I missed out on the opportunity to get on the Writely test.

I have tried Ajax Write with limited success.

On the other hand — and even more off-topic — I have found OpenOffice.org to be an excellent replacement for Microsoft Word and wouldn’t hesitate in recommending people to give it a try. I use it exclusively at home on my Linux box and find it less frustrating than Microsoft Office — the Microsoft Windows version is 100% compaible. Exchanging documents with Microsoft Office is a breeze.

I am not affiliated with OpenOffice.org, so this isn’t a paid advert…

I agree entirely with your comments. My concern remains sloppy and lazy implentation by users. It doesn’t matter how strong or secure an encryption system is, many users won’t use it, will fail to fully utilize it, or take shortcuts around it. We already have way too many instances of laptops being stolen with sensitive data that apparently have not had been properly secured and/or encrypted.

On a roughly related matter (corporate info hosted on a third party site), I uploaded the Microsoft Word document I’m supposed to use for my “Performance, Advancement, and Development” (PAD) plan to both Zoho Writer and Writely, and neither rendered the tables correctly. Abiword didn’t work quite right, either. I guess I’m stuck with Microsoft Word.

The PAD form, as far as I can tell, does not have any of what I consider sensitive information. Unless someone really wants to know what my job goals are for the next six months…

One of the key (pun not intended) problems with the concept of Office 2.0 is the thought “do I want my sensitive data hosted by someone else?”. This applies more pervasively than is first apparent — even if you save the results to your machine, for the work files and other temporary data will have been held by the host and any number of machines on the route to/from it. Normally this information is overwritten and lost, but for really critical data, relying on this may be a risk.

For my personal letters, notes, and ramblings, there is probably no risk; for commercial plans it may well be worth the effort for a competitor or organized crime to set up “man in the middle” recording, or other attacks. It is businesses that will drive adoption for Office 2.0, so we need to alleviate their legitimate fears.

Note that it is not just the contents of files that need protection — often a lot of information may be inferred from metadata such as file names and the existence or timing of their creation.

What would be nice to have is a simple, standards-based, easy to use [otherwise people won’t use it] transparent encryption technique. This would ensure that data stored on the laptop is useless to anyone who doesn’t supply the right key.

The need for an open standards-based approach is vital; allowing a company to define standards — or worse pollute them with their own proprietary extensions and “improvements” — is a sure fire invitation to vendor lock-in.

There are already implementations available — many of them are open source. What is needed is the thinking to bring them all together in a user-friendly way. Suitably implemented it could also bring benefits of authentication and non repudiation, giving “signature status” to documents.

The disadvantages behind the scheme are the ability for major providers to hijack the scheme and lock people out unless they pay (e.g. DRM systems); denial of access to competitors through the use of polluted standards and “trusted” status; interference from various governments [demanding access to data — e.g. RIP in the UK and PATRIOT in the US]; hosting policies for Office 2.0 suppliers [e.g. offering free storage in exchange for reading your documents to direct targeted advertising]. None of these are technical issues — they are all policy/implementation/political problems that need to be considered.

Overall, I believe the advantages outweigh the disadvantages, but it will take a few more high profile losses to make a strong-enough business case to convince many people.

Interesting times ahead…

Nice points. Office 2.0 providers sure should be thinking along these lines.

You’re pointing to a very real issue. Down the road, Office 2.0 will have to be secured with strong biometrics authentication and/or personal password generators that you can attach to your keychain. Such solutions are available today at a reasonable cost, and all we have to do is make them more mainstream by having vendors such as Google or Microsoft actively promoting them. We should get there within three to five years.