
Spies in the Xerox Machine (1997) - myrandomcomment
https://electricalstrategies.com/about/in-the-news/spies-in-the-xerox-machine/
======
client4
I started the network forensics security contest at DEFCON (separate from the
wall of sheep contest that I believe is still running) and one of my favorite
challenges was recovering printer traffic. The contest was a race to see who
could finish X number of challenges first with each round getting harder. The
last puzzle was a TCP dump of MiTM’d printer traffic. I intended for them to
carve out the document data and feed it into Gutenprint, but in the name of
speed they speed over to Fry’s, shoved a piece of promo paper into a printer
and powered it on, then replayed the TCP traffic to the printer. Probably one
of my favorite solutions. About an hour later they also did it via Gutenprint
just to show they could.

------
throwaway_pdp09
[https://www.instructables.com/id/Yellow-Dots-of-Mystery-
Is-Y...](https://www.instructables.com/id/Yellow-Dots-of-Mystery-Is-Your-
Printer-Spying-on-/)

"Most color laser printers and color copiers are designed to print invisible
tracking codes across every single printed page of their output. These codes
reveal which machine produced a document and, in some cases, when the document
was printed or copied."

FYI

Edit:

List of Printers Which Do or Do Not Display Tracking Dots
[https://www.eff.org/pages/list-printers-which-do-or-do-
not-d...](https://www.eff.org/pages/list-printers-which-do-or-do-not-display-
tracking-dots)

I'm going to have a close look at my monochrome laser printer output, just in
case.

~~~
sbierwagen
Monochrome laser output will also be fingerprinted by the uneven toner pattern
from wear on the drum and the toner transfer roller.

~~~
throwaway_pdp09
I've heard this (well, about the drum, but the transfer roller?) but it's
incidental and can be changed by changing the drum, and is not an intentional
tracking device that encodes date of printing, device ID etc. such that some
DB can be used to track it.

~~~
sbierwagen
Transfer roller, of course. Note how print quality degrades as you get towards
the bottom of a toner cartridge on a cheap printer, the consistent pattern of
print artifacts.

>changed by changing the drum

Sure, it depends on the threat model. If you're producing many documents some
time apart, replacing drums and cartridges could be a purchase signal in of
itself. If you're doing something very risky, like publishing nuclear weapon
plans, ISIS recruitment flyers, or Clinton foundation invoices, then leaking
just a few bits of identifying information could be life-ending. Cf
[https://www.gwern.net/Death-Note-Anonymity](https://www.gwern.net/Death-Note-
Anonymity)

------
computator
> _This drawing is from patent 3,855,983, issued to Zopppoth[sic] in 1967 for
> a miniature surveillance camera._

Trying to look up that patent number[1] finds something completely unrelated:
A magnetic sensor device in the ignition system for an internal combustion
engine, awarded to Robert J. Valek at Motorola, Inc. Even a search of the
inventor's last name[2] finds nothing by the last name of Zoppoth or Zopppoth
(with 3 p's as shown in the caption).

I'm guessing that either there was a typo in the article, or that the Xerox
patent was never issued and the number was reused by someone else (can that
happen?), or that secret U.S. patents have a different numbering system that
duplicates real U.S. patent numbers.

[1] [http://patft.uspto.gov/netacgi/nph-
Parser?Sect1=PTO1&Sect2=H...](http://patft.uspto.gov/netacgi/nph-
Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=3,855,983.PN.&OS=PN/3,855,983&RS=PN/3,855,983)

[2] [http://patft.uspto.gov/netacgi/nph-
Parser?Sect1=PTO2&Sect2=H...](http://patft.uspto.gov/netacgi/nph-
Parser?Sect1=PTO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-
bool.html&r=0&f=S&l=50&TERM1=Zoppoth&FIELD1=INNM&co1=AND&TERM2=&FIELD2=&d=PTXT)

~~~
zenexer
The article calls it a “secret patent,” so I wouldn’t be surprised if they got
the number wrong—assuming there even is a number.

------
TomMasz
I worked at Xerox for over 20 years and never heard this story. Not
surprising, though, there were lots of little groups working on things they
never spoke of.

~~~
GnarfGnarf
I also worked at Xerox. They were good at keeping their employees in the dark.
Xerox believed in keeping as much information secret as possible, even from
customers who needed (and were entitled to) technical information about the
equipment they leased at exorbitant cost, like the 9700 laser printer (120
pages/min, two-sided in 1979).

They did such a great job of focusing on copiers, that they blew their lead in
the major technologies of the century: GUI, mouse, laser printing, LAN.

Every new hire gets a copy of "The billions nobody wanted", the story of
Chester Carlson, his invention of xerography, and how many companies turned
him down. It's ironic that they repeated the same mistakes.

------
vuln
If printer security interests you or you want to do some testing on your own
devices. Check out PRET[0].

[0]Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
[https://github.com/RUB-NDS/PRET](https://github.com/RUB-NDS/PRET)
[http://hacking-
printers.net/wiki/index.php/Printer_Security_...](http://hacking-
printers.net/wiki/index.php/Printer_Security_Testing_Cheat_Sheet)

~~~
drewg123
I wonder if some good samaritan could use this to make a canned solution to
automagically turn off every HP "DIRECT" wifi that's unused 99.99% of the time
and pollutes the wifi spectrum in any residential setting.

------
abdulhaq
Any person or company using US hardware/software should understand that it may
have been tainted at the request of the US state, and that for the
manufacturer/provider of the hardware/software to disclose said tainting is
also illegal.

~~~
AmericanChopper
I’d be very interested to see a list of countries that didn’t have equivalent
powers. What vendors and supply chains do you imagine are immune from this
problem?

------
brohee
Printers are still a cybersecurity issue, it's incredible how often we still
see printers on the same LAN as workstation given the horrible state of their
security, and that random people are expected to come to "fix" them
regularly...

------
acqq
Context: It’s published there as of 1997 but it’s about CIA spying technology
used in 1963, 57 years ago!

~~~
elliekelly
I recently watched Enemy of the State which came out in 1999 and the level of
technology and spying was really surprising to me. I wonder how many people at
the time thought the government’s ability was overstated for the movie.

Also kind of crazy they were using “terrorism” as a guise for invading our
privacy even before 9/11.

~~~
acqq
The Hollywood films almost by rule distort the real details, but some scripts
do manage to pass the general idea.

Never trust the Hollywood _details_ but if you are interested in any topic,
search the books (or the news articles) that did the research based on the
primary sources.

If you're interested in the history of older "spying" _technology_ (as in NSA)
see the books of James Bamford. Or, more recently, search for coverage of what
is known due to Snowden.

Some details emerge much later, e.g. about the quality of the pictures
achievable from the satellites in sixties (i.e. more than 50 years ago):

[https://www.wired.com/2014/04/lost-lunar-photos-recovered-
by...](https://www.wired.com/2014/04/lost-lunar-photos-recovered-by-great-
feats-of-hackerdom-developed-at-a-mcdonalds/)

For CIA topics there are also some very good researched books. I'd say, the
truth is much more fascinating than the movies.

------
hedora
Now xerox machines store everything they copy to disk and listen on multiple
open network ports. I bet some phone home for updates by default.

I wonder if they’re all bugged these days.

------
myrandomcomment
Here is another 2 stories on it. Not much there.

[https://newshimalaya.com/2020/07/19/spies-within-the-
xerox-m...](https://newshimalaya.com/2020/07/19/spies-within-the-xerox-
machine/)

[https://www.mentalfloss.com/article/12592/7-ingenious-
hidden...](https://www.mentalfloss.com/article/12592/7-ingenious-hidden-spy-
cameras)

I also remember reading about this in a book on the history of the CIA but I
cannot seem to find its title right now.

If you are interested in some stories on spy satellites this is a great book:

[https://www.goodreads.com/book/show/887319.Deep_Black](https://www.goodreads.com/book/show/887319.Deep_Black)

And if you want to read about the British:

[https://en.wikipedia.org/wiki/The_Defence_of_the_Realm](https://en.wikipedia.org/wiki/The_Defence_of_the_Realm)

I had family in this "line of business" in the 1960s in the USA. I asked if
this was a true story, the answer was just a smile.

------
sbierwagen
Somewhat related, most modern paper currency has a pattern of rings on it that
color photocopies will read, and refuse to copy:
[https://en.wikipedia.org/wiki/EURion_constellation](https://en.wikipedia.org/wiki/EURion_constellation)

------
29athrowaway
Spies in your printers and copiers

[https://en.wikipedia.org/wiki/Machine_Identification_Code](https://en.wikipedia.org/wiki/Machine_Identification_Code)

Spies in your screen

[https://en.wikipedia.org/wiki/Tempest_(codename)](https://en.wikipedia.org/wiki/Tempest_\(codename\))

[https://www.youtube.com/watch?v=BpNP9b3aIfY](https://www.youtube.com/watch?v=BpNP9b3aIfY)

Spies in your CPU

[https://en.wikipedia.org/wiki/Intel_Management_Engine](https://en.wikipedia.org/wiki/Intel_Management_Engine)

------
dang
There have been other HN threads about this story, perhaps with different
articles as the submission. I can't find them though. Anybody?

~~~
computator
I did a whole bunch of HN searches and couldn't find a previous submission. I
did find a few people mentioning it in comments to other stories. Perhaps
you're thinking of the similar incident in which the Soviets bugged the
American embassy’s typewriters[1]?

By the way, the earliest original reporting of the story I found is from
Popular Science[2], Jan. 1997, "Spies in the Xerox Machine", page 70. (The
Popular Science article has the same bogus patent number I mentioned in
another comment.)

[1]
[https://news.ycombinator.com/item?id=21998774](https://news.ycombinator.com/item?id=21998774)

[2]
[https://books.google.ca/books?id=KIEIX2X-na8C&pg=PA70](https://books.google.ca/books?id=KIEIX2X-na8C&pg=PA70)

~~~
dang
Thanks for looking! You may be right but I have the feeling of two separate
memories, one about the more famous typewriter story, and one about this Xerox
thing. Oh well.

------
rixrax
Reminds me of a guy who hacked into Xerox machine (could have been Canon etc.
really, can’t remember anymore) they used to print exam questions in computer
sciences faculty (~1995). And who then had a short but lucrative run of
selling those questions to other students. He obviously got ratted out rather
quickly and got expelled from college.

------
pjmlp
As advice for everyone mentioning smart printers, many aren't aware that
modern laser printers have their own version of applets, either with their own
Java dialect, or some other form of proprietary language/native SDK.

They are proper computers, with everything that a CPU with network connection
might be capable of.

------
sandworm101
>>Next, they installed a camera in a machine at the main Xerox office in
Webster. "When we developed the pictures, we found recipes and copies of music
and cartoons and jokes and all kinds of things," Zoppoth says.

So ... the illegally spied on US citizens in order to test their spycraft.
Translate this into today's tech. It would be like a CIA spook installing some
code on a US website as a trial run before installing it on FSB.com. Did they
have a camera in the photocopier during the office Christmas party? This is
why any government actor in position to spy on anyone needs regulation and
oversight.

>> Judging by the number of parts ordered from Xerox, Zoppoth believes that
spy cameras may have been installed in photocopiers all over the world, to
keep an eye on U.S. allies as well as enemies.

And today we know how that goes.

~~~
hoistbypetard
> So ... the illegally spied on US citizens in order to test their spycraft.

Xerox employees installed the rig on a copier at the Xerox workplace to test
the camera they invented, and Xerox employees looked at the photos of the
documents. This was before they turned the camera over to the "CIA spooks",
who did not (according to the story) look at the documents in the US
headquarters of Xerox.

I agree 100% with your points about the need for regulation and oversight, but
this is not the incident that carries those points.

------
acruns
When will this happen to keyboards?

~~~
mauvehaus
About fifty years ago. The Soviets did it to the US:

[https://www.cryptomuseum.com/covert/bugs/selectric/](https://www.cryptomuseum.com/covert/bugs/selectric/)

[https://news.ycombinator.com/item?id=21947924](https://news.ycombinator.com/item?id=21947924)

