Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsA new, proprietary web? Back in mid-August, the World Wide Web Consortium (W3C) put out a draft policy on the incorporation of patented technology into web standards. The W3C, evidently, did not feel much need to publicize this draft, and it came dangerously near to ending its comment period with almost nobody realizing what was in it. That would have been an unfortunate development. Fortunately, Adam Warner was paying attention and issued a detailed call for action telling the community what was up. So, what is up, exactly? The draft policy would allow the W3C to incorporate patented technology into web standards as long as the patent holder agreed to license the technology in a "reasonable and non-discriminatory" manner. This policy, called RAND, makes it possible for vendors of proprietary products to know that they can use the given technology. The problem, of course, is that it is not generally possible for free software to use patented algorithms. If an implementation of an algorithm can not be distributed without the payment of royalties, the code obviously can not be put up for download on the net. And the GPL, of course, does not allow the inclusion of code with such restrictions. Imagine a future web whose standards include patented technology. That is a web that can only be accessed with proprietary software - a very different web than the one we have now. It is, conceivably, a web without Apache, Mozilla, Konqueror, and many other tools we depend on. It's a web that would make certain vendors very happy, since it would eliminate the free software threat. This is a real scenario, and one that could happen quickly. Consider the "Scalable Vector Graphics" (SVG) standard, adopted by the W3C on September 4. This standard, in fact, includes patented technology (of the worst, stupid software patent variety) from Apple, which will be available under RAND terms. In other words, the W3C is already behaving as if the new policy were in force, which casts some doubt on its public comment policy. SVG is not only proprietary, but the licensing terms are not publicly available. SVG, in other words, is inaccessible to free software. See Daniel Phillips's well-researched comments for more information on SVG. There is a possible alternative scenario, of course to the proprietary web: the W3C, by endorsing proprietary standards, finds itself left behind by a web that does not want to go that way. The Open Group's attempt to take X11 proprietary has been put forward as an example of how this could happen. That time, however, we had the XFree86 project, which was already the real heart of X11 development. It is not clear that there is a body that is well positioned to supersede the W3C in this manner. It may not be so easy this time. If necessary, however, that is what we will have to do. In response to the last-minute outcry, the W3C has extended the comment period, but only to October 11. Now is the time to send in polite, well-reasoned arguments on why this policy should not be adopted. The people attempting to push through this policy know very well what they are doing, but they may still respond to a determined show of opposition. There may still be time to make a difference here. Perhaps we can avoid a corporate takeover of the web. (See also: the patent policy comment list, which contains the comments posted so far. Included therein are comments from Alan Cox, Andrew Tridgell, Bruce Perens, Chuck Mead, Dan York, Eben Moglen (on behalf of the Free Software Foundation), Ian Clarke, Jeremy Allison, Joe "Zonker" Brockmeier, John Gilmore, Richard Stallman, Russell Nelson, Theo de Raadt, Tim O'Reilly, and many, many others). Opportunities in migration services? Last week, the Gartner Group suggested that businesses should consider moving away from IIS toward other, more secure web servers. The latest Netcraft survey suggests that a number of businesses are doing exactly that - tens of thousands of IIS-based web sites have disappeared from the net recently. Corporate IT operations will stay with a given course through inertia for a long time, but, with a sufficient push, they will start looking at alternatives. Microsoft's more recent licensing and upgrade policies are giving more businesses reasons to look around as well. It seems there should be an opportunity here. After being told for years that superior alternatives exist in the form of free software, some businesses are starting to look at them. But if all those businesses encounter is a pointer to a download site and a collection of HOWTOs, they may not look for very long. Now is the time for enterprising free software businesses to step forward with well-designed, targeted migration services. Starnix has been quick to see the opportunity here: the Toronto-based company has announced a new service to help companies migrate away from IIS. The package includes a version of Apache hosted on a secured Linux system, consulting, and support services. Here is an offering that should be successful; it is a narrowly-targeted service which meets a pressing business need. There should be other such opportunities in the free software world. Linux is increasingly ready to take on a wider role in corporate computing, and that will create opportunities for companies that can help. Those seeking to profit off such opportunities should proceed carefully, however; there are several prerequisites that must be met:
Free software support offerings probably need another look as well. These offerings look much like support services for proprietary software. The software in question becomes a black box, and the support provider takes charge of making it work. But one of the advantages of free software is that it is not a black box. "We'll take charge" services can deprive their customers of some of the advantages of free software. True free software support services should bring their customers into the free software community. Helping customers migrate from proprietary products may not be the most exciting business to be in. And it certainly will not be an easy business. But it could well prove to be a workable business model for those working with free software, even in these difficult times. Inside this LWN.net weekly edition:
This Week's LWN was brought to you by:
|
October 4, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Security page. |
SecurityNews and EditorialsThe top 20 Internet security vulnerabilities. SANS has posted a list of the 20 most critical security vulnerabilities on the net. The list makes good reading for anybody concerned about the security of their systems, though it is far from a comprehensive list of problems.The list is broken down into three large sections. The first concerns itself with general, system-independent problems. These include:
The middle section lists Windows-specific vulnerabilities; readers interested in those are encouraged to go to the SANS page. The final section goes into Unix-specific problems:
A survey of PHP vulnerabilities. "Yet Another Hacker Team" has performed an automated audit of a number of PHP-based packages, and has posted the results. The conclusion: much PHP code is vulnerable to remote exploits. Two PHP features are the source of the problems: (1) PHP allows global variables to be set from an HTTP request, and (2) file operations handle URLs transparently. The combination of the two allows a remote attacker to run arbitrary PHP code on the server; this, in turn, gives that attacker shell access. The survey makes this claim: PHP is not insecure by default, but makes insecure programming very easy. Reasonable people could differ on that point. PHP could be far more secure by simply isolating user-supplied information in a special "request" variable. PHP is great stuff (LWN uses a lot of it), but some aspects of the environment are, indeed, insecure by default.
CRYPTO-GRAM special issue. Bruce Schneier has released a special issue of his CRYPTO-GRAM Newsletter devoted to the events of September 11. "People are willing to give up liberties for vague promises of security because they think they have no choice. What they're not being told is that they can have both. It would require people to say no to the FBI's power grab. It would require us to discard the easy answers in favor of thoughtful answers." Worth a read. Conectiva cuts off 4.x. Conectiva has served notice that the 4.x versions of its distribution are no longer supported, and no further updates will be available. Conectiva customers running ancient versions of the distribution are encouraged to upgrade to something more recent. Security ReportsOpenSSH 2.9.9 released. OpenSSH 2.9.9 has been released; it includes a security fix that will be important for people using source-based access control.A new set of sendmail vulnerabilities. Michal Zalewski has found a new set of vulnerabilities in sendmail; they may be used by a local attacker to obtain unauthorized access to the mail system. Versions of sendmail through 8.12 are vulnerable; 8.12.1 has been released and contains fixes for all of the problems. We'll pass on distributor updates as we see them.Zope DTML scripting security update. There is a new Zope security update out there, fixing a vulnerability in DTML scripting. A suitably clueful user could use the vulnerability to obtain unauthorized access. A fix has been provided by Zope Corp.; expect updates shortly from the distributors that ship Zope as well.Proprietary products. The following proprietary products were reported to contain vulnerabilities:
UpdatesFormat string vulnerability in groff. A format string problem exists in groff; apparently it could be remotely exploited when it is configured to be used with the lpd printing system. (First LWN report: August 16, 2001). The stable release of Debian is not vulnerable. New updates:
Previous updates:
New updates: Previous updates:
ResourcesLinux Security Week from LinuxSecurity.com is available in its October 1 edition. Also available is Linux Advisory Watch for September 28.CERT has a new PGP key, following the expiration of its previous key at the end of September. See the announcement for the new CERT key information. EventsThe International Cryptography Institute 2001 will be held November 29 and 30 in Washington, DC. Speakers include Dorothy Denning, Whitfield Diffie, Bruce Sterling, and Phil Zimmermann. See the announcement for details.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Jonathan Corbet |
October 4, 2001
LWN Resources | |||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Kernel page. |
Kernel developmentThe current kernel release is 2.4.10. The latest prepatch from Linus is 2.4.11-pre2, released on October 1. It includes a number of tweaks, including the unpleasant oops that afflicted some -pre1 users, and a bunch of merging from the "ac" series. Among other things, the new license tags (see the September 6 kernel page) are going into the standard kernel. The latest prepatch from Alan Cox is 2.4.10-ac4. It includes most of the 2.4.10 changes, but has explicitly left out the massive virtual memory changes and other "seriously unsafe stuff." As Alan says: "I actually use the trees I release and I want to keep my machines working." For those who find current kernels to be a bit too much on the bleeding edge, Mikulas Patocka has released a patch to the 0.01 kernel fixing a bug in the disk request sorting algorithm. Linus responded by offering to make Mikulas the official maintainer of the 0.01 series. Time to plug that 386 back in and help out... On the licensing of security modules. A compromise wording has been worked out for the Linux Security Module interface; the include file will now carry this statement: This file is GPL. See the Linux Kernel's COPYING file for details. There is controversy over whether this permits you to write a module that #includes this file without placing your module under the GPL. Consult your lawyer for advice. Meanwhile, it appears that the EXPORT_SYMBOL macro, which makes kernel functions and data structures available to modules, will be augmented with a new EXPORT_SYMBOL_GPL variant. The new tag, clearly, will make a symbol available only to GPL-licensed code; the new license tags should make it possible to enforce that restriction automatically. Once EXPORT_SYMBOL_GPL is in place, the security module code may switch over to using it. Maybe. There is, however, no plan to switch any existing symbols over to a GPL-only mode. Alan says: Linus has made it absolutely (as in he'll send out the killer penguin with chainsaw if need be) clear that existing symbols wont mysteriously turn GPL only. So authors of existing, proprietary modules need not worry that they will lose access to kernel symbols in the future. Dealing with high network loads. The 2.4 networking stack works quite well, for the most part. It does have one issue, however: dealing with extremely high load. When very large numbers of packets are coming into a system, interrupt processing tends to push all other work aside. In the best case, no user-space work gets done. High loads can also bring a 2.4.10 system down entirely. Ingo Molnar decided to address this problem, and some related ones having to do with the processing of software interrupts. His patch implements a technique called "soft mitigation." Essentially, if the hardware interrupt rate exceeds a given threshold, the kernel simply disables that interrupt for a timer tick interval (10ms on most systems). The system thus gets a break in which it can catch up. There are, however, some problems with this approach. The constant threshold can not be set in a way that works for all situations; the maximum tolerable interrupt rate depends on a great many things, including the CPU speed, the cost of servicing the interrupt, and what else is happening on the system. Simply disabling the offending interrupt is easy (no cooperation from the driver or hardware is required), but it is hard on the performance of any other device that may be sharing the same interrupt line. Simply shutting down interrupts on a network interface for 10ms can cause it to start dropping packets in a big way, creating serious network performance problems. The biggest problem, however, may be that another solution exists and has been in testing for some time. The NAPI ("New API") code, developed by Jamal Hadi Salim, Robert Olsson, and Alexey Kuznetsov, deals with interrupt load problems and much more. The NAPI work is based on the techniques discussed at the Kernel Summit last March, but the work has progressed since then. It has not, perhaps, received the degree of attention that it should have, though this discussion has raised its profile somewhat. Now, if only the project had a proper web site, it might become truly widely known... NAPI works with modern network adaptors which implement a "ring" of DMA buffers; each packet, as it is received, is placed into the next buffer in the ring. Normally, the processor is interrupted for each packet, and the system is expected to empty the packet from the ring. The NAPI patch responds to the first interrupt by telling the adaptor to stop interrupting; it will then check the ring occasionally as it processes packets and pull new ones without the need for further interrupts. People who have been on the net for a long time might appreciate this analogy: back in the 1980's, many of us had our systems configured to beep (interrupt) at us ever time an email message arrived. In 2001, beeping mail notifiers are far less common. There's almost always new mail, there's no need for the system to be obnoxious about it. Similarly, on a loaded system, there will always be new packets to process, so there is no need for all those interrupts. When the networking code checks an interface and finds that no more packets have arrived, interrupts are reenabled and polling stops. NAPI takes things a little farther by eliminating the packet backlog queue currently maintained in the 2.4 network stack. Instead, the adaptor's DMA ring becomes that queue. In this way, system memory is conserved, packets are less likely to be reordered, and, if the load requires that packets be dropped, they will be disposed of before ever being copied into the kernel. NAPI requires some changes to the network driver interface, of course. The changes have been designed to be incremental, though. Drivers which have not been converted will continue to function as always (well, at least, as in 2.4.x), but the higher performance enabled by NAPI will require modifications. Linus likes the NAPI approach, but has said nothing about when it might be merged. One would normally expect it to go into 2.5, with a possible backport to 2.4 later. In the modern world, though, one never knows... It is also possible that parts of Ingo's patch may end up being used as a last-resort, "save the system" response. Those interested in NAPI can download the USENIX paper describing the techniques used. The actual code is available from Robert Olsson's FTP site. Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
October 4, 2001 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsBuy a Box Set or Download?. There seems to be a new trend among the major Linux companies to not let people download a new version of its distribution until the box sets are ready to go. It will usually take several weeks between the time that a version is finalized until the box sets are manufactured and ready for sale, and many Linux users would like to be checking out the new version during that time. Only a few years ago most major Linux companies would make the distribution available for ftp as soon as it was finalized, well in advance of the box sets. Now most of them require downloaders and buyers to wait. There is a fairly simple economic reason, of course. The company makes some money on a box set and none on a download. That's why they try to make box sets more attractive by adding extra programs and utilities that are not part of the basic Linux distribution. Generally users could get all the extras, but it does take extra time to download and configure them. The box puts it all together and makes it simple to install. Some users appreciate the convenience of a box set. They like getting the OS and extras, and they have a backup right there in the box. Others would rather download what they want and put together the "perfect combination" of OS and extras for themselves. If the distribution is available before the boxes, some might download the distribution first, just to see how they like, and then buy the box later to get all extras. For the most part, though, people who prefer the convenience of a box set will wait for the box set, and those who prefer the more hands on approach will download whether the box set is available yet or not. In short, making a distribution available for ftp before the boxes is a courtesy to the users and will generally have little impact on a company's profit (or lack thereof). That's why we applaud MandrakeSoft's release of Mandrake Linux 8.1 for ftp, even though the box sets are still a month away. If you do download, consider making a donation to MandrakeSoft to show your support. Mandrake Linux 8.1 and beyond. Here is the announcement for Mandrake Linux 8.1. As we mentioned above, it can be downloaded now, or you can pre-order a box set. New features, include the "MandrakeOnline" update service, improved configuration tools, and several journaling filesystems. The MandrakeForum is full of news about Mandrake Linux 8.1, including some errata, and series of reviews by "tom", starting with Installation, then Desktop, and Mandrake Tools, so far. The Mandrake Linux Community News, issue 15, provides discussion on the use of devfs in Mandrake 8.1, funny math over at Yahoo when computing Mandrake stock prices, and using Squid to block the Nimda worm. SuSE Linux 7.3. SuSE Linux 7.3 is coming soon. One announcement says October 12 while another says October 18. Either way, it will be out soon, and it looks good. SuSE Linux 7.3 offers new features, improved security and stability, the SuSE YOU (YaST Online Update) makes sure that your system stays up-to-date and, of course, several journaling filesystems are available. SuSE Linux 7.3 will be available in two box sets, Personal and Professional. New DistributionsMaxOS and BearOps. The MaxOS Linux distribution rated an LWN feature article in March 2000. At that time a beta version was expected the following May. MaxOS was released, and then frozen September 1, 2000. Since then Alta Terra Ventures, Inc., the parent company of MaxOS, has announced a new line of products, based around BearOps Linux. The BearOps Linux Desktop OS was the first product available, and the Handheld Linx for Linux was recently launched. Other products, such as a server package and firewall package are still in the works. ZDNet gives a brief overview of the BearOps Handheld Linx for Linux. "Alta Terra says that BearOps Handheld Linx for Linux has been tested on Mandrake 8.0 and Red Hat 7.1, as well as the company's own BearOps Linux Desktop OS distribution. It comes with three desktop applications, jpilot, kpilot, and gpilot, as well as 100 games, utilities and applications for the Palm OS." A quick check of the BearOps web site finds pointers to a full FTP download for their packages. The Palm/Handspring support appears to come from the standard pilot-link package and tools which use it. Distribution NewsDebian Weekly News. The Debian Weekly News for October 3 is out. Topics covered include new languages on the Debian web site, boot floppy work, a possible Debian package of the NSA's Security Enhanced Linux, and several others. Wajig is a simplified command line interface to many of the typical Debian administration tasks, including package management and configuration, and daemon control. It is not an official package, but some Debian users might like to give it a try and see if it's useful. Minor Distribution updates2-Disk Xwindow System. The 2-Disk Xwindow System is a very small Linux/xwindows distribution, that provides net browsing in a lush GUI. The source tree is compiled on debian and the /lib/ files taken directly from the debian2.2.3 distribution. Several versions have been released in the last week, providing minor feature enhancements and bug fixes. Version 1.0rc034 was released on September 30, 2001. floppyfw. If you are looking for a small Linux firewall that fits on a single floppy disk, floppyfw may be just what you are looking for. floppyfw-1.9.9 was released September 29, 2001, now with kernel 2.4.10 and Math emulation removed. See the Changelog for details. muLinux. Here's another tiny implementation of Linux, which can reside on a single floppy. muLinux is now at version 12r2. See the Changelog for details. NSA Security Enhanced Linux. NSA Security Enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control architecture into the major subsystems of the kernel. Version 200109261436 was released on September 28, 2001, with bug fixes and minor feature enhancements. ttylinux. This seems to be a good week for tiny distributions. In the spirit of frequent releases ttylinux has jumped from version 1.10 to version 1.13 in the past week. This is a minimalistic Linux distribution that can run in as little as 2.88 megabytes of space. Distribution ReviewsCaldera OpenLinux Workstation 3.1 (Duke of URL). The Duke of URL presents a detailed review of Caldera OpenLinux Workstation 3.1. "This latest release is built around KDE 2.1, and as such, contains a good many KDE development tools and the accompanying documentation. Some of the benefits being touted by Caldera include: software integration, default configurations, self hosting, secure software, system testing, and even OEM testing. Essentially this means that Caldera has tested each piece of software included in their distribution to make sure there are no software conflicts. Every piece has been tested for proper functionality and that any OEM that bundles OpenLinux has been tested for hardware compatibility." Mandrake revamps Linux distro (Register). This review of Mandrake 8 is not as detailed, but it does give a good overview. "Things we liked about version 8.0 of Mandrake were its choice of ReiserFS as the default file system - yum - and the Software Manager, which makes the business of installing new software look pretty straightforward." French Linux marketing mirrors Red Hat (ZDNet). ZDNet looks at Mandrake's latest offering now available with MandrakeOnline, a subscription service that gives members notification of security patches and other software updates, discounted technical support and an e-mail account. "Mandrake version 8.1 includes several new features. Among them is the new version 2.2.1 of the KDE desktop interface, released Sept. 19. KDE 3.0 is scheduled to be released in beta version in December and in final form in February. " SuSE grabs Best-Business-Linux gong (Register). The Register looks the recent report by DH Brown Associates, beginning with SuSE's position at the top of the list. "SuSE wins in the scalability, the system management and the directory/security services categories." SuSE Linux 7.2 Professional (Duke of URL). SuSE 7.3 is almost here. In the meantime here's a review of SuSE Linux 7.2 Professional. "In the world of commercial Linux distributions, SuSE is a leader and is certainly the preference of many European users. They have also maintained many ties with the open source world and have contributed greatly to projects such as KDE, XFree86 and ReiserFS. They have been and will likely always be a culture of engineers. This is part of what makes SuSE fun to work with. If anything, SuSE Linux is very much a product of solid engineering." Section Editor: Rebecca Sobol |
October 4, 2001
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's On the Desktop page.
|
On The DesktopThe gamers way. Not long ago we received a simple request from a reader. A long time Windows user, he decided the switch to XP was not conducive to maintaining his personal privacy, so he wanted to migrate to Linux. His main computing requirement: games. Which distribution, he asked, would be best for playing games? The answer is that just about any major distribution should work just fine, a fact that might be surprising to new users but not to long time Unix diehards. There have always been games for Unix systems, including the original console based Adventure, the flight simulator ACM and the venerable Netrek. Yet it is only recently that professional quality, off-the-shelf games have been mass marketed for Linux users. Loki was the first company to bring a selection of existing titles to Linux (while id actually ported Doom on their own sometime previous to that). Loki still offers the vast majority of available titles, but they aren't the only one these days, says Michael Vance of LinuxGames.com. Vance also works for Treyarch, LLC, a company that has a close working relationship with game maker Activision. "Hyperion has two games (Shogo, Sin), Tribsoft has one (Jagged Alliance 2), Vicarious Visions has one (Terminus), and Loki has 19." Vance, who worked as a lead programmer on various Linux ports at Loki between June 1999 and January 2001, says that other companies did some of their own porting work to Linux, then handed the projects over to Loki. "Companies like id and Vicarious Visions have done work internally," he said. "id later handed that work off to Loki, then that contract expired. Companies like Epic used Linux as a testing ground for their [PlayStation 2] development, then handed maintenance to Loki," but that contract has also expired he said. Other companies porting games to Linux include Introversion, and Illwinter. Proprietary games on Linux primarily run natively either as OpenGL or SDL based applications. Some games like Unreal Tournament use SDL to access OpenGL directly. Using OpenGL allows games to make use of 3D hardware acceleration, providing better game play through faster graphics. This hardware acceleration is a new thing for the Linux world, having become readily available only within the past year or so from both the XFree86 project and commercially through Xi Graphics. Alternatively, players can try their hand by running games under WineX, a DirectX-enhanced implementation of the WINE environment. While WINE already supports DirectX, WineX aims to improve on that support. Unfortunately, success along this route is less than stellar. One of the editors from evil3D, who prefers to be called Avatar to maintain a separate identity from his day job, says he's had little luck working with WineX. "I can hardly get Solitaire to run under WineX. And I'm happy to leave it at that." He adds that despite his own failures, the WineX project developers seem to be having a lot of luck with DirectX support. The other major Windows-under-Linux solutions don't fare any better. VMWare reports that they provide limited support for DirectX (and thus games) while Win4Lin doesn't handle DirectX at all. Native ports vs DirectX issues aside, the choice of a Linux distribution isn't a serious problem. Vance says only cutting edge distributions might pose obstacles, but even that isn't likely. "Ancient distributions had a hard time with games because of glibc 2.0 and a few other older libraries. Bleeding edge distributions, such as Debian's "unstable" branch, have also proven difficult at times." He suggests using a distribution that has been available in a stable release for a couple of months. A current Red Hat, SuSE or Mandrake-Linux, for example, should work with most games. That's because most games, though not all, are delivered with all the libraries on which they are dependent. Says Vance, "It depends on the game, and usually whether it is a commercial product or not. Almost all commercial games come with every library they require. To my knowledge, none (other than the old Quake 1 and 2 rebundles) come in RPM or .deb formats. Most install using Setup, a nice GUI installer that Loki developed." Though most of the major distributions should work, you may still find a few "gotchas" for particular games. The biggest problem comes from getting a video card with the right kind of X server support. Vance notes that it depends on the card in question, and the version of XFree86 you're using. "Pre-XFree86 4.x support for the 3Dfx cards was fairly decent, and post-XFree86 4.x support for the ATI and Matrox cards has been pretty good." He says that to his knowledge most 3D gaming on Linux today happens using the NVIDIA and ATI Radeon cards. "NVIDIA has a binary-only driver that is exceptionally fast and robust," he added. Support for joysticks is good but there is little, if any, support for force-feedback devices. Sound under Linux is sufficient for most games. Hardware environmental effects such as those found in the SB Live! adapters and in the EAX library which supports such hardware is still lacking, though the OpenAL project has been slowly moving towards that direction. With all those commercial games running under Linux you might wonder if open source alternatives can compete. Evil3D posted an interview of TribSoft founder Mathieu Pinard, who said he doesn't think so. If you would see the amount of code that the games done in the last few years, I don't think we could imagine the Open Source community putting out 5-10 complete quality games per year. Of course, feel free to prove me wrong, and I hope nobody will take this as an insult. It's just no longer possible to make games in your garage that will compete against the latest closed source games. Vance agrees, but says there are some nice alternatives. "Open source games are usually cheap remakes of old arcade games. Within that arena, the best is probably FreeCiv, a very nice reimplementation of Civilization II. I'll also plug gltron for Andreas Umbach, an acquaintance of mine. But nothing out there is going to rival even five year old commercial games. A friend of mine maintains that Nethack is the only high-quality open source game available. I think Nethack is a bit of a stretch for modern gamers, though. Chromium BSU is also a nice little arcade game." The problem with open source games is abandonment. The Linux Game Tome has started posting games that are listed as missing in action, noting game developers and/or their web sites that seem to have disappeared. Open source games don't get the dedication from their developers necessary to reach professional quality (this isn't suprising at the application level in open source, and is really not reflective of the lower level kernel world). Vance says it takes a lot of people working together to reach that point. "Only in very rare exceptions, such as with FreeCiv, can a large group of people come together and collaboratively build a game. Game programmers aren't usually the most friendly and sociable sort, and the splintering and fragmenting of numerous little game projects is of little surprise." He goes on to say that the art requirements for games are much higher than for traditional open source projects. Producing art is not the forte of open source developers, and even solid GUI design is, at times, a stretch. "Linux lacks a continually refreshing pool of interesting games," he adds. "Companies like Loki have done a pretty good job in the past but it remains to be seen, given their present financial hardships, whether that will continue. The market is small, thus there is little incentive to make/port games. Because of this, the market is slow to grow. The problem is a hard one." Most sales of commercial games are web based at places like TuxGames and ebGames . However, the latter is exiting the Linux business because they say there is no market there. They've been selling off their stock of Linux games, most of which are Loki titles but also a few others, for less than $10 each. But this really shouldn't suprise anyone familiar with the general gaming market. Linux sales shouldn't be compared with Windows, says Vance. "I don't know if you've looked at PC sales figures lately, but it's very hard to be profitable in the PC games business. Companies like Activision have seen their profitability increase enormously transitioning their business to the [game] console arena. The market is much larger. Thus Linux has to not only overcome Windows gaming, but a stagnating, almost exclusively hit-driven PC game market. Not an easy task." Loki is currently in Chapter 11, attempting to get their finances in order. Word is they've paid off what was owed to programmers, but haven't addressed all their other debts yet. For now, the company is stable enough to continue. It's hard to tell if contracts lost recently from id Software and others have dealt them a fatal blow. Only time will tell. For now, however, games are an integral part of the Linux desktop. Despite commercial failures, the porting of games is one of the true Linux success stories.
Recent Commercial Game Releases
GPL Games Other sites of note New Breed Software has 13 or so GPL games for the Linux platform and has recently started working on games for the Agenda VR3 PDA.
LinuxGames.com
StarOffice 6.0 Beta hits the streets. Sun delivered the official announcement on the StarOffice 6.0 beta this week. This is the first release of the much anticpated version without the extra desktop features built in. We downloaded the huge binary to give it a quick test. The installation is very clean, it even noticed that we'd forgotten to grab the extra Adabas package. Installation takes about 5 minutes and requires only limited configuration information from the user. Red Hat users may find the option to install a Sun blessed Java installation refreshing. Or maybe not. To each his own. While this new release is very welcome, it didn't take long to crash it. Interested in the one feature we've seen next to no support for under Linux - text along a curve - we opened up the FontWorks tool under the Drawing tool. Text along a curve is very simple to use, but in an attempt to find a way to rotate the bounding box of the rounded text (while incorrectly using the selection handles) we managed to bring StarOffice to a halt, hung in mid move while we searched for a command line to kill the session. Despite this early problem, most other features seemed to be very stable, though we hardly gave it a thorough test. Performance was modestly improved and the interface feels more like users will expect from their office applications. Most interesting of all is the apparent support for XP format files, from Word to Excel to PowerPoint. LWN.net doesn't use Microsoft products so we couldn't test that support, but it's obvious that Sun sees a distinct need for file format compatibility between office applications. Users of Ximian's GNOME desktop will find some solace in knowing that this beta installs in a user defined directory quite nicely, thereby avoiding the 5.2 installation provided through Ximian's Red Carpet. That said, you have to manually configure the GNOME desktop's menus to access the new version. StarOffice only seems to update the KDE menus during the beta installation. Earlier in the week, The Register covered the StarOffice 6.0 release, prior to our testing. "The new version does away with the much-hated integrated desktop, saves files as XML, and has improved language support." Linux-based GUIs: a perspective (ZDNet). A Gartner study posted to ZDNet does a detailed analysis of the Linux desktop space, comparing KDE and GNOME to the traditional Unix desktop provided by CDE. "For more widespread desktop use, Linux faces hurdles. A new, albeit intuitive, user interface may be among the least of these. Even ordinary users can assimilate the differences between a Macintosh desktop and Windows desktop, and Microsoft itself is introducing changes with Windows XP. Distribution, support, availability of peripherals and application readiness is a greater challenge." Despite referring to the ORB component in GNOME as "Bonomo", the report is one of the better analyses we've seen on the Linux desktop. Desktop EnvironmentsXimian Setup Tools, Control Center updates Ximian has released new versions of their Ximian Setup Tools (aka XST) and Control Center.Ximian adds new channels, but stays away from Linux distributions If you haven't been paying attention, Ximian's Red Carpet is showing signs of how that company might be making money in the future: by adding software management for third parties. In the past couple of weeks Red Carpet has added channels for StarOffice, Loki, VMWare and CodeWeavers. The StarOffice channel currently supports the 5.2 release but expect to see it bumped to 6.0 once that version becomes solid. VMWare and Loki are offering versions which need license keys (VMWare) or just come in demo form (Loki). CodeWeavers is providing their own version of WINE, the Windows under Linux environment. This is probably a first step in later providing their newly announced Crossover plugin which, it is said, will provide support to Netscape for Shockwave and QuickTime under Linux. Despite channel support for particular distributions, Ximian has said on many occasions that it isn't interested in getting into developing and shipping their own Linux distribution. That doesn't mean, however, that clever souls won't figure out a way to do it for the company, even if the work doesn't have an official blessing from Ximian. The Unofficial Unsupported Ximianized ISO Images project aims to provide ISO images (i.e. something you can burn to a CD for installation) of various Linux distributions with Ximian's GNOME added. So far they only support Red Hat 7.1, but work is underway on Debian with Mandrake planned for the future. GNOME 2 technology preview release. The first technology preview release of GNOME 2 is now available. Many changes are expected for GNOME 2, however this release is not intended for end users, especially since it cannot be installed parallel to existing stable GNOME environments. Two New DCOP Tutorials (KDE Dot News). KDE Dot News reports that two new tutorials on programming with DCOP have been made available on the KDE Developer site. The first one, titled Creating a DCOP Interface, covers the API for instantiating a simple DCOP application. The second article, titled Automation of KDE2, discusses the use of scripting to access an applications DCOP interface. Office ApplicationsLinux Magazine names Evolution best Email Client. Ximian announced this past week that their Evolution package was named the Best Graphical Email Client by Linux Magazine. AbiWord Weekly News and a new release. The big news this week for the AbiWord project is the announcement of a new release: version 0.9.4. Some of the key updates in this release include a highly improved spell checker, better XHTML export support and various Styles updates. Also from the AbiWord front: After publishing 2 issues last week, Jesper Skov has been busy once again, producing 3 new issues of the AbiWord Weekly News. All three new issues, Issue 60, Issue 61, and Issue 62 are pre-0.4.9 and carry information leading up to that release. Desktop ApplicationsSodipodi 0.24. A new release of the GNOME vector art tool Sodipodi has been released. This version includes improved linear gradients, many stability and internal bug fixes, and the start of an XInput caligraphic pen tool. It also support SVG better, including Illustrator exported SVG files. pim.kde.org back online. News went out this week that the KDE PIM web site went back online. Most of the changes will revolve around developer updates, with the section on PIM-apps staying static for a while. And in other news...Qt3.0 Beta 6. TrollTech has released another beta of the Qt3.0 widget set. This release has had the QCom module removed after feedback showed the API to be less compact and intuitive than the rest of Qt. Linuxlookup.com speaks with KDE Chairman. LinuxLookup.com interviews the Chairman of the KDE League, Andreas Pour. "This revolutionary approach to development permits individuals from all around the globe to coordinate and cooperate in design and development, with decisions reached purely on the quality of the code being contributed. Unlike many other projects, KDE does not have a "charismatic leader" or a company behind the project. Instead, development decisions are made on development lists, in view of the world, and development sponsorship comes from a broad coalition of individual companies." Section Editor: Michael J. Hammel |
October 4, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Development page. |
Development projectsNews and EditorialsLinux and Dedicated Systems Embedded Linux has been receiving a lot of press lately. While Linux is well suited for embedded applications, it also makes an excellent platform for developing and running dedicated systems. A Dedicated system can be defined as a standard PC that is running one or more dedicated tasks.Examples of dedicated systems include home automation controllers, factory automation controllers, routers, web cams, web weather stations, and even office servers. The differences between a dedicated system and an embedded system include:
Here are some reasons why Linux is a good choice for a dedicated system:
As an example, your editor has been helping out the local public radio station and discovered an area where a Linux based dedicated system could be used. The station has been receiving its daily news broadcasts from a satellite downlink system. The old system involves manually loading reel-to-reel tapes, recording on the command of a mechanical timer, and shuffling tapes into the broadcast studio. Many things can go wrong with this process, mostly in the area of manually handling tapes. The replacement system was specified as follows:
To perform this task with a Linux box, it was necessary to find an unused PC (Pentium 200) with an Ethernet card and a sound card. A standard Red Hat operating system was installed on the machine. Two pieces of custom software needed to be written, a C program that monitors the switch closure and runs the recorder program, and a Python program that creates and manages the web page. Both programs ended up being about two pages long, and the rest of the system was done with existing packages. The program sound-recorder was used to do the audio recording, Apache was used for the web server. It was possible to assemble the hardware and software, write the glue software, and create a working system in just a few evenings worth of time. While dedicated systems are really nothing new, with the common office server being a specialized case, it may be useful to give that old PC a closer look in the light of what it can do as a dedicated system. ClustersBeowulf clusters: Measuring and implementing multiple parallel CPUs (IBM developerWorks). Andrew Blais looks at Beowulf clusters on IBM's developerWorks. The author gives an overview of cluster systems, looks at a number of existing clusters and discusses the required software components. "In 1994, Thomas Sterling and Donald Becker built the first computer to employ the Beowulf strategy. Curiously, they didn't name their machine "Beowulf". They called it "Wiglaf" -- the mythic Beowulf's friend (see Resources). Wiglaf had 16 nodes, and each node supported a 100 MHz Intel DX4 processor (at first, these were 66 Mhz 486 chips), 16 MBytes of DRAM, 540 to 1 gigabyte drive, and a pair of 10 Mbps Ethernet cards. Every hardware component was a COTS -- Commodity Off The Shelf. At the end of the day, Wiglaf was capable of about 74 megaflops. Its price was less than $50,000." EducationHappy Birthday Linux For Kids. The Linux For Kids site is celebrating its second birthday. In that time, the site has reviewed over 100 applications. The new KDE Edutainment Project is looked at this week, along with a review of the game Kugel. SEUL/Edu report for October 1, 2001. Issue 54 of the SEUL/Edu Linux in Education report is out. The SEUL folks look at the KDE Edutainment project, cover the Digikata open source school server appliance, look at the Free Computing Curriculum Project, and review several new Java projects. ElectronicsNew Icarus Verilog Compiler. The gEDA site lists a new version of the Icarus Verilog electronic simulation language compiler dated September 30, 2001. This release features support for Mac OS X and Cygwin, work on the FPGA section, and bug fixes. Embedded SystemsEmbedded Linux Newsletter (LinuxDevices). The weekly Embedded Linux Newsletter has been posted from LinuxDevices.com. This issue includes summaries of running Linux on the Sega Dreamcast, a device profile on the Empower Palm III-clone, and a new streaming multimedia solution for Linux. InteroperabilityWine Weekly News. The latest Wine Weekly News is out. Topics include documentation inside of the Wine code, coping with installShield 6, and Installing IE 5.01 under Wine. Printing SystemsLPRng 3.7.8 released. After a long hiatus, there have been four recent releases of the LPRng printing system in the last month. LPRng 3.7.8 was released this week and fixes a few bugs and documentation typos. ScienceNew OIO delivers Image management, XML-based Multi-Lingual Support (Linux Med News). Andrew P. Ho examines the latest version of OIO, the Open Infrastructure for Outcomes on Linux Med News. "Structured content and fancy ontology may be good enough for some things, but they cannot replace pictures. This is especially true in the surgical domain, where microscopy, radiology, and photography are central to describing patients' clinical status. Thanks to Alexander Chelnokov, Ivan Somov, and Andrew Golovin, the OIO system is now a flexible and seamless tool for handling images in the context of other structured content." Web-site DevelopmentMidgard 1.4.2. The Midgard Community has released the 1.4.2 version of the Midgard Application Server. The release contains Midgard core libraries, scripting language bindings for PHP4, Web application server for the Apache platform and Asgard, the Web-based administration interface. The 1.4.2 release provides major bug fixes to the Midgard platform, and is recommended as an upgrade to all production servers. Midgard Weekly Summary #63. A new Midgard Weekly Summary is making the rounds after a long hiatus. Topics include a revamped Midgard web site, and the new Midgard 1.4.2, Zope News, October 1. The latest edition of Zope News includes a recap of the final Zope 2.4.1 release, the Component Architecture and Enterprise Zope proposals, and a security hotfix for 2.2.0-2.4.1 related to the "fmt" attribute of dtml-var tags. A look at Squid (Unix Review). Joe "Zonker" Brockmeier investigates Squid on Unix Review. "If you haven't heard of Squid before, it's a package that handles proxy caching for Internet objects. Note that I didn't say "Web pages," because Squid can handle more than just HTML files. Squid can be used for a number of things, including saving bandwidth, handling traffic spikes, and caching sites that are occasionally unavailable. Squid can also be used for load balancing." Squid has been released under the GPL license. SkunkWeb 3.1 Beta 3 released. Version 3.1 beta 3 of the SkunkWeb Web Application Server has been released. This version adds FastCGI support, has support for the ~user syntax, and deals with directories that don't have an index.html file. Bug fixes and performance improvements are also included. Section Editor: Forrest Cook |
October 4, 2001
|
|
Programming LanguagesCamlCaml Weekly News for October 2, 2001. The most recent Caml Weekly News is out. Topics include a port of ocaml to mingw, downcasting with coca-ml, a new ocaml regex library, and more. The latest from the Caml Hump. This week, the Caml Hump features Mathplot, a GUI frontend for graphing functions with PostScript output. HaskellBeginning Haskell (IBM developerWorks). IBM's developerWorks has a tutorial on haskell by David Mertz. Registration is required. JavaDynamic Web-based data access using JSP and JDBC technologies (IBM developerWorks). Noel J. Bergman looks at JSP and JDBC on IBM's developerWorks. "This article discusses using the JSP and JDBC technologies to integrate static, dynamic, and database content in Web sites. For the purposes of simplicity and illustration, the JSP pages here use short scriptlets to expose the JSP developer to the underlying JDBC concepts instead of hiding them in custom tags. The author introduces a key design approach that integrates JavaBeans components with JDBC, similar to the way that JavaServer Pages technology already uses beans with HTTP. He also provides code for implementing this integration." LispSeptember 2001 Free The X3J Thirteen!. The September 2001 edition of Free The X3J Thirteen! is out. "This issue covers the GNU CLISP 2.28 prerelease test campaign, an update on the CMU CL infrastructure site, new open-source Lisp software by Franz, Inc., a call for GCL and Maxima maintainers, a progress report on the SPARC and PPC ports of SBCL, the SBCL Internals Documentation project and new versions of CLiki, ECLS and OpenMCL." SBCL Internals Documentation Project. A new documentation project for Steel Bank Common Lisp has been announced PerlWriting SAX Drivers for Non-XML Data (O'Reilly). Kip Hampton writes about the Perl implementation of SAX, the Simple API for XML on XML.com. "SAX is an event-driven API in which the contents of an XML document are accessed through callback subroutines that fire based on various XML parsing events (the beginning of an element, the end of an element,character data, etc.) PHPPHP Weekly News for October 1, 2001. The October 1, 2001 edition of the PHP Weekly News has been published. Topics include a fix for the PHP-GTK extension, upcoming Greek and Polish manual translations, SMB support, compiling with GCC 3.0.1, and more. PythonPython 2.2a4 released. The fourth and probably last alpha version of Python 2.2 has been released. This release contains a number of new features and enhancements, along with a number of bug fixes; see the announcement for details. Those interested in what's new in 2.2 should also see Andrew Kuchling's writeup. Iterators and simple generators (IBM developerWorks). In an IBM developerWorks article, David Mertz talks about iterators and simple generators in Python 2.2. "A generator is a function that remembers the point in the function body where it last returned. Calling a generator function a second (or nth) time jumps into the middle of the function, with all local variables intact from the last invocation." Announcing gracePlot.py v0.5. GracePlot.py is a Python interface to the Grace plotting package. Version 0.5 of gracePlot has been announced. This is a work in progress. Unlike GNUplot, Grace comes with its own GUI. SmalltalkCincom Smalltalk Journal. The October 2001 edition of the Cincom Smalltalk Journal is online and includes an article on Smalltalk and Extreme Programming by Chet Hendrickson XMLThe latest from XML.com (O'Reilly). O'Reilly's xml.com site features new articles on Interactive Web Services with XForms, Division of XML communities, and limits of the current DTD models. MiscellaneousA lingua franca for the Internet (The Economist). The Economist reviews a number of common programming languages. "WALK into any big bookshop, and chances are that you will find a whole floor devoted to weighty tomes with titles such as "UML in a Nutshell" or "Programming Python". These books teach programming languages and related software tools. With their mind-numbing use of acronyms, they are not exactly a pleasure to read. But mastery of a programming language is a step along the road to success for many a whiz-kid with Internet ambitions." Pipes in Linux and Windows (IBM developerWorks). IBM's developerWorks initiates a series on operating system programming interfaces by introducing the use of pipes under Linux. "Pipes originally appeared in the Bell Laboratories version of UNIX and have remained in all UNIXes and Linux since their inception. A pipe is a stream of bytes accessed through normal IO interfaces. It is created, and then written to or read from using whatever read or write IO system calls are available on the operating system. In the UNIX and Linux case, the IO calls are read() and write()." Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Commerce page. |
Linux and BusinessSuSE closes funding round. SuSE Linux announced the successful completion of a financing round amounting to EUR 15 million (13.9 million USD). The new lead investor e-millennium 1 is a Venture Capital Fund with an industrial investors' network such as Accenture, Beisheim Holding, Deutsche Bank, La Caixa, and SAP. Also tucked into the announcement is the fact that SuSE will be laying off 120 people by the end of the year. C|Net sells LinuxDevices.com. LinuxDevices.com has returned to its roots. Founder Rick Lehrbaum has formed a company called DeviceForge, LLC and bought back the rights to the site from C|Net, which acquired the site from ZDNet when the latter company was absorbed. Linux Professional Institute. The September edition of LPI News includes information on the Level 2 Beta Exams and a report on LPI's presence at LinuxWorld San Francisco. LPI announced the next locations in a series of one-day events designed to introduce its new Level 2 certification program. Alta Terra Ventures Corp.. Alta Terra Ventures, provider of BearOps Linux products, announced that it has signed an agreement with the major shareholders of Univolve Corporation to purchase the company. Univolve is a private Alberta-based software company whose major thrust is reactive keyboard and compression technology with text-prediction software that is built on a Linux platform. Alta Terra Ventures also announced that it has appointed Kudzu Enterprises LLC of Minneapolis, MN, to act as its primary software title distributor in the United States. More information about the BearOps line can be found on this week's Distributions page. Linux Stock Index for September 27 to October 02, 2001.
The high for the week was 21.53 Press Releases:Open source products
Distributions and bundled products
Hardware running Linux
Proprietary Products for Linux
Products and Services Using Linux
Products With Linux Versions
Java Products
Books & Training
Partnerships
Personnel & New Offices
Financial Results
Linux At Work
Other
Section Editor: Rebecca Sobol. |
October 4, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux in the news page. |
Linux in the newsRecommended ReadingEncryption Debate Revived (TechWeb). TechWeb says that Senator Judd Gregg's crypto legislation won't hold up, as companies need strong encryption. "'Asking a sophisticated organization to hand over encryption is untenable and dangerous, and it won't happen,' said Kawika Daguio, acting president of the Financial Information Protection Association, a group that helps firms protect sensitive information." CompaniesMicrosoft stands by IIS despite Gartner recommendation (CNN). This article from CNN says that some firms are moving to Linux even though they weathered the Nimda and Code Red storms. "Palo Alto, Calif.-based law firm Fenwick & West LLP is planning on migrating off of its IIS servers to a Linux operating environment running Apache's Web server software. The decision was prompted by the continuing security concerns related to IIS, said Matt Kesner, the firm's chief technology officer. Also driving the move is cost: It's cheaper to run Apache on Linux than it is it to run IIS, Kesner said. " BusinessOpen source technologies: The new solution for Web applications (ZDNet). Interactive Week looks at how open source Web development tools can spur e-commerce in businesses from small scale to the Global 2000. "Open source offers the promise of significant functionality, customizability, reliability and scalability without the cost or complexity of high-end enterprise applications. Because the business model behind most open source companies does not depend on license revenues, the problematic economics of enterprise applications simply does not apply." ResourcesYou Can Get There from Here, Part 3 (Linux Journal). Linux Journal continues its look into administrative issues on Linux, this time focusing on the Lightweight Directory Access Protocol, known more simply as LDAP. "In all likelihood, you already have a copy of OpenLDAP on any recent distribution CD. The big advantage of building LDAP from source is that you will have all the bits and pieces right there when you are done. On my Red Hat test system, for instance, I found that the whole OpenLDAP suite was broken up into several components, such as clients, servers, PHP extensions and so on. In particular, a default installation may have everything you need to access an LDAP server, but not the server itself. That package was openldap-servers." ReviewsManagement Tool Keeps Linux Systems In Tune (ZDNet). ZDNet looks at Aduva's management system for keeping Linux systems up to date. "Aduva Manager software, on the other hand, analyzes a Linux system through agents that send it system parameters. By referencing the online knowledge base, Manager can determine dependencies between various Linux components and which ones function optimally on a given hardware platform." Lab improves Linux kernel patch tests (ZDNet). The Open Source Development Lab has released a benchmark tool for testing the scalability of patches to the Linux kernel. ``"The launch of STP validates the reliability, robustness and stability of Linux and open-source developments and makes industry-standard testing easy and readily available to anyone in the Linux development community," [noted OSDL director Tim Witham.]'' Section Editor: Forrest Cook |
October 4, 2001 |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Announcements page. |
AnnouncementsResourcesLinux Standard Base aims for single Linux platform (ZDNet). Another technology review from Garnter, this time covering the Linux Standards Base effort. "LSB has the potential to save the Linux market from fragmentation and avoid the same splintering as Unix went through. But to make it work, Linux distributors must be committed to LSB. While the major vendors have all pledged their support, it is still too early to see their commitment- the distributors simply have not yet had a chance to fully incorporate LSB into their own Linux distributions." A list of standards upon which the LSB is based is also available. EventsFree Software Event in Portugal. Another public event has been scheduled, this time on October 12th in the city of Porto, Portugal. FSF vice-president Bradley Kuhn is expected to speak at the city-hall sponsored event. News on the web site is in Portuguese. CodeCon 2002. CodeCon 2002, "the premier event in 2002 for the P2P, cypherpunk, and network/security application developer community," will be held February 15 to 17 in San Francisco. The call for papers has gone out, with a deadline of January 1 for submissions. All submissions must be accompanied by source code. Events: October 4 - November 29, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. Web sitesUser Group NewsLUG Events: October 4 - 18, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn-lug@lwn.net in a plain text format. Section Editor: Forrest Cook. |
October 4, 2001 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software AnnouncementsHere are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways: The Alphabetical List and Sorted by license |
Our software announcements are provided courtesy of FreshMeat
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux History page. |
This week in Linux historySix years ago Linux Counter reported 21059 registered Linux users.
Three years ago (October 8, 1998 LWN): We asked "what will happen to the Linux VARs?" Dell and Gateway and even IBM were making noises about getting into Linux and it looked like life could get harder for companies that sold Linux-installed computers. Three years later, the landscape does look a bit different. VA Linux is out of the hardware business. IBM is in, installing Linux on everything from laptops to mainframes. A new Linux news site called LinuxToday was launched by Dave Whitinger and Dwight Johnson. The first story posted was the announcement of the release of Apache 1.3.2. One expects negative press from a Microsoft publication. This was one of the kinder quotes: Companies such as Caldera Inc. and Red Hat Software Inc. are Linux distributors selling various products that leverage Linux?s many outstanding attributes. The products carry what seem like mythical price tags, such as Red Hat?s $29 price for its Extreme Linux. Of course, there is no support for the product other than that found on Internet chat groups. -- Bill Laberis, ENT Nowadays the Red Hat Professional Server edition will run $180 for a box set and you can subscribe for all the support you want. Upside has changed its tune since this was written: The arguments are both noble and naïve. Linux has a cult-like following, matched only by that of the Macintosh OS and OS/2. It's a modern Unix! It's stable, superior, enriching! It's gonna get creamed. -- Richard Brandt, Upside.
Oracle8 for Linux went up for free download. For a long time Linux supporters had heard people say that "when Oracle is available for Linux" they'll know it's serious. It was serious. Two years ago (October 7, 1999 LWN): Sun announced the release of the Solaris source code - under the Sun Community Source License. That source release still hasn't made much of a splash. Microsoft came out swinging with its Linux Myths page. That particular page has disappeared, but our response is still available. Microsoft did have reasons to worry: And so we find ourselves in the middle of a revolution. We find ourselves choosing the way our computers will behave, the way they will run. It is an easy change, and, for many, a quick change. Learning a few new ways of opening and closing programs and spending an hour studying new commands is easier than spending all weekend every six months or so trying to get a computer running again. Making choices is easier than living with regrets. This is the lesson that Bill Gates, the $100 billion founder of Microsoft, will learn over the next 12 to 24 months. He and his company have to make some choices. It's a tough time. Linux will not go away and Microsoft cannot buy it, since it is not for sale. (It never will be for sale, because it is an Open Source operating system, available to everyone without charge.) Since it can't be bought, Linux won't go away. To Bill Gates and his increasingly shrinking band of followers, Linux is like the unwanted guest. It won't leave. -- Al Fasoldt, Technofile
Meanwhile, some people figured out that ssh 1.2.12 had been published under a free software license. People grabbed hold of it, and the OpenSSH project was born. OpenSSH is now the standard version for Linux systems. Red Hat 6.1 hit the FTP servers, though the boxed version wasn't due out until October 18. The power pack edition of Linux-Mandrake 6.1 also became available. LinuxForKids.org was launched. One year ago (October 5, 2000 LWN): Corel and Microsoft entered into an alliance to work together on ".NET". This was no ordinary alliance, though, since Microsoft bought almost 25% of the company in the process. This pronouncement from the Meta Group was carried on C|Net's News.com: Corel currently plays an important role in Linux. Many other Linux companies look to it for its skills, tool sets and the work it does on key Linux committees. Therefore, Corel can be a valuable ally for Microsoft in Linux, allowing Microsoft to influence key questions, such as how the user interface, setup and deployment will look and function. We think the folks at Meta overstated Corel's role and influence in the Linux world. In any case, Corel has since sold off its Linux division. The current stable kernel release was 2.2.17. The 2.2.18 prepatch series was in the "bug squash" mode, and had a few small problems - for example, the PPC and Sparc architectures would not build. An official 2.2.18 release was still somewhat distant. There were some complaints that the new Red Hat 7 took "bleeding edge" a bit too far. Particularly the compiler package, gcc-2.96 (the latest version of GNU gcc was 2.95.2) and the C library, glibc-2.1.92, though the current official release was 2.1.2. New features like a largely-upgraded package system, kernel 2.4, enhanced USB support, and even out-of-the-box 3D support via XFree86 4.0.1 make Red Hat's latest look like a dream come true. Is it a dream come true, or Linux's worst nightmare? -- Duke of URL
Section Editor: Rebecca Sobol. |
October 4, 2001
LWN Linux Timelines |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Letters page. |
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. |
October 4, 2001 |
From: <rs@rcsimpson.demon.co.uk> To: <letters@lwn.net> Subject: Audio editors Date: Mon, 1 Oct 2001 23:15:23 -0400 (EDT) Sir, In last week's "On The Desktop" the opinion was expressed that Linux has lots of sound file editors, but none that are realy useful. Never was a truer word spoken!! I frequently need a sound editor to cut and mix sound effects for a local amateur dramatic society, and obviously I try to do it in Linux. Sadly, I am often sorely tempted to give up and do it on Windows. If you go to Freshmeat you will find at least a dozen progams which claim to edit sound files and let me tell you that I have tried all of them. They either won't install, or won't compile, or crash, or have incomprehensible user interfaces, or zero documentation or don't provide even the simple features which I require. However, almost without exception they have a web site which says "This is going to be the Linux CoolEdit2000 / Sound GIMP but its still in the early stages of development" If I were reading this letter, I would say at this point, "This is free software. If you don't like it get off your ass and write some code." But that's not the problem. There are plenty of people writing sound editors. The problem is that instead of writing 80% of two editors they have written 15% of 12 editors. As a user who just wants a simple reliable sound editor with a modern look and feel can I send a plea to sound editor authors to get together and concentrate their efforts on just one or two projects. It will hurt some egos, but what Linux needs most is quality applications. Thank you, Richard Simpson -- --- Richard Simpson @ home | ||
From: Fred Mobach <fred@mobach.nl> To: Linux Weekly News <lwn@lwn.net> Subject: Linux DA Date: Thu, 27 Sep 2001 10:37:20 +0200 Hello, Regarding LinuxDA you wrote "The GNU GPL did not seem to be included." I've also downloaded the source tarball and posted my comments on Linux Today (see http://linuxtoday.com/news_story.php3?ltsn=2001-09-25-012-20-NW-EM-LL). One of my comments was "And before I forget, the contents of the file -rw-r--r-- 1 fred users 18458 Jul 13 1998 linux/COPYING seems quite usual." That happens to be the GNU GPL with Linus' remark on top of it. Regards, Fred -- Fred Mobach - fred@mobach.nl - postmaster@mobach.nl Systemhouse Mobach bv - The Netherlands - since 1976 Fight terrorism, be it killers or software patents. | ||
From: Leandro =?ISO-8859-15?Q?Guimar=E3es?= Faria Corsetti Dutra <leandrod@mac.com> To: letters@lwn.net Subject: Gartner: dump IIS Date: Thu, 27 Sep 2001 13:39:40 -0300 > Apache is the dominant web server platform; anybody wishing to attack > large numbers of systems via a web server would look at Apache first. > The "obscure and uninteresting" argument will not wash here. The argument is weak because it is hypothetical: no one know for sure how many crackers have tried their hands at Apache and failed. So it's nearly impossible to prove it. But it is also impossible to disprove it. While Apache is the most used web server, it is also uninteresting to attack, since the source code is available. Not only that, IIS has a much bigger presence in the really interesting sites to attack, those of hated multinational companies or organisms making commerce or propaganda over the Net with little technical qualification in house. In other words, using Apache has some correlation to being "a nice guy" who won't be cracked, but a much bigger correlation to being a technically knowledgeable organization with whom perhaps a script kiddie shouldn't meddle. -- _ / \ Leandro Guimarães Faria Corsetti Dutra +55 (11) 246 96 07 \ / http://homepage.mac.com./leandrod/ BRASIL +55 (43) 322 89 71 X http://tutoriald.sourceforge.net./ mailto:lgcdutra@terra.com.br / \ Campanha fita ASCII, contra correio HTML mailto:leandrod@mac.com | ||
From: Billy Tanksley <btanksley@hifn.com> To: "'letters@lwn.net'" <letters@lwn.net> Subject: Linux security debate Date: Thu, 27 Sep 2001 13:33:50 -0700 I'm puzzled by the people claiming that the Linux security API should include an automated check for free software. My problem isn't a dislike of free software; rather, I'm puzzled that people are proposing a modification to a free software product which can easily be removed. If a company wants to distribute a closed-source "security" plugin, they simply have to modify the Linux kernel to allow closed-source. Nothing easier. Therefore, this debate shouldn't be about automated mechanisms; it should be about whether a security module is the same thing as a kernel module, or whether security modules should get the same exclusion from the GPL which the kernel modules enjoy. And I won't even go there. :-) OTOH, it occurs to me that perhaps the error was in the story (or my understanding of the story), rather than in the arguments. This issue certainly deserves better coverage -- I hope you'll discuss it in greater length. -Billy | ||
From: <anonymous> To: <lwn@lwn.net> Subject: SSSCA Date: Sat, 29 Sep 2001 22:18:39 -0700 Honorable Gentlemen: I read the following on the internet (http://www.linuxnews.com/stories.php?story=01/09/17/9591923): A controversial law was recently drafted, although not yet introduced, by U.S. Sen. Fritz Hollings (D-South Carolina), chairman of the Senate Commerce committee, and Sen. Ted Stevens (R-Alaska), titled "The Security Systems Standards and Certification Act" (SSSCA). If made into law, the proposed bill would make it illegal to "manufacture, import, offer to the public, provide or otherwise traffic in" digital devices that do not use "certified security technologies." The SSSCA, if enacted, will have serious negative affects on free software, most specifically to open-source operating systems such as Linux. I find this extremely disturbing. I work at Intel and this bill is coming on the heels of some related requests recently made by Microsoft of Intel (I don't feel comfortable going into details). Frankly, it appears that not only has Microsoft gotten away with alleged anti-competitive behavior with only a token "slap on the wrist", but now wants to make it illegal to even compete against them. If this bill is passed, I will seriously start to wonder whether Microsoft is the only software lobby in Washington. Please consider this letter the voice of another lobby -- the open source community. If you feel you must pass a law to protect copyright material on computing platforms, please develop a law that allows all software writers and hardware developers the ability to comply without the threat of financial ruin by an alleged monopolist such as Microsoft. My definition of "ability to comply" would be a law that follows a standard software file format and standards for encryption/decryption algorithms/hardware mechanisms. Either the military and/or the university system should develop these standards such that no licenses would have to be obtained from or fees paid to private companies such as Microsoft. If ideas are taken from private industry for incorporation into this standard, then it should be up to the government to compensate contributing private companies for the intellectual property incorporated into the government standard. An individual or company should only be charged a fine if they are found to be out of compliance. It should not be that a company should have to wait for government certification before issuing software. This avoids a situation in which a large company such as Microsoft has a dedicated inspector that can make timely certifications verses a small developer who may have to wait months to get a non-dedicated inspector to certify the software. Developers that are found to be in compliance with the standards should be immune from lawsuits that may arise from damages caused by hackers. | ||
From: Charles Cazabon <wwwpatentpolicy@discworld.dyndns.org> To: www-patentpolicy-comment@w3.org Subject: "Non-discriminatory" patents will kill the web Date: Tue, 2 Oct 2001 08:06:57 -0600 Cc: letters@lwn.net Dear sirs, The W3C is currenty bandying about the idea that incorporating patented technologies in proposed W3C standards would be acceptable, providing that the patent holder agreed to license the patents to all comers for a reasonable and "non-discriminatory" fee. What leap of logic led to this great fallacy? How did the W3C come to propose this absurdity which could lead to the destruction of not only itself, but of the web in toto? Patents serve one purpose -- they allow the patent holder to exclude others from manufacturing or using an "invention" of the patent holder. The patent holder can then use this government-granted permit to either monopolize a market legally, or to extort money from all other parties interested in participating in a market. The W3C, on the other hand, has always tried to promote technical interoperability and sane standards. It has done an admirable job of this. Without royalty-free standards such as those that underpin the web today, where would we be? How advanced or useful would the web be if HTML or other standard were encumbered by patents? How diverse would the content of the web be if the only organizations that could publish content were the ones that could afford to purchase patent licenses? The actual dollar amounts are immaterial; any patent license fees at all would have completely eliminated all but the commercial players, and the commercial players are not what have made the web a success today. The W3C must reject this RAND proposal; it must refuse to endorse any proposed standard that uses patented technologies or methods unless a royalty-free license is granted to all interested parties. Charles Cazabon -- ----------------------------------------------------------------------- Charles Cazabon <wwwpatentpolicy@discworld.dyndns.org> GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ ----------------------------------------------------------------------- | ||