Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Linux in the news Security Kernel Distributions Ports Development Commerce Announcements Back page
Other stuff:
Here is the permanent site for this page.
|
Leading items140,000 Mexican school labs to be outfitted with Linux and GNOME. Out of the blue this week (at least for those of us not deeply tied into the GNOME project) came this message from Arturo Espinosa Aldama, leader of the "Scholar Net" project in Mexico. This project's goal is to outfit every elementary and mid-level school in Mexico with computers and a connection to the net. It is an ambitious project; they intend to set up 140,000 computer labs over the next five years. This is a worthy project, but what really raised eyebrows was their announcement that these labs will be set up with Linux machines running the GNOME desktop. The labs in question are intended for student use. They will give students access to the Internet, via the usual services (email, web). Students will have access to office tools for doing their homework. Their math curriculum includes exercises with spreadsheets. Thus, the tools they need include web browsers, word processors and spreadsheets. Netscape (or Mozilla/GTK), gwp, and gnumeric look set to fill the bill nicely. Some work needs to be done to get these tools to where they need to be for Scholar Net's purposes. The gwp word processor has a ways to go yet before it's ready for prime time. Many of the GNOME tools need some basic work for user interface consistency. And, of course, everything needs to be fixed up to work in the Spanish language. Scholar Net intends to dedicate some resources to pushing forward some of these tools; in particular, they want to focus on gwp. They are also asking for volunteers to help with some of the tasks. What they would like, more than anything else, is for the GNOME folks to work with their needs (consistency, stability, and multi-lingual capabilities) in mind. Since this isn't far from what GNOME wants to do anyway, they are not asking for a lot. They would also like help from those with Spanish skills in the translation of GNOME applications and documentation. Interested persons are invited to contact Mr. Espinosa; see the announcement for contact information. So why did Scholar Net decided to go with the Linux/GNOME platform? According to Mr. Espinosa, the deciding factor was cost (though they certainly appreciate the other benefits of free software as well). The price for proprietary software for 140,000 labs (with an average of six workstations and one server each) is very high. Linux is also able to make better use of cheaper hardware, leading to more savings. For a project of this size, it is far cheaper to hire some programmers to fill in some gaps than to try to work with proprietary systems. One could easily imagine that there could be difficulties in selling this approach to the Powers That Be. However, according to Mr. Espinosa: "We thought there would be some resistance from the big bosses but, due to the attention Linux is being paid in the mainstream computing media, the University is now considering Linux as a valid option and we are being accepted because we do have something to show."He may well be making light of the difficulty of selling any project of this size. Nonetheless, this success is a clear sign of just how far Linux has come in the last year. It would be hard to overestimate the importance of this project and the course that it has taken. Soon, a substantial portion of the Linux user base will be made up of Mexican schoolchildren. Mexico is raising a generation of Linux users. The visibility of this effort will be high; it will make it that much easier to justify the use of Linux in other situations. GNOME is getting more developers and a committed set of users. And, as if the project were not large enough already, Mr. Espinosa suggests that, if Scholar Net is successful, it is possible that it will be expanded through the rest of Latin America via the Instituto Latinoamericano de la Comunicación Educativa. Again, in Mr. Espinosa's words: "I would like to invite the Universities of other countries to consider Free Software as a real-world solution to the problem of bringing computers to every education level." A web page is being put together to describe the Scholar Net project and to answer many of the questions that have been raised. It is not currently up, so, rather than hand out a dead link, we will ask interested readers to keep an eye on LWN. As soon as the Scholar Net page is available, we will let you know. [Update: the Scholar Net web page is now available.] Scholar Net is important, and we wish them a great deal of luck and the best of success. Finally, LWN is much indebted to Arturo Espinosa Aldama for quickly answering our many questions. A couple of followup items to last week's discussion of Microsoft France's anti-Linux "open letter". The Association Francophone des Utilisateurs de Linuxput together a very well done response to that letter; thanks to Rick Moen we also have an English translation of this response. One of Microsoft's claims was that there are no word processors with on-the-fly spelling checking for Linux. People who are not easily offended may want to check out this screen shot, wherein an "anonymous critic" responds to this claim by testing out his four-letter word vocabulary against Word Perfect 8. We need more letters to the editor. Do you have something on your mind? Here is your chance to express your thoughts to thousands of Linux users. Please send letters to be published to editor@lwn.net. The Atlanta Linux ShowcaseLiz Coolbaugh wrote up an overview of her experiences at the Atlanta Linux Showcase (ALS). Included in the summary are pointers to her detailed notes from many of the talks, as well as other various reports on the ALS from other people: Eric Green, Zach Brown and Scott Lewis. If you weren't there, it will give you a lot of the information you missed. If you made it, it may still provide you a glimpse of portions of the show you may have missed. Until next time, congratulations to the Atlanta Linux Enthusiasts! You did a great job. |
October 29, 1998
|
Sections: Main page Linux in the news Security Kernel Distributions Ports Development Commerce Announcements Back page See also: last week's Security page. |
SecurityA couple of security patches have come out. Most people probably won't need these, but for those who do...
Savetextmode, a script from svgalib, has security problem in some distributions due to its use of files under /tmp. Adrian Voinea reported the problem initially. Ben Collins confirms the potential problem, but indicates that it has been fixed in Debian 2.0. According to reports, it is not fixed in RedHat 5.1, svgalib-1.2.13-5. The problem appears to have been fixed in svgalib-1.3.1. In another comment on the security of svgalib, Nergal posted a note to Bugtraq about problems in zgv These were reviously reported to Bugtraq by Paul Boehm, but believed to be unexploitable. Nergals' note describes the fallacies in this belief. He does not provide a patch, but instead recommends that zgv be installed non-suid if possible. Expect to see new svgalib advisories coming out in the near future, as a result. Patches for zgv have already been forwarded to the security-audit group. Matt Watson and Brian Mitchell discussed problems with iplogger on the Bugtraq list this week. The upshot is that there are concerns about iplogger's use of a double fork, and an ident overflow in the latest version. For anyone who picked up der Mouse's version of tar with his evil-archive paranoia code, this note from der Mouse points out a bug that has been found in his tar. The topic of the Netscape browser "What's Related" button has come up. This button allows a user to look for sites "related" to the page they are currently viewing. This functionality is provided by a query which sends the URL of the current page to www-rl.netscape.com. However, depending on your browser's preferences, this information may be sent either only when you click on the button, or for every page you view once you have clicks on this button once, or even for every page you view whether or not you have ever clicked on this button. Flemming S. Johansen provided this description. Depending on the version of Netscape you are running, 4.06 or later, the default setting is apparently either to always send the information or to send it after first use. The latter behavior has been confirmed for Linux running Netscape 4.5. If you do not like this behavior, it is recommended that you check your preferences and set them to something more appropriate than the default behavior. Here is a site that has been following this issue closely and has many pungent remarks to make about this feature. The privacy forum digest also contains comments from Lauren Weinstein who has opened a dialogue with Netscape about these issues. Speaking of Netscape, here is their acknowledgement of the Buffer Overflow vulnerability in Netscape found by Dan Brumleve that we reported last week. Note that they mention that the vulnerability is only theoretically exploitable, but this is incorrect, as Dan points out. On a more simple note, but thought-provoking, apparently under 4.07, your preferences may be ignored when a new Window is opened. Here is the report from Bill Becker. This has not yet been confirmed by any alternate source. In a last comment on problems with Netscape this week, confirmation has been received that, in some versions of Netscape, Javascript may continue to be processed even when it has been disabled in your preferences. This is definitely a problem if you have turned off javascript in order to protect yourself against recently reported security problems. Here is a confirmation of this from Jukka Suomela. Serge Orlov has announced the first release of his multi-stack allocator for C programs. This is a technique that helps prevent exploits for most bufferflows. He commented that it is not a complete solution. Several people asked him questions about multi-stack, particularly how it compares to StackGuard. He posted this followup. |
October 29, 1998 |
Sections: Main page Linux in the news Security Kernel Distributions Ports Development Commerce Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is 2.1.126. This release (announcement here) had a number of compilation and lockup problems, and is probably best avoided. For those wanting to be on the bleeding edge, 2.1.127 prepatch 3 is available. It fixes some of the other problems, includes a lot of Sparc fixes, memory management fixes, SCSI fixes, and other, well, fixes. At least some of the kernel NFS fixes appear to have gone in as well. Of course, 2.1.127 may well be out by the time you read this. Whither 2.0.36? It has now been some time since a couple of "release candidate" pre-patches went by. At the last minute a few problems turned up, so Alan Cox called off the release for the time being. Those problems are being fixed, and a new release candidate pre-patch should show up before too long. At that point, it has to go (again) to Linus, who will then decide whether it goes out as is or whether changes need to be made. So the real 2.0.36 release is probably a bit distant still. Richard Gooch continues to press forward his devfs patch; it is currently up to release 74. Still no official word on inclusion in 2.2 from Linus; at this late date it could well be that the chances are fading. What is the best way to export kernel information to user space? This discussion evolved out of the "jiffies" debate (see last week's issue). Currently there are a few ways of getting pieces of system information from the kernel:
At this stage in kernel development (i.e. code freeze) major changes are not going to happen. But that doesn't stop people from talking. Linus seems to favor adding new system calls; other kernel developers seem to prefer sysctl. Others like /proc (everybody seems to think /proc is needed for some information), but some folks still evidently run systems with /proc disabled. There was some talk of trying to rationalize the contents of /proc. Currently data appears in different formats in different places, and, occasionally, it is dependent on the underlying architecture of the host system. The problem there is that if, for example, /proc is exported via NFS from a little-endian system to a big-endian system, the latter will not be able to make sense of what it sees. The position taken by Linus, and readily agreed to by most, was that information in /proc should be formatted in unambiguous ways. IP addresses, for example, should be in the "dotted quad" notation. This sort of rule, consistently applied, could clear up a lot of problems. There was even a patch posted to clean up some of the files in /proc/net. Of course, (1) there is a code freeze in effect, and (2) actually changing the format of /proc files breaks all of the applications which use them. So it is not clear how far that patch will go. A new version of ksymoops has been posted. Ksymoops, of course, is a little program which takes the output from a dying kernel and turns it into a symbolic form which can be interpreted by others. Here's the announcement for those who are interested. |
October 29, 1998
Since we're a weekly publication, chances are we'll be behind a rev or two on the kernel release by the time you read this page. Up-to-the-second information can always be found at LinuxHQ. |
Sections: Main page Linux in the news Security Kernel Distributions Ports Development Commerce Announcements Back page See also: last week's Distributions page. |
DistributionsDebianRon McNab, VP and General Manager of Corel Computer, wrote a letter of thanks to the Debian Group, congraulating them on the port of Debian to the Netwinder. Debian has done an excellent job, so now people using the Netwinder will have a choice of distributions. However, the letter made no comment on Corel's decision to partner with Red Hat and ship Red Hat CDs for the Netwinder.The Debian Alpha group finally has a working version of dpkg, which should help their efforts tremendously. The design of the apt GUI has changed. Here is the new design text, for those that want to check it out. Red HatRed Hat has split up their FTP site into four separate sites. Contributed stuff has been split off from the rest, but the nicest thing is that the updates have their own site. That should make getting those security fixes easier.SlackwareStefan Laudat noticed a /tmp race problem with in.pop3d in Slackware 3.5. However, a followup note from Patrick Volkerding showed how he tested the vulnerability and came to the conclusion that, despite appearances, there is no vulnerability.S.u.S.E.For any of you that missed it, S.u.S.E.'s Office Suite '99 did arrive in time for the Atlanta Linux Showcase, so if you're waiting for yours, it should be showing up soon.S.u.S.E. has issued a statement on how it is handling Y2K issues. S.u.S.E. Linux systems since version 5.2 have tested successfully with system dates after the year 2000. |
October 29, 1998
0 |
Sections: Main page Linux in the news Security Kernel Distributions Ports Development Commerce Announcements Back page See also: last week's Development page. |
Development toolsJavaSteve Byrne dropped us a note about Sun's decision to license access to the 1.2 source base for the Linux Java porting team. As Steve comments, This puts the Linux porting team on an equal footing with all of the other commerical source licensees of the JDK, in terms of being able to validate and certify that the Linux port is 100% Java Compatible. This is an important step towards making Linux one of the platforms of choice for those companies that wish to use Java in their software development.Steve's note also mentions how well the 1.2 port is coming along. With a couple of exceptions (audio, color matching), the system is working. JDK 1.2 looks to be a major turning point for Java on Linux and perhaps one for Java in general. The question was asked on the java-linux mailing list whether or not a port of the JDK to the StrongARM architecture was planned. The response was that none of the Java porting team members have that hardware platform. If they did, a port would likely happen... The latest edition of the JDC Newslettter is out. It covers the release of new products, a new on-line tutorial from MageLang Institute and various other tidbits. PythonThis week's Python-URL! has great references to various postings of interest to the Python community. Check it out! They've done a very detailed job of sifting through the python-related posts. (If you want to continue seeing these, we recommend you subscribe to their list).The first issue of the Python Journal is out. Here is the announcement. Evelyn Mitchell reports that it features an interview by Paul Everitt with Infoseek, a report on XML by Andrew Kuchling, and a article on Python as a rapid prototyping language by Sean Reifschneider. An informal Python tutorial is being held in Toronto. Contact William Park if you are interested. Guido is working on his speech for the Python Conference. If you have questions that you'd like him to answer, contact him personally.
Tcl/tktkWorld-1.0 Beta 3 is out. The announcement mentions that shell and working directory management is new to this release.For those of you that haven't found the TCL-URL e-mail newsletter, you can check out the archives easily, and then see if you'd like to sign up. |
October 29, 1998 |
|
Development projectsThe Lyx project needs help. According to this note we got from one of the developers, they lost their repository machine and all of its contents. They're looking for a new machine, or, failing that, somebody willing to host the repository. Have a look and contact them if you can help. With the demise of Crack Dot Com, the company has chosen to release the data and source code for it's upcoming title "Golgotha" into the public domain. This is a really appreciated effort on their part, choosing to release their work to the world rather than let it moulder unused. It is obviously generating quite a bit of interest, since mirror sites, an FAQ, information on the script for Golgotha, and now precompiled binaries have popped up. If you are interested in more information, updates on Golgotha are available. Nicholas Lee (Li Peng Ming) also pointed out that a mailing list (currently in initial post frenzy) has been setup and plans do seem to be shaping towards completing Golgotha in its entirety. We hear that linuxconf 1.13r3 will be coming with bind 8 support. Maybe that will encourage adoption of bind 8 into the standard distributions ... Meanwhile, on the alternative front, coas 0.13 has been released. It is primarily a maintenance release and was apparently delayed due to Caldera's effort to get 1.3 out the door. It now supports autoconf configure scripts, compiles with egcs and has initial support for SGML. LSBAdam Glass posted a note regarding a recent talk on the LSB given by Stuart Anderson, Chairman of the Linux Standard Base Written Specification Subcommittee to the FLUX (Florida Linux User Xchange.) A transcript of the talk is available.MozillaThe Mozilla Roadmap is now available. It contains "historical notes and sightseeing tips", "records design decisions and their rationales" and (hopefully) "reflects unforeseen terrain and unexpected inventions as they emerge."Oliver White expressed optimism that the Jazilla group will have an actual full working browser within a few months. We look forward to a full report on their progress in the near future. WINEAs was reported in Liz's diary from the Atlanta Linux Showcase, Dr. Cowpland, President and CEO for Corel Corporation, mentioned in his keynote that Corel is now actively supporting the WINE project and he is confident that WINE will run any Microsoft application by the end of the year. This is a more optimistic statement than we have heard confirmed on the WINE mailing lists, but it is certainly a strong statement of confidence in the project. We look forward to seeing if the end of the year will finally bring a WINE 1.0 release ... | |
Sections: Main page Linux in the news Security Kernel Distributions Ports Development Commerce Announcements Back page See also: last week's Commerce page. |
Linux and businessThe Cahners In-Stat Group has put out a bulletin stating that Linux is the telecommunications operating system of the future. Cahners In-Stat is one of these think-tank groups that puts out high-priced advice for corporate clients. Such groups have typically been somewhat unfriendly toward free software solutions, so it is interesting to see this point of view come out. If you are not a subscriber to their services, obtaining a copy of this report will cost a cool $500; so most people will need to content themselves with seeing their press release. However, the author of the report (Brian Strachman) was kind enough to send LWN a copy for review. Our impression: the report suffers from some minor technical inaccuracies. Cahners In-Stat evidently knows the telecom business better than it knows the Linux world. Nonetheless, they have clearly understood what the real benefits of open source software are. "It is this global community of millions of computer programmers making changes to Linux and sharing the results that have made it the advanced system it is today." The "free beer" aspect - no license charges - is mentioned in passing, but is not the main point. These people get it. The telecom world is one that needs rock-solid reliability, and Linux is able to provide that. Cahners In-Stat thinks that the remaining obstacles to widespread Linux use ("legitimacy," applications) will be overcome shortly. As they say in their title, they believe that Linux is the operating system of the future for this field. It is a very strong endorsement. Please contact Cahners In-Stat for further information, or if you are interested in obtaining this bulletin. Corel has kept itself in the news this week with two separate announcements. First, Word Perfect 8 will be made available for free downloading, though for "personal use only." Interested people can preregister for the download on this web page. Then, it was announced that Corel and Red Hat have formed a new partnership. Red Hat will produce a version of its distribution for the ARM processor, which will then ship with the Netwinder computer. Thus Red Hat becomes the official distribution for this machine. Happily, however, this is Linux, and the Debian distribution, at least, will also run on the Netwinder. Thus it is possible to buy this computer without being tied in to just one distribution. For those interested in media coverage of the Corel events:
Pacific Hitech is bringing their TurboLinux distribution to the U.S. Market. TurboLinux is currently the most popular distribution in Japan; they hope to do well in the corporate market on the other side of the Pacific pond. Here is their press release on the move. The distribution business is looking ever more competitive. Opera Software's attempt to produce a Linux version of the Opera browser has failed, at least for now. In a way this is not entirely surprising; the Opera folks are evidently trying to get the port done with volunteer labor, but Opera for Linux remains a proprietary program. As Eric Raymond remarks in this Wired News article, that just is not the way to inspire volunteer developers. Nonetheless, Opera for Linux would be a nice thing to have available; here's hoping that they manage to get things together. Cybersource has announced a Red Hat Linux support program in Australia. Here is their press release. We got a note from another new Linux systems VAR. This one is called The Computer Underground. They specialize in custom-built systems, and offer a variety of distributions which can be preinstalled. Kurt Wall has made available an FAQ for Informix on Linux. Does your car radio run Linux? If not, maybe you want to check out the 'empeg' unit. There taking registrations from people who would like to buy one... (Thanks to Edwin Metselaar). Some new newsgroups have been created for discussion of Oracle on Linux. For now you have to connect to a dedicated server to get these groups; if they take off the effort will be made to get the groups made an official part of the Usenet hierarchy. Here's the announcement if you would like to tune in. Amos Shapira wrote in to report another commercial product that is supported on Linux: the EMANATE Run-time Extensible Agent System from SNMP Research. Press Releases:
|
October 29, 1998 |
Sections: Main page Linux in the news Security Kernel Distributions Ports Development Commerce Announcements Back page See also: last week's Linux in the news page. |
Linux in the newsLinux press coverage this week had little in the way of unifying themes, so this page this week is an unstructured collection of articles. The good news is that no truly negative press showed up this week, and that a couple of interesting positive articles were published. The media still likes Linux. The Guardian, continuing its recent interest in Linux, has this nice editorial on how the Microsoft trial isn't really one of the more important things going on now. "Linux clearly has considerable strengths as a server operating system, and if Microsoft falters and lets it in, its progress to the desktop would simply become a matter of nature taking its course. The DoJ case against Microsoft will barely affect these events, if at all." For those who wish to be preached at, here is a sermon on Linux from Network World Fusion. "Brothers and sisters, there is another way . . . the way of Linux. Yes, this humble son of Unix is as a beacon in the darkness that is the lot of IT managers everywhere." (NW Fusion is a registration-required site). Rex Baldazo at builder.com has put out an article correcting a couple of mistakes in his previous NT 5.0 vs. Linux column. Since then, he has discovered tools like PHP and linuxconf. He also mentions that he was subjected to the tender attentions of the Linux Flame Mob. This sort of behavior is unfortunate in any case, but Mr. Baldazo had written a very positive column. Why do we have to turn friendly people against us? (This one found in LinuxWorld). Upside magazine covers Linux again; this time is more positive, however. The author went to a Bay area installfest to see what was up. "As I played with a computer, admiring the quick responses of the Linux desktop, I couldn't help but feel a bit like a reporter visiting a Barcelona cafe in late 1936, listening in on conversations about the upcoming spring offensive." (Found in Slashdot). A giant killer called Linux in the Canadian "CNews" is a fairly standard sort of introductory article. "And it's flexible. Check out www.enlightenment.org for a look at some wild and wacky customized desktops and windows." Their staff listingincludes a "Linux guru". (Found in LinuxToday). News.com ran a brief article about Informix's plans to ship their Dynamic Database server for Linux. Internet Week interviews Sun's John McFarlane. "We actually think Linux is very complementary to our commitment to open systems, and unfettered innovation. As you know, we have made Solaris freely available for non-commercial use." (Found in OS News). TechWeb covers the increasing number of applications available for Linux, touching on Corel, Informix, and even the possibility that SAP will make its R/3 port (alleged to already exist) available. "The Linux operating system is all about free or low-cost software, an area where the cost structures of SAP or enterprise-strength relational databases aren't going to fly." Internet World has published some good letters to the editor. These are in response to a column from last week stating that Linux was more of a threat to Sun than to Microsoft. The future of computing starts with an L in PC Week is a column inspired by the Atlanta Linux Showcase. "What I saw at the Linux Showcase was enthusiasm, the likes of which I haven't seen in the PC industry for a long time. Sure, some of it was from guys in ponytails and T-shirts, but it was also from guys in suits. Academics and scientists, but also businessmen." (Thanks to Jon Lasser). Here's a fun one from InfoWorld's "security" column: "If you're an anxious security manager hesitant to deploy a Linux system for fear of its gaping security problems, two recently released Unix programs will give you a reason. These new Linux-based hacker tools enable TCP fingerprinting: a new way to scan your systems to decipher the the operating system type." One has to wonder what the fact that tools like "Queso" run under Linux has to do with any "gaping security problems." Columnist Maggie Biggs also takes Linux to task for a lack of development tools. "But there is certainly more room for Linux tool offerings. I think there is a much broader market for Linux application development tools. And, I believe you'll see it evolve and mature during the next 12 to 18 months given the demand." The Ottawa Citizen reports on various changes at Corel, including a switch of auditors and the departure of their "director of software sales" for Linux. For German-capable readers, Hartmut Oldenbuerger pointed out this forum in Der Spiegel. It had well over 300 postings when we checked. Here is an InfoWorld article about Oracle's position on Linux. Good stuff. "According to [Oracle VP] Miner, support from Red Hat, S.U.S.E., and Caldera -- all of whom who distribute Linux -- is faster and better than Oracle's own support, and he is looking to the Linux community for new ideas on how to replicate this high level of customer satisfaction." (Found in Slashdot). This article in Performance Computing is cast as a comparison between Linux and FreeBSD, with an obvious bias (the author is a FreeBSD developer). The comparisons, though, are mostly in the area of development models and license terms - there is very little in the way of technical comparison. "These differences in organizational principles and licensing aside, however, it should be noted that Linux and FreeBSD don't really compete with one another all that much in the final analysis." Worth a read. (Thanks to Didier Legein). Edson Pereira sent us a pointer to this article in Data Communications about the "Healthnet" global medical network. This net, which is deployed worldwide, uses Linux systems for some of its components. (The first explicit Linux reference is three pages in). Web Review asks Can Microsoft Hurt Linux?. "If Microsoft perceives Linux as a potential threat in the desktop OS market, which is not impossible, it will unleash the nukes. But even the server market is too crucial for Microsoft to concede, and Linux is more than a threat there, it's the incumbent. So the only question is how Microsoft will meet the threat of Linux." Answers include FUD, closed hardware, and so on. An interesting column. Peter Link sent us a pointer to this New York Times article which contains a quick Linux reference. It's about the U. S. Postal Service and its use of technology to get the snail mail to its destination. The USPS address recognition machines run "a stripped-down version of Linux". (The NY Times is a registration-required site). More coverage of HP, but according to this article in The Register they are looking mostly at Linux for embedded systems. " This Web appliance concept provides a role for PA-Risc in the post-Merced world. Whether Linux will be the host OS, of course, remains to be seen, not least because of Microsoft's own plans to create an embeddable version of NT. However, it would offer clear price and performance advantages." Thanks to "mm" for the pointer. HP tries Linux on for size in news.com confirms that HP is working on a PA-RISC port, and talks about the 2.2 kernel release. Its message is mixed. "Linux will top out at its 'high-water mark' in the commercial area soon, [HP marketing director] Wilson predicted, because the operating system doesn't have a formal support system and doesn't handle large-scale server computing tasks such as workload balancing or resource sharing." Thanks to Roy Stogner. Linux's appeal compels large firms to respond appears in MSNBC, reprinted from the Wall Street Journal. "Linux, like Windows NT, is generally used on PC-style hardware and Intel chips, which tend to be cheaper than the more-specialized circuitry of most Unix machines. For these reasons, some market watchers say, companies such as Sun may be even more vulnerable than Microsoft. Sun's Mr. Andres conceded the Linux boom could be "a two-edged sword" for his company." There was an interesting burst of articles in the electronics trade press. These include:
|
October 29, 1998
``We actually think Linux is very complementary to our commitment to open systems, and unfettered innovation.''
``And as for the assertion that technical support for Linux needs to be equal to that available for commercial operating systems, the support would first need to drop a couple of notches in quality, since right now it is far superior to the support Novell or Microsoft provide.''
``According to [Oracle VP] Miner, support from Red Hat, S.U.S.E., and Caldera -- all of whom who distribute Linux -- is faster and better than Oracle's own support, and he is looking to the Linux community for new ideas on how to replicate this high level of customer satisfaction''
``Whether or not Linux takes over the PC market, it is already beginning to show that some of the challenges facing the industry have a resolution.''
|
Sections: Main page Linux in the news Security Kernel Distributions Ports Development Commerce Announcements Back page See also: last week's Announcements page. |
AnnouncementsEventsThe call for papers for LinuxExpo 99 has gone out. Now's the time to get writing and be part of the program. Here's the notice for those who are interested.The Red Herring has put out a schedule of events for Comdex. Look for Jon 'Maddog' Hall at a forum on "the business platform of the future" on November 17, at 12:30. James Gosling will also be there. Web sitesA few people have asked us what has happened to linux.org. We didn't know, but Dave Whitinger of LinuxToday called them up and got the scoop (temporary ISP problems). Read about it over on LinuxToday.Matthew Tebbens sent us a note indicating that he's made some major changes to his Linux Applications site. It looks very nice. He's also hoping to find a few people interested in helping him add and update information on applications. User Group NewsA new Linux User Group is starting in Slovakia. Juraj Bednar dropped us a note mentioning their plans and their hope to gain a few more members.Marc Christensen reported back to the caldera-users group about Kurt Wall's presentation on Informix which he gave to the Salt Lake Linux Group. As a result, Kurt has also promised to write up the information he presented and make it available on his web-site. |
October 29, 1998
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software Announcements
|
0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Linux in the news Security Kernel Distributions Ports Development Commerce Announcements Back page See also: last week's Back page page. |
Linux links of the weekOn everybody's list of useful web sites should be, of course, the GNU project page. Here you'll find the full set of software made available by GNU, their news bulletins, and, perhaps most importantly, the full set of writings describing the philosophy behind the GNU movement. Much of what is there should be considered required reading. Sanger's Review of Y2K News Reports is a daily-updated summary of news items about the year 2000 problem and efforts toward its solution. It is easy for Linux folks to think that y2k doesn't really matter to them; people thinking that way may find themselves surprised later on. An occasional look here is a good way to keep up to date with where things stand. |
October 29, 1998 |
|
Letters to the editorLetters to the editor should be sent to editor@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
To: editor@lwn.net Subject: Citing Linux in Microsoft court case From: David Kastrup <dak@neuroinformatik.ruhr-uni-bochum.de> Date: 22 Oct 1998 13:42:26 +0200 In my opinion the citation of Linux as a serious proof that Microsoft is not monopolizing the operating system market by its desktop wars is insane. Just look at the situation: here we have a stable, robust, open, technically solid operating system used often for server tasks. In benchmarks it beats NT hollow. There are still several soft spots (like extensive GL support, other multimedia points and other stuff important for game playing, the number one performance utilizator). Yet it's an absolute minority player in the desktop market, and a main reason is that the "standard" desktop stuff will not run on it. How is this counterproof to Microsoft levering its OS stuff via their applications and vice versa? Another wail is that Linux is too hard to install for an average user. So is Windows, but Microsoft marketing has pressed vendors to equip their machines with Windows from the start. If Linux is to gain an important position, it means that there will have to be a completely alternate line of desktop tools both developed and deployed, since Microsoft will not lend a hand. I am not saying that these alternatives will have to be free in order to make Linux take over the desktops, but