Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Microsoft Businesses Software

Microsoft Prepares Office Lock-in 1127

An anonymous reader writes "NEWS.COM has an article describing Office 2003's DRM features for documents. This will not only coerce those running older versions of Office to upgrade, which has been a problem for MS in the last few years, but it will also shut out competing software, such as OpenOffice. Now think about this for a second. Even if the developers of a competing office suite could figure out how to get their software to open an Office 2003 document, doing so would be a DMCA violation, since they'd be bypassing an anti-circumvention device. I certainly hope the OpenOffice team will kick development into high gear. If there was a time we need a viable competitor to Office, it's now."
This discussion has been archived. No new comments can be posted.

Microsoft Prepares Office Lock-in

Comments Filter:
  • by mao che minh ( 611166 ) * on Tuesday September 02, 2003 @12:27PM (#6851434) Journal
    This may actually signal the beginning of the end of the monopoly. People have always speculated that widespread damnation of DRM technologies will only occur once a major manufacturer, such as Microsoft, uses it to blatantly direct the consumer to spend money that they really didn't intend on spending. It goes hand in hand to suppose that the said company will become a major target for customer disdain, and the act will make them infamous as "the first". The spin that the media can place upon such a story will be catastrophic to the companie's image. And Microsoft will have no where to hide, because it no longer only be the geeks that are tasting the effects of the monopoly.

    Just imagine the backlash that will come from inter-company communication via Excel and Word. Hell, my company has had numerous problems with reporting (scripts that mine data from various sources, such as Excel, and generate reports) and document management systems just because of differences between Excel/Word 97 and 2000 files. This may be what FOSS needs to start making massive market penetration.

    • Mostly FUD (Score:5, Insightful)

      by Anonymous Coward on Tuesday September 02, 2003 @12:31PM (#6851472)
      This article emphasizes the role of DRM in commercial settings. It's perfectly reasonable for corporate customers to want to control access to their documents in the workplace, and that's what the Office 2003 DRM features are targeted towards. It's just a dumb client-server authentication scheme, people.

      Put away the aluminized headgear. This is not an anti-consumer technology, or even a consumer-oriented one.
      • Re:Mostly FUD (Score:4, Interesting)

        by letxa2000 ( 215841 ) on Tuesday September 02, 2003 @12:37PM (#6851547)
        This article emphasizes the role of DRM in commercial settings. It's perfectly reasonable for corporate customers to want to control access to their documents in the workplace, and that's what the Office 2003 DRM features are targeted towards. It's just a dumb client-server authentication scheme, people.

        Yes, and as such it seems entirely stupid. So the executive flying to L.A. won't be able to access the documents while on a 4-hour flight. Nor will he be able to do so from the hotel unless they open up the firewall to let him access the authentication server--something that seems inherently dangerous considering it's Microsoft we're talking about. Employees may not be able to work from home or in the evening for the same reason. If you send the document to an external consultant or a client it's going to be a major hassle to give them access--short of saving a version with no access restrictions.

        If Microsoft is going to implement DRM in their Office platform, this is the way we want them to do it. It seems like a pretty stupid way to implement it that's going to cause more problems than it's going to solve. And if by implementing this DRM and showing consumers just how inconvenient it is the consumers learn that DRM is not their friend, all kind of Microsoft plans may go down the toilet.

        • Re:Mostly FUD (Score:5, Insightful)

          by Martin Blank ( 154261 ) on Tuesday September 02, 2003 @12:43PM (#6851655) Homepage Journal
          So the executive flying to L.A. won't be able to access the documents while on a 4-hour flight. Nor will he be able to do so from the hotel unless they open up the firewall to let him access the authentication server--something that seems inherently dangerous considering it's Microsoft we're talking about.

          Do you think MS doesn't even use their own software? Their executives spend a lot of time jetting around the world for various reasons, be they business, lobbying, or vacation. I doubt they would be so short-sighted as to not put some method of permission caching in place. Personally, I see this being used in corporate law departments and in R&D divisions, where the ability to lock people out of something even if they do have possession of it would be invaluable.

          Besides, if it's hard to use or if there's not a real need for it, people simply won't use it. A lot of features get his treatment -- how many places do you know of that have even tried to implement the shared editing features?
          • Re:Mostly FUD (Score:5, Interesting)

            by tambo ( 310170 ) on Tuesday September 02, 2003 @12:48PM (#6851702)
            Permission caching? Isn't that self-defeating?

            Most corporate-secret theft or destruction cases are an inside job. Competent IT staff (such as the kind that companies large enough to have valuable secrets can afford... not that they do, but they *can*) can, reasonably well, lock down a network from intrusion.

            The much harder, and more common, problem is with ex-employees or unfaithful employees sending documents and secrets to competitors. Any scheme intended to squelch this is entirely defeated if permissions are cached.

            - David Stein
            • The Caching Issue (Score:5, Interesting)

              by SamBaughman ( 74713 ) on Tuesday September 02, 2003 @02:03PM (#6852462) Journal
              Sure, permission caching can be self-defeating if you set the cache to hold on to an authentication token for a year. But this is a general problem with permission cacing in general, and not unique to anything Microsoft might choose to implement.

              Maximum security requires frequent re-authorization. Daily. Hourly. Every 15 minutes.

              A good authentication server would be able to tell you who has a cached authorization token, so then when you decide to revoke access to a file you can tell which people have a cache token on their laptops that you need to kill ASAP.

              So far as leaking secrets to competitors, the DRM "solution" simply requires you to convert across an independent medium... printout, screenshot, photograph of screen. The only thing this "DRM" provides is the ability to mass-distribute a document within a company without worrying that someone might be on a mailing list that they're not supposed to be on... since everyone has to authenticate to read the attached document, they'd have to use an authenticated account to read it.
          • Re:Mostly FUD (Score:4, Interesting)

            by weileong ( 241069 ) on Tuesday September 02, 2003 @01:15PM (#6851972)
            Do you think MS doesn't even use their own software? ...

            Personally, I see this being used in corporate law departments and in R&D divisions, where the ability to lock people out of something even if they do have possession of it would be invaluable.


            The next time MS gets sued, how many of the documents subpoenaed will (via DRM expiry etc.) be unobtainable by the other party?

        • by GMFTatsujin ( 239569 ) on Tuesday September 02, 2003 @01:53PM (#6852393) Homepage
          Employees may not be able to work from home or in the evening for the same reason

          You mean my evenings and weekends are ALL MINE AGAIN? Praise be to Microsoft! Where do I sign up?????
      • Re:Mostly FUD (Score:5, Insightful)

        by Skapare ( 16644 ) on Tuesday September 02, 2003 @12:57PM (#6851797) Homepage

        In order to ensure that older versions of Office or Word cannot read a DRM restricted document, they have to make it "incompatible" in some way. If they do that by having a few fields that will choke older programs, it still won't do anything to prevent developers of other office productivity software from making it readable in theirs. So Microsoft will almost certainly have to encrypt the document, and serve up the key from the DRM server (using a proprietary protocol, of course). That encryption is involved makes it the kind of rights-restricting scheme the DMCA makes illegal to re-engineer. And don't think Microsoft doesn't know this; they are not dumb. They will try to do at least as much as they can get away with (and perhaps more, which we can then pounce on). Be sure you use the word "interoperability" more, now.

        My big fear is that this new protocol and server will be full of the kinds of bugs that Microsoft traditionally puts in new software expecting the public to help them debug it. Imagine the impact when people assume this DRM will protect their confidential documents (such as health records, bank records, and such), and stop using other methods. In a few years we'll see lots of these documents not only cracked, but cracked via the internet en masse. Oh the horror.

