December 23, 2025

Black boxes, big oops

Article URL →HN comments →

X-ray: a Python library for finding bad redactions in PDF documents

New tool exposes sloppy PDF blackouts—commenters roast the redactors

TLDR: X-ray is a tool that catches botched PDF redactions where text is still readable under black boxes. Commenters are roasting sloppy practices, debating AI-led redactions versus proper tools, and warning that poorly hidden secrets can leak—making x-ray a timely fix for public trust and privacy.

The Free Law Project just dropped “x-ray,” a tiny tool with big drama: it spots PDFs where the “black box” isn’t actually hiding anything. Cue the comments going nuclear. Some say this surged because recent Epstein case files were “redacted” by literally drawing a box on top—meaning you could still copy-paste the supposedly hidden text. Others turned their fire on government agencies, with one commenter laughing that the Department of Justice didn’t flatten layers so secrets slipped through. Oof.

Professionals clapped back: this isn’t a conspiracy, it’s user error. “Use Adobe Pro properly,” they say—mark, review, apply. Simple. Meanwhile, the AI crowd jumped in proposing “objective” machine redactions with human review, sparking a fight over whether algorithms should decide what stays secret. The project’s creator chimed in: of all their huge projects, this quick tool is going mega-viral, and they used Amazon’s cloud to blitz millions of documents in CourtListener from Free Law Project.

Memes flew fast, with folks riffing on the sample outputs—like x-ray revealing Lord of the Rings lines (“Aragorn is the one true king”) and joking “you had one job.” The vibe: some redactions are just paint jobs, and x-ray is the community’s new flashlight. Whether it’s incompetence or intent, everyone agrees: if secrets aren’t actually hidden, the internet will find them.

Key Points

  • x-ray is a Python library and CLI that detects improperly redacted PDFs by identifying solid-color overlays covering selectable text.
  • Installation is available via Poetry (poetry add x-ray) or pip (pip install x-ray), with support for local files and HTTPS URLs.
  • CLI output is JSON mapping pages to lists of bounding boxes and the underlying text of suspected bad redactions; results can be processed with tools like jq.
  • The Python API (xray.inspect) accepts local paths (str/Pathlib), HTTPS URLs (str), or in-memory bytes; passing a file path as bytes will fail.
  • Internally, x-ray uses PyMuPDF to find rectangles and letters, render rectangles, and flag uniform-color rectangles over text as bad redactions.

Hottest takes

“Hilarious that DOJ didn’t flatten the layers so you can unredact stuff.” — gigatexal
“Adobe Pro, when used properly, will redact anything in a PDF permanently.” — unfocused
“have it redact documents according to an objective standard.” — IceHegel

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.