×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Xerox Confirms To David Kriesel Number Mangling Occuring On Factory Settings

timothy posted about 8 months ago | from the try-copying-20-or-30-times dept.

Bug 163

An anonymous reader writes with a followup to last week's report that certain Xerox scanners and copiers could alter numbers as they scanned documents: "In the second Xerox press statement, Rick Dastin, Vice President at Xerox Corporation, stated: 'You will not see a character substitution issue when scanning with the factory default settings.' In contrast, David Kriesel, who brought up the issue in the first place, was able to replicate the issue with the very same factory settings. This might be a serious problem now. Not only does the problem occur using default settings and everyone may be affected, additionally, their press statements may have misled customers. Xerox replicated the issue by following Kriesel's instructions, later confirming it to Kriesel. Whole image segments seem to be copied around the scanned data. There is also a new Xerox statement out now." Swapping numbers while copying may seem like bizarre behavior for a copier, but In comments on the previous posting, several readers pointed out that Xerox was aware of the problem, and acknowledged it in the machine's documentation; the software updates promised should be welcome news to anyone who expects a copier to faithfully reproduce important numbers.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

163 comments

Sucky thing about digital (1)

Anonymous Coward | about 8 months ago | (#44530109)

The old analog process never had this problem.

Re:Sucky thing about digital (0, Flamebait)

Dwedit (232252) | about 8 months ago | (#44530137)

The old analog process had nowhere to put the scanned image except onto another piece of paper. This is about scanning and performing bad lossy compression on the scanned documents badly, not copying. Copying is still high quality.

Re:Sucky thing about digital (3, Insightful)

Anonymous Coward | about 8 months ago | (#44530185)

Dude, read the thread linked in the summary, copying doesn't even work right.

Re:Sucky thing about digital (5, Funny)

Anonymous Coward | about 8 months ago | (#44530975)

Dude, read the thread linked in the summary, copying doesn't even work right.

Says you. I advised one of my clients to get one of these machines when this issue was first made public. This "feature" gives them plausible deniability for the numbers in their documents to be wrong when they submit them to various entities.

I should send a big bouquet of flowers to Xerox. Falsifying documents is not falsifying documents when the copier does it.

Re:Sucky thing about digital (5, Informative)

Gaygirlie (1657131) | about 8 months ago | (#44530229)

Copying is still high quality.

Incorrect. The way these Xerox - machines work is that they first scan the document, then compress it and store it on the storage medium, and then use that compressed file to print out the copy from. It's braindead.

Re:Sucky thing about digital (-1)

Anonymous Coward | about 8 months ago | (#44530321)

Hurr durr. Thanks hideous trans-beast!

Do you work for Xerox? (0)

Anonymous Coward | about 8 months ago | (#44530539)

I'm not saying that you're wrong, but I would like to know how reliable your information is.

Do you work, or have you worked, directly for Xerox on these sorts of products?

If you have not, how did you come upon this information? Is it based on actual specifications or design documents? Or is it based on speculation?

Re:Do you work for Xerox? (3, Insightful)

Gaygirlie (1657131) | about 8 months ago | (#44530623)

Do you work, or have you worked, directly for Xerox on these sorts of products?

No, but I do possess a skill most people in this modern world seem not to possess: I can read stuff.

If you have not, how did you come upon this information? Is it based on actual specifications or design documents? Or is it based on speculation?

http://arstechnica.com/information-technology/2013/08/confused-photocopiers-randomly-rewriting-scanned-documents/ [arstechnica.com]

Re:Do you work for Xerox? (0)

Anonymous Coward | about 8 months ago | (#44530757)

Read the article again. From the description in the article, it's clear that the author was using the device as a scanner, not a photocopier. Nothing in that article says that the photocopier is compressing the images during a routine copy operation.

Re: Do you work for Xerox? (5, Informative)

Anonymous Coward | about 8 months ago | (#44530797)

I am a Xerox technician.

Yes, some models store and compress jobs before printing.

Where does it say that in that article? (0)

Anonymous Coward | about 8 months ago | (#44530829)

Are you sure that you read the article?

Please quote the exact sentence or sentences that describe that the machines operate as you claim they do. I expect to see explicit references to the scanning process, the storage to some storage medium, the compression, and the printing based on that compressed and stored representation.