        • by emil ( 695 ) on Tuesday September 02, 2003 @01:56PM (#6852411)

          Most nations do not have a DMCA. The decryption work will simply be performed outside the sphere of influence of this facism.

          Microsoft could choose to emulate Adobe and trigger an FBI investigation of OOO within the borders of the US. In doing so, they would trigger a fight with Sun.

          Sun is much larger than Elcomsoft, and it would be the fight of the century. It might actually be the key moment where the IT industry overthrows the DMCA (as should have happened some time ago).

          When Sun wins (Microsoft legal will find a way to screw it up), the DMCA will suffer a mortal blow. Congress would be extremely unwise to attempt to strengthen it; those who endorse such an action will face the wrath of some well-organized lobbiests.

          Microsoft, choose your battles carefully.

      • Re:Mostly FUD (Score:5, Informative)

        by merlin_jim ( 302773 ) <James DOT McCrac ... ratapult DOT com> on Tuesday September 02, 2003 @01:13PM (#6851957)
        It's perfectly reasonable for corporate customers to want to control access to their documents in the workplace, and that's what the Office 2003 DRM features are targeted towards. It's just a dumb client-server authentication scheme, people.

        I was there at TechEd 2003 when a VP of Verisign took the stage during the keynote address and announced these features.

        It is not dumb client-server authentication. It is a public key encryption package. You need access to a centralized server for typical key management operations, including looking up the public keys of parties with whom you have not communicated in the past.

        However you will certainly be able to access the documents in a disconnected fashion, as long as your local keystore contains the right information.

        Oh and at the time they also announced that the USPS would be supporting a stamping feature for this. Just like today, you can take a document and send it through the mail (to yourself) just to get it stamped with the current date. The USPS will digitally stamp the document with their current date/time. They didn't go into details on how this would work, but I imagine it's a typical hash/signature style function...
    • by Anonymous Coward on Tuesday September 02, 2003 @12:32PM (#6851484)
      If I receive documents from suppliers and clients that I can't read, then I will ask them to send it again in another format, and they won't have a problem with that for now.

      But five years from now, when everybody buying a Dell or Gateway machine has the latest version of Office bundled with their machine, I will likely be the only guy who can't read their documents, and their sympathy will have disappeared. I'll have to upgrade.

      There's no particularly good way out of this using the marketplace; the marketplace will dictate it.
      • by banzai51 ( 140396 ) on Tuesday September 02, 2003 @01:30PM (#6852128) Journal
        That's fine until a BIG customer like say, Ford or GM start using this stuff. Think they'll change or resend? Nope. They'll just cut your contract and give their business to someone who will listen to them. What Open Office needs is someone like Ford or GM to switch to it, and force a trickle down effect. So if your local 800lb gorilla switches, then look for most of the businesses in your area to switch.
      • by JWW ( 79176 ) on Tuesday September 02, 2003 @01:30PM (#6852133)
        If they want to still be your supplier, they won't be able to dictate it, you can demand that they send you the documents in the appropirate format for you.

        I think we'll see more pdf's due to things like this.

        As for your clients, well, there you're screwed, they will demand the new formats, but you can always try to send them pdfs. But in the end you will have to do what they want.

        I keep finding more and more reasons to dislike Microsoft. I mean, how the hell are there people out on slashdot who can actually continue to stick up for them (M$ employees excluded).
      • by jbn-o ( 555068 ) <mail@digitalcitizen.info> on Tuesday September 02, 2003 @01:34PM (#6852169) Homepage

        But five years from now, when everybody buying a Dell or Gateway machine has the latest version of Office bundled with their machine, I will likely be the only guy who can't read their documents, and their sympathy will have disappeared. I'll have to upgrade.

        There's no particularly good way out of this using the marketplace; the marketplace will dictate it.

        If you give up on freedom, precisely what you describe is likely to happen because people are not going to give up word processing or editing databases, so they'll go with whatever software is available to meet their needs. There is another path: teach people the value of software freedom.

        The Free Software movement proves that "the marketplace" is not the almighty immobile force you describe (or perhaps you're just interpreting too much in terms of the marketplace in order to make it appear unchanging; hence whatever happens it will be seen through that lens). When the GNU project began, many people said nobody would write software without being paid and when people are paid to write software, they are being paid to write non-free software. History clearly shows those people were wrong. In fact a number of the organizations that distribute non-free software now use the GNU Compiler Collection (gcc) as their chief compiler, and ship part of the rest of the GNU operating system too. People have been paid to write Free Software and governments are getting the idea that their people's ability to communicate freely using a computer rests on using Free Software.

        I think the key is to teach more people about software freedom. Take this opportunity to show people that with Free Software you won't be beholden to any proprietor's interests. As the pool of people using Free Software grows your chances for being able to get by with Free Software grows too.

    • by AzrealAO ( 520019 ) on Tuesday September 02, 2003 @12:32PM (#6851488)
      This is a feature some people want. It'd not on by default (how could it, be, since it requires a properly configured server to do the rights management).

      It'll let businesses lock their documents down, for internal use. Nothing at all here gives any indication that all documents created will have DRM forced on. If a business or user doesn't want to use it, don't turn it on.
      • by cnelzie ( 451984 ) on Tuesday September 02, 2003 @12:42PM (#6851636) Homepage
        ...unlike in the previous years where a lowly secretary could get her hands on an executive document detailing such things as fleecing the investors, dumping (on accident or on purpose) HIGHLY toxic chemicals into the local residential area's water supply or other scandalous corporate activities will simply cease to be.

        Unless the rights to print such a document are still allowed, it would mean that corporations can get away with hundreds upon hundreds of scams, illegal activites and everything else that our nation's current corporate climate has bred.

        Now, if we had a culture of doing the right thing, being honest and trusting, then there would be no issue with having such DRM capabilities being built into an office software package... Of course, that kind of feature would never be used in such a world as there wouldn't be any reaon, if people could be trusted.

        I know that DRM makes sense on protecting a company's assets, but it can be the carte blanche to the CEO's of the world to forgo legal business practices...
        • by Schnapple ( 262314 ) <tomkidd&gmail,com> on Tuesday September 02, 2003 @01:04PM (#6851869) Homepage
          Now, if we had a culture of doing the right thing, being honest and trusting, then there would be no issue with having such DRM capabilities being built into an office software package... Of course, that kind of feature would never be used in such a world as there wouldn't be any reaon, if people could be trusted.
          So you're saying because a handful of companies are doing bad things and snooping secrataries break the rules and could save the day we shouldn't implement this feature? There's tons of perfectly legitimate uses for this technology and anyone who doesn't like it can go use OO or just ignore the feature.

          Besides, Kenneth Lay didn't have a clue what was going on in Enron (or so his PR firm says) - what makes you think he'd be smart enough to use this feature?

        • by sterno ( 16320 ) on Tuesday September 02, 2003 @01:12PM (#6851949) Homepage
          Unless the rights to print such a document are still allowed, it would mean that corporations can get away with hundreds upon hundreds of scams, illegal activites and everything else that our nation's current corporate climate has bred.

          This isn't going to change anything. Today a technically competent corporation can secure documents using certificates, PGP, etc. If they really want to cover their tracks they can do so. Better yet, they can do their dirty work only on paper, then shred it when the feds show up. Seemed to work just fine for enron.
          • by Frogg ( 27033 ) on Tuesday September 02, 2003 @02:10PM (#6852518)
            Today a technically competent corporation can secure documents using certificates, PGP, etc. If they really want to cover their tracks they can do so.

            ..only now it'll be as easy as clicking a checkbox -- or perhaps:

            Clippy: Hi, I can see you're trying to [take over the world] -- would you like me to enable DRM?

        • by j-turkey ( 187775 ) on Tuesday September 02, 2003 @01:33PM (#6852166) Homepage
          Now, if we had a culture of doing the right thing, being honest and trusting, then there would be no issue with having such DRM capabilities being built into an office software package... Of course, that kind of feature would never be used in such a world as there wouldn't be any reaon, if people could be trusted.

          So you're anti-DRM...but what you wrote seems anti-crypto too. Is crypto OK to use just so long as "evil corporations" stay away from it? Crypto is for everyone...plain-old-folks-like-you-and-me, scientists, inventors, admin assistants, doctors, lawyers, salesfolk, plumbers, students, and yes -- corporate officers. Did you have the same reaction when PGP or GPG was released? It isn't like this is the first crypto to come to the Windows world. "Bad people" could've had their hands on it before just now. If this comes down to your not liking MS' implementation of it, don't use it. Otherwise, everyone who has ever written an encryption scheme for general consumption has had to think about the repercussions of "bad people" using it...and again, it's not like it wasn't available before (and it's been done quite well -- so well, that I do not believe that the NSA is able to break much of it).

          In your rationale for keeping DRM away from businesses you point to their general dishonesty. It seems like you're suggesting that every officer at every company is corrupt...and I don't think that you could be any more wrong. Come on...is everyone who tries to sell a product or service (and make a buck in the long run) an evil empire run by an evil genius?

          Sorry to vent this off onto you, but I'm getting kinda tired of the contention that every businessperson (and everything associated with it) being "evil". So some guys were (and are) dirty. Some psychiatrists take advantage of their patients to extort money and sex from them. Are they bastards? Sure -- but it does not say a single thing about the lot of them. How many executive officers do you know? How many of these people that you know (not know of, but actually know) are "evil corporate bastards"? Can you actually prove it?

          I'm not asking you to go back to work and hug your CFO, but just think about what you're saying.

          IANAEO
          I Am Not An Executive Officer (or even close!)
          I do use, and encourage the use of strong encryption for everyone.

          -Turkey


          P.S. Wouldn't this be alot easier if strong encryption just didn't work when the evil bit's set?
      • by tambo ( 310170 ) on Tuesday September 02, 2003 @12:45PM (#6851668)
        No, it really won't.

        Think of the ways that you can defeat this scheme:

        * Print out the document and send it however you like.

        * Take screenshots and send the images as JPEGs.

        * Use the built-in fax modem to fax it somewhere.

        * Copy the text into the clipboard and paste it into another app.

        The exploits are endless. You'd have to cripple the entire operating system while the document is open.

        I needn't contemplate the absurdity of Microsoft trying to get into the information-security business. Obviously, that's not their goal. Even if it were, it will frequently be at odds with their function of providing a usable operating system.

        - David Stein
      • by vondo ( 303621 ) * on Tuesday September 02, 2003 @12:46PM (#6851683)
        In fact, this could be a great opportunity for OpenOffice or something like it. Imagine a suite that would lock documents such that they could only be decrypted by someone with the right certificate, but that it's done in an open fashion so any program could implement it. Plus, users would have the assurance that the security model is well audited (as opposed to MS Office which has used very weak encryption in the past.

        The point is, MS can do this, but a Free/Open project could do it better.

    • by UberOogie ( 464002 ) on Tuesday September 02, 2003 @12:34PM (#6851507)
      Dream on.

      Call me a cynic, but I've lost count of the number of times that MS forced upgrade cycles were going to be the end of the company. It hasn't yet, and won't be in the future, even with this. Enough people and companies will pay to make it a non-issue. Watch.
    • by override11 ( 516715 ) <cpeterson@gts.gaineycorp.com> on Tuesday September 02, 2003 @12:34PM (#6851516) Homepage
      We allready use OpenOffice for all our end user's here. Just be sure the Pc has 128 megs of ram, and put the office quicklaunch on startup, or they will complain about how long it takes to start. Otherwise, it works awesome for all standard end user word / excel tasks (99% of end users). As soon as your company gets one of those audit letters, spring the OpenSource and the management will come flocking. =)
    • by bokelley ( 563370 ) * on Tuesday September 02, 2003 @12:36PM (#6851534)
      At the same time, Microsoft has been fairly savvy in protecting its {monopoly|competitive advantage} without really ticking off the media. The Messenger lockdown is pretty blatant, and I haven't seen much public outrage - primarily because the people using Trillian et al are not the mainstream (yet). The big companies that are locked into their Microsoft investments make choices every 2-5 years when they upgrade their desktops. If Microsoft can create FUD - by claiming incompatibility or building it into new products - then they can hold off OpenOffice for another few years. I wonder if the EU would see this as anti-competitive (the US won't/can't do anything even if it does).
    • by BWJones ( 18351 ) on Tuesday September 02, 2003 @12:38PM (#6851566) Homepage Journal
      I wonder what this will do for companies such as Apple who are building in MS office document readability/writeability into their applications/operating systems? Right now I can read and write .ppt files in Keynote, and .doc files with, ahem other bits of software on my OS X boxes. So, is this simply an attempt at providing a more secure environment or is Microsoft doing an end run around other folks to make it a federal crime in the name of security to compete with them?

      • by sterno ( 16320 ) on Tuesday September 02, 2003 @01:25PM (#6852072) Homepage
        If Sun or some open source team developed an import filter that circumvented microsoft's drm, microsoft would never win a legal case against them. It's easy to use the DMCA to try to go after people who have all the appearance of pirates. It's an entirely different thing to go after a corporation that's clearly using the cirumvention to provide compatibility and competition.

        Furthermore, if Microsoft won the DMCA suit, they could be immediately prosecuted for using the DRM as a lockout to maintain their monopoly. Hell, they could be sued even before that.
  • Hmph! (Score:5, Funny)

    by Talia Starhawke ( 650311 ) <talia_starhawk@@@yahoo...com> on Tuesday September 02, 2003 @12:29PM (#6851448) Homepage Journal
    That's it, I'm getting out my typewriter. I'll pound out my reports old school, like Hunter S. Thompson still does.

    Who's with me?

    Anyone?

  • by AtariAmarok ( 451306 ) on Tuesday September 02, 2003 @12:29PM (#6851454)
    As long as there is enough room under the door to shove a thin-crust pizza under it, I'm game.
  • by TrentC ( 11023 ) on Tuesday September 02, 2003 @12:30PM (#6851458) Homepage
    For those of you who like to throw DMCA around like a big, evil boogeyman, last time I checked, reverse-engineering for the purposes of interoperability is allowed by the DMCA.

    Jay (=
    • by Fareq ( 688769 ) on Tuesday September 02, 2003 @12:36PM (#6851533)
      that is correct, however OpenOffice (or any other similar product) would have to support all the DRM features that MS Office did.

      If it was possible for a user who shouldn't have access to a file to use another application to read it, then that app would be in violation of the DMCA because it is a circumvention device.

