Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page All in one big page See also: last week's Back page page. |
Linux Links of the WeekIf you've not yet had enough real-time Linux for the week, the Real-Time Linux HOWTO should be able to fill in the gap. It is a comprehensive resource covering everything in the real-time area. Tired of bloated executables? Have a look at A Whirlwind Tutorial on Creating Really Teensy ELF Executables for Linux on the MuppetLabs site. If you're determined, you can make them really small... (Thanks to Nicolas Pitre). Section Editor: Jon Corbet |
September 14, 2000 |
|
This week in historyTwo years ago (September 17, 1998 LWN): Some people began to question the role that Richard Stallman was playing in the Linux world. An LWN article on the subject drew more hostile mail than anything else we have ever written. RMS is as uncompromising as ever, but somehow he seems less controversial these days (KDE "forgiveness" editorials notwithstanding). To an extent, that may be because his points on freedom have sunk in. The development kernel was 2.1.112; it was in the 2.2 feature freeze. 2.0.36 was in the prepatch stage; people were complaining because Alan Cox would not include patches to make gcc 2.8 and egcs compile it correctly (due to stability concerns). Shipments of the international version of SuSE 5.3 were halted due to an unpleasant installation problem. One year ago (September 16, 1999 LWN): a company called "Channel One Gmbh" registered the "Linux" trademark in Germany. Whatever their plans were, they didn't last long. Under great pressure, they caved in and signed the trademark over. IBM's first "Red Hat Certified" laptop turned out to not run Linux very easily or well; see the lengthy instructions on how to make it go. The development kernel was 2.3.18; this kernel saw the long-awaited integration of PCMCIA support into the mainline source tree. Linus also announced a feature freeze: The feature freeze should be turning into a code freeze in another two months or so, and a release by the end of the year. And as everybody knows, our targets never slip. It is, of course, one year (and quite a few new features) later... Caldera 2.3 was released that week, as were LinuxPPC 1999 Q3 and Yellow Dog Champion Server 1.1. Corel put out its first call for beta testers for its upcoming distribution. And SuSE 6.2 got a review: My view is that, if you study SuSE Linux, you'll see a revolution in the making that will devastate current hi-tech business models, causing a fundamental shift in the computing world. I found that Linux was the Aladdin's Cave of computing.
Cobalt Networks surprised people by becoming the second Linux company to file for an IPO. | |
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Thu, 07 Sep 2000 11:09:02 +0200 From: Fred Mobach <fred@mobach.nl> To: letters@lwn.net Subject: Cuecat drivers Hello, In LWN of September 7 you noticed that "The case appears weak, but the company has managed to get the :CueCat drivers pulled down - for now". But on Linux Today I found a talkback at http://linuxtoday.com/news_story.php3?ltsn=2000-09-01-012-06-NW-CY where is stated : "Still available in Europe You can find it here : ftp://ftp.flashnet.it/mirror/8/linuxberg/files/console/network/cuecat-0.0.5.tar.gz ftp://ftp.tuniv.szczecin.pl/dsk4/Linuxberg/files/console/network/cuecat-0.0.5.tar.gz ftp://ftp.uakom.sk/pub/linuxberg/files/console/network/cuecat-0.0.5.tar.gz ftp://ftp.datacomm.ch/.3/linuxberg/files/console/network/cuecat-0.0.5.tar.gz ftp://ftp.sektornet.dk/mirrors/mirror.linuxberg.com/files/console/network/cuecat-0.0.5.tar.gz ftp://ftp.uni-c.dk/mirrors/mirror.linuxberg.com/files/console/network/cuecat-0.0.5.tar.gz" Regards, Fred Mobach fred@mobach.nl | ||
From: "Lindenmayer, Louie L" <Louie.Lindenmayer@PSS.Boeing.com> To: "'letters@lwn.net'" <letters@lwn.net> Subject: Digital Convergence vs. FooCat Date: Thu, 7 Sep 2000 11:02:57 -0700 If a Linux driver is developed indepedently and released GPL'd because the original developer was Windows-centric, then the original developer threatens litigation against the Linux developers, will the original developers be able to make a Linux driver that won't infringe on the GPL'd code and would they have to prove it? Could the original developer invalidate and usurp the GPL'd code on the basis of 'illegal reverse-engineering'? *************************************************** Louie L. Lindenmayer III E/E WIRS SUPPORT - North NEW --> (425) 266-8290 <-- NEW http://wirs.ca.boeing.com | ||
Date: Fri, 08 Sep 2000 10:52:36 -0500 From: Pete Flugstad <pete_flugstad@icon-labs.com> To: stephens@cnet.com, letters@lwn.net Subject: Re: Unix, Linux computers vulnerable to damaging new attacks Mr Shankland, You missed a couple of points in your article: One, this particular bug is, to be blunt, "nothing new". Anyone who has spent ANY time at all programming in C is going to run into it or something like it. Since just about every major OS out there, including Linux, all Unix varieties, ALL MS Windows varieties, and just about every RTOS (VxWorks, pSOS, etc), use C as the basic language, they are ALL vulnerable to this type of attack. That's right, MS Windows, including NT & 2000, are vulnerable to this type of thing. The bug fundamentally stems from the nature of C programming, and the printf (and related) library functions, used for printing out messages. Just about every program/OS out there uses a form of printf, EXTENSIVELY. Just about all the text you see on your screen right now, window titles, icon labels, menu entries, was created with printf at one level or another. So, the fact that we haven't seen similar attacks on Windows is just because no one has really tried... yet. Second, you miss the point of the Linux's open source license. Since it is open, and we have the source code, we CAN go through and audit the code for this type of thing. That is precisely what is happening here, and it's why these are popping up now. Previously, Unix/Linux was not a large enough installed base for anyone to bother auditing the source, as the number of targets for these types of attacks was not worth it for a Cracker to bother with. Now, as Linux and Unix are gaining popularity because of their stability and usefulness as web/internet servers, it's becoming important to do this type of security audit. Go ask MS if you can audit the 40+ million lines of Windows 2000 source code for bugs like this. Don't blame me when they laugh you out of the building. And don't believe them when they say they've done this already. If Sun/IBM/HP have not yet done it with all the years they've had their respective versions of Unix, there is no way MS has done in in the small amount of time they've been shipping Win2k, with its millions of lines of new code in the last 4 years. Pete Flugstad Sr. Software Consultant Icon Labs | ||
Date: Mon, 11 Sep 2000 13:22:30 -0400 From: David Wittenberg <dkw@cs.brandeis.edu> To: letters@lwn.net Subject: Profitable Open Source company Cygnus support was created almost 10 years ago to provide support for open source products. John Gilmore told me that they were quite profitable their first year, and I expect most years after that. They have since been bought by RedHat. -- --David Wittenberg dkw@cs.brandeis.edu | ||
Date: Sun, 10 Sep 2000 04:58:25 -0600 From: Dylan Griffiths <Dylan_G@bigfoot.com> To: letters@lwn.net Subject: Confused about GPL comments. I was reading the 7th of September, 2000 LWN when I happened upon this piece from Martin Cracauer <cracauer@BIK-GmbH.DE>: "The GPL tries to eleminate (sic) all software that is not GPLed or can be made so. That is a problem for people like me who use much software under different licenses where none of the clauses is a problem for me (i.e. the formerly BSD advertising clause and many university licenses)." And I'd just like to say: the author of the code decides on the licence. They take the time to look, examine, and evaluate the licences. The GPL itself is not a sentient entity, nor is it a living entity. It is not a virus. It is not anything organic. It is simple a licence written by a man, RMS, who wants to ensure that if you make big changes and distribute them -- that you include the source so that you pass on the freedom to modify you used in the first place. Now, this may sound like I'm a GPL lover. I'm not. I just can't stand to see licence bigotry by people who think that licences are living entities which seek to 'infect' other programs. That's just ludicrous. If you don't agree with that part of the GPL -- don't use the GPL. And if you want to link with a GPLed program, get one side to grant an exclusion for the other side. Instant legality without the "viral" nature. -- www.kuro5hin.org -- technology and culture, from the trenches. | ||
|