I do not see the words "store" anywhere on that page. The words "storage" and "print" do appear, but they are outside of the article in completely unrelated text.

Please just come out and admit that your claims are not reliable, and that they are based on pure speculation, if that is indeed the case (as it does appear to be).

Re:Where does it say that in that article? (0)

Anonymous Coward | about 8 months ago | (#44530911)

Please come out and admit ... You do know that phrase makes you sound like a pedantic twit, don't you?

This is information that is readily found by some simple Googling. Start here: http://en.wikipedia.org/wiki/Photocopier#Digital_technology [wikipedia.org]

As the article notes, many modern copiers operate exactly as the parent described - copying is just the linking of scanning and printing. My cheap all-in-one at home does this. And many of the larger copiers have hard drives for collating and re-printing (see: http://bucks.blogs.nytimes.com/2010/06/01/why-photocopiers-have-hard-drives/ [nytimes.com]).

Re:Where does it say that in that article? (2)

gl4ss (559668) | about 8 months ago | (#44531549)

it doesn't happen on high quality though.

why it would copy at other than high quality is anyones guess..

Re:Sucky thing about digital (3, Funny)

flyingfsck (986395) | about 8 months ago | (#44531659)

It is not brain dead. It is the only way the copier can efficiently forward the image to the NSA.

Re:Sucky thing about digital (2)

shentino (1139071) | about 8 months ago | (#44531879)

Oh lovely, the copier can not only spy on me, it can actually frame me by number fiddling and handing off bogus evidence to the spooks?

Re:Sucky thing about digital (0)

Anonymous Coward | about 8 months ago | (#44531749)

Not according to Q2: http://www.xerox.com/assets/pdf/ScanningQAincludingAppendixA.pdf

Notify Xerox First (-1)

Anonymous Coward | about 8 months ago | (#44530209)

Did this tool try to notify Xerox first or did he just start shouting from the mountain tops?

It isn't a security issue so the only purpose served by his going public without him contacting Xerox is to stroke his ego.

How would any of you like it if someone found a bug in your stuff and instead of notifying you, went to your managers and bad mouthed you?

You'd think he was a prick.

Re:Notify Xerox First (3, Insightful)

Gaygirlie (1657131) | about 8 months ago | (#44530233)

Yes, he did. If you'd care to read the story you would've known the answer without having to ask here and then complain about something that's not even applicable here.

Re:Notify Xerox First (4, Insightful)

Rob the Bold (788862) | about 8 months ago | (#44530273)

Did this tool try to notify Xerox first or did he just start shouting from the mountain tops?

It isn't a security issue so the only purpose served by his going public without him contacting Xerox is to stroke his ego.

How would any of you like it if someone found a bug in your stuff and instead of notifying you, went to your managers and bad mouthed you?

You'd think he was a prick.

Why does he owe this courtesy to Xerox? Xerox isn't his coworker, Xerox doesn't have feelings. Xerox is a corporation. And corporations don't always fix problems, even serious ones, until they receive wider attention.

So should he have quietly alerted Xerox, then monitored their progress in fixing the problem, keeping the company apprised of how it was doing -- sort of an unpaid QA position? I guess that's an option, but not the only acceptable one.

Re:Notify Xerox First (1)

Anonymous Coward | about 8 months ago | (#44530573)

As if people with the affected equipment might want to know, right? Why does Xerox's "feelings" even matter in all of this?

Re:Notify Xerox First (3, Informative)

ThreeKelvin (2024342) | about 8 months ago | (#44530357)

It isn't a security issue so the only purpose served by his going public without him contacting Xerox is to stroke his ego.

It isn't a security problem? Seriously?

What if a doctor copies a prescription or your medical journal? Government officials copies personal information for use with a visa? Police officers copies statements? Or any other place where you'd want to copy something, that must be copied correctly?

Sure, it's not a computer security issue, but it's definitly, among other things, a security issue.

Re:Notify Xerox First (1)

moosehooey (953907) | about 8 months ago | (#44530411)

It's not a security problem in the sense that people knowing about it won't be able to exploit it. In other words, public knowledge of the problem won't hurt security any more than it already has been, which is what the earlier post was talking about.

Re:Notify Xerox First (1)

Anonymous Coward | about 8 months ago | (#44530447)

But public knowledge of this may save a few lives, when the doctor first checks if all the numbers are copied correctly before handing it to another doctor.

