xml

OpenOffice / OpenDocument and MS Office 2007 / Open XML security

Interesting paper from the PacSec 2006 security conference: OpenOffice / OpenDocument and MS Office 2007 / Open XML security (PDF)

Not too surprising when you come to think of it, there are tons of possibilities to embed various kinds of malware in the new office document formats. Also, you always have the risk of leaving sensitive metadata in there... If you publish stuff, you better convert to PDF before. But even that might leave sensitive data in the PDF, mind you!

Oh, and one nice detail you might enjoy:

  • OpenDocument specification: 700 pages
  • Microsoft's Open XML specification (final draft): 6036 pages!

And that doesn't even describe all of the format (e.g. VBA macros are missing)! No further comment required...

OpenDocument Format now published as ISO Standard

Ladies and gentlemen, please welcome with me ISO/IEC 26300:2006, the freshly published OSI standard, better known as OpenDocument Format (ODF).

(via Slashdot)

OpenDocument Format (ODF) Approved by ISO/IEC Members

Yay! The OpenDocument format (ODF) has now been approved by ISO/IEC members.

For the uninitiated, ODF is

an open XML-based document file format for saving and exchanging editable office documents (including memos, reports, and books), spreadsheets, charts, and presentations. OpenDocument was developed as an application-independent file format by OASIS (Organization for the Advancement of Structured Information Standards), a vendor-neutral standards organization.

ODF is currently employed by OpenOffice 2.0, KOffice, Abiword, and tons of other applications. Lots of other office suites and programs will likely follow. The recently formed ODF Alliance now has more than 150 member organizations.

On a related note: the proposed IEEE 802.11n working draft was not yet approved by the IEEE 802.11 Working Group...

(via Nico Golde)

Syndicate content