SlideShare a Scribd company logo
Cosa hanno in comune un
mattoncino Lego e la backdoor
XZ?
Marina Latini
Interoperability
Interoperability is the ability of
information and communication
technology (ICT) systems, as well
as of the business processes they
support, to exchange data and
enable the sharing of information
and knowledge.
European Interoperability
Framework, IDABC
Standard and Interoperability
Standards for Interoperability
• A key reason for the development of ICT standards is to
facilitate interoperability between products in a multi-
vendor, multi-network and multi-service environment
• In addition, standards need to be designed and tested
to ensure that products and services complying with
them do indeed achieve interoperability
Perfect Interoperability is Easy *
* but Very Expensive
Automation
Manual Editing
Manual rewrite of the
entire document
Benefits of Interoperability
• Users have a much greater choice of products
• Manufacturers can benefit from the economies of scale
of a wider market
• Interoperability is therefore a crucial factor for the
success of modern technologies
Organisational
Semantic
Syntactic
Technical
Interoperability Process
Two or more systems can communicate and exchange data. This will typically
happen with secure communication via standardised communication protocols.
Processing data using standardised data exchange formats. Typical technology
adopted is XML.
Processing and interpretation of data with a degree of understanding of the data.
Typical technologies are semantic descriptions, XSD and ontologies.
Government agencies process and exchange each others data even if they use
differing platforms and systems. Typical technologies are architectural models,
process descriptions and interface technologies.
Organisational
Semantic Semantic
Syntactic Syntactic
Technical Technical
Organisational
Where Are We with Interoperability?
Standard communication protocols
OK
Standard document and file formats
OK
Semantic descriptions and ontologies
Technology scoundrels
Business processes
Resistance to change
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Standard Document Formats
What is a Standard?
• A document, established by consensus and approved by a
recognized body, that provides rules, guidelines or characteristics
for activities or their results, aimed at the achievement of the
optimum degree of order in a given context, for common and
repeated use
• Standards should be based on the consolidated results of
science, technology and experience, and aimed at the promotion
of optimum community benefits
ISO/IEC Guide 2:2004 "Standardization
and Related Activities - General Vocabulary"
Digital Document
• Can be used only by those who have access to the
decoder
• Primary purpose of a digital document is to use it in the
future
• It should be readable and interpretable as long as
possible, and ideally forever
When the Decoder is Proprietary
• Your own ideas, encoded in a digital document, are at
the mercy of the owner of the decoder
• You have lost your right to access and read your own
documents in the future
• This possibility is dangerous for a digital society
The World Without Standards
• Products might not work as expected, and may be of inferior
quality
• They may be incompatible with other equipment and they may
not even connect with them
• In extreme cases, non-standardized products may be dangerous
• Customers would be restricted to one manufacturer or supplier
• Manufacturers would be obliged to invent their own solutions to
even the simplest needs
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Document Liberation Project
https://www.documentliberation.org/
Open Document Format
ODF ISO Standard
Open Document Format
the true document
standard
which offers freedom of
choice
• ODF is solid and robust
• ODF is consistent across OS
• ODF is truly interoperable
• ODF is predictable
• ODF is a better standard file format
for users of personal productivity SW
Basic Concepts
Open Document Format
• Independent from a single product: anyone can write a
software that handles an open format
• Interoperable: allows the transparent sharing of data
between heterogeneous systems
• Neutral: it does not force the user to adopt – and often buy
– a specific product, but leaves a wide choice based on
features/quality vs price ratio
• Perennial: protects user developed contents from the
“evolution” based obsolescence of technology
SW
Content
Old Style
Content closely related to the
application used to create it
Controlled by the application
developer and not by the user
SW SW SW
Content
New Style
Content represented through an open standard
which is not controlled by a single vendor, so many
applications can create and modify it
Controlled by the user and not by the software vendor
ODF Based Interoperability
Characteristics of an ODF File
• ZIP file (regardless of extension)
• Set of XML files describing the content of the file and the
presentation (the platform displays what is described by the XML
file)
• XML, a standard language, simplifies both the description and
the access to the contents of the file
• Same set of XML files for all applications (text, spreadsheet,
presentation, etc.)
• Binary files are used only for images and multimedia
...and what about XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
XZ backdoor: timelines / summaries
• https://boehs.org/node/everything-i-know-about-the-xz-backdoor
• https://research.swtch.com/xz-timeline
• https://pentest-tools.com/blog/xz-utils-backdoor-cve-2024-3094
Thank You !
Marina Latini
marina.latini@libreoffice.org

More Related Content

Similar to Cosa hanno in comune un mattoncino Lego e la backdoor XZ?

Connected Health: The Importance of Systems Integration
Connected Health: The Importance of Systems IntegrationConnected Health: The Importance of Systems Integration
Connected Health: The Importance of Systems Integration
UBMCanon
 
20140410 ifla digitization workshop [idlc kuala lumpur]
20140410 ifla digitization workshop [idlc kuala lumpur]20140410 ifla digitization workshop [idlc kuala lumpur]
20140410 ifla digitization workshop [idlc kuala lumpur]
Frederick Zarndt
 
Digital Preservation Policies - SCAPE
Digital Preservation Policies - SCAPEDigital Preservation Policies - SCAPE
Digital Preservation Policies - SCAPE
SCAPE Project
 
ERA CoBioTech Data Management Webinar
ERA CoBioTech Data Management WebinarERA CoBioTech Data Management Webinar
ERA CoBioTech Data Management Webinar
FAIRDOM
 
Course Tech 2013, Dan Shoemaker & Ken Sigler, Engineering a More Secure Softw...
Course Tech 2013, Dan Shoemaker & Ken Sigler, Engineering a More Secure Softw...Course Tech 2013, Dan Shoemaker & Ken Sigler, Engineering a More Secure Softw...
Course Tech 2013, Dan Shoemaker & Ken Sigler, Engineering a More Secure Softw...
Cengage Learning
 
Collins, Hammer, Jones, and Lagace "NISO Update: Interoperability of Systems:...
Collins, Hammer, Jones, and Lagace "NISO Update: Interoperability of Systems:...Collins, Hammer, Jones, and Lagace "NISO Update: Interoperability of Systems:...
Collins, Hammer, Jones, and Lagace "NISO Update: Interoperability of Systems:...
National Information Standards Organization (NISO)
 
DITA Interoperability
DITA InteroperabilityDITA Interoperability
DITA Interoperability
Kristen Eberlein
 
Presentation on digital documentation
Presentation on digital documentationPresentation on digital documentation
Presentation on digital documentation
MuHammad ZaHid AJ
 
MHEG
MHEGMHEG
e-infrastructural needs to support informatics
e-infrastructural needs to support informaticse-infrastructural needs to support informatics
e-infrastructural needs to support informatics
David Wallom
 
Design patterns
Design patternsDesign patterns
Design patterns
ACCESS Health Digital
 
oneM2M - Release 1 Primer
oneM2M - Release 1 PrimeroneM2M - Release 1 Primer
oneM2M - Release 1 Primer
oneM2M
 
Top Down Network Design - ebrahma.com
Top Down Network Design - ebrahma.comTop Down Network Design - ebrahma.com
Top Down Network Design - ebrahma.com
Pawan Sharma
 
Chap 5 software as a service (saass)
Chap 5 software as a service (saass)Chap 5 software as a service (saass)
Chap 5 software as a service (saass)
Raj Sarode
 
Open Source in Government / Graham Taylor
Open Source in Government / Graham TaylorOpen Source in Government / Graham Taylor
Open Source in Government / Graham Taylor
Paris Open Source Summit
 
Using Checker Software for Clear, Concise and Consistent Content | Berry Braster
Using Checker Software for Clear, Concise and Consistent Content | Berry BrasterUsing Checker Software for Clear, Concise and Consistent Content | Berry Braster
Using Checker Software for Clear, Concise and Consistent Content | Berry Braster
LavaConConference
 
Unit - 1.pptx
Unit - 1.pptxUnit - 1.pptx
Unit - 1.pptx
arjun431527
 
chapter10.pptx
chapter10.pptxchapter10.pptx
chapter10.pptx
KaltoumRoblehjiir
 
DU_SERIES_Session1.pdf
DU_SERIES_Session1.pdfDU_SERIES_Session1.pdf
DU_SERIES_Session1.pdf
RohitRadhakrishnan8
 
Proact story on Archiving
Proact story on ArchivingProact story on Archiving
Proact story on Archiving
Proact Netherlands B.V.
 

Similar to Cosa hanno in comune un mattoncino Lego e la backdoor XZ? (20)

Connected Health: The Importance of Systems Integration
Connected Health: The Importance of Systems IntegrationConnected Health: The Importance of Systems Integration
Connected Health: The Importance of Systems Integration
 
20140410 ifla digitization workshop [idlc kuala lumpur]
20140410 ifla digitization workshop [idlc kuala lumpur]20140410 ifla digitization workshop [idlc kuala lumpur]
20140410 ifla digitization workshop [idlc kuala lumpur]
 
Digital Preservation Policies - SCAPE
Digital Preservation Policies - SCAPEDigital Preservation Policies - SCAPE
Digital Preservation Policies - SCAPE
 
ERA CoBioTech Data Management Webinar
ERA CoBioTech Data Management WebinarERA CoBioTech Data Management Webinar
ERA CoBioTech Data Management Webinar
 
Course Tech 2013, Dan Shoemaker & Ken Sigler, Engineering a More Secure Softw...
Course Tech 2013, Dan Shoemaker & Ken Sigler, Engineering a More Secure Softw...Course Tech 2013, Dan Shoemaker & Ken Sigler, Engineering a More Secure Softw...
Course Tech 2013, Dan Shoemaker & Ken Sigler, Engineering a More Secure Softw...
 
Collins, Hammer, Jones, and Lagace "NISO Update: Interoperability of Systems:...
Collins, Hammer, Jones, and Lagace "NISO Update: Interoperability of Systems:...Collins, Hammer, Jones, and Lagace "NISO Update: Interoperability of Systems:...
Collins, Hammer, Jones, and Lagace "NISO Update: Interoperability of Systems:...
 
DITA Interoperability
DITA InteroperabilityDITA Interoperability
DITA Interoperability
 
Presentation on digital documentation
Presentation on digital documentationPresentation on digital documentation
Presentation on digital documentation
 
MHEG
MHEGMHEG
MHEG
 
e-infrastructural needs to support informatics
e-infrastructural needs to support informaticse-infrastructural needs to support informatics
e-infrastructural needs to support informatics
 
Design patterns
Design patternsDesign patterns
Design patterns
 
oneM2M - Release 1 Primer
oneM2M - Release 1 PrimeroneM2M - Release 1 Primer
oneM2M - Release 1 Primer
 
Top Down Network Design - ebrahma.com
Top Down Network Design - ebrahma.comTop Down Network Design - ebrahma.com
Top Down Network Design - ebrahma.com
 
Chap 5 software as a service (saass)
Chap 5 software as a service (saass)Chap 5 software as a service (saass)
Chap 5 software as a service (saass)
 
Open Source in Government / Graham Taylor
Open Source in Government / Graham TaylorOpen Source in Government / Graham Taylor
Open Source in Government / Graham Taylor
 
Using Checker Software for Clear, Concise and Consistent Content | Berry Braster
Using Checker Software for Clear, Concise and Consistent Content | Berry BrasterUsing Checker Software for Clear, Concise and Consistent Content | Berry Braster
Using Checker Software for Clear, Concise and Consistent Content | Berry Braster
 
Unit - 1.pptx
Unit - 1.pptxUnit - 1.pptx
Unit - 1.pptx
 
chapter10.pptx
chapter10.pptxchapter10.pptx
chapter10.pptx
 
DU_SERIES_Session1.pdf
DU_SERIES_Session1.pdfDU_SERIES_Session1.pdf
DU_SERIES_Session1.pdf
 
Proact story on Archiving
Proact story on ArchivingProact story on Archiving
Proact story on Archiving
 

More from Speck&Tech

Dati aperti: un diritto digitale, da rivendicare e da alimentare
Dati aperti: un diritto digitale, da rivendicare e da alimentareDati aperti: un diritto digitale, da rivendicare e da alimentare
Dati aperti: un diritto digitale, da rivendicare e da alimentare
Speck&Tech
 
AI nel diritto penale, dalle indagini alla redazione delle sentenze
AI nel diritto penale, dalle indagini alla redazione delle sentenzeAI nel diritto penale, dalle indagini alla redazione delle sentenze
AI nel diritto penale, dalle indagini alla redazione delle sentenze
Speck&Tech
 
Vecchi e nuovi diritti per l'intelligenza artificiale
Vecchi e nuovi diritti per l'intelligenza artificialeVecchi e nuovi diritti per l'intelligenza artificiale
Vecchi e nuovi diritti per l'intelligenza artificiale
Speck&Tech
 
What should 6G be? - 6G: bridging gaps, connecting futures
What should 6G be? - 6G: bridging gaps, connecting futuresWhat should 6G be? - 6G: bridging gaps, connecting futures
What should 6G be? - 6G: bridging gaps, connecting futures
Speck&Tech
 
