Skip to primary content
Skip to secondary content
ConsortiumInfo.org
Search
Sponsored by Gesmer Updegrove
  • Blog
  • About
  • Guide
  • SSO List
  • Meta Library
  • Journal

The Standards Blog

What’s happening in the world of consortia, standards,
and open source software

The Standards Blog tracks and explains the way standards and open source software impact business, society, and the future. This site is hosted by Gesmer Updegrove LLP, a technology law firm based in Boston, Massachusetts, USA. GU is an internationally recognized leader in creating and representing the organizations that create and promote standards and open source software. The opinions expressed in The Standards Blog are those of the authors alone, and not necessarily those of GU. Please see the Terms of Use and Privacy Policy for this site, which appear here. You can find a summary of our services here. To learn how GU can help you, contact: Andrew Updegrove

Post navigation

← Older posts
Newer posts →

Four Points of Interoperability and Adobe

6/04/2006

I had the opportunity last week to not only share a stage with Microsoft's Jason Matusow in Geneva, but also to enjoy dinner with him and some time to chat before that as well.  Jason is a good guy, and I enjoyed the opportunity to kick things around face to face that we've sometimes taken different positions on in our blogs.  Obviously, we have different opinions on the ODF/Open XML debate, but fewer than you might expect (and perhaps fewer than he expected). 

While we were exchanging views on open standards and open source with others at the conference, though, things were apparently falling apart in the ongoing negotiations between Microsoft and Adobe.  Frankly, although there may be more to the story that I don't know, it seems to me as if Adobe is in the wrong on this one.  Adobe wanted its Adobe Acrobat product to become the dominant product in the marketplace for saving documents in a locked format - the de facto standard for creating such documents.  In order to achieve that goal, it allowed aspects of its product to become the basis for what became an ISO/IEC adopted standard, which would involve providing licenses in a non-discriminatory fashion to whoever wanted one.  Once that happened, Adobe is under an obligation to make such a license available to everyone on substantially equivalent terms - which in this case would presumably be free, given that Apple and OpenOffice.org are bundling "save to PDF" capabilities in their offerings. 

What more could there be to the story?  One possibility is that the ISO/IEC PDF standard (what the standards world calls a "de jure" standard, or a standard "as law," because it has been adopted by a formal standards body) sits inside a larger "de facto" standard created by Adobe that the market likes.  Since only the elements that are within the ISO/IEC standard are subject to obligatory license, Adobe would be free to charge whatever it wants, and to whom, for the additional de facto elements.  Such "proprietary extensions," added by the dominant market player, are one way that a company that offers royalty-free technology for inclusion into a standard makes money.  In effect, the technology included in the de jure standard that is available under a free license is used to bait the hook for the royalty-bearing license required to implement the full de facto standard.  If this is the rest of the story, there is some irony in the fact that Microsoft has frequently been criticized for adding proprietary extensions to products it has built to a standard, thereby sometimes making them non-interoperable with other products built to the same standard.

Interestingly enough, this latest speed bump for Vista highlights a point that Jason and I had crossed blog swords over not long ago, which is my view of the importance of standards as a means of achieving interoperability over other means of achieving the same end.  Back on May 8, I posted an entry where I objected to the promotion of the idea by Microsoft of other techniques as a surrogate for, as compared to a supplement to, standards as a means to achieve and guarantee interoperability.  My starting point was a quote in an eWeek article to the following effect:

"You can achieve interoperability in a number of ways," said [Microsoft's] Robertson. Among them: joint collaboration agreements, technology licensing and interoperability pacts.

I had heard the same basic statement from another Microsoft representative, which troubled me, because while these other means can result in interoperability, they don't guarantee equality of opportunity and access the way that a standard does that has been adopted by a standards organization with an effective IPR policy - as has just been amply demonstrated by Adobe's apparently discriminatory withholding of a free PDF output license from Microsoft.

StarOffice Attracts its First Virus (and the press notices)

6/01/2006

I was sitting in the audience of an ISO/IEC meeting in Geneva, Switzerland about to give a presentation on the intersection of open source and open standards when I received an email with a link to this story at CNET.News.com:

Researchers at Kaspersky Lab have spotted what they believe is the first virus for OpenOffice, the open-source rival to Microsoft's Office productivity suite.

The virus, dubbed Stardust, is capable of infecting OpenOffice and StarOffice, which is sold by Sun Microsystems, a Kaspersky Lab researcher wrote on the Russian company's on Tuesday. "Stardust is a macro virus written for StarOffice, the first one I've seen," the researcher wrote. "Macro viruses usually infect MS Office applications."  The pest is written in Star Basic. It downloads an image file with adult content from the Internet and opens that file in a new document, according to Kaspersky's posting.

