top of page
  • Writer's pictureotw

Anti-Forensics: Avoiding the Pitfalls of Reality Winner

Updated: Nov 18, 2022

This past week, NSA contractor Reality Winner, was caught and arrested for leaking information to the Interecept. This was evidence that the NSA had collected that clearly showed how the Russian hackers had attempted (maybe successfully) to hack the U.S. election system.

This may be the MOST definitive evidence of how the Russians hacked the U.S. Presidential election in 2016. That is probably why Winner risked her career, and maybe her life, to disclose it. She is now facing a 10-year prison term.

Winner, after viewing the documents, printed them at work and then scanned them before emailing the documents to the Intercept. Presumably, she was doing this to avoid any traces of her identity. Little did she know that nearly all color laser printers now contain nearly invisible yellow tracking dots. Although these dots are nearly invisible to the naked eye, they appear quite clearly under blue light.The FBI was able to track her by using those yellow tracking marks. These tracking marks enable the forensic investigator to identify the printer by the serial number and the date and time the document was printed.

The Electron Freedom Foundation (EFF) has long been working to identify those printers with these tracking markers. Please find below a list of printers tested by the EFF and whether they leave identifying tracking marks on their printed documents. I have printed those in RED where NO tracking markers were found. I hope it goes without saying that those are the printers you want to use if you want to avoid forensic analysis and tracking.

653 views1 comment
bottom of page