![[LWN Logo]](http://old.lwn.net/images/lcorner.png)
![[LWN.net]](http://old.lwn.net/images/bigpage.png)
|
|
|
Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
 Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsBT attempts to enforce its patent on linking. It must really be true that British Telecom is a foe of software patents. What else could explain its behavior, which is clearly intended to demonstrate just how ridiculous and destructive those patents are? The company, remember, claims that an old patent (from 1976) covers the act of linking between pages on the web. As a result, says BT, anybody who makes such links without licensing the patent is guilty of infringement. There are, of course, a few people and companies here and there which are guilty of this nefarious deed, meaning that BT should have no shortage of possible legal targets. One wonders, then, how Prodigy was chosen for the honor of being the first victim of BT's legal team? (That team, incidentally, is Kenyan & Kenyan, the same company that sent out the ":CueCat" letters for Digital Convergence. They seem to be making a determined effort to kick Canter and Siegal out of the Internet doghouse). Some legal eagle has presumably calculated that Prodigy has the proper combination of deep pockets and shallow legal coverage. A good result from the first case would certainly help BT in its task of shaking down the rest of the American Internet industry. BT must be hoping for a quick settlement. One can only hope that Prodigy stands its ground. BT will have a very hard time winning this case on its merits, for a couple of reasons. The first reason is that, of course, there is a certain amount of prior art out there. The patent was filed early - 1976 - so many of the technologies we are familiar with now do not apply. But the patent is predated by Ted Nelson's Xanadu work, the pioneering efforts of Doug Englebart, and, of course, Vannevar Bush's amazing As We May Think, which was published in 1945. In the light of that work, BT's patent looks decidedly unoriginal. There is also the little difficulty of proving that anybody is actually infringing on the patent, even if it is held to be valid. There are a couple of independent problems here:
(The above is lifted from Greg Aharonian's PATNEWS newsletter, which covers the topic in detail. See the Internet Patent News Service page for more information on PATNEWS). So BT is not going to have a easy time prosecuting this patent. With luck, however, the company will, in failure, succeed in convincing a wider group of people that software patents are a bad idea. (See also: Don Marti's open letter to the CEO of Prodigy, Rick Collette's petition to British Telecom asking the company to back off, and news articles in The Register and News.com).
The LWN.net 2000 annual timeline. Our long-time readers will know that we have made a bit of a tradition out of our annual, year-end timeline. We're happy to announce that the initial version of our LWN.net 2000 timeline is now available. Check it out for a summary of the major events in the Linux community over the last year. As always, it has been an interesting ride. For the curious, here are the timelines for 1999 and 1998. When Linux companies go bad. What happened to Corel? Earlier this week C|Net's News.com reported that Corel was considering a sale of its Linux business to a venture capital group known as Linux Global Partners (LGP). While C|Net reported possible transactions, the National Post was a bit more firm: "Software maker Corel Corp. has agreed to sell its Linux line of products to a New York-based venture capital firm in a transaction that will close in January, sources close to the deal said [on December 15th]." The news wasn't the first report of Corel's fall from the Linux hierarchy - see ZDNet's report from November - and it probably won't be the last. With all the speculation circulating, what does Corel have to say? "We have no further comment on this issue." Assuming the sale is a done deal, what does this say about Corel and, more importantly, about Linux distributors? Is this a trend for commercial Linux distributors? Hardly. Red Hat is more robust now than ever, having handily beaten analysts' 3rd quarter earnings estimates. And TurboLinux had a stellar year, garnering over $80 million in investments. So the problem is essentially limited to Corel. Why? What happened? By May of 1999, Corel's WordPerfect had generated over a million downloads to beta users. Overall, Corel estimates they have 22 million WordPerfect users worldwide (all platforms). Quite a start to their entrance into the Linux business world. Later, the Debian-based Corel Linux distribution hit the streets to much fanfare. In early 2000, Corel announced their intention to port their popular graphics application Corel DRAW! to Linux, eventually releasing it to beta along with a free version Corel's PHOTO-PAINT. The future looked bright for desktop applications on Linux. But then things got ugly. Earlier this year, Corel tried to acquire tools vendor Borland Software Corp. to extend its Linux offerings, but the deal fell through after Borland uncovered Corel's poor financial condition and Corel's stock price fell. This past summer, Corel cut 21% of its staff (320 employees). CEO Michael Cowpland resigned in August, starting speculation that the Linux emphasis at Corel might not extend much past Cowpland's reign. In the November ZDNet article, CEO Derek Burney claimed Corel was refocusing, not relinquishing, its Linux business. Linux now is one of Corel's four business operations - the others are graphics software, business applications and new ventures. However, Corel's Linux operating system, and a Linux version of WordPerfect, generate only about 10 percent of Corel's revenue, which was $36.4 million in the quarter ended August 31. This is hardly the sort of income necessary to maintain the development staff necessary for expanded Linux support and still meet the needs of existing Windows customers. Corel made several mistakes on the road to profitability with Linux:
Corel wasn't completely dead just yet, though. In October, Microsoft invested $135 million in the company to work on .Net services, which Corel initially viewed as not including Linux. According to Burney, who spoke to ZDNet at Comdex: "we didn't understand that an operating system could be constituted as a set of .Net services," Burney explained. This is a realization that Corel has arrived at as it has explored .Net technologies under nondisclosure agreements with Microsoft, he said. In theory, at least, this would mean that a client accessing .Net back-end services wouldn't have to run Windows, Burney said. The investment gave Microsoft a 25% stake in the company. But that wouldn't be enough to sustain the Linux effort. After Cowpland's departure, it became obvious something had to be done. In an interview with InfoWorld in November, Burney stated "To be successful in the Linux market, you need a wider product offering. There's got to be some kind of acquisition," he said. "It could go either way... there are no sacred cows." The sale was just a matter of time. The choice of LGP isn't necessarily a bad one. LGP has an investment portfolio of key Linux companies including Helix Code, CodeWeavers, GNU Cash and Metro-Link. The sale price of $5 million in cash is in line with the $6.2 million Corel's Linux business pulled during its current fiscal calendar. The sale might just be a good thing, if LGP manages to find the right management team to run their newly purchased entity. What is Linux? That may seem like a strange question from a publication like this; it's thus, perhaps, even stranger that it comes from Jon 'maddog' Hall. One would expect that the Executive Director of Linux International and the Director of Linux Evangelism for VA Linux Systems would have an answer... It starts with an amusing quote from Sun CEO Scott McNealy, quoted in this ZDNet article: You people just don't get it, do you? All Linux applications run on Solaris, which is our implementation of Linux. Some people were annoyed by this statement, though most were simply amused. Or even flattered...after all, it's not that long ago that Sun would have taken pretty strong offense at the notion that Solaris is an implementation of Linux. This is where maddog Hall comes in. In a rare appearance on the linux-kernel list, he points out that nobody has really defined what "Linux" is. At least, nobody has made that definition in a way that is widely accepted. The Free Software Foundation is happy to define Linux as being just the kernel - the systems we actually use are, instead, "GNU" systems. This claim is, needless to say, controversial. But if Linux is just the kernel, what about RTLinux (a real-time version), mkLinux (a microkernel variant), the S/390 kernel (running on a virtual machine), and so on? The Linux kernel is an amorphous thing. Increasingly, "Linux" means the binary interface that runs a certain class of applications. Vendors like Sun have been making an effort to implement that API - it was a very quick switch from "Linux has no applications" to "we run Linux applications." Quoting from Mr. Hall: If it is true that "all Linux applications work on top of Solaris", what standard prevents them from calling Solaris just another implementation of Linux? And should it? He suggests that the Linux Standard Base may be the right body to set a standard for what is called "Linux." The LSB, perhaps, really needs to deal with the tasks it has now before taking on new ones. But the question is worth asking: what, exactly, is Linux? And correspondingly, what is not Linux? How much do we want to be flexible and where will flexibility lead us astray? Can a proprietary operating system ever be considered "an implementation of Linux", when Linux has always been "Free"? There is a lot to ponder. Michael Hammel officially joins the LWN Team. Many of you may have already noticed a different name on a response to an enquiry, comment or suggestion sent to LWN in the last couple of months. Michael Hammel actually joined our team in September, much to the joy and relief of the rest of our team members. The volume of news, development and general information about the Linux community has only continued to grow, as we're sure all of you have noticed. Michael's addition to the staff was therefore both a necessity and an opportunity of which we plan to take advantage. Many of you already know Michael, either through his website, Graphics Muse, his book "The Artists' Guide to the Gimp", his articles for Linux Magazine, Linux Answers and Linux Journal, his talks at a variety of conferences or through his work as Chairman and co-founder of the Colorado Linux Info Quest conference (coming up again March 30th, 2001!). You'll now also meet him within the LWN halls as well, as primary editor of the LWN Daily Page and much more. Please join us in officially welcoming Michael to the LWN team. Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
December 21, 2000
|
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Security page. |
SecurityNews and EditorialsThe inherent problems in /tmp. A topic of much discussion on BugTraq this week was the security problems inherent in the use of a /tmp directory. It was pointed out, arguably enough, that the entire /tmp model is in direct conflict with the overall Unix model of security. Unix was developed as a time-sharing system, thus it was also designed to protect one user from the actions of another. Into this model was introduced /tmp, a shared directory to which anyone had write privileges and the ability to delete files created by other users. Why? Looking back from a historical angle, one might first guess that it was introduced due to limited resources, in order to share space more efficiently. On the other hand, Unix filesystems already do this quite efficiently. There is no advantage from a space perspective from having a shared /tmp directory as opposed to a /tmp/$user directory hierarchy. The same rules about file deletion could be applied to this type of space; as a systems administrator, this editor managed many "temporary disks", large amounts of shared space with a limited life-span for the files on the disk. These disks were not managed as world-writable directories; instead, they contained subdirectories for each user. Cudgeling the memory cells as to when and why /tmp was used, its earliest advantages all amounted to programmatic convenience. It was easier to scrub a single directory than a directory hierarchy. It was easier for a programmer to know the name of a directory to which temporary files could be written and to assume that such files would be automatically deleted, rather than manage the deletion directly. Files written to /tmp didn't clutter up a user's home directory, didn't count against the normal disk quotas. In general, simple checks to make sure sufficient space existed on the disk before writing were skipped as well. As best as we can remember, /tmp is simply a programmatic convenience. Of course, /tmp was also adopted during an era of extreme trust, so the security issues were simply not considered to be as important as making sure that people could work easily and conveniently while efficiently sharing resources. The first rule of thumb in a /tmp-related vulnerability is that the programmer is at fault. This is correct; an application that uses a temporary file in a world-writable directory has a responsibility to do so securely. Nonetheless, the use of world-writable directories will continue to be a source of new vulnerability reports. Any distribution that prides itself on security would be wise to implement, by default, a system with user-specific temporary file storage, either under $HOME or elsewhere. Of course, the first one to try will be the one to find all the applications that ignore the TMPDIR environment variable and have "/tmp" hard-wired into the application. It would not be an easy or simple transition. All of this is theoretical, of course. What is not theoretical right now is the need for all programmers to fix sloppy programming habits in the way they use /tmp. Kris Kennaway posted a nice, concise message which should serve as a good rule of thumb for how to deal with /tmp, leaving us with applications that will work whether a system uses a shared /tmp directory or some safer alternative. December CRYPTO-GRAM newsletter. Bruce Schneier's CRYPTO-GRAM newsletter for December is out. It covers, of course, electronic voting, along with a look at IBM's new crypto algorithm and digital safe deposit boxes. The newsletter is also available on Bruce's site.Slackware Linux announces OpenSSL cryptography libraries. Slackware Linux announced the addition of the OpenSSL cryptography libraries and the OpenSSH suite of network connectivity tools. Users of Slackware 7.1 and -current can download these packages from Slackware's current developmental tree.eCrime, Law and You (ZDNet). The Wall Street Journal's Keith Johnson takes a look at The HoneyNet Project in his article eCrime, Law and You. Honeypots are baited traps for hackers. In this case, the honeypots are used primarily as learning tools, with a "know your enemy" concept.
"To be sure, Spitzner's HoneyNet Project -- which includes some 30
security professionals, programmers and psychologists, all working on the
project in their spare time -- isn't the first time honeypots have been
used to gather intelligence on the Internet underground. ...
But unlike previous honeypots, which were baited with known
vulnerabilities designed to mimic various computers, Spitzner's team puts
unmodified production systems online -- networks with the same
specifications, operating systems and security as those used by many
companies. And this project isn't a hush-hush, internal corporate
operation like previous honeypots: Spitzner posts all of his findings on
the Internet for the security community to see at project.honeynet.org Kaspersky Lab 'year end' review. Kaspersky Lab has published a anti-virus year in review document. It's mostly Windows-oriented, of course, but there is a brief section on Linux. "Despite the fact that some species are able to replicate and work independently, no Linux virus has ever been detected 'in-the-wild.' Kaspersky Lab experts assume that this is because the Linux desktop standard is not as popular as its competitors." ...or, perhaps, it's the fact that it takes a little more than a bogus email attachment in the Linux environment...?Security ReportsGnuPG web of trust circumvention. A couple of security problems with GnuPG were discussed on the gnupg development mailing list recently. The first problem deals with web of trust circumvention, made possible because private/secret keys will be imported from public key servers along with private keys, without user intervention. The same problem can occur via the "--import" option.As a result, a new "--allow-secret-key-import" option has been added to GnuPG and a security patch against GnuPG 1.0.4 has been released. Note, we compliment Red Hat on their advisory on this topic, which provided excellent references for tracking down the original source material for these vulnerabilities. This week's updates: Zope local role and DTML editing vulnerabilities. It has been a busy week for the Zope team. Two more security hotfixes were released this week, one for a problem with the processing of local roles and the other a problem where users with DTML editing privileges can manipulate the raw data of an object for which they have no privileges.These two vulnerabilities following quickly on the report of a Zope legacy vulnerability last week. Zope 2.2.5 should be released in the near future, including all the recent security hot fixes.
This week's updates:
JPilot directory permissions problem. JPilot is a desktop organizer for the PalmPilot that allows information from a PalmPilot to be sync'd to the disk of a Unix or Linux system. A directory permissions problem was reported in JPilot by Weston Pawlowski. By default, JPilot uses the default umask on its ".jpilot" subdirectory and files. As a result, private information, including possibly passwords, may be readable and/or writable. An easy workaround is to change the default permissions on the ".jpilot" directory. Check BugTraq ID 2136 for more details.nano tmplink vulnerability. Nano is a free pico clone. Not too surprisingly, it has also been found to be vulnerable to the same tmplink problem originally reported in the joe editor in November. Check BugTraq ID 2135 for more details.This week's updates: stunnel local arbitrary command execution. stunnel is an SSL encryption wrapper designed to be used with Internet daemons such as POP and IMAP, to prevent cleartext passwords from passing across the network. Insecurely-structured calls to syslog can be exploited by a remote attacker to gain local access, potentially as root. The release of stunnel 3.9 fixed this problem, as well as others. For more details, check BugTraq ID 2128.This week's updates: BSD ftpd single byte buffer overflow. The ftpd daemon provided with NetBSD and OpenBSD was found to be vulnerable to a one byte overflow, which can be exploited remotely to gain root access. Note that this vulnerability is being actively exploited. FreeBSD and Linux systems are not vulnerable. The anonymous ftp service must be enabled and a writable directory provided for the exploit to work. OpenBSD has released a patch and the NetBSD CVS source tree is reported to have been fixed. Check BugTraq ID 2124 for more details.
Multiple vulnerabilities in FreeBSD procfs. FreeBSD issued an advisory warning of multiple vulnerabilities in procfs which can be exploited locally to gain root, to hang the system or to bypass restrictions on the super-user account. Workarounds and patches are made available. Note that they mark this vulnerability as not specific to FreeBSD. Presumably Linux systems are not impacted, but other BSD systems may be. For more details, check BugTraq IDs 2131 and 2132.Another potential buffer overflow in bftpd. bftpd 1.0.13 was announced last week to address multiple vulnerabilities, including multiple buffer overflows. This week, an additional potential buffer overflow was reported by Christophe Bailleux. Perhaps as a result, bftpd 1.0.14 was released this week, with a note that security has been improved yet again.expect buffer overflow. Expect is a nice tool for automating interactive applications. This week, a buffer overflow in expect was reported. Any script written with expect can be exploited. Of course, only setuid/setgid scripts will subsequently yield an increase in privileges. No information on a fix for this problem has been reported yet.itetris local root vulnerability. An exploit has been published that can reportedly be used to gain local root access via a 'system' call whose input is not thoroughly checked. No confirmation, patch or fix for this has been posted yet; you may wish to disable itetris on your system until one is made available.ProFTPD memory leak. A potential memory leak in ProFTPD was reported this week which could be exploited to cause a denial-of-service attack via the use of the SIZE command. Sample code to demonstrate the problem has been posted. The developers have been informed, but have not yet been able to recreate the symptoms.cgi-bin scripts. The following cgi-bin scripts were reported to contain vulnerabilities:
Commercial products. The following commercial products were reported to contain vulnerabilities:
UpdatesSecure Locate buffer overflow. Originally reported in the November 30th LWN Security Summary, the first distribution update for this problem came in this week from Debian.This week's updates: Zope security update. The Zope Legacy vulnerability was reported last week. All versions of Zope up through 2.2.4 could be exploited to allow anonymous users privileges inside the server. The application of the Zope Legacy hotfix is highly recommended.This week's updates: Previous updates:
DNS-based IRC server denial-of-service vulnerabilities. Check last week's Security Summary for the original report of denial-of-service vulnerabilities and more in multiple IRC clients, including BitchX 1.0c17-2 and earlier.This week's updates: Previous updates:rp-pppoe denial-of-service vulnerability. Also first reported last week, Roaring Penguin Software's PPPoE client (a user-space PPP-over-ethernet client) contains a boundary condition exception that can be exploited to cause the connection to drop when a malformed TCP packet is received. rp-pppoe 2.5 has been released to fix the problem.This week's updates: Previous updates:
Oops buffer overflow. Check the December 14th LWN Security Summary for the original report. Version 1.5.1 has been released with a fix for this problem.This week's updates: ssldump format string vulnerability. Last week, we discussed a format string vulnerability in ssldump. This week, ssldump author Eric Rescorla responded, pointing out that the issue is not actually a format string vulnerability; it is "a pointer indirection problem resulting from a bug in the handling of sequence number wraparound". He is working on a fix for the problem and asked people to let him know of any other problems in ssldump that they find.pam_localuser buffer overflow. A buffer overflow was reported in the pam_localuser module on December 7th.This week's updates:
ed symlink vulnerability. Originally reported on November 30th, Alan Cox noticed that GNU ed, a basic line editor, creates temporary files unsafely. The problem has subsequently been fixed in ed 0.2-18.1.This week's updates: Previous updates:
Netscape 4.75 buffer overflow. First spotted via this FreeBSD advisory and reported on November 9th, a buffer overflow in Netscape 4.75 enables a client-side exploit. Check the November 9th LWN Security Summary for our original report. Netscape 4.76, which was released on October 24th, fixes the problem.This week's updates: Previous updates:
tcsh symlink vulnerability. A /tmp symbolic link vulnerability was reported in tcsh on October 29th. Check BugTraq ID 1926 for more details. This week's updates: Previous updates:
klogd/sysklogd format string vulnerability. Check the September 21st LWN Security Summary for the original report of this problem. Note that the "new" advisory listed this week is actually quite old; we don't know what kept it from getting posted in September, when it was dated, but we have included it this week in order to give a round report on available updates for this problem. This week's updates:
Resourcessshmitm and webmitm. Dug Song released sshmitm and webmitm this week. These are tools for testing potential simple active monkey-in-the-middle attacks against SSH and HTTPS. EventsUpcoming security events.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Liz Coolbaugh |
December 21, 2000
LWN Resources | |||||||||||||||
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is 2.4.0-test12. The -test13 prepatch is up to 2.4.0-test13-pre3. In addition to the major makefile thrashup, it contains a large cleanup for shared memory handling and a number of other fixes. Those who are interested in reasoning behind the makefile changes can take a quick look at this note from Linus which we fished out from among the extensive spam on the kbuild list. Alan Cox has put out 2.4.0-test13-pre3ac2 which contains a number of pending fixes. It is, says Alan, "for the adventurous." The current stable kernel release is 2.2.18. Work continues on 2.2.19, with the current prepatch being 2.2.19pre2. The bulk of the effort currently is oriented toward integrating Andrea Arcangeli's virtual memory work. 2.2.18 breaks the emu10k1 (SB Live!) driver, at least if it's compiled directly into the kernel. The fix, for those not wanting to wait for 2.2.19, is to apply this small patch. The Linux Quality Database Project. Michael D. Crawford has announced a new bug tracking project for the Linux kernel. His plan is to put together a database-backed web site where users can report kernel bugs, search for bugs relating to their hardware, and track when and how things get fixed. The idea certainly has merit. There is currently no formal mechanism for tracking kernel bugs other than the extensive database in Alan Cox's head (and the "TODO" lists that are kept at the end of development cycles). The "AC" database appears to be comprehensive, but access is difficult for most Linux users, and making backups has proved difficult. A development project as fundamental as the kernel really should have a better scheme for keeping track of things. Of course, this sort of thing has been tried before. The real problem is not the development work in making the system function; that is relatively straightforward. But if the kernel developers do not actually make use of the resulting system, its database is worthless. Kernel hackers tend to be busy people, they are uninclined to spend time maintaining some database somewhere. Linus, in particular, has been unenthusiastic in the past. So this project has some challenges in front of it. Success will require paying as much attention to the human side of the equation as to the technical side, if not more. If it works, the rewards will be worth it. On the public nature of the linux-kernel list. The linux-kernel list has long been a place where people have said what they thought, without a great deal of concern over who might be watching. They do so, in fact, to the tune of about 200 messages per day. LWN includes messages from this list, but we have always made a point of passing over the more inflammatory stuff. After all, very little is accomplished by reproducing flamewars. Increasingly, however, linux-kernel is being watched by people who have little real interest in the kernel itself. Journalists see the list as a way to tune into what's going on with Linux, and not all of them will resist the opportunity to engage in a little sensationalism. Example: we would not have normally included Linus's opinion on Red Hat 7 here. Excerpts from that posting, however, showed up on Linuxgram as "Linus Savages Red Hat 7.0". There is little new to be said about the choice of compiler in that release (which LWN covered at the beginning of October); the only point was that Linus was speaking strongly, as is his way at times. This particular episode doesn't mean much. The real point is that Linux kernel development, at least as it is expressed on linux-kernel, is an increasingly public process. The open nature of the process is a good thing, of course, but a spotlight that is too bright could prove to be worrisome. The development process will be hurt if developers no longer feel that they can speak freely to each other. It would be a shame if communications among the developers were to be repressed, or if it were to move to closed, invitation-only mailing lists. (Those who are really interested in the Red Hat 7 discussion may want to look at the responses from Alan Cox and Jakub Jelinek). Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
December 21, 2000 For other kernel news, see: Other resources: |
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsThe Year in Review. It's my turn to work the Distributions page and, as with everyone who works a Weekly page here at LWN, I had to come up with some meaningful lead in to the week's summaries. At this time of year news comes slowly - except for Security which seems to never take a holiday. There was very little topical news for Linux distributions in general. So I thought "If nothing much happened this week, then how about the rest of the year?" Ah yes - the year in review. What better time to look back than the time when, well, I have nothing else to talk about. The most common form of work avoidance for writers this year is to compile their top 10 lists: top 10 distributions, top 10 updates, top 10 reasons why I can use old Red Hat CDs as decorative coasters, etc. Since I think Top 10 lists are pretty mindless, I think instead I'll just peruse the just published LWN Timeline for distribution-related events of significance during the past 12 months. The first event is actually a non-event - Linux distributions pass the Y2K bug test quite handily. Was there ever a doubt? While many smaller and less supported applications held on to the year 100 (versions of Elm for example), the kernel itself came through relatively unscathed. In February Caldera launched its IPO. Very few Linux distributions have filed for IPOs yet - and in the current climate of Wall Street further filings seem doubtful for the near term. What started the year as a craze ended the year in a daze. But then what stock sector didn't? Linux stocks haven't died completely, but they will have to address the more mundane issues of revenue and, eventually, profit over the next year if they expect to regain any of the ground they lost this year. TurboLinux made a fair amount of noise over the year. It first garnered a $50 million investment from companies such as Dell and Compaq, later adding Oracle to its list of prominent investors. It followed that investment with another $30 million round in October. A month after receiving the initial $50 million investment the company shipped TurboLinux 6.0. In May they announced, as did SuSE, planned support for big iron from IBM - the S/390 distributions. In August TurboLinux was selected by HP to be installed on some of that hardware companies IA-64 workstations and joined a host of other companies in opening the Oregon-based Open Source Development Lab. Finally, October found TurboLinux filing for its IPO minus original founders Cliff and Iris Miller who left to form Mountain View Data. Embedded distributions were big news all year as the PC sector slid and the Internet device sector grew. Hard Hat Linux (MontaVista), BlueCat Linux (Lynx Real-Time) and White Dwarf Linux (EMJ Embedded Systems) all hit the streets in February. In May Debian joined the fray with the Embedded Debian Project. And Lineo released Embedix 3.0 in October. Some of the other important distribution news this year included:
Debian: State of the Woody. Anthony Towns has sent out a 'State of the Woody' posting describing where he thinks the next major Debian release stands. It is a good summary of what has been accomplished so far with this release, what problems remain (installation, mainly), and gives a time line for a stable release next June. Worth a read. Red Hat. Red Hat had several announcements this week. The first was their announcement of the availability of the Beta version of Red Hat Linux for Itanium-based systems based on Red Hat 7. Another announcement from the company pointed out that Red Hat had received several prestigious awards from leading industry publications and recognition at industry tradeshows in the year 2000. Finally, Red Hat issued a bug fix advisory for gcc 2.96, which was shipped - amidst a slew of controversy - with the Red Hat 7 release. The bug fixes address various items, many of which appear related to g++ and cpp (the preprocessor). Turbolinux Signs Linux ISP Deal with Chinese Ministry of Information Industries. Turbolinux announced it had signed a contract with the Huasong Company, an affiliate of the Chinese Ministry of Information Industries (MII), to provide Turbolinux solutions for the ministry's Internet infrastructure and telecommuncation centers in as many as 500 cities across China. Caldera Sponsors Samba Client Library Development. Caldera Systems, Inc. announced that they have contracted with Richard Sharpe of the Samba team to create a client library for Linux and Microsoft integration. The Caldera-funded project includes the development of library source code, associated reorganization and reuse of Samba code and documentation of the library application program interface (API). As part of the Samba project, the library and documentation will be available under the General Public License (GPL). Caldera's engineering group will work with the Samba team to complete the project by February 2001. New DistributionsGNU/Linux Ututo. A new distribution announced this past week, GNU/Linux Ututo is the first GNU/Linux distribution done in Argentina. The web site is in Spanish, so you may want to check out the usual Babel Fish translation. We searched for a link to this distribution but couldn't find one (no link is provided in the article). If anyone has a pointer to a web site for this distribution let us know so we can add it to our ever growing list of distributions. General-Purpose DistributionsMission Critical Linux Convolo Cluster 1.2. Mission Critical Linux announced the availability of Convolo Cluster Version 1.2, a Linux cluster solution that supports Network File System (NFS) failover. Debian Weekly News for December 19th, 2000. The latest issue of the Debian Weekly News has hit the streets. Topics covered include the new "testing" branch and its association with woody, vote counting issues and security fixes for zope, slocate and various editors. Slackware. Slackware: announced this week that OpenSSL, the free Secure Sockets Layer library, and OpenSSH, the free encrypted remote shell program, have been made available in Slackware-current. In addition, KDE has been updated to 2.0.1 in -current, and the Mutt mail client and AT&T's Korn Shell 93 have been added to the distribution. MSC.Linux. MSC.Software Corp. announced this week the beta availability of MSC.Linux, a clustering version of the Linux operating system designed for engineering and corporate environments. Embedded DistributionsPeeWeeLinux. PeeWeeLinux, a small footprint embedded distribution, announced release 0.53.24 this past week. The web site for the distribution also mentions 0.53.25 but has not publicly announced that release. Mini/Special Purpose DistributionsCoyote Linux. Coyote Linux versions 1.23 and 1.24 were releases earlier this past week. Version 1.24 represents the latest stable release of Coyote Linux. Among the features added are SSH for secure remote access, support for systems without a math-coprocessor, updated network card drivers, and several bug fixes (including the broken DHCP server support in 1.23). Version 1.23 fixed serveral bugs and includes the 2.2.18 kernel. It also has an updated PPPoE daemon. muLinux. muLinux, a floppy based distribution, quietly released 11r2. The previous stable release was 10r5. NetBSD 1.5. Wasabi Systems, Inc., a company founded by key members of the NetBSD project, released a CD version of NetBSD 1.5 this week. The Standard Edition, which ships immediately, contains 2 CDs which are bootable on x86 PC, Alpha, DECstation, SPARC, UltraSPARC, Power Macintosh, VAX and many other platforms. A 12-page installation guide is also included. The Package Release, which will be available sometime in January, includes the Standard Edition plus an extra CD with 3rd party applications precompiled for the x86 platform. Section Editor: Liz Coolbaugh |
December 21, 2000
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Development page. |
Development projectsNews and EditorialsIn last week's LWN development section, window systems for PDAs were discussed. One reader pointed out that running a remote X window system display from a PDA is already possible with the Agenda VR3 platform. This page has numerous links to Agenda VR3 projects. Thanks to Dan Stromberg. That one should be listed under instant results.BrowsersMozilla Status Update for December 13, 2000. A new Mozilla Status Update has been published. Check it out for the latest status on Composer, MailNews, Rendering, XML/DOM, and more. DatabasesPython Berkeley Database 3.1.x wrappers. Robin Dunn has announced a new BerkeleyDB wrapper module for Python. This project is unique in that it does not rely on SWIG like previous wrappers. EducationLinux in education report #35 for December 18th, 2000. The latest Linux in Education report has been published by SEUL/edu. Discussions cover using the Gimp, Sketch, and various other tools for graphing and plotting, plus the usual list of new educational applications available for Linux. Debian Jr. Package List. The current list of packages has been published for the Debian Jr. project. "The primary goal of the Debian Jr. project is to make Debian an OS our children want to run. This involves some sensitivity to the needs of children as expressed by the children themselves. As parents, developers, older siblings, sys admins, we need to keep our ears and eyes open and discover what it is that makes computers desirable to children. Without this focus, we can easily get sidetracked trying to achieve abstract goals like 'user friendliness', 'simplicity', 'low maintenance', or 'robustness' that, while they are certainly laudable goals for Debian as a whole, are too broad for addressing the specific needs and wants of children." Dr Genius 0.5.10 released. Version 0.5.10 of Dr Genius is now available for download. Dr Genius, Dr Genius Refers to Geometry Exploration and Numeric Intuitive User System, aims to help with the visualization of geometry. The project is the result of the merging of two other projects, George Lebl's Gnome Genius Calculator and Hilaire Fernandes' GTK Dr. Geo. Dr Genius is licensed under the GPL license. ElectronicsNew releases from gEDA. The gEDA project has announced new versions of the gschema schematic capture program and the Icarus Verilog circuit simulation software. Embedded SystemsFundamentals of Real-time Linux Software Design (LinuxDevices). LinuxDevices.com presents a technical white paper by Kevin Dankwardt, explaining the fundamentals of real-time Linux system programming. "If there is only a single task to worry about, lots of issues, such as kernel preemptibility, are no longer pertinent. If you are not dealing with hardware interrupts, then, do you really have a real-time system (we include timers here)? If your target system has multiple CPUs then you may have a means of distributing your tasks and interrupts in such a way that the issues discussed, again, are not important." Embedded Linux Newsletter, December 14th, 2000 (LinuxDevices). This week's issue of the Embedded Linux Newsletter is out. Topics for the past week included PDA alternatives, point of sale terminals, and a slew of papers from the second annual Real-time Linux Workshop. GamesIndrema updates open-source stance (LinuxDevices). Indrema, maker of an embedded Linux based game console has updated its position with regards to the open-source development model. "After extensive feedback from the open source community (most of whom were concerned about the conflicts of certification with the bazaar development model), Indrema has decided to change the freeware / Open Source portion of the certification plan to better accommodate independent developers, particularly Open Source developers." InteroperabilityCaldera sponsors Samba client library development. Caldera Systems has announced that it is sponsoring Samba developer Richard Sharpe to develop a new client library for the Samba system. CodeWeavers Releases a Packaged Wine Preview (Linux Today). The Code Weavers have announced a packaged version of Wine that works with Gnome and KDE. A Wine Configuration Wizard, Wine Launcher, and the WineMaker porting tool are included in the package. Wine Weekly News for December 18, 2000. The December 18, 2000 version of the Wine Weekly News has been published. This issue has an in-depth feature on dynamic loading in Wine as well as the usual project status information. Network ManagementOpenNMS Update, Volume 1, Issue 39 (December 20th, 2000). The latest OpenNMS Update has arrived. Version 0.4.1 of OpenNMS has been released and some common questions regarding it have been answered. Also included are a list of new features, a wish list, and some afterthoughts about productivity during the holidays. Office ApplicationsLyX Development News for December 20th, 2000. A new issue, number 10, of the LyX Development News has been published. This edition covers the debate on keeping or dropping GUI independence for that application along with a brief history of the LyX name. The usual batch of development quotes and mail thread summaries are also included. The Gimp version 1.1.31 is available. Developer's Version 1.1.31 of the Gimp is available for download. This follows last week's release of version 1.1.30 with a few more bug fixes. If this version proves to be stable, it will soon become Stable Version 1.2. On the DesktopXFree86 4.0.2 Released. The XFree86 Project, Inc has released XFree86 Version 4.0.2. This release brings X support to the Darwin/Mac OS X PowerPC platform, support for many new graphics cards, Render support, enhanced internationalization, and even an improved XTerm, among other things. KDE 2.1 beta 1, Qt 2.2.3 released. The announcement for KDE 2.1 beta1 has gone out. This release contains a new theme manager, the Pixie image viewer/editor, the KDevelop C/C++ IDE, and more. Also, Trolltech has announced the release of the Qt 2.2.3 GUI framework. This is a bugfix release. 10 Questions with Charles Northrup. Charles Northrup, CTO of Global Technologies Ltd. Inc and lead developer on their GNOME for Windows Project is interviewed by Linux Orbit's John Gowin. "Linux Orbit: It was noted on the press release that work was being done on a KDE port as well. What's the timeline for the KDE port? Charles Northrup: This is dependent on user demand mostly. We have not received any requests for KDE to date. If the requests come in, we will look at this effort more seriously." The People Behind KDE: Luigi Genoni.
The people section of dot.kde.org spotlights Luigi Genoni.
"What is your role within KDE? Linux Accessibility Conference and GNOME. The Linux Accessibility Conference will take place during CSUN's Sixteenth Annual International Conference, March 22-23, 2001 at the Los Angeles Airport Hilton Hotel.
"The mission of the conference is twofold:
Easy GUI programming with EasyGTK (IBM developerWorks). IBM's developerWorks is carrying a story on using EasyGTK, a wrapper library around GTK+ that purports to make writing GTK+ applications simpler. "The Gnome Toolkit (GTK+) is a free toolkit for creating great user interfaces. EasyGTK is a wrapper library that translates calls into GTK+, removing much of the effort and time needed to master GTK+." Gnome Toolkit? Try Gimp Toolkit, guys. Printing SystemsCups V1.1.5 released. Version 1.1.5 of the Common Unix Print System (CUPS) has been announced. A huge list of changes are listed including security fixes, installation improvements, more USB support, new documentation, and lots of other stuff. LPRng 3.7.2 available. Version 3.7.2 of the LPRng enhanced print spooler is available for download. Information on this release is somewhat sparse at this time. ScienceSpaceChart 3D starmapping for Gnome. A new version of SpaceChart has been released. " SpaceChart is a program that allows you to see the stars in glorious 3D and rotate them to see them from any point of view. You can also limit which stars you want to see, according to their spectral class and luminosity, and draw links between all stars closer than a certain distance. " Systems AdministrationInterview with David Cantrell (Userlocal.com). Userlocal.com interviews David Cantrell, a noted Slackware developer. "Using the CHECKSUMS.md5 files that we provide in the distribution, autoslack will look at your machine and a distribution tree of your choice and tell you what packages can be removed, upgrade, or new ones that can be installed. Optionally it can download those packages and/or perform the actual package operation." Web-site DevelopmentMidgard Weekly Summary, December 20th, 2000. The Midgard Weekly Summary has been posted. Features include the upcoming final 1.4 candidate, the implementation of a nightly build system, and Midgard 2.0 schedules. ZopeLDAP 1.1.0 released. A new version of ZopeLDAP is now available. This release brings the ability to run in a non-transactional mode, a Python friendly Entry object API, and improved documentation. Zope Weekly News for December 14, 2000. The December 14, 2000 edition of the Zope Weekly News has been published. News includes the release of Zope 2.3 Alpha 1 and the upcoming release of Zope 2.2.5. Section Editor: Forrest Cook |
December 21, 2000
|
|
|
Programming LanguagesAssembly LanguageThe new Amiga: VP assembly code demo (developerWorks). It's not Linux specific, but Amiga's cross platform development environment - the Tao Group's Virtual Processor (VP) technology - is intriguing on it's own. IBM's developerWorks is carrying a story showing an example application written in this new, "hardware independent", assembly language. " VP code is, in a nutshell, the ideal assemble language. In fact, it's such an improvement over traditional non-virtual assembly language that it needs to be seen and understood in order to be appreciated. Just to highlight a few of its strong points: it has an unlimited number of integer and floating-point registers [and] you can use high-level looping constructs (similar to those in a higher-level language like C)." JavaBuilding Servelets with Session Tracking (IBM developerWorks). IBM's developerWorks is running a tutorial on Building servlets with session tracking by Jeanne Murray. "This tutorial teaches techniques for building Internet applications using servlet and JSP technology. A key point is to enable session handling, so the servlet knows which user is doing what. The tutorial shows a URL bookmarking system in which multiple users access a system to add, remove, and update an HTML listing of bookmarks. The servlet uses JSP technology to handle the user interaction." Registration is required. PerlPerl 5.6.1 TRIAL1 Released (Use Perl). Release 5.6.1 TRIAL1 of Perl has been released. This is a trial version, it's not ready for production yet. Perljvm Under Active Development Again (Use Perl). The Perljvm project, which aims to port Perl to the Java Virtual Machine, is under active development again. PHPPHP 4.0.4 released. PHP version 4.0.4 has been released as of December 19, 2000. This version contains a ton of bug fixes as well as a few new features. Introduction to PHP (IBM developerWorks). IBM's developerWorks has run an introduction to PHP that describes the PHP web scripting language. "PHP is a scripting language that is embedded in HTML and interpreted by the server. It can be used to manage dynamic content, work with databases, handle session tracking, and even build entire e-commerce sites. It works well with a number of popular databases, including MySQL, PostgreSQL, Oracle, Sybase, Informix, and Microsoft SQL Server." PythonPython-URL! for December 18th, 2000. The latest Python-URL! has hit the ether, with topics covering the use of Python in cryptography and math, variable/parameter/assignment semantics, and using Python to access the parallel port lines under Windows 95. Jython 2.0a2 released. Version 2.0a2 of Jython is available. Jython is an implementation of the Python language written in Java. SmalltalkBistro 3.4 available. Nik Boyd has announced the availability of Bistro 3.4. Bistro is a variation of Smalltalk that runs on top of the Java VM. Tcl/tkScripted wrappers for legacy applications (REGULAR EXPRESSIONS). In a REGULAR EXPRESSONS article, Cameron Laird and Kathryn Soraiz show us how to use Perl and Tk to build a gui wrapper around a C program. Dr. Dobb's Tcl-URL! for December 18th, 2000. The weekly edition of Dr. Dobb's Tcl-URL! has been published. Featured topics include authenticating usernames and passwords in URLs, handling background errors, and a comparison of Tcl to other scripting languages. Tcl/Tk 2001 Conference Announcement. The Tcl/Tk 2001 Conference has been announced for July 23-27, 2001 in SanDiego, California. Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Commerce page. |
Linux and BusinessEmbedded Linux. Linux training has been big business for some time now, but it is mostly aimed at Linux on the desktop and Linux system administration. Until now there has been little or no training for those interested in embedded Linux. Now both Lineo, Inc. and MontaVista Software are gearing up to fill that gap. Lineo's Lineo Academix is a scholastic program designed to prepare students for the field of embedded Linux programming. MontaVista, instead, will launch MontaVista University on January 15, 2001 to train developers working in the open source embedded Linux domain. Next, of course, will come the certification exams. In other embedded news, EMBLIX, the Japan Embedded Linux Consortium, announced their first elected officer corps, the results of an election process that was initiated at MST 2000 last month. The consortium also established three working groups designed to initiate discussion within the embedded Linux community about platform and interoperability issues. Red Hat third quarter revenue grows to $22.4 million. Red Hat, Inc. reported revenue of $22.4 million for the third quarter of fiscal 2001, ended November 30, 2000. That's an increase of 112% over the $10.5 million reported for the third quarter of fiscal 2000 and an increase of 21% over the second quarter of fiscal 2001. Gross margin was 60% for the third quarter fiscal 2001, versus 58% reported in the second quarter fiscal 2001 and 41.5% in the third quarter fiscal 2000. The Company reported an adjusted net loss of $900,000, or $0.01 per share, for the third quarter of fiscal 2001, compared to an adjusted net loss of $5.4 million, or $0.04 per share, for the third quarter of fiscal 2000. They are still not making a profit, but they getting closer. Linux is hard at work in many fields. Linux NetworX, Inc. announced that Lawrence Berkeley National Laboratory, Berkeley Calif., has selected a Linux NetworX cluster computer system for its Drosophila Genome Project. The Linux cluster of 40 processors will be used by the Berkeley Lab to analyze and sequence the Drosophila (fruit fly) genome. Linbox has announced (in French) that it has sold 950 Linux-installed servers to the French Direction Générale des Impôts - which administers taxation. An English translation is available via Babelfish. RSS 1.0 Released by International Working Group. RDF Site Summary (RSS, also referred to as Rich Site Summary format) 1.0, an XML-based application enabling Web sites to describe and syndicate site content and metadata, has been released.. RSS is used by many sites, including LWN.net, to post headlines from their sites for external use. This is the first update to RSS since Netscape released version 0.91 in July,1999. Eazel Announces Sun to Adopt Nautilus Software for Solaris Operating Environment. Eazel has announced that its Nautilus environment will be shipped with Solaris by Sun, along with GNOME 2.0. Sun will also contribute some development help to Nautilus. Press Releases:Open Source ProductsUnless specified, license is unverified.
Proprietary Products for Linux
Products and Services Using Linux
Servers, installed Linux optional
Products with Linux Versions
Books and Training
Partnerships
Investments and Acquisitions
Financial Results
Linux At Work
Other
Section Editor: Rebecca Sobol. |
December 21, 2000
|
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Linux in the news page. |
Linux in the newsCompaniesEmbedded Linux targets military apps (LinuxDevices.com). Here's an article on LinuxDevices.com looking at the Rymic Systems box that is being considered by the U.S. military. "The system's operating system is uClinux, a 'small foot-print' version of Linux that supports MMU-less processors such as Netsilicon's Net+Arm. Utility software within the device provides Ethernet-based Internet access, including FTP, HTTP client and server functions, and POP3 and SMTP mail protocols." Coming soon: an Italian Renaissance in Embedded Linux? (LinuxDevices). LinuxDevices looks at ETLinux and RTAI - two Italian-based embedded Linux offerings. "Notwithstanding Linuxcare's lack of priority on EtLinux development, embedded Linux developers have continued to express strong interest in it for future embedded designs, as evidenced by data collected in LinuxDevices.com's Embedded Linux Market surveys. Recognizing the continued interest in EtLinux, a former employee of PROSA recently told LinuxDevices.com, 'we hope to restart developing EtLinux'." Red Hat beats the Street (Upside). Here is Upside's take on Red Hat's third quarter earnings report. "In their careful quizzing of company officials, it's evident that analysts want a clearer idea of how the company will grow revenues 85 percent in the next fiscal year, and they didn't necessarily get it." VA bolsters push for big business customers (News.com). News.com listened in on the VA Linux Systems conference call, where CEO Larry Augustin presented a strategy more oriented around large business customers. "Augustin said the company is making progress in its enterprise effort, recently closing a deal to sell more than 1,000 servers to a financial services company." Eazel's Linux software moves to Sun's Solaris (News.com). C|Net's News.com has posted their take on the Eazel/Sun partnership. "For years, Sun didn't bother much with desktop software, preferring to focus its marketing efforts on servers and small computing devices, where Microsoft doesn't have much of a stronghold. Instead, Sun focused on bypassing Windows by promoting Java, software that works regardless of whether a consumer's computer uses the Mac OS, Windows, Solaris or any other operating system." Open-source software firm enters wireless territory (News.com). C|Net looks at Sendmail's venture into the Wireless arena. "Terms of the Nascent acquisition weren't announced, but Olson said it is a stock and cash agreement with a multimillion-dollar value. Nascent's staff of 10, most of them programmers, will be added to Sendmail's 165 employees, and Sendmail will use the Nascent acquisition to launch a mid-Atlantic sales office." Linux Firms Sing The Big Blues (ZDNet). ZDNet takes a look at how IBM's participation is making waves with Linux distribution and service companies. "Some TurboLinux executives are having second thoughts about agreeing to support the complete IBM eServer line. In TurboLinux's case, company executives say it has its hands full with its own clustering work and attempting to be first to market with Linux for the Itanium." IBM's Palmisano sets sights on business customers (News.com). C|Net's News.com interviews IBM President and COO Sam Palmisano, asking the IBM exec about that company's plans for Linux. "The concern with Linux is that it's not ready for the enterprise environment because it's not industrial-strength. Well, there's nobody more industrial-strength in the world than IBM. There's no platform more industrial-strength than Freeway or 390. I am going to be presenting (a keynote) at LinuxWorld in January...If I stroll in there not with some Net-gen company but a German bank, Japanese bank or U.S. securities firm--these are very conservative places--it will give this whole movement a lot of momentum. And we're going to stroll into LinuxWorld with those references." The future is... Darwindows? (ZDNet). Apache, Perl and even XFree86 on the Mac - ZDnet looks at Darwin, the BSD-based underlying OS to Mac OS X. "So Darwin will probably work with your Apple hardware, it's a breeze to install, the system requirements are modest compared to MacOS X -- 32MB of RAM and 800MB of storage -- and, as a member of the BSD family, it has the pedigree of one of the world's most stable, scalable, and Internet-capable operating systems." BusinessTo open source, investors tune out, companies tune in (Upside). Upside offers up this broad-scoped piece on how companies are soaking up open source concepts and methods even while investors are tuning out the efforts. "Slowly but surely, companies such as IBM, Hewlett-Packard (HWP) and even Oracle (ORCL) have re-positioned themselves as the best friends of the open source community, while former starlets such as Red Hat (RHAT) and VA Linux (LNUX) scramble to earn their first profitable dollar." Open-source database companies open shop (News.com). C|Net looks at the recent announcements from Great Bridge, NuSphere and AbriaSoft in the open source database market. "Great Bridge hopes eventually to reproduce the success Red Hat has had in establishing a foothold against operating system competitors such as Sun Microsystems and Microsoft. Though Great Bridge's database software competes with that from bigger fish such as Sybase, Oracle, IBM, Informix and Microsoft, the more likely competitors for now are smaller companies such as AbriaSoft." Sun moves up on IBM in server sales (News.com). News.com looks at the server market in light of a recent IDC report. "Systems based on the Linux operating system and rack-mountable servers grew much faster than the overall server sector, IDC said. Linux server sales increased 178 percent from the third quarter of 1999 to the third quarter of 2000, while rack-mountable server sales grew 400 percent." Mega-Corps Fawn Over Linux (Wired). Wired News takes a look at Bruce Perens' new job with HP and other open source evangelists. "It's a job description that Perens shares with open-source supporters at several large U.S. technology firms, including, on the opposite coast, IBM (IBM). Big Blue's unofficial evangelist is Linux guru Irving Wladawsky-Berger, who goes by the official title of vice president of technology and strategy." Open-source backers: No fear (ZDNet). Bruce Perens responds to ZDNet's column on open-source backers being afraid of being co-opted by big companies. "Did the community bend? No, the mountain came to Mohammed: IBM and Apple changed their licenses to comply with the Open Source Definition and got the collaboration they were looking for. So, even when Stallman's licenses aren't used, the corporations participate using the Debian Project's rules." Who's afraid of the Big Bad Wolves? (ZDNet). Evan Leibovitch thinks the open source movement is bigger than IBM, HP, Compaq, and Sun all rolled up together - and the GPL is the IT world's Magna Carta. "Those who want to participate in the Linux world, regardless of size, are quite welcome to add their fingers to this grand virtual Ouija board. They can help steer, but if they push too hard the rest will just push back -- harder." Hollywood dealt setback in DVD code case (News.com). The California Supreme Court is ordering a lower court to show why Matthew Pavlovich should remain part of the DeCSS case even though he doesn't live in California. "The order applies only to Pavlovich and does not ensure he will be removed from the suit, but it could signal that the end is near for many defendants in the year-old case: Of 21 defendants listed by name in court papers, 18 do not live in California, according to Pavlovich's attorney, Allon Levy." Linux - a failure on the desktop?. Here's an article on the "Temple of Technology" site claiming that Linux has failed on the desktop. "Another important problem is the GPL itself in my opinion. This means that there are limited commercial interests in investing huge amounts of money into a product that a user can download for free. The main stream of revenue is therefore boxed versions for users uncomfortable with downloading it from the net, or users that would like the manual that comes with the boxed version." ResourcesUpdate on Indrema's Linux-based set-top game console (LinuxDevices). Indrema has provided to LinuxDevices.com a status update and clarification concerning issues of game development and licensing, development tools, plans for games, and expected availability of the Indrema Entertainment System itself (i.e., the game console). ReviewsAPC SmartUPS 700 (SignalGround). Signal Ground is carrying a review of the APC SmartUPS 700, a Linux-friendly UPS system. "The software came in an RPM. It installed without a hitch on my Debian system (after converting the packages to .deb format with alien), and it put most of its files in /usr/lib/powerchute. After the software is installed, you have to run a configuration script. The script does a number of different things, including configuring serial connectivity, modifying your "halt" shutdown script, and updating the EEPROM on your UPS." InterviewsInterview: Robin Miller. O Linux interviews Robin Miller of NewsForge. " We love LWN and LinuxToday dearly, but we are not the same as they are. They are much more focused than NewsForge, but NewsForge is much more complete than either of them and has an entirely different style. I like to think our headlines are funnier, too." MiscellaneousTen Linux toys for the eye and imagination (LinuxWorld). From sliding penguins to card strategy to building cities, LinuxWorld shows us some of the games available for Linux this year. "I'm sure everyone with a computer has heard of Sim City, the excellent city simulation. As mayor of your own metropolis, you must build roads, balance the yearly budget, plan city additions, and provide power and water services for the virtual residents, known as sims. If the sims are upset or don't think you're doing your job properly, they'll let you know by complaining like hell or moving to another city." Section Editor: Rebecca Sobol |
December 21, 2000 |
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Announcements page. |
AnnouncementsResourcesLinTraining lists 400 Linux training centers. An announcement has gone out that Dave Whitinger's LinTraining site now has a full 400 training centers listed. Important message for LinuxStart mail users. This is a message from LinuxStart about the cancellation of its mail service. French text follows the English text. LinuxLookup Tip of the Week. This week's TOTW: The Linux "file" command uses a number of methods to determine what a file contains. LinuxLookup looks at the most accessible part of its algorithm this week, the "magic" file. Read the full tip at LinuxLookup. High Availability Cluster Checklist. The folks at Mission Critical Linux pointed out this article from Linux Journal on choosing the best high-availability failover cluster. The High Availability Cluster Checklist is a clear and concise way to wade through the marketing hype. EventsEuroZopeCon Amsterdam announced. We received an announcement for EuroZopeCon Amsterdam, a conference for European Zope users. It will take place during Linux Expo in Amsterdam, January 23 and 24, 2001. We also have the announcement in French. IDG World Expo on LinuxWorld. IDG World Expo announced that it expects the upcoming LinuxWorld Conference & Expo to surpass all previous attendance records. The event is scheduled for January 30 - February 2, 2001 at the Jacob K. Javits Convention Center in New York City. Singapore Linux Conference call for papers. The Singapore Linux Conference will be held in, well, Singapore on March 21 to 24, 2001. A call for papers has gone out; they are looking for submissions on a number of topics. The deadline is January 5. Linux Accessibility Conference and GNOME. The Linux Accessibility Conference will take place during CSUN's Sixteenth Annual International Conference, March 22-23, 2001 at the Los Angeles Airport Hilton Hotel. January/February 2001 events.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. User Group NewsLUG Events: December 21, 2000 - January 4, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. |
December 21, 2000 | |||||||||||||||||||||||||||||||||||||||||||||
|
|
Software AnnouncementsHere are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways: |
Our software announcements are provided courtesy of FreshMeat
 | |||||||||||||||||||||||||||||||||||||||||||||
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Back page page. |
Linux Links of the WeekGeekIssues promises "Technology, Politics, Sarcasm." It covers a wide range of issues, many of which are of interest to the free software community. In case you've not looked at enough patent information...what was once the IBM patent database is now Delphion. Should you ever want to delve into the details of a patent, this is the place to look. Section Editor: Jon Corbet |
December 21, 2000 |
|
|
This week in historyTwo years ago (December 24, 1998 LWN): it was a slow week, due to the holidays. Back then, too, people were wondering about what IBM was going to do... But what's really held IBM back from an official support alliance with Red Hat, say sources close to the company, are legal issues. If IBM supports Linux the way it supports other operating systems, it will need to tweak the operating system itself, and that could raise liability questions neither IBM nor its many partners want to deal with.
People seemed to have reached a point where they worry a lot less about the liability issues. ZDNet ran a Top Tech Newsmaker poll. Linus Torvalds came in second, having been beaten, 2-to-1, by Jenni of the JenniCam. After resisting for some time, Red Hat quietly dropped a set of KDE RPMs into its "Rawhide" distribution. Red Hat also put an end to its practice of dropping updates into second and subsequent pressings of its CDs. Until then, one Red Hat 5.0 CD could be visibly identical to another, but have a different set of packages. GNOME 0.99.0 was released.
