The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

NSA Issues 'Metadata' Guidelines for Agencies

Posted by Xavier Ashe on February 3, 2006

Following a series of foibles in which federal agencies and even the
White House issued documents that contained hidden data that readers
weren't meant to see, the the National Security Agency has issued guidelines
for the federal government on removing revision histories and other
so-called “metadata” from official documents before public release.

Metadata literally means “data about data”, but that's not very
descriptive. Essentially, metadata is automatically embedded in
documents created with popular software such as Microsoft Word or Adobe Acrobat,
and includes things like the document author's name, the date it was
created, and often any changes or revisions that have been made and by
whom.

Funnily enough, the PDF document released by the NSA also contains
metadata. The text at the top of the document says it was created Dec.
13, 2005, but the metadata inside the PDF indicates it was created Jan.
10, 2006. The guy who pointed this out to me — fellow security blogger
Harlan Carvey,
who is also a forensics expert — says the discrepancy is due to the
fact that the document was originally created in Microsoft Word, then
converted to PDF on Jan. 10.

Usually NIST handles these recommendations, but it's goos that someone took the lead.  From SecurityFix.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: