Tuesday August 05, 2008 Malte about some of his work at Sun Microsystems, Inc.
| Malte Timmermann's Blog Malte about some of his work at Sun Microsystems, Inc. |
|
|
Tuesday August 05, 2008 Evilgrade and OpenOffice.org - Online updates realy can be dangerous Many people are discussing Evilgrade today - a toolkit for exploiting products which perform online updates in an insecure fashion. The idea of the attack is well described on page 9+10 in this PDF document:
Step 4 is the real issue here. All security aware people know that they NEVER should install any software when they don't know the origin, and without verifying the integrity of the package. This can (and should!) be done by verifying hash sums with values you get from the project's download page. Signing the installation packages would make this step a little bit easier and nicer, but we don't have that right now. So when people should do that, applications of course also MUST do that - unfortunately many, including OOo, don't do it... I hope we will have signed packages for OOo soon: While people can work around the issue with verifying MD5, OOo shouldn't contact some server for getting MD5 values, because the server could be compromised. ( I must admit that this can also happen with the user visiting a fake server which looks identical to the original server... ) Signed update packages seems to be the only viable solution to me. Using HTTPS for contacting the update server would also be a good thing. But that alone wouldn't help, since, even if this is quite unlikely, the faked server could also have some valid certificate. As long as we don't have signed packages, it might be reasonable to use the update check in OOo only to check for updates, and maybe also for downloading them, but not to use the install feature without checking the MD5 sums manually. MD5 sums for OOo releases can be found here: http://download.openoffice.org/md5sums.html This was the technical stuff, so you see the problem is real. The open question is: How likely is it that someone really will be able to control your system's DNS resolution? In the inranet of a company it's very likely, but only the IT department should be able to do that (in theory). For people at home I don't think that the risk is sooo big, but maybe I underestimate that. For home users, it's more likely that they download and run some Trojan horse which does the DNS resolution manipulation locally by modifying the hosts file or running a local DNS server. But then, it's not the next update from some software you have to worry about - you system is already compromised since you did allow some malicious software to run on your system... Posted by Malte Timmermann ( Aug 05 2008, 05:58:26 PM CEST ) Permalink Comments [2]
Wednesday July 23, 2008 Sun Java Communications Suite 6 - now with Convergence AJAX client Jim Parkinson has just blogged about the availability of the new release from the Java Communications Suite. Our messaging server is already well known for being rock solid and for it's great scalability. The new release offers interesting new features for mobile messaging (LEMONADE support). For me, as an end user in this case, the most interesting new feature is the web based mail and calendering client - Convergence. If you are interested, you can find many more details in Jim's blog. Posted by Malte Timmermann ( Jul 23 2008, 10:36:36 AM CEST ) Permalink Comments [0]
Thursday July 17, 2008 StarOffice 9 Beta 2 available! StarOffice 9 is ready for beta testing. If you want to give it a try, you can download it here. One of the biggest "features" is the native Mac support. This is something the people really wanted to have for a while now. You can find some interesting blog postings about the efforts on GullFOSS. Some people might be more interested in the new PDF import, or the nice presenter console. Writer learned a dual page view and has improved handling of notes. Impress has native support for tables now, as defined in ODF 1.2.
Calc has some features for collaborative editing, a new solver tool and improved charting functionality. You see - many improvements worth updating to the new version. Posted by Malte Timmermann ( Jul 17 2008, 07:31:20 PM CEST ) Permalink Comments [0]
Monday June 02, 2008 Big Buck Bunny and Network.com You might have seen all the news about the new open movie called "Big Buck Bunny". I just got aware that it was rendered on our Network.com platform! This is great. You can find a description about how they made use of our computing platform in this article.
Posted by Malte Timmermann ( Jun 02 2008, 03:29:54 PM CEST ) Permalink Comments [0]
Friday May 30, 2008 OpenOffice.org 3.0 on Mac OSX Accessibility Our engineers here in Hamburg are spending a lot of efforts into the native port of OpenOffice.org for the Mac platform. One part of these efforts is to implement the Mac Accessibility APIs, to make OOo as accessible as possible with AT tools. My colleague Peter Korn just wrote a very good blog about this, so instead of duplication all the information, I recommend reading that one if you are interested in the details.
Posted by Malte Timmermann ( May 30 2008, 09:52:09 AM CEST ) Permalink Comments [0]
Wednesday May 21, 2008 Office 2007 won't support ISO's OOXML Reading the announcement that Microsoft will implement ODF in Office 2007, it's also interesting to read that they will NOT support the ISO version of OOXML in Office 2007. Note that, for good reasons, also OpenOffice.org doesn't claim to support OOXML, but to implement import filters for the MS Office 2007 document formats. The new filters will become available in OpenOffice.org 3.0, which is already available as a beta version.
Posted by Malte Timmermann ( May 21 2008, 09:14:30 PM CEST ) Permalink Comments [0]
Microsoft to implement ODF in Office 2007 Here are the news! Sure we can't know how good their ODF support will be, but it's great that they start a native implementation for ODF now, coming with SP2 first half of 2009. Seems, for now, they only plan to have ODF for Word. If this is not enough for you, you are still invited to use our free ODF Plugin for MS Office, which gives you high quality ODF support in Word, Excel and PowerPoint. Posted by Malte Timmermann ( May 21 2008, 08:51:17 PM CEST ) Permalink Comments [0]
Monday May 19, 2008 A better Favorites Menu for OpenOffice.org Some time ago I posted my solution for a favorites menu in OopenOffice.org. This worked fine for me, but was somewhat like a quick hack. You had to configure the menu items in a basic Script - no GUI was assisting you in this. But somebody got aware of it, and started creating a neat bookmark solution with some GUI. I just gave the Bookmarks Menu Extension a try and decided to get rid of my own script - hanya's solution is much more convenient to use, thanks! Posted by Malte Timmermann ( May 19 2008, 11:21:14 AM CEST ) Permalink Comments [0]
Monday May 05, 2008 Sun ODF Plugin 1.2 available now We have just released version 1.2 of our Sun ODF Plugin for Microsoft Office. There are many improvements to the filters, especially in Word, so it's really worth downloading it. Posted by Malte Timmermann ( May 05 2008, 05:19:58 PM CEST ) Permalink Comments [5]
Wednesday March 26, 2008 Document Freedom Day Today is Document Freedom Day! This is great. And because it is about open document standards, it's mainly about ... yes, the Open Document Format (ODF), as you can read at the Document Standards page.
Posted by Malte Timmermann ( Mar 26 2008, 03:03:55 PM CET ) Permalink Comments [0]
Thursday March 20, 2008 Back from CSUN Last week I was attending the CSUN conference - probably the biggest and most exciting Accessibility conference in the world. The different presentations made it clear: Web Accessibility, ARIA and AJAX are still very hot topics. For Windows Accessibility, IAccessible2 is still making a lot of progress. Some Screen Readers already have support for it, and I hope we will have it in OpenOffice.org soon. I gave a small talk in an IAccessible2 session, my presentation can be found here. Of course I have used the cool PDF export in OpenOffice.org, which allows you to create well accessible, tagged PDF. Unfortunately, creating tagged PDF is not the default, because of the increased file size. I hope we will change the default eventually. For now, use the "Export as PDF..." menu item in the file menu, which will give you a dialog where you can check the option to create tagged PDF. The tool bar item skips this dialog. In parallel to IAccessible2 on Windows, we are also working on support for the Mac OS X Accessibility Framework! We have shown the latest builds to some AT vendors, and it seems they are very exited about this. From what I heard, not many applications on Mac OS X have good support for this right now. So with all our Accessibility work going on, I am very confident that OpenOffice.org 3.x will be very accessible on many different platforms, with native support for the platform specific Accessibility frameworks!
