Microsoft Prepares Office Lock-in 1127
An anonymous reader writes "NEWS.COM has an article describing Office 2003's DRM features for documents. This will not only coerce those running older versions of Office to upgrade, which has been a problem for MS in the last few years, but it will also shut out competing software, such as OpenOffice. Now think about this for a second. Even if the developers of a competing office suite could figure out how to get their software to open an Office 2003 document, doing so would be a DMCA violation, since they'd be bypassing an anti-circumvention device. I certainly hope the OpenOffice team will kick development into high gear. If there was a time we need a viable competitor to Office, it's now."
The straw that broke the PHB's back? (Score:4, Interesting)
Just imagine the backlash that will come from inter-company communication via Excel and Word. Hell, my company has had numerous problems with reporting (scripts that mine data from various sources, such as Excel, and generate reports) and document management systems just because of differences between Excel/Word 97 and 2000 files. This may be what FOSS needs to start making massive market penetration.
Mostly FUD (Score:5, Insightful)
Put away the aluminized headgear. This is not an anti-consumer technology, or even a consumer-oriented one.
Re:Mostly FUD (Score:4, Interesting)
Yes, and as such it seems entirely stupid. So the executive flying to L.A. won't be able to access the documents while on a 4-hour flight. Nor will he be able to do so from the hotel unless they open up the firewall to let him access the authentication server--something that seems inherently dangerous considering it's Microsoft we're talking about. Employees may not be able to work from home or in the evening for the same reason. If you send the document to an external consultant or a client it's going to be a major hassle to give them access--short of saving a version with no access restrictions.
If Microsoft is going to implement DRM in their Office platform, this is the way we want them to do it. It seems like a pretty stupid way to implement it that's going to cause more problems than it's going to solve. And if by implementing this DRM and showing consumers just how inconvenient it is the consumers learn that DRM is not their friend, all kind of Microsoft plans may go down the toilet.
Re:Mostly FUD (Score:5, Insightful)
Do you think MS doesn't even use their own software? Their executives spend a lot of time jetting around the world for various reasons, be they business, lobbying, or vacation. I doubt they would be so short-sighted as to not put some method of permission caching in place. Personally, I see this being used in corporate law departments and in R&D divisions, where the ability to lock people out of something even if they do have possession of it would be invaluable.
Besides, if it's hard to use or if there's not a real need for it, people simply won't use it. A lot of features get his treatment -- how many places do you know of that have even tried to implement the shared editing features?
Re:Mostly FUD (Score:5, Interesting)
Most corporate-secret theft or destruction cases are an inside job. Competent IT staff (such as the kind that companies large enough to have valuable secrets can afford... not that they do, but they *can*) can, reasonably well, lock down a network from intrusion.
The much harder, and more common, problem is with ex-employees or unfaithful employees sending documents and secrets to competitors. Any scheme intended to squelch this is entirely defeated if permissions are cached.
- David Stein
The Caching Issue (Score:5, Interesting)
Maximum security requires frequent re-authorization. Daily. Hourly. Every 15 minutes.
A good authentication server would be able to tell you who has a cached authorization token, so then when you decide to revoke access to a file you can tell which people have a cache token on their laptops that you need to kill ASAP.
So far as leaking secrets to competitors, the DRM "solution" simply requires you to convert across an independent medium... printout, screenshot, photograph of screen. The only thing this "DRM" provides is the ability to mass-distribute a document within a company without worrying that someone might be on a mailing list that they're not supposed to be on... since everyone has to authenticate to read the attached document, they'd have to use an authenticated account to read it.
Then OpenOffice.org should implement it FIRST (Score:5, Interesting)
OOo people, do you copy me? (pun intended)
Re:Mostly FUD (Score:4, Interesting)
Personally, I see this being used in corporate law departments and in R&D divisions, where the ability to lock people out of something even if they do have possession of it would be invaluable.
The next time MS gets sued, how many of the documents subpoenaed will (via DRM expiry etc.) be unobtainable by the other party?
Re:Mostly FUD (Score:5, Informative)
Re:Mostly FUD (Score:5, Insightful)
Re:Mostly FUD (Score:4, Insightful)
We're talking about file security when the document specifically *can* be copied, and the only way to accomplish that is to use a proprietary (ugh), non-human-readable (ugh, at least to me for documents), application-bound, centrally-authenticated document management system. All of which sucks, IMHO.
If it's supposed to be distributable and secret or subject to "rights" management then it probably shouldn't be in electronic format.
Re:Mostly FUD (Score:5, Funny)
You mean my evenings and weekends are ALL MINE AGAIN? Praise be to Microsoft! Where do I sign up?????
Re:Mostly FUD (Score:5, Insightful)
In order to ensure that older versions of Office or Word cannot read a DRM restricted document, they have to make it "incompatible" in some way. If they do that by having a few fields that will choke older programs, it still won't do anything to prevent developers of other office productivity software from making it readable in theirs. So Microsoft will almost certainly have to encrypt the document, and serve up the key from the DRM server (using a proprietary protocol, of course). That encryption is involved makes it the kind of rights-restricting scheme the DMCA makes illegal to re-engineer. And don't think Microsoft doesn't know this; they are not dumb. They will try to do at least as much as they can get away with (and perhaps more, which we can then pounce on). Be sure you use the word "interoperability" more, now.
My big fear is that this new protocol and server will be full of the kinds of bugs that Microsoft traditionally puts in new software expecting the public to help them debug it. Imagine the impact when people assume this DRM will protect their confidential documents (such as health records, bank records, and such), and stop using other methods. In a few years we'll see lots of these documents not only cracked, but cracked via the internet en masse. Oh the horror.
