November 24, 2004

Pathetic Censorship Safeguards in PDF files

At the last DefCon there was an excellent presentation on how to thwart the censorship of documents done IN PDF.

Because the safeguards were SO ridiculously easy to defeat, the audience broke out in spontaneous applause as it was done right before their very eyes.

Don't believe me that it was that simple?

Here is a video showing how you can simply cut and paste around the blackout in a sensitive document belonging to KPMG.

Here is a video showing how you can copy the image from behind the blackout and paste the image to the clipboard clean. I am sure the Washigton Post didn't expect that when they published that PDF.

And finally, here is a video showing how you can simply select the blackout marks in Illustrator, and delete them!

So, if you REALLY think you can get away by blacking out sensitive information in an electronic document by using the PDF functionality... think again. You would be better off to print out the document, do old style black marker, and rescanning it back into PDF. Of course, as we have seen on Cryptome, even that is getting defeated now adays.

Posted by SilverStr at November 24, 2004 07:27 AM | TrackBack