Computer hardware is by and large compromised out of the box. Whether it’s sloppy factory code, or government-installed backdoors, it’s difficult to trust anything. A great example is that of color laser printers, the vast majority of which place hidden watermarks on printed pages. It’s a somewhat forgotten issue these days, but back in 2005, [bunnie] set out to modify a scanner to help better image and investigate these watermarks.
The watermarks in question have been investigated by the EFF, and often, but not always, consist of tiny yellow dots printed on the page. They can store data such as the name of the computer that printed the document, as well as the serial number and model of the printer used. With this functionality baked into the firmware, all prints made on such a printer are compromised.
The easiest way to see these watermarks is with blue light, which is reflected by the white paper, but causes yellow dots to show up as dark spots. To make scanning affected documents quick and easy, [bunnie] whipped up a linear LED light array, installing it in a spare slot in his scanner’s light assembly, next to the stock white CCFL. Usage is a little more complex, with the scanner’s automatic calibration getting confused if the blue LEDs are left on at the start of a scan. Instead, the LEDs must be turned off initially, and then powered up once the calibration is complete.
Results are good, with the tiny dots made much clearer in the test scans [bunnie] performed. Unfortunately, the watermarking technology has moved on, and it’s likely that modern printers use a variety of techniques that are even harder to detect. By and large, ransom notes are best made the old fashioned way – by cutting up some old magazines.
Why not just put a piece of blue plastic film on the glass and scan through that. Should have the same effect.
I am guy guessing that bunnie scanned in grayscale mode or had a grayscale scanner and grayscale tends to use green light and not white light to illuminate the page.
A blue filter might then absorbe too much green light to make it work.
I was wrong about the grayscale thing, he scanned in colour and had a white light source as well.
It said in the article that the blue leds screwed up the calibration, maybe a blue plastic film would do the same?
>> “By and large, ransom notes are best made the old fashioned way – by cutting up some old magazines.”
What are these, “magazines” you speak of? Were they a form of ancient communication?
I think he meant to say “by cutting up some old printouts.”
But where will you buy an old printer with a Selectric “Golf Ball” print head (or a dot matrix print head) to make those “old printouts”, it is not like you can buy old printouts. The purchase of a 40 year old printer will leave some kind of trail.
I think he meant to say “by cutting up old typewritten pages”
All modern printers pretty much print their make, model and serial number on every single page.
No. Old ransom notes were made by cutting out letters from magazines. To complete words . Now with DNA technology that may not be an option.
“it is not like you can buy old printouts.”
It’s EXACTLY like you can buy old printouts. Books, newspapers, magazines, menus, the trashcan at Kinkos.
Buy a typewriter at goodwill, write your note, donate the typewriter back.
At this point it’s probably cheaper to buy a label maker on craigslist, write your note and then sell it on the craigslist (if you want to sell it at all – I doubt there is any watermarking in label maker prints).
Can I print an online magazine?
Color laser printers do the same thing. Print yellow dots of the make and model
ONLY color printers print yellow dots.
Just remove the color cartridge, then no yellow dots.
Actually no dots at all as the printer refuses to print…
Melt a hole and drain all the toner from all color cartridge. (do it outside with high quality mask, those toner could cause you to spit up rainbow phlegm!)
No more hidden marks!
Printer with a fully depleted yellow cartridge will still print just fine.
Or just make the printer print an all yellow background, dots swamped out.
Won’t it just skip dots?
Fun factoid – Xerox brand color copiers(others as well) can recognize US money (not sure about other countries) and will in some cases either refuse to copy or lockdown and present an error when someone tries to copy currency. So if your into denial of service just try to copy some $20 or $100 bills on a color Xerox. Likewise I have seen errors trying to scan money using Fujitsu ScanSanp’s – this has to deal with something similar to this article as there are hidden marks in some negotiable instruments that cause the firmware to lockout the scan/copy.
Now for some fun, just put that pattern in paper work you give others :)
The mark on banknotes that makes them not want to print is called the EURion constellation.
https://en.wikipedia.org/wiki/EURion_constellation
It is a rather common thing for a lot of scanners to not want to spit out an image if detecting the constellation.
Some printers will likewise refuse to print documents with this constellation.
Fascinating!
I was not aware that this was a thing. Thanks!
That would only stop petty criminals, which is a good thing as they are the most common, but anyone with half a brain would realise that if the registration on a printer is good enough that they can double print a page so that there is no complete and detectable watermark on any single printing pass. Same applies to scanners, you scan twice with alternating parts of the note removed. Meanwhile things have moved on and money is made of plastic or not even physical at all in most transactions.
We tried. (And caused lots of questions on company front desk, where the copying machine was :)).
All in all – one half scans okay, another does not, even when folded. USD and Euro are both protected, russian roubles were not.
Added to my list of “things to try during the next miserable winter weekend”.
Thanks!
I worked for a company making casino games and one of the electronic card dispensers used a constellation of tiny yellow dots to identify and authenticate cards. It was the only one that worked reliably no matter how fast any of drew us the cards.
Heh, such a simple hack, and you can probably defeat the scheme by having a lot of random yellow dots of your own in the background of whatever you are printing. Would be interesting to see what the noise tolerance of their encoding was. As for “ransom notes” nah, they simply needed a way to catch money counterfeiters and identity document forgers etc.
It might be nice to add these constellations to e booklets to keep people from printing/ scanning them our triggering a resulting black page or wiped doc.
One word – DJVU. Also I strongly suspect that it works on scanning step, not printing one.
hack a CIS style scanner instead, these are relatively cheap and already have blue LEDs as part of the mechanism, or just use it straight up (ahem) as they are designed to do specifically these type of things quite often.
Reference A(eh) https://compo.canon/en/product/cis/
and https://compo.canon/en/product/cis/download/catalog.html
that’s likely one of many. Looks as if they often use a white LED (Cannon?)
http://www.mitsubishielectric.com/bu/contact_image/cis/index.html
also http://www.csensor.com/cis_modules.htm
Just a “how can this be done differently” thing. As most USB based scanners
1 USE a CIS imaging element
2 Have flash memory installed in the controller board
3 Use a standard processor
Just hacking a scanner to do this might not be as difficult as (the above). However it may not be possible to use the accompanying software (for the scanner) as you just wiped it out. Copying the original FW is unlikely (as most companies lock processor specific JTAG memory read operations and only the erase command will undo that).