Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page
Other stuff:
Recent features: Here is the permanent site for this page.
|
Leading itemsLinux Expo '99 is now history. Congratulations are due to all involved for running a high-quality show. Attendees at the Expo seemed to be generally happy with what they found. Some of the technical sessions were truly excellent. A worthwhile experience. Please see our Linux Expo page for our coverage of events at the conference, and pointers to coverage from others as well. Included are stories on network traffic control, the LinuxCare "Simply Supported" poster, keynotes, competing certification agencies, Zenguin, the homeless Pacific HiTech models, and more... All is not perfect with Linux Expo, however. It is clear that the event is suffering somewhat from the competition from the LinuxWorld Expo. In particular, there was a significant amount of grumbling among the vendors on the exhibit floor. Many of them did not feel that they were getting the sort of interest that they had hoped for - especially from people who might actually end up buying things. This feeling contrasts strongly with that at LinuxWorld, where the vendors were ecstatic. Unhappy vendors is a dark omen for Linux Expo; it suggests that many of them might not be back next year. Nothing is written in stone, but it seems unlikely that Linux Expo will be able to recapture its former position as the primary trade show for Linux. LinuxWorld has the funding, publicity and momentum at this point. Over the next year, LinuxWorld will bracket Linux Expo with two separate events, one on each coast. In the future, LinuxWorld will likely be the place where people go to see the glitz, make deals, and shake hands. So where does that leave Linux Expo? The organizers of Linux Expo may want to consider adjusting their focus to take better advantage of their strengths:
This all suggests that Linux Expo should aim at being the premier technical and community event for Linux. More technical content is called for - including perhaps a stronger set of tutorials and the addition of workshop sessions. Build on the success of the Extreme Linux track with more specialized, leading-edge tracks in the future, preferably without the registration surcharge. Finding a way to bring in development projects - which can not generally afford booth space - would be a great move. LinuxWorld may be the place you go to shake hands, make deals, and hear product pitches. Linux Expo can be where you go to find out what is really going on, participate in the process, and get your questions answered. Responding to Mindcraft. Dan Kegel wrote in to report on performance improvements that have been in response to problems demonstrated in the Mindcraft report. "So far, three serious kernel performance problems that caused Apache to do poorly on Linux have been identified and partially resolved. Most recently, an SMP scaling bottleneck was found, and a three-line patch was posted that quadrupled performance on one test (erasing the SMP penalty)." More information is available. What we are seeing here, of course, is that the yelling is done, for now, and the Linux community has gotten serious about fixing the problems that do exist. This Week's LWN was brought to you by:
|
May 27, 1999
|
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Security page. |
SecurityNewsEfforts to build a secure Linux distribution came up this week. The basic idea is to create a new distribution which has security as its primary goal. Other details, like functionality and user friendliness, come later. Such a distribution, if it lived up to its promise, could become the distribution of choice for any of a number of security-critical applications.There are a few such projects out there, most of which are in the embryonic state. Jon Lasser started things off with a description of a secure distribution project to be done as a project of SANS. His thinking at this point is to start with Red Hat's distribution and tighten security from there. Alexander Kjeldaas pointed out a couple of obscure, older efforts to make a secure distribution. He also made the point that starting from a distribution like Red Hat is probably a bad idea; it is better to build a secure system from the beginning. In any case, enough of the system will have to be different that starting from an existing distribution does not necessarily buy much in the first place. Alexander gave a list of features a secure system would need to have, relying heavily on cryptography, capabilities, and other techniques. Rik van Riel revealed that he is currently being paid to produce exactly such a distribution. Le Reseau netwerksystemen intends to create a high-security distribution, then to make its living through service contracts with users throughout northern Europe. They are still at an early stage, having not yet decided which distribution to start with, if any. So it appears that such a distribution will exist before too long. The benefits should be widespread, since many of the features of a secure distribution will eventually filter back into other distributions. Security ReportsJavaScript code in the title of a document can be executed by Netscape Communicator in strange contexts. Given the right sequence of events, malicious code could get at a fair amount of personal information, including any password or other information stored in the cache. See this note for more information on the problem. The author believes that the vulnerability could be exploited by HTML mail messages, among other things.UpdatesThe latest CERT summary is out. This update covers the sorts of activies they have been seeing recently: viruses, a resurgence of SYN attacks, scanning, etc.Red Hat has announced a new set of Netscape packages that include version 4.6. Some of the 4.6 changes included security fixes, so they are recommending that all users install the new version. ResourcesWeb security is the subject of a bulletinsent out by the CIAC. Rather than talk about any current exploit, it gives a sizeable list of general instructions on how to run a web server in a secure manner.How script kiddies work. Know your enemy III is a white paper put on by Lance Spitzner which describes just how script kiddies obtain root access on systems they are able to penetrate. Hints from SecurityPortal. Here's a set of basic security tips for Linux put out by the folks at SecurityPortal. EventsComputer Security 99 will be happening in Mexico City on October 4-8, 1999. It is intended to cover all aspects of systems security. See the announcement for a description of the conference and the call for papers; if you wish to submit to the conference, the deadline is July 2.Section Editor: Liz Coolbaugh |
May 27, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release remains 2.3.3. There has not, as of this writing, been a development kernel release since May 17. There is a pre-patch for 2.3.4 available in the testing directory; it contains the usual set of small tweaks plus larger changes to the PPC code, and the ISDN and USB subsystems. Alan Cox has also put out 2.3.3ac3 with a separate set of small changes. Alan had originally said that the "ac" patches were going to go away now that 2.3 is active, but that does not appear to have happened yet. The current stable release remains 2.2.9. There are a few reports of glitches with this version, but as a whole it has held up better than some of its predecessors. Kernel hacker Theodore Ts'o is going to VA Linux Systems in June, as announced at Linux Expo last week. He will be working full time on file systems and other goodies for Linux. SGI will be releasing their XFS file system for Linux under some (unspecified) open source license. See their press release for the details and hype. XFS promises to bring to Linux all kinds of "enterprise" capabilities that people have been asking for: high performance, large file support, journaling, etc. If all goes as expected, Linux will have acquired something good. Thanks are due to SGI for this gift. Meanwhile, of course, work is proceeding on adding various capabilities to the ext2 file system: higher performance, large support, journaling, etc. Now that XFS is being dropped on our doorstep, does it make sense to go forward with this work? This question was asked on the kernel list this week, and was answered with a resounding "yes." Ext2 work should proceed, for a number of reasons. For example, SGI has not yet said what license they will apply to the software. If the license does not play well with the GPL, XFS can not be part of the standard kernel. SGI still needs to pass through the code looking for patent and license problems; there is also the little detail of actually porting it to Linux. So it will be a while before we see any code. And if XFS requires substantial changes in other parts of the kernel, those changes have to be done to Linus's satisfaction. Thus it has been predicted that a functioning, stable XFS in Linux is at least a year away. The ext2 work will be able to address needs far sooner than that. Ext2 remains, and is likely to remain the standard Linux file system (OK, it will probably be "ext3" when all the changes go in), and certainly development will proceed. How to name USB devices? Development on the Universal Serial Bus drivers is reaching the point where developers are worrying about problems like: what name should a device on the bus have? USB devices are essentially anonymous things: they can come and go, and they can appear at different places in the bus topology at different times. So how do you manage to give the devices consistent names for the user? A number of ideas were passed around, including somehow using devfs for this task. But Linus shut down the conversation by saying that the problem is essentially unsolvable and that there is no point in even trying. USB devices should just be assigned whatever name is first available when they are scanned by the kernel. It is not possible to do better than that, so there is no point in really trying. For some sorts of devices, such as mice, Linus's preferred approach is to simply have a single logical device, even in situations where there are multiple physical devices. That, he hopes, will correspond best to what the user wants. For other devices (diskettes, printers, etc.) names are just assigned as the devices are seen. He states that the comings and goings of USB devices should be treated more like media changes than device configuration events. There is not a consensus on this issue at this point, and there is talk of trying to somehow create consistent naming at the user level. In any case, the USB stuff is very young, so a lot of evolution is yet to happen. Here's a useful resource: Linux 2.2 (mostly networking) is a web page dedicated to information about the 2.2 networking features. If you are looking for information on any of the many networking goodies included with 2.2, this page is a good place to start. Other patches and releases of interest:
Section Editor: Jon Corbet |
May 27, 1999
For other kernel news, see: |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Distributions page. |
DistributionsDebianShould Debian spend money on marketing at trade shows, in particular, by buying booth space and CD's to hand out? The Debian project, of course, is not rolling in money, and a trade show presence is expensive. So some folks on debian-devel are questioning whether trade show booths are really the best use of Debian's funds.The consensus seems to be that a presence on the floor is important. A lot of people don't know what Debian is, and being there can help to change that. Nobody, however, was in favor of buying an IBM-size booth in the center of the floor... Maybe they could get Corel to help fund a presence in the future? Chuck Peters will be the Debian liaison to the LPI certification program unless somebody objects strongly. Here's his posting on the subject. Debian would really like to see certification available free of charge, which does not quite fit with what the LPI is doing (they are aiming for as cheap as possible, but do not believe it can be free). Reports from the Debian booth at Linux Expo were posted by John Goerzen. See his notes from Thursday and from Friday and Saturday. The Debian booth was a busy place... A new Debian package manager is in the works which will eventually replace dpkg. Here is a pre-pre-announcement for the project; things are still quite vague at this point. Debian will be probably adopting the Filesystem Hierarchy Standard (part of the Linux Standard Base) soon. Julian Gilbey, who is pushing forward the policy change, has posted a callfor people to start thinking about what changes need to be made to comply with the FHS, and how those changes will be done. Policy moves. Joey Hess has posted the weekly policy summary describing current policy change initiatives and where they stand. EnochDaniel Robbins tells us he has just released the first verion of Enoch, a new Linux distribution. "Enoch is an advanced GNU/Linux distribution for the x86 PC Architecture, designed to bring your Linux experience into a new dimension. Or something like that."MandrakeWhat is Mandrake's future? This distribution, at the beginning, was identified primarily as a version of Red Hat with KDE integrated. Now that Red Hat sells a distribution with KDE, what is Mandrake's reason to exist? Users of Mandrake have pointed out some advantages they see with the system, such as its greater use of Pentium optimizations, more current software, and better responsiveness to its users. And, of course, Mandrake has a nicer system for the configuration of hardware as the Lothar project starts to bear fruit.But, in the end, can Mandrake survive as a prettied-up version of Red Hat? Some work on clarifying the goals and identity of this well-respected distribution seems to be in order. Red HatKDE users have been disappointed with Red Hat 6.0 due to the fact that Red Hat shipped a beta version that, for some people at least, has some severe stability problems. If you are one of these people, you may want to take a look at Benjamin Sher's instructionson how to upgrade your 6.0 system to KDE 1.1.1.SlackwareSlackware 4.0 has been released. It's got the usual goodies: 2.2 kernel, KDE, ... They have also put out a "Slackware 3.9" for people who want most of the new stuff, but want to stay with the 2.0 kernel for now. (Thanks to Peter Hull).Section Editor: Liz Coolbaugh |
May 27, 1999
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
Known Distributions:
Caldera OpenLinux |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Development page. |
Development toolsPerlPerl 5.005_57 has been released. This is a development release, part of the process of getting ready for the 5.006 release sometime this summer. Tom Christiansen, who announced this release (which was produced by Gurusamy Sarathy), suggests that those who do not want to be on the bleeding edge may still be interested in this release for the greatly reworked and extended documentation that comes with it. See the announcement for details and release notes. Tom has also put out a documentation releasecontaining only the updated documentation.Perl in Cryptonomicon. Neal Stephenson's latest, Cryptonomicon, includes an encryption scheme called "Pontifex," and a Perl script which implements it. Both the script and an explanation of how the encryption algorithm works can be found at Bruce Schneier's web site. PythonHere is this week's Python-URL. They are looking for a volunteer to help in getting Python-URL out every week, drop a line if you can help.For Python GNOME hackers, new versions of gnome-python and pygtk have been announced. Tcl/tkThe second TclPro 1.3 sneak preview release is out, see the announcement for details. The big change in this release is that it includes the TclPro compiler.Here is this week's Tcl-URL. The Call for Papers for the 7th USENIX Tcl/Tk Conference has gone out. The conference is happening February 14-18 in Austin, TX; paper submissions are due by September 1, 1999. See the CFP for details. A new version of Jacl and Tcl Blend has been announced. Mix your Java and Tcl like never before... See the announcement for more. Section Editor: Liz Coolbaugh |
May 27, 1999 |
|
Development projectsGNOMEA GNOME publishing company? See this note from Miguel de Icaza. He would like to see a lot more documentation written for various aspects of the GNOME project, and has pretty much decided that the publishing business, as it stands now, is inadequate to the task. He would like to put together a free software publishing company that would keep the documentation freely available and pass through more of the receipts from book sales to the authors. There is a mailing list for those who are interested in participating.GNOME-related releases this week:
KDELinuxToday has run an article by Kurt Granroth describing what to expect in KDE 2.0. Worth a read.Stephan Kulow announced that he has started work on a new speed/size optimization feature for the KDE configure scripts. Based on his preliminary analysis, this option has the potential to more than halve the size of the resulting binary as well as to significantly decrease CPU usage. Kurt Granroth has done a little analysis of his own. KAbiWord. Andrew Wansink briefly announced that he has started work on a port of AbiWord to KDE. This announcement sparked a little controversy, bringing about the realization that KOffice has been quite usable at several stages in the development, yet no interim user release has ever been made and the lone Freshmeat announcement dates back to last October. The fact that the KOffice codebase has now been ported to KDE 2.0 makes the matter of an interim release a little trickier. Fortunately for Debian users, and thanks to the formidable efforts of Ivan E. Moore II, debian packages for kde*-cvs and koffice-cvs will eventually be available. A replacement for the Gimp? In light of various difficulties involved with a KDE interface for the Gimp, there is talk of developing a new easy to use and powerful image manipulation tool for KDE. Developers interested in such an effort should contact Michael Koch. More KDE Quickies. In other news, the KDE team has made the move to the latest and greatest MICO 2.2.6; Bo Thorsen gave us this update on KodeKnight development; Antonio Larrosa announced and implemented a new controversial feature for Konsole and other applications: background transparency; Stephan Kulow declared -- and executed -- intentions of revising the KDE file hierarchy standards with an eye to enabling better compliance with the FHS; and finally, for a cheap laugh, you might want to see how aggressively the KDE developers have been porting over to QString in light of the Unicode support in Qt 2.0. You, too, can own your very own KDE T-shirt with "Konqi" the dragon. See this page for details. (Many thanks to Navindra Umanee for providing material for the KDE section). LittlefishLittlefish is a project which intends to produce a patient information management system for health care providers in the third world. Such providers need all the help they can get, and have little or no funding for commercial software. A freely-available alternative could do a world of good. Littlefish is looking for people to help out, please see their announcement for more information.WineWine release 990523 has been announced. This is a developers only release.ZopeThe Zope booth at Linux Expo was mobbed. The level of interest was quite high, actually getting to the booth was often difficult. Definitely a busy place. The new Portal Toolkit looks awfully nice; we predict that it will be showing up on numerous web sites shortly.Paul Everitt talked about Zope and venture capital at the Expo. Some coverage of the talk can be found in our Linux Expo coverage. The slides for the talk have also been posted on Digital Creations' web site. Section Editor: Liz Coolbaugh | |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Commerce page. |
Linux and businessPacific HiTech is on the move in its attempt to carry its dominance in the Asian Linux market to the U.S. A few things that came out of PHT this week include:
A new Linux press release site. The folks at LinuxToday have launched a new site: LinuxPR.com. This site is dedicated to nothing but Linux-related press releases. Included is a submission mechanism so that Linux-related projects and businesses can submit releases without going through the regular distributors. The fastest Java is on Linux. The latest Volano report is out. This report compares the network server performance of a number of different Java virtual machines on different platforms. The winner: TowerJ on Linux... Tuxedo on Linux, finally. BEA Systems, Inc. announcedBEA Tuxedo and BEA WebLogic Server for Linux running on Intel Architecture servers. Tuxedo, in particular, has been long awaited by people building large distributed systems. Fujitsu Software Corporation announced that it will launch C/C++ and Fortran development tools for Linux on June 30, 1999. These products expand upon Fujitsu's existing line of development tools for both the Intel and SPARC architectures. More databases for Linux: Ardent Software, which has been hinting at a Linux port for a long time, has finally announced the upcoming availability of its UniVerse and UniData databases (though only for Red Hat 5.2). Shipping should start in June. (Thanks to Jerel Crosland). StarOffice 5.1 is out. This release fixes the glibc-2.1 problems that prevented StarOffice from working on Red Hat 6.0 and some other distributions. It is also said to address some of StarOffice's performance and stability problems. Software configuration management for Linux. Ede Development has announced the availability of its "AccuRev" software configuration management tool for Linux. One of the many Linux application gaps that draw complaints is software development tools; we are starting to see that area get filled in just like most of the others. $749 for a single-user license. Press Releases:
Section Editor: Jon Corbet. |
May 27, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Linux in the news page. |
Linux in the newsHere is this week's recommended reading:
The Linux Expo got it's share of press coverage-
Pacific HiTech has been in the news this week-
Here are some articles about Linux in the business world-
More on benchmarks-
There are a variety of articles along the lines of Linux vs. Microsoft-
and finally-
Section Editor: Rebecca Sobol |
May 27, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Announcements page. |
AnnouncementsResourcesA new mailing list for tech writers working on open source projects has been announced.Are you a Gimp artist who would like a place to showcase your work? Or do you know such a person? Michael Hammel at TheGimp.com is looking for nominations for the "Artist of the Month." Here is a good chance to show off a bit; check out the requirements and send in the info if you're interested. EventsAn installfest in Kingston, Ontario, Canada has been scheduled for June 5. See the announcement for details.Also on June 5 will be an installfest in Tübingen, Germany. Once again, see the announcement (in German) for more information. For a retrospective on the South African Computer Faire '99, and the presence Linux had there, see The Linux Professional Association's site. This event was "the first time that Linux made a significant showing at any trade show in South Africa." Stephen Adler has put up a detailed writeup of Donald Becker's talk to the New York LUG on May 19. Web sitesGary gives up. The content of the Gary's encyclopedia site is being released into the public domain. Evidently the maintainer is unable to continue maintaining the site given the level of traffic that it has received.User Group NewsThe Southern Tier of New York LUG has announced a mailing list for its members.A Linux user is interested in setting up an Oahu LUG. Check out his note if you are interested in signing up. |
May 27, 1999
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software Announcements
|
Our software announcements are provided courtesy of FreshMeat
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Back page page. |
Linux links of the weekLinux Resources, a site run by the folks who do the Linux Journal, has been recently reworked and has a snazzier look. They also appear to be working to increase the amount of original content there. Linuxports.com is dedicated to commercial ventures with Linux in general. More specifically, it is the home for the Linux Consultants, Commercial, and VAR HOWTO's. The site has been recently reworked with an easy submission mechanism for those wishing to be listed in the appropriate HOWTO. Section Editor: Jon Corbet |
May 27, 1999 |
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Sun, 23 May 1999 22:49:08 +0200 (MET DST) From: Tomasz Motylewski <motyl@stan.chemie.unibas.ch> To: lwn@lwn.net Subject: The Free Software Basaar On the page: http://lwn.net/ you have written about The SourceXchange and Cosource.com But I feel that you should have mentioned an already working institution of this type: The Free Software Bazaar http://visar.csustan.edu/bazaar/ I have been envolved in one of its projects, and I must say it was great. Best regards, -- Tomasz Motylewski | ||
From: schwarzma@healthpartners.com (Michael Schwarz) Subject: PGP correction To: editor@lwn.net Date: Mon, 24 May 1999 14:15:22 -0500 (CDT) I wrote a letter that was published in last week's LWN. A number of people wrote me and LWN to correct what I stated. While I was correct that PGP uses an RSA (of anywhere from 512 to 4096 bits) public/private keypair to encrypt a 128-bit IDEA session key, I was dead wrong that an attacker would concentrate on breaking the 128-bit key. Why? Two reasons. 1) A 1024-bit RSA key is much easier to crack than a 128-bit IDEA key. Why? Because the attack on the RSA key involves trying pairs of primes. The size of this problem is is *smaller* than the problem of trying every 128-bit key. A nice summary of the issues can be found at: http://axion.physics.ubc.ca/pgp-attack.html I've let this be a lesson to me. Don't think because you know a little that you know it all! 2) The second reason is that recovery of the public/private key pair gives you not just the one message, but every message encrypted with that public/private key pair. Obviously, this is the holy grail. For the record, a 128-bit key has 340,282,366,920,938,463,463,374,607,431,768,211,456 possible values. My comment about "decades" was modest. Further, cracking IDEA isn't helped by TWINKLE. TWINKLE speeds up the factoring of primes, not part of the problem in cracking IDEA. My thanks to the several people who e-mailed me to correct my errors. I just wanted to set the public record straight myself and direct those people with questions (like me!) the above URL which summarizes the issues neatly. -- Michael A. Schwarz | "If God had meant for man to msNOchwarz@sSPAMherbtel.net | walk, he would not have invented | roller-skates" - Roald Dahl -------------------------------------------------------------------------- | ||
From: Matthew Benjamin <MBenjamin@comshare.com> To: "'editor@lwn.net'" <editor@lwn.net> Subject: KDE Wars Again? Date: Tue, 25 May 1999 11:17:53 -0400 Miguel de Icaza's remarks about KDE were unfortunate. GNOME has made great progress over the past year--moving, to be blunt, from a promising kit Nick Pretreley couldn't get to work on his machine (around February, 1999) to an environment he prefers (May, 1999). From where I sit, though: 1. KDE has a very bright future. It is the default desktop for, IIRC, at least 5 packaged Linux distributions and the Corel Netwinder. The appearance that Miquel is not aware of this does not add to his credibility as an OSS guru. 2. From a software engineering perspective, QT/KDE are very well designed. I do see GTK's easy binding to many languages as a major strength--the best purely technical reason to use it, in fact. But it is not one that take away from QT/KDE--far from it. Miguel's apparent belief that implementing in C connotes software quality--or even makes up for poor or uneven implementation quality--does not add to his credibility as a software designer. GTK/GNOME's greater flexibility is one of _it's_ strengths, but is not thereby a _weakness_ of QT/KDE. 3. From a user-interface design perspective, KDE is very well done. It merges ideas from many desktop enironments into a seamless whole that is very ergonomic and effective. At least one reviewer has said he prefers it to the Macintosh. The QT/KDE toolkit makes stable and visually consistent applications very easy for novices to create. Since KDE allows--but does not require--a very Windows like UI style, the attractiveness of Linux/UNIX to current Windows users is greatly enhanced--no small advantage to the entire OSS enterprise, in my view. 4. QT/KDE has been declared free by the maintainers of the Open Source Definition, and OSI. The KDE framework itself is fully GPL'd and LGPL'd. No one is helped when the leader of one Open Source project lets himself be quoted saying his Open Source competitors "aren't really free." (I believe that this violates a basic rule of Open Source etiquette, though I am not an OSS anthropologist, and cannot make proclamations like this.) 5. The QT/KDE team has shown great leadership. I think any fair reading of history gives them credit, at the LEAST, with showing that a new, from-scratch, world-class, UNIX user interface could be done at this late date, and, most importantly, that it could be done as Open Source software. No one can take that away from them--and I think it is unseemly to try. 6. I don't think that KDE developers engage in this kind of trash talk about GNOME developers, quite the opposite in fact. What motivates this behavior? I'm sorry, I don't understand. GNOME spokespeople should focus on developing and documenting the strengths of their own approach (which are many), and should be generous to their KDE competitors. Matt Benjamin | ||
Date: Thu, 20 May 1999 11:36:52 -0400 From: Walt Smith <waltech@bcpl.net> To: letters@lwn.net Subject: the mindcraft challenge Hi all, I'm an occassional Linux user, not a developer. I have gradually become educated in Linux and have installed several systems and configured several server/application tasks. I've also done the same with Windows. I agree that Linux may not be quite truly ready for the desktop (at this time) and makes a dynamite server. That being said for perspective...... I like Linux as an alternative to MS for many tasks and use both (win95). Today, I read the MS/Mindcraft challenge linked by lwn.net. It reads like a Clinton/Milosovic pamphlet. (sorry- with the Kosovo thing, and having read the Clinton transcripts, it seems appropriate). No matter the validity of a retest, the "results" posted by Mindcraft will be way out of proportion. Frankly, the way the challenge is written (along with the comparison list of the previous test), it appears the audience is a 3rd world country - or those souls who are extremely limited in use of the OS's. Possibly housewives or gardners who have zero interest in such matters? (corporate managers?) It looks to me to be written by a plain huckster. There is a line between good solid American salesmanship (with normal