Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsThe money is back - sort of. Linux investment activity slowed down markedly after the stock market decline in April, and it has been slow to recover. This week's events, however, show that things are beginning to happen again:
It would appear that the business community believes that the Linux stock slide has bottomed out. The investors are coming back - but hopefully with more realistic expectations this time. Debian and free software project organization. Most Linux users are aware of the Debian distribution and its status as the most popular noncommercial distribution around. The distribution itself offers a massive set of packages, a self-updating capability (for some years now), and a high degree of stability. It is growing in popularity, despite its high-profile, venture and IPO-funded competition. Just as interesting as the distribution, however, is the complex organization that makes it possible. Because Debian is arguably the most organized of all free software projects. Kernel development looks like a benevolent dictator floating serenely above a screaming bazaar of hackers loudly trying to get their patches noticed and accepted. Apache is an anarchic, but calmer group of people quietly implementing the features they need. Debian, instead, resembles an established constitutional democracy, complete with elections and a civil bureaucracy. The founding document, perhaps, of the Debian Project is the social contract. It provides the philosophical underpinnings of the project, including the commitment to free software and to not hide problems. A much more legalistic foundation, however, is the Debian Constitution. This document describes how the project functions and makes decisions. For example, it defines the office of the Project Leader, which is currently held by Wichert Akkerman. It's not a particularly powerful office, however; Debian folks prefer to make their decisions in a more distributed way. The constitution also defines and empowers the Technical Committee (currently Ian Jackson, Manoj Srivastava, Dale Scheetz, Guy Maor, Klee Dienes, and Raul Miller). The Committee can "decide any matter of technical policy," resolve disputes among developers, and, with a suitably strong vote, require a developer to make a change that he or she would otherwise be unwilling to do. That last power is seldom exercised; Debian developers normally have absolute power over the packages they maintain. As long as they stay within the policy guidelines and fix bugs, what they say goes. Debian does, however, have quite a few policy guidelines. The Developer's Reference spells out in great detail how Debian developers interact with the project and each other. Therein one can find out the process for becoming a recognized developer, the procedure for going on vacation, how to upload new packages, the conditions under which one developer can update another developer's packages, how to deal with bug reports, and, of course, how to retire from the project. All Debian developers also use a public key encryption system to sign any packages they upload. That way the project knows that each package it has came from a recognized developer. A completely different set of guidelines can be found in the Debian Policy Manual. This document contains the set of technical policies that make Debian a functioning, consistent system. It tells how to allocate user and group IDs, spells out the MIME support policy, defines interpretations of keys on the keyboard, lays out the proper uses of symbolic links, gives the accepted way of accessing mailboxes, tells how to use environment variables, and more. All Debian packages are expected to adhere to these policies. On top of all that is a complicated structure of committees and positions within the Debian organization, including the Release Manager, the CD Production Team, the Spam Fighting Team, and more. See this organization listing for the full set. To the Lone Hacker who is holed up in his basement writing the Great American Compiler, all of the above may be a bit scary. Where is the fun of working on free software if you have a whole book full of rules that you have to follow? But the nature and scale of Debian make this organization necessary. Debian has several hundred active developers worldwide, and thousands of packages. Such a project could easily collapse under its own weight given the chance. Debian is far from collapse; it is, instead, supremely healthy. Its distribution is consistent, functional, and highly stable, despite being made up of thousands of pieces assembled by people who have often never met each other. Nobody worries about what will happen if Wichert Akkerman decides his future lies in timeshare condominium sales - the project's structure and policies would continue to function as before. Debian's organization makes the project robust. The project has not been without its glitches - distributions have come out late, new maintainers were excluded for a long period, and so on. But, in the end, Debian's organizational effort has worked. As free software continues to grow, we will certainly see many development projects on a new, larger scale. The desktop projects are an example of where things are going. Others will be formed to attempt tasks that are hard to even image now. Debian has shown one way of making projects on this scale work. It is a most interesting social institution, with much to teach us all.
Has Cisco patented NAT?. It turns out that Cisco has a patent on a "security system for network address translation systems". Depending on your reading of the patent and what it really covers, this could be one of the more threatening software patents to come along yet. NAT has been a feature of Linux networking for years - though the Linux world has generally referred to it as "masquerading." Essentially the feature allows the hiding of a network of systems behind a single gateway. All outgoing connections appear to come from the gateway itself - the systems behind it are invisible. They are also, normally, unreachable from the outside; this feature means that a box running NAT/masquerading can often serve as a simple and highly effective firewall. It is the firewalling ("security") feature of NAT that Cisco claims a patent for. The claims in the patent text describe the basic NAT algorithm, then add features like dropping inbound TCP packets that do not correspond to an existing TCP connection. Passing through FTP data connections and certain types of ICMP packets are also claimed as patented features. These are all things that the Linux implementation does. If Cisco decides to get obnoxious - and there is no evidence of that at this time - this could be the first serious patent issue to reach deeply into the Linux kernel. The basic NAT implementation in Linux predates the patent application, and thus qualifies easily as prior art. But some of the fancier filtering features may not. The possibility of a patent challenge reaching deeply into the Linux kernel exists. This one is worth keeping an eye on. :CueCat, one more time. We'll stop talking about the :CueCat affair soon, we promise. But this episode just keeps on bringing up interesting issues. Consider this article in SecurityFocus, which quotes Digital Convergence VP David Mathews: Digital Convergence was aghast. "If people take over our cat and start using their own databases, the world becomes cloudy," says Mathews. "Our revenue model is being the gate keeper between codes and their destinations online."
The company's revenue model may depend on being the gate keeper, but free software's model depends, instead, on freedom. We're not much interested in gate keepers who seek to maintain their position on the basis of (still unspecified) intellectual property claims. Freedom makes things hard for those who prefer a carefully controlled population. Expect to see a lot more fights like this one. Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
September 21, 2000
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Security page. |
SecurityNews and EditorialsDebian to phase out security support for 2.1. The Debian Project has announced its intent to phase out security support for the 2.1 ("slink") distribution. Their expectation is that most users have already upgraded to 2.2. They are looking for feedback on the idea; now is the time to scream if this idea bothers you. We, ourselves, will be waiting eagerly to hear whether or not there is any negative feedback to this announcement. If there is not, it will be amazing, and a strong indication of a difference between Debian customers and those of other distributions. Red Hat, for example, officially supports security updates for Red Hat 4.2 and 5.2, and it isn't difficult to go out and find customers still using those distributions. Why would someone choose not to upgrade? Well, there is the issue of "if it isn't broken, don't fix it". Everyone these days has too little time to do too much work. If a system is quietly working away in the corner, doing what you want it to do without requiring any intervention, why risk breaking it? Remember all those systems that have clocked a year or more of uptime? Well, that implies, for non-Debian systems, that they haven't upgraded their distribution in at least that amount of time. Other issues can crop up as well. Kernel changes between major distributions can pose new demands on memory, disk and other hardware. As a result, some distributions choose to run with older kernels. TINY Linux is an example of this. It is based on Slackware 4.0 and the Linux 2.0.X kernel in order to meet their goal of supporting old, slow systems with minimal memory and disk. With the need to have good security on all systems being so aptly demonstrated by this year's distributed-denial-of-service attacks, it is important to provide security fixes for these machines as well, not just systems that have been upgraded to the latest distribution. Most of all, no matter how easy the upgrade, it takes time to do good backups, verify them and thoroughly test a system after an upgrade. As a result, many people probably upgrade their systems as much as six months or more after the last major release. Debian, though, is a slightly different kettle of fish. Most Debian users upgrade their systems piecemeal, bit by bit, on a frequent basis. It