Hidden points: How to track the printer on which a document was printed IS expert Masalovich: almost all modern printers leave passwords on paper 28.10.2024, 08:28

And there’s no trace

In different sources, the technology of marking paper by printers is called differently: “tracking dots”, “yellow dots”, “machine identification code” and more. But in forensics, the system is often referred to as “tracking points,” according to Andrei Masalovich, an OSINT expert, former KGB lieutenant colonel, and creator of the Avalanche Internet monitoring platform.

“Tracking points are a form of steganography; a way to covertly transmit information by hiding it among other data without being encrypted. That is, you look at a piece of paper and not only do not understand the code, but in principle you do not realize that it exists,” says Masalovich.

It is accepted that the creator of the technology is Xerox. Developed and put into use in the 80s of the last century. The technology involves applying yellow dots, invisible to the human eye under normal conditions, to the paper.

The dots are combined into a code, from which you can find the serial number of the printer, as well as the time and date when the document was printed. In some cases, this information allows you to identify the person who printed the document.

Officially, “tracking points” were invented by Xerox at the request of the US government to catch counterfeiters who were using printers to create fake invoices. This method of identifying printers has been used covertly for decades and has been adopted by other office equipment manufacturers in the meantime. The tracking points were only made public by the Dutch police in 2004. reported about their use to catch criminals.

Later Xerox and then other printer manufacturers acceptedtransfer of points decryption keys only to law enforcement agencies of various countries and only for the investigation of criminal cases. That’s why Canon said it added the technology to its devices “to minimize the potential for improper use of its products.” Masalovich noted that today nearly all printers from all manufacturers have this option.

“In 2018, scientists from the Technical University of Dresden analyzed more than a hundred printer models from 18 manufacturers. Researchers have found several printer models that literally “don’t suck.” “All other models have slight yellow spots left,” he said.

Successful borrowing

According to Masalovich, the use of monitoring points in Russia was successfully learned in the 90s at the request of state institutions. The excuse was the same as in the West: investigation and prevention of cases of fraudulent securities.

“There are many types of securities that are not banknotes, roughly the originals of which are printed on ordinary color printers: MMM tickets, coupons, shares, bonds, etc. In fact, they started using these points to immediately distinguish the fake,” explains Masalovich.

Today, technology is widely used when conducting forensic examination of documents, director of the technical department of RTM Group Fedor Muzalevsky told socialbites.ca.

“An investigation or court is often faced with the task of understanding on which printer a particular document was printed and when. This is where microlabel technology used in printers helps. “Law enforcement, detectives and information security experts use it to investigate crimes,” he said.

Cybersecurity researcher Dmitry Boroshchuk, head of the BeholderIsHere Consulting agency, added that his colleagues periodically use monitoring points when investigating information leaks. The technology allows you to understand which employee printed the leaked document and on which printer. As a rule, the practice concerns the leaking of trade secrets as part of unfair competition.

Secretly all over the world

The printer’s hidden markings on the paper can be seen by shining a blue light on them. True, you will have to look closely, as the radius of the blonde spot is only 0.1 mm, which is equal to the average thickness of a human hair. However, even if all the points on the page are detected, it is not possible to get any information from them without preparation.

As Dmitry Boroshchuk of BeholderIsHere Consulting notes, over the years after the discovery of tracking points, enthusiasts have developed various software that allows them to automatically detect and decrypt the points. One of these is the DEDA service, which can be downloaded from GitHub. Additionally, this service allows you to configure the printer to print user information as hidden dots.

“Hypothetically, this service could be used by attackers to transmit secret messages. It could also contaminate pages, making it impossible to read and decrypt factory tracking points,” he said.

Fyodor Muzalevsky added that the technology could potentially be used to falsely tarnish a person’s reputation. This scenario is likely to occur in the context of unfair competition.

“Tracking points can be used to ‘frame’ the owner of a particular printer by printing on it a provocative document or fake pages of a particular contract,” he said.

However, according to Muzalevsky, its popularity is controversial due to the complexity of the method.

In the vast majority of cases, experts believe that this technology does not threaten a large number of users.

What are you thinking?

The vast majority of color laser printers introduced throughout history leave invisible marks on each sheet of paper when printing. Using them, you can determine which printer the document was printed on and when. Over the decades of the technology’s existence, software has emerged that allows you to print secret messages using it. Potentially, such software could be used by attackers to transmit dangerous information, but it is more often needed by forensic scientists to identify sources of leaks in government agencies and large companies.



Source: Gazeta

Popular

More from author

There was a reaction in Crimea to Trump’s advisor’s words regarding the status of the peninsula 08:05

Donald Trump's senior advisor Brian Lanza's statement calling on Kiev not to consider returning territory, including Crimea, is quite bold. This assessment of Lanza's...

A fire broke out in the Bryansk region as a result of a UAV attack 07:57

Non-residential buildings caught fire as a result of a drone attack in the Bryansk region. me on this one telegram channel Governor Alexander Bogomaz...

Russia took control of the territory of the Druzhba camp in Chasovoy Yar 07:16

Russian military personnel took control of the former Druzhba pioneer camp in Chasovoy Yar. I told you this TASS Head of the operational headquarters...

Russia triples its chocolate supply to the USA 07:19

In 2024, Russia increased its chocolate supply to the USA by 3.5 times. writes about this RIA Novosti Citing the American statistical service. News is...