[olug] M$ Office whackin' !

Sean Kelly smkelly at zombie.org
Wed Sep 3 06:43:49 UTC 2003


On Wed, Sep 03, 2003 at 12:48:43AM -0500, Christopher Cashell wrote:
> At Tue, 02 Sep 03, Unidentified Flying Banana neal rauhauser, said:
> >    We've already started fixing the SCO problem box by box, but what
> > about this DRM in M$ office nonsense???
> 
> After reading the article, I'd be /very/ wary of ever utilizing this
> technology.  It relies on a central (Windows) Server for your
> organization that handles all permission and accessibility requests.
> 
> I don't know about everyone else, but there is no way I would entrust my
> ability to read documents to a single server, especially a Windows
> server.  There's just way too much of a risk that it'll be inaccessible
> when I need to access information.

While I know very little about the subject, I would imagine Microsoft has
taken this into consideration. Their solutions may generally be half-assed,
but they're not usually so broken that they have a single point of failure
for such an important thing.

If I had to guess, I'd say it might somehow become part of an Active
Directory domain and your redundant/secondary/whatever AD controller server
dojiggers would have cached versions of the data.

> Imagine trying to get at a critical document when you're at home and
> your Internet access is out, or your server is down, or any number of
> other things.  You could have the document sitting right there on your
> company laptop, and be unable to access it's information.

A small consequence to pay for classified data. Not like every single
document will have this turned on. Just those "secret" ones.

> Or, what happens if things go /really/ bad, and you get data corruption
> on your special information rights server?  Are you going to then lose
> access to every document that was locked with it?

As I said above, I would imagine there is a failsafe by having a cluster of
machines with the data, likely somehow integrated into AD or something
similar.

A cooler issue would be a variant of MSBlaster that modified all the
permission data on servers to invert the access rights, so those who were
supposed to be able to read the document could not while the rest of the
world could.

...
> And it doesn't even begin to address the fact that the majority of
> sensitive information leaks and security problems are due to wetware
> problems (i.e. human error/stupidity), as opposed to hardware or
> software limitations.

It will be interesting to see if one can simply Copy from MSWord and paste
into Notepad. One would iamgine it won't let you paste outside of the
"secure' Word document, but who knows. There are always ways around taht in
the wonderful world of Windows and MFC.

-- 
Sean Kelly         | PGP KeyID: D2E5E296
smkelly at zombie.org | http://www.zombie.org


More information about the OLUG mailing list