I thought MS watermarks it's src code given out to organizations (but not inviduals in the organization) now after the 2k src code leak.
sky ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of Imri Goldberg Sent: Monday, May 11, 2009 9:30 AM To: funsec Subject: [funsec] Israel's population registry leak In Israel, many people know that the population registry is available to download from various p2p networks. It turns out that new versions are leaked every now and then. A few years ago, a website offered to sell the registry, and the police was tasked to find who leaked the information. It turns out that the police was unable to determine which of 22 organizations, companies and offices that had access to the information leaked it. (see http://www.haaretz.com/hasen/spages/1082775.html ) When I read it, I was reminded of the standard method of uncovering leaks: add a watermark, and distribute different versions to each organization. A watermark can even be part of a data: a changed digit in the ID number of some fake person in this specific case. I also read this kind of suggestions regarding screener leaks from time to time, but I don't recall it actually happening. I do recall reading some fiction (a James Clavell book) about purposefully distributing different versions of some document to suspect parties in an effort to uncover a leak. Every time I read about a leak, I think, why didn't they add a watermark?! It's in the books! Cheers, Imri -- Imri Goldberg -------------------------------------- www.algorithm.co.il/blogs/<http://www.algorithm.co.il/blogs/> -------------------------------------- -- insert signature here ---- Scanned by Check Point Total Security Gateway.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
