[LWN Logo]
[LWN.net]

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Back page
All in one big page

See also: last week's Back page page.

Linux Links of the Week


Ready for some fun? Check out the Lego Mindstorm with Linux Mini-HOWTO, go to the toy store, and have a blast...

Lambda the Ultimate bills itself as "The Programming Languages Weblog." Therein you'll find discussions on language design, functional programming, and no end of obscure languages. It's a welcome break from the C/C++ battles.

Section Editor: Jon Corbet


August 24, 2000

   

 

This week in history


Two years ago (August 27, 1998 LWN): the short-lived Linux Standards Association had its biggest day in the spotlight when it publicly questioned the validity of the Linux trademark. That move forced the hand of Linus Torvalds and Linux International, and brought about an intervention by the lawyers. The LSA, in the end, backed down and started explicitly acknowledging the trademark.

At that time, trademark acknowledgements were relatively rare. The Linux International site did not have one, and neither did many distributions. After this episode, that all changed. Nobody really questions Linus's trademark anymore.

ZDNet chimed in with some Good Old Time FUD:

Technically, Linux might be a reasonable choice, but what kind of company is going to rely on unsupported freeware or something that's supported by two tiny vendors? Rejecting Linux is a straightforward business decision. If it were supported by an IBM or a Hewlett-Packard, then that would be an entirely different matter,

One year ago (August 26, 1999 LWN): Linux-Mandrake celebrated the end of its first year with two "Editor's Choice" awards from LinuxWorld, its first big equity investment, and the launch of its "Cooker" development version. LWN celebrated with an interview with Linux-Mandrake creator Gaël Duval.

Caldera Systems and Red Hat were the first distributors to claim year-2000 compliance for their systems. It seemed important at the time.

Ted Nelson's long-hyped Xanadu system was released as open source this week, after well over two decades of development. It also seemed important at the time.

 
   

 

Letters to the editor


Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.
 
   
To: editor@lwn.net
Subject: Note about GNOME Foundation
From: Havoc Pennington <hp@redhat.com>
Date: 23 Aug 2000 23:44:49 -0400


Although most responses have been positive, some articles and comments
about our recent GNOME Foundation announcement have been
disappointingly inaccurate.

In particular, two mistakes are common.  The first is referring to the
Foundation as "consortium"; the Foundation is not a consortium, but an
organization of individual contributors to the GNOME Project. The
companies joining the Foundation join an advisory board which has no
decision-making function; decisions are made by a board of GNOME
contributors elected by the membership. At this time, around
two-thirds of the members of the Foundation are independent volunteers
not employed by one of the advisory board companies. The Foundation is
simply a legal entity that can act on behalf of the 3-year-old GNOME
Project. The GNOME Foundation is comparable to SPI/Debian and the
Apache Software Foundation. For more details, see the press release:
http://www.gnome.org/pr-foundation.html

The second mistake is that this represents some kind of flareup or
resurgence of a "war" with KDE. At our press conference, we took pains
to discourage this interpretation of the announcement when members of
the press asked about it (see Bob Young's comments, for example). We
are interested in healthy and friendly cooperation with the KDE
project and other free software projects. Interoperability efforts
such as http://www.freedesktop.org continue and will not be affected
by the GNOME Foundation.

Both GNOME and KDE have valuable contributions to make. We're creating
a foundation to help us run GNOME well, and we're excited about the
recent commercial acceptance of GNOME, but these things are advances
for GNOME, not attacks on anyone else. Our primary focus is to expand
the userbase of free software; competing with other free software is
not the point.

Havoc




   
From: Tom Cowell <tcowell@terma.com>
To: "'letters@lwn.net'" <letters@lwn.net>
Subject: Offtopic letter from Eric S. Raymond
Date: Fri, 18 Aug 2000 17:29:10 +0200

Shame on the LWN editor(s) for publishing a letter from Eric S. Raymond =
(LWN back page August 17, 2000) with a sig that takes up (according to =
wc -c) not much less that half the total message, and puts forward his =
views on gun control (nothing to do with Linux).

