Tumblr 101: Tips And Tricks To Get Started
Sebastian Thrun: Google's Driverless Car
Managing Metadata
We send too much personal and corporate information when we transport documents throughout our electronic business world. Disclosing some personal data causes us problems; disclosing other data can have an international impact. Early in 2006, AT&T lawyers accidentally disclosed sensitive information in an NSA suit with a 25-page brief striped with thick black lines that were supposed to make portions of the document indecipherable but failed miserably. By dropping copied text into OS X or other PDF readers, or just using foolab's xpdf, the supposedly deleted portions were easy to read. So much for privacy and so much for that lawsuit and probably so much for those particular lawyers.
GLOBAL HUMILIATION ...SCO was humiliated internationally when documents with 'hidden' metadata revealed which companies it had considered targeting legally. EFF survived a sealed-document "mishap" and started using image files of documents to avoid sharing metadata.
If you don't want to send strictly ASCII files yet be true to your fiduciary responsibility to your company and clients, then take 5 not-so-simple steps toward secure file sharing.
- STRIP REVISIONS...Strip your documents of private information, revisions and comments before sending or PDF'ing your document. Microsoft Office 2003 users should download and install the add-in "Remove Hidden Data" and Office 2007 users should check out (and use) the Document Inspector. After revisions and before sharing, strip the comments and changes before sending to clients, opposing counsel, or other nefarious end-users.
- WHO DUNNIT?... Make them guess who authored a document instead of telling them that you hired a lobbyist, or worse, which reviewer trashed a colleague's book. When reputations, funding, and plain old jealousy are involved, clean up your identity hidden as metadata in documents. Open your Office Tools/Options or File/Document Properties (Adobe Acrobat), del the metadata and anonymize it.
- CHECKING IT TWICE...Want to see what others can recover from your documents? In Word 2003, click Open and change the "files of type" to "recover text from any file." In the "it doesn't take a genius department," open a document and voila! Any available metadata is displayed.
- THOU SHALT NOT PARSE...For the conspiracy theorists, here's a great way to ship metadata as well as company secrets through regular file attachment to email. The freeware Utility MergeStreams lets a user merge an Excel file into a Word document and create a smaller single file. When opened in Word (change the extension to .doc), you see the Word file. Change it to .xls and open in Excel to see the numeric data. The Word data is still there, just not being parsed by Excel. [h/t Windows security expert Harlan Carvey]
- PICTURE THIS...News organizations will go to jail to protect sources, but reveal their identities through digital ignorance. Slashdot readers discovered that there's more than meets the eye in online photos. A WaPo article [photo has been removed] about a hacker named 0x80 included a few tidbits of the hacker's hometown and a doctored photo. Slashdotters uncovered the photo's metadata, revealed the hometown, used the article's colorful language and enabled the source's outing. See also the NSA document on safe publishing [pdf].
Bottom line: No gold star for bad metadata managers who don't get gifted with golden parachutes.
