It’s early in the morning in Philadelphia. I’m sitting in a hospital waiting room while a family member has a small procedure. It is very small. Then again, if one of my children just needed an aspirin and asked for some support, my wife and I would be on the next plane.
I’m writing this post from a computer in the hospital, part o the University of Pennsylvania Health System.
It runs Windows — no surprise in that. I’m using a Dell desktop. It’s an old one. It has two USB ports on the front and a floppy drive.
I try to download and install Firefox. Someone knows a little bit about security, since I see the Desktop and basic folders have been locked.
I then open the Documents folder. I see there are interesting documents.
I see that I cannot get into the Administrator’s Document folder. That’s a good sign.
I then see there is a floppy drive on the front of the computer. That is a bad sign.
All I have to do is to pop a floppy into it, reboot, take over the machine, look at those documents, perhaps even inject a new kind of virus into the hospital.
I won’t do that; I’m a good guy. But I could have, if I had been a bad guy.
Too bad the hospital isn’t using thin clients.
I hope the doctors are more competent than the IT staff.
I also remember I’m giving a talk this Monday to some CIO’s and senior officials in the government and public sector areas of Austria. I was up around 4AM today thinking about it. I decide to base much of it on my experiences working on education, and to add a cannonade or two of OOXML shot across Microsoft’s bow, to remind everyone what an execrable job MS did in putting together that godawful document. 
I decide to mention this incident as an example of why one should consider using thin-client based solutions in public spaces such as airports, hospitals, libraries, and schools.
I remember that Joe Latone, the open-source guy for Research, recently sent me a request to meet with a Prof. from Penn State later this month about open-source, on the day Eben Moglen is coming to give a talk at Research (he once worked there as an IP attorney.)
I decide to ask the Prof. if he knows anyone on the Penn IT Staff, so he can bring this matter to their attention in case they don’t read my blog.
1. I’ve spent some time looking at the OOXML spec. It is dreadful.
As best as I can tell, MS went around and interviewed every programmer they could find who had ever worked on Office and asked them what they had done.
Once they had a list of all the “new” features and options that been added over the years, they made up a list of all the procedures that would have to be written to implement them.
MS then made up the API to call those as yet unwritten procedures. After that, the made up a bunch of simplistic examples, most of which have no content. MS concluded by adding just enought text to give the document the superficial appearance of a standard/
Once that was done, they submitted it to various standards bodies and tried to stuff the ballot boxes, as they well know this document cannot withstand any serious technical review. See Rob Weir’s blog for some detailed examples.