![[TEST] Document Foundation Community](https://communitytest.documentfoundation.org/images/discourse-logo-sketch.png){kind=logo}
Hello list,
https://threatpost.com/microsoft-reports-massive-increase-in-macros-enabled-threats/110204
http://blogs.technet.com/b/mmpc/archive/2015/01/02/before-you-enable-those-macros.aspx
We think macros and other rarely used, but high risk features should be
DISABLED BY DEFAULT in LibreOffice.
What do you think? Is it worth it?
Thanks..
Have a wiser and safer day!
Hi 
I think the LibreOffice macros system is more secure by design.
I think it's fair to assume that if LO/AOO have a certain percentage
of market-share then we could expect roughly that percentage of
exploits. That doesn't seem to be happening though.
Ok, so you could say that it might be better for malware writers to
only aim at the most used office suite and ignore the rest even if
they have a sizeable percentage of market-share. However, once a
macro is written surely it's not immensely difficult to edit it to
work in a different program?
That doesn't often work either though because the malware written for
MS Office relies on specialist knowledge of the flaws in MS Office.
LO/AOO simply don't have the same flaws and vulnerabilities.
The top priority of LO/AOO is (are?) radically different from the top
priority of MS Office. Microsoft's primary goal, as a profit-making
company, is to generate profits. They have shareholders who are
concerned about the profitability of the company and on the yield
returned on the value of their shares. LO and AOO have none of that.
Also the way of working is entirely different. With MS each dev is
shielded "from knowing too much" about the bigger picture and from
knowing too much code around the specific area they are working on.
Industrial espionage is a major concern. Also once code is written
very few people are going to see it. The emphasis is on the code
doing the job and on being written fast enough. Devs toil in
obscurity and they can't show a portfolio of their work or hold up
examples to a future employer to show off how good they are.
With LO and AOO any elegant code is much admired and wins respect and
starts to attract a fan-base. The other way around is that kludgy
code is an embarrassment to the dev and is likely to be seen by lots
of peers. In LO and AOO the devs are like Gods of Rock or celebrities
and can show off their work.
Also MS has teams of people whose sole job is to take a list of
problems that other people have found and then decide which are worth
fixing and which they think MS can get away with not fixing. By
contrast in LO and AOO tons of people gripe about the tiniest thing
and wont let it go until it's been fixed.
So we tend to find the LO and AOO simply don't have as many
vulnerabilities and problems. It's difficult for anyone to find any
flaws that can be exploited by writing some nasty macro.
Regards from
Tom
We think macros and other rarely used, but high risk features should be DISABLED BY DEFAULT in LibreOffice.
Since I don't do windows ^1, I can't confirm the statement in the
original article that MSO ships with Macros disabled by default.
If that is the case, then changing the defaults in LibO/AOo/EO/NO/etc
won't make a difference, because the user will enable the macro to run,
if only for the specific document.
Tom Davis wrote:
So we tend to find the LO and AOO simply don't have as many
vulnerabilities and problems.
Because LibO, AOo, & EO run on various platforms, I suspect that, as a
malware vector, they are less vulnerable than MSO on Windows.
By way of example, I can't use JabBib on my laptop, because the version
in the official distro repository is incompatible with the specific
setup of my laptop. There are two or three other programs I'd like to
install, but have similar issues. If I had the drive space, I could
install the tool chain required to compile the programs from source code.
The apparent increase is insecurity that support for the number of macro
languages that LibO & AOo brings, is nullified by the macro writer not
knowing what components of that language are available on the target
machine.
It's difficult for anyone to find any flaws that can be exploited by
writing some nasty macro.
At least one "proof of concept" "nasty" macro was publicly released for
OOo. I've seen a couple of posts, and articles, that imply that there
are some OOo/LibO/AOo ^2 specific macros in the wild, but nothing that
can be confirmed.
Although yes, not allowing macros of any sort to run would be more secure, the default installation is to only allow macros from trusted sources and unsigned macros are disabled. So, macros signed by a trusted source are allowed and nothing else. This includes macros included with LO that may be part of things such as certain Wizards; at least there used to be wizards for things like document migration included.
I think that disabling all macros would be confusing if you attempted to use a Wizard and it failed to run. I could be mistaken, I did not bother to test (lazy I guess).
I don't consider LO usable until I have lowered the setting one level, which requires that I say yes / no for every document that I load that runs macros. I never set it to just run any macro.