By Robert Hackett
July 1, 2018

Happy weekend, Cyber Saturday readers.

Reality Winner has pleaded guilty: “All of my actions I did willfully, meaning I did so of my own free will,” she told a court on Tuesday, per the New York Times‘ report.

The former Air Force linguist earned the distinction of being the first person prosecuted by the Trump administration on charges of leaking classified information under the Espionage Act. Her defense struck a deal with the Justice Department that would have her serve 63 months in prison and three years of supervised release. (A judge must now decide whether to approve the sentence.)

Federal authorities accused Winner last year of leaking a classified report concerning Moscow’s meddling in the 2016 U.S. presidential election. They believed her to have sent the document to The Intercept, a news outlet funded by Ebay billionaire Pierre Omidyar, which published it online in full. For all its talk of protecting whistleblowers, The Intercept made a rookie mistake: uploading a scanned copy of the original report, which contained telltale, electronic traces all but confirming Winner as the culprit. The pages bore unmistakable watermarks—printer microdots—that identified their source.

Although the FBI did not mention the dots in its court filings, the agency did say it was able to determine the leaked document was a printout thanks to crease marks. The dots no doubt clinched the case. (Winner also apparently sent emails to The Intercept from her work computer—doh.)

Whatever your stance on Winner’s situation may be, her undoing at least provides a valuable lesson to would-be whistleblowers and media outlets: Heed the dots. Indeed, already there are workarounds. A new paper authored by four German researchers at the Technical University of Dresden describes a method for overcoming these watermarks. Having decoded a variety of dot arrangements, the team suggests adding additional dots in precise ways so as to thwart the tagging technique, rendering output anonymous.

You can test out the group’s obfuscation tools here.


If you read last weekend’s dispatch, you may recall we discussed whether Mandiant, the digital forensics division of FireEye, a cybersecurity firm, conducted a so-called hack back in order to pin a series of hacks on a group of Chinese spies, as a new book by David Sanger, national security reporter at the New York Times, seemed to allege. Mandiant released a statement this week saying that it did not and does not hack back, and that the suggestion it might have done otherwise is “a serious mischaracterization of our investigative efforts.” The firm said its actual methods allowed it to “diligently and legally” pursue attribution. No dots needed.


One last note: Next week Cyber Saturday will be taking a break from publication. Your host intends to extend his July 4th vacation through the weekend. I hope you enjoy the time off as much as I plan to.

Robert Hackett


Welcome to the Cyber Saturday edition of Data Sheet, Fortune’sdaily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my, PGP encrypted email (see public key on my, Wickr, Signal, or however you (securely) prefer. Feedback welcome.


You May Like