Linked by Eugenia Loli on Fri 23rd Dec 2005 03:29 UTC
Windows Windows Vista will improve search functionality on a PC by letting users tag files with metadata, but those tags could cause unwanted and embarrassing information disclosure, Gartner analysts warned.
Thread beginning with comment 77791
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Alternatives to ease of use?
by betson on Fri 23rd Dec 2005 19:44 UTC in reply to "RE: Alternatives to ease of use?"
betson
Member since:
2005-12-17

Hey, I'm not saying don't use tagging, I'm saying don't use potentially incriminating tags on your information. ;)

An aside:
Securing your network isn't always about securing the digital domain; administrators also have to diligently craft policies and ensure that employees understand that using portable storage devices might not be permissable on company hardware, for instance. Presumably these policies will eventually encompass the concept of metadata and what attributes are allowed and not allowed to be let free into the wild.

Reply Parent Score: 1

Member since:

...I'm saying don't use potentially incriminating tags on your information. ;)

Your suggestion, though too late to help SCO, the UN, the FBI, etc., should be part of the startup screen for any MS products that can burn you later. That way the user is educated or reminded before every use of any potentially hazardous feature. Additionally there's no problem with anyone having to be told to RTFM because the software isn't "usable" (as another poster so helpfully suggested). (^;

My point is that ease of use doesn't encourage the creation of non-incriminating tags or the use of an additional tool or feature to strip out any potentially embarrassing metadata.

I'm letting Adobe off the hook here because the data that was exposed as a result of using their product was brought to light by using an open source PDF reader that simply bypassed the intended result of the blackout formatting and let a user see the "blacked out" portion of the PDF. The non-Adobe program also ignores password security and exposes files to whoever has access to them. Of course if they haven't fixed those two issues it's certainly high time they did, doncha think?

... Presumably these policies will eventually encompass the concept of metadata and what attributes are allowed and not allowed to be let free into the wild.

Any estimate on when that might [presumably] start to take place after incidents like this having been in even non-technical news articles for so long?

Any estimate on when software will make it as easy to protect yourself from ease of use blunders such as those under discussion as it now makes it to hurt yourself or your company?

Any other presumptions I should be made aware of before responding to future posts? My startup screen didn't include the ones you mentioned. ...do;)<

Reply Parent Score: 0