Seeing yellow over color printer tracking devices

A series of encodings on printouts from color laser printers to discourage counterfeiting? At first, the idea sounds like the urban legend from a couple of decades ago that claimed you could hear Satanic messages when you play vinyl records backwards. Yet the evidence from the Electronic Frontier Foundation is that the encodings are embedded in color printers from all major manufacturers. Moreover, the issues raised by the practice have caused Free Software Foundation director Benjamin Mako Hill and other members of the Computing Culture group at the MIT Media Lab to begin the Seeing Yellow campaign to stop the practice.

The campaign takes its name from the nature of the encoding, which takes the form of yellow dots printed across the entire page of a printout. The dots are invisible to the unaided eye, but can be seen by placing an intense blue LED light behind a printout in a darkened room. Alternatively, the dots can be seen in a scanned copy of a printout with a resolution of at least 600dpi. They become even clearer when the scanned copy is opened in a graphics program like the GIMP, and only the blue channel is visible (Dialogues -> Channels). However, for the most part, the public can only guess what information is carried by the yellow dots.

In fact, except for Toshiba, whose documentation mentions an unspecified tracking device for printouts, most manufacturers do nothing to make consumers aware that their printouts can be tracked.

In addition to the inability to consent to being monitored, the situation also raises issues about privacy and the right to anonymity. Pointing out that the eighteenth century Federalist Papers, a collection of 85 letters that advocated ratification of the American Constitution, were originally published anonymously, Hill says, "It's perfectly legitimate for people to want communicate anonymously. Anonymity is absolutely essential to democracy. The [Federalist Papers] are an example of how anonymous communication can lead to some of the most important political changes."

Hill goes on to note, that, ironically, that people who have written to the campaign insisting that the innocent have nothing to worry about take good care to remain anonymous themselves. Even Hewlett-Packard employees responding to privacy concerns, he says, sign their emails not with their names, but simply with "Privacy." "It's funny," Hill says, "But people are choosing to remain anonymous while telling me that people shouldn't do that."

The immediate impetus for the campaign was a report from the Electronic Frontier Foundation that one man who contacted his printer manufacturer for information about how to turn the tracking device off soon found himself being questioned by the U.S. Secret Service. By contrast, Hill says, "We want it to be perfectly normal to complain about the lack of anonymity."

Following the dots

How long has this forensic technology been used? What information is being collected? The truth is that almost nothing is known about the practice. What is known has emerged in bits and pieces.

The first indication of the practice seems to have been an article by Wilbert de Vries in PC World published in October 2004, entitled, "Dutch track counterfeits via printer serial numbers." In the article, de Vries quotes a representative of Canon Europe as saying, "Canon works closely with the relevant national and international authorities to ensure that the opportunities for its products to be misused are minimized," and mentions the existence of the yellow dots.

A month later, PC World published a similar article by Jason Tuohey entitled "Government Uses Color Laser Printer Technology to Track Documents" that covered much the same ground, except in the United States and quoted a Xerox representative, who said that the tracking mechanism was designed for use against counterfeiters. The same article quoted Lorelei Pagano, a counterfeiting specialist with the U.S. Secret Service, who said that the mechanism was used only in criminal investigations, and pointed out that companies have never informed consumers that it was being used.

Nor is it public knowledge whether other tracking devices may be used on printers. However, a site for the Purdue Sensor and Printer Forensics project does clearly indicate that research is being done into other methods of tracking both laser and inkjet printers, as well as digital cameras and scanners. Papers on the Purdue site show that the methods being researched include unique characteristics of various devices, including dad pixels and image noise. Research is also being done into methods for hiding data in halftone documents. Whether any of these methods are or will be implemented is unknown.

The Electronics Frontier Foundation did submit a Freedom of Information request to the U.S. Secret Service in December 2005 asking for more details about the practice, but is still waiting for a reply.

Even the printer manufacturers themselves seem to know little about the practice. Hill reports that most representatives of printer manufacturers are completely unaware of it, which suggests that the decision to incorporate the technology was made at the highest levels of each company.

Not only that, but, if Hewlett-Packard is typical, even the manufacturers know little about the details. When blogger John Whelan contacted HP about the issue, he was told by a company representative that the chips used for the encoding of the yellow dots were outsourced to another company that HP employees could not read them. Whelan's contact also claimed that the devices were secure against misuse because of this secrecy.

Most of what is known comes from the investigative efforts of the Electronic Frontier Foundation. The foundation's Web site includes a list of printers whose printouts have been examined, to have the yellow dots. However, this information is tentative. As the preface to the list suggests, the dots, when found, may be the result of dithering techniques or a poorly calibrated printer. Conversely, not finding the dots does not rule out the use of other identification techniques. Still, the foundation is also encouraging supporters to do their own testing and send the results.

In addition, the foundation has managed to partly decipher the dots on a Xerox Docucolor print out. As might be expected, the arrangement of the dots includes the printer serial number in binary-coded decimal, as well as the date and time that the page was printed. Presumably, other manufacturers and possibly other Xerox printers give the same information, but since encoding is not uniform, nobody knows for sure.

Early campaign results

Launched less than ten days ago, the Seeing Yellow campaign has attracted considerable interest. The first day that the site was up, it received 15,000 hits, and, according to Hill, that number has remained steady. In addition, at the time of writing, almost 12,000 people had contacted their printer manufacturer about the issue and clicked the counter on the site keeping track of such actions.

The campaign has also motivated some people to try to return their color laser printers. Others have told resellers that they would buy the first printer that included a guarantee that it did not include such tracking devices.

So far, Hill has heard of no one who has been able to hack their printer to remove the mechanism that prints the yellow dots (which would be difficult, since none of the public know what it is). He has heard reports that some users are trying to find ways to add random dots to make the encoding useless, but, given that more than one encoding seems to be used, this effort is likely to have limited success at best.

Hill acknowledges that workarounds exist. As some of his correspondents have suggested, users could print in black and white, and only print in color when they don't care whether they are anonymous. However, Hill disagrees with the idea of settling for such workarounds for the dots.

"I think that the answer is to turn them off altogether, and that counter-measures are not enough," he says. "But the worst thing to me is that there are people who think they are anonymous when they print in color -- and they're not."

Whether the campaign will be successful in removing tracking measures from color laser printers is still anybody's guess. But for now, the campaign is clearly succeeding in its first step by making sure that people know as much about the issue as there is to know.

Bruce Byfield is a computer journalist who writes regularly for Datamation, and Linux Journal


Bruce Byfield (nanday)


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Yellow dots appear when printing black only

Anonymous's picture

I want a rebate for wasted yellow toner! I'm going to ask for a replacement printer.

Don't use Yellow

Stephen B Coulson's picture

How about you drill a hole in the yellow ink tank and drain it.

Snoopin' solution is data pollution?

font man's picture

An obvious solution that occurs to me and which would be useful at least to users of FSF Free Software / OSI Open Source operating systems is to crapflood the dot patterns with intentionally spoofed data. Assuming the encodings can be decoded (or even if they can't), adding spurious additional data to the pattern should at the very least confound snooping attempts.

There are analytic methods which are useful in identifying and removing noise from signals, and large, continuous samples (eg: contiguous pages of a large document) might be more difficult to secure against the clandestine spying identified by the EFF, but intelligently applied patterns might be fairly effective.

defeating steganography with itself

Anonymous's picture

Here's a thought: If you print on a Canon printer, copy it with a Xerox, then an Epson, then an H-P. Let their yellow dots stomp on each other.

Steganography uses the lowest levels of data set A to hide data set B. If we add another data set C into the low levels of data set A, we end up with B+C hidden. Do it enough times, and you'll get B+C+D+E+F... and the original B ends up buried in even more noise.

Or, for a simpler solution: Give your documents yellow backgrounds, then print on yellow paper. Sometimes, the low-tech is best.

[This post submitted mostly anonymously, for obvious reasons.]

I've been paranoid for years.

anonymous's picture

Little problem with printing all yellow background.
Need to stock up on yellow ink. Grinnnn
How about margins, "top,bottom,sides?"

Just joking of course so don't slam me about yellow Ink!
Yellow paper might work but what about the UV test?
I have UV LED at various wave lengths, so I will have to make a few tests.
I do use stego but I first encrypt with PGP.
I then use other very strong algorithm, "not PGP" to encrypt the previously PGP encrypted file.
I then use some other system/s over that then stego.

Why? Because I can! FOR NOW!
I wrote this in an editor, and pasted here!
Is it clean or is there a hidden message?

I'm not a criminal, I don't attempt to counterfit.
I do value my privacy!

Defeating Steganography with "Noise"

Anonymous's picture

Here's fairly simple solution that should not degrade the final output as much as it would to make copies of copies. Examine your printer's output and find out the size of the yellow dots that it prints. Make up several page-size graphics consisting only of randomly-located yellow dots of that size. When you have printed something in color that you really want to be anonymous, run the paper through again, printing one of your yellow dot graphics pages on each page. (Since that will also print the government's yellow dots again, you should rotate the pages 180 degrees. And wait until the next day to do it, or reset your computer's clock.) Even then, of course, if the government really wants to get you, they might eventually be able to pick out their yellow dots.

This seems to be a logical

Anonymous's picture

This seems to be a logical and possible method.
I still wouldn't feel too good about it if I'm hiding something.
I have an idea though.
Give a USB stick, floppy, CD etc to a friend at a work place with
multiple networked printers.
Have them print it to several printers then copy it.
Sure there is a trail here but don't you have a trusted friend?
Aren't there friends in work places that it would be hard to prove they are associated with you?
There are holes in this I know.
Combine some of the other techniques then print it.
Send it to another friend and do the process again.
Boy would you have to be a criminal or very paranoid for this.

Oh, don't you think these ideas here have been thought of by those who designed it? Have they designed it so some of this won't work?

Paranoia, Paranoia............

Wonder what the yellow dots

Anonymousey's picture

Wonder what the yellow dots look like under UV

They look black under a blue LED's light

Anonymous's picture

It is possible to find them. I read the EFF's document on this, and I think I'll stick with my "old" HPLJ 4550N, which does not have this "watermarking" crap. I don't need either Big Corporation or Big Brother tracking my documents, thank you.

Geek Guide
The DevOps Toolbox

Tools and Technologies for Scale and Reliability
by Linux Journal Editor Bill Childers

Get your free copy today

Sponsored by IBM

Upcoming Webinar
8 Signs You're Beyond Cron

Scheduling Crontabs With an Enterprise Scheduler
11am CDT, April 29th
Moderated by Linux Journal Contributor Mike Diehl

Sign up now

Sponsored by Skybot