Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Possible Manipulation of OOXML Process In Poland

kdawson posted more than 6 years ago | from the politicizing-the-technical dept.

Microsoft 94

michuk writes "IBM's representative for KT182 (the committee empowered to vote on OOXML in Poland) accused the committee's chair of intentionally manipulating the process. A letter from the president of the body overseeing KT182, sent a month ago to the committee chair for distribution to all committee members, was never distributed. The letter recommended that, if consensus were not achieved on the OOXML vote, then Poland should abstain. This follows up my recent report on the OOXML process in Poland (also covered by Groklaw), it looks like things are going bad this time, at least as bad as in October." The EU is already investigating the Polish process based on complaints last fall. Is anyone tracking all of the allegations and investigations surrounding OOXML?

Sorry! There are no comments related to the filter you selected.

Actually (0)

Anonymous Coward | more than 6 years ago | (#22892560)

IBM forgot Poland.

Gaotse is dieing (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22892588)

Another crippling bombshell hit the already beleaguered goatse [twofo.co.uk] community when netcraft kept to the facts and looked at the numbers.

You nerdy faggots love it.

goatse may be dying but (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22892672)

A true American Icon is already dead:

EGG McMUFFIN INVENTOR: DEAD AT 89

A Moment of silence, please, a moment of silence.

Same in Germany (5, Interesting)

am 2k (217885) | more than 6 years ago | (#22892592)

Heise reports that the vote process in Germany was manipulated, too, although on a more obvious level:

link [heise.de] (German only, sorry)

The members of the German institute for norms (DIN) were basically unable to vote "no", only "yes" and "abstain" were allowed.

Re:Same in Germany (3, Informative)

nxsty (942984) | more than 6 years ago | (#22892766)

link (German only, sorry)

Translation: http://tinyurl.com/2olcx4 [tinyurl.com]

Re:Same in Germany (5, Informative)

Colin Finck (1147019) | more than 6 years ago | (#22893436)

NoOOXML.org has an english story about the vote in Germany: http://www.noooxml.org/forum/t-49525/limited-choice-at-german-din [noooxml.org]

In addition to being unable to vote "no", some people changed their vote under pressure from "abstain" to "abstain to the DIN vote".
This way, the final DIN vote resulted in a "yes".

Same thing on Slashdot voting (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22892690)

Gentlemen: myself and the people I represent are now, and always have been a big supporter of Cowboy Neal. Most of the Slashdot poll questions also contain a "Cowboy Neal" option. As such, my colleagues and I have met and agreed that if the Slashdot community cannot agree on the Cowboy Neal option on the next poll, then I, Anonymous Coward, will NOT vote. Yes, I know this is a drastic action, but that is how we feel. By the way, did you know that Cowboy Neal is Polish?

TDz.

OOXML - OpenOffice XML? (4, Informative)

should_be_linear (779431) | more than 6 years ago | (#22892722)

Format name itself is cheating and (deliberately) confusing, to begin with.

Re:OOXML - OpenOffice XML? (2, Informative)

loftwyr (36717) | more than 6 years ago | (#22892854)

It's actually Office Open XML

Re:OOXML - OpenOffice XML? (1)

Anonymous Coward | more than 6 years ago | (#22893142)

Still deliberately named to confuse. If there's one thing Microsoft can do well, it's marketing.

Re:OOXML - OpenOffice XML? (1)

KDR_11k (778916) | more than 6 years ago | (#22893662)

Yes but supposedly even Microsoft is confused by that sometimes.

Re:OOXML - OpenOffice XML? (0)

Anonymous Coward | more than 6 years ago | (#22899722)

It's actually "Office" "Open" "XML"

there. fixed.

Re:OOXML - OpenOffice XML? (0)

Anonymous Coward | more than 6 years ago | (#22903290)

That's the OP's point.

Re:OOXML - OpenOffice XML? (0)

Anonymous Coward | more than 6 years ago | (#22894144)

There is no such thing as "OpenOffice". The name is "OpenOffice.org". Since "OOo" isn't a substring of "OOXML", there is no confusion.

And MikeRoweSoft? Lindows? (0)

Anonymous Coward | more than 6 years ago | (#22894348)

n/t

Re:OOXML - OpenOffice XML? (0)

Anonymous Coward | more than 6 years ago | (#22894350)

and you really believe that?

Re:OOXML - OpenOffice XML? (1)

maxume (22995) | more than 6 years ago | (#22894334)

I'm pretty sure Open Office was named well after Microsoft Office. That's seems to be pretty similar to what you are complaining about. Microsoft probably would have been well served to have used a less generic name, but the virtues of naming such a produce 'Office' are evident in its widespread use.

Re:OOXML - OpenOffice XML? (1)

paving-slab (893290) | more than 6 years ago | (#22895722)

...That's seems to be pretty similar to what you are complaining about...

Not really.

Microsoft Office
Open Office

- not confusing.

Office Open
Open Office

- confusing

Why do you think Microsoft left the word Microsoft out of the name?

Re:OOXML - OpenOffice XML? (1)

maxume (22995) | more than 6 years ago | (#22895848)

Microsoft used a generic name so they don't have much to complain about, but I imagine that leaving Microsoft out of the name was more about Office branding than it was about encouraging people to conflate their standard with something called "Open Document".

Re:OOXML - OpenOffice XML? (1)

paving-slab (893290) | more than 6 years ago | (#22896098)

Microsoft used a generic name so they don't have much to complain about...
You're right, Microsoft don't have anything to complain about, they did it on purpose.

...leaving Microsoft out of the name was more about Office branding than it was about encouraging people to conflate their standard with something called "Open Document".
I don't think so, their office software is already branded, MOXML would have complimented that branding.

There we go again (0, Offtopic)

Djatha (848102) | more than 6 years ago | (#22892734)

There we go again; the software industry is seriously rotten. Why don't we hear outcries from the general public, politicians, and others? Why can this go on and on without any obstruction?



Software is becoming more and more important, computer technology is everywhere and our dependency is growing ever still. We should take back our responsibility and say just no. Plain and simple. We should free our information, free ourselves from corrupt mega corporations and governments.

Re:There we go again (1)

lorenzo.boccaccia (1263310) | more than 6 years ago | (#22893268)

Isn't in the very idea of capitalism to go for the cheapest good that will fulfil the task? Given the prerequisite, corporations and aggregates are in the dna of the capitalistic system. The only correct reaction in the current system is to correct behaviour by law. How could this done, transcend my knowledge: political power is tightly coupled with money power - the bigger the nation, the costlier the political career. Seems to me that democracy and capitalism could not blend very well.

I hate to write it... (-1)

motek (179836) | more than 6 years ago | (#22892802)

...but the original poster appears to be a nut, and a highly militant one at that.
Here is a free piece of advice: calling committee members (which actually bothered to show up) corrupt while a voting process is ongoing only polarizes situation and only makes any consensus more distant. I don't know what is the political culture in Poland. Maybe offending opponents is a part of it. But then (based on my valuable advice) Mr Musieluk can just start a new, and better, culture right here. A counter-culture, if you will. All one needs to do is to convince these members opposing the new standard (he writes there is a strong opposition) simply to show up and vote 'no'. This should do the trick, right?

