12.26.15

Gemini version available ♊︎

EPO Whistleblowing: How (Not) to Use Machines at the Office

Posted in Europe, Patents at 8:11 pm by Dr. Roy Schestowitz

Control Risks and EPOSummary: What Control Risks and the EPO’s management probably hope staff won’t know and therefore, potentially, self-incriminate

STAFF of the EPO, as we noted here a few days ago, no longer trusts phones at the Office, but what about the PCs and the printers? Thankfully, having inquired for a while, we have been able to gather some information and now is a good time to share it, for the safety of EPO workers who are under the vigilant eyes of Team Battistelli and unaccountable goons like Control Risks.

“Anyone who uses an EPO computer to do anything at all is in danger,” one reader told us.

“It is thus imperative that any file which is published isn’t 100% identical to the original, even if it was widely distributed internally in the first place.”
      –Anonymous
“It is pretty much established that ALL user computers at the EPO are equipped with key logging software,” said an anonymous person. This is apparently well understood by now. No wonder the atmosphere at work is so depressing. There have been studies conducted which explain the effect of never having any privacy, let alone a sense of privacy.

“I obviously couldn’t study the currently installed machines myself,” one reader told us, “but I trust my sources on this. The amount of data transmitted and stored is trivial, and putting myself in the skin of a spy, I would suppose that the logging includes the list of opened windows with the ID of the one in focus, with occasional screen captures. That’s fairly easy to implement.”

As some people put it, Windows is almost designed and even optimised for spying. There are many surveillance add-ons sold for it, and Vista 10 is spyware out of the box (for Microsoft to spy on every keypress and much more).

“There are commercial programs offered on the market that monitor and log any data traffic to and from attached USB ports.”
      –Anonymous
“Using hooks in the file system,” a reader of ours hypothesised, “you could also check whether someone uploads a file in Chrome or Firefox for transmission, e.g. in a webmail window, so you don’t even need to doctor and compromise the browsers.

“It would also be easy to scan EPO computers for an identical copy of any file which shows up on the Internet. Someone who would want to leak a document would have to store it on his/her local drive first, and that leaves traces. This wouldn’t require excessive resources if you work with file signatures computed hash functions.

“It is thus imperative that any file which is published isn’t 100% identical to the original, even if it was widely distributed internally in the first place.”

Obviously it would be unwise to use a computer at work for subversive activities in the first place. It’s safer to do so from home or some open network.

“I often work with bitmap conversions,” a person once advised us, “which strips all original metadata and of any stuff which could be easily hidden in PDFs. The Adobe format is ugly and complex, and provides PLENTY of opportunities for introducing side channels, e.g. orphan objects, extra entries in character coding vectors, or even the ordering of objects within a page, which PDF linearization wouldn’t defeat. Technically, you could still watermark a document using character kerning, which is harder to defeat with bitmap transformation, but this would require an infrastructure just for that, and that would require RATHER smart operators.”

“One can only send a document to one’s own e-mail address these days.”
      –Anonymous
Going back to the point about Windows, especially recent versions of it, it’s probably not wise to use it because spying is often done by numerous parties (including Microsoft) at the same time. Personal data is later being passed around or even sold.

One reader reminds us: “There are commercial programs offered on the market that monitor and log any data traffic to and from attached USB ports. It would be slightly safer to obfuscate a file before saving it to an USB stick, but there are still traces. I know of places who use these, but I don’t know if the EPO is among them. By the way, our beloved NSA files patents for “butt plugs” for insertion into USB ports.”

Just to complete the picture, someone told us that if people use the machines at the Office, then “Xerox” may appear in the document producer metadata and “chances are,” in such a case, “that the document was scanned on these high performance network printers which are widely used at the EPO. These used to be in open access, but current models require the user to present his ID badge in order to access the scan menu. One can only send a document to one’s own e-mail address these days.”

Our sources believe that computer keyboards are equipped with smart card readers, but we don’t know whether the smart card must be left inserted in order to work. In any case, the screen lock delay is quite short, so one can hardly use the excuse “someone must have entered my office when I went out to take a leak”.

Any public file produced by the Register or Espacenet is generated on the fly from internal bitmap images and contains metadata which could betray the IP of the requester, so sources would want to cleanse these too.

At Techrights we use various methods to eliminate or at least significantly reduce the risk of sources being found through metadata. Nevertheless, if during transmission there is identifying information and if Control Risks can observe the session, then there is risk of useful interception. We previously provided information on how to securely send data to us. Some of the above observations hopefully increase awareness of the traps and the weaknesses that are EPO-specific.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. The Committee on Patent Law (PLC) Informed About Overlooked Issues “Which Might Have a Bearing on the Validity of EPO Patents.”

    In a publication circulated or prepared last week the Central Staff Committee (CSC) of the EPO explains a situation never explored in so-called 'media' (the very little that's left of it)



  2. Links 6/12/2021: HowTos and Patents

    Links for the day



  3. IRC Proceedings: Sunday, December 05, 2021

    IRC logs for Sunday, December 05, 2021



  4. Gemini Space/Protocol: Taking IRC Logs to the Next Level

    Tonight we begin the migration to GemText for our daily IRC logs, having already made them available over gemini://



  5. Links 6/12/2021: Gnuastro 0.16 and Linux 5.16 RC4

    Links for the day



  6. Links 5/12/2021: Touchpad Gestures in XWayland

    Links for the day



  7. Society Needs to Take Back Computing, Data, and Networks

    Why GemText needs to become 'the new HTML' (but remain very simple) in order for cyberspace to be taken away from state-connected and military-funded corporations that spy on people and abuse society at large



  8. [Meme] Meanwhile in Austria...

    With lobbyists-led leadership one might be led to believe that a treaty strictly requiring ratification by the UK is somehow feasible (even if technically and legally it's moot already)



  9. The EPO's Web Site is a Parade of Endless Lies and Celebration of Gross Violations of the Law

    The EPO's noise site (formerly it had a "news" section, but it has not been honest for about a decade) is a torrent of lies, cover-up, and promotion of crimes; maybe the lies are obvious for everybody to see (at least EPO insiders), but nevertheless a rebuttal seems necessary



  10. The Letter EPO Management Does Not Want Applicants to See (or Respond to)

    A letter from the Munich Staff Committee at the EPO highlights the worrying extent of neglect of patent quality under Benoît Battistelli and António Campinos; the management of the EPO did not even bother replying to that letter (instead it was busy outsourcing the EPO to Microsoft)



  11. IRC Proceedings: Saturday, December 04, 2021

    IRC logs for Saturday, December 04, 2021



  12. EPO-Bribed IAM 'Media' Has Praised Quality, Which Even EPO Staff (Examiners) Does Not Praise

    It's easy to see something is terribly wrong when the people who do the actual work do not agree with the media's praise of their work (a praise motivated by a nefarious, alternate agenda)



  13. Tux Machines is 17.5 Years Old Today

    Tux Machines -- our 'sister site' for GNU/Linux news -- started in 2004. We're soon entering 2022.



  14. Approaching 100

    We'll soon have 100 files in Git; if that matters at all...



  15. Improving Gemini by Posting IRC Logs (and Scrollback) as GemText

    Our adoption of Gemini and of GemText increases; with nearly 100,000 page requests in the first 3 days of Decembe (over gemini://) it’s clear that the growing potential of the protocol is realised, hence the rapid growth too; Gemini is great for self-hosting, which is in turn essential when publishing suppressed and controversial information (subject to censorship through blackmail and other ‘creative’ means)



  16. Links 4/12/2021: IPFire 2.27 Core Update 162 and Genode OS Framework 21.11

    Links for the day



  17. Links 4/12/2021: Gedit Plans and More

    Links for the day



  18. Links 4/12/2021: Turnip Becomes Vulkan 1.1 Conformant

    Links for the day



  19. IRC Proceedings: Friday, December 03, 2021

    IRC logs for Friday, December 03, 2021



  20. Links 4/12/2021: EndeavourOS Atlantis, Krita 5.0.0 Beta 5, Istio 1.11.5, and Wine 6.23; International Day Against DRM (IDAD) on December 10th

    Links for the day



  21. Another Gemini Milestone: 1,500 Active Capsules

    This page from Balázs Botond plots a graph, based on these statistics that now (as of minutes ago) say: “We successfully connected recently to 1500 of them.” Less than a fortnight ago more than 1,800 capsules overall were registered by Lupa, almost quadrupling in a single year



  22. [Meme] António Campinos and Socialist Posturing

    Staff of the EPO isn’t as gullible as António Campinos needs it to be



  23. António Campinos as EPO President is Considered Worse Than Benoît Battistelli (in Some Regards) After 3.5 Years in Europe's Second-Largest Institution

    The EPO's demise at the hands of people who don't understand patents and don't care what the EPO exists for is a real crisis which European media is unwilling to even speak about; today we share some internal publications and comment on them



  24. Media Coverage for Sale

    Today we're highlighting a couple of new examples (there are many other examples which can be found any day of the year) demonstrating that the World Wide Web is like a corporate spamfarm in "news" clothing



  25. Links 3/12/2021: GNU Poke 1.4 and KDDockWidgets 1.5.0

    Links for the day



  26. IRC Proceedings: Thursday, December 02, 2021

    IRC logs for Thursday, December 02, 2021



  27. Links 3/12/2021: Nitrux 1.7.1 and Xen 4.16 Released

    Links for the day



  28. Links 2/12/2021: OpenSUSE Leap 15.4 Alpha, Qt Creator 6

    Links for the day



  29. The EPO's “Gender Awareness Report”

    There’s a new document with remarks by the EPO’s staff representatives and it concerns opportunities for women at the EPO — a longstanding issue



  30. IRC Proceedings: Wednesday, December 01, 2021

    IRC logs for Wednesday, December 01, 2021


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts