Following Layoffs, Automattic Employees Discover Leak-Catching Watermarks (404media.co) 37
An anonymous reader quotes a report from 404 Media: As part of the company's months-long obsession with catching employees leaking internal developments to the press, staff at Wordpress parent company Automattic recently noticed individually-unique watermarks on internal sites, according to employees who spoke to 404 Media. Automattic added the watermarks to an internal employee communications platform called P2. P2 is a WordPress product other workplaces can also use. There are hundreds of P2 sites across teams at Automattic alone; many are team-specific, but some are company-wide for announcements. The watermarks in Automattic's P2 instance are nearly invisible, rendered as a pattern overlaid on the site's white page backgrounds. Zooming in or manually changing the background color reveals the pattern. If, for example, a journalist published a screenshot leaked to them that was taken from P2, Automattic could theoretically identify the employee who shared it.
In October, as part of a series of buyout offers meant to test employee's loyalty to his leadership, Automattic CEO Matt Mullenweg issued a threat for anyone speaking to the press, saying they should "exit gracefully, or be fired tomorrow with no severance." Earlier this month, the company laid off nearly 300 people. [...] It's not clear when the watermarks started appearing on P2, and Automattic has not responded to a request for comment. But Mullenweg has been warring with web hosting platform WP Engine -- and as the story has developed, seemingly with his own staff -- since last year. [...] One Automattic employee told me they don't think anyone is shocked by the watermarking, considering Mullenweg's ongoing campaign to find leakers, but that it's still adding to the uncertain, demoralized environment at the company. "Can't help but feel even more paranoid now," they said.
In October, as part of a series of buyout offers meant to test employee's loyalty to his leadership, Automattic CEO Matt Mullenweg issued a threat for anyone speaking to the press, saying they should "exit gracefully, or be fired tomorrow with no severance." Earlier this month, the company laid off nearly 300 people. [...] It's not clear when the watermarks started appearing on P2, and Automattic has not responded to a request for comment. But Mullenweg has been warring with web hosting platform WP Engine -- and as the story has developed, seemingly with his own staff -- since last year. [...] One Automattic employee told me they don't think anyone is shocked by the watermarking, considering Mullenweg's ongoing campaign to find leakers, but that it's still adding to the uncertain, demoralized environment at the company. "Can't help but feel even more paranoid now," they said.
Re: (Score:2)
They are talking about web sites, "a pattern overlaid on the site’s white page backgrounds." View it with a text browser, eg lynx, and save the text. Alternately: most browsers let you 'view source'.
However: if the watermark software is any good they will have thought of that and have something to stop it.
Can anyone tell us how it woks ?
Re: Easy fix (Score:2)
Re: Easy fix (Score:5, Informative)
Watermarking is damn near ancient technology. They're not even using well-hidden watermarks. At a minimum they could require you to do an FFT or something to produce something readable.
It's amazing to me that any journalist would directly publish any leaked data. That's incredibly stupid. Even leaking the plain text is risky, as you can "watermark" any document by subtly re-ordering words and sentences, inserting typos, etc. which would tell you at least what office the document was leaked from. I'm tempted to blame the collapse of journalism as a profession, because they should have been told this at some point in their career.
In movie screeners since 2006 or earlier (Score:2)
https://www.npr.org/2006/01/12... [npr.org]
Putting a Watermark on Oscar Film 'Screeners' - January 12, 20061:00 PM ET - Heard on Day to Day - By Xeni Jardin
Technology and culture contributor Xeni Jardin reports on efforts to stop the pirates using unique software that puts a "watermark" on electronic versions of the films.
That's how Reality Winner was caught (Score:2)
Watermarking is damn near ancient technology. They're not even using well-hidden watermarks. At a minimum they could require you to do an FFT or something to produce something readable.
It's amazing to me that any journalist would directly publish any leaked data. That's incredibly stupid. Even leaking the plain text is risky, as you can "watermark" any document by subtly re-ordering words and sentences, inserting typos, etc. which would tell you at least what office the document was leaked from. I'm tempted to blame the collapse of journalism as a profession, because they should have been told this at some point in their career.
The Intercept published the single page classified document Reality Winner leaked to them [wikipedia.org]. Because of printer tracking dots [wikipedia.org] and other evidence, the Feds were able to prove Ms. Winner leaked the classified document.
Its worth pointing out in 2018 Ms. Winner was given the longest prison sentence ever imposed for an unauthorized release of government information to the media.
You know who stole boxes and boxes of highly classified documents and stored them in spare bathrooms and ballrooms at his club/house staff
Re: That's how Reality Winner was caught (Score:1)
Yeah that guy who kept boxes of secret documents parked next to his corvette, in his office in Delaware, and at the university of Pennsylvania sure got a sweetheart judge too.
Fun stuff, even in text documents (Score:5, Informative)
Can anyone tell us how it woks ?
For text documents, especially when viewed with proportionally spaced fonts. You can do simple things like add a space between words. Is the extra space a typo or a personalized tell? Any typo might be a tell.
Remove an Oxford comma. "1, 2, and 3" becomes "1, 2 and 3".
Another trick is to use a unicode character that renders the same.
Is that 'A' in Cyrillic, numerically U+0410? https://www.compart.com/en/uni... [compart.com]
Or is in Latin, U+0041? https://www.compart.com/en/uni... [compart.com]
What about file metadata, a different second in the creation time.
Re:Fun stuff, even in text documents (Score:5, Funny)
Well at least we know on slashdot we're safe from that sort of watermarking
Watermarks are easily removed (Score:5, Informative)
If you are aware they are there. Hence the most critical thing is to hide them well. Apparently that did not happen here.
Protip: Export as txt (cut & paste into notepad), run a spell-checker and a whitespace-normalizer on it and do a careful reading of the text. Nothing will be left. To be extra sure, get several sources of the docunent with likly different watermarks and compare to identify the differences and hence the watermark.
As the incident with "Reality Winner" and The Intercept shows, even people that really should know better do not know to do this basic sanitization though.
Re: Watermarks are easily removed (Score:2)
Re: (Score:2)
It is just pixels before. Just as much or as little evidence value...
Re: (Score:2)
But then it's just text, not evidence. I guess even any digital image is not valid evidence anymore in this brave new world though. Just seems more like evidence.
Unless you get multiple independent sources saying so and so said this and that in the company wide email.
Re: (Score:2)
But then it's just text, not evidence.
Yes. The journalist can publish just the text and state the screenshot they have seen though.
The actual artifact does not have to be released to the public. If it's a legal matter, then the actual evidence artifact can be provided to court under a seal, where the other parties such as Automattic do not have unconditional access to use the evidence for unauthorized purposes such as fishing expedition for employees who leaked it.
Re: (Score:2)
Compared to what though? Debug tools in browser and edit the HTML like bank call scammers?
Re: (Score:2)
Re:Watermarks are easily removed (Score:5, Interesting)
Export as txt (cut & paste into notepad), run a spell-checker and a whitespace-normalizer on it and do a careful reading of the text. Nothing will be left. To be extra sure, get several sources of the docunent with likly different watermarks and compare to identify the differences and hence the watermark.
Multiple documents are key since the watermark may be something entirely grammatical. Like Oxford comma or not, word substitutions (synonyms). Perhaps hexdumps and comparing those in case there is a "letter" composed from multiple unicode elements, where multiple modifiers appear in a different order.
Re: (Score:2)
If you suspect the other side is compentent, definitely. But they do not seem to be here. The watermark from the story is probably FUD and designed to be seen and make people afraid.
Re: (Score:2)
Open in a program that only shows ASCII. There are many homoglyphs that can be used. Also be aware of hard line breaks. Possibly reformat the full text or paraphrase it.
At this point... (Score:2)
If you're going to leak something, feed it to an LLM and ask for a restatement, then save screenshots of the original for trial.
Restatement may work no better than translation (Score:2, Troll)
If you're going to leak something, feed it to an LLM and ask for a restatement, then save screenshots of the original for trial.
Its an old joke, and it is about translation not restatement, but I think the joke might apply here too.
English/Russian translation software is being tested.
The English text "The spirit is willing but the flesh is weak" is translated into Russian.
The Russian text is then translated into English and the result is "The vodka is strong but the meat is spoiled."
Re: (Score:2)
Oh yeah, i agree it may not be 100% accurate to the original text. But that's... kinda the point? It dodges things like word choice steganography as well as just visual, or space based.
Truly tho, nothing 100% gonna work.
(The example i liked was "out of sight, out of mind" becoming "invisible insanity")
Re: This isn't watermarking. (Score:5, Informative)
the phrase "watermarking" has been used for this exact application for decades.
Old-school photocopier "watermark" (Score:2, Interesting)
Back in the day when copiers were analog, I knew a company that put unique etchings on the glass of all of their copiers.
This way, at least they had an idea of what site or building the leaked document came from.
Re: (Score:2)
Re: Old-school photocopier "watermark" (Score:2)
the yellow dots ID a printer, but you have to go to the manufacturer to correlate your dots with some serial number. Good for, say, the FBI, but pretty useless a company that owns it. I guess such a company could do a census of every printer they own....
Re: (Score:3)
Actually, you don't. The printer manufacturers agreed on a pattern so law enforcement could understand them without special tools. Printer tracking dots [wikipedia.org]
If you want to see these yellow dots for yourself, just scan a color printed document and adjust the color layers. Or shine a blue/UV light on the page and look for the repeating dots. I found the dots from our color laser printer when I looked back in 2015.
This tracking system was first used when people were trying to counterfeit $100 bills, color print
how about this whataboutism? (Score:2)
Automatic employees? (Score:2)
So the age of AI employees is already here, apparently!
Prediction (Score:2)
Automattic will have a hard time hiring competent engineers going forward. I'd bet they're on a whole bunch of "do not apply" lists. Although, if you want to have some fun, respond to a recruiter for them with a watermarked response along the lines of "no way in hell".
Re: (Score:2)
They are on these lists at least since they added the silly checkmarks to the Wordpress sign up page. You can't take such a company serious.
I would also say they already raised red flags when the whole dispute started, but you may see two sides of the dispute, but how Automattic handled it clearly shows who is not to be taken seriously.
Tech Company evolves into Orwellian Dystopia (Score:2)
What horrible places these must be to work in. A realm of paranoia and malevolence ruled over by psychopaths.
Re: (Score:2)
Creates drama and engagement, at the cost of your best creative staff I expect.
But why? ... I don't quite get it. (Score:2)
Matts PR fumble, his apology and his call for loyalty including notable exit incentives in the aftermath were (almost) all it took to handle the issue somewhat gracefully. All of it was openly communicated, in a manner you'd expect from such an entity as WordPress.
The only explanation I can come up with is that this has been in place for longer and legal wanted some tracking for NDA breaches. The internal P2 [wordpress.com] (it's a WP theme btw.) has been around forever, there are likely NDAs in place to cover internals th