| ▲ | parliament32 4 hours ago |
| > The couple also allegedly photographed hundreds of computer screens containing confidential information from Google and Company 2, in what appeared to be an attempt at circumventing digital monitoring tools. I guess all the MDM and document restrictions in the world can't help you against photos of screens. Is it even possible to protect against this, short of only allowing access to confidential files in secure no-cell-phone zones? |
|
| ▲ | jihadjihad 3 hours ago | parent | next [-] |
| There's not much you can do about it, as sibling comment mentions it's a known gap. There is some work [0] in this space on the investigative side to trace the leak's source, but again the only way it would work is if you can obtain a leaked copy post hoc (leaked to press, discovered through some other means, etc.). 0: https://www.echomark.com/post/goodbye-to-analog-how-to-use-a... |
| |
| ▲ | palmotea 3 hours ago | parent [-] | | > There's not much you can do about it, as sibling comment mentions it's a known gap. There is some work [0] in this space on the investigative side to trace the leak's source, but again the only way it would work is if you can obtain a leaked copy post hoc (leaked to press, discovered through some other means, etc.). Those kinds of watermarks seem like they'd fail to a sophisticated actor. For instance, if that echomark-type of watermark becomes widespread. I supposed groups like the New York Times would update their procedures to not publish leaked documents verbatim or develop technology to scramble the watermark (e.g. reposition things subtly (again) and fix kerning issues). With generative AI, the value of a photograph or document as proof is probably going to go down, so it probably won't be that big of an issue. | | |
| ▲ | gosub100 3 hours ago | parent [-] | | You could do really sneaky things like alter the space between words or other formatting tricks. | | |
| ▲ | ceejayoz 3 hours ago | parent [-] | | Print it out, scan it back in, and OCR that. Then have an AI or intern paraphrase it. | | |
| ▲ | palmotea 2 hours ago | parent | next [-] | | I think that's exactly what will happen. When a competent journalist gets a leaked document, they'll learn to only summarize it, but won't quote it verbatim or duplicate it. That'll circumvent and kind of passive leak-detection system that could reveal their source. Then the only thing that would reveal the source is if the authority starts telling suspected leakers entirely different things, to see what gets out. | | |
| ▲ | jihadjihad 2 hours ago | parent [-] | | > Then the only thing that would reveal the source is if the authority starts telling suspected leakers entirely different things, to see what gets out. This is called a canary trap [0], a well-trodden technique in the real world and fiction alike. 0: https://en.wikipedia.org/wiki/Canary_trap |
| |
| ▲ | kube-system 2 hours ago | parent | prev [-] | | Then you fix that loophole by subtlety altering the phrasing or formatting that you send everyone | | |
| ▲ | ceejayoz an hour ago | parent [-] | | That's why I said you paraphrase, rather than using the exact phrasing and formatting of the original doc. | | |
| ▲ | SoftTalker an hour ago | parent [-] | | Include slightly different details in each version. Then if the paraphrase mentions one of them, you've identified the source. | | |
| ▲ | ceejayoz 28 minutes ago | parent [-] | | Yes, I'm aware of that approach. It's likely tougher than it seems; the big important bits that the news will care about have to match up when checked, and anyone with high-level access to this stuff likely has a significantly sized staff who also has access to it. Paraphrasing reduces the chance of some minute detail tweak being included in the reporting at all. You also have to actively expect and plan to do it in advance, which takes a lot of labor, time, and chances of people comparing notes and saying "what the fuck, we're being tested". You can't canary trap after the leak. |
|
|
|
|
|
|
|
|
| ▲ | scottLobster 2 hours ago | parent | prev | next [-] |
| Keep in mind that many secure no-cell-phone zones, even those that host classified data are still relatively physically open. The personnel allowed inside them are strictly vetted and trained to be self-policing, but it's only the threat of discovery and harsh punishment stopping someone with the right badge/code from physically bringing in a phone. There generally aren't TSA-style checkpoints or patdowns. Happens accidentally all the time, especially in the winter with jackets. |
| |
| ▲ | AnthonyMouse 2 hours ago | parent | next [-] | | This is misunderstanding the purpose of the restriction. The main reason not to bring a phone into the room is that the phone could be compromised. If the person is compromised then a device isn't your problem, because they could view the documents and copy them on paper or just remember the contents to write down later. | | |
| ▲ | kube-system an hour ago | parent [-] | | In a corporate environment no-camera/no-phone policies are sometimes also used for DLP reasons, out of expediency. Oftentimes it is more profitable to hire less trustworthy people (read: cheap labor) and simply make it inconvenient to steal data. This usually works good enough when you're trying to protect widget designs and not human lives. |
