Metadata in Vista Could Be Too Helpful

linumax writes "Windows Vista will improve search functionality on a PC by letting users tag files with metadata, but those tags could cause unwanted and embarrassing information disclosure, Gartner analysts have warned. Search and organization capabilities are among the primary features of Windows Vista, the successor to Windows XP due out late in 2006. While building those features, Microsoft is not paying enough attention to managing the descriptive information, or metadata, that users can add to files to make it easier to find and organize data on a PC, according to Gartner. 'This opens up the possibility of the inadvertent disclosure of this metadata to other users inside and outside of your organization,' Gartner analysts Michael Silver and Neil MacDonald wrote in a research note published on Thursday."

Oblig. Nelson

[gardyloo]

Windows Vista will improve search functionality on a PC by letting users tag files with metadata, but those tags could cause unwanted and embarrassing information disclosure, Gartner analysts have warned.

        Ha-ha! You're using Windows!

Re:Oblig. Nelson

[TubeSteak]

Yea, well at least my box can't get r00ted

/windows has no root
/storms off

Re:Oblig. Nelson

[Koohoolinn]

Ha-Ha! Your metadata is showing!

Re:Oblig. Nelson

[RyanJBlack]

Reminds me very much of the Cat Schwartz (not a fan, don't know her name, she was apparently some TV commentator) brouhaha on the 'Net a year or so ago, when she posted pictures of herself on a blog that were cropped to contain only shorts of her eyes and mouth. But when you looked at the metadata for the file, there was a thumbnail showing she was naked and smoking a joint (or, at least, smoking something). Talk about your metadata showing!

Windows Insecure???

[clr211]

The new version of Windows will be insecure???

Say it ain't so.....

Re:Windows Insecure???

[antifoidulus]

I know it's trendy here to bash windows, but this is FAR from a windows specific problem. Any file system that contains metadata could enable inadvertant disclosure of information, be it windows, mac, linux etc. The solution basically is to ensure that either a)your users are aware of what metadata is and how it works and to make sure that they get rid of any metadata on sensitive documents that they may send out or b) failing that, don't use the metadata.

Re:Windows Insecure???

I know it's trendy for astroturfers to describe every Windows vulnerability as typical of all operating systesm, but such problems are FAR from being as severe on Mac & Linux systems, which were built with a much greater focus on security.

Re:Windows Insecure???

You base that on what, exactly? Do you even know what metadata is? Explain how the same problem would not exist on a mac or linux system also using metadata.

Re:Windows Insecure???

[TubeSteak]

AFAIK the only two companies that cause people to regularly get publicly humiliated due to meta-data are:
Microsoft (Office)
Adobe (PDFs)

If you can think of any other companies that keep turning up, you let me know.

Re:Windows Insecure???

[charlesnw]

Well when vista comes out and people start using the metadata I imagine there will be plenty more :)

Re:Windows Insecure???

[LnxAddct]

Um... did you forget about that other option? Keep metadata specific to the computer. Infact, never have it directly attached to the file data. One simple way to visualize this would say you have a file access table, this table is essentially array with one column being the file name and one column being its beginning sector, one column for file size, and now you just add another column for the start of the metadata and the size of it. Essentially treat the metadata like a separate file that is pointed to by the real file's table. When you copy the file through the shell (including explorer), the program doing the copying could go out of its way to copy the metadate with the file, but by default the metadata should not be moved with the original file, no matter what. Now when you upload a file, the browser or email client will by default not send the metadata. Pretty simple concpet really, infact I convoluted it quite a bit in the above explanation. Essentially keep metadata local and unattached to the file, just because you send me a picture doesn't mean I want the metadata to say "my children", because they are actually your children, not mine, and I'd have it say "my nephews and nieces" or something like that. Metadata is nothing more than the user's personal opinion and idea of what is in the file, no need to send it around by default. I can understand why in some companies would like metadata to stay (i.e. labeling documents as various customers and roles, etc...) but for once Microsoft should start off by making the smart and safe choice of defaulting to no, and let the damn company create a policy to allow metadata in certain files to persist.
Regards,
Steve

Re:Windows Insecure???

[Jugalator]

Uh, can you be more specific what exactly you're talking about?
I'll just disregard that as a troll until then.

Re:Windows Insecure???

there isn't a santa claus either

Re:Windows Insecure???

[morgan_greywolf]

It depends on how the filesystem is designed, actually.

You COULD make it so that all metadata is acesssible to all users.

Or, you could make it so that if you don't have access to the file, you don't have access to the metadata for that file, either.

So it *IS* implementation specific. Sorry.

Any bets on which approach Microsoft took?

Re:Windows Insecure???

[clodney]

Keeping the metadata local prevents the leakage of metadata to the outside world, but would be a pain for me - most of the time I am transferring files from one system to another, and I would want the metadata to travel with the file. If it is a photo that I have tagged I would want those tags to travel with the file. If source code carries info about source control or a preferred editor, I definitely want that data.

Even in distribution situations I often want the metadata. If I take pictures at a family reunion and tag them with date, location and subject, why would I want to suppress that data when I send the photos on to the rest of my family?

I can see it evolving into some sort of notion of private vs public tags, but the obvious flaw there is most people won't know/want to know/bother to use such a system.

Re:Windows Insecure???

[Blakey+Rat]

Perhaps not coincidentally, those are the only two text document formats that get passed around between corporations.

I think you're seeing a conspiracy where none exists. If, for instance, AppleWorks suddenly overnight became the most popular word processor ever, and people were passing AppleWorks bills to the local senator over email... well, you'd have the same problem, because AppleWorks (and most, if not all, word processors) keep the same meta-data as Word and PDF does.

Re:Windows Insecure???

[shawb]

All I have to say is "Follow the money" on the article

according to a compilation by Workshare, a maker of software that strips metadata out of files.

You wouldn't think that they have some invested financial interest in getting the the public overreacted about the dangers of metadata

Am I being reverse paranoid?

Re:Windows Insecure???

[shawb]

Those people that do not care about private vs. public tags will probably not be working with documents that contain sensitive information in their metadata.

Re:Windows Insecure???

AFAIK the only two software companies that major organisations use to publish any significant data are:
Microsoft (Office)
Adobe (PDFs)

If you can think of any other companies that get used in a significabn number of corporations and government offices, you let me know

Re:Windows Insecure???

I believe various courts still use WordPerfect, although less so than in the past.

Re:Windows Insecure???

[idsfa]

You must be joking. Have you never worked with someone from HR? They will happily disclose sensitive data, nevermind metadata, and most of them don't even know what private tags are.

Re:Windows Insecure???

[hesiod]

> All I have to say is "Follow the money" on the article

Well, the first people mentioned in the article (2nd link) were Gartner, who usually appear to jump on the MS bandwagon, IIRC.

Re:Windows Insecure???

[shawb]

Maybe I should have said "should not" be working on sensitive documents. I forgot how the business world actually works.

Re:Windows Insecure???

[node+3]

And besides, running Windows, one assumes private data is at risk by default. :-)

Re:Windows Insecure???

[The+Warlock]

So the solution is for everyone to use emacs?

Sounds fine to me.

Easy solution

[crazdgamer]

If my metadata could be viewed by other people inside and outside my organization, there's an easy solution to this.

Don't fill out the metadata fields!

Re:Easy solution

[shokk]

Or how about... watch how you tag things!! If you go tagging files "my secret romp with Goatse dude" AND you might be embarrassed about it, then _don't tag it_. However, if you're one to shout that kind of crap out to the world, tag away. I think the old adage still applies: "don't do anything you wouldn't want everyone to see in the news."

It has everything to do with human behavior and nothing to do with computer security. As it is, desktop search tools are opening up whole avenues to quickly find the secret smut on your desktop. Do you have a Google account AND search history enabled? Go to google.com and do a Search History and see what stuff you've been searching on that Google knows about. You shouldn't have done a search on "merkin".

Re:Easy solution

that's the fucking point, the metadata is filled automatically

Re:Easy solution

[penguin_asylum]

People can see my metadata?

I always knew that the meta-moderation system was flawed, but this is ridiculous!

Re:Easy solution

[demastri]

The point is that metadata is useful, or even mandatory, for allowing certain internal workflow or functionality, but sensitive enough that you'd never want that metadata to go out with the published version of the document.

I've been on both sides of this problem with current Windows/Office implementations - receiving sales or RFP information that included "hidden" revision or comment information intended for another client, or catching similar information in documents heading out the door.

Within Office, there's a Remove Hidden Data add-in that allows you to clean up documents before publishing. Having this functionality enforced somehow once you leave a specified environment would be extremely helpful, while allowing you to leverage the advantages of tagging your file (i.e. if I do anything that looks like publishing, strip off all the metadata in the process)

$0.02

Re:Easy solution

[SatanicPuppy]

See the problem comes in when MS tries to make it more efficient and more user friendly. I bet you money that most of the metadata will be filled out automagically. Then you get the content provider metadata, so all your pr0n will be tagged "accurately". Amusing stuff. Going to be some red faces come upgrade time.

Re:Easy solution

[conJunk]

absolutely

we enfored RHDtool where i work, and it's really a must-have thing... i've mentioned this story in other comments, but it's so illustrative i'll share again:

this summer, we received some documents from DOJ that were meant to be put on our website... they included revision history data that showed different information about different drafts of the agreement we'd been working on... of course, not every schmo who looks at a document on our website is going to *find* this stuff at all, but it's still embarassing as all get-out to have it up there at all... and we couldn't fix it ourselves because DoJ had of course pw protected the documents... that was fun, trying to explain to DoJ folks what the problem was at all, and then convincing them to fix it

Re:Easy solution

[lagerbottom]

Then from now on send all your mail on postcards instead of in envelopes. I mean, you aren't putting anything in there you wouldn't want to see on the news are you?

Re:Easy solution

[MrNougat]

/me immediately Googles "merkin."

Re:Easy solution

[ecklesweb]

This problem has plagued Sharepoint from early on - not filling out the metadata fields makes something like Sharepoint pretty much useless. Not to mention, you don't have to fill out the metadata fields. Sharepoint fills the metadata out for you when you do the indexing.

Re:Easy solution

[ao_coder]

"Don't put indiscreet information in metadata fields" sounds like a glib response, but I don't think it is. With new technologies, new behaviors often need to be learned.

Because nobody ever gets anything right on the first try, I think we're in for a few years of embarassing stories about people that said too much with the metadata they forgot to strip before passing a file on, but eventually those stories will go away because:

1) UIs will improve so that metadata is considered at every point in which a file is transferred
2) There will probably be some concept of public and private metadata.
3) An understanding of what metadata is will pervade the user community.

Personally, I think metadata tags that would get you in trouble are symptomatic of larger issues that are likely to catch up with you anyway. What successful businessman would EVER even think to use a tag like "bad clients"? Metadata just provides another channel through which bad habits and sloppy thinking can catch up to you.

Metadata makes a lot of sense- and represents a much better way to go about organizing data. I think it's here to stay for a while, and the gartner interview unfairly singles out microsoft for an implementation issue shared by everyone I know that uses file-based metadata at the moment.

Re:Easy solution

[shokk]

Exactly, nothing really interesting there...just bills. Not much more use for the post office.

Re:Easy solution

[lagerbottom]

That is disingenuous and you know it. However I applaud you on getting some clueless mod to take away the extra point I had. :)

Re:Easy solution

[xouumalperxe]

Also known as "Don't use one of the major new features". Given that, since the other really major (in MS's marketing) feature is a new GUI, that I haven't really seen do that much. Why upgrade exactly?

Re:Easy solution

[crazdgamer]

Exactly.

Most office-related business primarily use the Office suite (Word, Excel, Access and Outlook for the most part). Right now, unless Vista somehow improves the functionality of these programs, there's really no reason to spend resources (both time and money) to upgrade from XP.

I don't get it..

[dangerz]

Isn't this like saying Airbags are too safe? I thought whole point of metadata is to make it easier to search and find data? How can it be *too* helpful?

Re:I don't get it..

[$RANDOMLUSER]

> Isn't this like saying Airbags are too safe?

Like Big Bird says, remember to put your infants in the back seat, so the "safety" devices don't kill them.

Re:I don't get it..

[Roofus]

I would *hope* ( and no, I didn't read the article ), that the meta data for each file would have the same security permissions as the original file.

Otherwise, you'd be able to search for the meta data in the private files of other users.

Re:I don't get it..

[mzwaterski]

Someone got up on the wrong side of the bed. I'm pretty sure he was making an argument by analogy. It seemed pretty clear to me. Airbargs are a good thing. They save a lot of lives, but if used improperly (e.g., placing a child's car seat right in front of the airbag) they can be a bad thing (read: deadly).

Turning to the metadata: Having lots of metadata to search can be a very good thing. But, if used improperly (e.g., having the index not properly secured from outside access or malicious software) they can be a bad thing (read: security risk).

So, as the grandparent said: "Like Big Bird says, remember to put your infants in the back seat, so the "safety" devices don't kill them."

Re:I don't get it..

[jacksonj04]

That's what I was going to leap in with. Surely 'public' metadata is just that by definition - naming something "Cybersex with Mistress Oct 2005" will not go down well if it's not user-specific, but if you keep it in My Documents (Vista security model treats this like the /home, so it's only you & admins who see it) then surely the metadata won't be visible.

Re:I don't get it..

[LoverOfJoy]

How can it be *too* helpful?

Because it is helpful to me AND to others. Many people do not want to help others find their files or their sorting methods.

Silly as it sounds, it's possible to be TOO friendly. This is one reason it's fortunate that little children can cry when someone they don't know picks them up and takes them away from their parents.

Re:I don't get it..

[99BottlesOfBeerInMyF]

Isn't this like saying Airbags are too safe? I thought whole point of metadata is to make it easier to search and find data? How can it be *too* helpful?

It is possible for something to be helpful in some instances and harmful in others. Airbags can cause accidents if they go off when something hits the bumper, but would not otherwise have caused a crash. Most likely there are more crashes because of airbags, but fewer serious injuries.

In this particular case, metadata can be great for finding things but many users may not know that it exists, leading them to give away information without realizing it. For a real world example, Word files already contain a lot of information that the user may not know has been added. I once received a request for a bid from a vendor that included metadata to tell me it had originally been written for a competitor and included recoverable information on which components they were bidding on. Job posting forms written in Word have occasionally given me the name and phone number of the person doing the hiring, something that can be very useful if you are looking for a job in the security field. All this information was useful to me, but that does not mean the authors wanted me to have it. Meta-data that is not very visible to the end user, may very well be a security issue.

Re:I don't get it..

[1u3hr]

I would *hope* ( and no, I didn't read the article ), that the meta data for each file would have the same security permissions as the original file.

I did RTFA. The "problem" is you may deliberately send a file, eg a spreadsheet, but along with the file, Windows will have your indexing info, which may give away more than you want ("generic fuck off message", etc). Of course, this information comes courtesy of a company that has a "metadata cleaning" system they want to sell you. Everyone seems to be thinking about porn, but as you said, the metadata should be attached to the file, so if they don't get the file they won't get the metadata.

Re:I don't get it..

Funny, I read the title as Metadata in Vista Could Be Helpful Too

As in, "A feature added to Vista might actually be helpful..."

Re:I don't get it..

what if, when the child was picked up, mumbled the random phrase, "where do you want to go today?" and started telling the stranger the categories of your porn collection?

Re:I don't get it..

[neorou]

Too helpful for hackers to find information in your system... This article was pretty silly. Of course they won't make the system completely secure. Microsoft has been a target of scrutiny now for years. If they come out with a new thing like this, someone is always going to say, "BUT,...IT HAS FLAWS...".

Re:I don't get it..

I'm pretty sure he was making an argument by analogy. It seemed pretty clear to me.

Well, obviously the problem wasn't as clear to the original poster. If he would have used the analogy and explained how it relates to this instance that would be one thing, but he didn't so he's still a dildo.

Re:I don't get it..

[ejd003]

The problem seems like it would be with folks sharing thier entire hard drive on Limewire or other such file sharing software and not with a computer sharing no files or secured. I just looked at the last word in that sentence and then realized, yes this is a problem.

Re:I don't get it..

[The+Ilia]

Ha ha ha. That means you haven't secured your computer. Beware the children hackers.

Re:I don't get it..

[sgt_getraer]

Ever try to show a friend something on the web, start typing the URL, and the browser tries to auto-complete by suggesting 'SuperGaySex.com', that it remembered from some shady link or popup?

Yeah, like that kind of too helpful.

Re:I don't get it..

[Tim+C]

but if you keep it in My Documents (Vista security model treats this like the /home, so it's only you & admins who see it)

A couple of points:

1) I don't know about Vista, so perhaps the default behaviour is different to that in XP, but in XP your "My Documents" folder defaults to world-readable. You can set it to be "private" in the users control panel applet. If you do so, then (iirc) even Administrators don't automatically get access, although they can (if necessary) take ownership of the folder to gain access to it. (I don't remember if I configured the permissions on mine that way or not; it may be that admins do get access, unless you're as big a privacy freak as I am)

2) Similary, I've worked on a number of Linux systems that defaulted all dirs in /home to rwxr-x-rx. There's nothing particularly special about /home in that respect.

Finally, as I say I don't know Vista, but it may be that the meta-data indexing system runs as the local system account, in which case chances are it'll have access everywhere. In that case it'll be up to the interface to it to control access, in much the same way as slocate on a Linux system. (In fact, locate used to expose information in exactly this way - although you couldn't access files you shouldn't be able to, you could see that they existed. slocate was created to fix this)

Re:I don't get it..

[jacksonj04]

XP has world readable folders, but in the Longhorn beta I got (Way back, so ymmv with new ones) the "Documents and Settings/Username" was locked to you and admins. There's a lot more emphasis put on forcing applications to work in least-priveledged account.

As far as I can see, the big risk comes from things like Google Desktop which may use a single index for the whole system, with a cache. Although admittedly if the OS has a decent metadata search built in then there's less chance of Google Desktop even being installed to start with.

We'll see what happens, doubtless /. will find a million things to bitch about anyway. Why let metadata indexing stand out from the crowd until we see the finished product?

Re:I don't get it..

[trooz1]

Next time don't reply unless you can answer the question without acting like a 12 year old that feels the need to fit in, dildo. You responded to his so-called immaturety by calling him dildo?! Yeah, that's professional.

Re:I don't get it..

Airbargs are a good thing. They save a lot of lives, but if used improperly (e.g., placing a child's car seat right in front of the airbag) they can be a bad thing (read: deadly)

Funny you say that. Unlike seat belts, which have a huge body of scientific evidence to show that they save lives and cause minimal harm, air bags don't.

There was a case in Toronto where a women was in a car crash which would have caused minor injury (she was properly belted), but she suffered a fatal heart attack from the airbag inflating rapidly and impacting her.

The benefit/harm tradeoff for airbags is not so clear cut. The only time airbags are guaranteed to be beneficial is when the idiot driver isn't wearing a seat belt.

Surprise?

[cez]

Should it be a surprise MS hasn't taken adequate security measures in the "advance" of its operating system that seems like another attempt to compete with google? I say stick to Google Desktop http://desktop.google.com/. And your own directory architecture for organization.

Re:Surprise?

[Giometrix]

How is Google Desktop more secure than this? Here you have to actively use metadata to make it "easier to search" where as with Google Desktop you have to actively deny access to data... Personally, I prefer the google method, as I don't distribute many files, and I'm lazy; but that doesn't make it any more secure.

Re:Surprise?

[da_matta]

Yeah, Google Desktop is great. First thing the default installation did was to display my porn pics in the sidebar. I wonder if it does the same with SO's account...

Oh Great

Now we have a business analyst group trying to direct a computer software company how to write its software. When Gartner starts making new technology or being otherwise reasonably involved in technology, they can have a seat at the table. For now, this is just horrendously bad policy. Anyways, the Microsoft DOC format already contains a horrendous amount of metadata, the full history of changes that led to the current document, among other things. Where's Gartner's whines about that?

Re:Oh Great

[jferris]

Gee, isn't it ironic the most structured developments start with requirement analysis done by business analysts?

Windows fills a business need. Yes, it is also a home OS, but business analysts tend to work in the broader scope of a user's interest. The "business" aspect tends to throw people off. The requirements that they come up with is key for a product's success (whether commercially, or simply a successful development lifecycle). From the requirements, architects and project managers derive design documents, which are ultimately use to blueprint the software.

I've worked in shops with and without and analyst team, and have done analyst work, myself. Those with an analyst team consistantly released better products, IMHO.

Re:Oh Great

[greenrd]

When Gartner starts making new technology or

Stop. I presume that some of Gartner's employees have actually done some programming - otherwise why would anyone pay attention to anything Gartner said?

Re:Oh Great

[crazydumbek]

Why does Gartner have to have to make new technology to be a competent end-user? If there is a legitimate concern with a product, don't you think that other potential buyers should know about it? Don't you think that the manufacturer should address this concern?

Re:Oh Great

[Trejkaz]

You would think that if they had an inkling of clue, then once in a while they would come out with a report which is worthwhile. I've ever seen an article on Slashdot where Gartner said something and the people said "you know what... they're right."

Surely not ?

[TractorBarry]

No... say it ain't so...

Surely Microsoft aren't adding a feature to Windows without giving thorough consideration as to how the feature will work in a multi user, internet connected, environment ?

After all they've show time and time again how much they cae about these things :)

Re:Surely not ?

I detect an inferiority complex

Re:Surely not ?

It looks like they care about security as much as you care about your grammar.

Re:Surely not ?

What does Computer Aided Engineering have to do with anything?

http://www.google.com/search?hl=en&q=define%3Acae& btnG=Google+Search

That reminds me...

[archeopterix]

My colleague at my former job once sent our boss a report in a file named 'for_dickhead_2003_11'. He changed the file name before attaching it to the email. Unfortunately, a self-reference in the file contents remained, showing the unfortunately chosen first name. Fortunately, our boss just politely reminded him to pick more neutral names, just in case.

Re:That reminds me...

[wombatmobile]

In your colleagues case it sounds like he may have been able to prevent it, but that is not always so with metadata that that vendor includes in your documents.

Re:That reminds me...

[js3]

funny but the problem here is not a bug in the software, it's a bug in the user! If he was professional enough not to call others dickhead he wouldn't find himself in that embarassing situation :)

Re:That reminds me...

[Tlosk]

So you have now taken care of illegitimate information that should never have been recorded in the first place. How does your "solution" resolve disclosure of legitimately sensitive information? Are you actually suggesting that the solution is to not have trade secrets, not have private client contact lists, medical information, pay rates, future plans, employee evaluations, etc.? That any information that should not be made public is therefore by definition verboten?

News?

[olddotter]

Microsoft not thinking about security is news?! Tell me when a microsoft product has reasonable security, that will be news.

But I suppose that for the protection of the unwashed, we should inform them of new flaws in MS products. ;-)

This will be embarrassing...

...if fellow co-workers learn I heart Fabio from the tags in my massive library of rectal gaping porn.

Hahaha, must have opened porn....

[ShyGuy91284]

Nothing worse then searching for one thing, and coming up with a "*ultra-midget-fetish-sex-in-chocolate*" result when your g/f is around.......... That's my biggest gripe of indexers. Too easy to accidently find files. Like search for your g/fs name if you want pictures of her (and she is hooking over your shoulder wanting them), she may see her name come up in a convo between you and your bud that you'd rather her not see.

Re:Hahaha, must have opened porn....

Just as bad are those damn recently opened file lists.

Wife: "Can you enlarge my picture?"
Husband: "Sure, let me open photoshop...recently opened files..."
Wife: "What the hell is 'double_penetrated_teen.jpg'?"

Re:Hahaha, must have opened porn....

[slavemowgli]

... which, of course, would only be symptomatic of a deeper-running problem you and your girlfriend have. If you can't openly talk about your sexual interests, and if you have to hide things from each other because the other one'd go apeshit if they knew about them, then you have a bigger problem in your relationship, anyway.

Re:Hahaha, must have opened porn....

[Urusai]

You need a meta-metadata tag to set your metadata as "private". And in case your g/f gets wise and enables searching for "private" tagged metadata, you need a meta-meta-metadata tag to mark things "private for reals". If she gets wise to THAT, you just need a meta-meta-meta-metadata tag labelled "k biotch, i'm busted, just don't delete mah tubgirl pr0n".

Re:Hahaha, must have opened porn....

[Dun+Malg]

if you have to hide things from each other because the other one'd go apeshit if they knew about them, then you have a bigger problem in your relationship, anyway.

Not necessarily. Even in the healthiest of relationships one often becomes unreasonably annoyed with one's partner, and sometimes that annoyance gets vented to others. There's nothing wrong with (say) griping to a friend over IM that your GF is driving you up the wall because "she just won't fucking shut up about how her clothes don't fit right, but she continues to buy fucking cheap crap clothes; every day she says the same thing in the same annoying voice. SHUT THE FUCK UP!"*. You would not, however, want her to read that particular comment because its wording is inflamatory. Having a good relationship isn't about talking nicey-nicey all the time. Part of a good relationship is knowing when to vent your unreasonable irritation with an uninvolved third party confidant, rather than bottling it up and spitting it in her face one day.

* jesus fucking christ, if I have to hear about my GF talk about her ill fitting wardrobe for much longer, I'm gonna scream. Good thing she doesn't read slashdot.

Re:Hahaha, must have opened porn....

[shawb]

But google desktop search DOES index web pages you have viewed recently. And when you post a comment on slashdot, that means you have viewed it. Therefore your /. comment is now indexed if you have google desktop.

Re:Hahaha, must have opened porn....

[Zerathdune]

Nothing worse then searching for one thing, and coming up with a "*ultra-midget-fetish-sex-in-chocolate*" result when your g/f is around..........

Your tastes frigthen me.

and you can just say "Don't index folder X." google desktop so far has been very good about pretending my porn doesn't exist. don't index stuff you don't want to find.

Re:Hahaha, must have opened porn....

[mattyrobinson69]

> * jesus fucking christ, if I have to hear about my GF talk about her ill fitting wardrobe for much longer, I'm gonna scream. Good thing she doesn't read slashdot.

ditto

Re:Hahaha, must have opened porn....

[mcrbids]

Part of a good relationship is knowing when to vent your unreasonable irritation with an uninvolved third party confidant, rather than bottling it up and spitting it in her face one day.

No. Part of a good relationship is knowing that each other is human, prone to weakness, and liable to make mistakes. Having a good relationship has the occasional blow up. In fact, I'd say that sometimes, bitching, yelling, and cursing is a good way to "clear the air" and come clean with each other. You have a good relationship when things like this can happen and the thought never strikes you to leave.

Hey, you're human. If she can't expect you to be human with the occasional mistakes and irritations, what business does she have expecting any different from you?

Perhaps your problem is that you aren't honest enough with your g/f? If you can't be honest with her without her blowing up, ask yourself: what kind of relationship do you actually have?

Re:Hahaha, must have opened porn....

you are in big trouble when you get home, mister!

your ex

Stupidity 101 ?

[Tom]

Help me out here, but what's so difficult about not storing metadata in-line ?

After 10 years of M$ Word disclosing secret information, you'd have guessed that "a removal tool" as mentioned in the article is obvious to anyone with half a brain as not good enough.

Storing the meta-data in a seperate file, or how about with the other metadata (i.e. with the inode) isn't so hard, is it? And it is quite obviously the right thing. There's even a big, red hint right there in your face: It's called meta-data. Might want to treat it different from the actual data, you know?

Re:Stupidity 101 ?

[$RANDOMLUSER]

I'm sure I don't really need to point out to a 3 digit UID that Microsoft's other efforts with meta-data (the registry) have been less than stellar. Seems like we're doomed to lack of security or a single point of failure.

Re:Stupidity 101 ?

[jbolden]

Because the whole basis of the Dos filesystem is a strong relationship between the computer file and all the information associated with the file. Files don't have hidden aspects. This is unlike the OS/2 situation where the filesystem supported metadata, the OSX situation where "files" from a ueer standpoint are "really" directories. If new windows filesystem had gone off then we would have a whole new model for files (more like a mainframe). But as is, an office document file is really a large collection of files organized inline.

Re:Stupidity 101 ?

What document metadata is in the registry? Unfortunately, I do need to point out a 800K ID that he's an idiot.

Re:Stupidity 101 ?

[CastrTroy]

Wouldn't the MetaData have to be stored seperate from the file? If you put metadata on a text file, then wouldn't that data show up when you opened the file in a text editor? otherwise you'd have to do some fancy stuff with the OS to make sure that it didn't show up. Wouldn't it make more sense to keep all the metadata in one place, so that it could be easily searched, instead of having to scan the whole hard drive just to search the metadata? Are they really planning on storing the Metadata with the file? That's about the stupidest design I've ever heard of.

Re:Stupidity 101 ?

[slavemowgli]

You don't have to collect all the metadata in one central place, either. You could - when you create a Word file, for example - simply create a second file in addition to the actual document, one that holds the metadata, so you'd have one .doc file and one .mdc (or so) file.

If you want to guard against stupid l0sers who will only send/save/copy/move the .doc file and then complain that the metadata is gone, put them together in a zip file (and call it .dzp or so); then, someone who wants to remove the metadata can simply delete the .mdc file in there with any standard zip tool, and someone who doesn't care about these things can treat the container just like they would treat a plain old .doc file.

Re:Stupidity 101 ?

[rpk]

Gee, if anybody needs to be lectured about not storing metadata it's inline, it's the designers of Unix. Special files, directories with special names, using "From" as a message separate in mail files.

Re:Stupidity 101 ?

[$RANDOMLUSER]

You've put your finger right on the problem. Either the data and meta-data are in the same file, (no matter what the extension is) subject to the same security concerns we have today, or the meta-data is in a repository somewhere, subject to single point failures and multi-user versioning problems.

Re:Stupidity 101 ?

[Eli+Gottlieb]

It is pretty stupid, and I can't see why The World hasn't gone the Reiser4 route of storing metadata as sub-files of the file itself, which can be accessed as a directory to look at its metadata and as a file to read it.

Re:Stupidity 101 ?

Storing the meta-data in a seperate file, or how about with the other metadata (i.e. with the inode) isn't so hard, is it?

Windows has already been doing this for years. If I go to the property sheet for a file (on Windows 2000), there's a "Summary" tab with all sorts of metadata. I'm not sure what's new here, unless they found some way to get people to actually fill these fields out. (or they're talking about Office 12 instead of Vista)

I don't know what is going on here really. You can't always store the metadata in the actual data. In particular, that would break simple text files. Why they would start doing that when they already have an alternate mechanism that does it the right way, perfectly functional and in production for probably over a decade... it makes no sense.

Of course if they're talking about Office, that's slightly different. That's been using the crappy way forever, mainly I'm sure because it has to work on FAT and other less capable filesystems. But that's a big difference from doing it system-wide with Vista.

Re:Stupidity 101 ?

[flink]

Windows has a seldom-used feature that allows multiple streams to be associated with a single file. Now I have no idea if this is what they are using to implement their metadata feature, but you could have a document.txt that had the default plain text stream and a document.txt:meta that had the metadata stream. The two streams show up as a single directory entry called "document.txt", and the :meta stream follows the document.txt file around. Kinda like a resource fork on the Mac.

Example:

C:\TEMP>echo hi > foo.txt
C:\TEMP>echo there > foo.txt:meta
C:\TEMP>more < foo.txt
hi
 
C:\TEMP>more < foo.txt:meta
there
 
C:\TEMP>dir
  Volume in drive C has no label.
  Volume Serial Number is 6886-DD2A
 
  Directory of C:\TEMP
 
12/23/2005 02:25 PM <DIR> .
12/23/2005 02:25 PM <DIR> ..
12/23/2005 02:25 PM 5 foo.txt
              1 File(s) 5 bytes
              2 Dir(s) 110,433,406,976 bytes free

Re:Stupidity 101 ?

MS tried that about 10 years ago, but it didn't work out. When you store things as separate files it kills network performance because each little bit of data is a separate network request.

You know how doing "ls -l" on a large directory is slow because it has to stat each inode separately? Well, this is the same problem, only imagine that each bit of info displayed (uid, gid, access bits, atime, mtime, ctime, etc.) were all separate system calls. And now imagine that each system call translated into one or more network transactions. You can see why this isn't the best way to do it.

dom

Re:Stupidity 101 ?

[Tom]

Gee, if anybody needs to be lectured about not storing metadata it's inline, it's the designers of Unix. Special files, directories with special names, using "From" as a message separate in mail files.

Unix stores what little metadata it natively supports in the inode, not in the file data blocks.

Special files have nothing to do with metadata, but with the Unix philosophy of "everything is a file", which works great and allows you to reduce the number of necessary system calls considerably.

I know no directories with special names. There are many names "by convention", but if I want I can have my ~tom in /var/weirdstuff/homedirs/tom instead of /home/tom and neither /dev nor /etc, /proc, /sys are special because of their name. The name is by convention and does not carry metadata.

Re:Stupidity 101 ?

[Tom]

Metadata (at least of the kind we're speaking about here) being useful only to one user, which in the windos world means one account on one machine (or network) means there's a simple solution:

Associate metadata with file in filesystem in such a way that it follows the file around. In other words: Put it in the inode or whatever the windos equivalent is. That way, metadata stay associated, no matter where you move the file to.

But when you send the file out by mail, FTP or whatever, only the file contents are copied, and the metadata stays put, never leaving your system. For convenience, add a way to send the metadata along, but only if user explicitly says he wants it done.

Re:Stupidity 101 ?

[Eli+Gottlieb]

Yes, but who fetches metadata over the network? User-attached metadata can be created as sub-files and then safely ignored by network software that only touches the primary file.

This is a BETA, Right?

[drsmack1]

I find it a little annoying when someone does a "doom and gloom" review of a beta product, focusing on bugs or immature features. Its like doing a review of a building in progress and shouting out: "It has no roof! The rain will come right in! What are they thinking!"

Re:This is a BETA, Right?

[Tom]

Yes, it is a beta product. Which means someone within M$ is wondering why it hasn't shipped, yet.

Re:This is a BETA, Right?

[drsmack1]

This might be funnier if Microsoft was the only company out there shipping buggy releases. Have you tried Mandriva 2006?

Re:This is a BETA, Right?

[aredubya74]

It's a beta, sure, but unless users expressly complain about the business security implications of this issue, it's unlikely MS will do anything to fix it. Remember, they've shown time and time again that ease of use and functionality trump security. To cite some examples, remember single-user of the Win9x days, ActiveX defaulting to "on", Universal Plug-and-Play, file sharing defaulting to "on" for all files, and the built-in passwordless "guest" user access to all of these features. We should thank Gartner for publishing this, as hopefully it will get some IT execs thinking about the security implications for not just this, but other functions.

Re:This is a BETA, Right?

No, it's more like doing a review of a building in progress and saying "its pillars won't be strong enough to support a roof!"

Re:This is a BETA, Right?

[DogDude]

The thing is, the business security implications of this are minor at worst, and none at best. 1. This isn't security. This has nothing to do with security. 2. This is a usage issue. Don't label a file as "bad customer", and you don't have to worry about it. 3. If you insist on using bad info to label files, then there's a way to remove it.

Re:This is a BETA, Right?

[slavemowgli]

You seem to be misunderstanding what a beta release is.

A beta release is (or at least is supposed to be) essentially a release where the important features are pretty much done, and where the "only" work that's left to do is shake out bugs, tweak minor things, fix documentation and so on.

It is NOT a release where you put in all sorts of crazy features that you don't actually plan to have in the final product - that would be rather stupid on pretty much every level I can think of, especially the economic one.

So when there's a fundamental problem with a feature in a beta product, especially if it's the feature *as such* as opposed to its (probably buggy) implementation, then pointing that out is not "doom and gloom" - it's just reporting.

Say Ford decided to switch the driver's and passenger's seat in all their new models, so that the driver actually sits to the right of the passenger now, and further suppose that Ford presents their new concept model to the press. If a reporter now pointed out that that feature is pretty nonsensical (dangerous, even), would you call it "doom and gloom", and would you believe Ford if they said that it's "just a 'beta'", and that the actual cars won't have this after all?

Of course not. If they really didn't have any plans to have this feature, they wouldn't have it in the "beta" version, either, and the same's true here.

And what's more... if nobody cared about this now, then I'd bet (no pun intended) that when people actually noted these problems after the final product had been released, there'd be many who'd complain that it should've been pointed out while the product was still in beta, and not only after the final release.

Re:This is a BETA, Right?

[Knuckles]

The thing is, the business security implications of this are minor at worst, and none at best

A few high-profile incidents of this could destroy the 15,000 strong company I work for, depending on what is revealed.

The thing is, the business security implications of this are minor at worst, and none at best

Of those 15,000 around 10,000 routinely have contact email with clients, most of those every day. You can't prevent mistakes on that scale without being absolutely fascistic

Re:This is a BETA, Right?

[emacs_abuser]

...buggy releases. Have you tried Mandriva 2006?

Yes.

No problems detected.

The 2008 Toyota Prius

[DogDude]

I hear that the 2008 Toyota Prius will have a 7' high spoiler. What's up with that?

Oh, sorry... I just figured that we're talking about products that are still a few years down the pipe that haven't been anywhere close to finalized yet.

I don't know about anybody else, but we not only don't evaluate software years before it's released, but we generally wait until the software has been out for at least a year before even looking at it. I don't know what the point is of reviewing a product this early. The only thing that I can figure out is that it's a way to get a few more pageviews.

Re:The 2008 Toyota Prius

[sqlrob]

I just figured that we're talking about products that are still a few years down the pipe that haven't been anywhere close to finalized yet.

MS has committed to an August 31,2006 date, so it better be damn close to finalized.

Now, chances are they won't make that date, but they've publically said they would.

Re:The 2008 Toyota Prius

[AlvySinger]

Are you new here? Opportunity to take a cheap shot as MS. Taken! Should there ever be a story about a MS employee saving a puppy from drowning they'll be someone here to moan about it.

Re:The 2008 Toyota Prius

[Knuckles]

Hi again. Are you an astroturfer? Funnily enough, when I read the thread, your post was shown immediately after this (later) one. 'Nuff said.

Re:The 2008 Toyota Prius

[mseidl]

Ok, this article was primarily based on concept/capabilities. Not a specific underdeveloped feature. It isn't like we are talking about a nuclear powered car or anything like that. Something that is totally experimental and is totally unpredictable. Yes it is in beta, but, beta is pretty much done/bug testing/testing minor upgrades. Not like an alpha or pre-alpha release. But, than again, it is microsoft.

Re:The 2008 Toyota Prius

[DogDude]

Are you an astroturfer?

No, I have never laid Astroturf® in my life. I don't think that I've ever seen Astoturf® close-up, actually. But thanks for asking!

Re:The 2008 Toyota Prius

[DanielJosphXhan]

You would think, wouldn't you... but somebody has to evaluate unreleased versions of Windows. Microsoft clearly doesn't.

dan (taking the cheap shots)

Re:The 2008 Toyota Prius

[mikefe]

I don't know about anybody else, but we not only don't evaluate software years before it's released, but we generally wait until the software has been out for at least a year before even looking at it.

I see that you run Debian then.

"embarrassing"?

[Mahou]

sounds like he's worried about people finding his porn collection when they search for seemingly unrelated things(scat music, majestic horse paintings, old lady jokes, kiddie books and toys, etc). maybe someone should just tell him not to tag that stuff

Re:"embarrassing"?

[nazsco]

not tag pr0n?!

And exactly what do you have in such quantities that does need tagging?

All Microsoft has to do

[m93]

is to make the metadata attatched to document files viewable only on the Vista installation it was created on. Perhaps it would be possible to have the operating system strip the data off the files that are being copied or moved to other network locations as a precursor to each respective process. In this case, they would also have to work some kind of functionality into the next iteration of Outlook, so that the problem could be stemmed from the email side of things.

What 3rd party vendors would do to accomodate this is anyone's guess.

Re:All Microsoft has to do

[slashname3]

Oh, that would be good. Play "try and modify the file when we think it is being sent off this system". Yet another kludge with lots of holes. Can you say zip files?

This is just another example of disclosures from the past where change log information was left in documents released to public forums. Very interesting info disclosed in some of those word documents. Must be standard procedure now for lawyers to check the change log info on documents they are sent.

And if people don't fill out the meta data info the fancy new search capabilities won't be as useful so why have them?

Re:All Microsoft has to do

[cosinezero]

That would defeat the intents and purposes of metadata in a multiuser (read: most offices) environment...

Re:All Microsoft has to do

[00lmz]

A nice solution would be to use the NTFS Alternate Streams feature. The metadata can be stored inside an alternate stream for the file. I think Microsoft already did this with their Thumbs.db thumbnail files. When I copy one of those to my USB disk (FAT32 formatted), it says that some information can be lost in the Thumbs.db:$encryptable$ file (or something like that, I don't remember exactly).

Re:All Microsoft has to do

[Trejkaz]

Oh, that would be good. Play "try and modify the file when we think it is being sent off this system". Yet another kludge with lots of holes. Can you say zip files?

Well, the current approach in Windows XP stores the metadata in a separate file from the real content, so basically it's stripped out in all cases where it would leave an enterprise, unless there is a really weird situation where they're using a CIFS share in another company to drop documents (copying to CIFS seems to preserve the metadata.)

inadvertent disclosure

[Ashley+Bowers]

'This opens up the possibility of the inadvertent disclosure of this metadata to other users inside and outside of your organization' Well this would suck, and will no doubt slow the release date down if it is not fixed soon!

Isnt Metadata part of the filesystem?

Surely Metadata is part of the filesystem (ie there is a seperate store of metadata seperate from the actual file)?

How can they possibly attach their metadata to the actual file, this would corrupt the files for other users.

If the metadata is stored in the local filesystem then surely there is no need to be worried about that metadata getting out since it is not attached to the file (unlike Word document revisions)

Yawn, non-story

[mopslik]

For example, a user might use "good customers" and "bad customers" as keywords on contract files. If such a contract is sent to the customer with the keyword still attached, it could cause embarrassment or even loss of business, the analysts wrote.

How is this different than naming your file "Invoice for Asshole Larry.doc" and mailing it to the client? Simple solution: don't put potentially embarassing stuff in the metadata fields.

Do people really need an analysis to tell them this?

Re:Yawn, non-story

[TubeSteak]

Yes. Of course you need someone to tell them this.

1. People are dumb
2. People think they will delete it later. They will not
3. See #1
4. Profit

I'm not sure how companies ever get out of the stupidity loop, but somehow they get to #4. Companies are constantly hiring high-priced consultants to tell them things that may in hindsight seem obvious, but it really is a matter of experience.

A company that has never been burnt by poorly managed meta-data won't really give a damn unless they have someone thinking ahead.

Word: "Properties" and Track Changes

[G4from128k]

I've often been amused by what appears in the Properties pane of Word document sent by clients or what you can dredge up from Track Changes. Evidence of re-used documents, other projects, other clients, and deft attempts at redaction abound in the hidden metadata and edits.

The more data a computer saves (especially if hidden from plain site), the greater the chance of embarrassment and unintended leakage of sensitive info.

Re:Word: "Properties" and Track Changes

[C10H14N2]

...and these are a few of the many reasons why I print to PDF and never, ever, ever send MS Word files.

Re:Word: "Properties" and Track Changes

[TubeSteak]

From Our Friends At ThePirateBay

iRacing: letter (yes, they sent us a PDF) our response (the actual response was a 1MB BMP file, but well...)

Re:Word: "Properties" and Track Changes

[thatguywhoiam]

...and these are a few of the many reasons why I print to PDF and never, ever, ever send MS Word files.

Now *there's* a solution I can get behind!

From this point on, I am exporting all my shared .doc files as giant GIFs. No harm no foul.

(If it seems like I'm joking... I am. But only sorta.)

More delays! Yay!

[kiehlster]

And now we'll see Microsoft delay the release of Vista for another year, and yes, more people will be fired for their supposed ignorance in this meta matter.

Google desktop is a little scary...

[QuaintRealist]

If you have any kind of data which needs to be kept private (we have HIPPA compliance to worry about at our medical office), using Google desktop is a bit scary. Yes, it allows you to "lock out" certain data sources, but on machines where private data passes in a lot of different formats, things can easily slip through the cracks.

Of course, we don't have it on our main office machines, because they are running Slackware. Our machines that are locked into Windows for hardware interface reasons had to have Desktop removed from them after a couple of almost-incidents.

YMMV

Re:Google desktop is a little scary...

Installing Google Desktop on any machine that has HIPPA protected data going through it was a stupid move in the first place. What were you/they thinking???

Re:Google desktop is a little scary...

[Comboman]

If you have any kind of data which needs to be kept private (we have HIPPA compliance to worry about at our medical office), using Google desktop is a bit scary.

How is that scary? It's just indexing data that is already on your computer. The fact that a file is "hidden" in a subdirectory 10 levels deep in an odd file format doesn't make it any more secure, just harder to find. Security by obscurity doesn't work. If a hacker has access to your machine, he can just as easily index your files from the outside as he can by looking in the Google Desktop index file.

The same goes for these Vista metatags of course. If you have a file called cc-num.txt and tag it with "This is an unencrypted text file containing all my credit card numbers and ATM passwords" the problem is not with the tag that makes it slightly easier for someone else to find the information, but the fact that you have such a file on your computer in the first place! If it's confidential information, then encrypt it. Thinking other people can't find a file because you don't index or tag it is only deceiving yourself.

Re:Google desktop is a little scary...

[tomhudson]

Installing Google Desktop on any machine that has HIPPA protected data going through it was a stupid move in the first place. What were you/they thinking???

Guess they left out the <humour> meta-data tags.

Usefulness of metadata

[paologat]

Adding flexible metadata at the level of files does not seem such a good idea to me, especially for files that need to be transmitted or shared with others. Catalogation systems are going to be different from user to user, and from organization to organization - which is going to be messy if you mix multiple systems together.

Having something like "post-it notes" that do not stick to the file, but instead are part of the directory entry for that file, might be more useful and safer. If someone sends me a file, I don't want that person's metadata to pollute my classification of files.

That's somewhat like what happens with e-mail - I receive plenty of mails that the sender marked as "high priority", but that are low priority to me. Metadata on the file should be objective; subjective information should be stored somewhere else and not be transmitted together with the file.

Re:Usefulness of metadata

[Photon+Ghoul]

Catalogation

In the interestation of securitization, the catalogation of the nation's datation should not be left to the ineptitudination of incompetentation corporatizations with a historicalization of not giving full thoughtfulination to securitization.

Re:Usefulness of metadata

[thatguywhoiam]

Adding flexible metadata at the level of files does not seem such a good idea to me, especially for files that need to be transmitted or shared with others. Catalogation systems are going to be different from user to user, and from organization to organization - which is going to be messy if you mix multiple systems together.

What makes you say that? MP3 files, and their ID3 tags, don't seem to be an issue really?

I like the concept of metadata in the filesystem because it moves beyond the 'folder barrier'. For instance I can create a smart folder that gathers files with tag x into a 'view' in that window. These files can exist within multiple 'folders', as opposed to living in only one place. Spotlight on OS X is a good example; I use it at work all the time to create a folder with all photoshop files with layers named y, or with resolution z, etc.

Really I think the solution as far as sensitive metadata goes is a kind of 'airlock' around Vista; when sending files out to the network or an external device, prompt the user to confirm the metadata; let them uncheck fields that are no good to go out. Of course MS could have solved a number of office faux-pas type issues with such handling in Outlook ("are you sure you wan to Reply to All? are you sure you want to attach this 50MB Powerpoint?") but have yet to demonstrate a concrete effort to do so.

Re:Usefulness of metadata

[paologat]

What makes you say that? MP3 files, and their ID3 tags, don't seem to be an issue really?

That's exactly my point. ID3 tags are standardized (ok, at least there is a standard subset of tags) and reflect objective characteristics of the tagged file (author, title, genre, and so on). It is perfectly fine for these tags to exist at file level.

User-defined information, on the other hand, should not be copied "by default" if you move the file to a different context.

Re:Usefulness of metadata

[thatguywhoiam]

That's exactly my point. ID3 tags are standardized [wikipedia.org] (ok, at least there is a standard subset of tags) and reflect objective characteristics of the tagged file (author, title, genre, and so on). It is perfectly fine for these tags to exist at file level... User-defined information, on the other hand, should not be copied "by default" if you move the file to a different context.

Ok - I still don't see the problem. MP3 tags are user-defined (although often fed by CDDB or the like). So really isn't it just a matter of having the right importers plugged into the metadata engine? Perhaps that is a mess in the making, but I don't see how it would be much different from handling other filetypes... After all we have had 'metadata' in the form of file properties, icons, thumbs.db, dot-underscore files etc.

I see your point; what I don't see is how this is any more (or less) dangerous than things we are doing with our files currently. Word's propensity to attach/append something improper is a feature we have today.

