[LINK] OpenOffice.org less secure than Microsoft Office?

Karl Auer kauer at biplane.com.au
Wed Jul 19 17:13:05 AEST 2006

On Wed, 2006-07-19 at 16:22 +1000, Deus Ex Machina wrote:
> OpenOffice.org less secure than Microsoft Office?
> http://arstechnica.com/news.ars/post/20060718-7288.html

I'm puzzled by the article. My French isn't up to reading it direct, and
of course the article quoted is based on another article rather than the
research itself, but in the Ars Technica article we see these two bits:

"Eric Filiol showed some off some malevolent code the Ministry had
developed in order to discover the weak points of both office suites." 

"Lt. Col. Filiol notes that the problems are conceptual, rather than due
to sloppy coding. "We did not exploit security holes," he said.

The first quote implies that they had developed code capable of doing
actual damage, and demonstrated that damage being done. The second quote
says that they "did not exploit security holes", which is inconsistent
with the first quote. Or does he mean that they are not holes so much as
deliberate weaknesses (i.e., they took advantage of a feature that can
be misused)?

The second quote seem to be saying that there are no *actual* problems
(e.g (or i.e.) security holes) but rather that the design of OO is such
that it can somehow be abused in spite of there being no security holes.

All this is very confusing. It smacks, in fact, of a beatup.

Can anyone find out more from the French side?

Regards, K.

Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/                  +61-428-957160 (mob)

More information about the Link mailing list