Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Interests > Tilted Technology


 
 
LinkBack Thread Tools
Old 08-18-2003, 01:59 PM   #1 (permalink)
I demand a better future
 
HeAtHeN's Avatar
 
Location: Great White North
Microsoft Word leaks your personal info!!!

Check out the full story here.

This is my fave quote in the article:


Quote:
The UK government has now largely abandoned Microsoft Word for official documents and has turned to documents created using Adobe Acrobat which uses the Portable Data Format (PDF).
Its been a bad week for Bill and Co.
__________________
Quote:
Isn't it enough to see that a garden is beautiful without having to believe that there are fairies at the bottom of it too?
Douglas Adams
HeAtHeN is offline  
Old 08-18-2003, 02:06 PM   #2 (permalink)
Junkie
 
For those that don't like clicking links
<hr>
The hidden dangers of documents


Your Microsoft Word document can give readers more information about you than you might think. Even Alastair Campbell has fallen foul of the snippets of invisible data few of us realise our documents contain.

Usually with Microsoft Word, what you see is what you get.

If you make a change to a document, then that is what you see when it gets printed out.

But in fact, in many cases it is what you cannot see at first glance that proves more interesting.

Hidden and dangerous

Analysis of hidden information in the so-called Iraq "dodgy dossier" showed, among other things, the names of the four civil servants who worked on it.

Downing Street press office head Alastair Campbell had to explain who these people were to the House of Commons Foreign Affairs Select Committee investigating the genesis of the plagiarised document.

"The time when most information tends to leak is when you are using a document that has a number of revisions or a number of people working on it," says Nick Spenceley, founder director of computer forensics firm Inforenz.

The UK government has now largely abandoned Microsoft Word for official documents and has turned to documents created using Adobe Acrobat which uses the Portable Data Format (PDF).

"I'm not sure many people check Word documents before they go out or are published," says Mr Spenceley.

He says he knows of a case in which someone found previous versions of an employment contract buried in the Word copy he was sent. Reading the hidden extras gave the person applying for the job a big advantage during negotiations.

Sometimes the mistakes are even more public.

During the hunt for the Washington sniper the police allowed the Washington Post to publish a letter sent to the police that included names and telephone numbers.

The newspaper tried to hide these details using black boxes which were easily removed and the sensitive details exposed for all to see.

But it is not just governments, businesses and newspapers that can be embarrassed in this way.

You could be too.

There is a function in many versions of Microsoft Office programs, which includes Word, Excel and PowerPoint, that means that fragments of data (which Microsoft refers to as metadata) from other files you deleted or were working on at the same time could be hidden in any document you save.

This could be embarrassing for any home workers whose colleagues find out that they have been applying for jobs while working at home or being less than complimentary about their co-workers.

Look and learn

With the right tools this hidden data can easily be extracted.

Unix and Linux users can turn to tools such as Antiword and Catdoc to turn the document, including its formatting information, into a simple text file.

Computer researcher Simon Byers has conducted a survey of Word documents available on the net and found that many of them contain sensitive information.

He gathered about 100,000 Word documents from sites on the web and every single one of them had hidden information.

In a research paper about the work Mr Byers wrote that about half the documents gathered had up to 50 hidden words, a third up to 500 words hidden and 10% had more than 500 words concealed within them.

The hidden text revealed the names of document authors, their relationship to each other and earlier versions of documents.

Occasionally it revealed very personal information such as social security numbers that are beloved of criminals who specialise in identity theft.

Also available was useful information about the internal network the document travelled through, which could be useful to anyone looking for a route into a network.

Mr Byers wrote that the problem of leaky Word documents is pervasive and wrote that anyone worried about losing personal information might want to consider using a different word processing program.

Alternatively he recommends using utility programs that scrub information from Word documents or following Microsoft's advice about how to make documents safer.

"Microsoft is aware of the functionality of metadata being stored within Word 97 documents and would advise users to follow the instructions laid out in [the Microsoft Knowledge Base - see Related Internet Links]," says a spokesperson. "However, Microsoft do not wish to comment on how customers use the functionality within our software."
<hr>
__________________
"Fuck these chains
No goddamn slave
I will be different"
~ Machine Head
spectre is offline  
Old 08-18-2003, 02:52 PM   #3 (permalink)
Banned
 
Location: shittown, CA
A prof I had last semester would do a very simple thing to catch plagiarizers. He would just check the properties of the document and if the creater of the doc was not the name on the paper it was a F.

Why older versions of the document is still in the file is very simple. It never deletes anything. It just puts in a code that tells word to not display that text, so if you use the tools mentioned in the artical in between blocks of codes you can see every character typed into that document.
juanvaldes is offline  
Old 08-18-2003, 03:12 PM   #4 (permalink)
The GrandDaddy of them all!
 
The_Dude's Avatar
 
Location: Austin, TX
hmm....is this just for doc files or any file made thru msword?
__________________
"Luck is what happens when preparation meets opportunity." - Darrel K Royal
The_Dude is offline  
Old 08-18-2003, 03:54 PM   #5 (permalink)
Who knows what evil lurks in the hearts of men?
 
Speed_Gibson's Avatar
 
Location: right here of course
I stopped using MS word some time ago (just use it for CD jewel cases inserts now and the much better/easier table creation). Openoffice 1.1 beta2 is my primary word processing app now and I just recently got my hands on a copy of the Wordperfect suite that looks very nice in my opinion.
Speed_Gibson is offline  
Old 08-18-2003, 05:32 PM   #6 (permalink)
Blood + Fire
 
Mr.Deflok's Avatar
 
Location: New Zealand
I knew it! I wasn't paranoid about it, excellent, now I have no reason not to use OpenOffice!!!
Mr.Deflok is offline  
Old 08-18-2003, 06:00 PM   #7 (permalink)
Banned
 
Location: shittown, CA
Quote:
Originally posted by The_Dude
hmm....is this just for doc files or any file made thru msword?
well since .doc is Words native format that would be a yes. If you save it into any other format, not sure but I'd think since they don't control that format they will have to play with different rules and will strip out garbage so the file is of that file type.
juanvaldes is offline  
Old 08-20-2003, 07:28 PM   #8 (permalink)
Psycho
 
Location: lost
One of the features I liked about WordPerfect was the ability to pop up the menu on the bottom that showed everything that was hidden as you typed. So if I typed this, it would say something like Shift+S*o_i*f_Shift+i_t*y*p*e*d. I seem to remember it would also show any keystrokes or indents that were put in, as well, so you didn't have to deal with all that "help" that word tries to give you, since obviously it knows what you want to do better than you do... bleh can't stand its "auto-correct" feature, or whatever its called.
__________________
I'd rather be climbing...

I approach college much like a recovering alcoholic--one day at a time...



phoenix1002 is offline  
Old 08-21-2003, 12:55 PM   #9 (permalink)
Archangel of Change
 
Anybody know of a Windows XP tool that reveals the hidden information as well?
hobo is offline  
 

Tags
info, leaks, microsoft, personal, word

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -8. The time now is 01:36 PM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360