Tuesday 20 May 2008

For (Very) Public Release: The FBI Exposed

A US Department of Justice report was published recently on the interet, with some of its sensitive information hidden from public view. According to Matt Blaze's blog, the Implementation Of The Communications Assistance For Law Enforcement Act By The Federal Bureau Of Investigation report exhibited a classic redaction mistake. Essentially, you can uncover the hidden text by pressing the Ctrl-A, Ctrl-C and then (after opening a text file) Ctrl-V keys. In other words, it's the old select/copy/paste gambit.

Redacting information by obliterating sensitive text with big black lines works sometimes. However, it's easy to get wrong and there have been many cases where those who should know better have attempted to hide data but have failed to do so effectively. Sometimes the results are embarrassing. Other times they have been deadly.

1 comment:

  1. Of course < suckeggs > this shitty way of redacting information can be used well, um, as well. I like the whole "black text on black background" thing when people use it on blogs to hide spoilers about TV programmes, answers to riddles; that style of kidney. If you want to see what the text says, just highlight it which has the effect, with a default Mac setup at least, of revealing the text as white reversed out on a blue background.< /suckeggs >

    I know, I know; the point you were making was about security, and I completely agree with everything you say, ever.

    Actually, the more I think about this, the more I think making my tangential observation was pointless and doomed from the start. Quick, hit Publish before it's too late!

    (BTW, when I went to post this, Blogger told me that the HTML tag < suckeggs > was not allowed. God I hate The Man...