Illegal only in the US. (Score:5, Insightful)
Most nations do not have a DMCA. The decryption work will simply be performed outside the sphere of influence of this facism.
Microsoft could choose to emulate Adobe and trigger an FBI investigation of OOO within the borders of the US. In doing so, they would trigger a fight with Sun.
Sun is much larger than Elcomsoft, and it would be the fight of the century. It might actually be the key moment where the IT industry overthrows the DMCA (as should have happened some time ago).
When Sun wins (Microsoft legal will find a way to screw it up), the DMCA will suffer a mortal blow. Congress would be extremely unwise to attempt to strengthen it; those who endorse such an action will face the wrath of some well-organized lobbiests.
Microsoft, choose your battles carefully.
Re:Illegal only in the US. (Score:5, Interesting)
This is all from memory; should be easy to document.
Microsoft has lost most of its major court cases.
Re:Mostly FUD (Score:5, Informative)
I was there at TechEd 2003 when a VP of Verisign took the stage during the keynote address and announced these features.
It is not dumb client-server authentication. It is a public key encryption package. You need access to a centralized server for typical key management operations, including looking up the public keys of parties with whom you have not communicated in the past.
However you will certainly be able to access the documents in a disconnected fashion, as long as your local keystore contains the right information.
Oh and at the time they also announced that the USPS would be supporting a stamping feature for this. Just like today, you can take a document and send it through the mail (to yourself) just to get it stamped with the current date. The USPS will digitally stamp the document with their current date/time. They didn't go into details on how this would work, but I imagine it's a typical hash/signature style function...
Re:Mostly FUD (Score:5, Funny)
Yes, dumbass, and this isn't Palladium. Unless you see demons lurking in every conceivable manifestation of client-server computing, there's no problem here.
Well, in the case of unix, daemons are generally lurking in most manifstations of client-server computing, and it is a good thing to kill as many of them as you can and ensure they are not resurrected by init. :)
That'll be true for a while. (Score:5, Insightful)
But five years from now, when everybody buying a Dell or Gateway machine has the latest version of Office bundled with their machine, I will likely be the only guy who can't read their documents, and their sympathy will have disappeared. I'll have to upgrade.
There's no particularly good way out of this using the marketplace; the marketplace will dictate it.
Re:That'll be true for a while. (Score:5, Interesting)
Re:That'll be true for a while. (Score:5, Insightful)
I think we'll see more pdf's due to things like this.
As for your clients, well, there you're screwed, they will demand the new formats, but you can always try to send them pdfs. But in the end you will have to do what they want.
I keep finding more and more reasons to dislike Microsoft. I mean, how the hell are there people out on slashdot who can actually continue to stick up for them (M$ employees excluded).
Teach people about freedom to preserve your own. (Score:5, Insightful)
If you give up on freedom, precisely what you describe is likely to happen because people are not going to give up word processing or editing databases, so they'll go with whatever software is available to meet their needs. There is another path: teach people the value of software freedom.
The Free Software movement proves that "the marketplace" is not the almighty immobile force you describe (or perhaps you're just interpreting too much in terms of the marketplace in order to make it appear unchanging; hence whatever happens it will be seen through that lens). When the GNU project began, many people said nobody would write software without being paid and when people are paid to write software, they are being paid to write non-free software. History clearly shows those people were wrong. In fact a number of the organizations that distribute non-free software now use the GNU Compiler Collection (gcc) as their chief compiler, and ship part of the rest of the GNU operating system too. People have been paid to write Free Software and governments are getting the idea that their people's ability to communicate freely using a computer rests on using Free Software.
I think the key is to teach more people about software freedom. Take this opportunity to show people that with Free Software you won't be beholden to any proprietor's interests. As the pool of people using Free Software grows your chances for being able to get by with Free Software grows too.
I don't see the problem here. (Score:5, Insightful)
It'll let businesses lock their documents down, for internal use. Nothing at all here gives any indication that all documents created will have DRM forced on. If a business or user doesn't want to use it, don't turn it on.
An end to Whistleblowers... (Score:5, Interesting)
Unless the rights to print such a document are still allowed, it would mean that corporations can get away with hundreds upon hundreds of scams, illegal activites and everything else that our nation's current corporate climate has bred.
Now, if we had a culture of doing the right thing, being honest and trusting, then there would be no issue with having such DRM capabilities being built into an office software package... Of course, that kind of feature would never be used in such a world as there wouldn't be any reaon, if people could be trusted.
I know that DRM makes sense on protecting a company's assets, but it can be the carte blanche to the CEO's of the world to forgo legal business practices...
Re:An end to Whistleblowers... (Score:5, Interesting)
Besides, Kenneth Lay didn't have a clue what was going on in Enron (or so his PR firm says) - what makes you think he'd be smart enough to use this feature?
They can do this now... (Score:5, Interesting)
This isn't going to change anything. Today a technically competent corporation can secure documents using certificates, PGP, etc. If they really want to cover their tracks they can do so. Better yet, they can do their dirty work only on paper, then shred it when the feds show up. Seemed to work just fine for enron.
Re:They can do this now... (Score:5, Funny)
..only now it'll be as easy as clicking a checkbox -- or perhaps:
Clippy: Hi, I can see you're trying to [take over the world] -- would you like me to enable DRM?
