In Future, Printer Documents You

[Jason Dookeran] reminded us of something we don’t like to think about. Your printer probably adds barely noticeable dots to everything you print. It does it on purpose, so that if you print something naughty, the good guys can figure out what printer it came from. This is the machine identification code and it has been around since the days that the US government feared that color copiers would allow wholesale counterfiting.

The technology dates back to Xerox and Canon devices from the mid-80s, but it was only publicly acknowledged in 2004. With color printers, the MIC — machine identification code — is a series of tiny yellow dots. Typically, each dot is about 10 microns across and spaced about a millimeter from each other. The pattern prints all over the page so that even a fragment of, say, a ransom note can be identified.

Apparently, printers use different encoding schemes, but reading the dots is usually done by scanning them under a blue light.

The EFF has an out-of-date list that identifies many printers that track. But they point out that some printers may use a different method, especially those that can’t print yellow. They also mention that it is likely that “all recent commercial color laser printers” print some kind of code.

If you want to check your printer, [Jason] points out an Instructable and a website that can decode common patterns.

While we can think of times we are glad people can figure out the origin of a death threat or a ransom note, we can also think of times when we would like whistleblowers or people with different opinions to be able to print things without fear of retribution. But either way, the technology is an interesting real-world example of steganography.

We prefer these yellow dots. Yellow steganography reminds us of turmeric.

Title image: “Yellow dots produced by an HP Color LaserJet CP1515n” CC BY-SA 3.0 by [Ianusisu].

75 thoughts on “In Future, Printer Documents You

  1. Imagine the collusion it took to get all the manufacturers to implement this.

    And now we hear relatively little fuss from governments about being able to track down anonymous skype calls or whatever.

    Clearly anything you do digitally is slathered with identifying information from advertising trackers etc, but no doubt the equivalent of those dots are also embedded in all the hardware if governments need to resort to that.

    1. Since governments are already monitoring everything and something like 85% of the information they want to collect on you comes from the metadata anyway . . . well, there’s no reason to push for being able to access the contents of the call itself.

    2. Collusion? No. Nothing conspiratorial or illegal happens. There are no bribes or anything below board. All it takes is a letter from the FBI or some other three letter government agency to the executives and it is done.

      Everyone who implements this stuff believes they are helping The Good Guys find and catch The Bad Guys, and gladly does what is asked.

      There are no kickbacks or promises of immunity or anything other than “thank you, please let us know how to decode what you put on the page and keep this secret as it is a matter of national security.”

      1. That is still collusion. If the FBI or whatever TLA sends you a letter asking you to violate the privacy of your customers, you do not have to comply with it. If it is a court order or NSL, you will likely have to comply, but it will have limitations (i.e. it won’t say “spy on the entire country”, but identify a target or targets).

        This is just like when Verizon was in collusion with the NSA to spy on millions of US citizens. Doesn’t matter that the NSA asked Verizon to go beyond what was legally required, Verizon should never have agreed.

          1. Actually, they do. The problem is when companies decide to cooperate without respect for the law. Take PRISM, when Google refused to cooperate out of the law (i.e. will only respond to valid FISA requires and court orders), the NSA found internet backbone provides (without backbones apparently) willing to give raw network access to the NSA, including from private/dedicate network connections. This let them spy on Google traffic before it was encrypted. Those network backbone providers could have (and should have) just refused to blanket wiretaps to all their network traffic.

            In a way, by naively spreading misinformation that laws don’t apply to national security related domestic surveillance you are helping setup the next spineless exec who will decide to cooperate without consideration of laws or civil rights.

      1. Jim Browning on youtube can, One middle aged dude in his loft can do 100 times more to investigate mass scale organized fraud than all the insurance investigators, bank fraud departments, law enforcement, and state security agencies of the world combined.

    3. While it’s not a great state of affairs, my alternative take on this stuff is that that’s exactly what the NSA or GCHQ are *supposed* to be doing with our tax monies and we’d be rightly upset if they *couldn’t* track down criminals and terrorists etc. through these sorts of methods.

      Whether you trust them to only use their powers for good is another argument – as much as I accept that the five eyes can probably see everything we do online if they should be interested, I’d rather hope that less friendly governments and other entities are prevented from doing so as, again, that’s the sort of thing you’d expect the NSA and GCHQ etc. should be doing as their bread & butter.

      1. Maybe there is some context missing from your post, but just to be clear, you are advocating for the NSA to break laws and violate the civil rights of 100s of millions of US citizens, so they can track down a relatively small (compare the number of people who’s civil rights are being violated) amount of people, should the need arise?

    4. Jack, I worked on the development of early color laser printers. We were as surprised as you to learn that the electrophotographic mechanism inserted the yellow dots, and were told the dots were required by law in Japan, our (and most at that time) mechanism’s country of origin. We definitely didn’t conspire with our competitors. :)

    5. Not all of them did.

      You can do the research.
      Unrelated: I like OKI color lasers. The per page cost is high, but they don’t dry out. I’ve always been able to find 1-2 gen out versions for super cheap, almost inkjet cheap. Starter toner packs are small, but so is my page count.

