OIT Tech 32px
Outage report: Network, Aug 24-27
Outage report: Network, July 31, 2015
New features coming to web version of Catmail
Microsoft releases critical update for Windows: Users urged to update
Outage report: Blackboard Learn, Aug 08-09 2015
Fall opening 2015: IT support locations & hours
Catmail to start blocking executable email attachments on July 16, 2015
Eduroam WiFi access now available on all OHIO campuses
New printing method coming June 29 for Libraries, College of Business and other locations
University to add 'eduroam' WiFi access in July, 2015
deco-circuit-banner

Invisibly visible documents: Can hackers see what you deleted?

Monday, June 16, 2014
Meg Omecene  

Before and after images of uncovering a Sharpie-blacked password.

Did you know that anyone with image editing software can look at a scanned document with marked-out security information, use a tool to erase the blacking and look at your information? To send such a document, you must properly redact sensitive information.

When Sharpies aren't so sharp

You may think that if you can’t physically see sensitive information, no one else can. However, just because you cannot see it does not mean that it is not present.  For example, covering sensitive information with permanent marker is easily defeated through scanning the page and using Photoshop to remove the black ink.

Digital Don'ts

Likewise, do not place a white box over information in Microsoft Word. All the recipient needs to do is drag the white box to reveal that information.

Even exporting the document into a pdf with blacked-out information is risky. People who are familiar with the Acrobat format will be able to find the blacked-out material.

Safe ways to send

The best approach is not to share documents that contain sensitive information in the first place.

If sending a document is unavoidable, you have two options, both of which include printing and scanning: You can create a new document and use dummy information or you can cover information with a black box. In either case, the next step is to print the document out, scan the printout and use that scanned image to transfer the information. You must send only the scanned version.

Keep these tips in mind as you share documents. Remember: if the information has been in the file, someone can find it.


Related Links