Photocopiers, Printers and Paper

Photocopiers and Printers

The media and even bloggers need some of of credible proof about that a whistleblower has some evidence to back up their claims. This usually involves copies of internal documents.

Think very carefully before sending original paper documents to a journalist or politician etc. In some cases, even copies of documents which have been produced within a secretive organisation may be identifiable, and could betray the identity of the whistleblower source to leak investigators.

  1. Choose your Photocopier carefully. Some of the newer, high end photocopiers, especially colour ones, have built in anti-counterfeit US currency routines in the software.

    Some combined photocopiers and printers are capable of printing tiny yellow serial numbers (e.g. Canon) on each sheet or a special series of dots (e.g. Xerox DocuColor, which makes tracing which machine was used to help to "leak" a document, if the original printout or photocopy is seized, quite a bit easier.

    See the Electronic Frontier Foundation's List of Printers Which Do or Do Not Display Tracking Dots

  2. Many typewriters, computer printers and photocopiers do leave characteristic wear and tear imperfections on the documents they produce, which a forensics laboratory may be able to match to a machine a work or your personal machine at home, if it is ever seized as evidence in a "leak inquiry".

  3. It may even be possible to "fingerprint" blank sheets of paper, by means of their unique surface texture properties.

    See the academic paper Fingerprinting Blank Paper Using Commodity Scanners(.pdf) by William Clarkson, Tim Weyrich, Adam Finkelstein, Nadia Heninger, J. Alex Halderman and Edward W. Felten.


    This paper presents a novel technique for authenticating physical documents based on random, naturally occurring imperfections in paper texture. We introduce a new method
    for measuring the three-dimensional surface of a page using only a commodity scanner and without modifying the document in any way. From this physical feature, we generate a concise fingerprint that uniquely identifies the document. Our technique is secure against counterfeiting and robust to harsh handling; it can be used even before any content is printed on a page. It has a wide range of applications, including detecting forged currency and tickets authenticating passports, and halting counterfeit goods Document identification could also be applied maliciously to de-anonymize printed surveys and to compromise the secrecy of paper ballots.

    "Even unopened sheaves of blank printer paper might in principle have been fingerprinted at the factory."

    The is sort of technique might well be used on limited distribution copies of secret documents, which might betray the source of a whistleblower leak to investigators.

  4. As noted in the comments below, many heavy duty shared network Printers and Photocopiers also have internal hard disks, especially if they are used in conjunction with Print Server devices (or effectively have these built in). These could store entire copies of documents, or logfiles of time, date and also, perhaps, the Personal Computer's IP address and/or its NetBIOS name (common in Microsoft Windows File and Printer sharing) could be logged, which might betray a whistleblower.

  5. Even when these temporary buffer storage file copies of printed or scanned or faxed documents are apparently deleted or overwritten, they may not have entirely disappeared, and might well be recoverable through standard computer forensic techniques. Yet another reason for whistleblowers to be extremely careful when using shared network printers, scanners, photocopiers, fax machines, fax gateways etc.

  6. Sometimes, the ability to print copies of documents to network printers or print server devices can work in favour of a whistleblower:

    • The fact that an important whistleblower leak document is being printed or copied or sent to a networked printer/scanner/copier/fax device, might mean that they can grab an electronic copy for themselves, or print out another physical copy when the coast is clear, without having to sneak into a colleague's or superior's office. Many of these devices have a simple worldwide web remote management interface and often still have default usernames passwords set e.g. "xerox".

    • It may be possible (depending on the IT security policy, and the number of available IT support staff) to "accidentally" print or fax a copy of the whistleblower leak document to another shared printer or device on the corporate network, very often in other office or building, perhaps even internationally in foreign countries. Try the "Add a new Network printer" wizard on your Microsoft Windows PC, the print queue names very often give physical location details of exactly where the printer is located, and which may be somewhere more easily or more securely accessible by the whistleblower(s) or their friend(s).

    • If you do temporarily attach to a non-default networked printer or fax etc., then remember not to leave this visible in the list of printers or faxes which are available on your PC i.e. delete this printer or fax connection icon in the Printer Control Panel settings, after you have finished with it.

    • Modern photocopier / scanner units can have quite sophisticated "security" and networking features, but unless these have been properly configured, integrated and tested by an organisation's IT security team, then these extra features may actually be a source of "whistleblower leaks" or espionage targets. e.g. the "security" features like digital watermarking, encryption, Single Sign On (almost certainly with an audit trail log file) etc. offered by, for example, Canon's mid range Office products, hint at what an unsecured photocopier / scanner / printer connected to a network is capable of:

      Canon iR6880Ci photocopier brochure


      Prioritise your work

      You can easily prioritise your workload with the new Print Job feature. Jobs can be viewed and repositioned within the print queue whenever your needs are pressing. Secure and encrypted jobs are hidden by an asterix and, by using Single Sign On (SSO), only your jobs are viewable when you access the device.

      Guarantee secure communication with the iR5880/6880C/Ci:

      Document security - hold confidential documents in password protected secure mailboxes, encrypt scanned documents before sending, or embed a secure watermark to prevent unrestricted copying of confidential documents

      Device security - Ensure only those authorised to use the iR5880/6880C/Ci can access using passwords, your company's network log-in, or even fingerprint authentication. For further peace of mind, hard disks can be erased or encrypted and job logs can be concealed.

About this blog

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Some of these people will, in the public interest, act as whistleblowers, and may try to leak documents or information to the mainstream media, or to political blog websites etc.

Here are some Spy Blog "Hints and Tips", giving some basic preecautions, and some more obscure technical tips, which both whistleblowers, journalists, and bloggers need to be aware of, in order to help preserve the anonymity of whisteleblowing or other journalistic sources, especially in the United Kingdom, but applicable in other countries as well.

Whistleblower anonymity may not always be possible, or even necessary, forever into the future, but it is usuially crucial during at least the early stages of a "leak", whilst it is being evaluated by others, to see if it merits wider publication and publicity.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.


Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

You can download a free copy of the PGP encryption software from
(available for most of the common computer operating systems, and also in various Open Source versions like GPG).

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.


Tag Cloud

CryptoParty London

CryptoParty London

Most months there is a CryptoParty London event. where some of these Hints and Tips and other techniques are demonstrated and taught.

Usually at:

Juju's Bar and Stage 15 Hanbury St, E1 6QR, London

Follow on Twitter: @CryptoPartyLDN

Syndicate this site (XML):


Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Open Rights Group

renew for freedom - renew your passport in 2006
Renew For Freedom - renew your Passport in the Summer Autumn of 2006.

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

Amnesty International's campaign

BlogSafer - wiki with multilingual guides to anonymous blogging

NGO in a box - Security Edition privacy and security software tools

Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

Public Concern at Work - "(PCaW) is the independent authority on public interest whistleblowing. Established as a charity in 1993 following a series of scandals and disasters, PCaW has played a leading role in putting whistleblowing on the governance agenda and in developing legislation in the UK and abroad. All our work is informed by the free advice we offer to people with whistleblowing dilemmas and the professional support we provide to enlightened organisations."