Slashdot Mirror
Few of OOXML's Flaws Have Been Addressed
I Don't Believe in Imaginary Property writes "IBM's Rob Weir has done a study on how many flaws were addressed by the OOXML Ballot Resolution Meeting. So far, using a random sampling technique, he has yet to find a flaw that was addressed, making the upper bound a paltry 1.5%. Even so, he's found a number of new flaws, including a security vulnerability: OOXML stores passwords in database connection strings in plain text. At least there were no mistakes on five of the first twenty five random pages he reviewed."
Why fix flaws when you can buy voters?
Friends don't help friends install M$ junk.
Do any of these flaws exist in Office 2007?
If not, why are they in the OOXML proposed standard. If the standard does not describe the OOXML format used by Microsoft, then what does it describe?
Why can't they just document the format that they use and get this over with? Or are they doing all this for show, and there is no real substance in OOXML?
Ballmer is that you?
This may be off topic but why exactly are there database connection strings in a document format?
I came to the datacenter drunk with a fake ID, don't you want to be just like me?
A 100% ad hominem attack on Slashdot gets modded up unquestioned. Who would have thought?
how long will it take people to shrug off this death grip of MS and realize that it's costing billions in productivity? I received an XLS file of contacts yesterday and I figured I'd try using Outlook to import it into an address book so I could then sync to other things like Gmail. Outlook choked and recommended assigning values to the columns using another MS product - MS Excel. SO, I saved the file as CSV, and imported using Thunderbird which gave me an easy dialog to match up name,email, phone, website..and so on. Worked great! then I used thunderbird to open the second file and it remembered the previous adjustments and everything was already lined up! Awesome stuff and I wasn't prompted to buy any other products!
I'm seriously considering wiping all the PC's in my office and advising the staff to just learn Ubuntu to avoid this whole MS deathgrip. None of the staff are advanced users except my web guy who codes in a text editor anyhow. FMS.
"The Most Fun Possible on 4 wheels" is at SunBuggy in Las Vegas
Sucks that you can't read the article and assess the level of the bias he displays for yourself.
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
It was Miguel de Icaza, and he is paid money indirectly from Microsoft since he works for Novell.
One of the reasons I stopped using GNOME, I don't want anything to do with the Mono project.
c++;
Everyone has a bias but if he gives you the information that he used to form his opinion about something then you can read what he says and what he did and form your own opinions. He is giving detailed examples of what he found. He isn't just say "Everything is fine" or "They have WMD", he is giving how he comes to his opinion and showing you the facts.
Yes his company maybe bias in not wanting the format approved, but does that make what he says less true? The facts speak the truth.
As I understand it, Microsoft isn't going to follow this standard. If Microsoft isn't going to follow this standard, then it is useless for OpenOffice, NeoOffice, KOffice, etc. to follow this standard. Or is this going to be for Office 2k10 or something?
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
Anyone who claims that it's more secure to obscure the password in a well known and trivially reversible way instead of simply storing it in plain text is not someone I trust to analyze security.
Man, I'm really getting sick and tired of people abusing the "ad hominem" charge. Ad hom refers specifically to an attack on ones character which is used to discredit an argument. Simply questioning a persons motives and biases is not necessarily an ad hominem attack. It is important to make any potential biases clear. Though in this particular case, I'm not seeing it.
Also, attacks on ones character may not be considered "ad hominem" unless it is being use to refute an argument. This is probably the most common misuse of the term. For example, I can call someone an asshole and it wouldn't necessarily be an "ad hominem" attack. It might just mean I think the person is an asshole. It is a valid opinion. It just isn't relevant to any logical argument.
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
So you won't verify anything, or even check, but rather you feel that the exact same thing from someone else would be more true. Essentially, despite the facts, you don't feel the truthiness is sufficient.
By your logic, you may well be right, but you may also just be a shill for Microsoft. I'd be more inclined to believe someone else who didn't have a corporate interesting in picking data points to disparage the argument you'd like to make. Or maybe if you had an argument to make not based on a well-known informal fallacy.
Don't think of it as a flame---it's more like an argument that does 3d6 fire damage
Did we learn nothing from the 80s and early 90s? If you write the standard first, you're going to get the kitchen sink. Engineer a good system, then standardize it. Nothing sands the sharp edges like the real world.
In Capitalist America, bank robs you!
"Does the poster have a chair?"
Not any more.....
During the BRM is has been shown that MSOOXML is not up to the quality for an international standard.
The only reason that this thing is considered in ISO is because Microsoft is being so bullish, trying to defend the monopoly.
Yet a lot of people treat them that way like this Slash Dot commenter: "He might well be right, but I'd be more inclined to believe it from someone who doesn't have a corporate interest in picking data points to fit the line he would like to draw." Just why is that rated a 5? It is NOT about belief, but more about science--either the facts and peer review support Mr. Weir or they don't. Apparently they do and in Spades. The majority of "yes" votes on this "standard" are by Microsoft partners who have a vested interest in a dingle vendor, single application (the only full implementation read and write) solution they sell products and services for and can lock in business. Sure IBM is a commercial organization with a checkered past, but they don't own completely open ODF so they aren't doing this for gain. they jsut want a level playing field for formats. And it is a great idea.
OOXML's Flaws Have Been Addressed
:-)
"IBM's Rob Weir has done a study on how many flaws were addressed by the OOXML Ballot Resolution Meeting. So far, using a random sampling technique, he has yet to find a flaw [...] there were no mistakes on [...] the [...] pages he reviewed."
There. Doesn't that sound better?
With reasonable men I will reason; with humane men I will plead; but to tyrants I will give no quarter. -- William Lloyd
He might well be right, but I'd be more inclined to believe it from someone who doesn't have a corporate interest in picking data points to fit the line he would like to draw.
Nobody is asking you to "believe" anything. Bias does not change facts, and it is a fallacy to suggest that he should be a perfectly impartial critic if he is to be taken seriously. If he makes observations of deficiencies in the format they are just as valid as if they were made by Bill Gates himself.
When I was a kid, we only had one Darth.
One example given by wikipedia is:
Just replace the relevant references with words like IBM, OOXML, etc. and it's basically the same.
You started to get it right, but then you fell by the wayside. The entire phrase is argumentum ad hominem which means "argument to the man." It includes any attempt to discredit an argument based on characteristics of the person advancing the argument. In the instant case, the argument goes something like--OOXML should be rejected if it's a bad standard. OOXML is a bad standard because it has many shortcomings that haven't been addressed. Therefore OOXML should be rejected. Mongoose Disciple chose not to dispute any of the premisses of the argument or the inference, but rather to claim that Rob Weir stands to gain if the conclusion is accepted. Thus Mongoose Disciple presented us with an excellent example of an argumentum ad hominem.
Also, attacks on ones character may not be considered "ad hominem" unless it is being use to refute an argument. This is probably the most common misuse of the term. For example, I can call someone an asshole and it wouldn't necessarily be an "ad hominem" attack.
Completely correct. However, it's irrelevant to the instant argument.
-Loyal
I aim to misbehave.
What's wrong with publicly stating the religious body backing OOXML development? Microsoft is very fortunate to have so much support from Hell. Why, if they had to supply their own evil or go through commercial channels, the global evil reserves would dry up overnight.
Sam ty sig.
You mean like the slur made by a Microsoft employee against a Standards New Zealand representative?
Even though none of the substantial problems have been addressed, NIST has approved OOXML.
Geeks like to think that they can ignore politics, you can leave politics alone, but politics won't leave you alone.-rms
Here's the difference, though. You're assuming the OP said:
"Rob Weir can't be trusted because it's in his best interest for OOXML to fail."
But the spirit of what the OP said was actually closer to this:
"I don't trust Rob Weir, because it's in his best interest for OOXML to fail."
It's actually a pretty big difference. The first statement is a logical fallacy, but the second one is just explaining his personal bias. And keep in mind that the OP specifically stated that Rob Weir "might well be right".
The details are trivial and useless; The reasons, as always, purely human ones.
Arguments should be accepted based on their validity and their accuracy. What if Einstein (or any other scientist, for that matter) were not allowed to defend his own theories?
Any sufficiently simple magic can be passed off as mere advanced technology.
Riiight. We should have one of the few people willing and able to examine the standard for flaws just not do it. That's an excellent idea.
At what point has IBM been dishonest? Rob Weir is an employee of IBM. They have a distinct interest in making sure that whatever format is approved, they are able to implement it. Therefore, it is in their best interest to make sure it is a good standard. As they have determined that it isn't a good standard, what should they do? Not talk about it?
The fact that his bias is out in the open is perfectly fine, as is the example you give from Peter Torr. That allows people to judge their statements, and account for possible bias.
The problem with Weir recusing himself is this: nobody else seems to be doing this. Nobody else is standing up to a corrupted process, where the intended and stated results are sidelined for political expediency. If it takes one corrupt company to stand up to another corrupt company, then so be it. At least they are standing up to a corrupt company. (Yes, I'd prefer if neither were corrupt.)
Microsoft is to software what Budweiser is to beer.
As well as with the original article. First thing - you can't really say "few flaws have been fixed" when the original article (and the post blurb) specifically say that no fixed flaws where actually found in the testing sample.
On the other hand, the statistics used by Rob Weir are shoddy according to my local statistics semi-expert (my girlfriend who finished 2nd year BA stats A. with a perfect 100 score). Specifically his sample is incredibly small: 25 random pages out of a random selection of 200 pages out of 5220 pages of the original standard document, out of 6045 pages actually in the original document (not the amended document), of which he doesn't know how many defects where actually reported against each page (we know how many were reported totally, but we don't know what is their percentage in the first sampling or subsequent sampling), and as Rob Weir found new defects that were not reported to Microsoft in time for the BRM, he has no idea what is the actual density of (pre-BRM) reported defects in the total "defect population" (defects discovered before BRM, after BRM and defects that are yet undiscovered).
As such a confidence interval of 1.5% +-3% (i.e. at worst 4.5%, which is not what the post reports) seems highly suspect. To clarify for non-statistics students, a confidence interval of 1.5% +-3% in a result of 0 hits out of a random sample, means that Rob Weir is at worst 95.5% confident and at best 100% confident that there were no defects addressed by Microsoft.
This is awfully presumptuous, even if its Microsoft that we are talking about.
Considering they provide the email address and phone number of their media contact in that announcement.
Hi ozbird, I'm not a Standards NZ representative. I am part of the NZ Open Source Society (NZOSS) and a techy on Docvert. I am part of the advisory group formed by Standards NZ for this process but like all others in the group I'm not paid and I'm basically an independent who gets invited to meetings every so often to debate OOXML, and stuff like that.
-Docvert converts MSWord to OpenDocument, clean HTML