Home Forums Main Forum FixHepC Admin Technical Support Security Breach Regarding Redacted PDF attachments

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #2133
    Avatar photoemilio
    • Guardian Angel
    • ★★★★★
    @emilio

    Hi Everyone

    I have been contacted by a senior member on our forum who had previously uploaded redacted PDF files, meaning that names and personal details where removed via the Acrobat tool. Our member was then advised through an acquaintance that their documents were searchable on google by entering in the members name. Meaning that anyone could type in the members name and those documents would come up un-redacted with our members name exposed. Sorry I hope I’ve explained that clear enough suffice to say that this is pretty concerning and I’m not sure what the purpose of this action is, maybe big pharma, I don’t know?? Our member may wish to elaborate however I’m wanting to hear from the IT and security team is there anything we can do to ensure that this doesn’t happen again. Until we have an answer I would suggest that any blanking out of names should be done via permanent marker before scanning and uploading. Em

    #2134
    Avatar photoChester
    • Guardian Angel
    • ★★★★★
    @chester

    I think these links might explain what’s happened. The ACT Government did the same thing a few years back.

    http://blogs.adobe.com/security/2009/12/how_to_properly_redact_pdf_fil.html
    http://blogs.adobe.com/security/2010/04/are_you_redacting_pdf_document.html

    #2135
    Avatar photoAlsdad
    • Guardian Angel
    • ★★★★★
    @alsdad

    I found this:

    Exposing poorly redacted PDFs

    It’s difficult to know why this might have happened. The www is full of malicious hackers trawling sites and looking for opportunities simply because they can.

    I think the important thing is that we should be ultra-careful with personal info on places such as this if we want to retain anonymity. Obviously, there has to be a balance, otherwise there would be a lot of useful info that we wouldn’t share. Anyone with the will, a large budget and prepared to put in physical detective work can have a good chance to track down someone from snippets of general personal info that person has put online. But, as I said, that would take a major effort.

    Just think twice about what info you are posting. I certainly will.

    Btw, good advice from Em about making a copy of documents you want to upload, and physically obliterating personal info before uploading.

    #2136
    dope-on-a-rope.jpgDr James
    • Guardian Angel
    • ★★★★★
    @fixhepc

    To redact a digital document you need to understand a few things:

    1) Digital documents can consist of layers so although what you see looks like you scribbled over the top of something it could be that you scribbled on a new layer – as a result the old layer still exists intact, and although the visual representation might look like what’s underneath is hidden, to a computer it is still their plain as day.

    2) With all digital documents there is METADATA http://soft-xpansion.eu/files/cc/Metadata.pdf – so if you create a document on your device, chances are details about you were automatically added into this metadata and will still be there even if you made the entire content of the document blank. You can use this tool to read it:

    http://www.extractmetadata.com/

    For example if you download and check this document http://fixhepc.com/images/coa/NMR-spectra-of-sofosbuvir.pdf

    You will see

    Result

    Mimetype application/pdf
    Title Reports template
    Author name National Measurement Institute
    Created by software Microsoft® Word 2010
    Produced by software Microsoft® Word 2010
    Page count 24
    Format PDF 1.5
    Creation date 20150925095622+10'00'
    Modification date 20150925095622+10'00'
    Mimetype application/pdf

    If you check some of the other documents here: http://fixhepc.com/blog/item/16-testing-provisions-patient-safety.html

    You will find for example this for the document: http://fixhepc.com/images/coa/NMI-NATA-Sofosbuvir-Certification.pdf

    Result

    Mimetype application/pdf
    Title Analysis report template
    Subject Steroid RMs analysed by GC-FID
    Author name PSRM-NARL
    Created by software Microsoft® Word 2010
    Produced by software Microsoft® Word 2010
    Page count 3
    Format PDF 1.5
    Creation date 20151007171208+11'00'
    Modification date 20151007171208+11'00'
    Mimetype application/pdf

    Which tells us that NMI used a Template and that it was probably a document called “Steroid RMs analysed by GC-FID”.

    3) Ever wonder how the “Undo” button works?

    The undo button on (say) word works like this. For each change a “note” is added saying “user changed this”.

    The version you see represents the original + all the changes you have made since the last “Save As”.

    So if you send a Word document that has not had a “Save As” for a while the recipient will be able to use the back button to read previous versions.

    “Save As” flattens the document – combining all the changes into one fresh document that has the “Undo” button disabled simply because all the changes got incorporated and the change notes were deleted.

    Graphics programs that have layers have a function called “Flatten” then adds all the layers together to produce a single image, however Graphics Program, Word Doc, or PDF there will still be Metadata in there.

    Please take steps to protect your privacy. Although there is nothing to be ashamed of for having contracted an infectious disease, if you don’t want to have people find out your name make sure it’s not there to be found…..


    YMMV

    #2137
    Avatar photoemilio
    • Guardian Angel
    • ★★★★★
    @emilio

    Thanks everyone for your explanations of how this happens. I have never redacted a document b4 and it makes sense that the process involves layering over graphics of which can be undone by removing that layer if you have some tool. Makes you wonder why someone would go to this trouble? Anyway just be careful using pdf redaction and as Alsdad and I have mentioned ;permanent marker, scan and upload and or/similar. Em

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.