Microsoft Prepares Office Lock-in

An anonymous reader writes "NEWS.COM has an article describing Office 2003's DRM features for documents. This will not only coerce those running older versions of Office to upgrade, which has been a problem for MS in the last few years, but it will also shut out competing software, such as OpenOffice. Now think about this for a second. Even if the developers of a competing office suite could figure out how to get their software to open an Office 2003 document, doing so would be a DMCA violation, since they'd be bypassing an anti-circumvention device. I certainly hope the OpenOffice team will kick development into high gear. If there was a time we need a viable competitor to Office, it's now."

Interoperability is protected by DMCA

[TrentC]

For those of you who like to throw DMCA around like a big, evil boogeyman, last time I checked, reverse-engineering for the purposes of interoperability is allowed by the DMCA.

Jay (=

not by default...

[ceswiedler]

The article points out, and I agree, that it's unlikely DRM will be applied to documents by default, since implementing it requires configuring Windows Server 2003 and ensuring both the creator and reader of the document have access/accounts on the Rights server.

It's really targeted at businesses which make heavy use of Active Directory already (or would switch to doing so), so that Finance people can restrict access to sensitive salary documents and such. Most people, even if they can apply DRM to a document, won't choose to do so. How many people change the rights for their local drives to remove access for 'Everyone'?

Re:The straw that broke the PHB's back?

[GrenDel Fuego]

Pointy-Haired Boss. it's a dilbert reference.

RTFA

[Lane.exe]

From the first paragraph:

for the first time will include tools for restricting access to documents created with the software. Office workers can specify who can read or alter a spreadsheet, block it from copying or printing, and set an expiration date.

Users get to set it. It's not automatic.

Re:The straw that broke the PHB's back?

[vrt3]

http://www.catb.org/~esr/jargon/html/P/PHB.html [catb.org]

Re:Interoperability is protected by DMCA

[Fareq]

that is correct, however OpenOffice (or any other similar product) would have to support all the DRM features that MS Office did.

If it was possible for a user who shouldn't have access to a file to use another application to read it, then that app would be in violation of the DMCA because it is a circumvention device.

If it respected all the DRM nonsense, then it would probably fall under the interoperability portion of the law. At least that's the way I read it.

Re:Interoperability is protected by DMCA

[raju1kabir]

For those of you who like to throw DMCA around like a big, evil boogeyman, last time I checked, reverse-engineering for the purposes of interoperability is allowed by the DMCA.

That must come as a tremendous relief to the people who distributed DeCSS source code for watching DVDs under Linux.

Re:not by default...

[gregmac]

so that Finance people can restrict access to sensitive salary documents and such.

Is saving sensitive documents in a directory that's read/write restricted to people in the Finance group not good enough? It seems to work just fine here.

it requires configuring Windows Server 2003 and ensuring both the creator and reader of the document have access/accounts on the Rights server.

So you have to upgrade to server 2003 to take advantage of this, and lock in further to one company. This sounds like a bad solution to a problem that's already been solved for years..

Re:It's actually important to do this.

[Lumpy]

Right now they have to assume that a word document is unaltered upon receipt from a client.

if your law firm does this, you need to switch to a competent law firm right away.

Rule #1 in business and in law, NEVER EVER Trust anyone.

#2 is Double check everything.

Here, send me my recent bill in word format for me to review before you send it to me, no, I won't modify it.

Re:I don't see the problem here.

[Richard_at_work]

You'd have to cripple the entire operating system while the document is open

Not really, the applications do most of the limiting, and since you HAVE to open the restricted document within a trusted application, it can stop you: printing, faxing, taking screen shots of that application (you can arrange the windows in such a way that a screen shot will miss that window altogether, its all there in the win32 api and probably moreso in the extensions office 2k3 gives), it can limit copy-and-paste.

So the only real way you can defeat this is by opening it in a non trusted application, and you can bet yo0ur ass that its encrypted, tho how long that will remain unbreakable is another arguement entirely.

