Skip to Content

Cyber Saturday—How Science Could Have Saved Reality Winner

Happy weekend, Cyber Saturday readers.

Reality Winner has pleaded guilty: “All of my actions I did willfully, meaning I did so of my own free will,” she told a court on Tuesday, per the New York Times‘ report.

The former Air Force linguist earned the distinction of being the first person prosecuted by the Trump administration on charges of leaking classified information under the Espionage Act. Her defense struck a deal with the Justice Department that would have her serve 63 months in prison and three years of supervised release. (A judge must now decide whether to approve the sentence.)

Federal authorities accused Winner last year of leaking a classified report concerning Moscow’s meddling in the 2016 U.S. presidential election. They believed her to have sent the document to The Intercept, a news outlet funded by Ebay billionaire Pierre Omidyar, which published it online in full. For all its talk of protecting whistleblowers, The Intercept made a rookie mistake: uploading a scanned copy of the original report, which contained telltale, electronic traces all but confirming Winner as the culprit. The pages bore unmistakable watermarks—printer microdots—that identified their source.

Although the FBI did not mention the dots in its court filings, the agency did say it was able to determine the leaked document was a printout thanks to crease marks. The dots no doubt clinched the case. (Winner also apparently sent emails to The Intercept from her work computer—doh.)

Whatever your stance on Winner’s situation may be, her undoing at least provides a valuable lesson to would-be whistleblowers and media outlets: Heed the dots. Indeed, already there are workarounds. A new paper authored by four German researchers at the Technical University of Dresden describes a method for overcoming these watermarks. Having decoded a variety of dot arrangements, the team suggests adding additional dots in precise ways so as to thwart the tagging technique, rendering output anonymous.

You can test out the group’s obfuscation tools here.

***

If you read last weekend’s dispatch, you may recall we discussed whether Mandiant, the digital forensics division of FireEye, a cybersecurity firm, conducted a so-called hack back in order to pin a series of hacks on a group of Chinese spies, as a new book by David Sanger, national security reporter at the New York Times, seemed to allege. Mandiant released a statement this week saying that it did not and does not hack back, and that the suggestion it might have done otherwise is “a serious mischaracterization of our investigative efforts.” The firm said its actual methods allowed it to “diligently and legally” pursue attribution. No dots needed.

***

One last note: Next week Cyber Saturday will be taking a break from publication. Your host intends to extend his July 4th vacation through the weekend. I hope you enjoy the time off as much as I plan to.

Robert Hackett

@rhhackett

robert.hackett@fortune.com

Welcome to the Cyber Saturday edition of Data Sheet, Fortune’sdaily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.

THREATS

Say hi to Wi-Fi. The Wi-Fi Alliance, a trade group that certifies wireless Internet standards, released details about its next generation networking protocol, WPA3. The new standard features stronger encryption, protection against certain types of attacks, and one-touch setup for connected devices, like smart speakers. Broad implementation isn’t expected to occur until late 2019.

Betting on the right horse…the wrong way. A former Equifax employee has been charged with insider trading. Sudhakar Reddy Bonthu, 44, a software engineering manager, took out options to short the credit bureau’s stock after creating the website that disclosed the company’s breach. A complaint filed against Bonthu said he had been told the website was for a customer, but that he figured out Equifax was the real subject.

Twitter buttons up. The micro-blogging service said it has begun taking more proactive measures to identify and shut down malicious and spam bot accounts before they can wreak havoc on its platform. Expect your follower count to go down as the company kicks offenders off the site. Additionally, Twitter has added compatibility with hardware security keys, tools that protect accounts against unauthorized logins.

Data leak roundup. Exactis, a marketing data aggregator based in Florida, leaked 340 million records on Americans and businesses, including people’s names, home addresses, email addresses, and other personal characteristics. Adidas disclosed that information for a few million online customers was exposed, although the full extent of the breach remains unclear. Ticketmaster said that 5% of its customers’ data were accessed by an unauthorized third party.

Ice Pick Willie” is my official new hacker name.

Share today’s Data Sheet with a friend:

http://fortune.com/newsletter/datasheet/

Looking for previous Data Sheets? Click here.

ACCESS GRANTED

Because that’s where the money is. The latest Bloomberg Businessweek bills itself as “the heist issue“—and it’s chock full of sordid tales, as advertised. (Side note: the issue has a very fun cover, which recalls one of Fortune’s very own.) One of the features, “The Biggest Digital Heist in History Isn’t Over Yet,” tells the tale of the Carbanak gang, a group of cybercriminal bank robbers that has looted financial firms to the tune of $1.2 billion since 2013. While the alleged ringleader has been apprehended, the thievery continues…

For years police and banking-industry sleuths doubted they’d ever catch the phantoms behind Carbanak. Then, in March, the Spanish National Police arrested Ukrainian citizen Denis Katana in the Mediterranean port city of Alicante. The authorities have held him since then on suspicion of being the brains of the operation. Katana’s lawyer, Jose Esteve Villaescusa, declined to comment, and his client’s alleged confederates couldn’t be reached for comment. While Katana hasn’t been charged with a crime, Spanish detectives say financial information, emails, and other data trails show he was the architect of a conspiracy that spanned three continents. And there are signs that the Carbanak gang is far from finished.

FORTUNE RECON

This Facebook Patent Would Allow It to Remotely Turn on Your Phone’s Mic and Listen to You by Lisa Marie Segarra

Worried About Your Data Privacy? Blockchain Could Help by Shawn Owen

To Catch a Bitcoin Thief, Call These Detectives by Jeff John Roberts

I’m the Security Chief at Huawei U.S.—Banning Us Won’t Make Americans Safer by Donald A. Purdy, Jr.

‘Deceived by Design:’ Google and Facebook Accused of Manipulating Users Into Giving Up Their Data by David Meyer

Upstart Data Wrangler Raises $25 Million to Take on IBM, HPE, and Splunk by Robert Hackett

These Are Facebook’s Latest Plans to Make Online Ads ‘More Transparent’ by Jonathan Vanian

The Supreme Court’s Mobile Privacy Stand Should Prompt Further Changes by Aaron Pressman

ONE MORE THING

Random key discovery. In 1882, a Californian banker by the name of Frank Miller, proposed a method of encipherment known today as a “one time pad.” This unbreakable cryptographic scheme was thought to have been first devised 35 years later by researchers at Bell Labs. As this IEEE Spectrum story relates, Steven Bellovin, a Columbia University computer science professor, discovered the true origins of this intellectual achievement after coming across a description of the mathematical invention in an old telegraphy codebook in 2011.