One of our readers, Tomo dropped us a note in order to assist getting the word out on this one as this issue has a potential to be very far reaching into the fields of military, medical and construction to only name a few where lives could be impacted. It appears there is a possibly long standing issue where copy machines are using software for some scanning features. These features are using a standard compression called JBIG2, which is discovered to have some faults that change the original documents. Xerox has released two statements to date. If you are interested in the latest info, jump to link two. [1] [2]
There is plenty of reading on this issue. I wanted to get something out to you as soon as possible. A very good analysis was produced by David Kriesel. [3] He has been very good at updating that page with consist and relevent links. A job well done by David. Please take this discussion to the forum and share any facts that you can.
-Kevin |
Kevin Shortt 85 Posts ISC Handler Aug 9th 2013 |
Thread locked Subscribe |
Aug 9th 2013 7 years ago |
I read about this the other day on the full disclosure list. I am wondering if it goes beyond just copying to other scanning operations, such as scan to a file in pdf format. I use a cute little portable scanner with my laptop that comes with software to produce a pdf file that is OCR processed so that it is searchable, copyable with the mouse, etc. I am wondering if the pdf software to post-process these scans also used JBIG2, an hence could also be vulnerable. Perhaps we are only seeing the tip of the iceberg right now. Perhaps any image to pdf conversion that uses JBIG2 could be vulnerable. Just a [nasty] thought...
|
Moriah 133 Posts |
Quote |
Aug 10th 2013 7 years ago |
I believe most OCR implementations use TIFF format. It is still a possibility for JBIG2 to be utilized with OCR. JBIG2 seems to be designed for high speed copying. Non-OCR scanning may use it as well. I began looking at documents I previously scanned for "8" or "6" swapping. I leave OCR on for most scanning and I know the images are TIFF encoded by my scanner.
|
G.Scott H. 48 Posts |
Quote |
Aug 10th 2013 7 years ago |
Sign Up for Free or Log In to start participating in the conversation!