back to article Anonymity proves grey area for IDScan

Security software provider IDScan has been left red-faced after a page of supposedly anonymous details of ID cheats on its website turned out not to have been anonymised after all. IDScan have developed a range of products designed to assist retailers and licensed premises in complying with laws that aim to regulate the sale of …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Resize

"Unfortunately, as the page was created in acrobat, it is but a moment's work for anyone with a little technical expertise to remove the grey and to expose personal details."

For those with less technical expertise you could just resize the acrobat reader window and you get a full half second to read the names before it redraws the overlay.

0
0
Anonymous Coward

not even greyed-out

if you're using an old slow version of acrobat (v5) on and old slow machine (ancient sparc desktop at work) on an "obscure" OS (Solaris) then you can see the page render by first displaying all the images and then drawing grey boxes over the bits they wanted to obscure. Yes, it is the tried and trusted "here's all the data and these are the bits we don't want you to see" technique!

0
0
Bronze badge
Anonymous Coward

One way to keep the information secure...

I received 78 pages of emails from a Freedom of Information request last week. They had all been printed out, names "redacted" with marker pen, scanned in again, and turned into PDFs. A large amount of labour and waste of paper and ink, not to mention inconvenience for me not being able to search them without resorting to OCR, but at least the censorship was effective!

0
0
Bronze badge
Coat

A bit boring

Mine's the jacket with the Paratime Police badge.

0
0
Thumb Down

the offending page (pdf) will be gone very shortly,

Hmm, three hours and it's still there...

0
0
Anonymous Coward

Export

If using Acrobat Professional then simply export all images.

0
0
Anonymous Coward

Digital Tip-Ex

So basically, to keep details confidential, they've been relying on the digital equivalent of putting Tip-Ex on the screen?

This is the most utterly cretinous thing I've heard in a long time.

There really isn't a suitable icon for this. I'm not going to insult Paris. Using the Paris icon for this would be a gross insult to her intelligence.

0
0
Anonymous Coward

@Resize

Or simply run pdftotext on it? If it's an image, though, even a rudimentary knowledge of the PDF structure should be enough to figure out which bits are overlay and then cut them out of the file.

0
0
Anonymous Coward

All right, smartarses ...

What is the best way to securely remove words from a PDF document?

I'd like the result to be as small and as scalable as the original, so I don't want a giant image file at a fixed resolution.

Don't forget that if the original uses a variable-width font then with a dictionary it is possible to get down to a shortlist of just a few words by accurately measuring the space between the surrounding words (the word "map" is slightly wider than the word "nap", etc). So printing the document out, cutting the offending words out with scissors, then scanning the result, isn't even all that secure.

0
0
Gold badge
Happy

"Security software provider IDScan"

So, their idea of suitable sekkuritty softwarez to protect ID data is Acrobat?

Ah, I love the warm feeling you get from seeing a really top-notch FAIL.

0
0
Paris Hilton

still there at 15:27 27/04

I hope these are made up ID's.......

Paris? She knows all about leaks onto the Internet

0
0
Gates Horns

Hust use a free PDF to Word convertor....

Then you can remove all the formatting from the PDF and see the details below the greyed out area!! lol

No expertise required!

0
0
Silver badge

@All right, smartarses

The best way to remove the words is... any method that actually removes the words. In this case editing the photos of the cards before putting them in the PDF would have been the obvious answer.

0
0
Anonymous Coward

Still there...

And how come they are mostly Scousers?

0
0
Paris Hilton

Fakes

"several of the cards featured by IDScan would appear to be fake rather than novelty."

Like which ones, exactly? They're all fakes - there's not a copy of a legitimate card amongst them.

0
0
Silver badge
Flame

@All right, smartarses ...

"So printing the document out, cutting the offending words out with scissors, then scanning the result, isn't even all that secure."

Eh?

Why not just edit the orginal images before preparing the PDF or was that a deliberate troll?

0
0
Silver badge
Stop

The time is 21:20

... and it's still there!

BTW I've also noticed that they haven't even made an *effort* to obscure the card holders' signatures...!

0
0
Anonymous Coward

Jermey - Fakes

[quote]

"several of the cards featured by IDScan would appear to be fake rather than novelty."

Like which ones, exactly? They're all fakes - there's not a copy of a legitimate card amongst them.

[/quote]

A FAKE is a copy / imitation of a genuine card. A NOVELTY is a card that may appear to a casual observer to be an official card. Bit like a FAKE 20 dollar bill when compared to NOVELTY 20-whatever-it-is Monopoly money.

0
0
Paris Hilton

@ skelband

"Why not just edit the orginal images before preparing the PDF or was that a deliberate troll?"

The explanation was in the comment you were responding to.

"***********************" isn't going to be "Bee", and "***" isn't going to be "Cholmondeley-Warner". Take detailed information about the font into account, and you can narrow down the possibilities considerably. Information is still leaked.

The point was that it can be a lot harder to securely redact documents, including images, than you might think. Editing the original images, as you suggest, might not be as secure as you might think.

As a quick experiment, redact "Bee", and then see if the same redaction would be enough to cover "Bay". Depending on your redaction, you might be surprised!

Paris, because of something to do with paying careful attention in relation to loss of privacy.

0
0
Anonymous Coward

Still There

It's still there, late on Tuesday evening. Just after 8:50PM on 28/04/2009 as I write this, and it's still there.

0
0
Anonymous Coward

Still There

Now it's Thursday afternoon, after 4PM on 30/04/2009 as I write this. It's still there.

0
0
Linux

At least they covered the images

which is more than this lot http://www.morningadvertiser.co.uk/news.ma/article/82882

I can't seem to extract the data - they must have put a new version up

0
0
This topic is closed for new posts.

Forums