PC Week has uncovered a severe weakness in the security of common office applications, such as wordprocessors and databases, which is being exploited by commercial developers.
The US government's policy on software encryption is forcing software companies to build "weak" password protection into commercial applications, it is claimed. This has opened the doors to companies offering products they claim can break into password protected files in standard office applications.
Such software is readily available on the Internet from companies such as Crak (www.crak.com), which says its product can break into Word, Excel, Paradox and Lotus 1-2-3 password protect files. Trial versions of the software can be downloaded for free or purchased in full for $185 (#116).
"There is a legitimate reason for trying to get into protected files, such as when an employee leaves a company or someone has genuinely forgotten their password," according to John Kuslich, Crak's founder.
The company is currently working on a new version of its software for Office 97, which, according to Kuslich, is due out "within weeks". "Microsoft has made the encryption harder," he added.
Microsoft spokesman Mark Murray said the encryption feature in Word is intended as a customer convenience, rather than a "comprehensive security solution". He added: "US export controls have made it difficult for US companies to respond to consumer demands for increased security."
Pam Mills, UK desktop manager at Lotus, advises worried users to store their 1-2-3 files on network file servers, as this restricts file access to authorised users. "You can also make the most of password-protecting your PC or, if you use a floppy disk, physically lock it away in a safe place," she added.
Encryption laws in the US discourage domestic use of strong encryption. US law also forbids strong encryption techniques being exported. This is so the US government can track criminal and terrorist activities more easily. However, the level of encryption US software companies are able to export is ludicrous.
It is far too easy for people to gain unauthorised access to files which undermines all sense of data security. Unless something is done soon, users will simply not trust computers with confidential information.
Some parts of Atacama have not received rainfall for 500 years - but a sudden deluge of water upset the Desert's delicate biological balance
Spitzer Space Telescope could not spot Oumuamua, suggesting that it is actually pretty small
Greenland crater one of the 25 largest impact craters on Earth
This long-sought progenitor star was identified in an image captured by Hubble in 2007