Tariq Rashid, @postenterprise

Stack Smashers Meetup, October 2015

who, why?

I've experienced security in environments where the impact is fairly high,

and the baddies are fairly determined and resourced.


I saw a problem - cost, complexity, bad UX.


I'm suggesting a fix.


I'd like ideas, challenges, suggestions, pointers .... before I really dive in!

the problem

document bourne malware is on the rise

the problem

and it costs a lot to manage

the solutions

are flawed

are complex, with bad UX

popular document formats are designed for




... not security

ideal solution

verifiably secure


has momentum


good user experience


don't invent a new format


Open Document Format


already works with LibreOffice, Microsoft Office, GoogleDocs, Apple, ....


​and increasingly mandated by governments

- incl UK Government (2014)


no new processes or steps for users


works with existing familiar software


no separate desktops, browse-downs, etc etc


default save, or save as


invisible network level validation ..

verifiably secure?

need your help!


100% predictable behaviour?


no Turning machine?


no execution or translation - only representation?





XML keys and values ONLY from known-good set


content range and values only from known good set - incl user generated content


strict order of XML tags and structure


complete - no missing bits allowed


no arbitrary execution - only representation of data

why not OOXML?


not truly open


execution paths obscured - e.g. Windows Metafile handling

think of a Tweet

max size 240

min size 1

ASCII 65-90 only

don't interpret content

no malware?

It's Not About Cryptography



It's about safely receiving docs from less trusted sources



next steps

1. define security objectives


2. define secureODF schema and assertions


3. validator, import/export

recap - the idea

1 - Every business needs to exchange documents - but common document formats were never designed to be secure.


2 - Documents carrying malware is a major method of cyber attack.


3 - Anti-malware scanning is not good enough to protect critical infrastructure like health, energy, government, transport, finance.


4 - But today's strong security is expensive and cumbersome.


The elegant solution is to develop verifiably secure variants of existing Open Document Format - free for all - for social good.


By Tariq Rashid


A proposal for a secure document profile of ODF that prevents malware by design - so you can receive documents from less trusted sources.

  • 771

More from Tariq Rashid