Monday, October 17, 2011

How to not redact a PDF - Part #57

naked security - How NOT to redact a PDF - Military radar secrets spilled

"The UK Ministry of Defence has been caught out again by a schoolboy error - not knowing how to properly redact a PDF.

As Naked Security has explained before, if you're an organization that is making public an internal document, you best make sure that you have deleted or blacked out any personal, confidential or actionable information.

The act of obscuring the sensitive information is known as "redaction", and it needs to be done properly if you want to keep something secret.

For instance, simply putting black text on a black background does not stop people from cutting-and-pasting the contents.

When a 22 page PDF document called "Air Defence And Air Traffic Systems Radar Transportation Study – Part 2" was published on a parliamentary website, it was hoped that its more sensitive contents would be properly redacted.

But, as the Daily Star reports, although there were sections "blacked out", the contents could easily be recovered simply by cutting-and-pasting. ..."

I'm not even going to rant or vent about this. [Insert any number of previous rants in below posts here]... sigh

(via @ComplexD - tweet)


Related Past Post XRef:
Redactions and PDF’s, the right way…

LOOK, if you are redacting text in a PDF, DON’T just use a black highlighter!
And AGAIN a PDF Redaction gone wrong... When will you get the message!?
PDF’s and Redaction gone wrong… again…
Another PDF Redaction Snafu
US Military PDF Redaction "Issue"
CSI Trick of the day: How do you look “under” black Magic Marker’ed text?

"Clean Up After Your PDFs"

No comments: