From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 12 Sep 95 09:29:17 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Digital Fingerprinting
Message-ID: <9509121627.AA00538@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  I said I'd mention "state secrets" again. The usual example for
>  making subtle modifications to documents to see who leaked it is
>  the intelligence community, which gave us the term "barium" (because
>  the changes look like barium in an x-ray diagnostic).

Such technology would be very useful in business, especially the high-tech  
industry.  Think of how many non-disclosure agreements are signed every day  
relating to new products developed for the software industry alone.  Many  
companies are very paranoid and already 'fingerprint' information by using  
unique code-names for projects, for instance.  i.e. the spec sheet on their  
new GAK crypto product they give to Alice may be code-named 'project foobar'  
but the one they give to Bob may be code-named 'project burris'...  Then,  
when the information leaks out they check which person they gave the document  
with that code-name and they know who to sue (or at least not give any more  
trade-secrets to).  It's very simplistic but it has been know to work in the  
past.

Most of the real technology for doing this is much better, of course...   
However, what stops you from printing out a fingerprinted document and  
scanning it back in, for instance?


andrew