Bonum Certa Men Certa

OOXML: Security Flaw Found, Microsoft Lies About It Again, African Revolt Against It, and ISO in Great Danger

It is not looking good for OOXML. Even if it passes the September 2nd test, the wrecks it will leave behind it will be highly damaging not only to Microsoft, but also to those that surround Microsoft.

OOXML Means... Deception



Microsoft systematically lies about OOXML. It does it deliberately. To use a few recent examples, consider this batch [1, 2, 3, 4, 5]. There are many more examples to be found, but they are not quite as 'fresh'. If you thought Microsoft ran out of lies, then get a load of this.

Of course, Microsoft already knows all this, and no doubt that is why they are working so hard to urge NB's to vote "Approval, with comments" with promises that their comments will be addressed at the BRM, a BRM that might not even occur. In fact, if everyone listened to Microsoft and followed their advice then that would almost guarantee that no BRM would be held and no NB's comments would be adopted.


This is another disgraceful case of deception. Microsoft hopes to have its victims razzled and dazzled until it's too later to change the mind.

OOXML Means... Not Secure



In the past, for a variety of reasons, OOXML was said to be unsafe. It's unsafe because of poor digital preservation. It is unsafe because life is in jeopardy. It is unsafe because of untrusted binary macros. It is unsafe because it depends on the existence and direction of one single company. The list could go on and on, but there's a theme here. OOXML is not a safe route for storing one's (potentially vital) documents, history, and work.

If you thought you had seen it all, be aware that an XML-related flaw has just been discovered in Excel 2007.

Bradley Mountford, a digital forensics expert, today discovered a security vulnerability in Microsoft Office Excel 2007 regarding login information of external data sources.


Need anyone be woken up by a louder warning signal? Inelegant formats are bound to become susceptible to abuse. Without reuse, there is plenty of room for mistakes. OOXML is not just buggy, but it is also risky.

OOXML Means... Imperialism



Recall our very recent post about OOXML in the African continent. Reciting some key information:

In response they [Microsoft] have apparently been sending PR teams around to national Standards boards all over the world(Ghana for a fact) to lobby for votes for OOXML under the guise of talking about ‘Open XML Standards’.


Bear in mind that Ghona is actively pursuing Free software, but it's also an easy target for the notorious "exchange of favours/money".

The minister also said that "Ghana's legislators, of which I am a member, use Linux to support the computing facilities at Parliament House".


Here is where the news comes in. It follows the articles (some of which were cited in our previous Africa-tagged post) about Microsoft's abuse through lock-in. Right now, the African civil society is actually courageous enough to warn Microsoft. To paraphrase Pamela Jones (in a different context), Africa is not as ignorant as Microsoft needs it to be.

African Civil Society Organisations (CSOs) may be spoiling for war with the global software giant, Microsoft Corporation, over its bid to have its DIS 29500 'Office Open Extensible Markup Language (OOXML)' endorsed by the International Standard Organisation (ISO).


Miscellany: OOXML Means... The End of Standards



It wasn't long ago that the OOXML petition site posted and posed the 5 famous questions about OOXML.

Here are some 5 simple questions you should get an answer from your Standardisation Body, from ECMA, or from Microsoft...


These questions make it evident that OOXML becoming a standard would be absurd, to say the very least. The Web is filled with new comments about OOXML's progress and here is one that caught my eye:

MS threatens legitimacy of ISO

Microsoft whines they are following the rules. Well, it's also within the rules to fire a competent and cooperative single mother of 4 children and replace her with your drinking buddy. Some rules.

ISO will commit suicide if OOXML becomes a standard as it is now. But maybe that's what Microsoft wants.


Closing a loop here, in reference to the issue of OOXML and safety, have another look at what Rob Wier said last week. It's the conclusion in an essay whose title was "Is it [OOXML] safe?" (highlight in the quoted text is ours):

The tragedy of this is that for so many NB's, with talented technical committees, the discussion of OOXML has failed to be a technical evaluation, but has quickly become a political game, where committees are stuffed, governments are pressured, billionaires call in favors, competitors blocked from participation, voting rules ignored or modified at whim, etc. All we can do is stand by and watch as Microsoft takes over JTC1. The cost to Microsoft will be great, but so much greater is the cost to JTC1. What will it mean for JTC1's future to be known as a body that does not follow its own rules, does not evaluate proposals on technical merits, but has procedures so weak and poorly written that it allows itself to be taken over by a single company? Quis custodiet ipsos custodes?

Recent Techrights' Posts

New XBox Leaks Probably Serve to Confirm XBox's Collapse (Many More Layoffs)
It's very much consistent with what many other sites have reported lately
 
"Nobel" Exploited Posthumously for "AI" Hype, Now They Do the Same With "Quantum"
ere have been many jokes about "Nobel" for peace (often granted to pro-war people) and a fake one for "Economics" (establishment propaganda)
Slopwatch: Plagiarism and "Linux" Articles by Bots
Sites that do this won't survive; many of them rely on slop services (suppliers) that will cease to exist after the bubble bursts
Distinguished Lecture by Richard Stallman This Coming Monday in Rome
After "Free software, Crucial for Freedom in a Digital World"
Links 10/10/2025: Putin Admits Russia Downed Azerbaijan Airlines Jet, More New Heat Records
Links for the day
Noteworthy Claim That IBM is Firing a Lot of Lawyers This Week (RAs in the Legal Department)
A lot of what they do is patent 'trolling' or lawyering up against their own staff (e.g. HR disputes)
Links 10/10/2025: US Judge Bars Attacks by ICE On Journalists and Protesters; “We Took The Freedom of Speech Away” Says the President
Links for the day
Slopwatch: Serial Sloppers, Google News Gifting Slopfarms, and Fake News/Plagiarism About "Linux"
Google itself is a slop pusher these days
Qualcomm, the New Owner of Arduino, Blasted for Its Software Patents Tax on 'Smartphones'
A lot of Qualcomm's patents are on software. We wrote about this in prior years.
XBox Layoffs Rumours, Downtime, and Criticism From XBox Co-Founder
"everyone is ditching the xbox."
Links 10/10/2025: Honoring The Legacy Of Robert Murray-Smith, Many Articles on the Hey Hi (AI) Bubble
Links for the day
Gemini Links 09/10/2025: October Gothic and Reading Middle Earth Role Playing; C and Ada
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 09, 2025
IRC logs for Thursday, October 09, 2025
Links 09/10/2025: Farewell to Jane Goodall, California Bans Algorithmic Price-Fixing
Links for the day
Gemini Links 09/10/2025: Lost Wages and a Saga Of Continuing To Use Palm PDAs
Links for the day
Richard Stallman's Talk in Helsinki is Done. Tomorrow Göteborg.
There are scarce details in Finnish about Dr. Stallman's talk
The Slop Song
The train wreck marches on
LLM Slop/Advanced Plagiarism Flooding the Zone With Capital That Does Not Exist
Many publishers out there still participate in this bubble instead of calling it what it is
Links 09/10/2025: Sacked Microsoft Workers Make "Sackbird", IBM Taps CockroachDB for PostgreSQL
Links for the day
"Happy Hacking Day" Richard Stallman Talk This Afternoon (From 14:00 to 16:00) at Haaga-Helia University in Pasila
Richard Stallman in Helsinki, Finland
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 08, 2025
IRC logs for Wednesday, October 08, 2025
Links 09/10/2025: Impact of Microsoft Layoffs, More Data Breaches
Links for the day
Gemini Links 09/10/2025: Autumn Blues and C IRC Bot
Links for the day
Slopwatch Appreciated by Real Authors of GNU/Linux Articles
We do try to keep on top of those things
Upgraded R.R.R.R.R.R. Today
The Web of 2025 is full of garbage, not limited to slopfarms
Freedom From Proprietary Prisons
Forking always an option
IBM's Watson Died in 1956, Now Watson Dies Again
IBM is becoming just a reseller of GAFAM and other stuff
Slopwatch: LinuxSecurity, UbuntuPIT, and Google News
We've also just noticed more slop from UbuntuPIT
Microsoft Says That Constant Mass Layoffs Are Success, the Media Isn't Buying This Microsoft Narrative Anymore
If people in the media feel an obligation to repeat whatever lies Microsoft tells, what point will there be to the media?
Links 08/10/2025: "Mali Puts Free Speech on Trial" And Apple Enforces Dictatorship
Links for the day
Links 08/10/2025: ‘Death to Spotify’ and Law to Ban Loud Commercials on Streaming (Dis)Services
Links for the day
Links 08/10/2025: Real Innovation and Nina.chat is Dead
Links for the day
Links 08/10/2025: Y2K38 Bug is a Vulnerability, Chat Control in Europe a Threat
Links for the day
Microsoft Windows is No Longer an Operating System, It's Surveillance Project
Why is this even legal to preload on PCs outside the US?
How and Why Once-Legitimate Sites Turn Into Slopfarms
Many sites will go offline and many social control networks will shut down once they realise or even openly admit they spend money and time gardening a bunch of bots and slop
UbuntuPIT Became a Slopfarm and Gnoppix Tarnishes Its Own Brand With Slop
It fits all the characteristics of mildly-edited (if at all) slop
Slopwatch: Linux Journal and Other Slopfarms
GAFAM needs to go the way of the dodo
Gemini Links 08/10/2025: "Seek Seek Revolution" and Gradient Backgrounds
Links for the day
Qualcomm Arduino Takes Aim at Raspberry Pi
Qualcomm is a Microsoft partner
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 07, 2025
IRC logs for Tuesday, October 07, 2025
Stagnation of the Economy and What Free Software Can (or Could) Do For It
If your economic model is based on a pyramid of lies, it won't last very long
Social Control Media is Sinking
it would rightly seem like the era of centralised "social" sites (they're not social, they're about controlling the users) is ending, not overnight but gradually