Few of OOXML's Flaws Have Been Addressed 162
I Don't Believe in Imaginary Property writes "IBM's Rob Weir has done a study on how many flaws were addressed by the OOXML Ballot Resolution Meeting. So far, using a random sampling technique, he has yet to find a flaw that was addressed, making the upper bound a paltry 1.5%. Even so, he's found a number of new flaws, including a security vulnerability: OOXML stores passwords in database connection strings in plain text. At least there were no mistakes on five of the first twenty five random pages he reviewed."
Corruption. (Score:5, Insightful)
Re:Office 2007 (Score:5, Insightful)
The reason MS is bothering with ISO is because a few places have started to require that documents be stored in an ISO defined format.
The problem is that having a true ISO defined format means that you open yourself up to competition, so MS wants to get their format defined as ISO certified without allowing any competition.
Re:Office 2007 (Score:5, Insightful)
The mere fact that there ARE no implementations of OOXML, however, should be a giant, florescent, waving red flag. No standards body should adopt a standard that cannot and will not be implemented by the proposers.
Re:Small bias? (Score:2, Insightful)
Re:Office 2007 (Score:4, Insightful)
Indeed. And the lack of existing implementations makes OOXML all the more inappropriate for the fast track process, which is intended for existing de facto standards, meaning (a) widely implemented and (b) with broad consensus in the relevant field.
Re:Small bias? (Score:5, Insightful)
Yes his company maybe bias in not wanting the format approved, but does that make what he says less true? The facts speak the truth.
What's the point? Who is going to follow this? (Score:4, Insightful)
Re:Office 2007 (Score:3, Insightful)
So he wants security through obscurity... (Score:3, Insightful)
Anyone who claims that it's more secure to obscure the password in a well known and trivially reversible way instead of simply storing it in plain text is not someone I trust to analyze security.
Re:Small bias? (Score:4, Insightful)
So you won't verify anything, or even check, but rather you feel that the exact same thing from someone else would be more true. Essentially, despite the facts, you don't feel the truthiness is sufficient.
By your logic, you may well be right, but you may also just be a shill for Microsoft. I'd be more inclined to believe someone else who didn't have a corporate interesting in picking data points to disparage the argument you'd like to make. Or maybe if you had an argument to make not based on a well-known informal fallacy.
Re:Office 2007 (Score:5, Insightful)
it's not that OOXML is bad, it is that OOXML is broken and MSFT is trying to ram it through anyways. there is nothing there that can't be fixed. MSFT however doesn't want it fixed because OOXML 2010 is just around the corner and it won't be the same as OOXML 2007. Also OOXML 2010 becomes a defaco standard even though it isn't ISO certified since it is marketed as OOXML.
this is how MSFT works if you don't know this then go back and look at the past 30 years of how MSFT treats it's customers, vendors, and slaves.
Implement first, standardize later. (Score:3, Insightful)
MSOOXML is not standard quality (Score:2, Insightful)
The only reason that this thing is considered in ISO is because Microsoft is being so bullish, trying to defend the monopoly.
Standards are not religons (Score:3, Insightful)
Re:Office 2007 (Score:1, Insightful)
Re:What's the point? Who is going to follow this? (Score:5, Insightful)
As with everything MS does it is all about control and money. They have observed the fights that took/are taking place at various governmental and state levels over the mandatory use of an open standard - and they see that it is a threat to their monopoly, hence they have strategised to nullify the problem without giving up any of their control. The whole thing is a rate 10 sham. And if anyone ever wants to know why a lot of people don't trust MS then this is a perfect example of it - the process and the mockery they are making of it is frankly satirical.
Re:Small bias? (Score:3, Insightful)
Nobody is asking you to "believe" anything. Bias does not change facts, and it is a fallacy to suggest that he should be a perfectly impartial critic if he is to be taken seriously. If he makes observations of deficiencies in the format they are just as valid as if they were made by Bill Gates himself.
Double plus bias (Score:1, Insightful)
Remember Peter Torr? He wrote a blog post [msdn.com] not long after Firefox hit 1.0 where he questioned why the Firefox installer was not digitally signed. What he said was completely true - so true in fact that not long after that Mozilla started signing the installer. That didn't prevent few thousand raving lunatics from descending on his blog and calling him a shill and an idiot. To paraphrase you, yes his company maybe bias in not wanting the [browser to succeed], but does that make what he says less true? The facts speak the truth.
So essentially we have situations where the source of income and ulterior motives of one person should not be questioned because the topic is unpopular and everybody knows he must be right. On the other hand we have people whose motives *must* be automatically questioned solely because of their source of income and ulterior motives.
The truth is that Weir should have recused himself from all this a long time ago. That he hasn't done that tells you a lot about him and his employers.
You might argue that Microsoft had all this coming. You might argue that OOXML is not a good standard. You might argue a lot of things, but none of them make IBM's conduct in all this (including the whole ISO thing) any less dishonest.
Re:Small bias? (Score:1, Insightful)
Mod parent up (Score:3, Insightful)
Arguments should be accepted based on their validity and their accuracy. What if Einstein (or any other scientist, for that matter) were not allowed to defend his own theories?
Who else? (Score:5, Insightful)
At what point has IBM been dishonest? Rob Weir is an employee of IBM. They have a distinct interest in making sure that whatever format is approved, they are able to implement it. Therefore, it is in their best interest to make sure it is a good standard. As they have determined that it isn't a good standard, what should they do? Not talk about it?
The fact that his bias is out in the open is perfectly fine, as is the example you give from Peter Torr. That allows people to judge their statements, and account for possible bias.
The problem with Weir recusing himself is this: nobody else seems to be doing this. Nobody else is standing up to a corrupted process, where the intended and stated results are sidelined for political expediency. If it takes one corrupt company to stand up to another corrupt company, then so be it. At least they are standing up to a corrupt company. (Yes, I'd prefer if neither were corrupt.)
Re:Office 2007 (Score:1, Insightful)
In summary, whenever ODF rears its head as a threat, MS want to be able to point to OOXML and say "OOXML is a standard already, and all your people are already using it - you don't need another". They don't care that it's a standard that no-one else will be able to support even if they want to, because they know that most of the people making the actual decisions not only won't remotely understand the technical issues, but also will have no interest doing so - after all, "a standard is a standard, isn't it?". And MS will point to all the "extra" money that moving to a "different" standard will cost. And the guys who understand what total BS the argument really is, and why it means that, say, ten years from now the organisation won't be able to read the documents it produces today, will have a massively difficult job on their hands to even make the execs understand what the arguments are, let alone to actually win them. And meanwhile, MS will carry on raking the money in from their monopoly, and doing whatever they can to keep it that way.