I'm not going to reveal my views on gun control - that's the whole =
point. LWN, I think, should not have let this message through the =
editorial filter (or should have removed the sig). ESR should not abuse =
his position as a celebrity among users of the Linux kernel by =
publicising his views on other issues.


Tom Cowell

   
Date: Thu, 17 Aug 2000 22:59:19 +0200
From: Toon Moene <toon@moene.indiv.nluug.nl>
To: letters@lwn.net
Subject: Judge halts posting of DVD cracking code 

I just read the following on 

http://news.cnet.com/news/0-1005-200-2547756.html

> "Computer code is not purely expressive any more than the assassination of
> a political figure is purely a political statement," Kaplan wrote in his
> opinion today.  "The Constitution...is a framework for building a just and
> democratic society. It is not a suicide pact."

Now, I don't know anything about US Law, but *this* statement just
smells as "guilt by association".

Surely, the US legal system can do better than *that* ?!?!?!?

-- 
Toon Moene - mailto:toon@moene.indiv.nluug.nl - phoneto: +31 346 214290
Saturnushof 14, 3738 XG  Maartensdijk, The Netherlands
GNU Fortran 77: http://gcc.gnu.org/onlinedocs/g77_news.html
GNU Fortran 95: http://g95.sourceforge.net/ (under construction)
   
Date: Tue, 22 Aug 2000 08:37:17 -0400
From: David Rysdam <david.rysdam@openone.com>
To: letters@lwn.net
Subject: Not understanding "Open Source"

From your daily page:

> 'Here's a ZDNet column claiming to advocate an open source strategy for
> Microsoft. The author is not entirely clear on the concept, however: "I
> propose a slight alteration to the open-source model. Microsoft, of
> course, would expose the complete source code for its operating systems.
> This code could be downloaded by any user and compiled for personal use.
> However, Microsoft would be the only company allowed to create a
> distribution of the Windows operating system licensed for business use.'

Remember 2+ years ago when everyone was bemoaning the confusing term
"Free Software"?  And how ESR and friends swooped in with the saving
term "Open Source"?  That has come back to bite us.Because of the way
the "Open Source Movement" pushes features like "fewer bugs", "fast
development time", and "hardware support" a person could be forgiven if
they forgot about (or never even heard about) the real purpose of Free
Software: freedom.

Don't get me wrong, I *like* the features of Open Source
software: reliability, flexibility, low cost, ease of use (for a power
user, anyway).  But I even more like the main feature of Free
Software: freedom.  No worrying about multiple installations,
redistributions or modifications.

   
From: "Donald Braman" <donald.braman@yale.edu>
To: <letters@lwn.net>
Subject: FW: logical reasoning and the English language
Date: Fri, 18 Aug 2000 16:35:20 -0400

Thought you might appreciate this letter to Fred Moody. -Don

-----Original Message-----
From: Donald Braman [mailto:donald.braman@yale.edu]
Sent: Friday, August 18, 2000 4:27 PM
To: melmoth73@hotmail.com
Subject: logical reasoning and the English language


Dear Fred,

Two quick notes on your commentary, Linux Revisited:

1. On logical reasoning: You assume that the people who write to you are
representative of people who create Linux patches. I suspect that this
assumption is unwarranted.

2. On the English language: You write:
    ...people, [the clause discussed above], who are not great thinkers."
Consider writing, instead,
    ...people who, [the clause discussed above], are not great thinkers."

You know the saying about glass houses and the people who live in them,
don't you?

Sincerely,
Donald Braman
donald.braman@yale.edu

   
Date: Mon, 21 Aug 2000 13:09:07 -0400
From: "Jay R. Ashworth" <jra@baylink.com>
To: melmoth73@hotmail.com
Subject: Linux column, and proponents.

G'day, Mr. Moody.

My, but you're an unpopular person this month.  :-)

I have some exception to take with some of the comments in your
current column; I hope you find my remarks comprehensible, rather than
compost.

> Now the basic, distilled-to-one-line message of my column was this: If
> Linux had to stand up to the amount of use and abuse Windows NT did,
> it would not be up to the task.

I'm afraid I must say that I think this comment, similarly to this
one:

> Citing statistics posted on BugTraq, SecurityFocus.com's computer
> security mailing list which tracks vulnerabilities in operating
> systems, and relying on the testimony of security experts, I wrote
> that Linux systems are weaker than the state of the art in operating
> systems. I also noted that the number of its reported
> vulnerabilities, when measured against its market share, was, in
> essence, higher than the number of Windows NT reported
> vulnerabilities when measured against its market share.

demonstrates a fundamental misperception of the situation at hand.  I
do not choose to attribute this misperception, unlike some; my
intention is merely to clear it up.

I do not have current statistics on the number of Linux systems
exposed to the raw Internet, vs the number of NT boxes.  Nor do I wish
to comment on the relative sturdiness and security of these systems as
shipped.  That's not really the point at hand here.

As I see it, as a front-liner who gets the calls when someone's box
gets rooted, it's like this: regardless of whether Linux *requires*
work to make it sufficiently secure to live in the wild, *it is
possible to MAKE it sufficiently secure* -- and, of course, I only
have to do it once, no matter how many machines I have -- and I can
then push the changes out to the various boxes (because stock Linux
supports secure, signed, remote distribution of system updates, and NT
does not).

Now, the strawman argument that is commonly made here -- it was made
in a CFOnet piece by a Meta Group analyst to which I replied in last
week's Linux Weekly News' Letters column 

	<http://lwn.net/2000/0817/backpage.php3>

-- is this: "but, the fact that you can change everything so easily
means that you'll never know what you're running!"

Or, in our case here, that you're always going to miss something
because you have so much to do.

Well, it's like this, Fred: That's not Linux's fault.

If I hired an MIS guy and told him to network my 6 locations across
the Internet, and make everything as secure as he could... and he
picked NT... and someone broke in through a publicized security hole
that Microsoft simply hadn't gotten around to bothering with, what
should I do with him.

I'll tell you what I *would* do with him: I'd fire him.

Yes; for buying Microsoft.

Because the simple truth is this: the Mean Time To Security Fix
Publication for Microsoft, while much better than it has ever been, is
still an order of magnitude worse than that of the open source
operating systems, and I don't see that it will ever get better.

If Microsoft doesn't feel now that they have sufficient impetus to
improve this, I guess it will take a Navy ship run by NT getting blown
up because of a blue screen, instead of merely having to be towed back
to port, to make the point.


In the business world, we call it due diligence: making sure that
you've done enough research that you can say with some assurance that
there's not a better way to do the job: in this case, that the balance
between expenditure and risk reduction has been struck as effectively
as possible.

I don't much care whether the answer is OpenBSD, NetBSD, or Linux; any
of them is a better answer, from a system maintainability and
hole-chasing standpoint, than any current version of NT.

Stipulated, and here's the crux of the strawman: you do have to *do*
the work.  But at least it is *possible* for you to do the work, a
luxury you don't have with MS.


I don't know NT5 (oh, excuse me: "Windows 2000" <snicker>) well enough
to dis it on constructive grounds.  I'll have to make due with noting
that it, too, is a 1.0 version.  (Even though it's published version
number is 5.0, notwithstanding that NT3.1 was itself a 1.0 release;
don't get me started on this one.)

Cheers,
-- jra

Jay R. Ashworth                                                jra@baylink.com
Member of the Technical Staff    			  The Suncoast Freenet
Tampa Bay, Florida     http://baylink.pitas.com                +1 727 804 5015


 

 

 
Eklektix, Inc. Linux powered! Copyright © 2000 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds