Home |
Search |
Today's Posts |
#1
|
|||
|
|||
Google desktop penetrates Word 2000 passwords
Users of Google desktop on my machine are able to see the entire text content
of my Word 2000 documents protected by passwords. In the short term, I believe you should alert Word users to this vulnerability; in the longer term, you should develop a password mechanism which is impenetrable to Google desktop. |
#2
|
|||
|
|||
On Sat, 7 May 2005 03:01:02 -0700, "Andy Denis" a.denis(at)lse.ac.uk
wrote: Users of Google desktop on my machine are able to see the entire text content of my Word 2000 documents protected by passwords. In the short term, I believe you should alert Word users to this vulnerability; in the longer term, you should develop a password mechanism which is impenetrable to Google desktop. Documents from Word 2000 and earlier are inherently insecure. The password is meant mostly to prevent unintentional alteration, not much more. When you apply a password, a weak encryption is applied to the text. Word 2002 and 2003 offer options for much stronger encryption, including 128-bit DSS or RSA algorithms (but you can't exchange these documents with users of earlier versions of Word). They also have options to remove personally identifiable data from documents on saving, and to warn you when such data is present. Unfortunately, these options are all turned off by default and you have to know to change them. For a lot more information, see these articles: How to Minimize Metadata in Word 2000 http://support.microsoft.com/?kbid=237361 Changes in encryption file properties in Office 2003 and Office 2002 http://support.microsoft.com/?kbid=290112 How to Minimize Metadata in Word 2002 http://support.microsoft.com/?kbid=290945 Remove Hidden Data add-in for Office 2003 and Office XP http://support.microsoft.com/?kbid=834427 -- Regards, Jay Freedman Microsoft Word MVP FAQ: http://word.mvps.org |
#3
|
|||
|
|||
Thanks. That's very helpful.
"Jay Freedman" wrote: On Sat, 7 May 2005 03:01:02 -0700, "Andy Denis" a.denis(at)lse.ac.uk wrote: Users of Google desktop on my machine are able to see the entire text content of my Word 2000 documents protected by passwords. In the short term, I believe you should alert Word users to this vulnerability; in the longer term, you should develop a password mechanism which is impenetrable to Google desktop. Documents from Word 2000 and earlier are inherently insecure. The password is meant mostly to prevent unintentional alteration, not much more. When you apply a password, a weak encryption is applied to the text. Word 2002 and 2003 offer options for much stronger encryption, including 128-bit DSS or RSA algorithms (but you can't exchange these documents with users of earlier versions of Word). They also have options to remove personally identifiable data from documents on saving, and to warn you when such data is present. Unfortunately, these options are all turned off by default and you have to know to change them. For a lot more information, see these articles: How to Minimize Metadata in Word 2000 http://support.microsoft.com/?kbid=237361 Changes in encryption file properties in Office 2003 and Office 2002 http://support.microsoft.com/?kbid=290112 How to Minimize Metadata in Word 2002 http://support.microsoft.com/?kbid=290945 Remove Hidden Data add-in for Office 2003 and Office XP http://support.microsoft.com/?kbid=834427 -- Regards, Jay Freedman Microsoft Word MVP FAQ: http://word.mvps.org |
Reply |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
Convert Word 2003 documents to WordPerfect formate | Microsoft Word Help | |||
How do I get my default new document to always be our company let. | Microsoft Word Help | |||
letters - ask/fillin | New Users | |||
how to convert wordperfect 5.0 floppy files to word | Microsoft Word Help | |||
copying files from Wordperfect to Microsoft Word | New Users |