Unfortunately that wouldn’t work as this is information inside the PDF itself so it has nothing to do with the file hash (although that is one way to track.)
Now that this is known, It’s not enough to remove metadata from the PDF itself. Each image inside a PDF, for example, can contain metadata. I say this because they’re apparently starting a game of whack-a-mole because this won’t stop here.
It will be slow-ish and probably make the file larger, but if you’re sharing a PDF that only you are supposed to have access to, it’s worth it. MAT or exiftool should work.
Edit: as spoken about in another comment thread here, there is also pdf/image steganography as a technique they can use.
This is a great point. Image watermarking steganography is nearly impossible to defeat unless you can obtain multiple copies of the ‘same’ file from multiple users to look for differences. It could be a change of a single 5-15 pixels from one rgb code off.
rgb(255, 251, 0)
to
rgb(255, 252, 0)
Which would be imperceptable to the human eye. Depending on the number of users it may need to change more or less pixels.
There is a ton of work in this field and its very interesting, for anyone considering majoring in computer science / information security.
Another ‘neat’ technology everyone should know about is machine identification codes, or, the tiny secret tracking dots that color printers print on every page to identify the specific make, model, and serial number (I think?) of the printer the page was printed from. I don’t believe B&W printers have tracking dots, which were originally used to track creators of counterfeit currency. EFF has a page of color printers which do not include tracking dots on printed pages. This includes color LaserJets along with InkJets, although I would not be surprised if there was a similar tracking feature in place now or in the future “for safety and privacy reasons,” but none that I am aware of.
I wonder if it’s common for those steganography techniques to have some mechanism for defeating the fairly simple strategy of getting 2 copies of the file from different sources, and looking at the differences between them to expose all the watermarks.
(I’d think you would need sections of watermark that are the same for any 2 or n combinations of copies of the data, which may be pretty easy to do in many cases, though the difference makes detecting the general watermarking strategy massively easier for the un-watermarkers)
I know PDF providers who visibly print the customer’s name or number in the header of every page, along with short copyright text. I use qpdf --stream-decompress to make the PDF into human-readable PostScript, and then Python+regex to remove each header text, which stand out a bit from other PDF elements. The script throws an error if more or fewer elements than pages have been removed but that hasn’t happened yet. Processed documents sometimes have screwed-up non-ASCII characters in the Table of Contents for some reason but I don’t have the originas anymore so IDK if it’s my fault. Still, I wouldn’t share the PDFs unless in text-only or printed form because of any other steganographic shenanigans in the file. I would absolutely torrent them if I could repurchase them under a new identity and verify that the files are identical.
BTW, has anyone figured out how to embed Python code in PDF? The whitespace always gets reencoded as x-coordinates so copy&pasting it never preserves indentation. No, you can’t use the Ogham Space Mark (Unicode’s only non-blank character classified as a space) for indentation in Python, I tried.
That’s where you print the downloaded PDF to a new PDF. New hash and same content, good luck tracing it back to me fucko.
Unfortunately that wouldn’t work as this is information inside the PDF itself so it has nothing to do with the file hash (although that is one way to track.)
Now that this is known, It’s not enough to remove metadata from the PDF itself. Each image inside a PDF, for example, can contain metadata. I say this because they’re apparently starting a game of whack-a-mole because this won’t stop here.
There are multiple ways of removing ALL metadata from a PDF, here are most of them.
It will be slow-ish and probably make the file larger, but if you’re sharing a PDF that only you are supposed to have access to, it’s worth it. MAT or exiftool should work.
Edit: as spoken about in another comment thread here, there is also pdf/image steganography as a technique they can use.
Okay, got it. Print the PDF, then scan it and save as PDF.
Or get some monks to get a handwritten copy, like the good old times.
Wouldn’t printing the PDF to a new PDF inherently strip the metadata put there by the publisher?
it’s possible using steganographic techniques to embed digital watermarks which would not be stripped by simply printing to pdf.
Got it. Print to a low quality JPG, the use AI upscaling to restore the text and graphs.
You should spread that idea around more, it’s pretty ingenious. I’d add first converting to B&W if possible.
This is a great point. Image watermarking steganography is nearly impossible to defeat unless you can obtain multiple copies of the ‘same’ file from multiple users to look for differences. It could be a change of a single 5-15 pixels from one rgb code off.
to
Which would be imperceptable to the human eye. Depending on the number of users it may need to change more or less pixels.
There is a ton of work in this field and its very interesting, for anyone considering majoring in computer science / information security.
Another ‘neat’ technology everyone should know about is machine identification codes, or, the tiny
secrettracking dots that color printers print on every page to identify the specific make, model, and serial number (I think?) of the printer the page was printed from. I don’t believe B&W printers have tracking dots, which were originally used to track creators of counterfeit currency. EFF has a page of color printers which do not include tracking dots on printed pages. This includes color LaserJets along with InkJets, although I would not be surprised if there was a similar tracking feature in place now or in the future “for safety and privacy reasons,” but none that I am aware of.I wonder if it’s common for those steganography techniques to have some mechanism for defeating the fairly simple strategy of getting 2 copies of the file from different sources, and looking at the differences between them to expose all the watermarks.
(I’d think you would need sections of watermark that are the same for any 2 or n combinations of copies of the data, which may be pretty easy to do in many cases, though the difference makes detecting the general watermarking strategy massively easier for the un-watermarkers)
I know PDF providers who visibly print the customer’s name or number in the header of every page, along with short copyright text. I use
qpdf --stream-decompress
to make the PDF into human-readable PostScript, and then Python+regex to remove each header text, which stand out a bit from other PDF elements. The script throws an error if more or fewer elements than pages have been removed but that hasn’t happened yet. Processed documents sometimes have screwed-up non-ASCII characters in the Table of Contents for some reason but I don’t have the originas anymore so IDK if it’s my fault. Still, I wouldn’t share the PDFs unless in text-only or printed form because of any other steganographic shenanigans in the file. I would absolutely torrent them if I could repurchase them under a new identity and verify that the files are identical.BTW, has anyone figured out how to embed Python code in PDF? The whitespace always gets reencoded as x-coordinates so copy&pasting it never preserves indentation. No, you can’t use the Ogham Space Mark (Unicode’s only non-blank character classified as a space) for indentation in Python, I tried.