Sick of Open Office!! Dumped

[techie]

Remember, there is a difference (a BIG difference) between being able
to reverse engineer a file format and being legally able to USE a file
format regardless of how it is obtained. What a lot of people forget
is that a large part of what you get from StarOffice over OpenOffice
is the use of file formats whose owners insist on getting paid for
their use. It is also one of the reasons MS Office, WordPerfect, and
SmartSuite have higher degrees of compatibility with each other than
OO does.

You haven't the slightest idea what you're talking about. OpenOffice is
not "illegally" using Microsoft's file formats. Neither is Samba, or the
WINE group, or a few dozen other open-source efforts I could name that
Microsoft would go after in a heartbeat if they didn't think they'd get
thrown out of court and countersued for either false arreset or bringing
a frivolous lawsuit, depending on whether they went the legal or the civil
route.

Reverse engineering of file formats *is* allowed under the law so long
as the files aren't encrypted (which then falls under the DMCA). In the
US it's merely permitted, but in Europe there is a guaranteed legal
*right* to reverse-engineer API's and data formats. Current EU laws
already make it illegal to use hidden API's and file formats to restrict
competition, for example to use chips in inkjet cartridges to keep
inkjet refillers off the market. And a proposed EU law (I think this may
already have been passed?) will *require* companies to disclose their
API's and file formats if either the DMCA or the nature of the
technology keeps competitors from reverse-engineering them.

Is it worth the extra money for such compatibility? Well, so far, the
marketplace has answered yes.

Wrong again. Corporations, whole governments, and now millions of
individuals have adopted OpenOffice as their primary office suite.
Despite your fantasies, not everyone needs all the features of MS Office
or 100% perfect compatability with MS Office file formats.

This kind of gets us back to MY original point (which I don't charge
for by the way. A sort of OpenOpinion, if you will) is that you have
got to match the software to the job at hand. OO CAN'T be offered up
to everyone as the software of choice since it can't DO all the things
big 3 can do.

This is a freeware newsgroup. When someone comes here asking for a
recommendation, we therefore presume that they're looking for freeware.
If you want to push commercial office suites, or if you want to compare
freeware and commercial offerings, please go to a group that doesn't
have "freeware" in its name.

Telling someone it can do what they need it to do when it can't, or
showing someone a favorable review without telling them that the
review standards for one product were different because of pricing
considerations is the worse kind of fraud in my opinion. In such
cases, you are lying for political reasons.

Nobody came into this thread asking what OpenOffice could do or for a
comparison of proprietary and freeware office suites, you brought that
up unasked and off-topic. And the OO home-page blurb we were discussing
is not a "review". If you want a review, go to a third-party site where
you can get an impartial hands-on comparsion of actual, rather than
hyped, features.

 

[TW]

< snip >

So did you contact them to see whether there was a way to avoid that ?
Or to see if it could be changed in a future release ?

Regards, John.

No I didn't, John. I found in a thread on a Madden-related forum that
Excel is unique in that it doesn't export quotes for csv's that didn't
have them upon import. I took that at face value, but it may be that
the author was incorrect. It's worth investigating further.

e-mail modified, take the ** out to reply!

TW

kilocycles***@***yahoo.com

 

[John Fitzsimons]

On Wed, 15 Oct 2003 09:29:39 +1000, John Fitzsimons

No I didn't, John. I found in a thread on a Madden-related forum that
Excel is unique in that it doesn't export quotes for csv's that didn't
have them upon import. I took that at face value, but it may be that
the author was incorrect. It's worth investigating further.

Perhaps the OO people would like to know that info and can design a
work-around ? If they don't know then that info would probably help
both them and their users.

Regards, John.

 

[Gary R. Schmidt]

Perhaps the OO people would like to know that info and can design a
work-around ? If they don't know then that info would probably help
both them and their users.

Regards, John.

It's not a bug in OO, it is a bug in the program mentioned by "TW", that
is the program which is not handling csv files correctly.

It may be a bit of overkill by OO, but the wrapping of fields in csv
files with the " or ' character is required to be transparent.

Example, using book titles:

Book 1: Dune"
Book 2: The Bible"
Book 3: I, Claudius"
Book 4: Lord Kalvan of Otherwhen"

Put them into a csv record incorrectly, and you get:
Dune, The Bible, I, Claudius, Lord Kalvan of Otherwhen
and the complaint "but I only typed in _four_ titles!!"

Do it properly:
Dune, The Bible, "I, Claudius", Lord Kalvan of Otherwhen
and it all works.

Cheers,
Gary B-)

 

[Gary R. Schmidt]

Perhaps the OO people would like to know that info and can design a
work-around ? If they don't know then that info would probably help
both them and their users.

Regards, John.

(Original reply cancelled, try this one)

It's not a bug in OO, it is a bug in the program mentioned by "TW", that
is the program which is not handling csv files correctly.

It may be a bit of overkill by OO, but the wrapping of fields in csv
files with the " or ' character is required to be transparent.

Example, using book titles:

Book 1: Dune
Book 2: The Bible
Book 3: I, Claudius
Book 4: Lord Kalvan of Otherwhen

Put them into a csv record incorrectly, and you get:
Dune, The Bible, I, Claudius, Lord Kalvan of Otherwhen
and the complaint "but I only typed in _four_ titles!!"

Do it properly:
Dune, The Bible, "I, Claudius", Lord Kalvan of Otherwhen
and it all works.

Cheers,
Gary B-)

 

[Blinky the Shark]

(Original reply cancelled, try this one)

Just read it. For the record, many, if not most servers don't honor
cancels.

 

[Chris Lee]

I agree. It is not just in the ppt bit either. I installed it
instead of
Office 2000 as I really wanted to try something othe than MS and
went back
to office more or less immediately. If you are used to MS Office it
is just
not as intuitive and the OO developers need to recognise this. It
also needs
something like Outlook as it will not be really useful as an
integrated
office suite until that happens.

Guess you'll have to live with using OO because the people it's targeted at
are for the most part fed up with the intergrated,virus spreading software
clowns like you insist on forcing everyone to use.

Too bad. For *YOU* that is.

 

[Alan]

Guess you'll have to live with using OO because the people it's
targeted at are for the most part fed up with the intergrated,virus
spreading software clowns like you insist on forcing everyone to use.

Too bad. For *YOU* that is.

Better grab a current edition while you can then. As the developers head
down the path of giving it some real punch, through a decent macro
language supporting its object model (in other words, trying to emulate
what "the intergrated,virus
spreading software clowns" have managed to do) you can look forward to
the same vulnerabilities appearing in your half-baked attempt at an
office suite. Recommend you stick with one of the dumbed down current
releases, before it gets too close to becoming a real one.

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

As the developers head down the path of giving it some real punch,
through a decent macro language supporting its object model (in
other words, trying to emulate what "the intergrated,virus
spreading software clowns" have managed to do) you can look
forward to the same vulnerabilities appearing in your half-baked
attempt at an office suite. Recommend you stick with one of the
dumbed down current releases, before it gets too close to becoming
a real one.

Lets just hope they are not stupid enough to turn on the macro feature
by default.

 

[Alan]

Lets just hope they are not stupid enough to turn on the macro feature
by default.

Let's hope the users are not stupid enough to forget to RTFM and not
even have knowledge of what it is, let alone how to turn it off. Blame
where blame is due, eh?

 

[Gary R. Schmidt]

Gary R. Schmidt wrote:




Just read it. For the record, many, if not most servers don't honor
cancels.

I know that in these slack and un-LARTed days many (most?) (all?!?!?!)
news servers fail to honour cancel messages, I just wanted to make the
point that I had a minor typo in the first message that made it a trifle
un-sensible.

Cheers,
Gary B-)

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

Let's hope the users are not stupid enough to forget to RTFM and
not even have knowledge of what it is, let alone how to turn it
off. Blame where blame is due, eh?

