Slashdot Mirror
Digital Restrictions Management in Office 11
conaone writes "According to a Microsoft Watch, there is a feature in the leaked Office 2003 called "Information Rights Management." A lot more control over documents with this... the story says: "Microsoft is threading DRM throughout the Office 2003 suite, allowing restrictions to be set on Outlook mail messages, as well as on Word, Excel and PowerPoint documents. Using "permission templates," document authors can determine restriction policies to be applied to entire categories of documents, according to Microsoft's site." Here's a link to the whole story."
...perhaps I missed it, but if the new file format of Office 11 documents is all XML-based, then how is it they can "restrict" the documents? Isn't it all just text?
Schnapple
...which naturally gives them an exc^h^h^hright to permanently break interoperability with OpenOffice, Koffice, etc. It's like Trusted Computing and signed Xbox images - they're not trying to shut out competition, but if that incidentally happens, they're not going to cry about it.
## W.Finlay McWalter ## http://www.mcwalter.org ##
Now a creator can control his own work, as it should be. As a creator, I have been waiting for such a technology. I can assign which works I want to be for my benefit, and which to give away. I am in control. This will allow me to service those which actually pay me for those works I would desire to sell. Piracy, as we know it, is about to end.
DRM will allow me to finally see how many people are actually willing to buy my work, and allow me to price accordingly. With piracy eliminated, supply and demand pricing can be truly determined.
I can't imagine how many people are going to screw around with this feature and lock themselves out of their own word file. Although it may be good for a small percentage of people, how is this going to affect John Q. Trailertrash who likes to fiddle with new functions?
So basically what theyre doing is including the ability to make documenst read only, read/write etc. How is this any different than say acrobat documents? I cant weite a pdf file when i open it, at least not with the reader, I cant save it, I can pretty much only look at it. Thats all that MS is doing from the sounds of it
Sorry, Microsoft Outlook has determined that you don't have sufficient privaleges to delete the mail message: "See Hot Young Teens FREE!!!!! JYXX92D"
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
Microsoft is requiring users who want the IRM functionality to be running Windows Server 2003, Microsoft Passport and a special Client Access License (CAL).
<sarcasm> And this will be Kosher, because we all know that Microsoft Passports are fully secure. </sarcasm>
Seriously, ideaological difference aside: Fix what's broken before you try to build new features on top of it!
!#@%*)anks for hanging up the phone, dear.
I'm sorry to inform you that, while I like my OS X, QuickTime has had DRM built-in for a while.
I was sort fo hoping against hope that MS would be moving further toward XML and therefore allowing greater standardization (I know it's a pipe dream, but one's gotta have hope)
In order for Redmond to add rights management, it kind of implies that they will have to lock down their documents. After all, what good would it do to make a Word document only readable by some certain person or group only to have anyone with a text editor or even a web browser be able to open it?
So, they will have to encrypt everything - and each time you go to open an Excel spreadsheet or WOrd doc, the program will have to "phone home" to Microsoft with your PASSPORT account?
*sigh*
The Digital Sorceress
My worry is that this may be a way for Microsoft to prevent programs like OpenOffice, Hancom or others from opening documents created with a Microsoft product. There's no mention, but it wouldn't be the first time Microsoft did something to this effect.
I know I'm showing my ignorance here, but how is this different from traditional filesystem permissions
1 - This applies to documents and things like email messages.
2 - AC is preserved even when documents are transferred to another system.
3 - You can restrict actions such as copying or printing.
4 - You can create valid lifetimes for the items.
5 - You can limit # of actions (# of copies, # of times opened, etc)
In other words, there is a world of difference.
Openoffice.org... Open office is really nice. I just started using it a few months ago when one night I finally got fed-up with Word's autoformatting (fuck you, it can't be turned off and that's the truth) so I finally said "screw it, the open source office alternatives can't be this bad". I downloaded Open Office (like 5 mins on my cable modem) and installed it (like 2 minutes) and I had something that worked at least as well as and in my opinion, better than MS Office. I've been telling my friends about it ever since and a lot of them are sold on it too.
