IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 2.54 Loss of confidentiality through hidden pieces
of data.
During electronic data communication or transmission of data media,
information that should not leave the institution is frequently passed. The
possible reasons for an inadvertent transfer of information are listed below: .
- A file contains some pieces of text formatted in a hidden or non visible
mode. Such pieces of text can include statements, which are not addressed
to a recipient.
- Files created with standard software, including text processor or
spreadsheet programs can contain additional information such as the
structure of directories, version numbers, creator, modification time stamp,
last time of printing, document name and document descriptions.
- If a file is copied to a floppy disk, an entire physical memory block will be
filled. If the original file does not require a complete memory block , the IT
system fills up the unused section of the block with discretionary ‘hidden’
data.
- All current releases of Winword offer the possibility of using the ‘quicksaving’
option for all created documents This ensures only that the
modifications of a document will be saved. This takes less time as
compared to a complete saving procedure, in which Winword has to save a
completely modified file . However, a complete saving procedure requires
less storage on the hard disk than does a ‘quick-save’ procedure. The
decisive disadvantage, however, is the fact that a file can contain textual
fragments which were not foreseen for distribution by the author.
Examples:
- Due to the use of a different editor, a user accidentally discovered several
URLs, followed by a user name and a password from a file which was
ready and prepared for sending. The address of a WWW-document is
called URL (Uniform Request Locator). The access to a WWW-page can
be password-protected
- Presentation slides built with Microsoft Powerpoint were handed over as
files to a third party by a public authority. Later it was detected, that it was
not only the presentation slides, but that it also included information about
the user environment, such as information about the newsgroup subscribed
to by the user and which articles from the newsgroups he had already read.
Among other things the PowerPoint file contained the following entries:
alt.drugs! s21718 0
alt.sex s125 0
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000