Slashdot Mirror
Microsoft Prepares Office Lock-in
An anonymous reader writes "NEWS.COM has an article describing Office 2003's DRM features for documents. This will not only coerce those running older versions of Office to upgrade, which has been a problem for MS in the last few years, but it will also shut out competing software, such as OpenOffice. Now think about this for a second. Even if the developers of a competing office suite could figure out how to get their software to open an Office 2003 document, doing so would be a DMCA violation, since they'd be bypassing an anti-circumvention device. I certainly hope the OpenOffice team will kick development into high gear. If there was a time we need a viable competitor to Office, it's now."
Just imagine the backlash that will come from inter-company communication via Excel and Word. Hell, my company has had numerous problems with reporting (scripts that mine data from various sources, such as Excel, and generate reports) and document management systems just because of differences between Excel/Word 97 and 2000 files. This may be what FOSS needs to start making massive market penetration.
Now all Sun needs to do is release an OS X native version, add a database that works more like Access (maybe php or jsp scripting) and MARKET THE HELL OUT OF IT.
I'm no expert, but IIRC, didn't MS nailed for doing pretty much the same thing to Netscape some years ago?
Correct me if I'm mistaken, but wouldn't that be some sort of precedent here?
This post made with the Dvorak layout.
"Friends don't let friends use QWERTY"
Does this not violate Microsoft's DoJ agreement? I mean, this is obviously anticompetitive behavior. I think that people will see this new "feature" and either not upgrade (unless it adds A LOT of worthwhile features) or save their files as RTFs or older doc formats. I think Microsoft is shooting themselves in the foot with this. People want compatibility, that's why they stick with Windows. People will reject this.
Help I'm a rock.
We allready use OpenOffice for all our end user's here. Just be sure the Pc has 128 megs of ram, and put the office quicklaunch on startup, or they will complain about how long it takes to start. Otherwise, it works awesome for all standard end user word / excel tasks (99% of end users). As soon as your company gets one of those audit letters, spring the OpenSource and the management will come flocking. =)
No I didnt spell check this post...
IIRC, the DMCA specifically permits circumvention of copy protection/DRM/anything else if it is done specifically for purposes of interoperability (not just to allow unauthorized access to information). That means that OpenOffice or any other competitor would be allowed to crack their encryption in order to allow their users to read .doc files. Right?
I am a geek attorney, but not your geek attorney unless you've already retained me. This is not legal advice.
Yes, and as such it seems entirely stupid. So the executive flying to L.A. won't be able to access the documents while on a 4-hour flight. Nor will he be able to do so from the hotel unless they open up the firewall to let him access the authentication server--something that seems inherently dangerous considering it's Microsoft we're talking about. Employees may not be able to work from home or in the evening for the same reason. If you send the document to an external consultant or a client it's going to be a major hassle to give them access--short of saving a version with no access restrictions.
If Microsoft is going to implement DRM in their Office platform, this is the way we want them to do it. It seems like a pretty stupid way to implement it that's going to cause more problems than it's going to solve. And if by implementing this DRM and showing consumers just how inconvenient it is the consumers learn that DRM is not their friend, all kind of Microsoft plans may go down the toilet.
Open Office can't clone this format, because the weak "interoperability" clause of the DMCA has basically been stricken from the law by former Time-Warner lawyer Judge Kaplan (of deCSS fame).
.docs to people who can't read them? Why would I want to rely on MS's legendary security (think ass rape) when it'd be far better to encrypt the disk I store sensitive files on?
But then, WHY would they want to?
Why would I want to send
I see MS's new office as a boon to government and corporate types who break the law. Now, whistleblowers will have a hard time getting out information about wrongdoing. If they do, they can be tracked, and sued for violating the DMCA!
Corporatism != Free Market
I wonder what this will do for companies such as Apple who are building in MS office document readability/writeability into their applications/operating systems? Right now I can read and write .ppt files in Keynote, and .doc files with, ahem other bits of software on my OS X boxes. So, is this simply an attempt at providing a more secure environment or is Microsoft doing an end run around other folks to make it a federal crime in the name of security to compete with them?
Visit Jonesblog and say hello.
...or even know about this.
Us here at SlashDot tend to take a dim view of Microsoft (even though many of us like some of their products-- I myself like their mice, and MS Word is nice), but most people don't even realize there's a choice.
I apply for Unix Systems Administrator positions sometimes, and virtually ALWAYS I get asked for my resume in... MS Word format.
Giving them a PDF isn't good enough. They just ask you for the Word version again as if you'd said nothing.
I'm starting to think that MS's slogan should be "But EVERYONE uses Microsoft!", since that seems to be the way most end-users seem to think (without even realizing it). Or, of course, it could just be "Microsoft: You WILL use our software, whether you want to or not...")
This sort of thing is getting really tiresome. When will MS finally get the Grand Cosmic Smackdown for doing this sort of thing? How long can an ill-gotten monopoly last? (And why do so many SlashDotters seem to like defending MS?)
Honey, I shrunk the Cygwin
This could be a good thing. Enough people have heard of "open source alternatives" that they will start to seriously examine what that phrase means.
/bots know about the average user, it's an indisputable fact that people don't give a flying fsck about document security. Those that do already know how to protect themselves.
There is nothing in this article that talks about benefits to consumers. With what
When a M$ clone decides to say, "When we asked consumers about...", you can be certain that they didn't ask consumers anything. Consumers want document compatibility. There is nothing Office does for the average user that OpenOffice can't do.
Except take money. It's high time to start preaching this to ordinary users.
Laws are for people with no friends.
Yeah, try to create an open source DVD player for Linux. Ever heard of DeCSS? Fact is in real life, the big corporations will sue your ass if you ever try this. Even if you're in the right, do you have the money for legal defense?
If con is the opposite of pro, is Congress the opposite of progress?
Although they will still arrest you and invoke the DMCA because maybe you design something that facilitates Adobe ebook and Adobe Acrobat Reader interoperability ;)
I don't read your sig, why do you read mine?
As often happens, people have reacted to a Microsoft article without understanding the real issue.
There have been many times when I have wanted to keep an email or a document out of the hands of other people. I once got in trouble for sending an email joke to people whom I knew would enjoy the humor. Alas, they forwarded the email to others who forwarded it to others... and so on... so that eventually it ended up in the hands of someone who took the value on "diversity" a bit too far and were offended.
The DRM feature in Office and Outlook enables a user to prevent emails and documents from being forwarded to and viewed by people not specified by the sender/creator. That's all this feature is. The sender/creator certainly has the option of not embedding DRM into the email or document so that there is no rights management involved.
This feature is one I have wanted for many, many years. I want to control who has access without having to expose the recipient to the mystery and overhead of encryption.
-Everyone laughs at lemmings but no one ever wants to admit to ever being one.
...unlike in the previous years where a lowly secretary could get her hands on an executive document detailing such things as fleecing the investors, dumping (on accident or on purpose) HIGHLY toxic chemicals into the local residential area's water supply or other scandalous corporate activities will simply cease to be.
Unless the rights to print such a document are still allowed, it would mean that corporations can get away with hundreds upon hundreds of scams, illegal activites and everything else that our nation's current corporate climate has bred.
Now, if we had a culture of doing the right thing, being honest and trusting, then there would be no issue with having such DRM capabilities being built into an office software package... Of course, that kind of feature would never be used in such a world as there wouldn't be any reaon, if people could be trusted.
I know that DRM makes sense on protecting a company's assets, but it can be the carte blanche to the CEO's of the world to forgo legal business practices...
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
Either that or forbid upgrading. This could have the opposite effect that MS is hoping for. Some companies may instate a rule requiring the use of Office NO NEWER than Office XP or something.
Our company did something similar for a while. We were developing with Visual Studio 4.2 because 5.0 sucked rocks, and we couldn't buy 4.2 anymore, so we bought copies of 5.0 for new people and installed 4.2, leaving the 5.0's unopened on the shelf.
If you read the article (which it seems the submitter didn't even do), you'll see that Microsoft says that applying DRM to a file will be an exception, not the default behavior. This means that the OpenOffice team will be able to figure out the Office 2003 file formats without DRM features, and open and manipulate those files just fine.
The only files that they won't be able to work with will be files that someone has chosen to apply DRM to. And from the document creator's point of view, this is a good thing. The ability to open the file in another app that was not beholden to Microsoft's DRM server would render the DRM completely useless. And DRM itself is not a bad thing. If you think so, perhaps you should execute "chmod -R 777
The first interesting thing will be to see where MS goes from here. Will Office 2004 have DRM as a default? If so, that would make interoperability a great deal more difficult. But more interesting is how the open source community will respond. DRM on documents is an important feature. If I'm putting out a document, it might be useful for me to be able to specify who can view it, who can edit it, and so on, without having to resort to filesystem ACLs. Sure, it's not absolute security on the document, but it's another layer. So it might be a good thing to consider to have some sort of open source DRM alternative for OpenOffice.
-Todd
"The details of my life are quite inconsequential..."
Remember, the DMCA (17 USC 1201(a), in this case) only concerns itself with works protected under the copyright act... We got into this discussion the other night in class, when someone suggested that they could simply encrypt an uncopyrightable simple compilation of facts and thus protect it under the DMCA. No; if the data itself isn't copyright(able|ed), simply adding encryption doesn't make it a DMCA violation.
The issue, obviously, becomes thornier when you distribute software (OpenOffice) that can circumvent... But again, the DMCA might not apply here either. It's at least arguable, if the ability to open DRM-protected documents is only incidental; see 17 USC 1201(a)(2).
Finally, I seriously doubt Office 2003 will save documents protected with DRM by default, given the overhead (an available Windows 2003 server to authenticate/authorize) required. Never mind interoperability and backwards compatibility; you couldn't work on such a document on your laptop on a plane, or anywhere you didn't have connectivity and VPN access... No way would the business community put up with that sort of crippling as SOP, even if they wanted to turn it 'on' for certain documents.
geek. lawyer.
