There is more information contained in a document than one may think. The boss jokes you’ve cut and paste into a Word document to send to close friends (who in turn will forward it to other buddies) doesn't only contain the laughing material. The prank Excel worksheet you sent from a fake email address doesn’t only contain the erroneous numbers and charts. Many products embed within them information that identify you. For example, a typical word document would contain the Author of the document (many-a-times you) together with the time the document was created, when it was last modified, etc. After this information was made public, Microsoft released tools to have this data removed and today's versions of Office include this option as standard. But how many people are aware that this data is even included in each and every document? And how many people know where this not-so-frequently mentioned option is stored.
Microsoft is not the only culprit. Other products contain similar information. For example, in November 2004, the German publication PC-Welt carried the article "Erwischt: Hat Microsoft fur Windows XP Warez genutzt" (Gotcha: Did Microsoft use Warez for Windows XP?). This article highlighted the fact that some of the sound files that are installed by Windows XP were manipulated using a pirated version of the software editing program SoundForge produced by Sony. For anyone who would like to have a look, open anyone of the 9 wav files found in the directory C:\Windows\Help\Tours\WindowsMediaPlayer\Audio\Wav" using the Notepad program (Start -> All Programs -> Accessories -> Notepad) and move to the very end of the file. You might need to enable the Word Wrap option in Notepad,
Something as simple as an email will leave a trail telling an expert or a determined person the actual time the email was sent and from where it originated. Each site you surf to can work out the ISP (or university or employer) you are connecting from. Even through thousands may be sharing the resources of the same ISP at the same time, from logs that may be retained by these internet front liners, it would be easy to identify you as the sender irrespective of the pseudoclouts you might have tried using to hide your true identity.
Should we stop using the internet, send emails, write documents and use software? Should we become paranoid? Should we protest? No. We should ensure that we are informed on what information is hidden in the software and tools we use and be informed on whether it is possible to remove personal data (and how) or not.
To know makes us better people and better people we are.
Alan is the managing director of onNeutral Ltd an ICT firm specializing in security, data retrieval and crime investigation services. onNeutral Ltd's web site is at http://www.onNeutral.com.
Your comments are welcome.
This work is licensed under a
Creative Commons Attribution-Noncommercial-Share Alike 2.5 Malta License.