[LWN Logo]
[LWN.net]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests


Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

Other LWN stuff:
 Daily Updates
 Calendar
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Archives/search
 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials


Where is the Linux community? Two years ago, now, came the announcements that both Oracle and Infoseek would port their database products to Linux. Such announcements are an hourly event now, so those who weren't into Linux at that time perhaps do not have a feel for what an impact those announcements made. For many, the availability of Oracle was the one indicator that would show that Linux was for real.

In the light of those announcements, LWN (in the July 30, 1998 issue) worried about the future of the Linux community.

So what happens when Linux really explodes, as seems (to some) inevitable? Just how weird is it going to get? Will we look back with nostalgia to 1994, when nobody knew what we were talking about? Will we want our old Linux back? For now this is still our revolution, and we can maybe shape its future. Before long, that may no longer be true.

Two years later, it is perhaps worthwhile to evaluate the situation and see where things stand.

The Linux development community may never have been healthier. Once upon a time, it took years to get an X-enabled version of the emacs editor - one of the prominent free software projects of that era. Now projects like GNOME, KDE, Mozilla, and many, many others can aspire to build systems of far greater size and complexity. The free software development process is strong, and knows it.

But what about the community? Once the Linux development community was at the core of Linux. Now it is probable that a great many Linux users could not name more than one or two people who developed the software they are using. The old Linux community is simply not present for much of the system's user base.

This community may have been pushed to the side, but some time spent on the mailing lists or at events like the Ottawa Linux Symposium (see below) will show quickly that this community is as strong as ever. Its members have, to a great extent, left their university and "day job" positions for jobs with competing Linux companies, but the way they work together has been little changed by all that. The joy of hacking, the emphasis on producing the best code, and the enjoyment of working together all remain. When you're immersed in the development community, it's almost like the good old days - except that far more is going on.

The popularity and commercialization of Linux have raised many fears. Would the developers who built the system take offense at others profiting from their work and leave? Will commercial pressures tear the development community apart? Or maybe the developers will take off looking for the next cool thing, now that Linux is mainstream. All of those things could yet happen, but, thus far, they have not. Things look good for Linux development.

The Ottawa Linux Symposium was a good place to find the Linux development community. With a program dominated by Linux developers, lots [Parliament] of time set aside for people to talk, access to good beer, and no exhibit floor it was truly a hacker's event. Have a look at LWN's OLS coverage for reports and pictures from the event.

The Linux community needs events of this kind. It is this sort of gathering that lets Linux hackers concentrate on the code and each other without distractions. OLS sold out well before the event began; one presumes this means that the conference was successful financially. We're looking forward to the next one.

For a different sort of event, consider the LinuxWorld Conference and Expo, to be held in San Jose on August 14 to 17. It will be much that OLS was not: garish exhibits, rock bands, suits and ties, and lots of exhibit hall swag to haul home. An example of the style of this conference can be found in this press release, which raises the hype level to new highs:

In San Jose, California, a new space race has captured the hearts and minds of geeks and nerds the world over. Would-be exhibitors at the LinuxWorld Conference & Expo are at wits' end trying to stake a claim to even the tiniest square foot of carpeting, with varying degrees of success.

Somehow one must doubt the extent to which the "hearts and minds of geeks and nerds the world over" are really "captured" by the woes of frustrated LinuxWorld exhibitors. But then, it's a strange world. Of course, the PR also puts the first release of Linux in 1994, and claims that the LinuxWorld exhibit floor has sold out for four years in a row - despite the fact that the first one was in March of 1999...

Cheap shots aside, the LinuxWorld conference is also an important event, and LWN's editors not only plan to be there, but will be giving a talk and a tutorial as well. While OLS caters to Linux hackers, LinuxWorld reaches out to Linux users, current and future. It also gives an unparalleled view of the state of the business of Linux. This, too, is the Linux community, in a different form.

Some updates from the DVD front. The 2600 case (wherein 2600 Magazine is being sued by the MPAA in the form of Universal City Studios for having mirrored the DeCSS code) has concluded testimony in New York. Some of the final developments in the trial include:

  • Testimony by 2600 editor Emmanuel Goldstein.

  • Testimony by DeCSS author Jon Johansen. Among other things, he further drove home the point that his activities were oriented toward the development of a Linux DVD player.

  • The appearance of LiViD project leader Matt Pavlovich, who demonstrated a working open source Linux DVD player.

  • Final-day testimony from David Touretzky, who talked about the free speech implications of the DeCSS injunction. His point was that the restriction of source is equivalent to a restriction on speech, and would make it very hard for everybody who works with computers.

The judge responded very well to Mr. Touretzky's testimony, saying things like "I was hoping we were going to hear something like this through the whole trial." and "I think one thing probably has changed with respect to the constitutional analysis, and that is that subject to thinking about it some more, I really find what Professor Touretzky had to say today extremely persuasive and educational about computer code."

Much of the effort in the courtroom seems intended to demonstrate that the intent of those working on the DeCSS software was not to pirate movies. In this way, they hope to get around the provisions in the Digital Millennium Copyright Act against the possession of tools for the circumvention of copy protection mechanisms. DeCSS is, they say, not a circumvention tool; it's simply a way for people to make use of the DVDs they have purchased.

Thus, there are two rights being argued here. One is that of reverse engineering - we have the right to look at things we own and figure out how they work. We even have the right to make other things that work in the same way. The other is that code is speech, that there is no way to distinguish between the two. In the U.S., of course, equating code and speech is important, because protections on speech are (still, so far) relatively strong. If code is speech, then we are in our rights to post it.

If these rights are lost, free software is in deep trouble. The free software development process works well, but that buys little if it is illegal to develop code that does interesting things, or to distribute that code. The DVD case is about fundamental freedom; let us hope that it goes well.

(See also: This Salon article about Goldstein's testimony, this Newsbytes article about Johansen's appearance, and the EFF DVD case archive which contains, among other things, full transcripts of the testimony in the case.)

Inside this week's Linux Weekly News:

  • Security: A Linux Distribution Security Report, Vulnerability reporting assistance is now available, Openhack is over.
  • Kernel: Alan Cox drops 2.4; Making bricks from disks with Linux.
  • Distributions: A brief two-year retrospective, lots of minor news items.
  • Development: Mozilla, Gnome Office, zCommerce.
  • Commerce: Ups and downs at Red Hat; IDC's server OS predictions.
  • Back page: Linux links, this week in Linux history, and letters to the editor.
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:


July 27, 2000

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Security page.


News and Editorials

Linux Distribution Security Report. SecurityPortal's Kurt Seifried released his Linux Distribution Security Report this week. In it, he analyzes security information released from Red Hat, SuSE, TurboLinux and Caldera, including a look at the number of security reports for each release, the time between a vulnerability report and the release of a fix and a brief comparison of the overall efforts of each distribution.

Even though he initially decides to throw Slackware and Debian out of his calculations because of their "ridiculously slow release schedules", he later includes them in his conclusion and commentary -- an unfair treatment that, not unexpectedly, produced a response. Jeffrey Baker pointed out on Slashdot that Slackware releases just as often as Red Hat does. Joey Hess responded for Debian. He also pointed out that Debian's minor releases, which are put out just for the purpose of providing an easy mechanism for installing an already patched system, were not counted. It appears that Patrick Volkerding was correct in inflating the version number for Slackware from 4.0 to 7.0 to prevent the misapprehension that Slackware was any further "behind" other distributions.

Those problems aside, Kurt's analysis is still very useful and interesting. He ends with a detailed checklist of what a distribution ought to do to make it easier for its customers to stay secure. It is an excellent and useful list. Most of the items on it are one's that we'd like to see done for every distribution out there, not just the major distributions that normally issue security advisories. Here are a few of our favorite suggestions, paraphrased:

  • Make a /security/ directory on your website (e.g., http://www.debian.org/security/), so that finding security information is easily done for every distribution.

  • Have security mailing lists and use them. Spotty forwarding of your own advisories to your own security lists encourages people to ignore them.

  • Monitor general Unix vulnerability reports and the updates from other distributions (this has been happening much more in the past year, but was very little done before that). We still put up some vulnerability reports on this page and then wait for updates, only to receive one or two or none for a problem we know affects some or all distributions.

  • If a vulnerability has been reported and your distribution is not affected, send out an advisory to that effect and tell us why. That lets us know that the vulnerability is not being ignored.
He listed many other useful ones, though we might add a couple more that didn't make it onto his list:
  • Issue a separate advisory for each vulnerability, rather than lumping multiple vulnerabilities/fixes into one page or advisory. This makes it easier for the multitude of security news systems (including this one) to compare distributions and determine which have or have not issued updates for a specific problem.

  • Credit the source of the original vulnerability report, whether a specific author or vendor, and provide links to the original reports whenever possible. This is also important to help coordinate and determine exactly what problems are being fixed by a given update as well as to give credit to people who took the time to report the problem initially.
Let us all remember, though, as we analyze and use hindsight to judge what "should" have been done, that behind each of these distributions lies individuals. Check the history of security reporting from any distribution and sometimes they did it well, sometimes poorly. There was usually an untold story behind that history, someone new put in charge of a task no one was doing, who charged ahead and set things right, good people whose talents were recognized and therefore were pulled out of this work into other areas, leaving gaps in process and activity that were quite visible and more.

The management of the various distributions has started to recognize both the PR value and landmines inherent in the security field. Do the job well and you have an excuse to get your name out there constantly, reminding people of your distribution without paying for expensive press releases. Do the job poorly and you'll provide good fodder for a journalist looking for a reason to rant and rave. In the end, their ability to hire good people, treat them well and keep them, will determine the quality of their security services.

ACLU asks for FBI source code. Open source code entered the legal arena from a different avenue this week when the ACLU sent a Freedom of Information Act (FOIA) request to the FBI, asking for details on the "cybersnoop" programs, Carnivore, Omnivore and Etherpeek. The details they requested included the source code to the programs, something the FBI has denied previously on the basis of both security and the rights of the commercial software developers who produced parts of these programs.

To the ACLU's knowledge, the request for program source code is the first of its kind. But Steinhardt said that two federal appeals court rulings that computer code is a form of speech, no different from any other written document, support the ACLU's demand under the the Freedom of Information Act. The Act gives Americans broad rights to obtain written information held by the federal government.

Openhack results. The Openhack contest ended this week when the Openhack database was successfully cracked. The winner? "The crack was performed by none other than Spanish security consultant Lluis Mora, the same person who felled eWEEK Labs' previous security test site."

Three new vulnerabilities in MiniVend were found, along with a vulnerability in a Solaris add-on. Details are not being published until the vendors have an opportunity to provide fixes. The contest ended with a report on the Openhack hardening techniques used to secure their server. Note, though, that it is hardest to protect from simple errors; the latest hack was partially made possible when a simple step in the hardening process was accidentally skipped and a vendor default password was left unchanged. That gives a good example of why vendor software should not be shipped enabled with a default password.

Vulnerability Reporting Assistance. Due to recent record-levels of vulnerability reports, and the erratic quality of some of them, the folks at SecurityFocus are now offering vulnerability reporting assistance. Free of charge, and, they promise, no-strings-attached, they'll offer assistance in preparing advisories, finding vendors to contact prior to posting and more. "This is not a pay service in any way shape or form. It's actually being performed by the staff here outside of our regular work and on a volunteer basis."

An improvement in the quality of advisories and better coordination with vendors should be helpful to everyone who believes in responsible, full disclosure reporting of security problems.

GSA Rethinks FIDNet solution (FCW.com). The government will reissue their RFP for a Federal Intrusion Detection Network (FIDNet), according to this article. The new RFP will be restricted to systems staffed and monitored by the vendor. We certainly hope one or more of our open-source-community security vendors takes a crack at this offering ...