Yes there is always the arguement that DRM will never stop an employee jotting stuff down from screen to paper and walking with that info, but there is a hell of a better chance someone is going to spot him copying 400+ pages of information, whereas with no DRM he could jsut copy the document and walk.
It says in the article that this was a feature that customers had requested, and I for one can fully beleive that. Expire documents when they become dangerously out of date? Fantastic (think of health and safety!). Dont want an accountant to walk with sensative finacial information they get emailled? Dont let them print the document or do anything other than view it.
Employers need to trust employees, certainly, but that trust also needs to be earnt. And yes you can emulate a lot of DRM with other means (no printer) but then that restricts peripheral things as well.
Even if the developers of a competing office suite could figure out how to get their software to open an Office 2003 document, doing so would be a DMCA violation, since they'd be bypassing an anti-circumvention device
This isnt MSs fault, this is the fault of a dumb law, and thats it. Want to blame someone for that? Blame the people who let it get voted in - the US populas.
It has been said before that MS Office has not had any real good features since office 97, and that this is a feature that will force people to upgrade. My view is that yes a lot of people will upgrade because of this, but not forcable. They will upgrade because tehy WANT these IRM features, as it gives them more control.
The last paragraph in the article states: ""It's not going to be adopted en masse, but I think they'll have a good rollout department by department for people dealing with more sensitive documents." and this is precisely what the office 2003 release is aimed at, the people who requested the features and who want them. If OOo had this feature before MS Office, I bet you could have enticed quite a few businesses over from the Office series jsut based on IRM.
No, it really won't.
Think of the ways that you can defeat this scheme:
* Print out the document and send it however you like.
* Take screenshots and send the images as JPEGs.
* Use the built-in fax modem to fax it somewhere.
* Copy the text into the clipboard and paste it into another app.
The exploits are endless. You'd have to cripple the entire operating system while the document is open.
I needn't contemplate the absurdity of Microsoft trying to get into the information-security business. Obviously, that's not their goal. Even if it were, it will frequently be at odds with their function of providing a usable operating system.
- David Stein
Computer over. Virus = very yes.
(Yes, I know it's silly, but anyway.)
Curmudgeon Gamer: Not happy
Permission caching? Isn't that self-defeating?
Most corporate-secret theft or destruction cases are an inside job. Competent IT staff (such as the kind that companies large enough to have valuable secrets can afford... not that they do, but they *can*) can, reasonably well, lock down a network from intrusion.
The much harder, and more common, problem is with ex-employees or unfaithful employees sending documents and secrets to competitors. Any scheme intended to squelch this is entirely defeated if permissions are cached.
- David Stein
Computer over. Virus = very yes.
I think OpenOffice is ready for this. I've already deployed OpenOffice for a number of my clients who work with crazy excel documents in the financial services industry. Interestingly, one of the reasons for their interest in trying to move away from MS is so that they can understand the software market better. They have to "eat their own financial recommendations", so to speak, so in order to see if there is viability in any competitor, they have to start using them. This is why they have started testing Linux,OpenOffice, and Mozilla on the desktop. They are also having me rewrite some of their custom network applications in Java, and tweak their web apps so that they're not IE only. This wouldn't be such a big deal, except that it's in a very small firm (~30 employees) which had previously been pretty much all MS. I feel that this is one of the strongest indications of a much larger trend of Java, Linux, Mozilla, OO taking over the desktop.
Most people, even if they can apply DRM to a document, won't choose to do so. How many people change the rights for their local drives to remove access for 'Everyone'?
Furthermore, what's the interplay between NTFS permissions, Share permissions, and these new DRM permissions? That's a lot of permissions to manage. Do I have to set these permissions from inside Word or can I do it in the Finder (Whoops. I mean Explorer. Man how'd that happen?)
Every place I've been, the Finance people already have restricted access to sensitive documents. It's in a folder called "Finance" that only they have access to.
And from there, the DOM should let you get at all the content.
Design for Use, not Construction!
"Newest MS Office to have encryption features."
Would anybody be upset if they integrated PGP into MS Outlook? No? Well, now they're doing it with Word. This is fine.
Obviously, encryption would require changes to the file format. This is a pretty standard sort of upgrade arm-twisting. They're adding a new feature. Woo.
There are no trails. There are no trees out here.
You all hope this would backfire and blow up in Microsoft's face.
I think that is wishful thinking. "Why?" you say? It's quite simple, Microsoft has proven to have more business saavoy than anyone here. I'm just going to trust that Microsoft knows what they are doing when it comes to manipulating the market.
This is just yet another slashdot pipe dream of the demise of Microsoft, Think about how many other articles showing how MS will fail there have been here.
“Common sense is not so common.” — Voltaire
Until the first worm that takes advantage of this super security MS product that is designed to specifically change ownership and access rights to all files on systems then force the the authentication servers to go tits up.
Wouldn't that be a systems administrators worse nightmare. Seems like only a matter of time before somthing like this could happen given Microsoft's shitty history with regards to security.
Or am I missing somthing ?
There are various hacks out there that crack the passwords in MS Office files from 95 up until Office XP. I use Passware, but you can find free ones if you google for them.
Microsoft's password protection is shittastic!
It's a Catch-22 for Microsoft. Either force people to upgrade by mandating DRM (and risk losing everything), or continue supporting legacy versions (and eliminate the incentive to upgrade or use DRM).
I think the only customers who will be "locked into" an Office upgrade are those dumb enough to use the DRM features. The Darwin effect is coming soon, to an office near you.
I think you're assuming that PHBs are rational. They are epecially irrational when the FUD sets in. I have little hope for this, since they're accustomed to buying whatever line MSFT feeds them.
Has anyone noticed that MSFT's stock sort of peaked about 9 months ago and hasn't seen much improvement in the latest run-up of tech stocks? They're looking for something, anything, to convince Mr. Moneybags to slap down even more big honkin' purchase orders to get their stock moving again. As one of the most closely followed companies in the world, their predictable earnings growth has already been discounted, so they need something new, and in a near monoploy, something new is hard to come by.
Helium balloons want to be free.
Get the company legal department and managers involved. Point out that company policy and/or the law requires certain things be done with documents, eg. certain finance-related documents must be kept for certain lengths of time or the company can face fines, certain documents must have file copies made, policy dictates that certain people receive copies of documents. The DRM features in the new Office software may, depending on what the sender sets, prevent the required things from being done. If the creator specifies "no copies", archive copies of financial and/or legal documents couldn't be made which must be made. Since some of the senders may not be within the company and may very well have good reason to prevent a record being made, this could put the company in the position of being legally liable while not being able to control their liability. That's the kind of stuff that makes lawyers nervous, and the lawyers have the ear of the board of directors and executives.
1. Opening their own document, and as the copyright holder they can't very well be infringing upon themselves (though if this were possible no doubt the RIAA would find a way, but that is another topic).
Circumvention is illegal, regardless of who owns the copyright, or if there even is a copyright (ie : an encrypted public domain work).
2. Opening a document gievn to them by the copyright holder, in which they have been granted express use of the document.
We buy DVDs under a licence to view them. That would seem to imply that the copyright holder has granted us permission to view them. Yet decrypting DVDs, regardless of the motive, seems to be illegal.
In Soviet America the banks rob you!
Don't get me wrong, I LOVE OpenOffice.org. But I don't see how getting into "high gear" is going to do any good unless OO.o manages to completely revolutionize the office suite paradigm far beyond what MS has. OO.o is a great *alternative*, but it's not really doing much more than MS Office does and there are some features missing. To get "mind share" (profit can go to hell since that's not why most of us are here), OO.o is going to have to provide above and beyond what MS Office provides. Is that possible? I don't think it is.
Sure, some people might want to jump ship when they figure out that MS is going to hold them hostage with DRM. But that's only going to be a small fraction of office suite users. The majority will grudgingly hand the cash over to MS and upgrade. The only way to get more people to WANT to move over to OO.o or some other alternative is to provide exactly what most coders despise: features. This is what Joe Average is interested in. Yes, I am aware that OO.o has some features that distinguish it from MS Office, but it's not enough of a difference to really count.
An example of a feature that an average user would find "useful" no matter how stupid it might sound to a true geek, is say... self-contained executable documents. If a user could write something and then save it as a "self contained" document that was platform independent, I think it would be a feature that goes beyond MS Office. Think about it... the user saves the doc and then e-mails it to someone. The recipient can then just open the attachment WITHOUT needing to have OO.o installed on their machine... or MS Office... or ANY office suite. Instead the document itself comes with an exectutable that provides basic reader fearures, possibly an executable that will install a lightweight editor, or even contains an editor itself. Obviously it wouldn't have all the features that OO.o contains, but just enough to read and maybe edit.
Or... maybe the document would never get sent to the recipient. Instead the document would remain on an HTTPS accesible document store. The recipient would get an attachment that contains authentication to allow seamless access to the https document store and a path to the document. Along with this document store is the ability to "edit locally" which would give the user the option to run an editor over the HTTPS link or use a locally installed editor depending on the situation. This would go well beyond anything the MS Office suite does now and would appear to be far beyond MS's current mode of thought.
That's where things need to go if MS is to be usurped of the office suite mindshare that it currently posseses.
Un-news
You know, I was thinking about this just today. I realized that they can't just do this without providing an option to turn that kind of "encryption" off. The last I heard, they were doing the same thing with Windows Media Player.
I have and continue to produce my own (really bad) music. If I am using Windows Media Player to rip (or burn) a CD of my stuff and I want to distribute it for free (I own every imaginable right to the music), then I should be given the option to turn this off.
I think that if they don't provide an off switch, a lot of companies are going to get pissed off and find viable alternatives.
Another thing to think of: will they be doing this upgrade for Mac as well?
I concur with your points. Documents that I write must be portable. People already get pissed off enough that I use OOo (because it doesn't do all the formatting Word does) -- I don't need to be forced to buy Microsoft products to do my work effectively. This is, shortly stated, what we would call a monopoly. Point blank.
www.sitetronics.com/wordpress
Hmmmm...
I wonder if this "feature request" was generated by the execs at Arthur Andersen or Enron???
~~~ Trust me, I'm a professional! ~~~
Unless the rights to print such a document are still allowed, it would mean that corporations can get away with hundreds upon hundreds of scams, illegal activites and everything else that our nation's current corporate climate has bred.
This isn't going to change anything. Today a technically competent corporation can secure documents using certificates, PGP, etc. If they really want to cover their tracks they can do so. Better yet, they can do their dirty work only on paper, then shred it when the feds show up. Seemed to work just fine for enron.
This sig has been temporarily disconnected or is no longer in service
Do you think MS doesn't even use their own software? ...
Personally, I see this being used in corporate law departments and in R&D divisions, where the ability to lock people out of something even if they do have possession of it would be invaluable.
The next time MS gets sued, how many of the documents subpoenaed will (via DRM expiry etc.) be unobtainable by the other party?
If Sun or some open source team developed an import filter that circumvented microsoft's drm, microsoft would never win a legal case against them. It's easy to use the DMCA to try to go after people who have all the appearance of pirates. It's an entirely different thing to go after a corporation that's clearly using the cirumvention to provide compatibility and competition.
Furthermore, if Microsoft won the DMCA suit, they could be immediately prosecuted for using the DRM as a lockout to maintain their monopoly. Hell, they could be sued even before that.
This sig has been temporarily disconnected or is no longer in service
As much as I hate the idea of being sucked into XP or 2003, let alone Office getting DRM built-in,
1 - The rights-management stuff is off by default, says the article.
2 - I do infosec work regularly and I can't get people to use good passwords, and the further from geekdom they get, the faster they forget or circumvent password mechanisms. That's something easy. Key management and other DRM aspects are complex enough to get wrong any one of a dozen ways (either too tight or too loose).
3 - Imagine a pointy-hair reacting to you telling him that he just DRM'd his ass out of his own spreadsheet... forever.
I predict this 'great idea' will be rarely used since 99% of people can't be bothered to do much easier and less dangerous security tasks. Further, some companies will probably just ban it's use (since an employee can lock the boss out or stuff could accidentally get wrongly locked). It will inspire fear when people get burned. And a fair number of 'forced adopters' will go to gray market earlier versions and stop the upgrade treadmill completely, or jump to alternatives.
Oh, and imagine the fun if it does get put in: the boss makes you work overtime to get a report in by Friday night (Monday won't cut it!), so you stick in DRM to expire it at 9am Monday, so he has to call for a resend. Send inflamatory messages with a one-read, no-print, expires-forever rule so your flamage has a chance of evaporating after impact. And the geek-chic power of being able to screenshot someone that does the same thing back at you and get their ass fired.
A last comment: if you want to help the undoing of the MSOffice stranglehold, take stock of your own personal and business relationships and pressure anyone you can (not customers, not the boss or people who will hurt you for doing so) to use non-office methods. Politely ask sales drones to resend stuff in a non-Doc/Excel/Powerpoint/Viso format. When asked, spread FUD!: blame microsoft-laden viruses and them being less-trusted. But start the revolution by inconveniencing them. The monopoly is due to habits.
That's fine until a BIG customer like say, Ford or GM start using this stuff. Think they'll change or resend? Nope. They'll just cut your contract and give their business to someone who will listen to them. What Open Office needs is someone like Ford or GM to switch to it, and force a trickle down effect. So if your local 800lb gorilla switches, then look for most of the businesses in your area to switch.
I already make a point of insisting that people who send me .DOC files resend them in a vendor-neutral format -- even though I am running windows!
"Freedom means freedom for everybody" -- Dick Cheney
Some of you people never cease to amaze me with your anti-Microsoft FUD. I'm no Microsoft fan but some of your responses here are laughable. Look it's not going to come turned on by default and if you want to use the DRM you're going to need a server. The server requirement pretty much ensures that joe-six pack (who gets office bundled with his PC) is never going to use it. Offices where users take documents home to work on aren't going to use it.
Sane IT professionals won't bother with it. I would never trust my information to a Microsoft DRM enabled format that requires an authentication server. Can you imagine what will happen when the inevitable bug / worm / virus totally screws up the server and causes all of the authentication information to be lost. Everyone in the office is locked out of their documents for a day while the authentication server is brought back up. Especially after the hassle that was Blaster and SoBig, the last thing a sane IT department would do is implement Microsoft DRM that requires an authentication server to be up and running to open documents.
This is hardly a plot by Microsoft to lock users into the Office format. If DRM didn't require a server, was enabled by default and Clippy urged you to use it, then I'd be suspicious. As it stands now it appears to be a feature that was made to appeal to certain departments within large business and it will no doubt prove to be more trouble than it's worth.
"You'd have to cripple the entire operating system while the document is open."
l ladium.html
Did you not read that part of the plan?
http://www.epic.org/privacy/consumer/microsoft/pa
If you're mentioning that in reference to such things as legally establishing a timeline (patent prior-art, copyright, etc), an IP lawyer once told me it doesn't work. It might if you have a tamper-proof envelope, but otherwise it won't hold up.
Do you think MS doesn't even use their own software?
It doesn't matter if M$ uses their own software, they don't produce even good crap. At least from my experience, it doesn't matter whose dog food they are eating, it is still processed dog food, i.e., shit.
One. In 1987 or so, I had to use the M$ debugger. Whenever you stepped into a C subroutine that it didn't have the source for, it dropped automatically into asm mode, and when you stepped back into the source code, it did not erase the registers and other parts of the asm debug display before putting the source code back on the screen, so it was a weird mixture of asm register leftovers and source code and line numbers. How could they ship crap like that, did they never use it themselves?
Two. In the early 90s, I had to use Word to maintain technical documents. Whenever we revved the software, even for minor tweaks like the copyright date, we also had to rev the documents. So we would edit, changing only the date and rev number, and it would screw up the pagination, with the last page printing as page 33 of 32. This happened maybe half the time. Sometimes a quick change and backspace would cure it, sometimes a print preview, sometimes half an hour of cursing and fussing would be required. You will never convince me they hadn't encountered this bug themselves. We all ran into it.
Three. Several years ago, I had to use the M$ development environment. In the first day alone, I found four bugs. Now maybe I just don't use it like the manual says, but they shouldn't have been present anyway. The only one I remember now is that I would click on the button to add a function or variable, it would do so, I would hit the X to close the window, and apparently that was not the proper way, because the next time it had to open that file, it would yap that the disk file had changed, horrors, should it reload?
I hardly ever use M$ software, those three periods were probably the only times in the last 15 years, which means they are 3 for 3 in producing shit. That's a pretty atrocious record.
M$ produces crap software. That is why I have never liked their products, along with frozen unconfigurable features, lack of control, updates which introduce incompatibilities just for the sake of forcing upgrades, and so on. Dislike of Bill Gates' ethics is a poor second to all these reasons.
Infuriate left and right
Another story that seems to be running wild. I have been using the Beta of this product for months and have been sharing documents with people to no ill effect. Also Word 2003 has an optional XML save format that has every feature of the .doc version. One can convert back and forth with NO loss of functionality. I think the DRM features can be enabled if one wants but its not the default. BTW Office 2003 is quite good.
I am not a Microsoft groupie (goes back to installing Linux)
Sure, permission caching can be self-defeating if you set the cache to hold on to an authentication token for a year. But this is a general problem with permission cacing in general, and not unique to anything Microsoft might choose to implement.
Maximum security requires frequent re-authorization. Daily. Hourly. Every 15 minutes.
A good authentication server would be able to tell you who has a cached authorization token, so then when you decide to revoke access to a file you can tell which people have a cache token on their laptops that you need to kill ASAP.
So far as leaking secrets to competitors, the DRM "solution" simply requires you to convert across an independent medium... printout, screenshot, photograph of screen. The only thing this "DRM" provides is the ability to mass-distribute a document within a company without worrying that someone might be on a mailing list that they're not supposed to be on... since everyone has to authenticate to read the attached document, they'd have to use an authenticated account to read it.
Have a nice little TCP server that authenticates a user through a SSL connection, accepts an encrypted document, see if user has permissions, and if so, decrypt data with the creator's private key and spit it back to the client OOo program, which will display it in the document window. I don't think it would be really hard to code.
OOo people, do you copy me? (pun intended)
I understand all the uproar, but I seriously think this isn't going to have as big an impact as people are predicting. As an editor, I have to send documents back and forth. Rights management doesn't mean squat to me; I have contracts to protect my rights. If an author sells something I own, he's out of work. If it's really serious, I sue him. I don't need to have any of that nonsense built into my word processor -- all I need to do is edit documents, and those documents will regularly trade hands between all sorts of people before I'm done.
I imagine the real audience MS is targeting with the DRM stuff is the "enterprise" customer -- somebody with sensitive documents that are supposed to stay within the enterprise, and not get leaked out to other people. This is a specialized application with a specialized audience. If you want to use Microsoft Word to write documents that other people can read, you'll still be able to do that. Hell, if you're that worried, have Word save them as RTF.
Breakfast served all day!
This argument has been made before, by myself and others, but now I'm not so sure. My doubts are primarily due to one of the answers the DOJ lawyers gave (see the answer to Question 3) during one of those "Ask Slashdot" articles. Meet the DOJ's 'Anti-Piracy' Lawyers
The DMCA protects the authors' right to decide who gets access to a protected work and provides severe penalties to anyone who offers technology to circumvent the author's rights. But the author does not get to choose which technology is used to control access, only whether access is granted. I don't think any technology could be viewed as circumventing the authors access controls if it didn't actually do so.
An example will explain this better. Suppose I were to manufacture a DVD player which uses DeCSS (or some other non-CSS licensed technology) to play CSS-protected DVD's, but substitutes some other access control mechanism for CSS? In other words, if you put your copy of The Matrix into my player, it demands that you insert a smart card (specific to The Matrix) before the CSS-encrypted DVD will play. And I will only manufacture a smartcard for a given movie once authorized to manufacture it by the copyright holder for that particular movie.
If the Wachowski brothers (Warner Studios) want people to be able to watch The Matrix on my player, they sell me the right to manufacture the smartcards, and I cut them a royalty check for each card I sell. If New Line Home Entertainment doesn't want to participate, I won't manufacture a smartcard which corresponds to The Lord of the Rings - The Fellowship of the Ring and you get no farther putting that DVD into my player than you would putting it into a CD player.
Provided I built it correctly, my DVD player could not be considered a circumvention device, because it refuses to play CSS-encrypted DVD....unless access has been granted by the copyright holder. I could sell my device even if DVDCCA chose to raise the CSS licensing price to an exhorbitant price, or refused to sell new licenses at all. A publisher who wanted a new marketing route not controlled by the DVDCCA could contract with me to have smart cards sold for the works they specify, those who didn't want to participate would be under no obligation to authorize their works through my player.
Perhaps best yet, I can manufacture smartcards for works which are no longer protected by copyright without incurring liability under DMCA (circumventing non existant access control rights is okay). Additionally, I could manufacture smartcards for classes of people (law enforcement, teachers, librarians) which the courts decide are allowed to access such material (under Fair Use or other constructs) in spite of the authors' copy rights.
Apply the same reasoning to Office 2003 and Open Office. I can create a version of Open Office which can read Office 2003 documents, provided I respect the authors' (not Microsoft's) wishes in controlling access. If you are the copyright holder for your own Office 2003 documents, you can authorize yourself to read your own (but not other people's) documents. I just have to figure out how to read the proprietary format, and how to ensure that my software only grants access to documents which the author is authorizing.
The thing about things we don't know is we often don't know we don't know them.
Since you mention the evil ebook, I must rant, fuck my karma:
I have just been bitten by an ebook wielding website that I subscribed to before realizing the format they used. It required rebooting into Windows, using IE and installing Acrobat 6 to even download the data from their site. Acrobat 6 blocked most attempts to print to pdf etc, but I finally got PS output by installing an HP PS printer on the FILE: port. ps2pdf under Linux refused to convert the file citing redistillation not allowed. I'm hoping good old ghostscript will work, but I will have to tinker with that later tonight. In short, it's been a MAJOR PAIN IN THE FUCKING ASS to use a portion of a book that I have paid money for outside of a single program made by a single company on a single OS on a single PC. Welcome to DRMworld.
This shit will almost certainly hurt MS in the long run. That's the _only_ beauty in it that I can see so far.
"Gold still represents the ultimate form of payment in the world." - Alan Greenspan, 1999
Ermh, sorry but how 'bout Kerberos? M$ AD implements a bastardized Kerberos proto/server already and so does W2K/XP. All M$ is doing quite simply is a kernel module to cache a bunch of AD kerberos keys and adding an API to access it. No real innovation as usual, just a cute package and (hope not!) some lousy patent. You could do the same too, say a cryptfs (not loopback mind you) that recodes it's content on some expirable/renewable kerberos key (road warrior checks out laptop for approved mission and gets 48h validity key). The driver itself would have to trust the app calling the API (say, hashing it's core against a list of known good signed ssha) so it's Palladium again. This also means that the whole scheme is trash without Palladium. As far as I'm concerned it all depends on how open the root certificate authorities are. If company A can issue it's own CA and sign company approved kernels (I'm talking linux of course) there's no problem getting OpenOffice to work. If company A wants to export the file to B there's the problem of the middleman CA: if it's only M$ well, VeriSign will get pissed and everybody will argue against the monopolistic position. I feel they'll take their broken Kerberos (how 'bout taking and not giving back!) and offer SDKs under nasty EULAs. That's quite a strategy to weasel their stuff into the NAS,SAN server room; some 100 metric ton Gorilla investing in Linux won't be pleased ;-)
Mi domando chi à il mandante di tutte le cazzate che faccio - Altan
This is all from memory; should be easy to document.
Microsoft has lost most of its major court cases.
Shit. Microsoft beat the US government in an open and shut monopoly case. They got away with absolutely zero punishment and zero change in behavior. Campaign contributions can win any legal battle.
Heh. Microsoft owns Virtual PC now. The last Microsoft operating system VMWare will be able to support is Windows 2003 Server.
For the sake of argument, assume that it is true that the DCMA legally prevents me from breaking an encryption that a movie production company has placed on it's DVD to prevent me from copying it, ignoring for the moment the side discussion that copyright laws says I can make copies for my own use. A legal argument can be put forth in court because there are two parties involved in this contract and encryption scheme... MGM and me. It doesn't make any difference what the encryption method is, MGM has used it specifically so anyone who has access to the media can't copy it, because they own the rights to the content and they say so. (OK
Why would that law prevent me from breaking the encryption on a document that I have created? I do it all the time in order to read it, so what is the problem if I want to do it in order to use it from another program?
Where is it said that I cannot provide a product that enables a user to decrypt documents that they already own,that they have created, or given someone else the right to read? It's not breaking an encryption if it's your own document, is it?? If I can reverse engineer the method M$ is using to extract the key and decrypt it, and use all the authentication M$ is using, why would that not be legal??
It appears to me that it would only be illegal to provide a method to break the encryption of a document that someone does not have a right to.
Just wondering.....
I rarely read replies, it's my opinion and if you thought about your opinion a little more, I'm OK with that.
very close...
about the Microsoft not being the copyright owner, you have an interesting point that I hadn't considered. That makes things complicated beyond my understanding of this law.
When you purchase a DVD you have the right to watch the movie and special features contained on that disc, and install and run any "enhanced DVD" software on one computer.
Additionally, you have the right to give up all your rights and transfer them to another individual.
A DVD player is able to decrypt the DVD using a complicated algorithm to determine the encryption key.
DVD players are NOT circumvention devices for a very important reason:
They have entered an agreement with the DVD copyright holder (or, in reality, its authorized agent) to be allowed to access the disk for the single purpose of playing DVDs in the manner that the copyright holder allows.
Remember that the encrypted disk / decrypting DVD player combination together make up the "access control scheme" that controls who can do what with a DVD where and when.
The DMCA does not say that it is not permissible to create a device capable of accessing a protected medium, but that nobody may create a device which circumvents an access-control scheme.
1. I highly doubt that the average creator of a a word document cares about DRM on their document.
2. Some people may upgrade to Word 2003, but inorder to communicate with those that don't have Word 2003, they will not use DRM. Plus, DRM is not on by default. So there will be no incentive to upgrade.
3. If I use Open Office, Word 2003 users can still read documents that I create. If T need to read a doc that is DRMed, and it is important, the author can send me a copy that is not DRMed.
In the next few years, companies will be looking to cut costs. I don't think very many companies are going to be looking forward to paying more Liscening fees to Microsoft. Especially if users aren't asking for upgrades, as their software already does more than they need it to.
Also, about them creating a plugin for to view DRM in EI. If that isn't a Monopolistic practice, I don't know what is. "As long as you run our Operating System and use our browser, you can view DRMed documents. If you do have the rights to view the document, but don't use our software, screw you".
I really don't see any problem with Open Office providing the same DRM functionallity as Word, as long as they are only letting those viewers whom are supposed to see the document see it. Keep in mind that they haven't DRMed the DRM algorithm.
DRM won't affect secrecy, though it is likely to amount in lost productivity among legitimate users trying to open documents. This is for two reasons. First, Microsoft can do what they want with your data and they have the keys. Second, they have such a bad track record for security that it will pretty much be only legitimate users who will be affected.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
This could actually be a big opportunity for open source to seize the initiative.
.Net with a remote database?)
I have seen various programs that act as add-ons to MS-Office, e.g. footnoting software that gives Word the ability to have a decent referencing system for use in proper academic and legal documents (called EndNote or something). Is there any reason why we couldn't write an open source DRM standard and then implement an Office plugin to provide functionality for MS users? I can think of a few benefits:
- there is an incentive for people to use a system that is transparent and therefore free from MS shenanigans
- there is a very big incentive for business to use a standard that all of their partners/suppliers/employers/customers can also use irrespective of their OS and software configuration
- people love the word 'free'
- an open source standard could easily be implemented to run on practically any system, whereas MS's system will no doubt require very specific MS networking/security protocols to be installed and configured (ever tried to use
- and most of all, open source cannot win battles it is not in. We must comprehend that we are not talking about the 'DRM v no DRM' battle any more, we are talking about the 'MS Secret DRM v Open DRM' battle. We can't win that if we don't have a contender, and by contender I mean a contender that people running Windows with Office can use. People who think we can just say, this whole thing sucks, we don't want DRM at all, are dreaming if they think that will stop it from happening. What we need is to seize the initiative and create a version of DRM that is the best option for business and individuals. Furthermore, we can't stick with Linux and hope that enough people switch to let us win - there must be a focus on fighting MS with open source on its own turf, the Windows family of OSs.
Now we just need someone to actually do it...
Read Pynchon.
I read a book about a runaway jury who refused to convict or some such thing based on the jury's feeling/belief that a law (DMCA in this case) did not apply or was unjust... Naah never happen in this country.
;-(
;-)
In the US property rights (DMCA=IP Rights) are sacrosanct and where normal individuals don't own even the right to read/view purchased or licensed 'content' in the living room, bathroom, bedroom, workplace with the device of their choice.
At some point I would hope folks (including corporations) will get fed up with being told what is good for them, how much it will cost and just paying the bill.... again and again...
But again I suppose that idea is more than a little utopian. We've been following MS (and by tactics RIAA, MPAA, and others) around like sheeple for 20+ years now. MS Office with DRM sounds more than a little like the judas goat bell ringing. Dinner bell for the rich kid in Redmond I suppose. All to feed the mavens of tech stocks with no long term intrinsic value. MS has yet to deliver ANYTHING innovative or of lasting value. Sheeple will continue to buy this trash though.
I'm voting with my feet... straight to the likes of staroffice, openoffice, thinkfree, etc. If my company goes, they will get my communique's in simple text, or RTF.
mdw