Re: [libreoffice-users] the password of Libreoffice

Hi :)
There are plenty of warnings out there and people take no notice of them.  I saw a hot tap with a 
warning notice over it saying "Warning the water might be hot".  People cease to even notice 
warning notices because they are far tooo common.  

I my office we used to carefully hide the servers in a locked cabinet behind a filing cabinet which 
meant that everyone knew where they were.  Now they are right in the middle of the office and 
people walk past them any time they walk around the office.  Consequently no-one notices them!  My 
boss wanted me to label them with "Do not touch" signs so that kids wouldn't try playing with them 
but i managed to avoid it.  The kids don't go near them because they look boring but an exciting 
notice saying "Do not touch" would make them wonder why and make them curious to know what would 
happen if they did.  

Regards from 
Tom :)  




________________________________
 From: Gabriel Risterucci <cleyfaye@gmail.com>
To: 
Cc: "Users@Global.LibreOffice.Org" <Users@global.libreoffice.org> 
Sent: Wednesday, 11 September 2013, 11:25
Subject: Re: [libreoffice-users] the password of Libreoffice
 

2013/9/11 Tom Davies <tomdavies04@yahoo.co.uk>

> Hi :)
> You can always try opening it with MS Office.
>
> I have opened password protected MS files in LibreOffice without even
> being asked to type in a password.  I have been told the other way around
> works too.  Both programs use different systems for password protection.

> Another way might be to copy the file and then rename the file-ending to
> .zip and then you should be able to poke around inside the coding of the
> file.  I've not looked at a Calc file that way so i am not sure whether a
> text-editor could help recover the information from "contents.xml".  Also i
> am not sure if there is a single element that could be deleted to remove
> the password protection.

​Unfortunately, while it's true that old mso formats used "password
protection" as a simple access management tool, recent version (think docX)
and libreoffice files *do* encrypt the files.​

Opening the file as a zip file will only yield ciphered files, except for
the mimetype one, which is not very useful.


> Most security is more likely to hamper legitimate users than really slow
> down a determined cracker.  Encryption is a classic at being more often
> responsible for losing crucial or private data.

​If done correctly, the "slow down" part would grow into many years. That's
the point of encryption, since a bruteforce attack is always possible with
every cryptosystems :-)

However, you're right; for most people this option is more like a trap if
it is not part of a greater document management system that does take care
of the details like password, keys, and allow for some kind of recovery.
Maybe there should be a warning box that explicitely state that the
document will be lost if the password is lost​.

-- 
To unsubscribe e-mail to: users+unsubscribe@global.libreoffice.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be deleted
-- 
To unsubscribe e-mail to: users+unsubscribe@global.libreoffice.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be deleted