Microsoft Prepares Office Lock-in

An anonymous reader writes "NEWS.COM has an article describing Office 2003's DRM features for documents. This will not only coerce those running older versions of Office to upgrade, which has been a problem for MS in the last few years, but it will also shut out competing software, such as OpenOffice. Now think about this for a second. Even if the developers of a competing office suite could figure out how to get their software to open an Office 2003 document, doing so would be a DMCA violation, since they'd be bypassing an anti-circumvention device. I certainly hope the OpenOffice team will kick development into high gear. If there was a time we need a viable competitor to Office, it's now."

Mostly FUD

This article emphasizes the role of DRM in commercial settings. It's perfectly reasonable for corporate customers to want to control access to their documents in the workplace, and that's what the Office 2003 DRM features are targeted towards. It's just a dumb client-server authentication scheme, people.

Put away the aluminized headgear. This is not an anti-consumer technology, or even a consumer-oriented one.

Re:Mostly FUD

[Martin+Blank]

So the executive flying to L.A. won't be able to access the documents while on a 4-hour flight. Nor will he be able to do so from the hotel unless they open up the firewall to let him access the authentication server--something that seems inherently dangerous considering it's Microsoft we're talking about.

Do you think MS doesn't even use their own software? Their executives spend a lot of time jetting around the world for various reasons, be they business, lobbying, or vacation. I doubt they would be so short-sighted as to not put some method of permission caching in place. Personally, I see this being used in corporate law departments and in R&D divisions, where the ability to lock people out of something even if they do have possession of it would be invaluable.

Besides, if it's hard to use or if there's not a real need for it, people simply won't use it. A lot of features get his treatment -- how many places do you know of that have even tried to implement the shared editing features?

Re:Mostly FUD

[Skapare]

In order to ensure that older versions of Office or Word cannot read a DRM restricted document, they have to make it "incompatible" in some way. If they do that by having a few fields that will choke older programs, it still won't do anything to prevent developers of other office productivity software from making it readable in theirs. So Microsoft will almost certainly have to encrypt the document, and serve up the key from the DRM server (using a proprietary protocol, of course). That encryption is involved makes it the kind of rights-restricting scheme the DMCA makes illegal to re-engineer. And don't think Microsoft doesn't know this; they are not dumb. They will try to do at least as much as they can get away with (and perhaps more, which we can then pounce on). Be sure you use the word "interoperability" more, now.

My big fear is that this new protocol and server will be full of the kinds of bugs that Microsoft traditionally puts in new software expecting the public to help them debug it. Imagine the impact when people assume this DRM will protect their confidential documents (such as health records, bank records, and such), and stop using other methods. In a few years we'll see lots of these documents not only cracked, but cracked via the internet en masse. Oh the horror.

Only when the document creator chooses to lock it.

[pe1chl]

My impression from this document is that it is an optional feature, only active when the creator of the document specifies who can read it.
When the creator thinks it should only be readable on Windows 2003, and not on other software, that is his responsibility. And it is the responsibility of the reader to reject such documents as unusable.

This is hardly new. We use StarOffice 5.2 at work, and it cannot open password-protected documents from Office 95 or 2000. This is amongst the least problems when using that package in a mixed Office-StarOffice environment.

That'll be true for a while.

If I receive documents from suppliers and clients that I can't read, then I will ask them to send it again in another format, and they won't have a problem with that for now.

But five years from now, when everybody buying a Dell or Gateway machine has the latest version of Office bundled with their machine, I will likely be the only guy who can't read their documents, and their sympathy will have disappeared. I'll have to upgrade.

There's no particularly good way out of this using the marketplace; the marketplace will dictate it.

I don't see the problem here.

[AzrealAO]

This is a feature some people want. It'd not on by default (how could it, be, since it requires a properly configured server to do the rights management).

It'll let businesses lock their documents down, for internal use. Nothing at all here gives any indication that all documents created will have DRM forced on. If a business or user doesn't want to use it, don't turn it on.

Re:I don't see the problem here.

[velkro]

So... you install Windows in VMWare, install DRMOffice, open document, and screen cap the VMWare session. Or use Terminal Services, rdesktop, vnc, insert_favourite_dmca_circumvention_tool_here...

Re:I don't see the problem here.

[Courageous]

So the only real way you can defeat this is by opening it in a non trusted application,...

No, he's correct. You'd have to cripple the entire operating system while the document was open. For example, you'd have to ensure that VRAM was inaccessable to the users, that nothing was paged out, that the memory of the application itself never stored the document in unencrypted form (impossible, if it's displayed), and so forth.

But in any case, nothing my digital camera can't defeat.

C//

Re:The straw that broke the PHB's back?

[UberOogie]

Dream on.

Call me a cynic, but I've lost count of the number of times that MS forced upgrade cycles were going to be the end of the company. It hasn't yet, and won't be in the future, even with this. Enough people and companies will pay to make it a non-issue. Watch.

It's actually important to do this.

[tjstork]

Law firms, especially, need this feature.

Right now they have to assume that a word document is unaltered upon receipt from a client. Now, with DRM, they can guarantee it. They also need to control distribution of documents and readability.