Re:Usefulness of metadata

[FrostedWheat]

In the interestation of securitization, the catalogation of the nation's datation should not be left to the ineptitudination of incompetentation corporatizations with a historicalization of not giving full thoughtfulination to securitization.

More on that story later.

Re:Usefulness of metadata

[1WingedAngel]

Fo' shizzle!

Re:Usefulness of metadata

[AK+Marc]

Ok - I still don't see the problem.

Then you aren't looking at the problem. It isn't "all metadata is bad." It is "metadata can be bad." What would your collection look like if playlists weren't stored by the program that played it, but that all your tracks stored the metadata of which playlists they should belong in? I wouldn't want your playlist information passed to me with the file. And, in some cases people name playlists something that has a meaning that could be misintrepreted or is inflamatory. Perhaps "Nigger shit" wasn't offensive to the person that created the playlist and tagged the file with it, but then it gets passed to you and you pass it to someone else without paying attention to the metadata. Now, you are in trouble for sending a file out with inflamatory tags on it.

The suggestion is that objective or global metadata be attached to the file, like it is with MP3s, and that personal metadata (like playlists) be kept separately, as it currently is with MP3s as well. Currently, Apple and Microsoft attach all metadata for files directly to the file, so personal/private information can not be separated from information intended to be public.

Re:Usefulness of metadata

[thatguywhoiam]

Then you aren't looking at the problem. It isn't "all metadata is bad." It is "metadata can be bad."

Oh.. well we are agreeing with each other then. I realize that 'metadata CAN be bad', much like other data. I think it was just ill communication on my part. My overall point was that I don't consider metadata to be any of a threat than 'normal' data, for good or bad. Sorry for the confusion.

huh?

[imboboage0]

Windows Vista, the successor to Windows XP

Why didn't anyone tell me this before!?!?

Summary

[wombatmobile]

Allchin said those enhancements--along with a reduction in the number of times customers have to reboot their machines and other features--will mean that companies that move to Longhorn will be able to cut their operating costs. Of course, he added, "that's up to us to prove."

Got that? To cut your operating costs, pay Microsoft some more money for some Longhorns.

i can see the commercials

[goarilla]

Have a hardon, feel horny? gf broke up.
M$ Vista
Searching for your porn stash has never been easier with M$ Vista's new meta-data feature

seriously this is a true reason not to use Vista. Just imagine the plot u have some friends over
you leave them with your new box u come back and they were able to play that 1.30 min pr0n movie on your bigscreen tv :O
That's why i use *nix: find /* -iname *xxx* 2>/dev/null is a pretty hard command for non *nix users.

Re:i can see the commercials

[Jackie_Chan_Fan]

The sacred Porn stash can not be compromised.

DAM MS security.

Then again i run google desktop... My stash is insecure.

foatse?

[Hoi+Polloi]

Are you implying that you have pics of Fabio's gaping rectum? FOATSE!

Company policy.

[JVert]

We never send any raw documents out to customers. We always print them to PDF first. Looking back I wonder if there is still a chance private data could be leaked, that somehow PDF layers the hidden stuff underneath and if someone were to peel back the top.

But this will just be an extension to that policy to check for any meta data.

Re:Company policy.

[Giometrix]

You're probably using a commercial app to convert the documents, so I don't know if any meta data is passed along; but if you really care, you can transform XML documents to PDF via an XSLT stylesheet, so you'd know exactly what gets transformed.

Re:Company policy.

[99BottlesOfBeerInMyF]

Looking back I wonder if there is still a chance private data could be leaked, that somehow PDF layers the hidden stuff underneath and if someone were to peel back the top.

For the most part, no. PDF files do, however, support the concept of layers (which must be explicitly created by the authoring program). The only security issues I've seen with this is where people layer black boxes over text to censor them, not realizing the information under the boxes is still there and readable. This has caused several important disclosures and usually a reader need only copy and paste the text to have a readable, uncensored, version.

Re:Company policy.

[JVert]

We're using CutePDF converter with the postscript filter thingy. I dont know much about what i'm talking about but its just a virtual printer.

Sounds like the XLST stylesheet will have to be modified for every type of document?

Re:Company policy.

[JVert]

Thanks for the info sounds like something I can test for pretty easily.

Re:Company policy.

[arkanes]

The virtual printer technique won't preserve metadata because it's not document aware - it presents itself as a Windows printing device, the application uses standard Win API drawing commands on it, and the driver internally translates those commands into postscript and then into PDF. Do watch out for redactions, like drawing black boxes over text - the application will likely print this as the text with a box over it, which will look fine on paper but the redacted text will remain in the document. This happened at least once with a redatected DoD document, exposing them to some fairly serious embaressment because they're redacted all the negative parts of an independent audit.

The places you need to worry about metadata exposure are the document-aware "export" functionality, because rather than simply printing from primitives, these work with full knowledge of the document and it's structure.

Re:Company policy.

[Giometrix]

To be honest, I've only converted XML to PDF for nothing more than a simple school project. But I'd think that if the original file is stored in XML (content and style, which is what I assume OO does [I don't know, I don't use it]) then you can keep using the same stylesheets for all of your documents written in that format. Of course, that's a lot of work, and its probably been done for you. You'd be better off looking at the existing stylesheet and making sure meta data doesn't sneak through.

Of course, I'm just blowing smoke. Like I said, I've only done this for a simple project, I just threw it out there to look cool.

Re:Company policy.

[JVert]

XML + XLST = +3 insightfull.

Yes but can it be done with AJAX? (+5 right here)

Re:Company policy.

[Doctor+Faustus]

PDF does have a system for talking about the document, called annotations; it's even threaded. I just ran across it in the PDF spec, though. I've never seen anyone use it.

Re:Company policy.

[Doctor+Faustus]

It might have been +4 if he or she had realized that it's XML+XSLT->XSL-FO->PDF. The complete XML-to-print system is XSL, which is XSLT and XSL-FO. XSLT only became a tool in its own right when people realized it would be good for making HTML, too.

Re:Company policy.

[mikefe]

The places you need to worry about metadata exposure are the document-aware "export" functionality, because rather than simply printing from primitives, these work with full knowledge of the document and it's structure.

Hmm, I wonder how OpenOffice.org handles this...

Train those users

[wombatmobile]

It's all under control. Just train your users to manage their own metadata.

Re:Train those users

[megabunny]

Now that's stunning. Eleven pages on how to keep control of something many users do not even know exists.

Eh?

So why do i need meta data again?!?!

This is bull

[Nex6]

Even the much vuanted google desktop had information discloser issues.
as this type of technology comes to the mainstream its to be expected the early stuff may have a bug or two. (see: google desktop)

and here they are slamming microsoft for a new feature people are asking for. and telling them how to do it, when they have no idea on how hard this kind of thing is to do from a software engineering perspective.

I mean sheesh The product is in BETA, make a bug report to microsoft as a beta tester if you find a bug.

I mean windows vista has alot of very new stuff under the hood which is very cool. much of the stuff effects security and stability which is a good thing.

-Nex6

Terms of Embarrassment

[Mulletproof]

"but those tags could cause unwanted and embarrassing information disclosure, Gartner analysts have warned."

Oh, you mean more embrassing than finding cookies and cached images from pr0n sites and the like? Unless you're considering self comments like "he's so hawt! I'd so tap that!" Not that you that most people's surfing already involuntarily discloses their personal data like a sieve.

I'd be less concerned about people appending credit card numbers and such to files, not embrassement.

Couldnt care less

[The+Cisco+Kid]

.. about what MS decides to incorportate in its proprietary platform. The more user-hostile, privacy-invading, insecure, and unreliable it is, the more people will finally realize that MS completely sucks and will consider taking the bit of extra effort that MS currently makes necesarry for them to choose to use something *other* than MS. And once enough people choose away from MS, the more people will support the rights of end-users to have a market that isnt monopolized by one vendor.

So go ahead, MS, fuck over your customers in any way that you want to, or are paid by RIAA/MPAA/BSA to. The more you fuck them over, the less customers you will have, and the better the overall health of software technology will be.

You have to put up with a certain amount of fucking over to stick with MS, It just seems that some people are willing to take more than others and still remain loyal. Of course some poor ignorant fools will stick with them till the end, and I pity them.

Re:Couldnt care less

[kaitou]

bitter much?

Re:Couldnt care less

[Jugalator]

LOL, did Ballmer piss in your bed this morning? :-)

Stupid

[zecg]

This is idiocy - any disclosure of data which is unwanted can be damaging; so, are we not to have it? Don't index the files and don't name the files, also - this can be potentially embarrassing as well; and don't ever have a shovel in the house, kids cut off each others' heads clear off with those things!

Re:Stupid

[99BottlesOfBeerInMyF]

This is idiocy - any disclosure of data which is unwanted can be damaging; so, are we not to have it?

No it is not idiocy. Sharing metadata can be both useful and disastrous, as shown by the metadata often shared with Word files. The concern is that, like MS Word, Vista will include metadata in shared files without providing a proper UI that informs the user and makes sure they are aware of that metadata. MS does not exactly have a stellar record in this regard. Third parties currently provide applications for cleaning Word files of metadata (which in the past has occasionally included random chunks of data from your hard drive). Less expert users are usually the ones that suffer because of this.

I think it is important to both inform users and to pressure MS to provide a proper interface to avoid problems with unintended metadata sharing. For example, when e-mailing or otherwise transferring a file, by default a list of the included metadata should probably be shown as well as an option to delete any of it that is unwanted.

Google desktop still the winner

[el_jake]

I have tried a Vista beta, and after 4 hours of trying out various search features I installed Google Desktop and found Vista to be just as good as my old XP.

Wich btw runs just fine under Vmware on my Ubuntu distro.

I doubt Gartner knows what they're talking about

For example, a user might use "good customers" and "bad customers" as keywords on contract files. If such a contract is sent to the customer with the keyword still attached, it could cause embarrassment or even loss of business, the analysts wrote.

Wait a minute... Since the tags in question are an OS feature, wouldn't the OS have to store them somewhere else in the filesystem, outside the file, since it can't know how to stuff them inside a file of an arbitrary format? And when you send someone a file, isn't it only the content of the file that is sent, along with the filename of course? Ergo, isn't it impossible to inadvertently send someone a file with Vista's tags still attached, since they're not in the file itself?

<slashdot-editor-mode> Does this mean that Gartner analysts are simply FUD-mongering without a clue? </slashdot-editor-mode>

Gartnerhype

Gartner is becoming pretty hyperbolic. Is this seriously a problem? And why wouldn't it affect anyone else? You just can't take unreasonable anti-MS seriously anymore.

This Happens Already (Diebold/BlackBoxVoting Ref)

[ahsile]

Please see:
http://www.bbvforums.org/cgi-bin/forums/board-auth .cgi?file=/1954/15583.html

And search for "properties".

Enough rope to hang yourself

Why is that *Microsoft's* responsibility? If you're going to put sensitive information in metadata then you need to think a little bit about who you are sending the file to!

"New! Microsoft Security Assistant! Keeps you from putting sensitive data into your files, where it may leak to unauthorized persons! So you have to think even less than you do now!"

Sounds familiar

[FishandChips]

I guess what Gartner is saying wrt boosting the meta-data options is that marketing has won over security on Microsoft's tick list, whereas after Vista is launched the userbase will demand that security wins over marketing. We've been here with MS before, oh my yes ...

Well that would be great, but...

The last major features that separate Vista from XP are: Searchable metadata and vector-based graphics. Everything else has effectively been scaled back or scrapped. As such, people using Vista will be encouraged to tag everything, if not by the OS (yeah right, like Microsoft isn't going to stick a reminder-like app. in the tray for a feature they've been marketing), then the organizations who purchase Vista will encourage tagging.

Re:Well that would be great, but...

[Ucklak]

So how compatable are theses metadata tags within multiple operating systems?

If a Vista user tags a jpg with "Family Vacation", will Mac and Linux users be able to view these tags?

Re:Well that would be great, but...

[miyako]

it's almost certain that however the metadata is implemented, it will not be transferably to Linux or Mac machines (possibly not even between machines running Visa). While I'm generally happy to criticize microsoft for their lack of interoperability, I don't really see this as a bad thing.
For some documents, particularly within an office, it might be useful to share metadata. In this case it might even be possible to share the metadata. I'm not sure how all of the collaberation stuff works with the newer versions of Office but it seems like it would allow metadata to be shared. Outside of work sorts of situations, I would think it to be preferable that each user creates their own metadata for the document.
Imagine Bob and Jane go on vacation to Italy and decide to email me photos. Bob and Jane might have marked metadata on this as "Vacation 2005" or "Italy". Now when I get the photos they certainly have nothing to do with my vacation 2005 or my trip to italy, so I would probably rather mark them as "Bob and Jane" or something like that.
Or what if someone decided to email you a copy of the goatse guy with the metadata labled "Resume" or something.

Re:Well that would be great, but...

[Ucklak]

Couple of cases that are in use today,

Stock image houses that use a mix of OS, keywords are still seperate.
If Extensis Portfolio is used, metadata is only viewable within Portfolio.

Programmers that use a trimix (Win,Mac,Lin) usually rely on comments within the code.

I don't see the point of metadata in these cases and would be a bad thing to only rely on 1 OS to handle.
If MS would write a handler for Mac and Linux then it may have some use but If I can't see meta data from a MS office document authored in Vista on my Mac then I don't want metadata to be used at all for 'meta notes'.

Re:Well that would be great, but...

[LeftOfCentre]

While I'm not sure how Vista will handle that, WinFS (which is scheduled for stand-alone release after Vista) uses "metadata handlers". The purpose of such an add-on is to transfer metadata to and from binary files. So, for example, a metadata handler for MP3 music could automatically fill in the appropriate metadata found in the various ID3 tags when a song is copied to your drive. Similarly, it could write ID3 tags based on your current WinFS level metadata fields. JPG supports some tagging so that will probably be used to some extent. But what I'm actually getting at is that presumably a custom metadata handler could be written that would store the metadata in any arbitrary format, perhaps as text files accompanying the binary file or something of that nature (if necessary for reasons of interoperatibility).

Re:Well that would be great, but...

[kimvette]

NoNoNo! You forgot our DRM overlord Microsoft is so thoughtful to provide in Vista.

Search your data?

[Skiron]

I still find this very hard to conceive. WTF do users have to SEARCH their own data anyway? What did people do before MS fucked it up for them?

Well, we used to file away FILES in filing cabinets that had drawers all marked - and inside each drawer was as a folder arranged however the user wantted it! Everything was marked as to what it was, and arranged logically.

None of the ~%user%/fredblo~2/setting~1/my docu~2/cache~3/ bollocks (OK, I donwloaded it.... where did it go?????)

I mean. What a load of bollocks in having to do this on a supposedly 'advanced' OS that causes the bloody problem in the first place.

Re:Search your data?

[realmolo]

Why do users have to search their files? Because most users don't know where their files are. They don't know what their files are NAMED. They don't even really know what program they used to create their files. Is it a Word file? An Excel file? A JPEG? (usual response: "I don't know. I just used Windows 99 to make it.") A good search utility could be handy.

Of course, people that can't be bothered to give their files descriptive names aren't very likely to fill out metadata info, either. So it's not going to help much. Still, it's progress.

Seriously, if you've ever worked in a any kind of office environment, the question of "where is my file?" comes up EVERY DAY. People let Word or Excel or whatever name their files, and pay no attention to where those programs are saving things. Thankfully, most of the time things end up in "My Documents".

Re:Search your data?

[Skiron]

Exactly my point. MS introduced this moronic concept of 'invisibility' to users.

Re:Search your data?

[geekoid]

That's not windows, that's improperly trained users.

Stupid Question

Why does the metadata need to be in the file? Why can't it just be in another file/persistance mechanism with a reference in the document to the location of the metadata?

Re:Stupid Question

[Bassman59]

"Why does the metadata need to be in the file? Why can't it just be in another file/persistance mechanism with a reference in the document to the location of the metadata?"

So if you back up the file, and then restore it, you don't lose the metadata?

This was the problem with Mac OS 9 and below ... for example, if you mounted a Mac drive on your network and accessed the files from a PC, the PC ignored the resource forks. -a

what will happen to the file name?

[mseidl]

Does this mean people will get lazy about file names? What will happen to directories? I am sure they won't go away. But, MS is trying to make them transparent to the end user. Which was a goal of their WinFS. Im worried this meta data thing will get out of hand and then things will rely on it. I do not like the idea for searching for my data everytime I want to access it. Folders and filenames excite me because I can easily sort/find my stuff. I can quickly access it. If I need to search I have google. Like id3 tags...? I do not find myself using it. I do not need to see the title scrolling in winamp, because I have the file approriately named. But, thats just me.

Re:what will happen to the file name?

[Rick+Genter]

I think you can think of the file name as just another piece of metadata.

Folder structure can also be thought of as another piece of metadata (e.g., tag this file/folder with the "owning folder" tag).

The 'unwashed'

The 'unwashed' suggests to me the *nix geeks that hang around here.

Normal people (who don't give a shit about computers as long as they work) generally wash often.

Re: Re:The 'unwashed'

"Too-Shay" :-)

Re:I doubt Gartner knows what they're talking abou

Windows already has the concept of connected files. You can save a web page in explorer and end up with an html page and a folder with the files it references, then they get treated as one when you copy/delete them. It's quite possible the metadata could be implemented as a connected file with the extra information.

Non-Oblig. Homer

[truthsearch]

Homer: From now on, there are three ways to do things: the right way, the wrong way, and the Windows Vista way.
Bart: Isn't that just the wrong way?
Homer: Yeah, but faster!

I'm shocked

[PaxTech]

I'm shocked, shocked to see Microsoft prioritizing features over security.
</Claude Rains>

Not just windows, Mac's too

[goombah99]

The mac OS (offering previews of the next Windows OS since 1984) already suffers from this problem and so far there are no graceful solutions. Namely spotlight gathers sensitive info in ways I wish it would not. To be specific, I deal with a lot of confidential e-mail that can include personell problems of empoyees. At the same time it's got all my project info on it. When an employee comes to talk about a project I will often search for terms related to the project or sometimes by the employeees name in spotlight while they sit around my screen. Spotlight pulls up the docs and the e-mails onto the same search results screen. Seeing titles of certain e-mails or possibly just the addresses can reveal confidential information or be embarassing.

As a result I no longer have spotlight index my e-mails. And of course that's a pain in the ass since it means Mail.app's searhc feature is busted. While I can figure out how to work around that (e.g. don't use mail.app, which would be a pity), the story does not end there. Unfortunately, spotlight indexes my backup volumes too, and it can blunder across old mail there and index it.

Now you might think I could also turn off indexing the backup volumes but there's the rub. First I might not want to. Second, you can't always do it. Spotlight has some bugs in how it handles logical partitions on disks and in particular it sometimes ignores being told not to index a volume if another partitions is being indexed.

Anyhow eventually there will be more fine grained control on privacy, but then the interface will become more cludgy too. In fact that may just kill the whole fine grained control effort since most folks don't worry about this sort of things and would prefer simplicity.

It's perhaps worth noting that windows dropped making the filesystem a database (for now). That might be a smart move since making at a wrapper like spotlight means they are less locked into a single search design. Problems like this will emerge slowly and flexibility to plug problems will be needed.

Re:Not just windows, Mac's too

[Angostura]

When an employee comes to talk about a project I will often search for terms related to the project or sometimes by the employeees name in spotlight while they sit around my screen.

It doesn't sound like a metadata related problem to me. It sounds more like a furniture placement issue.

But seriously, de-selecting 'Mail' in the Spotlight pref pane, should stop spotlight from displaying results in its window, while retaining the full indexing facilities within Mail.app itself.

Re:Not just windows, Mac's too

[truthsearch]

By having someone look at your screen it's your responsibility to prevent private info from appearing. The system knows you're logged in, but it certainly doesn't know someone other than you is looking at the information. Just like if you brought up your address book... you should know not to bring up confidential contact information. The system certainly can't take care of that for you.

Re:Not just windows, Mac's too

[goombah99]

What you suggest is a reasonable sounding solution and it would be nice if apple had actually implemented that functionality correctly. Unfortunatley Spotlight seems to be buggy on the mail.app search issue. It's a bug because not everyone seems to see the problem. Many people including myself (see apple's discussion forums) have found that disabling mail indexing seems to cripple searching by content in mail.app. You might not notice this if you just test this by turning off the index reporting on mail but that's because mail.app will be using the previous content indexes--slowly it gets out of date and new mail is not indexed.

Even if functionality were working correctly, What i'd still prefer is tag that could be applied to anything to mark it as confidential. and then a switch in spolight that could select "include confidential info" in the search results. That way I could have my confidential data indexed but simply filtered fromt he results unless I specifically asked for it.

Re:Not just windows, Mac's too

[greed]

I got fed up with Spotlight pawing through everything, so I changed a line in /etc/hostconfig:

SPOTLIGHT=-NO-

It was particularly unhelpful for Spotlight to start indexing every SyQuest cart I inserted to see what was on it, and then to erase it for sale on eBay.

Us old grouchy UNIX guys prefer find ... -name ... over Spotlight anyway.

I'm not sure if that change stops Spotlight from accumulating information about newly-created files. It does stop the background indexing service.

Re:Not just windows, Mac's too

[goombah99]

it most certainly could take care of confidental information for me. It's a computer. If there was a way to easily mark files as confidential they could be excluded from search results. yet at a flip of a switch enable reporting confidental for search results. theres already two primitive capabilities on the mac of this: the .noindex suffix and the privacy GUI for spotlight. They are close to what you want be just don't have neccessary functionality.

Re:Not just windows, Mac's too

Simple solution: use two different user accounts.

This might sound annoying, but think about it:
You are asking the computer to know intuitively whether you are acting in a sensitive or non-sensitive position. Don't rely on this intuitiveness of the computer: make one non-sensitive account and one sensitive account. Spotlight won't index stuff in another user's home directory (unless you tell it to), so only set your sensitive account to index the non-sensative account, and not vice-verse.

And, if you're dealing with sensitive information, your sensitive account should be using FileVault, anyhow, so the non-sensitive account CAN"T index it.

The first gripe about this solution is that you don't know what incoming e-mail will be sensitive or not and you'd need a common inbox that would ruin this solution. But, organizationally, do you really want people to send personell matters to your general account? Maybe you should have a separate e-mail address for confidential matters, like hrdepartment@IndiaInkInc.com

This sounds like a creating work for your system admin, but isn't it worth it to protect your employees' confidentiality? This should be an assumed set-up; you're current one is the broken one!

Re:Not just windows, Mac's too

That is right it is your job to control what is display on the screen when you have access rights, which is what the grandparent is talking about. He took action and turned off features that were causeing him to display info when he did not want to do so. His complaint though was the software makes it difficult to manage what information may be displayed and when and the only solution he found to get the control he required is less then elegant because it does not always work and prevents him from useing the features when it would be safe to do so as well.

Re:Not just windows, Mac's too

[TheSpoom]

Disclaimer: I don't (and have never) used a Mac, so I don't know entirely what the software is like. But you'd think that they'd have something similar to Thunderbird, where one can mark messages as Personal, Work, etc., and you'd think that Spotlight would respect that, or at least have an option for relegating your search to a certain class of emails. If this is not the case, that's definitely a feature that should be put in.

Re:Not just windows, Mac's too

[LeftOfCentre]

In case you were unaware, WinFS (the database / file system hybrid) is still on the table, and scheduled for release sometimes after Windows Vista. So while Vista will have something simpler (more similar to Spotlight I suppose), Microsoft hasn't really dropped WinFS, just delayed it. It's available right now in various pre-release versions for developers.

Re:Not just windows, Mac's too

Instead of turning off all the email indexing, have you tried unchecking "Mail Messages" in the Spotlight search result preferences? That way you should still be able to use Mail.app to search emails, but they won't show up in the main Spotlight search results.

Re:Not just windows, Mac's too

yes. in fact that's what I meant. There's apparently a bug in spotlight that for some users doing so cripples their E-mail content search in mail.app whan spotlight's preference is off. I'm one of those lucky winners. I'm hoping they fix it. Anyhow the point of the post was not to whine about specific bugs but to point out that unexpected issues and bugs exist and it may be some time before meta-data is secure and confidential.

Re:Not just windows, Mac's too

[goombah99]

there are several interfaces to spotlight. You can search from the command line, in which case you presumably could write a script to do anything if you were willing to work at it. You can search from the finder (file explorer) and tell it in the gui to search only "here".

There is a GUI to tell it not to report certain folders or files created by certain applications. But it's not very configurable and too coarse.

And there are some very very complex and impossible to type or remember ways to add some logic to the search to look for certain kinds of files. But its hard to tell it to search everywhere but not report certain kinds of files.

In short Spotlight 2.0 will be much better. One can expect Vista will have the same issues. In the mean time your meta data is a confidentiality risk.

Re:Not just windows, Mac's too

[amling]

That's why I have ghetto-rigged screen to display in rot13. (Seriously)

Re:Not just windows, Mac's too

Didn't you get the memo? In windows it's a bug, a matter of much concern and gum flapping. On the mac it's a feature which is extolled as the "Next cumming" if iSteve....

Re:Not just windows, Mac's too

Many people including myself (see apple's discussion forums) have found that disabling mail indexing seems to cripple searching by content in mail.app.

Um. Right. What part of this surprises you? Turning off indexing for your mail makes it impossible to search for your mail.

You might not notice this if you just test this by turning off the index reporting on mail but that's because mail.app will be using the previous content indexes

No. Because the act of modifying Spotlight's exclusions list causes now-excluded content types to be deleted from the databases immediately.

Even if functionality were working correctly

It is. Back to the top we go:

What you suggest is a reasonable sounding solution and it would be nice if apple had actually implemented that functionality correctly.

You didn't understand the suggestion. In the Spotlight prefs pane, there's a list of content types with checkboxes next to them. Uncheck one. That causes Spotlight to continue indexing that content type, but not to show you that content type in the search results window or menu.

Problem solved.

Re:Not just windows, Mac's too

[Trejkaz]

How is this a problem with the metadata? It sounds more like a problem with the search engine.

Re:Not just windows, Mac's too

[drivekiller]

Dude! If you have someone looking over your shoulder while you do a search, you are having the problem. Turn your screen aside, or maybe use "Find" instead. You can be more specific with find. Search for "WMD" instead of "Osama", know what I mean?

PDF Annoying?

[C10H14N2]

I suppose having correct fonts, layout and pagination regardless of platform or output device must really be bothersome, to say nothing of being free from macros, much less macro viruses.

Seriously, what the hell bugs people so much about PDF?

Re:PDF Annoying?

[greenrd]

Well, there's nothing wrong with PDF, but I think in this case the pirate bay had a point - it's completely unnecessary for a legal threat.

Re:This Happens Already (Diebold/BlackBoxVoting Re

[TubeSteak]

A review of the "properties" feature on this electronic document reveals that it was written by Rob Pelletier of Diebold Election Systems, then sent to Black Box Voting from the Secretary of State's office.

It is the position of Black Box Voting that the vendor should not control the testing of this system.

Lobbyists and Corps have a long history of writing legislation etc and literally giving it over to our public representatives.

Still dissappoints me though.
One day I'll be jaded enough to say "whatever"

The problem is giving away metadata with the files

[RetiredMidn]

The problem lies in intentionally sharing files that include metadata you don't typically look at, and therefore may be unaware that you're sharing along with the visible content of the file.

For example, several years ago Microsoft reportedly posted its annual report as a Word document, which contained evidence that it was composed on a Macintosh.

That example is good for a chuckle (OK, maybe a belly laugh for us Mac fanboys), but suppose someone sent a document to a customer that showed it was filed in a folder named "Correspondence with Idiot Customers" without the sender realizing it...

other Automatic meta data generation issues

[goombah99]

Another problem with meta data is the generation of meta data. If people generated their own data they could control what goes into it. But the problem here is that you just don't do it normally. Plus as documents change, get copied and modified and so on it gets out of sync unless you keep modifying it. Last thing most people would want is some rigourous change control protocol for every document and e-mail.

Which of course means automated meta-data scraping. this leads to the problem of confidential info disclosure. that's obvious. But it also leads to another problem that annoying. When do you update the meta data? when the file is created or modified? a small lag? or in batch overnight?

On macs you can force a batch overnight search. But the default on is for instant updates. If you add a search term to a document WHILE a search is being performed in another window it will find it! amazing. and very useful too. And it assures things like computers that sleep at night and detachable drives stay indexed.

But it's also amazingly annoying when you stop doing conventional desktop activities and start doing more unix like things. Tage for example untarring a 30 GB archive with twenty thousand small files in it or something that is generating transisent files in a rapid fire fashion. Well you start untarring and for the first few files it zips along. then suddenly throughput nose dives. Why? you look at your processes and you see MDL the indexing programming is chewing up your disk access.

You can work around this if you can control the file names and make sure they are ones it will not index. But that's not assured, always possible, and will vary from computer to computer.

So anyhow there's lots of fine tuning needed on these ubiquitous metadata systems. Fine grained privacy control and fine grained operation modes so it's live in desktop application mode and lags in unix/high performance modes.

Re:other Automatic meta data generation issues

[mikefe]

But it's also amazingly annoying when you stop doing conventional desktop activities and start doing more unix like things. Tage for example untarring a 30 GB archive with twenty thousand small files in it or something that is generating transisent files in a rapid fire fashion. Well you start untarring and for the first few files it zips along. then suddenly throughput nose dives. Why? you look at your processes and you see MDL the indexing programming is chewing up your disk access.

Oww, ouch! That's just painful.

Why isn't this indexing soon enough to hit disk cache instead of rereading the data from disk?

Re:other Automatic meta data generation issues

First when you are untarring something large, you might easily purge earlier reads quickly . Second, even if that were not true the MDS has to write new entries to it's data base which ar enot cached but require disk access. Third if you are creating transient files then MDS has to make the entries and then remove them too.

trojan writing made easier

This will make it much easier for trojans to find the personal info they are looking for.

Breaking new ground?

[dr3x]

"But while the OS bears plenty of similarities to Tiger, Allchin stressed that Microsoft has broken new ground in Longhorn. For example, document icons are no longer a hint of the type of file, but rather a small picture of the file itself. The icon for a Word document, for example, is a tiny iteration of the first page of the file. Folders, too, show glimpses of what's inside. Such images can be rather small, but they offer a visual cue that aids in the searching process, Allchin said." But wait, doesn't about every single version of Linux do that?

Re:Breaking new ground?

[marco.antonio.costa]

For example, document icons are no longer a hint of the type of file, but rather a small picture of the file itself.

This is SO stupid, IMHO.

Good icons work, so now all you're gonna do is add the overhead of generating a little thumbnail of a Word document, that due to size will be just 10% different from all others and you'll still have to name it appropriately.

Ah, why save resources when u can spend them, right?

Send... as in external... as in not shared.

[C10H14N2]

Christ, why the hell does PDF get people's panties in such a bunch? It has a purpose for which it serves very well--disseminating _final_ documents intended for printed output that are not intended to be edited. Basically, think of it as a 21st Century FAX.

I mean, you might as well say "How dare you send me this bottle of Chateau D'Yquem. I mean, wine in a bottle? Geez, now I need a corkscrew. Why couldn't you send me a box-o-wine so I wouldn't have to go to all this trouble?" Uhm, yeah, you need an extra tool, but really, the difference in quality is probably worth it, but go ahead and guzzle that box wine if you're so attached to that hideous wrapper.

Re:Send... as in external... as in not shared.

[thatguywhoiam]

Um... not sure? I love PDFs myself, I use them constantly. Its sort of a must on a Mac (clipboard is PDF, all apps that can Print can make PDF, etc). So I agree with you completely. Maybe it was just my bad GIF joke (after all that is EVEN MORE standardized. but it wasnt serious)

Re:I doubt Gartner knows what they're talking abou

[Rick+Genter]

wouldn't the OS have to store them somewhere else in the filesystem, outside the file, since it can't know how to stuff them inside a file of an arbitrary format?

Yes and no. WinFS could support a concept similar to the resource fork concept in MFS/HFS/HFS+/etc. on the Macintosh. The "content" of the file could be one fork, the metadata could be stored in a second fork, and the forks combine to comprise the file object. I think NTFS might already support such a concept (I vaguely recall reading something about it, but it was a long time ago and I try to stay away from the internals of Windows if at all possible).

In many cases, I think you want the metadata copied along with the file. Simple example: I have an .mp3 (legally downloaded, blah blah, whatever ;-) that has its ID3 tags as metadata. If I copy that file to another computer, I certainly want the ID3 tags to come along with it.

Hog Wash

[PacketScan]

So microsoft didn't think something throuhg before they built it.
Hmm what's new ?

and how dangerous?

[nazsco]

how dangerous could it be if someone knows that a file is ready for archival or not?

or maybe you're gonna hide your most valuable files with attrib +h

c'mon, it's M$, it's not like they're gone use into something non dispensable like BeOS' mail over BeFS

Here is quick fix

[Ilgaz]

drwx------ 8 root admin 272 Dec 23 03:39 .Spotlight-V100

Yes, if they manage to apply rights based system system wide, something like OS X, it won't be problem.

I mean if they are stealing, steal it completely :)

Note I had to 'sudo ls -la' to see it even.
(os x 10.4 "tiger")

Re:Here is quick fix

Hope you don't attach any FAT32 formatted removable media to that machine, or its index will be viewable to any non-Mac you later attach it to. Likewise for SMB shared drives with non-Macs. The Spotlight-V100 folder is laid bare.

You must be in severe pain

[Gzip+Christ]

don't do anything you wouldn't want everyone to see in the news.

So when was the last time you went to the bathroom? You must be in some severe pain from holding it in that long.

Seriously, everybody does things that they want to keep private and that should be their prerogative and their right. It's not OK to dismiss Microsoft playing fast and loose with your personal data because you think we should behave as if we have no personal data anyway. While I think that your advice is good idea to follow in general since Microsoft, et al, don't have the best record of trustworthiness, that by no means removes Microsoft's responsibility to design things in a secure way.

I Find It Interesting...

[TheZorch]

I find it interesting that Windows is getting to be more like Linux with every turn. XP, under the hood, already handles directory paths and devices just like Linux. The top-end of the OS does a good job of hiding it by adding a C:\ drive letter scheme on top of it. From what I've heard of Vista they aren't going to be hiding much of this anymore in order to make the OS seem more like Linux.

Can anyone please direct us to a site with screenshots of the Vista desktop?

Not Just A Windows Problem?

[Goo.cc]

I fail to see how this problem is specific to just Windows Vista. Wouldn't all operating systems (Mac OS X Tiger & BeOS included) that have filesystems that support metadata have this potential problem?

Re:Not Just A Windows Problem?

No, because when OS companies who aren't Microsoft add features, they are actually well thought-out. Microsoft just bolts shit on willy-nilly and hopes for the best.

Microsoft can't even learn from their own mistakes-- they should have been aware of this issue after all the embarassing disclosures over the years resulting from poor metadata implementation in their .DOC format.

what planet are these people from?

[penguin-collective]

Allchin stressed that Microsoft has broken new ground in Longhorn. For example, document icons are no longer a hint of the type of file, but rather a small picture of the file itself. The icon for a Word document, for example, is a tiny iteration of the first page of the file. Folders, too, show glimpses of what's inside. Such images can be rather small, but they offer a visual cue that aids in the searching process, Allchin said.

Kind of like Gnome has been doing for a few years now? How out of touch are these people???

No sense of humor... (humour either!)

[QuaintRealist]

AC has never been any kind of site administrator, eh? Those "stupid" other MDs in the practice, what were they thinking? Installing software from a source they trust (Google), but failing to anticipate the ramifications of doing so, doesn't seem unreasonable to them...

Better solution: slocate vs locate

This sort of problem is exactly the reason slocate replaced locate on UNIX machines. Searches only return references to things that you should have access to view. It would be wise for the Microsoft people to think in a more slocate-oriented way.

Security by obscurity

[QuaintRealist]

I'm no computer expert, but I do understand the argument against "security by obscurity" which has to do with FOSS vs closed source software.

Medicine is different, though. HIPPA basically requires that you use this kind of security (obscurity). Let me give you an example. If I have your (HIPPA protected) chart in the office on my desk, that's OK. If I leave it in the waiting room, it's not. Information does not have to be hidden from a determined (and illegal!) search, because, well, that's illegal, and because medical practice would grind to a halt if you added that much paperwork overhead.

But if you make it too easy for someone to "accidentally" stumble on HIPPA protected information, you're in a lot of troub le. And Google desktop does exactly that - offering "suggested" completions as you type, allowing you to find out that your neighbor Paul Smith has a patient letter on my computer while you were looking for your dad Paul Jones.

Nelson, revisited.... Hey, what are you DOING?

Stop hacking yourself! [whack] Stop hacking yourself! [whack] ...

In another Gartner report...

Windows Vista will allow users to write TEXT FILES, but those TEXT FILES could cause unwanted and embarrassing information disclosure, Gartner analysts have warned. Search and organization capabilities are among the primary features of Windows Vista, the successor to Windows XP due out late in 2006. While building those features, Microsoft is not paying enough attention to managing the descriptive information inside these TEXT FILES and make it easy to find data on a PC, according to Gartner. 'This opens up the possibility of the inadvertent disclosure of this TEXT FILE to other users inside and outside of your organization,' Gartner analysts Michael Silver and Neil MacDonald wrote in a research note published on Thursday.

I tried Mac Os the other day...

[Jackie_Chan_Fan]

I havent used a mac in a long time and i was quite impressed with their OS. I cant help but feel windows UI is terrible and of course the security is a joke. But the worst part about it is... Vista is on the horizon (FAR horizon) ;) and its ugly as can be. It doesnt seem to offer much new.

That or i just am not made aware of the "super cool" features that Vista is going to have. But the screenshots i've seen look like XP beaten with an ugly stick. XP is ugly enough, no need to beat it up more! I say let the XP look die, and move onto a new UI.

I have to hand it to Apple. They really did a nice job. I'll still be using PC's of course but If MS's goal is to make a pretty OS like OSX, then they really need to work a lot harder.

Re:I tried Mac Os the other day...

From what I've been reading, it appears that the main reason that Windows is updating isn't because they're totally revamping the system, but instead because they need to issue a new OS in order to remain the dominant force in the OS-sphere.

Think about the Dublin Core

[shis-ka-bob]

In HTML, you can consider the data in the head to be 'metadata'. See the Dublin Core Metadata Initiative. The data in the head is 'invisible' to a web surfer (save for the title), but quite useful for the upcoming 'Semantic Web' and even for filtering on Google. However, since statisitically speaking, there are more people that lie than correclty use this metadata, it doesn't seem that it helps your PageRank with Google to have accurate metadata. In any case, this sort of data will not corrupt the rest of the file, e.g. the 'body' if the html.

The fix

Isn't the solution to your problem to not let the person you're searching about to stand around your screen?

Re:The fix

I guess you have never given a presentation.

Re:The fix

Huh? Sure I have, but what does that have to do with anything? The OP said:

"When an employee comes to talk about a project I will often search for terms related to the project or sometimes by the employeees name in spotlight while they sit around my screen."

Don't let them sit around the screen.

As for presentations (or one on one), it has always been risky to fish for info spontaneously while others are watching your screen, whether manually or through a searching technology. Spotlight doesn't make this any worse.

One of the things I did before I used my laptop before my first presentation was to gather up all the icons on my desktop and move them into a folder. I then had a clean desktop with a single shortcut to the powerpoint presentation.

Nobody will use it.

[HockeyPuck]

So if I create a file (take a picture, create a home video of the kids at xmas). The average user is going to name it Xmas_05_opening_presents.mpg. Somehow I doubt they're going to spend 10minutes filling out "metadata" fields.

ANybody plan on adding metadata to 500 wedding pictures? Doubt it.

Re:Nobody will use it.

[geekoid]

more then you would think.

How lawyers deal with it

[Flying+pig]

I don't know about the US. But in the UK lawyers simply have a gentleman's agreement not to look at mistakenly included metadata.

I don't know whether this is reassuring or whether, given the increase in really nasty criminal gangs in this country, to be really really scared.

Re:How lawyers deal with it

[slashname3]

Gentlemans agreement with a lawyer? I would not trust a lawyer any further than you could shoot him in the head with a shotgun. Gentlemans agreement, sounds like something the old lawyers tell the young lawyers to get an edge on them.

The lawyers over here are all about winning the case and collecting huge damages. If they don't think they can win and/or if they don't think the pay off will be large enough they won't even take the case. And if someone sent them a document you can bet they would use any part of it including change log info and metadata to try to win the case. From what I can tell most of a lawyers time is spent cutting deals in the back rooms instead of finding out the facts or getting justice for the plantif and defendant.

Unix

[Puf_Almighty]

As a non-computer specialist who is basically computer literate and comfortable with the really basic programming tutelage I got in high school, but in no way a programmer, is Unix useful for me?

Is there any "How to use Unix if you don't want to type a lot of code and basically want windows without the bugs" option?

Also, do they have firefox for it?

Re:Unix

[slimjim8094]

No. You can try using Knoppix - one of my personal favorites. If you have a computer newer than about 8yrs old, you can dl the ISO images from http://www.knoppix.com/ and burn it to a CD. Then you restart your computer with the disk in the first CD drive, and use it. If you want, you can also repartition your HD and install it. But that seems like more than you're into.

Is there any "How to use Unix if you don't want to type a lot of code and basically want windows without the bugs

No. There isn't. Windows programs (e.g. Microsoft Word) can't run natively on Linux. Yes, you can use Wine (which comes in Knoppix) but it isn't perfect.

Do they have firefox for it?

Firefox started on Linux. Yes, it is the default browser in Knoppix. You see it as the firefox symbol in the bottom part of the screen.

Note: I'm assuming you don't want straight GNU/Unix because it has no GUI (X-windows) until you install one. I'd reccomend Linux. So, if you're computer literate, you might be able to use it. You just might not find it worth the hassle though. And by the way, OpenOffice does support Word files completely if that's what otherwise would keep you back.

An apple a day

So, Windows attaches the key words directly to the file, while Mac OS instead has a large index?

Sounds like Apple's approach is better, again.

Re:This Happens Already (Diebold/BlackBoxVoting Re

[jabelar]

Actually, there have been several cases where someone will run some new indexing search engine across a corporate network and find all types of confidential and/or embarassing data. Salaries, performance appraisals, etc. often have remnants in some normally overlooked folder in the filesystem ...

Non-news

[Stan+Vassilev]

It's some group trying to pull bad Vista news out of its *ss.

Metadata makes search exponentially faster. So what they're saying is basically, "it's not as if this information is less protected now than before, but now it's just faster to find it".

Plus yea, it's not mandatory to tag your files in a "fast-to-find-by-folks-you-dont-want-to-find-it" way.

Passwords

[Gardenhead]

Ever had a friend get to your gmail account and search for the password? It's all over from there.

information == BAD

[Deanalator]

This is the same thing as people complaining that google is too good at finding things on the internet. Whether it's CC numbers, or vulnerable cgi, google isn't the problem. If you are embarrassed about certain things on your computer, then why are they there? I'm sure that, in time, a robots.txt style thing will come along anyway to prevent unwanted information linkage.

That's why...

[Zzyzygy]

Files are files.

If you don't want's someone snooping into your personal affairs then don't store them on your PC, period!

-Scott

You fail it

[amliebsch]

You're missing the point. The problem is not that metadata can be accessed for files that the user should not have access to; this is trivial with NTFS/UNIX file permissions, and I don't anticipate that it will be a problem in Vista. The problem is controlling access to files that you DO have access to. For example, I may want to give you access to a file without giving you access to the metadata, or I may have some files for which I want metadata to be ignored, or contain false metadata, and so on. These problems are *NOT* implementation-specific, they are inherent to any metadata scheme, which isn't to say that there aren't solutions, just not obvious nor simple ones.

On Bashing Windows...

[slimjim8094]

Why? They've fixed it up a lot. I can't wait for Vista, and like anything else, it has bugs. However (if you actually use Windows Update), they are usually fixed within the week. Add that to a good firewall (like ZA Free ed., Windows Firewall sux) and a good AV (like ClamWin) and actually know what you're doing and run spyware checks... it's just as stable and secure as any other OS. In particular, their patching archeticure is much more stable than others, particulally macs. What happens when someone exploits a Mac vunerability? (Yes, there are. They just aren't publicized/exploited as much) True, IE is conceptually flawed, but use thereof in a proper manner (i.e. don't be fooled by the YourSearchBar popup you see) and it works fine. Hard use does require a reinstall, but that's probably a result of the use, and applicipable to Mac or *nix or ... I know I will get flamed, but it just seems awfully unfair to always be bashing MS. And, before I am labelled an ignorant fool, I've been in this buisness for 9yrs. I've used Linux (debian) and Mac extensively. But, for 99% of everything I do, I use Windows. And the other percent, I use either Microsoft VPC/Debian or Cygwin. As an IS/IT admin, windows is the easy, intergrated, and user-friendly path. Perhaps it's time to re-evaluate those old predjucies? Maybe? Yes, 9x and (particulary) ME were pieces of crap, but 2k and XP (admittedly less) were (are) great and stable. The average user flames on about MS breaking, when it's really their error and stupidity. Linux buffs that bash Windows are basing on old predjuces like ME. Those days are over. Give them some credit, please? No, I am not affiliated with Microsoft or, for that matter, any corporation. I am a student. I really have used computers (my first was a Mac) for 9 years. I am not as ignorant as you might believe. Think about it from a clean perspective.

User Stupidity Error

[Prototerm]

1. User carefully adds a metadata tag to each important file on their computer
2. User stores that important (possibly vital) file in a random location on their hard drive. Who needs to carefully organize files when you have a local search engine?
3. User searches for everything because they have no idea where anything is
4. User cries when the metadata tags on their files lead to the disclosure of sensitive information.
5. Users blame Microsoft.
6. Hackers profit.

Repeat after me: "Paranoia is good because everyone *is* out to get me"

Microsoft may load the gun with real bullets, but you're the one who pointed it at your big toe and pulled the trigger! You're using Windows, moron, stop acting like it's Linux and plan for disaster!

Um doesn't WinXP append metadata

[nexu56]

already? Am I missing something? Check the Summary tab in file properties. I see title, subject, category, keywords, comments, source, author, revision... this metadata can be appended to any file on an NTFS drive in a couple of clicks.

Would the Gartner analysts advise XP users to switch to W2K Pro until this "problem" is fixed?

Re:Um doesn't WinXP append metadata

[MobKiller]

NTFS Has had that feature since at least WinNT 4.
I remember adding streams to files by appending :streamname at the end of filenames. The problem is that it never really caught up. Not much tools have been made to manipulate this metadata so I guess they only made the feature more usable in Vista...

Try it.
create a file named something like test.txt and then:
echo "this is a test" > test.txt:newstream
more test.txt:newstream

I think the new stream itself cannot be deleted (not with standard windows tools anyway). You can only delete the file. You can add a stream to a directory too. May I suggest that you don't add one to your root directory since you won't be able to delete it afterward.
I suppose that XML data could be appended to any file to duplicate the XMP (embedded xml) functionality from Adobe.

Re:I doubt Gartner knows what they're talking abou

[Trinn]

Yes, NTFS supports that, they call them "streams" IIRC. You would just have to be sure to make sure all the streams went with the file, which is -not- the default behaviour on anything but ntfs-to-ntfs or ntfs-via-cifs-to-ntfs copies. (I'm pretty sure about the second one)

If I only had mod points

[mikefe]

If I was eating or drinking anything it would be sprayed on everything in front of me also.

You're funny man!

vista VR Linux

I keep hearing that Vista is more liek liniux but I fail to see the connection! Lets look at redhat. Readhat bing one of the uglyest looking os around now were lookings, feels, and runs like vista. If your going to run a os of any time u better be able to stomice looking at it for more then 16 hours a day.

sure vista has stuff that Tiger has and linux but Windows still has somthing that nether of them have at all. That out of the box installing of progams like doom3, Hl2, Google Earth, Office 12, Windows Live messanger.

sure OSX witch is by far the best os out there can run stuff like adobe photo shop and there final cut software. here linux as gimp. and any one with any brains at all know that gimp dosen;t even come close to photo shop cs2. and there no real hardware suport and mainly no direct x or any 3d suport for 3d cards. I going to need a OS that I can make a living on and MS windows and osx tiger can fill that unlike linux. And we all know WINE is not good enough, VMware isn't evne close as it dosen;t suport any 3d drivers just gernic ones.

I for one beta test vista and the only think I think is wrong is there trying soo har to restice peoplefomr playing illegal moves and music. Well RIAA and MPAA what the hell were u think when the net first come online.??Weres your brains. The world gave birth to it and no one can stop it now. so why bother trying all your going ot do is make more work for cracker and hacker to fined a loop hole and in the mean time piss people off.

and any one knows ifu donlt want some one to fined it then make sure u can't fined it. If your not able to fined it then the chances are no one will be able to