Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page
Other stuff:
Recent features: Here is the permanent site for this page.
|
Leading itemsHow quickly does Linux really respond to security problems? This week serious security holes were found in the Pine mail reader and a couple of FTP daemon implementations (see the security section for details). The Pine bug was exposed on February 8, ftpd on February 9. As of this writing, only one vendor (Red Hat) has made updates available to fill these holes. A particularly disappointing case is Caldera's security updates page, which was last updated in November 1998. SuSE has no security updates page at all. They claim to have a security alerts list, but clicking on the archive link on their mailing lists pageyields a "page not found" error. And, lest one think that Red Hat has its act entirely together, it is worth pointing out that their updates site (updates.redhat.com) has been impossible to get into since the alerts came out, and none of the mirror sites that we have checked (and we've checked many) yet have the updates. For all practical purposes, updates are not available for Red Hat either. These security holes are guaranteed to be the source of a highly public string of breakins over the next few months. One would think that it would be in the interest of the distributions to try to head this off as much as possible. Given that one of the advantages of free software is supposed to be quick turnaround on fixes - especially security fixes - it really seems that we should be doing better than this. We at LWN are happy to suggest work for other people. In our opinion, every distribution should set a goal of getting security fixes out within 24 hours of notification that a problem exists. Each distribution should have information on security updates available on the front page of their web site. If Linux is truly to be better than the other operating systems out there, it must get its act together on security. Otherwise we're just making more empty promises. (Information received later on updates for these security problems is available on the daily updates page.) Monday, February 15, is Windows refund day. This is the day to take your unused version(s) of Windows back to Microsoft to ask for your money back, as provided for in Microsoft's own end user license agreement. This event has the potential to be a crucial turning point in free software history. The purpose here is not to slap at Microsoft, or to make opinions known on their products. The point is the freedom to buy a computer without being compelled to buy one vendor's operating system if that system is not needed. Users of free software should not have to buy proprietary software that they do not want. While organized refund efforts are happening in some areas, it is a bit disappointing that there are not more organized groups out there. A big rally in Silicon Valley will certainly draw attention to the cause. Rallies nationwide (or worldwide) would draw much more. The relative lack of organized gatherings certainly does not mean that people can not show up at their local Microsoft offices to ask for their refunds. Go for it, every body helps. For more information, see the Windows refund home page, the timeline and press coverage page, or the Open Directory Project Windows refund page. Readers in France may want to check out the Centre de Détaxe Windows page. The pre-installed Linux system market is getting more crowded, as witnessed this week by the arrival of Dell, and Indelible Blue (a long-time OS/2 reseller) on the scene. If this TechWeb article is to be believed, IBM will be announcing PowerPC systems running Linux on the first of March. Compaq has also reaffirmed its Linux stance with this Linux systems page. The larger vendors are all pushing server systems for now; they evidently see less demand for desktop computers running Linux. They may well be surprised. A fairly safe prediction is that the hardware vendors will wake up in much the same way that the database vendors have: demand for Linux products will strongly exceed their predictions and they will quickly expand their lines. The Linux system VARs that want to survive the entrance of the big boys need to firmly establish themselves almost immediately, or else find a niche that they can retreat into. That business is going to get much more competitive in a hurry. It is an unfortunate fact that, in this industry, the companies that create a market are often not the ones that profit from its maturity. One interesting niche that seems empty at the moment is that of systems costing less than $1,000. Linux VARs seem to aim for the high end. But, along with all its other advantages, Linux does come cheap. It should be possible to build rock-bottom end systems with a very competitive price, due to the absence of the "windows tax." The first vendors into this area may find that they do better than they expect, even in a niche with such small margins. It turns out that out discussion of Linux engineer certification in the February 4 issue of LWN missed one provider our own back yard. The University of Colorado at Denver offers a network administration course which results in, among other things, a "NACSE-LINUX NCLA (NACSE Certified Linux Administrator) Certificate." Lucky attendees get trained toward an MCSE test at the same time... (Thanks to Chuck Morrison, who heard a radio ad for the course). If this issue of LWN seems a little thin (or grumpy) that's because it is. We're short-handed this week due to illness. With luck we'll be back to full strength next week. |
February 11, 1999
|
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Security page. |
SecurityNewsNasty holes of the week: a couple of unpleasant ones came around this time.
CERT has put out an advisory about trojan horse problems. The advisory (available here) contains little new information for readers of these pages. (Although, perhaps, many Linux users were unaware of the fake Internet Explorer upgrade...) It does contain a good summary of the situation and tells how to recognize trojaned versions of some systems. The "Hurwitz Group" has uncovered that buffer overflows are a security problem and issued this press release to alert the world. "Buffer overflow will continue to be a security problem until all system vulnerabilities are revealed and solutions are put in place..." The product being advertised with this alert evidently works by randomizing the stack address; this approach works against a number of simple attacks, but is far from being a comprehensive solution. Security ReportsThere is a buffer overflow problem in the version of 'lpc' that is shipped with the PLP printer system. Most Linux systems do not use PLP; however, SuSE distributions at 5.2 or earlier did. Thus, folks with an older SuSE installation may wish to consider an upgrade.ResourcesAlpha 7.1 of the NRL IPv6+IPSec package has been made publicly available. This is a full implementation of these protocols, and it supports Linux. (They claim it works with the 2.1 kernel; one assumes that 2.2 will work as well). See NRL's web page for more information. The license is of the BSD variety; however, encryption support is only available within the U.S.Network Associates announced a version of their "CyberCop" scanner for Linux; see their press release for more. For an alternative point of view on the value of their announcement, see this note from the ISN moderator... |
February 11, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current kernel release remains 2.2.1. People who are desperate to compile a new kernel can play with the 2.2.2 prepatch put out by Linus, or, alternatively, with Alan Cox's 2.2.1ac5. A true 2.2.2 release is likely sometime soon, once a couple more obnoxious problems get tracked down and fixed. Interface stability in the Linux kernel has been the topic of discussion for a couple of weeks now. It all started with this note from a staff member at MIT complaining about how another incompatible interface change had happened, and describing, in detail, the sorts of difficulties such changes can cause when many thousands of machines are in use. It seems to be generally agreed that, while incompatible changes occasionally need to be made, they should be kept to a minimum, especially within a single stable release series. The discussion shifted to the kernel module interface, where there is less consensus on how things should be done. Kernel modules, by their nature, have much more direct access to the internal workings of the kernel, and are thus much more easily affected by changes. Usually, but not always, all that is required is a recompile to make a module work again after a change has happened. Unfortunately, "recompile the module" is not a recipe that sits well with users of binary-only modules. Recent victims here have included users of the AFS file system - often large universities with a lot of systems. Linus's responses to the complaints varied from quite unsympathetic to completely dismissive. Further on he explained his reasoning in a bit more detail. The executive summary could be that while he allows binary-only modules to be inserted into the kernel, he does not much like them and would not be terribly upset if they simply went away. There are good reasons behind this position, but it will certainly cause problems for Linux users who can only get support for something they need via a binary module. This, in turn, can only lend support to the critics who claim that Linux is immature, not "enterprise ready," and that it suffers from far too many versions. This is exactly the sort of issue that could force users to one of the other free unix systems, or perhaps cause an eventual fork in kernel development. UltraPenguin 1.2 will not allow 64-bit user code to run, due to a couple of hardware bugs in some UltraSparc processors. The exact nature of the bugs is unclear, but it seems that they allow any user to halt the processor, not a desirable thing. The real problem is that, according to David Miller, Sun will not release information about the bugs without a nondisclosure agreement in place. Since an open workaround in the UltraPenguin kernel would disclose the bug, no fixes can be had via that path. Thus the problem remains unfixed - and 64-bit user code remains unrunnable - until somebody can figure out the problem via some other means. Here is your chance to own the entire kernel release history on CD. Riley Williams, who put together the Kernel version history archive is now packaging the whole set up and is considering making the CD's available for a small fee. See his announcement for details. FTape 4.x has been ported forward to the 2.2 kernel, though it is still considered to be unstable at this time. Details and a download address can be found in the announcement. |
February 11, 1999
Since we're a weekly publication, chances are we'll be behind a rev or two on the kernel release by the time you read this page. Up-to-the-second information can always be found at LinuxHQ. |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Distributions page. |
DistributionsCalderaIf you want to try the 2.2 kernel on OpenLinux 1.3, check out this message from Caldera's Erik Ratcliffe and start FTPing. Some caveats apply, of course. The upgrade packages were created by a Caldera VAR as a public service; it they have no official stamp of approval, and nobody warrants that they won't explode in your face and fill the office with nasty black smoke.DebianThe Debian logo contest is ongoing, with many entries received thus far. (See the contest announcement if you've not encountered it yet). The entries received thus far can be found on the Gimp contest page.There has been some grumpiness resulting from the requirement that all logos be created using only the Gimp. This requirement is unsurprising, since the contest is sponsored by the Gimp people. But the Debian folks do not want to rule out other submissions created with free software. It seems unlikely that the Gimp folks will change their rules, so there's not much to be done... The slink release is getting closer. Here are a couple of lists of bugs that have to be fixed before the release can happen: one from the automatic reporter, and the other one put out by Brian White. Is postilion free enough? Postilion is a mail reader designed after a NextStep application; it has a number of pleased users. Problems came up when the package maintainer noticed a change in the license that comes with the 0.9.0 release. Under the new license, the various graphic image files that come with the program can only be used with postilion; they can not be used in any other context. There seemed to be a general feeling that this license was non-free, and a note was sent off to the postilion developer describing the difficulties. This developer, after some discussion, came back with a revised licensewhich addressed the concerns. Seemingly everybody will live happily ever after. Meanwhile, interestingly, Richard Stallman came in with an opinion of his own: he thinks the original license qualified as free. He also thought it was undesirable and essentially unenforcable. Debian en Français. A new project has been formed to translate the debian distribution - programs, documentation, and all - into French. See the announcement (surprisingly, in French) if you would like to participate. MandrakeMandrake 5.3 has been released. This release ("Festen") is still based on Red Hat 5.2, but there have been enough goodies coming out (XFree86 3.3.3.1, KDE 1.1, Kernel 2.2.1, etc.) that they decided to make a new release. Also included is a new "Installation and Use Guide" document. See the announcement for details.MkLinuxA new bug reporting address and bug reporting web page have been set up for MkLinux.SuSEDoes SuSE not have its act together in North America? A number of SuSE users seem to think so after the distribution got stomped in one of those highly scientific Slashdot polls. Complaints range from distributions for the U.S. coming late and with problems, to the slowness of updates in the U.S. SuSE web page. In general there seems to be a feeling among U.S. SuSE users that SuSE, while providing a superior distribution, is being outmarketed on this side of the pond.TurboLinuxTurboLinux users wishing to upgrade to the 2.2 kernel series may want to check out this note, which explains where all the necessary updates are to be found. |
February 11, 1999
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed. |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Development page. |
Development toolsJavaThe wait for JDK 1.2 under Linux continues. The latest status report is positive, saying that the threads problem have been essentially overcome (but by using "green threads," instead of Linux native threads). Still no release date given, of course. "...rest assured we are all working hard to get this thing out the door as soon as possible"The first release of GNU Classpath is out, see the announcementfor details. Classpath is a project to produce a free set of class libraries for Java as a replacement for Sun's libraries. Version 0.07 of the Japhar virtual machine is out, or so we're told, even though their web page still talks about 0.06. PythonStarship Python is on the net, and the new site at starship.python.net is looking great. It's evidently the first of many dedicated Python sites which will appear in the python.net domain.One of the things you'll find on the starship is Christian Tismer's tutorial on COM and Python which he gave at the 7th Python Conference. Here's your path to accessing all that office data in those legacy formats... See the announcement for details. A new version of gnome-python is out. This package (announcement here) is an interface to the GNOME libraries, making it easy to fit Python programs into the GNOME system. Included are GTK bindings, making it possible to do graphical stuff without Tk. Here's this week's Python-URL, full, as always, of Python goodness. Other Python announcements:
Tcl/tkScriptics is looking for ways to promote Tcl and they are asking for help in the form of Tcl success stories. Drop them a note if you've got a good one.Just released: Will's Guide to Creating Object Commands. It's, well, a guide to creating object commands. The author is looking for feedback, drop him a note if you can help out. Here's this week's Tcl-URL. |
February 11, 1999 |
|
Development projectsGeneral Accounting SystemThe General Accounting System is a new project which intends to bring a high-quality GPL'd accounting system into being in time for a Christmas delivery. As is usually the case, this project is looking for help. Check out the web site, and give them a hand if you canGTK+Version 1.2 of the GTK+ toolkit is nearing release. In preparation, the GTK+ Tutorial has been updated to match the upcoming release. It's a good piece of free documentation on how to use this toolkit; check it out.GNOMEThe GNOME folks put out another flurry of announcements this week, headed up by the Skillful and Conspicuous Cow release of the core code (aka 0.99.7). Other announcements include:
KDEKDE 1.1 was announced this week, see their news page for the details.PowerPC folks may want to have a look at the KDE for PowerPC page put together by Jonathan Singer. He's trying to gather together PowerPC packages for a full set of KDE applications to make life easier for everybody else. (Unfortunately this site is hosted on Tripod, meaning readers get to play "whack-a-mole" with the popup ads). SambaThe Samba team released version 2.0.1, and advised everybody to upgrade to it. Shortly thereafter a bug of the "brown paper bag" variety turned up, so out came version 2.0.2. They recommend that everybody upgrade to this version, and this time you probably should.ZopeA pre-release version of Zope 1.10 has been announced, details may be found in the announcement. Lots of new features are available in this release, a list can be found in the changes file on the Zope site.A new version of ZServer has also been released. This version adds some security, bug fixes, and more. The Zope web site has been enhanced with the addition of a set of user testimonials and Case Studies. There is also an initial set of ISP's which are beginning to offer Zope hosting; see this list for details. An article about Zope was published in Web Techniques this month. The article, written by Amos Latteier of Digital Creations, is, of course, quite positive. "Digital Creations' Open Source Web application platform promises to play an interesting role in the Web application-server market. Its open technology and proven engineering combined with its innovative development model could be a potent combination." | |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Commerce page. |
Linux and businessPenguin affiliates. Penguin Computing has put out a press release describing their new "Online Associates" program. Put their banner on your page, and they'll give you a commission on any sales that result from users coming in via that banner Yet another Linux-based "thin server" product has been announced. This one is "TEAM Internet" from Apexx technology. It's claim to fame seems to be that it includes web filtering software along with the usual functions. More electronics design support is on the way: Green Mountain Systems will be releasing a Linux version of its VHDL simulator later this month, according to this EE Times article. "...the Linux version runs 'slightly faster' than the Windows NT model and has better memory performance." AsiaBizTech writes about the "CUTE 2000," a Linux-based server being marketed in Japan. This one is based on the Debian distribution. Also in AsiaBizTech: a Japanese version of Interbase 5 has been announced Press Releases:
|
February 11, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Linux in the news page. |
Linux in the newsOK...here is this week's recommended reading:
There was a resurgence of introductory articles this week, and the quality was generally better than usual. Even experienced Linux folks may want to give some of these a glance.
Quite a few business-oriented articles, as usual:
Just in case anybody hasn't seen enough "Windows refund" articles yet:
And here's the rest of the press:
|
February 11, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Announcements page. |
AnnouncementsResourcesLinuxToday has added a new jobs page to connect people with Linux skills and employers. See their announcement for details.Steve Rader has made available the Linux disk mirroring cookbook. Therein you will find step-by-step instructions for setting up disk mirroring with raidtools 0.42. Never let a disk failure stop you again! EventsHere is a transcript of the chat session with Linus Torvalds which appeared on MSNBC Tuesday. Note that Linus was not actually typing, he was speaking over a telephone to a transcriber. Evidently not everything got through exactly as he said it.If you are wanting to make a submission to the O'Reilly Linux Conference (August 21-24, Monterey, CA), you're running out of time. This reminder just went out; the deadline is next Monday, February 15. It looks like a great gathering, here's your chance to be a part of it. Linux Expo has announcedthat the technical keynote speaker for the conference (in May) will be Jim Gettys, currently of Compaq. This should be an interesting talk; Jim has a long history with free software, including being a driving force behind the X window system in its early days. The LinuxWorld folks are looking for open source projects that will be at their conference to feature in their "Tapping the Source" supplement. See their announcement for details. The Bazaar has announced a partner and a change of date. The conference - oriented around free software development - was originally scheduled for March in New York. The new date is likely to be in July. See this Slashdot topic for a bit more information. Web sitesA new site for Linux on the PowerPC has been set up. Content currently is in German, but they intend to add English language stuff as well.OverNews is a new Linux news site in French. User Group NewsA new user group is forming in Colorado Springs, CO. The Pikes Peak LUG will have its first meeting on March 5. See the announcement for details.Yet another Linux Tea Party will be held by the Southern New Mexico LUG on February 18. See their web site for details. |
February 11, 1999
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software Announcements
|
Our software announcements are provided courtesy of FreshMeat
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Back page page. |
Linux links of the weekThe Beowulf Underground is a new news site dedicated to events around Linux clusters. It's a useful source of information on this crucial area of Linux development. Stokely Consulting's Unix Sysadm Resources is a comprehensive site full of good stuff for administrators of any Unix-like system, including Linux. |
February 11, 1999 |
|
Letters to the editorLetters to the editor should be sent to editor@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Fri, 5 Feb 1999 02:02:28 -0500 (EST) From: cph@martigny.ai.mit.edu (Chris Hanson) To: editor@lwn.net Subject: Structure vs purism OK, I see that someone else has chosen to speak up about gotos in the kernel, so I'll chip in too. I agree that more context should have been given. Where I disagree, and very strongly at that, is in the implication that goto's are somehow "unprofessional". Goto is simply a tool, and its use can be either beneficial or harmful, depending on the programmer. A skilled programmer uses language constructs to provide a clear expression of the program; goto is appropriate in many circumstances because it captures the intent of the program more accurately than other available constructs. Goto got an undeserved bad rap from the structured programming movement of the 70s, which was epitomized by Pascal. Pascal lacked a goto statement, which meant that if the control structure of a program was not cleanly expressed by the available iteration constructions, you were SOL. I've written a fair amount of code in Pascal, and I can say from experience that I missed the goto statement when programming in that language; at least C _has_ a goto statement, and I use it when I think it is appropriate. It's also kind of funny that this conversation comes up in the context of Linux. To me, one of the strengths of the Linux community is its attention to freedom. Goto was originally denigrated by people who decided that the way to prevent bad programmers from writing bad programs was to reduce the expressive power of the languages -- specifically by eliminating goto. (Of course, bad programmers will _still_ write bad programs, even without goto.) Now why would someone who believes in freedom want to _reduce_ expressive power? Now, you may be wondering why I feel so strongly about this. The answer is that I'm a Scheme programmer. In Scheme, there is only one iterative control construct: the tail-recursive procedure call, which is just a goto with arguments. So by denigrating goto, you indirectly denigrate my favorite language, in which I write many beautiful and elegant programs, each filled to the brim with "gotos". So please, have a little respect for goto, and those of us who like to use it. | ||
Date: Mon, 08 Feb 1999 11:23:58 +0000 From: Mark Lamb <dragon@freedom.org> To: lwn@lwn.net Subject: A Plea for help Finally managed to carve out some time to play with 2.2; am now trying to wrap brain around new routing code in particular. The ipchains and ipmasqadm have decent man pages; the iproute2+tc stuff has only BNF-ish descriptions of the syntax. Anybody got any idea how to use any of these bright shiny new toys? I'm taking hints, for (possibly delayed) publication, via email at dragon@snafu.freedom.org I'm hoping to write some coherent docs; until I get the time I'll post anything sent raw for the good it might do others. It'll all be at http://snafu.freedom.org/linux2.2/ Along with copies of some of the packages I've downloaded to get a RedHat 5.2 system ready for 2.2 et al. This includes the latest iproute2 package (as of Jan 23) from ftp://ftp.inr.ac.ru/ip-routing/ Which seems to have been down for the last several days. -- dragon@snafu.freedom.org (Mark Lamb) I won't cry for the wasted years cuz' you ain't worth the salt in my tears. | ||
Date: Wed, 10 Feb 1999 22:40:43 -0700 From: Jeffery Cann <linuxguy@ix.netcom.com> To: editor@lwn.net Subject: Zope License (Slightly modified version sent to Digital Creations) Greetings. As I see a Zope advertisement on the LWN site, I am concerned that the Zope development environment is "Open Source" branded. Specifically, the third clause in their latest license version (0.9.7) continues to troubles me. Initially, Digital Creations (www.zope.org) wished to require attribution when web sites were produced using Zope. More recently, they have come closer to freeing their code. IMHO, the point of section 3 is still works against the rationale of freeing software, whether "open source" or via the GNU Public License (or similar licenses). The point of releasing source code is so that the community may share it, improve it, test it, etc. The benefits received by Digital Creations will outweigh any concerns with attribution. Let me draw on the Apache web server (and license) as an example, since the Zope Public License (ZPL) is based on it. The Apache web server is the most popular and most used web server in the world. It became so because their software was continuously improved by a community of developers. Eventually, it overtook the reliability of competing proprietary products, such as Microsoft's IIS or Netscape's web servers. Apache does not require or even ask that attribution be given to the Apache development group. Yet, amazingly, every technical person who develops web content knows that Apache is the web server of choice. The reason every one knows this is because Apache is technically superior server. It is the most popular due to its technical merits, not because they required or pleaded for attribution. If Zope is a real alternative to Cold Fusion, then why still ask for attribution? Why not let the product stand on its technical merits? I guarantee you that if Zope is better or equal to Cold Fusion, it won't take too long for the web developer community to figure this out and free attribution will follow. It didn't take long for Apache to become the number one server. Finally, I must quote the Chinese philosopher Lao Tsu -- "Who does not trust enough will not be trusted." Freeing source code is about trust -- trust between the person(s) or company who wrote the original code and those in the community who use it and contribute it. I appreciate the efforts of Digital Creations to refine the ZPL. Hopefully, they will drop clause 3 altogether so I can start using the Zope development environment. Until then, I am happy to continue to hack perl, gimp and htmlpp for my web site development efforts. Sincerely, Jeffery Cann | ||