07.09.08

Embargo, Ignore Microsoft-Controlled ISO

Posted in Formats, ISO, Microsoft, Open XML at 1:42 pm by Roy Schestowitz

Killed again by Microsoft’s well-documented corruption

There is not much to add to the news. Andy Updegrove has already offered this fairly detailed analysis.

ISO TMB Recommends Rejection of OOXML Appeals

[...]

A final source of frustration is that despite the fact that one basis for appeal under the Directives is a negative impact to the reputation of ISO/IEC, the document makes almost no response at all to the comments made in this regard. Whether one concludes that ISO and IEC have justifiably or unjustifiably suffered such an impact, I think that it would be hard to conclude that a substantial hit has not been taken.

In my view, ISO/IEC would be wise to acknowledge that fact, and take more intelligent actions to address it. Acting in the open (i.e., publicly releasing documents like this) and acknowledging that those that must live with the results of what ISO/IEC decides are entitled to better answers than they have received to date would be a great place to start.

[...]

At the end of the day, even winning an appeal is cold comfort after the time has been wasted by countless peole around the world, the marketplace has been confused, and the reputation has been tarnished.

Groklaw has posted information as well.

In short, it’s all been a farce, in keeping with the rest of the OOXML processing. ISO thinks there not a thing wrong with the job they did on OOXML, they do not countenance criticism, and if we don’t like it, we can lump it. Or, ISO has decided to go down with the ship. Anyway, stay tuned. It ain’t over ’til it’s over.

“ISO should hang their heads in shame for allowing it to happen.”

–Tim Bray

Earlier on I received the following interesting response from Rex Ballard. ISO has been irrelevant for quite some time in fact — only a hero in its own mind and the perception it bought itself.

---

Message-ID: <2ef3a606-bcc3-4c0d-b82d-371a7a4435bc@b1g2000hsg.googlegroups.com>
From: Rex Ballard <rex.ballard@gmail.com>
Newsgroups: comp.os.linux.advocacy
Subject: Re: Leaked ISO Document Reveals Crooked ISO Amid MS OOXML Corruptions
Date: Wed, 9 Jul 2008 00:19:06 -0700 (PDT)

[...]

This wouldn’t be the first time that the ISO was bought and sold like
a $3 hooker. Dig into the OSI specifications, especially the versions
circulating in the late 1980s and early 1990s, and you can easily see
the work of shills working for IBM, DEC, HP (Apollo), AT&T, IT&T,
Xerox, and several X.25 switch vendors.

The result was a specification that spanned about 65,000 pages, cost
about $150,000 per reader, and was impossible to implement.
Furthermore, the extensions, subsets, supersets, and options pretty
much assured that there would be no interoperability.

As a result, the ARPA/NSF RFC standards, which were freely published,
and were required to be so clear and complete that each RFC could be
implemented by an undergraduate college student, resulted in a set of
standards that became what we now know as the Internet. It was based
on the ARPA Internet, but included the directory services, LDAP,
security, encryption, and other key standards required to handle a
huge network that eventually grew to over 2 billion users.

The IETF did adopt some good ideas from OSI, including LDAP,
tunneling, and Mime types, as well as improvements in e-mail routing,
but even then, the specifications were so clear and concise, that they
could be implemented by undergraduates, eliminating the threat of
patents that would “lock up” the internet, allowing one party to work
against the best interests of the whole community.

One of the key factors in the success of the Internet, was the
availability of Open Source implementations of the protocols and
drivers. BSD Sockets, Lynx, Viola, Mosaic, Mozilla, and Firefox, for
example, made it possible to implement working solutions we now know
as “The Web” and deploy it to millions of Windows 3.1 machines, as
well as Linux workstations, back when Bill Gates and Microsoft were
saying that the Internet would never be a viable network. For almost
2 years, Gates and Windows were under direct threat, because Linux,
Java, and low priced Unix Workstation options, as well as Warp had
already implemented robust internet support, much of which didn’t make
it into Windows until Windows XP (and much of which is still missing
in Windows).

Even when the Internet did become established, Microsoft attempted to
pervert and corrupt these standards. They tried to corrupt HTML by
introducing VBScript and ActiveX controls. The result was a plethora
of viruses, worms, and malware that often adversely affected corporate
networks for weeks, even months, because the Windows PCs spread them
so quickly using these corrupted standards.

Today, Microsoft is trying to do the same thing with OpenXML,
embedding “oleObjectx.bin” objects into zipped documents, making it a
trivial matter for hackers to embed malware in OpenXML documents and
spread them to carefully qualified targets. These documents, when
read, or even previewed, to create, open, read, write, execute, and/or
delete any file on the hard drive, to modify the registry, and to send
or receive content from almost anywhere on the internet that can be
accessed by the user, including VPNs, protected networks, and secured
corporate networks.

The user must trust that proprietary code, known only by a hand-full
of people at Microsoft, hasn’t opened up other back-doors that are
also unknown. Even the so-called “trusted” applications and OLE
objects can’t really be trusted, but they will get circulated to
Banks, insurance companies, politicians, corporate executives, and
other key leaders, giving Microsoft executives direct access to
information that even the FBI, NSA, and DHS can’t get, with the
ability to publish what it finds, and trigger scandals,
investigations, and even corporate collapse of any who oppose the
interests of Microsoft.

Meanwhile, Open Document format, which is much more robustly
documented, and much more secure, has been gaining the support of
major players including numerous government agencies, companies like
IBM, and key players all over the world.

Ironically, the opinion has come full circle. In 1994, people assumed
that only high-priced software like Word, Excel, and PowerPoint could
be trusted, and that Open Source software couldn’t be trusted. Today,
most network administrators are for more concerned about the
consequences of proprietary shareware, proprietary 3rd party software,
and even Microsoft software, because they have discovered that these
are the vehicles used for spreading all sorts of Malware,

Meanwhile Open Source, with it’s public peer review process, has
gained endorsements from the NSA, the FBI, MI5, and numerous other
police, military, and intelligence organizations, many of which have
even expressed that OSS and Linux is “too secure”, making court
ordered wire-tapping into PCs more difficult, sometimes even
impossible.

---

It sums it all up really. █

Permalink  Send this to a friend