NSA Redactions Fail, Fail and Fail Again.pdf

In light of the recent kerfuffle with the New York Times' editorial blunder, which, among other things

exposed the name of an NSA employee. I'd like to spend a moment looking at other failures of

redaction. It is not true that redactions always fail, but they quite often do, for a variety of reasons.

They include technical glitches, accidental releases of unredacted version, sloppy blackouts, the

existence of different versions of the same document with different redactions, and the availability of

information that allows the backouts to be logicked out.

Technical Glitches:

The use of Adobe Acrobat is the biggest source of technical reasons that redaction fails. When a

document has been OCR'd and then blackouts added, the OCR version often remains. This is what

happened to the New York Times. A different PDF problem happened to the Washington Post, with

images, the editorial department had simply used Acrobat to draw white boxes over an underlying

image. The image could simply be copied from the source document, and pasted into a photo editor,

and the unredacted version would magically appear.

Accidental Release:

Der Spiegel briefly published an unredacted version, listing all the Special Collection Service (SCS)

sites. This was quickly removed from ready view on the website, but not before it had been copied on

to a Cypherpunks site, and later on Cryptome. Another version of this happens when an item meant to

be censored was not, such as a single instance of Google, in a court document.

Imperfect Blackouts:

Sometimes the blackouts are misaligned and the tops or bottoms of the words remain visible, this

happened to l'Espresso, again with another document listing SCS sites, thus allowing Amman, Jakarta

Riyadh, and Taipei to be read. A second version happens when text is simply blurred, this is not always

fully effective.

Existence of Sufficient Information to Figure Out the Redactions:

Otherwise known as “How dumb do you think we are?” Yet another document listing all the SCS sites

was published by NRC, with approximately half the names blacked out. But each of the SCS sites was

marked by a red dot on a map, allowing a sufficiently determined person (namely me) to work out the

remainder, by simply reading a map.

A second version of this happens when the blacked out portions are sufficiently well described in

articles to allow the blackouts to be revealed. In some cases, you can even reconstruct whole

documents solely from the descriptions.

Existence of Alternate Versions :

There are all kinds of variations on this theme: the same document can be FOIA'd at different times,

and come back with different redactions, the versions can then be compared to allow a much more

complete version to become public. In the case of leaks, one version has been shown on TV, and

another released online. There are several instances of this, O Globo published online a heavily

redacted document, that they had already shown in full on television. So had CBC.

Technical Glitches

FASCIA slide as intended to be released by

Washington Post.

FASCIA slide revealed by copying the image

stored within the PDF and pasting it into a photo

editor. This version shows the limits of the

FASCIA database and NSA's MDR2 cloud on

which it resides.

Source: http://apps.washingtonpost.com/g/page/world/what-is-fascia/637/

Accidental Releases

Heavily redacted SCS site list as intended to be

released by Der Spiegel

Fully unredacted version as briefly shown on Der

Spiegel, before being removed from search,

though still available through direct link.

Source: http://cryptome.org/2013/10/nsa-cia-

berlin-spy-nest.pdf

Source: http://cdn2.spiegel.de/images/image-

561284-galleryV9-bhii.jpg

Imperfect Blackouts

SCS table as shown by l'Espresso. Image with the flaws in the blackouts highlighted.

Knowing that the list is alphabetized, and mostly

consists of world capitals, allows what few clues

there are to be exploited.

Source: http://espresso.repubblica.it/foto/2013/12/05/galleria/nsa-intercettazioni-1.144400#2

Existence of Sufficient Information to Figure Out the Redactions

SCS table, as shown by NRC The little red dots allow most of the sites to be

determined, or approximated. I have omitted some

deliberately, others are simply in regions that are

too crowded. The cities aren't necessarily in their

original slot in the legend.

Source: http://www.nrc.nl/wp-content/uploads/2013/11/nsa1024.jpg

Existence of Alternate Versions

Slide as shown on O Globo's website

Slide as shown on Fantastico TV (composite of

close-up pans) Still a bit difficult to read.

Decensored version.

Source: http://g1.globo.com/fantastico/noticia/2013/09/veja-os-documentos-ultrassecretos-que-

comprovam-espionagem-dilma.html

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: