The Dangers of Microsoft Word
Today, in the EdTech mailing list, I received the following:
——————
From: Randy Edwards
While reading a recent message in EdTech of someone raving about Microsoft Word and a couple of its features, as usual, I shook my head.
It’s been long known that Word buries your Microsoft-issued “Globally Unique Identifier” (GUID) into its proprietary *.DOC format files, along with many other potentially privacy-violating features. While many people enjoy Word’s plethora of features, these do lead to more bugs and, even worse, even the most experienced Word users often forget that Microsoft does not code software with anywhere near adequate security.
Case in point. In a startling revelation, Italian journalists have learned additional censored details of the US report regarding the US killing of an Italian intelligence agent following the rescue of kidnapped journalist Giuliana Sgrena.
This magnifies a political incident of international scope. The US and Italian gov’ts already disagreed over facts involved in the killing. But now some of the nitty-gritty details are known. How was this feat of journalism accomplished? With “deep throat” style informants and following the money?
No, just from the fact that the gov’t officials that wrote the report were foolish enough to use Microsoft Word. Worse, the authors weren’t aware or conscious enough of all of Word’s security flaws.
In this case, the Italian journalists simply copied the “hidden text” from the publicly distributed *.PDF file and they then pasted it into a word processor. Since the original document was made with Word — voila! — a journalism super-scoop.
(FYI, if you read Italian, you can read about the scoop here or download the uncensored English *.DOC file report here.)
Now, if you think this type of bungling happens only to American report writers, you’re wrong. This is an international problem. Back during the buildup for the Iraq invasion, British Ministry of Defense officials released a document of a report to journalists who were able to recover text to learn who the original author of the document was; and the author had some very embarrassing statements to make about the Blair government’s war claims. Again, all because of Microsoft Word.
So, a word (no pun intended:-) to the wise: When using Word, be sure to keep these “features” in mind or just use a different tool that’s more secure and appropriate to the task.
Regards,
Randy
——————
A bit of followup led to this post on vowe dot net, where you can download the original PDF document involved, to see for yourself how easy it is.
It looks to me like the problem wasn’t with Word in this case, but rather with the way it was saved as a PDF. The other story Randy mentions, however, about the British document error, was definitely a problem due to Word. Information deleted from a Word document usually remains stored inside it, and with a little bit of practice, can be extracted by any interested party. To be safe, you need to use plain text, or stick with a format that you can verify, like OpenDocument.