Comment by cmarschner

For one of my first jobs I negotiated a better offer because "strings" on the document revealed the previous offer they'd sent out, and made me confident I could ask for more.

Though, makes me wonder if someone has intentionally sent out offers like that with lower numbers to make people think they're outsmarting them.

Similarly, I’ve been sent PDF proposal letters by my customers with redacted pricing from my competitors so I can compare the scope against mine. A simple unflatten reveals the price along with the scope.

A famous case where this came into play was one of the Infowars defamation suits. Alex Jones’s lawyer accidentally sent the families’ lawyer the full contents of a phone backup. They notified Jones’s lawyer, and gave him some time to reply. After that time elapsed, the whole dump was considered fair game.

This is the moment when that mistake was revealed in court: https://youtu.be/pgxZSBfGXUM and this is the hearing for the emergency motion to suppress that data: https://youtu.be/dKbAmNwbiMk

> But anyone can visually examine this.

Can they? In principle it could be the difference between RGB 0.0,0.0,0.0 and RGB 0.004,0.0,0.0, that could be very difficult to visually see, but an algorithm could unmask the data with some correlation.

If you do it digitally and then map the material to black-and-white bitmap, then that you can actually virtually examine.

> Contrast that with a digital redation. You have to trust the tool works.

While true, I think the key problem is that the tools used were not made for digital redaction. If they were I would be quite a bit more confident that they would also work properly.

Seems like there could be a product for this domain.. And after some googling, it appears there is.

> anyone can visually examine this.

They can't, if the variations are subtle enough. For example, many people are oblivious to the fact that one can extract audio from objects captured on mute video, due to tiny vibrations.

Analog is the worse option here. Simple screenshot of 100% black bar would be what a smart lazy person would do.

Europol is nothing next to Natasha in accounting

Yes.

This wasn't a fuck-up though was it?

Knowing they would die in the attack, the terrorists just didn't care if their identities were known.

> but they seemed to disagree with the most harmful Trump policies as well.

I imagine Republicans such as this still populate a majority of the house and Senate. If they disagree, they are sure making an effort to do so silently.

You don't need to be the smartest person when you're pointing a big gun at someone.

Yeah I mean, orchestrating an assassination in a federal prison of a guy the whole world is watching, and never even so much as a whiff of a leak? Because how do you contain that without whacking everyone involved (which we would know about)? You don't. Not without teleportation, time-travel, or at the very least post-hypnotic suggestion.

Oh he's smart AF, all right.

I'm not so sure it's about knowing his own limitations, rather it's about building a reliable process and trusting that process more than either technology or people.

Any process that relies on 100% accuracy from either people or technology will eventually fail. It's just a basic matter of statistics. However, there are processes that CAN, at least in theory, be 100% effective.

So following that strange logic if a dumb person knows he's dumb, he's suddenly become intelligent? Or is that impossible by your peculiar definition of intelligence?

> someone understanding the limits of the people they delegate to, and putting in a process so that delegation to even a very dumb person still has successful

Oh, man, is he the only smart person in the whole department of >100k employees and an >x contractors??? What other fantasy do you need to believe in to excuse the flaws? Also, if he's so smart why didn't he, you know, hire someone smart for the job?

> even a very dumb person still has successful

Except it's easier to make mistakes following his process for both smart and dumb people, not be successful!

> Actual smart people know that the process is more important

So he's not actually smart according to your own definition because the process he has set up was bad, so he apparently did not know it was important to set it up better?

> important than the minutiae

Demanding only paper redactions is that minutiae.

If the word you need to redact is also an English verb there is a risk that you accidentally mark the name of person in a context where that redacted word has a clear meaning in that context and can be used as a proof that such a term has been accidentally redacted because a large scale search&mark has taken place.

According to a random dictionary I found:

To trump. Verb. Surpass (something) by saying or doing something better.

You process doesn't make sense, why wouldn't you just black box redact right away and print and scan? What does underline then ink give you? But it's also not the process described in the blog

> that's very difficult to unintentionally screw up.

You've already screwed up by leaking length and risking errors in manual search&replace

>Sure you can. Search and somehow mark the text (underline or similar) to make keywords hard to miss. Then proceed with the manual print, expunge, scan process.

I suppose a global search/replace to mark text for redaction as an initial step might not be a bad idea, but if one needs to make sure it's correct, that's not enough.

Don't bother with soft copy at all. Print a copy and have multiple individuals manually make redactions to the same copy with different color inks.

Once that initial phase is complete, partner up persons who didn't do the initial redactions review the paper text with the extant redactions and go through the documents together (each with their own copy of the same redactions), verbally and in ink noting redactions as well as text that should be redacted but isn't.

That process could then be repeated with different people to ensure nothing was missed.

We used to call this "proofreading" in the context of reports and other documents provided as work product to clients. It looks really bad when the product for which you're charging five to six figures isn't correct.

The use case was different, but the efficacy of such a process is perfect for something like redactions as well.

And yes, we had word processing and layout software which included search and replace. But if correctness is required, that's not good enough -- a word could be misspelled and missed by the search/replace, and/or a half dozen other ways an automated process could go wrong and either miss a redaction or redact something that shouldn't be.

As for the time and attention required, I suppose that depends upon how important it is to get right.

Is such a process necessary for all documents? No.

That said, if correctness is a priority, four (or more) text processing engines (human brains, in this case) with a set of engines working in tandem and other sets of engines working serially and independently to verify/correct any errors or omissions is an excellent process for ensuring the correctness of text.

I'd point out that the above process is one that's proven reliable over decades, even centuries -- and doesn't require exact strings or regular expressions.

Edit: Fixed prose ("other documents be provided" --> "other documents provided").

> This is the only weakness of Barr's method.

Of course it isn't, the other weakness you just dismiss is the higher risk of failed searches. People already fail with digital, it's even harder to do in print or translate digital to print (something a machine can do with 100% precision, now you've introduced a human error)

> At the end of the day, you need people who understand the context

Before the end of the day there is also the whole day, and if you have to waste the attention of such people on doing ink redactions instead of dedicating all of their time to focused reading, you're just adding mistakes for no benefit

You'd need to increase it a lot, lest the surrounding text be inferred from context.

But that's a destructive operation!

I mean, sure, you can make the whole paragraph/page blank, but presumably the goal is to share the report removing only the necessary minimum?