From: ShaunP. on
"Martin Brown" wrote:
> If you are that concerned about protecting intellectual property then
> you probably will have to put the critical calculations in a compiled
> encrypted external DLL. Even then it can still be disassembled by a
> sufficiently determined adversary.

Like I said before, I know nothing will stop someone determined enough to
break whatever protection I use - but I am looking for something that can't
be googled in 10min. The encrypted external DLL sounds interesting, I will
try looking into that - would you happen to have any links in the right
direction?


> You might want to experiment with some of the available password
> crackers to see how easily they can break into protected VBA code. My
> instinct is that for a suitably awkward choice of long password that
> isn't in any dictionary and uses the full range of characters the Excel
> security isn't brilliant but it will discourage most people.
>
> My recollection is that they can break into worksheets very quickly, but
> that VBA puts up a bit of resistance. YMMV

I'll definitely be going for a very large, jumbled password full of symbols.


> Somebody described a fairly devious way to trick XL into not displayiong
> the project code window in a thread fairly recently. I haven't tried it.

I'll try to find that, thanks.


> Given how bad Excel 2007 is in other areas like graphics its security is
> better than you might expect.

/SadFace


> Regards,
> Martin Brown

Thanks for the ideas. I'll look into those - still interested in hearing if
anyone else has any suggestions!

ShaunP.
From: JLGWhiz on
> How is it that Microsoft hasn't taken the time to implement this? Being
> the
> the biggest mainstream spreadsheet application without any reliable
> security?

The biggest profit is not in code development, but in the usage. The more
user friendly, the less security. For real security, a developer would use
an application that will compile with encryption that would take hackers
many hours to foil. Excel was designed originally as an accounting and
bookkeeping tool. Macros, and eventually VBA, were thrown in to facilitate
the manipulation of data on the spreadsheet. I do not believe that
Microsoft was promoting private code development for personal profit,
although they probably expected there would be some of it.





"ShaunP." <ShaunP(a)discussions.microsoft.com> wrote in message
news:E86C085C-F9CB-47E7-BD8F-CBB7595E7551(a)microsoft.com...
> This is a little dissapointing to hear.
>
> How is it that Microsoft hasn't taken the time to implement this? Being
> the
> the biggest mainstream spreadsheet application without any reliable
> security?
> Countless businesses are at risk of compromise with just a few google
> searches?
>
> There must be someway more reliable and secure.


From: Monarch on
You can try lockxls, i have version that locks Office 2003 versions, but
try their web site...

On 12.04.2010 18:08, ShaunP. wrote:
> Greetings
>
> I'm currently trying to develop a 'solution' to deliver to my clients. I'm
> almost definitely going to be using Excel barring any showstoppers - since
> this is what my clients know best. I'm trying to avoid using VSTO, and would
> like to be able to stick with Macros and VB code within Excel.
>
> My biggest concern is security. I absolutely need to be able to securely
> hide my formulas. The ease of use and familiarity of Excel is only worth
> 0.1% of the cost of the formulas. My clients don't need to know the formulas,
> or how they work, they only need to be able to use them.
>
> I've heard that Excel 2007 password protection is quite abit better than
> previous versions - is this true? I realise that nothing is ever 100% secure,
> but I need to be sure that the average computer user can't just google a
> password breaker and get to the formulas.
>
> What if my clients are running Excel 2003? Would a workbook built in 2007
> retain its security if opened in 2003?
>
> Any advice is greatly appreciated. Thank you for your time and input.
From: mcp on
We created Spreadsheet Sentry to do exactly what you are asking
about. Spreadsheet Sentry individually encrypts each formula, which
will still calculate as normal for authorized users. However,
original formulas are not able to be viewed or edited (by authorized
or non-authorized users).

www.spreadsheetsentry.com