[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] Re: "Redacted" DoJ PDFs still leaking confidential data
________________________________________ From: Matt Blaze [mab@crypto.com] Sent: Saturday, May 17, 2008 8:12 PM To: Peter Swire Cc: David Farber Subject: Re: [IP] "Redacted" DoJ PDFs still leaking confidential data Hi Peter, The problem arises from ad-hoc methods of redacting, such as pasting boxes over redacted text. There are easy (but apparently not widely known) ways to do it better. The NSA has a redaction manual (linked in the blog post below), and the most recent version of Adobe Acrobat has a "redaction" function built in. -matt On May 17, 2008, at 20:00, Peter Swire wrote: > Dave: > > It is a public service for Matt Blaze to show the ineffectiveness of > the DOJ’s redaction process. > > In light of the government tendency to err on the side of secrecy, > could Matt or other readers point us to high-quality and easy-to-use > ways to redact government (or other) documents? Do changes need to > be made to widely-used word processing and similar software? > > If redaction is easy to hack, then DOJ and other agencies will try > to prevent release of documents entirely. Transparency, the Freedom > of Information Act, etc. – strong reasons to have redaction be > workable, or else the public will see even less. > > Peter > > Prof. Peter P. Swire > C. William O'Neil Professor of Law > Moritz College of Law > The Ohio State University > Senior Fellow, Center for American Progress > (240) 994-4142, www.peterswire.net > > <snip> > > Data leaks from ineffectively redacted PDFs go back for > years, and the DoJ itself has been burned by this several > times already; one would think the government might have > learned by now. In this case, the "sensitive" data is > fairly innocuous (and, I'd argue, was data the public has a > legitimate right to know in any case). But if this represents > the DoJ's normal redaction practices, next time it could just > as easily be a court filing containing the names of > confidential informants. > > Last night, after I blogged about it, the DoJ took the entire > web site for its Office of the Inspector General off the air, > presumably to check for other leaky PDFs. > > For the original leaky PDF and context, see my > blog post at > http://www.crypto.com/blog/calea_retrobugs/ > > -matt > > Archives > > -------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC