Commentary and information about public safety and security, intelligence and counterintelligence, open government and secrecy, and other issues in northern Idaho and eastern Washington.

Location: Coeur d'Alene, Idaho, United States

Raised in Palouse, WA. Graduated from Washington State University. US Army (Counterintelligence). US Secret Service (Technical Security Division) in Fantasyland-on-the-Potomac and Los Angeles. Now living in north Idaho.

Monday, January 23, 2006

News You Can Use From the National Security Agency (NSA)

If you, your company, or your agency composes documents in Microsoft's MS Word, makes redactions in MS Word to sanitize them, converts the supposedly sanitized documents to PDF and then releases them, you will want to read the National Security Agency's report entitled Redacting With Confidence: How to Safely Publish Sanitized Reports Converted from MS Word to PDF before you do that again.

What the NSA found is that the redaction techniques available in MS Word only visually obscure the redacted material, they do not erase or remove it. Because the original redacted information is still present though visually hidden when the document is converted from MS Word to PDF, it is relatively easy for someone knowledgeable who receives a PDF file to reverse the redaction done in MS Word before conversion to PDF and expose the original data. The NSA paper gives a step-by-step method to ensure the data redacted in MS Word remains hidden in the PDF file.


Post a Comment

<< Home