Re:An end to Whistleblowers... (Score:5, Insightful)
So you're anti-DRM...but what you wrote seems anti-crypto too. Is crypto OK to use just so long as "evil corporations" stay away from it? Crypto is for everyone...plain-old-folks-like-you-and-me, scientists, inventors, admin assistants, doctors, lawyers, salesfolk, plumbers, students, and yes -- corporate officers. Did you have the same reaction when PGP or GPG was released? It isn't like this is the first crypto to come to the Windows world. "Bad people" could've had their hands on it before just now. If this comes down to your not liking MS' implementation of it, don't use it. Otherwise, everyone who has ever written an encryption scheme for general consumption has had to think about the repercussions of "bad people" using it...and again, it's not like it wasn't available before (and it's been done quite well -- so well, that I do not believe that the NSA is able to break much of it).
In your rationale for keeping DRM away from businesses you point to their general dishonesty. It seems like you're suggesting that every officer at every company is corrupt...and I don't think that you could be any more wrong. Come on...is everyone who tries to sell a product or service (and make a buck in the long run) an evil empire run by an evil genius?
Sorry to vent this off onto you, but I'm getting kinda tired of the contention that every businessperson (and everything associated with it) being "evil". So some guys were (and are) dirty. Some psychiatrists take advantage of their patients to extort money and sex from them. Are they bastards? Sure -- but it does not say a single thing about the lot of them. How many executive officers do you know? How many of these people that you know (not know of, but actually know) are "evil corporate bastards"? Can you actually prove it?
I'm not asking you to go back to work and hug your CFO, but just think about what you're saying.
IANAEO
I Am Not An Executive Officer (or even close!)
I do use, and encourage the use of strong encryption for everyone.
P.S. Wouldn't this be alot easier if strong encryption just didn't work when the evil bit's set?
Re:I don't see the problem here. (Score:4, Interesting)
Think of the ways that you can defeat this scheme:
* Print out the document and send it however you like.
* Take screenshots and send the images as JPEGs.
* Use the built-in fax modem to fax it somewhere.
* Copy the text into the clipboard and paste it into another app.
The exploits are endless. You'd have to cripple the entire operating system while the document is open.
I needn't contemplate the absurdity of Microsoft trying to get into the information-security business. Obviously, that's not their goal. Even if it were, it will frequently be at odds with their function of providing a usable operating system.
- David Stein
Re:I don't see the problem here. (Score:4, Informative)
You'd have to cripple the entire operating system while the document is open
Not really, the applications do most of the limiting, and since you HAVE to open the restricted document within a trusted application, it can stop you: printing, faxing, taking screen shots of that application (you can arrange the windows in such a way that a screen shot will miss that window altogether, its all there in the win32 api and probably moreso in the extensions office 2k3 gives), it can limit copy-and-paste.
So the only real way you can defeat this is by opening it in a non trusted application, and you can bet yo0ur ass that its encrypted, tho how long that will remain unbreakable is another arguement entirely.
So, in summary, you havent read the article and are jsut spouting off things you think you can do to get around stuff. (They clear up most of your arguements in the article).
Re:I don't see the problem here. (Score:5, Insightful)
Analog my friend... (Score:5, Insightful)
Re:I don't see the problem here. (Score:5, Insightful)
Re:I don't see the problem here. (Score:5, Insightful)
No, he's correct. You'd have to cripple the entire operating system while the document was open. For example, you'd have to ensure that VRAM was inaccessable to the users, that nothing was paged out, that the memory of the application itself never stored the document in unencrypted form (impossible, if it's displayed), and so forth.
But in any case, nothing my digital camera can't defeat.
C//
Re:I don't see the problem here. (Score:5, Funny)
You'd have to cripple the entire operating system while the document is open.
Now that would be a tough one for Microsoft to pull off...
Re:I don't see the problem here. (Score:4, Interesting)
Did you not read that part of the plan?
http://www.epic.org/privacy/consumer/microsoft/pa
Re:I don't see the problem here. (Score:4, Insightful)
The point is, MS can do this, but a Free/Open project could do it better.
Re:I don't see the problem here. (Score:5, Insightful)
If we agree that it is encrypted, then reading M$ documents will require duplicating their domain authentication and encryption for DRM - not likely to be released by M$.
Needless to say, someone will probably break it anyway. I have to laugh at some of these folks who are saying 'this is the solution to all of my document exposure problems'. DRM is not a panacea; your documents are only secure if you keep them off of electronic media, off of the net, and locked up in a vault. Once you send it off into the ether, all bets are off - DRM or no DRM.
Re:The straw that broke the PHB's back? (Score:5, Insightful)
Call me a cynic, but I've lost count of the number of times that MS forced upgrade cycles were going to be the end of the company. It hasn't yet, and won't be in the future, even with this. Enough people and companies will pay to make it a non-issue. Watch.
Re:The straw that broke the PHB's back? (Score:5, Interesting)
Re:The straw that broke the PHB's back? (Score:5, Insightful)
Re:The straw that broke the PHB's back? (Score:5, Interesting)
Microsoft would never win this suit (Score:4, Interesting)
Furthermore, if Microsoft won the DMCA suit, they could be immediately prosecuted for using the DRM as a lockout to maintain their monopoly. Hell, they could be sued even before that.
Re:The straw that broke the PHB's back? (Score:5, Informative)
Hmph! (Score:5, Funny)
Who's with me?
Anyone?
Re:Hmph! (Score:5, Funny)
Office lock-in? (Score:5, Funny)
Re:Office lock-in? (Score:4, Funny)
KFG
Interoperability is protected by DMCA (Score:5, Informative)
Jay (=
Re:Interoperability is protected by DMCA (Score:5, Informative)
If it was possible for a user who shouldn't have access to a file to use another application to read it, then that app would be in violation of the DMCA because it is a circumvention device.