      If it respected all the DRM nonsense, then it would probably fall under the interoperability portion of the law. At least that's the way I read it.
    • by dan dan the dna man ( 461768 ) on Tuesday September 02, 2003 @12:41PM (#6851606) Homepage Journal
      Although they will still arrest you [freesklyarov.org] and invoke the DMCA because maybe you design something that facilitates Adobe ebook and Adobe Acrobat Reader interoperability ;)
      • by thelexx ( 237096 ) on Tuesday September 02, 2003 @02:35PM (#6852745)
        Since you mention the evil ebook, I must rant, fuck my karma:

        I have just been bitten by an ebook wielding website that I subscribed to before realizing the format they used. It required rebooting into Windows, using IE and installing Acrobat 6 to even download the data from their site. Acrobat 6 blocked most attempts to print to pdf etc, but I finally got PS output by installing an HP PS printer on the FILE: port. ps2pdf under Linux refused to convert the file citing redistillation not allowed. I'm hoping good old ghostscript will work, but I will have to tinker with that later tonight. In short, it's been a MAJOR PAIN IN THE FUCKING ASS to use a portion of a book that I have paid money for outside of a single program made by a single company on a single OS on a single PC. Welcome to DRMworld.

        This shit will almost certainly hurt MS in the long run. That's the _only_ beauty in it that I can see so far.

        • by interiot ( 50685 ) on Tuesday September 02, 2003 @04:02PM (#6853606) Homepage
          You'll still have some problems with ghostscript since the Adobe PDF somehow adds some rogue postscript in your printer output that makes the ps2pdf crap out. Ghostscript somehow has a "feature" that supports Adobe's lameness, implemented in its pdf_sec.ps file. You just have to override it with a hacked version like this [paperlined.org] and you should be good.

          Googling for pdf_sec.ps along with "Adobe" or whatnot should give you more info.

  • Excellent (Score:5, Interesting)

    by BoomerSooner ( 308737 ) on Tuesday September 02, 2003 @12:31PM (#6851468) Homepage Journal
    Now all Sun needs to do is release an OS X native version, add a database that works more like Access (maybe php or jsp scripting) and MARKET THE HELL OUT OF IT.
    • Re:Excellent (Score:5, Interesting)

      by weston ( 16146 ) <(westonsd) (at) (canncentral.org)> on Tuesday September 02, 2003 @12:41PM (#6851618) Homepage
      If we're relying on Sun to do save the situation, we may as well all preorder our DRM'd Longhorn-only boxes right now. Everything I've been led to believe by talking to a Sun engineer I know who actually used to work on the OS X native port of the project is that Sun simply does not have it together enough to do this right -- they just don't know how to do product development or product management or marketing for applications.
  • Comment removed (Score:4, Insightful)

    by account_deleted ( 4530225 ) on Tuesday September 02, 2003 @12:31PM (#6851471)
    Comment removed based on user account deletion
    • Surely you jest? (Score:5, Insightful)

      by kylef ( 196302 ) on Tuesday September 02, 2003 @12:56PM (#6851783)
      This kind of blatent abuse of the law is just another step towards neo-monarchism, and more loss of freedom for the common person.

      OK. Let me get this straight. A private company introduces software that basically introduces built-in encryption for word documents, spreadsheets, and email. This technology is designed to allow companies to prevent emails and documents from accidentally "leaking" to the press or into the hands of corporate spies. This won't even affect the home user AT ALL because home users don't have the necessary software to make use of IRM anyway (it requires a separate Windows 2003 Server in addition to MS's Information Rights Management software).

      And the availability of this product is somehow an example of "blatant abuse of the law"? I think some people here are suffering from some kind of paranoia.

    • by Overly Critical Guy ( 663429 ) on Tuesday September 02, 2003 @01:09PM (#6851913)
      This feature is off by default. Certain companies will want to lock-in their documents. This is a 100% complete non-issue.
  • not by default... (Score:5, Informative)

    by ceswiedler ( 165311 ) * <chris@swiedler.org> on Tuesday September 02, 2003 @12:32PM (#6851480)
    The article points out, and I agree, that it's unlikely DRM will be applied to documents by default, since implementing it requires configuring Windows Server 2003 and ensuring both the creator and reader of the document have access/accounts on the Rights server.

    It's really targeted at businesses which make heavy use of Active Directory already (or would switch to doing so), so that Finance people can restrict access to sensitive salary documents and such. Most people, even if they can apply DRM to a document, won't choose to do so. How many people change the rights for their local drives to remove access for 'Everyone'?
    • Re:not by default... (Score:4, Interesting)

      by Qrlx ( 258924 ) on Tuesday September 02, 2003 @12:49PM (#6851706) Homepage Journal
      Most people, even if they can apply DRM to a document, won't choose to do so. How many people change the rights for their local drives to remove access for 'Everyone'?

      Furthermore, what's the interplay between NTFS permissions, Share permissions, and these new DRM permissions? That's a lot of permissions to manage. Do I have to set these permissions from inside Word or can I do it in the Finder (Whoops. I mean Explorer. Man how'd that happen?)

      Every place I've been, the Finance people already have restricted access to sensitive documents. It's in a folder called "Finance" that only they have access to.
  • by pe1chl ( 90186 ) on Tuesday September 02, 2003 @12:32PM (#6851481)
    My impression from this document is that it is an optional feature, only active when the creator of the document specifies who can read it.
    When the creator thinks it should only be readable on Windows 2003, and not on other software, that is his responsibility. And it is the responsibility of the reader to reject such documents as unusable.

    This is hardly new. We use StarOffice 5.2 at work, and it cannot open password-protected documents from Office 95 or 2000. This is amongst the least problems when using that package in a mixed Office-StarOffice environment.
  • wait a minute... (Score:5, Interesting)

    by prichardson ( 603676 ) on Tuesday September 02, 2003 @12:33PM (#6851492) Journal
    Does this not violate Microsoft's DoJ agreement? I mean, this is obviously anticompetitive behavior. I think that people will see this new "feature" and either not upgrade (unless it adds A LOT of worthwhile features) or save their files as RTFs or older doc formats. I think Microsoft is shooting themselves in the foot with this. People want compatibility, that's why they stick with Windows. People will reject this.
  • RTFA (Score:5, Informative)

    by Lane.exe ( 672783 ) on Tuesday September 02, 2003 @12:33PM (#6851498) Homepage
    From the first paragraph:

    for the first time will include tools for restricting access to documents created with the software. Office workers can specify who can read or alter a spreadsheet, block it from copying or printing, and set an expiration date.

    Users get to set it. It's not automatic.

    • by Petronius ( 515525 ) on Tuesday September 02, 2003 @12:49PM (#6851708)
      for the first time will include tools for restricting access to documents created with the software. Office workers can specify who can read or alter a spreadsheet, block it from copying or printing, and set an expiration date.

      this will be great when someone quietly locks 10 years worth of documents he created before getting laid off... a week later, after his Win* user ID has been deleted, his boss will loooooove the new DRM features implemented by Microsoft.
  • This is news? (Score:4, Insightful)

    by AnotherSteve ( 447030 ) on Tuesday September 02, 2003 @12:33PM (#6851501)
    New version of [Software] has [feature1..featureN] that will make it incompatible with previous versions. Observers say that [Company] hopes this will drive sales of [Software].

    Whatever.
  • "Problem?" (Score:5, Funny)

    by schon ( 31600 ) on Tuesday September 02, 2003 @12:33PM (#6851503)
    coerce those running older versions of Office to upgrade, which has been a problem for MS in the last few years

    Yeah, it's so damn irritating when your customers pay you for something, and then expect to continue using it.
  • by tgd ( 2822 ) on Tuesday September 02, 2003 @12:34PM (#6851509)
    Where does it say *all* docs will be protected?

    If its just docs you choose to use DRM with, then whats the problem? You choose to do that knowing the limitations because it makes sense for your use case. If thats a problem, you don't use it.

    If I, as a company, choose to require all outgoing docs to have DRM, its my need to protect my information thats locking people in, not Microsoft.

    And for what its worth, I don't use a speck of Microsoft software outside of work, and wouldn't. But lets get real here.
  • by tjstork ( 137384 ) <todd@bandrowsky.gmail@com> on Tuesday September 02, 2003 @12:34PM (#6851510) Homepage Journal

    Law firms, especially, need this feature.

    Right now they have to assume that a word document is unaltered upon receipt from a client. Now, with DRM, they can guarantee it. They also need to control distribution of documents and readability.

    Pretty much every major corporation will want this feature once they understand it.

    So, instead of fighting DRM, jump on the bandwagon, and have --better-- rights management in Open Office.

    I'm not actually convinced that you need to have compatability between Office suites. Really, most people can use their existing MS Office to edit their Office documents and their new Office to edit their new documents. That way, if the old Office license is expired by Microsoft, everyone can complain to MS about how they can no longer read their documents, whereas, Open Office would theoretically never have that problem.

    So, I would educate customers that file compatibility is not particularly necessary.

    • by JediTrainer ( 314273 ) on Tuesday September 02, 2003 @12:43PM (#6851651)
      Right now they have to assume that a word document is unaltered upon receipt from a client.

      I don't know about your area, but I think that a number of the bigger law firms around here (such as Torys [torys.ca]) has all their documents stored in PDF format. If they need to prevent changes, it's a simple matter to sign the document before sending it anywhere.
    • by Lumpy ( 12016 ) on Tuesday September 02, 2003 @12:50PM (#6851713) Homepage
      Right now they have to assume that a word document is unaltered upon receipt from a client.

      if your law firm does this, you need to switch to a competent law firm right away.

      Rule #1 in business and in law, NEVER EVER Trust anyone.

      #2 is Double check everything.

      Here, send me my recent bill in word format for me to review before you send it to me, no, I won't modify it.
    • by oGMo ( 379 ) on Tuesday September 02, 2003 @12:55PM (#6851766)
      Law firms, especially, need this feature.

      Right now they have to assume that a word document is unaltered upon receipt from a client. Now, with DRM, they can guarantee it. They also need to control distribution of documents and readability.

      Don't be silly. This can easily be done already. PGP sign and/or encrypt your documents, and your clients can verify they get there intact, and only authorized recipients can read them.

      Or did you want your clients not changing them? Wait, same deal applies. You've got the original signature, anyone who gets the document can verify it's in its original state.

      Hint: when you give the data to someone, you can't restrict what they do with it. I don't mean it in terms of a rights, just simple physics. Grandiose complex schemes like this one are easy targets; if you rely on them, when they break, you're in trouble. Litigation won't make secrets secret again, or undo damages.

  • by mpoulton ( 689851 ) on Tuesday September 02, 2003 @12:35PM (#6851525)
    IIRC, the DMCA specifically permits circumvention of copy protection/DRM/anything else if it is done specifically for purposes of interoperability (not just to allow unauthorized access to information). That means that OpenOffice or any other competitor would be allowed to crack their encryption in order to allow their users to read .doc files. Right?
  • Calculated Risk (Score:4, Insightful)

    by SteveX ( 5640 ) * on Tuesday September 02, 2003 @12:35PM (#6851528) Homepage
    Of course it's a calculated risk.. Some people will hate the DRM, but a lot of companies will really like it. Being able to say that a document can only be opened by managers in your company, for example, is worth lots of PHB points.
  • Very stupid (Score:5, Insightful)

    by JediTrainer ( 314273 ) on Tuesday September 02, 2003 @12:35PM (#6851530)
    The server software will record permission rules set by the document creator, such as other people authorized to view the document and expiration dates for any permissions. When another person receives that document, they briefly log in to the Windows Rights Management server--over the Internet or a corporate network--to validate the permissions.

    I read this as follows:

    You cannot read a document when not connected to the internet. If, by some chance, a DDOS attack is launched against a company's 'Rights Management Server' (which MUST be exposed to the 'net), or it is otherwise hacked into and shut down, then ALL of the documents with this 'feature' in them will cease to function.

    Pardon me, but it is utterly stupid to rely on a single server/service to remain running just so I can read something. A DDOS attack can literally shut down a company at this point.
    • by menasius ( 202515 ) on Tuesday September 02, 2003 @12:51PM (#6851725)
      Ah but you are naturally forgetting that Microsoft puts out tightly secure software, with no holes for a worm or virus to get in. Naturally, the server will be secure as there is a proven track record of Microsoft's superior securi... no, wait that's not right at all.

      It would have been satire but I couldn't keep up the facade.

      -bort
  • by JessLeah ( 625838 ) on Tuesday September 02, 2003 @12:40PM (#6851597)
    ...or even know about this.

    Us here at SlashDot tend to take a dim view of Microsoft (even though many of us like some of their products-- I myself like their mice, and MS Word is nice), but most people don't even realize there's a choice.

    I apply for Unix Systems Administrator positions sometimes, and virtually ALWAYS I get asked for my resume in... MS Word format.

    Giving them a PDF isn't good enough. They just ask you for the Word version again as if you'd said nothing.

    I'm starting to think that MS's slogan should be "But EVERYONE uses Microsoft!", since that seems to be the way most end-users seem to think (without even realizing it). Or, of course, it could just be "Microsoft: You WILL use our software, whether you want to or not...")

    This sort of thing is getting really tiresome. When will MS finally get the Grand Cosmic Smackdown for doing this sort of thing? How long can an ill-gotten monopoly last? (And why do so many SlashDotters seem to like defending MS?)
  • by bimmergeek ( 606201 ) <bimmergeek@hotmail.com> on Tuesday September 02, 2003 @12:41PM (#6851611)
    As often happens, people have reacted to a Microsoft article without understanding the real issue.

    There have been many times when I have wanted to keep an email or a document out of the hands of other people. I once got in trouble for sending an email joke to people whom I knew would enjoy the humor. Alas, they forwarded the email to others who forwarded it to others... and so on... so that eventually it ended up in the hands of someone who took the value on "diversity" a bit too far and were offended.

    The DRM feature in Office and Outlook enables a user to prevent emails and documents from being forwarded to and viewed by people not specified by the sender/creator. That's all this feature is. The sender/creator certainly has the option of not embedding DRM into the email or document so that there is no rights management involved.

    This feature is one I have wanted for many, many years. I want to control who has access without having to expose the recipient to the mystery and overhead of encryption.

    • by Ogerman ( 136333 ) on Tuesday September 02, 2003 @02:11PM (#6852523)
      The DRM feature in Office and Outlook enables a user to prevent emails and documents from being forwarded to and viewed by people not specified by the sender/creator. That's all this feature is.

      100% Wrong. You clearly do not understand how proprietary DRM systems work. All 'security' whatsoever hinges upon the assumption that the client's application will play by the rules. Once you have the sent document and the decryption key(s) on your computer, all faith is in the application software. The moment that someone releases a hack for the new Office and Outlook that allows a user to access the plaintext or override the "do not copy / re-send / print" flag, all supposed DRM security will be entirely worthless. It is truly this simple: If you can read it, you can copy it. The DRM being proposed here is security through obscurity. Microsoft is betting that people won't find the proverbial "key hidden under the doormat." Even if this DRM system was eventually backed up by hardware (which doesn't look very likely at this point), people could still take a picture of the screen and use OCR to recover the text.. that is until the hardware itself is cracked.

      Furthermore, I would like to point out that not all of your e-mail recipients use or want to use Outlook. Anyone who doesn't won't be able to read your emails, so enabling DRM isn't really a viable option anyhow.

      I want to control who has access without having to expose the recipient to the mystery and overhead of encryption.

      What you're asking for is an impossible pipe dream. For the reasons explained above, you will never be able to have true control over what someone does with information you send them. Using encryption, you can protect that information up to the point where they receive it, but you cannot reliably keep them from sending it to someone else. The best you can ever hope to do is build trust among the people you communicate with.

      By the way, you cannot avoid the "overhead" of encryption. It's the foundation of any DRM system. The only difference is that the new Outlook / Office / etc. will try to make it mostly invisible to the user. You'll still need keyrings, signing, and passphrases if that encryption is to be of any value whatsoever.

      So, in summary:
      1.) proprietary DRM systems are not very cool
      2.) proprietary DRM systems are, in fact, insidious. They do not offer true security but they DO try to force people to all use the same email, office, whatever software.
  • by signe ( 64498 ) on Tuesday September 02, 2003 @12:43PM (#6851652) Homepage

    If you read the article (which it seems the submitter didn't even do), you'll see that Microsoft says that applying DRM to a file will be an exception, not the default behavior. This means that the OpenOffice team will be able to figure out the Office 2003 file formats without DRM features, and open and manipulate those files just fine.

    The only files that they won't be able to work with will be files that someone has chosen to apply DRM to. And from the document creator's point of view, this is a good thing. The ability to open the file in another app that was not beholden to Microsoft's DRM server would render the DRM completely useless. And DRM itself is not a bad thing. If you think so, perhaps you should execute "chmod -R 777 /" as root as quickly as possible.

    The first interesting thing will be to see where MS goes from here. Will Office 2004 have DRM as a default? If so, that would make interoperability a great deal more difficult. But more interesting is how the open source community will respond. DRM on documents is an important feature. If I'm putting out a document, it might be useful for me to be able to specify who can view it, who can edit it, and so on, without having to resort to filesystem ACLs. Sure, it's not absolute security on the document, but it's another layer. So it might be a good thing to consider to have some sort of open source DRM alternative for OpenOffice.

    -Todd
  • by Richard_at_work ( 517087 ) * on Tuesday September 02, 2003 @12:44PM (#6851664)
    Im sorry but i do not agree that this is a negative feature for businesses. The DRM in this version of Office (called Information Rights Management) gives network administrators the ability to not only restrict access to documents, but also restrict what can be done with those documents. This is the holy grail that many companies have been looking for!

    Yes there is always the arguement that DRM will never stop an employee jotting stuff down from screen to paper and walking with that info, but there is a hell of a better chance someone is going to spot him copying 400+ pages of information, whereas with no DRM he could jsut copy the document and walk.

    It says in the article that this was a feature that customers had requested, and I for one can fully beleive that. Expire documents when they become dangerously out of date? Fantastic (think of health and safety!). Dont want an accountant to walk with sensative finacial information they get emailled? Dont let them print the document or do anything other than view it.

    Employers need to trust employees, certainly, but that trust also needs to be earnt. And yes you can emulate a lot of DRM with other means (no printer) but then that restricts peripheral things as well.

    Even if the developers of a competing office suite could figure out how to get their software to open an Office 2003 document, doing so would be a DMCA violation, since they'd be bypassing an anti-circumvention device

    This isnt MSs fault, this is the fault of a dumb law, and thats it. Want to blame someone for that? Blame the people who let it get voted in - the US populas.

    It has been said before that MS Office has not had any real good features since office 97, and that this is a feature that will force people to upgrade. My view is that yes a lot of people will upgrade because of this, but not forcable. They will upgrade because tehy WANT these IRM features, as it gives them more control.

    The last paragraph in the article states: ""It's not going to be adopted en masse, but I think they'll have a good rollout department by department for people dealing with more sensitive documents." and this is precisely what the office 2003 release is aimed at, the people who requested the features and who want them. If OOo had this feature before MS Office, I bet you could have enticed quite a few businesses over from the Office series jsut based on IRM.

  • by jvmatthe ( 116058 ) on Tuesday September 02, 2003 @12:45PM (#6851675) Homepage
    Leach said Microsoft will provide a free plug-in for its Internet Explorer Web browser that will let it display rights-protected Office documents.
    That's it! As sure as the sun rises there will be an IE exploit that will allow arbitrary elevation of privileges to view even the highest security documents. Now, just incorporate that into OpenOffice somehow and you're done!

    (Yes, I know it's silly, but anyway.)

  • by maynard ( 3337 ) on Tuesday September 02, 2003 @12:51PM (#6851726) Journal
    A few facts and then an opinion:

    1) DRM technology will be available to businesses which choose to run a DRM server on Windows 2003. It will not be enabled by default.

    2) The technology will allow a management (or really the top level key holders) to limit document access rights to specific individuals or a group within the organization. A very valuable feature for many businesses.

    3) Without a doubt, MS will abuse this technology to lock their customers into the new Office document format, which they will further abuse to limit document exchange from MS to third party applications.

    The problem here is not 1) and 2). Those are perfectly reasonable features that most businesses want to buy. The problem is 3), the vendor lock-in issue. The Open Office project could write the same kind of DRM services into their suite, while at the same time offering document portability to those who hold top level keys to an organization's documents. IMO, this is where they should go long term, since it's obvious MS has hit upon a valuable technology - but like they're always abt to do, they're first instinct is to use the new technology to lock their customers in rather than sell their customers on their new features, quality engineering, and support. Businesses want both the DRM controls and document portability across a wide range of applications. MS always fails their customers in this regard and that's one reason why they've got such a bad reputation.

    JMO.
    Maynrd
  • Change the headline. (Score:5, Interesting)

    by Elwood P Dowd ( 16933 ) <judgmentalist@gmail.com> on Tuesday September 02, 2003 @12:52PM (#6851741) Journal
    "Newest MS Office to have encryption features."

    Would anybody be upset if they integrated PGP into MS Outlook? No? Well, now they're doing it with Word. This is fine.

    Obviously, encryption would require changes to the file format. This is a pretty standard sort of upgrade arm-twisting. They're adding a new feature. Woo.
  • You wish. (Score:5, Interesting)

    by OrangeTide ( 124937 ) on Tuesday September 02, 2003 @12:53PM (#6851742) Homepage Journal
    You all hope this would backfire and blow up in Microsoft's face.

    I think that is wishful thinking. "Why?" you say? It's quite simple, Microsoft has proven to have more business saavoy than anyone here. I'm just going to trust that Microsoft knows what they are doing when it comes to manipulating the market.

    This is just yet another slashdot pipe dream of the demise of Microsoft, Think about how many other articles showing how MS will fail there have been here.
  • by johnthorensen ( 539527 ) on Tuesday September 02, 2003 @12:56PM (#6851776)
    Well, looks like Microsoft finally figured it out. DRM file formats and protocols have been on my mind for quite awhile as potential tools that they could could use to *specifically* target Open Source. Here's why:

    What Microsoft will do with the Word DRM is "license" the technology to other commercial interests that wish to maintain file compatibility. They know that THIS is the wedge they can drive into things to split off the open-source projects, because A) no self-respecting open-source project would license MICROSOFT technology, and B) even if they would, they likely couldn't afford it.

    Look for this to happen with the next round of media file formats as well. On a more sensationalistic note, what if MS bribed say, NVidia to DRMize their hardware interface. Nobody could then make calls to that hardware without either having a license or violating the DMCA. Again, commercial interests can afford the license, but do you think RedHat and such would like to bankroll Open Source's hardware compatibility licenses? Perhaps at first, but eventually I think not...

    Watch out.

    -JT
  • It will never work (Score:4, Interesting)

    by dcavanaugh ( 248349 ) on Tuesday September 02, 2003 @12:56PM (#6851785) Homepage
    Microsoft can't turn off backwards compatibility overnight, because most of their customers will need to send documents to people with older versions of Office. This means they have to maintain the ability to read/write legacy Office formats.

    It's a Catch-22 for Microsoft. Either force people to upgrade by mandating DRM (and risk losing everything), or continue supporting legacy versions (and eliminate the incentive to upgrade or use DRM).

    I think the only customers who will be "locked into" an Office upgrade are those dumb enough to use the DRM features. The Darwin effect is coming soon, to an office near you.

  • by Todd Knarr ( 15451 ) on Tuesday September 02, 2003 @01:02PM (#6851847) Homepage

    Get the company legal department and managers involved. Point out that company policy and/or the law requires certain things be done with documents, eg. certain finance-related documents must be kept for certain lengths of time or the company can face fines, certain documents must have file copies made, policy dictates that certain people receive copies of documents. The DRM features in the new Office software may, depending on what the sender sets, prevent the required things from being done. If the creator specifies "no copies", archive copies of financial and/or legal documents couldn't be made which must be made. Since some of the senders may not be within the company and may very well have good reason to prevent a record being made, this could put the company in the position of being legally liable while not being able to control their liability. That's the kind of stuff that makes lawyers nervous, and the lawyers have the ear of the board of directors and executives.

  • Whaa??? (Score:5, Interesting)

    by Trolling4Dollars ( 627073 ) on Tuesday September 02, 2003 @01:08PM (#6851907) Journal
    I certainly hope the OpenOffice team will kick development into high gear. If there was a time we need a viable competitor to Office, it's now.

    Don't get me wrong, I LOVE OpenOffice.org. But I don't see how getting into "high gear" is going to do any good unless OO.o manages to completely revolutionize the office suite paradigm far beyond what MS has. OO.o is a great *alternative*, but it's not really doing much more than MS Office does and there are some features missing. To get "mind share" (profit can go to hell since that's not why most of us are here), OO.o is going to have to provide above and beyond what MS Office provides. Is that possible? I don't think it is.

    Sure, some people might want to jump ship when they figure out that MS is going to hold them hostage with DRM. But that's only going to be a small fraction of office suite users. The majority will grudgingly hand the cash over to MS and upgrade. The only way to get more people to WANT to move over to OO.o or some other alternative is to provide exactly what most coders despise: features. This is what Joe Average is interested in. Yes, I am aware that OO.o has some features that distinguish it from MS Office, but it's not enough of a difference to really count.

    An example of a feature that an average user would find "useful" no matter how stupid it might sound to a true geek, is say... self-contained executable documents. If a user could write something and then save it as a "self contained" document that was platform independent, I think it would be a feature that goes beyond MS Office. Think about it... the user saves the doc and then e-mails it to someone. The recipient can then just open the attachment WITHOUT needing to have OO.o installed on their machine... or MS Office... or ANY office suite. Instead the document itself comes with an exectutable that provides basic reader fearures, possibly an executable that will install a lightweight editor, or even contains an editor itself. Obviously it wouldn't have all the features that OO.o contains, but just enough to read and maybe edit.

    Or... maybe the document would never get sent to the recipient. Instead the document would remain on an HTTPS accesible document store. The recipient would get an attachment that contains authentication to allow seamless access to the https document store and a path to the document. Along with this document store is the ability to "edit locally" which would give the user the option to run an editor over the HTTPS link or use a locally installed editor depending on the situation. This would go well beyond anything the MS Office suite does now and would appear to be far beyond MS's current mode of thought.

    That's where things need to go if MS is to be usurped of the office suite mindshare that it currently posseses.

  • by Tsu Dho Nimh ( 663417 ) <abacaxi@hotmail.cPOLLOCKom minus painter> on Tuesday September 02, 2003 @01:18PM (#6852006)
    Oh wow ... given the numbers of PHBs who already password protect presentations and send them out without the password, which they promptly forgot, this should be a productivity enhancer.
    • The critical presentation EXPIRES the night before you need it.
    • The only person with the rights to open a document is sick and didn't make the meeting.
    • The BIG customer tells you that they are not about to upgrade their servers and corporate software just to read your documents and tells you to provide material they can read or forget it.
    • They will have to have FULL-TIME rights managers, who track who is entitled to read whose documents.
    • And a full-time Search and Rescue team to retrieve lost documents, crack lost passwords, etc.
  • by merlin_jim ( 302773 ) <James DOT McCrac ... ratapult DOT com> on Tuesday September 02, 2003 @01:26PM (#6852087)
    Number one most important feature of this that it seems noone is getting:

    This is just Public Key Cryptography based on open and documented standards!

    How do I know? I was there when it was announced. In early June at TechEd 2003 in Dallas Texas. Some Korean VP of Verisign showed it off. His accent gave it a very scary "All your base are belong to us" kind of feel, but there it is.

    Here's the press release from that day:

    http://www.verisign.com/corporate/news/2003/pr_2 00 30603b.html

    Please read this before you spout off one more cockeyed comment on how Microsoft is evil cause you won't be able to read this on the plane or how it's proprietary and noone will ever understand it or work with it ever again.
  • Tempest in a Teapot (Score:5, Interesting)

    by ediron2 ( 246908 ) * on Tuesday September 02, 2003 @01:27PM (#6852105) Journal
    As much as I hate the idea of being sucked into XP or 2003, let alone Office getting DRM built-in,

    1 - The rights-management stuff is off by default, says the article.
    2 - I do infosec work regularly and I can't get people to use good passwords, and the further from geekdom they get, the faster they forget or circumvent password mechanisms. That's something easy. Key management and other DRM aspects are complex enough to get wrong any one of a dozen ways (either too tight or too loose).
    3 - Imagine a pointy-hair reacting to you telling him that he just DRM'd his ass out of his own spreadsheet... forever.

    I predict this 'great idea' will be rarely used since 99% of people can't be bothered to do much easier and less dangerous security tasks. Further, some companies will probably just ban it's use (since an employee can lock the boss out or stuff could accidentally get wrongly locked). It will inspire fear when people get burned. And a fair number of 'forced adopters' will go to gray market earlier versions and stop the upgrade treadmill completely, or jump to alternatives.

    Oh, and imagine the fun if it does get put in: the boss makes you work overtime to get a report in by Friday night (Monday won't cut it!), so you stick in DRM to expire it at 9am Monday, so he has to call for a resend. Send inflamatory messages with a one-read, no-print, expires-forever rule so your flamage has a chance of evaporating after impact. And the geek-chic power of being able to screenshot someone that does the same thing back at you and get their ass fired.

    A last comment: if you want to help the undoing of the MSOffice stranglehold, take stock of your own personal and business relationships and pressure anyone you can (not customers, not the boss or people who will hurt you for doing so) to use non-office methods. Politely ask sales drones to resend stuff in a non-Doc/Excel/Powerpoint/Viso format. When asked, spread FUD!: blame microsoft-laden viruses and them being less-trusted. But start the revolution by inconveniencing them. The monopoly is due to habits.
  • It's not *that* bad (Score:5, Informative)

    by GarfBond ( 565331 ) on Tuesday September 02, 2003 @02:30PM (#6852700)
    Let me preface by stating that I participated in the Office 2003 beta, so I can give a small description on how this feature works (no tomatoes please).

    This feature can be activated by selecting "Document Permissions" from either the toolbar or the File menu. Documents are NOT created with this feature enabled by default, although there might be some random little option somewhere to make it the default option.

    In Word, this feature enables you to specify which people can read it, and it automagically turns off Print Screen and Printing if I remember correctly, and maybe the clipboard too. In Outlook this prevents you from forwarding or copying the text to clipboard too.

    As for home users being able to use it, for the purposes of the beta Microsoft allowed users to use their .net passport as the method of authenticating users, in addition to whatever 2k3 server they might have had. I'm not sure if they're going to allow .net passports after the Office 2003 launch, but only time will tell. Office 2003 users will have to download some additional program (will probably also be on the CD too) to gain access to restricted documents.

    For what it's worth, here's what the microsoft help document has to say on the issue:

    NoteYou can create content with restricted permission using Information Rights Management only in Microsoft Office Professional Edition2003, Microsoft Office Word2003, Microsoft Office Excel2003, and Microsoft Office PowerPoint2003.

    Today, sensitive information can only be controlled by limiting access to the networks or computers where the information is stored. Once access is given to users, however, there are no restrictions on what can be done with the content or to whom it can be sent. This distribution of content easily allows sensitive information to reach people who were never intended to receive it. Microsoft Office2003 offers a new feature, Information Rights Management (IRM), which helps you prevent sensitive information from getting into the hands of the wrong people, whether by accident or carelessness. IRM essentially helps you control your files even after they have left your desktop!

    Creating content with restricted permission

    IRM allows an individual author to create a document, workbook, or presentation with restricted permission for specific people who will access the content. Authors use the Permission dialog box (File | Permission | Do Not Distribute or Permission on the Standard toolbar) to give users Read and Change access, as well as to set expiration dates for content. For example, Bob can give Sally permission to read a document but not make changes to it. Bob can then give John permission to make changes to the document, as well as allow him to save the document. Bob may also decide to limit both Sally and John's access to this document for 5 days. Authors can remove restricted permission from a document, workbook, or presentation by simply clicking Unrestricted Access on the Permission submenu or by clicking Permission again on the Standard toolbar.

    Additionally, administrators for companies can create permission policies that are available in Microsoft Office Word2003, Microsoft Office Excel2003, and Microsoft Office PowerPoint2003, on the Permission submenu and define who can access information and what level of editing or Office capabilities users have for a document, workbook, or presentation. For example, a company administrator might define a policy called "Company Confidential," which specifies that documents, workbooks, or presentations using that policy can be opened by users inside the company domain only. Up to 20 customized policies can be displayed (in alphabetical order) on the Permission submenu at one time so that individual authors can use them for the content they create.

    In Word, Excel, and PowerPoint, authors can re

  • by earache ( 110979 ) on Tuesday September 02, 2003 @02:45PM (#6852836) Homepage
    You guys even bother reading the article at all?

    The technology is designed to enable secure document transfer between trusted parties. For instance, documents containing trade secrets or engineering specs for a company's latest greatest apps. The creator of the document can secure it so only specified people can read it, limiting potential leaks outside of the company, or the document falling into the wrong hands.

    It is not enabled by default and it requires an internal infrastructure to implement (Windows Server 2003 with Windows Rights Management) so the average joe blow isn't going to even be able to use it.

    As for "competing products" not being able to read these secured documents, well that's the whole point right? If you're publishing secure documents, you're securing them for a reason, and you're only going to want those who can read it to read it.

    There could be an argument for Microsoft to publish an open standard for interoperation, but this is America, not a socialist state, so that argument is a little weak.

    Personally, I think this is a cool feature, and one I'm personally going to be using for my day to day work.
  • by Dave21212 ( 256924 ) <dav@spamcop.net> on Tuesday September 02, 2003 @03:01PM (#6852982) Homepage Journal
    this caught me on a slow day, so here it goes... your comments or criticisms are appreciated !

    Think about:

    The system is ultimately ineffective (screen shots anyone?, hand made copies?, pocket cell-phone cameras?), and false security is worse than none

    It requires additional infrastructure (cost) and software upgrades (cost) then locks you in to the M$ implementation

    Companies (financial) will have to manage (cost) the new documents to meet compliance issues (ie: you can NOT have documents that are required to be kept for compliance be protected from copying or have them expire - and how do you stop it?)

    Single point of failure:What if the DRM server is down (temporary downtime company-wide for M$ Office)

    What if the DRM server crashes and can't be restored (permanent loss of important data)

    Will M$ provide a backdoor (for Law Enforcement, PATRIOT ACT, etc), what if it's leaked ?

    THIS IS A DOCUMENT MANAGEMENT ISSUE - not a security problem, people need EDM/ECM not more gimmicks !

    'Hacking' into the document to provide interoperability or to recover data may be a FEDERAL OFFENSE under DMCA

    What about search/rescue for the users who screw up and lock themselves or others out of documents accidentally ???

    Forced upgrades (al la Win2K) just to continue to use YOUR OWN (DRMed) corporate assets

    Louts Notes has had a (less user-friendly) version of this since R2 [slashdot.org], and very few shops use it (encryption keys)

    On the bright side:

    There are a huge number of users/customers/vendors/partners who will not be able to use the DRM documents (requires upgrade), so it will take years to even marginally implement for external communications (which is one of the main items people want it for in the first place)

    Some obvious possibilities for abuse include:

    Stopping Whistleblowers (Enron, Pentagon, Worldcom/Arthur Anderson, Whitewater)

    Erasing potential evidence: stockbroker send you bad advice in a doc that expires in 30 days

    Erasing potential evidence: boss tells you to do something unusual that gets you into trouble

    Erasing potential evidence: employees colluding to do things detrimental to a company (embezzle?)

    Mafia can us it for betting slips, other low-level secure comms

    Word/Excel macro viruses could be set to self-destruct to protect the guilty

    Restricting fair-use rights

    The Terrorists could use it !

    See Also:
    http://www.securityfocus.com/columnists/165 [securityfocus.com]

  • by Glasswire ( 302197 ) on Tuesday September 02, 2003 @03:32PM (#6853314) Homepage
    1) Will DRM or other features in the new Office break backward compatibility with earlier Word/Excel/etc formats? In other words, will opening and editing and saving a Word 97 file in the new Word prevent older Word versions (or 3rd party applications) to open that file later?

    2) Will Microsoft make any encoding APIs freely available to the public for 3rd party applications to open and use those files?

    3) If the answer to 2) is no, will Microsoft license any encoding APIs to 3rd parties and will these be non-discriminatory?

    4) If the answer to both 2) and 3) is no, will Microsoft agree not to invoke legal action in the event that 3rd parties reverse engineer any encoding APIs?

    5) If the answers to all of 1) through 4) is no, is Microsoft not concerned about US or EU anti-trust authorities ruling that the Office file strategy is anti-competitive?
  • by EmagGeek ( 574360 ) on Tuesday September 02, 2003 @05:23PM (#6854287) Journal
    Probably redundant... but here goes...

    According to the article, it is not the default behavior for O2K3 to use Information Rights Management. In fact, in order for Office to lock a document, there has to be a Win2K3 Server running the rights manager suite somewhere on the LAN...

    Nothing to see here... move along...

According to the latest official figures, 43% of all statistics are totally worthless.

Working...