      That doesn’t say there isn’t another tag on the ‘untracked’ printers that hasn’t been discovered yet.
      Nor that the next printer software rev will ‘fix’ the issue.
      Nor that MS/Apple will fix the issue with the next printer driver.

      There’s always tiny scratches on the transfer roll anyhow.

      1. “but they don’t dry out.”

        I’m glad that’s not an OKI specific feature, but just the way that laser printers work.
        My first “laser” printer was an Okipage 4w LED printer. Bought it with my own money in high school while real laser printers were still entirely unaffordable and the other printer in the house was a dot matrix. I loved that the text output wasn’t pixelated, didn’t bleed, didn’t run if it got wet, didn’t need to dry, and, as you point out, never dries out. I’ve had lasers ever since.
        I actually just got a beast of a printer a couple weeks ago at an auction…HP Laserjet 4000N, still working but sold because the business that was moving didn’t want to haul it to their new space across the street. It has a freaking coax connector on the Jet direct card. Can’t wait to boot it up and check the page count.

  2. The only that I’ve tried copying money was during college. I explained that after I made a bunch of copies of a $100 bill, I intended to laminate them. They insisted on helping me through the process but I think that was more out of curiosity. The dress turned out ..ok.

    1. It likely varies by the printer you are using. For 1970s 9-pin dot-matrix printers, it would probably involve moving the paper to the desired location then printing the period character. Not all printers provided the required up/down and left/right micro-movements to let you print a character to an arbitrary location on the page though. For anything newer, I would start by looking at the source code of the printer driver or PPD (for PostScript-native printers) or similar-for-your-printer’s-native-language file.

      If you have a PCL printer, page 13 of PCL 5 Printer Language Technical Reference Manual: Part II may be helpful. It’s a demo of how to do some simple vector graphics using the printer’s HP-GL/2 mode.

      Here’s the code to draw a triangle in the BASIC programming language (the C-language example is a few pages down in the manual):

      10 LPRINT CHR$(27);“E”; :REM Reset the printer
      20 LPRINT CHR$(27);“%0B”; :REM Enter HP-GL/2 Mode
      30 LPRINT “IN”; :REM Initialize HP-GL/2 Mode
      40 LPRINT “SP1PA10,10”; :REM Select Pen & move to 10,10
      50 LPRINT “PD2500,10,10,1500,10,10;”; :REM Pen down & draw
      60 LPRINT CHR$(27);“%0A”; :REM Enter PCL Mode
      70 LPRINT CHR$(27);“E”; :REM Reset to end job/eject page

      I am assuming that this draws a triangle using the thinnest-possible lines the printer supports. I could be wrong, it could print them using some default that might be larger than the minimum for the printer. My guess is that the answer would be found in HP’s documentation for the PCL and HP-GL/2 languages.

      Assuming it does print with the minimum line width, I would expect that changing line 50 to something like

      LPRINT “PD10,10;”;

      or perhaps

      LPRINT “PD10,10,10,10;”;

      would do the trick. I could be wrong, the code above may result in a “0-width” printout, with nothing to show for it. If your printer supports PCL or HP-GL/2, give this a try and let us know if it works.

      By the way, there is probably an easier way to do it. I just typed “how to make a single dot on a PCL5 printer” and spent a few minutes skimming the results. I’ve never done direct printing to a PCL or HP-GL/2 printer at this level.

      1. Make a 2×2 black and white png with only one pixel black, set it’s physical size to 2/(dpi) inches and print it in any program which allows you to set image size on paper. You can make bitmap bigger but you need to set proper physical dimensions so that it matches dpi of your printer. I’ve done it to print myself a nice pattern (not just rectangular grid) for mousepad with perfect undithered grid of dots (but those dots were 2×2 pixels of printer resolution because it worked better for mouse sensor).

    1. Probably start with a brother, create a custom firmware or control board then scan the printed paper to confirm nothing new. I imagine it would then be a cat and mouse game which required replacing all the chips/boards.

  3. Open source, and hidden “features” free, printers when?
    Cant be harder to have a open source (hardware and software) 2D Paper Printer than it is to make a 3d printer. Of which there are plenty of well documented open source designs.

      1. I love the smugness combined with a non-answer. They aren’t asking for a two month project. They’re asking for a printer.

        To OP there’s no commercial or turnkey printing solution right now. With the privacy boom, hopefully that’ll come soon.

    1. Ironically that whole GNU thing got started because somebody was dissatisfied with proprietary firmware used to drive an early laser printer.

      It would be great to develop replacement control boards for a lot of enshitified consumer electronics, and I’m sure inkjets in particular would be an interesting challenge.

      I suppose one might be protected from patents having purchased the printer legitimately, but who knows. If this is an issue, maybe some decent brother printers are old enough by now?

  4. And suddenly it clicks why some inkjets refuse to print B/W when the yellow is empty. The times I’ve raged trying to convince it it didn’t *need* yellow for B/W…

    1. Hmm, makes you wonder, what if all that chip-lockdown of cartridges is to prevent incompatible yellow?
      And the leeching is just a handy extra.
      Or maybe the leeching is allowed by the people in power because they are told the yellow has to be specific? A nice con on the people in power and the regular folks simultaneously by the printer makers.

