ITT’s CONFIGURABLE PuriFile® SOFTWARE EXPOSES HIDDEN DATA
By John Ivory, ITT Corporation
Nov 08. The efficient and secure exchange of information is the cornerstone of almost any successful operation. This truth is inclusive of both government organizations exchanging mission critical details, and private sector commercial information exchange alike.
By far, the most common currency for these transactions is Microsoft Word, Powerpoint, Excel, and Adobe PDF files. Unfortunately, each one is a virtual Pandora’s box of possible dangers. There is a broad spectrum of ways in which data can be hidden in each of these file formats, making a reliable review, sanitation, and release procedure almost impossible.
Fortunately, ITT’s PuriFile® software product is designed to directly address and solve this problem. Created with input and funding from the U.S. government, PuriFile allows sites to define custom inspection rules, and provides users with a simple mechanism for reviewing and correcting security issues.
The Issue At Hand
In rough terms, there are three ways in which extra information can come to exist inside a document. The first method is the most well documented; metadata. Microsoft Office and Adobe both store all sorts of extra information about a document within the file itself. Left un-monitored, details such as who document authors and reviewers were, or system information about how the document was created, linger within the file.
A broader category of security problems exists by way of unintentional inclusion. Information resides inside these file formats as a simple by product of normal use of the creating program. Some of these by products are well known, but many are not. Some examples include:
– Full images that remain in files, independent of how they are
cropped.
– Deleted content that continues to exist in Microsoft Office files
after editing, as a result of either deliberate use of track changes,
or as a byproduct of how files are written.
– Copy and pasted material from one document to another that brings
along the entire document, not just the part expected. (This
is most easily demonstrated by copying a pie chart from Excel
and pasting it into a Powerpoint presentation. Unless special
steps are taken, the ENTIRE Excel spreadsheet gets included
inside the resultant file.)
Final categories of concern are those situations when the user in some way created a document where a certain amount of content is not easily discovered. This can happen either accidentally, or deliberately and maliciously, and includes situations such as using font sizes too small for viewing, having objects off the side of the printable/viewable area, or having objects overlay and obscure others.
However these situations come about, ITT’s PuriFile software makes inspection and correction simple.
A Point Solution
PuriFile is typically installed on a single system at the customer site, allowing the inspection capabilities to be centrally administered and managed. Users access the inspection service through a number of possible routes.
Although the product supports inspection of files through a robust web interface, the most popular mechanism is through interfaces within Word, Powerpoint and Excel. Using an integrated “Assistant” plug-in, users can invoke an inspection by PuriFile directly from the Tools menu of each program.
Once complete, the results of the inspection are shown to the user in a popup window, with each line highlighting a different security discovery made in the file. Clicking on each discovery will cause the program to not only show more detail about the issue, but in most instances will also result in the program driving directly to the affected area of the document and selecting the offending object or phrase.
For example, if it was discovered that an image had been heavily cropped, rather than just annotate the issue and give directions