[IS&T Security-FYI] Newsletter, March 22, 2007
Monique Yeaton
myeaton at MIT.EDU
Thu Mar 22 16:37:42 EDT 2007
In this issue:
1. DMCA Notices are Getting Attention
2. MIT is Looking for an IT Security Analyst
3. Tip: Purging Your Documents of a Hidden Threat
-------------------------------------------------
1. DMCA Notices are Getting Attention
-------------------------------------------------
One of the newsletters I sent around in February mentioned the rise
in copyright infringement notices at MIT. The news media have been
paying attention to this recent crackdown from the RIAA (Recording
Industry Association of America), and point out that the worst
infringers are universities.
The IT Security Support team at MIT receives the DMCA notices
(Digital Millennium Copyright Act, which protects copyright holders),
and gives infringers the opportunity to remove the violating files
from their computers and to stop sharing copyrighted materials. As a
response to this situation, the security team is working on a list of
frequently asked questions which it will post online to help the
community understand what copyright infringement is, how to avoid it,
and what the consequences of infringement could entail. Stay tuned. I
will notify this list when the page has been posted.
------------------------------------------------------
2. MIT is Looking for an IT Security Analyst
------------------------------------------------------
There is an IT Security job available within the IT Security Support
team at MIT. The position, which is for an Information and Network
Security Analyst, will be part of a four-person team to provide
support and assistance to MIT departments, labs and centers in
preventing and addressing security issues. In addition to at least
five years of practical experience in information and network
security and incident response, working directly with end-users, the
optimal candidate would have good communication, technical,
analytical and project management skills.
A full description of the position is posted on Jobs at MIT here:
<http://hrweb.mit.edu/staffing/index.html> and can be found by
selecting "Vice President Information Security and Technology" from
the Organization drop menu.
-----------------------------------------------------------------
3. Tip: Purging Your Documents of a Hidden Threat
-----------------------------------------------------------------
Did you know that there is often data hidden (known as metadata) in
Word documents that do not display when opened normally in Word? If
information that the author didn't intend to share is revealed, it
could lead to a security breach of private information or an
embarrassment to those sharing the document. With metadata, it's
possible to view the history of every change ever made to any
Microsoft document during its lifetime. Information can include edits
made by others, comments placed in it, and more.
This fact may not be news to some people. Several years ago, metadata
accounted for an embarrassment for the British government, when it
was discovered that hidden information in a security document
outlining its stance towards involvement in Iraq revealed that much
of the work was plagiarized.
We suggest that if you are sharing documents, to convert them to PDF
format first, making sure that your "tracked changes" are not
showing. Microsoft offers several other solutions for minimizing risk
from metadata in its products including how to remove them. To learn
more, visit Microsoft's help site: <http://office.microsoft.com/en-us/
help/FX100485361033.aspx> and do a search for "metadata."
If you have any questions, please contact us at security at mit.edu.
Monique
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
More information about the ist-security-fyi
mailing list