Posted by Malte Timmermann ( Mar 20 2008, 07:12:47 PM CET ) Permalink Comments [0]
Thursday March 06, 2008 OpenOffice.org goes LGPL v3! OpenOffice.org will switch to LGPL v3 with the upcoming OOo 3.0 Beta. Beside that, we will also exchange the old Joint Copyright Assignment (JCA) with the Sun Microsystems Inc. Contributor Agreement (SCA), which has some advantages for contributors. This change is effective immediately. More details can be found here. Posted by Malte Timmermann ( Mar 06 2008, 08:02:10 PM CET ) Permalink Comments [0]
Thursday February 07, 2008 OpenOffice.org runs on OLPC! J David Eisenberg wrote an email to the OASIS OpenDocument Format (ODF) Adoption TC, confirming that OpenOffice.org can be used on the OLPC. So you can use all kind of documents on your OLPC, since OpenOffice.org has filters for many different formats! Needles to say that of course this includes ODF files, even in a stripped down (USB stick optimized) OOo installation, since ODF is OOo's default file format. BTW: Most likely you don't need the JRE - OpenOffice.org uses Java only for some of the seldom used Wizards. So if the JRE doesn't fit on your USB stick, just go without it. Posted by Malte Timmermann ( Feb 07 2008, 12:24:51 PM CET ) Permalink Comments [0]
Monday January 14, 2008 Nice ODF article I just stumbled over the article "Dispelling Myths Around ODF" from Erwin. Really worth reading, IMHO...
Posted by Malte Timmermann ( Jan 14 2008, 12:34:24 PM CET ) Permalink Comments [0]
Wednesday December 12, 2007 Sun ODF Plugin 1.1 now fully working with Microsoft Office 2007! I just learned from Brian Jones that Microsoft has fixed a bug with Office 2007 SP1, which hindered the Sun ODF Plugin to work with Word 2007. I gave SP1 a quick try, and - it's working now! If you are interested in the details, just look at my older ODF Plugin FAQ and Brian's comments. This is really great news, and I am sure Brian took care that this would really be fixed with SP1 - thanks for this! If you already have the Sun ODF Plugin (and Office 2007) installed, just install SP1 and that's it. If you haven't installed the ODF Plugin yet, you can find it here. Posted by Malte Timmermann ( Dec 12 2007, 03:35:29 PM CET ) Permalink Comments [8]
Wednesday December 05, 2007 OpenOffice.org 2.3.1 is there OpenOffice.org 2.3.1 is available for download now. In addition to many fixes it also contains a security fix, so you really should consider updating.
Posted by Malte Timmermann ( Dec 05 2007, 10:00:03 AM CET ) Permalink Comments [2]
Thursday October 04, 2007 OpenOffice.org Project and Community Just found this interesting blog entry from Jim Parkinson and wanted to share with you:
Posted by Malte Timmermann ( Oct 04 2007, 07:35:53 PM CEST ) Permalink Comments [0]
Tuesday October 02, 2007 Sun ODF Plugin 1.1 for Microsoft Office available now! The newest version of our ODF Plugin for Microsoft Office is available, you can find it here. We have fixed the installation problem that occurred on some systems, and have made many improvements to the filters. The biggest difference compared to 1.0 is that we have support for different languages now! It's still just one package to download and install, but the Plugin will detect the languages from your MS Office and your Windows installation. When support for that language is available, the Plugin UI within MS Office will use you current MS Office language, while the menus and dialogs in the system tray use the language from your operating system. If your language is not supported, the fall back is English. Posted by Malte Timmermann ( Oct 02 2007, 07:30:11 PM CEST ) Permalink Comments [25]
Thursday August 23, 2007 Some facts about the development of ODF I just stumbled over a quite new blog entry from my colleague Erwin - a really good one, I think! It clarifies some things about the development process of ODF. Read it, and I am sure after that you will also ask yourself why Microsoft started it's own XML document format, instead of simply participating in the development of ODF...
Posted by Malte Timmermann ( Aug 23 2007, 11:49:40 AM CEST ) Permalink Comments [0]
Monday August 20, 2007 Accessibility on Linux via Orca - OpenOffice.org and other... Darragh Ó Héiligh, a blind Linux user in Ireland, has just posted an audio introduction of Fedora Linux with Orca. My colleague Peter Korn has a nice summary of this in his blog.
I especially like the final comment. After noting the responsiveness of Orca with TTSynth and OpenOffice.org: "It's just getting the job done faster than it is in Windows." I like it for many reasons
Posted by Malte Timmermann ( Aug 20 2007, 12:01:26 PM CEST ) Permalink Comments [0]
Thursday August 16, 2007 A Favorites Menu in StarOffice / OpenOffice.org I wonder if I am the only person missing such a feature. There are a few documents which I need quite regularly. Unfortunately they are sometimes not in the recent file list when I need them, and it's also nice to have some special bookmarks for them.
So why wait for it?! It's easy to extend or customize OpenOffice.org via macros and extensions, so I created a simple macro to get my favorites menu. If you are interested, you can find the macro in the OpenOffice.org Wiki. Simply copy&paste the macro text into the standard library from OpenOffice.org or StarOffice ( Tools / Macros / Organize Macros / StarOffice Basic => My Macros ) To have the menu automatically all the time, simply go to "Tools / Customize... / Events", and add "InsertFavoritesMenu" to "Start Application". On the bottom of the dialog, make sure to save the information with the application, not with the current document. This is not the optimal implementation, but it works for me and didn't take much time. Things to improve:
Any volunteers? ;) Posted by Malte Timmermann ( Aug 16 2007, 02:52:39 PM CEST ) Permalink Comments [16]
Tuesday August 14, 2007 StarOffice 8 included in Google Pack now! Since last weekend, StarOffice 8 is part of the Google Pack! This means that you get all the licensed 3rd party stuff that is part of StarOffice, but not of OpenOffice.org. These things include high quality fonts, commercial spell checker and thesaurus as well as additional templates. And it comes with our brand new Google Search Bar! Really a big value add for the Google Pack, IMHO... Posted by Malte Timmermann ( Aug 14 2007, 05:05:15 PM CEST ) Permalink Comments [3]
Friday July 27, 2007 China - first impressions I am here the 5th days now, so it's time for a blog with my first impressions about China/Beijing. Beijing itself is really big, and I didn't expect so much traffic,
and Smog. I always thought there would be more bicycles than cars. And it's really very warm here... The food is really great. I tried a lot of different things right now, and everything was very tasty. It's really different compared to Chines restaurants in Germany - not only the taste, but also the way you eat it. The people here eat everything(!) with chop sticks. With chop sticks, the most difficult things for me right now have been the loin ribs, and the Beijing duck.You don't simply eat the duck, you wrap that with some vegetable and sauce into small pancakes - of course only by using your chop sticks. And if you managed that, try to pick up that roll, which is not very stable, with your chop sticks... This week end, It's time to see Great Wall and Forbidden City... The company (Redflag Chinese 2000) does a really great job with organizing everything for me. Somebody is picking me up every morning, so I find my way. You might think it would be easy to use a taxi and simply drive on your own, but until now none of the taxi drivers knew how exactly to find the company. It's located in a new area in the south of Beijing. I am giving technical presentations or talks every day, so I think the developers understand a lot of things much better now. Too bad that a lot of information can't be found on the OpenOffice.org site, because it's only in the head of our developers... Posted by Malte Timmermann ( Jul 27 2007, 09:19:58 AM CEST ) Permalink Comments [2]
Monday July 23, 2007 Going China I just arrived in Beijing! I am here to work with Redflag Chinese 2000 for the next 2 weeks. We will talk about OpenOffice.org Architecture and different other things, and I'm really curious about working here for some time. It will be a completely new experience to work in a Chinese company. At least I am prepared that there might be many differences compared to working for Sun in Germany or in USA. And of course I am also happy that I have some time to visit different places, like the Chinese Wall or the Forbidden City...
Posted by Malte Timmermann ( Jul 23 2007, 09:32:25 AM CEST ) Permalink Comments [4]
Tuesday July 17, 2007 Sun ODF Plugin Installation Issue + Work Around We got the feedback that on some systems the converter doesn't start, and you get the following error message: "Word cannot open the converter textconverter". If you experience this problem, please copy the file "msvcr71.dll" from the Plugin directory into your windows system directory. In a standard installation of the Plugin, you can find the dll in "C:\Program Files\Sun\Sun ODF Plugin for Microsoft Office 1.0\program". Your system directory is typically c:\windows\system32. Alternatively you can enhance your PATH environment variable to include the Plugin program directory.
Posted by Malte Timmermann ( Jul 17 2007, 04:12:50 PM CEST ) Permalink Comments [0]
Friday July 06, 2007 How to give Feedback on the Sun ODF Plugin? Some people ask in blog comments, forum discussions and other places how to give feedback on the ODF Plugin. Well - all current support and feedback options are described in the readme! I know, I also don't read readme's, but sometimes this can help... Posted by Malte Timmermann ( Jul 06 2007, 02:21:34 PM CEST ) Permalink Comments [0]
Wednesday July 04, 2007 Sun ODF Plugin 1.0 for Microsoft Office FAQ OK, the Sun ODF Plugin is now available, and people have some questions...
Q: What's the difference between this release and the "Technology Preview" version of the Plugin? A: There are 3 big differences between these versions:
Q: Why doesn't it support Office 2007? A: Well, basically, it does, but there is an issue in Word's 2007 Filter API handling. You can save to ODF, but when you try to open ODF, Word ignores the installed filters and tries to open with it's own filters. Of course Word can't, so you get an error message "The Office Open XML file <name> cannot be opened because there are problems with the content". This even happens if you explicitly select the ODF filter! I hope Microsoft will fix this issue with the next service pack. If not, we will work around this bug by doing the same kind of integration like in PowerPoint and Excel.
Q: Is it really free? A: Yes, it is! Of course, if you desire - Sun is also offering Support and Service contracts for this. It's a Sun product, and as such, we will actively support and maintain it for many years.
Q: What about localized versions? A: We are just working on a localized version. The plan is to have only one MUI (Multi User Interface) version, which will detect and use the language that you are using in MS Office.
Q: What's the difference between the Sun Plugin and the "OpenXML/ODF Translator" on SourceForge.net ? A: There are many..
Posted by Malte Timmermann ( Jul 04 2007, 12:24:58 PM CEST ) Permalink Comments [22]
Tuesday July 03, 2007 Sun ODF Plugin 1.0 for Microsoft Office available now! The Sun ODF Plugin for Microsoft Office enables users of Microsoft Word, Excel and PowerPoint to read and write documents in the ISO-standard Open Document Format (ODF). Supported versions are Microsoft Office 2000, XP and 2003. Read the spotlight on www.sun.com/staroffice, or simply download it and give it a try. It's free, no registration needed!
Posted by Malte Timmermann ( Jul 03 2007, 05:04:56 PM CEST ) Permalink Comments [6]
Monday June 18, 2007 The problem with shipping 3rd party libraries with your product The latest releases of StarOffice and OpenOffice.org contain 2 security fixes. Some information about this can be found in the Sun Alerts 102917 and 102967. 102967 reminds me that we should have a closer look on what 3rd party libraries we ship with the next major versions. There are 3 reasons for shipping these libraries with SO/OOo, instead of making them a system requirement: 1) It's convenient for the user. Just download and install the productivity suite, don't care about additional downloads and installations. 2) Modified versions. In some cases SO/OOo ship
modified versions of 3rd party libraries, because we made some bug
fixes which are not available in the official versions from that
library right now. 3) No problems with ABI compatibility. Sometimes 3rd party libraries
change in a way that they become incompatible with current versions of
SO/OOo. Sometimes even in a way that the users doesn't recognize it
immediately (application still starts), but some things behave
differently (and wrong). Item #5 is exactly what we are talking about here...
Posted by Malte Timmermann ( Jun 18 2007, 02:18:38 PM CEST ) Permalink Comments [0]
Tuesday June 12, 2007 OpenOffice.org 2.2.1 released! OpenOffice.org 2.2.1 is available now, containing some bug fixes, including some for security issues. Please find the details in the Release Notes, and download the latest and greatest version here. Posted by Malte Timmermann ( Jun 12 2007, 05:41:03 PM CEST ) Permalink Comments [0]
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
