Tuesday, December 08, 2009

PDF’s and Redaction gone wrong… again…

The Wandering Aramean - The TSA makes another stupid move

“The latest is that their Screening Management Standard Operating Procedure is published on the internet.  I actually like that.  I don’t think that security through obscurity is a good idea.  Of course the document is marked SSI and includes this footnote on every page:

So the decision to publish it on the Internet is probably a questionable one.  On top of that, however, is where the real idiocy shines.  They chose to publish a redacted version of the document, hiding all the super-important stuff from the public.  But they apparently don’t understand how redaction works in the electronic document world.  See, rather than actually removing the offending text from the document they just drew a black box on top of it.  Turns out that PDF documents don’t really care about the black box like that and the actual content of the document is still in the file. [GD:Emphasis added]

…”

Look, redaction is something you have to be VERY careful with. It’s not something you can afford to screw up. You are redacting (aka blacking out, etc) the given text for a very important, if not critical, reason.

If you are redacting a PDF be extra careful! Don’t be added to this PDF Redaction Hall of Shame… (Actually try to not redact in the PDF at all. Do it in the source material and THEN PDF that… You want the redacted text to be gone-gone, truly and completely gone in any material you produce…)

(via Slashdot - TSA's Sloppy Redacting Reveals All)

 

Related Past Post XRef:
Another PDF Redaction Snafu
US Military PDF Redaction "Issue"
CSI Trick of the day: How do you look “under” black Magic Marker’ed text?

"Clean Up After Your PDFs"
Microsoft Word 2007 Redaction Tool and Source released on CodePlex
Office 2003 Add-in: Word Redaction

No comments: