Difference between pages "List of Cyberspeak Podcast Interviews" and "Open Document Format"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(2007: - Added 25 Mar 2007 show)
 
(Expanded information; added sections: file structure, metadata)
 
Line 1: Line 1:
The [[Cyberspeak Podcast]] podcast usually features at least one interview per show. The guests on each show are listed below.
+
'''Open Document Format''' (ODF) is an open, XML-based file format standard for word processing documents, spreadsheets, charts, and presentations. The specification was originally developed by Sun Microsystems, but has been standardized by the Organization for the Advancement of Structured Information Standards (OASIS). ODF version 1.0 has been standardized as ISO/IEC 26300:2006. ODF is the primary format for the OpenOffice.org office suite.
  
=== 2005 ===
+
=File Extensions=
 +
The main file extensions for ODF documents are
 +
* .odt for word processing documents
 +
* .ods for spreadsheet documents
 +
* .odp for presentation documents
 +
* .odb for database documents
 +
* .odg for graphical documents
 +
* .odf for mathematical formulae
  
* 18 Dec 2005: [[Nick Harbour]], author of [[Dcfldd|dcfldd]]
+
ODF also supports template files for each type of document.  The 'd' in file extension is replaced by a 't' for template files.
* 31 Dec 2005: [[Jesse Kornblum]], author of [[foremost]] and [[md5deep]]
+
  
=== 2006 ===
+
=File Structure=
 +
An ODF document can be as simple as a single XML file.  However, this is rarely practical. The standard specifies that an ODF file can also be stored as a collection of several subdocuments.  The latter is the most common implementation.
  
* 7 Jan 2006: [[Drew Fahey]], author of [[Helix]]
+
A packaged ODF file will contain, at a minimum, six files and two directories archived into a modified ZIP file. The structure of the basic package is as follows
* 18 Jan 2006: [[Simple Nomad]]
+
* 21 Jan 2006: [[Johnny Long]]
+
* 28 Jan 2006: [[Kevin Mandia]]
+
  
 +
|-- META-INF
 +
|  `-- manifest.xml
 +
|-- Thumbnails
 +
|  `-- thumbnail.png
 +
|-- content.xml
 +
|-- meta.xml
 +
|-- mimetype
 +
|-- settings.xml
 +
`-- styles.xml
  
* 4 Feb 2006: [[Brian Carrier]]
+
Again, this represents a minimal ODF file. The structure can become much more complicated as directories can be added that contain embedded images, macros, and the like.
* 11 Feb 2006: [[Jesse Kornblum]]
+
* 18 Feb 2006: [[Bruce Potter]] of the Shmoo Group
+
* 25 Feb 2006: [[Kris Kendall]] speaks about malware analysis
+
  
 +
An important caveat in the structure of the ZIP file is that the first file must be the "mimetype" file and it must not be compressed. [http://www.jejik.com/articles/2010/03/how_to_correctly_create_odf_documents_using_zip/]  The string "mimetype" should appear at position 30 and the actual MIME type at position 38.  This adaptation makes it possible for operating systems to determine the MIME type of a file without relying on the file extension.
  
* 4 Mar 2006: [[Dave Merkel]]
+
==Main Sub-Files==
* 11 Mar 2006: [[James Wiebe]] of [[Wiebe Tech]]. Also [[Todd Bellows]] of [[LogiCube]] about [[CellDek]]
+
* 18 Mar 2006: [[Kris Kendall]]
+
* 25 Mar 2006: (No interview)
+
  
 +
The '''manifest.xml''' file contains a list of all files in the packages, as well as their media type, path, and any information required for decryption.  The '''content.xml''' file contains the content of the document (e.g., the text in a word processing document), while the '''styles.xml''' file contains the information on how the content is to be styled.  The '''settings.xml''' file is self-explanatory.
  
* 1 Apr 2006: [[Harlan Carvey]], creator of the [[Forensic Server Project]]
+
==Metadata==
* 8 Apr 2006: (No interview)
+
* 15 Apr 2006: (No interview), but first to mention the [[Main_Page|Forensics Wiki]]!
+
* 22 Apr 2006: [[Jaime Florence]] about [[Mercury]], a text indexing product
+
  
 +
Because ODF files are basically ZIP files, the files contain the same meta-information about each file as that of a standard ZIP archive, namely the name and size of each sub-file, compression information, and creation date of each sub-file.  In addition, much metadata is contained within the xml files themselves.  The '''meta.xml''' file contains metadata for the entire document.  The types of metadata contained in the file can comprise pre-defined metadata, user defined metadata, as well as custom metadata:
  
* 6 May 2006: [[Mark Rache]] and [[Dave Merkel]]
+
* which version of ODF is used by the document
* 13 May 2006: [[Steve Bunting]]
+
* the document generator, that is, the user-agent software that generated or last modified the ODF document. This string is similar to the HTTP user agent string as described in RFC-2616. This can contains the name and version of the software as well as the name of the operating system.
* 21 May 2006: [[Mike Younger]]
+
* document title
* 29 May 2006: [[Mike Younger]]
+
* document description
 +
* document subject
 +
* keywords
 +
* initial creator
 +
* Creator (person who last modified the document)
 +
* printed by
 +
* creation date/time
 +
* modification date/time
 +
* print date/time
 +
* document template, the path of the document template if one was used to generate the current document
 +
* automatic reload
 +
* hyperlink behavior
 +
* language
 +
* number of editing cycles stored as a string. The number is incremented each time the document is saved.
 +
* editing duration -- amount of time spent editing the document. The specification is not clear as to how this value is to be calculated.
 +
* document statistics -- this field varies by file type, but includes information such as page count, object count, paragraph count, cell count, etc.
 +
* user-defined metadata -- allowable types: string, integer, float, boolean
  
 +
Conforming applications are permitted to store non-standard fields in this file, and the software should preserve any custom fields.
  
* 3 Jun 2006: [[Jesse Kornblum]] about [[Windows Memory Analysis]]
+
=External Links=
* 10 Jun 2006: (No interview)
+
[http://docs.oasis-open.org/office/v1.1/OS/OpenDocument-v1.1-html/OpenDocument-v1.1.html ODF specification]
* 17 Jun 2006: [[Mike Younger]]
+
* 24 Jun 2006: (No interview)
+
  
 
+
[[Category:File Formats]]
* 1 Jul 2006: (No interview)
+
* 9 Jul 2006: [[Johnny Long]]
+
* 18 Jul 2006: [[Dark Tangent]]
+
* 30 Jul 2006: [[Jesse Kornblum]] about [[Ssdeep|ssdeep]] and [[Context Triggered Piecewise Hashing|Fuzzy Hashing]]
+
 
+
 
+
* 10 Aug 2006: [[Brian Contos]] discusses his book ''Insider Threat: Enemy at the Watercooler''
+
* 13 Aug 2006: [[Richard Bejtlich]] discusses his book ''Real Digital Forensics''
+
* 27 Aug 2006: [[David Farquhar]]
+
 
+
 
+
* 3 Sep 2006: [[Keith Jones]]
+
* 10 Sep 2006: (No Interview)
+
* 17 Sep 2006: (No Interview)
+
* 24 Sep 2006: (No Interview)
+
 
+
 
+
* 1 Oct 2006: [[Brian Kaplan]], author of [[LiveView]]
+
* 8 Oct 2006: [[Tom Gallagher]] discusses his book ''Hunting Security Bugs''
+
* 15 Oct 2006: (No Interview)
+
* 29 Oct 2006: (No Interview)
+
 
+
 
+
* 12 Nov 2006: [[Jesse Kornblum]] discusses his paper ''Exploiting the Rootkit Paradox with Windows Memory Analysis''
+
* 19 Nov 2006: [[Kris Kendall]] discusses unpacking binaries when conducting malware analysis
+
* 26 Nov 2006: (No Interview)
+
 
+
 
+
* 3 Dec 2006: [[Brian Dykstra]]
+
* 10 Dec 2006: [[Mike Younger]]
+
* 17 Dec 2006: [[Mike Younger]] and [[Geoff Michelli]]
+
 
+
=== 2007 ===
+
 
+
* 7 Jan 2007: [[Jamie Butler]]
+
* 17 Jan 2007: [[Chad McMillan]]
+
* 28 Jan 2007: [[Jesse Kornblum]]
+
 
+
 
+
* 11 Feb 2007: [[Scott Moulton]]
+
* 18 Fen 2007: [[Phil Zimmerman]], creator of [[PGP]] discussing his new [[Zfone]]
+
* 25 Feb 2007: [[Mark Menz]] and [[Jeff Moss]]
+
 
+
 
+
* 4 Mar 2007: No show due to technical difficulties
+
* 12 Mar 2007: [[Trevor Fairchild]] of Ontario Provincial Police Department discussing [[C4P]] and [[C4M]], both add-ons to [[EnCase]]
+
* 18 Mar 2007: [[Tony Hogeveen]] of DeepSpar Date Recovery Systems
+
* 25 Mar 2007: Shmoocon broadcast
+

Revision as of 19:36, 13 April 2010

Open Document Format (ODF) is an open, XML-based file format standard for word processing documents, spreadsheets, charts, and presentations. The specification was originally developed by Sun Microsystems, but has been standardized by the Organization for the Advancement of Structured Information Standards (OASIS). ODF version 1.0 has been standardized as ISO/IEC 26300:2006. ODF is the primary format for the OpenOffice.org office suite.

File Extensions

The main file extensions for ODF documents are

  • .odt for word processing documents
  • .ods for spreadsheet documents
  • .odp for presentation documents
  • .odb for database documents
  • .odg for graphical documents
  • .odf for mathematical formulae

ODF also supports template files for each type of document. The 'd' in file extension is replaced by a 't' for template files.

File Structure

An ODF document can be as simple as a single XML file. However, this is rarely practical. The standard specifies that an ODF file can also be stored as a collection of several subdocuments. The latter is the most common implementation.

A packaged ODF file will contain, at a minimum, six files and two directories archived into a modified ZIP file. The structure of the basic package is as follows

|-- META-INF
|   `-- manifest.xml
|-- Thumbnails
|   `-- thumbnail.png
|-- content.xml
|-- meta.xml
|-- mimetype
|-- settings.xml
`-- styles.xml

Again, this represents a minimal ODF file. The structure can become much more complicated as directories can be added that contain embedded images, macros, and the like.

An important caveat in the structure of the ZIP file is that the first file must be the "mimetype" file and it must not be compressed. [1] The string "mimetype" should appear at position 30 and the actual MIME type at position 38. This adaptation makes it possible for operating systems to determine the MIME type of a file without relying on the file extension.

Main Sub-Files

The manifest.xml file contains a list of all files in the packages, as well as their media type, path, and any information required for decryption. The content.xml file contains the content of the document (e.g., the text in a word processing document), while the styles.xml file contains the information on how the content is to be styled. The settings.xml file is self-explanatory.

Metadata

Because ODF files are basically ZIP files, the files contain the same meta-information about each file as that of a standard ZIP archive, namely the name and size of each sub-file, compression information, and creation date of each sub-file. In addition, much metadata is contained within the xml files themselves. The meta.xml file contains metadata for the entire document. The types of metadata contained in the file can comprise pre-defined metadata, user defined metadata, as well as custom metadata:

  • which version of ODF is used by the document
  • the document generator, that is, the user-agent software that generated or last modified the ODF document. This string is similar to the HTTP user agent string as described in RFC-2616. This can contains the name and version of the software as well as the name of the operating system.
  • document title
  • document description
  • document subject
  • keywords
  • initial creator
  • Creator (person who last modified the document)
  • printed by
  • creation date/time
  • modification date/time
  • print date/time
  • document template, the path of the document template if one was used to generate the current document
  • automatic reload
  • hyperlink behavior
  • language
  • number of editing cycles stored as a string. The number is incremented each time the document is saved.
  • editing duration -- amount of time spent editing the document. The specification is not clear as to how this value is to be calculated.
  • document statistics -- this field varies by file type, but includes information such as page count, object count, paragraph count, cell count, etc.
  • user-defined metadata -- allowable types: string, integer, float, boolean

Conforming applications are permitted to store non-standard fields in this file, and the software should preserve any custom fields.

External Links

ODF specification