they will have to provided by a party which does not have destroying Linux (and other competition) as one of its key strategies. *If* (and that's a very big if) Linux one day becomes convincing evidence that one has not to solely rely on a Microsoft monopoly for the desktop, the market will probably avalanche and bury Microsoft, because their "either it's us or the enemy" stance does not make for good mixing of Microsoft products with that from competitors. This will require people to be willing to change. But Mirosoft itself has been training people to replace mostly working software with something different which writes incompatible formats. Of course there is a place for Microsoft in such a course of events if they want to occupy it: it's the application sector where they have always tried to excel. But it might be that they will have to think about their close coupling of app and OS development if they don't want to hurt their app business in the long run. -- David Kastrup Phone: +49-234-700-5570 Email: dak@neuroinformatik.ruhr-uni-bochum.de Fax: +49-234-709-4209 Institut für Neuroinformatik, Universitätsstr. 150, 44780 Bochum, Germany | ||
Date: Sun, 25 Oct 1998 12:25:27 -0500 From: "Andrew V. Shuvalov" <andrew@ecsl.cs.sunysb.edu> To: editor@lwn.net Subject: Samovar awards Dear LWN team! I don't know if this story is interesting, but i started the "Samovar awards" project dedicated to nominate most interesting events in computer industry in some humorous way. Linux and RedHat's Bob Young are among nominees. The site is here: http://www.ecsl.cs.sunysb.edu/~andrew/awards/ Good luck! Andrew Shuvalov | ||
Date: Mon, 26 Oct 1998 22:15:12 -0600 From: Craig Goodrich <craig@airnet.net> To: security_watch@infoworld.com Subject: Security Itch ... Your recent column on TCP fingerprinting is interesting in its technical section, but I found it utterly incoherent in both its introduction and implied conclusion. For example, you begin: "If you're an anxious security manager hesitant to deploy a Linux system for fear of its gaping security problems, two recently released Unix programs will give you a reason. These new Linux-based hacker tools enable TCP fingerprinting: a new way to scan your systems to decipher the the operating system type." First, *what* "gaping security problems"? The open-source nature of Linux should frighten only those utterly incompetent administrators who believe that system programming manuals must be kept in the safe -- a nonsensical view rejected by *all* professionals in this business for at least two decades now. Security comes from OS design and proper administration, not from secrecy of program operations; otherwise every time your bank fires a junior programmer, he could clean out your account from a modem in Rio. Moreover, Linux' open development model means that potential security holes are both found and fixed much more rapidly than those in most commercial operating systems -- particularly NT. It also means that such holes are disclosed publicly, so that Linux admins can take immediate stopgap measures until a patch becomes available. Ask your Microsoft support engineer for a complete list of reported security holes in NT and see what happens.... But in any case it is utterly opaque to me how the fact that a program capable of identifying the OS of *other* machines runs on Linux (or, as you say, nearly any Unix) could pose a security problem for *the machine it runs on*. If knowing what OS is running on the machine I'm sitting at is a security threat, then perhaps we should just simply unplug all our magic boxes from the wall. Yet this is the only possible interpretation of your opening paragraph. More generally, I have a real problem with this assertion: "Because the first major hurdle for any hacker is to find out what OS is running on a targeted system, these tools can cut the time it takes to do so." Well, of course the cracker (not hacker) needs to know your OS. So do many normal utilities such as ftp. Most web servers will provide version and OS information on request. The cracker also needs to know your IP address. Most heroin addicts started out on milk. So what? If simply knowing that a given machine is running OS/400, say, or that it's a Cisco router, poses a security threat, then the thing to do is get rid of the machine, because that knowledge can't possibly be kept secret enough. But this is obviously ridiculous. So, again, I'm afraid I find your column incoherent at several levels. What important point did I miss? Sincerely, Craig Goodrich Rural Village Systems somewhere in the woods near Huntsville, Alabama | ||