Slashdot Mirror

← Back to Stories (view on slashdot.org)

E-Mail Controls in Office 2003

Posted by CmdrTaco on from the inevitable-results dept.

TiggsPanther writes "The BBC's Technology News reports than the next version of MS Office will include E-Mail controls which should limit way that e-mail messages can be forwarded. Being tied into the Information Rights Management concept, it might be interesting to see how quickly this gets taken up."

12 of 443 comments (clear)

  1. Only looking out for themselves with this by wang33 · · Score: 2, Interesting

    The only reason they are doing this to stop the leakage of internal memo's about destroying linux etc. But I assume that employees will still be able to print emails, so its all kind of pointless imho.

    Wang33

    --
    PAGERANK++ Robsell.com
    1. Re:Only looking out for themselves with this by Tim+C · · Score: 4, Interesting

      But I assume that employees will still be able to print emails

      Why do you assume that? Why do you assume that the print function will be enabled for protected emails or other documents?

      Now, I grant you that no technological scheme can completely prevent information from being leaked - it can't stop me taking it down with paper and pen, or photographing the screen, etc, but it can at least make it difficult to do. Also, while the photogrpah would be harder to refute, my hand-written scrawl copy of an email could easily be dismissed as a forgery...

      I can see this being very useful for companies and even some individuals, but essentially, there is no technological way of protecting data from redistribution by its intended recipient. It's not going to be as easy as just hitting print, though.

      --
      It's official. Most of you are morons.
  2. Re:Cutting and Pasting by s20451 · · Score: 2, Interesting

    Well, that might be prohibited under a strong DRM scheme. However, there's certainly nothing preventing me from whipping out my digital camera and taking pictures of the screen, then forwarding the images to whomever I please.

    Better yet, it could be one of those cell phone cameras. Technology gives back what technology takes away.

    --
    Toronto-area transit rider? Rate your ride.
  3. Re:Dialog Box by Saxerman · · Score: 4, Interesting

    At first I thought this was a patch to prevent future email worms, but this is just more DRM management. Besides sounding like the Emperor's New Clothes, for this to work wouldn't your mail client have to query the recipient to make sure they're going to pay attention to whatever rules you apply to your forwarded mail? And, of course, query it in such a way that you can't get a spoofed reply forged to look like a legit MS approved mail client?

    This sounds like that phone plan where you only get the discounted rates if you get all your friends to sign up with the same plan. Except in this case the rates aren't any cheaper.

    --

    A steaming cup of soykaf would be real wiz right now.

  4. And non- Windows-2000+ platforms? by pwagland · · Score: 2, Interesting
    Microsoft says a free viewing program will be available for those who receive a protected document but are not using Office 2003.

    <snip>

    But the programs will only run on a PC with Windows XP or 2000.

    So, what happens when you want to send the e-mail to your family, who run Mac/Win 95/Win 98/Linux/Other Unix Variant?

    Platform lockin anyone?

    Having said that, it is a good idea. But totally non-enforceable without community buyin, and when you have community buyin it is easily circumventible...

  5. Mute the world by LittleBongoMonkey · · Score: 2, Interesting

    I just see the next wave of Worms setting lifetimes on all my email to 0 and blocking all incoming mail from people in my office. Genius.

  6. Re:content management? by blizzardsoup · · Score: 2, Interesting

    Is print screen disabled if office is not the active/top window? If not, open a small window, leave it on top (out of the way), cap the entire screen and clip what you want.

    If print screen is disabled whenever any office product is running (aka all the time since most users leave outlook running all day), this presents a serious usability issue for the desktop and would make it time to install a 3rd party screen capture app.

  7. Typical slimy behaviour by swordgeek · · Score: 4, Interesting

    Look, can we put the DoJ onto this NOW, rather than after MS releases it? Clearly sending proprietary format email violates the MS anti-trust settlement, and if we get someone working on it now, we won't have to deal with this piece of shite.

    There is nothing here--NOTHING--that can't be done with existing protocols. PGP anyone (or GPG if you prefer)? I seem to recall that it had a 'read-don't-save' flag that you could set.

    Furthermore, this won't help anyways. Hasn't anyone heard of screencaptures?

    This new "feature" has no purpose other than to lock people into MS Office even further. It's a political trojan horse.

    --

    "People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
  8. Re:Dialog Box by Johnny+Mnemonic · · Score: 2, Interesting

    The requirement of a .NET passport account probably means that the key for the decryption is held by MS directly. This is no surprise. However:

    • Can corp customers manage the keys themselves, in essence being their own .NET passport server? I'm unaware if this opportunity exists in the .NET framework.
    • If the answer to the above is yes, would it prevent someone outside the corp network from being able to authenticate against the corp .NET server, and thereby prohibited from reading the email?
    • If the network becomes unavailable, will I not be able to get my auth key, and thereby not be able to read email on my local HD? Or once unlocked does the email remain unlocked?
    • I'm never, ever, going to use a "MS viewer" for my email. If they expect this service to catch on, they would implement the key exchange as an open standard, that alternate email viewers could write plugins for. That's bad enough--but requiring a proprietary viewer? Emails sent to me requiring the use of this will be bounced back as "undeliverable".
    • Not to mention, such email will probably not be scannable for attached viruses (presumably the entire email is encrypted, including attachments)--so either virus checkers will have to bounce them automatically, or let an unscanned email through their gateway. Great.

      In fact, that last is almost sure to kill this idea stillborn, once the threat is realized. Would you allow a certain percentage of your email through without being checked? Or would you bounce it back, first?
    --

    --
    $tar -xvf .sig.tar
  9. Re:The real agenda? by MultisSanguinisFluit · · Score: 2, Interesting

    One can adhere to e-mail standards and still require special readers...

    The MIME type for these messages is "application/x-microsoft-rpmsg-message".

    --
    > get tea
    No Tea: dropped.
  10. This isn't Email by onyxruby · · Score: 2, Interesting

    This isn't email, this is a server based document viewing system. Email is a system of forwarding text from one computer to another through at least one email server. It can have attachments, and even shiny graphics. But it is a message that has been sent.

    It stores the material on the server, and truely just sends a notification to someone. The notification itself is email, but that's where email ends and DRM begins. Since the email is really just a link to a server where the document can be viewed, it can't be viewed by "untrusted" platforms.

    This is why these emails are only accessible by people with certain operating systems that can be "trusted". Since they can never truely lock out any MS OS short of W2K or XP (arguable on those as well), they aren't going to have a client for anything else. Even with these you'll have to have the client DRM software. You know the software that intercepts calls for things like "print screen", the software that could only be written in Redmond?

    This is one way for Microsoft to get the masses to install DRM enforcement software. You know that new job your looking at? The one that requires completing paperwork through a DRM compliant system?

    There is a reason that this feature requires Server 2003 and so on, it is because it is an interlocking and interdependent license obtainment system. So the question becomes, since this isn't email, what do you call a centralized document viewing system?

  11. Re:The real agenda? by Anonymous Coward · · Score: 3, Interesting

    I can think of a few reasons why I would not permit this system in my business:

    Hate mail: If a (criminal) employee sends another employee hate mail or simply inapropriate mail that (s)he can't print, forward or save the company will be sued (eventually) for creating a hostile work environment.

    Legality: Self destructing communication is almost certainly illegal where it concerns the company's finances, policies, environmental records etc.

    Security1: A false sense of security will encourage people to write e-mail that they would NEVER put in open communications.

    Security2: Employees will be able to mail items such as source code, to trusted recipients while making it hard to detect the content of the messages or prove it later.

    Security3: Rights management implies encryption or it is readily circumvented. Do you want your company's essential and confidential documents encrypted and managed by Microsoft software? What happens if the system administrator gets a bug up his/her but and encrypts the whole lot with a truly random key and quits? Trust the backdoor? Did anybody out there lose data on a Win2000 or XP encrypted folder because you forgot the key or re-installed the SW? What if the SW is faulty and corrupts the document database?

    Security4: What about a virus or worm that exploits some 'feature' of the system and it kills your mail system or the patch makes it incompatible with earlier versions that inadvertently expires your entire document database?

    Security5: If the message arrives encrypted I can not scan it for malicious attachements. The intended recipient opens it and executes the attachment. Back to square one with incoming viruses. I would like to bounce all encrypted incoming mail with a polite meassage asking that the mail be re-sent in a standard format.

    Except for the encryption issue, all the points raised here have solutions but it makes my life more difficult. Also, the existing e-mail system is not broken so why fix it. Secure mail through PGP is possible, easy and dare I say it? Really secure.

    There was a time when a company could not safely fire its DP manager or senior programmers. I see that state of affairs coming back to haunt us all.