Pretty much every major corporation will want this feature once they understand it.

So, instead of fighting DRM, jump on the bandwagon, and have --better-- rights management in Open Office.

I'm not actually convinced that you need to have compatability between Office suites. Really, most people can use their existing MS Office to edit their Office documents and their new Office to edit their new documents. That way, if the old Office license is expired by Microsoft, everyone can complain to MS about how they can no longer read their documents, whereas, Open Office would theoretically never have that problem.

So, I would educate customers that file compatibility is not particularly necessary.

Re:It's actually important to do this.

[JediTrainer]

Right now they have to assume that a word document is unaltered upon receipt from a client.

I don't know about your area, but I think that a number of the bigger law firms around here (such as Torys) has all their documents stored in PDF format. If they need to prevent changes, it's a simple matter to sign the document before sending it anywhere.

Re:The straw that broke the PHB's back?

[bokelley]

At the same time, Microsoft has been fairly savvy in protecting its {monopoly|competitive advantage} without really ticking off the media. The Messenger lockdown is pretty blatant, and I haven't seen much public outrage - primarily because the people using Trillian et al are not the mainstream (yet). The big companies that are locked into their Microsoft investments make choices every 2-5 years when they upgrade their desktops. If Microsoft can create FUD - by claiming incompatibility or building it into new products - then they can hold off OpenOffice for another few years. I wonder if the EU would see this as anti-competitive (the US won't/can't do anything even if it does).

Re:out of the water

[garcia]

First of all, DRM wouldn't be a requirement for all documents, it would most likely be a "feature".

Second, what the hell does Linux have to do w/Anti-DRM and people switching? Linus has specifically stated that he has no opinion either way. If you want it, woo, if not, woo. People aren't sick and tired of DRM and it's not BS (no matter what "we" think)

Linux is taking a foothold because other software companies have expensive software.

You think that an alternative to Office is going to help? There have been alternatives (Corel, etc) did it matter? Do you think because they are creating a new version of Office it will render the other files incompatible? That would be really really dumb for MS to do (no ability to bring in your old stuff? retype? what?)

The only reason for a switch is PRICE. Honestly, no matter what bullshit people spread on here about how good OO, SO, etc, are, they aren't what MSO offers. Not even close.

Until the OO, SO, etc, get some strong following and somehow create something better than Office, no one is going to care unless it is money related and even then, I doubt a few hundred dollars is going to matter...

Just my worthless .02

DRM for business documents is a valuable tool

[maynard]

A few facts and then an opinion:

1) DRM technology will be available to businesses which choose to run a DRM server on Windows 2003. It will not be enabled by default.

2) The technology will allow a management (or really the top level key holders) to limit document access rights to specific individuals or a group within the organization. A very valuable feature for many businesses.

3) Without a doubt, MS will abuse this technology to lock their customers into the new Office document format, which they will further abuse to limit document exchange from MS to third party applications.

The problem here is not 1) and 2). Those are perfectly reasonable features that most businesses want to buy. The problem is 3), the vendor lock-in issue. The Open Office project could write the same kind of DRM services into their suite, while at the same time offering document portability to those who hold top level keys to an organization's documents. IMO, this is where they should go long term, since it's obvious MS has hit upon a valuable technology - but like they're always abt to do, they're first instinct is to use the new technology to lock their customers in rather than sell their customers on their new features, quality engineering, and support. Businesses want both the DRM controls and document portability across a wide range of applications. MS always fails their customers in this regard and that's one reason why they've got such a bad reputation.

JMO.
Maynrd

Surely you jest?

[kylef]

This kind of blatent abuse of the law is just another step towards neo-monarchism, and more loss of freedom for the common person.

OK. Let me get this straight. A private company introduces software that basically introduces built-in encryption for word documents, spreadsheets, and email. This technology is designed to allow companies to prevent emails and documents from accidentally "leaking" to the press or into the hands of corporate spies. This won't even affect the home user AT ALL because home users don't have the necessary software to make use of IRM anyway (it requires a separate Windows 2003 Server in addition to MS's Information Rights Management software).

And the availability of this product is somehow an example of "blatant abuse of the law"? I think some people here are suffering from some kind of paranoia.

Analog my friend...

[sterno]

Or you just get out your trusty camera and take a picture of it. If you want to get higher tech, capture the EM signal generated by the monitor. It's just like bypassing music DRM by recording from a line out. This sort of security will stop casual snoops, but somebody who wants the information will get it.

Information flow NIGHTMARE!

[Tsu+Dho+Nimh]

Oh wow ... given the numbers of PHBs who already password protect presentations and send them out without the password, which they promptly forgot, this should be a productivity enhancer.

• The critical presentation EXPIRES the night before you need it.
• The only person with the rights to open a document is sick and didn't make the meeting.
• The BIG customer tells you that they are not about to upgrade their servers and corporate software just to read your documents and tells you to provide material they can read or forget it.
• They will have to have FULL-TIME rights managers, who track who is entitled to read whose documents.
• And a full-time Search and Rescue team to retrieve lost documents, crack lost passwords, etc.