Re:I hate to write it... (0, Troll)

Anonymous Coward | more than 6 years ago | (#22893010)

I don't know what is the political culture in Poland.
I don't know, and from what I've seen of polack's most of them don't neither.

No smoke without fire... (2, Insightful)

zappepcs (820751) | more than 6 years ago | (#22893166)

so they say, and there sure is a lot of smoke surrounding this standards voting process. There must be some fire somewhere, and using Occam's razor in connection with the history of Microsoft business practices and I'd put money on the 'Microsoft is perverting the process' side of the bet.

PJ seems to think that what is happening 'not quite normal' and right now, if PJ says it, it's good enough for me. Her reputation is several orders of magnitude better than Microsoft's, to be kind to Microsoft.

Sure, perhaps the Poles do muck things up now and again but it's not *just* the poles. Things are 'not quite normal' with this process the world over.

If it were up to me (yeah right) now that there is so much mess, I'd say it will never be a standard until there is > 85% support for it to become one, and all dissenting voices' questions MUST be answered in full and to the satisfaction of > 85% of the voting body. I'd take the cat and mouse politics out of it so that there no longer remains any doubt about the politics pushing a bad standard or not.

Wanted: standardization decision-making standard (4, Insightful)

Adaptux (1235736) | more than 6 years ago | (#22892836)

IBM's representative accused the committee's chairman of intentionally manipulating the process.

The problem with this kind of accusations is the lack of clearly-defined norms regarding how the process is supposed to be run.

Unbiased observers exist only as a theoretical approximation, not in practice, anyway. The next problem is that it is quite natural for any chairperson to see one side as the aggressior and the other side as the victim, based upon which it is quite natural for just about every decent-minded person to want to help the victim. The problem in this conflict is that both sides are making arguments to show themselves as the victim, while very few people are have the skills and knowledge to determine on the basis of objective moral criteria (which are relevant in this complex situation involving technology as well as economics), so that for most people it will again depends on their bias whom they will see as the aggressor and whom they will see as the victim.

The only way out is to have more formalized, standardized processes for dealing with conflict situations so that the chairpersons don't have vast amounts of power to interpret the rules to favor the outcome which they personally think is right.

Re:Wanted: standardization decision-making standar (2, Informative)

Ubik (67231) | more than 6 years ago | (#22896022)

The chairperson deliberately hid a letter from the Polish Committee for Standardization (PKN)President, asking all members of the voting committee to change their vote to abstain as no national consensus was reached.

As the information about it came back to the PKN's President he decided to publish his letter on the PKN's website - http://www.pkn.pl/?pid=list_kt182&cid [www.pkn.pl] (polish only).

The UK appears to be voting 'yes' (5, Interesting)

Alain Williams (2972) | more than 6 years ago | (#22892870)

It looks as if the UK is going to do the same, in spite of the technical committee being against it.

I sent the following yesterday to:
Mike Low <mike.low@bsi-global.com>
Jean Stride <Jean.stride@bsigroup.com
Adrian Stokes <Adrian.Stokes@cat-ltd.demon.co.uk>

I have not received a reply.

UKUUG is seeking a member who will represent them on the tech advisory committee as our current rep no longer has the time.

**** email sent ****

I am writing is my capacity as Chairman of the UKUUG [ukuug.org] (UK's Unix & Open Systems User Group).

I was appalled to hear it rumoured that the BSI is intending to approve the fast tracking of the
Microsoft sponsored OOXML format (DIS29500) while there are still so many outstanding questions
about the draft standard. In this letter I make no comment about the long term suitability
of OOXML as an ISO standard, my main issue today is that fast tracking it is wrong.

An ISO standard should be well defined and capable of multiple independent implementations.
The whole point is to allow users of the standard to have products from different vendors
work together just as well as a product from a single vendor. If an ISO standard is
insufficiently precise to allow this then the reputation of ISO as a standards setting
body will suffer severely; with a consequential effect on International trade.

With this in mind, if BSI approves the fast tracking of OOXML it will do severe damage
users' confidence in standards in general and to the reputations of those organisations
who have approved this broken standard: BSI and ISO.

Technical people will regard standards less highly leading to a long term
erosion of use of standards. Do you personally want to be responsible for this ?

I thought that BSI meetings were open, but now find that they are secret. I find this
astounding, it makes me wonder what really happens in those meetings. Will you publish
unedited minutes and allow independent observers in the future ?

The last time that this was aired in public, I remember a BSI member commenting that the number
of comments about this was unprecedented. This shows that there is a great public interest
in this issue and that fast tracking would not meet public approval; people will wonder
who you represent and whose interests you serve.

On the standard itself: I am aware that some of the problems have been addressed, but that
there are large numbers of other ones that are still contentious. There are many parts
that are not properly defined. For these reasons OOXML is not fit for purpose as it stands.
It is possible that these problems may be fixed by the standard being fully discussed,
IE the fast tracking is not appropriate for OOXML.

I call on BSI to act in the interests of the UK public and say 'No to fast tracking of OOXML'.

If I can be of any assistance, please do not hesitate to contact me.

Regards

Re:The UK appears to be voting 'yes' (1)

Zaiff Urgulbunger (591514) | more than 6 years ago | (#22901626)

There's a mention here in the register [theregister.co.uk]

Quote:
"
Liberal Democrat MP John Pugh has tabled a parliamentary question expressing his disappointment at the BSI's apparent change of heart: "I am deeply concerned that some national bodies have considered approving DIS29500 'in their national interest'. It is not in the interest of the UK or any other country for DIS 29500 to be published as an international standard in its present form as there are a significant number of unresolved issues, including incompatible licensing conditions, single vendor interest and control as well as those other factors uncovered since the original comment period closed." He concludes by urging the BSI not to change its stance on OOXML.
"

Given how the process seems closed, I wonder how Microsoft could've/would've approached... [ahem]... ensuring the "correct" decision was made?

Re:The UK appears to be voting 'yes' (1)

seanellis (302682) | more than 6 years ago | (#22914574)

Here's my shot at fame and stardom...

---

Mr. Low, Mrs. Stride, Mr. Stokes,

In recent days, it has been reported that the BSI is likely to approve DIS29500 (OOXML) for ISO fast-track approval.

As a previous and current participant in international standards processes, I would like to convey my disappointment in this decision. The BSI's raison-d'etre is to promote and protect British interests in the software world, and I fail to see how adopting OOXML does this.

OOXML is simply too large, and has too many technical difficulties, for it to be fast-tracked like this. I could go on about specifics, but I am sure that, by now, you are all too familiar with the chorus of dissatisfaction. I note particularly that even the originator of the specification has not demonstrated a working implementation.

Apart from the technical problems, there are a whole slew of political and legal problems associated with it, none of which work in favour of the British IT industry. The Open Specification Promise which applies to OOXML seems to be very narrowly worded, and effectively excludes whole classes of implementation (ones with extensions, for example). The "ownership" of the specification by ECMA, rather than ISO, can also be used to ensure that the only up-to-date working implementation is one from Microsoft.

Add to this the egregious abuse of the standards process in Finland, Germany, Croatia, Norway and Poland, and I would say that a "no" vote is Britain's only defensible position.

Of course, if the leaks and speculation are false, and the BSI intends to vote "no", then please accept my apologies for wasting your time. However, I feel that this is important enough that not to act would be a failure on my part.

Yours,

Sean Ellis
[address elided]

Poland? Just the regular chaos (3, Interesting)

jw3 (99683) | more than 6 years ago | (#22892906)

Naaah, I think that this is not intentional. It's just the typically polish manner of doing things: let them drown in the chaos. Do you know that our former prime minister stated recently (http://blog.wired.com/gadgets/2008/03/official-polish.html [wired.com] ) that he opposes the idea of voting over internet because people use internet mostly to watch pornography while drinking beer and voting should be a serious issue? And our president doesn't want to sign a treaty that he himself has designed a few months ago? (details:http://www.eubusiness.com/news-eu/1205847121.22/ [eubusiness.com] )

I mean, come on. Don't take them seriously. The person responsible for distributing the e-mails will be sacked (just in a few months).

Re:Poland? Just the regular chaos (3, Informative)

qazsedcft (911254) | more than 6 years ago | (#22893426)

...or that the president used pictures of a Canadian gay marriage in his speech on national television for homophobic propaganda purposes, and then denied being aware of it.

Yeah, politics in Poland are more than just a little fucked up. Same as usual.

Re:Poland? Just the regular chaos (0)

Anonymous Coward | more than 6 years ago | (#22894036)

The person responsible for distributing the e-mails will be sacked
Obligatory Monty Python quote: The person responsible for distributing the e-mails has been sacked. Those responsible for sacking the people who have just been sacked have been sacked.

Re:Poland? Just the regular chaos (2, Insightful)

rbanffy (584143) | more than 6 years ago | (#22894970)

"he opposes the idea of voting over internet because people use internet mostly to watch pornography while drinking beer and voting should be a serious issue"

I oppose the idea of voting through the internet because it would be a nightmare to ensure the confidentiality of the votes, to say nothing about the accuracy of the whole process.

Having been part of the development team of one of the Brazilian electronic voting ballots I can tell there is a very thick layer of regulations, protocols and processes around the physical device that have to be followed carefully and audited independently in order to make it about as secure as a paper ballot while preserving its practical advantages like the almost instantaneous election results.

The very idea of being able to vote by phone of by a home computer connected to the internet horrifies me.

delegate from Brazil discloses BRM (5, Informative)

walterbyrd (182728) | more than 6 years ago | (#22893136)

Also on groklaw:

http://www.groklaw.net/article.php?story=20080328090328998 [groklaw.net]

"Jomar Silva, a delegate from Brazil, which voted No, has now done what he said he would do and has posted what he saw and heard at the BRM. It is a deeply shocking tale of maneuvering the delegates to vote against their will by presenting a kind of Sophie's Choice of options, all designed, according to what I gather from his account, to get a positive result for Microsoft."

Why didn't OpenOffice sue? (3, Insightful)

phoenix.bam! (642635) | more than 6 years ago | (#22893154)

This seems like pretty big trademark infringement. All the stories I see it is easy to confuse OpenOffice's xml format and Office Open XML format. Isn't the entire point of trademark to guarantee consumer confidence in the brand they are using? Someone know of a release by the OpenOffice team as to why they haven't brought a lawsuit about?

No danger of confusing similarity (4, Funny)

OmniGeek (72743) | more than 6 years ago | (#22893392)

See, the name isn't EXACTLY the same, so trademark infringement would require the danger of "confusing similarity" in the minds of the target market. Now, anyone with two brain cells to rub together can easily tell that the two are nothing alike; the Open Document Format used by OpenOffice.org is exactly that - a high-quality, open document format - whereas OOXML is a massive pile of bovine waste products.

No one with a good understanding of the situation could EVER mistake OOXML for EITHER a high-quality format OR an open format. See, it's quite elementary! ;-)

Re:No danger of confusing similarity (1)

KDR_11k (778916) | more than 6 years ago | (#22893706)

Trademark confusion is about the label on the box, not the content. You get a box that you think contains openoffice and only when you look inside do you realize it's actually something else.

Re:No danger of confusing similarity (1)

richlv (778496) | more than 6 years ago | (#22893958)

what about lindows or lin---s ?

List of irregularities on NoOOXML.org (4, Informative)

pieterh (196118) | more than 6 years ago | (#22893362)

NoOOXML.org has been actively reporting on the process and tracking irregularities [noooxml.org] since last June or so. The list is very long and we're still collecting information.

Re:List of irregularities on NoOOXML.org (0)

Anonymous Coward | more than 6 years ago | (#22894304)

These are the September 2007 irregularity

grrrr. (4, Interesting)

apodyopsis (1048476) | more than 6 years ago | (#22893398)

deeply flawed meetings with deeply flawed decisions about a proposed deeply flawed standard that exisits solely to further the commercials aims of one particular company.

in the meantime it risks destroying the credibilty of a mahor standard body (to further the commercial aims of one company).

and, of course, it reduces the possible impact of a simpler, superior standard (to further the commercial aims of one company).

the more I read about this the madder I become.

there is an old saying if it walks like a duck, looks like a duck and quacks like a duck then it is probably a duck. the simplest explanation in all cases points beck to some seriously disturbing manipulation by one particular company - and the brazen bare faced manor in which it is done is simply breathtaking. sure there is nothing *illegal* in padding up membership of committees to get the votes that you want - but by any measure it is underhanded and a dirty tactic.

Re:grrrr. (2, Funny)

TropicalCoder (898500) | more than 6 years ago | (#22893932)

deeply flawed meetings with deeply flawed decisions about a proposed deeply flawed standard

I am deeply concerned about this...

money buys the world - and ISO (5, Insightful)

Tom (822) | more than 6 years ago | (#22893400)

If I had 1% of every dollar that changed hands from microsoft to some member of some national standards comittee over the past weeks, I'm pretty certain I could stop working - for life.

It is obvious that the whole process has been abused. If ISO were still capable of reasonable action, they would halt the entire process and conduct a thorough investigation before continuing.

Alas, as ISO is a comittee-driven organization, and too many of the comittee members have been bought, excuse me "convinced", to be a little more microsoft-friendly, that won't happen.

Re:money buys the world - and ISO (1)

xophos (517934) | more than 6 years ago | (#22903356)

1% ? You must have some expencive habits! ;-)

Microsoft == big $ == corruption ? (2, Interesting)

ALB1 (1042772) | more than 6 years ago | (#22893402)

I did not read the OOXML proposal, I understand that there has been numerous remarks on the technical ground only. Those comments have been partly addressed by Microsoft and therefore another round of discussion on this proposal is in order.

What astounds me is that there is so much shadowness, hidden agendas, personal interests, overt corruption and manipulation in the process! I mean, what do these people evil people think will happen if OOXML becomes an ISO standard? Do they have vested interests in Microsoft Corp.? Do they have shares in software companies making OOXML editors? Do they think that Microsoft will send them big crates of dollars (the greenback being so low, I don't know what people outside U.S. would do with that) if they 'win'?

What will happen if OOXML becomes a standard? Won't there be any more choice for individual governments to choose their own computer format for exchanging documents? ISO will only have one more reference in its catalog, and everybody will move on?

The only thing I am very looking forward is for prosecutors to investigate the interests I was talking about earlier, find who is behind it, and go berserk on his/her/their ass(es).

Re:Microsoft == big $ == corruption ? (0)

harlows_monkeys (106428) | more than 6 years ago | (#22893828)

I did not read the OOXML proposal, I understand that there has been numerous remarks on the technical ground only. Those comments have been partly addressed by Microsoft and therefore another round of discussion on this proposal is in order

Why should the rules be different for OOXML? Other standards, including ODF, were approved with numerous technical comments only partly addressed. That's the normal procedure. The remaining issues get addressed in future versions, after people have experience using the standard.

Re:Microsoft == big $ == corruption ? (3, Insightful)

TropicalCoder (898500) | more than 6 years ago | (#22894064)

Why should the rules be different for OOXML?

Indeed, why should the rules be different OOXML? You raise a good point. I heartily agree with you. OOMXL should have taken the same route through the rigorous standards process that ODF was subjected to, instead of being placed on the totally ineffective fast-track process with the preferential treatment it was given.

Re:Microsoft == big $ == corruption ? (1)

harlows_monkeys (106428) | more than 6 years ago | (#22894734)

I take it you haven't looked at the questions raised during ODF's speedy trip through ISO, and how many were addressed by putting them off for a future version?

Re:Microsoft == big $ == corruption ? (0)

Anonymous Coward | more than 6 years ago | (#22901896)

ODF was submitted via the PAS process, OOXML was submitted via the Fast Track [robweir.com] .

By saying they both had remaining issues you make the errors seem somehow comparable. ODF was approved through PAS that allowed review and stability. OOXML is using Fast Track as a development process and there's significant security and technical errors. There's no comparison between quality here, I assure you.

FIPS-151 (3, Interesting)

argent (18001) | more than 6 years ago | (#22893926)

Microsoft has a history of satisfying standards on paper in ways that are completely useless for anyone to actually use. Remember FIPS-151? It was supposed to make an easily implemented open operating system API (POSIX) a requirement for US federal government computing systems. Microsoft's implementation of POSIX allowed them to pass that checkmark, but it wasn't actually useful because they restricted POSIX-using applications. Even IBM's mainframe operating systems had more useful POSIX implementations than Microsoft.

Bad implementations of standards prevent the adoption of real standards.

Ironically this bit them later on, so they ended up buying a company (Softway Systems) that had extended the POSIX subsystem and removed the restrictions because they actually found they needed a working POSIX environment themselves. This totally bailed them out after they had twice failed to convert Hotmail from FreeBSD to Windows NT.

Others manipulation (5, Informative)

Anonymous Coward | more than 6 years ago | (#22893416)

0) Bill Gates contacted the president of Mexico and ask to approve ms-ooxml
http://www.groklaw.net/article.php?story=20080327104739103 [groklaw.net]

1) Finland change is vote from Abstention to Yes without voting
http://www.groklaw.net/comment.php?mode=display&sid=20080327104739103&title=Finland+Changes+Vote+to+%26quot%3BYes%26quot%3B+after+Questionable+%26quot%3BConsensus%26quot%3B&type=article&order=&hideanonymous=0&pid=682930#c682940 [groklaw.net]

2) Polish NB Chairwoman has changed the voting rules for the email ballot to "If you don't vote, it is counted as a YES", and she has threatened to sue committee members if they spread accusations
http://www.noooxml.org/forum/t-49455/polish-chairwomen-distributes-microsoft-propaganda [noooxml.org]

3) Romania voted Yes. There is strong suspicion of ballot-stuffing and the Romanian Standardization Organization has so far refused to offer any information other than the vote distribution.
http://www.noooxml.org/forum/t-49319/romania-votes-yes-again-ballot-stuffing-lack-of-transparencyro [noooxml.org]
http://www.noooxml.org/forum/t-47722/last-minute-committee-stuffing-in-romania [noooxml.org]

4) Cuba voted No in September but that its vote was counted as Yes
http://www.groklaw.net/article.php?story=20080324121844682 [groklaw.net]

5) Brazilian representative alleges that he believes Microsoft has itself violated the "Law of Silence". It relates to Microsoft's claim that 98% of issues were resolved at the meeting, which he says is inaccurate, but his question relates to why Microsoft can talk about the BRM and no one else can. The Brazilian delegate has written to ITTF
http://www.groklaw.net/article.php?story=20080324220213437 [groklaw.net]

6) Belgium: Yes man invade Technical Committee
http://www.noooxml.org/forum/t-48345/belgium-also-stuffed-with-microsoft-business-partners [noooxml.org]

7) Pakistan and Egypt stuffed?
http://www.noooxml.org/forum/t-48053/pakistan-and-egypt-stuffed [noooxml.org]

8) USA: The Yes men are back for voting in the United States. OOXML was adopted 17 votes against 4, thanks to Microsoft and their 11 Business Partners.
http://www.noooxml.org/forum/t-46044/committee-stuffing-also-in-the-united-states:11-microsoft-business-partners [noooxml.org]

9) German vote Yes: only Yes and Abstain vote admitted. Without very strong pressure from Microsoft Germany would have voted "ABSTAIN", with 9 to 8.
http://www.groklaw.net/article.php?story=20080327231223154 [groklaw.net]
http://www.noooxml.org/forum/t-49525/limited-choice-at-german-din [noooxml.org]

10) Sweden: the vote is annulled because one member vote two times. No new vote will be cast because there are no time for a new vote (sorry no-link)

11) ISO has violated WTO rules accepting ms-ooxml as possible standard. Tineke Egyedi, president of the European Academy for Standardisation, is critical of OOXML being made a standard when ODF exists already, and she believes duplicative standards conflict with WTO rules
http://www.groklaw.net/article.php?story=20080327170359776 [groklaw.net]

Re:Others manipulation (1, Informative)

Anonymous Coward | more than 6 years ago | (#22894784)

Big MS Victory Already (4, Insightful)

Tom (822) | more than 6 years ago | (#22893486)

Actually, when you think about it, it's a win-win situation - for microsoft.

Either, they get OOXML force-fed to us all, damaging ODF.

Or, their methods will corrupt and destroy faith in the standards process itself. Now ask yourself what one important backbone of Free Software is. That's right - standards. Interoperability is why Free Software can work with each other and we can build global systems out of it.

So, in either case, MS has successfully damaged an important asset of those they consider their enemies. They can't lose.

Re:Big MS Victory Already (1)

KDR_11k (778916) | more than 6 years ago | (#22893802)

IMO standards are an asset of the people and an individual doing great damage to the people deserves having the people do great damage to it. I really have very little tolerance for individuals who damage a common good for personal gain. Waterboard 'em.

Re:Big MS Victory Already (5, Insightful)

rtb61 (674572) | more than 6 years ago | (#22893888)

Actually they can and are losing, they are being exposed as a blatant corrupt corporation, willing to destroy any business, government organisation, international standard, or individuals in order to maintain and extend their monopoly.

This overt criminal behaviour will force regulators to come down hard on M$ where and when ever they can.

It also makes it impossible for governments or government departments to recommend M$ software with out being also being seen as corrupt.

Yet again M$ is doing more damage to itself then FOSS ever could.

Re:Big MS Victory Already (5, Interesting)

Temujin_12 (832986) | more than 6 years ago | (#22894562)

Actually they can and are losing, they are being exposed as a blatant corrupt corporation, willing to destroy any business, government organisation, international standard, or individuals in order to maintain and extend their monopoly.
I've been following this whole process for 6 months now and I have to say that this was the final straw for me.

I have already vowed to never use Vista (XP is the last MS OS for me). But this has pushed me over the edge. I have a few Windows programs that I really enjoy using that don't work in Wine, but I don't care any more. MS will not only never get another cent of my money but I am going to purge them completely from my life. Over the next few weeks I am going to remove XP from my computer (100% *nix now), never use the Office suite (Open Office and IMAP), and look for opportunities to inform others about their choice in OS and software.

I'm not alone either. As I've been tracking this I've been politely forwarding information to friends and family, several of which have started expressing interest in using *nix or other MS alternatives. My wife, who runs her own business, has now stated that as soon as professional Adobe products are ever available on *nix platforms then she will remove MS as well (she already chooses Thunderbird/Lightning) over Outlook. My children are more familiar with a *nix system than they are Windows system (my son loves the Tux suite of games as well as Gcompris).

My efforts are just a drop in the sea, but my immediate friends and family are now at least are aware of the choice they have. And I think that this realization of choice is what MS fears the most.

Re:Big MS Victory Already (1)

Tom (822) | more than 6 years ago | (#22896986)

My wife, who runs her own business, has now stated that as soon as professional Adobe products are ever available on *nix platforms
They are. The Unix(tm) in question is OS X 10.5

Time to put your money where your mouth is.

Re:Big MS Victory Already (1)

Temujin_12 (832986) | more than 6 years ago | (#22897158)

Good point. Sometimes I forget that OSX is built on a Unix core. Next time design machines are due for an upgrade I'll mention that.

Re:Big MS Victory Already (1)

pallmall1 (882819) | more than 6 years ago | (#22899024)

Sometimes I forget that OSX is built on a Unix core. Next time design machines are due for an upgrade I'll mention that.
You might want to consider that Apple voted in favor of OOXML [computerworld.com] .

Apple is very committed to the vendor lock-in strategy.

Just like the ISO.

Re:Big MS Victory Already (4, Interesting)

TropicalCoder (898500) | more than 6 years ago | (#22894584)

I believe that Microsoft has miscalculated. I am sure they developed their strategy a long time ago when they decided to embark upon this misadventure with OOXML. At that time, "standards" was a pretty obscure and esoteric topic that few people besides the experts ever considered. Of course they must have calculated that they may upset a few people in the regular course of things, but I am sure they never predicted the scrutiny by hundreds of thousands of non-experts the world over as they are receiving now. Who would have?

Corporations, even evil ones, are very conscious of public perception. Why else would they spend millions of dollars on public relations? Make no doubt about it - Microsoft must be very concerned right now about how this has turned out, in regards to the negative publicity and ill will it has garnered. It will be a hollow, Pyhrric victory for them if OOXML gains ISO status.

I have no doubt they may have even factored the cost of potential fines from the EU. What's another billion dollar fine when the stakes of the game for Microsoft are so much higher than that? However, I bet they never figured on the massive outrage that they have generated. That can not be so easily fixed by simply paying a fine and being done with it. On top of their misfortunes with Vista and a pending class action suite and the bad publicity that will bring, they must be very concerned. There is no telling where all this bad karma will lead them. Such uncertainties are very bad for business. Microsoft miscalculated when they embarked on the "Vista Ready" program, and they miscalculated when they embarked up the OOXML campaign. Their leadership is floundering. With threatening technological changes on the horizon like growing storm clouds, they are in navigating in troubled waters without a moral compass to guide them.

Re:Big MS Victory Already (0)

Anonymous Coward | more than 6 years ago | (#22895410)

The EU is already investigating the OOXML voting irregularities, having launched last september an investigation into this matter, as well as to microsoft's practices regarding office.
In the end however, the damage is done, if this vote succeeds, and it seems that's going to happen, ISO will be a complete and utter joke, as someone mentioned @ groklaw.net, I Sold Out.
As for microsoft, the only good thing about this, is that microsoft was/is so desperate to have OOXML approved, that it lost all common sense, and engaged and continues to engage in blatantly criminal behaviour, and doesn't even bothers to cover its tracks, which will make life much much easier for Ms.Nelly Kroes, the EU comissioner for the competition. As for the economic nationalism that will no doubt appear once microsoft gets another huge fine, and perhaps a temporary trade ban, IBM, Sun, Redhat are also american companies...
Just for reference:
http://consortiuminfo.org/standardsblog/article.php?story=20080208082501776/ [consortiuminfo.org]
http://www.informationweek.com/news/showArticle.jhtml?articleID=206106956/ [informationweek.com]

Re:Big MS Victory Already (1)

Tom (822) | more than 6 years ago | (#22897024)

ISO will be a complete and utter joke, as someone mentioned @ groklaw.net, I Sold Out.
I like that a lot.

ISO = I Sold Out

Definitely a keeper.

Re:Big MS Victory Already (0)

Anonymous Coward | more than 6 years ago | (#22895616)

No, they are not. They are exposed, but only in places like Slashdot and Groklaw which are very easy to discredit as den of rabid MS haters. Until this stories hit mainstream media (and they probably won't) nobody that matters (and certainly not MS or government) is going to care.

Don't defend MS here (5, Informative)

UnknowingFool (672806) | more than 6 years ago | (#22893914)

Before someone gets on a rant how we're all persecuting MS, some facts on the matter. OOXML was fast-tracked through the process. That means member countries were only given 30 days to review 6000+ pages of highly technical documentation. After the review, OOXML received a large number of comments. Every proposed standard has issues and OOXML was no exception. Despite a large number of flaws, MS has only vaguely promised to fix them and pushed to make OOXML standard regardless of the issues. They haven't actually fixed them or presented a plan to fix them. Some of the technical major flaws:
  • MS standards instead of approved standards.
    MS uses their own DrawingML instead of SVG, their MS Math instead MathML, Dark Blue is coded as 000080 and not 00008B (SVG and ISO), MS country codes instead of ISO country codes, etc. Some of them are documented; some are not. However none of them are approved standards themselves. This means that in order to use OOXML completely, software must use MS standards. For things like DarkBlue and country codes, this is plain silly. Why should everyone in the world conform to uses MS standards when the ISO standard already exists.