Creare il sangue artificiale: "buon sangue non mente"
Creare il sangue artificiale: "buon sangue non mente"Creare il sangue artificiale: "buon sangue non mente"
Creare il sangue artificiale: "buon sangue non mente"
Speck&Tech
 
AWS: gestire la scalabilità su larga scala
AWS: gestire la scalabilità su larga scalaAWS: gestire la scalabilità su larga scala
AWS: gestire la scalabilità su larga scala
Speck&Tech
 
Praticamente... AWS - Amazon Web Services
Praticamente... AWS - Amazon Web ServicesPraticamente... AWS - Amazon Web Services
Praticamente... AWS - Amazon Web Services
Speck&Tech
 
Data Sense-making: navigating the world through the lens of information design
Data Sense-making: navigating the world through the lens of information designData Sense-making: navigating the world through the lens of information design
Data Sense-making: navigating the world through the lens of information design
Speck&Tech
 
Data Activism: data as rhetoric, data as power
Data Activism: data as rhetoric, data as powerData Activism: data as rhetoric, data as power
Data Activism: data as rhetoric, data as power
Speck&Tech
 
Delve into the world of the human microbiome and metagenomics
Delve into the world of the human microbiome and metagenomicsDelve into the world of the human microbiome and metagenomics
Delve into the world of the human microbiome and metagenomics
Speck&Tech
 
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
Speck&Tech
 
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
Speck&Tech
 
Why LLMs should be handled with care
Why LLMs should be handled with careWhy LLMs should be handled with care
Why LLMs should be handled with care
Speck&Tech
 
Building intelligent applications with Large Language Models
Building intelligent applications with Large Language ModelsBuilding intelligent applications with Large Language Models
Building intelligent applications with Large Language Models
Speck&Tech
 
Privacy in the era of quantum computers
Privacy in the era of quantum computersPrivacy in the era of quantum computers
Privacy in the era of quantum computers
Speck&Tech
 
Machine learning with quantum computers
Machine learning with quantum computersMachine learning with quantum computers
Machine learning with quantum computers
Speck&Tech
 
Give your Web App superpowers by using GPUs
Give your Web App superpowers by using GPUsGive your Web App superpowers by using GPUs
Give your Web App superpowers by using GPUs
Speck&Tech
 
From leaf to orbit: exploring forests with technology
From leaf to orbit: exploring forests with technologyFrom leaf to orbit: exploring forests with technology
From leaf to orbit: exploring forests with technology
Speck&Tech
 
Innovating Wood
Innovating WoodInnovating Wood
Innovating Wood
Speck&Tech
 
Behind the scenes of our everyday Internet: the role of an IXP like MIX
Behind the scenes of our everyday Internet: the role of an IXP like MIXBehind the scenes of our everyday Internet: the role of an IXP like MIX
Behind the scenes of our everyday Internet: the role of an IXP like MIX
Speck&Tech
 

More from Speck&Tech (20)

Dati aperti: un diritto digitale, da rivendicare e da alimentare
Dati aperti: un diritto digitale, da rivendicare e da alimentareDati aperti: un diritto digitale, da rivendicare e da alimentare
Dati aperti: un diritto digitale, da rivendicare e da alimentare
 
AI nel diritto penale, dalle indagini alla redazione delle sentenze
AI nel diritto penale, dalle indagini alla redazione delle sentenzeAI nel diritto penale, dalle indagini alla redazione delle sentenze
AI nel diritto penale, dalle indagini alla redazione delle sentenze
 
Vecchi e nuovi diritti per l'intelligenza artificiale
Vecchi e nuovi diritti per l'intelligenza artificialeVecchi e nuovi diritti per l'intelligenza artificiale
Vecchi e nuovi diritti per l'intelligenza artificiale
 
What should 6G be? - 6G: bridging gaps, connecting futures
What should 6G be? - 6G: bridging gaps, connecting futuresWhat should 6G be? - 6G: bridging gaps, connecting futures
What should 6G be? - 6G: bridging gaps, connecting futures
 
Creare il sangue artificiale: "buon sangue non mente"
Creare il sangue artificiale: "buon sangue non mente"Creare il sangue artificiale: "buon sangue non mente"
Creare il sangue artificiale: "buon sangue non mente"
 
AWS: gestire la scalabilità su larga scala
AWS: gestire la scalabilità su larga scalaAWS: gestire la scalabilità su larga scala
AWS: gestire la scalabilità su larga scala
 