Msoft seems at first glance here to be addressing a need in my industry, health care, to tightly audit and control access to documents. The problem is the preservation of health information privacy while providing free and ready access for authorized users. Network user authentication only goes so far because the same user might need different privileges for the same document at different times, depending on the purpose of the disclosure at the time.
We have a principle in health information security called "minimum necessary" which dictates that information only be disclosed for a particular purpose and only the information needed to accomplish said purpose be disclosed at the transaction level. Meaning, if you come back and have something else to do with the same document, you might need a different level of access. It is a sticky wicket.
The best way to do is to be.
This is a good thing. I know, I know, M$==bad and all of that, and yes, you have to activate the product - break out the tinfoil hats! But this sort of DRM is on your side - as in, people can't break into your files.
people cannot break into my files now. that is what pgp is for. ms could of course use a standard like pgp, but then they woldnt be able to lock out their competitors. i'm sorry. propritery drm is not in my best interests or yours. by using their formats you are preventing yourself from viewing your own doucments without their software-you are doing yourselves no favors.
-- john
After Office 11 there might never be another "Pentagon Papers" type scandal because the government could just cut printing rights to sensitive documents. Companys will no longer have to worry about internal memos ending up on FuckedCompany.
Unless:
1) Someone reads the document, remembers it, and later recalls it at a non DRM computer.
2) Someone takes a photograph of the screen. Seen sony's tiny little cameras lately?
3) Someone uses a pencil and paper.
The only thing this does is make it inconvenient to leak secrets. This does not make it difficult. This is still a good feature, as it is currently more convenient to violate secure channels than to follow them. But it's not stopping any leaks whatsoever.
There are no trails. There are no trees out here.
I don't understand this.
You mean to tell me that MS has disable the copy-and-paste, too?
Seriously. Why couldn't I just copy-and-paste my secret memo into a text file and then forward it to FuckedCompany or AssWipeMemos or whatever Pud's pimping.
It's interesting, though. All this DRM/IRM/whatever you want to call it is turning the computer into a block of metal and plastic. I'm old enough to remember the days of the Altair and the Osbourne MicroAce and the Commodore PET with the plastic keyboards -- and I'm troubled by this gradual shift from "hobbyist computers" to -- essentially -- blocks of metal that can only be used to do whatever corporations tell us we can do.
Anyway, fuck it.
If they disable copy-and-paste in Word 11, then it's useless.
And why oh why can't Microsoft add EndNote functionality into their word processing software? For fuck's sake. They've added everything *but* a decent bibliographic manager. I keep hoping the next version of Word would actually add useful features for people who -- imagine that -- write for a living.
Because this will undoubtedly be cracked within a month, tops. There's a good chance it's already been cracked based on the betas -- and Slashdot posting it *ensures* that every techie that didn't already know about it does.
Heck, *I* woulda cracked it if I had a copy sitting around and had any interest in Office, just for the egg-on-your-face factor affecting Microsoft when they try selling their "strong" security to companies.
You cannot do secure DRM in the current computing environment. *Maybe* with Palladium in place. Definitely not now.
The only benefit I can see this giving Microsoft is a legal excuse to make their file formats *incompatible* with everyone else, and anyone else implementing support for their file formats being liable under the DMCA.
Office is Microsoft's bread and butter, and incompatibility is the worker that brings it home each day.
May we never see th
I would welcome some version of DRM for the individual. I work for a consulting company and I have had cases where other consulting companies have taken documents that I put my blood sweat and tears into, changed a title page and then went an took work away from me, let alone co-workers who have done the same.
We have often resorted to creating everything in Acrobat, which is somewhat limited, but I really would like more control. It would be great to give my team complete write access, but not worry about who I ship the document to.