So, in summary, you havent read the article and are jsut spouting off things you think you can do to get around stuff. (They clear up most of your arguements in the article).

Re:wait a minute...

[Richard_at_work]

No they wont reject this. Its an optional thing when saving documents. Customers requested this feature, so my guess is at least some people will buy into this. And as for the DoJ, they can go play with them selves if they think this violates anything, it doesnt as its not anticompetative, just another feature that OOo can think about implementing in their own way.

What's the big deal?

[inertia187]

What's the big deal here? You can do this now by wrapping your word document in PGP. Only, this DRM is managed by a central server and supported internally by the document. Yeah, a DRM protected document couldn't be read by a machine that doesn't participate with the central server and/or can't read the new format, but that's just how it's implemented. If I emailed a PGP protected document properly signed for the person I sent it to, and they don't have PGP installed on that machine, they can't read the document, regardless of the OS. So I'd have to send them an unsigned version. The DRM end users would realize that they can't us the "Protect This Document With LAN DRM Settings" option. They'll learn quickly to avoid it if the company policy allows it.

Re:MOD PARENT UP +1 INFORMATIVE

[Richard_at_work]

screen captures can be prevented from within the win32 api, i have seen it done. Basically the screen capture happens as tho the window isnt there and you get whatever is behind it.

And typing documents out again? I think someone will notice you copying word for word a document over a period of time, and ask you why you arent doing what other work you have to do. Basically it will take a lot longer for you to copy the doc, and there is a much better chance of you being discovered. (and think jsut how much information is removed from the business on a impulse by a disgruntled emplyee, much more than what is removed based on a well thought out and timescaled plan)

Re:Circumvention allowed for interoperability

[Theatetus]

No. Specifically not, in fact. What would be legal would be for the OOo team to crack the encryption in order to build a DRM client that was compatible with the Microsoft DRM server (or, for that matter, a server compatible with the MS DRM client).

Re:Mostly FUD

[merlin_jim]

It's perfectly reasonable for corporate customers to want to control access to their documents in the workplace, and that's what the Office 2003 DRM features are targeted towards. It's just a dumb client-server authentication scheme, people.

I was there at TechEd 2003 when a VP of Verisign took the stage during the keynote address and announced these features.

It is not dumb client-server authentication. It is a public key encryption package. You need access to a centralized server for typical key management operations, including looking up the public keys of parties with whom you have not communicated in the past.

However you will certainly be able to access the documents in a disconnected fashion, as long as your local keystore contains the right information.

Oh and at the time they also announced that the USPS would be supporting a stamping feature for this. Just like today, you can take a document and send it through the mail (to yourself) just to get it stamped with the current date. The USPS will digitally stamp the document with their current date/time. They didn't go into details on how this would work, but I imagine it's a typical hash/signature style function...

READ THE FRIGGEN LAW

[C10H14N2]

The DMCA clearly and unambiguously allows reverse-engineering and circumvention to achieve interoperability.

Don't just assume and feed absurd conspiracy theories. READ THE LAW.

http://www.loc.gov/copyright/legislation/dmca.pd f

Re:There is no problem but Slashdot

[sydb]

Your sig:

LinuxSecurity [tinyurl.com] - All the Linux vulnerabilities Slashbots don't want you to see

You are such a troll! Most of those vulnerabilities are for applications! Many of them are just freaking bug reports! If Microsoft was held responsible for all the non-Microsoft applications then you'd be comparing apples with apples.

GNU/Linux distros include all those applications. But you don't have to install them!

Take a minimal Windows install and a minimal Debian GNU/Linux install. Or take a Windows box and load up a selection of applications from various vendors and a selection of stuff from downloads.com, and compare it with a reasonably complete Debian install. Then I will be able to take your criticisms seriously. As it is, you are overly critical.

Do some research everyone!

[merlin_jim]

Number one most important feature of this that it seems noone is getting:

This is just Public Key Cryptography based on open and documented standards!

How do I know? I was there when it was announced. In early June at TechEd 2003 in Dallas Texas. Some Korean VP of Verisign showed it off. His accent gave it a very scary "All your base are belong to us" kind of feel, but there it is.

Here's the press release from that day:

http://www.verisign.com/corporate/news/2003/pr_2 00 30603b.html

Please read this before you spout off one more cockeyed comment on how Microsoft is evil cause you won't be able to read this on the plane or how it's proprietary and noone will ever understand it or work with it ever again.

Re:Mostly FUD

[BJZQ8]

This would apply greatly to their most recent patent-infringement case where they "lost" 35 weeks of e-mail. Now, upon word from upper management, those 35 weeks of e-mail could be instantly, irrevocably, and easily evaporated. In fact, they could evaporate everything but sections that make them look good (i.e. the initial discussions with the company, not the later "Screw these guys, lets steal their stuff.") This is NOT a good thing, in my view.

VB-type scripting in Spreadsheets - OpenOffice

[Decaff]

Open Office 1.1 rc3 does exactly this. There is a macro recorder that produces Basic scripts. This will run unchanged on Windows, Linux, Solaris, and MacOS/X.

http://www.openoffice.org

Re:Mostly FUD

[BobTheLawyer]

None - when you deliver documents etc subject to a subpoena you have to deliver the means of access to the document.

Re:Mostly FUD

[Anonymous Coward]

I have been previewing a lot of the new features that will be introduced next week. (Don't ask - I may be violating the NDA)

IF your company is running Server2003, and IF you use Office2003, etc. then the document can carry permissions that will for example allow you to read but not print or forward the document. It's the tight integration of Server2003, Office2003, ActiveDirectory, and the XP or 2000Pro OS that allows serious control by the document author within the company.

THAT is the point - to sell the huge companies on using (buying into) the WHOLE enchillada from MS. The special features only work there.

READ THE ARTICLE, people.

[CatOne]

This doesn't automatically enable DRM in all documents. What it does do is make it POSSIBLE to enable DRM in some documents, when a Windows server is used.

Now, I can certainly see where people would WANT the ability to control distribution of specific key security-sensitive documents. And in those cases, sure you'd want tight controls on who could read it (and, what they would use to read it). So this would make sense.

But this isn't just a plain old proprietary document lock-in. Probably 99% of documents will still be non-DRM'd and open, and the 1% that aren't, well the people who enabled the DRM don't WANT joe l337 haxx0r reading them.

Re:DMCA Violation - Not in my NSHO.

[the-banker]

Actually you need to continue reading Section 1201 of the DMCA:

`(A) to `circumvent a technological measure' means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner; and

`(B) a technological measure `effectively controls access to a work' if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.

As is clear, the DMCA ONLY applies when the copyright holder does not give authority to circumvent the technological measure.

My point is that the copyright holder is not Microsoft, so they cannot enforce this provision. If I write a document in Office 2003 and encrypt it, then choose to decrypt it myself, I am essentially granting myself authorization, since I am the copyright holder. MS can not sue, as the Slashdot post alludes, under the DMCA, since they are not the copyright holder. The DMCA's scope is limited to breeches against the copyright holder.

DMCA allows reverse enggineering

[HermanAB]

Being one of the few people in North America that actually read the DMCA ;-) I can say that it explicitly allows reverse engineering for compatibility reasons.

It's not *that* bad

[GarfBond]

Let me preface by stating that I participated in the Office 2003 beta, so I can give a small description on how this feature works (no tomatoes please).

This feature can be activated by selecting "Document Permissions" from either the toolbar or the File menu. Documents are NOT created with this feature enabled by default, although there might be some random little option somewhere to make it the default option.

In Word, this feature enables you to specify which people can read it, and it automagically turns off Print Screen and Printing if I remember correctly, and maybe the clipboard too. In Outlook this prevents you from forwarding or copying the text to clipboard too.

As for home users being able to use it, for the purposes of the beta Microsoft allowed users to use their .net passport as the method of authenticating users, in addition to whatever 2k3 server they might have had. I'm not sure if they're going to allow .net passports after the Office 2003 launch, but only time will tell. Office 2003 users will have to download some additional program (will probably also be on the CD too) to gain access to restricted documents.

For what it's worth, here's what the microsoft help document has to say on the issue:

NoteYou can create content with restricted permission using Information Rights Management only in Microsoft Office Professional Edition2003, Microsoft Office Word2003, Microsoft Office Excel2003, and Microsoft Office PowerPoint2003.

Today, sensitive information can only be controlled by limiting access to the networks or computers where the information is stored. Once access is given to users, however, there are no restrictions on what can be done with the content or to whom it can be sent. This distribution of content easily allows sensitive information to reach people who were never intended to receive it. Microsoft Office2003 offers a new feature, Information Rights Management (IRM), which helps you prevent sensitive information from getting into the hands of the wrong people, whether by accident or carelessness. IRM essentially helps you control your files even after they have left your desktop!

Creating content with restricted permission

IRM allows an individual author to create a document, workbook, or presentation with restricted permission for specific people who will access the content. Authors use the Permission dialog box (File | Permission | Do Not Distribute or Permission on the Standard toolbar) to give users Read and Change access, as well as to set expiration dates for content. For example, Bob can give Sally permission to read a document but not make changes to it. Bob can then give John permission to make changes to the document, as well as allow him to save the document. Bob may also decide to limit both Sally and John's access to this document for 5 days. Authors can remove restricted permission from a document, workbook, or presentation by simply clicking Unrestricted Access on the Permission submenu or by clicking Permission again on the Standard toolbar.

Additionally, administrators for companies can create permission policies that are available in Microsoft Office Word2003, Microsoft Office Excel2003, and Microsoft Office PowerPoint2003, on the Permission submenu and define who can access information and what level of editing or Office capabilities users have for a document, workbook, or presentation. For example, a company administrator might define a policy called "Company Confidential," which specifies that documents, workbooks, or presentations using that policy can be opened by users inside the company domain only. Up to 20 customized policies can be displayed (in alphabetical order) on the Permission submenu at one time so that individual authors can use them for the content they create.

In Word, Excel, and PowerPoint, authors can re

DMCA

[Anonymous Coward]

Dosent this mean that we can hack office to keep OpenOffice (excerpt from DMCA bottom of page 8 in PDF)

Notwithstanding the provisions of subsection (a)(1)(A), a person who has lawfully obtained the right to use a copy of a computer program may circumvent a technological measure that effectively controls access to a particular portion of that program for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs

Im not very legaly knowlegble, but it seems OOO falls into this category.

Yet more alarmist FUD

[earache]

You guys even bother reading the article at all?

The technology is designed to enable secure document transfer between trusted parties. For instance, documents containing trade secrets or engineering specs for a company's latest greatest apps. The creator of the document can secure it so only specified people can read it, limiting potential leaks outside of the company, or the document falling into the wrong hands.

It is not enabled by default and it requires an internal infrastructure to implement (Windows Server 2003 with Windows Rights Management) so the average joe blow isn't going to even be able to use it.

As for "competing products" not being able to read these secured documents, well that's the whole point right? If you're publishing secure documents, you're securing them for a reason, and you're only going to want those who can read it to read it.

There could be an argument for Microsoft to publish an open standard for interoperation, but this is America, not a socialist state, so that argument is a little weak.

Personally, I think this is a cool feature, and one I'm personally going to be using for my day to day work.

Re:Processed log food is shit

[16K Ram Pack]

I've been having great fun with Microsoft's DTS in SQL Server today.

I'm getting an error reported half way down the file. If I edit the first record in a certain way, the error goes away.

If that's not dogshit, I don't know what is.

Re:Disgruntled employees

[doorbot.com]

this will be great when someone quietly locks 10 years worth of documents he created before getting laid off... a week later, after his Win* user ID has been deleted, his boss will loooooove the new DRM features implemented by Microsoft.

Window's EFS has a recovery key so an "administrator" can recover the files. In a simple networked environment, this would typically be the domain Administrator, or anyone else the admins designate. These users can unencrypt (and thus read/recover) a deleted user's files. I would guess that IRM-protected files would be recoverable through a similar method.

Re:Mostly FUD

[Dr Caleb]

Isn't this exactly what Lotus Notes does with mobile users and its databases?

Exactally. The server public keys are part of the User ID, along with an expiry date and the users keys. The server address book along with public keys are on the server. The user gets a local copy of the address book and keys if they wish, otherwise the keys can be compared when next they are on-line.

Re:Yet more alarmist FUD

[multi io]

As for "competing products" not being able to read these secured documents, well that's the whole point right?

Um, no it is not. The point that unauthorized users shouldn't be able to read the documents. Competing products should be able to read them, provided they know the required keys and can access the DRM server. This requires that MS documents the encryption format. Just as GnuPG etc do.

PDF unencrypting solution

[interiot]

You'll still have some problems with ghostscript since the Adobe PDF somehow adds some rogue postscript in your printer output that makes the ps2pdf crap out. Ghostscript somehow has a "feature" that supports Adobe's lameness, implemented in its pdf_sec.ps file. You just have to override it with a hacked version like this [paperlined.org] and you should be good.

Googling for pdf_sec.ps along with "Adobe" or whatnot should give you more info.

The submitter didn't RTFA

[EmagGeek]

Probably redundant... but here goes...

According to the article, it is not the default behavior for O2K3 to use Information Rights Management. In fact, in order for Office to lock a document, there has to be a Win2K3 Server running the rights manager suite somewhere on the LAN...

Nothing to see here... move along...

Interesting Idea

[Eythian]

None of this seems to me to be anything bad, it is just a way of controlling who has ready access to documents. While reading the comments, I thought about how it could be implemented as an open source system. If I get free time I may look into prototyping it. Here's what I've come up with so far:

You will need three components generally:

1. A server-side daemon

   This tracks what documents are registered against it, who should be allowed to use it and when and so on. It stores the private keys of the documents, and also public keys of all the potential users. When a user requests a document, it issues a challenge, which they encrypt with their public key, and send back. This is how it knows the user is valid (unless their key has been stolen). It then sends the key that allows the document to be decrypted, assuming all the rights are OK.

2. A client-side daemon

   This is less important, and could probably be removed entierly, but will do caching and allow things like offline access. It acts as an intermediate between the local application and the main server. It will cache the keys and so on, for the time period that they are allowed. It may also store user credentials for a while, so that passwords don't have to be reentered. Ideally, the user password will decrypt the key used for authentication against the main server.

3. A client-side application

   This is the application, OpenOffice, or whatever. When it wants to open a locked document, it goes through the process of asking the client-side daemon for a key. The daemon either replies with the key, or queries the user for a password and then returns the key. This may involve asking the server for the key if it has never been queried before.

This is just off the top of my head, and there are a lot of details missing. What it won't protect against is someone who legitimatly has access to the document running off with it, but it would make it very difficult for anyone to see it who wasn't supposed to have access to it. If desired, you could also have flags for 'no printing', etc, but they would have to be respected by the application so couldn't be relied upon.

One other thing that may be of interest from this is that there sometimes may be no need to distribute an entire document, just a token, and if the person tries to access the token, the latest version of the document is fetched from the server. This could be another way of dealing with dynamic documents.

I might look into this further some time. If you are interested, email me, and I'll find a place to document stuff.