    Also using MS standards excludes any platform/software MS chooses to exclude including Linux, OS X, BSD, etc. For example the recommended format for DrawingML is Windows Meta File(WMF) which is Windows only and there are no plans to port it to another format or platform.

    Besides being anti-competitive, the use of undocumented MS standards can be dangerous. For example, OOXML uses MS hashing and cryptographic functions which are not documented or approved or tested. Are these functions safe and effective? No one but MS knows. Again, there is an existing ISO standard on hashing and cryptographic functions.
  • MS inconsistent nonstandard units instead of standard units.
    OOXML uses units like English Metric Units (EMU) and "twips" (twentieths of a point). While somewhat defined, neither of them conform to any country's known units of measurements. Also in OOXML, different parts uses different units without any explanation. For example, some parts use twips while some parts are defined in points, half points, pixels, etc.
  • Undefined elements
    Many parts of the specification have undefined terms like the style "basicThinLine" (1 pt line?) and "plainText" (ASCII, UTF8?) . If software wanted to render a basicThinLine or use plainText, it would be up to interpretation to what that meant.
  • Inconsistent naming of elements
    XML should be human readable but OOXML is littered with abbreviated, unclear element names like scrgbClr, algn, blurRad, dir, dist, rotWithShape.
  • Poor international support
    Many parts of OOXML are written from a Western viewpoint of languages and customs with little consideration of other cultures. There are numerous examples where OOXML does not support Unicode which means only Latin based languages can fully implement OOXML. This affects all non-Latin based alphabets: Cyrillic (Russian, Belarussian, Ukranian), Middle Eastern (Arabic, Farsi), Asian (Chinese, Japanese, Korean),etc. For example, OOXML does not support RFC 3987 which means no Chinese characters in web addresses. Some functions are Western only: Networkdays() returns Saturday and Sunday as weekends which is true for the US but not Muslim countries.
  • Proprietary Stuff
    autoSpaceLikeWord95, footnoteLayoutLikeWW8,mwSmallCaps, etc. Most of these are not documented. Even if they were, they require emulation of a MS product. That unfortunately brings MS patents. If another software emulated autoSpaceLikeWord95, MS could sue them for patent infringement, and MS has only promised that they will not to sue. Legally, their promises mean nothing, as they can go back on their word at any time.

Re:Don't defend MS here (0)

harlows_monkeys (106428) | more than 6 years ago | (#22894124)

IBM has only promised not to sue over their ODF patents. Sun has only promised not to sue over their ODF patents. If you actually compare the language of all the patent pledged involved with OOXML, and those with ODF, you'll find that they are pretty much the same. Microsoft's and IBM's, in particular, are remarkably close in what they allow and what they disallow. Here are the relevant licenses [nyud.net] on one page, side-by-side, for convenient comparison.

Re:Don't defend MS here (1)

TropicalCoder (898500) | more than 6 years ago | (#22894840)

I understand what you are saying here... while there is no reason for concern about promises not sue on the ODF side, there is deep and well deserved mistrust of any "promises" that come from Microsoft because of their blatant underhanded dealings in the past, for which they have been convicted and fined in courts of law. I agree with you on that.

Re:Don't defend MS here (1)

UnknowingFool (672806) | more than 6 years ago | (#22896150)

IBM has only promised not to sue over their ODF patents. Sun has only promised not to sue over their ODF patents. If you actually compare the language of all the patent pledged involved with OOXML, and those with ODF, you'll find that they are pretty much the same. Microsoft's and IBM's, in particular, are remarkably close in what they allow and what they disallow. Here are the relevant licenses on one page, side-by-side, for convenient comparison.

OOXML has a large number of technical flaws which MS has not addressed but are still pushing forward regardless. ODF addressed many of their issues before becoming a standard. If MS actually fixed most of the issues, most people would not have any issue with approving OOXML. In the case of patents, who would you trust? As far as I know IBM has never threatened Linux developers with ambiguous claims of patent infringement. And MS has a history of promising and not delivering in many aspects from software releases to their agreements with the EU.

Re:Don't defend MS here (1)

harlows_monkeys (106428) | more than 6 years ago | (#22896618)

As far as I know IBM has never threatened Linux developers with ambiguous claims of patent infringement

On the other hand, Microsoft has never ACTUALLY sued anyone over patents. IBM has.

And not just hardware patents. They've sued [ibm.com] over software patents.

Assuming that IBM is just automatically going to be nice, and so letting them get away with a patent license you think is bogus, does not strike me as wise.

Re:Don't defend MS here (1)

UnknowingFool (672806) | more than 6 years ago | (#22897164)

IBM sues Amazon over patents. So what? I never read that they had a promise with Amazon not to sue. They have promised not to sue Linux programmers, and until they do, I believe them at their word. MS has promised not to sue over their patents and at the same time threaten Linux programmers that they are infringing without ever really telling them which patents they are infringing. Do I fully trust IBM? No, but I trust them more than MS. That is the question for me: Who do you trust more?

Re:Don't defend MS here (1)

pallmall1 (882819) | more than 6 years ago | (#22899394)

On the other hand, Microsoft has never ACTUALLY sued anyone over patents.
No, Microsoft uses proxies like SCO to sue others.

Re:Don't defend MS here (1)

AJWM (19027) | more than 6 years ago | (#22897020)

IBM has only promised not to sue over their ODF patents. Sun has only promised not to sue over their ODF patents.

These promises are legally binding. If IBM or Sun were to attempt to sue someone over these (alleged) patents, the defendant could raise the defenses of promissory estoppel and laches.

On the other hand, Microsofts promises to fix MS-OOXML are empty. What are you going to do, sue them if they don't? Similarly, Microsoft's "promise" about not suing over use of their patents to implement MS-OOXML compliant software comes with a long list of conditions, caveats and exceptions, which boil down to them not suing if you're only developing the software for your own amusement, and only then if it's 100% compliant. If you share or sell that software, or actually use it for anything, or it's not 100% compliant, they've reserved the right to sue your ass off.

OpenOffice needs to sue for trademark infringement (2, Insightful)

pembo13 (770295) | more than 6 years ago | (#22894156)

Especially considering that trademarks need to be actively defended. Even Patrick Durusau refers to Microsoft's format as OpenXML. OfficeOpen is just OpenOffice reversed. They are in the same product space. I'm sure Microsoft wouldn't allow an operating system called 'Pro XP Windows'

Typo in the heading (1)

realkiwi (23584) | more than 6 years ago | (#22894454)

Should read "Probable"...

Time for a crazy theory (1, Interesting)

harlows_monkeys (106428) | more than 6 years ago | (#22894668)

OK, this is probably just nuts, and a result of posting in the morning before having any caffeine to boot my brain, but a weird theory just came to mind. I'll present it for the general amusement and ridicule of the Slashdot crowd.

A lot of complaints about OOXML are over things that it did the same as, or better than, ODF. For example, one of the complaints was that it did not fully specify how to do password hashing. But ODF is even less forthcoming in this regard. It just says that you should hash any password you store in the file. It doesn't say what hash you should use, or tell you how to record in the file what hash is used so others can figure out how to process the file. But because of these complaints about OOXML, it now specifies password hashing in enough detail that you can implement it from the spec and referenced documents.

A second example: calendars. OOXML was dinged for not giving a precise reference for each supported it calendar. It just had a list of calendars, and for each a short description. But ODF was even terser. It just, in one sentence, gives a list of the names of the supported calendars, with no reference at all. But because OOXML was dinged for inadequate calendar specs, OOXML now for each gives a precise reference. For example, all you'll find in ODF about the hijri calendar is that one word in that list (and I think there is one example document fragment where it has that word in it). In OOXML now, it says this about the hijri calendar:

Specifies that the Hijri lunar calendar, as described by the Kingdom of Saudi Arabia, Ministry of Islamic Affairs, Endowments, Da'wah and Guidance (Kingdom of Saudi Arabia, Ministry of Islamic Affairs, Endowments, Da'wah and Guidance n.d.), shall be used.
Net result: another place where you have to guess in ODF, but are told in the spec what to do in OOXML.

There are a lot of things like this in there--things where OOXML is now specified much more precisely than ODF. Places where you can figure out from the spec itself what to do, whereas if you are implementing ODF, you have to fall back to looking at OpenOffice source code to see what they did and match it.

And this has had a very predictable effect. A lot of third party programs and sites are starting to support OOXML, whereas ODF doesn't seem to be growing much beyond OpenOffice and the other free office suites. Reading blog entries from people who have tried to implement OOXML and ODF, I see that the OOXML ones are having an easier time. The ODF ones are more likely to run into something that is underspecified or ambiguous (at least if they are sticking to the standard, rather than working from 1.2, which is not a standard yet)

The net result of OOXML being required to clear a much higher bar than any previous document standard is that OOXML has become the most useful document specification. And how did this happen?

The surprising answer: IBM. There has been a lot of technical criticism of OOXML, but also a lot of FUD. And when you look at the FUD, and trace it back, a heck of a lot of it ends up coming from IBM.

Why? The net result of this is to make OOXML better, and to ultimately harm ODF. But IBM wouldn't want to harm ODF...

Or would they? Sun effectively controls ODF. Sun and IBM are competitors, to a greater extent than IBM and Microsoft are competitors. Could IBM have decided that they are not comfortable with Sun's tight reins over ODF? So they started a FUD effort against OOXML, knowing that it would result in (1) OOXML becoming a better spec than ODF, and (2) prompting Microsoft to turn more control over to ECMA than Sun has turned over to OASIS?

To put it succinctly, is IBM trying, in a very roundabout way, to kill ODF?

Re:Time for a crazy theory (1)

spitzak (4019) | more than 6 years ago | (#22895508)

You have got to be kidding.

Your only concrete example is that one of them says what contries "Hijri" is used in and ODF does not?

That might explain some of the 6000 pages that they manage to use about 40 times as many letters to say the same thing by adding words like "specifies that the" and "shall be uesd" and a list of countries that serves ZERO purpose in figuring out what "Hijri" means.

I grant you that ODF is probably a horrible format, but it is obvious that OXML is much much worse.

Re:Time for a crazy theory (1)

spitzak (4019) | more than 6 years ago | (#22895568)

Furthermore ODF referse to another ISO specification to define what "Hijri" means.

And I just tried using the word "Hijri" and that all-so-wonderful list of countries to find out what Hijri means. Guess what: it was INSTANTANEOUS for the word "hijri". A search with that list of countries found a lot of stuff about oil and wars but failed to find a single pointer to how they do their calendar.

Re:Time for a crazy theory (3, Insightful)

UnknowingFool (672806) | more than 6 years ago | (#22895610)

A lot of complaints about OOXML are over things that it did the same as, or better than, ODF. For example, one of the complaints was that it did not fully specify how to do password hashing. But ODF is even less forthcoming in this regard. It just says that you should hash any password you store in the file. It doesn't say what hash you should use, or tell you how to record in the file what hash is used so others can figure out how to process the file. But because of these complaints about OOXML, it now specifies password hashing in enough detail that you can implement it from the spec and referenced documents.

In a standard, you have to be careful in specifying "what to do" as opposed to specifying "how to do it". In the case of password hashing, ODF does not specify which method you should use. It leaves that up to each implementation because each country has different standards. ie. Japan: (MD5, RIPEMD-160, SHA1, SHA256, SHA384, and SHA512),US:(SHA1, SHA224, SHA256,SHA384, and SHA512) . OOXML on the other hand introduces new, never tested, undefined MS-only methods that are required. Are these MS function safe and free of holes? Are they patented (which means you have to pay MS to use them)? No one really knows.

A second example: calendars. OOXML was dinged for not giving a precise reference for each supported it calendar. It just had a list of calendars, and for each a short description. But ODF was even terser. It just, in one sentence, gives a list of the names of the supported calendars, with no reference at all. But because OOXML was dinged for inadequate calendar specs, OOXML now for each gives a precise reference. For example, all you'll find in ODF about the hijri calendar is that one word in that list (and I think there is one example document fragment where it has that word in it). In OOXML now, it says this about the hijri calendar.

Again, same problem. ODF, like a good standard, references other approved standards. OOXML tries to introduce their own standard. For example, the function Networkday() returns Saturday and Sunday as weekends. This is true in Western cultures only. So this function is flawed for Muslim countries for example. But if you accept OOXML, you have to accept a flawed implementation of a function.

A lot of third party programs and sites are starting to support OOXML, whereas ODF doesn't seem to be growing much beyond OpenOffice and the other free office suites.

I don't know about programs in development but ODF has lots of released software that supports ODF. [wikipedia.org] Name one released application that supports OOXML: Not even Office 2007 fully implements OOXML.

Reading blog entries from people who have tried to implement OOXML and ODF, I see that the OOXML ones are having an easier time. The ODF ones are more likely to run into something that is underspecified or ambiguous (at least if they are sticking to the standard, rather than working from 1.2, which is not a standard yet)

One of the main issues with OOXML is that it contained many proprietary Windows-only, undefined APIs. So Windows programmer might use autoSpaceLikeWord95 but really has no idea what it actually does. So many non-Windows programmers may avoid OOXML altogether. That skews your sample.

The net result of OOXML being required to clear a much higher bar than any previous document standard is that OOXML has become the most useful document specification. And how did this happen?

