Y
yared22311
NSA: REDACTING WITH CONFIDENCE
The National Security Agency has issued new guidance to assist
officials in redacting (censoring) documents in Microsoft Word format
and producing unclassified Adobe Portable Document (PDF) files without
inadvertently disclosing sensitive information. "MS Word is used
throughout the DoD and the Intelligence Community (IC) for preparing
documents, reports, notes, and other formal and informal materials.
PDF is often used as the format for downgraded or sanitized documents."
"There are a number of pitfalls for the person attempting to sanitize a
Word document for release." For example, "As numerous people have
learned to their chagrin,
merely converting an MS Word document to PDF does not remove all
[sensitive] metadata automatically." "This paper describes the issue,
and gives a step-by-step description of how to do it with confidence
that inappropriate material will not be released." See "Redacting with
Confidence: How to Safely Publish Sanitized Reports Converted From Word
to PDF," National Security Agency, December 13, 2005:
http://www.fas.org/sgp/othergov/dod/nsa-redact.pdf
Officials advised by NSA on editing
By Shaun Waterman
UNITED PRESS INTERNATIONAL
Published January 24, 2006
The National Security Agency has issued technical guidelines to U.S.
officials on redacting or editing sensitive documents for release after
a series of incidents in which so-called metadata stored in electronic
formats such as Microsoft Word or Adobe PDF files were exposed
accidentally.
Both types of files are "complex, sophisticated computer data
formats," according to the guidance document produced by the NSA's
Information Assurance Directorate, which is responsible for the
integrity of U.S. government computer networks.
The document, called "Redacting with confidence: How to safely
publish sanitized reports converted from Word to PDF," says these files
can "contain many kinds of information, such as text, graphics, tables,
images, [and] meta-data."
Metadata is information associated with the file, like a note of
the author and the date the file was created.
This "complexity makes [documents in these and other formats]
potential vehicles for exposing information unintentionally, especially
when downgrading or sanitizing classified materials," the NSA says.
Although the document -- dated last month and posted on the Web
site of the Federation of American Scientists last week -- provides no
examples, there were at least two occasions last year when such
unintentional exposure of official U.S. documents occurred.
Reporters checking the metadata for the 35-page "National Strategy
for Victory in Iraq" that President Bush presented in November found
its author to be a National Security Council adviser named Peter
Feaver.
Another kind of metadata is the so-called "undo stack," a list of
all editing changes made in the file that are saved by the program so
that they can be reversed using the "undo" function.
On April 30, U.S.-led coalition forces in Baghdad posted on the Web
a redacted version of their report regarding the fatal shooting of
Italian special agent Nicola Calipari at a checkpoint on the city's
notorious airport road.
Military officials redacted key information about checkpoint
procedures and events on the night in question from the report before
posting it on the Web. But a few clicks of the mouse was all it took to
restore the redacted parts.
"The key concept for understanding the issues that lead to the
inadvertent exposure is that information hidden or covered in a
computer document can almost always be recovered," the NSA says.
The officers who prepared the Calipari report apparently thought
that when a document was converted to a PDF format, the "undo stack"
disappeared.
"It was believed that once a document was converted to a PDF, it
would not be able to be reversed [to] allow the information to be
viewed," Army Lt. Col. Steven Boylan, who led the post-mortem into the
accidental release, told Government Computer News last year.
According to the NSA document, "numerous people have learned to
their chagrin, merely converting a Microsoft Word document to PDF does
not remove all metadata automatically."
The National Security Agency has issued new guidance to assist
officials in redacting (censoring) documents in Microsoft Word format
and producing unclassified Adobe Portable Document (PDF) files without
inadvertently disclosing sensitive information. "MS Word is used
throughout the DoD and the Intelligence Community (IC) for preparing
documents, reports, notes, and other formal and informal materials.
PDF is often used as the format for downgraded or sanitized documents."
"There are a number of pitfalls for the person attempting to sanitize a
Word document for release." For example, "As numerous people have
learned to their chagrin,
merely converting an MS Word document to PDF does not remove all
[sensitive] metadata automatically." "This paper describes the issue,
and gives a step-by-step description of how to do it with confidence
that inappropriate material will not be released." See "Redacting with
Confidence: How to Safely Publish Sanitized Reports Converted From Word
to PDF," National Security Agency, December 13, 2005:
http://www.fas.org/sgp/othergov/dod/nsa-redact.pdf
Officials advised by NSA on editing
By Shaun Waterman
UNITED PRESS INTERNATIONAL
Published January 24, 2006
The National Security Agency has issued technical guidelines to U.S.
officials on redacting or editing sensitive documents for release after
a series of incidents in which so-called metadata stored in electronic
formats such as Microsoft Word or Adobe PDF files were exposed
accidentally.
Both types of files are "complex, sophisticated computer data
formats," according to the guidance document produced by the NSA's
Information Assurance Directorate, which is responsible for the
integrity of U.S. government computer networks.
The document, called "Redacting with confidence: How to safely
publish sanitized reports converted from Word to PDF," says these files
can "contain many kinds of information, such as text, graphics, tables,
images, [and] meta-data."
Metadata is information associated with the file, like a note of
the author and the date the file was created.
This "complexity makes [documents in these and other formats]
potential vehicles for exposing information unintentionally, especially
when downgrading or sanitizing classified materials," the NSA says.
Although the document -- dated last month and posted on the Web
site of the Federation of American Scientists last week -- provides no
examples, there were at least two occasions last year when such
unintentional exposure of official U.S. documents occurred.
Reporters checking the metadata for the 35-page "National Strategy
for Victory in Iraq" that President Bush presented in November found
its author to be a National Security Council adviser named Peter
Feaver.
Another kind of metadata is the so-called "undo stack," a list of
all editing changes made in the file that are saved by the program so
that they can be reversed using the "undo" function.
On April 30, U.S.-led coalition forces in Baghdad posted on the Web
a redacted version of their report regarding the fatal shooting of
Italian special agent Nicola Calipari at a checkpoint on the city's
notorious airport road.
Military officials redacted key information about checkpoint
procedures and events on the night in question from the report before
posting it on the Web. But a few clicks of the mouse was all it took to
restore the redacted parts.
"The key concept for understanding the issues that lead to the
inadvertent exposure is that information hidden or covered in a
computer document can almost always be recovered," the NSA says.
The officers who prepared the Calipari report apparently thought
that when a document was converted to a PDF format, the "undo stack"
disappeared.
"It was believed that once a document was converted to a PDF, it
would not be able to be reversed [to] allow the information to be
viewed," Army Lt. Col. Steven Boylan, who led the post-mortem into the
accidental release, told Government Computer News last year.
According to the NSA document, "numerous people have learned to
their chagrin, merely converting a Microsoft Word document to PDF does
not remove all metadata automatically."