[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fsfe-france] [Fwd: Microsoft Offers Companies New Ways to Keep Secrets]

From: pplf
Subject: [Fsfe-france] [Fwd: Microsoft Offers Companies New Ways to Keep Secrets]
Date: Tue, 25 Feb 2003 08:59:27 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021130)

Le DRM à toutes les sauces dans le nouveau Windows 2003... :-(

-------- Original Message --------
Subject: Microsoft Offers Companies New Ways to Keep Secrets
Date: Mon, 24 Feb 2003 18:28:10 -0500
From: R. A. Hettinga <address@hidden>
To: Clippable <address@hidden>
CC: address@hidden

"We're from Microsoft, and..."



February 24, 2003

Microsoft Offers Companies
New Ways to Keep Secrets


Microsoft Corp. wants to help companies control access to sensitive documents. But the idea might not be welcome to corporate watchdogs.

The Redmond, Wash., software company Friday described new technology that can be used to create programs that can enforce a range of policies against unauthorized disclosure of information. Among other things, companies or government agencies could set restrictions on what documents or text could be copied, forwarded in e-mail, printed or viewed as Web pages.

Microsoft's technology, called Windows Rights Management Services, will use a forthcoming operating system called Windows Server 2003 and be included in a version of the Office suite of desktop programs, due in the second half of the year. The company plans to distribute tools in the second quarter to help other software developers update their products to add the security features.

Microsoft officials said the technology was prompted by customers who worry about the ease with which employees can leak sensitive material such as business plans, new product specifications or classified information.

"The benefit of the Internet is faster communication with authorized people," said Mike Nash, corporate vice president in Microsoft's security business unit. "The risk is accidental or deliberate disclosure of data that is company-confidential."

The technology can effectively revoke the ability of employees to view documents, even after they have been transferred outside a company. That feature would work by requiring recipients of a sensitive file to log on to a server at regular intervals to renew rights to access it. If they are fired or resign from a company, they could no longer renew those rights, which would expire.

Some public-policy groups aren't enthusiastic. They argue that the technology could make it harder for employees to provide evidence of corporate wrongdoing to journalists or government regulators.

"It's clear that corporations might see it as valuable," said Seth Schoen, staff technologist at the Electronic Frontier Foundation, a civil-liberties group based in San Francisco. "It's not necessarily clear that it would be good for the public."

An employee, for example, might be ordered to do something illegal in an e-mail that effectively self-destructs. "If the person doesn't do the thing, he can be fired," Mr. Schoen said. "If he wants to prove the boss had asked him to do something illegal, there is no record of it."

Companies clearly have the legal right to control access to their information and computer networks, just as they might limit how employees use photocopying machines, Mr. Nash said. Microsoft is just trying to give them better tools to do so, he said.

It is not the only one. Liquid Machines, a start-up in Lexington, Mass., last week demonstrated its own software for controlling access to documents that it expects to deliver at the end of May. While Microsoft's plans require customers to install new versions of application programs, Liquid Machines' technology can protect existing applications, including products that aren't based on Windows, said Jim Schoonmaker, its chief executive officer.

Most such electronic locks can be evaded. An employee could use a camera to take a picture of a document on a screen, for example. Microsoft could make it harder for programmers to side-step its document-protection plan by exploiting another Microsoft-proposed technology, originally code-named Palladium, that uses chips to wall off portions of a computer's hard drive so some programs can't be easily modified, Mr. Schoen of the EFF noted.

R. A. Hettinga <mailto: address@hidden>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to address@hidden

pplf - French OpenPGP page    <address@hidden>
"OpenPGP en francais"         PGP: 8263 8399 2074 5277 a6d3
http://www.openpgp.fr.st           622d 1b66 ea3d caa0 8c94

reply via email to

[Prev in Thread] Current Thread [Next in Thread]