Thursday, January 29, 2009

Hidden Danger of Sharing MS Office Documents

Introduction

There are not many readers of this blog who do not use Microsoft Office for business and private needs. Essentially, Microsoft Word is the most used editor of choice for many people. But do you know that sharing the Word documents can give readers more information about you than you might think. You feel that sharing Microsoft Word document is just sharing the information and format of what you see on the page. But that is the biggest mistake! I stopped sending Excel and Word format service quote long ago before I read this article. Converting to PDF makes the document look more professional, it does not allow recipients to modify or forge document, or dig in the document creation history. The facts revealed in the article give more reasons to be careful, while sharing the Microsoft Word documents with different sources.

Which information can be revealed to the reader?

Besides the plain text, you intend to show your readers, you also give a key to the following information, which you did not plan to share at all:

* Text from other documents, open at the same time.
* Previously deleted text.
* E-mail headers and server information.
* Printer names.
* Data about the machine where the document was written.
* Where the document was saved.
* Word version number and document format.
* Names and usernames of document authors.

Hidden and dangerous

Analysis of hidden information in the so-called Iraq "dodgy dossier" showed, among other things, the names of the four civil servants who worked on it. Downing Street press office head Alastair Campbell had to explain who these people were to the House of Commons Foreign Affairs Select Committee investigating the genesis of the plagiarized document.

"The time when most information tends to leak is when you are using a document that has a number of revisions or a number of people working on it," says Nick Spenceley, founder director of computer forensics firm Inforenz.

The UK government has now largely abandoned Microsoft Word for documents that become public and has turned to documents created using Adobe Acrobat which uses the Portable Data Format (PDF).

"I’m not sure many people check Word documents before they go out or are published," says Mr Spenceley. He says he knows of a case in which someone found previous versions of an employment contract buried in the Word copy he was sent. Reading the hidden extras gave the person applying for the job a big advantage during negotiations.

Sometimes the mistakes are even more public.

During the hunt for the Washington sniper the police allowed the Washington Post to publish a letter sent to the police that included names and telephone numbers. The newspaper tried to hide these details using black boxes which were easily removed and the sensitive details exposed for all to see.

But it is not just governments, businesses and newspapers that can be embarrassed in this way.

You could be too

There is a function in many versions of Microsoft Office programs, which includes Word, Excel and PowerPoint, that means that fragments of data (which Microsoft refers to as metadata) from other files you deleted or were working on at the same time could be hidden in any document you save.

This could be embarrassing for any home workers whose colleagues find out that they have been applying for jobs while working at home or being less than complimentary about their co-workers.

Look and learn

With the right tools this hidden data can easily be extracted. Unix and Linux users can turn to tools such as Antiword and Catdoc to turn the document, including its formatting information, into a simple text file.

Computer researcher Simon Byers has conducted a survey of Word documents available on the net and found that many of them contain sensitive information. He gathered about 100,000 Word documents from sites on the web and every single one of them had hidden information. In a research paper about the work Mr Byers wrote that about half the documents gathered had up to 50 hidden words, a third up to 500 words hidden and 10% had more than 500 words concealed within them.

The hidden text revealed the names of document authors, their relationship to each other and earlier versions of documents. Occasionally it revealed very personal information such as social security numbers that are beloved of criminals who specialize in identity theft.

Also available was useful information about the internal network the document travelled through, which could be useful to anyone looking for a route into a network. Mr Byers wrote that the problem of leaky Word documents is pervasive and wrote that anyone worried about losing personal information might want to consider using a different word processing program.

Alternatively he recommends using utility programs that scrub information from Word documents or following Microsoft’s advice about how to make documents safer.

"Microsoft is aware of the functionality of metadata being stored within Word documents and would advise users to follow the instructions laid out in," says a spokesperson. To remove hidden data from Office 2003 and Office XP, you should follow explicit Microsoft recommendations. And next generation, Office 2007 provides a built-in tool to find and remove this information.

Sources and Additional Information:
http://news.bbc.co.uk/2/hi/technology/3154479.stm
http://support.microsoft.com/kb/834427
http://www.clarion.edu/36449/
http://www.pcworld.com/article/119674/free_tool_identifies_hidden_data_in_microsoft_office_docs.html
http://blogs.technet.com/tarpara/archive/2007/10/24/how-to-removing-hidden-data-from-office-documents.aspx

Monday, January 26, 2009

Your Amazing Personal Travel Assistant

Yapta is an internet travel company created in May 2006. It compares prices of airline tickets based on search criteria. If a user likes a given flight, Yapta will track that flight and notifies them if the price of the flight drops below the user’s designated desired price. If the user purchases the ticket, Yapta will continue to track the price of the ticket. If the price drops, Yapta can alert the user to the possible availability of a credit or voucher for the airline, based on the difference.

Yapta acts as a personal assistant that remembers your budget and traveling preferences while also tracking airfare prices - even after you bought your ticket.

According to Yapta, the average flight price fluctuates 400%. What this means is that every person on a flight paid hundreds of dollars more or less than the person next to them. What Yapta has been trying to do since it launched in May 2007 is to tell its users when the price of the ticket will be cheapest and to alert them if the price drops and they are eligible for a refund or travel credit from the airline.

Yapta offers indirect purchase of airline tickets through the airline websites. This enables users to purchase their tickets without incurring additional travel-agency fees. It is not at ticketing agency that offers direct purchases, such as Orbitz or Travelocity. Unlike Farecastimage001 (now owned by Microsoft), Yapta does not make fare predictions. It tracks actual prices and sends you an email alert when the price changes.

Yapta also offers a small application called the "Yapta Tagger". The Tagger works within the internet browser and when it recognizes an airfare displayed on an airline’s website, it displays a "Tag It With Yapta" icon next to the price. Pressing this icon enables Yapta to track the flight as if you had searched for it on the Yapta website.

Yapta is an acronym for "Your Amazing Personal Travel Assistant."

Currently, Yapta supports price tracking for at least 23 different airlines, including American, Delta, United, Jet Blue, Virgin America, and many newly added international carriers (Air France, British Airways, Cathay Pacific, Lufthansa).

Web site: http://www.yapta.com/

Tuesday, January 20, 2009

Amber Light of Death (ALOD) Troubleshooting on Dell Computers

Dealing with customer computer troubleshooting for significant period of time, somehow, I was lucky not to get the “Amber Light of Death” before. But, obviously, this problem is quite frequently discussed in the online computer-related forums and message boards, thus is quite common.

Problem Description

The computer power is pushed, and the power light is continuously blinking, you see power monitoring leds are ON, and fans are working. But computer does not proceed to the OS boot, and even does not go to the BIOS. The computer monitor is essentially blank.

Problem Source

Based on the Dell users manual description the following problem points out on the power distribution failure inside the computer, while the computer does receive the electrical power from the power outlet.

Troubleshooting



Unfortunately, the problem has multiple explanations, and there are many things that can go wrong in its relation. Therefore, I will propose the following troubleshooting plan, starting from easy-to-do items and continuing to more complicated. Following every step, verify the computer performance. This way, you will know exactly, what the problem source is.

1. Check the power selection switch at your computer and ensure that the voltage selection is set properly to match the AC power at your location. Switch it back and force to ensure that it is indeed at the right position.

2. If you use UPS, reset it.

3. Try different power outlet to ensure that the problem is coming not from your external power supply.

4. Perform the computer “cold reboot” - shut it down, wait 5 minutes, and turn it again.

5. Shut down your PC, open the case, and verify all the cables are connected properly. Ensure that the processor power cable is securely connected to the system board.

6. Examine all your USB ports (front & back) for pins that are bent or pushed in and fix any that are bent. This appears to be the most frequent reason of the problem appearance.

7. Reset 3V battery on the Motherboard.

8. Replace 3V batter on the Motherboard.

9. Remove one-by-one all the nonessential hardware elements in the computer by disconnecting them from the motherboard, like non-essential boards, Floppy, DVD, network cards, etc.



10. Blow carefully with air blower inside the computer case. That will ensure that no pieces of metal or debris could cause the short circuit.

11. Swap the power supply in from another PC. Dell claims the power supply replacement is the #1 solution to this problem.

12. If there is no improvement, there is a good chance that the Motherboard should be replaced. Several users reported that the Motherboard was a core source for the problem appearance. But, in most cases, it means that it might be easier and cheaper to shop for a new computer.

Saturday, January 17, 2009

Having Free Fun with DeeFunia

My presentation for the simple online image editor to add funny effects to your pictures Photofunia draw huge positive feedback from the blog readers. For weekend entertainment, I want to offer you one more site, Deefunia from China, providing similar free online capabilities.

Procedure is simple and straightforward. You choose the effect (background) for your photo, upload it from your computer, and shortly (about a minute of processing) you have a resulting image. You can download it on your computer, or embed directly to your blog or profile on social networking sites with provided code.

Website authors are hoping to make money from advertising, so the services should stay free. Interface in English or Chinese.

It is recommended to prepare nice square shape passport like image for your experiments to get the best results.

Website: http://deefunia.com/

Tuesday, January 6, 2009

Who Used Your PC in your Absence?

There is a way to review the log of the historical activities on your computer. That can be useful, if you want to track the chain of events that lead to the certain problems with computer performance, or you need to check what computer-related activities on your PC at your absence were performed.

First, you should go and enter the following command in the Command Prompt: "Start > Run > Eventvwr.msc".

Note that all events are recorded in three stored log files: Application, Security, and System. These logs can be reviewed and archived for future use. For our current purposes, we will use the System log.

Click on “System" in the left-hand column for a list of events. Look for a date and time of the data you want to check, or when you were not at home. Double click on the info and it will show you the related details. You can also use this log file to check for how long your computer was used in your absence. Just look at the time the computer was turned on and off for that day of question.

Related Posts Plugin for WordPress, Blogger...