It is upto me then to come to agreement with my clients about how much access they have to the documentation I produce.
D.O.U.O.S.V.A.V.V.M.
NO ONE likes to lock a "softcopy" file down so that you can't suck data from it. If i want a document that i can't cut/paste data from, i print the fscking thing. The ONLY thing most people want 99% of the itme is to prevent someone from making changes to a document (such as a resume). In that case, we make PDFs... because few know how to modify them.
... Those geeks will send out emails/Word docs which are IRM'd, and then will just frustrate the hell out of the normal users who will email back asking for a "non-fscked up" version.
The esoteric nature of this scheme - much like some of the advanced features of Outlook/Exchange will be mostly if not totally lost on all but a few ubergeeks in your typical business
Its kinda like being the first guy to install a Service Pack from Microsoft the first day it comes out... you only do that once and have a horrible experience before you relize you better wait, only this will be much more powerful....
the first time Joe Businessman brings a file with him on the reoad that he can't modify or can't copy data from - he'll swear to Jesus and never EVER use this "feature" again.
In short - there are two kinds of people - people who will "get" this, and those that won't. Those that get it are either PHB's or geeks - most geeks won't want to use it or will use it to piss off the other kind of people - the normal people that won't understand how this helps them do their work.
for most people - security is a PITA - this will only make their lives more difficult, and will have them finding work arounds if it is "mandated".
guns kill people like spoons make Rosie O'Donnell fat.
Everyone would love being a repository for spam. Oh wait, we already are.
Look, I've trusted MS before -- WMA Was supposedly their next 'killer app' for online distribution, so what did i do with a friend way back when it was about to debut? Start a company that would harness WMA technology to deliver unique content, in a unique manner, to Indy bands across the USA using the internet and WMA as out content distribution system. WMA promised to allow you to listen to music for a set period of time and then its license would expire and give the user the option to purchase the piece.
Months later: distribution system already in alpha testing, VC funding on the way, patent pending technologies, WMA Cracked, technology moot. That was the day I went from Linux dabbler to Linux convert.
See the problem was that we trusted MS and built a business around their proprietary technology, a technology that was supposedly 'uncrackable' based on the way it generated a unique id from a user's specific computer, hardware, and setup. There is no uncrackable unexploitable technology.
While the world once again puts its faith in Microsoft's proprietary 'uncrackable' DRM, I'll be over here on my Gentoo box coding tools that will enable users to DO more rather than RESTRICT more.
Oh and when a clever hacker cracks their DRM I'll be outside laughing and dancing in the street.
-- -=innocent ramblings from the mind of an insomniatic programmer=-
DRm technologies are not going to prevent documents from falling into the wrong hands. The security model for DRM is weak and depends on a lot of factors that are outside the control of the party that is trying to protect that information.
Using DRM to secure information is selling snake oil.
Python
Consider: Who holds the copyright to these documents? Everyone. This is nothing like the situation with CSS-protected DVDs, where the only party who held the copyright was claiming that permission was not granted. If you write a document in MS Word, it is yours, and you are the one person in the whole world, who under DMCA, grants permission to people to access that document. Grant it, and the tools are legal.
DMCA only has teeth in reference to DRM, in cases where the scrambled content is created by a monopoly or cartel. If there's no monopoly on content, then DMCA is meaningless. DMCA was bought by monopolists and is only useful for monopolists.
"We, the MPAA, in order to form a more perfect union..."
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
...The only difference is, you can set the permissions for everyone. The document can spread and you can keep those permissions in tact.
Once again MS has shown they are ahead of the curve when it comes to introducing new features. This is a great feature. For instance, now I can distribute documents under NDA to customers and partners without worrying about them casually distributing the info to whomever they feel like. Of course there are ways to get by the security if someone really wants to. But it stops unintentional distribution of sensitive material into the wrong hands. In a few year OSS will realize this is a good h]feature and put it in Open Office. People will still be saying that Microsoft is not innovative then too, I'm sure.