Another brick in the wall (IBM developerWorks). Subtitled "Fighting a losing battle on the front lines of security", this IBM developerWorks article addresses the basic need to build security into a network from the ground up. "It's a given that your network/security administrators are fighting a losing battle. They probably don't have the time, training, or resources to adequately secure your corporate network. I know this, because I spent the last five years being that outside consultant, working on networks like your own. For administrators, the hardest part of all this, usually, is getting management to allot you the time and resources to develop a plan. "

For your amusement. Segfault.org has issued RFC 31337, the initial draft of a new standard. "Unified Backdoor Protocol Specification. This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited."

Mail server filters. Because Linux or *BSD is frequently used for mail servers at sites containing desktop systems running other operating systems that are vulnerable to a variety of e-mail based attacks, it is not uncommon to see a virus alert followed by suggestions for improved mail filters for the mail server to filter out such attacks. The following filters were posted to BugTraq in response to one of the most recent Outlook-based attacks:

Security Reports

Netscape JPEG COM marker processing vulnerability. Netscape 4.73 and earlier and Mozilla M15 and earlier can be, under limited circumstances, used to execute arbitrary assembly code due to the manner in which they process JPEG COM markers. Solar Designer's detailed announcement of this vulnerability provides a wealth of evidence and detailed information. In the meantime, an immediate upgrade to Netscape 4.74 or Mozilla M16 is highly recommended. Distribution updates for Netscape 4.74 are likely to start rolling in very soon.

Red Hat security update to PAM. Red Hat has put out a security update to PAM fixing a problem in that module. If you are running a display manager and XDMCP has been enabled, unprivileged users can fake a console login and shut down the machine.

Multiple gpm vulnerabilities. New problems with gpm have been reported, including the ability for a local user to execute arbitrary commands with elevated group privileges and a local denial-of-service attack. Check BugTraq ID1512 for more details.

This week's updates:

Roxen Webserver. The Roxen webserver is a GPL'd webserver that is shipped with Debian, SuSE, Linux-Mandrake and FreeBSD. On July 21st, a report to BugTraq indicated that Roxen 2.0.46 contained a couple of vulnerabilities that could allow information such as the site administrator's encrypted password to be obtained. Subsequent tests confirmed the problems. An official advisory has also been released, recommending an upgrade to Roxen 2.0.69 (or 1.3.122) to fix these problems.

Cgi-bin/Servlet vulnerabilities.

Updates

Updates to updates were popular this week...the rpc.statd, openldap and inn entries below are included again primarily due to updated advisories from at least one vendor.

NFS/rpc.statd . Check last week's Security Summary for more details.

dhcp. A second set of problems with the ISC dhcp client was reported in last week's Security Summary. New updates to dhcp-3.0b1pl17 (instead of pl12) are now coming out.

inn verifycancels vulnerability. Check the July 13th Security Summary for details. ISC released inn 2.2.3 this week, with an official fix.

wu-ftpd. Check the June 15th Security Summary for more details. wu-ftpd 2.6.1 contains fixes for this problem.

openldap tmplink vulnerability. A tmplink vulnerability was reported in openldap. Check the April 27th LWN Security Summary or Red Hat Bugzilla ID 10714 for more details.

This week's updates:

Previous updates:

Resources

New open source tools released by Razor. Just in time for the Black Hat conference, Bindview's RAZOR team announces the release of two new software tools, VLAD the scanner and Despoof, a spoofed-packet checker. A brief review of the license under which the tools are released reveals a probably-Open-Source license, at least in this editor's opinion.

LinuxSecurity.com weekly newsletter. For those of you who still haven't gotten enough, here is LinuxSecurity.com's weekly security newsletter.

Events

Call for Papers: Computer Security 2000 and International Computer Security Day. The Call For Papers for both Computer Security 2000 and International Computer Security Day (DISC 2000) has been released. Submissions are due by September 22nd, 2000. The two events will be held together from November 26th to December 1st, 2000, in Mexico City, Mexico. Computer Security 2000 is an annual ACM (Association For Computing Machinery) event.

July/August security events.
Date Event Location
July 26-27, 2000. The Black Hat Briefings Las Vegas, Nevada, USA.
July 28-30, 2000. DEF CON VIII Las Vegas, Nevada, USA.
August 14-17, 2000. 9th Usenix Security Symposium Denver, Colorado, USA.
August 14-18, 2000. Ne2000 (Networking 2000) Lunteren, The Netherlands
August 18-20, 2000. Hack Forum 2000 Ukraine
August 20-24, 2000. Crypto 2000 Santa Barbara, California, USA
Aug 22-23, 2000. WebSec 2000 San Francisco, California, USA
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Liz Coolbaugh


July 27, 2000


Secure Linux Projects
Bastille Linux
Immunix
Khaos Linux
Nexus
Secure Linux
Secure Linux (Flask)
Trustix

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara MNU/Linux Advisories LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Yellow Dog Errata

Security Software Archives
munitions
ZedZ.net (formerly replay.com)

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
LinuxLock.org
Linux Security Audit Project
LinuxSecurity.com
OpenSSH
OpenSEC
Security Focus
SecurityPortal

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Kernel page.

Kernel development


The current development kernel release is 2.4.0-test4. The -test5 prepatch is in its fifth revision as of this writing. It contains a great many NLS/codepage updates (improving Chinese support among other things), an update to the direct rendering infrastructure driver, a number of ARM architecture tweaks adding support for new systems, an IA-64 update, some md (RAID) updates, a bttv driver update and reorganization, a new SCM Microsystems USB-ATAPI driver, and a tremendous number of little fixes.

The current stable kernel release is still 2.2.16. No new 2.2.17 prepatches have come out in the last week - Alan was too busy drinking beer in Ottawa.

Alan Cox is pulling out of 2.4 work, at least for now. He apparently just does not have the time to put into it. He made that clear with his posting of the latest 2.4 status page - "Dont mail me updates, find someone else to maintain it."

This is a problem. Alan has been a crucial part of the release process for a long time. Somehow he has managed to keep on top of the vast majority of the issues out there. His ability to track problems and to understand what is really important is perhaps unparalleled. His absence is guaranteed to make it harder to put out a stable 2.4 in a short time period.

Linus has recognized this problem in his call for a new status list maintainer.

In short: it's important. And it's something that Alan did for both 2.0 and 2.2. Nobody can quite live up to "being Alan", but hey, if you don't like long beards you may be just as heppy knowing that.

Thankfully, a candidate has actually been crazy enough to step forward and volunteer for this job - it's Ted Ts'o. Ted is an accomplished kernel hacker, but he also has a balanced and calm approach to issues and commands a good deal of respect. This issue was still developing as this page was written, and it was not yet clear that Ted would end up performing this function. But it looks like a good resolution to the problem.

Turning disks to bricks with Linux. Andre Hedrick is the maintainer of the Linux IDE/ATA subsystem; as such, he works with a piece of code that is critical to the vast majority of Linux users. He also sits on the ATA standards committee, and understands well the ups and downs of how the protocol works.

He recently discovered a significant "down." It seems that there are certain ATA commands that can be sent to a drive which will cause it to destroy itself. Andre posted a thing he called disk-destroyer.c which will use an IDE command to trash the partition table on a disk, thus rendering all data inaccessible. Apparently, however, there are other variants possible which will cause the drive to wipe out its firmware, thus turning it into a true brick.

Now, a Linux system is not normally programmed to do such things. But a malicious user program using the ioctl system call is able to bring about this sort of result. Andre saw this as a serious problem, and responded with a major patch to the IDE subsystem; essentially he put in a protocol verification layer which filters out everything that doesn't look like a proper command.

The response to the patch was largely negative. Quite a few objections were raised, including:

  • Sometime soon, one hopes, the 2.4.0 kernel will be released. Now is not the time to destabilize things with a major rewrite of a crucial kernel subsystem.

  • Since only root can execute the offending code, there is not a security problem here. The disk destruction code can only be run if the system is already compromised - and a root user has many other ways of destroying data. Filtering dangerous commands in the IDE driver does not even really prevent them from being issued. A truly malicious user can load a new driver, or even shove commands out the ports directly from user space.

  • The root account should be able to do anything - including destroy hardware. Putting restrictions on what root can do is a step toward the "dumbing down" of Linux.
That last issue may seem strange - why should even root be able to do stupid things? The best answer to that came from Linus himself as part of his reasoning for not including the patch:

Let's take a hypothetial example (you judge on just _how_ hypothetical it actually is): imagine that you have a drive that can be made to refuse to read certain removable media based on where the drive was purchased. Imagine that this was actually done in firmware, and that there was a way of overriding it. Imagine further that you moved, and you wanted to make the drive read certain removable media in the new location, using undocumented commands..

Should the kernel block those commands because it doesn't know what they do?

Given that the example is in no way hypothetical, this is a point that should be kept in mind.

Andre did not, shall we say, take this rejection well. The exchange was long and heated, and is not worth reproducing here. While it is a stretch to say that a consensus was reached, most people seem to have concluded that the drive manufacturers have erred by implementing destructive commands with no sort of protection (a physical jumper, cryptographic verification or both). Andre has now sent a proposed standard change to address the issue. The problem is now back in the court of the drive manufacturers.

But then, according to Andre's alleged final post on the issue the standards committee is not particularly concerned by the problem. It may take a "disk2brick" virus to get their attention.

A new Linux NFS FAQ is up on nfs.sourceforge.net. It covers a number of issues regarding the current status of Linux NFS. Ironically, it was unavailable for a while due to, well, NFS problems on SourceForge...

Other patches and updates released this week include:

  • Modutils 2.3.13 was released by Keith Owens.

  • The Linux Kernel Source Reference has been announced by Thomas Graichen. It is an interface to a CVS server containing the kernel source, and can be used to look at the code and investigate changes between releases.

  • Bartlomiej Zolnierkiewicz has released IDE-Info 0.0.4.

  • Robert de Vries has posted a new version of his POSIX timer patch.

  • CML2 0.7.4, the new kernel configuration and build system, was released by Eric Raymond.

  • Ulrich Windl has updated his PPSkit (nanosecond timers) patch.

  • Mike Phillips has released a driver for the 3Com 3C359 Token Ring PCI Velocity XL adapter.

  • Claus-Justus Heine, who claimed he was done with FTape patches, has released ftape 4.04. It was quickly followed by ftape 4.04a, which fixes a problem that turned up.

Section Editor: Jonathan Corbet


July 27, 2000

For other kernel news, see:

Other resources:

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Distributions page.

Lists of Distributions
distrowatch
ibiblio
Kernelnotes
Linux.com
LinuxLinks
Woven Goods

Embedded Distributions:
3ilinux
Bifrost

BluePoint Embedded
Compact Linux
Coollinux
DSPLinux
ELinOS
ELKS
Embedded Debian
Embedix
Etlinux
FlightLinux
Hard Hat Linux
Jailbait
Linux/Coldfire
LEM
Midori
NeoLinux
OnCore Systems
PeeWeeLinux
RedBlue Linux
RedIce-Linux
Royal Linux
RTLinux
Tynux
uClinux
White Dwarf Linux

Handhelds/PDAs
Agenda-VR
Familiar (iPAQ)
Intimate (iPAQ)
Linux DA
PocketLinux
PsiLinux

Distributions


Please note that security updates from the various distributions are covered in the security section.

News and Editorials

In retrospect. Exactly two years ago, two new distributions were turned loose. One was "maXimum CDE/OS" put out by Xi Graphics - it integrated the AccelleratedX server and Motif/CDE, was aimed at corporate clients, and was expensive. The other announcement was for a thing called Linux-Mandrake - then a version of Red Hat 5.1 with KDE integrated. Two years later, one of those distributions is doing rather better than the other...

Debian 2.0 was also released. The Debian Project also made a last minute decision to include KDE in the release and worry about the license problems later.

Finally, SuSE 5.3 also was released this week two years ago, as was LinuxPPC release 4.

Caldera OpenLinux

Caldera Ships developer preview version. Caldera Systems, once thought of as being one of the more conservative distributors with regard to new software, has announced the availability of a "2.4 technology developer release preview" distribution. This version includes a 2.4.0-test kernel, a Java beta, a KDE 2.0 snapshot, and so on. Don't use this one on your production systems...

Conectiva

Article on Connectiva Linux 5.0 (in Spanish). Planetalinux has run this article (in Spanish) on Connectiva Linux version 5.0. English text is available via Babelfish. (Thanks to Arnaldo Carvalho de Melo).

Debian

Debian Weekly News. This week's Debian Weekly News reports that Test Cycle 3 is underway. It will end on or around August 9th. Confidence is running high that they'll be able to announce Debian 2.2 at LinuxWorld.

Debian 2.2 will also have a special dedication, to developer Joel 'Espy' Klecker, who died unexpectedly at age 21. "Almost 200 Debian developers have signed the dedication. We'll miss you Joel."

They also report that Progeny, Ian Murdock's Debian-based company, is hiring Debian developers and giving them an opportunity to work on Debian full-time. "A quick look at their staff page turns up some familiar names, including John Goerzen and Branden Robinson. Debian Weekly News has learned that other developers may be joining them soon.."

Kondara MNU/Linux

NetLOCK Technologies partners with Kondara. NetLOCK Technologies has announced a partnership with Digital Factory, the people beyond the Japanese Kondara MNU/Linux distribution. NetLOCK's security software will be integrated into future Kondara releases.

DemoLinux

DemoLinux 2.0 has been announced. For more information, check the DemoLinux home page. This latest version includes, via the magic of data-compression, more than 1GB of applications (on a 650MB CD).

DemoLinux 1.0 was based on Linux-Mandrake. The new version, 2.0, is based on Debian instead. If you try it out, like it and want to install it on your harddriver, they've now made that possible with a

Linux-Mandrake

The folks at Linux-Mandrake are building a database of ISP information to support their automated tools. They are looking for your help; check out submission form to add information about your ISP to their database. Hopefully they'll also freely share that information once collected.

LinuxPPC

The folks at LinuxPPC have been undergoing a bit of network renovation. They've donated the linuxppc.org domain to a non-corporate entity and it is now the new home of the PowerPC Linux project, the native port of Linux to the PowerPC processor. There have been few minor difficulties as a result of the shuffle of IP addresses. If you are having problems with ftp or with installing Linux on the Blue & White G3, check this note from Jason Haas. It may have the information you need to get the problem straightened out.

Max OS

Max OS, a Linux distribution from Alta Terra Ventures Corp, should start shipping within four weeks. Their announcement includes a list of industry partnerships, licensing agreements, and a MaxOS certification program. Alta Terra is a publicly-traded Canadian company.

SuSE

XFree86 support for IBM Netfinity servers enhanced by SuSE. SuSE proudly reported enhanced XFree86 support for the IBM Netfinity server line as the result of the work of SuSE developer Harald Koenig. "'This is just another component of the very successful cooperation between SuSE and IBM', said Dirk Hohndel, CTO of SuSE Linux AG. 'We view full Linux support for all the hardware platforms that IBM has to offer as an important part of our strategy, and IBM has been very active in working with SuSE to achieve this goal. This cooperation spans from driver development for XFree86 to the recently announced version of SuSE Linux for the IBM S/390.'"

ErsterTest: SuSE Linux 6.4 PowerPC Edition (MacUp). MacUp reviews (in German) the PowerPC version of SuSE 6.4. They liked it. English text is available via Babelfish.

TurboLinux

TurboLinux launches Alpha version. TurboLinux has announced the availability of a version of its distribution for the Alpha processor.

TurboLinux's TurboCluster server powers Bikestore.com. TurboLinux has announced that BikeStore.com ("the bicycle portal super-site") is running off a TurboCluster server system.

Yellow Dog

Yellow Dog Linux Gone Home beta release. The beta released of Yellow Dog Linux Gone Home, a version of Yellow Dog Linux specifically for home users, was announced at MacWorld this week. "'Written from the ground up almost entirely in [the programming language] Python, our installer features auto-probing of the keyboard, mouse, CD, and hard drives, and contains a new partitioner. I have been demo'ng on an iBook ... the feedback is already helpful and the enthusiasm is amazing. There is a lot of interest in Linux at this show,' states Charles Stevenson, Software Engineer for Terra Soft Solutions."

Section Editor: Liz Coolbaugh


July 27, 2000

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.


Leading
Caldera OpenLinux
Debian GNU/Linux
Linux-Mandrake
Red Hat
Slackware
SuSE
TurboLinux

Also well-known
ASPLinux
Best Linux
Conectiva Linux
e-smith

Progeny
Rock Linux

Non-technical desktop
easyLinux
Icepack Linux
Independence
LibraNet
Redmond Linux
WinSlack

Education
Boston University
kmLinux
LinuxFromScratch
OpenClassroom
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
BearOps
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
cLIeNUX
Complete Linux
Console Linux
Corel Linux
CRUX
Darkstar Linux
DLite
easyLinux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
FTOSX
FullPliant
Gentoo
Go!Linux
HA Linux
Halloween Linux
HispaFuentes
IceLinux
Ivrix
ix86 Linux
J-LINUX
JBLinux
Jurix
KRUD
KSI-Linux
Lanthan Linux
Laonux
LASER5
Leetnux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
LinuxPPP
Linux Pro Plus
Linux-SIS
LNX System
LoopLinux
LSD
Lute Linux
MageNet
Mastodon
MaxOS
minilinux
MSC.Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
PLD
Project Ballantain
PROSA
Rabid Squirrel
Repairlix
Root Linux
Scrudgeware
Serial Terminal
Sorcerer
spyLinux
Stampede
Stataboware
TechLinux
TimeSys Linux/RT
Tom Linux
Trinux
Turkuaz
Ute-Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WholeLinux
WinLinux 2000
XTeamLinux
ZipSpeak

Country-specific
Argentina
GNU/Linux Ututo
Britain
Definite Linux
Eridani
China
COSIX
Red Flag
France
Linux/MNIS
Italy
LinuxEspresso
Madeinlinux
Vedova
Spain
Linux Esware
Thailand
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
Dualix
Gentus
Giotto
MCC Interim Linux
OS2000
Storm Linux


   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Development page.

Development projects


News and Editorials

Is Mozilla a success or a failure?

In a recent osOpinion piece, some of Mozilla's mistakes were pointed out:

It seems obvious that the Mozilla crew bit off far more than they could chew, but I think a deeper problem is that the development team reached too far. They are trying to re-invent an entire *platform* when all most people want is a good browser that doesn't crash.

On the other hand, another osOpinion piece comes to the defense of Mozilla:

Critics complain that the browser is not in release form yet, but want it to be released now. Let the project run its course, let it become the best browser on the market, then it will be released. When it is done, and not before.

What is the real story? The Mozilla project marked the first time that such a large software product was moved from a closed-source to an open-source model. It is not suprising that a few mistakes and some important lessons were learned in the process.

People are concerned that the Mozilla project is running late on delivering a reliable browser. Other complaints are that the project is producing bloatware, not sleekware. The priorities for an open source development are more geared towards producing something that works over shipping on a deadline. Combining that with a large and complex collection of programs almost guarantees a long development period.

Mozilla is trying to replace other bloated browsers; perhaps that's just asking for the same problems instead of coming up with a better way. There are complaints about the reorganization of Mozilla into components, but that may, in fact, be the one change that causes the project to produce some useful code. If the component tools that make up Mozilla prove to be easily split off into other successful projects, such as the Galeon browser, then one could say that the project has been worthwhile.

Browsers

Mozilla Status Report for July 21. The July 21 Mozilla Status Report is out. Work continues on the repair of numerous bugs.

Mozilla Party Europe. A Mozilla Party Europe is being organized, time and location are to be determined.

Databases

Borland releases InterBase 6.0 source code. Borland has announced its release of the InterBase 6.0 database source code. "InterBase 6.0 has been released under a variant on the Mozilla Public License (MPL) V1.1. Developers using InterBase under this license can modify the code or develop applications without being required to open source them. The open source license applies to all platforms."

Embedded Linux

RTAI 24.1.0 adds PPC and 2.4 kernel support (Linux Devices). The Real Time Application Interface (RTAI) development team has announced a new beta release of RTAI. Version 24.1.0 of the RTAI development platform has support for the Linux kernel version 2.4 and adds Power PC support. RTAI is licensed under the LGPL.

Looking at Microwindows (All Linux Devices). Michael Hall of All Linux Devices has written this article on the Microwindows window system and the FreePad wireless web pad. "If you're curious about the building blocks of an embedded Linux device, or just want a peek at how one works underneath the friendly interface, Microwindows is as good a place to start as any."

Interoperability

Wine Weekly News for July 24, 2000. This week's Wine Weekly News is out. The Winsock implementation, CD-ROM label information, link files, and registry implementation are discussed.

Introduction to Samba, Part 3 (IBM). Daniel Robbins has written the third article of the series on an introduction to Samba. This article wraps up the series by discussing the configuration of Samba for sharing directories and printers. For those who haven't seen them, here are the first and second articles in the series.

Network Management

OpenNMS Update Vol 1 Issue 18. The latest OpenNMS Update has been published. News includes a new web site, a recap of the O'Reilly Open Source Conference, JSDT, the Event Subsystem, and capsd.

Office Applications

AbiWord Weekly News (Jul 20). This week's AbiWord Weekly News is now available. Smart quote support won the patch award this week, but the addition of automatic backup on crashes under Unix may win more fans ...

GNOME Office, how far along are we? (Linux Orbit). Linux Orbit's John Gowin compares the Gnome Office tools to Microsoft's desktop applications in this article. "To compare Microsoft Word to Abiword is a little like comparing David to Goliath in a pre-fight analysis. Sure, you have to pick Goliath, he's just so big. Which really is a good analogy. Word has become a monster on the the Windows platform. The proverbial 400 lb gorilla. But like some people, I'm not always fond of the "bigger is better" philosophy."

Eazel does it (Salon.com). Salon.com's Andrew Leonard has reviewed Eazel's Nautilus file manager. "Nautilus, which runs on top of the GNOME GUI and eventually will be part of the default Red Hat Linux distribution, is the first piece of software I've seen that has a credible chance of luring in the masses of computer users who might be interested in Linux but don't have the time to hack text files from a command line any time they want to get some serious work done."

July LyX development news. The LyX Development News for July is out. It covers the beginning of the GTK-- port, and many other topics.

Gphoto's Scott Fritzinger (Linux.com). Linux.com has interviewed Scott Fritzinger, founder of the gPhoto digital camera download software project. The interview touches on Gphoto development, USB ports, and reverse engineering digital camera serial data streams.

On the Desktop

Gnome summary for May 30 - July 21, 2000. The latest Gnome summary is out after a long absence; news includes: StarOffice joining Gnome, an Evolution preview release, and an Inti preview release.

KDE News. The latest news for KDE includes support for GTK themes, and a feature freeze for the upcoming KDE 1.9.2 release. There is also a pre-2.0 KDE progress report. It gives a good overview of where things stand, and has a lot of nice pictures showing the slick things that will be available in the 2.0 release. Worth a look.

Science

Medical Projects at O'Reilly Open Source Convention (Linux Med News). Linux Med News has published this feature article on the medical projects that were discussed at the recent O'Reilly Open Source convention. Clinic related database software and security of patient data are discussed.

Web-site Development

zCommerce first public release. The first public release of zCommerce - a shopping cart and order processing engine for Zope, has been announced.

Border Aware Images 0.4 released for Zope 2.2.0. A new version of the Zope add-on known as "Border Aware Images" is now available. This replaces the Zope built-in-image object.

Section Editor: Forrest Cook


July 27, 2000


Project Links
Gnome
High Availability
ht://Dig
KDE
MagicPoint
Midgard
Mozilla
YAMS
Wine
Worldforge
Zope

More Information
AppWatch
Freshmeat
LinuxDev

   

 

Development tools


C/C++

Red Hat GPLs Source-Navigator IDE (Linux Devices). Red Hat, Inc announced the the release of Source Navigator under the GPL license. "Source-Navigator, along with Insight, the graphical debugger based on gdb, and gcc, the Open Source compiler, forms a fully functional graphical integrated development environment that is used by developers to edit their source code and compile, link, and debug their applications."

Perl

White Camel 2000 Recipients. The Perl mongers White Camel Awards were announced at the recent Perl conference. Congratulations go to Chris Nandor (Perl advocacy), Elaine Ashton (user groups) , and Nat Torkington (community).

yapc::Europe registration. There will be a Yet Another Perl Conference::Europe happening from September 22 through 24, 2000 at the Institute for Contemporary Arts in London, England. Registration is now open.

Python

Python-dev newsletter. Here is the first Python-dev newsletter by Andrew Kuchling. Python-dev is a hacker-oriented, detailed summary of Python development activity; if all goes well, Andrew will start writing them every two weeks.

Python-URL for July 16. Here is Dr. Dobb's Python-URL for July 26; as always, check it out for the latest in python development news.

Pikipiki cooperative web authorizing system. Pikipiki is a cooperative web authoring tool that is written in Python. Pikipiki is licensed under the GPL license.

Essential Resources for the Python Professional(InformIT). Inform IT's Boudewijn Rempt has written an article on Essential Resources for the Python Professional. The article includes an extensive list of links to all things Python related and gives an overview of the langage. Python hackers should find lots of useful pointers here. Note that the previous/next page buttons in this article are somewhat finicky, but they can be made to work.

Python Enhancement Proposals. The first set of Python PEP's are out, this is a new system that formalizes the process of development on the Python language.

Section Editor: Forrest Cook

 
Language Links
Erlang
Guile
Haskell
Blackdown.org
IBM Java Zone
Perl News
PHP
Daily Python-URL
Python.org
JPython
Smalltalk
   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Commerce page.

Linux and Business


IDC predictions on server operating systems. IDC has issued this press release with its latest pronouncements on the server OS market. Shipments are expected to increase, but revenues will not follow suit. " Linux revenues will also grow faster than the rest of the market, increasing at a CAGR of over 23%. However, even with this high growth, Linux server operating environment revenues will barely exceed $85 million in 2004, and total Linux server shipments will remain second to Microsoft's Windows Server product family."

Ups and downs for Red Hat. Red Hat has put out a press release proclaiming the results of two recent surveys. The latest Netcraft web server survey shows that 72% of the Linux servers out there are running Red Hat, and a Sky Events survey of "Chinese IT professionals" shows that 56% of them call Red Hat the best distribution out there.

Also this week: Red Hat has released the source code for its Source-Navigator integrated development environment. "In addition to being a powerful tool used by developers to compile, edit and debug source code for their applications, Source-Navigator has many browsing capabilities that enable developers to do things like display class hierarchies and cross-reference relationships."

Red Hat might be riding a bit higher on all that news if it weren't for a couple of other things that have come along. For starters, Novell plans to sell 100,000 shares of Red Hat stock. The shares have an estimated value of $2.4 million. Every such sale can be expected to make another little dent in Red Hat's stock price.

The harder news, though, is the resignation of the company's chief financial officer, Harold Covert. Mr. Covert is moving on to a new job as CFO at SGI after less than five months in this position at Red Hat (his appointment as CFO was announced on March 6). It hasn't been all that long since the company lost its chief marketing officer; getting the high-level people to stick around is proving hard for Red Hat. (See also: Red Hat's announcement of Mr. Covert's resignation).

Go.com Open Sources web development tools. Go.com has released several of their development tools under an Open Source license, similar to the Apache license. Some reports (including Slashdot) have implied that the Go.com search engine has been Open Sourced. This is not correct. The tools now available include the Tea template language, TeaServlet template engine, Kettle IDE and the Trove library (which has been Open Source for a while).

The tools are Java-oriented and some, like the Kettle IDE, currently run only under Windows. This announcement is likely to primarily be of interest to web developers on very large sites who are dealing with the issue of getting up timely content while dealing with a large pool of technical and non-technical staff. One person on Slashdot commented that the documentation alone was worthwhile, because of the information and suggestions it provides for such large sites.

Why Open Source? These tools are part of a larger commercial package, so Open Sourcing the entry-level tools can bring in potential commercial customers. The technology is over three years old, so the benefit of holding onto it is minimal. Of course, the desire to pick up some extra, low-cost publicity ...

InterBase source now available. Inprise/Borland has announced that the source for InterBase 6.0 is now, finally, available for download. The code is covered under "a variant of the MPL." Head over to the InterBase web site to grab your copy.

European Commission call for proposals. This page on Bernard Lang's site describes a call for proposals from the European Commission's Information Society Technologies program; it is looking to fund projects in the area of "distributed development of software and systems." The IST program is already known to be friendly to free software, and the topic obviously fits well with free software development methods. It may be a good opportunity for funding for some enterprising European free software businesses.

The page also describes another call that will go out in September addressing the initiation of free software projects.

Big Blue Signs Billion Dollar Deal With German Firm. IBM has struck a deal with the German technology group Metall Gesellschaft (mg) Technologies. IBM will service the internetworking needs of MG Technologies across Europe. The European program involves IBM opening seven Linux development centers in Europe, as well as working with many third-party Linux companies to establish the firm as a major Linux vendor. IBM said it has employed the services of around 600 specialized Linux experts to assist it in the task. Also see this related article from cnet News.com.

ELC welcomes EMBLIX initiative. The Embedded Linux Consortium has issued an official welcome to EMBLIX, the new Japanese consortium for embedded Linux vendors. "EMBLIX's 24 members at launch and the ELC's 91 members send a powerful message to the global embedded computing community, demonstrating the unquestionable momentum and the long-term viability of the Linux operating system for embedded applications."

Also hinted in the welcome was the ELC's preference that EMBLIX actually become part of the ELC; meanwhile, they recognized EMBLIX as their "sister organization" and EMBLIX promised "cooperation" with the ELC. (Check the Distributions Page for the EMBLIX announcement).

Zero Knowledge releases Freedom source. Zero Knowledge Systems has announced the release of the source for its "Freedom" kernel interface. This interface allows for the interception of data flowing into or out of a system, thus allowing the application of encryption or other privacy-enhancing techniques.

Collab.Net sets up jobs site for the Oracle Technology Network. Collab.Net is moving away from just handling software development activies; it has now announced that it is adding a jobs section to the Oracle Technology Network. The source isn't entirely absent, though - there will also be an "examples" area for Oracle-based systems.

O'Reilly Convention Surmounts Expectations (O'Reilly). Carmel Noah from O'Reilly has sent this summary of the just-finished O'Reilly Open Source Convention and Perl Conference. ""What was unique about this conference is that we bring together a wide spectrum of those in the open source community, and as a result unexpected, fortuitous opportunities for new developments seem to happen." It was all about "people meeting, disputing, poring over problems together," noted CEO Tim O'Reilly."

'Building Linux Clusters' from O'Reilly. O'Reilly and Associates has announced the publication of Building Linux Clusters by David HM Spector.

Flatland announces the open source release of 3DML. Flatland has announced the release of its "3DML" 3D web publishing platform under the "Flatland Public License," a variant of the Mozilla license.

Axis Communications releases embedded Linux developer board. Axis Communications has announced the release of the "Axis Developer Board." This board contains the Axis ETRAX 100 processor and an embedded version of Linux.

Press Releases:

Open Source Products.
Unless specified, license is unverified.

  • Inprise/Borland (Scotts Valley, CA): InterBase 6.0 source available for download.

  • SuSE (Oakland, CA): partnership with Lutris to include Enhydra in 7.0 release.

Commercial Products for Linux.

  • Alias/WaveFront (Toronto, ON): will port the Maya 3D software product line to Linux. (Alias/WaveFront is owned by SGI).

  • Documentum (Pleasanton, CA): Linux support in Site Delivery Services.

  • Engineering Animation, Inc. (Ames, IA): availability of WorldToolKit for Linux.

  • Hewlett-Packard Company (New Orleans, LA): Linux support for HP VISUALIZE fx5 and fx10 graphics accellerators.

  • Integratus, Inc. (San Jose, CA): Ultra High Availability extension for EMC.

  • Macromedia (New York, NY): Macromedia Flash 5 player.

  • SigmaTel Inc. (Austin TX): release of "Red Hat certifiable" Linux host audio driver.

  • Softimage Co (Montreal): availability of "Toonz 4.4" animation software for Linux.

  • Virtio Corp. (Campbell, CA): virtual prototyping platform. "The speed of the Virtio solution was such that the development team was able to boot embedded Linux in less than three minutes."

  • WAVO Corporation (Phoenix, AZ): MediaXpress Website content delivery service will support Linux and Solaris.

  • Xcel Management, Inc (Tacoma, WA), availability of the "InterLynQ" internet appliance server for Linux.

Products Using Linux.

Products with Linux Versions.

Training.

  • Saba (Redwood Shores, CA), licensed Saba Learning to Red Hat for its global education services.

Partnerships.

Investments and Acquisitions.

  • First Security Van Kasper (San Francisco, CA): initiating coverage of Caldera Systems with "hold" rating.

  • Pick systems (Irvine, CA): acquisition of Just Educational Services.

  • WR Hambrecht: Red Hat downgraded to "market neutral" after resignation of CFO.

Financial Results.

  • Computer Associates (Islandia, NY): first quarter results. A "difficult quarter."

  • eSoft, Inc. (Broomfield, CO): second quarter results.

  • IDG Books Worldwide, Inc. (Foster City, CA): third quarter results. Revenues up 33%.

  • Inprise/Borland (Scotts Valley, CA): second quarter results. Also this one on its annual meeting.

  • PCTEL Inc. (Milpitas, CA): second quarter results. "...another quarter of record revenues and net income..."

  • Perle Systems (Toronto, ON): fourth quarter results. An "inflection point" for the company.

  • Rave Computer Association, Inc. (Sterling Heights, MI): second quarter results. "...record increase in sales revenue..."

  • sangoma.com Inc (Toronto, ON): fourth quarter results.

  • SCO (Santa Cruz, CA): third quarter results. "We are disappointed that revenues in our channel continue to be depressed from our pre-Y2K levels. Additionally, a number of large customer deals did not close as expected and were delayed past the end of the quarter."

  • SGI (Mountain View, CA): fourth quarter results. Revenues down 36% from previous year.

  • Splash Technology (Sunnyvale, CA): second quarter results. They brought in $22.4 million, earning $0.14 per share. Splash sells Linux-based printer servers.

Personnel.

  • Extended Systems (Boise, ID): addition of John Katsaros to board.

  • IBM (Armonk, NY): Samuel J. Palmisano named as president and COO; John M. Thompson as vice chairman.

  • Moonlight Systems Inc. (San Francisco, CA): appointment of Eric Winner as VP of engineering.

  • Sendmail, Inc. (Emeryville, CA): appointment of David Anderson as president and CEO.

  • TimeSys Corp. (Pittsburgh, PA): appointment of William Grab as VP of finance.

Other.

Section Editor: Rebecca Sobol.


July 27, 2000

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Linux in the news page.

Linux in the News


Recommended Reading.

Here's a one-year retrospective on Linux IPOs in Upside. "Add the numbers together, and you quickly get the sense that last year's IPO frenzy, while disappointing from an investment perspective, has served its ultimate purpose. By giving early front-runners a chance to separate themselves from the rest of the pack, the stock market has effectively narrowed the future commercial Linux market down to four main runners..."

Coverage on the DVD/DeCSS trial continues, with this Newsbytes report that is following the current arguments. "Stevenson, who was a subscriber to a mailing list supporting the development of the LiViD open-source DVD player for Linux, said he was interested in finding out if there was a way to access the encrypted movies without already knowing one of the player "keys" used by licensed DVD technology to unlock CSS. ... He said the CSS security wasn't hard to figure out. 'It took me three days, and I expect that a person more capable than I am would possibly be able to do it in a shorter amount of time'".

Companies.

Upside reports on the departure of Hal Covert, Red Hat's chief financial officer. "This is the second major executive departure in four months for the open source software company that champions the Linux operating system."

Evan Leibovitch comments on the StarOffice source release in this ZDNet column. "In all -- again -- it appears we shall have some interesting times ahead. It's still a bit of a shock to see Sun boldly quote on its web site, 'If you love something, set it free...' (I wonder how much Sun loves Java anymore?)"

This brief ZDNet article looks at startup Moonlight Systems. "One product set will upgrade software on large Linux server farms and will support Linux, Solaris and Windows NT. The other product set will offer back-end software. The first offering is hostable e-mail that will compete against open-source offerings like Sendmail. Moonlight will follow an open-source development model where possible, using an open-source code base to develop applications and encouraging customers and partners to contribute to Moonlight's code."

Salon looks at Eazel and its "Nautilus" system. "Nautilus, which runs on top of the GNOME GUI and eventually will be part of the default Red Hat Linux distribution, is the first piece of software I've seen that has a credible chance of luring in the masses of computer users who might be interested in Linux but don't have the time to hack text files from a command line any time they want to get some serious work done."

The Red Herring has posted this article about Eazel. "As Eazel's story unfolds, its future as an independent business is open to speculation. So far, Eazel has garnered a healthy amount of attention based on the merits of its existence and its founding employees. Andy Hertzfeld and Bud Tribble, included among the founding employees, are known for their work on the original Macintosh interface. Even with its technical prowess, Eazel's changes might work better as part of a larger firm."

Intel has introduced its Dot.station web appliance , which runs the Linux operating system. The device includes a built-in telephone and will allow users to surf the web and access email. The new device will most likely be offered by ISPs as part of an overall service package.

Upside reports on the StarOffice code release. "However, whether or not the new StarOffice license is the first sign of a companywide policy of software glasnost remains to be seen."

Business.

ZDNet looks at the history of Unix, with an eye towards Caldera's rumored acquisition of SCO. "Linux, thanks to its broad open-source underpinnings, has overcome the interoperability troubles that bedeviled SCO Unix and its competitors. And, more than just that, it showed that an open-source, open-standard approach was much more successful than the proprietary ones of the older Unix vendors. So it is that Caldera, a newish Linux firm, is now taking over SCO's far older Unix business."

Here's a News.com article about the latest IDC report. "In fact, shipments of server operating systems will grow at a compound annual rate of 17 percent from 1999 to 2004, IDC said. However, revenue growth will increase at an anemic 1 percent during the same time period. That discrepancy is explained by the ascendance of low-cost Linux, according to IDC."

Forbes asks where the money is in the business of Linux. "It's a strange paradox. Shipments of the Linux operating system have already surpassed Novell's venerable NetWare. And at a projected growth rate of 17%, Linux will outpace all other server operating systems through 2004. But revenue growth will be barely noticeable at only 1%, compounded annually."

Here's The Register's take on the latest IDC server numbers. "But again, you could see the dynamics of this changing - .NET is essentially the future of the Internet translated into Microsoftspeak. If Microsoft hadn't invented it (which it didn't) it would still happen anyway. You can expect rival services based on Linux and Unix servers to compete here, and given that the services will be Web-based, where Linux and Unix are the servers of choice, you can see Microsoft having a tough time of it, and again coming under price pressure." (Thanks to James Cownie).

Open Game Source takes a look at Battalion, a source-available (but somewhat restricted) game. Battalion dates back to 1995 and has some crufty code to support the SGI workstations of that era. Dennis Payne takes the opportunity to use Battalion as an example of how to recode the sound system for a game using the Open Source SDL library. "Coding the SDL implementation was relatively simple and straight forward. I mainly copied the Linux SoundIt implementation and modified the functions to use the SDL_mixer equivalent." He has, of course, made his patch for the game available.

This week's edition of LinuxDevices's Embedded Linux Newsletter is now available. Check it out for a round-up of this week's Embedded Linux news.

Resources.

Here's an osOpinion piece pointing out Mozilla's mistakes. "It seems obvious that the Mozilla crew bit off far more than they could chew, but I think a deeper problem is that the development team reached too far. They are trying to re-invent an entire *platform* when all most people want is a good browser that doesn't crash."

This osOpinion piece comes to the defense of Mozilla. "Critics complain that the browser is not in release form yet, but want it to be released now. Let the project run its course, let it become the best browser on the market, then it will be released. When it is done, and not before."

Linux Orbit's John Gowin has published a feature article on GNOME Office. "Like many (or few, depending on who you ask) I believe that Linux can compete in the desktop computing marketplace. To see how far the Linux community has come in this space over the past 12 months is truly remarkable. As both GNOME and KDE move toward their version 2 releases, the importance of an office-like suite of applications can't be over emphasized."

Linux Devices is running an Ongoing Poll that asks "What do you value most about open source?" "The picture is now starting to come into focus -- and the results are surprisingly different from what many have probably assumed."

Interviews.

News.com talks with SuSE CTO Dirk Hohndel. "We (were) profitable in 1998. We started very aggressive growth in late 1998. Aggressive growth obviously means that your revenues are somewhat behind your growth on your cost side. We currently are not profitable, but we are optimistic to become so again. Our revenue was $23 million euros ($21.4 million) in 1999."

Finally.

Here's a Wired News article about the EuroLinux Alliance and its fight against software patents in Europe. "Jürgen Siepman, attorney and legal adviser of Linux-Verband, a German association that represents numerous Linux companies, is accusing the European Patent Office of inventing its own rules in order to grant more software-related patents. Siepman points out that more than 75 percent of the approved patents were filed by non-European companies." (Thanks to Cesar A. K. Grossmann).

CNN has run this IDG article about the O'Reilly open source convention. "The O'Reilly Open Source Software Convention here has become the meeting place between the informality of geek culture and the buttoned-down business world. For example, at last week's event, information technology vendors and user companies came to learn how to develop open-source projects without incurring the ire of the community. At the same time, open-source guru Eric Raymond explained how to talk about the free source-code market to business executives."

Upside reports on the O'Reilly Open Source convention. "If the bloom is off the open source rose, somebody forgot to tell the attendees at the O'Reilly Open Source Convention in Monterey this week. With no Red Hat (RHAT) IPO to elevate the media buzz and no bandwagon-jumping venture capitalists looking to be parted from their money, this year's conference still managed to outdraw last year's event."

AboutLinux.com, which may have run more reviews than any other site, has put up this article on how there has been no pressure to write only good things about the distributions it reviews. "If I encounter a problem during one of my reviews you can be sure I will report it - but don't be surprised if I mention liking or disliking certain features or utilities! Don't be surprised if I don't find some problems you may have run into - you have to remember that I probably have a different hardware setup, and may not have tried to use the program you have a problem with. I can only report on problems I experience."

CNN.com's Joe Barr looks at various game programs under Linux. "This week's column is all about having fun with your Linux desktop. I promise nothing more serious than tips on finding and installing fun new games. The only bad news is that my quest for fun turned up a few potential time sinks you might want to avoid, at least if you're the productive type."

Section Editor: Rebecca Sobol


July 27, 2000

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Announcements page.

Announcements


Resources

Fighting Font Frustration. Steve Coile finally got fed up with font problems using Netscape and other tools on his Red Hat Linux System. "If you use Netscape for Red Hat Linux to visit as many Web sites as I do in a day, you've probably found yourself frequently frustrated with how Netscape renders many of them. In some cases, sites are almost unusable because of the horrible appearance and size of fonts. Well, I delved into the matter last weekend and managed to find solutions to most of these problems."

Here is the extremely valuable result of his efforts. Most of the information in his three-part article is fairly portable between distributions.

Dual Booting (DukeOfURL). There is a tutorial on setting up dual-boot systems on the DukeOfURL site. "When dealing with Windows, there's always one thing that must be followed. Install Windows first."

Events

Registration open for yapc::Europe. Registration has opened for yapc::Europe, a "Yet Another Perl Conference" being held in London on September 22 to 24, 2000. The call for participation is also still out there, with abstracts being due on August 11.

The Linux Business Solutions Demo Day Event. The Cerritos Linux Users Group (CLUG) has announced the Linux Business Solutions Demo Day Event, to be held Sunday, August 27th, 2000, in Los Alamitos, CA, USA. "Following up on our successful Linux Demo Day I, Cerritos LUG will be holding a Linux Business Solutions Demo Day for Professional Services to include real estate professionals, attorneys, dentists, doctors, accountants, small to medium sized companies interested in harnessing the power of Linux and learning what the Linux buzz is all about!"

Major Events, July/August.
Date Event Location
July 30-August 6, . Linux Beer Hike 2000 Coniston, Lake District, UK.
August 14-17, 2000. LinuxWorld San Jose, CA, USA.
August 14-17, 2000. Usenix Security Symposium Denver, CO, USA.
Additional events, including local LUG events, can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net (plain text only, please).

Web sites

Kuro5hin off the net. The news site Kuro5hin, which had been attracting an increasing number of readers with its user-selected news stream, has been forced off the net by a sustained series of denial of service attacks. Kuro5hin was an interesting place, LWN is sad to see it go. We encourage Rusty and the others to make another shot at it, and not let this sort of vandalism succeed. You are missed. (Thanks to Lenz Grimmer).


July 27, 2000

   

 

Software Announcements


Package Version Description
0verkill 0.1 A bloody action 2D deathmatch game in ASCII art.
3DSE patch for XMMS 8 3DSE support for XMMS.
a2ps 4.13 Any to PostScript filter
About Me A system for recording and sharing preferences, questionnaire answers, etc.
advanced-gtkfilesel An improved file selector widget for GTK+.
aewm 0.9.13 A minimalistic window manager for X
AFT 5.05b A simple documentation markup language for HTML/LaTeX/etc.
Aglaophone 072400 System for real-time audio processing and analysis
Alzabo Perl data modelling tool and RDBMS-OO mapper.
Angband 2.9.1 A rogue-like roleplaying game.
Apache-SSL 1.3.12+ssl_1.40 Secure Webserver (using SSLeay)
Apache::ASP 2.01 Active Server Pages port to Apache, using Perl.
Apartia Free Auction System A free auction system with mod_perl, Postgresql, and HTML::Mason.
Armed 0.1 An intrusion detection and real-life event logging tool suite.
asdf 0.5.1 Directory tree synchronization.
asmem 1.8 Memory utilization monitor for X.
asmon 0.61 Afterstep or Window Maker CPU/Load/Mem/etc Meter
Aspell .32 Intelligent Spell Checker
Audiogalaxy Satellite real-time auto resume linux file transfer agent
auto nice daemon Tool to renice jobs according to CPU usage and priority database.
Autojot 0.0.2 Makes a searchable index of everything you browse.
beancounter Perl module for stock market databasing and analysis.
BibleTime 0.3 A bible study program for KDE
Big Sister System and network monitor.
bigloo Scheme compiler
Bind 8.2.3-T6B Berkeley Internet Name Domain
BlackArts arts is a system for creating quick knowledge bases from email messages
Blender Extremely fast and versatile 3D rendering package.
BlueDrekar A protocol driver middleware for Bluetooth wireless devices.
BMConf A Linux configuration tool for the Smart Boot Manager.
bnuview 1.2 Binary file tile viewer
BoboMail 0.4 A Web mailer in Python.
BoolTool 0.3 A Boolean function tool.
Broadcast 2000a Non linear audio and video editor
Bubbling Load Monitor Applet 0.9.9 Displays system load as a bubbling liquid.
BUGS Private key algorithm and applications
CALAMAR 0.1 Accounting software for small companies.
Cannon Smash 0.4.3 3D tabletennis game
capsel 1.5.5 A Linux kernel 2.2.x security module.
CardInfo 1.2 A replacement for the cardinfo application from the pcmcia package.
CDCollectorPHP A Web-based interface to adding CDs to a database.
CDDB / CDDB_get A module to get the CDDB info for an audio CD.
cdrecord 1.9 Allows the creation of both audio and data CDs
CGI::Application 1.2 Framework for building reusable CGI web-applications in Perl
checkout 2.1 Allows checking in/out from your desk with a reason.
Chemtool X11/GTK-based chemical formula drawing program.
Colors.cgi A tool to assist Web and graphics designers in picking colors.
Common UNIX Printing System 1.1.1 Internet Printing System for UNIX
CompWork 1.1d TCL compiler.
Cons 2.1.1 A Perl-based software construction tool (i.e., make replacement).
Content Management System Perl-based Web application for sharing files.
CVS Manual Translation Project An effort to translate the CVS Manual into other languages.
Cvslogtransponat Sort a CVS log after date/comment instaed of after files.
Cyrus SASL 1.5.24 generic client/server library for SASL authentication
DACT 0.4.1 Dynamic Compression Routines
DeadFTP A Graphical FTP Client
DemoLinux 2.0 A Linux OS demonstration CD.
Devel::Modlist 0.4 A Perl extension to collect module use information.
Dial2Net 0.01Alpha A ppp menu for selecting an ISP from a list.
doxygen 1.2.0 A documentation system for C and C++
DragonFlyMail 0.8 A Webmail client.
dvipdfm Dvipdfm is a DVI to PDF translator.
Easysoft SQLEngine 1.0.0.1 Provides heterogeneous access to multiple local and remote data sources.
efone 20000723 Distributed internet phone system.
eggdrop 1.4.4 IRC bot, written in C
electricsheep 0.3 Collaborative screensaver.
Email Security through Procmail Email filter to remove remote security exploits of email clients
ENBD 2.2.24 An enhanced network block device for Linux 2.2.
Environ 1.0.0 An interface for manipulating your UNIX environment variables.
EnzymeTemplates 0.6.2 EnzymeTemplates are late-binding, database-backed, and object-oriented.
EPIC 0.9.1 An ANSI-capable textmode IRC client.
EscAniA PortScanner 0.3 A simple port scanner.
etach 1.1.4 An Emacs extension for MIME email attachments.
Exim 3.16 A Message Transfer Agent for Unix systems.
Explore2fs A win32 explorer for Linux ext2 partitions.
ez-ipupdate 2.6.0 utility for updating the dynamic DNS service offered at http://www.ez-ip.net
faqprocessor.cgi Simple but powerful tool for posting FAQs on the Web.
Fast Rendering Toolkit 0.1 A fast rendering toolkit.
FCE Ultra 0.22 A portable NES/Famicon emulator.
fetchmail 5.4.4 A free, full-featured, robust, well-documented remote-mail retrieval utility.
Finance::Quote 1.01 Perl module to fetch stock quotes from American, European and Australian markets
Firestarter 0.3.1 Firewall creation/monitoring tool
fortune-fgump Some quotes from the movie Forrest Gump.
fortune-mod-russian_anecdotes 0.1 Russian Anecdotes for fortune-mod.
fortune-simpsons-chalkboard A quote collection of Bart Simpson's chalkboard-writings.
fortune-starwars A collection of mod-fortune quotes from Star Wars.
fortune-xfiles Various quotes from the X-Files TV episodes for the fortune program.
FOX Control Center 0.0.3 FOX Control Center
Freeciv 1.11.4 Implementation of Civilization II for UNIX/X released under the GPL
Freemed-YiRC Beta0.12 A PHP-based Youth in Residential Care package.
Freetype A free and portable TrueType font rendering engine
FreeWRL 0.25 Free VRML browser for Linux
freshupdate 01.c Display freshmeat news in the root window
ftpcopy FTP mirror software
Funbot 2.0.0 Modular Perl bot for IRC
Fusion GS 2.0 Telnet BBS-like system.
G-Star A clone of the TI-8x calculator game D-Star.
Galeon A GNOME Web browser.
Game Boy Catalog / Launcher 0.5 An application to handle Gameboy ROMs and configure/run VGB for any of these.
gcdb 0.3 A PHP graphical frontend to a MySQL database.
GCompris 0.2.3 An educational simple game to learn the mouse and keyboard.
gdpc 2.00pre2 Visualisation tools for molecular dynamic simulations.
GeekLog 0.4.1 A PHP and MySQL weblog.
Gentry 0.1.6 GTK application for data entry into a MySQL database
gfilesplit 0.1 A simple gnome app to split and join (binary) files.
gFTP 2.07a A multithreaded ftp client for X Windows
GHX 3.55.05 GTK clone of the Hotline software
GimmeCookie Script to protect a site behind a disclaimer.
GKrellm SNMP Monitor A GKrellM plugin that lets you monitor SNMP vars.
GlobeCom Jukebox Music jukebox with integrated CDDB aware ripping and groupware functionality
GLocate 1.0 A GNOME frontend for the GNU locate utility.
gnomerar A GUI frontend to rar.
GNU Oleo Free spreadsheet application
GNU xhippo 2.3 A GTK-based playlist manager for various UNIX sound players.
GNUSearch A Perl search engine.
GOB 1.0.4 Preprocessor for building GTK+ Object
GProc-Applet 0.6.0-pre2 GNOME process manager
Grand Unified Toolkit Portable low-level C++ game development API.
GRN An NNTP client written in GTK.
gspy 0.1.2 A Gnome V4L Security Camera Application
gt:taglib A small library of flow-control tags for JSP.
GTC 0.12 Game Programming Library
Gtk Theme Switch 0.3 A GTK theme-switching utility.
GtkAda 1.2.8 Ada95 toolkit based on GTK+
GtkCanvas 0.1 Gtk Canvas Widget
GtkHx 0.7 A GTK+ Hotline client.
GtkSpell 0.2 A GtkText addon for MSWord-style spell checking.
GtkZephyr 0.3.2 A graphical client for the Zephyr Notification Service.
GTransferManager 0.4.5 GNOME frontend and more for wget
GTuxNES 0.2.0 GTK based GUI lanuncher for TuxNES emulator
hacker's calculator 1.0 A calculator for programmers.
Half-life Admin MOD 2.03 A plugin mod to Half-Life.
HASAS 1.0.0 A passive sonar signal analysis system.
Hermes 1.3.2 An optimized pixel format conversion library with other tricks
Heroes 0.5 Nibbles-like game, just better.
HLmaps A Perl/CGI script for Half-Life servers to present a list of loaded maps
Homework Reporting System A PHP/MySQL-driven educational application for Web-based homework reporting.
hotboot 0.1a A Linux hot reboot patch.
HP HOWTO 0.89 A utilisation and configuration guide of HP products under Linux.
HSX 3.34 Hotline Server clone for Unix
hypersrc 1.2.1 A GTK+ program for browsing source code.
i810/i815 TCO watchdog driver TCO watchdog Linux driver for Intel i810/i815 chipsets.
ICRADIUS 0.16 Powerful cross platform radius server
ImageMagick 5.2.2 Package for display and interactivemanipulation of images for X11
ImPress 1.1 beta WYWIWYG publishing and presentation tool
Inflex 0.1.5c In/Outbound email virus/file/text scanner.
inn 2.2.3 Complete and full-featured Usenet System
Innovation3D A 3D modeling program.
Intelligent Image Format 1.1beta9 32-bit animated, lossless image compression.
interdiff Create incremental patch from two against a common source.
Inti A C++ GUI and utility library.
Ionax 0.3 Webpage sizer.
irmctl Control daemon for non IRDA ir receivers
iVote 0.03 A Web-based visual poll/image voting system.
JabberBeans 0.8.1 Java interface for the Jabber Instant Messaging System.
Jack's FormMail.php 1.1a A PHP version of the popular FormMail.pl.
jaim 0.8 A Perl console AIM client.
JDxpc 0.0.5 dxpc, written in pure Java.
jEdit Powerful text editor
jegl 0.1.1 An Eiffel interface to SDL.
Jetty 3.0.A98 HTTP/1.1 Servlet server written in Java
JHTML A Java-based HTML editor
jinj 0.02 A Web-based pager/cell phone text information service.
JLogAn 1.01 A Java Quake3 log analyzer.
jpilot-Mail A mail plugin for jpilot.
Jungle Monkey A distributed file-sharing program.
Junkbuster Javascript Popup Patch 2.0 Junkbuster -- updated to filter Javascript popups.
k 0.8 A friendly wrapper script for kfmclient.
kaffe Complete, PersonalJava 1.1 compliant Java environment
KAM2 0.2 K Answering Machine for ISDN lines.
KAppTemplate 0.7 The KDE Application Generator.
KIllustrator 0.7.2 A vector drawing program for KDE.
KIsdnmon Monitoring tool for ISDN users.
KLevel 0.2.0 Tool for working interactively with heightfields
KMameRun 1.0.0pre1 KDE frontend for M.A.M.E.
konspire Searchable, distributed file-sharing system.
Krusader 0.60 Twin-panel file manger for KDE 2.
KSnes9x 1.9.1 KDE frontend for Snes9x
KUPS KUPS is a CUPS administrator for KDE.
KWC 0.2 A key width calculator.
KYahoo 0.2.1 KDE port of Yahoo Messenger.
larswm A tiling window manager built on 9wm.
libaudiooss 0.9.1 An OSS audio emulation on top of NAS.
libCIM A basis for an implementation of CIM (Common Information Model).
libGLOOP 0.8.1b An implicit surface rendering library for games and scientific visulization
libmng 0.9.0 The reference library for the MNG image format.
libole2 0.1.6 A library to access OLE2 streams.
libpng 1.0.8
librep 0.12.4 A lightweight, embeddable Lisp system.
libsmb Enables access to SMB shares in any C++ program under Unix
libstocks 0.3.0 A library for fetching stock quotes.
LibWeb 0.02 A vanilla Web site back-end.
libxml 2.2.1 The libXML library.
LinD&D Tools 2.5 A set of AD&D tools.
Linux FreeS/WAN 1.5 Build secure VPN's with Linux FreeS/WAN's IPSEC and IKE implementation
LinuxMagic VPN Firewall 1.1b A Firewall configuration package.
lirc 0.6.1 Linux Infra-red Remote Control
LISC 1.2.3 A lightweight Scheme interpreter in Java, with useful extensions.
Lotomatic 0.0.1 Automatically plays to a French free Internet lottery.
lpe 1.2.5 Small, fast console mode programming editor
lsh 1.0.1 GPL'd implementation of SSH.
lwmenu 1.2 An application menu for X written in TCL/Tk.
mab 1.1 A simple address book in Perl.
man-pages 1.30 The Linux manpages collection
masqidentd 1.2.1 Ident daemon for Linux systems that use IP Masquerade
mifluz 0.19 Full text indexing C++ library
Ming 0.0.2c SWF (flash) output library / PHP module
MinML A small XML parser.
Mkisofs 1.13 A premaster tool for iso9660 filesystems.
ModLogAn 0.4.5 A modular logfile analyzer.
mod_filter 1.0 Provides filtering between handlers in Apache.
mod_roaming 1.0.2 With mod_roaming you can use Apache as a Netscape Roaming Access server
mod_xslt 1.0 An XSLT Apache module.
Mount Linux Olympus 0.5 An advanced graphical administration system.
MoxQuizz 0.5.23-beta A quizbot for IRC.
MP3Organizer 0.1beta An MP3 collection manager.
mp4h 1.1.0 A macro processor for HTML documents.
mtsms.pl 0.20 A Perl script that can send sms messages through the mtnsms.com web service.
MTX program for controlling the robotic mechanism of DDS autoloaders
MultUnil 0.5.0 A script for Multilingual documentation support.
MyCodePage A page to ease the maintenance of index pages for one's programming work.
nano 0.9.13 Pico editor clone with enhancements.
NanoXML A very small XML parser for Java.
ndustrix Tools for fractal analysis of industrial markets.
Nessus 1.0.3 A free, open-sourced and easy-to-use security auditing tool
NetSaint A relatively simple active network monitor
News Clipper 1.23 Integrate dynamic information into your web page, in your own style.
neXtaw 0.9 Xaw replacement with N*XTSTEP look and feel.
Nicq A new clone of the popular ICQ messaging system for Linux.
Nightfall 0.19 Eclipsing binary star program
noffle News server optimized for low speed dial-up connections to the Internet
NukeUser Removes a user from your system, including their domains and sendmail setup.
Number Theoretic bc A fast prototyping scripting language for use in number-theoretic applications.
OBM Intranet application to help manage a company or a contact database.
Offline HTMLHelp.com Validator 0.9 An offline syntax checker for HTML and XHTML documents.
OLIGOMAP A tool for engineering restriction sites into oligonucleotides.
OpaL Repository Maintainer 0.0.17 A repository maintainence tool.
opennap 0.35 An open source Napster server.
OracleDump Dumps an Oracle database out to an SQL script.
ORBit Thin/fast CORBA ORB
Pad 1.0.3 Command-line utility to perform PAD encryption/decryption.
Panda PDF Generator 0.1 A PDF generator in the form of a C library.
PatentMailer 20-Jul-2000 Scripts for Retrieving and E-mailing Patents in PDF Format (CGI)
PaulA 0.1 Administration system for Linux.
pcwd 1.27 Berkshire Products PC Watchdog Card Linux Kernel Driver
PERL Birthday Reminder 1.0 A birthday reminder tool.
PerlBoard A threaded messageboard written in Perl.
pgpenvelope GPG/PGP5 filter for Pine
photoarchive 1.1 A personal RDBMS-backed photo archive.
PHP Cached Fast Template 1.0.1 Classes which add caching support to PHP's popular FastTemplate class.
PHP-Nuke 2.01 PHP Interactive Web Portal System
phpDistributedPortScanner 1.0pre1 Web-based distributed port scanner written in PHP.
phpMyChat 0.13.1 chat system based on PHP and MySQL
PHPoll PHP script to run polls on websites with a custom look.
phpSGVote 0.5.1 A blind and secure student voting system designed for Student Governments.
phpSybaseAdmin A hack on phpMyAdmin to allow support for Sybase.
PIDPort Shows which PIDs are binding to which ports. Can run as CGI.
PIKT 1.11.0pre2 An innovative new systems administration paradigm
PIMPPA 0.4.4 Automate binary newsgroup leeching and postprocessing.
Piranha 0.4.16-2 A high-availability clustering package for IP service failover and load-balancin
pngcrush 1.5.0 An optimizer for PNG files that can also insert or delete specified chunks.
POSIX 1003.1b clock/timer patch Kernel patch to provide POSIX 1003.1b clocks and timers
Postaci A POP3 Webmail application with multilanguage and multidomain support.
PostgreSQL Session Handler for PHP 1.0 A PostgreSQL session save handler for PHP4.
PowerDoom 0.50 A port of Doom to the PowerPak GSDK.
PowerPak 1.41 An attempt at a high-level game SDK
ProLite.pm Perl Library 0.01 A Perl Module for ProLite LED Sign Communication
Pronto! 1.2.3 A full-featured Perl/GTK+ mail client.
PScan 1.2 A limited problem scanner for 'printf' security holes in C source files.
PTlink ircd 5.3.1 New featured ircd with a great services integration
PTlink Services 2.9.2 IRC Registration Services
py-bsddb3 A Python interface to BerkeleyDB 3.0.55.
PyBiff 0.2.1 Extensible email monitor.
pynap 0 Short script to query Napster servers.
QextMDI 1.0beta3 cross-platform GUI library extending Qt with MDI functionality
Qpopper A POP3 server.
QTCUPS CUPS front-end and development library for Qt.
Quick and Dirty Packet Forwarder 1.01 A TCP packet forwarding proxy.
Quick and NASTY 0.01 Allows non root users to increase the priority of certain approved tasks
Quick Image Viewer A very small and pretty fast GDK/Imlibimage viewer
QVV 0.10 A Qt-based image viewer and browser.
recycle-logs 1.04 A log file recycling/rotation manager.
rfbproxy A VNC session record/playback program.
rh-errata 1.0.1 Red Hat Linux update package maintenance tool
rmake 2k0723 An easy-to-use replacement for makefiles including auto-dependency checking.
routeplanner Highway trip planner
Rover Search Server 1.4.4 Personal Web Server for searching many search engines and more.
ROX-Filer 0.1.25 Drag-and-drop based filemanager.
rp-pppoe 2.1 A user-mode PPPoE client.
RPM Explorer 0.0.6 Explore your computer through the RPM database.
RRDtool 1.0.25 time-series data logging and graphing
rxvt 2.6.3 A VT102 emulator for the X window system
S10sh 0.1.9 Software for the Canon S10 digital camera.
Sablotron 0.42 XSLT processor
safecat 1.3 Copies stdin to a qmail-style maildir
Saint 2.1.1 Security Administrator's Integrated Network Tool
sawfish.el 1.20 Emacs mode for editing sawmill code and interacting with sawmill
scheduler 0.5 A course schedule tool.
Scout 1.3 This CGI script displays information about client's browser, host name, etc.
SCREEM 0.2.9 Site CReating & Editing EnvironMent
ScriptBasic Cross-platform BASIC scripting language.
ScriptWriter 0.2.1 A package for developing TV and movie scripts.
SDSC/GT Secure FTP 1.0b4 A Java-based secure FTP client.
Simple Mathematics Helper A simple program to help with basic math, especially Algebra.
simple network top 1.1.4 A curses-based utility that polls network hosts to determine connectivity.
Sjeng 7.3.1 A chess- and chess variants-playing program.
SkinLF 0.3 A skin "Look And Feel" for Java Swing
SML/NJ 110.29 Compiler, development environment, and libraries for Standard ML
SMS Server Tools 1.0.2 SMS send and receive tools for GSM modems.
Snort 1.6.3 Libpcap packet sniffer/logger/lightweight IDS
snortstart 0.12 a wrapper to snort that aims at install snort in a chroot jail
Sony PCG-C1XS Picturebook Camera Capture Program 0.0 Make photos/films using the camera in your SONY Vaio C1XS.
Sort-of-pronounceable-password generator A simple script that generates easy-to-remember passwords.
SoulQuotes 1.0 A package of CGI and HTML files to create a changeable Quotes Page.
Source-Navigator 4.5.1 An IDE with source code comprehension features.
Spaceball 3000 0.11 A TCL top-down networked game.
ssh 1.2.30 Remote Login Program
ssh2 2.2.0 Remote Login Program
StartUpLinux Server Slacknet Linux 7.0 An easy Internet-sharing server.
State Threads 1.0 A small library for designing scalable Internet applications.
SteelBlue 2.0b2 An HTML-embedded Web application language.
strutilsxx 0.6 Useful additional C++ string processing functions
SubNetwork Explorer 0.0.1BETA A network analyzer tool.
Sugar Adds indentation-sensitive syntax to Scheme.
SUMUS 0.2.2 A Mus card game server (and client).
SwiftMQ 1.0 A JMS enterprise messaging system.
Table Export 1.0 Tool for moving HTML table data from a browser to an application.
tabmergehtml 1.0 A tool for pre-populating HTML forms with data.
TalkBack.cgi Allows visitors to give online feedback on articles.
tcpstat 1.3pre Displays network interface statistics.
TEG 0.3.9 Yet another RISK clone.
Template A PHP3/PHP4 template system.
Terminality 1.2 (build 12) A cross-platform terminal manipulation library.
Terraform 0.7.2 Interactive digital terrain (height field) editor/viewer
TeXmacs 0.2.5-10 W.Y.S.I.W.Y.G. technical text editor
Text::iPerl 0.6 Bring any document to life by embedding Perl.
the Anomy mail sanitizer 1.21 An efficient filter for sanitizing email messages.
The Nebula Device A free, portable game engine.
The PING Utility Library 1.2.1 A C library for UNIX systems software development.
TiK Tcl/Tk version of AOL Instant Messenger
timbot 1.4 A simple C++ factoid-storing IRCbot.
TinyLIB Tiny game development library
tk_Brief GUI for writing letters with LaTeX
TODD 0.6-pre3 Dynamic DNS server with a CGI frontend
ToolBot 0.3.0 An IRC bot for providing the features that IRC should've had in the first place.
TSE3 0.0.7 TSE3 is a powerful open source sequencer engine written in C++.
TWUMenu 0.98 Makes creating and maintaining mouseover menus a snap.
UdmSearch Fast WWW search engine for your site
Ultramaster RS-101 1.0 A pattern-based sequencer for Linux, with synth modules and effects.
Universe 0.13 An Open Source Master Of Orion-like game.
unmaintained 0.5 The software that drives unmaintained.sourceforge.net.
VAMP Webmail Flexible PHP-based Web mail.
VeryNice 0.5 A dynamic process re-nicing tool.
VideoLAN 0.1.99e A software MPEG2 and DVD player.
ViewCVS Tool for viewing CVS repositories using a Web browser
Virtual FTPD Virtual FTD 6.4 A super-secure FTP daemon that allows virtual users.
Virtual X68000 1.1.1 X68000 emulator
VisualPulse 1.5a Automated network latency and packet loss reporting.
VMWare 2.0.2 (Release Candidate) Allows you to run multiple x86 OSes at the same time.
vtgrab A utility for monitoring another machine's console.
WaddleSoft Message Board 1.0 A message board system with polls.
WAP Mailbox 0.1 pop3 mail reader for WAP phones.
wapstat Monitors a server and generates WML pages for WAP mobile phones.
wApua.pl A WAP WML browser written in Perl/Tk.
Watch me Work 0.1 A PHP-based project logging package.
WebCalendar 0.9.17 A multi-user PHP/MySQL-based calendar.
WebEvent Calendar WebEvent is web calendar software for your web site.
WebMacro Servlet Framework 19-07-2000 Java server-side web template engine and servletdevelopment framework
Webwatcher 0.1.4 A tool for helping to manage web content.
Wedit for Linux 0.9.2 An IDE for Linux.
WeirdX A pure Java X Window System server
WideMP3 1.0-beta1 A client-server distributed MP3 encoder.
WMixer 2.03 Neat ALSA Mixer for Window Maker with a digital on-screen display
WMND 0.0.2 Network device traffic monitoring dock app for WindowMaker
WreckedNet IRC Services 1.1.6 Channel, nick, memo, and oper services for IRC Networks
X Printing Panel 0.3 A graphical printing frontend for CUPS.
xconvers 0.5-alpha2 GTK+ client for amateur radio convers
XDBM 1.1.13 Database Manager designed specifically to hold XML data
xIrc 2.4pre1
XMail 0.57 An SMTP/POP3/popsync/finger server.
XML::OCS 0.02 Perl Module for Online Content Syndication (OCS) data.
XMLBoard Solo 1.2.0 XMLBoard alternative
xscorch 0.1.8 Annihilate enemy tanks using overpowered guns.
XShipWars 1.33h Space oriented highly graphical network game system.
xtell 2.1 Simple messaging client and server, kind of networked write
yank 0.1.4 Yet another notekeeper.
Ybos BBoards 0.9.2 Web Based Discussion Groups with administrative support.
Ybos Content Management 0.2.5 Full featured database-backed content management tool.
Zapping 0.5.2 A TV viewer program for GNOME.
Zdisk 1.71 Create a boot/rescue floppy with any kernel.
ZMailer 2.99.53 Mail transfer agent for gateways or mailservers or other large site environments
 

Our software announcements are provided courtesy of FreshMeat

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page

See also: last week's Back page page.

Linux Links of the Week


LinuxAtHome.org is an Advogato-like site oriented toward home users of our favorite system.

WeWantHackers.com. A new job site is up: WeWantHackers.com. They are looking for high-quality developers, and have included a simple "hacking" test in the resume submission process to perform the first level of filtering. This site is run by Bruce Perens and the Linux Capital Group, so the jobs behind it could be interesting.

Section Editor: Jon Corbet


July 27, 2000

   

 

This week in history


[LT on Forbes] Two years ago (July 30, 1998 LWN): we fretted about the future of the Linux community, as mentioned on this week's front page. Linus Torvalds made the front cover of Forbes - an unheard-of level of recognition at that time.

A guy named Dave Whitinger announced the expansion of his "Threepoint Linux News" service. It would take a few more months yet for that service to evolve into LinuxToday.

The development kernel was 2.1.112 - and alleged to be in deep feature freeze. The 2.0.36 stable kernel release was in the prepatch stage. The beer-drinking penguin logo in the development series came under criticism - some people thought it would cause Linux to be taken less seriously. It eventually came out.

This was also a big week for Linux distributors; see this week's distributions page for a recap.

One year ago (July 29, 1999 LWN): The Netscape/Sun alliance backtracked and said that the Netscape Application Server would not be made available for Linux. Both IBM and VA Linux Systems announced plans to get into the Linux support business. Rumors went around that the (rumored) Transmeta processor would be used in the (rumored) new Amiga.

Life got difficult for those trying to participate in Red Hat's community stock offering, as the E*Trade system told them they were not eligible. Red Hat was breaking much new ground with this offering, and the financial system was having a hard time adapting.

No kernel releases happened this week; the stable kernel remained at 2.2.10 and development at 2.3.11. Stephen Tweedie's raw I/O patch was accepted, however, providing a long-missing functionality to the system.

Both the sourceXchange and CoSource.com started ramping up their operations this week. Bruce Perens' Technocrat also launched this week.

 
   

 

Letters to the editor


Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.
 
   
From: "Aaron J. Seigo" <aseigo@mountlinux.com>
To: letters@lwn.net
Subject: Miguel de Icaza: Unix and policy
Date: Thu, 20 Jul 2000 09:25:28 -0600

Hi.

The more I watch Helix Code step into the lime light under the reigns of Miguel
de Icaza the more I scratch my head. Does this man actually Get It(tm)?

The reason Unix does not enforce policy on the system level is because policy
belongs at the application level. Why? Well, look at BeOS/Mac/Windows. They
each enforce policies on programmers and users at the system level, but because
of that they are each cordonned off into their own space of the computing
arena. Unix is a substrate that strives to be flexible enough for _any_
policy. The idea is to OFFER choice, not limit them. As soon as one sets policy
of any sort of strictness, you immediately lose a good portion of your
usability (by definition). By keeping such policy decisions at the application
level, you can have the proper set of policies in force at the proper times and
in the proper places.

To say that a lack of policy creates a "defense system for hackers" is
to slap the Open Source community's reputation down and is just plain wrong.
Look at the amount of responsibility many open source programmers in the
UNIX/Linux world take upon themselves when it comes to security, performance
and feature set. In fact, this sounds more like a Redmond compaign than a
pro-Open Source developer's words.

I point to Icaza's own project Gnome as an example that he is (to
quoth him) "smoking crack" when spouting these arguments. Gnome sets policy, and
in the right place, too: on the application level. In fact, it is only because
of the gift of choice Unix brings that Gnome is possible; it is only because of
the gift of grace (aka "defense system for hackers") that Gnome was allowed to
stick around for as long as it did despite being as horrible as it was to come
to point where it has the opportunity to actually mature.

So I sit here and scratch my head. And ask: would I entrust my desktop to a
project whose leading visionary is so out into left field? Then I
remember: Unix doesn't force policy on me and limit my choices: I can use KDE,
or Blackbox, or CDE, or the command line, or.... and suddenly Icaza's rantings
seem distant and irrelevant. Which they are.
______________
Aaron J. Seigo
Mount Linux
   
Date: Thu, 20 Jul 2000 14:24:26 -0500
From: "Stoner, David M." <dmstoner@utmb.edu>
Subject: re: Unix sucks
To: "'letters@lwn.net'" <letters@lwn.net>


The editors:

Miguel is kidding, right?  If he really liked the Microsoft way so much,
presumably he would be working for Microsoft.

Here are what I hope are obvious retorts to his points as summarized in
your article:

>Unix is stagnant.

As a programmer, what I want above all else is an operating system that
never changes, or at least the API never changes.  I don't need a system
that keeps shifting underneath me and breaking my code.

>Unix's problems stem from ... not deciding policy.

The user/administrator decides policy.   Isn't that what we want?

>High level components

Fine if you want a bloated operating system which is much more than an
operating system; if you control the OS and mean to control everything else
and squash anyone who threatens you; if you assume that no one beyond your
control will ever write an application.

Yet there are high-level components for Unix, the use of which is
fortunately still optional.  For example, there is CPAN.  And there are
"glue" languages such as Tcl and its extensions.

Miguel is welcome to develop high-level components if he wishes, but I hope
he doesn't think they should be part of the operating system and everyone
should be forced to use them.

David Stoner
dms@atlantis.utmb.edu

   
Date: Thu, 20 Jul 2000 18:22:47 +0200
From: Martin Cracauer <cracauer@BIK-GmbH.DE>
To: letters@lwn.net
Subject: Staroffice GPL

Most people cheering after the annoucement overlook that they won't
give us the source for the currently working product.

They give us the source for some future experimental stuff.

That will be the same situation as with Netscape/Mozilla.  We aren't
allowed to fix our lovely Navigator-3.x (which is what most people I
know would prefer), we have to hack on some Uebercode that in any case
is slow and probably won't lead anywhere in the foreseable future.

In no way I can share LWN's editor's opinion that Sun tries to avoid
Netscape's mistakes.  They do exactly the same thing, the delay
between annoucement and release (why not next weekend?), the refusal
to give out the working cod and even the XML-based components
approach.

Not a problem for Sun, of course, it will be "OpenSource" that has
failed.

-- 
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Martin Cracauer <cracauer@bik-gmbh.de> http://www.bik-gmbh.de/~cracauer/
BIK - Aschpurwis + Behrens GmbH, Hamburg/Germany
Tel.: +49 40 414787 -12, Fax. +49 40 414787 -15
   
Date: Thu, 20 Jul 2000 20:56:46 +0300 (EETDST)
From: Tuomas Lukka <lukka@math.jyu.fi>
To: letters@lwn.net
Subject: GPL StarOffice

Let's not forget for a moment that there's only one reason for Sun to
release StarOffice under GPL: they want to hit Microsoft where it really
hurts. And I believe that it will; this is what is needed to topple their
empire. Say in about a year it will be possible to provide a cheap,
reliable, care-free distro that can do all the things that business users
want and is completely open-source. Microsoft does NOT want to see that
day.

So while the announcement is great news, don't make the mistake of
trusting Sun any more because of this. We have a common enemy but once
Microsoft crumbles, I don't expect any more such actions from Sun. Which
is all right: GPL will stay GPL, and companies need to compete.

But just remember: even though it isn't really said publicly anywhere
(the FAQ has some wording which alludes this but Microsoft is not
mentioned), this move takes direct aim at Microsoft. Nothing more, nothing
less.

	Tuomas

   
Date: Thu, 20 Jul 2000 11:17:28 -0700 (PDT)
From: "Robert A. Knop Jr." <rknop@lilys.lbl.gov>
To: letters@lwn.net
Subject: The source of animated images on web pages

I am finding myself increasingly annoyed by animated GIFs on web pages.  
I think this is a result of the fact that more and more of the pages one
visit have banner adds, or sidebar ads.  As much as I hate to say it, the
site that inspired this letter was LWN.net itself.  On LWN, as with many
other sites, I find it hard to read the text (i.e. the whole reason I went
to the web page in the first place) when, at the corner of my eye, there
are these things flashing and drawing my attention away.  Advertisers will
be very pleased to hear this, but I find it irritating and annoying.

Obviously, one will say that I should just hit ESC or the "Stop
Animations" menu item.  Unfortuantely, in Netscape (the only option for a
Linux web browser at the moment, if you care about things like https and
Java/JavaScript), ESC is also the "stop loading" key.  I want is to stop
the animated GIFs from flashing, I don't want to stop anything on the page
from loading.  It seems impossible to stop the images from flashing until
everything on the page has loaded. Netscape 4.73 doesn't even seem to be
entirely consistent about when the "Stop Animations" menu item is
available (via the right mouse button).  Especially if the page has
borderless frames, sometimes it seems to be nearly impossible without a
lot of work to get the animated images to stop.  This does not make for a
pleasing web browsing experience.

The ideal solution would be an international agreement for everyone to
stop using animated images on web pages.  This is, of course, completely
unrealistic, and I don't even expect LWN.net to do it.  But, for future
developers of web browsers, I would ask that you have a key or icon that
will stop all animations on the current page, even if that page isn't
fully loaded yet.  What's more, a preferences option to disable animated
gifs altogheter (with perhaps an override key to start the animations
again) would be really nice.  (This is analogous to the option many
browsers have of just not loading the images unless you push the "images"
button.)

If Netscape already has an option like this, somebody please let me know.
I haven't been able to find it.

-Rob Knop
rknop@lbl.gov


   
Date: Thu, 20 Jul 2000 16:54:03 -0700
To: letters@lwn.net
Subject: RSA Patent Expiration
From: Rick Moen <rick@linuxmafia.com>

Dear Mr. Corbet and Ms. Coolbaugh:

You may be amused to hear that the data and time the (USA) patent on RSA
expires may be literally indeterminate!  

The RSA algorithm is covered by US patent #4,405,829, which was issued
September 20, 1983 (and thus is a 17-year patent) to Ronald Rivest, Avi
Shamir, and Leonard Adleman.  Everyone says it therefore expires this
September 20.  Here in the Bay Area, we have tentative plans for a
celebration party and informational event concerning RSA and other
crypto software, when the patent expires.  But, the question is, when
exactly?  5 PM Washington DC time on the 20th?  8 AM Washington DC time
on the 21st?

Hoping to find out when exactly the algorithm can be freely used in the
USA without royalties or infringement, we posed that question to some
friendly and knowledgeable patent attorneys at the firm Bever, Hoffman,
and Harms, LLC (http://www.beverlaw.com/), in San Jose.  Partner Julie
Stephenson kindly responded, with an e-mail from that firm (which
presumably should not be considered legal advice):

---<snip>---

I researched the question right after we spoke.  Unfortunately, the
answer is that there is no answer.  According to Chisum (a premiere
researcher in the field), the caselaw on the subject is in conflict.
Thus, if a patent has a date of June 28, 1983, and the term of the
patent is 17 years, then the last day of coverage of the patent has been
interpreted to be both June 27, 2000, and June 28, 2000, in different
cases.

I looked around a little further, and found no information relating to
the time of expiration of a patent.  Because the caselaw is still in
conflict on the date of expiration, I can't imagine a situation where
the *time* on the date of expiration (much less the time zone of the
time on the date of expiration) would have been litigated without
clarifying that whole date of expiration mess.  So I can give you no
direction as to *when* you should begin partying.

What does this mean for you?  Well, you can either party on September
20, 2000, and be prepared to change the name of your party from "the
first day of no coverage by the RSA patent" to "the last day of
oppression by the RSA patent" while knowing that anyone partying from
11:55 pm to 12:05 am will have actually partied on the right day
(ignoring that whole time zone thing) OR you can party on September 21,
2000, and be assured that you are partying on a no-patent coverage day.
However, in the minds of some people, you would be partying on the day
after the day the patent expires.  :)  If it helps a all, it appears
that generic drug manufacturers would begin selling their drugs on (in
the example above) June 29, 2000.  (Note that this ignores the issue of
then manufacturing the drugs prior to the expiration of the patent,
which was one of the bases for litigation in one of the conflicting
cases mentioned above.)

Sorry I couldn't be more clear - that is the pitfall of working in the
law.... There is often no right answer, only opinions and arguments.  On
the bright side, you can choose a reasonable time and date of expiration
(say, 11:59 pm EST on September 20, 2000), and have some caselaw basis
for choosing that date.  If you think of it, please let me know what you
decide.  I'll have a drink at that time in celebration.  :)

Have fun,

Julie

---<snip>---

Happily, after one notices that the 20th is a Thursday, the alternative
of skirting all these issues by holding the party on Saturday the 23rd,
instead, became (er...) patently obvious.

-- 
Cheers,                              "Open your present...."
Rick Moen                            "No, you open your present...."
rick (at) linuxmafia.com             Kaczinski Christmas.
               --  Unabomber Haiku Contest, CyberLaw mailing list
   
Eklektix, Inc. Linux powered! Copyright © 2000 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds