Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page
Other stuff:
Contact us
Recent features: Here is the permanent site for this page.
|
Leading items and editorialsSun misses the bus? This week got off to an interesting start with independent press releases from Caldera Systems, Red Hat, and TurboLinux, all saying that they would be shipping IBM's Java implementation with their distributions. (Red Hat gets special points for claiming to be "the first distributor" with IBM's software, despite the fact that Caldera looks like it will ship first). IBM is apparently licensing the software for free, in the hopes of getting it distributed widely. A deal with SuSE is said to be in the works as well. A high-quality Java implementation will now be a standard feature of most commercial Linux distributions. IBM's Java implementation may not be truly free, but it looks like it may now be free enough to become the de facto Java implementation for Linux systems. Sun could have taken this position at least a year ago, had it taken a more enlightened approach to licensing of its software. Now that IBM has moved into that space, Sun may find itself frozen out of a part of the Linux world. Sun looks like it may not care, at the moment. It has finally announced the availability of "free" Solaris 8 - including source code. "Free" has a purely "free beer" meaning in this context; Solaris is far from being free software. The source can not even be downloaded; it is necessary to fill out a registration form, pay $75, and get a CD. The license is quite restrictive, disallowing redistribution of any kind. A separate license is required even "to run a modified binary version of the Solaris software in your own organization." More information can be found on Sun's "Free Solaris" page. Along with this release have come some fairly defiant words from Sun - Sun will "never adopt Linux," and instead is putting everything into Solaris. Such an absolute position might have made sense two years ago. But in today's world Linux is already moving into Solaris's turf, and will likely continue to do so. Solaris may be the strongest of the proprietary Unix systems, and it certainly still outdoes Linux on a number of fronts. But we predict that (truly) free software will beat it in the end, and a number of Sun's competitors seem to think so as well. Interviews with Dirk Hohndel and Jeremy Allison The "Linux Conference '99" was held recently in Yokohama, Japan. At this conference, Maya Tamiya of our partner site ChangeLog was able to get interviews with SuSE VP and XFree86 developer Dirk Hohndel, and Samba team member Jeremy Allison. The interviews covered a wide range of topics, from business issues through to free software development. We are pleased to be able to offer the English version of these interviews, and thank ChangeLog for sending them our way. SGI has released OpenGL under an open source license; some details may be found in the press release. This release is another important step in the preparation of Linux for high-end graphics applications. It is a generous donation to the community; it should also help to preserve OpenGL as the standard interface for 3D graphics. OpenGL comes out under yet another free software license. This license is interesting to look at. It seems that SGI has a number of software patents that cover code in the OpenGL implementation. The license is thus also a patent license; without that, the code would not be usable in most situations. SGI has explicitly withheld licensing for hardware implementations: "SGI will vigorously defend our IP against any IHVs who make use of these patents in their hardware without executing a patent license with SGI." The license also does not allow API changes, and does not allow use of the OpenGL trademark. To actually use the term "OpenGL" with a program built with this software, it is necessary to buy a commercial license. Thus, it is not the freest of software licenses, but it does allow for the normal use, modification, and redistribution cases. It's probably "good enough" for most, though the patent issue is cause for some worry. The DVD case took an ugly turn with the arrest of Jon Johansen, the 16-year-old Norwegian hacker who first posted the DeCSS code. It seems that programming really can be a crime - even in Norway, where reverse engineering is supposed to be legal. If this attack on basic rights is ultimately successful, expect to see a lot more like it. Those who want to read more about the basic freedom issues here may want to have a look at the Global Internet Liberty Campaign Member Statement on this case. Meanwhile, an interesting turn in the case may be seen in this News.com article. It seems that the DVDCCA included the DeCSS code as part of the open court records, and left it that way for two weeks. In other words, they have now publicly posted their own alleged trade secret - the very act they are suing others for. It remains to be seen whether they have seriously compromised their case, but the possibility apparently exists. The LinuxWorld Conference and Expo is next week, in New York City. The usual speakers and exhibitors will be there; the exhibit floor promises to be the largest one yet. LWN will be there - without a booth - and hopefully able to turn in some interesting reports from the event. Also next week is Linux Expo Paris. Speakers include Richard Stallman, Dirk Hohndel, Michael Cowpland, Bernard Lang, Peter Braam, Jeremy Allison, Miguel de Icaza, and others. LWN turns two. The very first LWN weekly summary came out on January 22, 1998. That makes us two years old. A lot has happened in that time - and we're looking forward to all that is yet to come. Thanks for two great years; nobody could ever ask for a better community of readers. Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
January 27, 2000
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Security page. |
SecurityNews and editorialsImproving the Linux security model. Theo de Raadt, a member of the OpenBSD team, had some comments on the effectiveness of the "open source" security model, when not coupled with dedicated staff actually responsible for producing fixes for security problems in a timely manner.Tom Reed:This quote was not reproduced in order to cause bad feelings. It is unfair to the work that has been produced by some of the security projects we've followed. Yet, they have failed to resolve the larger problem. For example, Theo goes on to point out that the problems fixed in that Red Hat's recent update to lpd were originally reported in this advisory, dated ... October of 1997? Ouch. This does not change the point that having source code available is a critical and necessary part of the process. However, it is not sufficient to guarantee good security, not unless people consistently track down, update and repair problems. This is a problem with security that we've seen for a long time. Busy people have good intentions, can do the right thing even most of the time, but with security, being lax even in one instance can leave you vulnerable, making the effort you did put into security go to waste. In this particular area, relying on unpaid volunteers to handle the problem is irresponsible. Yes, many people, both paid and unpaid, will work together to find security problems, but the companies that are making money from putting their name on the operating systems we use have a responsibility to see that work to get the problems fixed, in a timely manner, happens. It also needs to happen consistently across all Linux distributions. OpenBSD is acknowledged to be doing a better job; what can we learn from that and apply to Linux?
To demonstrate how important this is,
Microsoft has
announced a serious
commitment to clean up their act in regards to security.
Security Reportsqpopper. [BugTraq ID, January 26th, 2000]. A remotely exploitable buffer overflow in qpopper 3.X has been reported. A temporary patch has been available, but no official update has yet been posted.BSD /proc vulnerability. [BugTraq ID, January 21st, 2000]. Local users can get access to root. Patches have been made available for FreeBSD and OpenBSD. vpopmail (vchkpw). [BugTraq ID, January 21st, 2000]. vpopmail (vchkpw) versions prior to 3.4.11e are vulnerable to a remote buffer overflow attack in the password authentication of vpopmail. The problem has been fixed in the latest version, available from Inter7. Note that this problem was originally, erroneously, labeled a "qmail-pop" vulnerability. DNS hijacking. [BugTraq ID, January 23rd, 2000]. The insecurity of the current DNS system again comes under discussion, this time illustrated by this posting by Dan Bernstein. As summarized in the BugTraq vulnerability entry, "DNS is built upon levels of trust, and by exploiting single points of failure in this trust system ... By consecutively performing these cache attacks, it could be possible for an attacker to entirely take over name service for any given domain." No solution for this problem is currently available. VMware. [BugTraq ID, January 21, 2000. A /tmp symlink vulnerability has been identified. No vendor-supplied fix has been reported, but the software does allow the use of an alternate directory for temporary files. Using that feature, along with a directory with restricted write privileges, is highly recommended. UpdatesRed Hat security update to majordomo. Red Hat has issued an update to majordomo (which appears in the "Powertools" product). For information on the problems that have been fixed, see BugTraq ID 902 (December 28th, 1999) and BugTraq ID 903 (December 29th, 1999). The updated RPMs provided by Red Hat upgrade the package to 1.94-5. An upgrade is recommended.Also check out this note which outlines steps to protect the directory in which the majordomo code lives which should be taken if you are using majordomo. Resourcesconnlogd. Alec Kosky's TCP & UDP connection logger, connlogd, is now available via ftp.EventsNew Security Paradigms Workshop 2000. The Call-For-Papers for the New Security Paradigms Workshop, scheduled for September 19 - 21, 2000, Ballycotton, County Cork, Ireland, has been released. Note that the workshop is limited to authors of accepted papers and the conference organizers. "The New Security Paradigms Workshop is highly interactive in nature. Authors are encouraged to present ideas that might be considered risky in some other forum. All participants are charged with providing feedback in a constructive manner. The resulting brainstorming environment has proven to be an excellent medium for furthering the development of these ideas. The proceedings, published after the workshop, have consistently benefited from the inclusion of workshop feedback."Section Editor: Liz Coolbaugh |
January 27, 2000
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is 2.3.40. The changes in this release are as described last week, with the addition of drivers for Moxa serial cards. There is a 2.3.41 prepatch available (in its third revision as of this writing). It contains a bunch of Sparc fixes, a driver for 3ware storage controllers, some SCSI code reorganization, an IBM USB camera driver (and many other USB changes), and a large number of networking tweaks. The current stable kernel release remains 2.2.14. The 2.2.15 prepatch is up to 2.2.15pre4. Messing with the scheduler has been a topic of discussion as a result of the now-famous IBM paper on the scheduling of Java threads in Linux. The authors of the paper had found that, when large number of threads are contending for the CPU, the Linux kernel spends a great deal of time (up to 20%) in the scheduler. Two reasons were found for the problem. The first has to do with the ordering of the fields in the task_struct structure, which describes processes in the kernel. By rearranging the fields in this (large) structure, the IBM folks were able to obtain improved cache behavior in the scheduler, and thus improve its performance. This patch is relatively straightforward, and was incorporated into kernel 2.3.39. The other problem is that the scheduler, at every switch, goes through the entire queue of runnable processes and calculates a "goodness" value for each one. The "goodest" process then gets to run. When the run queue is short (as is usually the case), the cost of this calculation is small. When the queue is long, however, it gets to be significant. Leading the "fix the scheduler" charge is Davide Libenzi, who has posted a patch which keeps processes in the run queue clustered by their "goodness" value. When the run queue is organized in this way, it is no longer necessary to pass through the entire queue to pick the next process to run. The result is better performance under high loads. There is, however, very little consensus on whether this optimization is necessary or desirable. The fear that most people have is that, by optimizing the scheduler for high loads, the patch will make life worse in the low-load case. Since low loads are the usual condition for most systems out there, most users would end up being worse off. Even the question of whether the high-load case is worth optimizing for is controversial. Numerous people make the point that large numbers of threads lead to poor cache usage and poor performance in general. No amount of scheduler tweaking can make up for bad cache behavior. The claim has been made that it is always much better to rewrite the application in a non-threaded mode; the best performance will be achieved in this way, and there is no need to mess with the scheduler. The real point here is just how expensive cache misses really are. A single cache miss can stall the processor for dozens of clock cycles. That cost is so high that it can easily outweigh any advantages gained through additional parallelism in a multi-threaded application - even on multiprocessor systems. As long as memory speeds lag processor speeds, improving performance by splitting tasks across threads will be hard to do. The challenge has been thrown to proponents of highly-threaded applications to recode their programs in a single-threaded mode. The challengers believe that the recoded version will perform better; if not, it will be time to revisit the scheduler question. Until such a time, it's unlikely that any scheduler changes will get into the kernel. Another file_operations change? Abramo Bagnara of the ALSA Project has posted a proposal for an interface change which would add "readv" and "writev" methods to the file_operations structure. Since this structure is central to the Linux device driver interface, such a change can have widespread implications. The block device changes have already changed file_operations once in this time of alleged feature freeze; is it really appropriate to change the kernel API again at this late date? The answer might just be "yes." The readv and writev system calls are used for "scatter/gather" I/O, where the data moves from or to multiple distinct areas of memory. The Linux kernel, thus far, simply turns each segment of a readv or writev operation into a separate read or write for the underlying device driver or file system (except for sockets, which can already handle readv and writev). It turns out that some devices - sound cards, in particular - do not work well this way. The I/O requirements of some of these devices can be quite complicated, and problems can arise when I/O operations are split apart before the driver sees them. If, instead, readv and writev are passed straight through to the driver, reliable, low-latency audio becomes much easier to implement. The change is not difficult, and can be done in a way that does not require changes in any other drivers. Only those which can make use of the new operations would need to be modified, and that can happen whenever the driver maintainer gets around to it. Given the benefits and relatively low risk, this change might go in even this late in the development cycle. Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
January 27, 2000
For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Distributions page. |
DistributionsPlease note that security updates from the various distributions are covered in the security section. Distribution Link updates: thanks to our readers!. In response to our request last week, we received updated links for several distributions for which our own links had grown stale. That includes Eurielec Linux, now to be found at http://www.eurielec.etsit.upm.es/linux/ (thanks to Fernando Herrera de las Heras and Jesus Ortega). Linux Pro Plus, actually one of the older distributions out there, can still be found at http://www.LinuxPro.com and is still for sale over at the Linux Mall, though its long-term future is apparently uncertain. No updates were received for CCLinux, Eonova, Linux-Kheops or nanoLinux II, so they have been removed from our list. Red Flag Linux: Web site now available. In response to the question in some people's minds as to whether the Red Flag Linux distribution in China that we mentioned again last week actually existed, Dominic Beecher was kind enough to point out that the website http://www.redflag-linux.com/ is up and running as of January 18th. It is, of course, in Chinese, so our personal knowledge of the distribution has not greatly increased. "There's quite a detailed page about version 1.0 (apparently based on Red Hat Linux version 6.0), and a shorter page with information about changes and improvements made in version 1.1 which is coming soon. There are also links to a downloads page (which I haven't tried, so can't guarantee that it'll work)," commented Dominic. New Distribution of the Week: ThinLinux. Jack van den Akker wrote to inform us of a new Linux Distribution from the FirePlug Consulting Group. ThinLinux is a "ThinLinux is a general toolset which can be used to do almost anything. Packages which will install and run under the ThinLinux system might include things such as stand alone firewalls, dedicated camera servers, MP3 players, X-10 controllers, to custom device facilities for any number of interesting applications." Jack was also kind enough to respond to a number of our questions about ThinLinux in this quasi-interview. Embedix 1.0 ships. Lineo has announced that version 1.0 of Embedix - its version of OpenLinux aimed at embedded systems - has begun shipping. Also announced was "Embedix PDA," a compatibility layer on top of Embedix which facilitates the porting of Windows CE code. Note that Embedix is a "licensed" version of Linux, meaning that it contains proprietary software which requires a license to be purchased in order to be used. The non-proprietary portions of Embedix are available for download. For more information, see the LinuxDevices.com interview with Lineo CEO, Brian Sparks. The LNX System. The LNX System is another new distribution in development; it aims "to be a well-engineered and well-documented system, which attempts to draw from the best practices of other systems, and develop better practices where only poor ones exist." Like any such project, it's looking for developers to help out; see the announcement for details on what they are up to. Corel LinuxCorel Linux a Hit. Corel Linux is a hit worldwide according to this press release from Corel Corporation.Corel Linux: for your desktop (MSNBC). MSNBC reviews Corel Linux. "COREL LINUX is terrific. Not perfect, but terrific. If you've been waiting to try Linux on your home computer, you've now run out of excuses. You put in the CD and reboot your machine and Corel does the rest." Debian GNU/LinuxNo nominations received. Currently, no nominations have been received for the post of Debian Project Leader for the next year. The nomination period will extend for a little over one more week. This is one difficulty with a system where people must nominate themselves ... and have a clear idea of the consequence of doing so!VA.debian.org will no longer be mirroring the Debian ftp archive, due to space constraints, according to this note. If you are using that mirror, you will want to redirect your system to some alternative. MastodonMastodon INST0050 has been announced. This distribution, supported by David Parsons, strives to assure that a.out lives on.You may be asking ... So, just what ARE you talking about here? Mastodon is Yet Another Linux Distribution, but it's not like any of the others. Mastodon offers: Spiro LinuxSPIRO-Linux WETMINtS is a Web-Enabled Telephone Administration System for Linux, released under the GPL, that has been announced. "Using WETMINtS you can configure DNS, Samba, NFS, local/remote filesystems and more using your Web- Enabled cellular phone. WETMINtS is simple web enabled cellular phone software, and consists of a number of CGI programs which directly update system files. WETMINtS supports all SPIRO-Linux and other linux operating systems." They are also looking for volunteers to help with the WETMINtS project.SuSE LinuxSuSE 6.3 vs. Redhat 6.1 (EmuTech2000). EmuTech2000 has put up a comparative review of Red Hat 6.1 and SuSE Linux 6.3. "The SuSE Linux 6.3 Package came with a 480+ page manual, 6 CD's, 2 boot-disks and 2 lovely 'Powered by SuSE Linux' Stickers:) The Redhat Linux 6.1 Package came with 3 manuals, which when combined are over 900 pages long, 4 CD's, 1 boot-disk, 6 lovely 'Powered by Redhat Linux' stickers and 1 large www.redhat.com sticker, which was not so lovely:)" Final score: 7 to 6, in favor of SuSE (on a scale of 10). Clearly, though, areas for improvement were found in both ...Section Editor: Liz Coolbaugh |
January 27, 2000
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Development page. |
Development projectsBrowsersArticle on Mozilla. WebMonkey has a really nice article about Communicator 5, Mozilla, and the importance of standards. "Communicator 5 (aka Mozilla) is one of the most highly anticipated releases in browser history. Yes, there's been much hoopla about its open-source development and Gecko, its powerful layout engine. But the real kicker is that it promises to be the most standards-compliant major browser ever. "Mozilla M13 has been released. M13 was announced yesterday, January 26th, 2000. The release notes don't really make it clear what exactly has been improved in M13. It is early days yet, but it doesn't look like M13 is necessarily better than M12 in all ways ... the less brave may want to wait for M14. EducationSEUL-EDU Linux in education report #4. The fourth SEUL-EDU Linux in Education report is now available. Covered topics include Dr. Genius and the Free Physics Project.Linux Knowledge Base weekly report. Here is the latest weekly report from the Linux Knowledge Base project. They are scrambling over there as they go for their February 1 release. LinuxForKids. This week, LinuxForKids points people toward Lincity, recent Slashdot discussions about games and the advantages of the latest versions of The Gimp. GamesShadowbane for Linux petition. We got in this note about an electronic petition asking that Wolfpack Studios make its "Shadowbane" multiplayer game available for Linux. Evidently Wolfpack is thinking about it, but doesn't see enough interest from the Linux community. If you would like to see this product made available for Linux, it's time to express that interest.High AvailabilityLinux-HA website updates. Links to a new Apache module for high-available and the netsaint network monitoring software have been added to the Linux-HA website.Office ToolsGimp 1.1.15. The latest version of The Gimp has been released. This is an unstable, developer-only release. The Gimp Kernel-Cousin. This week's Gimp Kernel-Cousin was published January 21st, 2000.On the DesktopThe State of GNOME Address. Miguel's latest comments on the status of Gnome and its future, along with user comments, was released January 21st, 2000. It is an excellent overview and covers a lot of ground, including the priorities that will be used to focus effort. "As Maddog likes to say, lets not think about the little percentage of people who have chosen an operating system so far. Lets think about the rest of the population that has never used a computer: we need to make GNOME accessible to them, and make it their desktop of choice."This week's Gnome Summary. Havoc Pennington's Gnome Summary for January 18th through the 26th indicates that a new stable release of Gnome is planned for this spring, and talks in detail about their planned policy for new major releases. It will be interesting to see how well it works, to contrast with problems experienced by other large, free software projects, such as Debian. Gnome Projects of the Week. Three new projects of the week have been suggested, including one marked "unofficial". gnome-applets, gnumeric and gPhoto are the packages involved. They look quite inviting, for someone wishing to get their "feet wet" in Gnome development ... KDE's KUML. KUML is a Virtual Unified Modeling Language Designer for KDE being developed by the KUML team, led by Darius Stachow. Still under development, the website contains information on the features that have been implemented so far. Website DevelopmentMidgard Weekly Summary. Easier access to updated versions of the Midgard manual, news on the port of Midgard to Windows and RPMs for SuSE are covered in this week's Midgard Weekly Summary, covering news for this web application development and publishing platform.A Zope Primer (Byte). Byte's Jon Udell looks at the Zope calendar tag. "Like a lot of object-oriented systems, notably Smalltalk, Zope can give you tremendous leverage once you figure out how it's put together, but getting to that point can be a real challenge. I hope this example will help someone else get there a bit quicker than I did." WineWine Weekly News The Wine Weekly News for January 24th, 2000, indicates that a firm decision has been made to move Wine to using the MIT X11 license instead of the original Wine license. All Wine authors are asked to send email to Alexandre Julliard to indicate acceptance of the new license.Address space separation. The WWN also indicated that work has begun on creating a separate address space for each process that runs under Wine, both for security and for issues of running DLLs that do not have relocation records. Section Editor: Liz Coolbaugh |
January 27, 2000
|
|
Development toolsJavaBlackdown Java-Linux FAQ. An updated version of the java-linux@java.blackdown.org FAQ has been posted.Blackdown JCK Status. The status of the JCK testing progress for the JDK 1.2.2 has been updated this week. It looks like considerable progress has been made, but a few problems remain for the x86 port and others. 1.2.2-RC4 will be released this week! is a comment posted to the Blackdown 1.2.2 Port Status Page on January 24th, 2000. PerlBook Review: Elements of Programming with Perl. David H. Adler has written this review of Elements of Programming with Perl, by Andrew Johnson. "It seems quite clear that Johnson's is the first book that you would want to actually recommend to those people who say 'I've heard about this \"pearl\" thing, where can I learn more' without worrying that they'll have to be entirely retrained afterwards. "PHPPHP developers conference report. Here is a report from the first PHP Developers Conference. It includes the establishment of milestones for the long-awaited PHP 4.0 release, a decision to bundle the MySQL library with PHP 4.0, and ideas for future PHP developments.PythonThis week's Python-URL. Here is Dr. Dobb's Python-URL for January 24. It mentions the beginning of the 8th International Python Conference, and lots of other Python development topics.Jpython 1.1 final has been released. Check the JPython News page for more details. Tcl/tkDr. Dobbs' Tcl-URL!. This week's Tcl-URL! covers the release of WaveSurfer 9.9, the most efficient way to count the number of like elements in a list, manipulating URLs in AOLServer and a TclXML tutorial. Jeffrey Hobbs is this week's editor.Section Editor: Liz Coolbaugh | |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Commerce page. |
Linux and businessThe Journal of Linux Technology. O'Reilly and VA Linux Systems have announced a new publication, the "Journal of Linux Technology" (which inevitably is shortened to "JOLT"). The Journal looks to be a highly technical publication, most certainly not aimed at the newbie crowd. The four articles in the first issue, which concentrates on clustering and will be available at LinuxWorld, are:
VA has also announced its new "Linux Without Limits" branding campaign, and a partnership with HP to develop printing solutions that run under Linux. Red Hat to bundle Computer Associates' software. Red Hat and Computer Associates have announced a deal wherein Red Hat will bundle Computer Associates' "enterprise management" software in the Red Hat Enterprise Edition. Red Hat's Enterprise Edition is getting to be a fairly large product; other items like IBM's Java implementation and the CCVS credit card processing system are ending up there. This edition - which is getting pretty far from the "pure open source" roots - is clearly intended to enable Red Hat to raise the price of the distribution. It makes sense; many corporate customers are willing to pay well above $40 for an operating system, especially if they get some nice added goodies with it. Collab.Net to build e-speak site. Collab.Net has announced that it has an agreement with HP to build and operate the open source development infrastructure for HP's e-speak system. The infrastructure includes a lot of the usual stuff: a CVS repository, BugZilla, mailing lists, etc. In other words, it looks an awful lot like Collab.Net is setting itself up as a sort of SourceForge for larger, paying customers. They will likely do well; as corporations get into open source development, they will need a lot of help setting up and managing the process. Collab.Net has also announced the hiring of a few new managers - including Frank Hecker as "Systems Engineering Manager." SuSE announces new US management team. SuSE has announced a restructuring of its management team in the US, following the departure of Marc Torres. Linsight appoints co-director. Dave Whitinger's Linsight effort has announced the appointment of E.J. Wells as co-director. (Legal) DVD playback for Linux will soon be available, according to this announcement from Sigma Designs. Sigma is evidently about to introduce the new "NetStream 2000" card which will include a (closed source) Linux driver. No word on just when... There is a newsgroup (REALmagic.linux) on news.sigmadesigns.com for those who want to follow the topic. (Thanks to David Decotigny). eLinux.com to debut. Creative Computers has announced the upcoming launch of its eLinux.com site, which "will provide the Linux community with a single source for products, news, discussion groups, services, support and information." Wave Technologies announces Linux exams. Wave Technologies has announced a set of Linux professional certification exams. These are, of course, the exams inherited from Wave's recent acquisition of SAIR. MyHelpDesk.com announces Linux help directories MyHelpDesk.com has announced a set of Linux help directories covering 20 distributions. Linux wannabe press release of the week. This week's Linux wannabe press release comes from Vitamins.com. We now know that "Vitamins.com has further distinguished itself in the competitive Internet health industry race by being one of the first to integrate the Linux Operating System, produced by Red Hat, the leading developer and provider of open source software solutions." They also inform the world that "All software except Oracle is Freeware" and "Language is written in Perl, and Java applets." Are we impressed yet? It is interesting that a number of these releases not only name Red Hat, but identify it as "the leading developer and provider of open source software solutions." The chances of Vitamins.com deciding by itself to include such a phrase in a press release seem fairly small... Section Editor: Jon Corbet.
Press Releases:
Section Editor: Rebecca Sobol. |
January 27, 2000
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Linux in the news page. |
Linux in the newsRecommended Reading: The Red Herring ran this article about the upcoming Solaris 8 release. "In a move aimed at Linux, Sun said it will announce Wednesday that it is making the source code for its new Solaris 8 operating system 'open.' Webster's has lots of definitions for the word, including 'not sealed, fastened, or locked.' But when you dig into the details of Sun's announcement, you'll find that what it is offering doesn't come close to meeting the dictionary's definition, let alone that of the open-source movement." Transmeta: Upside looks at why Transmeta employs Linus Torvalds. "Now that Torvalds' true role at Transmeta has been revealed -- he is co-architect for Crusoe's embedded 'code morphing' software technology and chief developer of the 'mobile Linux' default operating system for the low cost TM 3120 chip -- it's a bit easier to identify the Transmeta-Linux connection." Here's a News.com article about Transmeta and its Linux plans. "Torvalds and other Transmeta programmers have been working on several improvements to Linux for small devices, rather than competing in the growing market for server-based products. 'We're not competing against Red Hat or anything,' said chief executive Dave Ditzel, referring to the leading seller of Linux. 'We're helping people craft and put it together.'" CNN covers Transmeta's announcement. "'Transmeta has all the technical pieces to enable computer manufacturers to very quickly bring entire products to market,' [Transmeta CEO] Ditzel said. Those pieces include modified versions of a mobile version of the Linux operating system, he said." (Thanks to Jonathan Day) PC Week ran this article on how Transmeta's "Mobile Linux" is not ready yet. "If Mobile Linux had been ready to launch last week, there may have been less hype around Transmeta Corp.'s Crusoe processor and more excitement about the operating system that will run on it." Salon has posted perhaps the best article on Transmeta's unveiling that we have seen yet. "One of the possible Crusoe-incorporating products demoed at the Transmeta press conference was a sample 'Web pad,' a flat slate about the size of an 8-by-11 sheet of paper. Essentially a portable Web browser running on a very compact version of the Linux-based operating system, the Web pad looked less like a computer than a really high-powered Etch-a-Sketch. But it was hard to imagine not wanting one." The Register points out that few people thought to ask which distribution was used to create the "Mobile Linux" that runs on Transmeta's new chip. According to them, Transmeta used Debian for this application. "Not only is this a vote of confidence in Debian - it's as near to being sanctified as a distro can get - but it might close the gap between the high technical regard in which Debian is held, and the general punters' ignorance of its existence." Here's an osOpinion piece which speculates that the Transmeta CPU could be used to create a computer capable of running encrypted code. "Even if you have the hardware resources to tap into the CPU cache and extract the true program code you cannot do much with the results as you have to re-encrypt the code for each new PC it has to run on but you can't re-create the original digital signature!" Solaris 8: News.com ran this article about the upcoming release of Solaris 8; it talks as much about Linux as about Solaris. "Among the debut's highlights will be Sun's adoption of some Linux principles, according to people familiar with the company's plans. The Palo Alto, Calif.-based computer maker will eliminate licensing fees and make its 'source code,' or underlying programming instructions, available to customers, these people said." Here's ZDNet's take on the Solaris 8 release. "Microsoft's not Sun's only worry. Sun must fend off growing encroachments by Linux, which not only is free but also is becoming more robust with help from Sun competitors IBM, Intel and Hewlett-Packard. Sun President Ed Zander told financial analysts last week that Sun will never adopt Linux as its operating system but will instead 'put every ounce of R&D we have into Solaris.'" Internet Week covers the Solaris source release. "Because of the difference between community source and open source, the change to community source is likely to have little impact, said George Weiss, an analyst with GartnerGroup. 'I don't expect that Sun will get the benefit of the open source community,' Weiss said. 'It's a psychological counter-offensive to the Linux or open source philosophy.'" IBM: The Red Herring looks at IBM's recent moves as a direct attack on Sun. "In aggressively chasing Sun in the Unix market, IBM also plans to milk the open source phenomenon. 'We'll have Linux running across all our server platforms by the end of this year,' Mr. [IBM VP] Palmisano promised the crowd." Sm@rt Reseller reports on IBM's Java licensing deals. "The wheeling and dealing isn't done yet. Sources close to IBM say IBM is likely to sign a Java deal with SuSE, the last of the four major Linux server distributors, shortly." Bloomberg looks at IBM's deal with Red Hat, TurboLinux, and Caldera. "IBM is licensing the software to the distributors for free. The company hopes the agreements will pay off by making Linux even easier to use for Internet sites. IBM can then sell computers, software and services for these sites." (Found in Portalux News). Reviews:
Arne W. Flones shares his his
experience with his Netwinder and his first experiement with
booting a system diskless. "I set up the server and pointed the
NetWinder's BIOS towards the new NetWinder kernel and disk image
stored on my PII. I told it to reboot.
It was amazing. The network adapter lights were flashing like crazy
and the familiar, and very comforting, kernel messages were again
flashing across the display. I was very soon looking at a Linux login
prompt. CPU Review plays with a 1GHz Athlon system. "The kernel was built in 2 minutes and 23.64 seconds!" Network World Fusion compares several network operating systems. "We found the latest release of Red Hat's commercial Linux bundle led the list for flexibility because its modular design lets you pare down the operating system to suit the task at hand. Additionally, you can create scripts out of multiple Linux commands to automate tasks across a distributed environment." (Thanks to M. Leo Cooper). This osOpinion piece looks at the good and bad parts of a few different operating systems. "Documentation in the Linux world is atrocious. It's not a simple case of RTFM (Read-The-Flaming-Manual), but tracking down sometimes half-a-dozen man (short for manual) pages full of incredibly terse, obtuse, programmer-speak (and which often say things like 'This man page is no longer maintained, check the info pages instead')." Interviews: LinuxDevices.com has interviewed Brian Sparks regarding Lineo's recent decision to release their Embedix Linux distribution under a per-system license scheme. "Sparks: Of course, the GPL portions of Embedix Linux can be reproduced freely by anyone. However, our Embedix Linux distribution also includes a number of proprietary non-GPL software modules from both Lineo and 3rd parties . These are what we are licensing." CPU Review talks with nVidia about its collaboration with SGI and VA Linux to produce an OpenGL implementation for Linux. "Since the future product is a result of the collaboration, we have not yet determined an Open Source strategy. We will let you know the details at a future time." Business: News.com reports on the release of Embedix 1.0. "Lineo hopes to make money by selling not only its Embedix product, for which the company will charge royalties, but also from higher-level software such as a Web browser and a software development kit to make it easier to create programs running on Embedix. Embedix also is available on CD-ROM for $30. While Embedix is available as a free download, the software may not be resold, Lineo said." Here's an M2PR article about Red Hat's "6.1 Professional Package." "Developed in Germany, the new Professional package is the first commercial version available internationally outside of the US and is not restricted by US encryption laws." The E-Commerce Times reports on Caldera's eServer announcement. "The Caldera OpenLinux-based eServer 2.3 is set to officially debut next week at the LinuxWorld Expo in New York City. It will include IBM's VisualAge for Java and the WebSphere Application Server Standard Edition for Linux, helping the product to streamline the process of creating an online presence." Inter@ctive Investor ponders SGI's Linux plans. "Linux isn't likely to dress up SGI shares, but that doesn't mean the operating system won't be a big part of SGI's future. The company recently announced it is working on bringing Linux to its high-end graphics customers. SGI also owns a nice chunk of VA Linux (Nasdaq: LNUX), which was worth $268 million as of Dec. 31." Individual Investor is not entirely impressed with Corel's latest result. There are some bright spots, though: "Some back-of-the-envelope calculations suggest that Corel's Linux revenue currently accounts for roughly 5% of the total revenue. Cowpland?s five-year goal is for Linux to account for 50% of Corel's revenue. With the Linux OS doing $3.2 million in just three weeks, we think this target is well within reason." Here's an article in Sm@rt Reseller about Linuxcare's IPO filing. "While stock prices have yet to be set, sources close to the company indicate they expect a price in the $19 to $21 range. It is expected that, following the lead of the first true Linux IPOs--Red Hat and VALinux--LinuxCare will issue stock options to significant open-source developers." News.com covers Linuxcare's IPO filing. "The announcement may indicate a change of philosophy at Linuxcare, which earlier indicated that it didn't expect to go public any time soon. But its competitors have increasing amounts of money to spend on expansion, and some analysts have said the current Wall Street fondness for Linux may not last." The Fox Market Wire looks at Linux IPOs. "While companies like Caldera and Red Hat are marketing their own versions of Linux operating systems, Linuxcare, Inc., is gambling that the future of the industry is not in selling boxed versions of the software. After all, the source code is free to whoever wants it. Rather, the future will be in helping those who must learn how it works." Here's a Reuters article about upcoming Linux IPOs. "However, one upcoming IPO has raised many questions in the Linux community, with the filing from LinuxOne of Mountain View, Calif., which initially filed without an underwriter." Finally: ZDNet UK ran this article about free application servers. "...surprisingly both Zope and Midgard were spawned by commercial projects, rather than the academic or utilitarian efforts that gave rise to Linux and Apache." (Thanks to Henri Bergius). News.com looks at the latest developments in the DVD case. "The judge did not go as far as banning sites from linking to other sites that contain the [DeCSS] program or information about it, however." Here is a long article in the Linux Journal about the release of Kevin Mitnick, and about Linux and crackers in general. "Everyone knows the press is stupid and intentionally misunderstands things for the sake of a more palatable story. However, Linux hackers, open source advocates, free software enthusiasts and, I'll say it at the risk of offending a whole lot of people, hackers across the board, would do well to understand each other, and stop laughing when tragedy befalls people like Kevin." (Thanks to Dave Finton). The latest 'Dear Lina' column on Linuxcare's site looks at managing upgrades and the role of the lost+found directory. "So, if you ever see anything in your lost+found directories, you should check what it is right away! It could be those four hours of work that you were pretty sure had been saved, when your dog decided to get all lovey-dovey with the power cord and yanked it. Oopsie!" The results from LinuxDevices' latest survey, describing people's plans for upcoming products using Linux, are worth checking out. For example, "Question 3: What hardware platform do you expect to use? -- interestingly, there was a two-way tie between "PC/104 or EBX" and "custom non-PC architecture" for first place (at 26% each); next, came "custom PC architecture" (at 22%); fourth place was occupied by standard desktop-PC motherboards (at 15%)," might come as a surprise to some. ZDNet UK reports on the warnings of Eugene Kaspersky. Mr. Kaspersky says that a wave of Linux viruses is on its way from China. "According to Kaspersky, Linux poses a new challenge for virus-fighters because its open source-code will put viruses-writers at a distinct advantage." Oh, yes, Mr. Kaspersky is in the anti-virus business. Information Week ran this column questioning the enterprise-readiness of Linux. "...looking at the near-term benefits of deploying Linux as a strategic initiative as opposed to the relative dearth of important management applications and the potential for a stunting of Linux's growth, I wouldn't bet the farm on Linux quite yet." Section Editor: Rebecca Sobol |
January 27, 2000 |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Announcements page. |
AnnouncementsResourcesRob Slade sent us this reveiw of "UNIX System Security Tools", by Seth Ross.Here is an issue of Gregory Aharonian's PATNEWS newsletter which describes a novel approach to dealing with software patents - and bogus patents in general. He has figured out an amusing way to turn patent-busting into a profit-making venture, worth a read. (Thanks to St fane Fermigier). EventsMichael Hammel has sent out a reminder notice about the Linux Writers and Publishers BOF session which will be held at the LinuxWorld Conference and Expo next week. Quite a few writers and publishers both will be there (LWN included); it looks like a an especially good place for those interested in writing about Linux and looking for a publisher. A one-day Beowulf computing meeting will be held on February 10, in London. Attendance is free, but pre-registration is required.
Here's an announcement for the Embedded Systems Conference (ESC) Spring, AUUG2K will be held in Canberra, Australia on June 28-30, 2000. There is currently a call for papers out; the theme is "enterprise security; enterprise Linux." The deadline for submissions is April 14. Web sitesEBIZ Enterprises Inc. announced the launch of Linux Lab, providing technical support to Linux users.User Group NewsThe Roanoke Valley and Virginia Tech Linux User's Groups announced the Southwest VA Linux Day 2000 on February 19th.On March 18th, 2000 the Simi Conejo Linux Users Group will hold its second annual LUGFest in Simi Valley, CA. Information regarding this event is available at our web page, http://lugfest.sclug.org. |
January 27, 2000
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software Announcements
|
Our software announcements are provided courtesy of FreshMeat
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Back page page. |
Linux links of the weekGeoCrawler bills itself as "The Knowledge Archive." What it really is is an extensive archive of mailing lists oriented around free software. It lacks a nice threaded browsing interface, but it can be useful when searching for something specific. How about another distribution? GeekLinux is a new distribution seemingly aimed at relatively technical users. They plan to offer the biggest selection of packages, be security oriented, and so on. They are trying for a release by LinuxWorld (next week). Section Editor: Jon Corbet |
January 27, 2000 |
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Thu, 20 Jan 2000 01:22:14 -0600 (CST) From: Dave Finton <surazal@nerp.net> To: Chris_Browne@amrcorp.com Subject: Thoughts on Kermit I read your letter in LWN's weekly news. It's a good read, but I thought I'd clarify a matter or two with one statement you made: > This is extremely encouraging; Kermit has a long history of being > an exceptionally good data transfer system. It used to be the one of > the best interoperability systems to transfer data between UNIX, DOS, > VMS, and mainframe systems. The popularity of TCP/IP and decline of > widespread mainframe use has diminished the value somewhat (who uses > non-TCP/IP networking anymore?), but I'm pleased to see it able to be > used with Linux. Think: cell phones, pagers, automated phone servicing (hypothetically). I worked for a company that used a little C script that called a kermit script that would page the network admin in case any of the servers went down. The page would go out with the IP address of the server in question. It worked beautifully (except when it would page us when we'd rather not fix broken machines, like over breakfast :^). The whole world isn't TCP/IP. In fact there is enough "obsolete" networking out there (i.e. the phone system) where the inclusion of KERMIT can help Linux launch itself into more than a few key markets. Now that it is more-or-less free (and there's a free version besides) I might take a look into it a bit more to see if I can do any neat stuff with it. :^P - Dave Finton --------------------------------------------------------- | If an infinite number of monkeys typed randomly at | | an infinite number of typewriters for an infinite | | amount of time, they would eventually type out | | this sentencdfjg sd84wUUlksaWQE~kd ::. | | ----------------------------------------------------- | | Name: Dave Finton | | E-mail: surazal@nerp.net | | Web Page: http://surazal.nerp.net/ | --------------------------------------------------------- | ||
Date: Thu, 20 Jan 2000 09:15:18 -0800 From: Pascal Martin <pascal.martin@iname.com> To: letters@lwn.net Subject: Transmeta conspiracy I don't know if you noticed, but the Transmeta's story is more and more looking like a scenario for the X-Files serie: 1- A highly secretive company, with seemingly unlimited funds, hire the best brains of Silicon Valley (beside Linus..) and work for years on unidentified projects. 2- Obscure forces in the stock markets organize a Linux stock hype, hitting the billion dollars level, with no identified profit to talk about. 3- At the hypest moment, Transmeta takes the market by storm in a highly publicized show, boasting "PC hardware for Linux". Sounds like Hollywood has been outdone here :-). Beside that, I want a Transmeta-powered laptop. Vendor, anyone ? ------------------------------------------------------------------ Pascal F. Martin. | ||
Date: Thu, 20 Jan 2000 17:37:14 -0500 From: Tom Kreutz <kreutz@Princeton.EDU> To: letters@lwn.net Subject: Jerome Loisel's vituperation Hi, I believe that you do yourself a dis-service by posting the letter from Jerome Loisel, which trashes Nikolai Bezroukov's critique of "The Cathedral and the Bazaar". I thought that the latter was pretty well reasoned and highlighted some of the weaker points in Eric Raymond's excellent treatise. On the other hand, Jerome Loisel's rant seemed pretty pointless. By the way, thanks for running a fabulous site! I read it eagerly each week. Tom Kreutz Dr. Thomas G. Kreutz Center for Energy and Environmental Studies Princeton University H-111 Engineering Quadrangle Princeton, NJ 08540 Phone: (609) 258-5691 FAX: (609) 258-3661 kreutz@princeton.edu | ||
Date: Thu, 20 Jan 2000 17:13:59 -0700 From: Bruce Ide <nride@us.ibm.com> To: lwn@lwn.net Subject: Why do you Bother With the Gartner Group? In the 1/20 edition we get some more predictions from the Gartner group. I'd like to note that in matters relating to Linux, you're as likely to get correct answers from the Psychic Talk hotline or a monkey with a dart board. I've watched with amusement as prediction after prediction about Linux from the Gartner Group has turned out to be completely wrong. Not just a little wrong, mind you. Embarassingly, "God we can't believe we said that," wrong. Very much like almost everything coming out of the Ziff Davis conglomerate, come to think of it. At least ZD's writers are starting to see the writing on the wall and jump on the bandwagon. And yet they persist, and We (And by We, I mean You) continue to quote them. I assume because you want to give us all a good laugh. Well it's working. I get a nice big belly laugh out of just about every statement that comes out of that group. I really don't understand why people pay so much money for their reports. Maybe the industry really is stuck in 1980's technology. Come on, guys, it's the 0?'s (Uh-Oh's?) now and we HAVE 32 BIT PROCESSORS! Hell, we HAVE 64 BIT PROCESSORS! And One OS runs on them all. And it ain't Windows. Which will apparently continue to make you deal with 16 bit bletcherisms (At least at the workstation level) for the foreseeable future since the game manufacturers want direct access which you're not going to do a very good job of getting with the NT kernel. You want my own predictions, huh? These aren't based on any knowledge proprietary to IBM by the way, they're based on watching the web, the news and the open source community for the past 5 years. I predict that the proprietary Unices will start to merge with Linux. Most of the companies with their own versions of UNIX only use that UNIX to sell hardware. Gone are the days when you can screw a customer out of $1500 for a !#%! C compiler (Sorry, pet peeve.) So Linux makes sense to most of those people, except SCO. Why maintain your own UNIX when there's a whole community out there that's willing to do it for free? We're already starting to see this trend now. The wholesale embracing of the open source community by the proprietary UNIX vendors will cause UNIX to defragment back into a unified whole. Security will be global -- when you fix a hole, you will be fixing it for all platforms. Support will be interchangable since everyone will have the source to a unified OS. Competition among support companies will encourage said companies to provide high quality support. As far as I can tell, this will be a first in the industry. I'm expecting the Merced to be a flop. It wouldn't surpise me if AMD doesn't step up to the plate within plus-or-minus a few weeks of the Merced release with an ultra-fast 64 bit chip of their own. First one to dump 32 bit legacy support wins. I don't expect Compaq to stand still with the Alpha or Sun to stand still with the Sparc chips either. Note that both those chips are 64 bit TODAY, as are the MIPS chips but we don't see many of those anymore AFAIK. It also wouldn't surprise me to see some sort of alliance between AMD and Compaq for Alpha technology. And of course someone's gotta be working on a 64 bit PowerPC. It wouldn't make sense not to. As people start buying hardware for Linux support, hardware manufacturers will increasingly realize that they have to open their specs or go out of business (Or at the very least provide binary drivers.) We're starting to see a trend there as well. Expect more patents and less trade secrets in the hardare arena. Expect to see substantial gains for Linux in server and desktop systems in the next 3 years. Since Linux scales so well, if you need a bigger web server, you can buy some big blue iron. I'd like to see Mindcraft put a Linux-running apache-serving S/390 in their crack pipe and smoke it. You think your pathetic little quad Xeon will stand up to that? Despite Wintel protestations to the contrary, PC's are still toys compared to the big blue iron. Against a unified UNIX (Linux,) high quality desktop interfaces and open Internet standards, Microsoft and Apple have quite a race ahead of them. I think they realize it to, or are starting to realize it. Finally, I predict that RedHat or VA Linux will buy the Gartner Group within in the next few years and fire everyone. Well, maybe not, but I can dream, right? All opinions mine and not my employer's. -- ---------------- Bruce Ide nride@us.ibm.com Silly Rabbit! CICS are for Trids! | ||
Date: Thu, 20 Jan 2000 17:58:15 GMT From: Superuser (Duncan Simpson) <root@io.stargate.co.uk> To: letters@lwn.net Subject: 32 bit PIDs may have a down side 32 bit PIDs are not a win in every direction. In particular with the present size check ps (http://checkps.alcom.co.uk) can sensibly build a PID list by asking kill(2) about all the possible UIDs. This detects all the current root kits that work by not mentioning things in /proc and "fixing" this is not something script kiddies can cope with. With 32 bit UIDs this strategy would be useless of course, which would make checkps a less formidable torjan detector. Most current crackers are not looking for it right now and it will presumably contiune to be effective until eveyrone starts using it :-) | ||
Date: Sat, 22 Jan 2000 18:12:47 -0600 From: mike <mdf@enteract.com> To: lwn@lwn.net Subject: roving squad of ruthless trademark lawyers? Let me tell you about my experience with Linus's "ruthless trademark lawyers". I started a Linux training company last month. I originally wanted to call it Migrate To Linux, Inc. My lawyer advised against this since I may choose to use the corporation for something else one day and I'd be stuck with explaining what Migrate To Linux is all about. So we settled on Migrate, Inc., and the deal was done. Before we abbreviated the name to "Migrate", my lawyer went about looking for permission from Linus to use the word "Linux". He eventually found the attorney (singular) who helped him establish the trademark. In trademark law, a trademark needs to be defended by the entity that owns it. If a trademark isn't enforced, there is the risk of it becoming a "naked trademark" which means it can be used by other entities without the owner's permission since it was never contested in the past. If Linus (or his attorneys) never bothers to enforce his trademark, he can lose it. Linus's attorney was trying to get him to recognize this issue and set up some kind of formal process by which entities could use "Linux" for a small fee. This way, if a software company from Redmond, Washington came along and tried to bring a product to market called Linux for Windows, Linus has legal remedy since there would be an established pattern of enforcement. Otherwise, a judge could rule that he never bothered to defend his trademark in the past, so the trademark essentially means nothing. What happened to Serious Domains was a good thing. If Linus let it go, he could have put the trademark in serious jeopardy. Mike Frost www.migratetolinux.com | ||
Date: Tue, 25 Jan 2000 14:58:35 -0600 From: Garrett Goebel <garrett@scriptpro.com> To: letters@lwn.net Subject: Editorial Proposal: Red Hot! Get 'yer Civil Liberties! Well, as of today, I've finally put my money behind my ethics and joined the Electronic Frontier Foundation. To my knowledge, there is no single organization that better represents the interests of electronic civil liberties than the EFF. For those vocal and lurking around the DeCSS issue, isn't it time to join the ranks? What is the EFF doing? They are representing defendants in the DVD-CCA case in California and are involved in a similar case in New York. They are making relevant information accessible and available on the internet. This is nothing new. The EFF has a history of protecting online civil liberties in the United States since 1990. On a personal note, I don't own a single DVD title. However, I'll defend with my EFF membership dues your "fair use" to do with your property as you please. Our readers outside the USA may be asking themselves what any of this means to them. Answer: The U.S. government's legal stance on electronic civil liberties translates into the building blocks and infrastructure of the technology and products you buy today, and what you will buy tomorrow. -Regardless of whether you are buying a product manufactured in America and sold in Japan, or something manufactured in Botswana and sold in the USA. There are some parties who believe that free speech is less important than poorly designed "protection" schemes which are geared more towards a tight coupling of product and means of utilizing it, than protecting the consumers ability to make "fair use" of the copyrighted materials they've purchased. Indeed one could venture to guess that circumventing the "fair use" of copyrighted materials is the very right they hold more dear than free speech. If you do decide to join the EFF, when you do so, send a note stating why you joined to membership@eff.org to let them know why you joined. [Disclaimer: I don't work for, represent, or receive any compensation from the EFF. -As of today, they represent me!] | ||