[ISN] Got a secret? Keep it

From: InfoSec News (alerts@private)
Date: Sun Feb 25 2007 - 23:16:06 PST


Times Business Writer
February 25, 2007

SRS develops software to keep documents from spreading hidden data

SRS Technologies engineer Ron Hackett spent 20 years in the U.S. Air 
Force working on advanced technology and secret projects.

Now he hopes the intensive work he has done over the past six years will 
help bring a little-known problem to light and stop the accidental 
sharing of business, medical, legal and government information.

Hackett said he recognized the size of the problem of hidden data in 
electronic documents while working for the Defense Intelligence Agency's 
Missile and Space Intelligence Center in December 2000.

He found that a large number of transmitted documents, including Power 
Point presentations, Excel spread sheets and Microsoft Word documents 
contain hidden words or other data not intended for viewing, but hidden 
within the documents where it could be accessed.

Hackett spent his last 18 months in the Air Force raising awareness of 
the problem with DIA, the National Security Agency and government 
inspectors general.

Upon retirement, he joined SRS and began pursuing ways to protect users 
from leaving hidden data behind.

"People who do know about this aren't going to tell you," Hackett said. 
"There's no smoking gun, and if they got the information from you, why 
would they tell you? But some of the big gaffes we've seen on releases 
of information in the past few years illustrate the problem."

Hackett cited the United Nations investigation report on the 
assassination of Lebanon's former prime minister Rafiq Hariri in 2005.

The U.N.'s version released publicly did not name names, but the public 
report document had additional information contained within - including 
the names of suspects that were discovered and widely reported.

Hackett said claims that converting a document to Portable Document 
Format (PDF) will eliminate hidden data are false, and he said most 
solutions that have been offered don't go far enough.

President Bush's 2005 speech on a plan for victory in Iraq was posted on 
the Internet and with a few clicks by those reading it, it was 
determined that much of the review work on the speech was done not by 
his national security team, but by a Duke political science professor 
who is a specialist on public opinion in wartime.

How can hidden data be left in a document?

By reusing and updating an older Power Point presentation

By cropping a picture or image, because the entire image is still 
contained in the file

By cutting and pasting information from another document, which imports 
far more than just the selection that is visible

By passing through a company a document with changes sought.

The process of "tracking changes" which is a default setting on Windows 
XP's Ad Hoc Review feature, is an editing tool to see how documents have 
been updated or changed. But it has another effect, Hackett said. It 
saves each version of the document as it is updated and passed around 

The result is, for example, comments about a contract, including 
suggested pricing and spec details, will remain in the document, though 
the final version that a company presents doesn't show that information 
on the page.

Microsoft officials have said the function is easily disabled. The 
company has stressed security in its new Office and Vista operating 
system. Hackett disagrees, and he said the problems are not limited to 
Microsoft products.

Hackett cited a 2005 study by software maker Bitform Technology Inc. on 
Microsoft Office files generated by Fortune 100 companies. The study 
found user names, e-mail addresses, hidden text and other information, 
unintentionally included in disseminated documents. Hackett said about 
20 percent of those documents were affected by the track changes 

Hackett said Microsoft and other software vendors are offering the 
features to consumers so they have a range of tools at their disposal - 
the problem is that many users don't realize what they're saving and 
sending and accidentally sharing.

SRS has developed a software program called Document Detective, with 
version 2.1 to be unveiled next week, aimed at searching files and 
scrubbing them for hidden data. The software provides a review of a 
document and offers a menu that lets the user scrub files or review each 
to determine what to retain. SRS said the time saving and efficiency of 
the program are major advantages to users.

The company has sold about 1,000 copies of earlier versions to 
government and other customers.

Joseph Bergantz, a retired Army major general and former program 
executive officer for Aviation at Redstone Arsenal, is now SRS general 
manager and corporate vice president. He said the technology's 
applications and advantages for legal, medical, banking and government 
and military intelligence customers are clear.

"This is a worldwide problem," he said. "The right thing to do is to let 
people know about it."

Copyright 2007 The Huntsville Times

Subscribe to the InfoSec News RSS Feed

This archive was generated by hypermail 2.1.3 : Sun Feb 25 2007 - 23:36:28 PST