http://www.makezine.com/blog/archive/2006/05/the_davinci_code_try_the_da_xe.html

Seems that the majority of colour laser printers actually encode the serial number onto each and every print out, using tiny yellow dots that are barely visible to the eye even under a blue light!

Worthy of note for many reasons...

eff.org actually had a story on that a few months ago. http://www.eff.org/Privacy/printers/ is the story URL, it even lists printers that do it and how to decode them.

I have to wonder how much U.S. taxpayers' money, likely in the form of government
contracts, was shelled out to these companies. Sucking on that cop-dick again !
I'll make sure I never purchase a printer from any company on that list. Talk about
a built-in paper trail !

It's intended as a way of getting your hardware to snitch on you to the police.

But what about using it against your own enemies?

Knowing that it's there, and possibly able to be hacked, you could get a printed page from your target, extract the embedded code, and program another printer to duplicate it for printing out something that'd get your enemy in deep-shit...like a threat letter against the President. :p

Or, in an office setting, find out who's printing out naughty stuff. ;)

Having looked a bit further, it turns out that these codes are hard-wired into the printers, after the actual image is sent to the printer. However, I'm going to try printing some very, very fine yellow dots all over a sheet then see if I can get it laser printed. I went to a copy shop today, and the guy there knew about it (mostly, he thouht it was just the serial number printed out), which suprised me a bit, but the two girls were amazed.

Oh, and you can see them really easily under a strong UV light from the front surface. The printer guy showed it me, it's better than a blue light when looking under normal conditions, and the dots look far larger.

However, I'm going to try printing some very, very fine yellow dots all over a sheet then see if I can get it laser printed.

Exactly this's what I was thinking of. I believe if one can determine the algorithm they use to encode their serial number / manufacturer name on the page, it's possible to circumvent the identification of the data which is printed by the printer hardware.

Maybe it's also possible to change it programmatically. AFAIK, all complex printers are service menus which can be entered into by typing certain key combinations via printer's key pad.

In my experience, I can get into Xerox combo printer's service mode, by keying certain combinations. Maybe there are some similar features in those printers too. Regards.

Perhaps a program that intercepts any files being sent to the printer spool, and that adds randomly generated yellow dots to the file in a similiar grid as your printer, would be just the thing to confuse Big Brother?

If you would check the URL I posted, It's already been decoded.
http://www.eff.org/Privacy/printers/docucolor/index.php#program

Who are you referring to, Geekspace?

When asking someone to do something, you need to make clear who it is that you are referring to, as more than one person has posted a response to this thread.

Because if you're referring to me, I knew about this since October 19, 2005, after it was discussed on schneiers security blog.

If you would check the URL I posted, It's already been decoded.
http://www.eff.org/Privacy/printers/docucolor/index.php#program
I was referring to a general application, most probably a printer hook which can intercept all printing jobs sent to the printer. And the link you gave covers only docucolor (Xerox) printers.

I mean if one doesn't know how the manufacturer of a specific printer encoded the identifiers, it shall be hard to write an application for that specific printer and it might be futile to try to render the code illegible / wrong and they might even have a crc check or something to make it difficult to tamper with. But a real problem with programmatic approach is most probably printer manufacturer prints its serial number etc. by means of printer's firmware, not through device driver, and it might be hard to solve this problem. Regards

NBK: I was referring to akinrog.

As for intercepting and changing spool tasks, it could be done. Sniff the data for the spool task off the line in promisc mode (and use ARP poisoning if it's a switched network), immediately inject some spoofed packets into the network cancelling the spool task, then broadcast your own task.

The modification of the spool task might require making a raster image with the text on it and then depositing the dots, which could be done via libpng.

Someone with experiance using libpng, pcap and raw sockets could probably code it in a few days.

...for the spool task off the line in promisc mode (and use ARP poisoning if it's a switched network), immediately inject some spoofed packets into the network cancelling the spool task, then broadcast your own task.

The modification of the spool task might require making a raster image with the text on it and then depositing the dots, which could be done via libpng.


If printing of the identifying information is carried out by means of firmware (i.e. the permanent software in printer hardware), then it might be difficult to tamper with the printed information.

And it's not clear from the articles linked to that article, whether or not they use just device driver (installed on the PC) or firmare of the printer. If the latter is the case, then even though one intercepts the spooling process, it seems difficult to prevent the machine printing the code. But if the former is the case, then it's feasible to intercept printing process.

In the latter case, one can print over his/her own code on the printer printed code to confuse investigators. Regards.

It's built into the hardware, according to the EFF.

The idea of adding dots is tricky, since they are so small, and you would therefore have to print at a much higher resolution than normal. However, a hack to the print spooler or print server would be the way to go. You then can't forget about it. However, see my footnote.

