≡ Menu

Weekly Links #2

  • “Ultimately, new types of documents are possible. I don’t see my kids creating content 5 to 10 years from now going into a dumb text editor and doing a presentation. I see them using rich media and aggregating small bits of data from the Web. The office suite box is constraining. People should interchange content over time, use collaborative Web-based editing and components that can be shared. Symphony is fundamental to changing and enabling open standards.”

    tags: ODF, Symphony

  • “ODF Import allows a user to import ODF files into drupal nodes. Currently the module can import content from ODT files only. No style information is imported in current release.
    Future releases will support other ODF formats as well as importing of styles from an ODF document.”

    tags: ODF

  • “You can download the manual from SVN, here. It is in ODF, and it would be great if it could stay that way — if you are using software by The Man, you can download an ODF add-in to open and save the format. (For downloads, I will convert it to PDF, and probably many other formats. The key is keeping the source in ODF).”

    tags: ODF

  • “As more offenders attempt to conceal incriminating data or stolen information, it is important for forensic examiners and computer security professionals to know where to look for concealed information. This paper demonstrates how data concealment in Microsoft Office 2007 files is possible. The Office Open XML (OOXML) format forms the basis of Microsoft Office 2007, and an individual can use OOXML to define customized parts, relationships, or both within a Microsoft Office 2007 file to store and conceal information”

    tags: OOXML

  • “File format support gets a boost in 3.2, including better compliance with the Open Document Format (ODF). One of the sad facts about ODF support, at least at the moment, is that multiple suites support ODF but do it differently — thus making the interoperable format rather less than interoperable. OpenOffice.org supports a “superset” of ODF 1.2, and the latest release will now warn users if they are using Extended features that may not be supported by other suites. “

    tags: ODF, OpenOffice

  • “A study published by the Norwegian “Direktoratet for forvaltning og IKT” (Agency for public adminstration and ICT) comes to the result that OOXML is not suitable for being used by the Norwegian government. The study is available online in Norwegian. Amongst the reasons that are given are that the standard with its more than 6000 pages is not appropriate; it is not suitable for collaboration; and there is only one software that can implement it and produce the respective file format. Norway recommends pdf for electronic document exchange of documents that don’t need to be edited and ODF (open document format) for all other documents.”

    tags: ODF

  • “Web based Open Office Presentation Viewer -v0.0000 – A effort to make a pure Javascript ODP Viewer”

    tags: ODF

  • The first of a series of posts on what KOffice is doing to support the new metadata framework in ODF 1.2. Some good work shown here in the videos.

    tags: ODF, RDF

{ 2 comments… add one }
  • orcmid 2010/02/19, 00:11

    The Digital Investigation “Science Direct” link doesn’t seem to work.

    I think they are overlooking a trivial way to use a document as a covert channel, if that is what is wanted. Just add more content to the Zip. That’s all the customized stuff does, but you don’t need to go to the trouble to make the document processor deal with it. Likewise, of course, for an ODF Package.

    I’m sure some applications will remove such information from a document that is edited, and it might take a faux relationship or two to keep it glued in regardless. My question is, what is the actual threat model and is this about conveying the information to parties in-the-know or just keeping it privately but hidden?

    How about hiding stuff in an empty spare worsheet of any modern spreadsheet processor? Font coloration/transparency could make the thing look just like the usual unused but lingering Sheet 3.

    I look forward to seeing the article.

  • Rob 2010/02/19, 08:27

    I corrected the link. Only the abstract is free, but it sounds like indeed they are talking about package/part level data concealment. I wouldn’t necessarily call this a “threat”. I think they are going at this from the forensics perspective. What isn’t clear is whether this is merely theoretical (which isn’t really that interesting) or whether we’re actually seeing people actively hide data in OOXML documents.

Leave a Comment