[LWN Logo]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests

 Main page
 Linux in the news
 Back page

Other stuff:
Daily Updates
Linux Stocks Page
Book reviews
Penguin Gallery

Contact us
Use LWN headlines

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- GaŽl Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

Leading items and editorials

Where is the 2.4 kernel? It has begun: News.com has reported on the "delay" in shipping the 2.4 kernel, and here is a ZDNet article casting this delay as a failure of sorts.
"While the Windows world is all too accustomed to dealing with delays and vapourware, the Linux camp had until recently enjoyed a fairly regular nine- to 12-month update cycle. But at the current rate of development, Linux 2.4 may not reach final status until October."
It's not clear exactly what "update cycle" they are referring to here. But the real question is: is the late arrival of the 2.4 kernel a free software failure?

Of course, in the usual style, nobody has ever committed to a delivery date for the 2.4 kernel (with the amusing exception of Colin Tenwick of Red Hat Europe, who felt entitled to tell the world that the kernel would be released at the same time as Windows 2000). Nonetheless, Linus has made noises in the past about a Fall 1999 or (later) a Q1 2000 release. Not only has that not happened, but it seems clear that 2.4.0 will not be forthcoming until sometime this summer at best. This kernel is coming out later than its developers had wanted.

It is true that free software projects are often poor at putting out releases in a timely manner. Yet advocates claim speed of development as one of the advantages of free software. As evidenced by the ZDNet article, some members of the press are starting to see an inconsistency here.

The problem - if there is a problem - is not with the speed of development. It is instead with the ability to produce stable releases quickly. New capabilities get developed and bugs get fixed quickly, but it can take a long time to package up those developments for general use. One can think of a few reasons why the stable release process seems to take forever:

  • Proprietary software often ships with known bugs, often very serious ones. No self-respecting free software project will package up buggy software as a stable release. High standards are a great thing, but meeting them takes longer.

  • Creating a stable release takes a great deal of discipline - the project has to simply stop adding shiny new features for a long time. The 2.3 development kernel has reworked the block and network driver API, added devfs, and thrown in many other features - all after an alleged code freeze. All of the stuff that went in at a late date is worthwhile, but it all delays the stable release.

  • Stabilizing software for release involves quite a bit of relatively uninteresting, detailed work. It is probably true that a subset of free software developers have little interest in this kind of work. It is more fun creating exciting, new features, and, after all, the development releases work great for them. Nonetheless, this is probably a minor factor at most.

A more predictable release schedule for important free software components would be nice, but it is hard to imagine many cures to the "problem" that would improve things overall. Imposing deadlines on software development is usually a mistake, and the free software community has been good at avoiding them. Free software ships when it is ready, and that is the way it should be.

Software Carpentry Design Contest finalists. The Software Carpentry contest has announced its finalists that will go to the last round of judging. The contest is trying to spur the [Contest logo] development of replacements for some well-known development tools; the entries at this point consist of proposals for new tools. There is no code available - yet.

Three of the finalists in the "Build" category, which is intended to produce a replacement for the venerable "make" program, have taken a similar approach. Rich Miller's PyMake, Steven Knight's sccons, and Tom Tromey's SC Build all turn the traditional makefile into a Python script. Doing things in this way makes the parsing easy, and adds a new type of procedural power and extensibility to the build process; it also turns configuring the build process into a Python programming exercise, which may not appeal to everybody. Sccons adds the concept of "environments," which replace the variable definitions in makefiles; they make it easy to build things in multiple ways, or to define build parameters (flags, installation locations) on a system-wide basis. Sccons also defines "scanner objects" which automate the process of setting up dependencies.

Black by David Ascher and Trent Mick takes a different approach. The makefile becomes an XML data structure defining the system to be built, the rules to use, dependencies, and so on. The authors recognize that "XML is a terrible user interface," however, and have thus specified a graphical interface for Black as well. It includes intelligence that allows it to set up most of the build process automatically; in addition to figuring out dependencies, it can find which source file defines the main program and make a guess at the name of the executable from that.

In the "build configuration" category, two of the entries (BuildConf by Vassilis Virvilis and SapCat by R. Lindsay Todd) have essentially defined an updated version of autoconf. Both of them require the developer to specify how the program is to be built as well, leading to a degree of overlap with the "build" category. Stefan Knappmann's ConfBase, instead, takes the form of a globally-available knowledge base which is used to generate makefiles. It includes an interactive approach, where build "problems" are fed back into the system in an attempt to find a remedy in the knowledge base. Only David Ascher's Tan explicitly addresses the overlap with the "build" category; it is intended to be used along with Black. Thus, like Black, it works off an XML database (explicitly patterned after the Windows registry) which describes system features, available tools, etc.

There are also four entries in the "Track" (problem and issue tracking) category that are worth a look. Four finalists were selected for the "Test" category as well, but the contest organizers have decided not to award a prize in that area for now. Apparently they want to reopen it after reworking the requirements to better inspire the sort of entries they would like to see.

The above descriptions are necessarily overly short; they overlook a number of interesting features in each of the entries. Interested folks are encouraged to look at the actual proposals on the Software Carpentry site.

The Microsoft breakup proposal. There is actually not much to add to the debate on this topic that we have not said in the past. It's worth pointing out, however, that nothing is likely to happen along the lines of a breakup for years. Both sides seem determined to fight until the bitter end, with the result that a lot of time will be spent in the courts. People wanting Office on Linux will have to be patient.

As an aside, another example of the Microsoft way of doing business was passed on to us by Jeremy Allison. It seems that Microsoft has finally made available its "embrace and extend" changes to the Kerberos protocol - sort of. You can only get the information in the form of a self-extracting executable file, which puts up an intimidating "click wrap" license first. It seems that the Kerberos extensions are presented as a trade secret, and can not be passed on - or implemented in open source software. If Microsoft allows others to implement the extensions, it will be via licensing agreements. So much for open standards.

Inside this week's Linux Weekly News:

  • Security: SSH 2 support in OpenSSH, a new DDoS tool, this week's security reports.
  • Kernel: Resize2fs to be released; a look at the Linux-Mandrake kernel.
  • Distributions: Tucows distribution download statistics, Debian test cycle begins.
  • Development: Another look at gnucash, miscellaneous development updates.
  • Commerce: Gartner's latest, Layoffs at Linuxcare, Andover.Net acquisition changed, VA acquires Precision Insight.
  • Back page: Linux links and letters to the editor
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:

May 4, 2000


 Main page
 Linux in the news
 Back page

See also: last week's Security page.


News and editorials

OpenSSH now supports the SSH 2 protocol. It was August 28th, 1998, when SSH Communications announced their license for ssh 2.0.8. That license restricted all commercial use of ssh 2.X without a licensing agreement. As a result, ssh 2.X was not widely packaged for Linux and more attention has been paid to tracking issues in ssh 1.X than ssh 2.X.

Thanks to the OpenBSD team, that has all changed again. The OpenBSD Journal reported last Thursday that OpenSSH now supports the SSH 2 protocol and is still backwards compatible with SSH 1. One advantage of the SSH 2 protocol that the OpenBSD Journal mentioned was its use of DSA instead of the patented RSA algorithm. In addition, the newer protocol was intended to be more secure, or at least better designed, than its predecessor.

Analysis of mstream DDoS tool. David Dittrich has published an analysis of mstream, another distributed denial of service tool for which the source code was recently released. Check it out for information on the signature of this most recent attack.

David's analysis finished up with two strong recommendations. The first was a call for more training for systems administrators. "First, and fundamentally, intruders will tend to have an even greater advantage over unskilled system administrators. It is becoming ever more important that systems administrators -- Unix, NT, whatever -- have training as a primary task, not a luxury or burden to be avoided." This recommendation is up against some tough competition. Due to the current shortage of good technical staff, businesses are demanding systems that are easier to administer ... which generally leads to them being administered by less skilled staff.

He also called for systems administrators to actively deal with and learn from intrusions, rather than just reinstalling and moving on. "Second, incident response and forensic investigation may be made more difficult, if not impossible, as the simple "solution" that the unskilled Unix administrator will take is to give up and just re-install the operating system. This ill-advised choice of action destroys any evidence that may exist on the system and sets the system up for a subsequent intrusion because the same security precautions they did not take before the incident will usually not be taken this time either." This comment, also wise, is likely to continue to get lost in the pressure to get back up and running as soon as possible and get back to other work. In other words, both these recommendations are good, but are unlikely to be used unless companies start taking security seriously enough to hire adequate staff to handle both their normal systems administration needs and the demands of good security.

CERT advisory on bind vulnerabilities. The Computer Emergency Response Team has put out this advisory regarding continued exploitation of vulnerabilities in older versions of bind. Fixes were made available months ago, but, apparently, many sites have not installed them. Now might be a good time to check your systems and be sure that all of them that are running bind have been upgraded. (And note that, depending on your distribution, you may be running it without having explicitly set it up).

SuSE libsafe analysis. Marc Heuse posted another brief analysis of libsafe, explaining why SuSE does not plan on integrating it into their system. "I can not remember a vulnerability in a network service for the last year which this tool would have prevented. Therefore: as long as this tool is not enhanced to also protect open/fopen calls against symlink/hardlink/pipe attacks, several more buffer overflow types, system/exec* function protection etc. it is not useful to use this tool." (Thanks to Fred Mobach.)

Security Reports

Linux kernel knfsd vulnerability. A vulnerability in the knfsd daemon leaves a host system vulnerable to a denial-of-service attack that can bring down the NFS service, reports Chris Evans. This impacts both the 2.2 stable tree and the 2.3 development tree. A patch against Linux kernel 2.2.15pre19 has been made available and is included in his note.

Note that the Red Hat kernel update we list here fixes this problem, plus others, including the IP masquerading vulnerability we discussed on March 30th. SuSE also responded to the recent security reports, but is waiting for the "any day now" release of 2.2.15 to provide updated packages. Last, but not least, please remember that the installation of a kernel update will always require care and attention.

  • Red Hat (follow instructions carefully!)
  • SuSE (no new packages yet)

SuSE: Gnomelib buffer overflow. An exploit for a buffer overflow in Gnomelib has been posted to BugTraq and confirmed to work on SuSE 6.3 and 6.4. A workaround, according to the SecurityFocus vulnerability database, is to remove the setuid and setgid bits on all Gnome based executables. Red Hat 6.X, Linpus 6.3 and Debian are reported not to be vulnerable. SuSE has acknowledged the problem, warning that the issue depends on the version of Gnome and may therefore impact older releases of other vendors. They indicated that a fix should be forthcoming soon.

Remotely exploitable hole in Sniffit. Sniffit, a widely-used packet sniffer, has been reported to contain a remotely exploitable buffer overflow, affecting version 0.3.7beta and all prior versions that log mail headers. A minor change to the source code is given that should fix the problem.

Gnapster: arbitrary read file access. Gnapster 1.3.9 has been released and contains, along with other bugfixes and changes, a fix for a vulnerability that can allow a user to view arbitrary files on the system.

Commercial software

Cisco Vulnerabilities. Cisco IOS, which runs on a variety of routers, is vulnerable to a denial-of-service attack if the router has a web server running on it. Cisco has acknowledged the problem and provided a work-around. They will provide a formal advisory when they have a full fix available.

In addition, many commands documented to require elevated privileges are actually usable without them, according to this report from Fernando Montenegro. The report includes configuration commands that can be executed to resolve the problem. He also indicates that Cisco's Product Security Incident Response Team has confirmed the issue and approved the recommended workaround.


SuSE cron/aaabase.We mentioned in last week's issue that a problem had been reported on SuSE systems where a cron job installed by default allowed any file on the system to be deleted, via a /tmp file link. The SuSE package involved is called aaabase. Here are the distribution responses to the problem.

  • SuSE, updated packages
  • Slackware, same package name, not vulnerable

Qpopper fgets vulnerability fixed. Qpopper 3.0.1b2 has been released and contains a fix for the qpopper fgets() vulnerability mentioned in last week's Security Summary.


nmap security scanner version 2.50. A new, stable version of the nmap security scanner has been released. This is the first stable release in slightly over a year and contains many new features.

Phrack number 56. Phrase number 56 is now available via in HTML format, tar file or via FTP.

HeavySecurity.com launches. The Heavy Security Group has announced the launch of its HeavySecurity.com "security portal."


May/June security events.

May 14-18, 2000. EuroCrypt 2000, Bruges (Brugge), Belgium.

May 14-17, 2000. 2000 IEEE Symposium on Security and Privacy, Oakland, California, USA.

June 12-14, 2000. NetSec 2000, San Francisco, California, USA.

June 25-30, 2000. 12th Annual First Conference, Chicago, Illinois, USA.

June 27-28, 2000. CSCoRE 2000, "Computer Security in a Collaborative Research Environment", Long Island, New York, USA.

Section Editor: Liz Coolbaugh

May 4, 2000

Secure Linux Projects
Bastille Linux
Khaos Linux
Secure Linux
Secure Linux (Flask)

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Yellow Dog Errata

Security Software Archives
ZedZ.net (formerly replay.com)

Miscellaneous Resources
Comp Sec News Daily
Linux Security Audit Project
Security Focus


 Main page
 Linux in the news
 Back page

See also: last week's Kernel page.

Kernel development

The current development kernel release is still 2.3.99-pre6. There is a pre-prepatch for 2.3.99-pre7 available in its fourth revision as of this writing. There is not much earthshaking to be found in it - it contains a number of PowerPC fixes, a bunch of driver tweaks, and a netfilter update.

2.3.99-pre6 turned up some problems with memory management that cause poor performance under some types of loads. Memory management hacker Rik van Riel has put out a patch to fix some of the problems; pre7 should presumably work better.

The current stable kernel release is still 2.2.14. Alan Cox tells us that the current 2.2.15pre20 patch, with a "one-line change" will be the real release, once Linus recovers from moving to a new house and has the cats and children settled down. It may well be out by the time you read this.

Update: 2.2.15 was released just as LWN went to "press." As soon as release notes become available, we'll post a note on the LWN daily updates page.

2.0.39pre4 has been released by David Weinehall. No word on when the real update for this ancient kernel will come out.

Resizing of ext2 filesystems is now available with free code. Way back in May, 1998 Ted Ts'o announced that he had written an ext2 resize utility under contract with PowerQuest. After a period of time, resize2fs was to cease being proprietary software and would be released under the GPL. That period of time has finally passed. The ext2 resizer will be part of e2fsprogs 1.19, which will be released "real soon now." A beta version can be found via the e2fsprogs web site on SourceForge; back up your disk first, though...

Automatic mounting of devfs remains a topic of discussion, after Richard Gooch put out a don't blame memessage regarding the change, which was inserted last week by Jeff Garzik. The final solution looks to be the addition of yet another configuration option which controls whether devfs is mounted automatically at boot.

Mr. Gooch has been busy in general, having released devfs v165, v166 and v167, along with devfsd 1.3.6, 1.3.7, and 1.3.8.

What's in your kernel? The Linux kernel is typically presented as the constant, unifying component that is the same in all distributions. Many distributors, however, ship heavily modified kernels with their products. As the first installment of an irregular series, LWN took a look at the Linux-Mandrake 7.0 kernel to see what they did to it. Here's what we found:

  • The base kernel in this distribution is 2.2.14. Interestingly, the source package actually contains 2.2.13, with the 2.2.14 patch being applied at build time.

  • A number of disk- and filesystem-oriented patches have been applied, including support for multi-session CD's, a large IDE patch from Andre Hedrick, a patch tightening directory permissions, and Supermount, of course. The kernel source package also includes the ext2 compression patch, but it is not actually installed into the kernel that gets built.

  • The lm_sensors hardware monitoring patch has been added. There is also an updated eepro100 ethernet driver, the raw I/O patch, a PCI bus patch, the IP virtual server patch, the RAID patch, a patch raising the maximum number of processes to 2560, a Pentium III support patch, the big memory patch set, and some scheduling tweaks.

  • The ALSA 0.4i sound drivers have been added in, as has the emu10k (SB Live) driver.

  • The Mandrake kernel also includes the binary-only PCTel winmodem driver.

  • Some "Solar Designer" security patches, such as a non-executable stack, are included but are only applied when building a "secure" kernel. The secure kernel is used when one of the higher security levels is selected at installation time.

A number of little adjustments are there as well, for a total of 41 different patches. Plus, of course, they put in the Mandrake boot logo. A number of the patches are credited to either Red Hat or SuSE.

Overall it's a pretty straightforward kernel, with a lot of little fixes and a few additional features (RAID, Supermount, ALSA, big memory...) added.

Other patches and updates released this week include:

  • Jeff Garzik has announced a preliminary release of his "kernel compatibility layer," designed to ease the backporting of 2.3.x drivers to older kernels.

  • ReiserFS 3.6.5 beta has been released. The ReiserFS folks are steadily working through their issues; it still doesn't work, however, with NFS.

  • A new version of the Netfilter HOWTO suite has been released by Paul Rusty Russell.

  • Version 0.7 of aboot, the secondary bootloader for Alpha systems, has been released by David Huggins-Daines.

Section Editor: Jonathan Corbet

May 4, 2000

For other kernel news, see:

Other resources:


 Main page
 Linux in the news
 Back page

See also: last week's Distributions page.


Please note that security updates from the various distributions are covered in the security section.

Statistics, Statistics and Statistics. MandrakeSoft has announced that Linux-Mandrake came out at the top of the ISO download statistics at Tucows.com for both February and March.

Here are the statistics on which they based their claim:

   February                 March
Linux-Mandrake     46%   Linux-Mandrake      31%
Red Hat            27%   Corel               28%
Corel              15%   Red Hat             14%
Debian              3%   Debian               6%
SuSE                3%   Caldera              6%
Slackware           3%   SuSE                 5%
Caldera             3%   FreeBSD              4%
                         Stormix              2%
                         Slackware            1%
We contacted Tucows for more information. Greg Cowie pointed out that the statistics in any given month are strongly affected by who has released a new version of their distribution, since ISO downloads are primarily used by people planning on installing or upgrading. The April statistics, in turn, show the impact of the release of Red Hat 6.2:
Red Hat            31%
Linux-Mandrake     29%
Corel              22%
Debian	            5%
Caldera	            4%
FreeBSD             3%
SuSE                3%
Slackware	    2%
Stormix             1%
Yellow Dog Linux    1%
The numbers used in these three cases are the actual number of ISO downloads. Tucows also freely provides similar statistics on ISO downloads based on Megabytes downloaded, and non-ISO file downloads for each distribution, again by volume or by number. Looking at non-ISO file downloads by number, we can get figures with Red Hat leading by a wide margin instead (Red Hat 57%, Linux-Mandrake 24%, in April). From that, you might theorize that Red Hat has a larger installed base (people downloaded single file updates or additional applications) while Linux-Mandrake has more people installing their distribution for the first time.

The really startling note from the three months worth of data, still a small sampling, is the lead that the two RPM-based distributions have on the rest of the pack. It will be an interesting trend to watch.

On another note, we learned a bit about how such statistics can be swayed by small details. For example, the Phat Linux distribution does not have an ISO download, being only available as a large executable file that is run from a Windows installation. It doesn't impact the ISO download list, as a result, but is responsible for a whopping 34% of the non-ISO file downloads by volume. By number of files downloaded, since the entire distribution consists of only one file, they don't even show on the chart. Without knowing more about the structure of this distribution, these figures would seem highly anomalous.

Microsoft tactics benefit Japanese Linux distributors. If you are using a computer in Japan, you may have already installed or received a system pre-installed with Windows, before you move to running Linux on it. If so, you've paid, in part, for high quality commercial fonts to support Japanese. However, people who've contacted Microsoft to check have been told that it is not legal to use these fonts with an operating system other than Microsoft, even by the same person on the exact same computer.

In discussing various issues with Maya Tamiya of http://ChangeLog.net, we learned that this has ended up benefitting Japanese Linux distributors (though not necessarily the end-user). The freely available fonts are currently just not good enough to provide adequate support in Japan, she noted. Commercial Japanese distributions have benefitted as a result, because end-users expect and need the commercial fonts that are therefore bundled with Linux.

In the long run, the consumer is the one that is losing, since they are potentially forced to pay multiple times for the same commercial fonts. This adds weight to the need for more and better freely-available fonts.

Corel Linux

Corel makes donation to Dallas schools. Corel has announced the donation of 2000 copies of its Linux distribution and WordPerfect Office 2000 to the Dallas school district.

Corel Linux voted best new product at FOSE. Corel announces that its Linux distribution was awarded "best new product" in the "End-User Software" category at the Federal Office Systems Exposition.

Coyote Linux

Coyote Linux 1.20pre3.The latest version of Coyote Linux, 1.20pre3, is a bugfix-only update. Coyote Linux is a single floppy Linux distribution that provides routing/firewall services for targeted at home users.

Debian GNU/Linux

Debian Test Cycle begins. After announcing the removal of 16 packagesfrom frozen on May 2nd, due to release-critical bugs, Richard Braakman officially announced the start of the First Test Cycle. If successful, a decision on a release of Debian potato could happen within the next few weeks. If it is not, then another test cycle will be started.

Lilo in frozen. The question was asked whether the new Lilo, which removes the requirement that the kernel lie within the first 1024 cylinders, would be included into the new version of Debian before its release. The answer, according to Petr Cech, is "yes".

Debian GNU/Hurd

The Kernel Cousin debian-hurd for May 3rd is available, to provide a snapshot of recent GNU/Hurd development.


MandrakeSoft to bundle Enlighten's user management tool. MandrakeSoft has announced that it will bundle Enlighten's "User Management Tool" with the Linux-Mandrake 7.1 distribution.

Slackware Linux

Slackware-current updates. Updates to slackware-current this week include gcc-2.95.2, perl-5.6.0, vim-5.6, lilo-21.4.2 (removing the 1024 cylinder restriction), and a host of other small updates.

SuSE Linux

SuSE announces distribution deal with Ingram. SuSE has announced a distribution deal with Ingram Micro, a large wholesale distributor. This arrangement should help to get SuSE's distribution into a lot more stores.


TurboLinux 6.0 Workstation: A First Look (AboutLinux). AboutLinux reviews TurboLinux 6.0 workstation. "TurboLinux 6.0 installed a fairly vanilla Gnome setup - in this regard it is somewhat similar to Corel Linux - and they both may have a point. Does it really help a new Linux user to have their desktop cluttered with many icons?"

Section Editor: Liz Coolbaugh

May 4, 2000

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.

Caldera OpenLinux
Debian GNU/Linux
Red Hat

Also well-known
Best Linux
Conectiva Linux

Rock Linux

Non-technical desktop
Icepack Linux
Redmond Linux

Boston University
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
Complete Linux
Console Linux
Corel Linux
Darkstar Linux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
HA Linux
Halloween Linux
ix86 Linux
Lanthan Linux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
Linux Pro Plus
LNX System
Lute Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
Project Ballantain
Rabid Squirrel
Root Linux
Serial Terminal
TimeSys Linux/RT
Tom Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WinLinux 2000

GNU/Linux Ututo
Definite Linux
Red Flag
Linux Esware
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
MCC Interim Linux
Storm Linux


 Main page
 Linux in the news
 Back page

See also: last week's Development page.

Development projects

Another look at gnucash. Last December we ran a review of gnucash that concluded that the program - a free personal and small business finance package - was not quite ready for prime time. Inspired by meeting the developers at the Linux Business Expo, LWN took another look at gnucash. Conclusion: it has come a long way. Your editor is pleased to announce a complete transition to gnucash, thus getting rid of the last Windows application on his system. Time to reclaim that partition.

Gnucash 1.3.6 has all of the basics that one needs to track finances under Linux. It handles several types of accounts, including stocks and credit [Gnucash logo] cards. The double-entry system it uses will look a little strange to users of other packages, but if you think of "expense accounts" and "income accounts" as being "categories" it all comes together just fine. The account reconciliation mechanism works well, and there is a separate little program which will keep stock prices up to date. The QIF import capability has seen a great deal of work. There is also a check printing capability that your editor has not tried out.

That said, those who are contemplating moving over from Quicken or some other such package need to be prepared for a rougher existence. Gnucash is not yet at the level of those applications in either features or ease of use. Those without a bit of an "early adopter" mindset may want to wait until the 1.4 stable release comes out.

Speaking of stability, your editor was able to make it crash only once. As it turns out, the problem had been fixed even before the report got sent in.

There's no end of missing features. It remembers names of payees, but none of the other information (amounts, accounts) that goes along with them. As a result, more typing is needed than one would like - especially for recurring, split transactions. There is no support for scheduled transactions (i.e. the mortgage payment) yet. It doesn't really understand loans. Some cleverness is needed to enter things like reinvested long-term capital gains distributions on mutual funds. The reports are still rudimentary. And so on.

Gnucash could benefit from some concentrated user interface work as well. You can get auto-incrementing check numbers, but you have to ask for it each time. Most checkbook registers put the check number first, but the gnucash register starts with the date. If you mistakenly type the check number into the date field, you get a date like "May 4, 20003843", which gnucash happily accepts. Creating accounts - something one has to do a lot of - could be easier. There are two "open" icons on the main window with different functions. And so on.

In other words, it's a work in progress. There is every reason to believe that gnucash will continue to progress quickly. Meanwhile, it is ready for those who are slightly adventurous, or who place a premium on working with free software. Gnucash past that critical point of development a little while back - it is clearly going to be successful.

Probotics releases robotics code. The folks at Probotics have announced the release of their robotics code under the GPL. This code is mostly useful, of course, for programming the robots that they sell, but there's likely to be good stuff that can be used beyond that context as well. (Thanks to Alexandre Dulaunoy).

Application of the Week: gkrellm. The Linuxcare application of the week this week is gkrellm. Having found this application, Brett Neely is apparently never going to live without it again. "Apparently influenced by the sci-fi movie 'Forbidden Planet,' gkrellm essentially gives you the headlines of your system's health... gkrellm gives me the kind of information that would normally require a barrage of commands. It gives me the time and date; graphs for CPU activity, process load, disk I/O activity, and eth0 traffic; available resource meters for memory, swap, and disk partitions; the number of new emails in my inbox; and my system's uptime."


Two new Mozilla chat channels. #mozui (for Mozilla UI discussion) and #mozl10n (for Mozilla localization) are two new channels that have been added to irc.mozilla.org, according to MozillaZine.

Mozilla mini-track at O'Reilly conference. A Mozilla mini-track is being planned for this summer's O'Reilly Open Source Software Convention . Speakers will include Mike Shaver, Frank Hecker, Ben Goodger, Alec Flett, Mitchell Baker, Mike Ang, Rob Ginda and Paul Everitt.


SEUL/edu Linux in Education Report. The eighteenth SEUL/edu Linux in Education report talks about Linux in Latin American schools. The SEUL/edu folks will also be present at Linux Canada in Toronto.


The Chopping Block (Worldforge). This month's issue of The Chopping Block is now available. The Chopping Block is a newsletter/magazine covering the Worldforge project, which is developing a complete system for massively multiplayer online roleplaying games. This month's edition contains a 3D tutorial on light and reflections, a developer chat and three short stories. In addition, Aloril reviews the arguments for moving the license for Worldforge from the OPL to the GFDL+GPL.


Kernel Cousin Samba. The April 27th edition of the Kernel Cousin Samba covers temperamental NT logins, problems with the pam_ntdom module, exchanging exchange, continuing problems (though fewer) with Windows 2000 support in Samba 2.0.7pre4 and a patch to support symlinks with smbfs.

Wine Weekly News. This week's Wine Weekly News reports a new Wine snapshot, 20000430, the first snapshot to be released under the X11 license. Unicode support and the wine resource compiler were also topics for discussion this week.

Office Applications

AbiWord 0.7.9.A new version of AbiWord, version 0.7.9, has been released. It contains some new features and both major and minor bugfixes. Overwrite mode, for example, is now available, and page margin support is now included.

For more information and development news, check out this week's AbiWord Weekly News.

Siag Office 3.3.4. Siag Office 3.3.4 has been released. Changes include updates to the German and Spanish translations, faster scrolling and more efficient screen updates.

Tradeclient 0.2.0 released under the GPL. The Personal Information Manager (PIM) tradeclient has now been released under the GPL, as of their latest 0.2.0 release, reports Gnotices. Comments to the announcement seemed generally favorable and indicate that it is a good start, even without IMAP support.

On the Desktop

KDevelop 1.2 released. Gnome support has been added to KDevelop 1.2, released today, along with many other features. We've heard a lot of good things about KDevelop, so it is great to hear that it will now support both the Qt and Gtk libraries, preventing the need for reinvention of the wheel.

German Gnome home page. A German Gnome home page has been created by Gnome hacker Martin Baulig. It currently contains a list of Gnome events in Germany.

Konqueror website. The KDE team proudly announced the unveiling of the Konqueror website, the definite place to find information about Konqueror, KDE's new replacement for kfm. Konqueror is a web browser, file manager, universal file viewer and even a customizable application. Screenshots for the various capabilities are available.

New KWin Style - Modern System (mosfet.org). Mosfet has committed his new C++ KWin style engine, dubbed "Modern System". Screenshots are provided.

Response to O'Reilly 'Motif is not Dead' article. On April 6th, O'Reilly published an interview with Antony Fountain, co-author of Volume 6B: Motif Reference Manual, 2nd Edition, which talked about his opinion of both Gnome and KDE. KDE Core Developer Richard Moore published a response to what he felt were inaccuracies or errors in that article on April 28th, entitling his response "Motif Is Dead, but the body is still twitching". It does a good job of refuting some of the claims of the original author, at least from the KDE perspective.

Website Development

Data-Driven Sites with Midgard (WebTechniques). Web Techniques walks through setting up a web site with Midgard. "Content is separated into style (layout management), structure (host management), and raw material (content management). This clear demarcation offers many opportunities to delegate responsibilities for each part of the site. In addition, full integration of the PHP3 scripting language makes it easy to extend Midgard in powerful ways." (Thanks to Henri Bergius).

Section Editor: Liz Coolbaugh

May 4, 2000

Project Links
High Availability

More Information



Development tools


OpenGL Class Library 0.0.1. The initial release of the OpenGL Class Library has been announced. It is available under the GPL. "The OpenGL Class Library is intented to be a set of C++ classes, available through static and dynamic libraries, that will allow the developer to create OpenGL applications using C++ quickly. This includes the ability to create multiple windows and assign individual events to them. In addition, other useful functionality will be included that will allow images (.bmp, .raw, .tga, etc.) and 3d object format files (.3ds, .asc, .dxf, etc.) to be loaded in a platform-independant way. "


IBM Linux JDK 1.3.0. IBM Developer Works has put out an early release of the IBM Developer Kit for Linux, Java 2 Technology Edition. "Version 1.3.0 Early Release (Early Release Developer Kit) is a software development kit that can be used to build Java applications on Linux. The Early Release Developer Kit includes development tools, the IBM Java Runtime Environment for Linux, sample code and Java source files."

The Real-Time Specification for Java. A real time extension to the Java Language Specification and the Java Virtual Machine Specification has been issued by the Real Time Specification for Java Experts Group (RTJEG), chartered under the Java Community Process and JSR-000001. The specification is currently available in PDF format for download.

Why Java seems doomed to fail (osOpinion). Here's an osOpinion piece on why Java doesn't seem to be going anywhere. "In all honesty I'd like to consider Java, but the fact that my development team would be unable to deploy on Linux - our primary server platform - makes it a no go."


Yet Another Perl Conference (yapc). Registration for this year's yapc conference is now open. It will be held June 21-23 at the Carnegie Mellon University in Pittsburgh, PA, USA. The yapc conference is distinguished by being "driven from the bottom up, organized by and for perl users -- a grassroots conference".

perl5-porters for April 25th through April 20th. The perl5-porters report on Perl development activity is back up and running. Activity is gearing up, with one major bug in perl 5.6 reported and patch provided. Perl 5.6.1 may not be too far out.


Dr. Dobb's Python-URL. Python-URL is back, with a weekly look at postings on the comp.lang.python mailing list. My favorite: Martijn Faassen's story of the "really early days of Python".


Double Tcl-URL. This week, two editions of Tcl-URL came out back to back. Here are the Tcl-URL for May 1st and May 2nd. An administrative note indicates that they plan to return to a more predictable schedule.

Section Editor: Liz Coolbaugh

Language Links
IBM Java Zone
Perl News
Daily Python-URL

 Main page
 Linux in the news
 Back page

See also: last week's Commerce page.

Linux and business

Gartner Group: ISV Enthusiasm for Linux: A House Divided . The Gartner Group's latest pronouncement on Linux has to do with the interest of independent software vendors. "By 2005, Linux will be among the top three to four ISV porting priorities for 60 percent to 65 percent of ISVs, but will not dislodge current top-tier operating system platforms (0.6 probability). From 2000 on, no more than two to three Linux distributors will be financially strong enough to be accepted as broad enterprise operating system vendors (0.7 probability)." (Found in Portalux News).

Layoffs at Linuxcare. Linuxcare has laid off a substantial portion of its workforce - by one report, 80 people, or about 35%. The company itself isn't talking much about what is going on, so there's not a whole lot of hard information around. It seems clear, however, that Linuxcare has the dubious honor of being the first open source downsizing. One can only wish that it will be the last.

This move does not mark the end of the road for Linuxcare. The company remains positioned in area that should prove lucrative, and (one can assume that) it still employs many well-known Linux developers. Linuxcare played the IPO game, and lost. Without the influx of cash from an initial offering, belts had to be tightened. Linuxcare is positioning itself to go a longer than expected route with the resources that it has.

Meanwhile, it's official: here's the withdrawal letter filed with the SEC by Linuxcare cancelling its IPO.

Changes in the VA Linux/Andover.Net deal. When VA announced that it was acquiring Andover.Net, part of the deal was a $60 million cash payment to Andover's stockholders. The deal has been criticized by many, but this payment was singled out for particularly harsh treatment. No more. The two parties have announced that the deal has been changed to an all-stock exchange. The official reason cited is "tax concerns"...

For those wanting more information, here's a registration statement filed by VA Linux Systems as part of its acquisition of Andover.Net. If you're curious about the details of the deal, you'll find all of the answers there, though you will have to dig through a lot of legalese to get to them.

Officers at Andover.Net will do well - some or all of their options will vest immediately on completion of the merger. On the other hand, Andover stockholders subject to the holding period will still have to wait until that period is up before they can sell their new VA stock.

(See also: this brief Reuters article about the change in terms).

VA Linux Systems acquires Precision Insight. While we're on the topic of VA acquisitions: on Precision Insight's web page is the following notice: "Precision Insight Inc. has merged with VA Linux Inc. PI's management and its entire engineering team have remained with the company and will continue to support open source development as they have while at PI. This merger adds a significant graphics, video, and multi-media development and support capability to VA Linux." VA has not yet released any information on this move.

PI works with XFree86, providing support services, developing video drivers, and so on. They developed a number of video drivers for Red Hat, and are currently working on the Direct Rendering Infrastructure with support from Red Hat and SGI. They list Darryl Strauss, David Dawes, and Brian Paul as part of their development team.

With this acquisition, VA adds greatly to its graphics capabilities, and to its development staff in general. PI is a group of sharp people; this could prove to be a very good move on VA's part.

Andover.Net announces new magazine. Andover.Net has announced a new print magazine called "Open," which will launch in August. It will offer trade-rag style free subscriptions; signups are already possible at the OpenMagazine.net web site.

Bluepoint signs agreement to develop embedded Linux system. Bluepoint Linux Systems has announced the signing of an agreement with Shenzhen Debole Electronics Development Ltd. to develop an "intelligent housing system" which will handle functions like "security alarm; automatic water, electricity and gas meter reading; appliance control (5 ports minimum); subdivision fee collection; information broadcasting; Internet connection; Internet-based remote management; E-Commerce Service; and touch screen with at least 50 Chinese display." There is apparently already an order in place for 6000 units.

Miracle Linux press release. Thanks to Maya Tamiya, we now have an English translation of the press release announcing the creation of "Miracle Linux" -- the new distribution startup being created in Japan by Oracle, NEC, and TurboLinux.

Open letter to Congress on immigration reform. A group of prominent technology figures, including Linus Torvalds, has sent an open letter to Congress asking it to make it easier for immigrants to get green cards. As of a little while ago, at least, Linus was still waiting for his...

Inprise/Borland board requests update of fairness opinion in Corel merger. Inprise has announced that its board of directors has requested that its advisor take another look at the merger deal with Corel. The deal looks increasingly in peril - this is the Inprise board, and not just a couple of dissident members, that is showing signs of having cold feet.

Troll Tech and Inprise/Borland collaborate on Linux GUI. Troll Tech and Inprise have announced a deal wherein Inprise will use the Qt toolkit in its Delphi product.

Perforce offers SCM System for IA-64 Linux. Applications for the IA-64 are already beginning to show up - before the hardware is available. Perforce has announced the availability of its software configuration management system for TurboLinux's IA-64 port.

LinuxMall CEO on Microsoft split-up. LinuxMall.com has issued a press release with CEO Mark Bolzern's opinion on the proposal to split up Microsoft. "Bolzern said no matter what happens in the Microsoft case, the end result will show that people are tired of the operating system dominance of Microsoft, and Linux will continue its rapid increase in marketshare and importance as a viable alternative operating system for businesses and individuals."

Amazon opens Linux store. Amazon.com, heedless of its current difficulties with the Linux community, has opened up its own Linux software store. The store's offerings currently seem somewhat incomplete: its distributions section is missing SuSE and TurboLinux (and all of the smaller distributions), the word processors section features only Corel, etc.

Section Editor: Jon Corbet.


Press Releases:

    Commercial Products for Linux

  • Agate Technologies, Inc. (FREMONT, Calif.) announced the release of its HotData Shuttle hot swap IDE Plug & Play solution, designed to support Linux on Intel.

  • Exabyte Corporation (BOULDER, Colo.) announced record-setting test results for Mammoth-2 (M2) throughout Linux testing. Testing was completed under the Linux Tape Device Certification program through Enhanced Software Technologies Inc.

  • FlexiInternational Software, Inc. (SHELTON, Conn.) announced that their latest release 4.3 of FlexiFinancials under Oracle 8i will offer support for the Linux operating system.

  • Metro Link Inc. (FORT LAUDERDALE, Fla.) released the Metro-X 4.3.5 High-Performance Graphical Display Server for Linux/x86, Linux/Alpha, Linux/PowerPC, and FreeBSD/x86.

  • Tux Games announced Theocracy, a real-time strategy game from Ubi Software.

  • VA Linux Systems, Inc. (SUNNYVALE, Calif.) announced the release of VA SystemImager 1.0 software for automatically installing, configuring and updating large numbers of Linux systems in Internet server farms and clusters.

    Products Using Linux

  • CSP Inc has announced a new line of clustered systems based on Apple Power Mac systems and Terra Soft's Black Lab Linux.

  • Cybernet has announced the forthcoming (June) availability of its Linux-based virtual private network server suite.

  • OnCore Systems has announced an embeddable version of Linux with extra support for real-time tasks.

    Products with Linux Versions

  • Avant! Corporation (FREMONT, Calif.) announced extension of its Nova-ExploreRTL product for automated checking of HDL coding guidelines to allow user definition of custom or proprietary rules. Red Hat Linux 6.0 is among the supported platforms.

  • Castelle (SANTA CLARA, Calif.) announced FaxPress 6.2, the latest product in its FaxPress product line.

  • DCS (NEW YORK) announced AdaSTAT, an automatic metric reporting and restrictions checking tool for Ada95. GNAT 3.13, an open source Ada95 development environment, was used for development.

  • FreeDesk.com (ST. PAUL, Minn.) announced that its users are now able to access their own hard drives and directories from any computer, anywhere through the FreeDesk website.

  • GeoQuest (HOUSTON) announced the launch of its LiveQuest application service provider solution in Calgary, Canada.

  • Group 1 Software (LANHAM, Md.) announced the release of GeoTAX 2.0, the first fully integrated geocoding application for tax jurisdiction assignment.

  • Group 1 Software (LANHAM, Md.) announced it is including the PLANET Code as a bar code option in DOC1, its electronic document composition system.

  • HIARC Inc. (ANAHEIM, Calif.) announced that its HSM (hierarchical storage management) software now supports the Ultrium (high-capacity) LTO (linear tape-open) technology.

  • Intel Corporation (AMERICAN FORK, Utah) released version 6.1 of Intel LANDesk Server Manager and Intel LANDesk Server Manager Pro, management solutions.

  • Moscape Inc. (SANTA CLARA, Calif.) announced GateScope, a new class of signoff tool for large, cell-based ICs that virtually eliminates noise errors prior to tapeout.

  • Panasonic and SCM Microsystems, Inc. (MILPITAS, Calif. and LOS GATOS, Calif.) announced that SCM's USB to SCSI Intelligent Cable supports Panasonic's 5.2GB DVD-RAM drive.

  • ParaSoft (MONROVIA, Calif.) announced the release of CodeWizard v3.1, their advanced error prevention tool for C and C++.

  • Persistence Software Inc. (SAN MATEO, Calif.) announced Dynamai, "application-aware caching software" for live business content.

  • PowerQuest Corp. (OREM, Utah) announced DriveCopy 3.0.

  • Rational Software (LEXINGTON, Mass.) announced a new version of the Rational Suite family of products, for the development of Internet software.

  • RedCreek Communications, Inc. (SAN JOSE, CA) announced the Personal Ravlin II, a hardware platform designed specifically to connect remote office users and teleworkers to broadband services, while preventing the security risk inherent in persistent "always on" Internet connections.

  • SanDisk Corporation (SUNNYVALE, Calif.) introduced new additions to the family of ImageMate card readers for CompactFlash, SmartMedia and MultiMediaCards.

  • V-ONE Corporation (GERMANTOWN, Md.) announced SmartGuard, a network security solution for medium sized businesses.

  • VideoPropulsion, Inc. (SLINGER, Wis.) announced that the Company has added Red Hat Linux 6.1 software drivers to the range of platform support for its entire line of VDOPro DVB (Digital Video Broadcast) solutions.

  • Zaxus (SUNRISE, Fla.) introduced a new WebSentry PCI security module.

  • Ziatech Corporation (SAN LUIS OBISPO, Calif.) launched its Ketris family of carrier-class infrastructure-provisioning solutions designed specifically for Internet data centers.

    Java Products

  • RSW Software Inc. (WALTHAM, Mass.) introduced EJB-test, to test the scalability and functionality of Enterprise JavaBeans (EJB) middle-tier applications.


  • Agfa Monotype Corporation (WILMINGTON, Mass.) announced an agreement with Corel Corporation to license its Albany and Thorndale fonts for inclusion in WordPerfect Office 2000 for Linux and Corel LINUX OS.

  • ABS Computer Technologies will be bundling Corel Linux with its systems, according to this announcement from Corel.

  • eSoft has announced a deal with Hewlett-Packard Company's Complementary Products division in South Asia to license eSoft's software suite and distribute it on HP hardware platforms, which will then be sold throughout South Asia.

  • GraphOn has announced a deal with Corel wherein GraphOn will be distributing Corel Linux and WordPerfect Office 2000 for Linux in China.

  • Gridware, Inc. (SAN JOSE, Calif. and Neutraubling, Germany) announced that its Codine/GRD advanced computing resource management software has been selected by NVIDIA Corporation as the foundation for a Linux-powered, tightly-clustered, heterogeneous computing environment it is building to handle the EDA processing requirements for its next generation of 3D graphics processors.

  • Imsys AB (UPPLANDS VASBY, Sweden) announced it has joined EEMBC (EDN Embedded Microprocessor Benchmarking Consortium). uC-Linux and the embedded Linux kernel subsystem are listed among Imsys' products.

  • Intel and its Dialogic subsidiary (PARSIPPANY, N.J.) announced it has signed a letter of intent with eOn Communications Corporation in which the two companies plan to work together to develop advanced Linux-based solutions for the communications market segment.

  • Linux NetworX, Inc. (SANDY, UTAH) announced a partnership with Alpine Consolidated, LLC, a company that works with emerging businesses to obtain financing and execute strategic growth plans.

  • Lynx Real-Time Systems, Inc. and Intoto, Inc. (SAN JOSE, Calif.) announced the availability of Intoto's USBStack for the LynxOS. USBStack is an off-the-shelf USB host protocol software solution. LynxOS is a Linux-compatible real-time operating system.

  • Merlin Software Technologies International Inc. (ALTAMONTE SPRINGS, Fla.) announced an agreement with Minnesota based Frank Kasper & Associates (FKA), to supply Merlin's PerfectBACKUP+ Linux backup and crash recovery software to its world-wide distribution channel.

  • Metrowerks (AUSTIN, Texas) announced it is a founding member of the Embedded Linux Consortium.

  • Newlix Corporation (OTTAWA) announced a strategic relationship with 3D Microcomputers Wholesale and Distribution to market its Newlix OfficeServer, a Linux-based network operating system.

  • Newlix Corporation and Look Communications Inc. (OTTAWA) announced a marketing partnership to promote the use of Newlix OfficeServer.

  • Pervasive Software Inc. (AUSTIN, Texas) announced that as a member of Red Hat's ISV Partner Program, Pervasive has provided 30-day trial versions of Tango 2000 Application Server and Pervasive.SQL 2000 Server, for the Red Hat Linux 6.2 application CD.

  • TeamLinux announced that it is sponsoring a new LinuxMall.com online forum called "Ask Linus".

    Investments and Acquisitions

  • Lineo has announced the receipt of $37 million in investments from over a dozen companies.

  • Linux NetworX, a subsidiary of Alta Technology, has announced the receipt of $2 million in venture funding from the Canopy Group.

  • OpenSales, Inc. (SAN MATEO, Calif.) announced that it has secured $10 million in Series A financing.

  • TeamLinux Corporation (Austin, Texas) announced the acquisition of Austin- based Three-Sixteen Technical Services.

    Financial Results

  • Andover.Net, Inc. (ACTON, Mass.) reported revenues of $2.8 million for the quarter ended March 31, 2000.

  • eOn Communications Corp. (MEMPHIS, Tenn.) announced third quarter results would be lower due to a shortfall in revenues caused by a slowdown of non-Linux based equipment sales.

  • Inprise/Borland Corporation (SCOTTS VALLEY, Calif.) announced financial results for the first quarter of fiscal year 2000.

  • Magic Software Enterprises, Ltd. (OR YEHUDA, Israel) reported record sales and earnings for the first quarter of 2000.

    Linux At Work

  • Alta Bates (OTTAWA, Ontario), part of the Sutter Health network in Northern California, recently chose the Loran Kinnetics management appliance to monitor their network day and night. Selection criteria that most interested Alta Bates' technical staff included Kinnetics' powerful capabilities, use of the Linux operating system, and its ease of use and deployment.

  • VistaSource, Inc. (WESTBORO, Mass.) announced that the Good Samaritan Society (GSS) will deploy their Applixware Office for Linux v5.0 nationwide to 2,500 users across 240 sites.


  • Piranha, Inc. (DALLAS) announced the appointment of Roe VanFossen to Piranha's Board of Directors.


  • eSoft has announced that its stock has begun trading on the NASDAQ National Market - it had been traded before on the Small Cap Market.

  • This IDC Latin America survey shows Linux use increasing in Latin America.

  • Sitestar Corp. (ENCINO, Calif.) announced that its Linux-based ISP division has surpassed the 5,000 customers level.

  • uniView Technologies Corp. (DALLAS) announced an initial contract of $20 million for a new set top box (Z Box) based on the Linux uniView model.

Section Editor: Rebecca Sobol.

May 4, 2000


 Main page
 Linux in the news
 Back page

See also: last week's Linux in the news page.

Linux in the news

Recommended Reading

Upside has posted a lengthy article which may well be the definitive summary of Microsoft's problems. "Microsoft's value proposition was that an Intel-based system running Windows NT was a much less expensive proposition than a semi-proprietary Unix running on non-Intel hardware. Linux, however, beats Microsoft at its own game, offering a highly customizable, standards-compliant operating system at a fraction of the cost of a comparable Windows NT system. Sadly, it's not clear whether Microsoft fully understands the nature of the Linux threat."


News.com looks at Embedded Linux firms. "Another difference between the companies is in royalties--the fee a company pays to sell a device using the software. Lineo charges royalties for Embedix, its version of Linux for gadgets. MontaVista won't charge royalties but will charge for use of software development tools and technical support. Support contracts cost between $5,000 and $10,000 a year depending on depth and responsiveness."

Here's an article in News.com about Red Hat's plans to get into the home appliance market. "The move marks the first major expansion of Red Hat's version of Linux outside its server stronghold. However, trying to enter the home networking market pits Red Hat not only against Microsoft's Windows, but also against other Linux companies such as Lineo."

This News.com article is about RealNetworks' use of Mozilla code in a version of its media player. "Whatever RealNetworks' intentions for Web-browsing capabilities, the company's participation in the Mozilla software development effort is a big win for the organization."

Here's a brief article in Wide Open News about the layoff at Linuxcare. "The company had been expanding its workforce as part of an IPO ramp up, but the withdrawal has forced the company to reexamine its spending and its strategy. Without the expected cash infusion, Linuxcare has had to tighten its belt."

This week's Linsider stock summary is up. "You'll get a variety of opinions as to whether a split is a useful remedy for the problems Gates and Co. have caused, but one thing is for sure: the final word on this is still a year or more away. And for Linux advocates, that's good news. See, in the long run it doesn't really matter what the Government does legally to Microsoft. What matters is that the microscope is on Microsoft for an extended period, allowing other players to move more quickly into competitive positions."

Here's a lengthy Upside article covering the Piranha vulnerability, the change in the VA Linux/Andover merger terms, and the proposed French open standards law. "Despite the glowing endorsement of both free software and the principles of software liberty, free software advocates such as Richard Stallman gave the overall text of the law mixed reviews."

News.com looks at the FreeNet project. "Others say Freenet, if it is able to get out of its early stages, could be the final nail in the coffin for organizations trying to prevent online piracy. Since Freenet is wholly decentralized, there is no central company to sue for copyright violations. And because each 'node' is encrypted, and users anonymous, it will be nearly impossible to track down any individual pirate or pirated work."

ABC News has an article about Eazel. "Windows and Mac users should feel comfortable with Eazel. The current pre-release version, called Nautilus, features large, finely shaded icons, and windows that look like a cross between Macintosh, Windows and Netscape." (Thanks to Jay R. Ashworth and Ketil Malde).

Linsider ran this column on software testing in the open source world. "Reading about Red Hat's recent troubles with its Piranha release I was struck by a thought: Linux, as a whole, lacks a formalized testing organization. In 20 years of development, having worked for 7 different companies ranging in size from a 5 man startup to the behemoth that is Samsung, this is the first time I've seen software released to the world with no formalized testing applied."

Here's TechWeb's take on Red Hat's Piranha problem. "Chris Rouland, director of X-Force at ISS, Atlanta, said he does not believe the back door was installed with malicious intent, but the vulnerability does reinvigorate the debate between open source and closed source software."

Salon looks at several companies that have been hit by the fall in tech stock prices. "Red Hat's IPO was widely considered a validation of the commercial potential of Linux. But its stock price slide is now hailed as proof that there is no money to be made in the entire Linux sector."

Here's a LinuxPower article which looks at the whole Netpliance iOpener affair and tries to convey an understanding of what the company is up to. "When you see something you believe in succeeding it's natural to get worked up about it. Sometimes this kind of passion can lead to actions that seem wild or irrational to people outside of the group. When Netpliance changed their Terms of Service or poured epoxy on the board, they were reacting to a threat to their vision. Regardless of what we may have thought about these actions we have to put them in the context of a group of people working very hard to achieve some goal and then having that dream threatened."

The Red Herring reports on a talk by IBM VP Irving Wiadawsky-Berger. "Mr. Wiadawsky-Berger's zeal for Linux even spills over into IBM's labs, he notes, where IBM is developing a Linux-based watch with speech recognition."

The "Jet" cluster at NOAA (covered in LWN last month) staged its formal unveiling on April 26. Some local coverage of the event may be found in the Rocky Mountain News, the Boulder Daily Camera, and the Denver Post.

Government Computer News has also posted an article about Jet.

Microsoft Breakup

U.S. News contemplates the effects of a Microsoft breakup on Linux. "Linux, an operating system available free online, has been a runaway success on the Internet, where it runs 30 percent of sites. But even its founder, Linus Torvalds, is disappointed at its puny 4 percent market share on desktop computers, the machines folks use at home and at the office. That's because Linux can't run the most popular software programs used with Windows, especially Microsoft Office, which includes Word and spreadsheet Excel. Without Office, Linux doesn't have a prayer of a chance on the desktop."

Here's a San Francisco Chronicle column arguing that a breakup of Microsoft may not be sufficient. "In other words, it's not obvious that enough users are likely to adopt Linux in the near term to create a market large enough to induce the new Microsoft-descended applications company to develop Office for that platform -- even if the company makes its decisions strictly on the basis of its own economic self-interest, without regard to its former OS colleagues."

News.com looks at the possible effects of a Microsoft breakup. "On the other hand, current makers of Linux office software such as Corel, Applix' VistaSource or Sun Microsystems' StarOffice would face a fierce new competitor already established as the standard. Netscape might not be the standard Linux browser. And Windows Media Player might give RealNetworks' RealPlayer even fiercer competition."

This Reuters article ponders the possible effects of a Microsoft breakup on Linux. "'Linux is on track to beat Microsoft regardless of what the Justice Department does,' said Larry Augustin, chief executive of VA Linux Systems Inc. , a developer of systems and services optimized for Linux in Sunnyvale, Calif. 'I think that separating the company into an applications piece and an operating systems piece though, could significantly accelerate that, particularly since the applications piece of the company would have a strong economic incentive to port Office to Linux,' Augustin said. 'If Microsoft Office ran on Linux immediately we would see Linux with a 10-15 percent share of the desktop operating system market,' he added."

FUD and Counter-FUD

Here's another piece of old-time ZDNet FUD of the type we've not seen for a while. "What amazes me the most is that open source has gained so much momentum without showing any goods. It's a dot-com-all hype and speculation and no fundamentals. It's like an onion in a bushel of apples. Someone might notice that it looks and tastes different, but peel away its layers, and there's nothing there."

Red Hat's Bob Young responded in this article. "John, you are welcome to continue to insist that this open-source movement cannot continue to succeed. Just don't try to claim it isn't succeeding. With partners like Dell, Oracle, IBM, Compaq, SAP, Computer Associates, Netscape, Intel and thousands of others, and the large and rapidly growing market share figures shown above, this thing is big and getting bigger."

Evan Leibovitch compares Richard Stallman and John Taschek (author of the first article) in this ZDNet article. "John Taschek, meet Richard Stallman; two sides of the same coin, attacking the open source movement from opposite sides. Despite the polarity of their otherwise unrelated assaults, their arguments unwittingly combine to prove what a genius Linus Torvalds really is."

More Opinions

Computer Currents seems mystified by the interest in Linux. "Linux, despite becoming very well-known more than two years ago, has become nothing more than an experimental novelty among desktop operating systems, and is rarely used for any server application besides Web service. Its growth may have stagnated while still in the single-digit percentage range. Yet people flock to Linux classes, even though its spread in corporate IS, and the corresponding career opportunities, are only a future possibility."

Here's a ZDNet column, ostensibly about the Piranha vulnerability, that brings back memories of the Good Old Days of ZDNet's Linux coverage. "The appearance of a security issue at a time when users are still asking for more applications is unlikely to bolster the fortunes of Linux stocks, which tumbled faster and farther than general technology issues in April. Quality assurance and security aren't the only issues: Outside of a few suites, there is a lack of widely available office software; consumer versions of the OS are relatively untried; and open source code's open-ended nature - with many developers working on different parts of the system - makes some information technology (IT) managers nervous about its predictability."

Open Software Law - France Liberation has posted this article (in French) about the proposed French open software law. It's a sympathetic piece. For non French-capable readers, the Babelfish translation is relatively readable. (Found in Portalux News).

Thanks to Stefane Fermigier, we have an extensive list of all press coverage of the proposed "open software" law in France (as described in last week's LWN). Check out Stefane's list for more articles - in more languages - than you could ever read...


FirstLinux has posted a series of articles with the theme "I've installed Linux: What Next?" The articles cover topics like email, web surfing, graphics, and more.

If you've never set up a network before, this article from Gianluca Insolvibile is intended to get you started.

This week's Dear Lina column takes a look at at the file command and cable modems.


Slashdot has posted their interview with Richard Stallman. "Warning: The interview below contains mature concepts and strong opinions. It may not be suitable reading for easily-angered readers whose views conflict with Mr. Stallman's."

Olinux.com.br interviews Pradeep Bhanot, the director of Linux marketing at Oracle. "Oracle's primary focus is on Linux as a server OS. Oracle wants to see Linux succeed as an OS as it offers customers openness and superior TCO. There is strong developer and customer demand for Linux. There have been over 200,000 downloads of Oracle products on linux from our developers site at http://www.technet.oracle.com."

Section Editor: Rebecca Sobol

May 4, 2000


 Main page
 Linux in the news
 Back page

See also: last week's Announcements page.


Bruce Perens has announced the "release" of Bruce 2.0, otherwise known as Stanley Charles Perens.


May Linux Gazette available. The May issue of the Linux Gazette is out.

Tutorial on the GNU Privacy Guard.  Kuro5hin has put up a tutorial on the GNU Privacy Guard (GPG). "Congratulations. You now have a pair of keys. One is private, and one is public. Think of them as a birth certificate, library card, and drivers' licence rolled into one."

Book Review: APC Linux Pocketbook  Adam Jenkins, a member of Linux Users of Victoria, has posted a book review of the APC Linux Pocketbook. "This book is aimed at intermediate Windows users who would like to try Linux and want a little guidance, but are prepared to refer to manuals themselves once they're started".

Linux Laptop-HOWTO  The Linux Laptop-HOWTO is a HOWTO covering laptop related Linux features, such as installation methods for laptops (via PCMCIA, without CD drive, etc.), laptop hardware features and configurations for different (network) environments.


UK Events  Thanks to Roger Whittaker at SuSE Linux UK we have this list of UK events:

TheLinuxStore.com and EBIZ Enterprises Offer Free Seminar  TheLinuxStore.com and EBIZ Enterprises Inc. announced a series of free seminars aimed at business executives and Linux enthusiasts. The first will be held Friday, June 9 at The Buttes Resort, 2000 Westcourt Way, Tempe, Arizona.

LinuxFest in Independence, Virginia.  LSNet, a North Carolina based ISP, sent us this announcement about a LinuxFest to be held Saturday, June 24, 2000 in Independence, Virginia.

O'Reilly's Open Source Software Convention.  O'Reilly sent this announcement for this year's Open Source Software Convention, in Monterey, CA July 17-20 2000.

7th International Linux Kongress call for papers. The 7th International Linux Kongress will be held at the University of Erlangen on September 20-22, 2000. The call for papers has gone out; submissions are due by the end of May.

Web sites

User Group News

May 4, 2000



Software Announcements

Package Version Description
AbiWord 0.7.9 Fully featured word processor
About Me 0.23 A system for recording and sharing preferences, questionnaire answers, etc.
AFD 1.1.6 A file distribution system.
AIDE 0.7 Free replacement for Tripwire(tm)
AirTraffic 0.2a An air traffic controller game.
Alien 7.0 Converts between the rpm, dpkg, stampede slp, andslackware tgz file formats
Amaya 3.1 Ttest-bed browser/authoring tool of the W3C
AndyChat 3.00 Alpha Build 0428 A multi-protocol curses-based console chat program.
ANEP Socket 0.5 An ANEP kernel socket implementation.
Apache 2.0a3 High performance, UNIX based HTTP server
Apache Jakarta Regexp 1.0 100% Java Regular Expressions Package
aps 0.15 Text-based network analysis tool which displays many protocol details.
arianne rpg A Role Playing Game project.
Aspell .30.1 Intelligent Spell Checker
Averist 0.2.9 Authentication layer to any web based application
avlmap 0.9.14 An AVL tree-based key:data mapping (associative array) library for C.
AWKhttpd -2.0 inetd-based HTTP server written in AWK.
AxKit 0.54 The Apache XML delivery toolkit.
Axv 0.1 An image (pre)viewer for X11.
BASHISH DR6.1 A modular Bourne-shell theme engine.
bftpd 1.0.3 An inetd-based Linux FTP server.
BINARS 0.4.1 A music sequencer.
binutils Provides programs to assemble and manipulate binary andobject files.
BLADE 0.22.0 Broad Language Aided Document Environment
blade_udmsearchb 0.4.0 A BLADE Udmsearch front end.
Bluetail Web Prioritizer 1.1 A policy-based user prioritizing Web proxy.
BoboMail 0.3 A Web mailer in Python.
boson 0.4 A network real-time strategy game like warcraft, without AI.
Bubbling Load Monitor Applet 0.9.5 Displays system load as a bubbling liquid.
bug-buddy 0.9 graphical bug-reporting utility for GNOME
CAIM 0.01 CAIM - Console based AIM client utilising libfaim and ncurses
Cannon Smash 0.3.7 3D tabletennis game
Castor 0.8.3 Java to XML binding, Java Data Objects (O/R) and DSML.
Castor Submit Spider 0.2 A PHP tool to submit your URL on multiple search engines' spiders.
ccaudio 0.1 A C++ class framework for audio data manipulation.
ccmath 2.1.0 A comprehensive mathematics library in C.
cdrecord 1.8.1 Allows the creation of both audio and data CDs
cfire 0.1 An ipchains based firewall.
checkaliases 2.1 Check sendmail aliases file for errors.
Chemeq 0.94 A filter for chemical expressions.
chessd 0.1-alpha An Open Source Internet chess server.
Chimmy's Yahoo client 0.16 A Yahoo Messenger client for the Linux console.
CHIRP 0.5 Cricket Highly Intelligent Re-configuration Program.
chkwww 0.3 Tool for checking what Web server a site is running.
cmb Cmb 0.4 Creates all possible combinations from a user mask (that includes wildcards).
CodeGuide 2.5 A Java IDE
Colors.cgi 1.02 A tool to assist Web and graphics designers in picking colors.
Common C++ 1.0.0 A portable environment for C++ threads, sockets, etc.
CoreLinux++ 0.4.18 A set of C++ class libraries to support common patterns in software development.
Courier-IMAP 0.32pre1 IMAP server for maildirs
Coyote Linux 1.20pre3 A single-floppy distribution for sharing an Internet connection.
cut-file.pl 1.0 A utility that cuts large files into smaller pieces for easy download or copy.
DAP 2.1.1 An impressive-looking sound editor using xforms.
DBUI 0.3.1 A MYSQL/MSQL graphical database editor.
DejaSearch 1.8.8 DejaSearch is a frontend to DejaNews, the leading Usenet archive
dffingerd 0.2 Secure finger daemon that serves answers out of a database.
Diablo 2.0 Fast and efficient NNTP newsfeeder software
DIRT 0.3a Dynamic Image Rendering Technology.
DNews 5.4c3 Advanced news server software NNTP Software
Doc++ 3.4.3 Powerful Javadoc like C++ documentation creation tool.
E-Notes 0.4 A sticky-notes manager epplet for Enlightenment.
ec64 0.09 A Commodore 64 emulator written in x86 assembly.
ecasound 1.7.7r11 Sound processing, multitrack recording and mixing
Eldritch Dreams 0.2-4.30.00 A console framebuffer RPG.
elm2mutt 1.3 Converts email aliases from Elm to Mutt
ENS 0.1.4 A tiny DNS server suitable for embedded systems.
ESM 1.1 A system monitoring tool.
Everybuddy 0.1.3 Universal Instant Messaging Client
eyePupdate 0.31 A perl update client for eyep.net.
ez-ipupdate 2.4.2 utility for updating the dynamic DNS service offered at http://www.ez-ip.net
fancylogin 0.99.6a A powerful login program.
Fast Webpage Exchanger 2.5.4 A non-interactive FTP client for updating Web pages
Fett Med Mask 1.0 A "nibbles"-style game with music.
FilterProxy 0.19 A filtering proxy server.
Finance::Quote 0.18 Perl module to fetch stock quotes from American, European and Australian markets
fistgen 0.0.1 stackable file system templates and language
form_tools 1.1.2 Generic tools for Web form (PDF/HTML) pre-population and submission.
Free eEMU 2.34 Enterprise Event Management and Monitoring Utility
Freenet 0.2 A distributed decentralised information storage and retrieval system.
FriBidi 0.1.10 A free implementation of the Unicode Bidi algorithm.
FTX 1.0 A text editor for Url Encoded Text.
fulogin 1.2.0 ANSI login frontend
FUTURe 0.68 A Java project/time management scheduling software with autolevelling.
G27 gigs 0.2.1 A PHP Web application for promoting local musicians and bands.
Gabber 0.5 A Jabber instant messaging client for GNOME.
gAcc 0.7.1 A personal accounts manager.
gbrctl 0.0 A GNOME Bridge Configuration utility.
gdbm_primitive 1.10 Shell primitives for working with GDBMs.
Generator 0.15 A Sega Genesis (MegaDrive) emulator.
GeneWeb 3.04 A genealogy program with a Web interface.
Getleft 0.8.3 Tcl/Tk site grabber powered by Curl
getpg / UW-IMAP 0.58 A patch for UW-IMAP to authenticate users against a PostgreSQL database.
getstock 0.1.1 A Perl script to get current stock quotes from yahoo.
GFXIndex 1.0 A program for creating indices of your pictures by making thumbnails and HTMLs.
GLHeretic for Linux 1.1 Port of Heretic to Linux
gmessage+ 0.11 An xmessage clone.
GMP 3.0.1 A free arbitrary-precision math library.
Gnapster 1.3.9 A GNOME Napster client.
GnomeKiss 0.2 A KiSS doll viewer for GNOME desktop.
gnomerar 0.3.3 A GUI frontend to rar.
gnotepad+ 1.2.2 An easy-to-use and feature-rich text editor.
GNU fileutils fileutils 4.0r The GNU file management utilities.
Gnutella Monitor 0.2.0 A console monitor for the Gnutella network .
GOB 0.93.4 Preprocessor for building GTK+ Object
GOGO 2.35 Fast, open source MP3 encoder based on LAME
GotMail 0.5 A Perl script to fetch mail from a HotMail account.
gpg4pine by Marcin Marszalek 4.0 Bash script that allows using PGP under PINE
Grave 0.4 A RaveMP upload/download utility and playlist editor.
grdb 0.1.0 Applies gtk theme colors to Xt/Motif/Tk apps
grepmail 4.31 Searches a normal or gzipped mailbox for a given regularexpression
gruftistats 0.2.2 IRC web stats generating program
GTK Comic 0.1.2 An application for managing your comic book collection.
GTK/Swing 0.1 A GTK-pluggable look and feel for Java.
GtkHx 0.3.3 A GTK+ Hotline client.
gtkmail 1.0.0 gtk-- mail client
GTKstereograph 0.01 A GTK user interface for stereograph 0.19 and above.
GTKWave 1.2.89 Wave viewer for Verilog simulation
guestbook 2.4 A guestbook Perl CGI script.
Guppi 0.34.5 GNOME application for plotting and analyzing data
hagelslag 0.2.1 A Gnutella clone.
help2man 1.021 A program to generate simple manual pages
Hermes 1.3.1 An optimized pixel format conversion library with other tricks
HPE 0.5 A PHP news portal engine.
hsftp 1.6 A lightweight FTP emulator for ssh1.
HtmlHeadLine.sh 1.3 Script that automatically fetches news headlines.
Hu-Go! 1.22 A PC engine emulator.
Hypercosm Player A plugin and player for 3D interactive Web content.
i4lctrl 0.6.2 An isdn4linux monitor and config tool for Webmin.
id3lib 3.7.5 An ID3v1/ID3v2 tagging library.
Image::Size 2.903 Derive dimensions of images in various common formats
ini-lib 0.1 Perl library for storing data in files similar to Windows' .ini format.
interceptty 0.3 A TTY/serial port interceptor/logger.
Invaders 0.3 A Space Invaders game
IP Filter 3.4.1 TCP/IP packet filter
ipac 1.08 Linux IP accounting package
ipchains-firewall 1.7.0 Rules-based ipchains firewall/masquerading script suite
ipmkchains 0.12 A Linux Firewall Chain Manipulation Tool.
IPTraf 2.2.0 An ncurses-based IP LAN monitor
ip_masq_icq 0.56 ICQ masquerading module for Linux
irmctl 0.3.0 Control daemon for non IRDA ir receivers
IU&M 1.0 A web-based interface to upload and manage image files
ivtools 0.8.2 Application frameworks for drawing editors and spatial data servers
Jabber 1.0 RC Instant Messaging Platform
jargonfortunes 0.1.0 Jargon File fortune file and conversion utility.
JBooks 0.1.0 A Java/SQL-based personal finance application.
JConfig 2.0.0 Advanced file, process, and file-type handling for Java.
JReference 0.0.2pre A reference manager for DocBook References.
JSST 2.0b Land survey field data reduction.
Kard 1.0 An educational game for very young children.
Kdict 0.3.1 KDE dictionary program (client for the DICT server).
KDiskCat 0.5.3 The KDE Disk Catalog software.
KDock 0.1.1 An application for KDE that is able to swallow other X-applications.
keymgr 0.1 A cryptographic key administration engine.
kimwitu++ 1.2.3 A term processor, a generic tree tool.
KLines 0.4 A simple logical game.
knapster 0.10 KDE napster client.
KobazScripts 1.8.1 Kobaz eggdrop scripts.
Komba 0.2.4 Samba share browser
Ksetiwatch 0.5.0 SETI@home monitor and work unit manager
KWav2CD 0.2 A CDRDao frontend to create audio CDs from .wav files.
KWEBUTNA 0.0.1 A GNOME-based crontab editor.
Laptop-HOWTO 2.6 How to make the best of Linux features with laptops.
libgaudio 1.3 A game audio library.
libow 0.1 An interface library to Dallas Semiconductor's 1-wire devices.
librhttpr 0.5.7 HTTP request library
libunicode 0.6 A library of unicode string functions and charset converters.
LiMez 0.6a3 A C++ listserver with built-in SMTP.
Linux Intrusion Detection System 0.9.1 Linux Kernel-Based Intrusion Detect System
ListMate 0.93 A Zope based tabular data handler.
LJOS 29042000 Java and database integration.
log4j 0.8.4 Fast and flexible logging tool written in Java.
LoserJabber 0.9 livejournal.com online journal client.
lsb-fhs 2.1-1 test suite for filesystem hierarchy aspects of the Linux Standard Base
LsdlDoom A portable SDL-based version of Doom with network support.
mailshift 1.10 Utility to transfer UNIX mailboxes to a Windows POP3 server
ManyaPad 0.1 A simple GUI text editor for Linux.
Metabase 2000.04.28 A DBMS-independent package to access and manage databases with PHP.
metaSpy console in Perl 0.1 A tool to display 10 searches from Metacrawler on the console.
MFMail 0.3 A command-line multiple file mail in Python.
MIT Scheme 7.5.8 A programming environment for Scheme.
MixMagic 0.1.1 A hard drive sound mixer for GNOME.
Mkisofs 1.12.1 A premaster tool for iso9660 filesystems.
MM 1.1.1 Shared Memory Library
mod_ssl 2.6.4-1.3.12 Apache Interface to OpenSSL
mondo rescue 0.94 Generates bootable rescue CD ISOs.
Moonshine 1.1.2 An application development environment for Linux.
Mork 0.2.3 A stream processing tool.
MOSIX 0.97.3 Single-system-image Clustering Software for Linux
Mount Linux Olympus 0.2 An advanced graphical administration system.
Mozart 0.0.2 Browser-based contact and case/project manager
MP3 Server Box 20000502 MP3 Player that can be controlled over network
mRNA IRCbot 1.0.5 Beta An IRC bot written in Perl with a Tk interface.
MUDix 3.3 Mud client.
MyPHPicradius 1.1 A PHP/MySQL billing and administration package for icradius
nail 9.10 A MIME-capable version of the Berkeley Mail user agent.
nano 0.9.5 Pico editor clone with enhancements.
NanoXML 1.3 A very small XML parser for Java.
NetLED 3.0A Monitor connections using your keyboard LEDs.
NetPBM 9.0 The classic image manipulation/conversion utils
Network UPS Tools 0.43.2 Multiple vendor (APC, Powercom) UPS monitoring software.
nmap 2.52 A full-featured, robust port scanner.
note 1.0.2 commandline note tool
nwrk-matrix 0.8 Simulates The Matrix code.
OpaL Mirror Tool 0.1.5 Web mirror tool
OpenGL Class Library 0.0.1 A C++ library of routines for OpenGL developers.
OpenGUI 2.20 A very wonderfull C/C++ graphics library
OpenH323 1.1beta1 H.323 protocol stack
OpenMerchant 0.9.2 E-commerce Internet application based on Perl.
OpenMerchant-PHP 0.001 A port of OpenMerchant to PHP.
OpenVerse Visual Chat 0.8-3 Free Multiplatform Visual Chat software written in Tcl/TK
Outlook2Ical 0.3 Convert MS Outlook Caledar to Ical (.calendar).
Pan 0.8.0 beta 7 Gnome/GTK Newsreader
parp 0.43 A Perl-based Anti-spam capable Replacement for Procmail.
Parse-Yapp 1.02 Perl OO LALR(1) parser generator, compatible with yacc grammars.
pdnsd 0.9.7 A proxy DNS server with permanent cache for dial-up systems and small networks.
PeepView Peep View 0.1 A GUI usenet binary decoder.
perdition 0.1.5 POP3 Proxy
Perl App Server 2-2000-04-21 Object Oriented Application Server written in Perl
Perl Shell 0.008 Simple interactive Perl shell
Perl webmail 2.2.3 A Perl-based Web-mail script.
PFE 0.29.0 PoPortable implementation of ANS Forth
PHP Color Scheme Demonstration 0.1.1 A simple color scheme system for PHP.
phpAds 1.4.0 Banner management and tracking system written in PHP
phpftp 1.4 A Web-based FTP client.
PHPlist 1.0 A mailing list system implemented in PHP.
phpMyChat 0.10.3 chat system based on PHP and MySQL
phpNewsCenter 0.6.1 A news admin tool.
phpsls 0.1 A small set of scripts that realize a shopping list, powered by MySQL and PHP.
phpSNMP v0.7b A PHP script for calculating SNMP stats online.
phpWebLog 0.2 A weblog/news site framework written in PHP.
pidentd+db patch 2.0 Patch for pidentd to allow for random ident query response.
PilotDis V1.15 A disassembler for Palm binaries.
PIMP 2.5 A Web mail client.
pimpd 0.2 Peter's Ident Masquerading Program Daemon.
pmidi 1.4.1 Command line midi player for ALSA
pngcrush 1.4.4 An optimizer for PNG files that can also insert or delete specified chunks.
podfuk 3.1 tar, gzip, ftp, etc. filesystem for linux
Point 0.0.1 A very simple PIM.
pop-perl5 Configuration GUI 0.1 Configuration GUI for pop-perl5
Postlister 1,01 A feature-rich PHP/MySQL mailing list program.
pppd 2.4.0b2
procstat 1.0 A program that reads/prints resource statistics about a running process.
Prometheus-Library 2.9 Object-oriented PHP API
PTlink ircd 3.8.2 New featured ircd with a great services integration
PySol 4.20 A Python-based Solitaire card game
python-SIP 0.11.1 A tool to generate Python bindings from C++ code.
Qpopper 3.0.1b2 POP3 server
radkill 20000428 BASH script for ISP's that wish to guarantee no busy signals
Report Magic for Analog 1.41 Create tabular reports and graphs from Analog web statistics.
Repository 0.0.1 A package that allows you to create/maintain repository of code templates.
rmm 0.9.8-2 rm improved -- trashbin for bash.
Root-Portal 0.4.4 Background Desktop System Logger
rp-pppoe 1.8 A user-mode PPPoE client.
rpl 1.2.1b1 Multi-file recursive string replacement
Saint 2.0.1 Security Administrator's Integrated Network Tool
sansa:AIFF 1.2 sansa:AIFF is a Java package for reading and writing AIF files
ScanErrLog 0.1 Apache Error_Log parser and presenter.
ScrudgeWare 0.0.2 A GNOME-centric GNU/Linux distribution built from scratch.
SDL_gui 0.9.2 GUI library for SDL
SecPanel Beta 0.2 A visual secure shell interface for UNIX environments
SecureNet PRO 3.0 Network monitoring and intrusion detection platform for Linux.
sendEmail 1.01 A tool for sending SMTP email from a command prompt.
Sendpage 0.9.0 Utility for sending alphanumeric pages using the IXO protocol.
Shadowlands Forum 1.9.4-devel21 Low-resource, robust, friendly telnet chat server with authentication
Siag Office 3.3.4 Free office package for Unix
SICKnotes 0.6e A Web-based inventory, configuration, and knowledge base.
Sing Along Disc Player 3.1.3 CD player with spectrum analyser, oscillator, mixer and remote DB support
Sketch 0.6.6 Vector drawing program, implemented in python
Slice 1.3.5 Extract out pre-defined slices of an ASCII file
slmon 0.2.5 A system performance monitor using the S-Lang library.
SML/NJ 110.28 Compiler, development environment, and libraries for Standard ML
smtm 1.0.3 A flexible Perl/Tk stock ticker and portfolio tool.
SoundTracker 0.5.4 A music tracker for X / GTK+
SpaceWatcher 1.3 Keeps an eye on free disk space and alerts you if there is a problem.
Spread 3.12 Group Communications Toolkit for Reliable Multicast
Spruce 0.6.4 Simple email client coded for X with the Gtk widget set
SQL Relay 0.6 Oracle database connection daemon and API.
SquirrelMail 0.4pre1 A PHP4 Web-based email reader.
squishdot 0.3.4 Zope-based weblog (Slashdot-like forum)
srm 0.8.1 A secure rm(1).
starcat 0.93 A star catalog visualization tool.
StarTalk 0.1 Reads/Writes to a Motorola StarTac PCS/CDMA phone.
stdnet 0.04 A simple C++ framework for multi-threaded I/O management.
Stellar Duel 0.1.1 SVGA space action game.
superd 0.0.3 Turns any program that talks to stdin/out into a high-speed server.
Swallow 1.01 pre A PHP GUI framework and builder.
SWARM 0.20 Simulation of an ARM processor in C++.
Sweep 0.0.7 A sound wave editor.
SyncLICE 0.1 Sets up a connection between Linux and a Windows CE device.
t1utils 1.18 Tools for manipulating PostScript Type 1 fonts
Tacacs+ F4.0.3.alpha-6 Cisco tacacs+ daemon
tcpstat 1.0 Displays network interface statistics.
Teacup PRMS 2.0 A Web-based problem report management system.
teapop 0.23 A POP3-server with thoughts for virtual domains
TEG 0.1.22 Yet another RISK clone.
TeleGNOME 0.0.10 Program to view 'Teletekst'-pages over the Internet
tgif 4.1.30 Vector-based draw tool
ThatPHPware A PHP/MySQL news backend.
The Gimp 1.1.21 The GNU Image Manipulation Program
The GrID 3 0.1.1 A GTK+ frontend to ID3.
Throughput Tester .021 Tool for testing the throughput of your Internet connection.
Thumbie 0.4 Generates Thumbnail-Index HTML-Pages
TiK 0.85 Tcl/Tk version of AOL Instant Messenger
Timekeeper 20000429 radius logfile format analyzer and simple web monitor
TimeTrack 1.0 A project time-tracking utility.
TinyMARE 1.0.7300 TinyMARE (Multi-user Adventure Roleplaying Epic) MUD Server
Tivo Software Source Code 1.2.1 The source code to the Tivo Software.
tnef 0.12 Decodes application/ms-tnef attachments.
TNT 2.2 Emacs Clients for the AOL Instant Messenger service
Toaster 0.8.8 C program testing tool for working with gdb.
Toolbox 0.5.9 a qt-based graphical configuration utility for the blackbox window manager.
tsocks 1.0 Transparent SOCKS proxying library
tt 0.4 A commandline time tracking tool.
TTraffic 0.8 Tcl/Tk version of the game Rush Hour.
Tumbling Dice! 3.0 Tumbling Dice! is a dice game written in JAVA
TWiki 01 May 2000 Web based collaboration tool
twin 0.2.8 A text-mode window manager and terminal emulator.
UDF 0.9.2 UDF filesystem kernel module
UdmSearch 3.0.13 Fast WWW search engine for your site
Ultra Monkey 1.0.0 A complete Open Source server farm solution for Linux.
UniCount 1.3.5 Text or Image SSI counter
Units-Filter 0.96 A tool to check student's answers, correctly handling different units.
Unix Amiga Delitracker Emulator 0.01f Plays old Amiga tunes by emulating Delitracker players with UAE.
unixODBC 1.8.8 Provides ODBC 3 connectivity for Unix
updatedhs 0.1.2 A shell script for updating dynamic hosts on dhs.org.
usbmgr 0.2.1 Load Linux USB kernel modules automatically.
User-mode Linux 0.21-2.3.99-pre6 User-mode port of the Linux kernel
UW Imap Server 4.7c1 Univerity of Washington Imap server
VenomBoard 1.21 Another PHP/MySQL forum implementation.
vgrabbj 0.3.0 A framegrabber for cameras and other video devices.
VICE 1.4 Versatile Commodore Emulator
vidcontrol 0.1 A command line tool for changing video4linux picture settings.
ViperDB 0.9.2 A smaller and faster option to Tripwire
Visual REGEXP 2.1 A Visual representation of regular expressions.
vmail-sql 0.2 Virtual domain email setup using gnu-pop3d, MySQL and Exim.
WAPmail 0.1.4 A WAP-based email client, scheduler, and contact list.
WebCalendar 0.9.9 A multi-user PHP/MySQL-based calendar.
websh 3.0b2 A rapid Web application development environment.
wmisdn 1.5 Window Maker-dockable ISDN monitor.
WMKeyboard 0.4 A keyboard map manager.
wmswallow 0.5 A WindowMaker dock applet that makes any application dockable.
wmtheme 0.6.5 A window manager theme utility.
WorldPrint 1.01 A filter for Netscape to print non-latin1 pages using true type fonts.
WreckedNet IRC Services 1.1.5b Channel, nick, memo, and oper services for IRC Networks
wxPython 2.1.15 Python extension module for wxWindows
X-RAR 0.3 Front-end to 'RAR for Linux'.
XawTV 3.13 A TV viewing application and a few TV utilities.
XDBM 1.0.12 Database Manager designed specifically to hold XML data
Xdialog 1.3.2 An X11 version of cdialog.
XMail 0.41 An SMTP/POP3/popsync/finger server.
XMLtp 1.3 Tiny XML parser
xmms sndfile 1.0pre6 An XMMS input plugin using libsndfile.
XMMS status plugin 0.1 A GNOME Status docklet for XMMS.
xmms-fc 0.4 A Future Composer plugin for XMMS.
Xmp3Burn 1.0 A TCL/Tk program for writing audio CDs from MP3 files.
XPenguins 1.1 Cute little penguins invading your desktop
xpuyopuyo 0.3.8 Tetris-like puzzle game with AI
xscorch 0.1.0 Annihilate enemy tanks using overpowered guns.
yacdbak 0.3 Yet another CD backup tool
Yaunc 0.04 Yet Another Uptimes.Net Client.
yawl 0.2 word gamer's dictionary for Linux
Ybos BBoards Ybos HTML Based Discussion Groups (BBoards) 0.9 Web Based Discussion Groups with administrative support.
Yvites Event Planning Module 0.2 An event planning module.
Zebra 0.86 Route Server and Route Reflector daemon
Zloe 0.3 A graphically rich two-player networked battle game for X.

Our software announcements are provided courtesy of FreshMeat


 Main page
 Linux in the news
 Back page

See also: last week's Back page page.

Linux links of the week

The Linux Game Tome is back, after a long interruption. Have a look for the latest in Linux gaming news.

The Linux for Laptop Computers (or LiLaC) site is maintained by Werner Heuser, author of the Linux Laptop HOWTO. It is a comprehensive source of information on issues with laptop systems, and contains what must be the definitive list of working PCMCIA cards.

Section Editor: Jon Corbet

May 4, 2000



Letters to the editor

Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.
Date: 27 Apr 2000 20:35:24 -0000
From: Eric Smith <eric@brouhaha.com>
To: letters@lwn.net
Subject: Linus on kernel debuggers

Linux Weekly News of 27-Apr-2000 reports:

    Linus has long had a dislike for interactive kernel debuggers. His
    position is that they lead developers to fix symptoms; he would rather
    they stare at the source and come to an understanding of the real problem.

Yeah, user-space GDB is a real drag also.  Too many programmers use
debuggers as a crutch, when it is obvious that simply staring at the
source code is *so* much more likely to result in true enlightenment.

I always hate it when the hardware guys use logic analyzers,
oscilliscopes, and simulators to find bugs in their designs.  Obviously
the correct way to verify or fix hardware designs is to stare at the
Verilog code and schematics until your eyes bleed.

And when my car's engine is making a funny noise, I'm apalled when the
mechanic actually looks under the hood and finds the problem
immediately, rather than spending a few days thinking about what could
cause that sound.  It's hard to believe that using methods like that,
anyone could develop a true understanding of what's going on in there.

Engineers today rely way too much on fancy-shmancy tools to help with
their tasks.  Back in the old days, we only had printf(), and WE LIKED IT.
So what if it took weeks to fix obscure kernel bugs that with better tools
could be found in days; the important thing is the process, not the results.
Just like the "new math".

Of course, good engineers don't use time-saving tools like compilers,
either.  If the program is worth writing, it's worth writing in
assembler.  Or better yet, toggling in binary via the front-panel switches.
(It's not a proper computer unless it has front-panel switches.)

Seriously, though, I don't understand why Linux thinks that debuggers
"lead developers to fix symptoms".  I've used both kernel- and
user-space debuggers to find many hundreds of bugs, and in the vast
majority of cases have been able to fix the underlying problem, not just
symptoms.  It's not at all obvious how having an additional tool and
source of information can make it more difficult or less likely to
develop an understanding of a problem.

From: LucFrench@aol.com
Date: Thu, 27 Apr 2000 05:34:05 EDT
Subject: Re: soft tissue
To: allan@stokes.ca
CC: letters@lwn.net

Allan Stokes wrote:

> It's exactly the same when look at the bone yard of proprietary encryption
> algorithms broken and ignore the "soft tissue" of proprietary encryption
> which hasn't been broken.  Or as most people assume "hasn't been broken
> yet".  Which is exactly what the dinosaur people assumed about the kinds of
> fossil fragments they had not yet found.
> Perhaps someday the mathematics of "provable security" will be invented and
> they will look back at some of the proprietary work done today and discover
> that some of it was actually warm blooded after all.

I think I can make a statement that any professional cryptographer will agree 

If your encryption method (be it an algorithm, the underlying random number 
generator, or the program itself) must be kept secret in order to be secure, 
it is insecure.

The reason most cryptographers dislike proprietary algorithms boils down to 
this. (There are some wrinkles and qualifications to that statement, but not 
many; and there are some other problems, dealing with trust and generic 

I'd also like to point out that "Hasn't been broken yet" is the status of all 
computer based encryption algorithms, both open and closed. It's similar to 
all scientific theories' status of "Hasn't been disproven yet".

As to the possibility of a Unified Security Theory, such a thing is quite 
frankly impossible. It's too complicated to go into in a letters column, but 
boil down to the fact that 'secure' and 'insecure' are qualitative, rather 
then quantitative, terms. Quantifying either requires complete knowledge of 
all possible attacks; and from here we get into circular logic.

BTW, the cold-blooded dinosaur theory came about because all known lizards 
are cold blooded, and dinosaurs were clearly big lizards; therefore, 
dinosaurs were probably cold blooded. The syllogism was flawed only because 
of an unknown assumption (lizards don't have to be cold blooded). You've used 
a flawed syllogism as well, that because Assumption A and Assumption B look 
alike, and Assumption A has been proven false, Assumption B must be false as 

Just as a final note:

> Of course, anyone dumb enough to trust someone who spends too much time
> alone in a dark room deserves what they get.  But that doesn't mean they
> were wrong.  People spend too much time forming opinions about what is
> technically possible (we don't know) and then end up misplacing the emphasis
> which belongs entirely on the social issue of what kind of development
> processes we choose to trust.

Actually, the underlying assumption is closer to "if you are hiding 
something, you may have reason to be hiding something, and since we don't 
know what you're hiding, we are therefore unable to trust you". *THAT* is why 
it's so important that encryption methods be open, and known vulnerabilities 
be listed; else, how can I, Strawman Consumer In Need Of A More Secure 
Computer Then What I Have Now, trust that you, Strawman Encryption Expert 
Trying To Sell Me Something, are being honest?

This is what is driving people to open source for security in the first 
place; if you have the code, implementation flaws are easy to spot (assuming 
the code isn't some kind of hairball), and back doors are hard to put in 
(bogus stories involving fish of a South American persuasion notwithstanding).

Luc "Jude the Secure" French
Date: Thu, 27 Apr 2000 12:46:24 -0500
From: "John J. Adelsberger III" <jja@wallace.lusArs.net>
To: letters@lwn.net
Subject: "Warm blooded security"

In his letter dated April 21, Allan Stokes points out(validly) that
lack of peer review and general understanding does not necessarily
imply insecurity of an encryption algorithm.

He fails to make the point that is crucial when you need a working
system on a deadline in the real world: there is no provable
security today, and at this track, the rules are a little strange:

1) Betting on the underdog does not inrease the payout if you win; all
   winning bets pay the same.
2) The fact that my horse wins does not necessarily imply that yours
   will lose.
3) Despite 1 and 2, there are still underdogs and favorites.

Under those circumstances, betting on an underdog is all loss and no
gain.  Certainly, it would be wrong to disparage researchers into
unknown areas of math, whether crypto or otherwise - but deploying
their research prototypes as production systems is a most brazen
sort of foolishness, and trusting an algorithm that is unknown to
most of the research community over one that has been widely 
examined is even worse.

From: nride@us.ibm.com
To: ghaverla@freenet.edmonton.ab.ca, letters@lwn.net
Date: Thu, 27 Apr 2000 11:55:34 -0600
Subject: Printing in Linux

The UNIX printing model is dreadfully lacking. Certainly you can find out
that you have some printers out there by looking in the printcap file, but
what do you know about those printers? The whole printcap concept was
designed in the days when your printer could handle raw ASCII and not much

If you look at the archetecture of more "Modern" operating systems, there
is a well defined API for printing. A device manufacturer codes a driver to
that API and the applications use that API to render their jobs. Thus, all
applications use the same rendering API, and the same rendering API can
render to PostScript, PCL or whatever other printer language the printer

Contrast this to UNIX where the application has to implement its own
rendering routines or use a third party library. If the user wants to print
to a PCL printer and his application only does PostScript, he's out of luck
or has to use GhostScript. GhostScript effectively becomes the printer
driver for many people and PostScript becomes the rendering API. While this
state of affairs isn't too bad, it's not too good either. If you can cover
PCL and PostScript, I'd guesstimate that you'd be covering about 90 to 95
percent of the printers out there.

As for finding out attributes of the printer (How to use those extra paper
trays, etc) Adobe has a Portable Printer Definition format for PostScript
printers and Microsoft has a Generic Printer Definition format for PCL
printers. You can code a "Driver" outside the application to read these two
formats and add headers to your jobs and you'd be doing pretty well. The
Printer Working Group (www.pwg.org) is working on an XML based printer
definition format, as well. There's room for a lot of cleverness in
building interfaces from files in these formats.

For approaches that involve actually building the correct archetecture, I
know of a couple of projects underway. There is an open API called XPRT
which looks kind of interesting. You send X commands to a server and it
renders a printing language. Xfree86 4.0 seems to have some XPRT support.
The Gnome people seem to also be working on an API which I assume you'd
have to use Gnome to take advantage of. Personally, I'd like to see an open
solution which doesn't lock you in to a particular environment while it
brings UNIX printing up to date.

Bruce Ide      nride@us.ibm.com

IBM PSC Driver Development

To: letters@lwn.net
Subject: Printing is definately below-par
From: Alan Shutko <ats@acm.org>
Date: 27 Apr 2000 10:04:46 -0400

Gordon Haverland stated that printing on Linux is perfectly fine.
Unfortunately, he's missing a lot of fundamental points.

While it is true that you can simply pass stuff off to LPR and
something will come out the printer, there's a lot of other stuff that
printing apps need to know that has never been a consideration of lpr.

First, the current Linux "printing system" gives no information to
apps of the fonts available.  While X can do this, you would need to
install fonts in two places.  X only provides bitmaps, so you can't
pass outlines to the printer unless you write your own font subsystem
and require that fonts be installed there.  (You'd also have to do
this to gain additional metric information that isn't available via

How do you ask lpr what sizes of paper are available, or tell it to
collate and staple output jobs?  You can't.  How do you select the
tray?  You can't.  While some of these problems are fixed in LPRng for
certain printers using certain filtering systems, other problems

Alan Shutko <ats@acm.org> - In a variety of flavors!

From: "Corfield, Richard" <RICHARDCO@POLK.CO.UK>
To: "'letters@lwn.net'" <letters@lwn.net>, 
Subject: Re: Printing and Re: WordPerfect "review"
Date: Thu, 27 Apr 2000 12:53:14 +0100

I'd agree that the existing print system under UNIX is very strong. Its
standardisation on 
PostScript as a printing language should make life a lot easier for software
developers, users and administrators alike. 

	Software developers because they only need write drivers for

	Users because they can always preview output, and manipulate it with
tools such as GS, GV and mpage.

	Administrators because they can redirect output to any printer
knowing that its in a language that the printer driver can understand. They
can also filter it on the way (mpage for example). The job is only
translated from Postscript at the last minute.

My experiences with some other printing systems seem to confirm these
advantages. Its a pain when you can't preview output and its a pain when you
can't print to a printer because you can't find the driver disk to set up
your wordprocessor to be able to create jobs for it. Its also a pain when
one version of the OS has a printer driver with mpage like functions and the
version I work on doesn't so I can't print two sides on one from my desktop.
Under Linux you can apply mpage to any print queue regardless of the type of
printer on the end of it.

The only problem with the system is that the word processor has no knowledge
of what the capabilities of the printer are. This causes me problems at
times because my printer cannot handle small margins and some programs try
to print into them so some edges can be lost. 

What seems to be needed is a way for the word processor to find out what
paper sizes and margins the particular printer supports, whilst keeping the
advantage of a printer agnostic printing language and without bringing in
all of the problems with a certain other system when you do this.
For example I find it annoying when I load a document into a word processor
to find that it has been "Changed" because my word processor has a different
default printer to the original author's.

Perhaps an extension to lpd or lpr or lpstat could allow the word processor
to find things like paper size, margins and perhaps colour capability. Then
the only problem is what happens when you try to print a document on a less
capable printer than that intended by the original author, and you're not
using something like LaTeX where it doesn't really matter too much.

Certainly something that must happen is that this must be solved correctly,
rather than just
copying the solution from somewhere else, warts and all.

 - Richard.

<Standard Disclaimer: All oppinions my own and not those of my employer, or
 anyone else in my office for that matter>

Date: Tue, 2 May 2000 21:10:33 -0400
From: "Jay R. Ashworth" <jra@baylink.com>
To: Tammy_Cavadias@zdcommunity.com
CC: letters@lwn.net
Subject: http://www.zdnet.com/zdnn/stories/comment/0,5859,2555159,00.html

... the Taschek column on Open Source.

Was that op-ed?  If so, it should have been slugged.  If not, it's
shoddy journalism.

[Looks again]  Ok, it's commentary.

Is it ZDnet's intent to reduce readers' opinion of its worth by
running commentaries that are obviously based on factually incorrect
premises and incomplete research?  *I* could write opinion columns too
(and I do, my weblog address is listed below), but that doesn't mean
anyone would read them...

A major fraction of the Internet depends completely on open-source
software, written well before the term was coined. BIND (name
service), sendmail, (mail transport), perl (CGI scripting, among other
things) and Apache (>55% of all publicly accessible webservers) are
just the most visible examples.

If this column wasn't a troll, then I must cast my lot with the people
who'll be ignoring ZDnet completely if it's going to publish writing
of this caliber.

-- jra
Jay R. Ashworth                                                jra@baylink.com
Member of the Technical Staff     
The Suncoast Freenet
Tampa Bay, Florida     http://baylink.pitas.com                +1 888 806 1654

Date: Sun, 30 Apr 2000 04:30:10 -0700
From: Jim Dennis <jimd@starshine.org>
To: Microsoft.atr@usdoj.gov
Subject: Protocols, APIs and File Format Libraries 


 As a long time observer in this industry (having done stints in
 tech support, quality assurance, development, and systems administration)
 and as a writer and industry journalist (having written one book on 
 Systems Administration, a few articles for various magazines, and an
 online technical support column) I'd like to comment on the 
 possible measures that you will take vis a vis the Microsoft case.

 (Duh!  That's what this e-mail address is for, isn't it?)

 Obviously we'd like to arrive at a solution which is remedial,
 punitive, and deterrent.  

 I don't believe that a breakup and ongoing regulation of Microsoft's
 business will achieve these goals.  Unfortunately any ongoing regulation
 of their company is likely to be mired in bureaucracy and hampered as
 it becomes increasing politicized.  It will be interesting to see how
 future administrations will meddle in these affairs.

 The set of measures that I believe would offer the greatest remedy
 to consumers and industry participants while acting as a fitting 
 punishment to Microsoft and possibly even deter future monopolists
 would be to require that Microsoft fully document their protocols
 (networking), APIs (programming interfaces) and file formats.

 These elements of their software are necessary to achieve

 They are also the very elements that Microsoft has obscured and changed
 in order to stifle competition and thwart innovation throughout the 
 rest of the industry.

 Furthermore I'd recommend that the only form of acceptable documentation
 for these software standards would be a set of functional "reference
 implementations" of the necessary utilities and libraries to perform a
 the core operations of each protocol, call each API function, or 
 read, parse and manipulate each file format.  These reference
 implementations would have to be published in true "open source" form and
 subject to a FREE license --- which which specifically allows commercial
 and proprietary derivative works by third parties.  (I would not recommend
 the GPL --- a BSD like license would be more appropriate).

 I'd also recommend that the court should require that these
 implementations be delivered in a timely fashion, that they be in ANSI standard C
 and/or C++ programming languages, that they must compile on non-MS operating
 system platforms (pick three --- Linux, FreeBSD, Solaris, etc) and
 non-Intel (x86) hardware.

 A reference implementation is the only adequate documentation which can
 be accepted in this case --- since any other form is subject to endless
 subjective legal wrangling and interpretation which would necessarily 
 cross the disciplines of computer science and jurisprudence.  

 A reference implementation would also include a compliance suite.  It
 can be unequivocably and objectively judged.  Either it compiles and
 demonstrates interoperation with Microsoft's own software, or it fails and
 Microsoft can be fined, enjoined from releasing new products, etc.

 Of course Microsoft would be required to deliver such a suite for their
 existing operating systems and applications suites.  This would be
 required to be done in a timely fashion.  

 More importantly: The court should hold that Microsoft much continue to
 publish such reference implementations for all future upgrades and
 products. For future upgrades and products it would be reasonable to
 require that these reference implementations be published prior to software
 release and tested immediately.  Micrsoft could then be enjoined from
 distributing new products and new revenue generating upgrades of their
 existing products until their products are judged to be in compliance
 (interoperable) with their own published reference standards.

 I believe that this approach has a number of advantages:

	* Objective criteria
	* Respect of Microsoft's legitimate intellectual property
	* Freedom to innovate
	* Low cost to the Federal Government
	* Little requisite regulatory burden
	* Promotion of both the competing commercial software 
	  industry interests and the open source and free software
	  movements (and other consumer interests).
	* Low public perception of meddling and bureacracy
	* Academic and educational benefits

 Note that this plan does respect Microsoft's rights to its intellectual
 property.  It doesn't require them to publish or provide any access
 to the source code of their current and future products.  These 
 reference implementations can be completely independent or they can be
 functional subsets of Microsoft's code.

 It also allows Microsoft to continue to modify their software
 (operating systems and applications) and to freely "integrate"
 and separate these products for their own business interests.  However,
 it does so in a way that ensures that other companies can make 
 competing products, enhancement utilities, etc.  It also ensures
 that the U.S. Federal Government, international interests, and other
 parties will be able to maintain their document, networking and 
 internal software infrastructures regardless of what Microsoft does
 with their future products and upgrades.  (Indeed with these reference
 standards you significantly reduce the risks associated with use of 
 proprietary software in general).

 Regardless of any breakup, and in addition to any regulatory 
 oversight and punitive fines that you impose on Microsoft I 
 recommend that you do the rest of the country some tangible 
 good by requiring reference standard implementations of all 
 networking protocols, application programming interfaces and 
 file formats that Microsoft uses to "integrate" their clients
 to their servers, and to interface their applications with their
 operating systems, and to sort and interchange their documents
 configuration data, account and management databases, etc.


Jim Dennis                                            
Linuxcare: Linux Corporate Support Team:           
Date: Wed, 03 May 2000 13:09:52 -0400
From: walt smith <waltech@bcpl.net>
To: letters@lwn.net
Subject: several fundamentals

Dear LWN readers,

Distributions are proliferating like mosquitos
in spring.  The basis for being in business and
obtaining funding for doing so has almost always
been that money is to be had from service, and not
sales of the basic (software) box.  I disagree.

However, service appears to be a necessary reason in order
to achieve funding for Linux companies to exist.  The
Microsoft empire is largely based on sales of (software) box's
at a reasonable price.  I believe their prices, historically,
have been reasonable. Many Linux boxes are approaching
the same price basis.  There is the caveat that the
sink and entire kitchen are thrown in with the box.  In other
words, sales of the box are significant and important, and should
be recognized as such. I feel more notice of this is necessary.
I had an interesting experience recently. It should
prove valuable to marketing psychologists. After actually
spending some loot on a Linux box off-the-shelf, I had
a revelation. Like many,  I'd borrowed Linux CD's,
and also downloaded free Linux from the Internet.
When I went to "retailer", I knew I was purchasing "free" software.
Why ?  It wasn't free!  But it was the feeling of getting
something free and paying a little for the tiny manual and
box.  The convenience of the CD !!  ? or was it?
Nope!  It was the feeling that, even free, that the box wasn't a sole
source product. I knew the product would be upgraded "soon",
but so what? it was cheap ($29).  I knew it was free if I
really wanted it to be free!  I knew if I didn't like it, I had a
choice of multiple different packages with the same underlying
function and commonality (/lilo/, /usr/, ext2fs et. al)!!  ..all
free or shelved at competitive prices!  It was a feeling of buying
into a community;  that same feeling non techies have buying
Nikes or Windows.  And I knew it was ALL there - no additional
$$ for a wordprocessor, compiler - Jeeze! I even had multiple
I read on LWN that the new 2.4 kernel isn't due until possibly Autumn.
This is a shame!!  One of the Hallmarks of Linux is the *continuous*
improvement.  Waiting beyond some magical number isn't good for
me psychologically nor a significant part of the Linux community.
I understand the tradeoff  for the stability that many (larger
require.  Perhaps there's too much concern? PLEASE! this is not a swipe
at Alan or Linus!!!  I'm  concerned about the market momentum, and I
have a solution.
One last prediction.  SGI has moved in the right direction to adopt
If they were a company with diversified products, it'd be even better.
I believe neither SGI, nor Sun can continue as they have been: major
are coming.  This might mean the names SGI and Sun disappear, like DEC.


Walt Smith, Baltimore

Eklektix, Inc. Linux powered! Copyright © 2000 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds