#15582566) Homepage Journal
    Like .doc, .pdf, and AFAIK the opendoc format.

    It's the same old story as with operating systems or anything else: features are usually either a plus or a "don't matter", except when serious security issues are involved, in which case you can't always predict what is benign, whether in and of itself or in combination with other features. Adobe tried to position PDF for all kinds of other things like portable forms and collaboration, but obviously their users are running into the same problems ad MS Word users have with leaking sensitive information.

    What there should be is a standard document format for outside release of legal or sensitive documents, that doesn't have any features that could be inadvertantly used. Maybe it is RFT or a stripped down PDF; but something where you can tell the intern to release this press release, and not count on him being smart enough to check for hidden comments and workflow information. It sould be WYSIAYG -- what you see is ALL you get -- and any additional features, other than possibly a small and well defined set of metadata, should parse as an error.
    • Maybe it is RFT or a stripped down PDF; but something where you can tell the intern to release this press release, and not count on him being smart enough to check for hidden comments and workflow information. It sould be WYSIAYG -- what you see is ALL you get -- and any additional features, other than possibly a small and well defined set of metadata, should parse as an error.
      You mean like plain text (txt)?
  • by Laura_DilDio (874259) on Thursday June 22, 2006 @11:00AM (#15582568)
    Add a "redact" tool to the existing toolbar!

    • Kind of kills the market for the third party vendors who already provide tools which do just that.

      Maybe those vendors would have an anti-trust case against Adobe for doing it.

      Would be ironic given Adobe's anti-trust allegations against MS for essentially doing the same thing (adding a "Save as PDF" tool to the MS office toolbar).
  • Hush! Hush! (Score:5, Funny)

    by Anonymous Coward on Thursday June 22, 2006 @11:02AM (#15582583)
    Why are we publicizing this flaw? We have a US Government in power that increasingly wants to peer into the lives of innocent citizens, while becoming less transparent itself in order to cover up deceit, fraud, abuse, and just plain bumbling incompetence. If these Keystone Kops want to believe that they are criminal masterminds, let them, but don't help them actually cover stuff up!
  • by waif69 (322360) on Thursday June 22, 2006 @11:06AM (#15582609) Journal
    Having worked for the gov't and knowing that some documents that I have signed and worked on should be redacted, this scares the crap out of me. It's not that I did anything that was illegal or "evil" as google would put it, I just don't want the "bad guys" (terrorists, etc.) knowing my name is attached to anything that resulted in their cohorts arrested or killed on the battlefield (also includes CONUS since 9/11).

    Normal average government workers should NOT be redacting, the people who redact should be those who know that if they screw-up, they may be screwing themselves or good friends in the process. Have people do it(redact) who have something to lose.

    Just my 2 cents.
    • I just don't want the "bad guys" (terrorists, etc.) knowing my name is attached to anything that resulted in their cohorts arrested or killed on the battlefield
      Its a good thing you haven't told anyone, then.
  • by alewar (784204) on Thursday June 22, 2006 @11:06AM (#15582610)
    "Security by obscurity" :)
  • by Waffle Iron (339739) on Thursday June 22, 2006 @11:08AM (#15582622)
    Clearly, these information leaks are a major security threat that is aided and abetted by these renegade PDF viewers. I'm encouraging my representatives in Congress to introduce a "Digital Millennium Redaction Act" that will prohibit the manufacture, sale, discussion or hyperlinks to any PDF viewers which enable the illicit extraction of redacted data from PDF documents. Such viewers are little more than the preferred tools for information thieves, hiding in the guise of "productivity applications". It's despicable.

    This law would instruct the FCC to create a program to certify approved PDF viewers; such viewers must make it impossible for users to steal the redacted data in a file, along with technical measures to prevent tampering with the viewers by hackers. Certified viewers will be made available to the public by software companies on a list of government-approved PDF vendors. After it becomes illegal to own a non-certified pirate PDF viewer, these dangerous information leaks will thankfully become a thing of the past.

  • by milgr (726027) on Thursday June 22, 2006 @11:11AM (#15582654)
    I googled for redacted doctuments, chose some pdfs at random, and found that the text is behind the black bars.

    When I started searching, I googled for redact. There were two ads for products that remove the text from the pdf as well as create the black bar. One made it clear that the text would be inaccessible from hackers.

    So, why aren't these types of tools being used for all redactions?
  • Congratulaitons. (Score:5, Informative)

    by sammy baby (14909) on Thursday June 22, 2006 @11:14AM (#15582672) Journal
    Congratulations, Slashdot! The FBI will be along shortly to raid your offices on suspicion of violating the DMCA, the Patriot Act, and probably some other bullshit piece of legislation we don't even know about.

    Oh, yeah - it's a no-knock warrant, so put your pants on now.
  • Clear as Mud (Score:5, Interesting)

    by Doc Ruby (173196) on Thursday June 22, 2006 @11:52AM (#15582979) Homepage Journal
    Why doesn't Adobe upgrade their PDF generators to include a "Real Redact" button that actually deletes the redacted data? They could sell it to governments at the usual 1000x government markup rate, and the government would probably still save money vs the fallout from these illusory blackout follies. Neither the government nor Adobe is in the "freedom of information" camp. Maybe the government just refuses to buy an upgrade because that would save money overall.
  • by Noksagt (69097) on Thursday June 22, 2006 @11:57AM (#15583007) Homepage
    CLI programs are REALLY useful to look at "hidden" content.

    'pdftotext' comes with xpdf & is even available natively on windows.

    Similarly, for MS Word documents, you may use 'antiword' [demon.nl], 'catdoc' [free.net], and 'wv' [sourceforge.net].

    These programs are quite nice in that they can easily batch-process a lot of documents & then you can go grepping through them for interesting tidbits.

    (On the GUI front, evince [gnome.org] deserves a plug. It uses the same poppler [freedesktop.org] backend as xpdf and kpdf. I used to use tiny & fast xpdf for most of my pdf viewing, but evince has a few nice features which xpdf lacks & has become my personal favorite pdf viewer.)
  • by Namlak (850746) on Thursday June 22, 2006 @12:02PM (#15583046)
    The industry at large (Microsoft being a big offender) has been trying to get us to a this magical place where everything is system and location independent and this is where we end up:

    1) FTP sites in Windows Explorer look like regular Windows folders. People expect them to work like regular folders. I had a field sales force try to "share" an Excel spreadsheet expecting the others to get a "Read Only" copy just like would happen on a local network share. Overwriting madness ensued. You can't blame them, there was no indication that it would work differently. Asking them to understand FTP is like accounting expecting me to fully understand the accounting rules behind my IT purchases.

    2) A manager where I used to work had an Excel spreadsheet with payroll data for the entire company. He wanted to send each department their subset of the data. So he filtered his spreadsheet and sent the filtered lists to each department not knowing that he was sending each department the whole list under teh covers. Luckily, the file was 30MB and choked in the mail server and I was able to bail him out of that huge mistake. But you really can't blame him - he saw something on the screen and sent "it". There should be an indication of underlying data. BTW, doing a cut and paste special made each file about 25k or so.

    Same thing with this PDF error. If your file shows certain information, it should contain that information only or indicate (or warn) otherwise.

    By "simplifying" everything, nobody knows what's really going on. A couple times per week I have to explain some type of issue to some user about how "It's really more complicated than that, see Windows (or an app) hides this from you." User roll eyes as their simple task has become obscurely complicated - all in the name of making things "easier" to understand, ironically.

    If something works different, it should be displayed different - that at least gives the user a chance to question what they are doing.
    • So he filtered his spreadsheet and sent the filtered lists to each department not knowing that he was sending each department the whole list under teh covers.

      I use that feature quite often and it was only yesterday that I noticed that the little triangle turns from black to dark blue when you’re viewing a filtered set. All this time I was thinking there really ought to be some sort of visual indication (other than the wonky row numbers).

  • by blackstripe (635857) on Thursday June 22, 2006 @12:14PM (#15583146)
    Assuming the original document was in Word format, I'm surprised they didn't use Microsoft's freely available redaction add-in [microsoft.com].
  • Er... pdftotext...? (Score:3, Informative)

    by digital photo (635872) on Thursday June 22, 2006 @05:54PM (#15585397) Homepage Journal
    Okay... this is what is considered secured??

    Using a STANDARD pdf handling tool:
    % pdftotext BALCO_quash_subpoena_sfchronicle.pdf

    From the PDF->TXT file:

    [snipped to first line before the "blacked out section"]

      C. Movants' Efforts to Obtain the Secret Grand Jury Transcripts

    [beginning of first blacked out section]

    Prior to the return of the Balco indictments, the lead defendant, Victor Conte ("Conte"), began to correspond via e-mail with Movants. (See Ex. 1 to Donnelan Aff.). Neither Movants nor Conte attempted to keep their relationship confidential, as the e-mail correspondence routinely was reported by Movants.2 (Exs. 1, 2, 3, and 11 to Donnelan 1

    [... snipped for berevity ...]

    On June 23, 2004, Fainaru-Wada sent an e-mail to Conte indicating that he (Fainaru-Wada) was busy working on some stories that may be "up on the web soon. Hope you like t
    hem." (Ex. T to Hershman Decl.). Conte responded that he was looking forward to seeing the article and that his lawyer would be available for comment. (Id.).

    [end of first blacked out section]

    D. Disclosure of the Montgomery Grand Jury Transcript On June 24, 2004

    [more, but why post it when you can read it yourself!?]

    Okay... WTF!? Doesn't ANYONE check this stuff before it goes out the door!?

    OMG! Wonder if this is how our private documents are "made safe"....

news: gotcha

Working...