Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsLoki cuts staff, but remains for the long haul Rumors have flourished recently regarding the demise of popular Linux games maker Loki Entertainment Software. The problem seems to have started with posts to the LinuxGames web site from an ex-employee of Loki, who was just out looking for other work and out to let people know he was moving on. Discussion ran rampant on why so many developers were leaving Loki. Was the company in trouble? Is Tribes 2 the last gasp for the premiere Linux gaming company and all around favorite of the hacker crowd? Not hardly. Like many companies in the high tech arena, Loki has to deal with the realities of a tight economy and, on top of that, a small market niche. While games on Linux seem to thrive and be one area the public is not overly concerned with paying cash for software, there really isn't a large enough market to support a large development team at Loki. The desktop world needs to evolve further to expand Loki's penetration. "The Linux market is still very small--much smaller than the Mac market," said Loki co-founder and President Scott Draeker in an email interview with LWN.net. While the community as a whole has been very good to the company, and the press has offered high praise for their products and support, no one is making a fortune at the small California based company. "Some [people] have assumed that all the good news and good work we were doing meant that we had all become instant millionaires. Not a chance." In fact, Draeker says they aren't even making money yet. Then again, that doesn't mean they're ready just yet to shut the doors to the business. "We're in this for the long haul. We want to build a Linux gaming industry. That takes time and plenty of sweat and cash. And no, we are not profitable. But we aren't going anywhere either." Finding cash has been a high priority for Draeker since last year. He says the company knew back in December that funding wasn't becoming available and that employees were told about the situation. "We told them they were welcome to stay," noted Draeker, "or start to look for other jobs. A number of people left over a period of 3 months. At that point most had gone about as far they could with the ups and downs associated with being a start up in a down market." Now the company is running at break even levels. Says Draeker, "We've cut back to a size where we can sustain our operations exclusively from sales revenue. That said, we are still looking for funding partners." Loki is in the midst of a releasing two new games for the Linux platform: Tribes 2 and Sid Meier's Alpha Centauri. Tribes 2 is a first person shooter based on team tactics, where players work within teams to do battle with human and AI opponents. Alpha Centauri is a simulation and strategy game where players conquer entire planets or build their own utopian society on earth. They've also started a bonus program to offer discounts on multiple purchases from their Web site, as well as a program for LUGs (Linux User Groups) that can purchase products in quantity at a discount with Loki picking up the shipping charges. While the release of two new games can likely help maintain revenue to keep the company going, Loki's software plans are not designed for porting games alone. "A great deal of the work we've done on projects like SDL and OpenAL lays the foundation for us to access larger markets for our products. Our open source projects aren't really designed for porting games, but for creating them." At the recent Colorado Linux Info Quest conference, Draeker compared the gaming industry to Hollywood. "Lots of movies get made but just a few blockbusters make the profits. Loki is looking for a blockbuster." Although he alluded to the possibility of Loki working on games for console systems in the future, he said the recently canceled Linux-based game console Indrema was never more than vaporware. Loki hadn't been working on games for that system. In the short term Loki remains focused on building revenue streams. In a tough economy that often requires cutting back, even for a Linux favorite like Loki. But it's not the end. Just a speedbump. World domination, at least for Loki, may still just be a point and click away. Fun laws in Europe. The United States has taken a lot of grief in recent years for a number of laws that, shall we say, were not particularly well thought out. Every now and then, however, the world makes it clear that the U.S. has no monopoly on legal silliness. This has been one of those weeks. Consider, for example, the new copyright directive issued by the European Council of Ministers. As good a summary of any, perhaps, can be found in this congratulatory message from the European Commission. The purpose of the directive is to "harmonize" European laws on copyright, and, incidentally, "bring European copyright rules into the digital age." That, of course, is code for adopting something that looks much like the American Digital Millennium Copyright Act (DMCA), which has already caused more than its share of problems. Consider, for example, the following: Firstly, rightholders have complete control over the manufacture, distribution etc. of devices designed to circumvent anti-copying devices. A more flexible solution in this regard would have carried a greater risk of abuse and piracy. This language is described as "a balanced compromise." This is exactly the sort of provision that got the DeCSS code in trouble in the U.S.; expect similar problems in Europe. The directive has little interest in fair use in any form. Even time shifting of television programs is regarded as an actionable use for which compensation should be expected. In general, the directive is fearful of digital copying: However, as far as private copying is concerned, the quality and quantity of private copying and the growth of electronic commerce all mean that there should be greater protection for rightholders in digital recording media (whereby unlimited numbers of perfect copies may be made rapidly). When a government is trying to restrict rights, it always helps to have an enemy. Copying is now that enemy, and any sort of means is justified in attacking it. But the free software world thrives on copying and freedom of information. The new European copyright directive reduces that freedom; it is only a matter of time until the free software community runs afoul of it. Web site registration in Italy. Italy, it seems, has a new law which defines web sites, especially those which are periodically updated, as "editorial content," and makes them subject to the laws covering newspapers. What that means, essentially, is that Italian web sites must:
Those interested in the details can see Come mettersi in regola con le norme sulla stampa ("How to comply with the press regulations") on the InterLex site. (The text, strangely enough, is in Italian). The attitude behind this whole thing, perhaps, is best summarized by this quote from Paolo Serventi Longhi, the secretary of the Federazione nazionale della Stampa (the national journalists' union), as found in Punto Informatico: Thus ends, at least in Italy, the absurd anarchy which allows anybody to put information online without regulation, controls, or guarantees of a minimal quality or standards to the user of information products... (Translation by the editor). The law places responsibility on Internet service providers as well; ISPs can find themselves responsible for the operation of a "clandestine press." It also applies to servers that are hosted outside of Italy - as long as the content originates in Italy or is transmitted into Italy. Violators are subject to fines and up to two years in jail. We talked briefly with Michel Morelli, producer of the Italian Linux news site ZioBudda, who sees this law as "a threat to 3/4 of the Italian Internet," and who pointed out this online petition calling for the repeal of the law. The petition had almost 34,000 signatures as of this writing; certainly it could use more. This sort of law is scary, even in Italy, which is full of weird laws that are widely ignored. Regularly-updated web sites are not uncommon - the other variety is generally called "dead." In particular, any site hosting free software certainly needs regular updates, or it is useless. Any kernel.org mirror could find itself in trouble. Even if it is not widely applied, this kind of law can be used to shut down sites that somebody in power finds inconvenient. It also does not take a whole lot of paranoia to imagine this sort of reasoning leading to the conclusion that distribution of software, too, needs more "regulation, controls, and guarantees." Consider that Italy is about to elect a Prime Minister who controls half the television channels in the country (to a post that controls the other half), and who has stated his intent to create a new "ministry of information" under the control of an industry leader. And consider that these sorts of bad ideas have an unpleasant habit of spreading across borders. Free software will not get very far without freedom, and threats to freedom come in many forms. We have a lot of battles to fight, still. Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
April 19, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Security page. |
SecurityNews and EditorialsRed Hat mkpasswd limitations. A limitation in the Red Hat mkpasswd command was discussed on BugTraq this week. Mkpasswd is an expect script that can be used to generate random passwords. Similar to a recently reported problem with a password generator for the Palm, it seems that mkpasswd uses an inadequate seed, based on the process ID, which results in a much smaller pool of passwords than is expected. Of course, the smaller the pool of passwords, the easier it is to brute-force a password. In addition to the importance of using a good random seed in the password generator, the need to reseed was also discussed. Using the Tcl 8 rand() function as an example, it was shown that seeding only once produce in the range of 22,000 passwords before duplicates began to occur. The Tcl 8 rand() function uses the system clock for a seed. Alternately using a weaker seed but reseeding with each invocation, more than 45,000 passwords were generated without a duplicate occurring. We expect an update for the Red Hat mkpasswd command will be provided in the near future. Meanwhile, sites that use password generators to assign passwords may want to look more closely at the algorithms upon which they are depending. Disabling Module Loading Caveat. A piece of information was accidentally left out of last week's lead-in editorial, which talked about using the capability bounding set to disable the loading of kernel modules. In June of 2000, Patrick Reynolds sent in a Letter to the Editor pointing out that "/proc/sys/kernel/cap-bound maps directly to the cap_bset variable in kernel memory". As a result, unless CAP_SYS_RAWIO is disabled (it controls access to /dev/mem), it is possible to use /dev/mem to load new code into the kernel (this will require access to a valid System.map file). Unfortunately, disabling /dev/mem will break many things, including X and potentially many other user-space programs. The use of capability bounding sets will still assist in protecting systems from many current rootkits that use loadable kernel modules, but, as common with most security issues, they only provide a partial solution. (Thanks to Neale Pickett for pointing out our error in omitting this information last week). Carko distributed-denial-of-service tool. A new distributed denial-of-service tool, named Carko, was reported on various systems this week. Carko is a clone of stacheldraht+antigl+yps, with apparently as little as one source code line difference. However, it has been updated to leverage much newer vulnerabilities, in particular a buffer overflow in snmpXdmid under Solaris. Although Carko is not currently targeting Linux vulnerabilities, it is a reminder that the problem of distributed denial-of-service attacks has not been resolved. For now, the best defense for all of us is not only to close all vulnerabilities on our own systems in a timely manner, but also to encourage and support everyone else we know to do likewise. Carko is spreading because the availability of hosts with open vulnerabilities is vast. CRYPTO-GRAM newsletter. Bruce Schneier's CRYPTO-GRAM newsletter for April is out. It covers computer security from a military defensive point of view, the fake Microsoft certificates, and more. Microsoft: Closed source is more secure (SecurityFocus). SecurityFocus has put up a report from Microsoft security head Steve Lipner's talk at the RSA Conference. "Lipner slammed the open source development process, suggesting that the often-voluntary nature of creating works like the Linux operating system make it less disciplined, and less secure. 'The open source model tends to emphasize design and development. Testing is boring and expensive.'" Reading through the comments posted to SecurityFocus revealed little support for Lipner's words, but that could be expected from an audience that is both security-savvy and extremely familiar with Open Source software. The most relevant comment we found was from "Will" who pointed out that the majority of advisories from Microsoft credit people outside their own staff for finding the security holes. That indicates that a "dedicated, trained, full time and paid" staff isn't the answer either. Neither closed source nor Open Source software is as secure as it needs to become. Security ReportsLinux Kernel 2.4 Netfilter/IPTables vulnerability. Under Linux 2.4, IPTables is used for building firewalls. It is implemented under the NetFilter framework, a raw framework for filtering and mangling packets. A vulnerability has been reported in the manner that the RELATED state is implemented which can be exploited to potentially bypass a firewall and access ports that are assumed to be protected.The NetFilter team has provided a patch for Linux 2.4.3. Note that the patch may be subject to future revision; a URL is provided where the latest version can be found. Presumably the patch, or its future incarnation, will be provided in an upcoming version of 2.4. Meanwhile, the original posting provides details that network engineers will want to examine to improve and tighten the use of the RELATED state. Samba 2.0.8 security issue. Andrew Tridgell posted a note to BugTraq that Samba 2.0.8 has been released to address a significant security vulnerability that allows local users to corrupt local devices (such as raw disks).
cfingerd format string vulnerability. A format string vulnerability has been reported in cfingerd ("Configurable Finger Daemon") which can be used remotely to gain root privileges and execute arbitrary code. An exploit for this vulnerability has been published and a patch to fix the problem is available.
Debian Security Advisory for exuberant-ctags. Colin Phipps discovered that the exuberant-ctags package, as distributed with Debian GNU/Linux 2.2, creates temporary files insecurely. This has been fixed in version 1:3.2.4-0.1 of the Debian package, and upstream version 3.5. Other distributions that ship this package will also be impacted.bubblemon kmem permissions vulnerability. bubblemon, an application that displays CPU and memory load as bubbles in a jar of water, is installed setgid kmem under FreeBSD. As a result, it can be exploited to execute arbitrary commands under group kmem. It has not been reported whether or not the same problem crops up on other BSD systems or on Linux. A new version, Bubblemon 1.32, has been released with a fix for the problem.web scripts. The following web scripts were reported to contain vulnerabilities:
Commercial products. The following commercial products were reported to contain vulnerabilities:
UpdatesNetscape 4.76 GIF comment vulnerability. Check the April 12th LWN Security Summary for the original report. The vulnerability can be used to embed executable Javascript in GIF comments which are then executed by the viewer when loading the GIF file. This has been fixed in Netscape 4.77, which is available for download from ftp.netscape.com.This week's updates: Previous updates:
ntp remotely exploitable static buffer overflow. An exploit for a static buffer overflow in the Network Time Protocol (ntp) was published on April 4th. This exploit can allow a remote attacker to crash the ntp daemon and possibly execute arbitrary commands on the host. Patches and new packages to fix this problem came out quickly. It is recommended that you upgrade your ntp package immediately. If you cannot, disabling the service until you can is a good idea. For more details and links to related posts, check BugTraq ID 2540.This week's updates: Previous updates:
IP Filter fragment caching vulnerability. Check the April 12th LWN Security Summary for the original report. IP Filter 3.4.17 has been released with a fix for the problem. BugTraq ID 2545.This week's updates: Multiple FTP daemon globbing vulnerability. Check the April 12th LWN Security Summary for the original report.This week's updates: Previous updates:ptrace/execve/procfs race condition in the Linux kernel 2.2.18. Exploits were released the week of March 29th for a ptrace/execve/procfs race condition in the Linux kernel 2.2.18. As a result, an upgrade to Linux 2.2.19 is recommended.Last week, Alan Cox put up the Linux 2.2.19 release notes, finally giving the specifics on all the security-related fixes in 2.2.19 (all thirteen of them!) and giving credit to the Openwall project and Chris Evans, for the majority of the third-party testing and auditing work that turned up these bugs. Fixes for the same bugs have also been ported forward into the 2.4.X kernel series. This week's updates: Previous updates:
OpenSSH 2.5.2p2 released. OpenSSH 2.5.2p2 was announced the week of March 29th. It contains a number of fixes (including improvements in the defenses against the passive analysis attacks discussed in the March 22nd LWN security page) and quite a few new features as well.This week's updates: Previous updates:
pico symbolic link vulnerability. Check the December 14th, 2000 LWN Security Summary for the initial report of this problem. Note that this has also been reported as a pine vulnerability, but the vulnerable component is still pico, not pine. Check BugTraq ID 2097 for more details.This is the first distribution update we've seen for this four-month-old vulnerability. This week's update: ResourcesHacker Tools and Their Signatures, Part One: bind8x.c. Toby Miller has started a series of articles detailing hacker exploits/tools and their signatures. The first article in this series focuses on bind8x.c. "The discussion will cover the details of bind8x.c and provide signatures that will assist an IDS analyst in detecting it. This paper assumes that the reader has some basic knowledge of TCP/IP and understands the tcpdump format". New Security Mailing Lists. In an apparent effort to lessen the load on the BugTraq mailing list, Security Focus has announced four new mailinglists:
Adore Detection. Duncan Simpson wrote in this week to point out a couple of tools that can be used to detect the Adore worm, including rkscan and checkps 1.3.2. "Checkps 1.3.2 in kill scanning mode should now detect adore due to two additional tests as to whether a pid really exists (adore "fixes" the kill system call)". EventsUpcoming Security Events.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Liz Coolbaugh |
April 19, 2001
LWN Resources | |||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Kernel page. |
Kernel developmentThe current kernel release is still 2.4.3. Linus's 2.4.4 prepatch has reached 2.4.4pre4; it includes much more stuff from Alan Cox's "ac" series, a number of fixes, and, interestingly, the zero-copy networking patch (see below). Alan Cox's series (currently at 2.4.3ac9) is getting smaller as the patches get into the mainstream kernel, but there's still quite a bit of stuff there. Some of what's there, including the user-mode Linux patch, will evidently not go to Linus at all, at least for now. Zero-copy networking will be in 2.4.4. This patch, by David Miller, Alexey Kuznetsov, and others, has been in development and testing for some time, and was incorporated into the "ac" kernel series back in 2.4.2ac4. In a way, it is a surprising change to see in a stable kernel series, since it makes fundamental changes deep in the networking code. From all reports, however, it is solid, and, in certain situations, it should produce significant performance benefits. Zero-copy networking speeds things up by avoiding, whenever possible, copies of the data to be transferred. In an optimal case, a buffer full of data sent over the network by an application (an FTP server, say) will go directly to the network interface from the application's memory. Without zero-copy networking, however, that's not how things are done - at a minimum, the data is copied into kernel space and assembled into one or more packets before going to the wire. All that copying can slow things down and fill up the cache; it's not surprising that people want to eliminate it. Making zero-copy work is not straightforward, and the patch is large. Various issues have to be dealt with, including:
To handle all of this stuff, the zero-copy networking patch makes some fundamental changes to the networking core code. Traditionally, packets are passed around via a struct sk_buff structure, usually referred to as an "skb." The skb contains the entire packet, headers and all. With zero-copy, an skb can now be "paged," or "nonlinear," meaning that it consists of several pieces which are not contiguous in memory. Much of the code which handles skb structures must be changed to take this new structure into account. The driver interface has also seen changes. There is a new "features" variable in the netdevice structure which is used to mark some of the capabilities of the device (and its driver); these include the ability to perform checksums, deal with high memory, and do scatter/gather I/O. This variable was actually added in 2.4.0-test12, just before the official 2.4.0 release, but it's only with the zero-copy patch that it is seeing some real use. The change in the driver interface means that zero-copy I/O is only possible if the relevant network driver has been updated to support it. So far, only the AceNIC and Sun HME drivers have been fully converted. The work required appears not to be large, assuming that the hardware is reasonable, so more drivers will likely be updated in the future. Zero-copy networking is not a win for everybody; it really only makes sense on high-end hardware and very fast networks. In that situation, though, it should be a real performance win; expect more amazing web server benchmark results in the near future. Children first. Adam Richter posted a patch which makes a subtle change in the way the fork() system call works. It is interesting to look at as an example of how little tactical changes can affect operating system performance. On Unix-like systems, the child of a process that forks gets a copy of the parent process's entire address space (normally). Actually copying everything, of course, would be most inefficient. Read-only memory (such as program code) can be simply shared, but writable memory requires a bit more cleverness. The technique used is to share the data space, but to mark it "copy on write" (or "COW"). Both processes see the same COW pages, until one of them tries to make a change. At that point, the kernel makes a copy of the relevant page, making it private to the process, which is unaware that anything has happened. The 2.4.3 kernel, on a fork(), puts the child process into the run queue and resumes executing in the parent. The child will run sometime later as part of the normal timesharing of the processor. It turns out that this is not the best way of doing things from a performance point of view, though. The parent process will likely go on modifying its private data, causing the system to make copies of the various COW pages shared with the child process. But the child, in most cases, is unlikely to ever look at those pages; instead, it will probably perform a few operations, then go and exec() some other program, which breaks its attachment to the shared pages. If the child were to run first, the parent would probably not need to copy all those pages, and performance would be improved. And, in fact, according to Linus, the performance difference is visible. As a result, this patch went into 2.4.4pre4 (though it does not show up in the changelog). Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
April 19, 2001 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsSlackware faces new obstacles, challenges. LinuxToday broke the news this week that Wind River, having purchased BSDi and vocalized its displeasure with all things under GPL and particularly with Linux, has laid off the Slackware development staff. Patrick Volkerding later confirmed the news, indicating that he, too, would be laid off, but stating strongly that Slackware is not folding up shop. He has sufficient funds to publish the next edition of Slackware, which is nearing release, but not enough funds to pay Chris Lumens, David Cantrell, and Logan for their on-going work. Note that Slackware is one distribution that has always paid its own way, bringing in sufficient revenue to keep the project going, without making millionaires of anyone. As long as Patrick Volkerding continues to lead the project, it is probable that Slackware will continue. The major impact of these new money problems will be a temporary distraction from development (noticeable already in this week's Changelog entries, or lack thereof) and possibly a difficulty supporting the new Alpha and Sparc versions of Slackware. In our experience, Slackware has possibly the most loyal following of all Linux distributions, even if that following is not large compared to the number of Red Hat Linux users. The next few months will demonstrate the worth of that loyalty. For those Slackware users that would like something concrete they can do to show their support, Slackware now has a Paypal account. Simply donate money via Paypal to "paypal@slackware.com". MandrakeSoft's Donations Page. On a similar note, though not accompanied by similar bad news, MandrakeSoft's Donations page is now on-line. In response to customer demand, MandrakeSoft has promised to provide a mechanism by which fans of the Linux distribution can donate money. In particular, many Linux-Mandrake fans that download the software for free have asked for a means by which they could also support the company. The page accepts donations and allows the contributor to specify the Linux-Mandrake project they would like to support. The Linux-Mandrake donations page and Slackware's Paypal account will be interesting tests to see how much, if any, money can be raised on a regular basis via voluntary donations. It is a particularly interesting way to support a commercial company and an interesting contrast, for example, to LinuxPPC's decision to become a non-profit organization, allowing such donations to become tax-deductible. We will be watching the results with interest. Red Hat Linux 7.1. Here is the announcement from Red Hat on the release of Red Hat Linux 7.1. It includes, of course (and among other things), a 2.4 kernel, tighter "out of the box" security, a new "customization guide," and the TUX web server. Although the most impressive improvements have been made in the server arena, desktop users can also look forward to new versions of Gnome, KDE, XFree86 and Mozilla. A new graphical version of Kickstart is intended to improve unattended installations. The security enhancement include such common-sense ideas as disabling network-based services by default and extend to configuring a firewall as part of the installation. Also announced by Red Hat was its new "Software Manager," which makes more Red Hat Network services available. Ratatosk closes down. The Ratatosk Project was an effort by Martin Skjoldebrand to provide a database of available distributions. Unfortunately, due to time commitments, Martin has closed the site down and moved on to work on the mhd helpdesk system. He has offered to make a copy of his distributions database available to people that ask. Distribution NewsSuSE News. Joshua Uziel pointed out a couple of weeks ago that the Sparc version of SuSE Linux was available for download. This week, SuSE Linux announced the release of the media-kit for SuSE Linux 7.1 for the Sparc architecture, containing a jewel case with the CDs. No printed documentation is included; the on-line documentation must be used. Tomsrtbt News. Tomsrtbt comes out in favor of free beer. Seemingly in response to this week's LWN article on how some distributions are making it harder to download a CD image for free, Tomsrtbt has announced that the distribution will be "available as a downloadable media image forever". Incidentally, tomsrtbt-1.7.250 has been released. (Tomsrtbt is a floppy-based distribution). Turbolinux News. Turbolinux, Inc. has announced the availability of Turbolinux Server (TLS) 6.5, its enterprise level Linux distribution. TLS 6.5 supports five languages, including English, Japanese, Korean and Chinese (traditional and simplified). This version includes a journaling file system. Debian News. Debian 2.2r3 has been released. This is a bugfix release, consisting mostly of security updates. Debian has posted a press release noting how to go about adding the 2.4 kernel to a Debian 2.2 distribution. Red Hat News. In addition to the release of Red Hat Linux 7.1 this week, Red Hat also put out a bugfix advisory for their Update Agent. This bugfix closes multiple bug reports and applies to Red Hat Linux 6.2 and 7.0. New packages are included for up2date, python-xmlrpc and rhn_register. deepLinux News. A package manager has been added to deepLinux ExOp, at customer request. The DeepLinux package manager is based on the Slackware package manager, with minor cosmetic changes intended to make the package manager easier for people migrating from support Unix systems such as Solaris. Slackware News. A new version of the Slackware Administrators Security Toolkit has been released, version 0.1.2.1. "This release fixes an installer issue and a potential race condition, includes more documentation, clarified XFree86 versions (not updated for X 4.0 yet), and removes shell limits". Linux-Mandrake News. From the MandrakeForum website, here are some interesting headlines from the past week:
More Distribution updates
Distribution ReviewsSuSE Linux 7.0 Professional review. Bill Henning has resurfaced with a review of SuSE Linux 7.0 Professional, the version of SuSE Linux aimed at proficient technical users. Of course, SuSE Linux 7.1 is already out there, but the review of the documentation provided with SuSE Linux is worth a peek. "The documentation is nothing short of excellent - it is very comprehensive, and they have had much more success in removing "germanisms" from the documentation with this release". Section Editor: Liz Coolbaugh |
April 19, 2001
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's On the Desktop page.
|
On The DesktopTaxing software: Considering the time of year here in the US, it isn't all that surprising that I was recently asked if I knew of any software for Linux that could help with producing tax returns. While the question is a bit moot at this point for US users, it is still interesting to note just what options are available in this category of applications. First, there are plenty of financial packages around for Linux, starting with the very popular GNUCash. While a decent clone of Quicken (with quite a few features still to go, however) GNUCash does offer extensions for writing tax software. There just doesn't seem to be any written yet. While GNUCash is great for managing finances in general, you can't handle your taxes with it. The problem isn't that projects don't exist to handle tax processing, there are plenty of those:
The bigger problem is that writing tax software is a difficult proposition. An extended discussion on finding and writing tax software took place late last year on Slashdot. The gist of the story is that because tax laws change and can be interpreted very loosely it's difficult to write accurate software for helping to calculate taxes. We're talking about something more than just an online form that adds numbers. It needs to be something that understands tax law. While tax software is difficult to write, it's not impossible. In fact, it's already been done - in Germany. Last week we reported on the release of Buhl Data Services' Tax2001, a tool for creating German tax forms that apparently runs on WINE. And this isn't the only country outside the US with projects for making Tax forms - a project is underway to help Canadian's handle their taxes, too. Even though there is a lack of available native software, it's not impossible to do your taxes using Linux. You just need a Web browser. Sites like SecureTax.com or TurboTax for the Web offer online services for users of any platform, though it has been reported that this latter service may require your browser to be Netscape or IE or else it may not work. Tax season is over for most Americans, and I'm not sure when taxes are due elsewhere, but managing your money using Linux is a year round process. While I use the Applix spreadsheet program to keep my budget, there are many other financial tools available. These include tools ranging from managing stock portfolios to balancing checkbooks to doing payrolls. Don't expect all of these to provide beautiful windowed interfaces just yet. Most tools are still primitive in form, but they are getting better. Expect to see a big advance in these tools over the next year since both of the major desktop environments - KDE and GNOME - now have very stable and extensible interfaces. KDE's KParts is not MICO. It was pointed out to me after last week's column on Bonobo's use of a CORBA implementation that my report on KDE using MICO was, well, just a little out of date. That was an understatement. The move from the CORBA-based MICO to the current KParts happened long before KDE2 was released. KParts is a non network transparent, shared library approach that was considered easier to develop with and provided better performance. The best clarification came from Daniel Burckhardt, who stated: Bonobo uses ORBit as a CORBA implementation while KDE experimented with MICO long before KDE2 was out. KDE abandoned CORBA-based interprocess communication because there were performance and compilation issues with MICO and because they felt that they could still fill their needs with a simpler approach. So they based DCOP (KDE's alternative to Bonobo) on libICE, part of the X11 libraries. KParts has an extension called XParts, which is how KDE embeds non KDE parts such as Gecko. Interestingly, searching for CORBA on KDE's web page didn't show anything about KParts. While this is understandable - KParts isn't CORBA - there was no information that said "KParts provides the equivalent to or similar functionality as CORBA". I just needed something that would point me to KParts when looking for KDE's counterpart to Bonobo. It was late and I really didn't know what exactly I was looking for anyway. Hopefully that's a problem I'll rectify as I get some test systems put together and can experiment more thoroughly with KDE and GNOME. Daniel also provided a note that KDE leader Matthias Ettrich is considering bringing CORBA back into the fold: To everyone's surprise, KDE's founding father Matthias Ettrich recently started a discussion about maybe bringing CORBA back to KDE, this time based on ORBit instead of MICO. For a good summary about possible advantages and disadvantages of that approach, have a look at Kernel Cousin KDE #5
Monkey business. Finally, it seems that while Ximian may be a barrel full of monkeys, the Bonobo project can't claim such a close heritage. Thanks to M Carling who pointed out the fact that Bonobos are not monkeys at all, but rather sit just off the branch that spawned humans. Carling also offered an update on the Bonobo's mating habits, but we'll leave that for a Discovery channel special.
Desktop EnvironmentsXimian hires new CEO. Co-founder Nat Friedman is stepping over to a VP role at Ximian to make room for a veteran CEO, David Patrick. KOffice 1.1 approaching Beta 1. In a posting to the KOffice Development mailing list, David Faure notes that the 1.1 Beta 1 release of KOffice is scheduled for packaging on April 18th. He included a release plan for the KOffice 1.1 release as well. Interoperability -- Progress at GUADEC. GNOME hacker David Mason wrote this GUADEC II coverage, reflecting on the progress made in ensuring GNOME/KDE interoperability. "We were graced by the presence of four or five KDE members. This was one of the more positive events to occur during the whole show. We had one formal meeting in the form of a BOF and many informal conversations throughout the show." Trolltech announces Qt 3.0 preview. Trolltech has gotten around to announcing its preview of Qt 3.0. The announcement includes a list of the new features in this upcoming release. GNUStep Weekly Update. The GNUStep project posted their weekly update. While GNUStep continues drive towards a desktop environment to rival GNOME and KDE, this update is probably of more interest to developers than users. Enlightenment gets a facelift. Noted in passing - the Enlightenment web site got a major update this past week. While most of the site is still under development, the Goodies page does give a nice overview of how the 0.17 release will be breaking out components of the window manager into low level back end services that can be used by other projects. FVWM2 update. FVWM2 also slipped in a little update on their web site back at the end of March - a new release candidate: 2.3.31. Desktop ApplicationsIt's Play Time: Linux Games Shipping Next Week. Loki has announced they are shipping two new games next week: Tribes 2 and Alpha Centauri Planetary Pack. They're offering both at a discount price when bought together. On the go...A developer's perspective on Agenda's VR3 Linux PDA (LInuxDevices.com). LinuxDevices presents a developers point of view on the new Agenda VR3. "It is encouraging to report that the VR3 is a fairly successful implementation of a Linux PDA, from both a user's and a developer's point of view." Guadec Diaries. In one of the more amusing and thorough diaries covering the recent GNOME User and Developer European Conference (GUADEC), Telsa Gwynne tells of her travails following (and leading) Alan Cox and company around the conference. Thanks to Havoc Pennington, who let us know about Dave's report and sent in one of his own. More GUADEC summaries can be found here. Section Editor: Michael J. Hammel |
April 19, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Development page. |
Development projectsNews and EditorialsPostgreSQL 7.1 is out, almost exactly one year after the 7.0 release. PostreSQL, of course, is a full-featured relational database management system with a long history. It remains the most feature-rich free database implementation (but MySQL claims better performance, still). The major additions in 7.1 can be seen in the announcement; in general, development this time around has been oriented toward the removal of long-standing PostgreSQL limitations. New features include:
The era of free software database management systems is getting closer, as the available software approaches the proprietary systems in power and performance. Given the current pace of development and the increasing level of commercial support behind free software databases, it would be surprising if corporate adoption did not begin to increase. Consider, for example, the success story related in this Linux Journal article by Great Bridge CEO Robert Gilbert: Just Sports saved itself a boatload of money by using the Linux operating system and PostgreSQL, a powerful open-source database management system, all running on Apache-powered servers. The final product is fast and highly customized with functions not available to users of Microsoft, Oracle or other proprietary software. Companies are understandably nervous about their relational database systems - if the database doesn't work, the rest of the system is guaranteed to have problems. As the performance, reliability, and features of the free alternatives become clearer, though, the economics of free databases are likely to inspire many more stories like the one related above. Samba 2.2.0 released. The Samba Team has released samba-2.2.0, the first major Samba release in some time. The list of new features can be found in the announcement; it is long, and is oriented, of course, toward even tighter integration between Windows and Unix/Linux systems. AudioCSL 0.1.1. The initial release of CSL - the Common Sound Layer - has been announced. CSL is an attempt to encapsulate audio code into a single module in order to facilitate the easy creation of portable code.BrowsersQt Mozilla released. The effort to port Mozilla to the Qt toolkit began sortly after the initial Mozilla source release. As of April 17, the results are actually available as part of the regular Mozilla source tree; see the announcement for details.ClustersAlinka Clustering Letter. The Alinka Clustering Letter is celebrating its first birthday. This newsletter provides a rundown of interesting conversations, events, and announcements from the Linux clustering community.DocumentationLDP Weekly News for Apr. 17, 2001. The latest issue of the LDP Weekly News carries word of updates to the XML-RPC and Apache Overview HOWTO's, among others. EducationLinux in education report #42 for April 16. The latest issue of the Linux in Education report has been published. Embedded SystemsBuilding a Linux/RTAI based software radio (LinuxDevices). LinuxDevices.com describes a do-it-yourself demonstration of the capabilities of RTAI, a real-time Linux add-on. The demo consists of a floppy-booted Linux system that uses an RTAI task to create a radio carrier on which synthesized music is superimposed. FinancialThe Finicky Financial Trading System. Version 0.5 of the Finicky Financial Trading System is out. FFTS is oriented toward front-office trading and risk management; it looks like a good tool for the more advanced investors out there. It is based on Qt and PostgreSQL, and it is licensed under the GPL.GamesThe Chopping Block returns. After a bit of an absence, the Chopping Block, an electronic newsletter covering the WorldForge project, has released an April issue. It covers the Acorn 0.3 release, WorldForge outreach efforts into the gaming community, an interview with Acorn team head Al Riddoch, and more.InteroperabilityWine Status A new Wine Status Report came out on April 16. It is terse and oriented toward those who know the code, but it does give an overview of where the various Wine components stand.Mail SoftwareMailman 2.0.4 has been released. The biggest changes in this release are fixes to make it work with Python 2.1; for people who aren't upgrading their Python soon this release is considered "optional."Network ManagementOpenNMS Update. The OpenNMS Update for April 17 is out. It covers the 0.7.3 release, upcoming road shows, and more.Office SystemsGNU HaliFAX Viewer 0.21. Version 0.21 of the GNU HaliFAX Viewer has been released. It is the fax viewer component for the HaliFAX project, which plans to provide a set of client applications for free fax systems.ScienceLinux in Science report #9 for April 17. The latest issue of the Linux in Science report has been published. Software DevelopmentSavannah status report. Savannah, the GNU Project's answer to SourceForge, has posted a status report. It seems that Savannah will be open to free software projects that are not part of GNU, something which had not been clear until now. There is, however, trouble in that a web interface is needed for GNATS, and nobody is currently on the job. If you're looking for a project to help out GNU, this could be the one.SourceForge more popular than beer? Here's a news item on the SourceForge site pointing out that a search on Google for "SourceForge" turns up 3,570,000 hits, while searching for "beer" only gets 3,120,000. This presumably means something... StandardsDraft 6 of the POSIX/Single Unix Specification available. The Austin Common Standards Revision Group has announced the release of draft 6 of the "Joint Revision to POSIX and the Single Unix Specification." This standard draft is a mere 3698 pages long; nonetheless review and comments are being requested. The comment period will be open until May 21.Web-site DevelopmentZope 2.3.2 beta 1. The first beta of Zope 2.3.2 has been released. This release fixes some problems with Zope 2.3.1; it looks like a small patch, and no further changes are planned before the official 2.3.2 release.Zope 2.4 will require Python 2.1, to the evident disgruntlement of some Zope users. People who follow the bleeding-edge Zope code will need to get Python 2.1 installed fairly soon; everybody else can wait until they decide to install Zope 2.4, which, of course, does not exist yet. The 2.4 release will contain a number of internationalization improvements, and those require the better Unicode support that Python 2.1 provides. PHP Networking (ONLamp). ONLamp has posted a tutorial article on PHP's networking functions. It gives particular attention to sending mail from PHP scripts, but it also gives an overview of the networking functions in general. Window SystemsNew developer releases of GTK+ libraries. Owen Taylor posted to various mailing lists yesterday the release of new libraries for the GTK+ family. Included here are GTK+-1.3.4, GLib-1.3.4 and Pango-0.15. Pango is the library for the layout and rendering of text being written for the upcoming 2.0 release of the GTK family of libraries. Note that these are all developer releases, not intended (just yet) for production applications. Section Editor: Forrest Cook |
April 19, 2001
|
|
Programming LanguagesCFree ISO C reference manual. Sandro Sigala has released a reference manual for the C language under the GPL; it is available as PostScript or as LaTeX source.CamlCaml weekly summary. David Mentré has kindly sent us his overview of events in the Caml programming community.HaskellGlasgow Haskell Compiler version 5.0 released. A new version of the Glasgow Haskell compiler, which is a Haskell 98 implementation, has been released. JavaVolano Report. A new Volano Report on Java network performance is out. Linux-based systems do well on the network messaging benchmark, and the Blackdown Java implementation maxes the scale on the network scalability test. As was stated by John Neffenger, who ran the tests: "Blackdown's Java VM using green threads on Linux is the only hope for pure Java servers with lots of connections -- at least while we're waiting for the Java 1.4 'new I/O' (or a different Linux threading model)."PythonPython 2.1 is out; the announcement went out on April 17. It includes a number of new features, including nested scopes, the __future__ mechanism, weak references, function attributes, support for more platforms, and more.