One year ago (December 23, 1999 LWN): Eric Raymond announced his forthcoming book, The Art of Unix Programming. The book was to document what makes the Unix tradition special, and was to be written with a great deal of help from the community. Eric did not, however, set a deadline for this book; currently it is available through Chapter 2. People wondered about the 2.4 kernel... Colin Tenwick, vice president and general manager European operations for Red Hat, confirmed that the kernel would be released formally to the Linux community the same time as Windows 2000.
Needless to say, things didn't happen that way. In an attempt to get a guess at when the release would happen, Tummy.com announced its When's 2.4 poll. From the results page we see that the most optimistic entrant picked January 27, 1999. A full 87.7% of the entries taken so far (it is still open, obviously) gave dates prior to the present. Richard Stallman called for a boycott of Amazon.com as a result of Amazon's use of software patents. Linux-Mandrake 7.0 beta was released, as was Mozilla M12. Corel's Linux distribution was due to hit the shelves any day. Meanwhile, the company foreshadowed the general decline in Linux stocks by dropping down into the low teens from its high of $43. Of course, the low teens would look pretty good to Corel investors these days... Red Hat, instead, announced a two-for-one stock split. Even if Linux does turn out to be the greatest thing since the graphical user interface, I sincerely doubt that people buying shares of VA Linux (or any of the Linux companies) at their current valuations will do anything but lose sleep and/or money.
| |
|
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Fri, 15 Dec 2000 00:51:21 +0100 (MET)
From: David Kastrup <David.Kastrup@neuroinformatik.ruhr-uni-bochum.de>
To: letters@lwn.net
Subject: Defamation of Pascal
I take exception to the uncommented and uninformed bigotry of Linus
Torvalds against Pascal in his one-year old quote given in last Linux
Weekly, especially as this nonsense is picked up by the editor:
The fact that our forefathers were Pascal-programmers, and
started counting from one does not mean that we have to
continue that mistake forever. We've since moved on to C,
and the change from 1999->2000 is a lot more interesting in
a base-10 system than the change from 2000->2001.
Of course, it looks like no 2.4.0 by the end of the millennium
even by the reckoning of Pascal programmers...
The pure unadulterated fact is that Pascal is agnostic. Its arrays
start wherever the programmers want them to start.
You can declare:
var at1: array [1..30] of integer,
at0: array [0..29] of char,
at5: array [5..10] of -3..7;
Pascal has enough faults of its own. We don't need to start
phantasizing about imaginary ones.
Most probably Mr. Torvalds is confusing Pascal with Fortran which
indeed has its arrays starting at 1.
David Kastrup Phone: +49-234-32-25570
Email: dak@neuroinformatik.ruhr-uni-bochum.de Fax: +49-234-32-14209
Institut für Neuroinformatik, Universitätsstr. 150, 44780 Bochum, Germany
| ||
Date: Wed, 20 Dec 2000 16:21:53 -0500
From: "Jay R. Ashworth" <jra@baylink.com>
To: letters@lwn.net
Subject: "Network Appliances" -- what a difference a year (and Linux) makes
Well, tis almost Christmas.
One of the presents a manufacturer hopes you'll put under someone's
tree this year is the New Internet Computer; the Internet- and Linux-
based network computer from a subsidiary of Oracle -- the company
that's been trying to promote the network computer idea for years, in
hopes of breaking the Microsoft monopoly; Larry Ellison reputedly hates
Bill Gates' guts.
The rapid advances in Linux development in the last several years,
combined with the near-ubiquitous presence of the Internet in the
American home, and the appearance of motherboards that actually
have integrated peripherals powerful enough to *use*, have brought
things to a point where the New Internet Computer Company can sell
their "Internet Appliance" for $199, without a monitor but including
everything else, *without* an Internet bundling/kickback deal.
This last point is very important: has anyone heard anything of the...
damn; I can't even remember the name :-) -- that integrated LCD screen
IA that was released around last Christmas, made tandem waves by being
hacked, and then by annoying the manufacturer because it was being
hacked.
Why was the manufacturer annoyed? Well, because they decided on a
"give away razors; sell blades" business modem that had them making
most of their money off the bundled Internet access service... which
the hackers weren't using.
The NIC people didn't make this mistake. You can use their little
black box with any internet service you like; commercial dialup
services, Netzero, even BAMnet, a Pennsylvania based combination ISP/
CLEC who bill the long distance and access at a combined 6.5c/minute,
passing it through to your local phone company; no advance setup,
apparently, required. (Presumably, you have to dial that carrier's
1010 code, but that's it.)
Even more importantly, though (to me, and I suspect to many others)
will be the fact they've *also* included 10/100 Ethernet (and USB) on
the box. The theoretical advantages of the X-terminal model in
business have long been understood -- minimization of desktop
maintenance and the like being the biggest -- but the things have just
been too damned expensive.
Not anymore.
$200 plus a monitor is sufficiently cheaper than a "real PC" to make
the *inital* cost differential something you can sell to management,
let alone the reduction in recurring costs. The software is Linux
based; the changes for the custom hardware are GPL'd; the application
field for Linux is growing... how could it get much better?
I've talked to NIC's sales manager, concerning the one point in their
sales agreement that gave me pause: they effectively limit sales to
retail end-customers. He tells me that this is primarily because their
margin on the boxes is razor thin -- they won't be offering discounts
at *all*.
Hey, that's ok for me. I can add enough value to sell them for $300 a
desktop, and still save people a shitload and a half of money in the
long run.
And since they got all the glue right, they'll be useful to many
people, in many environments, that the original manufacturer (in the
immortal words of Arlo Guthrie) hadn't even counted upon.
In the long run, since they make, not lose money on every unit, that
can only benefit the manufacturer. Case in point example to everyone
else. In the Internet Age, you can't *pull* a fast one; it will break.
[ checks the LWN archives ]
Let this be a lesson to the manufacturers of the i-opener; perhaps
their choice of product name will prove more prophetic than they had
expected.
A quick glance at their website ("you've tripled the price, why?" and
"Why is Netpliance announcing a 'membership program'?") suggests not.
I especially like the *answer* to that last question:
> Netpliance is introducing the Membership Program because the components
> of the program will provide our customers with an even more fulfilling
> online experience that, once again, is centered around simplicity. This
> is the principle upon which we founded the company. We choose to
> reinforce that commitment to our customers whenever we can.
Does anyone here need any more on that?
Cheers,
-- jra
--
Jay R. Ashworth jra@baylink.com
Member of the Technical Staff Baylink
The Suncoast Freenet The Things I Think
Tampa Bay, Florida http://baylink.pitas.com +1 727 804 5015
| ||
From: Anton Ertl <anton@a0.complang.tuwien.ac.at> Subject: Elevator algorithms To: letters@lwn.net Date: Thu, 14 Dec 2000 14:55:59 +0100 (MET) There are a few aspects that earlier messages missed: All file systems require that the disk writes the blocks in the given order, otherwise the file system may be corrupt upon a power outage (and yes, we have had power outages on system with an UPS, due to the UPS breaking down). That's certainly true for journaling and log-structured file systems, and file systems that use ordering constraints to maintain a certain amount of consistency (e.g., BSD FFS without and with soft updates). Even file systems like ext2 that rely on fsck instead of write ordering constraints, need synchronous writes upon fsync. Data bases also have write ordering constraints (they usually work similar to journaled file systems). AFAIK the only way to ensure these write ordering constraints are heeded on current disks is by turning off write caching (see http://www.complang.tuwien.ac.at/anton/hdtest/). So anyone with valuable data will turn off write caching; on a SCSI disk I measured there was no way to enable write caching, presumably because SCSI disks are usually used for valuable data. Unfortunately no-write-caching implies a total order on the requests, whereas the actual write order requirements are usually a partial order. An elevator algorithm can exploit the freedom available in the partial order to produce a more efficient sequence. - anton | ||
Copyright © 2000
Eklektix, Inc., all rights reserved