This is a question for the developers of Calc.
In Calc it is possible to password protect a sheet to prevent cells from being modified. I was testing how solid this security feature is, and I was able to unlock the protection quite easily.
My question is: how is that possible?
It seems to me that password protecting doesn’t add much value when it can be unlocked this easily.
(For security reasons I won’t tell how I unlocked the protection, but I assume the developers know how I dit it.)
I am not sure I completely understand. The help page says “protection can only be removed once the correct password has been entered”. And then it says “These protection features are just switches to prevent accidental action. The features are not intended to provide any secure protection.”
So if I protect a sheet with a password, this doesn’t guarantee any protection? Then why would you secure a sheet with a password, if the security can be easily bypassed? I don’t get it. Can someone explain?
@LibreGuy, to provide a simple, effective, and controlled method of prompting the user in order to prevent accidental overwriting i.e., like the “Are you sure you want to delete file XYZ?” in a file manager.
That could be done without a password. Right? Here’s the deal. If I send you a file, and I password protect a sheet, then I expect you cannot change the protected cells. However, it is quite easy to destroy the password protection. This means the password protection is quite useless. So here’s some document and YOU don’t want ME to change certain important information. You password protect the sheet, send the file to me … and I destroy your protection and change the information. Not good!!!
Even Microsoft use the term “accidental” for the same feature. What you are looking for appears to be enhancement tdf#78862. How this will work in an interoperability sense remains to be determined as MSO feature parity is an important objective.
The protection is not an encryption. It protects content (including formats …) against accidental changes, however, and that is not “quite useless”. Whether or not this kind of protection is useful for somebody will depend on what is intended to achieve.
By the way: It is obviously the same with MS Office. We had related topics.
That a protection without an encoding can easily be removed on the level of manipulating the (unencrypted) files is kind of an advantage for those who tend to forget passwords.
By the way: To make things more clear the ‘Save As…’ dialogue might better use the term “Encrypt with password” instead of “Save with password”.
Concealing how you removed the password for sheet/document protection is a very weak variant of “Security By Obscurity” that will not actually work. If you succeeded to remove the protection from the running document without using the password, on the other hand, this might indicate a bug. You should tell (bug-report) how you did to initiate improvement.
By the way again: A working spreadsheet always must have its unencrypted content accessible in the RAM representation. The next level of expertise will enable you to break protection based on the open document.
You already explained how I removed the protection … by manipulating the unencrypted file. My question is, what is the benefit of being able to password protect a sheet (not the file!) if it’s easy to remove this protection by manipulating the file? Why should you password protect it then?
Let’s compare this to a daily situation. Why would you lock your door with a key, if the lock itself is not properly attached to the door and can be easily removed?
I suppose you read my answer completely. Therefore I can only repeat the central statement with different words: I personally do not use sheet/document “protection” by a password (without encryption) to keep away a villain or a spy but to raise a hurdle against unintentionally spoiling something. However, how would you start to implement a protection harder to bypass? There will, I suppose, not be a way without also encryting.A spreadsheet may not ba a good place for secrets.
It’s not about hiding secrets. Let’s say I create a spreadsheet for you, but I don’t want you to give/sell it to someone else. I could place a copyright statement in a protected cell saying you are the only one who’s allowed to use it. Now you can easily delete my prrotection and remove the copyright statement and sell my spreadsheet to someone else. Just one of many examples.
The problem is that it’s quite easy to manipulate the file and delete the protection part (including the pass hash).
“Protecting” a copyright clause and hiding technical secrets are very similar intentions. Again my question is how. Another hint: There still is printed matter basing on years of studies and research which cannot effectively be protected against unauthorised copying by technical means. We have to rely on righteousness now and then. You may fiile a request on this site if you think what you want is feasible…
I understand what you are saying … but tell me … why is there a password protection (SHA1 if I’m correct) that is this easy to remove? Why would one set a password, if someone else simply can delete it without having to enter the password? I DO understand you want to protect cells for accidental changing. This can be done without a password. But why the password if you can remove it? Why lock my front door, if my back door is open all the time?
In fact I nearly exclusively use protection, if any, with the empty password. The “feature” was invented in times of proprietary binary file formats. StarOffice 5.2 Calc (from 2000) had it, and MS Excel obviously, too. This surely also did not provide security but the obscurity was a bit more reliable. In times of XML based persistent representation, the feature simply was not dropped. It may be obsolete, however.
Thanks for your explanation. For people who are “not that into” computers, this protection might work. But indeed it’s not a solid solution at all. Major concern is that it may lead to certain expactations (I password protected the sheet so my data is fully secured) which are not at all true. It is not the kind of protection one can really trust, while protecting something with a password does assume otherwise.