Praticamente... AWS - Amazon Web Services
Praticamente... AWS - Amazon Web ServicesPraticamente... AWS - Amazon Web Services
Praticamente... AWS - Amazon Web Services
 
Data Sense-making: navigating the world through the lens of information design
Data Sense-making: navigating the world through the lens of information designData Sense-making: navigating the world through the lens of information design
Data Sense-making: navigating the world through the lens of information design
 
Data Activism: data as rhetoric, data as power
Data Activism: data as rhetoric, data as powerData Activism: data as rhetoric, data as power
Data Activism: data as rhetoric, data as power
 
Delve into the world of the human microbiome and metagenomics
Delve into the world of the human microbiome and metagenomicsDelve into the world of the human microbiome and metagenomics
Delve into the world of the human microbiome and metagenomics
 
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
Home4MeAi: un progetto sociale che utilizza dispositivi IoT per sfruttare le ...
 
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
Monitorare una flotta di autobus: architettura di un progetto di acquisizione...
 
Why LLMs should be handled with care
Why LLMs should be handled with careWhy LLMs should be handled with care
Why LLMs should be handled with care
 
Building intelligent applications with Large Language Models
Building intelligent applications with Large Language ModelsBuilding intelligent applications with Large Language Models
Building intelligent applications with Large Language Models
 
Privacy in the era of quantum computers
Privacy in the era of quantum computersPrivacy in the era of quantum computers
Privacy in the era of quantum computers
 
Machine learning with quantum computers
Machine learning with quantum computersMachine learning with quantum computers
Machine learning with quantum computers
 
Give your Web App superpowers by using GPUs
Give your Web App superpowers by using GPUsGive your Web App superpowers by using GPUs
Give your Web App superpowers by using GPUs
 
From leaf to orbit: exploring forests with technology
From leaf to orbit: exploring forests with technologyFrom leaf to orbit: exploring forests with technology
From leaf to orbit: exploring forests with technology
 
Innovating Wood
Innovating WoodInnovating Wood
Innovating Wood
 
Behind the scenes of our everyday Internet: the role of an IXP like MIX
Behind the scenes of our everyday Internet: the role of an IXP like MIXBehind the scenes of our everyday Internet: the role of an IXP like MIX
Behind the scenes of our everyday Internet: the role of an IXP like MIX
 

Recently uploaded

Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
Matthias Neugebauer
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
aslasdfmkhan4750
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
Priyanka Aash
 
Recent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS InfrastructureRecent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS Infrastructure
KAMAL CHOUDHARY
 
Feature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptxFeature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptx
ssuser1915fe1
 
Choose our Linux Web Hosting for a seamless and successful online presence
Choose our Linux Web Hosting for a seamless and successful online presenceChoose our Linux Web Hosting for a seamless and successful online presence
Choose our Linux Web Hosting for a seamless and successful online presence
rajancomputerfbd
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
Tatiana Al-Chueyr
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
Emerging Tech
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
313mohammedarshad
 
The Rise of AI in Cybersecurity How Machine Learning Will Shape Threat Detect...
The Rise of AI in Cybersecurity How Machine Learning Will Shape Threat Detect...The Rise of AI in Cybersecurity How Machine Learning Will Shape Threat Detect...
The Rise of AI in Cybersecurity How Machine Learning Will Shape Threat Detect...
digitalxplive
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
Zilliz
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
Google Developer Group - Harare
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Muhammad Ali
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
ArgaBisma
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
Jimmy Lai
 
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes..."Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
Anant Gupta
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
sunilverma7884
 
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
alexjohnson7307
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
Kief Morris
 
find out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challengesfind out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challenges
huseindihon
 

Recently uploaded (20)

Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
 
Recent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS InfrastructureRecent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS Infrastructure
 
Feature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptxFeature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptx
 
Choose our Linux Web Hosting for a seamless and successful online presence
Choose our Linux Web Hosting for a seamless and successful online presenceChoose our Linux Web Hosting for a seamless and successful online presence
Choose our Linux Web Hosting for a seamless and successful online presence
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
 
The Rise of AI in Cybersecurity How Machine Learning Will Shape Threat Detect...
The Rise of AI in Cybersecurity How Machine Learning Will Shape Threat Detect...The Rise of AI in Cybersecurity How Machine Learning Will Shape Threat Detect...
The Rise of AI in Cybersecurity How Machine Learning Will Shape Threat Detect...
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
 
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes..."Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
 
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
 
find out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challengesfind out more about the role of autonomous vehicles in facing global challenges
find out more about the role of autonomous vehicles in facing global challenges
 

Cosa hanno in comune un mattoncino Lego e la backdoor XZ?

  • 1. Cosa hanno in comune un mattoncino Lego e la backdoor XZ? Marina Latini
  • 3. Interoperability is the ability of information and communication technology (ICT) systems, as well as of the business processes they support, to exchange data and enable the sharing of information and knowledge. European Interoperability Framework, IDABC Standard and Interoperability
  • 4. Standards for Interoperability • A key reason for the development of ICT standards is to facilitate interoperability between products in a multi- vendor, multi-network and multi-service environment • In addition, standards need to be designed and tested to ensure that products and services complying with them do indeed achieve interoperability
  • 5. Perfect Interoperability is Easy * * but Very Expensive Automation Manual Editing Manual rewrite of the entire document
  • 6. Benefits of Interoperability • Users have a much greater choice of products • Manufacturers can benefit from the economies of scale of a wider market • Interoperability is therefore a crucial factor for the success of modern technologies
  • 7. Organisational Semantic Syntactic Technical Interoperability Process Two or more systems can communicate and exchange data. This will typically happen with secure communication via standardised communication protocols. Processing data using standardised data exchange formats. Typical technology adopted is XML. Processing and interpretation of data with a degree of understanding of the data. Typical technologies are semantic descriptions, XSD and ontologies. Government agencies process and exchange each others data even if they use differing platforms and systems. Typical technologies are architectural models, process descriptions and interface technologies.
  • 8. Organisational Semantic Semantic Syntactic Syntactic Technical Technical Organisational Where Are We with Interoperability? Standard communication protocols OK Standard document and file formats OK Semantic descriptions and ontologies Technology scoundrels Business processes Resistance to change
  • 11. What is a Standard? • A document, established by consensus and approved by a recognized body, that provides rules, guidelines or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context, for common and repeated use • Standards should be based on the consolidated results of science, technology and experience, and aimed at the promotion of optimum community benefits ISO/IEC Guide 2:2004 "Standardization and Related Activities - General Vocabulary"
  • 12. Digital Document • Can be used only by those who have access to the decoder • Primary purpose of a digital document is to use it in the future • It should be readable and interpretable as long as possible, and ideally forever
  • 13. When the Decoder is Proprietary • Your own ideas, encoded in a digital document, are at the mercy of the owner of the decoder • You have lost your right to access and read your own documents in the future • This possibility is dangerous for a digital society
  • 14. The World Without Standards • Products might not work as expected, and may be of inferior quality • They may be incompatible with other equipment and they may not even connect with them • In extreme cases, non-standardized products may be dangerous • Customers would be restricted to one manufacturer or supplier • Manufacturers would be obliged to invent their own solutions to even the simplest needs
  • 18. Open Document Format ODF ISO Standard
  • 19. Open Document Format the true document standard which offers freedom of choice
  • 20. • ODF is solid and robust • ODF is consistent across OS • ODF is truly interoperable • ODF is predictable • ODF is a better standard file format for users of personal productivity SW Basic Concepts
  • 21. Open Document Format • Independent from a single product: anyone can write a software that handles an open format • Interoperable: allows the transparent sharing of data between heterogeneous systems • Neutral: it does not force the user to adopt – and often buy – a specific product, but leaves a wide choice based on features/quality vs price ratio • Perennial: protects user developed contents from the “evolution” based obsolescence of technology
  • 22. SW Content Old Style Content closely related to the application used to create it Controlled by the application developer and not by the user SW SW SW Content New Style Content represented through an open standard which is not controlled by a single vendor, so many applications can create and modify it Controlled by the user and not by the software vendor ODF Based Interoperability
  • 23. Characteristics of an ODF File • ZIP file (regardless of extension) • Set of XML files describing the content of the file and the presentation (the platform displays what is described by the XML file) • XML, a standard language, simplifies both the description and the access to the contents of the file • Same set of XML files for all applications (text, spreadsheet, presentation, etc.) • Binary files are used only for images and multimedia
  • 26. XZ backdoor: timelines / summaries • https://boehs.org/node/everything-i-know-about-the-xz-backdoor • https://research.swtch.com/xz-timeline • https://pentest-tools.com/blog/xz-utils-backdoor-cve-2024-3094
  • 27. Thank You ! Marina Latini marina.latini@libreoffice.org