Excel (Office XP) secretly inserts personal metadata when closingdocuments without saving

  • Thread starter Thread starter Dave
  • Start date Start date
D

Dave

Because I actually like to know and control when my documents are
modified, I maintain digital checksums of all my documents (as anyone
should to detect corruption or unauthorized tampering).

Yesterday I was sent a binomial distribution table in an Excel document.
I opened the document and then closed it without making any changes.
The file's last-modified timestamp was unchanged. However, I detected
modification of the file by a change in its SHA1 signature. A binary
comparison between the original document revealed some minor
differences, such as the original author's name being partially
overwritten with my name in the document's hidden metadata.

This was very discouraging, and despite going through every single
option in Excel's options, I was unable to stop this behavior. I
personally find this kind of software behavior appalling. It isn't the
particular change in this incident that bothers me; my name isn't
exactly highly classified information. What I do find extremely
bothersome about the behavior of this software is the level to which it
is representative of Microsoft's general attitude toward the consumer's
privacy and security. If one scours through the MS Knowledge Base,
there are dozens of documents pertaining to privacy and security related
issues involving the hidden metadata stored by the Office suite of
products, so obviously it *is* quite an issue. Search even harder, and
maybe you'll even find some specialty-tools to aid you in the removal of
this unwanted information, a rather passive approach to a problem which
could easily be eliminated by allowing users control over the
dissemination of their personal information in the first place, wouldn't
you say? But I'm getting off-topic. Excuse me.

I think the important point here is that *no* software should be
modifying your documents when you simply open them for reading!
Modifications should be user-initiated and confirmed. I think that
represents most people's expectation. Does anyone feel otherwise??
Deliberate or not, I can only conclude that this is a *bug* in Excel.
I haven't even gotten around to testing Word and other
Office-bloatware for similar bugs. I can't wait.


Dave
 
Just wondering why you decided to repost this exact post from the other day?
Did you not agree with the discussion that followed? Makes me question your
true purpose for posting

As discussed previously -- it is not an issue of hidden metadata -- if you look
at the properties of any file you will see created date, modified date and
accessed date -- it is not even an issue of Excel


: Because I actually like to know and control when my documents are
: modified, I maintain digital checksums of all my documents (as anyone
: should to detect corruption or unauthorized tampering).
:
: Yesterday I was sent a binomial distribution table in an Excel document.
: I opened the document and then closed it without making any changes.
: The file's last-modified timestamp was unchanged. However, I detected
: modification of the file by a change in its SHA1 signature. A binary
: comparison between the original document revealed some minor
: differences, such as the original author's name being partially
: overwritten with my name in the document's hidden metadata.
:
: This was very discouraging, and despite going through every single
: option in Excel's options, I was unable to stop this behavior. I
: personally find this kind of software behavior appalling. It isn't the
: particular change in this incident that bothers me; my name isn't
: exactly highly classified information. What I do find extremely
: bothersome about the behavior of this software is the level to which it
: is representative of Microsoft's general attitude toward the consumer's
: privacy and security. If one scours through the MS Knowledge Base,
: there are dozens of documents pertaining to privacy and security related
: issues involving the hidden metadata stored by the Office suite of
: products, so obviously it *is* quite an issue. Search even harder, and
: maybe you'll even find some specialty-tools to aid you in the removal of
: this unwanted information, a rather passive approach to a problem which
: could easily be eliminated by allowing users control over the
: dissemination of their personal information in the first place, wouldn't
: you say? But I'm getting off-topic. Excuse me.
:
: I think the important point here is that *no* software should be
: modifying your documents when you simply open them for reading!
: Modifications should be user-initiated and confirmed. I think that
: represents most people's expectation. Does anyone feel otherwise??
: Deliberate or not, I can only conclude that this is a *bug* in Excel.
: I haven't even gotten around to testing Word and other
: Office-bloatware for similar bugs. I can't wait.
:
:
: Dave
:
:
 
Lady said:
Just wondering why you decided to repost this exact post from the other day?
Click to expand...

I never posted in *this* newsgroup.
Did you not agree with the discussion that followed? Makes me question your
true purpose for posting
Click to expand...

Why? What discussion are you referring to? I don't recall you having
been part of any such discussion.
As discussed previously -- it is not an issue of hidden metadata -- if you look
at the properties of any file you will see created date, modified date and
accessed date -- it is not even an issue of Excel
Click to expand...

What on earth are you talking about?? A file's timestamps, which are
what you're referring to, are completely independent of the file itself.
They are not stored as part of the file, and as such do not modify
the contents of the file when they are changed. Where in my post did I
indicate a problem with the last-access timestamp, or any timestamp for
that matter? The problem I have is with unauthorized modification of
the file's *data* simply by *viewing* it.

Get a clue.

Dave
 
Back
Top