TipAdept Dot Com

Despite the approval of Microsoft's Open Office XML standard by two international standards bodies, the document format is not yet on stable ground. India and Brazil have joined South Africa in contesting the approval, standards officials revealed.

"By the deadline last night (Thursday), we had received three appeals, from Brazil, India and South Africa," said Jonathan Buck, spokesperson for the International Electrotechnical Commission. The IEC, along with the International Organization for Standardisation, is responsible for the technical committee that approved OOXML.

"The (Brazilian) appeal was not lodged in the correct procedure -- it was not sent to the CEOs of the two organizations -- but nonetheless it has been received," Buck said, adding that it will be treated in the same way as the Brazilian and South African appeals.

Process Criticized

The process in which the Joint Technical Committee approved OOXML has been roundly criticized, especially by countries with strong open-source communities. OOXML was approved in a "fast track" process in which a ballot-resolution meeting is called when a proposal is rejected on the technical merits. At that meeting, the criticisms are discussed and improvements made.

At the February ballot-resolution meeting, delegates had just five days to address more than 1,000 complaints about the proposed standard. The changes were voted on without discussion, but since that rushed approval the JTC has delayed publishing the approved spec. Now, a month after the deadline, the final draft is still not published.

Technology lawyer Andy Updegrove, who writes about standards on the Standards Blog, reported that Brazil and South Africa are both objecting to the failure to publish the reconciliation draft. "Despite the fact that this release has been requested by many different parties representing multiple viewpoints, no public or private explanation has thus far been given for the failure to follow rules calling for the release of...

Teenage hackers temporarily hijacked and defaced several Comcast Web sites and redirected user e-mail in an exploit that appears to expose fundamental weaknesses in the Internet's Domain Name System. The hackers, known as Defiant and EBK, apparently used "social engineering" -- persuading insiders to hand over account information -- to break into Comcast's account at domain registrar Network Solutions.

Comcast.net -- Comcast's main Web site -- was down for more than two hours, sporting a pink-on-white message that "KYROGENIX Defiant and EBK RoXed COMCAST sHouTz To VIRUS Warlock elul21 coll1er seven."

In addition, the WHOIS database of domain ownership spewed out a stream of obscenities when queried for information on Comcast sites.

Domain Jacking

Andrew Storms, director of security operations at nCircle Network Security, explained the nature of the exploit in an e-mail. "While we haven't seen all the details on exactly what did transpire, more than likely the hackers performed what would be considered a well-known and understood attack called domain hijacking," Storms said.

"The persons who maintain control over the centrally housed domain-name information with a registrar have the ability to control the DNS information for that domain. Once you have control over DNS, it's quite simple to propagate information into the Internet, telling computers where a Web site can be found."

In essence, the hackers could reroute the proper IP address for comcast.net to some other IP address -- and every time Comcast corrected the information, the hackers were able to reroute the domain.

'Really Bad'

It doesn't appear that the hackers did much more than deface Comcast's Web site and interrupt users' access to e-mail. With the level of control they had, "they could have done a lot worse," Storms said. "Instead of displaying a defacement, they could have just as easily used their control to set up a fake Webmail site...

Having successfully completed the much-publicized 700-MHz wireless spectrum auction, the Federal Communications Commission is now planning its next auctions.

According to a story in Thursday's Wall Street Journal, one of those plans includes a free wireless Internet. The winner of the auction for those frequencies would make broadband wireless Internet available to most of the U.S. Although details of the plan have not been worked out, there are reports that the FCC plan would mandate that the frequencies could not transmit everything the wildly diverse Internet could offer, such as pornography.

The D Block

Another plan for a new auction would be directed at getting a winning bid for the D Block. That group of frequencies was not sold at the last auction, as the minimum bid of $1.3 billion was not reached. Under FCC rules, the buyer would need to allow part of the spectrum to be used by public-safety agencies.

As a run-up to the D-Block reauction, the FCC has been taking comments from industry, public safety, and academics on how the rules for the D Block might be revised to attract higher bids. According to news reports, many public-safety groups, such as the Association of Public-Safety Communications Officials-International and the National Emergency Number Association, as well as some members of Congress are suggesting that the FCC keep the same public-private partnership as previously required.

This requirement seeks to guarantee that broadband communications between government agencies have national coverage and interoperability by requiring the commercial operator to make the frequencies available in the event of emergencies.

'Doesn't Seem Realistic'

Some observers are suggesting that the D-Block price was too high, while others are suggesting that the private-public partnership requirements were not clearly defined. Bill Ho, an analyst with industry research firm Current Analysis, said the basic issue needs to be addressed -- that bidders...