And there’s no trace
In different sources, the technology of marking paper by printers is called differently: “tracking dots”, “yellow dots”, “machine identification code” and more. But in forensics, the system is often referred to as “tracking points,” according to Andrei Masalovich, an OSINT expert, former KGB lieutenant colonel, and creator of the Avalanche Internet monitoring platform.
“Tracking points are a form of steganography; a way to covertly transmit information by hiding it among other data without being encrypted. That is, you look at a piece of paper and not only do not understand the code, but in principle you do not realize that it exists,” says Masalovich.
It is accepted that the creator of the technology is Xerox. Developed and put into use in the 80s of the last century. The technology involves applying yellow dots, invisible to the human eye under normal conditions, to the paper.
The dots are combined into a code, from which you can find the serial number of the printer, as well as the time and date when the document was printed. In some cases, this information allows you to identify the person who printed the document.
Officially, “tracking points” were invented by Xerox at the request of the US government to catch counterfeiters who were using printers to create fake invoices. This method of identifying printers has been used covertly for decades and has been adopted by other office equipment manufacturers in the meantime. The tracking points were only made public by the Dutch police in 2004. reported about their use to catch criminals.
Later Xerox and then other printer manufacturers acceptedtransfer of points decryption keys only to law enforcement agencies of various countries and only for the investigation of criminal cases. That’s why Canon said it added the technology to its devices “to minimize the potential for improper use of its products.” Masalovich noted that today nearly all printers from all manufacturers have this option.
“In 2018, scientists from the Technical University of Dresden analyzed more than a hundred printer models from 18 manufacturers. Researchers have found several printer models that literally “don’t suck.” “All other models have slight yellow spots left,” he said.
Successful borrowing
According to Masalovich, the use of monitoring points in Russia was successfully learned in the 90s at the request of state institutions. The excuse was the same as in the West: investigation and prevention of cases of fraudulent securities.
“There are many types of securities that are not banknotes, roughly the originals of which are printed on ordinary color printers: MMM tickets, coupons, shares, bonds, etc. In fact, they started using these points to immediately distinguish the fake,” explains Masalovich.
Today, technology is widely used when conducting forensic examination of documents, director of the technical department of RTM Group Fedor Muzalevsky told socialbites.ca.
“An investigation or court is often faced with the task of understanding on which printer a particular document was printed and when. This is where microlabel technology used in printers helps. “Law enforcement, detectives and information security experts use it to investigate crimes,” he said.
Cybersecurity researcher Dmitry Boroshchuk, head of the BeholderIsHere Consulting agency, added that his colleagues periodically use monitoring points when investigating information leaks. The technology allows you to understand which employee printed the leaked document and on which printer. As a rule, the practice concerns the leaking of trade secrets as part of unfair competition.
Secretly all over the world
The printer’s hidden markings on the paper can be seen by shining a blue light on them. True, you will have to look closely, as the radius of the blonde spot is only 0.1 mm, which is equal to the average thickness of a human hair. However, even if all the points on the page are detected, it is not possible to get any information from them without preparation.
As Dmitry Boroshchuk of BeholderIsHere Consulting notes, over the years after the discovery of tracking points, enthusiasts have developed various software that allows them to automatically detect and decrypt the points. One of these is the DEDA service, which can be downloaded from GitHub. Additionally, this service allows you to configure the printer to print user information as hidden dots.
“Hypothetically, this service could be used by attackers to transmit secret messages. It could also contaminate pages, making it impossible to read and decrypt factory tracking points,” he said.
Fyodor Muzalevsky added that the technology could potentially be used to falsely tarnish a person’s reputation. This scenario is likely to occur in the context of unfair competition.
“Tracking points can be used to ‘frame’ the owner of a particular printer by printing on it a provocative document or fake pages of a particular contract,” he said.
However, according to Muzalevsky, its popularity is controversial due to the complexity of the method.
In the vast majority of cases, experts believe that this technology does not threaten a large number of users.
What are you thinking?
Source: Gazeta
Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.