As we suspected, there are more holes in the Office Document Inspector. Our clever readers came up with some possibilities for revealing secrets in documents, worksheets and presentations.
Document Inspector is good but could be better. As you’ll see, there really should be a warning about objects with multiple layers.
The biggest problem with Document Inspector isn’t technical. Busy people rely on the tool only and don’t consider other possibilities that Office doesn’t check or needs human intervention.
Pictures edited in Office
In Warning: image editing/redaction in Office we alerted readers about images or objects with layers that hide details in lower layers.
A specific example is redacted Images that are edited in Office. These can include the original, untouched, image.
Here’s a picture with the face hidden by adding a shape (Insert | Illustrations | Shapes | Oval). The Selection Pane (right) reveals the two objects that make up what we see.
That’s not a single image, it’s the picture plus a shape overlaid. That combination is included, even in PDF’s made by Office.
The quickest way to fix this is to take a screen image of the visible photo and paste that in the document instead of the edited image.
Links
Similar to reveals in the document file name, watch out for links that disclose details.
This document link reveals the name of a person that you should keep confidential.
//MainServer/clients/Fred_Dagg/Press Release.docx
Or this link which is embarrassing
http://sharepoint.foo.xyz/customers/troublemakers/Announcements.docx
That needs human checking mostly, but there are some tricks to speed that up.
Find All
A few readers suggested using Find to search for key but unwanted terms.
For example, search a document for a customer name, account number etc. (assuming you want to keep those details private).
Also check for in-house terms or staff names.
Expose the links
The trick is to check twice:
- Search the visible text.
Then press Alt + F9 to show the link ‘underneath’ the visible test.
- Search the text again, including the Hyperlinks.
Two searches are necessary because when Word reveals the links, it hides the visible text. See Find and Replace links in Word documents
Visible Text
Same text with links revealed
As you can see, the link text ‘Press Release’ disappears. In this case the customer name appears in the links. We’ve highlighted the HYPERLINK.
PDF Option
Several readers suggested sending a PDF instead of an Office document.
That’s definitely a good choice. We think that PDF’s are better for ‘end user’ documents that aren’t intended to be edited by receivers. We were surprised that press releases are sent as a Word document, not a PDF. PDF’s made in Office, with no password, allow readers to select and copy text.
Beating Bots, Spies and Cockups explains how to protect PDF’s with passwords before sending.
However, PDF’s aren’t entirely safe either. As we demonstrated back in 2015 and mentioned above, PDF’s made in Office include the original image.
Sending traps
Office Watch reader, Geoff H reminded us that there are traps at every stage
“.. be very sure you’re sending the correct “cleaned up” version of the document to the intended recipient—not one of the backups.”
Not only the file name can giveaway details but also the link to a file on cloud storage.
“Remember that your e-mail address in the transmittal message and the name of a download link (such as a Dropbox link) that you’re sending may reveal your identity.”
See also:
Secrets left in docs after Document Inspector in Office
Saving Word document with automatic Document Inspector
Why you must use the Document Inspector
Does a document name reveal your secrets?
Paul Manafort was trapped by Microsoft Word and how he could have prevented it