Feeds

Student uncovers US military secrets

'Felt-tip pen' censorship cracked

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

An Irish graduate student has uncovered words blacked-out of declassified US military documents using nothing more than a dictionary and text analysis software.

Claire Whelan, a computer science student at Dublin City University was given the problems by her PhD supervisor as a diversion. David Naccache, a cryptographer with Gemplus, challenged her to discover the words missing from two documents: one was a memo to George Bush, and another concerned military modifications to civilian helicopters.

The process is quite straightforward, and according to Naccache, Whelan's success proves that merely blotting words out of declassified documents will not keep the contents secret.

The first task is to identify the font, and font size the missing word was written in. Once that is done, the dictionary search begins for words that fit the space, plus or minus three pixels, Naccache explained.

This process yielded 1,530 possibilities for word blanked out of a sentence in the Bush memo. Then, the text anaysis routine checks for words that would make sense in English. The sentence was: "An Egyptian Islamic Jihad (EIJ) operative told an XXXXXXXX service at the same time that Bin Ladin was planning to exploit the operative's access to the US to mount a terrorist strike." Just 346 words remained on the list at this stage.

The next stage is to involve the brain of the researcher. This eliminated all but seven words: Ugandan, Ukrainian, Egyptian, uninvited, incursive, indebted and unofficial. Naccache plumped for Egyptian, in this case.

Whelan subjected the helicopter memo to the same scrutiny, and the results suggested South Korea was the most likely anonymous supplier of helicopter knowledge to Iraq.

Although the technique is no good for tackling larger sections of text, it does show that officials need to be more careful with their sensitive documents. Naccache argues that the most important conclusion of this work "is that censoring text by blotting out words and re-scanning is not a secure practice".

According to the original report in Nature, intelligence experts may consider changing procedures. ®

Related stories

FBI on look-out for foreign government hackers
Why the Dogs of Cyberwar stay leashed
Bruce Schneier on crypto, the FBI, privacy and more

Internet Security Threat Report 2014

More from The Register

next story
MARS NEEDS WOMEN, claims NASA pseudo 'naut: They eat less
'Some might find this idea offensive' boffin admits
LOHAN crash lands on CNN
Overflies Die Welt en route to lively US news vid
Experts brand LOHAN's squeaky-clean box
Phytosanitary treatment renders Vulture 2 crate fit for export
No sail: NASA spikes Sunjammer
'Solar sail' demonstrator project binned
Carry On Cosmonaut: Willful Child is a poor taste Star Trek parody
Cringeworthy, crude and crass jokes abound in Steven Erikson’s sci-fi debut
Origins of SEXUAL INTERCOURSE fished out of SCOTTISH LAKE
Fossil find proves it first happened 385 million years ago
Human spacecraft dodge COMET CHUNKS pelting off Mars
Odyssey orbiter yet to report, though - comet's trailing trash poses new threat
You can crunch it all you like, but the answer is NOT always in the data
Hear that, 'data journalists'? Our analytics prof holds forth
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.