Word came up with Stirlitz? Information for consideration

Published on December 20, 2007

Word came up with Stirlitz? Information for consideration

    So, the sad story that my admin friend told me.
    Please note, this is not some copy-paste, but the story I received (manuscriptum) firsthand.

    - There was a design office. And she did ... you will be surprised ... by design. Used for this AutoCAD. Who swam - he knows what it is and what it is eaten with. The program is a beast! But she doesn’t suck a penny.
    And the workers of the design office would have further designed, if not one annoying fact - the program on their computer (or rather on 20 computers, but these are the nuances), and so the program was completely stolen from them. Established from the disc purchased on the Hump (and only the grave will fix the hunchback) for as much as 500 rubles.
    Well done AutoCAD fellows good for many thousand green rubles (for each copy).
    And all would be well if the heroes would continue to work in the name and for the benefit of their loved ones if it were not for one of their contractors to look, or maybe their contractors' contractors for the sent file in AutoCAD format.
    And in the continuous mess of the meta-data and tags stored in the document, the fake ID of the program annoyed.
    Further, as in a bad action movie, masked people, with machine guns, were all snooping to the floor, but “Strong Nut” did not come to the aid of the people lying in the office ... And all because rightly and legally tied.
    - Many times the topic of unlicensed software has been raised. Many times, innocent Open Source users have bitten their elbows in ignorance of "How will they prove that their software is licensed?" But it is not they who need to think harsh thoughts. And to those comrades who send doc, ppt, xls, psd - files left and right without even thinking about how much interesting things can be fished out from ordinary-looking files.

    What will our files tell?

    Take MS Office for example. Generally speaking, the office format itself is described in sufficient detail. Here you can see a detailed description of the Word format:
    pipin.tmd.ns.ac.yu/extra/fileformat/text/doc/wword8.html

    Among the set of binary fields, FIB blocks of 512 bytes per page are allocated + the same amount on the so-called zero page. While most of the block is described, there are undocumented areas that theoretically may contain any information. For example, the identifier of the program instance (despite the fact that the version of the program is written completely open). Is any information hidden inside the file evidence in court? Hardly. But it can easily become the basis for an effective inspection of the company's equipment, as a result of which violations are likely to be discovered, which will already become a 100% argument in court.

    But are dangers limited only by undocumented bytes of our files? Not at all. The fact that confidential information falls into a regular Word document is no longer a secret. Even data deleted during editing is stored in the document metadata stream and can be restored later.

    One of the victims of the metadata leak was, for example, British Prime Minister Tony Blair. In his Word-documents regarding the invasion of Iraq, hidden (deleted) information was found that differs from the official position of the country's government. Another example: metadata was found in SCO Group documents indicating that the company was about to file a lawsuit against Bank of America. The discovery of this data mixed all the cards to the main opponent of Linux. You could even say that MS Office, without knowing it, helped Linux in the fight against SCO's baseless claims :)

    At the end of my article, I placed links to some materials on a given topic.
    Even a resource dedicated to the problems of hidden metadata was created
    www.metadatarisk.org

    Let me summarize a few tips for your safety:

    1. If you use MS Office, use the means for detecting hidden metadata, for example, Hidden File Detector, which can be found here www.wordsite.com/downloads/hfd.htm

    2. In principle, do not allow early revision of the document of unwanted statements, even if you plan to delete them later.

    3. Avoid sending or uploading proprietary proprietary formats for downloading to your website that may signal that you are using expensive software packages (psd, cdr, and others). This may cause targeted verification. Always give preference to an open alternative (in the case of a word, it could be an RTF file)

    And remember, first someone knocks you at the competent authorities and only then the authorities knock at your door with a check. Do not let your documents spy on your computer.

    Good luck

    Links:

    wordexpert.ru/2007/01/04/kak-obnaruzhit-skryityie-dannyie-v-dokumente-word

    www.cnews.ru/news/top/index.shtml?2005/01/31/173732

    www.oszone. com / 4393

    prezentation.ru/articles/metasecyriti_15_06_06_print.html