Corporate, Personal Secrets Revealed In Online Word Docs
from the what-have-you-written-lately? dept
A researcher from AT&T Labs is demonstrating just how easy it is to find confidential (either corporate or personal) information online with a simple test. He did some random online searches for word documents, downloaded them, and then looked at what data had been "deleted", but which the document still had hidden. Basically, the problem here is that most people don't realize just how much extra and "deleted" information programs like Word store. Microsoft claims that in the next version of Office they're going to have tools to help prevent this sort of thing.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
No Subject Given
Two ideas come to mind:
(1) disable the fast-and-historical save options until the user specifically chooses to enable them; the oblivious user should be protected.
(2) when you save historical information, save it encrypted by default. The worst case is when the user can't unlock their own hidden historical data, which isn't all that bad. Encrypt to a machine+user specific metric, which automatically unlocks when opened by the same detected machine+user, or offer a more complete encryption path that encrypts according to a provided pki or simple password. Even WEAK encryption would be a big win here, but there are plenty of much stronger crypto standards *built into everyday operating systems*.
[ link to this | view in chronology ]
here are the Microsoft articles on this
http://support.microsoft.com/default.aspx?scid=kb;EN-US;211209
http://support.microsoft.com/defau lt.aspx?scid=kb;EN-US;197978
[ link to this | view in chronology ]