Shostack + Friends Blog Archive


Redaction Is Harder Than Public Speaking

andrew-cushman.jpgDid you ever have one of those days where you had a great, totally unfair pot shot to sling at Microsoft, and events just overtake your plans? It started out when I watched the videos of “Blue Hat 2005 – Security Researchers come to MS, Part I.” [link to no longer works] Now, I have some insight into the training and precision that Microsoft deploys in their media efforts. So Cushman? Look at the camera like a talking head. Look at your interviewer. Never look down like that.

So anyway, other than not having tuned the pot shot, what went wrong? Well, it all started with the screen capture. Using Apple’s built-in screenshotter, I took a snapshot of the playing video. I then used Preview to crop it down to size, and opened it in EazyDraw (a vector drawing program) to add those slick Bezier curve arrows. All well and good. I have a nicely cropped picture of Mr. Cushman to scribble on, and the rest of what was on my screen is gone. Then I move the image and ker-pow! Two-thirds of the rest of my screen shows up again. After I’d cropped it away.

Now, I know redaction is hard, and I had seen references to NSA Document Redaction guide being made available. (Redaction is the process of blacking out data from a document before you share it.) I’ve talked with Max Dornseif about his work on redaction. This blew me away. Steven J. Murdoch and Ben Laurie [] mentioned that cropping of vector graphics is hard, so the usual approach is to draw a cropping box, and tell the PDF interpreter to only show the contents of that bounding box. But other data is still present. The PDF interpreter is drawing it, and only showing you a piece of what it has drawn. In this case, the hidden data was a few email addresses and subjects, and an IM conversation I wouldn’t have wanted to share. I’d show an example, but I’m not confident of my ability to remove the excess data.

Final redaction was done by saving from vector to image format, then running that image through Galerie to shrink the image down and get the nice framing box.

I’m doubly glad I used the magic marker and scan technique for the TSA document.

One final plug, Safari DownloadComment [link to no longer works] is a great little plugin for Safari that silently adds the URL to downloaded files, so you can see where a file came from with the Finder’s “Get Info.” Which was useful with all those PDFs I downloaded.

I think it must be divine justice that distracted me from slagging Mr. Cushman, because lord knows, I’m not the world’s slickest presenter. Now it’ll be doubly hard for him to get back at me.

3 comments on "Redaction Is Harder Than Public Speaking"

  • Asteroid says:

    Random thoughts while reading this:
    1) One look at EazyDraw’s website suggests that it is an art program that has no artists at all involved in its production.
    2) I beleive Illustrator can be coaxed into true vector cropping. May require an EPS export.
    3) The URL in the Get Info feature used to be standard issue on nearly all Mac browsers. Not sure why it has seemed to vanish.

  • Adam says:

    Yeah, I found eazydraw (somehow) before I found OmniGraffle, got used to the UI quirks, and now find that I can do a lot with it quickly. They’ve also added features specifically for me. (You can throw version control keywords into a document, and when you check it out of CVS, the keyword expansion will show up in the document. Thus, I can throw a $Id$ tag into a picture, and as I check it in and out of CVS, see the version that I’m working on.

  • Elphaba says:

    ha ha ha, like The Cush is a PR guy… BlueHat would never put a PR guy up to talk. That’s just not cool.

Comments are closed.