A Cautionary Tale about .doc Files

Here's a conversation I had with a friend of mine, whose privacy I'm protecting by pseudonymizing him as "MinionX":

Me: It's not just hearsay that MSWord files can sometimes convey unintended data, because .doc is just a big core dump, and some of the allocated memory wasn't wiped before the OS passed it to MSWord, right?
I've known people who would just run strings(1) on .doc-format résumés that people would send in, and see all sorts of things.

Bloom: Yeah, I found out what my boss was making that way once.

Me: Wow!

Bloom: i had no msword viewer and got my offer letter, and it had his offer letter in it [...] So I found out that my boss was making [massive figure deleted] a month. And later I revealed this to him.

Me: What'd he say?

Bloom: He laughed. But it made him nervous. It was his boss that had made the mistake; he's a unix guy himself.

Me: And you told him how you found it out?

Bloom: Yep.

Me: Wow. So if you'd opened that file in MSWord, you'd not have seen that data of his, but it was there in strings filename |less or whatever?

Bloom: Yes.


sburke@cpan.org, 2000-12-27