Justin said:
The encryption on the other Office 2008 apps is working find and uses
strong encryption; notably the SHA-1 AES.
Only in one app.
Didn't the other divisions get the memo? Did their Exchange server
crash?
Which is not what I want. I wanted the ability to prevent somebody from
changing a PowerPoint presentation or saving it as a different filename
and using my work as their own.
But I guess you're right, I have to go outside Microsoft to implement
such a feature and use PDF.
Actually the best way to secure data is to use a piece of open source
software called TrueCrypt which is cross platform.
and No, the government doesn't have copies of all encryption keys - not
quite sure where you get your information.
Hi Justin,
Sorry, but I misunderstood which kind of security you were referring to.
The complaint we see most often in the newsgroup forums is regarding the
file-level password protection that requires an easy to hack password to
open. No encryption is involved. That's what I was referring to.
The capability you're referring to has a fancier name of IRM (Individual
Rights Management) or sometimes DRM (Digital Rights Management). There's
yet another kind of encrypted format is available to developers who use
code signing certificates for VBA to ensure to the end user that code
contained in a file they are opening is genuinely from whomever signed
the code.
Microsoft has gone through several iterations of Rights Management in
Windows Office. Rights Management is mostly used by large organizations,
military, and the like. The Mac version of Office was not deployed much
in such organizations until the most recent few years, so MacBu decided
to pass on those technologies. The landscape has changed recently. If
you think it's about time Microsoft incorporated Rights Management into
the Mac Office product you should send feedback to Microsoft using this URL
http://www.microsoft.com/mac/suggestions.mspx
MacBU listens to their customers. Create a good business case that
explains why you think Office for Mac would be wise to implement Rights
Management. Use this web form to have your message read by a product
manager at the Macintosh Business Unit. Don't whine or gripe. Consider
this an important presentation where you are making a persuasive
argument to the managers asking them to implement your suggestions.
Just the same, no matter how much encryption you throw at a PowerPoint
presentation, a screen capture program or even a video camera pointed at
the screen can effectively capture your entire show. This problem makes
the MacBU wonder why implementing Rights Management makes any sense at
all. Personally, I think RM is so easy to defeat I wonder what the point
of it is.
The only way to keep your presentation a secret is to never present it
to anyone. Your real copy protection is your ability to enforce your
copy rights under the law - strong rights in principle, but expensive to
monitor and enforce. The practical solution is to know your audience
and don't present to anyone or give the file to anyone who you don't
know for sure will be responsible with your goods.
Rights Management or not - someone not on your side can easily capture
your stuff and attempt to pass it off as their own. If authenticity and
credit for your work is your primary consideration, then make your work
public in such a way that the date and time of publication can be
verified if needed. Of course, there's always the backdating solution
for the copycat. It's so hard to prove these things!
As for the US government wanting all the keys:
http://w2.eff.org/Privacy/Key_escrow/
Regarding the UK's keys, check search for information regarding the
Investigatory Powers Act. Here's a link about it, but I'm sure a little
digging will turn up more info:
http://www.ehow.com/about_4689784_regulation-investigatory-powers-act.html
I'm not the one you have to convince. But if you want to use this forum
as a trial balloon to try to persuade me that Rights Management has a
practical side, I'm "all ears."
-Jim
