Home > Archive > Hepatitis disease > February 2006 > Hidden Data Haunting Computer Users





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Hidden Data Haunting Computer Users
Alan

2006-02-25, 8:45 pm

Hidden Data Haunting Computer Users
By Brian Bergstein
The Associated Press

BOSTON -- When the New England Journal of Medicine used a word-processing
function to reveal that Merck had deleted study data about Vioxx and heart
attacks, the pharmaceutical giant joined a long line of organizations bitten by
information lurking in electronic files.

It's happened to organizations from the Pentagon to the British prime minister's
office.

Each time, making minor electronic adjustments to documents aired juicy details
not meant for public disclosure -- such as the true author of a file or
sensitive data hacked from a final draft.

The pitfalls of such hidden "metadata" have long been known in computer-savvy
circles, but these high-profile leaks are driving new efforts to keep a lid on
metadata. So sensitive is the topic for the U.S. government that the National
Security Agency released guidance in December on how agencies can properly
redact reports.

For the corporate world, several companies are finding success in selling tools
to automatically scan for and remove metadata.

Metadata is data about data. A word-processing document, for instance, has
metadata on who authored it, when someone saved it and what that person did to
it. Microsoft's Word program has a "track changes" feature that preserves a
file's original text and shows another person's edits. All that is metadata.


This information is designed to stick around because it can help people organize
their files and collaborate with one another.

But because it doesn't show up when a document is printed and doesn't appear on
screen in normal settings, it's easy to forget about.

Fears about the hazards of metadata led Microsoft to pull back on a planned
feature in Vista, the upcoming Windows operating system. Originally, Vista was
going to let users drag and drop files into spots on the desktop in order to
label documents with personalized categories.

But Vista testers told Microsoft it might become "a little too easy" to apply
the categories and have them stick permanently to the document, said Mike Burk,
a Windows product manager. That could get ugly if a file labeled "projects I
hate" were e-mailed to a boss.

Meanwhile, the next generation of Microsoft's widely used Office software, which
includes Word, Excel and PowerPoint, will make it simpler to strip metadata from
files before they are disseminated.

Even so, Gartner analyst Michael Silver says the problem will remain -- metadata
will exist in documents unless users make a point of getting rid of it.

"It's still a manual process. It's still something you have to remember to do,"
Silver said. "Any time you're relying on the user to remember something, there's
a good chance that they'll forget."

The Pentagon had a hidden-data episode last May. Before posting a report in
Adobe Systems' Portable Document Format about a U.S. soldier who had
accidentally killed an Italian secret service agent in Iraq, officials covered
up classified information with black bars.

But there's a difference between covering and deleting information. Readers
simply uncloaked the text by cutting it from under the black and pasting it
elsewhere.

Automated tools to help protect against metadata releases have existed for a
while, but they are beginning to see wider use. For example, Workshare sells a
product called Trace that scans documents for metadata and ranks the findings by
risk level. For most of Workshare's six years in existence, the company's
customers were primarily lawyers, who are particularly sensitive about client
information escaping to the opposing side.

But in the past year, Workshare has seen business expand to 60 percent of the
Fortune 1000, said CEO Joe Fantuzzi. Revenue has surpassed $25 million, and
Fantuzzi believes metadata protection is on the verge of being a must-have for
corporate technology buyers.

Richard Smith, a computer privacy expert at Boston Software Forensics, mined
metadata to determine who in the British prime minister's office worked on a
2003 dossier on Iraq.

Even in a world more attuned to the perils of metadata, however, Smith doesn't
think the material will dry up.

"There are simply too many people who work in governments around the world, and
there is no way to educate them all about metadata," he wrote in an e-mail. "I
expect to see a steady stream of slip-ups in the future."


I do hope that nobody was using Office software to be doing things that he
shouldn't have.

*snigger*



Lord Cerne Abbas

We shall go on to the end, we shall defend our World, whatever the cost may be,
we shall fight on the beaches, we shall fight on the landing grounds, we shall
fight in the fields and in the streets, we shall fight in the hills; we shall
never surrender, and even if this World, or a large part of it were subjugated
and starving, then we would carry on the struggle, until, in God's good time,
the New World, with all its power and might, steps forth to the rescue
and the liberation of the old."

To rebel is right, to disobey is a duty, to act is necessary !

http://www.veloceraptor.free-online.co.uk/identity.html

http://www.veloceraptor.free-online.co.uk/mylinks.html

http://lordcerneabbas.blogspot.com/

Copyright 2003 - 2008 pahealthsystems.com