Did you know your printer could be spying on you? This isn’t a crazy conspiracy theory or some unsubstantiated insider leak from within a printer company. The threat is real according to the Electronic Frontier Foundation (EFF). We have also heard some occasional rumblings around this issue, so let’s have a quick look at something exciting.
This potential exposure of privacy has proven to be true, and it is centered around color laser printers. The EFF has broken some dot-pattern ‘fingerprints’ on certain families of printers. It has been found that very tiny imperfections are added to printed materials by manufacturers, which in turn may actually be identifiers that can be used to track down a specific printer.
This printer's fingerprint information is actually coded in firmware resulting in patterns of yellow dots added by printers to the background of every page they print. The yellow dots are very difficult to see with the naked eye but can be easily observed under bright blue light or with a microscope. This phenomenon was discussed at length by Mikki Hypponen in several talks he gave regarding privacy and printers.
Hiding in Plain Sight?
On the right, it is easy to determine the dots and colors, but on the left – not so easy, particularly when this is shrunk to the scale of a normal printer and dot sizing.
Now let’s think about the same piece of graphics, but to scale. If one were missing, the mind tends to ‘insert’ information, which would make the immediate detection of this difficult.
The reverse is true as well. The mind tends to make estimations that fit expectations. If a brown, blue, green or even blank area has a tiny yellow dot we tend to not see it. Our mind ‘averages’ the area, skipping over small imperfections.
Inserting dots or replacing existing ones with yellow color is easily skipped by the mind. The following provides a sample of a printer fingerprint using inserted yellow dots. Imagine seeing this to scale.
Recently manufactured color laser printers intentionally add hidden information within printed materials to make it easier to determine very specific information as to what device was used to print a document. This is entirely feasible on a mathematical scale. Think of an entire page, the number of dots that can be printed, and the resulting combinations of a few dots that could be placed as identifiers.
In recent years, some manufacturers have mentioned the existence of the tracking information in printer documentation while others have not. However, little information has been conveyed as to how it works or what information is being conveyed. It would be fair to assume that all printers insert a series of small imperfections or patterns into all printed materials. As stated, these act as a printer fingerprint, providing identification information regarding the manufacturer, model, and specific serial number of the printer.
It does not take much of a logical leap to conclude that individuals can be associated with printed materials. The availability of determining who did the printing can be readily determined if there is any record (sales, registration, etc.) of a specific person purchasing a printer incorporating this technology.
Many people believe this was intentionally done as part of an agreement between the United States Secret Service and printer manufacturers, perhaps to track down and ultimately deter counterfeit currency operations, ransom attempts using printed notes, or other printer-supporting crimes.
There is no law requiring printer companies to assist law enforcement (or other agencies) with tracking specific printers by incorporating this technique. Conversely, there is no law preventing the use of this method of associating printed materials and specific printers. There also appears to be no solution to avoid being tracked. The identifiers are hard-coded in the printer’s firmware.
The EFF has compiled a list of printers that may be spying on you, which is located at the following site:
The EFF has also made progress in identifying and interpreting the meaning behind some of these dots and patterns. This information can be found at The Machine Identification Code Technology Project:
The Good, The Bad
It appears to be a technique limited to color laser printers, which makes me assume a specific problem was addressed and solid reasoning was used by printer companies prior to implementing the solution. I would also like to think the intentions leading to this technique being programmed into the printers were all good.
However…why the complete lack of information or transparency about it?
Incidentally, there are a few rumors indicating there may be other types of patterns or markers in other types of printers as well. I am sticking with the known as opposed to the great unknown. Chasing all loose ends and conspiracy theories seems to waste time as opposed to producing results. Results, of course, are the whole purpose of delivering something you want to read, ponder, and enjoy.
Sorry for the digression. Let’s wrap this one up.
As a security professional, I tend to keep plugged into discussions surrounding privacy. I’m sure many of you are the same. Our profession often requires us to follow both security and privacy trends due to personal, social, or political interests around the subject. Regarding privacy in regard to this particular issue, I believe transparency would be extremely welcomed.
As always – stay informed, stay safe, and keep fighting the good fight.