The Danger

Imagine you're an employee at the Washington Township Nuclear facility in Bergen County, NJ. You've discovered a conspiracy to cover up a secret project, and plan to leak the evidence to the Nuclear Regulatory Commission.

Your manager has sent you an email which you intend to include in the leak, but could it reveal your identity? Copy the email below, and paste it into the form to see if it contains hidden fingerprinting.

Reminder ‌​‌‌‌​‌​‍‌​​‌​​‌​‍‌​​​‌‌‌‌‍‌​​‌​​‌‌‍‌​​‌​​​​‍‌​​​​‌‌​‍‌​​‌‌​‌​‍‌​​‌‌​‌​‍‌‌​‌‌‌‌‌‍‌‌​​​‌‌‌‍‌‌​​‌‌​‌‍‌‌​​‌‌​‌‍‌‌​​‌​​​‍‌‌​​‌‌​​to all employees, sub-level 6 is a restricted area. If you attempt to access that level, it will be considered a violation of your employment contract, and you will be terminated immediately.

Uh-oh. The email contains zero-width hidden content: If you had leaked this email, and it were digitally published, your identity would be revealed to your employer. Game over.

The Solution

Paste the example email into the form below, and non-standard characters will be flagged.

International Support: Chinese, English, Korean, Russian, and Devanagari.

What The FAQ

Who created this project, and why should I trust you?

Nefarious Laboratories is a data privacy firm in NYC. We design free security solutions because we believe in supporting the greater good. Every line of our open source code is written by hand.

Could someone defeat this solution?

Fingertrap uses a "default deny" posture by matching all input against a predefined character set. If the input doesn't match the character set, it gets flagged. We consider this a reasonably future-proof solution.

Privacy Policy

TL;DR: We don't want your data, so we don't record it. You won't find any sketchy legal terms here.

Effective Sep 1, 2019 - This privacy policy ("Policy") covers how information ("Information") on this website ("Site") is handled. This Policy does not apply to external entities, including government agencies and service providers who may intercept data transmissions between you and the Site.

Privacy By Design
To ensure your privacy, this Site does not collect any Information, including visitor data or metadata. All server-side logging has been permanently disabled, preventing collection of data such as date and time of access. The Site was carefully developed by hand, and does not use third-party software, analytics, or cookies.

The Site was designed in accordance with DOJ Section §508 best practices for the visually impaired, including large print, high contrast content, and plain text designed for text-to-speech software.

The Site has never received an order under Section 215 of the USA Patriot Act. The Site has never received any order from law enforcement or federal agencies.

Protection of Copyright Holders
In accordance with the Digital Millennium Copyright Act of 1998, NefLabs does not disseminate technologies, devices, or services intended to circumvent measures that control access to copyrighted works. All Site content is copyright BY-NC 4.0 for fair use with attribution.

External Links
The Site contains hyperlinks to other websites. The Site is not responsible for the privacy practices of such other websites. Visitors are encouraged to be aware when they leave this Site, and to read the privacy policies of other websites.