Bonum Certa Men Certa

OOXML: Security Flaw Found, Microsoft Lies About It Again, African Revolt Against It, and ISO in Great Danger

It is not looking good for OOXML. Even if it passes the September 2nd test, the wrecks it will leave behind it will be highly damaging not only to Microsoft, but also to those that surround Microsoft.

OOXML Means... Deception



Microsoft systematically lies about OOXML. It does it deliberately. To use a few recent examples, consider this batch [1, 2, 3, 4, 5]. There are many more examples to be found, but they are not quite as 'fresh'. If you thought Microsoft ran out of lies, then get a load of this.

Of course, Microsoft already knows all this, and no doubt that is why they are working so hard to urge NB's to vote "Approval, with comments" with promises that their comments will be addressed at the BRM, a BRM that might not even occur. In fact, if everyone listened to Microsoft and followed their advice then that would almost guarantee that no BRM would be held and no NB's comments would be adopted.


This is another disgraceful case of deception. Microsoft hopes to have its victims razzled and dazzled until it's too later to change the mind.

OOXML Means... Not Secure



In the past, for a variety of reasons, OOXML was said to be unsafe. It's unsafe because of poor digital preservation. It is unsafe because life is in jeopardy. It is unsafe because of untrusted binary macros. It is unsafe because it depends on the existence and direction of one single company. The list could go on and on, but there's a theme here. OOXML is not a safe route for storing one's (potentially vital) documents, history, and work.

If you thought you had seen it all, be aware that an XML-related flaw has just been discovered in Excel 2007.

Bradley Mountford, a digital forensics expert, today discovered a security vulnerability in Microsoft Office Excel 2007 regarding login information of external data sources.


Need anyone be woken up by a louder warning signal? Inelegant formats are bound to become susceptible to abuse. Without reuse, there is plenty of room for mistakes. OOXML is not just buggy, but it is also risky.

OOXML Means... Imperialism



Recall our very recent post about OOXML in the African continent. Reciting some key information:

In response they [Microsoft] have apparently been sending PR teams around to national Standards boards all over the world(Ghana for a fact) to lobby for votes for OOXML under the guise of talking about ‘Open XML Standards’.


Bear in mind that Ghona is actively pursuing Free software, but it's also an easy target for the notorious "exchange of favours/money".

The minister also said that "Ghana's legislators, of which I am a member, use Linux to support the computing facilities at Parliament House".


Here is where the news comes in. It follows the articles (some of which were cited in our previous Africa-tagged post) about Microsoft's abuse through lock-in. Right now, the African civil society is actually courageous enough to warn Microsoft. To paraphrase Pamela Jones (in a different context), Africa is not as ignorant as Microsoft needs it to be.

African Civil Society Organisations (CSOs) may be spoiling for war with the global software giant, Microsoft Corporation, over its bid to have its DIS 29500 'Office Open Extensible Markup Language (OOXML)' endorsed by the International Standard Organisation (ISO).


Miscellany: OOXML Means... The End of Standards



It wasn't long ago that the OOXML petition site posted and posed the 5 famous questions about OOXML.

Here are some 5 simple questions you should get an answer from your Standardisation Body, from ECMA, or from Microsoft...


These questions make it evident that OOXML becoming a standard would be absurd, to say the very least. The Web is filled with new comments about OOXML's progress and here is one that caught my eye:

MS threatens legitimacy of ISO

Microsoft whines they are following the rules. Well, it's also within the rules to fire a competent and cooperative single mother of 4 children and replace her with your drinking buddy. Some rules.

ISO will commit suicide if OOXML becomes a standard as it is now. But maybe that's what Microsoft wants.


Closing a loop here, in reference to the issue of OOXML and safety, have another look at what Rob Wier said last week. It's the conclusion in an essay whose title was "Is it [OOXML] safe?" (highlight in the quoted text is ours):

The tragedy of this is that for so many NB's, with talented technical committees, the discussion of OOXML has failed to be a technical evaluation, but has quickly become a political game, where committees are stuffed, governments are pressured, billionaires call in favors, competitors blocked from participation, voting rules ignored or modified at whim, etc. All we can do is stand by and watch as Microsoft takes over JTC1. The cost to Microsoft will be great, but so much greater is the cost to JTC1. What will it mean for JTC1's future to be known as a body that does not follow its own rules, does not evaluate proposals on technical merits, but has procedures so weak and poorly written that it allows itself to be taken over by a single company? Quis custodiet ipsos custodes?

Recent Techrights' Posts

The Next Talk of Richard Stallman (Father of GNU/Linux and the GPL) Advertised in the Media 3 Days in Advance
He spoke in Italy earlier this year and also did some interviews
Free Software as a Culture of Resistance
Free software as a movement accomplished a lot in 40+ years
The Microsofter Who Kept Sending Threatening Post and E-mail to My Wife Has Been Joking He'd Work on Code for "Sexual Favours"
For one thing, for software professionals (like for landlords), this is outright illegal and you'd get arrested for it, and moreover it's no joking matter because there are many real victims of such sexual exploitation
 
Growing Recognition Out There That Courts Must Abandon Microsoft or Have No Perception of Authority, Autonomy, Independence, Fairness, and More
Imagine making a complaint about Microsoft to an agency that uses Microsoft
Sometimes Legal Action is Imperative (Even if Recovering the Cost of the Litigation Itself is Infeasible)
Sirius got sued, but the company has no money (large piles of debt)
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 23, 2025
IRC logs for Friday, May 23, 2025
Simpler is Better
Gemini Protocol turns 6 in exactly 4 weeks
Slopwatch: Brian Fagioli, Brittany Day, and Other Plagiarists Who Rip Off Real Writers and Target Themes Around "Linux"
Fagioli also prompted chatbots for some words diarrhoea
Links 23/05/2025: Microsoft Openwashing at ZDNet, Signal Does It Wrong (DRM, Back Doors Still Intact)
Links for the day
Gemini Links 23/05/2025: Clutter in Modern Interfaces and Dealing With DRM-Free Music
Links for the day
Links 23/05/2025: Tax Audits of Hong Kong's Independent as ‘Intimidation Tactics,’ Why "Regulating X Isn’t Censorship"
Links for the day
TecAdmin Took a Break From Linux to Push SPAM
This happened hours ago, and it seems to have been posted directly by the site's "Admin" (Rahul)
We Seem to Have Abandoned Science and Replaced Sound Policy With Private Patent Shareholders and College Dropouts Like Bill Epsteingate
Because of what they did there are now many people out there who reject all vaccines
Links 23/05/2025: Violent Attacks on the Press, VMware Price Hikes, Vista 11 Considered Unsuitable for Any Confidentiality
Links for the day
Gemini Links 23/05/2025: Balkan Tourism, UK Polls, Reticulum and Meshtastic
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 22, 2025
IRC logs for Thursday, May 22, 2025
Back to Basics, Folks, "AI" (Plagiarism) is Symptom of a Dying Industry Looking for Whatever Prey It Can Devour
lousy/sloppy imitations
Liam Proven's Thoughts on "AI" Being a Scam No Different From Religions, Alternative Medicine, and More
"Is there anywhere outside of retrocomputing that doesn't have AI in it?"
Many IBM Layoffs, Centred Around Expert Labs US in Atlanta (Offer of "Relocation" Where No Such Option Exists)
So Techrights was assessing comments/gossip online and it was right about the Thursday cull
Slopwatch: Slopfarms That 'Hallucinate' (Yield Falsehoods) Cited as Credible Sources and Microsoft Media Gaslighting Everybody
Part of the problem is, Google News
More Media Coverage and Photos From Richard Stallman's Presentation in Liberec (Czech Republic)
Here are some photos
The Microsofter Who Kept Sending Threatening Post and E-mail to My Wife Has Been Spooking Women for at Least Two Decades
censorship was the ultimate goal
Links 22/05/2025: Openwashing, Dumping Microsoft's Entrapment (Microsoft GitHub), and New Climate Disasters
Links for the day
Richard Stallman's Next Public Talk is in Milan, Italy Next Week
Happy hacking
Gemini Links 22/05/2025: Crimson Pro Font and CGI in Bash
Links for the day
IBM Goes to India, Fires People in the United States (Under the Guise of "Relocation" or Similar), Accusation of Bribery in the Company
LLM slop sites (some are pure slopfarms) from India say the IBM layoffs result in hiring "AI" (the "I" stands for India)
Why We'll Continue Covering EPO Abuses (Other Patent Offices as Well, as the Need Arises) for Many Years to Come
We're basically becoming Russia
Links 22/05/2025: TikTok Laying Off Again, Microsoft-Backed Builder.ai Set for Bankruptcy, Scam Altman Uses 'Funny Money' to 'Buy' (Hire) Company
Links for the day
These Feet Are Made for Walking
Humans are apparently so very clever that they decided to form a "progressive" consensus: feet no more
The Evolution of Microsoft's War on GNU/Linux
13 sins
OFTC Has Just Culled About a Third of Its Online Users
It's not the first time they purge or force offline many people/bots
My New Desk Arrangement (and More Breaks From the Keyboard)
all in all yesterday I devoted 4-5 hours to redoing and shuffling stuff
Central Staff Committee of the EPO Opposes Abuses Against EPO Staff, Challenging SuccessFactors Stunts
Europe became institutionally colonised
Gemini Links 22/05/2025: "Conspirituality" and Visiting One's Old University
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, May 21, 2025
IRC logs for Wednesday, May 21, 2025