Skip to main content

    DARPA-funded fake docs track unauthorized users

    DARPA-funded fake docs track unauthorized users

    /

    In the wake of Wikileaks, the Department of Defense has stepped up its game to stop leaked documents from making their way into the hands of undesirables — be they enemy forces or concerned citizens.

    Share this story

    Fake tax return
    Fake tax return

    In the wake of Wikileaks, the Department of Defense has stepped up its game to stop leaked documents from making their way into the hands of undesirables — be they enemy forces or concerned citizens. A new piece of software has created a way to do this by generating realistic, fake documents that phone home when they're accessed, serving the dual purpose of providing false intelligence and helping identify the culprit.

    The DARPA funded technology comes out of Columbia University, and you can try it out yourself, generating fake PDFs and Word documents for your home computer that'll ping you if they're opened. Taking it for a spin pretty quickly shows some of the problems of the system. It's recommended you open the document yourself first to give it the permissions to contact the server so it doesn't alert potential data thieves in the future — wouldn't that alert still pop up if they pulled up on a different computer? The documents also don't call home from Mac OS, which is fine if you're running a large network of PCs, but not so useful for everyone's home machine.

    But by far the biggest drawback from this tech is the possibility of false positives. If you seed a folder full of documents with a large number of fakes, how often do you think an authorized user will accidentally double click on the wrong file? And what if they act on the false information? Sure, this will prevent hackers from blindly trusting that every document on a server is correct, but we bet it won't take much to look into the code of a document and spot the fake, either.