As for the decoding, only one printer range, the DocuPrint, has been decoded, and I bet that was "someone who knew". I have now looked at two different ones, and they are totally different. The Citizen range use a huge code, and the other one's from an unknown machine type.

Here is the results of a DocuColor print I got hold of. It worked perfectly, but I decided not to leave the serial number intact:

DocuColor pattern interpretation

This is an interpretation of the following dot pattern:

111111
123456789012345
7 oooo ooo ooooo
6 o
5 oo
4 o oo oo
3 o
2 o oo oo
1 o o o oo
0 o ooo o

This interpretation is based on reverse engineering, and may not be complete or current for every DocuColor model version. Xerox Corporation has no connection with this program, and does not warrant its correctness.

Parity mismatch for row 5.
Parity mismatch for column 1.
Correctable error at row 5 and col 1

Making correction and processing corrected matrix:

111111
123456789012345
7 oooo ooo ooooo
6 o
5 o oo
4 o oo oo
3 o
2 o oo oo
1 o o o oo
0 o ooo o

Printer serial number: 000054 [or 00000054]

Date: May 19, 2006

Time: 17:20

Column 15 value: 0

What is very interesting is that these dots are clearly visible under UV, even on a plain yellow background! Adding random yellow dots may not help at all! Note that it was a dull yellow, rather than full yellow, but run tests before you rely on it!

What I'm thinking is that by printing an image, you could deposit your own dots. If needed, throw yellow on the whole paper. You could get it JUST right by messing with opacity and filling in the yellow layer of the image.

What is very interesting is that these dots are clearly visible under UV, even on a plain yellow background! Adding random yellow dots may not help at all! Note that it was a dull yellow, rather than full yellow, but run tests before you rely on it!

Your statement made me suspicious of the possibility the yellow dots everybod is referring to, might be a special fluorescent (sp?) dye, which is especially printed by the machine.

And since the amount of each code prints requires so little paint, maybe there is a special device which only prints these codes, which does not need refilling. Regards.

That was my first thought, that they might use a special little "hole punch" to put the dots on. In which case disabling it would be very simple if you don't mind dissasembling ones thousand dollar laser printer.

However, at the same time, I have my doubts about it being a seperate thing. I'm really not qualified to have an educated opinion on this.

I'm just glad it's only colour laser printers that have this, so I don't have to worry about my B&W printer slapping it's serial number and date on everything.

You can't be sure of that unless you've conducted tests of your BW printer, too.

How many years did this sneakiness go unknown?

And it may not be dots. What about subtle flaws in the way the text is printed?

Like shifted raster lines, spurious flaws at the serifs, no ink in certain places in certain common letter groups that'll be in almost any sentence in a given language, etc.

You can only eliminate that which you know of.

You can't be sure of that unless you've conducted tests of your BW printer, too.

I am assuming that if the same technology was in B&W printers we would have heard about it by now(I know I would of). The technology was introduced apparently in 1995 by Canon when they discovered their printers were great for counterfeiting.
http://www.boingboing.net/2004/11/22/color_laser_printers.html

The fact that this technology is in nearly all colour printers including ones that can't convincingly counterfeit a blank piece of paper leads me to believe that eventually all printers will have this technology and that the government will have a database enabling them to instantly know who printed any documents.
It looks like cutting letters out of newspapers will be coming back into vogue soon.

I think dot-matrix printers may make a comeback. ;)

Seriously though, this is just part of the military/industrial complexes plans for universal persistant surveillance.

From cradle to grave, you'll be managed like cattle, for the sole purpose of consumption of goods as a consumer for the profit of the industrial corporations that run the world.

And any country that gets out of line in refusing to buy our goods gets the military part of the equation on its ass.

From cradle to grave, you'll be managed like cattle,

And just like cattle they will have no idea of the ultimate truths behind their very existence.

I can see them all in my minds eye; standing in line, happy, content, well fed, and chewing on their designer label cuds. Out of it on overpriced, unnecessary, and (most importantly) compliance forming prescription drugs they will all happily follow their personal Judas goat of choice to a FOX affiliate advertised, Halliburton built, tax payer funded <i>'re-education'</i> facility where just like in AA they will learn about how powerless thay are over their own lives and will then choose voluntarily to surrender what little control they have left for the betterment of society.

So am I a glass half full type of guy, or what?

Half-empty and like it like that. :)

What I'm pissed off about this issue, if a geniune criminal / counterfeiter uses such machines to do something ugly, I bet s/he shall use second hand or most probably a stolen device, which shall not help government officials at all.

And as far as I observe, this is rather a measure to herd the cattle not to stop criminals doing nasty things :mad: . Regards

What I'm pissed off about this issue, if a geniune criminal / counterfeiter uses such machines to do something ugly, I bet s/he shall use second hand or most probably a stolen device, which shall not help government officials at all.

