[LWN Logo]
[LWN.net]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests


Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

Other LWN stuff:
 Daily Updates
 Calendar
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Archives/search
 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials


Linux distributors are branching out in their attempts to find ways to make money with free software. Here's a couple of interesting announcements from the last week:
  • As expected, Red Hat announced the availability of the "Red Hat E-Commerce Suite." This offering is a bundling of Red Hat Linux 7.1, PostgreSQL (oops, that's "Red Hat Database"), Apache, Interchange (once known as "MiniVend"), and "CommerceLauncher," a web-based configuration tool.

    The components of the E-Commerce Suite are all open-source tools, so one could build the equivalent of this suite without having to pay for it. (In practice, though, CommerceLauncher is currently only available if you buy the E-Commerce Suite; presumably it will escape into the wild eventually). Red Hat is hoping that it will be able to convince people to pay the subscription fee ($275/month) to get a combination of an integrated platform and associated update and support services. There will also be, of course, additional consulting services for an appropriate fee.

  • Turbolinux has announced the delivery of a "tailor-made Linux package" to The Credit Index, which does credit risk modeling for catalog marketers. It's an S/390 distribution which fits the mainframe world to the degree that it can be installed from a 3490 tape drive. Amusingly, Turbolinux touts its 2.4.5 kernel, which it claims is "the latest version." More seriously, though, Turbolinux has put together a specialized install of its distribution to meet the (intense) needs of a specific company.

The common thread here shows where the money may really be in the Linux distribution business: providing integrated solutions that "just work." Linux enthusiasts are happy to pull together software from several sources and make the combination work well. People who are experimenting with deploying Linux in their companies often prefer not to have to do that; if they can get a single CD set (or 3490 tape) with everything they need, their lives are easier, and they feel more confident in proceeding.

So it would not be all that surprising to see the number of distributions actually increase in the future, even if the number of distributors drops. And the real winners may be the company that can crank out special-purpose, customized distributions in a way similar to how Dell cranks out computers. Customers who get exactly what they need tend to come back for more.

On the costs of full disclosure. A message on the Bugtraq list asked can we afford full disclosure of security holes?. The motivation for the posting was, of course, the Code Red worm, which, according to some of the more breathless accounts, has cost billions of dollars worldwide. Implicit in the posting is a claim that Code Red would not have happened in the absence of the advisory and exploit posted by eEye.

eEye, of course, denies (convincingly) that its advisory enabled the Code Red worm in any way. But what if it had? Is full disclosure of security vulnerabilities an irresponsible act?

In the proprietary software world, it is tempting to say that only vendors should be given details of vulnerabilities. They can then fix the problem and get patches in the hands of their customers without making exploit information available to the bad guys. This view misses some important points, however. One is that malware authors will figure out the problems anyway; a clever cracker with debugging tools will be able to determine just what problems a binary vendor patch fixes. Even if the license agreement says they can't do that. Vendors also tend to be slow about fixing problems until there is a real need. Independent vendors of security products and services have a legitimate interest in the details of security problems.

But the real point is that those who use buggy software - and that is all of us - have a right to know about the problems in the programs we run on our systems and depend on. Proprietary software vendors, of course, like to withhold such information; that has a lot to do with why many of us use free software instead.

In the free software community, there really are no alternatives to full disclosure. Once the source for a patch has been released, all the details are easily available anyway. And the free software community only benefits from its preference for not hiding problems in general.

So free software users need not be involved in this debate. But the truth of the matter is that the situation is not all that different for proprietary software. The information will get out - crackers have a sort of full disclosure policy of their own. Anything other than full disclosure on the "white hat" side serves only to put people with vulnerable systems (i.e. all of us) at a disadvantage.

LWN Coverage of the O'Reilly Open Source Convention. [shared source panel] Better late than never... Dennis Tenney reports on the 2001 O'Reilly Open Source Convention in San Diego, CA. The report covers the conference happenings, and includes interviews with Bruce Momjian, Bruce Perens, Guido van Rossum, and Jim Fulton.

A note to our readers. A few of our readers with eagle-eyes will have noticed that Managing Editor Liz Coolbaugh's name has been missing from the section by-lines for a couple of weeks. Here's the scoop: Liz has been ordered by her doctors to take a medical leave of absence and will therefore not be contributing directly to the journalistic side of LWN.net for a period of time. Liz, get some rest, we're looking forward to having you back.

Those who are interested should see the message to our readers from Liz.

Meanwhile, the rest of us are clearly going to have to scramble to fill the gap left by Liz's absence. This scrambling will likely include cutting back on LWN's content for a while; we're still working on what the exact changes will be, but they will be intended to keep LWN on a sustainable basis while not sacrificing that which makes us truly valuable to our readers. Stay tuned.

Inside this LWN.net weekly edition:

  • Security: Warhol worms; fun with fetchmail.
  • Kernel: Noise over the SB Live update; where to send patches?
  • Distributions: Mission Critical layoffs, Mandrake releases 2 new distributions.
  • On the Desktop: theKompany rumbles, Loki stumbles, and Miguel humbles (Windows, that is).
  • Development: PLEAC project, Vorbis RC2, GNOME-DB, Linux backups, Web services, exponential Python growth.
  • Commerce: IDC survey shows Linux growth, Linux and TeraGrid, KDE 2.2, RedHat E-Commerce suite, TurboLinux on the S/390.
  • History: GNOME's beginnings; standards battles; Red Hat goes public.
  • Letters: Fair use and first sale; astroturfing; Mono.
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:


August 16, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Security page.

Security


News and Editorials

Warhol worms? Nicholas C Weaver has done a worst-case analysis on just how quickly a virulent worm could infect essentially all of the vulnerable systems on the net. The answer: 15 minutes. One could quibble with the details and assumptions of the analysis, but the answer remains the same. A carefully-written worm could propagate worldwide in a very short period of time.

This, of course, is a scary result. In 15 minutes, very little can be accomplished with things like security alerts, worm analysis, and patches. By the time anybody knows there is a problem, it's over.

Some malware writer is sure to see an analysis of this type as a challenge; the probability of a high-speed worm in the near future seems high. The net, as it stands now, is a frighteningly vulnerable place.

The August CRYPTO-GRAM newsletter. Bruce Schneier's CRYPTO-GRAM newsletter for August is out. Topics discussed include Code Red and the arrest of Dmitry Sklyarov.

The truth is that we all got lucky. Code Red could have been much worse. It had full control of every machine it took over; it could have been programmed to do anything the author imagined, including dropping the entire Internet. It could have spread faster and smarter. It could have exploited several vulnerabilities, and not just one. It could have been stealthier. It could have been polymorphic.

The newsletter also points to a biography of 'Alice' and 'Bob' by John Gordon that is well worth a read.

Against all odds, over a noisy telephone line, tapped by the tax authorities and the secret police, Alice will happily attempt, with someone she doesn't trust, whom she cannot hear clearly, and who is probably someone else, to fiddle her tax returns and to organize a cout d'etat, while at the same time minimizing the cost of the phone call. A coding theorist is someone who doesn't think Alice is crazy.

Security Reports

Buffer overrun vulnerabilities in fetchmail. "antirez" (Salvatore Sanfilippo) has posted an advisory regarding two buffer overrun vulnerabilities in the much-used fetchmail program. Given a hostile server, arbitrary code can be run on the system running fetchmail. The solution is to upgrade to fetchmail 5.8.17. Distributors have been a bit slow in coming out with updates; here's what we have so far.

Debian security update to Window Maker. The Debian Project has issued a security update to Window Maker fixing a buffer overrun problem that could, conceivably, be exploited remotely.

Debian groff update. Debian has posted a security advisory for groff to address printf format string vulnerabilities. No other distributors have yet issued updates for this problem.

Local root vulnerability in TrollFTPD. The TrollFTPD FTP server contains a buffer overflow problem which could result in root access for local users. The solution is to upgrade to version 1.27 or later. Note that the Pure-FTPd server, which is derived from TrollFTPD, is not vulnerable to this problem.

web scripts. The following web scripts were reported to contain vulnerabilities:

  • A vulnerability exists in the phpBB bulletin board system, versions 1.4.0 and earlier, which can allow an attacker to execute arbitrary code on the server. Upgrade to 1.4.1 or later to fix the problem.
  • NetCode NC Book 0.2b (a perl-based guest book) has a vulnerability which allows command execution on the server.

Proprietary products. The following proprietary products were reported to contain vulnerabilities:

  • Xerox has a firmware upgrade available for N40 printers which, it seems, do not handle Code Red scans well. Of course, one could question the wisdom of putting a network printer in a place where it is exposed to Code Red attacks in the first place.

Updates

Vulnerabilities in Horde IMP Horde IMP has several vulnerabilities which are fixed in version 2.2.6; see Bugtraq ID's 3066, 3079, 3082, and 3083 for more details.

Previous updates:

Denial of service vulnerability in OpenLDAP This problem was first identified in a CERT advisory issued in July, 2001. It was covered in the July 19, 2001 LWN security page.

Previous updates:

Procmail race conditions. See the July 26 Security page for the initial report.

This week's updates:

Previous updates:

Squid httpd acceleration ACL vulnerability. This vulnerability could result in unauthorized access to the squid server. See the July 26 Security page for details.

This week's updates:

Previous updates:

Multiple vendor telnetd vulnerability. This vulnerability, originally thought to be confined to BSD-derived systems, was first covered in the July 26th Security Summary. It is now known that Linux telnet daemons are vulnerable as well.

This week's updates:

Previous updates: Buffer overflows in xloadimage This problem was first covered in the July 12 Security page.

Previous updates:

Yellow Dog catches up. A major flurry of security updates came out for the Yellow Dog Linux distribution this week. Many of them were dated in July, but didn't hit the net for a while thereafter. Beyond the ones mentioned above, the new updates include (with links to the first coverage of the vulnerabilities in LWN):

Progeny also gets moving. Progeny Linux systems also caught up on its security updates this week. Beyond the alerts listed above, we have:

Resources

The Log Analysis mailing list has been announced. This list exists for people interested in setting up and using a central logging infrastructure; "most of the discussion will focus on the care and feeding of syslog"

Linux Advisory Watch. The LinuxSecurity.com Linux Advisory Watch for August 10 is out, as is the Linux Security Week Newsletter for August 13.

Linux IPsec Gateways Using FreeS/Wan. SecurityFocus has put up a beginner's article on setting up FreeS/WAN. "FreeS/WAN has one interesting feature that makes it distinct from most other IPsec implementations: DES encryption is unsupported. According to the FreeS/WAN home page, 'DES is, unfortunately, a mandatory part of the IPSEC standard. Despite that, we will not implement DES. We believe it is more important to provide security than to comply with a standard which has been subverted into allowing weak algorithms.'"

A new system fingerprinting tool. Xprobe is a new operating system identification tool by Ofir Arkin and Fyodor Yarochkin. It claims more accurate results while needing to send fewer probes to the target system; there is also a white paper describing how it all works.

Snort 1.8.1 has been released. It contains a number of fixes and new features; see the announcement for details.

Events

Upcoming Security Events.
Date Event Location
August 16 - 17, 200110th USENIX Security Symposium 2001 ConferenceWashington, D.C.
September 11 - 13, 2001New Security Paradigms Workshop 2001(NSPW)Cloudcroft, New Mexico, USA
September 28 - 30, 2001Canadian Association for Security and Intelligence Studies(CASIS 2001)(Dalhousie University)Halifax, Nova Scotia, Canada.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Jonathan Corbet


August 16, 2001

LWN Resources


Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Security Projects
Bastille
Linux Security Audit Project
Linux Security Module
OpenSSH

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Turbolinux
Yellow Dog Errata

BSD-specific links
BSDi
FreeBSD
NetBSD
OpenBSD

Security mailing lists
Caldera
Cobalt
Conectiva
Debian
Esware
FreeBSD
Kondara
LASER5
Linux From Scratch
Linux-Mandrake
NetBSD
OpenBSD
Red Hat
Slackware
Stampede
SuSE
Trustix
turboLinux
Yellow Dog

Security Software Archives
munitions
ZedZ.net (formerly replay.com)

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
LinuxLock.org
LinuxSecurity.com
Security Focus
SecurityPortal

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Kernel page.

Kernel development


The current kernel release is 2.4.8, which was announced by Linus on August 10. It includes much of the recent virtual memory work, many fixes, a new emu10k1 driver (see below), and a bunch of unspecified stuff from the "ac" releases.

On the prepatch front, Linus is, as of this writing, up to 2.4.9pre4; it contains a number of fixes, but, unless you've been bitten by a 2.4.8 bug or have a need to export VFAT filesystems over NFS, there's not too much that's exciting.

Alan Cox's latest is 2.4.8ac5. Included in this patch is a substantial set of IDE driver updates, a number of ReiserFS portability fixes, the integration of the intermezzo distributed filesystem code, the beginnings of the merge of the 64-bit PowerPC code, and a great many other fixes and updates. It's currently missing the virtual memory and emu10k1 code from 2.4.8. According to Alan: "This is a fairly experimental -ac so please treat it with care."

SB Live gets an update. The most controversial change in 2.4.8, perhaps, is the inclusion of a new emu10k1 (SB Live) driver. This patch was put together from the Creative Labs CVS archive by Robert Love. Mr. Love is not the official emu10k1 maintainer - but, then, it's not at all clear who is. The driver packaged with the kernel had not been updated for a year, and had a number of known problems.

Of course, the new driver also has some problems - in some cases breaking things for people who had a working system before. Stable kernels aren't really supposed to break things that way, so there has been a certain level of disgruntlement. Some of the new problems, at least, are easy to fix; those who build the driver as a module should go with the 2.4.9 prepatches or apply this patch. Some of the other problems may require some more serious debugging work.

It probably will not take very long before the inclusion of the new driver looks like a good thing to all involved. The old driver was clearly stagnant and in need of attention; the new one fixes a number of known problems, meaning that it actually works for some people for the first time. Development activity has already picked up, patches to enable more features and fix some problems, enable even more features, and add documentation have found their way onto the list. With luck, long-suffering Linux emu10k1 users will be much happier soon.

Where should patches go? As the "ac" series looks increasingly like the anteroom to the official Linux kernel, some kernel hackers have been known to wonder where their patches should go. Should they go to Alan, to Linus, or to both? Things are not helped by the fact that patches sent to Linus often seem to simply disappear into the void. An acknowledgement (or explicit rejection) from the Great Penguin is rare.

The answer from Linus is pretty straightforward: he wants to see the patches, even if he has silently dropped them in the past:

Re-sending is always the right thing to do. Sometimes it takes a few times, and you can add a small exasperated message at the top by the third time ("Don't you love me any more?").

This system evidently works for Linus, but it does leave some of the other developers wondering just what is going on. A more organized approach to patch management has been advocated many times, but it doesn't ever seem to happen. Linus likes things the way they are.

Logical Volume Manager updates. Heinz J. Mauelshagen has announced the 1.0 release of the Logical Volume Manager (LVM) for Linux. With this release, LVM is said to be stable and production ready. Note that, for those currently running an LVM release older than 0.9.1-beta8, there are some upgrade issues; be sure to read the instructions carefully.

Chris Mason has released a patch which makes LVM snapshots work properly with ReiserFS (and other filesystems as well). There is also an updated version that works with the recent superblock handling changes.

Other patches and updates released this week include:

  • Jens Axboe has posted a new version of his patch which enables DMA I/O from high memory without the use of bounce buffers. The patch has since been revised and somewhat mixed up with some work by David Miller supporting 64-bit DMA operations. This work, when integrated (it's aimed at 2.4), should prove most helpful for performance on high-end systems.

  • Richard Gooch has released devfs v186 and v187 which fix some bugs and make more drivers work with devfs. There is also a new devfsd release available.

  • User-mode Linux 0.45-2.4.8 is out, with a number of bug fixes and some new features (such as the PowerPC port) as well.

  • Ulrich Windl has released a version of his PPSkit (nanosecond timekeeping) patch for 2.4.7.

  • A spinlock debugging patch was posted by Brent Baccala.

  • A new security module patch has been posted by Greg Kroah-Hartman. Also available is a proposed system call interface for security modules.

  • Rik van Riel has announced a wiki page for those who would like to discuss or complain about Linux memory management.

  • We have an update from the Functionally Overloaded Linux Kernel project. It suffered a bit of a setback in its quest to build the most heavily endowed kernel when ext3 and PPC64 went into the "ac" series, but has fought back fiercely by adding pipe and socket ACLs and the CueCat driver. "Further work on finding obscure work is clearly necessary, though."

Section Editor: Jonathan Corbet


August 16, 2001

For other kernel news, see:

Other resources:

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Distributions page.

Lists of Distributions
distrowatch
ibiblio
Kernelnotes
Linux.com
LinuxLinks
Woven Goods

Embedded Distributions:
3ilinux
Bifrost

BluePoint Embedded
Compact Linux
Coollinux
DSPLinux
ELinOS
ELKS
Embedded Debian
Embedix
Etlinux
FlightLinux
Hard Hat Linux
Jailbait
Linux/Coldfire
LEM
Midori
NeoLinux
OnCore Systems
PeeWeeLinux
RedBlue Linux
RedIce-Linux
Royal Linux
RTLinux
Tynux
uClinux
White Dwarf Linux

Handhelds/PDAs
Agenda-VR
Familiar (iPAQ)
Intimate (iPAQ)
Linux DA
PocketLinux
PsiLinux

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux
SmoothWall

Floppy-based
Brutalware
BYLD
Coyote Linux
DLX
Fd Linux
Fli4l (Floppy ISDN/DSL)
floppyfw
Floppix
FREESCO
Linux in a Pillbox (LIAP)
Linux Router Project
LOAF
muLinux
Nuclinux
Proxyfloppy
ShareTheNet
Small Linux
Tomsrtbt
Viralinux_II

CD-based
BasicLinux
BBLCD Toolkit
CDLinux
Crash Recovery Kit
DemoLinux
Devil-Linux
Finnix
Gibraltar
innominate Bootable Business Card
Linuxcare Bootable Business Card
LNX-BBC
MkCDrec
RunOnCD
Sentry Firewall
SuperRescue
Timo's Rescue CD
Ututo
Virtual Linux

Zip disk-based
NBROK
ZipSlack

Small Disk
hal91
MicroLinux
--> Peanut Linux
PKLinux
Relax Linux
TA-Linux
Tomukas
ttylinux
VectorLinux

Wireless
Bambi Linux
Flying Linux

Hardware-specific
(ARM)
ARM Linux
(Beowulf)
Scyld Beowulf
(IBM)
Think Blue Linux
(Oracle's NIC)
NIC Linux
(PA-RISC)
PA-RISC Linux
(Playstation)
Runix
(PowerPC)
Black Lab Linux
LinuxPPC
MkLinux
Yellow Dog
(Sparc)
Splack
UltraLinux
(Older Intel)
ClarkConnect
Monkey Linux
TINY

DOS/Windows install
Armed Linux
DragonLinux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools
K12LTSP
LTSP
Pygmy
Xdenu

Distributions


Please note that security updates from the various distributions are covered in the security section.

News and Editorials

Mission Critical Linux makes layoffs (ZDNet). Rumors say Mission Critical is up for sale, with Red Hat the expected buyer. "Mission Critical Linux has laid off much of its marketing staff and says it's developing business partnerships that will take care of publicizing its high-end Linux software. But some think the moves herald an acquisition by Linux leader Red Hat. About 17 Mission Critical Linux employees were laid off, less than 20 percent of the hundred or so total employees on staff."

Conectiva launches 7.0. Here's the press release for the launch of Conectiva 7.0. Of course, LWN Weekly readers learned about this release on August 2...

Debian adds XFree86 4.1. According to their weekly news site, Debian has added the XFree86 4.1 distribution to their unstable branch.

New Distributions

New Red-Hat based Sparc distribution planned. A posting to the sparc-list@redhat.com mailing list has noted that a new Sparc distribution is in the works, though not necessarily sponsored by Red Hat.

Castle. Castle is a new distribution - as far as we can tell - from a Russian group called Alt Linux. This distribution appears to be a security-enhanced distribution with full Rule Set Based Access Control (RSBAC) support aimed primarily at server systems. Most of the information at the main site is in Russian though the Freshmeat site may provide a little more detail in English.

Distribution News

Debian Weekly News. The latest edition of the Debian Weekly News carries news that a German supermarket chain has switched over about 480 systems to Debian GNU/Linux. Also in this edition: XFree86 4.1 was added to the unstable branch, another project to get OpenOffice on Debian, and news of a Debian-based thin client product.

Mandrake news. Lots of news from Linux-Mandrake this week, including two new distribution releases.

  • Linux PowerPC 8.0 Release Candidate.  Mandrake Linux announced a new release candidate for the PowerPC - Mandrake Linux PowerPC 8.0 was made available for PowerPC G3 and G4 systems early this past week.

  • MandrakeFreq #3.  A new edition of the MandrakeFreq release also made its way to download sites this week. MandrakeFreq is the "bleeding edge" software distribution for people who can afford to experiment with possibly unstable software.

  • Mandrake Linux Community Newsletters #8 & #9.  A couple of editions of the Mandrake Linux Community Newsletter have been forwarded to LWN this week. Some of the topics covered in edition #8 include a summary of the Mandrake IPO news, sound device support in Mandrake, and installing modems.

    Issue #9 includes announcements for the recent MandrakeFreq and PPC releases, and a case study of the use of Mandrake at a film company in Toronto.

SuSE sells Linux for IBM iSeries models (ZDNet). SuSE is now shipping a version of its distribution that works with IBM's iSeries of servers. The new distribution runs along side IBM's standard OS/400. The new version will retail for about $178US.

Minor Distribution updates

Coyote Linux 2.2. Coyote Linux, a single floppy distribution of Linux that is derived from the Linux Router Project, was rev'd to version 2.2 this past week. The updates in this release provide minor bug fixes.

JBLinux 2.2. JBLinux, a Linux distribution designed primarily for security and performance, was upgraded to release 2.2 this past week. This release marks a major enhancement to the product, including support for the jfs filesystem, software RAID support, XFree86 4.1.0, Mozilla 0.9.3, Galeon 0.12pre1, Evolution 0.12, and AbiWord 0.9.

Midori Linux 1.0.0. The third beta release of Transmeta's Midori Linux 1.0.0 is now available for download. Highlights of this release include the inclusion of the 2.4.6 kernel, XFree86 4.0.3 (with X starting in init instead of from Xinitrc), and complete compilation support on Red Hat 7.1.

Mindy Linux 0.37. A new release of Mindy Linux was made available this past week to add a few minor feature enhancements, such as support for OSS kernel modules and better log messages.

Sorcerer GNU Linux snapshot 20010810. Sorcerer GNU Linux is a source-based ix86 Linux distribution designed for advanced Linux administration. A new snapshot was released to address a problem where LILO was failing to install a boot block.

ttylinux. ttylinux was rev'd again this week, to version 1.10. This is a minimalistic Linux distribution that can fit in 2.88 MB of disk space.

Distribution Reviews

Which Linux? (Byte). Byte's Jerry Pournelle looks at Linux-Mandrake and Slackware. "In our case, Mandrake turned on some processes that got in the way, and the USB support wasn't quite what we needed. After a week of frustrations: lost radio signal, slow fail-over to the NetWinder and its landline modem, unexpected logouts, difficult to impossible FTP, alternating with intervals in which everything worked just fine, Dan bowed to the inevitable and scrubbed Mandrake. Four hours later the system came up under Slackware. There were a couple of tweaks to FTP, and then ? nothing. It works. It's reliable. It's fast, and far more secure than a Windows 2000 system would be."

Section Editor: Michael J. Hammel


August 16, 2001

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.


Leading
Caldera OpenLinux
Debian GNU/Linux
Linux-Mandrake
Red Hat
Slackware
SuSE
TurboLinux

Also well-known
ASPLinux
Best Linux
Conectiva Linux
e-smith

Progeny
Rock Linux

Non-technical desktop
easyLinux
Icepack Linux
Independence
LibraNet
Redmond Linux
WinSlack

Education
Boston University
kmLinux
LinuxFromScratch
OpenClassroom
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
BearOps
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
cLIeNUX
Complete Linux
Console Linux
Corel Linux
CRUX
Darkstar Linux
DLite
easyLinux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
FTOSX
FullPliant
Gentoo
Go!Linux
HA Linux
Halloween Linux
HispaFuentes
IceLinux
Ivrix
ix86 Linux
J-LINUX
JBLinux
Jurix
KRUD
KSI-Linux
Lanthan Linux
Laonux
LASER5
Leetnux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
LinuxPPP
Linux Pro Plus
Linux-SIS
LNX System
LoopLinux
LSD
Lute Linux
MageNet
Mastodon
MaxOS
minilinux
MSC.Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
PLD
Project Ballantain
PROSA
Rabid Squirrel
Repairlix
Root Linux
Scrudgeware
Serial Terminal
Sorcerer
spyLinux
Stampede
Stataboware
TechLinux
TimeSys Linux/RT
Tom Linux
Trinux
Turkuaz
Ute-Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WholeLinux
WinLinux 2000
XTeamLinux
ZipSpeak

Country-specific
Argentina
GNU/Linux Ututo
Britain
Definite Linux
Eridani
China
COSIX
Red Flag
France
Linux/MNIS
Italy
LinuxEspresso
Madeinlinux
Vedova
Spain
Linux Esware
Thailand
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
Dualix
Gentus
Giotto
MCC Interim Linux
OS2000
Storm Linux


   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's On the Desktop page.


Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Office Suites
Ability (*)(w)
Anywhere Desktop (*)
(formerly "Applixware")
GNOME Office
HancomOffice
KOffice
StarOffice / OpenOffice
Siag Office
WordPerfect Office 2000 (*)(w)

Java / Web Office Suites
ThinkFree Office (*)
Teamware Office (*)
Cybozu Office (*)

Desktop Publishing
AbiWord
iceSculptor (*)
Impress
Maxwell Word Processor
Mediascape Artstream (*)
Scribus

Web Browsers
Mozilla
Netscape (*)
Opera (*)
Konqueror
Galeon

Handheld Tools
KPilot
JPilot
Palm Pilot Resources
Pilot Link
SynCal

On The Desktop


theKompany rumbles while Loki stumbles  While the Linux desktop marketplace may be quaking another victim, it still hasn't taken all the competitors out of the game. In an interview on The Linux Show, theKompany's President and CEO Shawn Gordon, along with lead engineer Peter Harvey, talked about the pains and successes of application development on Linux.

According to the interview (which is available in both MP3 and RealAudio formats) TheKompany was looking for something less restrictive for application infrastructure than the GPL when they got started. They wanted that infrastructure to be pervasive in Linux distributions so that they could then build applications on top of that. Kivio, a chart tool, was the first project built on this model and it has been very successful. Lately they've added some alpha blending features and other behind-the-scenes enhancements that they feel will, in the long term, turn Kivio into a generic vector graphics tool. However, they only touched on this subject momentarily and offered no time frame for such a release.

Much of the interview centered on licensing issues. Shawn says that those who spend money on something, referring to end users, are less likely to give it away. The GPL is difficult for him to work with, though their Aethera (PIM/Groupware application) is GPL. The idea they want to work with is to have commercial plug-ins. They would like to make some of those plug-ins closed source - something which would help to guarantee income. The GPL (and LGPL) can confuse developers on how to make this happen. The problem is how to protect a going concern - the company and its employees - from the reduction of income that might happen with a too freely redistributable product. Gordon says that integrating open source ideals with commercial needs is a tough thing to balance.

Lately theKompany has been working with TrollTech to make their applications work across platforms. They started with BlackAdder - a GUI based Python IDE. Their first product to use Qt3 (TrollTech's latest edition of their cross platform graphical toolkit) was Data Architect, which is now available on multiple platforms. The advantage of cross platform tools like Qt3 is that vendors don't have to ship multiple copies of their product for multiple platforms. One copy, many systems - that reduces developer time wasted on packaging and recompiling, not to mention reduction in the overhead (labor and costs) of maintaining all those platforms. That makes tools like cross platform Qt3 very attractive.

TheKompany focuses on developer and desktop tools. Eventually they'll look at vertical markets including plug-ins and groupware tools more seriously. Gordon says that other than Peter Harvey, (who was also on the show) he's never met any of his employees - it's truly a virtual company. "I'm not even sure if they all speak english, but they can write it," he says. They often solve problems using nothing more than ICQ.

Gordon says that Kapital, their Quicken like tool, was been the biggest seller initially, but the other applications are catching up. "Kapital was the number one thing people had been asking for," which is the incentive they used to start work on the program.

Loki releases Kohan but still files for Chapter 11  Loki Entertainment Software has filed for Chapter 11 - short term protection from creditors while they devise a plan to get back into the game. They aren't down for the count just yet, but the clock may be ticking for a community favorite. A report in The Linux Review pointed readers to a PDF copy of the bankruptcy notification letter, dated August 7th, 2001.

Before word broke of the filing, Loki and TimeGate Studios released a demonstration version of Kohan: Immortal Sovereigns for Linux. The full version is to be released sometime in the near term, with pricing still to be determined.

Hopefully, this popular Linux company will find a way to weather the economic downturn that has slowed the growth of Desktop Linux.

Is Linux ready for the corporate desktop?  Miguel de Icaza has written a piece for ComputerWorld online showing how the Linux Desktop is not a thing of the future, the a phenomenon of the present.

Building on the Gnome project and the contributions of free software developers worldwide, the Ximian Gnome desktop environment provides more than a dozen productivity applications, including a Web browser, e-mail client, word processor, spreadsheet and photo/image editor, as well as personal finance, instant messaging and multimedia tools.Building on the Gnome project and the contributions of free software developers worldwide, the Ximian Gnome desktop environment provides more than a dozen productivity applications, including a Web browser, e-mail client, word processor, spreadsheet and photo/image editor, as well as personal finance, instant messaging and multimedia tools.

Note that while he does plug Ximian in a few places, he also mentions KDE in a few as well. The gist of the article is that the Linux Desktop is making inroads in business and government today, and will continue to do so for at least the next few years.

Calendaring updates.  Last week's note on the ical calendar program brought news that while the program has been dropped by its author, you can still pick up versions of the software online from both Scriptics and the NetBSD repository. Thanks to Geoff Burling for pointing that out (from a note by Larry W. Virden on the pilot-unix mailing list).

Another option we missed is the open source PHPGroupWare solution. This is a web based solution, but running with PHP as an open source project it's certainly one worth investigating.

And finally, one other groupware calendaring option, with native (though Motif based) Linux clients and servers is CorporateTime, from Steltor. This package appears to fill all the requirements of a group calendaring system including conflict resolution and client/server encryption options. Additionally, clients exist for Windows, Mac and Linux, making it fit easily into existing and evolving workplaces. (Thanks to Steve Phillips)

ReefKnot correction  Last week's discussion on calendaring solutions included a reference to the ReefKnot project. LWN.net mistakenly noted Dan York of e-smith as playing a pivotal role in that project. Dan replied that he has never been a part of ReefKnot but that some of his coworkers are:

The credit for Reefknot goes entirely to Shane Landrum (srl), Kirrily Robert (Skud), Rich Bowen, Martijn van Beers, and the host of other developers working on the project.

Our apologies to all involved. We hope this sets the record straight.

Desktop Environments

KDE 2.2 ships. Here's the press release announcing the availability of KDE 2.2. It includes no end of new stuff, including improved performance, better HTML rendering, IMAP support in KMail, printing improvements, and much more. See the changelog for the full list.

LWN.net will have more on KDE 2.2 after LinuxWorld, where we're scheduled to talk with members from the KDE League.

Netscape Releases Non-Beta Version 6.1 Browser Suite. It's official, less than a week after marking another preview beta release, AOL made Netscape 6.1 available. The download page no longer references a beta version, but downloads are probably pretty slow right now.

Kernel Cousin KDE Issue 30. Kernel Cousin KDE #30 was published this week, covering topics including the KDE Usability project, speed enhancements, an improved Konqi, and KDE 3.0 plans.

Office Applications

Gnumeric 0.69 released. Gnumeric 0.69, codenamed "diaper duty," has been released. It's mostly a bugfix release, but there are a few new features, including Psion import support.

AbiWord Weekly News. The 56th edition of AbiWord Weekly News is now online. Updates include news of the 0.9.1 (and upcoming 0.9.2) release, the result of a new policy of frequent releases leading to the 1.0 release and a long thread on the discussion list regarding UI improvements.

Late to press, but just barely in time, comes news of a new release from the AbiWord team: AbiWord 0.9.2 is another bug fix release on the way to 1.0.

Desktop Applications

Opera 5.05 for Linux adds Java. Opera Software has released Opera 5.05 for Linux Technology Preview (TP), which adds support for Netscape plug-ins including Java.

Postscript previewers. A nearly stable version of ggv, a GNOME postscript previewer was announced this week. This version is bleeding edge, but is said to be more reliable.

GSView 4.0 is also now in beta.

Gaim: The game for AOL Instant Messaging on Linux (FreeOS.com). While Gaim authors struggle with AOL's "name-alike" warnings to developers, FreeOS says this program is a very useful instant messaging solution for Linux users. "In the case of Gaim, it not only clones the original perfectly, but the authors have succeeded in created a program that is, in fact, far better than the original."

Gimp-Print 4.1.99-a3. The gimp-print project has released another alpha release on their way to the stable 4.2 version. Gimp-Print 4.1.99-a3 includes lots of updates for the Epson family of printers and a new test program that shows how to use the new libgimpprint API.

And in other news...

Linux is going to Hollywood, and IBM wants a lift. IBM is set to release its Linux Digital Studio package, made up of workstations, server computers and data storage machines on Wednesday, a move to keep IBM in step with the wholesale migration of Hollywood visual effects companies to Linux.

ATI to ship FIRE GL 8800 cards with Linux drivers. ATI's FIRE GL 8800, a new mid-range 3D worstation video card, is expected to ship in October.

KDE Kiosk Mode HOWTO. KDE Dot News carried news of a KDE-based thin client project that has written documentation - and patches - for running KDE in a kiosk mode.

Tux Typing 1.0. The 1.0 release of Tux Typing, a simple game using the Simple DirectMedia Layer (the same library used by Loki for their games) that teaches users to type, has been released.

Section Editor: Michael J. Hammel


August 16, 2001


Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Desktop Environments
GNOME
GNUstep
KDE
XFce

Window Managers (WM's)
Afterstep
Enlightenment
FVMW2
IceWM
Sawfish
WindowMaker

Minimalist Environments
Blackbox

Widget Sets
GTK+
Qt

Desktop Graphics
CorelDRAW (*)(w)
GIMP
Kontour
Photogenics (*)
Sketch

Windows on Linux
WINE
Win4Lin
VMWare

Kids S/W
Linux For Kids

Send link submissions to lwn@lwn.net

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Development page.

Development projects


News and Editorials

The PLEAC project plans to reimplement all of the programs from the Perl Cookbook in a variety of other languages. The Perl Cookbook is published by O'Reilly and was written by Perl heavyweights Tom Christiansen & Nathan Torkington.

"If successful, this project may become a primary resource for quick, handy, and free solutions to most common programming problems using higher-level programming languages. It could also be useful for comparison on ease-of-use and power/efficiency of these languages."

PLEAC stands for "Programming Language Examples Alike Cookbook". The current list of supported languages includes Perl, Merd, Ruby, Haskell, Python, Masd, and Nasm. The Merd and Ruby implementations are both about 25% finished. Python, Haskell, and the assembly languages are trailing at below 10% completion. The project maintainer is seeking help for the implementation of solutions in ocaml, scheme, tcl, and C++/stl.

Despite the incomplete status, PLEAC already has many useful examples for the various languages. As it fills out, PLEAC should become a very handy resource for programmers who need to reinvent the wheel, a common task indeed.

Audio

Vorbis RC2 released. Release Candidate 2 of the Ogg Vorbis audio compression software is available. The changes file lists some interesting developments to libvorbis including the use of channel similarities to reduce the bit rate, the addition of more bit rates, and an improved decoding engine. Also, several of the Vorbis utilities have been updated to support better functionality for embedded comments and improved file manipulation capabilities.

Databases

GNOME-DB/libGDA/gASQL 0.2.90. A set of three new Gnome database component utilities have been released. "GNOME-DB/libGDA are a complete framework for developing database-oriented applications, and actually allow access to PostgreSQL, MySQL, Oracle, Sybase and ODBC data sources. Apart from this development framework, they also include several applications and utilities which make them quite suitable for many database-related taks. gASQL is a database administration tool based on libgda and GNOME-DB, featuring visual tools for managing any database supported by libgda/GNOME-DB."

Documentation

Linux Documentation Project updates. A number of modifications were posted to the LDP this week, including updates to the XFree86 HOWTO, the XFree86 Video Timings HOWTO, and the Wacom Table HOWTO.

Education

Seul/Edu reports in Spanish. Three new translations of the Linux in Education report are available in Spanish. Issue 48, Issue 49 and Issue 50. (Thanks to Astroboy)

Embedded Systems

LinuxDevices.com Embedded Linux Newsletter. The LinuxDevices.com Embedded Linux Newsletter for August 9 is out. Topics include a new guide on ready to go embedded Linux systems, the RTLinux patent, Linux Point of Sale (POS) terminals, and more.

Interoperability

Wine Weekly News for August 2, 2001. The August 2, 2001 edition of the Wine Weekly News is now online. Topics include the use of native DLLs, problems using 16 bit header files, the dangers of Shared Source, and more.

System Administration

Linux Backup Tutorial (IBM developerWorks). While often neglected, regular backups are probably the single most important job that a system administrator has to do. Before your hard drive starts making whining and pinging sounds, check out Daniel Robbins' tutorial on Backing up your Linux Machines (registration required).

Web-site Development

Development branch of mnoGoSearch availbale. A new development branch of the mnoGoSearch web site search engine package is available. Changes in this version include gzip content encoding and bug fixes.

Mod_python 2.7.6 released. A new version of mod_python, the Apache/Python integration package, is available. This release adds support for Python 2.1.

The latest Zope News. The latest Zope News contains an announcement of the latest edition of the Zope Book, mention of a new beta release of DCOracle2, which supports the latest versions of Oracle, and more

SMS: Case study of a Web services deployment (IBM developerWorks). Cameron Laird presents a case study of Web services in an IBM developerWorks article. "Web services brings crucial benefits for this application that CORBA and DCOM can't match. DCOM essentially limits clients to those running on Windows desktops. On the other hand, CORBA is 'heavier' than needed for the simple processing the gateway requires. Moreover, real-world CORBA projects have the reputation of stumbling over firewall and interoperability problems that Web services handles gracefully."

Java and Web Services, Part I (O'Reilly). Al Saganich explains Web services in an O'Reilly article. "Over the past six to twelve months we've begun to see a new Web programming paradigm, that of the Web Service. But exactly what are these Web services anyway? In a nutshell, Web Services are the natural evolution of basic Remote Procedure Calls. In fact, we shall see that Web Services are in fact not a much more advanced technology than RPC of the past, but similar concepts applied in new ways!"

SkunkWeb Web Application Server 3.0 beta 2 released. A new beta release of the SkunkWeb Web Application Server has been released. This version includes much updated documentation and lots of bug fixes.

Section Editor: Forrest Cook


August 16, 2001


Application Links
GIMP
Mozilla
Galeon
High Availability
ht://Dig
mnoGoSearch
MagicPoint
Wine
Worldforge
Zope

Open Source Code Collections
Berlios
Freshmeat
OpenSourceDirectory
Savannah
Le Serveur Libre
SourceForge
Sweetcode

   

 

Programming Languages


Caml

Caml Weekly News for August 14, 2001. The latest Caml Weekly News is out, with coverage of a new version of LablGTK and a new extended thread synchronization model.

Java

Making P2P interoperable: The Jxta story (IBM developerWorks). Sing Li discusses Jxta and Peer to Peer technology in an IBM developerWorks article. "Peer-to-peer networking is coming, and it promises to create a computing world fundamentally different -- and, in some ways, better -- than the one based on the old client/server model. Project Jxta is a community-run attempt to build a utility application substrate for peer-to-peer applications."

An easy JDBC wrapper (IBM developerWorks). Greg Travis explains data access with a JDBC wrapper on IBM's developerWorks. "JDBC provides a powerful, comprehensive interface for accessing databases from Java programs. For smaller projects, JDBC can seem overwhelming, driving some programmers to avoid using a database altogether. This article describes a simple wrapper library that makes basic database usage a snap. You'll find yourself wanting to use JDBC for every program you write."

Web FORM-Based Authentication (O'Reilly). Dion Almaer presents a tutorial on setting up FORM-Based Authentication in an O'Reilly onJava.com article. "In this article, we will walk through the various security settings that we can set up in the Web Application framework, going into detail on how you can set up FORM-based authentication."

Perl

Quantum::Entanglement, Perl and quantum mechanics (perl.com). Perl.com looks at the Perl Quantum::Entanglement module, which assists in quantum mechanical calculations. "The Quantum::Entanglement module attempts to port some of the functionality of the universe into Perl. Variables can be prepared in a superposition of states, where they take many values at once, and when observed during the course of a program, will collapse to have a single value. If variables interact then their fates are linked so that when one is observed and forced to collapse the others will also collapse at the moment of observation."

Perl 5 Porters for August 15, 2001. The August 15, 2001 edition of the Perl 5 Porters is out. Topics include a rewritten perlpod, Unicode normalization, threading semantics, and shrinking the standard Perl installation, among other things.

SPAM eater. If you are tired of getting too much spam, use Perl and Eliza to generate automatic replies. Fortunately, the program doesn't actually mail the response, which would waste more bandwidth and would likely never be read, it just amuses the recipient. "I've made a few modification to her default vocabulary to adapt to a few of the cheesy things found in spam."

PHP

PHP Weekly Summary for August 14, 2001. This week's PHP Summary discusses TODO items for the upcoming PHP 4.0.7 and 4.1.0, problems to be solved with PHP and Apache 2.0, work on Autoconf for making PHP, security and PHP, and more.

Python

Unifying types and classes in Python 2.2. Guido van Rossum has posted a paper on Unifying types and classes in Python 2.2. He is looking for feedback.

And, if that isn't enough to keep Guido busy, he is also seeking feedback on PEP237, which covers the topic of unifying long integers and integers.

Dr. Dobb's Python URL for August 13, 2001. The August 13, 2001 edition of the Dr. Dobb's Python URL is out. Topics include tricks with string quotation, an explanation of tuples and lists, and a few hints from Guido on Python evolution.

Python in the Sourceforge Trove (O'Reilly). Stephen Figgins looks at a few of the thousand Python programs on Sourceforge. A geneology program called Gramps and the Nareau Cluster Tools are examined.

Python shows exponential growth. Just van Rossum has presented a graph of Python posts from comp.lang.python, labeled Python world domination. The graph has a nice exponential curve that shows rapid expansion. It would be interesting to see similar plots for traffic on Perl and other languages.

PyOpenGL status. Tarn Weisner Burton has posted a status update for the PyOpenGL project. PyOpenGL is a Python implementation of OpenGL, it has recently been undergoing intense development.

Ruby

The latest from the Ruby Garden. This week, the Ruby Garden features articles on Ruby Behaviors, a new interactive Ruby reference, dealing with string literals, the AOS virtual machine, and more.

Smalltalk

Squeak News for August 15, 2001. The August 15, 2001 edition of Squeak News is apparently out, but it appears to still be partly under construction. Topics include a focus on beginners, controlling submorphs, and an interview with John Maloney.

Tcl/Tk

Dr. Dobb's Tcl URL for August 13, 2001. The August 13, 2001 edition of the Dr. Dobb's TCL URL is out. Topics include the release of Tcl 8.4a3, TclSOAP, home automation with Tcl and the Rivendell project which aims to put Tcl on the palm platform.

XML

Getting Loopy (O'Reilly). Bob DuCharme discusses for and while loops under XML in an O'Reilly xml.com article.

Integrated Development Environments

Anjuta 0.1.6 is released. A new stable release of Anjuta, a C/C++ Integrated Development Environment (IDE) for GTK+/GNOME, has been announced.

Miscellaneous

oprofile 0.0.4 released. An alpha level version of oprofile, a binary file profiler, has been announced. (Thanks to John Levon)

Section Editor: Forrest Cook

 
Language Links
Caml
Caml Hump
Tiny COBOL
Erlang
g95 Fortran
Gnu Compiler Collection (GCC)
Gnu Compiler for the Java Language (GCJ)
Guile
Haskell
IBM Java Zone
Jython
Free the X3J Thirteen (Lisp)
Use Perl
O'Reilly's perl.com
Dr. Dobbs' Perl
PHP
PHP Weekly Summary
Daily Python-URL
Python.org
Python.faqts
Python Eggs
Ruby
Ruby Garden
MIT Scheme
Schemers
Squeak
Smalltalk
Why Smalltalk
Tcl Developer Xchange
Tcl-tk.net
O'Reilly's XML.com
Regular Expressions
   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Commerce page.

Linux and Business


New IDC Survey on Linux spending. Here's a new pronouncement from IDC; it seems their latest survey shows continued growth for Linux, up to 9% of total information technology spending in 2002. "Many of the hurdles to Linux adoption are being addressed by platform vendors, and we expect that competition among operating systems as well as among Linux vendors will increase dramatically. Only a few vendors have significant mindshare in the Linux market, indicating major untapped opportunities for hardware and software vendors alike."

The widespread economic woes may be creating hard times for many Linux companies, especially those who are exploring unproven revenue generating tactics. However, these same hard times may actually increase adoption of Linux and open-source software due to the freedom from licensing and upgrade fees, not to mention Linux's proven high reliability and lack of viruses.

Intel Itanium and Linux used in TeraGrid. Intel announced that its Itanium family of processors will be used to build a distributed scientific computing system expected to be the largest of its kind in the world. The computing system, dubbed the "TeraGrid," is part of a $53 million award by the National Science Foundation (NSF) to four facilities. The goal of the project is to build a Distributed Terascale Facility (DTF) that will be used to solve complex scientific problems such as genetic modeling, research on alternative energy sources, and atmospheric simulation. The system will consist of clustered IBM servers at distributed sites, all running the Linux operating system. The TeraGrid will be connected by a Qwest high-speed optical network.

Linux for Chemistry project update. A new packaging of chemistry related software for Linux is now available from the Random Factory.

Just published: Perl for the Web. New Riders has just published Perl for the Web by Chris Radcliff. Happily, the entire book is available on the web as well; no license is specified for the online version.

ATI to ship FIRE GL 8800 cards with Linux drivers. ATI's FIRE GL 8800, a new mid-range 3D worstation video card, is expected to ship in October.

Linux Stock Index for August 09 to August 15, 2001.

LSI at closing on August 09, 2001 ... 27.85
LSI at closing on August 15, 2001 ... 27.36

The high for the week was 28.08
The low for the week was 27.36

Press Releases:

Open source products

Proprietary Products for Linux

Hardware and bundled products

Products and Services Using Linux

Products With Linux Versions

Java Products

Books & Training

Partnerships

Investments and Acquisitions

Personnel & New Offices

Linux At Work

Other

Section Editor: Forrest Cook.


August 16, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Linux in the news page.

Linux in the news


Recommended Reading

Sklyarov articles in Newsweek, Time. Newsweek has printed an article by Steven Levy called Busted by the Copyright Cops. "Actually, it was Congress that let private industry call the shots, particularly in certain passages of the DMCA that outlaw not only programs that circumvent copy protections, but dissemination of such information. When it comes to protecting the business plans of those who publish books and music, academic freedom and free speech are apparently expendable."

Throwing The E-Book At Him comes from Time. "As a rule, computer geeks might best be described as laid-back libertarians--they don't like laws encroaching on their territory, but they're usually too busy to care. Sklyarov's arrest changed all that."

Rallies Impress Cryptographer Held in E-Book Case (NY Times). The New York Times interviews Dmitry Sklyarov (registration required). "'I can't say I was depressed or panicked,' he said yesterday. 'I was curious that I was in such a situation, because I never considered I would be in jail in anytime of my life.'"

Sklyarov case shows business outweighs First Amendment (Register). The Register received an essay from noted security expert Bruce Schneier which is to be published on August 15th. "One of the main points Schneier makes is that provisions in the DMCA that allow for security research "which I and others fought hard to have included" are being ignored in the Sklyarov case and others, such as the DeCSS case against 2600 Magazine."

The End of Innovation? (OpenP2P). OpenP2P talks with Lawrence Lessig. "I'm actually quite surprised that the government would have picked [Dmitry Sklyarov] as their first criminal prosecution under the Digital Millennium Copyright Act because it's not a clear case of piracy or of somebody developing a technology to enable people to steal lots of content. This technology enabled owners of e-books to do things with the e-books that, in many cases, would clearly have been fair use of the e-book."

Expo Focus on Securing E-Books (Wired). At the BookTech West Expo this week publishers are expected to debate the issues of copyrights and e-books. As a director for acquisitions at one e-book manufacturer says, encryption doesn't guarantee secure copyrights, nor does it guarantee loss of income. "Have any book sales been lost because this Russian guy cracked the encryption and made the decryption software available? Doubt it."

Software Double Bind (NY Times). Here's a worthwhile article in the New York Times (registration required) on problems with the DMCA. "The law also makes it illegal for individuals to use such a program - even to make a back-up copy of a book or movie or song for themselves, the type of copies traditionally allowed under copyright law. That is where the double bind comes in. Actually making such copies for personal use is not illegal. But it is against the law to break through the copy-protection measure to make the legal copies."

Secretaries use Linux, taxpayers save millions (NewsForge). NewsForge has run an interesting case study of the use of Linux in the Largo, Florida city government. "One of the great anti-Linux screeds we hear is, 'The secretaries will never be able to figure it out.' If that is so, then Largo employee Judy Judt must be one of the world's smartest office workers. She is sitting at her desk, happily accessing an online city directory that lists all employees, vendors, and other important contacts, using a simple Rolodex-like program that is running on top of an attractively-themed KDE 2.1.1 desktop."

Companies

Borland creates a RAD tool for the rest of us (LinuxWorld). Kylix may spur faster application development, according to this story from LinuxWorld. "If you've had the urge to write some GPL'd code for Linux, but lacked the know-how to cope with X, Qt, or GTK, you lost your excuse. Kylix builds widgets quickly and easily, without getting widget grease under your fingernails."

Why we should hail IBM's ode to open source--the Purple Book (ZDNet). ZDNet explains why IBM's Purple Book - the technical reference manual detailing the original IBM PC - relates so well to the open source movement. "Nevertheless, it's close enough for the Purple Book to serve as an important historical validation for the all-for-one-and-one-for-all approach to software development and the mandated sharing required by the open-source General Public License."

IBM unveils slew of developer tools (ZDNet). At their Solutions technical developers conference, IBM announced a number of new developer tools, including the WebSphere Studio Workbench for Linux. "On the Linux/Unix front, [IBM's Senior Vice President of Software Steve] Mills told reporters in a question-and-answer session that Linux could become the eventual successor to its AIX Unix offering and many other Unix systems. "It has the potential to get there, but 'When?' is the question, as Linux just doesn't yet have all the functionality to do that just yet," Mills said."

IBM's own press announcement on their Software Evaluation Kit offers even stronger news for applications on Linux. "According to Evans Data Corp., more than 40 percent of developers surveyed are likely to write Linux-based applications in 2001."

A sneak preview of IBM's Linux/Java enabled TechMobile (LinuxDevices). The TechMobile is a modified Ford Explorer with a couple of Linux-based embedded Java PC's controlling it. "Drivers and passengers can use voice commands to "read" email, play music, and control vehicle functions such as the headlights, door locks, open or close the car's windows, sound the horn, etc. Commands can also be given from a console-mounted touch screen, or from Bluetooth-enabled mobile devices such as PDAs, laptops, and even IBM's Linux wristwatch."

IBM: Open standards hold key to dynamic e-business (ZDNet). ZDNet covers the keynotes at IBM's technical developer conference called `Solutions.' ``"We are embracing Linux across everything we do," [IBM's vice president of technology and strategy, Irving] Wladawsky-Berger said. "It is the only operating system that will run on architectures not yet invented."''

Lineo states continued commitment to RTAI (LinuxDevices). LinuxDevices.com has a statement from Lineo on its commitment to RTAI after having licensed the RTLinux patent (see this week's LWN front page). "Lineo established this license in response to an existing patent that presented fear, uncertainty and doubt (FUD) in the minds of some embedded developers who would otherwise utilize the robust RTAI open source technology."

Microsoft seeks Linux-bashing .NET evangelist (Register). Red(mond) headed behemoth with delusions of grandeur seeks (ev)angelic(al) follower to join battle of the ages. The Register says its really an external MS job posting, though. "The Developer Evangelist will be responsible for identifying and engaging J2EE and Linux focused developers in existing accounts..."

Netscape Releases Non-Beta Version 6.1 Browser Suite. It's official, Netscape 6.1 is golden. The download page no longer references a beta version, but downloads are probably pretty slow right now.

Red Hat moves beyond Linux with e-commerce suite (Reuters). Reuters reports on Red Hat's e-commerce move. "The individual pieces of Red Hat's suite, which includes the Apache Secure Webserver, an open-source database called PostgreSQL and Red Hat Linux itself, are thus available for free on the Internet. A central component of the suite, Akopia's Interchange e-commerce platform, came to Red Hat when it bought the open-source developer earlier this year."

Business

Study: IT Budgets Opening Up to Linux (osOpinion). IDC surveyed end-customers to find their spending on Linux-related hardware, software, services and staffing and found a lot of tire-kicking going on. "... with nearly half of 800 survey respondents reporting use or experimentation with Linux. IDC says the market share for Linux is expected to triple from 3 percent of the average IT budget in 1999 to 9 percent by 2002."

Linux has arrived. But where is it going? (IT-Director). In another evolution of Linux editorial, this IT-Director story tells us that Linux is in its troubled adolescence but maturing quickly. "Linux on the desktop is still a fairly rare sight, but is showing no signs of falling away. Indeed, as the GUI front ends become more user friendly and application availability increases there is now a reasonable chance that Linux may begin to move onto the desks of non-technical users."

Linux grows up in a hurry (News.com). C|Net's News.com celebrates the 10th anniversary of the birth of Linux. "Linux has become a worldwide phenomenon. By last year, less than a decade after its inception, Linux had 27 percent of the server market, according to researcher IDC. That compares to 41 percent of the market held by Microsoft's Windows."

Resources

Mob Software: The Erotic Life of Code. Here's a long essay on 'Mob Software' by Richard P. Gabriel & Ron Goldman. It calls for an integration of artistry and programming, in a way that free software hints at but has not yet achieved. "It is only when we forget the ideas behind building something wonderful that we can actually do the building that makes things wonderful. Time and again I've heard poets and musicians talk about the letting go required to make true art or music. The battle to let go is the battle with the duende. It leads us to the place where order meets chaos, where the phase transition between stability and flexibility makes things happen. Unfortunately, the open-source community is extremely conservative, focusing solely on the need to build up slowly a parallel open infrastructure next to the proprietary ones already in place."

Reviews

Embedded Linux Book. Linux Devices editor Rick Lehrbaum reviews Embedded Linux, a book by John Lombardo. "As far as I know, it's the first -- and, at the time of this writing, the only -- book published on this timely subject, thrusting it very much into the spotlight and making it a 'must read' for all developers (and many others) interested in exploring the subject of embedding Linux."

Section Editor: Forrest Cook


August 16, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Announcements page.

Announcements


Resources

New Vorbis version released (News.com). Release Candidate 2 is available from the Ogg Vorbis group, according to brief a C|Net report.

Linux intranet setup guide published. Ranjit Mathew has announced The Hobbitware.com Intranet Project, which is a guide for setting up a Linux based small office Intranet. He is seeking feedback on the guide.

Twelve Step Program for Windows Users. For your friends who just can't seem to break the cycle of addiction, Windows Anonymous offers a twelve step program.

Tip of the Week: bash Redirection (LinuxLookup). LinuxLookup's Tip of the Week this week shows new users how to use bash to set the location of input or output data.

Just published: Perl for the Web. New Riders has just published Perl for the Web by Chris Radcliff. Happily, the entire book is available on the web as well; no license is specified for the online version.

Events

Events: August 16 - October 11, 2001.
Date Event Location
August 16, 2001Embedded Internet Conference 2001Santa Clara, CA
August 16, 2001LinuxWorld ChinaBeijing, China
August 16 - 18, 2001IPsec Interoperability Workshop (Bakeoff)Espoo, Finland
August 16, 2001IBM Technical Developer Conference(The Moscone Center)San Francisco, CA
August 20 - 24, 2001HP World 2001(McCormick Place)Chicago, IL, USA.
August 20 - 21, 2001JabberCon 2001Keystone, Colorado
August 20 - 22, 2001Forum 2001University of California at Santa Cruz, Calif.
August 23 - 25, 2001LinuxWorld Hong KongHong Kong
August 25 - September 1, 2001The Linuxbierwanderung (Linux Beer Hike) 2001Bouillon, Belgium
August 25, 2001"Linux10" - Linux 10th anniversary picnicSunnyvale, California
August 26 - 30, 2001LinuxWorld Conference & ExpoSan Francisco
August 26 - 31, 2001COMDEX Sucesu-SP Brazil 2001Sao Paulo, Brazil
September 1 - 2, 2001LinuxCertified.com Linux System Administration BootcampCupertino, California
September 2, 2001Erlang Workshop - FirenzeItaly
September 4 - 7, 2001Embedded Systems Conference(Hynes Convention Center)Boston, MA
September 6 - 7, 2001Open Source Health Care Alliance(OSHCA)(The Posthouse Hotel Kensington)London, UK
September 17, 2001XML Information DaysAmsterdam
September 18 - 21, 2001O'Reilly Peer-to-Peer ConferenceWashington, DC.
September 18, 2001XML Information DaysBrussels
September 19, 2001XML Information DaysMunich
September 20, 2001XML Information DaysZurich
September 21, 2001XML Information DaysMilan
September 24, 2001XML Information DaysParis
September 25, 2001XML Information DaysCopenhagen
September 26, 2001XML Information DaysOslo
September 26 - 28, 2001Australian Unix User Group's Annual Conference(AUUG 2001)Sydney, Australia
September 27, 2001XML Information DaysStockholm
September 28, 2001XML Information DaysHelsinki
September 30 - October 4, 2001XML OneSan Jose, California
October 1, 2001XML Information DaysBudapest
October 2 - 5, 2001Federal Open Source Conference(Ronald Reagan Building)Washington DC
October 11 - 13, 2001Wizards of OS 2(House of World Cultures)Berlin, Germany

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

User Group News

LUG Events: August 16 - August 30, 2001.
Date Event Location
August 16, 2001St. Louis LUG(SLLUG)(St. Louis County Library, Indian Trails Branch)St. Louis, MO.
August 16, 2001Linux User Support Team, Taegu(LUST-T)Taegu, Korea
August 16, 2001South Mississippi LUG(SMLUG)(Barnes & Noble)Gulfport, Mississippi
August 16, 2001Gallup Linux Users Group(GalLUG)(Coyote Bookstore)Gallup, New Mexico
August 16, 2001Linux Enthusiasts And Professionals of Central Florida(LEAP-CF)(DeVry Institute)Orlando, FL.
August 16, 2001SSLUG: Hyggemøde på Niels Bohr InstitutetDenmark
August 17, 2001Rock River Linux User Group(RRLUG)(Rockford College)Rockford, Illinois
August 18, 2001SVLUG InstallfestSilicon Valley, CA
August 18, 2001North Texas Linux Users Group(NTLUG)(Nokia Centre)Irving, Texas
August 18, 2001NLUG Canoe trip(Tennessee's Red River)Nashville, Tenn.
August 19, 2001Beachside LUGConway, South Carolina
August 19, 2001Mesilla Valley Linux User Group(MVLUG)(Village Inn on El Paseo Rd.)Las Cruces, New Mexico
August 20, 2001Linux User Group of Davis(LUGOD)(Z-World)Davis, CA
August 21, 2001Bay Area Linux User Group(BALUG)(Four Seas Restaurant, Chinatown)San Francisco, CA
August 21, 2001Hazelwood Linux User Group(HLUG)(Prairie Commons Branch Library)Hazelwood, Missouri
August 21, 2001Phoenix Linux Users Group(PLUG)(Glendale Community College)Glendale, AZ
August 21, 2001KCLUG InstallfestKansas City, MO.
August 21, 2001Linux Stammtisch(Bandersnatch Brew Pub)Tempe, AZ
August 21, 2001
August 28, 2001
Kalamazoo Linux Users Group(KLUG)(Western Michigan University)Kalamazoo, Michigan
August 21, 2001AaLUG: Ekstraordinær generalforsamlingDenmark
August 21, 2001Western Cape Linux Users Group(CLUG)University of Cape Town, South Africa
August 23, 2001Omaha Linux User Group(OLUG)Omaha, Nebraska
August 25, 2001Consortium of All Bay Area Linux(CABAL)Menlo Park, CA
August 25, 2001AaLUG: Weekend arrangement sammen med ProsaDenmark
August 27, 2001Haifa Linux Club(Technion CS dept. bldg.)Haifa, Israel
August 27, 2001Roseville Area Linux Users Group(roselug)(Nerd Books)Roseville, California
August 28, 2001FLUG: DNS af Michael NielsenDenmark
August 29, 2001Central Ohio LUG(COLUG)Columbus, Ohio
August 29, 2001Nashville Linux User's Group(NLUG)Nashville, Tennessee

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn-lug@lwn.net in a plain text format.

Section Editor: Rebecca Sobol.


August 16, 2001

   

 

Software Announcements


Here are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways:

The Alphabetical List and Sorted by license

 

Our software announcements are provided courtesy of FreshMeat

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Linux History page.

This week in Linux history


Four years ago: Miguel de Icaza announced his intention to create the GNOME project.

Also announced was the egcs project - a version of the gcc compiler suite which was intended to move a bit faster than gcc itself. Four years later, gcc and egcs have merged back together (with egcs having the upper hand). GNOME and KDE, of course, have done no such thing...

Three years ago (August 20, 1998 LWN): It appeared the Linux Standards Base might be in more trouble, as Bruce Perens' departure from the project was quickly followed by the announcement of two competing efforts. The Linux Compatibility Standards Project was announced as a collaboration between Debian and Red Hat to build a written specification on the "right way" to build a proper Linux system. It was designed to complement the LSB and guide application developers on how to build their applications for compatibility with multiple Linux distributions. Only the timing made this look like a competitor to the LSB, though. It was designed to be complementary and was eventually folded into the LSB.

Not so innocuous was the announcement of the Linux Standards Association. As opposed to the community-based LSB, the LSA was designed more like traditional commercial standards organization; members were corporations that paid money. The content was not to be made available for free, founding members would have veto privileges and the initial website was created with Frontpage. The announcement was greeted with outrage on Slashdot and indifference from the community. The LSA didn't take long to collapse, and nobody has tried this particular idea since.

Red Hat announced its "Rawhide" distribution - the first Red Hat development version that was explicitly made available on the net.

Two years ago (August 19, 1999 LWN): Red Hat shares jumped from an initial (split-adjusted) high of $26 after their IPO to a new level, $40 per share. Predicting many more public Linux companies to come, LWN announced its Linux Stocks Page and the LWN Linux Stock Index to track the performance of this sector as a whole.

For the umpteenth time, someone paved paradise, put up a parking lot. For the thousands of Linux coders who've build the utopian open-source movement - offering free help to create a free operating system - the IPO of Red Hat Software was a sure sign of Wall Street cutting the ribbon on the new Linux mall.
-- The Industry Standard, August 12, 1999.

A Debian "potato" freeze was proposed for November 1.

The Internet Auditing Project released the results of a year-long scan of the Internet. This ad-hoc project searched for sites with previously announced and fixable security vulnerabilities. For example, out of a list of 10 well known vulnerabilities, between 1 to 26 percent of the sites with the given service installed were running a vulnerable version. They likened these vulnerable systems to "wounds" in the Internet, indicating wide-spread illness.

The project recommended the creation of an "International Digital Defense Network" to pro-actively search for vulnerable sites and work to get them to close their vulnerabilities. Discussion on the topic did not seem to take off and there have been no efforts in that area, to our knowledge.

Meanwhile, Magic Software took some real grief for the two live penguins it brought to the LinuxWorld show floor. It seems the animal rights activists weren't too pleased with the idea...

One year ago (August 17, 2000 LWN): The GNOME project went for the headlines with the announcement of the GNOME Foundation, Sun's adoption of GNOME for Solaris, HP's planned shift to GNOME, and a hype-laden press release on the project's bright future. It was, perhaps, the most prominent bit of news out of LinuxWorld last year. ZDNet even wrote an obituary for KDE:

In the end, one side had to win. And in this zero-sum game, that meant the other side had to come up empty. So it was that the folks in the Linux community supporting the GNOME desktop user interface had cause for celebration on Tuesday after winning support from 13 companies and industry organizations.

It's evident a year later (as it was then) that the rumors of KDE's death were rather premature. After all, one of the nice things about free software is that it is not a zero-sum game.

Debian 2.2 was released. It remains the current stable Debian release, and will continue to for some time, until the "woody" stabilization process completes. Also released was the second (and, presumably, last) edition of Corel Linux. Finally, Stampede Linux 0.90 was released. That project isn't dead quite yet, but we're still waiting for 0.91...

The Motley Fool sounded off on intellectual property:

The reason Red Hat has been so much more successful than, say, Caldera Systems, is that Red Hat sees what it does as a service, and Caldera sees its intellectual property as a product it can control.

The article remains worthwhile reading a year later.

Section Editor: Rebecca Sobol.


August 16, 2001

LWN Linux Timelines
1998 In Review
1999 In Review
2000 In Review
2001 In Review

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Letters page.

Letters to the editor


Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.

August 16, 2001

   
From:	 Bob Kopp <r-kopp@DELETETHISuchicago.edu>
To:	 letters@lwn.net
Subject: Fair use vs. right of first sale
Date:	 Tue, 14 Aug 2001 21:32:32 -0500

On the front page of this week's LWN, you write:

> Others chose to sell their texts and get some of their money
> back. That is fair use, and that is what MetaText would deny to you. 

I beg your pardon, but that is not fair use.  That is an application
of the first sale doctrine, which is an entirely separate part of
copyright law.  Fair use is covered in section 107 of the copyright
statue and allows use of reproductions for purposes such as
"criticism, comment, news reporting, teaching (including multiple
copies for classroom use), scholarship, or research."  First sale is
covered by section 109, and allows owners of copies of a copyrighted
work to sell or dispose of their copy without authorization from the
copyright holder.  See http://www4.law.cornell.edu/uscode/17/ch1.html
for more information.

This may seem like a trivial distinction, but if the open source and
free software communities are to be taken seriously in the debate over
the future of IP, they -- and especially their media outlets -- must
exhibit a basic understanding of copyright law.

Regards,

Bob Kopp
   
From:	 Fred Mobach <fred@mobach.nl>
To:	 letters@lwn.net
Subject: On the astroturfing of Linux Today
Date:	 Thu, 09 Aug 2001 12:24:23 +0200

Hello,

In Linux Weekly News of August 9, 2001 you wrote :

"We sincerely hope that LWN will have no further words to say on this
matter. It is not for us to involve ourselves in how another site
relates with its readers. It does seem, though, that nobody is likely to
benefit from more public accusations or stories of ashamed penguins".

I sincerely hope that this is the last time that such a shameful mess
resulted in a lot of stories because, as you stated, nobody is likely to
benefit. But in case something like this happens again it should get
published again. Things like this hurt many people and might turn them
away from the community. Which I consider even worse.

Regards,

Fred
-- 
Fred Mobach - fred@mobach.nl - postmaster@mobach.nl
Systemhouse Mobach bv - The Netherlands - since 1976

The Free Transaction Processing Monitor project : http://www.ftpm.org/
   
From:	 "Jay R. Ashworth" <jra@baylink.com>
To:	 letters@lwn.net
Subject: Astroturfing... ok?
Date:	 Thu, 9 Aug 2001 13:41:50 -0400

Hardly.

In your front page editorial last week on this topic, you say
> Quite a few people are highly upset and, seemingly, out for blood. 
> 
> It is interesting to ponder why that might be. Any site that allows the
> posting of comments tends to get quite a bit of "interesting" material
> posted under clearly pseudonymous, if not completely anonymous names.
> All such postings should be taken with a substantial grain of salt, and
> one would hope that most readers would know that by now. The fact that
> a Linux Today editor felt the need to stuff the comment area is sad and
> unfortunate, but, in the end, it's just comments.

Not at all.

I'm put in mind of a quote from Tom Clancy's _Executive_Orders_.

Reporter Bob Holtzman takes news anchor John Plumber (obvious take offs
on Bob Woodward and John Chancellor) to visit the 7-Eleven store run
by the widow of Sgt Buck Zimmer, who died in Jack Ryan's arms in
_Clear_And_Present_Danger_.  Her son asks Chancellor, er, um, "Plumber"
"Why should we trust *you*?  You're *reporters*."

Says it like a cuss word, mind you.

the actual information is never the real produect in the journalism
business.  What it is that people are *paying* for -- something which
has become *much* easier to see in the footloose environment of the
Internet -- is opinions, selection, judgement, and honesty.

Yes, the comment box may get stuffed.

But by a *staffer*?

Nope.  I agree with those who believe that's beyond the pale.

> The news reported by Linux Today remains separate from those comments.

No, it really doesn't.  Because it's being reported by those same
people.  Anyone who operates consciously -- and especially
professionally -- in the public sphere has, in the final analysis, only
their reputation to stand on.

Reichard no longer has one, from what I can see, and that directly
impacts internet.com.

Negatively.

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra@baylink.com
Member of the Technical Staff     Baylink                             RFC 2100
The Suncoast Freenet         The Things I Think
Tampa Bay, Florida        http://baylink.pitas.com             +1 727 804 5015

"So easy to use, no wonder the Internet is going to hell!"
-- me
   
From:	 Bill Sneed <bsneed@mint.net>
To:	 letters@lwn.net
Subject: Mono, .NET, & History
Date:	 Fri, 10 Aug 2001 11:32:58 -0400

To the editor:

I would simply remind Sr. Miguel de Icaza of a thought from the 
20th century American philosopher George Santayana:

"Those who cannot remember the past are condemned to repeat it."

And, with apologies to Homer, "Beware of geeks bearing gifts."

...bill sneed...
prospect, maine
   
From:	 tom poe <tompoe@source.net>
To:	 letters@lwn.net
Subject: Mono and Petreley's InfoWorld Article
Date:	 Mon, 13 Aug 2001 03:39:29 -0700
Cc:	 <sal.martinez@home.com>, <baskets@peoplepc.com>

I read the "Microsoft Bait and Switch" article, and agree with the author's 
logic that Ximian is flirting with disaster on one level, at least.
http://iwsun4.infoworld.com/articles/op/xml/01/07/30/010730oppetreley.xml

I'm not clear on just what .NET is supposed to do.  Is it that Microsoft is 
promising a secure Internet with it?  If so, how is that possible?  More to 
the point, are companies such as American Express and Verisign really, 
sincerely pursuing such a course?  Or, are they just along for whatever 
profits are to be made?

Actually, when you think about it, Ximian is doing its thing, but it isn't 
the only game in town, as I understand it.  As long as there are options, 
like, maybe not participating with the "Bad Guys".  Isn't that the bottom 
line?  I choose not to spend my money at Amazon.com.  I choose to spend my 
money with Fatbrain.com.  Will I need Passport to do so, at some point?  
Verisign and American Express and others will have to decide what limits they 
place on their market, or is this wrong thinking, anymore?  Just a thought. 
Tom

   
From:	 Jan <jandersen@striva.com>
To:	 letters@lwn.net
Subject: Land of freedom and whatever...
Date:	 Thu, 09 Aug 2001 09:50:19 +0100

As a European I have been watching the news from the US with 
interest for a number of years now. Americans seem to have
strong and brave viewpoints about things like freedom, justice,
democracy, human rights and religion. A lot of the political
rhetorics seem to be concerned with those subjects.

