[crazygringo]

This doesn't seem to be designed for leakers, i.e. people sending PDF's -- it's specifically for people receiving untrusted files, i.e. journalists.

And specifically about them not being hacked by malicious code. I'm not seeing anything that suggests it's about trying to remove traces of a file's origin.

I don't see why it would need a warning for something it's not designed for at all.

[coppsilgold]

It would be natural for a leaker to assume that the PDF contains something "extra" and to try and and remove it with this method. It may not occur to them that this something extra could be part of the content they are going to get back.

[david_shaw]

From the tool description linked:

> Dangerzone works like this: You give it a document that you don't know if you can trust (for example, an email attachment). Inside of a sandbox, Dangerzone converts the document to a PDF (if it isn't already one), and then converts the PDF into raw pixel data: a huge list of RGB color values for each page. Then, outside of the sandbox, Dangerzone takes this pixel data and converts it back into a PDF.

With this in mind, Dangerzone wouldn't even remove conventional watermarks (that inlay small amounts of text on the image).

I think the "freedomofpress" GitHub repo primed you to think about protecting someone leaking to journalists, but really it's designed to keep journalists (and other security-minded folk) safe from untrusted attachments.

The official website -- https://dangerzone.rocks/ -- is a lot more clear about exactly what the tool does. It removes malware, removes network requests, supports various filetypes, and is open source.

Their about page ( https://dangerzone.rocks/about/ ) shows common use cases for journalists and others.

[3eb7988a1663]

Canary traps have been popularized in a few works of fiction. Seems trivial to do in the modern era. The sophisticated version I heard is to make the differences in the white space between individual words/lines/wherever.

[0] https://en.wikipedia.org/wiki/Canary_trap

[fiddlerwoaroof]

Genius did something like this to prove that Google was stealing lyrics from them: https://www.pcmag.com/news/genius-we-caught-google-red-hande...?

[coppsilgold]

> The sophisticated version I heard is to make the differences in the white space between individual words/lines/wherever.

That would be a naive way to do it.

Here is an example of a more sophisticated way:

  A canary trap is a (method, way) for (exposing, determining) an information leak by giving (different, differing) versions of a (sensitive, secret) (document, file) to each of (several, two or more) (suspects, persons) and (seeing, observing) which version gets (leaked, exposed).

I can now include 9 bits of a watermark in there. If I expand the lists from two options to four it would be 18 bits. Four to eight would double that again - so diminishing returns after 4. The lists can vary in size too of course.

The sentiment of an entire paragraph can serve as single bit, it would have a chance to be robust to paraphrasing.

In the example above, if two or more leakers get together you might think that they could figure out a way to generate a clean version. But it turns out if there are enough watermark bits in the content and you use Tardos codes (a crafted Arcsine distribution of bits) small coalitions of traitors will betray themselves. Even large coalitions of 100 or more will betray themselves eventually (after 100s of 1000s of watermarked bits, the scaling is a constant + square of the number of traitors). The Google keyword is "traitor tracing scheme".

[michaelt]

"What, precisely, does your employee handbook say about sexual harassment?"

"Well you see, your honour, we have 1000 slightly different employee handbooks, but they all say employees may not, must not, should not, can not, are not permitted to, must refrain from, or are forbidden from committing sexual harassment"

[crazygringo]

What makes it more sophisticated to use synonyms instead of whitespace?

It sounds like a lot more work for the same result, and now it's much more obvious to people that they have different versions.

And even in your short example, many of the supposed synonyms change the actual meaning. And one winds up being grammatically incorrect.

[nextaccountic]

What about having PDF readers have a restricted mode where it has limited capabilities, with the option to "trust" a PDF to enable potentially dangerous features?

Like IDEs do when you open random projects