Re:Notify Xerox First (2)

Rob the Bold (788862) | about 8 months ago | (#44530515)

It's not a security problem in the sense that people knowing about it won't be able to exploit it. In other words, public knowledge of the problem won't hurt security any more than it already has been, which is what the earlier post was talking about.

First, I do understand your point regarding the common usage of "security" in this domain. However, the term "security" can also mean "safety," although in English "security" is more commonly used to freedom or protection from malicious harm or loss and "safety" is commonly taken to mean protection from accident or nature. (Paging pedants to show just how stupid and wrong I am.) Moreover, in some languages, the English words "safety" and "security" translate the same.

Re:Notify Xerox First (1)

mwvdlee (775178) | about 8 months ago | (#44530639)

You seriously think nobody will be able to exploit this problem?

Re:Notify Xerox First (1)

Rockoon (1252108) | about 8 months ago | (#44530921)

It does seem to me that you would be able to intentionally create specific errors in parts of documents as long as you had carte-blanch control over the contents of other parts of it.

Re:Notify Xerox First (1)

dos1 (2950945) | about 8 months ago | (#44530691)

Actually, this is the case when earlier disclosure helps security, because when more people are aware of this problem, more people will take action to prevent it from happening (like setting higher quality setting as default).

Re:Notify Xerox First (2)

Dishevel (1105119) | about 8 months ago | (#44530625)

My guess is that you did not spend any time at all thinking about this before you came up with your position on this.

Kudos though for spending so much time thinking of how to validate your horribly thought out position.

They reason that you come forward quietly to a corp before going public on a real security issue is so that the bad guys do not exploit it while the company makes a patch. People knowing about this issue before a patch can only help the issue.

On top of that Xerox knew about this problem already and were just keeping a lid on it.

If you are a paid Xerox shill then you are a failure at your job. Otherwise you are just an idiot.

Re:Notify Xerox First (0)

ThreeKelvin (2024342) | about 8 months ago | (#44531245)

Sorry, what?

Re:Notify Xerox First (1)

Dishevel (1105119) | about 8 months ago | (#44531489)

I guess we all know which it is now.

Re:Notify Xerox First (1)

ThreeKelvin (2024342) | about 8 months ago | (#44531775)

You've got to elaborate a bit more than the short, uninformative sentences that you put up. What are you talking about? What is this "horribly thought out position" that you accuse me of having?

Let me break it down for you. You accuse me of being either:
a) a shill, or
b) an idiot,
even though I've pointed out some of the safety issues that stem from not being able to correctly copy when it would be assumed that you could, and by extension critizised Xerox (the company) for not comming forward with this, when they, as you put it "sat on the information".

Now, as dos1 pointed out above:

Actually, this is the case when earlier disclosure helps security, because when more people are aware of this problem, more people will take action to prevent it from happening (like setting higher quality setting as default).

So, again I must say: sorry, what?

Re:Notify Xerox First (1)

HybridST (894157) | about 8 months ago | (#44530513)

"How would any of you like it if someone
found a bug in your stuff and instead of
notifying you, went to your managers and
bad mouthed you?"

This is exactly what happens in most industries from food service, retail, transport(like my driving? Call...), and manufacturing. I'm sure there are more examples too but these are just some of the fields in which I have been a direct employee or as a manager where I was able to participate in the complaint process as a third-party observer more than a few times as coworkers had complaints placed against them.

Why should IT or large scale industry be any different?

Re:Notify Xerox First (0)

Anonymous Coward | about 8 months ago | (#44530567)

Did this tool try to notify Xerox first or did he just start shouting from the mountain tops?

Because since Xerox knows they used lossy compression in a copier, they already know to not ever use or buy Xerox copiers. It's the public who still needs to know. ;-)

Re:Notify Xerox First (5, Insightful)

Arrogant-Bastard (141720) | about 8 months ago | (#44530587)

Your are making the mistake of imagining that the person who discovered this flaw owes Xerox something.

He does not.

He discovered the information, and he is free to (a) remain silent (b) tell Xerox (c) tell the press (d) tell everyone (e-z) anything else he likes. He might CHOOSE (b) but he is certainly under no obligation to do so, and it is of course incorrect for anyone to fault him if he does not choose (b).

We see this same mistake being made by the inferior minds who advocate the farsical concept of "responsible disclosure" when it comes to security issues. There is no such thing. There never has been. It's simply a fabrication by the mouthpieces of corporations who fret about bad publicity or negative impact on their stock price. Those who say they practice it are conceited and arrogant: they are making the foolish mistake of presuming that they, and they alone, possess this information, even though that's almost certainly not true. (What one can discover, another can discover.)

In all these cases, what we find are people who are afraid of the truth. They are afraid to speak it, afraid to hear it, afraid to have it propagated, afraid that others may have it: afraid, afraid, afraid. This is antithetical to the scientific method, to free speech, to forward progress: we must have the truth, no matter how inconvenient or unpleasant, if we're going to get anywhere.

I'm sure that some of the people at Xerox are furious about this. That's just too damn bad. If they want to find the root cause of their anger, they should look in a mirror, as it is their incompetence, sloppiness, laziness and negligence that has made all this happen.

Re:Notify Xerox First (1)

shentino (1139071) | about 8 months ago | (#44531905)

Unless, as with the hackable door locks, someone sues for a gag order.

You might not owe a corporation favors, but they certainly can try to FORCE you to grant them.

responsible disclosure is a myth? (1)

locketine (1101453) | about 8 months ago | (#44531969)

I think everything else you wrote was good but in the case of disclosing security attack vectors, letting everyone know or only letting hackers know, before giving the company a chance to fix the security hole results in a great many more hackers using the attack vector than if it had been reported without public disclosure. We have no idea who figured out the attack vector first, the researcher could very possibly be first, or be one of the first, to discover it. Do hackers always share attack vectors with other hackers immediately after finding them?

Security bugs are very different from functionality bugs and should not be compared. Similarly the disclosure of these bugs should follow different paths.

Re:Notify Xerox First (0)

Anonymous Coward | about 8 months ago | (#44530677)

RTFA

I found myself between a rock and a hard place now. On one hand, I did not intend to do any harm to Xerox, so I had to have these findings verified and make sure I was not wrong. On the other hand, I knew this had to be published. As a tradeoff, I have not been publishing the findings right away, but informed Francis Tse, Imaging System Architect at Xerox Corporation first, however I kept nagging stating I wanted to publish within a few hours. As a result, we have been in close contact the last hours (I even ditched a friend of mine on his birthday party) and I sent Mr. Tse

Re:Sucky thing about digital (2)

phrostie (121428) | about 8 months ago | (#44530449)

this could really suck if you are copying documentation for a critial process.
medical, aerospace, building construction,,,

Important number (5, Funny)

fustakrakich (1673220) | about 8 months ago | (#44530135)

69 dude!

Now if 6 turned out to be 9,
I don't mind, I don't mind, ...if all the hippies cut off all their hair,
I don't care, I don't care.
Dig, 'cos I got my own world to live through
And I ain't gonna copy you.

My reaction: (2)

Futurepower(R) (558542) | about 8 months ago | (#44530139)

What???? A copier changes numbers? A copier is supposed to copy.

Re:My reaction: (5, Informative)

squiggleslash (241428) | about 8 months ago | (#44532049)

It's the scanner bit. Basically it applies a heavy amount of compression to the final result by looking for blocks that match and duplicating them. Which is all fine until the copier sees what it thinks is a 0 but is actually an 8.

A shame (0)

Anonymous Coward | about 8 months ago | (#44530145)

to see Xerox fall to this kind of hand-waving. Mr Rick should either publicly apologize or leave his post. You might say this event does not warrant such a response, however i argue that it does.

Guess where the R*AA got their numbers... (0)

Anonymous Coward | about 8 months ago | (#44530203)

from a copied report that changed a 3 to an 8....

Frightning photocopier (1)

SpaceMonkies (2868125) | about 8 months ago | (#44530213)

Am I the only one who finds this truly frightning; that the photocopier has a bug in a sub system that is basically reading the content of the documents being photocopied? I didn't even know photocopiers did this normally. This is another prime example of how organizations like the NSA can theoretically get their fingers into cracks we didn't even know existed. I would never have thought that something I photocopy could be intercepted, but apparently it can. The bug part of this issue is just a small thing relative to the larger issue, IMHO!

By the way, I read in another comment about the new slashdot ipad app [apple.com]. I'm posting this comment from it. What a breath of fresh air compared to the slashdot mobile site!

Re:Frightning photocopier (1)

Gaygirlie (1657131) | about 8 months ago | (#44530251)

Am I the only one who finds this truly frightning; that the photocopier has a bug in a sub system that is basically reading the content of the documents being photocopied?

Lose the tinfoil. The copier isn't "reading" the document, it's simply compressing the document and storing it. The compression-method works by splitting the document into lots of smaller rectangles, then trying to find rectangles that look similar and then only storing the one, single rectangle and just copying that to the other areas when decompressing.

Re: Frightning photocopier (0)

Anonymous Coward | about 8 months ago | (#44530317)

If it isn't reading the document, how do you think it can detect that you are copying money and stop you?

Re:Frightning photocopier (1)

HWguy (147772) | about 8 months ago | (#44530319)

I'm not sure he should lose the tinfoil. Perhaps still crinkle it in his hands. People are retrieving documents from the copier storage. Considering how often security holes are found in networked devices, it isn't outside the bounds of believability that someone could read copied documents.

(PDF) http://www.willassen.no/svein/pub/copier-en.pdf

Re:Frightning photocopier (1)

Gaygirlie (1657131) | about 8 months ago | (#44530363)

People are retrieving documents from the copier storage.

Oh, I know. Industry spies and hackers often try to acquire used copiers exactly with the hopes that the seller forgot to empty the storage medium. The documents stored can be worth tens of thousands of bucks in the right hands. Alas, that's a completely separate issue from what the OP was complaining about.

A security flaw [Re:Frightning photocopier] (2)

Geoffrey.landis (926948) | about 8 months ago | (#44530331)

Am I the only one who finds this truly frightning; that the photocopier has a bug in a sub system that is basically reading the content of the documents being photocopied?

Yes, you should find that frightening. That's not new, though, pretty much all photocopiers these days don't actually "photocopy" the document, they scan it to memory and then print the scan. Your documents are saved to memory on the photocopier. Yep, that's a security flaw.

http://www.thedailygreen.com/environmental-news/latest/digital-copier-security-461009 [thedailygreen.com]
http://www.cbsnews.com/8301-18563_162-6412439.html [cbsnews.com]
http://message.snopes.com/showthread.php?t=60313 [snopes.com]

Re: Frightning photocopier (1)

gerf (532474) | about 8 months ago | (#44530695)

Actually, the CIA did bug copiers for a while. This exploit has nothing to do with that kind of exploit.

Re:Frightning photocopier (1)

Anonymous Coward | about 8 months ago | (#44530275)

You can set it to OCR your document but that is not the problem described here.

What is happening here is the image compression that is done, which compares pieces of the image together, when it find something that looks similar enough it only stores one of those pieces and duplicates the rest. An 8 and a 6 look alike enough for the compression algorithm to only store the image of a 8 once, en copy it anywhere it finds an 8 and a 6. It will also happen with other shapes, like symbols on a construction drawing, or electrical diagrams.

According to the documentation for this copier, this happens when the compression is set to "normal" and "low quality"; "normal" is the factory default. Strange that they took the time to write in the documentation that these compression settings would cause these exact problems, but then also make them the factory default.

Also during the direct copying process: The image is scanned, compressed, stored, and printed. There is no direct scan to printer path without compression.

Re:Frightning photocopier (1)

Anonymous Coward | about 8 months ago | (#44530349)

Interesting. At work we have hundreds of the affected workcenter machines. When the story first broke, we asked Xerox about it and were given a statement that said that users would have to change the settings to non-default settings and that this same thing affected all copiers from all vendors. I didn't believe it at the time, but of course that was enough for management to think the issue was trivial and not going to affect us.

Re:Frightning photocopier (1)

rnturn (11092) | about 8 months ago | (#44530935)

We used Xerox WorkCentre copiers heavily where I used to work, using them to scan/transmit change documents back and forth for signatures before doing anything to FDA validated systems. And the folks at work used to wonder why I would always set the image quality to the highest setting -- something like "SuperFine" -- before pressing "Send" (and then requesting others to do the same). I always did it because I hated trying to read the blurry quality you got from "Normal" ("Low" was not even an option for me). Looks like I might have accidentally avoided this problem ($DIETY I hope so). Maybe the only time having bad eyesight came in handy.

I'm left wondering what the compression even does for the copier. It's not like having the compressed image inside the copier speeds up the printing process; it would need to be uncompressed before printing. I'm guessing that the compression is done to speed up the transmission process to other machines (other Xerox copiers or plain 'ol fax machines) and, if it's being done for plain copies you are making, it's because it simplified the internal processing, i.e., rather than having to decide "local copy -> don't compress, copy destined to remote machine -> compress" they decided to compress for everything. While what they're doing now must have seemed like a good idea at the time it certainly looks like they're going to need to switch to a different method of compression.

Re: Frightning photocopier (0)

Anonymous Coward | about 8 months ago | (#44530961)

What feature of that app requires ios6?

Everything you thought you knew... (5, Insightful)

Shavano (2541114) | about 8 months ago | (#44530253)

The potential for damage with this kind of error almost can't be overstated. Besides errors in billing, construction, manufacture or products, medicine dosages, etc. already outlined, there are other likely problems:

Publications may contain wrong data.

Scientific conclusions may be based on wrong data.

Government policy may be based on wrong data.

Money may go to wrong accounts or be taken from wrong accounts.

You think you paid your taxes? The government may not agree.

Re:Everything you thought you knew... (1)

Geoffrey.landis (926948) | about 8 months ago | (#44530309)

The potential for damage with this kind of error almost can't be overstated. ...

You think you paid your taxes? The government may not agree.

Exactly. I photocopy a lot of documents and put them in my files to substantiate finances. So, the numbers may have been changed and my photocopies aren't accurate.

Re:Everything you thought you knew... (2)

mrbester (200927) | about 8 months ago | (#44530409)

Doesn't this therefore render the copier as "unfit for purpose" and you can get a refund? The whole point of copiers is to make copies. The average user doesn't care how it does it, only that it does what the sales blurb says it does.

In any case, who would buy a copier knowing it doesn't actually copy? You wouldn't buy a phone that can't make calls until it gets a software update.

Re:Everything you thought you knew... (1)

Gaygirlie (1657131) | about 8 months ago | (#44530437)

Doesn't this therefore render the copier as "unfit for purpose" and you can get a refund?

I doubt it as the work-around is so easy: just change quality-settings from normal to high and the problem disappears. The factory default settings are obviously bad, but since the settings can be changed so easily I don't think it qualifies for the "unfit for purpose" - claim.

Re:Everything you thought you knew... (4, Insightful)

the_other_chewey (1119125) | about 8 months ago | (#44530815)

Doesn't this therefore render the copier as "unfit for purpose" and you can get a refund?

I doubt it as the work-around is so easy: just change quality-settings from normal to high and the problem disappears. The factory default settings are obviously bad, but since the settings can be changed so easily I don't think it qualifies for the "unfit for purpose" - claim.

You misunderstood the new findings:

  • - "high" is the factory setting
  • - it still replaces numbers

Re:Everything you thought you knew... (1)

stenvar (2789879) | about 8 months ago | (#44531235)

The potential for damage with this kind of error almost can't be overstated

Yes, it can be overstated. Normal sized print will not get altered by these compression algorithms. Substitutions only occur in data that a human would have trouble reading reliably to begin with. That kind of poor photocopy should never be used for any kind of important task, no matter what.

... may contain wrong data.

They always "may contain wrong data", that's why you need to triple-check and verify for anything that matters.

Re:Everything you thought you knew... (1)

fustakrakich (1673220) | about 8 months ago | (#44531415)

Scientific conclusions may be based on wrong data.

Uh-oh, I can see where this is going...

Government policy may be based on wrong data.

Hell, that goes without saying

Doing it wrong. (1)

MrMacman2u (831102) | about 8 months ago | (#44530353)

Time to buy a Ricoh.

At least they don't monkey with the compression to the level it actually distorts the image.

Shill (0)

Anonymous Coward | about 8 months ago | (#44530751)

Time to buy a Ricoh.

At least they don't monkey with the compression to the level it actually distorts the image.

Any compression at all, any modification at all, is unacceptable in a copier. How do you not get that?

Re:Shill (1)

Arkham (10779) | about 8 months ago | (#44531043)

Any compression at all, any modification at all, is unacceptable in a copier. How do you not get that?

