OX Blog

ODF and Open-Xchange’s Commitment to Open Standards

Written by Vittorio Bertola | May 2, 2020

A few days ago, OASIS finally approved and released a new version of the Open Document Format – ODF v1.3.

This is yet another milestone in the long story of open document formats, which, in its modern form, dates back to almost twenty years ago, when people from multiple projects and backgrounds felt the need for an alternative to a single dominant commercial office suite and to its proprietary files. By adopting a common, open format for documents, users could avoid being locked forever into a single application and vendor, and alternatives could emerge, creating competition, innovation and user choice.

The availability of an open document format was also a key for the establishment of open alternatives to Microsoft Office. Where many software corporations failed, the free software community succeeded; the OpenOffice and LibreOffice projects allow hundreds of millions of people to use open document formats for all of their needs.

Open-Xchange, as a proud open source company, is always supportive of open formats and open standards. As part of OX App Suite, OX Documents is an office suite conceived since the start for online use and collaboration. It is created by members of the former OpenOffice development team, it incorporates years of work in making it modern, complete, effective and optimized for the web, and it is fully interoperable with the ODF format.

When, a few months ago, we learned that a crowdfunding effort had been launched to enable the publication of the next version of ODF, we felt compelled to give our contribution. We thus decided to donate to the COSM project – the community of ODF specification maintainers. Together with all the other donors, we contributed to pay for the professional work necessary to formalize and shepherd the new specification throughout the official standardization process at OASIS.

We congratulate all the people that put significant effort into getting this done, including a lot of volunteers throughout the planet. We have now started to look into the new specification, as we want to keep OX Documents interoperable with ODF as far as our features are supported by the format. We will continue our commitment to open formats and open source applications, and we will work with the ISP and telecommunication industries to make open alternatives to the closed platforms available to as many users as possible. We think that this is the only way to build a better Internet for everyone.

 

By John Broomfield, VP Marketing at Open-Xchange

Following on the success of various events in 2019, we plan to continue the momentum into 2020 with a number of exciting events. Besides our own OX Summit in Europe, we’ll be participating in various IT and open source industry events and venues.

Here is an overview of some highlights in 2020:

 

Mobile World Congress

Barcelona, February 24-27

At MWC in February we planned to demonstrate, to telcos and mobile operators, how they can stay relevant in today’s crowded market with value-added services, based on Open-Xchange's mail and DNS solutions. We were particularly excited to introduce the latest beta release of OX COI Messenger and collect feedback. Unfortunately, the Coronavirus put a damper on this plan, and we have had to pull out in order to minimize the risk to the safety and wellbeing of all the OX folks who were scheduled to attend.

If you are a developer interested in checking out OX COI Messenger you can find more information here:

COI-Dev.org

 

CloudFest

Rust, March 14-19

Welcome to our booth at CloudFest 2020. CloudFest embraces and celebrates the cloud industry, showcasing everything new and exciting in technology and internet innovation. Join us in a place where like-minded thinkers and visionaries collaborate to move beyond the hype and push the cloud industry forward.

Learn more

 

OX Summit 2020

Europe, October

Over the last decade Open-Xchange has become a trusted partner to more than one hundred of the world’s leading service providers and telecommunications companies.

Our annual customer and partner gathering at OX Summit is your opportunity to join experts from telco, mobile, hosting and cable carriers to discuss the product developments, business intelligence and technology standards that are shaping innovation in our markets today.

More information to be announced soon.

 

Besides these key events, we will also be attending more than 15 other events across the world in 2020.

To stay up to date on where we plan to be and maybe set up a meeting with us you can find the latest event schedule here on our events page.

 

By Martin Heiland, Information Security Officer at Open-Xchange

Open source software (OSS) presents both a risk and an opportunity when it comes to information security. It is very different from handling proprietary, closed-source software and services, where consumers have no choice but to unconditionally trust the vendor to do the right thing. Relying on vendor assurances alone has often proven unreliable. 

With OSS, however, the vast ecosystem of contributors, methods and software components allows for rapid development and quick time to market, as well as a valuable feedback channel. OSS doesn’t actually improve security by publishing code alone, but by building a community that helps enforce transparency and continuous improvement. 

It can also be hard to predict the operational risks of some OSS components. Maintenance for more niche components may come to an end, for example, or maintainers go rogue. This is why it’s essential to monitor sources closely and evaluate their maturity. You can also use automated tools to check for known security issues on external components and update them when necessary. Agile methodologies make it much easier to do this efficiently and build security awareness into the daily routine of an organisation.  

Components aren’t the only OSS security consideration. Many organisations use third-party sources to set up their service infrastructure, for example, pulling Dockerfiles from a public repository. This introduces the same risk at a different level, as malicious code could get injected right to the core of the development or service operations lifecycle. 

Deploying locked-down, unmonitored and outdated IoT devices across an organisation is another disaster waiting to happen. Even if the software running there is usually OSS, the user is fully dependent on the vendor to take care about patching vulnerabilities – and, we now know that security is not part of most suppliers’ business models. 

Open-Xchange encourages users to provide direct feedback on security issues within OX products, including external components that are being used.  We aim to maintain a very low barrier of entry to do so and compensate security researchers through our ‘bug bounty programme’, as well as professional penetration tests. And, of course, being part of the OSS community works both ways – at the same time Open-Xchange looks out for vulnerabilities in external components and reports them to the affected projects.