exuberance) and hucksterism. While there was much I take exception to, I cannot factually object on many technical items because of my lack of direct experience. However, the statement that "Linux" is slow to respond to the challenge is something that I can't let go. "Linux" did respond by instantly rejecting the results of the test, asking for a another test, and stating the conditions, which sound quite reasonable to me. Simply because a date wasn't instantly agreed to - (did Mindcraft propose a date?) doesn't mean that "Linux" (implied- Linux Community) is slow. It means the challenge was issued to no one in particular at no particular time. LWN is correct - it's a trap; but an obvious one with pure, biased, self-serving marketing propaganda and attending publicity as the objective. Marketing does work, but in a free society such as ours, really bad tasting soup that sells during the first few weeks it's advertised eventually has no more buyers. Untruthful unadulterated propaganda has a habit of backfiring. regards, Walt Smith, Baltimore | ||
Date: Tue, 25 May 1999 18:08:52 +0100 From: Aaron.Trevena@msasglobal.com Subject: more flaws in NT v Linux pieces To: thurrott@wugnet.com Paul, Both PC week and PC magazine are more used to NT as they are from a PC/Home environment and don't really have the experience in servers that say Byte or Performance Computing have. The reporting style alone is as poor as the glossy ComputerAd's magazines, it is hardly in the same league as professional Journals. This is shown even more clearly by a total lack of understanding when implementing the dynamic content benchmarks. Comparing threaded server extensions like ISAPI or NSAPI are totally different to CGI. Linux and Unix have a variety of Servers but Zeus and thttp the renowned fastest web servers were not included in the test, while Apache have always made it clear that the aim is - sufficient speed to do the job well while providing reliability and extendability that IIS and other commercial servers cannot offer. Zeus provides ISAPI support as well as a huge speed increase over Apache, yet this isn't even mentioned. Not only were applications and servers missed out but even the most obvious unix's. SGI's IRIX is known to outperform NT using SAMBA, but wasn't included. Net/Open/FreeBSD the 'other' free unix (with original UNIX heritage) is not mentioned and neither is BSDI the high end commercial BSD unix designed exactly for networking and webserving. The e-commerce tests were a joke comparing completely different techniques and systems. PHP, Zope, Chillisoft, EJB, oracle, db2 none of these were included in the tests but these are what professional application developers use. Mod_perl - the Apache perl module that provides high speed perl cgi was not included nor velocis its commercial cousin. The tests were poorly researched and ran for only 4 hours, Web uptime for UNIX is measured in hundreds of days so 4 hours is of very little value - what happens when arcserve on NT crashes and you are given the choice of rebooting NT or risking no backups - I have seen it happen where I work. It would have been useful to see how well the machines were doing after 45 days, or 100 days with that consistant load. The problem with journalists familiar with windows is that they don't know enough about UNIX or open source to do the right research (if at all), and Linux and OSS advocates have to point out the obvious to them. But then the readership of these magazines as well as the advertisers all of whom have a lot riding on NT want to hear how good it is and how they made the right choice. With gaping holes and skewed facts that rather then being reported objectively by professionals, are crowed about when the magazines prefered vendor does well and whispered when they don't (see how it isn't mentioned outside of the numbers themselves how Solaris outperforms NT, or how SAMBA beats NT when serving NT clients in comparison to headlines screaming that NT is faster then Linux when in fact IIS on NT serves some types of webpages faster than Apache on Linux depending if you have expensive enough hardware and run different types of test - ISAPI v CGI) it is hardly surprising when we kick up a storm about it. Aaron Trevena. Intra/Internet Developer & System Administrator (AIX,NT,LINUX) nb: your reply would be much appreciated, this has been cc:ed to Linux Weekly News. | ||
Date: Fri, 21 May 1999 12:59:20 +0100 From: Charlie Stross <charlie@antipope.org> To: letters@lwn.net Subject: On copyright, free software, and being Restrictively Unrestrictive There's something of a row going on at present over the ideological or political trappings of the FSF, and specifically the GPL. Various people have been throwing accusations around ("Richard Stallman is a communist", for example). Others are saying that the GPL is restrictive and is an attack on non-open-soure software. I think these people are completely missing the central point. The free software movement is like the little boy standing by the parade, pointing at the Emperor, and shouting "but he isn't wearing anything!" The emperor in question is, of course, our current notion of intellectual property. Let's go and take a peek through the wonderful cinemascope time-viewer, and replay some interesting bits of history, Back before the Gutenberg revolution, if you'd suggested the concept of copyright to anyone who was literate they'd probably have stared at you as if you were mad. Copying information was a highly labour-intensive operation: a mass market for duplicated texts simply didn't -- and couldn't -- exist. Patents -- or their forerunners -- existed, in the form of royal grants to some individual or guild to have exclusive ownership of some tool or mechanism for production, and the guilds had their secrets, but the legal basis for ownership of trade secrets was different from the basis we understand today: you owned one because the King said he'd hang anybody else who muscled in on your turf (as long as you behaved yourself and paid your taxes). The contemporary explanation of patent rights would be incomprehensible, because the concept of a society based on a social contract and mutual observation of rights didn't exist: there was no mechanism whereby society (or its legislators) could agree to grant rights to inventors in order to encourage their creativity. Let's hit the fast-forward button a bit, and take the leap into the age of enlightenment -- post-printing-press, post-monarchical. Duplicating texts had become a problem by the nineteenth century. Earlier solutions included licensing printing presses, but in a society that encourages free speech there's no obvious justification for that. A situation arose where any aspiring novelist who published a book would be vulnerable to unscrupulous printers copying their work and re-selling it, pocketing the profits that accrued. Mass literacy brought its own new social problems. The solution to this problem was the idea of copyright; that the author of a work had the power to grant a right of copying over it. A sensible and moderate solution within the context of the time, because printing presses were big and pirate printers could be tracked down and sued in civil court. A similar approach was taken to inventions; it was merely common sense that an inventor who came up with a genuinely new innovation should have the right to reap some profit from it before carpetbagging imitators duplicated the idea and swamped the market. Patents originally were a sign of progress; by protecting inventions they made it feasible to publish details of them, rather than trying to maintain the secrecy surrounding them. This in turn encouraged a climate of invention. Secrecy, as we should all know, is one of the enemies of progress. And now let's hit that fast-forward button again and jump all the way to the present day. The concept of copyright has been over-extended. From protecting an individual author's rights to their work, it has been extended to protect vast corporations. From covering published books and pamphlets that some individual slaved over, it now covers what a Marxist economist would call alienated labour -- the capital accumulation of information. By extending copyright seventy years after the author's death our legislators haven't done anything for their surviving families, but have taken a large chunk of our common cultural heritage and handed it over to faceless corporations who can dole it out on a commercial basis. By extending copyright cover to music, the legislators have granted new rights: the music industry in turn is concerned with constructively extending their copyright in such a way that the consumers pay per performance, rather than paying a one-off purchase fee related to the recording medium. And so on. The patent laws have also been shown to be defective. Software patents run for the same 20-year period as normal patents: but in the febrile world of software, 20 years covers as many generations as 75 years in the automobile industry or 250 years in the construction industry. Meanwhile, patent agency staff who are manifestly untrained for the task grant patents on inappropriate inventions and things which simply are _not_ inventions, such as the algorithms underlying public-key encryption. By granting patents on mathematical principles, they are hampering the growth of the industry rather than fostering it; it's as if they had allowed some company to patent the refractive index of glass and claim royalties from any other company producing materials that shared that physical characteristic. And so, we come to the free software movement: loudly declaring "but your whole idea of copyrights and patents and selling something that can be copied freely is a load of crap! Charge for support and services, make the software itself free, and you won't have to deal with these internal contradictions!" Well, time will tell. Personally, I think the answer is a thorough overhaul of copyright and patent laws, drafted not from the point of view of the big multinationals (who want to be able to copyright database schemas and patent mathematical theorems if it helps them make more profits) but from the point of view of the original agreed social goals -- to protect the writers (and programmers, and musicians) from plagiarism, and to encourage the inventors to keep inventing and raising our standard of living. -- Charlie Stross (Linux columnist, Computer Shopper (UK)) | ||