If it respected all the DRM nonsense, then it would probably fall under the interoperability portion of the law. At least that's the way I read it.
Re:Interoperability is protected by DMCA (Score:4, Interesting)
Re:Interoperability is protected by DMCA (Score:5, Interesting)
I have just been bitten by an ebook wielding website that I subscribed to before realizing the format they used. It required rebooting into Windows, using IE and installing Acrobat 6 to even download the data from their site. Acrobat 6 blocked most attempts to print to pdf etc, but I finally got PS output by installing an HP PS printer on the FILE: port. ps2pdf under Linux refused to convert the file citing redistillation not allowed. I'm hoping good old ghostscript will work, but I will have to tinker with that later tonight. In short, it's been a MAJOR PAIN IN THE FUCKING ASS to use a portion of a book that I have paid money for outside of a single program made by a single company on a single OS on a single PC. Welcome to DRMworld.
This shit will almost certainly hurt MS in the long run. That's the _only_ beauty in it that I can see so far.
PDF unencrypting solution (Score:5, Informative)
Googling for pdf_sec.ps along with "Adobe" or whatnot should give you more info.
Excellent (Score:5, Interesting)
Re:Excellent (Score:5, Interesting)
Comment removed (Score:4, Insightful)
Surely you jest? (Score:5, Insightful)
OK. Let me get this straight. A private company introduces software that basically introduces built-in encryption for word documents, spreadsheets, and email. This technology is designed to allow companies to prevent emails and documents from accidentally "leaking" to the press or into the hands of corporate spies. This won't even affect the home user AT ALL because home users don't have the necessary software to make use of IRM anyway (it requires a separate Windows 2003 Server in addition to MS's Information Rights Management software).
And the availability of this product is somehow an example of "blatant abuse of the law"? I think some people here are suffering from some kind of paranoia.
Take off the tinfoil hat (Score:4, Insightful)
not by default... (Score:5, Informative)
It's really targeted at businesses which make heavy use of Active Directory already (or would switch to doing so), so that Finance people can restrict access to sensitive salary documents and such. Most people, even if they can apply DRM to a document, won't choose to do so. How many people change the rights for their local drives to remove access for 'Everyone'?
Re:not by default... (Score:4, Interesting)
Furthermore, what's the interplay between NTFS permissions, Share permissions, and these new DRM permissions? That's a lot of permissions to manage. Do I have to set these permissions from inside Word or can I do it in the Finder (Whoops. I mean Explorer. Man how'd that happen?)
Every place I've been, the Finance people already have restricted access to sensitive documents. It's in a folder called "Finance" that only they have access to.
Only when the document creator chooses to lock it. (Score:5, Insightful)
When the creator thinks it should only be readable on Windows 2003, and not on other software, that is his responsibility. And it is the responsibility of the reader to reject such documents as unusable.
This is hardly new. We use StarOffice 5.2 at work, and it cannot open password-protected documents from Office 95 or 2000. This is amongst the least problems when using that package in a mixed Office-StarOffice environment.
wait a minute... (Score:5, Interesting)
RTFA (Score:5, Informative)
for the first time will include tools for restricting access to documents created with the software. Office workers can specify who can read or alter a spreadsheet, block it from copying or printing, and set an expiration date.
Users get to set it. It's not automatic.
Disgruntled employees (Score:5, Insightful)
this will be great when someone quietly locks 10 years worth of documents he created before getting laid off... a week later, after his Win* user ID has been deleted, his boss will loooooove the new DRM features implemented by Microsoft.
This is news? (Score:4, Insightful)
Whatever.
"Problem?" (Score:5, Funny)
Yeah, it's so damn irritating when your customers pay you for something, and then expect to continue using it.
Before everyone gets totally bent... (Score:4, Insightful)
If its just docs you choose to use DRM with, then whats the problem? You choose to do that knowing the limitations because it makes sense for your use case. If thats a problem, you don't use it.
If I, as a company, choose to require all outgoing docs to have DRM, its my need to protect my information thats locking people in, not Microsoft.
And for what its worth, I don't use a speck of Microsoft software outside of work, and wouldn't. But lets get real here.
It's actually important to do this. (Score:5, Insightful)
Law firms, especially, need this feature.
Right now they have to assume that a word document is unaltered upon receipt from a client. Now, with DRM, they can guarantee it. They also need to control distribution of documents and readability.
Pretty much every major corporation will want this feature once they understand it.
So, instead of fighting DRM, jump on the bandwagon, and have --better-- rights management in Open Office.
I'm not actually convinced that you need to have compatability between Office suites. Really, most people can use their existing MS Office to edit their Office documents and their new Office to edit their new documents. That way, if the old Office license is expired by Microsoft, everyone can complain to MS about how they can no longer read their documents, whereas, Open Office would theoretically never have that problem.
So, I would educate customers that file compatibility is not particularly necessary.
Re:It's actually important to do this. (Score:5, Insightful)
I don't know about your area, but I think that a number of the bigger law firms around here (such as Torys [torys.ca]) has all their documents stored in PDF format. If they need to prevent changes, it's a simple matter to sign the document before sending it anywhere.
Re:It's actually important to do this. (Score:4, Informative)
if your law firm does this, you need to switch to a competent law firm right away.
Rule #1 in business and in law, NEVER EVER Trust anyone.
#2 is Double check everything.
Here, send me my recent bill in word format for me to review before you send it to me, no, I won't modify it.
Re:It's actually important to do this. (Score:5, Insightful)
Don't be silly. This can easily be done already. PGP sign and/or encrypt your documents, and your clients can verify they get there intact, and only authorized recipients can read them.
Or did you want your clients not changing them? Wait, same deal applies. You've got the original signature, anyone who gets the document can verify it's in its original state.
Hint: when you give the data to someone, you can't restrict what they do with it. I don't mean it in terms of a rights, just simple physics. Grandiose complex schemes like this one are easy targets; if you rely on them, when they break, you're in trouble. Litigation won't make secrets secret again, or undo damages.
Circumvention allowed for interoperability (Score:5, Interesting)
Calculated Risk (Score:4, Insightful)
Very stupid (Score:5, Insightful)
I read this as follows:
You cannot read a document when not connected to the internet. If, by some chance, a DDOS attack is launched against a company's 'Rights Management Server' (which MUST be exposed to the 'net), or it is otherwise hacked into and shut down, then ALL of the documents with this 'feature' in them will cease to function.
Pardon me, but it is utterly stupid to rely on a single server/service to remain running just so I can read something. A DDOS attack can literally shut down a company at this point.
Re:Very stupid (Score:5, Funny)
It would have been satire but I couldn't keep up the facade.
-bort
Most (99%?) people, regrettably, won't care... (Score:5, Interesting)
Us here at SlashDot tend to take a dim view of Microsoft (even though many of us like some of their products-- I myself like their mice, and MS Word is nice), but most people don't even realize there's a choice.
I apply for Unix Systems Administrator positions sometimes, and virtually ALWAYS I get asked for my resume in... MS Word format.
Giving them a PDF isn't good enough. They just ask you for the Word version again as if you'd said nothing.
I'm starting to think that MS's slogan should be "But EVERYONE uses Microsoft!", since that seems to be the way most end-users seem to think (without even realizing it). Or, of course, it could just be "Microsoft: You WILL use our software, whether you want to or not...")
This sort of thing is getting really tiresome. When will MS finally get the Grand Cosmic Smackdown for doing this sort of thing? How long can an ill-gotten monopoly last? (And why do so many SlashDotters seem to like defending MS?)
Office 2003 DRM: It's Very Cool and Not Insidious (Score:5, Interesting)
There have been many times when I have wanted to keep an email or a document out of the hands of other people. I once got in trouble for sending an email joke to people whom I knew would enjoy the humor. Alas, they forwarded the email to others who forwarded it to others... and so on... so that eventually it ended up in the hands of someone who took the value on "diversity" a bit too far and were offended.
The DRM feature in Office and Outlook enables a user to prevent emails and documents from being forwarded to and viewed by people not specified by the sender/creator. That's all this feature is. The sender/creator certainly has the option of not embedding DRM into the email or document so that there is no rights management involved.
This feature is one I have wanted for many, many years. I want to control who has access without having to expose the recipient to the mystery and overhead of encryption.
Re:Office 2003 DRM: It's Very Cool and Not Insidio (Score:5, Insightful)
100% Wrong. You clearly do not understand how proprietary DRM systems work. All 'security' whatsoever hinges upon the assumption that the client's application will play by the rules. Once you have the sent document and the decryption key(s) on your computer, all faith is in the application software. The moment that someone releases a hack for the new Office and Outlook that allows a user to access the plaintext or override the "do not copy / re-send / print" flag, all supposed DRM security will be entirely worthless. It is truly this simple: If you can read it, you can copy it. The DRM being proposed here is security through obscurity. Microsoft is betting that people won't find the proverbial "key hidden under the doormat." Even if this DRM system was eventually backed up by hardware (which doesn't look very likely at this point), people could still take a picture of the screen and use OCR to recover the text.. that is until the hardware itself is cracked.
Furthermore, I would like to point out that not all of your e-mail recipients use or want to use Outlook. Anyone who doesn't won't be able to read your emails, so enabling DRM isn't really a viable option anyhow.
I want to control who has access without having to expose the recipient to the mystery and overhead of encryption.
What you're asking for is an impossible pipe dream. For the reasons explained above, you will never be able to have true control over what someone does with information you send them. Using encryption, you can protect that information up to the point where they receive it, but you cannot reliably keep them from sending it to someone else. The best you can ever hope to do is build trust among the people you communicate with.
By the way, you cannot avoid the "overhead" of encryption. It's the foundation of any DRM system. The only difference is that the new Outlook / Office / etc. will try to make it mostly invisible to the user. You'll still need keyrings, signing, and passphrases if that encryption is to be of any value whatsoever.
So, in summary:
1.) proprietary DRM systems are not very cool
2.) proprietary DRM systems are, in fact, insidious. They do not offer true security but they DO try to force people to all use the same email, office, whatever software.
DRM will be the exception, not the default (Score:5, Interesting)
If you read the article (which it seems the submitter didn't even do), you'll see that Microsoft says that applying DRM to a file will be an exception, not the default behavior. This means that the OpenOffice team will be able to figure out the Office 2003 file formats without DRM features, and open and manipulate those files just fine.
The only files that they won't be able to work with will be files that someone has chosen to apply DRM to. And from the document creator's point of view, this is a good thing. The ability to open the file in another app that was not beholden to Microsoft's DRM server would render the DRM completely useless. And DRM itself is not a bad thing. If you think so, perhaps you should execute "chmod -R 777
The first interesting thing will be to see where MS goes from here. Will Office 2004 have DRM as a default? If so, that would make interoperability a great deal more difficult. But more interesting is how the open source community will respond. DRM on documents is an important feature. If I'm putting out a document, it might be useful for me to be able to specify who can view it, who can edit it, and so on, without having to resort to filesystem ACLs. Sure, it's not absolute security on the document, but it's another layer. So it might be a good thing to consider to have some sort of open source DRM alternative for OpenOffice.
-Todd
Re:DRM will be the exception, not the default (Score:5, Funny)
C:\>chmod -R 777
'chmod' is not recognized as an internal or external command, operable program or batch file.
C:\>
be a bit more helpful next time.
Business Orientated Positive Feature (Score:5, Interesting)
Yes there is always the arguement that DRM will never stop an employee jotting stuff down from screen to paper and walking with that info, but there is a hell of a better chance someone is going to spot him copying 400+ pages of information, whereas with no DRM he could jsut copy the document and walk.
It says in the article that this was a feature that customers had requested, and I for one can fully beleive that. Expire documents when they become dangerously out of date? Fantastic (think of health and safety!). Dont want an accountant to walk with sensative finacial information they get emailled? Dont let them print the document or do anything other than view it.
Employers need to trust employees, certainly, but that trust also needs to be earnt. And yes you can emulate a lot of DRM with other means (no printer) but then that restricts peripheral things as well.
Even if the developers of a competing office suite could figure out how to get their software to open an Office 2003 document, doing so would be a DMCA violation, since they'd be bypassing an anti-circumvention device
This isnt MSs fault, this is the fault of a dumb law, and thats it. Want to blame someone for that? Blame the people who let it get voted in - the US populas.
It has been said before that MS Office has not had any real good features since office 97, and that this is a feature that will force people to upgrade. My view is that yes a lot of people will upgrade because of this, but not forcable. They will upgrade because tehy WANT these IRM features, as it gives them more control.
The last paragraph in the article states: ""It's not going to be adopted en masse, but I think they'll have a good rollout department by department for people dealing with more sensitive documents." and this is precisely what the office 2003 release is aimed at, the people who requested the features and who want them. If OOo had this feature before MS Office, I bet you could have enticed quite a few businesses over from the Office series jsut based on IRM.
Ah-ha! Not so fast... (Score:5, Interesting)
(Yes, I know it's silly, but anyway.)
DRM for business documents is a valuable tool (Score:5, Insightful)
1) DRM technology will be available to businesses which choose to run a DRM server on Windows 2003. It will not be enabled by default.
2) The technology will allow a management (or really the top level key holders) to limit document access rights to specific individuals or a group within the organization. A very valuable feature for many businesses.
3) Without a doubt, MS will abuse this technology to lock their customers into the new Office document format, which they will further abuse to limit document exchange from MS to third party applications.
The problem here is not 1) and 2). Those are perfectly reasonable features that most businesses want to buy. The problem is 3), the vendor lock-in issue. The Open Office project could write the same kind of DRM services into their suite, while at the same time offering document portability to those who hold top level keys to an organization's documents. IMO, this is where they should go long term, since it's obvious MS has hit upon a valuable technology - but like they're always abt to do, they're first instinct is to use the new technology to lock their customers in rather than sell their customers on their new features, quality engineering, and support. Businesses want both the DRM controls and document portability across a wide range of applications. MS always fails their customers in this regard and that's one reason why they've got such a bad reputation.
JMO.
Maynrd
Change the headline. (Score:5, Interesting)
Would anybody be upset if they integrated PGP into MS Outlook? No? Well, now they're doing it with Word. This is fine.
Obviously, encryption would require changes to the file format. This is a pretty standard sort of upgrade arm-twisting. They're adding a new feature. Woo.
You wish. (Score:5, Interesting)
I think that is wishful thinking. "Why?" you say? It's quite simple, Microsoft has proven to have more business saavoy than anyone here. I'm just going to trust that Microsoft knows what they are doing when it comes to manipulating the market.
This is just yet another slashdot pipe dream of the demise of Microsoft, Think about how many other articles showing how MS will fail there have been here.
Embrace, Extend, Register with the DMCA. (Score:5, Insightful)
What Microsoft will do with the Word DRM is "license" the technology to other commercial interests that wish to maintain file compatibility. They know that THIS is the wedge they can drive into things to split off the open-source projects, because A) no self-respecting open-source project would license MICROSOFT technology, and B) even if they would, they likely couldn't afford it.
Look for this to happen with the next round of media file formats as well. On a more sensationalistic note, what if MS bribed say, NVidia to DRMize their hardware interface. Nobody could then make calls to that hardware without either having a license or violating the DMCA. Again, commercial interests can afford the license, but do you think RedHat and such would like to bankroll Open Source's hardware compatibility licenses? Perhaps at first, but eventually I think not...
Watch out.
-JT
It will never work (Score:4, Interesting)
It's a Catch-22 for Microsoft. Either force people to upgrade by mandating DRM (and risk losing everything), or continue supporting legacy versions (and eliminate the incentive to upgrade or use DRM).
I think the only customers who will be "locked into" an Office upgrade are those dumb enough to use the DRM features. The Darwin effect is coming soon, to an office near you.
How to short-circuit this (Score:5, Interesting)
Get the company legal department and managers involved. Point out that company policy and/or the law requires certain things be done with documents, eg. certain finance-related documents must be kept for certain lengths of time or the company can face fines, certain documents must have file copies made, policy dictates that certain people receive copies of documents. The DRM features in the new Office software may, depending on what the sender sets, prevent the required things from being done. If the creator specifies "no copies", archive copies of financial and/or legal documents couldn't be made which must be made. Since some of the senders may not be within the company and may very well have good reason to prevent a record being made, this could put the company in the position of being legally liable while not being able to control their liability. That's the kind of stuff that makes lawyers nervous, and the lawyers have the ear of the board of directors and executives.