This week's Python-URL. Here is Dr. Dobb's Python-URL for April 16, with coverage of the 2.1 release, Python interfaces, and other news from the Python development world. Python-dev summary. The Python-dev summary for April 11 is also out. It talks about the magic __debug__ variable, inverse string interpolation, and other topics relating to the development of the Python language. Tcl/TkThis week's Tcl-URL. Dr. Dobb's Tcl-URL for April 16 is out, with coverage of the Tcl/Tk 8.3.3 release and more. Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Commerce page. |
Linux and BusinessOpen source software in EU public administrations. A European Commission initiative called IDA ("Interchange of Data between Administrations") ran a symposium on "Open source software in EU public administrations" back in February. The presentations from the symposium are now available online, in PDF format. The presentations are worth a look; they provide a view into how a number of European governments are looking at open source software. For those who would rather not deal with PDF files, Stéfane Fermigier has kindly provided us with one of these documents, the conclusions, in plain text. In short, their conclusions are good news for the open source community. ActiveState launches ASPN Initiative. ActiveState has announced the ActiveState Programmer Network (ASPN), which delivers tools and knowledge to enable programming with open source technologies. For example, the ASPN includes quality-assured binary distributions of Perl, Python and Tcl; multi-language and platform IDEs; technical references, sample code and other helpful information. Access to ASPN is not completely free and open, at least not for all resources that ActiveState has to offer. There are three levels at which developers can join. ASPN Open provides a free online resource for casual and new programmers. ASPN Komodo builds on ASPN Open and is designed for professional programmers. The Komodo IDE and updates for a year are included with ASPN Komodo, priced at $295 for an annual subscription. ASPN Perl includes access to all O'Reilly Perl texts and other Perl programming resources, on top of everything ASPN Komodo offers, and has an annual subscription fee of $495. Samsung, Lineo form Lineo Korea. Samsung and embedded Linux maker Lineo have formed a joint venture called Lineo Korea. National Semiconductor, Samurai announce Brazilian Linux system. National Semiconductor and Samurai have announced that, in response to a challenge from the Brazilian government, they have designed an inexpensive, Linux-based computer intended to provide affordable Internet access. It uses a flash drive, and has no moving parts. BSDi to Become iXsystems, Inc.. The sale of the BSD operating system units to Wind River haven't closed down BSDi. They apparently will be changing their name to iXsystems, licensing BSD/OS from Wind River and concentrating on rack mounted systems, server appliances and advanced systems. New IBM Chips to Drive Innovative, Lower-Power Internet Appliances. While mostly just hype for new IBM chips, this press release states a fairly obvious point of view for the future of computing. "In the PC environment, one proprietary operating system and one standard chip type defined how the products would look and perform. Internet appliances, however, are expected to take many forms, made possible by software like Linux and IBM WebSphere, as well as adaptable chip technology like PowerPC IAP." Linux Stock Index for April 12 to April 18, 2001
LSI at closing on April 12, 2001 ... 29.47
The high for the week was 31.83
Press Releases:Open source
Proprietary Products for Linux
Servers and bundled products
Products and Services Using Linux
Products With Linux Versions
Java Products
Books & Training
Partnerships
Personnel
Financial Results
Linux At Work
Other
Section Editor: Rebecca Sobol. |
April 19, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux in the news page. |
Linux in the newsRecommended ReadingThe beast of complexity (Economist). The Economist has put together a lengthy survey of the software industry, which includes, among much other stuff, a look at open source. "Open-source communities, for example, are fascinating social structures. Similar communities could one day produce more than just good code. Thomas Malone, professor of information systems at the Massachusetts Institute of Technology, sees great opportunities ahead: 'The Linux community is a model for a new kind of business organisation that could form the basis for a new kind of economy.'" Battle for the Unseen Computer (Technology Review). According to this article, LynuxWorks questions the suitability of Linux to the embedded world. "It is just such real-time operation that skeptics say eludes Linux. Linux is built to run a given command from start to finish. That's why the embedded systems that run on Linux to date are ones where real time is not critical, such as the Kerbango radio. Disagreement about the best way to make Linux real-time-and whether it's possible to make Linux real-time at all-are splintering the embedded-Linux movement into less-than-friendly factions." CompaniesIn an instant (Denver Rocky Mountain News). Jabber.com's business model and technology from the open source Jabber project may make it the de facto standard for instant messaging, says this article from the Denver Rocky Mountain News. "Instant messaging is seen as having great potential in a number of areas, including employee collaboration... That could help speed up the way business is conducted and projects are completed. [Unfortunately,] the big players, trying to protect their own markets, have been reluctant to embrace an industry standard." iomojo creates open camera server project (LinuxDevices). LinuxDevices.com writes about Silicon Valley startup iomojo, an embedded Linux company that is designing a media-centric server appliance. "Basically, all that's required to implement iomojo's camera server is an appropriately configured computer running Linux, equipped with an inexpensive video camera and video capture card. The latter two items are available for a few hundred dollars." Freenet developer to create commercial apps (InfoWorld). Here's an InfoWorld article on Uprizer. "The outstanding difference in the software Uprizer develops compared with that for Freenet will be absence of those capabilities that shield users' identities. Clarke said the goal is to retain the positive qualities of the Freenet architecture but deliver software that is palatable to corporate users." Ian Clarke's Uprizer Gets $4 Million (NewsBytes). NewsBytes reports on Uprizer, the company created by Freenet founder Ian Clarke. Uprizer has evidently scored $4 million in venture funding, from Intel no less. "Uprizer can save businesses money in the distribution of software, games, video and other content, he said. 'We feel we can streamline that process and help people save money on bandwidth cost.'" HP Backs Open Source Server (ZDNet). HP thinks the Enhydra server software is becoming another important piece of the open source world. "Part of the reason HP is backing Enhydra is its ability to deal with eXtensible Markup Language messaging and wireless applications based on I-mode and Java 2 Micro Edition cellular phones. Netservers are often used to host wireless applications, and the availability of Enhydra helps "companies looking for ways to use mobile technologies," said Nigel Ball, general manager at HP's e-Services Partner Division." Game Over for Video Console Firm Indrema (San Francisco Chronicle). The SF Chronicle covers the demise of the Linux-based Indrema game console project. "Indrema said it amassed an active community of 50 to 100 developers, and that "potentially hundreds" of projects were in the works. Most of those titles will be redirected to personal computers running Linux, Gildred said. He denied that a lack of big-name developers contributed to Indrema's flameout." Plans for Linux game console fizzle (News.com). News.com looks at the demise of Indrema. "[Indrema CEO John] Gildred said there were close to 200 Indrema games in development, including 30 or 40 far enough along that the company hoped to have them available when the console launched. The fate of those games and the Indrema format will likely hinge on current negotiations