That is an absurd position. There's no issue with lossless compression, and it's beneficial to the customer, because it allows you to scan and copy much larger documents without memory issues. The reason that this is a problem is that it's lossy compression algorithm that clearly is flawed.

Re:Shill (2)

reve_etrange (2377702) | about 8 months ago | (#44531529)

What's really bizarre is that they chose to invent some half-assed lossy compressor instead of using PNG (lossless) or JPEG (lossy, but a helluva lot better than their algorithm apparently).

Just glad to see them respond! (1)

Cprossu (736997) | about 8 months ago | (#44530377)

Back when I saw the first scanner based copiers roll out I'd thought we see something similar to this happen. Whenever you eliminate the analog signal path it becomes much easier to corrupt the thing in unnoticeable ways, even unintentionally! It's clearly the way to go, because of how much complexity it removes, but as soon as you start storing data on a medium and read it back you start having these problems, it only gets worse as you try and conserve that storage medium with compression or other tricks/hacks. It's just a fact of life in the digital age: the tradeoffs are still better than the previous way of doing things. (Well that is unless your name was "Mr. Buttle" and the ministry of information drilled a hole in your ceiling).

I am just really glad to see that Xerox is taking the initiative, working with closely with the person who found the problem, and opening it's doors to others who want to help out. It's all too often that a big company has a big obvious problem with a product and not only doesn't admit there's a problem, but refuses to help or work with those experiencing them.

Re:Just glad to see them respond! (0)

Anonymous Coward | about 8 months ago | (#44530497)

You act like analog signals somehow magically cannot be manipulated.

Re:Just glad to see them respond! (1)

Cprossu (736997) | about 8 months ago | (#44530733)

Not at all! heck the most analog paths are usually the most exploitable (man writing a copy of another written piece).

The point I was trying to make wasn't that an analog path isn't manipulatable but the fact that with a linear analog path that this kind of unintentional pattern replacement type of manipulation occurring differently though differing documents wouldn't have occurred or really even been possible.

I figured that people here could read in between the lines correctly though; An error in my judgement!

To bust out the old Louisville slugger though, this particular device saved space by taking one or more 'samples' of the document scanned and through some comparative algorithm reused these samples to aid in compression of the file. Probably due to this failing or performing a 99% match on a sample that might have been sampled before or multiple times depending on the circumstances ended up making the incorrect decision on what sample to use where. Thus the document 'copied' in this way is an entirely different piece of work than the one that went in. There is little chance of this happening with an analog signal path because of the linearity... what is there is what is there, not what is here someplace is put somewhere else multiple times in the same document.

Just being true to their image (0)

Anonymous Coward | about 8 months ago | (#44530525)

Remember when Xerox commercials featured a monk copying documents? Their ad agency was trying to humanize the company.

So all they've done now is add an algorithm for random human error. Just making the company more human... monks did that as well.

Couldn't duplicate errors (1)

ohieaux (2860669) | about 8 months ago | (#44530533)

We've got a XEROX 7556 in the office and I scanned several number heavy documents, with fonts as small as 6pt. I tried both the default and low res levels. Every number came out correct. Since we recently moved to paperless records (and we had 100's of thousands of multipage documents) I was a bit worried. I'm less worried than I was when the story first came out. Lets hope the upcoming fix doesn't slow the scanning process noticeably.

Re:Couldn't duplicate errors (0)

Anonymous Coward | about 8 months ago | (#44530619)

So you were scanning them from paper to digital format correct? The issue here is when copying the printer scans, compresses, and then uses the compression to reprint which is where the errors can come in.

xerox was not in denial (3, Funny)

swampfriend (2629073) | about 8 months ago | (#44530661)

They meant to admit this to the public last week, but their press release got its letters changed around for some reason...

Say goodby to Xerox (5, Interesting)

Steve1952 (651150) | about 8 months ago | (#44530721)

At the federal level, our entire legal system is based on the concept that a machine copy of a document is as good as the original. In addition to all the other problems pointed out by other readers -- engineering errors, medical errors, financial errors, this type of error also greatly harms our legal system as well. A problem since the legal system is essentially the operating system for our society. I don't see how Xerox is going to survive the wave of lawsuits that is going to follow. They need to immediately warn everyone to stop using their systems, and then recall all affected units. Going forward, I suspect that the name "Xerox" will now mean: "to mangle or randomly distort".

Its not good to fxck with numbers! (2)

AndronicusRhodos (2009652) | about 8 months ago | (#44530735)

Numbers are the bedrock of the capitalist regime. They are sacred. Do not transform them when copying them. Better to mangle words cause we all know they have semiotic plasticity anyway. But for the love of the capitalism and all it portends, please keep the numbers pure. That is all.

I expect a copier to copy an image (1)

msobkow (48369) | about 8 months ago | (#44530813)

I expect a copier to copy an image of the page, not to perform an OCR scan and reprint it.

What's next? An NSA back door so the scanned text can be fired off to the US spy network?

Re:I expect a copier to copy an image (0)

Anonymous Coward | about 8 months ago | (#44530991)

No, that was first. They already block scanning money.

When DRM goes Wrong (0)

Anonymous Coward | about 8 months ago | (#44530865)

I wonder if this is caused by an anti-copy feature that just hits the innocent.
Nobody learns from others mistakes, eh Xerox?

this FP f0r GNAA (-1)

Anonymous Coward | about 8 months ago | (#44530913)

worse and worse. As in ratio of 5 to downward spiral. In was 'in the tea I BSDI is also dead, there are only was after a long

What's the purpose of this compression? (0)

Anonymous Coward | about 8 months ago | (#44530971)

Could someone explain what the purpose of this compression is? There must be enough memory to copy without the heavy compression since there are high resolution presets with less compression also. Is this compression used as a way to lower the resolution? I don't see the added value of the compression at all.

This problem may affect more than just Xerox... (4, Informative)

Colin Douglas Howell (670559) | about 8 months ago | (#44531341)

An earlier blog posting from Kriesel on this issue says that a reader reported similar behavior from a Brother copier:

http://www.dkriesel.com/en/blog/2013/0808_number_mangling_not_a_xerox-only_issue [dkriesel.com]

And one of the comments to that posting says:

I have experimented with the open source jbig2enc library available at http://github.com/agl/jbig2enc [github.com], which has a encoding parameter called the “threshold”, described like this:

“sets the fraction of pixels which have to match in order for two symbols to be classed the same. This isn't strictly true, as there are other tests as well, but increasing this will generally increase the number of symbol classes”

The included command tool accepts values for this parameter between 0.4 and 0.9, with 0.85 as the default.

I have found replaced digits in single-page numerical tables encoded with this parameter set as high as 0.82. As with the other examples you have found, the errors are not in any ways obvious to the eye which is, of course, the real problem.

Since JBIG2 has been supported in PDF since 2001, it would be surprising if only Xerox have fallen into this trap.

HCL to the Rescue! (1)

turgid (580780) | about 8 months ago | (#44531481)

Just as well for Rick, he outsourced this work to HCL. They'll clean up the mess left by those lazy, grasping American engineers in no time at all!

document reproduction has always been an issue (1)

Anonymous Coward | about 8 months ago | (#44531557)

Thirty plus years as a professional engineer - the lifeblood is "blueprints". This has always been a significant issue, regardless of the technology involved, there WILL be reproduction errors. Be it because of dirt on the optics, spilled coffee on the originals, scratches on the mylar / sepia, or bad diazo paper; EVERYBODY with any sense knows to check and double check anything which does "not add up". Hence why checksum was developed for electronic data processing.
The worst is to try to use a pdf of a tiff of a pdf of a jpg of a ... ad infenitum; I WANT the original file translated into the oldest format available, preferrably human readable! With electronic signatures; but the suit weasels in industrial corporations use my PE status to make me the scapegoat for all their deliberate ignorance and just plain stupidity.
Time to Go Galt and let their progeny "pick grit with the chickens" (Sen. Al Simpson).

With memory so cheap... (0)

Anonymous Coward | about 8 months ago | (#44531699)

With memory so cheap, why not just store uncompressed bitmaps? Problem solved.

wtf?! (1)

shentino (1139071) | about 8 months ago | (#44531857)

The fact that this is even POSSIBLE makes me worry that there's covert firmware deliberately tampering with things.

First of all, how does it even know what a number *looks like*?

And how the hell does it SWAP numbers?

I've never known decompression artifacts to do that. It's just plain loony.

Something seems decidedly fishy here.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...