It becomes more and more evident, though, that the beautiful
words are merely words. In America, I hear, one can get arrested
for speaking too loudly about things that might infringe on the
sacred rights of the big copyright-holders. Luckily it is not 
all restrictions and tight laws that make people criminals for
doing what they thought was right: the big companies can still
lie in their adverts, steal from the small companies, buy
politicians and pervert justice.

Is it strange, if the rest of the world is a little bit reserved 
in their judgement of America? Recently your country has lived up
to the worst designations that the communists used to label you
with: 

Imperialism - just take the cases with Dmitry Sklyarov and Matthew 
Pavlovich. USA obviously feels that their laws reach outside the
boundaries of America.

Greedy capitalism with no trace of morality, exploiting everything
and everybody as hard as possible.

Am I wrong? Prove me wrong, please. I would sincerely like to 
be able to go to sleep every night without fearing the ravings of
the world's biggest military power under the leadership of the
country's big industries and the feebleminded Strawman Bush.

/jan
   
From:	 bryanh@giraffe-data.com (Bryan Henderson)
To:	 letters@lwn.net
Subject: Letters: Dmitry Sklyarov's rights as a non-citizen
Date:	 Thu, 9 Aug 2001 20:29:16 -0700

Joe Klemmer laments in his letter to LWN, "As Mr. Sklyarov is not a US
citizen, he is not entitled to the same rights as the rest of us."  The
context is the fact that Sklyarov was held without bail.

I'd like to clarify that fundamental U.S. Constitutional rights such
as the right to reasonable bail apply to everyone in the country,
without regard to immigration status.  Sklyarov's denial of bail was
probably due to the fact that he lives in another country, which makes
him a flight risk.  I think we'd see the same result if he were a US
citizen living in another country.

As long as we're talking about travesties that the US criminal justice
system may have committed against Sklyarov, I'd also like to respond to
the outrage some have expressed that he was arrested in the US even 
though he didn't do anything wrong on his trip to the US and the acts
he's charged with happened outside the US.

First of all, it's well established, and makes sense, that you can violate
US laws while standing on a foreign shore.  Placing drugs on a ship bound
for the US is a classic example.  Putting a program onto a network that
reaches into the US isn't much of a stretch from that.

If he did violate a US law, then the FBI should pick him up at any 
opportunity -- I.e. any time he sets foot on US soil for any reason.

-- 
Bryan Henderson                                    Phone 415-505-3367
San Jose, California
   
From:	 "Anand Srivastava" <Anand.Srivastava@ascom.ch>
To:	 letters@lwn.net
Subject: Why the E-Books are failing.
Date:	 Fri, 10 Aug 2001 12:07:17 +0200

Hi,

When I read of E-Books first I thought yes that was a nice thing. It would
give the reader more capabilities (You could listen to them, with any voice
synthesizer, you could search through them, you could print parts and
incorporate their parts into something where you wanted, etc.), would be
lighter than normal books. It would be good. But the Publishers, thought
wow we have a new medium and we can reduce the capabilities as much as we
want so that users can finally not resell their books. And they will have
the maximum profit because they don't require to do any printing. But they
forgot, that when you reduce the capabilities, you also take away the
incentive to buy the books. Now the only incentive that is there is that
they are light.

I think for E-books to succeed, the publishers will have to do the
following things.

1) Give more features than available with normal books. First and most
important is that the E-book should be more usable than normal
books. They should not be for a small time, because good books are friends
forever, why would anybody want to read a book that has no potential to be
a great book.  They should allow basic facilities like, reading aloud,
searching, printing excerpts, mailing excerpts, etc.

2) Make them more interesting to read from proprietory software. The
proprietory software should be able to enhance the reading experience by
providing something more than the normal features. If the basic features
are missing, people would want to use some other means that will give them
the features they want. So the proprietory software has to do something
more for the book.  And if people don't want to read with the proprietory
software there are not enough incentives to buy a copy, when a pirated one
can be got easily without a fee.

2) Make them easy to buy. If they are not, people will get them from the
net free.  People don't necessary steal because they can. But they have to
know that what they are doing is stealing. So education is very important
for the success of E-Books.

3) Use better encryption. Not the type Adobe etc use. Use open algorithms
because they are known to give better encryption. But this can go only so
far. You need only have one password to break the most solid encryption. So
education is absolutely necessary. If the education is there, pirate copies
will only be available from Warez sites. People will probably not trade on
P2P services, if you give them decent value for their money, allow them to
spend money easily, and make it not worth the guilt. Better encryption can
only help in forcing people to the proprietory solution, if the proprietory
solution is good enough and there is not enough incentive to use a
different solution.

Bottom line is that e-books need to be feature rich rather than feature
poor.

There was a time when customer was always right, now the customer is the
first suspect. The publishers will need to learn that you need customers
trust to win new businesses, otherwise only pirates will have the new
businesses.

-anand

   
From:	 Shlomi Fish <shlomif@vipe.technion.ac.il>
To:	 letters@lwn.net
Subject: DeCSS for JavaScript
Date:	 Fri, 10 Aug 2001 04:20:31 +0300 (IDT)


On behalf of the Hackers-IL mailing list, I am proud to present DeCSS for
JavaScript. This is a port of the DeCSS code to the JavaScript language,
which enables it to run on a large number of web-browsers, assuming
JavaScript is enabled.

The following page:

http://www.cs.cmu.edu/~dst/DeCSS/Gallery/decss_js.html

at the DeCSS gallery contains a sample HTML page that activates it. The
source code is here:

http://www.cs.cmu.edu/~dst/DeCSS/Gallery/css_descramble-js.txt

I believe this marks a new step in the accessibility of the DeCSS code,
because now innocent surfers can violate the DMCA on their home machines
by surfing into particular web-sites. Furthermore, it may be done
involuntarily, as JavaScript enables executing arbitrary code without the
permission of the surfer.

So now there is a world of possibilities such as DeCSS web-boxes,
or distributed DeCSS for JavaScript.

In any case, the Hackers-IL mailing-list homepage is:

http://groups.yahoo.com/group/hackers-il/

(Note that we are by no means computer intruders, just computer
enthusiasts)

Happy DeCSSing.

	Shlomi Fish





----------------------------------------------------------------------
Shlomi Fish        shlomif@vipe.technion.ac.il 
Home Page:         http://t2.technion.ac.il/~shlomif/
Home E-mail:       shlomif@techie.com

A more experienced programmer does not make less bugs. He just realizes
what went wrong more quickly.

   
From:	 Lamar Owen <lamar.owen@wgcr.org>
To:	 letters@lwn.net
Subject: PostgreSQL Global Development Group.
Date:	 Tue, 14 Aug 2001 16:18:04 -0400

Speaking totally personally, and not representing anyone but myself:

I read the LWN interview with Bruce Momjian with more than a little interest, 
being a member of the development community (in an adjunctant position).

I started out with PostgreSQL in the spring of 1997, as a backend for the 
intranet server for WGCR Radio.  We run AOLserver, which is an open source 
webserver with embedded tcl scripting and a powerful database API, and 
Postgres-95 was a semisupported database option for that server. (The side 
story of why AOLserver was used is long, and not relevant to this note...)

After a few false starts, I finally got everything running with AOLserver 
2.2.1, a beta PostgreSQL driver, and PostgreSQL 6.2.1, all on RedHat 4.2.  
Things worked fairly well even then, at least for our web applications that 
back the daily operation of a broadcast radio station, of which I am Chief 
Engineer.

I quickly got frustrated with the pace of RPM releases of PostgreSQL.  
Version 6.3 was released, the first one with subselects.  I badly wanted 
subselects, but no RPM was forthcoming.  I could easily compile it myself, 
but I wanted the RPM installation to make things easier on someone who might 
have to replace me at a moment's notice if I became ill or disabled.  Such a 
replacement wouldn't have the decade-plus Unix experience I have, and would 
have enough trouble with 'rpm -U', much less './configure;make;make install' 
and then sorting out why the files were in different places......and then 
moving it over to the compilerless production server.

After a few cycles of this (6.5 was in beta before a general 6.4.x RPMset was 
in general release from RedHat, as part of RHL 6.0), I got really aggravated 
-- enough to be willing to do this thing of RPM maintaining myself.  So, in 
the summer of 1999 I grabbed the bull by the horns (and made a number of 
missteps and verbal goofs along the way, for which the group was insanely 
patient with me and my naivete -- it's amazing how really naive someone with 
a decade of Usenet and Internet admin experience _can_ be...) and began 
attempting to maintain the RPMset.

RedHat 6.1 shipped with a version of the the RPMset I had worked long and 
hard to make.  The latest RedHat public beta's PostgreSQL RPM has very few 
differences from the RPMset I distribute from the PostgreSQL site --and most 
of the other RPM-based distributions have at least synced up with the 
PostgreSQL sets.   Other developers, particularly a certain fellow at RedHat, 
have helped immensely in the maintenance.  And I have alot left to do and 
learn about this thing of RPMset maintenance.

Along the way, however, I've learned a great deal about the essential need 
for _community_.

Just reading the PostgreSQL website (or the RedHat one for that matter) gives 
a deceptive feeling of 'nothing really going on.'  But when you get inside 
the Open Source Machine, you find the gears of the mailing lists churning at 
incredible rates.  The PostgreSQL HACKERS list, for instance, is rather busy 
-- and it's only one of many lists.  The real action in an Open Source 
project happens on the developers' mailing list.

There is a genuine sense of community in the PostgreSQL group.  I feel that 
my contributions, while not very large, are still worthwhile -- and I am in 
this list mingling with software giants such as Bruce, Vadim Mikheev, Tom 
Lane, Jan Weick, Thomas Lockhart, as well as highly experienced admins such 
as Marc Fournier. I hesitate to mention any but the core developers, to keep 
from leaving anyone out, but you can see the list for yourself at 
http://www.postgresql.org/devel-contrib.html

Fer cryin' out loud, MANY list posters on the HACKERS list have PhD's!  My 
poor BSEET shrivels small in comparison.

Yet, my small amount of help seems to be appreciated, with all the other 
talent that is out there.  It is both humbling and uplifting at the same time 
to be amongst such talent.  It is fulfilling and gratifying to be able to 
help, even in my small way, such a great example of a true OPEN Source 
project.

JMHO.
--
Lamar Owen
WGCR Internet Radio
1 Peter 4:11
   
Eklektix, Inc. Linux powered! Copyright © 2001 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds