Vesselin Bontchev • June 13, 2016 8:15 AM
To see what can be done with RTF files if they are opened with Word (instead of with WordPad), take a look at this proof-of-concept:
Open it with Word. Preferably with macros ("content") enabled – RTF files can’t contain macros, right? Right? Oh, wait…
Also, monitor Word’s connections to see it contacting my site when it opens the document – this can be used to implement the beacon functionality Nicholas Weaver is talking about.
So I googled "microsoft word tracking beacon" and the first hit was an article from August 2000.
Only Hindu gods have enough hands for adequate facepalm.
FBI was doing the same thing 4 years ago. Didn’t do much with Word there, but we used Outlook macros to handle putting classification markings on emails.
Leave a comment
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient, an IBM Company.