Home › Forums › Main Forum › FixHepC Admin › Technical Support › Security Breach Regarding Redacted PDF attachments
- This topic has 4 replies, 4 voices, and was last updated 9 years, 1 month ago by
emilio.
-
AuthorPosts
-
11 October 2015 at 12:16 pm #2133
Hi Everyone
I have been contacted by a senior member on our forum who had previously uploaded redacted PDF files, meaning that names and personal details where removed via the Acrobat tool. Our member was then advised through an acquaintance that their documents were searchable on google by entering in the members name. Meaning that anyone could type in the members name and those documents would come up un-redacted with our members name exposed. Sorry I hope I’ve explained that clear enough suffice to say that this is pretty concerning and I’m not sure what the purpose of this action is, maybe big pharma, I don’t know?? Our member may wish to elaborate however I’m wanting to hear from the IT and security team is there anything we can do to ensure that this doesn’t happen again. Until we have an answer I would suggest that any blanking out of names should be done via permanent marker before scanning and uploading. Em
11 October 2015 at 12:43 pm #2134I think these links might explain what’s happened. The ACT Government did the same thing a few years back.
http://blogs.adobe.com/security/2009/12/how_to_properly_redact_pdf_fil.html
http://blogs.adobe.com/security/2010/04/are_you_redacting_pdf_document.html11 October 2015 at 1:11 pm #2135I found this:
It’s difficult to know why this might have happened. The www is full of malicious hackers trawling sites and looking for opportunities simply because they can.
I think the important thing is that we should be ultra-careful with personal info on places such as this if we want to retain anonymity. Obviously, there has to be a balance, otherwise there would be a lot of useful info that we wouldn’t share. Anyone with the will, a large budget and prepared to put in physical detective work can have a good chance to track down someone from snippets of general personal info that person has put online. But, as I said, that would take a major effort.
Just think twice about what info you are posting. I certainly will.
Btw, good advice from Em about making a copy of documents you want to upload, and physically obliterating personal info before uploading.
11 October 2015 at 1:13 pm #2136To redact a digital document you need to understand a few things:
1) Digital documents can consist of layers so although what you see looks like you scribbled over the top of something it could be that you scribbled on a new layer – as a result the old layer still exists intact, and although the visual representation might look like what’s underneath is hidden, to a computer it is still their plain as day.
2) With all digital documents there is METADATA http://soft-xpansion.eu/files/cc/Metadata.pdf – so if you create a document on your device, chances are details about you were automatically added into this metadata and will still be there even if you made the entire content of the document blank. You can use this tool to read it:
http://www.extractmetadata.com/
For example if you download and check this document http://fixhepc.com/images/coa/NMR-spectra-of-sofosbuvir.pdf
You will see
ResultMimetype application/pdf
Title Reports template
Author name National Measurement Institute
Created by software Microsoft® Word 2010
Produced by software Microsoft® Word 2010
Page count 24
Format PDF 1.5
Creation date 20150925095622+10'00'
Modification date 20150925095622+10'00'
Mimetype application/pdfIf you check some of the other documents here: http://fixhepc.com/blog/item/16-testing-provisions-patient-safety.html
You will find for example this for the document: http://fixhepc.com/images/coa/NMI-NATA-Sofosbuvir-Certification.pdf
ResultMimetype application/pdf
Title Analysis report template
Subject Steroid RMs analysed by GC-FID
Author name PSRM-NARL
Created by software Microsoft® Word 2010
Produced by software Microsoft® Word 2010
Page count 3
Format PDF 1.5
Creation date 20151007171208+11'00'
Modification date 20151007171208+11'00'
Mimetype application/pdfWhich tells us that NMI used a Template and that it was probably a document called “Steroid RMs analysed by GC-FID”.
3) Ever wonder how the “Undo” button works?
The undo button on (say) word works like this. For each change a “note” is added saying “user changed this”.
The version you see represents the original + all the changes you have made since the last “Save As”.
So if you send a Word document that has not had a “Save As” for a while the recipient will be able to use the back button to read previous versions.
“Save As” flattens the document – combining all the changes into one fresh document that has the “Undo” button disabled simply because all the changes got incorporated and the change notes were deleted.
Graphics programs that have layers have a function called “Flatten” then adds all the layers together to produce a single image, however Graphics Program, Word Doc, or PDF there will still be Metadata in there.
Please take steps to protect your privacy. Although there is nothing to be ashamed of for having contracted an infectious disease, if you don’t want to have people find out your name make sure it’s not there to be found…..
YMMV
11 October 2015 at 2:23 pm #2137Thanks everyone for your explanations of how this happens. I have never redacted a document b4 and it makes sense that the process involves layering over graphics of which can be undone by removing that layer if you have some tool. Makes you wonder why someone would go to this trouble? Anyway just be careful using pdf redaction and as Alsdad and I have mentioned ;permanent marker, scan and upload and or/similar. Em
-
AuthorPosts
- You must be logged in to reply to this topic.