| |
| ▲ | pphysch 2 hours ago | parent | prev [-] | | Can't you have one or more x-ray tunnels or other scanners? They don't even need to be actively monitored, just treated like CCTV. |
|
|
| ▲ | matthewaveryusa 4 hours ago | parent | prev | next [-] |
| No you can’t. It’s formally called “the analog hole” when security folks yap about it. Usually it’s used to end DLP discussions after too many what-ifs |
| |
| ▲ | breppp 3 hours ago | parent [-] | | Unless your employer is Google and all those photos are uploaded to its servers | | |
| ▲ | yndoendo an hour ago | parent | next [-] | | Does Google force all their employees to use and Android phone provided by them? You could use an Apple or an alternative to Android like Fairphone or even load GrapheneOS on that Google Pixel phone. Even better would be a Linux phone that uses an Android VM so it looks like a bare metal installation. Could go old school and just get a digital only camera that is not even part of a smartphone. An hidden camera in a pen or shirt button would work too. Has anyone hacked the Meta glasses so they don't communicate with Meta and allow for communication to your own designated servers? | |
| ▲ | 1024core 2 hours ago | parent | prev [-] | | What if you use a film camera? |
|
|
|
| ▲ | seanhunter 3 hours ago | parent | prev | next [-] |
| Especially when you consider that a phone can record hd video, so you can make a player that scrolls through pages and pages of pdfs very fast for example, you record the screen in hd video on a phone and then write a decoder that takes video back to a pdf of the images. Literally the only thing you lose is the ability to cut and paste the text of the pdf and you can even get that back if you trouble yourself to put the images through ocr. Similarly you could hypothetically exfil binary data by visually encoding it (think like a qr code) and video recording it in the same way. |
| |
|
| ▲ | gwbas1c 3 hours ago | parent | prev | next [-] |
| Just remember that it's significantly more time consuming to photograph a screen than steal large group of files. Thus, even though it's not preventable, it adds enough friction to be effective. |
| |
| ▲ | jihadjihad 3 hours ago | parent [-] | | As sibling comment mentions, with OCR and video tooling these days I'd imagine you could whip up something pretty easily that can comb through several minutes of video footage and convert it to text/PDF/etc. A leaker with a smartphone on a tripod capturing video while they scroll through files etc. could probably deal significant damage without much effort. | | |
| ▲ | kube-system an hour ago | parent [-] | | Yeah, this is why any high security information facility has physical security controls. Give someone infinite time and physical access and they could copy it off with clay tablets and chisels. |
|
|
|
| ▲ | stronglikedan 2 hours ago | parent | prev | next [-] |
| > Is it even possible to protect against this, short of only allowing access to confidential files in secure no-cell-phone zones? Isn't that how congressmen and senators view them in the US? At least, that's how I've understood it to be. If so, what's good for the goose... |
|
| ▲ | BurningFrog 2 hours ago | parent | prev | next [-] |
| "Google said it had detected the alleged theft through routine security monitoring", so it seems it is possible. |
| |
| ▲ | parliament32 2 hours ago | parent [-] | | Note the "also" in the first sentence. I'm understanding the timeline as them trying normal exfiltration, getting caught by DLP, then moving on to the cell phone method. But the first catch was enough to trigger an investigation. |
|
|
| ▲ | PKop 3 hours ago | parent | prev [-] |
| [flagged] |
| |
| ▲ | Ylpertnodi 3 hours ago | parent [-] | | So, non-immigrants can't take pics of screens?
I think you answered the wrong question (on purpose). | | |
| ▲ | PKop 3 hours ago | parent [-] | | Anybody can do anything but don't pretend to not understand my point: the loyalty an American will have for this or that foreign adversary will trend to 0 and be much less than foreigners from those countries or regions. This is obvious. Or do you think non-immigrants can't do these jobs? We certainly don't need to have other people than citizens already here and born here do these things. The question was is it possible to protect. What I said is possible and would protect against the problem. It would be good for the country and American citizens in many ways including national security. | | |
| ▲ | krisoft 2 hours ago | parent | next [-] | | > the loyalty an American will have for this or that foreign adversary will trend to 0 Yeah. National loyalty is not the only motivating force why someone would leak something. The common reasons why someone becomes an insider treat is MICE: Money, Ideology, Compromise, and Ego. It is not specific to immigrants. | |
| ▲ | franktankbank 3 hours ago | parent | prev [-] | | It doesn't have to be loyalty even, it could just be authoritarian leverage. | | |
| ▲ | PKop 2 hours ago | parent [-] | | I would argue the word loyalty can encompass external pressures like that or internal affinity, ethnic tribalism and everything in between but yes, agreed. |
|
|
|
|
