Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page.
|
Leading items and editorialsA Linux distribution from SCO? The official announcement from SCO got delayed, but word slipped out anyway: the company is going to launch its own distribution of the Linux operating system. New distribution announcements are common, and it may tempting to look at this one as just another late entry into the field, but there is more to it than that. An offering from SCO is likely to become one of the top-tier commercial distributions almost immediately. SCO tends to keep a low profile compared to companies like Sun, but it is, nonetheless, the largest vendor of proprietary Unix systems out there (in terms of installed systems). Intel-based servers running UnixWare have found their way into corporations worldwide. SCO's installed base is quite large. It has been clear for years that SCO's core business is threatened by Linux. Why bother with a proprietary Unix for the PC when the alternative is not only free, but also unmatched in quality? One can quibble about the degree of the threat faced by other proprietary operating system vendors, but it is pretty much self-evident that nobody can hope to beat Linux (or the BSD variants, for that matter) in the "Unix-based servers on commodity hardware" market. SCO's response in the past has been to trash Linux, often in ways that showed substantial contempt. Many of us remember the classic "Are you still using your old Linux system?" letter from a few years ago. And, only last September, SCO distributed a bulletin in Europe with statements like "Linux at this moment can be considered more a play thing for IT students rather than a serious operating system in which to place the functioning, security and future of a business." The company seemed to hope that, if it put down Linux enough, the problem would go away. SCO is neither the first nor the last company to discover that such tactics work poorly against Linux. Successful companies are those which adapt to the conditions around them; SCO seems to have spent the last year or two figuring out that it needs to adapt in a serious way. And it is in a good position to do so. If you accept the idea that UnixWare shops are going to want to migrate toward Linux, the next question that comes to mind is "which distribution will they pick?" The answer, of course, is that SCO shops will show a strong tendency toward sticking with SCO. If the company puts together a decent distribution that makes the transition relatively painless, it can probably retain a large percentage of its customers at a premium (for Linux) price. Throw in the Linux service and support line that SCO already has going, and there might be a real business there. So, despite its previous attitude toward Linux, SCO can be expected to be serious about this distribution. Expect SCO to become a major player in the commercial Linux arena. IBM jumps in again. IBM announced a number of new Linux initiatives this week. These include support for SuSE Linux on RS/6000 systems, a new version of the WebSphere application server for Linux, and a new set of partner initiatives to help promote training and application development for Linux. All of these show that IBM is increasingly interested in the Linux market. Perhaps the most interesting thing, however, was the announcement that IBM will soon start selling its Thinkpad laptops with Caldera OpenLinux preinstalled. Desktop computers with Linux have been relatively easy to buy for years, but Linux-installed laptops are still scarce. Laptops are notoriously tricky to make work with Linux (indeed, even IBM enlisted Linuxcare's help with the Thinkpad), and not too many companies have wanted to get into that area. Laptop systems can be had from a small company called TuxTops, but larger vendors like VA Linux Systems and Penguin Computing do not offer them. So IBM is almost alone in this market. If they do a reasonable job, they should see some success here. And, with luck, they will inspire others; we may see an end to difficult laptop installations in the near future. Where is the SourceForge privacy policy? Way back in February LWN worried a bit about SourceForge and the high degree of concentration of free software development projects that it hosts. Since then, SourceForge has only grown - it now claims over 5300 projects and almost 34,000 registered developers. It is a tremendous success story in the free software world. The reasons for SourceForge's success are clear. It provides a set of needed services (web, FTP, CVS, mailing lists, etc.); it is well equipped with processing power, disk space, and bandwidth; and the whole thing is operated in a highly capable manner. We would still like to see some competition for SourceForge out there for the simple reason that it is scary to have so much of the free software community's eggs in one basket. But, in the meantime, it is hard to complain about how this basket has been operated. We, however, are skilled complainers, and there is one issue that needs to be raised again. We pointed out in February that SourceForge has no posted privacy policy; four months later, that situation has not changed. A look at the SourceForge terms of service turns up this quote: SourceForge PRIVACY POLICYGive SourceForge high marks for good intentions, but the execution has been on the slow side. Why is a privacy policy important for SourceForge? Consider the sort of information that has been entrusted to this site:
The free software community in general is concerned about its rights and privacy. The fact that there has been very little worry about SourceForge demonstrates the great deal of trust that SourceForge and VA Linux Systems have earned in this community. Nonetheless, it is time for SourceForge to follow through with a solid, no-nonsense privacy policy that provides protection for the information it holds. Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
June 15, 2000
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Security page. |
News and EditorialsThe Myth of Open Source Security (EarthWeb). EarthWeb has run this article by John Viega, author of mailman, the GNU mailing list manager. He takes a look at why the open source process, great for feature development and quick fixes for bugs once found, does not necessarily provide the best environment for developing secure software. "People using open source programs are most likely to look at the source code when they notice something they'd like to change. Unfortunately, that doesn't mean the program gets free security audits by people good at such things. It gets eyeballs looking at the parts of the code they want to change. Often, that's only a small part of the code." This article is not a flame-bait, open source-bashing piece. It is a rational attempt to look at the development methods of the open source community and determine why there are so many simple, avoidable security problems out there, still waiting to be detected. It can easily be argued that commercially-developed software has as many problems or more. The real point of the article is that we shouldn't assume that software is secure just because it is open source. Praise open source software for quick response to problems once found, but don't assume that all, or even most, of the problems have been dealt with already. Last, support the work of people who are providing security audits for open source code. Encourage new developers to learn about security issues. Require your own software to be designed with security in mind from the beginning, not as an afterthought. Linux Kernel Auditing Project. The Linux Kernel Auditing Project has been announced. They are taking on a big bite: auditing of the 2.0.X, 2.2.X and 2.3.X/2.4.X kernel series for potential security problems, as well as developing resolutions for the problem without impairing the performance of the kernel or introducing new bugs. Their goals are laudable and we wish them the best of luck. OpenSSH 2.1.1 released. A new release of OpenSSH has been announced. This new version, 2.1.1, contains a security fix for a vulnerability in OpenSSH that may exist if the UseLogin feature is enabled (not enabled by default). An upgrade to the latest version is recommended. In addition to announcing the new version, Theo de Raadt also passed on good news on the adoption of OpenSSH: "We've been completely blown away by the number of people who are switching from commercial ssh to openssh, with over 250,000 people visiting the our web page in the last 3 months. It's really been a silent revolution, because thousands of people welcomed the switch from commercial use of non-licensed software to a free choice, but have not spoken about how they were running non-free software before." Errata for 2.2.16 and 2.2.17pre1. A few people have hit problems with 2.2.16. Because it is important that people be able to run 2.2.16, due to the security fixes included therein, Alan has released the 2.2.16 errata patch set. Also aimed at fixing the problems with 2.2.16 is the 2.2.17pre1 release which only addresses bug fixes. Security Reportsrestore. A locally exploitable buffer overflow in restore has been reported and an exploit published. Upgrading to dump-0.4b18 should fix the problem. No vendor packages have been released yet.wu-ftpd. Michal Zalewski posted the results from a 20 minute "mini-audit" of the source code for wu-ftpd 2.6.0, turning up yet more problems in this server. No information on patches or fixes have yet been seen.New Kerberos buffer overflow vulnerability. A new exploitable buffer overflow in Kerberos 4 KDC has been reported. This time, in addition to impacting MIT and Cygnus-based Kerberos distributions, the buffer overflow is also present in KTH-krb4 before version 0.10. Patches for the problem are included in the initial report.NFS rpc.lockd Denial-of-Service. A denial-of-service vulnerability has been reported, but not confirmed, in the Linux rpc.lockd code for Linux 2.2.14 and 2.2.16. snort. Snort 1.6 has been reported vulnerable to a denial-of-service attack, crashing in response to an nmap scan. This problem has been confirmed and Snort 1.6.1 should be released soon with a resolution for this problem. Snort is a light-weight intrusion detection program that runs on Linux, BSD and a variety of other platforms. Check the Snort home page for more details. FreeBSD advisories. FreeBSD has put out advisories for apsfilter, ssh (FreeBSD-specific, updated advisory) and /dev/random (Alpha platform only). FreeBSD users are strongly encouraged to read the advisories and follow the included instructions. Commercial products. The following commercial products were reported to contain vulnerabilities: UpdatesLinux kernel capabilities. Check last week's Security Summary for details. Linux kernel 2.2.16 contains fixes for this issue. Note also the errata for 2.2.16 mentioned above. For more information on the 2.2.16 kernel, check the release notes and Alan's thank-you note to the people who helped find and fix these problems. Note that the sendmail update for this problem is not necessary if you update your kernel. OpenSSH. Check BugTraq ID 1334 for more details. Qpopper. Check the May 25th Security Summary for more details. Qpopper 3.0.2 or later should fix this problem. Netscape SSL. Problems in the manner that Netscape handled invalid SSL certificates have been fixed in Netscape 4.73. Check the May 18th Security Summary for the initial report. Also check the June 1st Security Summary for additional problems in Netscape 4.73. BRU. Check last week's Security Summary for details. Remember, this problem can easily be resolved by a permissions change or an upgrade to BRU 16.0. ResourcesOpenSSH Unix Port 2.1.1p1. A minor update to the Linux port of OpenSSH has been announced. It contains "lots of bugfixes". EventsJune/July security events.
Section Editor: Liz Coolbaugh |
June 15, 2000
| ||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is, of course, 2.4.0-test1. Alan Cox continues to develop the "ac" series, with the current version (as of this writing) being 2.4.0-test1-ac18. At times, the interval between "ac" releases seems to be less than the time required to download and compile one of them - a lot is going on. The "ac" kernels certainly qualify as development kernels, however. Most people who tried ac13 regretted it, as a buffer problem caused a lot of crashing and file system checking time. ac16 didn't compile for many. On the other hand, your editor is finding life reasonably comfortable, if not on the bleeding edge, with ac17. A new 2.4 jobs list was posted on June 13. The current stable kernel release is 2.2.16; this release came out just as last week's LWN hit the web. Since then, Alan Cox has made the release notes available, as well as a thank-you note to the people who helped find and fix the security holes that 2.2.16 fixed. Since that release, a few problems - including some security issues - have come up with the 2.2.16 release. As a result, a 2.2.16 errata patch has been released - something that has almost never been seen with Linux kernel releases. If you have upgraded to 2.2.16, you almost certainly want to apply the errata patch. The 2.2.17 release appears to be on the fast track as a consequence of the above-mentioned problems. There is a 2.2.17pre1 patch available now, which contains the 2.2.16 errata and some other stuff. It will likely become official after a relatively small number of revisions if all goes well. Since the emphasis is on getting the bugfixes out quickly, the larger NFS updates look like they will have to wait yet again; maybe in 2.2.18... Are the 2.2.16 security fixes in the 2.4.0-test1 series too? This fairly obvious question came up this week. Alan's terse answer is that "some of them" are in there. Alan points out that there has not been a real security audit of the 2.4.0-test1 releases yet; expect a surprise or two to be lurking there. RMS wants easier floppy access. Richard Stallman jumped into the kernel list with this request to make access to floppies easier ("like MSDOS"). The need to explicitly mount floppies (or use mtools) was held up as one of the things blocking adoption of Linux by Windows users. Mr. Stallman might even be right. Whenever somebody wants to depict Linux as difficult to use, it's standard practice to dig up some sort of ugly mount command. The most common answer to this problem seems to be supermount - a special filesystem which detects media insertion and removal and tries to keep everything straight. Supermount is included with the Linux-Mandrake distribution, and probably with others as well. Supermount, unfortunately, also suffers from a lack of attention. According to MandrakeSoft's Jeff Garzik, getting supermount ported to the 2.2 kernel required some incentive via a project on Cosource.com; work has been done on a 2.3/2.4 port, but it is currently stalled. There is also evidently a need for an audit by a serious filesystem hacker to deal with some questionable practices and race conditions. It is hard to imagine that supermount could be made ready for inclusion into 2.4.0 at this point, though surprises are always possible. But it would be nice if adding supermount separately were an option.
Linux Kernel Auditing Project. An announcement has gone out for the Linux Kernal Audit Project - a group that wants to go through and proactively seek out (and fix) security problems in the Linux kernel. They have a mailing list set up for those who would like to participate. Symbolic link behavior has changed in recent kernels. If a symbolic link points to a nonexistent file (a "broken link"), an attempt to create the file via the symbolic name will now fail. In other words, ln -s no-such-file link touch linkwill fail with a "no such file or directory" error with recent 2.4.0-test1 kernels. With old kernels, instead, no-such-file would be created. A few applications have been broken by this change, leading to complaints. According to Alexander Viro, this change was deliberate (the old behavior was "taken out and shot"). The problem, evidently, is that the old behavior is very hard to implement in the kernel without a bunch of race conditions. Unfortunately, it seems that the POSIX standard says that the file creation should work in this case (except when the O_EXCL flag is used, which is not the usual mode). So Linux has just moved out of compliance in this regard. The kernel generally tries to adhere to POSIX except in cases where it really makes no sense. So it is likely that somebody will eventually apply the needed brainpower to reimplement the old semantics in a safer manner. Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
June 15, 2000 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Distributions page. |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsThe latest Linux: SCO. Check this week's Front Page for information on a new distribution from SCO that we'll be seeing in the near future. New distributionsJailbait. Based on work from the LEM project, Jailbait dubs itself "Another Interesting Linux But Also Intimidating Too". A "fully functional" distribution that fits into 16MB of disk, Jailbait seems to have had the Netpliance iOpener in mind in its development, though, of course, it could be used for other similar-sized appliances as well. Minor distribution updatesBastille LinuxA new stable version of Bastille Linux, version 1.1.0, has been released. This new version has an improved architecture and can be run on "non-virgin" systems. That is an important new functionality. Bastille Linux is a "hardening script" for Red Hat Linux. This new feature will allow Red Hat users to use Bastille Linux to improve their system security without having to reinstall the system from scratch.Caldera OpenLinuxIBM chooses Caldera. An item of particular interest to Caldera fans and covered in detail on this week's Front Page, IBM has chosen Caldera OpenLinux, tailored by Linuxcare, to be pre-installed on IBM Thinkpad laptops. Caldera's OpenLinux eDesktop 2.4 (Signal Ground). Signal Ground reviews Caldera OpenLinux eDesktop 2.4. "After installing Caldera's Open eDesktop, I was impressed by the great similarities between the KDE desktop and MS Windows. The KDE desktop is made up of 4 primary areas: the desktop (including icons), the KPanel, the Main menu and the Taskbar. All these panels and menus are made to help a user quickly access any of the programs in an ergonomic manner." Debian GNU/LinuxDebian Weekly News. This week's Debian Weekly News focuses on a discussion about possibly removing "non-free" from Debian. Debian carefully sorts out software that does not meet the Debian Free Software Guidelines and stores it in a separate directory, titled "non-free". In the "potato" release, the non-free area includes packages like acroread, angband, blender, chimera, Netscape, csound, ezmlm, GIF and TIFF support for GIMP, ghostscript 5, Sun Java, MySQL, PGP, povray, qmail, tgif, tripwire, xv, and many, many more. Although no packages from this directory are installed as part of a default installation, the "non-free" directory is available on all mirrors and is occasionally shipped as part of a full Debian CD set (though it should not be, since much of the software is non-free due to commercial redistribution restrictions). John Goerzen published this proposal that "non-free" be removed entirely, provoking a long discussion (over 1000 messages) and no clear outcome, at least as of yet. Hopefully a consensus can be worked out. The current choice to segregate, but not eliminate, source-code-available software that isn't truly "free (libre)", is a good compromise already. It is part of what makes Debian an extremely rich and flexible distribution. It also allows individuals to educate themselves and make their own choices. In the end, that is another type of "freedom" that we strongly encourage. Debian GNU/HurdA new issue of the Kernel Cousin Debian Hurd is out. This is a newsletter that summarizes discussions on the Hurd development list. Activity during this last period has been extremely light. It mentions that Richard Stallman will be giving a talk on the GNU/Hurd at the upcoming Debian conference.GentusReview: Gentus Linux 2.0 (Duke of URL). We mentioned the Gentus distribution in last week's Distributions Summary. For more information, check out this review from the Duke of URL. ABIT is apparently including their distribution with their BE6-II, BP6 and BF6 motherboards. "No, it's not a bad Jamaican accent, it's Abit's new performance monitoring utility! This is where Abit's distribution really shines and I would like to see other motherboard makers implement this. I found this utility was actually much more accurate than VIA's own monitoring utility, as well. Unfortunately, there is a kernel module required by this, so if you want it, you either need to get Gentus, or put Abit's kernel on your system." Gentus and the GPL. Some allegations have been raised that Gentus is failing to comply with the GPL by not releasing all of its kernel source code. We're watching the situation, and will report further if the need arises. Linux-MandrakeInterview: Gaël Duval (BeOpen). BeOpen interviews Linux-Mandrake creator Gaël Duval. "First, we aren't Red Hat plus KDE anymore. We have a new graphical installation which is nice. It's one of the most powerful installation toolkits available, and it's simple to use. We are very attractive from the end user point of view. Red Hat, on the other hand, is very, very targeted toward the enterprise." Linux-Mandrake 7.1 Reviews. Reviews of Linux-Mandrake 7.1 were popular this week. We have no less than three to share with you:
Mandrake discussion forum and 7.1 Alpha beta release. MandrakeSoft has announced the creation of a discussion forum where users can talk about future Linux-Mandrake releases. If there is something you would like to see in an upcoming version of the distribution, here is your chance to tell them about it. Also announced was the release of the beta version of the 7.1 distribution for the Alpha processor (the Sparc beta was announced last week). MaxOSMaxOS beta released. Alta Terra Ventures has announced the public beta release of the new MaxOS distribution. It is available from the MaxOS web site. (Thanks to Kevin Bailey). MaxOS was covered in this March LWN feature article. SlackwareThe -current tree for Slackware has been upgraded to Linux kernel 2.2.16 in response to the security problems reported with earlier kernels. In addition, inn has been upgraded due to security issues (see last week's Security Summary), though it was never shipped in a vulnerable configuration.Most noticeable, though, even though there has been no announcement, the version numbers for the -current tree were bumped to 7.1.0 on Monday. Expect an official announcement of Slackware 7.1.0 in the near future. SuSESuSE delivers enterprise Linux for IBM RS/6000. Here's an announcement from IBM and SuSE on the upcoming release of SuSE Linux for the RS/6000. It also covers the booting of Linux on the Power4 processor. In addition, SuSE put out their own press release, covering their new support for the Apple PowerPC and Motorola PreP, in addition to the IBM RS/6000. "Of great interest to Mac users and professionals +is the inclusion of the Virtual Machine (MOL) MAC on LINUX in the distribution, making it possible to start the MacOS in Linux and switch from one program to +the other. In addition, the Mac user also has the option of using standard PCI +hardware, such as network cards or TV cards." SuSE 6.4 Review (GNULinux.com). GNULinux.com has taken a look at SuSE 6.4. "As we mentioned, the focus of this major upgrade in v6.4 is geared toward new users. Apart from the ever present 530 pages of documentation, there is a new high color, very graphical, and easy to read new-user's manual. It covers the installation process, along with preparation tips, and identifies potential trouble spots specifically geared to the new user." Section Editor: Liz Coolbaugh |
June 15, 2000
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Development page. |
Development projectsNews and EditorialsApache support for WebDAV. Support for WebDAV has been made available as an open source module for Apache. WebDAV, which stands for "Web-based Distributed Authoring and Versioning", is a set of extensions to the HTTP protocol to allow collaborative editing and management of files on remote web servers. The mod_dav module is provided under an Apache-style license. It is certain to be welcomed by ISPs, who can then provide manageable, editable web pages for their clients without having to allow local logins. "For the first time on the Web, Apache Server users can control information remotely and collaboratively, using interoperable tools that employ metadata and version control. The loosely knit members of the ASF are again break new ground by adopting the Internet Engineering Task Force (IETF) WebDAV standard." To Scroll Down, Just Nod (NewsBytes). NewsBytes put out this brief article on Intel's plans to release a open source development library that would support "gesture recognition, object-tracking, face recognition and camera calibration, which will help researchers develop ways to enhance the ways people use computers". Hard information in the article is a bit scarce. As a result, we don't know the name of the library in question or the actual license that will be used, just that the library will be "without charge or royalty agreement". In addition, the Windows version of the library will be released first, with a Linux version due out before the end of the year. Given that their major goal is to spark application development in order to produce more demand for their hardware, hopefully they will do the right thing and use a true open source license. Meanwhile, their various suggestions for future uses for the library are pure fun: " According to Intel, the home of the near future will see security systems with a camera that recognizes the contours of a homeowner's face, much as fingerprint and retinal recognition do today. And, once inside the home, since the computer is 'aware' of who you are and where you are, the PC can provide relevant information and the control of appliances just by making a recognizable sign toward a camera." BrowsersMozilla status report (Mozilla.org). The latest Mozilla status report is out. Several XBL widget bugs have been fixed in this release. Article on XMLterm (Xml.com). Xml.com has run this feature article on XMLterm and semantic user interfaces from xml.com. XMLterm is a command line interface that runs under the Mozilla browser. "The early UIs for mainframe computers were textual and command-line oriented. This was followed by the graphical UI (GUI), which helped promote rapid growth in the use of personal computers. If one were to stretch this Web and UI analogy further, the next stage in the evolution of the UI should be ... the semantic UI! " ElectronicsLWN feature article: PCB. LWN's Forrest Cook has written this article describing the printed circuit design tool PCB. The process of going from a schematic to a working prototype circuit board is detailed. Chip makers cozy up to Linux (ZdNet). ZdNet has run this article on recent Linux directions from chip makers. "We are in the midst of unveiling and rolling out our most significant architectural development in 15 years," said Jason Waxman, Intel's IA-64 marketing manager, referring to Intel's 64-bit Itanium chip roll-out, slated for later this year. "Fifteen years ago, the developer community was more centralized. Now, we're making (the Linux IA-64 software developer's kit) available on the Internet, so as to reach the broader development community." GamesThe Chopping Block (WorldForge). The June edition of The Chopping Block, a newsletter from the WorldForge multi-player game development project, is now available. Also, for the curious, they've also put up screen-shot for Acorn, their first game. Embedded SystemsNew open source real time API (Linux Devices). A new real-time Common API has been announced by Lineo Industrial Solutions Group. The API supports both the NMT RTLinux and DIPARM RTAI implementations of real-time Linux. Intel releases COPS and vision library as open source. Intel has announced the release of its Common Open Policy Service (COPS) network configuration package under an open source license. Intel has also announced the open source release of a computer vision library, which "will provide a wide range of functions, including gesture recognition, object-tracking, face recognition and camera calibration." InteroperabilityJune 12 Wine Weekly News. The June 12 issue of the Wine Weekly News has been released. Included is a feature on the X11 driver for wine. June 12 Kernel Cousin for Wine. This week's Kernel Cousin for Wine has been released. Cross GCC. Conectiva has announced Cross GCC , a system that allows DOS and Windows programs to be cross-compiled from a Linux host. Tools include gcc-dos and gcc-win. Network ManagementThe BIRD Internet Routing Daemon. The BIRD Routing Daemon 1.0.0 has been released. "The BIRD project is an attempt to create a routing daemon running on UNIX-like systems (but not necessarily limited to them) with full support of all modern routing protocols, easy to use configuration interface and powerful route filtering language". Network Distribution SystemsFreenet News. The first edition of the Freenet News has been posted. Those interested in the development of the Freenet project may want to have a look and encourage the author (Adam Langley) to continue writing these reports. Office ApplicationsLyX Development News. Here's the latest LyX Development News with reports from the LyX Developers' Meeting and discussion of new features in the LyX word processor. "Asger Alstrup Nielsen went nuts and created an External material inset that allows you to include almost anything into a LyX document. Not only that but it's now possible to do amazing tricks with this new inset in combination with external scripts." AbiWord Weekly News (June 8). This week's AbiWord Weekly News is now available. Note that the FreeBSD port of AbiWord is looking for a new "owner". Review: Applixware Office 5.0 for Linux (CNN). Here's a review of ApplixWare Office 5.0 by Nicholas Petreley that appeared in CNN. "This suite is far more than it appears to be. And that's a good thing, because it appears to be quite lame. But Applixware Office usually falls short only when you evaluate it according to the competition's rules." On the DesktopInterview of Andy Hertzfeld on Eazel (Be Open). Be open.com has published this interview of Andy Hertzfeld on Eazel. "Listening to legendary Macintosh developer Andy Hertzfeld wax about the beauties of the Open Source development community is a bit like listening to an old Winterland-era hippie describe his experiences after stumbling into an all-night rave." Interviews of KDE's David Faure (LinuxUK). Linux UK has published this interview of David Faure. "In KDE we have always tried as much as possible to put things in the libraries so that writing a application is as easy as possible, and it means that navigation is consistent. There is still the freedom to do something completely different; you can put the file menu on the right, and you can change anything you want, but we make it simple if you want to make the application compliant with what people are used to in terms of user interface." ScienceOpen source software in medicine. This article discusses the current state of open source software in the British healthcare system. "The most straightforward aspect of the penetration of open source software into healthcare is using Linux for what it does best: acting as a solid network server. Sheffield GP David Bellamy discovered Linux several years ago. He runs the commercial EMIS database system--the English market leader--for clinical applications in his practice. But when he needed a server and firewall for his upgraded network 18 months ago, he installed Redhat 5.0 on a Pentium 75 box he had retired from personal use at home." SupercomputingIBM supports Linux superclusters (ZdNet). IBM will soon be supporting Linux superclusters , "Despite the threat it poses, IBM will soon begin offering support for Linux superclusters, according to an IBM official interviewed this week here at SP World. Such support may ultimately fuel faster adoption of Linux supercluster systems." TelecommunicationsBayonne GNU telecom server. The Bayonne telecom server project has hit the 3rd Milestone. "In announcing the third milestone release of Bayonne, the telephony server of the GNU project, I believe it would be of benefit to more clearly define what Bayonne is. In the broadest possible sense, Bayonne is what could be called a "middleware" platform for developing telephony voice response services, though it is unlike any existing telephony middleware present today." Web-site DevelopmentZope Weekly News. Here is this week's Zope Weekly News. It covers upcoming events, the 2.2 release, and more. "Mike is working with O'Reilly this week to clarify the status of his book. If all goes well we should have a definitive answer on making it official Zope documentation by the end of the week." The Zope Weekly News has been expanded greatly, with more in-depth reports from various portions of the Zope development effort. Checking the new format out will be worthwhile. Zope 2.2.0 beta 1 released. The first beta version of Zope 2.2.0 has been released. Section Editors: Liz Coolbaugh and Forrest Cook |
June 15, 2000
|
|
Development toolsJavaReport from JavaOne. Nelson Minar sent us a report from JavaOne that he had posted to the java-linux list. "The biggest news I heard is that Java 1.4 ('Merlin') should be released simultaneously on Windows, Solaris, and Linux." Linux JDK 1.3.0. The Early Release Developer Kit for Linux JDK 1.3.0 has been made available. This package includes development tools, the IBM Java Runtime Environment for Linux, sample code and Java source files. Perluse Perl News. The use Perl site has information on the upcoming yet another Perl conference , a review of the Perl Whirl 2000 cruise, information on numerous new perl modules. Perl 101 (Developer Shed). Developer Shed is running a series called Perl 101 that covers the language from the basics to advanced topics. PythonPython/XML. A package of tools for writing XML applications in python is now available on Source Forge. Does Programming in Python Marginalize You? (LinuxDev.Net). This LinuxDev.Net column worries that Python will remain marginal. "I worry that using Python can actually marginalize a programmer. Python is hard to beat for writing applications that run on a single computer. But that's yesterday's computing model. The future of computing, heck, the present of computing, is in writing programs that run through a web browser. And the fact of the matter is that 99% of web browsers surfing the internet run Java and JavaScript, which gives these languages a huge advantage over Python, an advantage that Python's superior design may not be able to overcome." Tcl/tkDr. Dobbs' Tcl-URL. This week's Tcl-URL is available, with pointers to the latest Tcl/tk news. Section Editor: Liz Coolbaugh and Forrest Cook |
Language Links Guile Haskell Blackdown.org IBM Java Zone Perl News PHP Daily Python-URL Python.org JPython Smalltalk |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Commerce page. |
Linux and BusinessLWN Linux Stocks Page upgrade. A long-awaited upgrade to the LWN Linux Stocks Page has been completed by LWN hacker Dennis Tenney. Much of the work is behind the scenes, but we have finally added a much-requested charts page comparing the performance of Linux stocks against other stock market indices. IBM briefly. IBM was covered on this week's front page, but here are the press releases for the WebSphere announcement (The new version is supported on the Caldera and Red Hat distributions, and retails for $499) and the release of SuSE Linux for the RS/6000. Red Hat on the move. Bob Young addressed the "2000 World Congress on Information Technology" in Taiwan on June 13. Red Hat has announced that the second version of its book Maximum RPM has been put up for free download at www.rpm.org. The second version is a work in progress - they seem to want help in getting the job done. The first version is also available in PostScript format. On the embedded front, the company announced the signing of a deal to acquire WireSpeed Communications, a maker of communications software for embedded systems. Red Hat also released a distribution of the GNUPro tools for Altera's new "Excalibur" embedded processor. Embedded Linux company Lineo has been busy. LinuxWizardry announced that its "Apprentice Router" system, set to hit the shelves in August, will be manufactured by Lineo. AMD and Lineo have announced a deal where they will work together to provide support for AMD's line of embedded processors. Internally, Lineo has announced the formation of its "industrial solutions group," which will handle industrial process control and military jobs. "This group today released a common API for real-time Linux, giving real-time Linux developers the ability to use the same API whether they are developing on RTLinux or RTAI, the two most widely-used distributions of real-time Linux." More Embedded news. Coollogic has announced that Acer has licensed its "Coollinux" embedded distribution to use in a series of Internet appliance products. Bus-Tech has announced its "Embedded Linux Controller" development platform, which runs MontaVista's Hardhat Linux. Press Releases:Open Source Products.
Commercial Products for Linux.
Products Using Linux.
Products with Linux Versions.
Java Products.
Partnerships.
Investments and Acquisitions.
Personnel.
Linux At Work.
Other.
Section Editor: Rebecca Sobol. |
June 15, 2000
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Linux in the news page. |
Linux in the NewsIBM. IBM will be offering commercial support for (Netfinity-based) Linux clusters, according to this ZDNet article. "While impressive, the development of Linux superclusters is still at an early stage, said UNM professor Brian Smith, co-director of the High Performance Computer Center in Albuquerque. This is not something that's ready for prime time,' Smith said, 'but it's not surprising to me that in a few months IBM will have units running able to do this stuff.'" ZDNet looks at IBM's latest Linux announcements. "Somehow, the Linux doldrums seem to have little impact on IBM's Linux commitment. On Monday, the company announced stepped-up support of Linux on a host of platforms, ranging from ThinkPad laptops, to RS/6000 workstations, to AS/400 servers. IBM already has launched major marketing campaigns around its support of Linux on its PC servers and S/390 mainframes." Here's an AP article on IBM's laptop announcement. "The laptops are aimed at computer professionals and scientists, two groups that have embraced Linux, said Irving Wladawsky-Berger, the head of IBM's Linux group." News.com covers IBM's Linux announcements. "IBM today committed to preloading Caldera OpenLinux eDesktop 2.4 on ThinkPad A20m and T20 models. In the third quarter, IBM promised to certify select ThinkPad models for Red Hat, SuSe and TurboLinux versions of Linux." Here's a Boston Globe article on IBM's laptop announcement. "The ThinkPad notebook from IBM, the world's largest computer maker, will come with Linux software from Caldera Systems Inc. starting in the third quarter. IBM also will spend $6 million this year on services to help software developers create applications that run on Linux." News.com has run a pronouncement from the Gartner Group on IBM's latest Linux announcements. "In addition, the earlier investment craze over Linux has died out, and most Linux-only companies are struggling financially. Without financial props for companies specializing in Linux hardware and open-source software, asking Linux to take on a pervasive role in enterprise architectures is that much more risky. Accordingly, enterprises must be cautious about which vendors and products they bet on. Failures among Linux companies could have strong ramifications and may put the onus on IBM and other system sellers to contribute technically and financially to the well-being of the Linux community." Embedded & Real-Time News. LinuxDevices.com is running a poll to determine which aspects of open source software appeal most to people designing embedded systems. It joins a set of other polls which have been running for a while. Head on over to check out the results or to add your answers. Is Linux the Embedded Operating System of the Future? asks OpenSourceIT. "Like most corporate embedded Linux developers, however, LynuxWorks sells proprietary embedding, development, and testing software for BlueCat. And while the company has had an internal debate on the merits of opening up the source code to its original LynxOS, it has decided to keep the product as a closed platform." Here is an article from LinuxDevices that looks at one of the new embedded products announced at this week's JaveOne Conference. "Imsys (Sweden) used the occasion of JavaOne 2000 in San Francisco to unveil an unusual new system-on-chip microprocessor that supports native on-chip Java bytecode execution -- but also runs embedded Linux." LinuxDevices asks, "How much RAM memory and disk space does an embedded system require to run Linux?" "There are two reasons why it's difficult to answer that question with a few simple numbers. First, Linux is open source. As a result, developers possess the tools to eliminate unnecessary functionality to match the requirements of a given configuration. Secondly, embedded systems are incredibly diverse, so there are almost as many required Linux configurations as there are unique embedded systems (and that's in the tens of thousands)." Also from LinuxDevices.com, this article on the new real-time Linux API being promoted by Lineo. "Although Cygnus (now Red Hat) proposed an alternative common API last September based on POSIX, called EL/IX, many users of RTLinux and RTAI have expressed preference for the simpler programming model offered by the two most popular real-time Linux implementations." Open Source. This Industry Standard column argues that the open source approach should be extended to other types of industry. "But imagine the open-source spirit moving into the manufacturing arena. General Motors (GM) could use the process to help design cars using 3D visual prototypes distributed via the Web. Participants could include style-conscious customers, fleet buyers, knowledgeable service technicians, supply-chain partners, dealers, car buffs and industrial designers." The Washington Post looks at the Infrasearch engine. "A group of open-source developers quietly posted on the Internet last week a bare-bones search engine based on the technology behind the controversial software tool Gnutella, which lets users bypass central computing authorities and trade files directly among themselves." ZDNet's Evan Leibovitch revisits the software license topic after getting a lot of reader feedback. "Last week I suggested that the GPL might be a better idea for one specific kind of software: reference code for interoperability standards. I still believe that, despite the vitriol. But this is a far cry from saying the GPL is universally superior to BSD, and I don't believe that at all. Neither is universally better, and neither is innately friendlier or more hostile to authors than the other. It all depends on what the author wants, and the best part of it is that the author has the choice. If you think a license is hostile, just don't use it, OK?" CNN covers the open source release of Plan 9. "Most users of the 1995 release of Plan 9 are at research labs. Rob Pike, a director at Bell Labs, said opening the source code 'should encourage more people to experiment with it.' Plan 9 is especially well suited for running secure Web servers, he said." Here's a look at Plan 9 from LinuxMall. "In a typical implementation as part of the infrastructure for a work group, Plan 9 allows users to customize a virtually private computing environment and then recreate it at any networked terminal, [Lucent Technologies spokesperson Patrick] Regan said. 'The system does this by delivering a private view of shared resources, including processing power, data, programs, and communication services. A more prosaic use is to simplify system administration for a community of users who may or may not know that Plan 9 is providing their connections to printers, servers, and other resources.'" This Upside article looks at a few open source businesses. "Admittedly, the open source business model has come under fire in recent weeks. With investors suddenly demanding a faster road to profitability, companies in the commodity Linux distribution and services market are hard pressed. Fortunately for Collab.net, the company has built up a unique niche, intermediary development services, that affords multiple revenue streams." BeOS Central has put up a lengthy editorial which criticizes Be's open source moves. "Next to the share-oriented culture that is the open-source old guard, Be's decision to open source the Tracker and Deskbar as part of a marketing effort literally reeks of trendiness and insincerity. This is because though the Tracker and Deskbar are essential parts of the BeOS desktop, they are little more than window dressing in comparison with SGI's decision to release their file system or the lean and loose, totally free code that forms the Debian GNU/Linux distribution." (Thanks to Etienne Pelaprat). Dave thinks Open Source is a trend in this DaveNet article. "Thankfully the open source rage is on its last legs. If you're honest and made a bet on open source, and want to get help from the press and investors, here's some open source (free) advice. Play it down. "Oh that's an open source play" they will say, shaking their heads as they look for something else to hype. Like B2C and B2B, it's last year's trend. Avoid those trends like the plague." Corel. Forbes looks at Corel's problems. "So the painful but necessary question is whether Corel is really worth saving. As a company, the answer may be no. But its products could thrive under a new company with better distribution and a more focused Internet software strategy. In fact, last November shares of Corel skyrocketed on rumors that Red Hat or some other Linux company might buy the company." The Ottawa Citizen looks at Corel's Linux plans. "Corel's Linux sales could accelerate more quickly later this year as it introduces numerous Linux-based products. But analyst Duncan Stewart of Tera Capital Corp. in Toronto, said: 'There is no way that Corel is going to sell $20 million in Linux products this year ... when the whole U.S. market for Linux products is only about $25 million now on (an annual basis).'" Newsbytes reports on the layoffs at Corel, which evidently total 320 people. "Corel also said the Michael Cowpland, president and chief executive officer, had decided to forego his own salary for the time being..." Other Companies. The San Francisco Chronicle notes the end of the VA Linux lockup period. "Many Silicon Valley employees have stood on the sidelines watching the value of their locked up shares shrivel. But few have felt the same pain as the folks at VA Linux." Bruce Twickler, former CEO of Andover.Net, hasn't wasted any time before filing to sell 100,000 shares of his new VA Linux stock, according to this NewsTraders article. "According to the document, Twickler planned to sell the shares, worth nearly $3.8 million, on June 7, using Morgan Stanley Dean Witter's brokerage services for the deal." Netscape has filed to sell 500,000 shares of Red Hat stock, according to this Newstraders article. Linuxcare is out looking for more investments, according to this News.com article. "Linuxcare, a struggling provider of services for the Linux operating system, has begun its third round of funding with hopes of raising between $25 million and $35 million. The funding should be sufficient for Linuxcare to execute its plan to achieve profitability, with or without an initial public offering, said Dave LaDuke, co-founder and vice president of marketing." Upside looks at HP's open source strategy. "In other words, Gartner says, IBM has been willing to support Linux even at the expense of AIX, because Linux is expanding the demand for IBM-licensed applications such as DB2 into markets once dominated by IBM's Unix competitors. Meanwhile, Hewlett-Packard, because it has less applications to offer, has adopted the strategy of backing Linux primarily in markets where it doesn't overlap with the company's own profitable HPUX offering." According to this Network World Fusion story, SCO plans to launch its own Linux distribution. "SCO is expected to announce 32- and 64-bit versions of Linux for Intel-based servers, which will be available in the fourth quarter of this year. In early 2001, SCO plans to deliver a 32-bit Internet Infrastructure Edition that will come bundled with a Web server and other IP applications." (Thanks to Joey Maier). Here's ZDNet's take on SCO's plans to put out a Linux distribution. "There could be downsides to SCO's move for the Linux market, however. Both Caldera and Red Hat said the introduction of any kind of non-standard Linux that might include SCO-proprietary features could result in industry fragmentation." Collab.Net is the subject of this ZDNet article. "Founded last July, Collab.net was intended to be the source of tools and collaborative procedures following the principles of open source code development. Collab.net maintains the open source hosting site, which has 30 requests for proposals active on the site and being formulated into projects, said [founder Brian] Behlendorf." Here's a ZDNet story about Eazel. "'I think the promise of the personal computer revolution ran into a dead end. It ended up in a cul-de-sac because of the proprietary systems,' says Andy Hertzfeld, one of the core developers of the original Apple Macintosh, who helped found Eazel." Primeur takes a look at the "Asgard" cluster hosted at ETH Zurich. "Because the machine is worth more that 1.5 million Swiss Francs, European regulations require an open tender that has to adhere to strict rules. So who won this tender? One of the big supercomputer companies you would assume. Not so, a small Swiss company Dalco employing 8 people but with a yearly turnover in the 10 million Franc range, solved the legal issues, the technical problems, convinced the ETH they could do the job, and offered the lowest price." (Thanks to Lenz Grimmer). The Rocky Mountain News covers a company called Kaivo, which is launching an "open source marketplace" on its web site. "Kaivo (www.kaivo.com) hopes to attract sufficient numbers of vendors to begin marketing the site to business information technology professionals by July. In addition to listing products and services for corporate customers seeking an open-source solution to specific business problems, the site will include an encyclopedia of open-source related topics." Other Business. This ZDNet column expresses concerns about the new (Linux-based) Gateway appliance system. "We've previously expressed our concerns about the next monopoly being based on control of what's on the Net. We'd be less reserved in our delight at the Gateway/Transmeta/AOL initiative if we didn't see a content owner, a big one at that, potentially controlling content producers' access to what could soon be enormous numbers of Net-watching-or in this case, AOL-watching-eyeballs." ZDNet covers the release of the IA-64 developer's kit by Intel and HP. "The kit includes other relevant tools, as well, such as the standard GPC compiler updated for IA-64 from The Trillian Project -- a coalition of Caldera Systems, CERN, HP, IBM, Intel, Red Hat, SGI, SuSE, TurboLinux and VA Linux Systems, dedicated to bringing Linux to Intel 64-bit systems. A copy of Trillian's February developers release of its 64-bit Linux operating system also is part of the Intel-HP IA-64 SDK." Here's another a ZDNet article on the release of the IA-64 developer's kit. "While several major OS vendors have already announced support for the new chip -- including Microsoft Corp. (64-bit Windows), HP (HP-UX), IBM (Monterey64) and Novell Inc. (Modesto) -- the availability of Linux-based applications is seen as crucial to the chip's success." This story on ZDNet is about TiVo's Linux-based set-top box. "While Microsoft's hands' are filled with other worries, Redmond could learn a few valuable lesson from tiny TiVo on how to design interfaces and software. Perhaps in this light it's not surprising that the TiVo PTR runs a Linux core on a PowerPC CPU, as the TiVo demands stability. Why? Because it's always on and always running. Seriously, there's no power switch. Plug the TiVo in and it's on, though it does go into power saving mode after a period." ZDNet looks at whether Java can really become an Internet standard. "Sun's refusal, so far, to agree to a standards process means many open source developers - the community that developed the Sendmail mail transport agent, the Perl, Python and Tool Command Language scripting languages, the Apache Web server and other open source contributions to the Internet - have gone elsewhere. And while Sun is riding high at the moment, its assertion of control may actually be holding Java back, suggested critics like the Open Source Initiative's [Eric] Raymond. While Java is expanding, Raymond asserted that Perl, Python and Tcl are expanding just as fast and absorbing what might have been part of Java's role." CNN surveys available distributions for the PowerPC architecture. "SuSE and Debian offer a load of configuration tools and are aimed primarily at users looking to replace the Apple operating system with Linux on old Mac hardware. TurboLinux includes several network and server administration tools with its PowerPC distribution and could be considered better suited for setting up as a server for the Web or LAN." Troubleshooting Professional has put up a special issue on transitioning away from Microsoft products. "This month's Troubleshooting Professional details some of what you need to know in order to make an orderly transition away from the Windows platform, which we believe to be waning in viability and popularity. Linux provides most of the functionality of Windows, and provides a rich set of features and functionalities for which Windows users had not dared wish. Linux offers us an unparalleled opportunity to make our computers more useful." Here is an article from UpsideToday, joining a host of others in speculating on the impact of the Microsoft ruling. "The trickle of venture capital into companies competing for a piece of Microsoft's (MSFT) market space may turn to a river of cash now that a judge is ordering the software giant to split in two. The big winners are likely to be middleware software makers and "anything Linux," into which venture capital firms have sunk more than $275 million for at least two years, analysts say." From Nando Times comes this introductory piece. "For the average home user, however, Linux is still not an appealing choice. Not only does it requires some technical skill, it also doesn't run Microsoft's software for word processing and spreadsheets." (Thanks to Rami Graziani). Resources. Byte.com takes a look at the interoperability of Linux distributions. "The Free Standards Group emerged as a combination of the Linux Standard Base project and the Linux Internationalization Initiative. The group is headed by Dan Quinlan, who had headed the Linux Standard Base project. Indeed, that's the organization's first goal: a spec, which developers can use for apps, similar to the Linux Standard Base work. With luck, people can then download or distribute apps that have a reasonable chance of running on differing distros. That doesn't happen right now. " (Thanks to Rami Graziani) Interviews. BeOpen talks with Eazel's Andy Hertzfeld. "Hertzfeld, who agrees with the notion that customizability should be a central design tenet for any Linux element, says that the company's main goal is to build the internal software tools that make life easier for users without pissing off the hardcore hackers that make up the backbone of the development process." Olinux.com.br interviews Ronny Ko, the editor of 32BitsOnline. "If content is paramount on the web, then it is great bet, the creation of original content take a lot of time and resources. In a world where success is valued by how much revenues a company generates, 32BitsOnline/Medullas is holding its own as a private company." BeOpen interviews Linux-Mandrake creator Gael Duval. "First, we aren't Red Hat plus KDE anymore. We have a new graphical installation which is nice. It's one of the most powerful installation toolkits available, and it's simple to use. We are very attractive from the end user point of view. Red Hat, on the other hand, is very, very targeted toward the enterprise." Linux-Mandrake & Other Reviews. Here's a review of Linux-Mandrake 7.1 on GnuLinux.com. It dedicates a lot of space to complaining about installation problems. "Okay, by now you probably think we really hate Mandrake, right? We still like their distro and have never had problems like this with any of their previous releases (even the betas). So, a few days later we did another fresh install. Guess what? We had none of the problems listed above. So, we maybe we can chalk all this up to bad luck." The Duke of URL reviews Linux-Mandrake 7.1. "Linux distributions popping up everywhere, it's getting harder and harder to find quality. Fear not, because here it is. Mandrake combines the sleek desktop of KDE and Gnome with many user-friendly features often called 'The Mandrake Touch.'" In case you've not seen enough Linux-Mandrake 7.1 reviews for one day, here's one on LinuxNewbie.org. "From the massive collection of included apps, seamless integration of XFree86 4.0, and the awesome collection of themes, this version has it all. Newbies will enjoy having virtually everything configured for them while old hands can save time downloading their favorite apps. The boot loaders Grub and LILO are there for the choosing, both dropping the 1024 cylinder problem like a bad habit. I would suggest even die hard fans of Debian and Slack to check this out." Signal Ground reviews Caldera OpenLinux eDesktop 2.4. "After installing Caldera's Open eDesktop, I was impressed by the great similarities between the KDE desktop and MS Windows. The KDE desktop is made up of 4 primary areas: the desktop (including icons), the KPanel, the Main menu and the Taskbar. All these panels and menus are made to help a user quickly access any of the programs in an ergonomic manner." Finally. News.com reports on Bob Young's talk in Taiwan. "The Red Hat chairman turned out to be one of the more popular speakers at the three-day conference here. Unlike other speakers, he drew applause from the audience of approximately 1,700 computer professionals and government officials for his speech, which included healthy doses of spontaneity. After a subsequent press conference, some attendees crowded the podium to get his autograph." This Washington Post column was intended to be an "installation nightmare" story, except that the nightmare didn't happen. "I was dumbfounded to discover that installing Linux was easy. Why? Well, the world has changed. No more do you have to understand everything about Linux before you install it, downloading the many chunks of code necessary to run a complete system and getting them all to work together. That was BSW--before shrink-wrap. With companies such as Red Hat and Corel putting all the software you need in a box, the pain is (nearly) gone." ZDNet ran this lengthy article on the state of Linux gaming. It's getting better, they say. "Yet, for all the confusion, the potential is there. Most audio and controller drivers are included in the major distributions of Linux, which makes the majority of installations a snap. Moreover, knowing how to set up 3-D may become unnecessary this summer when Precision Insight's [Darryl] Strauss believes the major distributions will begin to include a stable version of Xfree86 4." CNN has posted this IDG article from Linux Expo 2000. "That stereotyped image of the Linux brigade was epitomized June 1 and 2 at Linux Expo 2000 in London by Alan Cox, one of the Linux world's gods. As the first speaker, he appeared for all the world as if he'd stepped out of a '60s time warp. Nevertheless, only two or three other hippies were present. The rest appeared to be middle and upper management types, ranging in age from their mid-twenties to at least their mid-sixties." An Andover.Net columnist has some difficulties with Linux and USB. "And I thought, hey! Now that I have a USB mouse, and the latest Linux kernel has limited USB support, maybe, just maybe, I could try to install Linux again! I was told by several people that Corel Linux was the easiest and best distribution for newbies like me, so I picked one of those up too. All I'm going to tell you is that the whole kit and kaboodle is packed back up in the box, including the free cuddly penguin, and is up for sale on eBay. OK, I'll tell you this too: I didn't (make that couldn't) even get past the 'where do you want to install this package' screen without being unable to further navigate." (Thanks to Cesar A. K. Grossmann). Section Editor: Rebecca Sobol |
June 15, 2000 |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Announcements page. |
AnnouncementsEventsEmbedded Linux Expo & Conference. Applied Data Systems will be displaying its new "plug and play" embedded Linux system, on a StrongARM SA-1110 platform at the Embedded Linux Expo & Conference, June 22, 2000. LinuxFest 2000 - Kansas City. LinuxFest, June 20 to June 24, 2000, welcomes Dell and Smartware. LinuxTag 2000. LinuxTag 2000 is almost upon us. June 29th through July 2nd, Linux fans will be gathering in Stuttgart, Germany, for this annual event. The keynote this year will be by Richard Stallman, UserFriendly's Illiad will be signing autographs and a full conference and exhibit are planned. LinuxWorld Expo announces keynote speakers. IDG has sent out this announcement naming the keynote speakers at the LinuxWorld Expo this August. They include Michael Dell, Ransom Love, and Joel Birnbaum. ApacheCon Europe 2000. The official announcement for ApacheCon Europe 2000 has gone out. It will be held in London on October 23-25, 2000. No word on speakers at this point. User Group NewsLinux Users' Group of Davis Meeting. LUGOD will meet on Monday - June 19, 2000 at 6:30pm. The topic will be "GnuCash". JobsApplied Data Systems, Inc. needs Software Engineer. Applied Data Systems, Inc. in Columbia, Maryland is looking for a Lead software engineer with experience in real-time embedded systems. |
June 15, 2000 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software Announcements
|
Our software announcements are provided courtesy of FreshMeat
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Back page page. |
Linux Links of the WeekKernelNewbies.org is the home page for the "#kernelnewbies" IRC channel. #kernelnewbies tries to help ease people into the world of kernel hacking by providing them with a friendly environment to ask questions and talk about their problems. Some of the recent memory management hacking has been done in the context of #kernelnewbies. The Gimp-Savvy photo archive features over 15,000 images, all copyright-free, which an aspiring GIMP basher may use to create amazing new pictures. There is a keyword indexing system, and a mechanism for users to add keywords to images to help others in finding what they are after. Section Editor: Jon Corbet |
June 15, 2000 |
|
This week in historyTwo years ago was a relatively slow time. The 2.1.106 development kernel was coming together. Slackware 3.50 was released. And Ralph Nader sounded off on operating systems: There are relatively obscure products that can substitute for Windows, such as Linux, and many of them are available free on the Internet for people to download and install themselves. Nader is upset that computer makers won't sell machines with those products already installed. (Associated Press) One year ago: Red Hat filed for an initial public offering of stock, thus leading the pack of Linux companies seeking to go public. Jim Pick was separated from longtime kernel site LinuxHQ, which he had been maintaining; he moved his work to kernelnotes.org. Development kernel 2.3.6 was released, as was stable kernel 2.2.10. The infamous Mindcraft benchmark trial was rerun, turning up some real problems in Linux networking and process control. The Debian project adopted a new logo. Jon 'maddog' Hall jumped to VA Linux Systems. Guylhem Aznar took over as the leader of the Linux Documentation Project. LinuxPPC 5.0 was released. The "Open Source" trademark effort officially went down, after the U.S. Government refused to register it. The OSI promised to come back with an "OSI Certified" trademark...one year ago... In the press: But the mere fact that there is now an official SEC document that includes the text of the GPL serves as fairly astonishing proof that the rules of the software business really are being rewritten. Stallman and the FSF have been assailed as anti-capitalist radicals for their work in ensuring that the world can enjoy the benefits of free software. Now, Stallman's legacy is intimately entwined with the ultimate icon of late 20th century capitalism -- the initial public offering. (Andrew Leonard, Salon) | |
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Thu, 8 Jun 2000 10:33:38 -0600 (MDT) From: Dave Mallery <dmallery@cia-g.com> To: letters@lwn.net Subject: RMS We are indeed fortunate to have RMS in our midst. Lacking him, there probably would be no "midst". Men of vast integrity are seldom popular. They are often crucified. -- www.ramahcafe.com Dave Mallery Ramah Cafe 3270 Hiway 53 PO Box 520 Ramah, NM 87321 no gates no windows... running GNU/Linux free at last! Linux is a trademark of Linus Torvalds | ||
Date: 8 Jun 2000 18:08:13 -0000 From: Eric Smith <eric@brouhaha.com> To: letters@lwn.net Subject: Patents and Free Software LWN reported on June 8, 2000: > Intellectual property laws increasingly look like the tool of choice for > those who wish to fight against free software. The ability to patent > file formats, if it stands up, adds greatly to the power of this > weapon. This is a worrisome development indeed. Fortunately, as ever-increasing amounts of Free Software is developed, we will be creating a lot of new intellectual property that is not only unencumbered, but can serve as prior art in future patent cases. As the amount innovation in Free Software (collectively) will approach and perhaps exceed that of proprietary software, it will become harder for companies to obtain and defend patents on simple and obvious file formats, etc. It also seems possible that Free Software developers could in fact obtain patents on their innovations, and license them freely for use in Free Software. The problem here is that obtaining a patent can be a costly endeavor. Perhaps an organization could be formed to handle patent applications for Free Software developers, and act as a licensing authority for the resulting patent pool. By offering non-exclusive commercial licenses for the patents, the inventors would earn royalties and the organization could be funded. It would certainly be satisfying to see a body of intellectual property that could be used freely in Free Software, but that proprietary software vendors would be required to pay to license! It is particularly good to see that many new software licenses contain terms such that the licenses terminate if the licensee initiates any intellectual property litigation against the licensor. I don't know Stallman's view on this, but I'd really like to see such terms put into the next versions of the GPL and LGPL. This would provide another reason for Free Software developers to transfer ownership of copyrights to the FSF; then if MeanAndNastySoftwareCo were to ever sue the FSF for patent infringement, their rights to use and distribute all of the FSF's software would terminate! Eric Smith | ||
Date: Fri, 9 Jun 2000 04:42:40 +0200 From: Juanjo Alvarez <jajs@retemail.es> To: letters@lwn.net Subject: Software patents and VirtualDub I want to remember that software patents are not legal in Europe. Having the source it shouldn't be difficult to made an alternative implementation an put it on a non-US mirror. | ||
Date: Thu, 8 Jun 2000 18:53:50 -0500 From: "John J. Adelsberger III" <jja@wallace.lusArs.net> To: letters@lwn.net Subject: BSD license (Re: letter from Anand Srivastava) I think this gentleman misses the point of the BSD license. The ability to reuse code in traditional commercial settings is not regarded by BSD proponents as a "loophole." It is regarded as a feature of the license. Of course, the GPL advocacy crowd often distorts things like that. They point to Linux as a shining example of their philosophy - but is it? It is not. Linux is developed voluntarily by people who choose to give their effort away. The FSF philosophy, espoused quite openly by Richard Stallman, is not about volunteerism. It holds that software is free, must be free, and that therefore, the products(read: time (read: lives,)) of programmers are free for the taking, no matter what those programmers think about this. If you don't believe it, read the GNU manifesto and related documents from Mr. Stallman. If Mr. Srivastava were trying to accurately convey what lies in the heart of a true FSF/GPL advocate, it would read as follows(a paraphrase of a portion of his letter): "GPL License has a big loophole and we have witnessed the consequences for as long as we can see. Programmers can give their work away, but if they choose not to, they can use another license! This defeats our goal of enslaving programmers everywhere to create a propertyless information age. Stalin would not be proud." This may not be what Mr. Srivastava thinks of when he thinks of the GPL. He may well be(and probably is) a well intentioned individual who doesn't really understand the FSF. One can only hope. But, sad to say, this IS what Mr. Srivastava -should- think of when he thinks of the GPL. This IS what the GPL was made as a stepping stone towards. The funny part is, the FSF admits this in public. In fact, they insist upon it. -- John J. Adelsberger III ETAONRISHDLFCMUGPYWBVKXJQZ jja@lusars.net | ||
Date: Thu, 08 Jun 2000 12:47:20 -0700 From: Tim Jones <tjones@estinc.com> To: letters@lwn.net Subject: BRU Security Exploit Posts As the development manager on the EST's BRU product, I would like to snuff out the small firestorm that has surfaced around our BRU product. First, we sincerely appreciate users for providing feedback and assisting in the evolution our products. EST's corporate servicemark of "Software You Can Trust," is based on our commitment to ensuring that our products are both secure and bug-free. This particular security issue is easily resolved as outlined in the SecurityFocus.com posting. To recap the fix, by simply removing the SUID bit on the /bin/bru and /bru/bru files, the potential exploit is totally closed. To un-SUID the BRU executables, issue the following commands as root: chmod 711 /bin/bru chmod 711 /bru/bru However, the slightly extremist stand that the permissions should be changed to 500 is not necessary, and could disable the product's usefulness for data backup by non-root users. BRU can live happily with permissions set to 511, or even 711 - as shown above, and remain secure while allowing users to properly backup files. The only reason for the root suid setting was to enable logfile write access by all BRU users. To enable logfile writes for non-root users after the SUID bit is cleared, simply set the permissions on the /var/log/bruexeclog file to 777, or add an environment variable to the users' login environment that assigns the BRUEXECLOG environment variable to a file to which the user has write permission. This issue does not exist in our new BRU 16.0 release as no files are installed SUID root. -- Tim Jones tjones@estinc.com Vice President http://www.estinc.com/ Enhanced Software Technologies, Inc. (602) 470-1115 "The BRU Guys" | ||
Date: 14 Jun 2000 19:02:01 -0000 From: Eric Smith <eric@brouhaha.com> To: letters@lwn.net Subject: Openness and compatability On June 14, LWN quoted Andy Tai's translation of Bill Gates' talk in Taiwan: Also different programs can be developed on top of Linux, with each one possibly incompatible with another, and thus Linux is not really 'open.' Apparently Bill's idea of an Open operating system is one for which the end-user is only able to buy one brand of word processor, spreadsheet, etc., thus guaranteeing "compatability". By this criteria, I suppose I should ditch my "closed" Linux system and buy an "open" Windows system. Blech! Eric Smith | ||