RE: Microsoft Word Protection Bypass
From: Eric Lawrence (ericlaw_at_bayden.com)
Date: 01/07/04
- Previous message: Arman Nayyeri: "RealNetworks fails to address Cross-Site Scripting in RealOne Player"
- In reply to: Thorsten Delbrouck-Konetzko: "Re: Microsoft Word Protection Bypass"
- Next in thread: Vladimir Katalov: "Re: Microsoft Word Protection Bypass"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Thorsten Delbrouck-Konetzko'" <Thorsten.Delbrouck@guardeonic.com> Date: Wed, 7 Jan 2004 12:46:10 -0800
Umm... What exactly prevents you from just typing up your own "contract" and
then claiming they sent it to you? Or printing a changed contract out and
claiming it was mailed to you? Or taking of any of a million other
fraudulent actions?
The standard Office protection mechanisms aren't designed (and shouldn't be
expected) to be tamper-proof against a determined adversary. For more
serious levels of protection, use the new DRM mechanisms in Office 2003.
-Eric
-----Original Message-----
From: Thorsten Delbrouck-Konetzko [mailto:Thorsten.Delbrouck@guardeonic.com]
Sent: Wednesday, January 07, 2004 12:57 AM
To: bugtraq@securityfocus.com
Cc: joop gerritse
Subject: Re: Microsoft Word Protection Bypass
joop gerritse <jjge@xs4all.nl> wrote on 03.01.2004 12:34:45:
> A much simpler trick is to write the document out
> in RTF form, and use a text editor.
There are several methods to extract the contents of a protected document,
but that fails to be the point here.
Equipped with a method to unprotect/change/reprotect a document (with the
original, unknown password) it becomes (close to) impossible to prove that
the document actually *has* been modified. If a senders relies on the
protection mechanism (like some corporations which send out offers as
"protected" docs do) this might actually have legal consequences.
Example: Upon your request a vendor e-mails an offer for product foo to
you, price 100,00 EUR (Word format, protected forms). To form a legally
binding contract you are asked to print the doc, sign it and send it back.
In most legal systems (and among merchants who have been entered as such
in a commercial register) this process is suitable to form a legally
binding contract between the two parties involved.
Now you could easily decide to change the price within the original
document to 80,00 EUR, print it, sign it and send it back to the vendor
(thus forming a legally binding contract between the vendor and you!).
They will of course insist on the 100 EUR version, you will insist on the
80 EUR version. You'll take them to court. An expert will be asked to
analyse the original electronic document you received and will most likely
find that it's protected by a password which is highly likely to be known
by the vendor only and that you could not have changed the document. They
lose. You win. :-)
regards,
/tdk
- Previous message: Arman Nayyeri: "RealNetworks fails to address Cross-Site Scripting in RealOne Player"
- In reply to: Thorsten Delbrouck-Konetzko: "Re: Microsoft Word Protection Bypass"
- Next in thread: Vladimir Katalov: "Re: Microsoft Word Protection Bypass"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
