I noticed a Technet Blog mentioning that OpenOffice is being made available free via the latest Sun Java update.

Reading further into the blog entry and the following fun and games begin:

Before you’re tempted to install this, maybe consider the following…

Read this for a business perspective which can help understand the “productivity software” claims, for sure a contradiction in terms!!!

Microsoft Office Word 2007 and OpenOffice.org 2.2.0 Mail Merge Comparison

“I was recently employed part time by a charity which uses OpenOffice. A longtime Microsoft Word, etc., user…Mailmerge!! It only took you fifty minutes! Congratulations. It’s taken me hours and hours of puzzling to the point of neurosis and I’m no nearer success.”

And thus begin the attempts at inserting Fear Uncertainty and Doubt. Note that the Mail Merge Comparison was performed by the same blog author on Tuesday, May 08, 2007. Also note that the comparison was between OpenOffice 2.2.0 and Word 2007I have no doubt that Office 2007’s mail merge went nice and smoothly - after all the software was written by the same company which produces the SQL server that the two different products have to access. Note also the choice quote from that same entry.

Nice way to try to introduce FUD about a competing product, by the way, citing a product comparison article from 5 months ago and ignoring the fact that the latest OpenOffice release is now at version 2.3 - released 4 weeks before this TechNet blog entry was written - and containing many enhancements and improvements over version 2.2.0. The inclusion of the scary quote is a nice touch too. ;)

The blog entry continues…

And from a consumer perspective, would you open the door to anyone and let them in without checking first?

Proof-of-concept virus gives insight into OpenOffice.org security failings

“…it exhibits some unusual properties that provide insight into the security failings of OpenOffice and reveal attack vectors that could potentially be used in the future. The most notable aspect of the BadBunny virus is its cross-platform nature. It can successfully infect Windows, Mac OS X, and Linux systems and is capable of propagating itself on both Windows and Linux.”

Hello, Pot? Kettle here! :D

Really, that is just plain cheeky. The sheer amount of macro viruses affecting Office products is frankly staggering. Compare that to this one example of a proof-of-concept virus that was proved to be pretty harmless at that. The wording “OpenOffice security failings” is pretty rich too, considering the above, and is cleverly designed to create a feeling of Fear in the mind of the reader.

Anyone competent knows that incorporating a macro programming language within a software product will introduce security holes. Anyone who knows how to use that macro language can think up ways of using file access calls, directory access calls to create a bit of mayhem on a user’s machine. Here’s an article which debunks the OpenOffice macro virus reportings, which you should read if you have any doubt about OpenOffice caused by the techNet blog.

Oh, with regards to the other scary quote :

“The most notable aspect of the BadBunny virus is its cross-platform nature. It can successfully infect Windows, Mac OS X, and Linux systems and is capable of propagating itself on both Windows and Linux. “

… isn’t that because OpenOffice is truly cross-platform, and not just limited to running on Windows and Mac systems? Imagine if Microsoft released Office which ran natively on a Linux distribution, bringing along with all those Office macro viruses with it. Ewww.

You should read this article : Frequently asked questions about Word macro viruses : from Microsoft’s own tech support pages no less. Note that this also affects Office 2007 ;)

And to be completely fair, compare this to the OpenOffice Security FAQ, and you’ll see that in fact there are similar factors to be careful about when using either Office or OpenOffice macros.

Actually, the FUD attempt is a rather weak affair when you really take a look at it with a critical eye. That doesn’t make it any the less enjoyable to debunk though ;)