So far, Stardust is a proof-of-concept virus, which means that it was created to demonstrate that an OpenOffice virus is possible. The virus has not been sent out in the wild and is not actually attacking people's systems.

I did a quick and dirty blog entry then, which I'm updating now. 

Hmm.  Now that I have time to give this a closer reading, it appears that this bit o' malware has hit only StarOffice, not OpenOffice.  So while the conclusion may (or may not) be correct to say it can be adapted to hit OpenOffice, it's a stretch to assume that it was "created to demonstrate that an OpenOffice virus is possible."  If that was the goal, why not  _start_ by hitting an OpenOffice user, eh?

Be that as it may, you may recall that only a week ago I did an article about the  Word Trojan, and how the press reported it.  Through this new hack on StarOffice we have the opportunity to see how the press reports an equally (or less) insignificant attack on one version of ODF compliant software, so let's see what we see.

The Free Standards Group: Squaring the Open Source/Open Standards Circle

5/30/2006

Before there was Linux, before there was open source, there was (and still is) an operating system called Unix that was robust, stable and widely admired.  It was also available under license to anyone that wanted to use it, because it had been developed not by a computer company, but by personnel at AT&T's Bell Labs, which for a time was not very aware of its status as the incubator of a vital OS.

Mighty was the rise of that OS, and regrettably, so was the waning of its influence.  Happily, Unix was supplanted not only by Windows NT, but also by Linux, the open source offshoot of Unix.  But today, LInux is at risk of suffering a similar fate to that suffered by Unix.  That risk is the danger of splintering into multiple distributions, each of which is sufficiently dissimilar to the others that applications must be ported to each distribution - resulting in the "capture," or locking in, of end-users on "sub brands" of Linux.

The bad news is that the rapid proliferation of Linux distributions makes this a real possibility.  The good news is that it doesn't have to, because a layer of standards called the Linux Standard Base (LSB) has already been created, through an organization called the Free Standards Group (FSG), that allows ISVs to build to a single standard, and know that their applications will run across all compliant distributions.  And happily, all of the major distributions have agreed to comply with LSB 3.1, the most recent release.

I recently interviewed Jim Zemlin, the Executive Director of FSG, as well as Ian Murdock, the creator of Debian GNU/Linux, and the FSG's CTO and Chair of the LSB Working Group.  That interview appears in the May issue of the Consortium Standards Bulletin and covers a great deal of ground.  Some of the most interesting details, though, relate to how this open standards process interacts with, and serves, the open standards process that creates Linux itself.  Below, I've excerpted those parts of the interview, so that you can see how it's done.  [Disclosure:  I am on the Board of Directors of the FSG, and am also FSG's legal counsel.]

FSG — Linux Interface

1.  Which open source projects does FSG actively engage with?

Primarily the Linux distributions but also many of the constituent projects, particularly if those projects provide a platform that developers can target that could benefit from better integration with the broader Linux platform. Good examples here include the GNOME and KDE desktop environments. Each of these desktop environments is a platform in its own right, but a desktop isn't much use unless it is well integrated with the operating system underneath. Furthermore, ISVs targeting the Linux desktop ideally want to provide a single application that integrates well regardless of which environment happens to be in use.

[more] 

Everybody’s Talking about Open Source/Open Standards (but what are they saying?)

5/29/2006

IT vendors these days are in love with the phrase "open source and open standards" (as in "you should buy our open source/open standards-based solutions"). 

If you haven't already noticed that fact, here's a little experiment to try that will make the point:  Google the phrase "open source" AND "open standards."  I just did, and got 4,700,000 hits, with 284 leading to recent news articles.  Odds are, though, that few of those hits would take me to a knowledgeable discussion of how open source and open standards can and should work together.

In fact, while open source and open standards each work well in isolation, those who create them haven't always played very well together when they find themselves in the same sandbox.  As those 4,700,000 hits suggest, however, there's a great need for both sides to learn how to optimize the relationship between open standards and open source.  And that's the theme of this issue of the CSB, revisiting a topic I last covered in detail in the March 2005 issue.  That issue was called What Does "Open" Mean? and my editorial then was titled A Call for Communication Between Communities. 

A year has now gone by, and I decided that it was high time to return to this topic, so I did, and made it the theme of the May issue of the Consortium Standards Bulletin, which was sent to subscribers last week.  Here's what it had to say.

The Word Trojan: Anatomy of an Online Story

5/27/2006

Lately I've been blogging quite a bit on the state of on-line journalism.  One aspect of that topic that I haven't touched on for awhile is the way in which a story breaks, builds, morphs and spreads electronically.  The recent announcement of the Backdoor.Ginwui virus provides an interesting opportunity to do this once again, in order to see who addressed the story and how (including by me), and what, if anything, it all means. Cutting to the bottom line: it doesn't matter how little impact a virus may have, if it targets Microsoft (a/ka/ the world's desktop), its likely that every conceivable and theoretical angle of the story will get poked and prodded, whether it deserves to be or not. The reasons are two fold: first the threat of a really bad virus is akin to an IT bird flu epidemic, so the mere possibility of a massive break out captures the mind. And second, it offers an opportunity for authors to explore other current issues in the market place that are directly, or tangentially related. Taking a look at how stories are written on line is also illuminating. In fact, it's been my consistent experience when I've conducted a survey like this that only a small percentage of the on-line articles that are written on any story are the product of any actual first hand research by the author. The vast majority are either short rehashes of information taken from other peoples' stories (and research) and/or from readily-available on-line alerts, press releases and public statements.

Monocultures and Document formats: Dan’s Bomb Goes Off

5/23/2006

Dan Geer is an extremely well respected security expert.  When he worries about something, people listen.

One of the things he has worried - and warned - about is the danger represented by IT "monocultures" - the situation that arises when everyone uses the same software, for example, and therefore everyone shares the same vulnerability to a computer virus or other security threat. 

Just as the word "virus" has been borrowed from biology and provides an apt and vivid descriptor for its IT analogue, so also does the word monoculture function: think of the consequences of Irish potato blight, or of the wiping out of the American Chestnut tree, which once numbered in the billions in the forests of the American East and is almost extinct as a mature species.

Well, last November, Dan wrote a perspective piece for CNETnews.com, called Massachusetts Assaults Monoculture.  In that article, he wrote:

As a matter of logic alone: If you care about the security of the commonwealth, then you care about the risk of a computing monoculture. If you care about the risk of a computing monoculture, then you care about barriers to diversification. If you care about barriers to diversification, then you care about user-level lock-in. And if you care about user-level lock-in, then you must break the proprietary format stranglehold on the commonwealth. Until that is done, the user-level lock-in will preclude diversification and the monoculture bomb keeps ticking.

As it happens, Dan's bomb went off a few days ago, with the breakout of the "Backdoor.Ginwui" virus, a malicious bit of code that Symantec introduced in an alert as follows: 

It has been reported that Backdoor.Ginwui may be dropped by a malicious Word document exploiting an undocumented vulnerability in Microsoft Word. This malicious Word document is currently detected as Trojan.Mdropper.H.

The Return of Them

5/21/2006

For the last couple of weeks I've been writing a number of blog entries focusing on poorly researched and deliberately misleading items in the news.  One of those pieces is called >The Script Reloaded: Recognizing "Them."  The first premise of that entry was that it's easy to spot opinion pieces that derive from a common source, based on the points made and the language used.  The second was that there's a difference between pieces from interested sources that are based on "talking points," and planted stories that contain the same message, but don't disclose that they're just a conduit for someone else's message (or worse yet, disinformation).  For example, you expect an op/ed piece by a vendor officer, or a quote from a vendor spokesperson, to be toeing the party line.  But when you read a "citizen" op/ed piece, you don't want to worry whether it's been vendor-influenced unless there's the usual italicized disclosure at the end of the piece.

This difference is important, because most of us are willing to give a "citizen" op/ed or a report issued by a neutral non-profit more credence than a vendor-piece - unless we know that they have an economic axe to grind.  That's where paying attention to the language can help - especially when there is a campaign to spread a Big Lie - the subject of another recent blog entry of mine on the same theme.

I promised in my last entry to highlight new articles that caught my eye that seem suspect, and this morning read one that has all of the hallmarks that I noted before.  The piece in question is by Steven Titch, a Senior Fellow of the Index.cfm">Heartland Institute, and also the editor of its monthly newsletter.  The Institute describes itself on its home page as, "devoted to discovering and promoting free-market solutions to social and economic problems," and the article is called The Dangers of Dictating Procurement. 

First Public Draft of Open XML is Published by Ecma

5/19/2006

And this is just the first draft 
               Microsoft spokesperson, commenting on the 4,000 page
               first draft of Open XML, as quoted at

The first draft of Open XML has been posted for public viewing at the >Ecma Website, five months after Ecma accepted Microsoft's submission of what was then less-appealingly referred to as the XML Reference Schema.  The most detailed source of information I've found so far is this page at Brian Jones' blog, which focuses heavily on XML in Office and the development work on Open XML file formats (Brian is a Microsoft Office Program Manager who has frequently provided public comments on the progress and purpose of Open XML).  You can also find short press articles at >NetworkWorld.com, by IDG's Elizabeth Montalbano, and at by Peter Galli.  Both Elizabeth and Peter have been following the ODF/XML Open story for many months. 

According to Jones, the specification is now 4,000 pages long (roughly twice its original size) and has been the subject of weekly two hour conference calls and three day face-to-face meetings about every two months. 

Each of these sources is quite brief, and therefore there is little new information to be gleaned about the draft specification, short of downloading it and diving in yourself.  For those not so able or inclined, though, here is one out take from Brian's blog that is instructive regarding the differing approaches (and constraints) represented by the ODF and the XML Open approaches:

Reader Beware as ODF News Coverage Increases

5/16/2006

There have been a number of stories published on-line in recent days that warrant both comment and qualification.  The good news is that more and more journalists are being attracted to the OpenDocument Format (ODF) story, largely because of the increasing credibility of the threat to Microsoft Office that ODF poses.  A measure of the appeal of that story line is the fact that it is beginning to surface in articles appearing in the mainstream press (look for a story in Fortune magazine this week, for example).  The bad news is that some of these articles have been poorly researched and/or reported.  The result is that more care is now needed when reading the news than was required a short while ago when only a small number of reporters were covering the story, each of whom had taken the time to acquire a good understanding of what was involved, and had the chronology of events and the facts in focus.  Free lancer John K. Waters and ComputerWorld's Carol Sliwa, in particular, have impressed me with the quality of their coverage. In this entry, I'll look at some of the significant news that has broken in the past week, and highlight the ways in which I believe it has, and hasn't, been accurately reported on-line. Let's start with one of the big news stories that emerged yesterday: the first public, pre-release demonstration by IBM of some of the ODF-supporting features of its new "Hannover" release of Lotus Notes.  The news that the next release of the Notes client would support ODF is not new (IBM had announced last January that its Workplace Managed Client (WMC) software would support ODF), but the demo offered a media opportunity to showcase the fact that progress was proceeding apace.  The first article to be issued of which I am aware was reported from the Deutsche Notes Users Group conference in Karlsruhe, Germany, where the demonstration was given.  You can find it here.

The Evolving ODF Environment Part II: Spotlight on OpenOffice

5/13/2006

 Just over a week ago, I posted the first of what I hope will be a complete set of interviews with the developers of the major open source and proprietary software suites that implement ODF.  That Interview was with KDE's Inge Wallin, and addressed the KOffice suite — one of the two best known open source implementations of ODF. Today, it's the turn of OpenOffice — the other well-known open source implementation of ODF, and the most implemented of all software packages that support ODF. The interview that follows is with Louis Suarez-Pots, OpenOffice's Community Manager (LSP in the responses below), and John McCreesh, Marketing co-lead (JM).

The purpose of this series of interviews is to provide a comparative picture of the evolving ODF landscape, highlighting the strengths (and weaknesses) of each current implementation, so that potential users can judge which alternative is right for them. At the same time, it will illustrate the fact that a standard such as ODF, far from limiting innovation, can instead enable a rich set of products that distinguish themselves with additional features to attract users to their particular flavor of the same software tool.

Each of the interviews contains the same set of comparative questions, plus a smaller number of queries directed at features, history, or other factors unique to that product. As with the KOffice interview, this series of questions and answers is included in full and unedited, with the goal of creating a record of the developer's or communities view of its product today, and its vision for the future of that product tomorrow.

At the end of the series, I will seek to summarize the results and, if possible, find a suitable expert(s) to provide their own comparative evaluation of the implementations. If you are such an expert and willing to participate, please get in touch with me.

  1. «
  2. 1
  3. ...
  4. 56
  5. 57
  6. 58
  7. 59
  8. 60
  9. 61
  10. 62
  11. ...
  12. 76
  13. Next »

Post navigation

← Older posts
Newer posts →

Contributors

avatar for Andy UpdegroveAndy Updegrove
avatar for Russ SchlossbachRuss Schlossbach
avatar for Lee GesmerLee Gesmer

subscribe to the
standards blog

Subscribe to the RSS feed

Gesmer Updegrove

This site is hosted by Gesmer Updegrove LLP, a technology law firm internationally known for forming and representing more than 230 consortia and foundations that create and promote standards and open source software. You can find a summary of our services here. To learn how GU can help you, contact: Andrew Updegrove

Categories

  • Alexandria Project
  • Artificial Intelligence
  • China
  • Cyber Thriller
  • Cybersecurity
  • General News
  • Government Policy
  • Intellectual Property Rights
  • Intellectual Propery
  • Lafayette Deception
  • Laws, Regulations and Litigation
  • Linux
  • Microsoft
  • Monday Witness
  • ODF vs. OOXML: War of the Words (an eBook)
  • On the Media
  • Open Source
  • Open Source/Open Standards
  • OpenDocument and OOXML
  • Self-Publishing
  • Semantic & NextGen Web
  • Standards and Society
  • Uncategorized
  • Wilderness Journal
  • Wireless
  • WSIS/Internet Governance

Newsletter Signup Form

Subscribe to
the standards blog
Gesmer Updegrove
  • Terms of Use and Privacy Policy
  • Contact
  • Sitemap