Nah, you know as well as I do that most users will not change the
defaults for stuff like that. Blame users all you like, but it won't
solve the problems of infected docs being passed around, whereas
shipping in a more secured state does make a big difference wrt the
problem.

 

[Alan]

Nah, you know as well as I do that most users will not change the
defaults for stuff like that. Blame users all you like, but it won't
solve the problems of infected docs being passed around, whereas
shipping in a more secured state does make a big difference wrt the
problem.

I can't see how this idea (whatever it actually is) will have any
bearing on whether the improved OO becomes the "intergrated,virus
spreading software" described by the OP or not. If you want the code
secured, then you don't get its functionality, since it's not "turned
on". If you want to take advantage of the improved features then you
MUST turn things on, and then be open to whatever vulnerabilities you
expose by allowing such code to be run on your machine. This will
eventually dawn on certain people - that the scope for malicious code is
a *consequence* of software that endows the user with a lot of power.
You'll have to take your pick on this one - it will either be the users
or the software authors. There won't be anybody else to sling the blame
at.

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

I can't see how this idea (whatever it actually is) will have any
bearing on whether the improved OO becomes the "intergrated,virus
spreading software" described by the OP or not.

If it's not enabled in most instances of the software, the software's
docs are not as bad a vector for infection. Leaving it disabled by
default will have that effect, while letting those who want the extra
functionality enable and use it. Did not even Microsoft eventually
decide to ship Office without macro functionality on by default? And
didn't it have a positive impact on the problem of macro viruses?

 

[Alan]

If it's not enabled in most instances of the software, the software's
docs are not as bad a vector for infection. Leaving it disabled by
default will have that effect, while letting those who want the extra
functionality enable and use it. Did not even Microsoft eventually
decide to ship Office without macro functionality on by default? And
didn't it have a positive impact on the problem of macro viruses?

Sounds like decent idea to me. In fact, it might force users to rtfm in
order to use the software. I still can't see how malicious code will be
prevented from running, short of denying *all* macro code from running,
which will totally negate the current development efforts in OO. But I
guess being OO, rather than MS, this inadequacy will become a "security
feature".

You make it sound so simple - just change one default setting and a
piece of "intergrated,virus spreading software" by MS is transformed
into the equivalent of much elated OO.

 

[Max Quordlepleen]

I still can't see how malicious code will be
prevented from running, short of denying *all* macro code from
running, which will totally negate the current development efforts
in OO.

Currently, when you open a file containing macros in OOo, you are asked
if you want to let them run. You are also asked if you want to add the
path where the file you are opening is to the list of trusted paths for
macros. Then, of course, there's the fact that OOo's macro language is
unique to it, similar to VB, but plenty different enough to require
malicious macro code to be written specifically for it. The macro
language in OOo is producing some very impressive results, as the
number of people skilled in using it grows. Of course, the safest macro
language of them all is WordPerfect's PerfectScript, in which no
malicious code has yet been written.

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

Sounds like decent idea to me. In fact, it might force users to
rtfm in order to use the software.

Not to use the software, just to use the more dangerous macro feature
of it. As Max points out, however, they won't have to rtfm, just get
through a warning box. Better than nothing, IMO, though.

I still can't see how malicious code will be prevented from
running, short of denying *all* macro code from running, which
will totally negate the current development efforts in OO.

I think you are confusing *some* malicious code with *all* malicious
code. I certainly never claimed that all malicious code could be
thwarted by altering the default behaviour.

But I guess being OO, rather than MS, this inadequacy will become a
"security feature".

I am not sure what inadequacy you mean, unless your are still talking
about a hypothetical case in which macro capability will not be added
to OO. Surely you didn't mean to take a jab at OO based on such a
hypthetical?

You make it sound so simple - just change one default setting and
a piece of "intergrated,virus spreading software" by MS is
transformed into the equivalent of much elated OO.

I didn't make it sound like that, and I didn't use any such loaded
rhetoric as that. But, yeah, the concept is indeed simple.

 

[Alan]

Not to use the software, just to use the more dangerous macro feature
of it. As Max points out, however, they won't have to rtfm, just get
through a warning box. Better than nothing, IMO, though.

OK, I think we're at crossed purposes on this point. It seems like
you're simply suggesting that the default for OO be something like a
"medium level" security setting on the MS product - warning box -> OK or
Cancel. Right?

I think you are confusing *some* malicious code with *all* malicious
code. I certainly never claimed that all malicious code could be
thwarted by altering the default behaviour.

This is where you've lost me I'm afraid. From the above, you will either
let all of the code within a given document run, or you will disallow it
in its entirity for that document. I can't see the "some" and "all"
distinctions you're making above, sorry.

I am not sure what inadequacy you mean, unless your are still talking
about a hypothetical case in which macro capability will not be added
to OO. Surely you didn't mean to take a jab at OO based on such a
hypthetical?

Ah, OK I think I see where we are talking about different "some" and
"all". My point is that if you allow code to run for a certain document
etc. then you give permission for all of *that* code to run. Therefore,
to block any chance of malicious code at all, you have to deny running
macros altogether.

I didn't make it sound like that, and I didn't use any such loaded
rhetoric as that. But, yeah, the concept is indeed simple.

Well, my point was that it *is* that simple in MS by simply changing a
default, to presumably the same default that will be used in OO. The
rhetoric, as you call it, was the literary work of genius of the OP, as
I'd hoped to convey by the quotes.

 

[Alan]

Currently, when you open a file containing macros in OOo, you are
asked if you want to let them run. You are also asked if you want to
add the path where the file you are opening is to the list of trusted
paths for macros.

Is this significantly different from opening a MS doc with Medium
security settings? Sounds very similar from what you describe.

Then, of course, there's the fact that OOo's macro
language is unique to it, similar to VB, but plenty different enough
to require malicious macro code to be written specifically for it.

I've had a look at some StarOffice documentation on the language, and
it's certainly "specific" as you say. I also don't think there's the
potential there (yet) to write anything with near the capability
(malicious or otherwise) that there is in VBA (this is why I suggested
that the concerned OP grab a current copy, before that potential *does*
exist).

The macro language in OOo is producing some very impressive results,
as the number of people skilled in using it grows. Of course, the
safest macro language of them all is WordPerfect's PerfectScript, in
which no malicious code has yet been written.

I'm not familiar with WP's macro language, but I can see DeleteFile and
DeleteDirectory commands. Maybe only nice people use WP ;-). I must
admit though that both the SO and WP languages look very much like
WordBasic ver. 2 or 6 in terms of their scope. They will therefore be
inherently less powerful and accordingly less potentially dangerous than
will be VBA.

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

OK, I think we're at crossed purposes on this point. It seems like
you're simply suggesting that the default for OO be something like
a "medium level" security setting on the MS product - warning box
-> OK or Cancel. Right?

Yeah. It helped when MS decided to add that, and ISTM that it's a good
idea for OOo to do it too.

Ah, OK I think I see where we are talking about different "some"
and "all".

Yeah, we were. Sorry for the misunderstanding. Also, when I was
talking about defaults, I meant out-of-the-box defaults, not default
behaviour subsequently changed by the user.

My point is that if you allow code to run for a certain
document etc. then you give permission for all of *that* code to
run. Therefore, to block any chance of malicious code at all, you
have to deny running macros altogether.
Right.


Well, my point was that it *is* that simple in MS by simply
changing a default, to presumably the same default that will be
used in OO.

I didn't mean to be making a point about MS at all. My point was that
the out-of-the-box configuration for any office app which runs macros
should be not to run them without user approval. If MS Office
currently ships with the "medium level" security setting you describe
above, that's a good thing IMO.

The rhetoric, as you call it, was the literary work of
genius of the OP, as I'd hoped to convey by the quotes.

I got the quotes, but you also credited me with making it sound like
that. I don't think I did, and if I did it was inadvertent.