Online Document Search Reveals Secrets 271
An anonymous reader writes "New Scientist is reporting that many documents published online may unintentionally reveal sensitive corporate or personal information, according to a US computer researcher. Simon Byers, at AT&T's research laboratory in the US, was able to unearth hidden information from many thousands of Microsoft Word documents posted online using a few freely available software tools and some basic programming techniques." Update: 08/16 19:06 GMT by H : The story is originally from Crypto-gram, not New Scientist.
I thought this was common knowledge? (Score:5, Interesting)
Well, it is amongst people who object to being mailed Word documents, anyway. They're just a really bad format for publishing information in.
See Richard Stallman's [gnu.org] 'no-word-attachments' article, for example...
An Important Question (Score:4, Interesting)
For example does OpenOffice/StarOffice and other open source programs have the saem security problem?
Re:P2P has be doing htis for a long itme (Score:3, Interesting)
Although I cannot guess how many of those are honeypots.
True story. (Score:5, Interesting)
Anyway, I have to admit that I was also burned by word. I was in the habit of opening the last memo I wrote from the recent documents list and using it as the starting point for newer ones. At some point, I put a bunch of policy statements on a CD and was later told that everyone was reading the hidden text. Doh!
This was back in the days of office 97 I believe. I'm not sure if Office 2k or XP still have this feature/bug.
Job Recruiters (Score:5, Interesting)
Re:I thought this was common knowledge? (Score:3, Interesting)
Hell, this is how slashdot figured out that the Microsoft Switch [slashdot.org] was a fake.
eh? (Score:3, Interesting)
of course you could always try http://searchpdf.adobe.com/
Now there's a way to search through more than a million summaries of Adobe(R) Portable Document Format (PDF) files on the Web. Your search results will allow you to see the summaries before deciding to view the original Adobe PDF.
My 2c.. and a terrible pun. (Score:5, Interesting)
One of my clients was recently caught out when google indexed private metadata she didn't know was still there, so I can well understand the gravity [google.com] of this situation.
Re:True story. (Score:4, Interesting)
Don't worry (Score:3, Interesting)
if anything, the opposite (Score:3, Interesting)
Aside from the paranoia overtones, I still disagree. The tools for doing this are on the web. Right now. So in other words, a weapon has been released that is free and easy to use. If anything, this will help small, poor companies with no resources for industrial espionage get a little information out of people who don't know any better, including their large-company rivals. All they have to do is hire one of the celibate wonders that read slashdot, and they're in business.
DMCA violation? (Score:4, Interesting)
By using tools that break the "encryption" on, for examply, the Washington Post .pdf file mentioned in the article, isn't the researcher violating the DMCA? Isn't his whole project bragging about doing this, a la 2600?
I hope he remembers a few packs of cigarettes in order to buy himself a few nights of sleep in the Big House.
Re:My 2c.. and a terrible pun. (Score:2, Interesting)
If you didn't try that 'gravity' link in the parent, check this out [google.com]. Google calculator -- takes input in standard algebraic format, and knows some variables and units too (such as "G" being the universal gravitational constant, "mass of earth", and "radius of earth"), so you can just use the variable name and google fills in the values, converts units as needed, and gives a numeric result. Nice.
However, unless I'm doing something wrong or they're stil updating, the known variables seem rather limited. ( population of china ) / ( surface are of earth) didn't work. Neither did ( 1 barleycorn ) / (1 mm).
Anyone have tips on this new google gem?
Didn't I already write about something similar? (Score:4, Interesting)
This not anything new. (Score:2, Interesting)
UK govt caught out (Score:3, Interesting)
This has happened to the UK government several [theregister.co.uk] times [computerbytesman.com]. The latter link shows whose sticky fingers were on the infamous "dodgy dossier".
Gareth
Word doc Cleaning Program? (Score:3, Interesting)
Re:Nothing New (Score:3, Interesting)
Yes, we were idiots. I work for the Post in a limited degree and we now have a sheet of paper on a quite visible bulletin board describing how we were idiots.
The