      1. ^ this, I doubt the security services are bullying them any harder than the accounts department who realise they can sell printer ink for more money than gold if they just keep kicking their customers in the groin.

  5. So do printer vendors all have to keep a database of printer serial numbers and names and addresses of purchasers? Is this database updated centrally somewhere? Is this mandated by any governments?

    1. I’d guess they probably more keep track of which batch is sent to which retailer and when, so that they could narrow it down to an area? I imagine registering for warranties and having devices phone home for updates also makes this a bit easier. It might not provide an exact location, but I imagine the authorities with access to other data could work that out from what little it does provide.

      1. yeah, I doubt they know “who” they sent which printer, it can most likely just said region… but then there’s whatver online connection you made for the printer when they try to force you to register or whatever…

    2. I think it works by matching documents to suspects’ printers, not doing a witch hunt for the printer that document came out of. ie the suspects are already known, so is the evidence, then make it likely to link the evidence to the culprit beyond reasonable doubt.

    3. Don’t know about printers, but many retailers do scan the serial number when selling high value electronics. I’ve mostly seen it with game consoles where return fraud is high. If you paid with check or card, or used any kind of rewards program, there’s absolutely a database at the retailer that can link the serial number to the buyer.

    4. No, in this case its more ‘we have the note, we have a suspect, we have the suspect’s printer, can we match the code on the note to the printer’.

      Its like matching markings on a bullet – you have to have the gun *and a suspect* in hand already in order to match it to a person.

      1. Or like in ye olden days, matching a typewritten document to a typewriter? I mean, it’s possible that there’s some kind of national database of printer owners, but I’d then also expect laws restricting selling printers to other people.

    5. Think about it. You can buy second hand printer in any street sale. You can copy a document you’ve printed in any “Laser copy shop”. Most likely, the shop doesn’t have video security, and even if it has, you can probably enter with a hoody and do your stuff.

      In the end, this watermarking process is made to capture **dumb** criminals that would print on their own printer and never expect to be suspected by the police. Once the police suspect the criminal, they’ll capture the printer serial number, check the pattern and deduce the origin. Any countermeasure will just throw off that type of identification.

    6. Warranty registration. Also online sales.

      With networked printers, they have your IP address, or at least your NATs IP on a date you let it update firmware.

      Best not to let it communicate w world and update w local methods.

      Best to whitelist devices out.

      What good reason does your IOT bidet toilet seat have for a 20Mbit/sec up stream?
      Printer/TV aren’t different.

    7. Actually, in the day… they tracked every serial number. There was a special ‘untouchable’ board in there that encoded the dots. If you tried to copy currency, it would go into black mode.. black box where it thought money was. It even would black out certificates if they had doilies around the page.

    1. What happens if you print on yellow paper, or just print a yellow background? Is the firmware clever enough to detect and try to work around that by, e.g., changing the shade of yellow dot to subtly distinguish it? And I suppose is it just the firmware on the printer doing this, or do print drivers do it as well?

        1. What if some of the same yellow printer ink is extracted and airbrushed as a cloud of dots evenly over the whole page before printing? I imagine it would still be detectable, with more effort.

      1. Printing yellow on yellow paper will still show up.
        Printing a yellow background with any other color(s) would still contain plenty of data to read. The dots are spaced every few mm over the entire print area, at a regular offset pattern, with error correction included.
        Printing a solid yellow page would 100% obscure the dots, but they don’t care because that isn’t illegal

  6. That is why I always photocopy my death threats down there at the ol’ Fed-Ex / Kinkos prior to sending them off in big batches. One stop shopping. wait, unless that photocopier also puts in microdots. I may have to adjust my workflow.

  7. It’s a huge pain for any workflow where you put the same piece of paper through the printer multiple times, as the yellow dots stack up and become more than just “barely” noticeable.

    For example working with label sheets and trying to dial in alignment, or just trying to be economical and only use one or two of the stickers at a time.

  8. > so that if you print something naughty, the good guys can figure out what printer it came from.

    Though mostly its used by governments to track down dissidents.

  9. Go to a place that accepts electronics for recycling. Get a printer for little or no money. Manually refill the cartridges. You could also run all your paper through one or many other printers, printing “blank” pages, creating extra obfuscating dots.

    1. Nice idea, but won’t work. The cartridges have DRM embedded in them and shut off after an arbitrary number of “estimated pages” have been printed. The cartridges may still be half full of ink, but they won’t print anything out. They did this to spite the companies selling inkjet refill kits back around 2000. They wanted to sell cheap, nasty, low-grade ink for more than it’s weight in gold.

    1. Exactly my thought. Or even better to avoid leaving traces: scrap it and recover useful electronic parts. Old printers (the older the better) are literally a goldmine.

  10. I wonder if anyone has reverse-engineered the software embedded in the printer micro-controllers. Besides eliminating the fingerprints one made add new features or even repurpose the micro-controller.

  11. Print a blank page, put it back in printer rotated 180 degrees print another blank page. Do this on several different printers before using the paper in your printer. The dot pattern should be now confused enough to break automated methods, but subtle enough to not get noticed.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.