Keeping Private Data Private: The Art of [REDACTED]

It’s … been a while since I wrote here.  I’m sorry.  But hey, good news, Megabytes is coming back to Money & Megabytes!  And since Joey needed a well-deserved break from posting this week, I figured now’s as good a time as any.

It’s been a busy few months, with some personal computer projects, speccing out new engineering workstation computers at work, and some good old-fashioned computer repair, all of which I’ll write about in the upcoming weeks.

Today, though, we’re starting back up with a Top Security Tip™ with Joe!  Today’s tip revolves around sending redacted information online.

If you have an image with personal information that you need to send over the internet, it may be temping to use the default pen on whatever image editor you use.  But be warned, many pens are not suitable for redacting information because they are actually slightly transparent.  This includes the annotation tool on iPhones and other iOS devices.  These pens are fine to draw with because the softness and transparency looks more natural than a pure-colored pen.  But because these pens don’t fully overwrite the color information, the data still exists.

Let’s get hands on.  I encourage you to follow along so you can see just how easy it is to recover poorly-redacted information.

Here we have a fake ID card that I made and redacted some fake personal information from.

I blocked out the personal information with a 95% opacity pen so you can’t see it. But just because you can’t see it doesn’t mean someone else can’t.

Editor’s Note:
It’s also really important to block out the barcode too. Lots of personal information can be encoded in that.  While it’s more difficult to extract than the plain-as-day method below, it’s not difficult for someone with the right tools.

Looks pretty dark, right?  Definitely can’t read it as is.  But remember what we know from above:

1) most text is perfectly black

2) the pen has some transparency, and is not perfectly black.

Therefore, using the curve editing tool in the freely-available open-source photo editor GIMP, we can make pure black very bright while keeping everything else normal.  The result?  The redacted information making itself plain as day.

Yikes.  Everything showed up.  Name, Street Address, Date of Birth, ID number, even the signature!  If this information was posted publicly, he would have a bad time.  Date of Birth and Address are typically sufficient to validate someone’s identity over the phone.  Someone could call Matt’s utility company to get more information about Matt’s lifestyle (current energy usage) and financial situation (unpaid bills?).  The information uncovered plus the information that was left unredacted (name of issuing agency [Fall River Department of Imagery], clearance level [A1 Unrestricted], photograph) could all be used to impersonate Matt at the Fall River Department of Imagery.  Since Matt has unrestricted access, it could be possible for someone without clearance to ask for restricted information under Matt’s name.  And guess what?  Matt’s going to have the blame for the leaked information placed on him.

Ok, what if the pen is set to 100% opacity, i.e. not semi-transparent?

Information recovered from a 100% opacity pen with soft edges. Only the center of the pen stroke is properly redacted.

Well, it does make it a little more difficult, but you can still make out “Williams” and “San Fransisco”, maybe more if your eyes are better than mine.

So, moral of the story?  Don’t post your personal information online if you can help it.  But if you have to, be like Joey and use a pen without soft edges in a pure, non-transparent color to redact your information.  Next Tuesday, I’ll go step by step in how to properly redact digital information.

It may not be the prettiest job, but Joey did a great job censoring his information. I went through each picture he posted to make sure that he wasn’t handing out his bank account info. He did well 🙂

tl;dr:

Pretty-looking pens in annotation tools, like the one included in iOS, aren’t suitable for covering up sensitive information.  Information covered by those tools can be uncovered in seconds using freely available software.  If you have to post a redacted document online, do so with a pen without transparency and no soft edges

Leave a Reply

Your email address will not be published. Required fields are marked *