If anything, the opposite is true. OOXML got fast-tracked. ODF did not. ODF approval required that all participating countries approve it. Somehow in the OOXML process, Abstain became Yes in some countries.

There has been a lot of technical criticism of OOXML, but also a lot of FUD. And when you look at the FUD, and trace it back, a heck of a lot of it ends up coming from IBM.

Now this is FUD. Some objections came from IBM. Many came from parties not related to IBM. And these criticisms were technical and logically based. For example, OOXML does not fully support Chinese characters in all aspects. This is not FUD. This is a legitimate concern for anyone using OOXML in Chinese.

Sun effectively controls ODF.

OpenDocument specifications originally started at Sun but Organization for the Advancement of Structured Information Standards (OASIS) consortium controls the standard. This is no different than when AT&T created Unix but The Open Group now controls the trademark and certification.

Sun and IBM are competitors, to a greater extent than IBM and Microsoft are competitors. Could IBM have decided that they are not comfortable with Sun's tight reins over ODF? So they started a FUD effort against OOXML, knowing that it would result in (1) OOXML becoming a better spec than ODF, and (2) prompting Microsoft to turn more control over to ECMA than Sun has turned over to OASIS?

To put it succinctly, is IBM trying, in a very roundabout way, to kill ODF?

For your conspiracy to work, Sun would have to control ODF, which it does not. For the most part, IBM doesn't care if Sun or MS creates the standard. IBM only cares if they can implement the standard. The IBM of today has a lot of their business invested in IT services and this business if only helped by open standards. If OOXML becomes a standard, they cannot compete with MS as MS is the only one that can implement it. For ODF, IBM can compete as they can implement just as well as Sun, Novell, MS, Apple, etc.

Re:Time for a crazy theory (1)

harlows_monkeys (106428) | more than 6 years ago | (#22896436)

In a standard, you have to be careful in specifying "what to do" as opposed to specifying "how to do it". In the case of password hashing, ODF does not specify which method you should use. It leaves that up to each implementation because each country has different standards. ie. Japan: (MD5, RIPEMD-160, SHA1, SHA256, SHA384, and SHA512),US:(SHA1, SHA224, SHA256,SHA384, and SHA512)

So, given a document from Japan and one from the US, both of which contain passwords, how do I know which hash was ACTUALLY used in each document? The standard should tell me how to determine that.

Re:Time for a crazy theory (1)

UnknowingFool (672806) | more than 6 years ago | (#22897080)

There's two issues I have with OOXML's hashing. 1) It mandates that everyone use the MS function regardless of local convention or law, and 2)more importantly, the MS function has never been tested or approved. If OOXML mandated SHA1, that would be different, but it mandated MS only functions.

Re:Time for a crazy theory (1)

harlows_monkeys (106428) | more than 6 years ago | (#22938790)

I just had a chance to take a look at the OOXML spec for this, and it does no such thing. It specifies that you can use MD2, MD4, MD5, RIPEMD-128, RIPEMD-160, SHA-1, SHA-256, SHA-384, SHA-512, or Whirlpool.

Re:Time for a crazy theory (1)

UnknowingFool (672806) | more than 6 years ago | (#22942640)

Open Office XML Part4, Section 2.15.1.28 Document Protection:

When a password is supplied via an application which shall be hashed and stored in this element, that process shall be done in two stages:

First, the password shall be hashed using the following algorithm:
  • Truncate the password to 15 characters. . . etc.

This section raises an issue with OOXML. On the one hand it clearly defines what the algorithm is to be for password hashing but as you read further, it mentions other hashing methods in defining the element names and values. So at best it's confusing.

Also, I'm not an expert in hashing/cryptography but truncating a password to the first 15 characters seems to me to be a serious flaw in the algorithm as this would force weaker passwords.

Section 3.2.29 workbookPassword (Workbook Password):

Specifies the hash of the password required for unlocking revisions in this workbook. The hash is generated from an 8-bit wide character. 16-bit Unicode characters must be converted down to 8 bits before the hash is computed, using the following logic:

For SpreadsheetML password hash purposes, Unicode UTF-16 input code points are converted to an "ansi" single or double byte code page using the logic defined in the preceding revisionsPassword attribute.

The resulting value is hashed using the algorithm defined below. [Note: An example algorithm to hash the user input into the value stored is as follows: . . .

3.3.1.69 protectedRange (Protected Range)

Specifies the hash of the password required for editing this range. The hash is generated from an 8-bit wide character. 16-bit Unicode characters must be converted down to 8 bits before the hash is computed, using the logic defined in the revisionsPassword attribute of 3.2.29.

The resulting value is hashed using the algorithm defined below.:

This is an example of why OOXML appeared to be rushed. These functions appear to be legacy from Office formats that should have been removed.

this is stupid (1)

ILuvRamen (1026668) | more than 6 years ago | (#22894764)

Not that I trust Poland's postal service or e-mail infrastructure, whichever they're referring to, but I'm sure Microsoft was pulling some BS here. Why don't they just tell Microsoft after all the crap they pulled that they automatically lose?

Whats teh problem? (1)

3seas (184403) | more than 6 years ago | (#22894960)

There was a time when a standard was determined by popular use, not by committee.

Remove the committee and this problem will vanish.

Re:Whats teh problem? (0)

Anonymous Coward | more than 6 years ago | (#22897096)

Holy shit!! I can't believe what I just read.

There was a time when a standard was determined by popular use, not by committee.

Remove the committee and this problem will vanish.

Ummm, you do realize that Microsoft is a monopoly, right?

**rolls eyes**

Extra payment (1)

jasampler (856840) | more than 6 years ago | (#22895912)

If OOXML is approved you will be rewarded, otherwise... well, chairs flying.

Poland (0)

Anonymous Coward | more than 6 years ago | (#22896464)

Oh, come on, it's Poland, what do you expect?

damnit (0)

Anonymous Coward | more than 6 years ago | (#22896606)

As a Pole I can only say "Kurwa ma"

frist 5top (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22897072)

milestones, telling minutes now while not so bad. To the may well rem4in website T4ird, you and Juliet 40,000 other members in the project to

Oops (1)

zobier (585066) | more than 6 years ago | (#22900232)

Maybe they're just pissed that Microsoft forgot Poland.

Who is voting yes to OOXML? (1)

walterbyrd (182728) | more than 6 years ago | (#22901106)

Denmark
http://www.ds.dk/ [www.ds.dk]

Poland
http://polishlinux.org/poland/no-consensus-over-ooxml-in-poland-yet/ [polishlinux.org]

Germany
http://www.google.com/translate?u=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2FDIN-sagt-Ja-zur-ISO-Stan [google.com]
dardisierung-von-OOXML--%2Fmeldung%2F105657&langpair=de|en&hl=sv&ie=UTF8

South Korea
http://osrin.net/2008/03/28/south-korea-votes-approve-for-isoiec-dis29500/ [osrin.net]

Norway
http://www.idg.no/computerworld/article92563.ece [www.idg.no]

I think the USA and the UK are also voting yes, but I don't have any links for those.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?