Windows Privacy and the Iraq War

by Preston Gralla

What does the Iraq War have to do with Windows privacy? Plenty, as it turns out. And there's a lesson there to be learned for all of us.



To understand that lesson, come with me in the wayback machine to one year ago, when Colin Powell, in front of the United Nations, cited a British government's high-level intelligence dossier about Iraq as providing one of the reasons why the world should go to war against Iraq.



Not long after the dossier was publicly released, a lecturer in politics at Cambridge University did a little bit of sleuthing and found out that the dossier was little more than a cut-and-paste job, and rather than containing high-level intelligence as the government claimed, was primarily copied directly from three publicly available articles, one of which had been written by a postgraduate student in the U.S. In fact, the dossier even had the same typographical errors found in the student's original article.



So what does this have to do with Windows privacy? It's how the lecturer did part of his sleuthing. The dossier was a Word .doc file. So the lecturer opened the file (which used to be publicly available, but has since been pulled by the British government), and with the help of U.S. privacy expert Richard Smith was able to extract the history of the last 10 edits to the file, including the names of the people who had edited it. So in addition to revealing the cut-and-paste job, he outed who in the British government had their hands on the original dossier, and when they made changes to it.



This revision history is normally hidden, but Smith was able to uncover it, using a small utility that he wrote. For details, see here. And even apart from the normally hidden revision history, there's a lot of private information out in plain sight in Word documents, including the names and possibly personal information about reviewers of the file, and similar data. How you find out this information varies from version to version of Word. In Word 2002, for example, you choose File-->Properties, and then nose around the various tabs for information.



If you work on a file with others, and trade edits and track your changes, Word gathers metadata about your work, and this information can be snooped on by anyone who opens the document. Even if you work by yourself, it tracks your edits. And if you think that revealing that information doesn't have consequences, just think back to the British intelligence dossier, and how it's caused world-wide embarrassment for several governments.



There's something you can do about protecting your privacy, though. If you use Word 2002 or 2003, Excel 2002 or 2003, or PowerPoint 2002 or 2003, you can get a free Microsoft tool that zaps hidden data and collaboration data, such as comments and edit-tracking in Word, Excel, and PowerPoint files. Download Office 2003/XP Add-in: Remove Hidden Data and you'll be able to delete all the information in a snap.



As for the British and U.S. governments, we should consider ourselves lucky that this tool wasn't available a year ago. Full disclosure in democracies are best for all. In fact, it would be nice to see this tool banished from government bureaucracies the world over.




What do you think about how the cooked-up dossier was uncovered? What are the implications for your privacy? Will you use the privacy tool? Let me know.


2 Comments

brian_d_foy
2004-02-08 14:59:31
Hours of fun
I used to do this with all the documents that clients sent to me. It seems a lot of people do not start from a new document, but find one that looks like what they want and then replace the text. As I recall, the culprit was some feature called "Fast Find" or some such thing that just saved the differences.


Not being a windows person, I just looked at the raw bytes to see what was in the file.

janr
2004-02-09 00:33:03
security implications
I also use to parse Office files sent to me, when I have time. It often shows information on the LAN topology of the organization it comes from, including account names, servers and domains. It's not a vulnerability per se, but it may help attackers gain knowledge on a target.


There's an interesting essay by Simon Byers on MS Word data extraction here:


www.user-agent.org/word_docs.pdf