Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page
Other stuff:
Contact us
Recent features:
Here is the permanent site for this page.
|
Leading items and editorialsMore analyst studies released. There was a pile of studies about Linux and Windows released this week; some favorable, some ... less so ... We'll get the unfavorable stuff over with first. We were overdue for another Gartner Group study giving a dim view of Linux. The wait is over...Jussi Torhonen pointed us to three separate articles that went up recently:
Microsoft Web Letter is published by Microsoft. Additional editorial material supplied by Gartner Group, Inc. ©1999. Editorial supplied by Microsoft is independent of Gartner Group analysis and in no way should this information be construed as a Gartner Group endorsement of Microsoft's products and services....Gartner has subsequently claimed that the results represent Gartner's research, and that the research had not been funded by Microsoft. But what is one to make of the "Microsoft Web Letter," published on Gartner's site? "Published by" and "funded by" evidently mean different things. [Update: it is interesting note that, since October 19, Gartner has changed the fine print on the above articles so that it no longer mentions Microsoft. Trust us that it was previously written as above. Artur Skura points out that another article in the same series retains the old copyright at the bottom - until they change it too...] Meanwhile, a separate group called Bloor Research did its own looking at Linux and Windows NT. This study was intended to evaluate the two systems in "real world" environments. They compared nine different categories; Linux won on six of them, tied on two, and came out behind on only one of them (application availability). As Bloor says in its press release: "The verdict is clearly in favour of Linux" The Atlanta Linux Showcase is over. Our coverage of the site is available on the LWN/ALS Showpage. Many thanks to the ALE volunteers for their work on this year's show and for offering us the opportunity to work with them. A couple of the features we did that were linked to the show page are worth (in our biased opinion) a closer look. The ALS also sponsored a development hothouse for The XFree86 Project, with help from SuSE and VALinux. We cover the results of that hothouse in this report. The hothouse may have been the key to making the release of XFree86 4.0 possible this year. In another example, not sponsored by ALS but held in conjunction with the show, Loki Games and Activision put together Loki Hack 1999, 48 hours of access to the source code for the Linux version of Civilization: A Call to Power, to allow the hackers to add features, change the rules or otherwise modify the game. Although the results will not be open source, they will also not be folded into the commercial game, but made available for free in binary form on the Internet. What is the tie between the two events? Both were examples of commercial organizations giving back to developers, not in monetary terms, but by providing them with travel money, organization and opportunity to get together to do what they love best. From the happy faces we saw in the closing press conferences, this was one method of "giving back" that generated a great deal of good will and verifiable results. Another bit of heat in the distribution war. Consider for a moment a quote from this New York Times article (registration required). The subject is the potential fragmentation of Linux: "But Linux vendors are already pointing fingers. 'One [place] where you might see a problem is Caldera, because they see part of their value added in proprietary tools they have licensed from third parties,' said Bob Young, Red Hat's chief executive." Now, this is a pretty mild shot, even considering that Red Hat is not all that far away from the days when it, too, bundled in proprietary software. But it's a troubling sign of what the future holds. As the amount of money that pours in - and the amount at stake - grows, the currently good-natured competition between the distributions may well turn ugly. Even if none of the current players are inclined toward ugliness, even with anxious stockholders to face, others will come in who certainly are. Our Linux world is going to get stranger. With luck and some care, the Linux culture and community will prove strong enough to survive even as full-scale capitalism rages around it. LWN headlines available for use on other sites. It took us an unbelievably long time to get around to it, but we finally have set things up so that other sites that want to run LWN headlines can do so. Please see this page for details on how it works if you are interested. Thanks to the several sites which are already carrying LWN headlines. As part of making our headlines available, we also set up LWN as a "My Netscape" channel. If you are a "My Netscape" user, you can add LWN's headlines to your page by clicking on the little "add this site" icon on the left, or on this magic link. Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
October 21, 1999
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Security page. |
SecurityNews and editorialsA first crack in the US Administration stand on export controls for source code was publicized in several articles last week, including this article from Reuters:The Clinton administration is considering relaxing export limits on computer source code for data scrambling programs, in a possible move acknowledging the growing importance of Linux, a top export official said Tuesday.It seems that the impact of relaxing the restrictions on commercial binaries while maintaining them on source code is being felt in many areas. There are hints that the administration's change in attitude is prompted by the commercial companies themselves, who are finding the current situation unworkable. Bear Giles dropped us this notein which he points out the impact on Kerberos, which is used both in commercial products, like Windows 2000 and many ISDN modems, yet is a free/open source product in the form of the original MIT Kerberos implementation. Bear also mentioned that he is working on a Kerberos-ized version of Debian, due out by the end of the year. He would be pretty happy to see the export restrictions lifted, since it would allow him to contribute his work back to the main Debian tree and obviate the need for a separate distribution. Quite a bit of "fragmentation" in Linux distributions is due to export retrictions: multiple versions of SuSE, Red Hat, additional distributions like Definite Linux, KRUD, to name a few. If the articles are not off in left field, we'll hear something back on the issue by mid-December. Meanwhile, time to keep the pressure up. Security ReportsLinux kernel 2.2.13 has been released. This version of the kernel, delayed for a few weeks so that testing and bug-fixes could hammer it into a truly stable kernel, contains several security fixes. At this point in time, any system running the 2.2.X kernel series should be upgraded to 2.2.13.Problems in lpd and lpr were announced by Red Hat this week. Links to updates from the various distributions are below. Another wu-ftpd problem. After a week or two of no new comments on ftpd servers, AusCERT released a new advisory for a remotely-exploitable root access vulnerability. CERT followed up with their own advisory as well. Expect to see another round of updates to wu-ftpd in the coming weeks. Commercial products: A security problem with Eicon ISDN modems was reported and new firmware for it is now available. A vulnerability in CheckPoint Firewall-1's LDAP authentication can lead to unauthorized authentication. Updatesamd updates: (New problems since the 9/30 update) lpd updates:
mirror updates: PAM: ResourcesA 'next generation' CGI Scanner, called whisker, has been released. "Whisker can easily scan your corporations network for the latest in CGI holes, slices through the false positives, and lets you tweak/customize the script to your heart's content. "EventsThe Twelfth Annual Forum of Incident Response and Security Teams (FIRST) will be held June 25th through the 30th in Chicago, Illinois, USA. Here is their Call For Papers.Section Editor: Liz Coolbaugh |
October 21, 1999
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is 2.3.22. A number of problems have been reported with this kernel, so potential users may wish to approach it with caution. The "testing" directory contains a 2.3.23 prepatch (up to version 4 as of this writing) that should probably be applied; it fixes the 2.3.22 difficulties. (Of course, 2.3.23 may be out by the time you read this; see the LWN daily updates page for the latest information). The current stable kernel release is 2.2.13, released at long last. A set of release notes for this version has been posted by Alan Cox. Therein one can read the (long) list of changes incorporated into this release of the kernel. If 2.2.13 proves as stable as hoped, there is a good chance that the next release (2.2.14) will contain the long-awaited NFS server patches. Version 0.0.2 of the ext3 journaling filesystem has been released by Stephen Tweedie. See the announcement for details; this is, according to Stephen, "the first usable release." Note that if you want to test out ext3, that there are a couple of patches to 0.0.2 in the FTP area which should be applied as well. Stephen has also released an initial set of tools to help with ext3 migration. (See also: the September 23 LWN kernel section for a discussion of ext3 and what it does). Questions for the week: why is the traffic shaper in 2.3.x?, or even why is ifconfig still around? Both questions relate back to the same basic issue: Linux networking has a great many advanced capabilities that are, at this point, still little used. On a modern Linux system one can do things like:
The main reason for the persistence of the older networking tools appears to be documentation. Very little exists for the iproute2 and traffic control tools; thus it is hard for most people to start using them. These tools are somewhat complex and intimidating for new users. There are documentation efforts underway, so this lack is likely to be remedied somewhat within the next few months. At that point, the traffic shaper can maybe go away, and ifconfig perhaps replaced by a shell script which translates to the new IP tools. Until then, it looks like business as usual for most users. (The iproute2 package - and much of the fancy networking features supported by it - was written by Alexey Kuznetsov. The package may be obtained from his FTP site at ftp.inr.ac.ru/ip-routing/. A number of mirror sites exist, including ones at funet.fi and uchicago.edu. A good introduction to traffic control may be found in Werner Almesberger's Linux Expo talk, available in PostScript form from his FTP site.) The Linux Core Kernel Commentary. "TedC" points out to us that Coriolis is about to release the Linux Core Kernel Commentary, which lists a portion of the kernel source and describes what is going on. It appears to be truly "core kernel" - things like filesystems, device drivers, networking, and more are not included. Other patches and updates released this week include:
The Wonderful World of Linux 3.0 Joseph Pranevich, chronicler of new Linux features, has now sent us a grim look into post-millennial times with The Wonderful World of Linux 3.0. Section Editor: Jon Corbet |
October 21, 1999
For other kernel news, see: |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Distributions page. |
DistributionsPlease note that security updates from the various distributions are covered in the security section. Alzza Linux, with a home page at http://www.alzzalinux.com/, is a Korean-based distribution, originally built on Slackware, but now built on Red Hat Linux. Maro Shim dropped us a note and mentioned that it has good Korean fonts and appears to be well-supported. The Linux Ports page has been updated and can be found on this site. Although it does not track distributions, per se, in tracking who is working on supporting Linux on various different chips and architectures, they provide a good resource to see what distributions run on which platforms. Caldera OpenLinuxCaldera OpenLinux 2.3 reviewed (LinuxWorld). Nicholas Petreley looks at OpenLinux 2.3. "Put simply, Caldera OpenLinux 2.2 ... was a work of art -- but Caldera OpenLinux 2.3 is a masterpiece."Debian GNU/LinuxThe Debian Weekly News for October 20th includes coverage of Debian's presence at the Atlanta Linux Showcase, which was very noticeable. Joey Hess, normally the DWN editor, attended the show and send in a report and pictures, leaving Randolph Chung to handle editing this week's issue, which was well done, as usual.A new version of dpkg has been announced, which fixes all major bugs against the package and some minor ones. Ben Collins came in for some special thanks for fixing some long-standing problems. Debian developer PGP/GPG keys and other information stored in their LDAP directory has been made available via finger. Check this announcement for details. Red Hat LinuxThe Tomsrtbt rescue disk may have problems with ext2 file systems created under Red Hat 6.1. Bill Nottingham commented, "mke2fs creates filesystem with revision 1 and with sparse superblocks by default. This possibly could confuse older tools - 4k blocksizes could also confuse it."Reports of easter eggs in Red Hat 6.1. We hear, but have not verified, that some amusing easter eggs in Red Hat 6.1 can be found by either "cat /linuxrc" on the Red Hat 6.1 boot/rescue disk (symlink'ed to /sbin/init) or by pressing F7 in the boot disk main menu. These are harmless bits of humor, and, of course, you can presumably find them in the source code somewhere, since it is provided ... Reports of installation problems with Red Hat 6.1 continue to trickle in. The last batch seems to focus on installer problems with systems that dual-boot with an NTFS partition as the first partition on the disk. People don't seem too happy with the suggestion to do a full install instead. Some are waiting to see if the installer on the officially bundled CD has been fixed. This resembles problems SuSE had with its 6.0 CDs last year. It will be interesting to see if Red Hat is willing to send corrected CDs to customers burned by this, as SuSE did last year. Also note that printers don't come up correctly (see the latest lpd updates mentioned on the security page) and there are reports that ISA ethernet cards are not recognized. Slackware LinuxWe're still seeing a lot of activity in general package updates. Windowmaker support has been improved and some security-related updates and fixes have been done.SuSE LinuxSuSE at the Systems Tradeshow in Munich. SuSE was out in force at this European show, with daily shows featuring installations, application demonstrations and more. Their main booth spotlighted their high-availability web server running Logical Volume Manager, the SuSE Linux IMAP Server, Informix IDS-2000 Linux Edition and a beta version of SuSE Linux running on the PowerPC platform. Their report on Systems '99 is available on their site (in German).SuSE was also present at other booths, partnered with IBM, Compaq, Computer Associates and Minolta. Section Editor: Liz Coolbaugh |
October 21, 1999
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
Lists of Distributions |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Development page. |
Development projectsBuild a mystery Linux application in one day. Vic Metcalf is putting together a demonstration project set to happen at the Network World Live conference on October 26 and 27. Essentially, a group of hackers will get locked into a booth and will have a day to bash out an interesting Linux application - the nature of which will remain unknown until the project starts. "We'll be building something for non-technical people, it will have a GUI, and it will use a database. Other than that participants won't know what the project is until the day of the show. By the end of the day we hope to have RPMs, DEBs and tar-balls available for download." Interested hackers are being sought to participate; signups can be done from the web site. Linux development survey. Some folks at the University of Michigan are doing a study of how open source software development works, with particular attention to communications patterns. They have put up a survey that they would like for people - especially those involved in development - to fill out. If you feel like helping them out, please head on over and answer a few questions. Embedded LinuxAnother site on embedded linux, which we haven't mentioned in a while, is linux-embedded.com, supported by Linux-Mandrake and hosting the LEM distribution.GnomeThe Gnome Summary for October 20th has been published, courtesy of Havoc Pennington. Apparently it has been a busy week, with over forty new or updated applications.Elliot Lee is interviewed by linux.com. Elliot is best known for his CORBA expertise and his work on the ORBit CORBA implementation. The interview focuses in on the features of Gnome October, mentioning both user and developer related goodies, but also touches on some issues for later releases, like Bonobo. Speaking of October Gnome, availability for it has been announced for FreeBSD as well. MidgardHere is the latest summary of developments with the Midgard web application server, by Henri Bergius. A beta of Midgard 2.0 is apparently expected out in early November.The Midgard Workshop was held and had eleven participants. It included training, for which the slides have been made available. MozillaComputerWorld on Mozilla problems. ComputerWorld has run a negative article about the Mozilla project. "Open-source development hasn't helped Netscape keep the Navigator browser alive, and it may not be an effective way for any commercial company to manage product development. It is similar to a free lunch, and we know what those are worth."As might be expected, the article didn't go down very well with the Mozilla developer community. Mike Shaver, Mozilla "developer and evangelist", wrote this response. "It is a source of some considerable pride that Mozilla -- and Netscape along with it, make no mistake -- is taking the time to Do It Right (we hope!). We could surely have released a Mozilla 5.0 based on the Classic code by now, but it wouldn't have met our users' needs, and wouldn't have satisfied our developers' goals for a modular, standards-compliant, performant and portable browser and ``application platform''." Mozilla Status. The Mozilla status page is unexciting this week, containing fairly normal status reports on various projects such as Mail/News. WineThe Wine Weekly News for this week records primarily bug fixes over the past week, plus some improvements in the area of internationalisation. Development discussions focused on mouse wheel support and automatic detection of the Windows version required to run a specific binary.YAMSYAMS (Yet Another Merchant System) is a GPL'd e-commerce package from screamdesign.com. They've announced version 0.5.2 of their package this week which includes improved international shipping suppport and better ability to tie parcel tracking to orders.ZopeThe Zope Weekly News for October 20th is out. It mentions that Martijn Pieters will be giving a talk on Zope in the Netherlands at the Dutch Unix Users Group (NLUUG).An experimental Banner Ad product by Lalo Martins was also announced. The ZBook project issued a status report this week. The project is moving along, but is very activly searching for collaborators to help out. Writers, graphic designers, programmers, and readers are all very much in demand. Please have a look if you think you might be able to help them out. Section Editor: Liz Coolbaugh |
October 21, 1999
|
|
Development toolsJavaInfoWorld reports on IBM, Sun's Java plans. Infoworld gave some very optimistic reports on upcoming Java support:At the Java Developers Conference in San Jose, Calif., IBM will announce the free general availability of a Java Software Developer's Kit 1.18-compliant Java virtual machine (JVM) for the Linux operating system, with performance that exceeds that of JVMs running on Windows NT, IBM officials said.Questions were brought up on Slashdot regarding the Blackdown team's involvement in the upcoming official Sun JVM. Only time will tell, but the article mentions, "Sun is also working with the Blackdown Porting Group to bring Java2 to Linux. " IBM releases Java Development Kit 1.1.8. IBM has announced the release of version 1.1.8 of its Java Development Kit for Linux. This version features improved performance, "as fast as Windows." It is freely downloadable from IBM's site. PerlPerl 5.6 beta on the way. Perl News reports on progress towards the Perl 5.6 beta, starting with the latest 5.005_62 release.PythonThis week's Python-URL. This week's Dr. Dobb's Python-URL is out, full of good Python development information, as always.Also, for Python folks, David Beazley's Essential Python Reference, published by New Riders, was scheduled for released October 19th. Tcl/tkTcl-URL!. Dr. Dobbs' Tcl-URL! for this week is available.Section Editor: Liz Coolbaugh | |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Commerce page. |
Linux and businessLinux Today has been acquired by internet.com. The associated press release talks about what Internet.com is up to ("internet.com operates a network of 77 Web sites, 65 E-mail newsletters, 99 online discussion forums and 71 moderated E-mail discussion lists with over 1.8 million unique visitors that generate more than 75 million page views monthly.") but says very little about what will happen with Linux Today. Linux Today itself has been almost entirely silent on the matter. Internet.com's strategy, clearly, is to compete with Andover.net in the "large collection of Internet and Linux sites" category. Linux is seen as a growing area, and these big network companies smell money. They may well be right. It is certainly true that few of the "old time" Linux sites remain independent. LWN has learned that LinuxToday founder Dave Whitinger is leaving as a part of this acquisition; LinuxToday will henceforth be in the hands of co-founder Dwight Johnson and managing editor Martin Pitts. Dave wasn't talking much about where he is going, other than to say that he sees no end of opportunities in the Linux space. He will not be competing with LinuxToday. Dave gave us a parting statement: "Linux Today has grown into an enormously successful Linux news site over the past 13 months, and I wouldn't have turned it over to Dwight and internet.com if I wasn't confident in Dwight's commitment to Linux and Free Software, as well as internet.com's new commitment to their new customers (the Linux community). LWN wishes luck to both Linux Today and Dave in their new initiatives. ATI supports Linux ATI, a manufacturer of video cards, announced support for Linux and the opening up of programming information for its products. In particular, ATI will be releasing 3D programming information that was not available before, and will be contracting out the development of drivers to be donated to the XFree86 project. This is, of course, exactly the pattern that rational hardware vendors should be following. ATI makes hardware, and wants people to buy that hardware. By making information about the hardware available, and by supporting the development of drivers for that hardware, ATI is making its hardware more attractive to Linux users. It is most nice to see hardware vendors waking up to free software in this manner. Active Server Pages for Linux. Halcyon announces that its Active Server Pages "servlet" can be found on the Red Hat 6.1 applications CD. Linux users may not thrill at the thought of adding ".asp" pages to their web sites, but this capability could prove to be a crucial migration path for people currently running web sites on less reliable systems. Linux has always been good at building bridges to other systems, and an ASP implementation should only help in that regard. Corel puts up advocacy material. Corel has put up a set of articles on its web site promoting Linux. Linux outside the Fortune 500 looks at the use of Linux in small businesses. "The sheer number of companies, large and small, that are delivering, supporting and using Linux should increase your confidence in the future of Linux, as well as your ability to get some help should you need it." Making the grade with Linux talks about why students might want to use Linux. "The thought of installing a UNIX®-like OS on a personal computer seems ridiculous if not intimidating, especially if you're new to Linux. But there are several important factors that make Linux the ideal operating system for any student wanting a stable, viable alternative to 'that other OS'" (Thanks to Michael Katz-Hyman). Corel has also straightened out its beta test license. Bruce Perens reports on Technocrat that the new license from Corel for the beta version of its Linux distribution no longer contains obnoxious redistribution restrictions. The license is now compliant with the GPL - and other open source licenses - that cover the software Corel is distributing. SuSE supports Linux internationalization effort. SuSE announces its charter role in the Li18nux project. The goal of this project is to come up with standards for internationalized Linux that will eventually become part of the Linux Standard Base. LinuxTShirts.com launched. In a different sort of Linux public offering, LinuxTShirts.com has gone live. Their offerings are not readily downloadable, but they do take patches well... Press Releases:
Section Editor: Jon Corbet. |
October 21, 1999
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Linux in the news page. |
Linux in the newsRecommended Reading: Fast Company interviews Eric Raymond. "Don't confuse the idea of free software with the idea that it must be created by volunteer labor. Increasingly, open-source developers are getting tangible rewards for the reputations they've established. As venture capital pours into open-source software and as Linux-based companies get started, companies are competing to hire stars. In our world, it's easy to find the stars: Their names are in the projects' credits." It-Director.com ran this article about the (Linux-powered) British Royalty web site. "Microsoft cannot realistically pursue the line that Linux is not enterprise ready when it is the choice under test, by the official government agency, for the largest user of computers in the UK - the Government. The work by the CCTA confirms our own research in this area, just as we go to press. Linux is robust and it is reliable and it scales well enough to run a very very large web site." (Thanks to Gordon Perkins). Business: The Times looks at the Queen's (Linux-based) web site. In fact, a number of UK government web sites switched over to Linux at the same time. "The Palace couldn't say whether the Open Source Linux community would be entitled to use the By Royal Appointment tag - it would have to have its product used for a certain period of time first to the satisfaction of a member of the Royal Family, before an application for the tag could be made." (Thanks to James Heald). News.com looks at investments in Lineo and the Linux Mall. "The Motorola investment in Lineo is one in a series of negotiations that the company is holding with different chipmakers, Lineo chief executive Bryan Sparks said in an interview today with CNET News.com. 'We're soliciting investments from most,' Sparks said." Sm@rt Reseller reports on SCO's investment in the Linux Mall. "SCO says the investment is one step in a long-term strategy to align itself with the open-source movement and leverage the Linux market. Over the next few months, SCO will announce more products running on Linux and will use LinuxMall to bolster its Linux professional services business." Here's an InfoWorld article about Red Hat and Compaq's joint support deal. "Red Hat officials are holding up the deal as a shining example of how major players, such as Compaq and Red Hat, can work together effectively to show off the benefits of Linux and open-source development to corporate accounts." News.com covers Compaq's service deal with Red Hat. "The deal nudges Red Hat forward in its battle with Linuxcare to provide technical support for companies using Linux. Linuxcare won a deal to provide technical support for Dell Computer's Linux machines." ZDNet looks at the sales of Linux box sets. "Linux vendors worry among themselves that prices will be driven so low that no Linux distributor will be able to make money. Caldera, Corel and Red Hat employ Linux developers as part of their cost of doing business and need to move quantities of commercialized versions of their product to sustain the effort." News.com ran this article about the efforts some companies are making to look good to the open source community. "Companies benefiting from open-source efforts go to great pains to avoid acquiring the dreaded label of 'parasite'--a company that exploits the work of open-source programmers without 'giving back to the community.' Often, those efforts include contributing to the programming effort, as in the case of Red Hat and most other versions of the Linux operating system." For those of you who are interesed in the insider trading charges being filed against Michael Cowpland, this News.com article covers the basics reasonably well. "The charges relate to Cowpland's sale of shares in 1997, just one month before Corel reported a surprising $32 million third-quarter loss, which sent the stock into a 40 percent decline to a low of $5.35 per share in Canadian currency in September. Cowpland sold his shares when they were trading between $8.20 and $8.80." Reviews: ZDNet UK covers (briefly) the Bloor Research study. "Although this is just the latest bout in the ongoing between the industry leader of server systems and the popular open source challenger, it is the first time that the OSs have matched up in an environment designed to simulate a real working conditions." TechWeek looks at the Google search engine. "Google.com is powered by a network of some 2,000 Linux-based PCs, one of the largest installations for the upstart operating system." PC World reports on the upcoming Corel Linux release. "Corel's goal is to offer a version of Linux that's easy enough to use to attract enthusiasts who aren't necessarily computer experts, although the company isn't targeting first-time buyers..." InfoWorld looks at Corel's upcoming release. "A basic version of Corel Linux with no third-party applications or support will be offered for free download from the Internet on Nov. 15. By the end of next month, Corel aims to ship two packaged versions of the operating system for retail sale, the company said." (See also: our review of Corel Linux from last week). CPU Review reviews SuSE 6.2. "SuSE 6.2 quite simply has the largest collection of software packages ready to install on from CD; far more than I've seen from ANY other distribution. Extreme Linux (clustering software), Blender (3D rendering / scene editing package), PCB layout packages, and just about every database server under the sun is included. I must admit I spent about an hour browsing around and selecting packages and I ended up with a 2.27Gb installation." Linux in Brazil ran this review (in Portuguese) of SuSE 6.2. They like the Portuguese support in the installer... Here's the Babelfish link for those of us who don't read the language. Salon Magazine reviews Bob Young's new book. They don't much like it - they call it "a hastily written and sloppily edited book." The review looks at what's happening with Linux in general as well. "And that's a point that seems lost in the self-congratulatory rhetoric of 'Under the Radar' -- as well as obscured by the frenzy of speculation and deal-making currently sweeping the Linux marketplace. Free software didn't grow because entrepreneurs saw the potential to make a killing; it grew because individual programmers sought better tools for solving their daily computing problems." MacWorld reviews LinuxPPC 1999. "Inexplicably, the CD itself contains no installation documents-you must download those from LinuxPPC's Web site. You'll need those installation docs, too, because the install process is harshly nonintuitive." (Update: LinuxPPC points out that this review was done on a nearly release of LinuxPPC 1999; the September release of the distribution includes documentation on the disk). This article (in French) in VNUNet France looks at Linbox and its Linux-based "thin client" architecture. English text is available via Babelfish. (Found in NNL). OS News looks at IBM's PowerPC motherboard and Linux. "From IBM's perspective, Linux's three most attractive characteristics are its rapidly growing popularity, its status as a completely free OS (both in dollar terms, and in terms of intellectual property), and the fact that it can be made to run on a PowerPC computer." TechWeb reports on the upcoming Star Office release, which pushes things in the direction of Sun's "Star Portal" strategy. "[StarDivision founder] Boerries said although Sun was committed to providing StarPortal on a variety of platforms, it would make money from selling Solaris servers to ISPs, 'People may start on Linux and NT, but what we believe is as utilization goes up, as connected users ramp up then people will go to a real server, a Sparc Solaris server -- Linux and NT servers will run to the wall.'" CPU Review looks at the future prospects of Windows 2000. "Microsoft will likely be disappointed in Windows 2000 sales for at least the first half of 2000; the combination of delays, reluctance to upgrade, tight corporate purses and the ever-increasing presence of Linux will serve to depress Windows 2000 sales." Gartner Group: Here's a brief, amusing item in ComputerWorld's "Shark Tank" column from the Gartner IT Expo. "Analyst Michael Zbouray: 'Any good Unix security engineer can clean up any Unix box. But I'm not sure there are people even within Microsoft who know how to clean up an NT box.' From the peanut gallery: 'What operating system would you recommend?' Pause. Zbouray: 'You tempt me.' The audience of 300 sets up a chant: 'Go for it! Go for it! Go for it!' Zbouray throws arms in air, shouts: 'Linux rules!' And the crowd goes wild." VARBusiness attended the Gartner Group's Symposium ITxpo 99. "Central to the debate was where Linux fits into enterprise customer IT departments, and whether Linux vendors were responding accordingly. While acknowledging the enthusiasm for the technology, [Microsoft's] Edwards says his company has not seen deployments in enterprise customers at levels that warrant grave concern." Here's an article in ComputerWorld Australia following up on the Gartner Group's anti-Linux pronouncements. Numerous eyebrows had been raised by the Microsoft fine print at the bottom of the Gartner reports. "However, Gartner's Barrow, said the Webletter report had reproduced Gartner's original research in its entirety and that the research had not been funded by Microsoft." Editorials: The LA Times ran a letter to the editor by Ray Marshall regarding the real number of Linux users. "I know of one department at work that bought a single Red Hat distribution kit and used it to load up over 100 machines, about half of which are desktop workstations. Personally, I use Linux exclusively, both on my home PC and on a Dell laptop, even though the Dell was delivered to me with Windows installed. The point is that there is no way to estimate the number of Linux installations in use throughout the world." Here's an article on Borland's site lamenting the difficulties in getting a good, dual-boot Linux box. "But it's too early in the game for most of us to just dive in. I'm looking for a transition box: something that will run what I need to run, under Windows NT for now, with Windows 2000 Professional in my near future, and Linux on the side. I need to begin experimenting with porting my work to Linux." (Thanks to Anand Rangarajan). Information Week ran this article which looks at both Microsoft's 'Linux myths' and Red Hat 6.1. "Microsoft's rant makes some good points about Linux's weaker aspects. But when one recalls what a joke Windows NT Server 4.0 was a mere three years ago, it's clear that the weak can get stronger through perseverance. The Oct. 4 update of Red Hat Linux 6.1 proves that Linux is adroitly moving ahead." Here's a column in Upside looking at Sun's approach to open source. "Sun simply does not provide an incentive to the outside programmer community to help enhance [Java]. Therefore, it does not gain the advantage of all those outside developers working on one project. Java does not evolve the way Linux does. Sun doesn't get it." The (UK) Sunday Express says Linux is a threat to Microsoft. "The low prices for Linux software seem certain to persuade users to defect from Microsoft in droves." (Thanks to James Heald). IT-Director.com says that Windows CE might go open source, since it appears to be making little progress any other way. "Microsoft boasts of the time that it turned the company round to deal with the Internet, but that was simply a technology change backed up by a heap of money. We do not believe that it can take the cultural change of adopting the open source model even for a single product stream. Windows CE looks sicker and sicker with every month that passes and may eventually have to be put to sleep." Here's an osOpinion piece which looks at the prospects for Linux World Domination. The author concludes that it will not happen, and that that is not a problem. "Even though this analysis suggests that Linux World Domination may never take place, Linux will nevertheless put up a very respectable performance, and may even go on to dominate the mid-range server market and possibly segments of the appliance market.... Linux will without a doubt succeed in making the operating system market safe for the consumer." Interviews: Here's an interview of Brian Behlendorf which appears on sendmail.net. It talks mostly about the sourceXchange. "...let's say that next year you have 30 million Linux users who all have very general needs, and all are happy to put in twenty bucks over the course of a year to have those needs met. You basically create a mutual fund for software development." Tim O'Reilly is interviewed on the new sendmail.net site. "Despite the excitement about Red Hat, their success at putting software in a box and selling it only helps to perpetuate the myth that most software is written for sale. In fact, as most of us know, a great deal of software is written for use in our businesses. It's a tool, like any other, with a set of build-versus-buy tradeoffs." This interview (in French) with Bob Young appears in Liberation. "He has nothing to sell, just his image." English text available via Babelfish. (Found in NNL). Finally: Computer Reseller News polled resellers on where they saw Linux. "Fifty-two percent of VARs surveyed last month said Linux would be a viable alternative to Windows in the small- and midsize-company market within the next 12 months. This was up from 45 percent in August and the highest figure since CRN began fielding this question last April." ZDNet ran this somewhat contemptuous article about Linux security. "Our test struck the ire of the Linux community. Most of them suggest going to the Red Hat Web site and looking at its security page. This solution somewhat works but flies in the face of the whole Red Hat-is-not-Linux argument. Red Hat does offer signed versions of RPMs to verify their authenticity, but what sort of code verification do they do?" Upside Magazine reports from the FreeBSDCon. "In light of the recent runaway success of GNU/Linux, by all accounts a bastard operating system according to the convoluted Unix family tree, the last 12 months have provided an opportunity for soul searching. With more and more businesses, investors and media outlets gravitating toward the open source message via Linux, insiders had to wonder: Was the FreeBSD community doing all it could to take advantage of the growing market opportunities?" The Nando News ran this article about the Microsoft trial - it includes the "Linux defense." "With Red Hat's Wall Street success, experts predict an increase in the number of Linux-related IPOs. This would mean more cash for businesses to spend promoting the Linux operating system. Increased marketing could win Linux the mass-market appeal it will need to compete against Windows for desktop PCs." The folks from Linux Magazine wrote in to let us know that they have put their August issue on the web. Included are articles by Dan Burcaw, Lee Gomes, Alan Cox, Paul Russell, Randal Schwartz, Brian Behlendorf, Eric Troan, and more.
Section Editor: Rebecca Sobol |
October 21, 1999 |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Announcements page. |
AnnouncementsResourcesLinux hardware mailing list launched. Rik van Riel has announced a mailing list for the discussion of Linux and hardware; his purpose is to encourage such discussions to move out of the linux-kernel list.EventsFebruary LinuxWorldExpo speakers announced. The Linux World Expo has announced the list of keynote speakers for the upcoming conference, to be held in New York in February. There are not many surprises; the list includes Linus Torvalds, Larry Augustin, and IBM's Steven Mills. Web sitesPontoBR (.BR) is a new news site in Brazil (and thus in Portoguese) which covers technical news in general, and Linux in particular.
Now out of beta, Appwatch send us this announcement about their site:
Linux Laughs launches Linux Laughs is a new site aimed toward penguin-oriented humor... User Group NewsThe Linux/Unix Users Group of Virginia Tech is holding an installfest on October 30. |
October 21, 1999
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software Announcements
|
Our software announcements are provided courtesy of FreshMeat
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Back page page. |
Linux links of the weekSendmail.net is apparently intended to be a community forum site for sendmail users (i.e. most of us). They have gotten off to a more ambitions start, though, featuring interviews with Tim O'Reilly, Brian Behlendorf, and, of course, Eric Allman. Over the next week they plan to add others as well: Eric Raymond, Kirk McKusik, Paul Vixie, and more. Worth a look. Michael Hammel has set up his new home at graphics-muse.com. Michael is the author of the Linux Journal "Graphics Muse" column, as well as SSC's book on the GIMP. His site contains a nice mix of writings about Linux and the GIMP, and examples of what can be done with the GIMP. Section Editor: Jon Corbet |
October 21, 1999 |
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
From: bret r robideaux <bret.r.robideaux@mail.sprint.com> Date: Fri, 15 Oct 1999 11:39:36 -0500 Subject: High Availability I am by no means an HA expert, but my present employment requires me to have a passing knowledge of the subject. 3-nines availability means, in raw numbers, that over the course of one year (31,536,000 seconds) you can expect down time that does not exceed 31,536 seconds (or 8.76 hours/year). Adding that fourth nine means dropping to under 53 minutes/year. Outages (the period of time your system is not providing the services it is expected to provide) are caused by several things: hardware failure, application failure, operating system failure as well as scheduled maintenance on hardware, applications and the operating system. Any of these outages can be included or ommitted from your calculations. Considering that M$ is not a hardware vendor, and they don't have any illusions (or seem to) of being in that market, it is not only likely, but even reasonable (believe it or not) that they completely omit hardware failures, upgrades and maintenance from their calculations. This further stands to reason because almost none of the hardware M$ products are designed to run on supports fault tolerance anyway. Therefore, it is highly likely that no outage, scheduled or unscheduled, that is due to hardware counts against their 31.5K seconds per year. This leaves operating system upgrades (application of services packs), application upgrades to account for scheduled maintenance (read: outages). Performance loss reboots, BSODs, and application crashes make up the unscheduled outages. My (limited) experience with NT suggests that rebooting an NT system once a week (whether it needs it or not) tends to significantly reduce (and even eliminate) app crashes, performance loss and BSODs. Call it 5 minutes to reboot (probably a little generous, but let's be nice) X 52 weeks/year totals 260 minutes or 4 hours and 20 minutes a year. That leaves a solid 4 hours and 25 minutes a year for scheduled outages. Even if it takes a hour to apply a service pack and another hour to apply an upgrade to the application being hosted (no one I know runs more than one major application per NT server) and you're still 2 hours under the requirement for 3-nines availability. Certified 99.9% availability seems awfully impressive until you break it down. Now it just seems rather pathetic that 3-nines is the best they could do. But really, none of that is the point. This is the point: anecdotal evidence is completely ignored in the corporate boardroom. Until we get hard evidence in this category, we're just wasting our breath in the long run. Microsoft has chosen another battle ground (setting the testing criteria and the score). To continue Linux's expansion, we have to rise to this challenge as well. Bret | ||
Date: Thu, 14 Oct 1999 02:09:45 -0700 From: Nathan Myers <ncm@nospam.cantrip.org> To: letters@lwn.net Subject: 99.9% uptime To the editor, I'd like to follow up on Mike Richardson's analysis, in which he pointed out that at 10 minutes of downtime per crash, 99.9% uptime implies a crash-per-week. If crashes happened at random times, ten minutes a week wouldn't seem too bad, if in fact the crashes resulted in no cumulative damage. After all, _most_ of the time _most_ machines aren't doing much anyway. Crashes don't happen at random times, though; they tend to happen during periods of peak load. That means if a machine crashes, it tends to crash when you most need it to be working. Seen in this light, a 99.9% uptime is as embarrassing to Microsoft as their frequent on-stage demo failures. "It only crashes during the week's peak demand" does not inspire confidence. This leads us to a working definition of an otherwise annoyingly vague term: What is an enterprise server? In marketing text the term occurs in connection with terms like "scaling" and "multiprocessor", but that confuses goals with techniques. In practice, when we talk about an enterprise server we're talking about an application where even a short failure costs more than the price of the entire system, and easily justifies throwing it out and replacing it with something better. An hour's downtime on a warship may cost billions (or worse) and a minute's downtime on a surgical monitor may cost a life. (Both of these examples are drawn from real failures.) Is Linux qualified to act as an enterprise server? Better scaling allows it to take on bigger jobs where more is at stake, but the key is still reliability. A $400 co-hosting web server that logs $2000 in business in a peak hour is an enterprise server, by this definition, and the value managed by the fleet of such machines deployed among thousands of small businesses easily matches that handled by the biggest "big iron". While individual failures may attract less attention than downtime on a massive server, their cumulative effect is the same. The difference is that such servers can be, and are being, replaced incrementally. We experience that process as growth in Linux's (and xBSDs') popularity. In short, reliability is a more important measure of "enterprise readiness" than scalability. Linux developers and users are already attuned to this fact, but Linux reliability could still improve. More code reviews (e.g. for graduate credit?) and better in-kernel monitoring and data-gathering apparatus would help. Nathan Myers ncm@nospam.cantrip.org | ||
To: letters@lwn.net Subject: RE: Gerstner's speech From: Guillaume Laurent <glaurent@worldnet.fr> Date: 14 Oct 1999 16:51:28 +0200 I'd like to respond to Walt Smith's comments on Lou Gerstner's speech. I've worked for IBM and still know a couple of IBMers, and I believe Mr Smith is quite a bit misinformed. > I don't know whether to sell my IBM stock or hope for a replacement > for Gerstner. Clearly the man is living in a different world. IBM has enjoyed its most profitable years ever under his leadership, and every IBMer agrees that without him the company would have disappeared by now. > A significant part of IBM is it's proprietary properties > and manufacturing! IBM is doing everything it can to make that part shrink, and it's succeeding. For the past three years or so, IBM has been changing a service oriented company, because they can't follow the competion in the hardware domain, be it the network appliances market (hence the recent agreement with Cisco) or the PC one. I've witnessed this in the IBM lab I used to work. Hardware oriented projects are slowly dying while the new ones are dealing with services (like SAP/R3 or IBM Global Network). I believe the whole IT industry has been witnessing it, actually. :-) > Yes, internet appliances will make an impact, but not in the way he > believes. I won't elaborate unless I get a check for consulting; > that information is very valuable to IBM's marketing!! I don't have anything to reply to this one, I just left it because it's really very funny. :-) -- Guillaume | ||
Date: Mon, 18 Oct 1999 23:47:57 -0600 From: Alan Robertson <alanr@bell-labs.com> To: pankaj_chowdhry@zd.com CC: letters@lwn.net, pcwonline@zd.com Subject: Someone to trust... This letter is in reply to your article for PCWeek online entitled: Open source meets the 'Baywatch' factor Mr. Chowdhry: I read your article with interest, but at the end found myself asking "Why do you run Microsoft code at all?" Microsoft has gotten caught multiple times putting hooks into their code to collect confidential information from their customers. This hasn't happened yet in open source projects. All Microsoft has to do is declare it as "good for Microsoft", and it's done -- and the only way you can find out is to sniff every packet on the wire, and try and figure out what they've done to you ... again... Reading the source is much easier than this, and much more entertaining... Despite the formidable difficulties associated with monitoring closed-source operating systems from the outside, Microsoft has been caught in apparent misdeeds more than once, and several bugs have been found this way. If it weren't such a serious matter, Mulder and Scully would laugh at your analysis. It appears that you don't have any idea how many layers you have to trust from the bottom to the top just to log in. OS patches are only the tiniest tip of the iceberg. For a simplified view, you can start with: Chip designers (witness Pentium III) Chip design toolmakers Compiler authors Library authors OS authors Dozens of software component authors BIOS authors router manufacturers Hardware (motherboard and card) designers Your ISP's security procedures Your ISP's trusted personnel Authentication server authors The US government Internet backbone providers Telcos And, if you use Windows: Microsoft You blindly trust all those people every day. The one you appear to trust the most (Microsoft) has a poor track record, you can't check up on them, and yet, inexplicably, you rant about Linux instead. Linux authors stand the best chance of getting caught in misdeeds, or having their mistakes corrected. Moreover, security patches ARE carefully scrutinized by more than one person before being put out. Since these people don't have any common interest, except in the security of Linux, this is very good checking indeed. You make pejorative emotional statements devoid of experience or fact concerning autorpm. Your article is filled with naïve assumptions that make it difficult for you or PC Week to to be seen as credible. The more you write commentaries full of unsubstantiated emotional appeal, the more clearly the subtext of your article says: "To read how PC Week propped the door open for Linux hackers leaving them a sign saying 'Hack Here', while carefully guarding Microsoft's reputation, click here". You're not doing yourself, PC Week, or your readers any favors here. -- Alan Robertson alanr@henge.com | ||
Date: Tue, 19 Oct 1999 16:07:00 +0200 Subject: Open source meets the 'Baywatch To: pankaj_chowdhry@zd.com Cc: editor@lwn.net From: Martin.Skjoldebrand@forumsyd.se (Martin Skjoldebrand) Dear Sir, In your article "Open source meets the 'Baywatch' factor" you write that: >Our test struck the ire of the Linux community. Most of them suggest >going to the Red Hat Web site and looking at its security page. This >solution somewhat works but flies in the face of the whole Red >Hat-is-not-Linux argument. Red Hat does offer signed versions of RPMs to >verify their authenticity, but what sort of code verification do they do? and: >And pay no attention that you have a single source to look for all >security updates. >Although I don't trust any of these [Novell, Microsoft, Sun] companies, >they give me someone to sue, or at the very least, someone to yell at. I don't really follow you. Do you mean that the fact that the NT-server was patched while the fact that the Linux server wasn't dependes on either: a/ You are too bored to download 21 files from Red Hat (or get a CD with those on), while not bored enough to download a MB-thingie off of the MS server (or order a CD with those on); or b/ You are paranoid enough to avoid Linux patches, while not nearly paranoid enough to apply Microsoft patches. Microsoft is a company you don't trust right? Open source lives by code done by all kinds of people, so if you are paranoid to trust no one you have to code your OS yourself I'm afraid. But, you do bring out a point which has been discussed before, I think. Someone may actually post malicious code on a public server. Someone did too a while back, but was spotted almost immediately. Cheers, Martin S. http://www.forumsyd.se martin.skjoldebrand@forumsyd.se Y2K? - What's so special about the year 2048? | ||