Whaa??? (Score:5, Interesting)
Don't get me wrong, I LOVE OpenOffice.org. But I don't see how getting into "high gear" is going to do any good unless OO.o manages to completely revolutionize the office suite paradigm far beyond what MS has. OO.o is a great *alternative*, but it's not really doing much more than MS Office does and there are some features missing. To get "mind share" (profit can go to hell since that's not why most of us are here), OO.o is going to have to provide above and beyond what MS Office provides. Is that possible? I don't think it is.
Sure, some people might want to jump ship when they figure out that MS is going to hold them hostage with DRM. But that's only going to be a small fraction of office suite users. The majority will grudgingly hand the cash over to MS and upgrade. The only way to get more people to WANT to move over to OO.o or some other alternative is to provide exactly what most coders despise: features. This is what Joe Average is interested in. Yes, I am aware that OO.o has some features that distinguish it from MS Office, but it's not enough of a difference to really count.
An example of a feature that an average user would find "useful" no matter how stupid it might sound to a true geek, is say... self-contained executable documents. If a user could write something and then save it as a "self contained" document that was platform independent, I think it would be a feature that goes beyond MS Office. Think about it... the user saves the doc and then e-mails it to someone. The recipient can then just open the attachment WITHOUT needing to have OO.o installed on their machine... or MS Office... or ANY office suite. Instead the document itself comes with an exectutable that provides basic reader fearures, possibly an executable that will install a lightweight editor, or even contains an editor itself. Obviously it wouldn't have all the features that OO.o contains, but just enough to read and maybe edit.
Or... maybe the document would never get sent to the recipient. Instead the document would remain on an HTTPS accesible document store. The recipient would get an attachment that contains authentication to allow seamless access to the https document store and a path to the document. Along with this document store is the ability to "edit locally" which would give the user the option to run an editor over the HTTPS link or use a locally installed editor depending on the situation. This would go well beyond anything the MS Office suite does now and would appear to be far beyond MS's current mode of thought.
That's where things need to go if MS is to be usurped of the office suite mindshare that it currently posseses.
Information flow NIGHTMARE! (Score:5, Insightful)
Do some research everyone! (Score:5, Informative)
This is just Public Key Cryptography based on open and documented standards!
How do I know? I was there when it was announced. In early June at TechEd 2003 in Dallas Texas. Some Korean VP of Verisign showed it off. His accent gave it a very scary "All your base are belong to us" kind of feel, but there it is.
Here's the press release from that day:
http://www.verisign.com/corporate/news/2003/pr_
Please read this before you spout off one more cockeyed comment on how Microsoft is evil cause you won't be able to read this on the plane or how it's proprietary and noone will ever understand it or work with it ever again.
Tempest in a Teapot (Score:5, Interesting)
1 - The rights-management stuff is off by default, says the article.
2 - I do infosec work regularly and I can't get people to use good passwords, and the further from geekdom they get, the faster they forget or circumvent password mechanisms. That's something easy. Key management and other DRM aspects are complex enough to get wrong any one of a dozen ways (either too tight or too loose).
3 - Imagine a pointy-hair reacting to you telling him that he just DRM'd his ass out of his own spreadsheet... forever.
I predict this 'great idea' will be rarely used since 99% of people can't be bothered to do much easier and less dangerous security tasks. Further, some companies will probably just ban it's use (since an employee can lock the boss out or stuff could accidentally get wrongly locked). It will inspire fear when people get burned. And a fair number of 'forced adopters' will go to gray market earlier versions and stop the upgrade treadmill completely, or jump to alternatives.
Oh, and imagine the fun if it does get put in: the boss makes you work overtime to get a report in by Friday night (Monday won't cut it!), so you stick in DRM to expire it at 9am Monday, so he has to call for a resend. Send inflamatory messages with a one-read, no-print, expires-forever rule so your flamage has a chance of evaporating after impact. And the geek-chic power of being able to screenshot someone that does the same thing back at you and get their ass fired.
A last comment: if you want to help the undoing of the MSOffice stranglehold, take stock of your own personal and business relationships and pressure anyone you can (not customers, not the boss or people who will hurt you for doing so) to use non-office methods. Politely ask sales drones to resend stuff in a non-Doc/Excel/Powerpoint/Viso format. When asked, spread FUD!: blame microsoft-laden viruses and them being less-trusted. But start the revolution by inconveniencing them. The monopoly is due to habits.
It's not *that* bad (Score:5, Informative)
This feature can be activated by selecting "Document Permissions" from either the toolbar or the File menu. Documents are NOT created with this feature enabled by default, although there might be some random little option somewhere to make it the default option.
In Word, this feature enables you to specify which people can read it, and it automagically turns off Print Screen and Printing if I remember correctly, and maybe the clipboard too. In Outlook this prevents you from forwarding or copying the text to clipboard too.
As for home users being able to use it, for the purposes of the beta Microsoft allowed users to use their .net passport as the method of authenticating users, in addition to whatever 2k3 server they might have had. I'm not sure if they're going to allow .net passports after the Office 2003 launch, but only time will tell. Office 2003 users will have to download some additional program (will probably also be on the CD too) to gain access to restricted documents.
For what it's worth, here's what the microsoft help document has to say on the issue:
Yet more alarmist FUD (Score:5, Informative)
The technology is designed to enable secure document transfer between trusted parties. For instance, documents containing trade secrets or engineering specs for a company's latest greatest apps. The creator of the document can secure it so only specified people can read it, limiting potential leaks outside of the company, or the document falling into the wrong hands.
It is not enabled by default and it requires an internal infrastructure to implement (Windows Server 2003 with Windows Rights Management) so the average joe blow isn't going to even be able to use it.
As for "competing products" not being able to read these secured documents, well that's the whole point right? If you're publishing secure documents, you're securing them for a reason, and you're only going to want those who can read it to read it.
There could be an argument for Microsoft to publish an open standard for interoperation, but this is America, not a socialist state, so that argument is a little weak.
Personally, I think this is a cool feature, and one I'm personally going to be using for my day to day work.
This caught me on a slow day, so here it goes... (Score:5, Insightful)
Think about:
The system is ultimately ineffective (screen shots anyone?, hand made copies?, pocket cell-phone cameras?), and false security is worse than none
It requires additional infrastructure (cost) and software upgrades (cost) then locks you in to the M$ implementation
Companies (financial) will have to manage (cost) the new documents to meet compliance issues (ie: you can NOT have documents that are required to be kept for compliance be protected from copying or have them expire - and how do you stop it?)
Single point of failure:What if the DRM server is down (temporary downtime company-wide for M$ Office)
What if the DRM server crashes and can't be restored (permanent loss of important data)
Will M$ provide a backdoor (for Law Enforcement, PATRIOT ACT, etc), what if it's leaked ?
THIS IS A DOCUMENT MANAGEMENT ISSUE - not a security problem, people need EDM/ECM not more gimmicks !
'Hacking' into the document to provide interoperability or to recover data may be a FEDERAL OFFENSE under DMCA
What about search/rescue for the users who screw up and lock themselves or others out of documents accidentally ???
Forced upgrades (al la Win2K) just to continue to use YOUR OWN (DRMed) corporate assets
Louts Notes has had a (less user-friendly) version of this since R2 [slashdot.org], and very few shops use it (encryption keys)
On the bright side:
There are a huge number of users/customers/vendors/partners who will not be able to use the DRM documents (requires upgrade), so it will take years to even marginally implement for external communications (which is one of the main items people want it for in the first place)
Some obvious possibilities for abuse include:
Stopping Whistleblowers (Enron, Pentagon, Worldcom/Arthur Anderson, Whitewater)
Erasing potential evidence: stockbroker send you bad advice in a doc that expires in 30 days
Erasing potential evidence: boss tells you to do something unusual that gets you into trouble
Erasing potential evidence: employees colluding to do things detrimental to a company (embezzle?)
Mafia can us it for betting slips, other low-level secure comms
Word/Excel macro viruses could be set to self-destruct to protect the guilty
Restricting fair-use rights
The Terrorists could use it !
See Also:
http://www.securityfocus.com/columnists/165 [securityfocus.com]
5 Questions Customers Should Ask Microsoft (Score:5, Insightful)
2) Will Microsoft make any encoding APIs freely available to the public for 3rd party applications to open and use those files?
3) If the answer to 2) is no, will Microsoft license any encoding APIs to 3rd parties and will these be non-discriminatory?
4) If the answer to both 2) and 3) is no, will Microsoft agree not to invoke legal action in the event that 3rd parties reverse engineer any encoding APIs?
5) If the answers to all of 1) through 4) is no, is Microsoft not concerned about US or EU anti-trust authorities ruling that the Office file strategy is anti-competitive?
The submitter didn't RTFA (Score:5, Informative)
According to the article, it is not the default behavior for O2K3 to use Information Rights Management. In fact, in order for Office to lock a document, there has to be a Win2K3 Server running the rights manager suite somewhere on the LAN...
Nothing to see here... move along...
Re:I swear... (Score:4, Offtopic)
This is for QUICK and EASY scripts - so don't tell me to use something I can't record scripts directly in and easily debug (if I want powerfull I'll code it in C). Also, it would be nice if it ran on Windows and Mac without modifications to the scripts.
However I guess these features will be of little use to me once I can't have access to my Excel files/scripts unless I pay a hefty license fee to Microsoft every year.
Re:I swear... (Score:5, Funny)
Grammar the other hand is no proper checking way.
Re:I swear... (Score:4, Insightful)
Integration with Powerpoint
Integration with Outlook, and by extention,
Integration with Exchange
All of which are irrelevant if you're looking to replace MS Office in the first place.
How about perfect compatibility with everyone in the business world.
You haven't exchanged docs between Office 97 and Office 2K much because there are plenty of incompatibilities that arise between the two without even counting document corruptions.
Re:out of the water (Score:5, Insightful)
Second, what the hell does Linux have to do w/Anti-DRM and people switching? Linus has specifically stated that he has no opinion either way. If you want it, woo, if not, woo. People aren't sick and tired of DRM and it's not BS (no matter what "we" think)
Linux is taking a foothold because other software companies have expensive software.
You think that an alternative to Office is going to help? There have been alternatives (Corel, etc) did it matter? Do you think because they are creating a new version of Office it will render the other files incompatible? That would be really really dumb for MS to do (no ability to bring in your old stuff? retype? what?)
The only reason for a switch is PRICE. Honestly, no matter what bullshit people spread on here about how good OO, SO, etc, are, they aren't what MSO offers. Not even close.
Until the OO, SO, etc, get some strong following and somehow create something better than Office, no one is going to care unless it is money related and even then, I doubt a few hundred dollars is going to matter...
Just my worthless