Vote for Pedro
Password protected .pdf file, NDA with watermark etc already works.
How often would a vendor send me a datasheet in a Word file in the first place ?
As a matter of fact one clueless vendor use power point for the datasheet ended up screwing up mechanical drawing and got themshelve disqualified as a supplier.
I know that's not helpful, but I can't help but agree.
The problem with this isn't that it's an implementation of privacy, but that it's Microsoft implementing my privacy.
I can encrypt every document on my hard drive right now, and I don't need Microsoft to do it for me.
DRM as envisioned by corporations like MS fails to account for the fact that if information can be interpreted by one person, it can be interpreted by anyone. There are all sorts of ways around it in this case: screenshot, hack accounts, print it out, hack the frickin DRM, convert it into a different format, and so forth and so on. Yes, it makes it more difficult, but there will still be problems.
Security begins with the user. If your staff is mass emailing sensitive documents to spammers, that's a problem with your staff, not the email program, and certainly not the text format of your email.
Sure, privacy is important, and restricting access is too. They're fundamental. But that should be something that's done by the user, the sysadmin, not MS.
If MS were creating this spec, and publishing the whole document spec as open source, I'd be happy, more or less. Fine--then there'd be nothing stopping other developers from implementing the spec. But as it stands--and likely will stand--this won't be open, and restricting access to my document won't mean restricting it to who I want, it'll mean restricting it to who MS thinks it's okay for me to want to restrict it to.
DRM should be separate from any particular corporation's implementation of it.
Wasn't the Skylorav case persued under the DMCA because he broke Adobe's file format?
Not really. The PDF file format is an open format. Anyone can make PDF tools. Skylorav didn't crack the file format, he cracked the optional encryption that the file MAY contain.
There is a key difference: Microsoft has repeatedly tried to prevent other companies from being able to read/write their file formats. By including DRM in the file format, Microsoft could be setting up the chance to sue OpenOffice (for example) in the event they include Office interoperability.
The interesting thing (to me) is that until I read this post, I though that this was really not a big deal. I actually think Office is a good place for DRM. Having the ability to place some limitations on who can read my business documents is a good thing. If it weren't for the DMCA, I would say that this is a case of people overreacting just because MS is involved. Unfortunately, the DMCA changes all that. Microsoft will almost certainly use this as a tool to prevent interoperability, and there's probably not a thing anyone can do to stop them.
Here's an article on this. The article title gets the point across pretty clearly: "New technology could cut down on whistleblowing". Think Enron, WorldCom, cigarette companies, etc... .
It seems that this technology would be pretty valuable for terrorists, no? This is a child pornographer's dream. You want to run a second set of books so you can pay less taxes, use the new MS Office. How exactly will law enforcement do legitimate searches? A lot of the arguments made against strong crypto by the government would seem better aimed at DRM.
Keep in mind that mobsters have been jailed even though they used strong crypto because the government tapped their keyboards (after obtaining legitimate warrents to do so) and sniffed their keys. Do we REALLY want to allow a system where the machine prevents us from gathering such evidence? How would you like to receive a death threat from a mobster via email and be unable to prove it to the police?
I mean does it force program pirates to include source or link, as the GPL mandates?
If the DMCA truly allows reverse-engineering for purposes of interoperability, then whats the problem with DeCSS, and Linux DVD players that use it?
Imagine it locks up your Excel sheet to read-only (w/Palladium backing).
"What do you mean you can't fix it? I can see my entire workbook here, I'm just not allowed to change it. I can't even copy & paste. What do you mean I'll have to start over? I need those data I see right in front of me, it's not deleted, so fix it!"
Nothing like a virus that'll not only take your data, but also rub your nose in it. Somebody remember to give this idea to the script kiddies.
Kjella
Live today, because you never know what tomorrow brings