open file only on specified dedicated computers

Discussion in 'privacy general' started by tomchook, May 21, 2007.

Thread Status:
Not open for further replies.
  1. tomchook

    tomchook Registered Member

    Joined:
    Aug 19, 2006
    Posts:
    13
    hello,
    i have a Word document that i would like to be opened only on a dedicated
    specific computer(s). i know it's possible using permission with .NET, but
    the problem is that if someone else has the passport password he can open the document on another computer.

    is there a way to dedicate a document only to certain computer based on
    offline data? (i assume that each computer has a unique "number", like MAC
    in routers that the permission of the document could count on)

    what could be the solution?

    many thanks,
    Tom
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,696
    Hello,
    The unique numbers - various GUIDs - can be spoofed.
    The best thing you can do is encryption of the file itself.
    Mrk
     
  3. tomchook

    tomchook Registered Member

    Joined:
    Aug 19, 2006
    Posts:
    13
    i'm not sure exactly what are GUIDs, but the problem with encryption is that if someone has the code, the file can be opened on other computers as well.

    the hypothetical situation is this: i have 10 friends, and each one of them has a computer, running windows. they are willing to cooperate and to give me their GUIDs(? not sure again what it is) numbers.
    now i would want to create a MS Word document/PDF file, that would be permitted to be open only on 3 computers based on their GUIDs. the other 7 friends won't be able to open the file because they have different unique GUIDs. (password is not needed because the "document can recognize the permitted computer's GUID")

    my friends having hard time to open an email account, so i doubt it they could spoof GUIDs..

    so how should i collect the GUIDs and permit a document only to limited number of GUIDs?

    thanks!

    tom
     
    Last edited: May 21, 2007
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,696
    Hello,

    We could have continued this in your original thread.

    The thing is, I'm not sure how you can implement this method, as this is not a functionality readily available to anyone. In a way, it's like Windows activation. The IDs of your hardware parts are assembled into one big number and then sent to M$ server for authentication.

    What you ask for is the same thing, only locally.

    You could try the PGP encryption, with the private and public keys - where you give the private key only to select people, but then still this is only encryption.

    To make the files hardware-dependent.... tricky one, mate.

    Again, GUIDs can be spoofed quite easily - games do this all the time to avoid various anti-cheat methods and such - so basically it's a weak protection. You're much better off with solid encryption.

    A possible way of doing it is maybe to play with Security Policies via the Group Police editor.

    I'll look into this, but don't expect too much...

    Mrk
     
    Last edited by a moderator: May 23, 2007
  5. tomchook

    tomchook Registered Member

    Joined:
    Aug 19, 2006
    Posts:
    13
    Thanks for replying Mrk!
    I hope to hear from you soon. I don't worry about spoofing the password. The "users" i'm dealing with have really basic knowledge in computers, so any weak or "spoofable" method that would permit opening files according to the hardware (perhaps MAC address? I know that all the users have modem/network card) would be just fine for me

    Thanks again
    Tom
     
    Last edited: May 25, 2007
Loading...
Thread Status:
Not open for further replies.