And as far as I observe, this is rather a measure to herd the cattle not to stop criminals doing nasty things :mad: . Regards
It's that way for anything. If I want to shoot someone, am I going to use my legally owned handgun, or am I going to buy one off a corner which is going to be traced back to some old guy who lost it when his house was robbed?

If I want to post some kiddie porn(hypothetical question only people), am I going to do it from my own connection, or am I going to get into the car, and go find an open wireless network in the next town?

Think of the children my ass :rolleyes:, these laws and "features" in our technology are just there to give big brother an eye over little brother. :( It's too bad they make laws that harm the law abiding citizens, turning them into criminals.

Governments can only exert unlimited power on criminals, not 'good' citizens. Therefore, it's in the interest of governments to pass enough laws that anyone can be labeled a criminal at the governments whim.

Governments can only exert unlimited power on criminals, not 'good' citizens. Therefore, it's in the interest of governments to pass enough laws that anyone can be labeled a criminal at the governments whim.
Well put nbk2000. Sad, but true.

I checked my color laser printer and got nothing suspecious under UV light.

Under normal light I saw some colored dot-pattern (not just yellow dots) nearly on the center of the paper. Do these dots are the encoded serial number?

I checked also the B&W Laser and Inkjet printers I have, I got nothing (under UV nor white light).

But who cares! If they get my printer ID, they can't catch me. :)

Masking is another technique that can be used to prevent tracing via hidden dots.

Imagine you need to print out a copy of someones signature onto a false document.

Rather than running the whole sheet through the printer as-is, you overlay it with another sheet that has a hole cut through it in the place where the signature needs to go.

Now the disposable overlay gets the dots, with maybe a couple on the signature, but presumably not enough to make a positive ID. :p

The masking idea would work if the printer didn't always jam with two sheets. Perhaps using tracing paper as the masking sheet would work. Total area required is only 2 by 3 inches, though, so anything bigger would give a complete result, and even a partial would sometimes be enough.

Got to say, I am coming to the conclusion that it is a seperate UV dye or something, because on my tests, the yellow ink doesn't glow under UV, but the tiny yellow dots do! They are still far harder to see, but I'm quite sure that they are there. I'm going to ask next time I get a toner cartridge refilled, as the guys who use them every day would be likely to know.

Got to say, I am coming to the conclusion that it is a seperate UV dye or something, because on my tests, the yellow ink doesn't glow under UV, but the tiny yellow dots do!
Clearly, if this is the case, the solution is either to print everything you intend to slip by in similarly UV-reactive ink, or find a way to empty this ink before printing anything.

(Or buying a printer which you know to be "safe," which is also good.)

Or buying a printer which you know to be "safe," which is also good.)

I would think that once a printer was considered safe and that information was made public Big Brother would put a stop to that mighty fast

My thoughts on this matter are, use it for the deed as needed, toss it out and replace with another of the same make / model, do not use the same printer for every day printing eather,

Printers can be had of the ink jet variety very cheap, its only a matter of time before laser printers are the same

Easy way to check. Place your suspect print-out onto your flatbed scanner and do a high-res scan of a square inch or so of white paper. Now do an CMKY split in your paint package. This shows the dot pattern really quickly and easily.

Hi-res being 600DPI or higher, I'm assuming?

I saw somewhere a modified flatbed scanner that someone had made to use only blue LED's, for visualizing these tracker dots. A search should reveal it.

An idea that I had, based on this, was to use a modified scanner that'd use IR LED's to be able to scan for watermarks, so that a counterfeiter could copy that security feature as well. :p

IR scanning is something where a modified digital camera CCD sensor would shine. They are very sensitive in the IR spectrum, and they use filters to remove some. There are some people who have modified the cameras to take shots like a scanner.

As for dedicated IR scanners, that sounds like an extremly rare ($$) piece of hardware.

As for scanning a piece of paper for the dots, I would think the scanner resolution would have to be at least as great as the printed DPI.

Sorry, for clarity, I used 1200 DPI. You can, of course, go much higher with most scanners these days, but I'm not sure how the interpolation might change things. At this res, the dots are clearly visible when you look, and the colour separations work great.

Most consumer-grade CCDs have awful near-IR response on purpose - to prevent chromatic aberration, however there is still a decent (5%+ responsivity) in the near-IR. So you could replace the lamp with a bunch of high-power IR LEDs and you should get a reasonable image. Powerful IR LEDs which emit in the 940nm band are quite cheap thesedays, courtesy of the IR remote market.

Note that the near-IR waveband is very different from the mid- and longwave (thermal) IR bands, which do require pricey detectors and special IR-transmissive optics.

An MIT website about hidden printer dot-codes:

http://www.seeingyellow.com/