to sell Indrema's intellectual property. If the Indrema standards and other technology are released as open-source software, the format may live on." ProductsLow-cost Indian PC to hit market soon (News.com). C|Net reports that India is getting ready to launch its inexpensive Linux-based Simputer. "Vinay Deshpande, president of the Manufacturers Association of Information Technology (MAIT), said the low-cost was due partly to the use of the Linux operating system and other open-source software." O'Reilly's look at Napster alternatives. O'Reilly's P2P site does a rundown of the available alternatives to Napster for searching for programs, images, video, documents, and, of course, MP3 files. Most of the options make use of Gnutella. BusinessOpinion: Inder Singh on The ELC Platform Specification (LinuxDevices). Dr. Inder Singh has written this opinion piece on why he believes the ELC Platform Specification will succeed where the POSIX effort failed. "Now, there is a real opportunity for Linux to fulfill the promise of UNIX and POSIX. Linux is already available from many vendors, and since all the different versions start with the same kernel, there is a high degree of compatibility and interoperability between different embedded Linux distributions. At the same time, Moore's law has largely eliminated the resource constraint issue. In fact, with the falling prices and increasing power of system-on-chip (SOC) devices and memory, and the growing software complexity of embedded applications, a Linux style of operating system with its process model is an excellent fit for today's high volume embedded devices compared to the legacy flat address space real-time operating systems that can work with MMU-less CPUs." Here's a copy of Singh's slide presentation given at the ELC's annual membership meeting on April 9, 2001. Singh is the Chairman of the Embedded Linux Consortium (ELC) and is also CEO of LynuxWorks. Linux gets embedded (ZDNet). In a short summary of who's who in the Linux Embedded marketplace, ZDNet says that the little guys are taking on the big players with high hopes. "Linux, a clone of the Unix operating system that competes with Windows, got its start in servers. A number of companies, such as TimeSys, Red Hat, Lineo, LynuxWorks and MontaVista Software have been working to squeeze it into smaller embedded devices such as network routers, handheld computers and set-top boxes." Microsoft's campaign to help Linux on the desktop (ZDNet). According to this ZDNet article, Microsoft is doing the Linux desktop a favor by releasing XP - because XP uses XML as its file format. "Office's use of XML could help the Linux desktop as much as Microsoft's opening of SMB allowed Samba to help Linux become such a competitive server. To be sure, there are still usability issues with current Linux GUIs, and Windows still runs many more applications than the Linux desktop." Leave everything to me... not! (ZDNet). Evan Leibovitch says in this ZDNet op-ed piece that while Microsoft offers too little choice, Linux offers too much. "It's a feature, not a bug, that Linux is about choice. Recently I wrote about the increasing progress being made by the Linux Standard Base, a group that seeks to make life easier for software developers while encouraging diversity among Linux distributions. And I've been happy to hear reports coming from this month's GNOME developer's conference, GUADEC II, where interoperability was a major concern." ReviewsRed Hat Unveils Latest Linux Distribution (InternetNews). InternetNews reviews Red Hat Linux 7.1. "The latest release also includes updated versions of the GNOME and KDE GUIs, as well as Mozilla. And, for the international audience, 7.1 has increased internalization that supports the global user community with fully translated GNOME interfaces in Japanese, Spanish, French, German and Italian." Moving up to the big time (ZDNet). ZDNet examines Red Hat's jump into the 2.4 kernel with their just released 7.1 distribution. "Perhaps the most important news is that Red Hat's distribution comes with improved security built in. For example, in almost all Linux distributions, the default setting is to automatically set up Internet programs like Sendmail and Apache with their open network ports, even if you don't plan to use either program. In Red Hat 7.1, these default to keep the ports closed and thus prevent would be raiders from exploiting programs that you might not even have known were running." NuSphere MySQL: Free Beer in a Tall Glass (LinuxPlanet). LinuxPlanet reviews NuSphere MySQL. "The folks at NuSphere have a good idea, and they have in effect done for the middleware tier what Linux distributions have done for the operating system tier. It would be nice to see an integrated Open Source search engine tool, and perhaps a WebDAV-aware HTML editing tool, in a future release. Even without these items, though, NuSphere is useful enough to be worth considering for business oriented server deployments." Apache 2.0 scales to Windows (ZDNet). ZDNet takes a look at the Apache 2.0 beta. "Unfortunately, this build still lacks any official administration tools, our biggest complaint with the earlier versions." The life and times of Linus Torvalds (ZDNet). ZDNet reviews Linus Torvalds biography, "Just for Fun, The Story of an Accidental Revolutionary". "He uses the Red Hat IPO, when he realized that he was actually worth something financially, as an example. ''Regardless of the image that has caught on in the press, of me as a selfless geek-for-the-masses living under a vow of poverty,'' says Torvalds, ''I was, frankly, delirious.''" Section Editor: Rebecca Sobol |
April 19, 2001 |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Announcements page. |
AnnouncementsResourcesBynari publishes series of white papers. Bynari has published a series of white papers in PDF format covering subjects from systems administration to cost analysis of using Linux for messaging platforms to setting up Outlook for use with Linux servers. Iptables Basics (Linuxnewbie.org). An introduction to IPTables has been made available over at Linuxnewbie.org. "First you need to know how the firewall treats packets leaving, entering, or passing through your computer. Basically there is a chain for each of these. Any packet entering your computer goes through the INPUT chain. Any packet that your computer sends out to the network goes through the OUTPUT chain." Linus biography. In what looks like a sort of unauthorized biography, the Softpanorama Open Source Educational Society has posted a biography of Linus and the evolution of Linux. While it carries a lot of interesting material, it could use a little editing. "After graduation Linux stayed with university for some time and as he admitted himself he actually spent most of his time working on Linux." Note: That's not a typo on our part. (Thanks to Ben De Rydt) Tip Of The Week: Shell Looping (LinuxLookup). This week's tip is on shell looping. "Linux shells offer loop constructs that allow you to iterate over some specified values. In the shell, these values are frequently generated from the output of some other command." LinuxUser issue 8. Articles from LinuxUser #8 are now available for download in PDF format. Camelot Communications to Launch Camelot Media. The 'Threads' newsletter will focus on XML, Java, Web Services, Wireless and Open Source Software. Ken North will be the Editor-in-Chief. EventsIST programme actions on free / open source software development. On May 18, 2001 IST will present a conference on free/open source software development in Brussels. David Faure, KDE developer and official representative, will give the keynote. Projeto Software Livre RS. II Forum Internacional do Software Livre presents Projeto Software Livre RS May 29 - May 31, 2001 in Brazil. Confirmed participants include Timothy Ney - president of the Free Software Foundation, Rasmus Lerdorf - creator of PHP, Kenneth Avery Coar - member of the Apache consortium, Bruce Perens and LinuxChix. Linuxdays 2001. Linuxdays 2001 takes place in St. Pölten, Austria, June 20 - June 21, 2001. Events: April 19 - June 14, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. User Group NewsFRPythoneers Meeting Notes 2001-04-16. The meeting notes for the April Front Range Pythoneers meeting are available. There is quite a bit of detail which should be of interest to Python programmers everywhere. 2nd Magdeburger Linuxtag. On May 18 and May 19, 2001 the Magdeburger Linux User Group and their partners present the 2nd Magdeburger Linuxtag in Magdeburg, Germany. Hot Springs Educational Technology Institute conference. The Hot Springs lug will be presenting 6 formal workshops over the 4 days of the conference, June 11 - June 14, 2001. You must be signed up in advance for the workshops, and space is going fast. LUG Events: April 19 - May 3, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. |
April 19, 2001 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software AnnouncementsHere are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways: The Alphabetical List and Sorted by license |
Our software announcements are provided courtesy of FreshMeat
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux History page. |
This week in Linux historyThree years ago (April 23, 1998 LWN): Linus announced "Linus 3.0". A girl, 3270g (7lb 3oz), otherwise known as "Daniela." Netscape, Sun, Oracle, and others formed a group called "ProComp" to "promote" competition in the computer business - by bringing down Microsoft. Those famous high-tech figures Robert Bork and Bob Dole were brought in to help. But before Bork sits down in an attempt to rewrite the law, he will need to brush up on his knowledge of the Internet. "I am going to have to analyze something about this technology," he said at Monday's news conference. "My wife gets on the Internet, but she'll have to teach me about it." Three years ago, LWN editorialized that the best thing to do about Microsoft was to ignore it and build the best free system we could. In the year 2001, it's easy to believe that Linux has done more for competition in the software world than Bork and Dole ever did. Two years ago (April 22, 1999 LWN): Caldera released OpenLinux 2.2, becoming the first major distribution to come out with the 2.2 kernel. Nicholas Petreley raved about it in InfoWorld. He predicted that this version would challenge Linux on the desktop, mostly by making it easier for Windows users to install Caldera OpenLinux without losing Windows. Caldera isn't the perfect answer to Linux on the desktop. But even with a minor flaw or two, Caldera OpenLinux is at least 51 weeks closer to being perfect than I ever would have imagined. In short, Bill had better get out of the way. Because it looks like an 18-wheeler is unexpectedly barreling down the road in his direction. In spite of Mr. Petreley's predictions, Linux remains under-utilized on the desktop. Corel announced that its upcoming distribution would be based on Debian and KDE. The gcc and egcs projects agreed to merge, bringing an end to a long and sometimes destructive fork in one of the more important free software projects. The end result is called "gcc," but was based mainly on the egcs code base. The birth of Evolution? Miguel de Icaza posted this note exploring the need for a truly powerful mail client. The Mindcraft benchmark (mentioned in last week's history page) spawned a flurry of articles, mostly defending Linux. Mindcraft admitted that its Linux system was not tuned at all, while its NT system was tuned very well for the test. In this ZDNet article looked at some of the reasons that NT was able to beat Linux in this test and what Linux needed to do to improve in the future. For one thing, there's a useful lesson here for Linux resellers and integrators. Linux tuning information is hard to gather up. Yes, it's there. But, it really requires an expert Linux user to find it. If Linux is to win commercially, information known only to Linux gurus and hidden away in a dozen Web sites needs to be gathered together and made more readable and approachable. For new users, learning advanced Linux is still much too difficult. Tuning information may be no easier to find two years later, but one important thing has changed: far less tuning is required, in many cases, to get Linux to perform well. Jesse Berst wrote this ZDNet article. He accuses Linus Torvalds of taunting Microsoft during a Spring Comdex keynote in which Linus predicted Linux would crush Microsoft. Later on Jesse writes: Peer past the posturing and PR boasting on both sides, and here's what's really going on: Linux is making steady progress on the server side, especially for must-stay-up installations. But it's making no dent in Windows NT's growth as the standard OS for departmental servers. And it is light years away from being a threat to anybody on the desktop. Well Linux has made a serious dent into server market now, and while not quite "there" on the desktop, "light years away" seems like quite an exaggeration. Tim O'Reilly had a somewhat different point of view. During an interview he said, If the open-source community doesn't get it, they are going to end up fighting the old battle trying to win on the desktop. But you know, who cares about the desktop? The web is the platform. What you want to be is like 'Intel inside' - you want to be like 'open source inside' for the next generation. These days we do see 'open source inside' for a large segment of the web, and in many other spaces as well. One year ago (April 20, 2000 LWN): A back door was found in Microsoft's FrontPage server software. It was apparently deliberately inserted by a Microsoft engineer and had been there for years. Eric Raymond had some things to say about it. Webmasters all over the world are going to be pulling all-nighters and tearing their hair out over this one. That is, webmasters who are unlucky enough to work for bosses who bought Microsoft. At the over 60% of sites running the open-source Apache webserver, webmasters will be kicking back and smiling -- because they know that Apache will *never* have a back door like this one. "Never" was, perhaps, a bit strong. There have been a couple of "back door" issues with free software recently, but they tend to be the sort of exception that provies the rule. Consider, for example, the back door found in InterBase shortly after the code was released. Brendan Shea became the first new Debian maintainer in a long time, showing that the new maintainer process was finally working again. The ugly stock market hit in force when several Linux stocks, including VA Linux Systems, Caldera, and Andover.Net, fell below their initial offering prices for the first time. Of course, people holding those stocks now would see the prices of a year ago as a very nice thing... VA Linux, which traded at $320 a share following its IPO in December, went into a freefall almost immediately and hit a low of $26.88 last week. Thats below its IPO asking price of $30. Larry Augustin, chief executive of VA Linux, which makes Linux-based computers, has seen his personal wealth plummet from a post-IPO $2 billion to just over $200 million. That doesn't even get you a table near the kitchen in Silicon Valley.
Corel's Linux distribution was selling well. The company had just released Corel Linux with German, French and Dutch support. The press release claimed that this was the "First Multilingual Linux O.S.", which was not true. In a ZDNet story about Corel's chances of survival a variety of factors from plunging stock prices to allegetions of insider trading by then CEO Michael Cowpland. [CTO Derek] Burney says Corel pretty much owns the Linux desktop market, though there is competition. Both Caldera Systems and Macmillan USA, for example, sell Linux for the desktop on retail shelves for $10 to $20 less than Corel's Linux. Mentioned too, is the expected merger between Corel and Inprise, which never happened. The general conclusion was that Corel would survive if it could make Linux work for them. While Corel still supports Linux for some software, the company (with funding from Microsoft), has headed back to its Microsoft roots, sans the beleaguered Cowpland. The Linux Standard Base project announced the release of version 2.1 of the Filesystem Hierarchy Standard.
|
April 19, 2001 |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Letters page. |
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. |
April 19, 2001 |
From: Charlie Stross | ||
From: "Lou Grinzo" | ||
From: Nathan Myers | ||
From: Richard Stallman | ||
From: Havoc Pennington | ||
From: Jim Dennis | ||
From: "John D. Rowell" | ||
From: M Carling | ||