may be more unusual to find someone that is still running exactly the same Debian that they installed from CD. So maybe the Debian community will prove us wrong, by voicing no concern over this policy change. Either that, or the ones that don't complain are the same people that aren't going to bother to install a security update in any case. The EFF and Linux Journal call for SDMI challenge boycott. The Electronic Frontier Foundation and Don Marti at Linux Journal have both called for a boycott of the the Secure Digital Music Initiative (SDMI)'s hackSDMI challenge. "The Electronic Frontier Foundation (EFF) urges the Internet community to boycott this contest and refrain from helping the recording industry perfect a way to undermine our fair use rights." SDMI is a new format for music, designed to replace the MP3, which allows the implementation of control over how and when the music is played. This can include the devices upon which it can be played, whether or not you can make a backup, even whether or not you can listen to it once or ten times. As a result, it allows the implementation of practices that prevent not only widespread copying, but much of the "fair use" practices that are common today. It is backed by a consortium of over 100 companies in the music industry and planned to replace MP3 by Christmas this year. In court, the ease in which the CSS DVD format was decrypted was of at least some embarrassment to the plaintiffs, if not a valid defense. This hacker challenge seems geared both to prevent a similar embarrassment for SDMI and as a marketing ploy to demonstrate the "security" of the new SDMI format. As security professionals, our time is here to be used to help make our computers and networks more secure -- not to support someone's marketing plan or future legal defense. We concur with the proposed boycott. Here are some additional articles on the topic for those of you who are interested:
September CRYPTO-GRAM newsletter. The September CRYPTO-GRAM newsletter is out. It discusses full disclosure of security problems, the PGP vulnerability, and whether Bruce Schneier's parents should be sued for creating and distributing a piece of circumvention technology (namely, Bruce). Security Reportsklogd/sysklogd format string vulnerability. A format string vulnerability in klogd was reported on BugTraq. klogd receives messages from the Linux kernel and forwards them to syslog. In Linux distributions, it is generally packaged with syslog as "sysklogd". This vulnerability has been proven to be locally exploitable to gain root and may potentially be remotely exploitable or exploitable via knfsd. The problem affects Linux and many other versions of Unix. An immediate upgrade is strongly recommended.Note from this BugTraq posting by Solar Designer that the updates below also include fixes for some syslog-specific bugs as well, notably in both printchopped() and printline(). From the large number of timely updates you see below, it is easy to guess that this vulnerability was actually found about a week ago originally and then reported to both Linux and Unix vendors, allowing them to have fixes available immediately after the vulnerability announcement was made. This week's updates: Note that Red Hat appears to be having problems with their redhat-watch mailing list. As a result, we've seen multiple advisories for some issues and no advisories for others. Red Hat users may want to check the Red Hat Errata or the BugTraq mailing list regularly for updates until the problem is resolved. eject exploitable buffer overflows. FreeBSD has issued a security advisory for eject after an internal audit found ways that this setuid root program can be used locally to gain root privileges. They've provided updates packages for FreeBSD. This problem is not limited to FreeBSD, so advisories from other BSD and Linux distributors can be expected to follow. listmanager exploitable buffer overflows. FreeBSD also put out updated listmanager packages. Listmanager is not Open Source software, but is freely distributable. The author has reported locally exploitable buffer overflow vulnerabilities in versions previous to 2.105.1. pine malformed X-Keywords denial-of-service. FreeBSD issued a belated advisory for pine4, with fixes for a problem processing mail messages with malformed X-Keywords header lines. These caused pine to crash, allowing a user-level denial-of-service attack. cgi-bin scripts. The following cgi-bin scripts were reported to contain vulnerabilities:
Commercial products. The following commercial products were reported to contain vulnerabilities:
UpdatesLinux-Mandrake security update to mod_php3. MandakeSoft has issued a security update to the Apache PHP3 module. There is not, however, a problem with PHP itself; instead, many scripts which process file uploads have a bug which can allow them to be subverted. The update provides a new function which makes it easier to write secure PHP code. Anybody using PHP for file uploads should have a look at this advisory. xpdf symlink race condition. Check the August 31st Security Summary for the original report.Debian users should also note that xpdf-i versions prior to 0.90-7 are also vulnerable. Updated packages are available at http://non-us.debian.org/dists/proposed-updates/ (or your nearest non-US mirror). This week's updates: Previous updates:
xchat URL handler bug. Versions of xchat from 1.3.9 through and including 1.4.2 can allow commands to be passed from IRC to a shell. Check BugTraq ID 1601 for more details.This week's updates:
screen setuid root vulnerability. A vulnerability in screen 3.9.5 and earlier that can be exploited by a local user to gain root was recently reported in the September 7th Security Summary. Note that screen must be installed setuid root in order to be exploited. Screen 3.9.5 and earlier contain this vulnerability. This week's updates: Previous updates:
Mailman. A vulnerability was reported in mailman 2.0beta3 and 2.0beta4 and fixed in 2.0beta5. Check the August 3rd LWN Security Summary for more details.Note that the fixes below do not address the more recently reported Mailman writable variable vulnerability covered in last week's LWN Security Summary. This week's updates: Previous updates:
glibc vulnerabilities. Check the September 7th LWN Security Summary for the initial reports and last week's LWN Security Summary for more details and workarounds. This week's updates: Previous updates:
Horde/IMP format string vulnerability. Check last week's Security Summary for more details. Horde 1.2 and 1.3 have been patched in the CVS trees for this problem. The Horde team also has made available a patched version of IMP 2.2.2. This version is part 2 of a security vulnerability present in 2.2.0 (and earlier "pre" releases) that was only partially fixed in 2.2.1. Users of IMP 2.2 on production systems are strongly encouraged to upgrade.ResourcesUpdated security tools. Here are some Open Source security tools for which minor updates have been made available in the past week:
EventsSeptember/October security events.
Section Editor: Liz Coolbaugh |
September 21, 2000
| ||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is still 2.4.0-test8. The 2.4.0-test9 prepatch is currently at 2.4.0-test9-pre5. Perhaps most significant in test9 so far is that Rik van Riel's virtual memory fixes have been integrated, finally. That should come as a welcome relief for those who found test8's behavior to be a little...sluggish... The current stable kernel release is still 2.2.17. The 2.2.18 prepatch series is up to 2.2.18pre9. With pre9, Alan Cox finally merged in the long-awaited NFS fixes; this is good news for those hoping for decent NFS server behavior from the 2.2 kernel. One more 2.0.39 prepatch came out in the form of 2.0.39final. Unless something truly earthshaking comes up, this patch will go out as an official 2.0 stable release. Another step toward 2.4.0? On September 17, the 2.4.0-test9-pre2 announcement came out with an interesting set of remarks: I think we're getting to the point where there are no major known bugs. That means that as of the final 2.4.0-test9 I will no longer accept any patches that don't have a critical problem (as defined by Teds list) associated with them.
Linus has not made any public remarks on the amount of money that would be required to get a patch in. However, at least a couple of developers seem to have concluded that a more economical approach is to offer Ted Ts'o a nice bottle of liquor. 2.4.0 still does not lack for known issues in need of fixing. But it is getting closer to that final stabilization phase before the official 2.4.0 release can go out. That release, of course, is certain to have a few remaining bugs - perfection is hard to reach. But at some point you have to call something an official stable release to expand the user (and thus testing) community. Meanwhile, there has been a bit of grumbling in the ranks from a small number of developers who are getting tired of the feature freeze. One developer has even started up his own 2.5 tree and offered to make it available to others who are looking for a place to hack on new features. The problem, of course, is that stabilizing 2.4 requires the attention of as many developers as possible. It's important to truly have enough eyeballs to make the bugs shallow. If the hackers go off on some sort of unofficial 2.5 effort, the 2.4 kernel will suffer. So patience is counselled for those wanting to work on 2.5. They are still going to have to wait for some time. In the past, Linus has always let a good chunk of time go by - on the order of a couple months - after the first stable kernel release. Only once it's truly stable will he open up a new development series and start the process over again. What about BitKeeper? Last week's kernel page discussed a proposal for a new kernel patch management system that had been posted. It didn't take too long for the inevitable question to come up: what about BitKeeper? It was, after all, once said to be the kernel source management system of the future. One of Larry McVoy's reasons for creating BitKeeper in the first place was to try to make Linus's job easier. These seem to be the reasons why BitKeeper is not being pushed at this time:
All of these issues feed the fear that an insufficient number of kernel hackers would use BitKeeper. And if only a few use it, it's not worth the trouble of learning how. So the plan for now is to try to put together a much simpler system and hope that it actually gets used. It is interesting to note, however, that Linus only plans to use this system until 2.4.0 comes out. What happens thereafter is anybody's guess. Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
September 21, 2000 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. New DistributionsASPLinux. The name ASPLinux is derived from "Application Service Provider", a popular buzzword in commercial circles. ASPLinux is produced by SWsoft, a "multinational software development company with headquarters in Singapore and offices in the USA and Europe". Language support includes Korean, Japanese, Chinese, Thai, Indonesian, Russian and others.ASPLinux is derived from Red Hat and promises to be 100% Red Hat-compatible. It is apparently aimed at current Windows sites for, though it does require repartitioning, it provides download and installation capabilities that are usable directly from Internet Explorer and your favorite Microsoft operating system. They also offer ASPcomplete, which includes add-ons expected to be of interest to Application Service Providers. This includes the user beancounter patch to the Linux kernel (jointly developed by Alan Cox and Andrey Savochkin), which provides per-user resource limitations (rather than the per-process limitations provided by setrlimit). It is fairly easy to see why Application Service Providers would be interested in this, since it can help prevent the actions or activities of one user from using up all of a critical resource and thereby impacting other users. ASPLinux is still in a snapshot development mode, meaning they have not yet released their first stable product. Till then, there is a great deal of information (and a few screenshots) available from their website. kmLinux - a new German Linux distribution for schools. Fred Mobach, with the laudable intent of making sure we didn't neglect happenings in Germany due to the language barrier, sent us his take on kmLinux, derived from the kmLinux website. To summarize, kmLinux is a SuSE-derived distribution intended for use in schools. It comes in two flavors, both aimed at desktop customers. KmLinux installs directly under Windows, for ease of introduction to Linux newcomers. KmLinux-S installs in its own Linux partition, though it can co-exist with additional operating systems as well. Both are bundled with applications for text processing, mathematics, computer science, physics, chemistry, astronomy, Internet, graphics and games. Both use the Reiser filesystem, so that teachers/students that abruptly turn off their systems without going through a normal shutdown process will have their files protected. KmLinux is being developed by the Landesbildungsserver Schleswig-Holstein, a German government organization, in close cooperation with the VereinFreie Software und Bildung (Union for Free Software and Education) and SuSE. Many thanks, Fred! We greatly appreciate this type of assistance from our readers. News and EditorialsBest Linux For Business (ZDNet). ZDNet gives us a brief introduction to Linux distributions. "A critical factor in choosing a Linux distro is your company's level of in-house expertise with computers in general and with Unix-like operating systems in particular. If you have resident Linux or Unix gurus, you have many more options." Interview: Frank Smith of the Embedded Debian Project (GeekNews.org). GeekNews.org interviews Frank Smith of the Embedded Debian Project. "The current focus is on CML2+OS, a system for the configuration and generation of both a Linux kernel and an operating system (i.e. root filesystem). Its purpose is to assist embedded Linux developers in configuring and generating small (1 to 10Mb) Linux target systems." Distribution ReviewsLinux in Brazil Reviews Conectiva Linux 5.1. From Linux in Brazil comes the review (in Portuguese) of Conectiva Linux 5.1. Here's a Babelfish translation. They appear to be pleased, particularly with the security, since its non-US location allows it to include security software and features that have been avoided, to date, by the larger US-based distributions. TechLinux, a new Brazilian distribution based on Mandrake. Also from Linux in Brazil comes a review of TechLinux 1.0a (in Portuguese), the alpha release of a new Brazilian Linux distribution based on Linux-Mandrake. The review just covers the packaging and documentation; a fuller piece is promised once they have time to install and use the system. Here is the Babelfish translation. General-Purpose DistributionsDebian Weekly News. The Debian Weekly News for September 19 is out. It covers the move to replace Debian's installer (described as "aging"), new features in apt, and the end of security fixes for Debian 2.1. Kernel Cousin Debian. Via this week's Debian Weekly News, we learned that a new Kernel Cousin began publishing last week. Kernel Cousins are regular discussion reports based on a specific mailing list. The original Kernel Cousin reported on the linux-kernel mailing list. Others now report on Wine and the Hurd. The newest Kernel Cousin is the Kernel Cousin Debian, which will be focusing on the debian-devel mailing list. This will be a good source of additional information for Debian followers. Here are links to the first two Kernel Cousin Debian releases: Note that the Kernel Cousin Debian is breaking ground with a new "group-authored" development, modeled, of course, on the successful Debian development method. Any number of authors can volunteer to help out. Each author "claims" a thread, follows it and summarizes it as soon as no new posts to that thread have been seen for three days in a row. If you follow debian-devel, this may be a new way to help out the cause. Additional authors are definitely needed. Kernel Cousin Debian Hurd. Debian GNU/Hurd development is still currently very light, with the Kernel Cousin Debian Hurd #59 For 13 Sep reporting 75 posts and only one complete discussion thread, on 'pmake' and 'ash' advancements. Slackware Development News. The development version of Slackware now uses a statically-compiled version of GCL, due to problems using the dynamically-compiled version on multiple machines. An upgrade to Tcl/Tk 8.3.2 has been completed and LILO 21.5.1 is now being used. Check the security section for a link to the Slackware security update for klogd/sysklogd. Embedded DistributionsThe Architecture and Development of Etlinux. LinuxDevices.com has posted this white paper on the design of Etlinux, an embedded version of Linux. In particular, their use of the Tcl interpreter in order to reduce the overhead associated with normal ELF binaries, was discussed.
"Consider, for example, that for a
program such as the classic "Hello World",
which has several hundred bytes of code, the
smallest executable obtainable with gcc
occupies about 2.5 KB, for an overhead of about
2.4 KB, or more, in real-world programs.
Hence the fundamental idea behind Etlinux: to
use an interpreted language as a "motor"; it is
possible in this way to globalize basic
functionality in the executable of the
interpreter, making it available as primitives
of the language, and using scripts as
applications. For Etlinux, the choice of the
language fell to Tcl, a scripting language
developed by John Ousterhout (see reference,
below), which is exceptionally easy to learn,
and easily extensible through it's C API. TimeSys announces pre-emptive kernel support. TimeSys has announced the availability of its own pre-emptable kernel in its TimeSys Linux/RT distribution. They also issued this position statement, joining the crowd of companies disputing MontaVista's "first hard real-time Linux" claim. Coollogic introduces Coollinux AE. Coollogic has announced the availability of its "Coollinux Appliance Edition" distribution, aimed at original equipment manufacturers. Mini/Special Purpose DistributionsBYLD 1.1beta1 with CDROM support. The latest beta version of BYLD (Build Your Linux Disk) can now write to a CDROM. BYLD is a single-floppy-disk-based distribution meant to be a base from which to build your own rescue disk, net client, etc. Linux Router Project (LRP) 2.9.8 announced. Linux Router Project 2.9.8 was announced Wednesday, September 13th. The new version supports either the Linux 2.0 or 2.2 kernel. In addition, a package merging system that supports the creation of dynamically extended packages will be of interest to the LRP development community. "Persons using the development snapshot can use this system to make customized packages that dynamically build against the current release". Vector Linux 1.5. Vector Linux is a small distribution designed to be a very basic Linux distribution from which to build or "homebrew" your own. It supports installation of both rpm-based and debian dpkg-based packages. The latest version, Vector Linux 1.5, contains support for international keyboards, laptop PCMCIA support, the Linux 2.2.17 kernel and a new console look-and-feel, among other improvements. Some additional information is available in the Changelogs. SmoothWall Linux 0.9.4. SmoothWall Linux, introduced to our distributions list in last week's LWN Distributions Page, has released a new, minor update which includes some streamlining of the method the installer uses to autoprobe for ethernet cards, DHCP and Apache, among other changes. Fd Linux 1.1-1 introduces minor fixes. A fix for an ssh bug and a minor filesystem image bug led to the release of a minor update for this floppy-based mini-distribution. Section Editor: Liz Coolbaugh |
September 21, 2000
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Development page. |
Development projectsBrowsersNSS 3.1 Beta 1 Release 15. Mozilla.org has announced the release of NSS 3.1, a set of libraries for security enabled applications. The crypto code has been unencumbered thanks to recent licensing changes. NSS 3.1 is a complete open-source implementation that includes the recently opened RSA code. The Mozilla Crypto FAQ has all of the details spelled out. Open crypto software fills in a critical capability that had been missing from Mozilla. Mozilla Training Videos are now available. Mozilla has made a set of SeaMonkey BrownBag Training Series videos available for download. The videos are in Real Video format and range from 15MB to 36MB in size. DatabasesUsing MySQL's Built-In Replication To Maximize Availability (Php Builder). Php Builder has run an article by Michael Tanoviceanu on using MySql in a master-slave configuration. The process of setting up redundant database servers is explained in detail. DocumentationLinux Documentation Project change. The Linux Documentation Project is planning on publishing an index of current HOWTOS to comp.os.linux.answers. Work is under way to improve the feedback path from the readers to the authors of the HOWTOS. ElectronicsIcarus Verilog 20000917 snapshot available. The gEDA project has announced a new snapshot of the Icarus Verilog compilation system. GamesWorldForge looking for game developers. WorldForge is building a new game infrastructure platform called Stage, and is seeking developers for the project. If you have an interest in working with game software, these folks would really appreciate a helping hand. InteroperabilityWine Weekly News for September 20, 2000. The latest version of the Wine Weekly News is available. News includes the WineHQ cutover to a new mail server and wine portability issues. Network ManagementOpenNMS Update for September 19. Here is the OpenNMS update for September 19, covering the latest developments in the Open Network Management Software project. Office ApplicationsAbiWord 0.7.11 released. The first AbiWord release in three months is out. Many new features have been added, among them are PalmDoc exports, better Gnome support, improved dialogs, and additional RTF font support. See the announcement for details and get the latest version at the AbiSource homepage. Evolution 0.5 (Salamander) Released. Version 0.5 of the "Evolution" mail / calendar / address book application from Helix Code has been announced. It includes a rather substantial list of new features. A bug fix version for Evolution 0.5 has just been released. Here is the announcement for version 0.5.1, which is available for download. Nautilus needs testers. The Nautilus file manager for Gnome will be going through a second preview release in the next few weeks. The project is looking for testers to help locate bugs and verify fixes for resolved bugs. What's New in GIMP 1.2? (O'Reilly). O'Reilly news has run an article by Sven Neumann about What's New in GIMP 1.2. The article discusses the many new features in the upcoming Gimp 1.2 release On the DesktopFinal KDE2 beta released. The fourth and final beta release of KDE2 has been announced. Here's your last chance to find problems and help the KDE team produce a solid 2.0 release. The people behind KDE: Lauri Watts. The "people behind KDE" series continues with this interview with Lauri Watts, KDE's "documentation reviewer." "I guess you'd call that 'Help File nitpicker'. I help review the documentation for various things including sgml markup, typos, completeness. Closest to a real world job would be a copy-editor, but I try to stay out of editorialising the actual text unless it's not making sense. That's rare, the doc writers are doing a wonderful job." GNOME Documentation Project Status Report. The GNOME Documentation Project Status Report for September 15 is out. The GDP folks look like a busy crowd. Alan Cox releases GnoRPM 0.95. Linux kernel Hacker Alan Cox has lent a hand to the GnoRPM project by fixing a number of bugs and releasing GnoRPM 0.95. The notice states: "So if you ever had any troubles with GnoRPM before, rest assured that from here on, it is as stable as the kernel itself." Gnome Libs 1.2.5 test release. Miguel de Icaza has announced a test release of Gnome Libs. Numerous bug fixes have been included. PrintingCUPS v1.1.3 released. A new version of CUPS, the Common Unix Print System is available for downloading. Many improvements have been added, bugs have been fixed, and new documentation is available. CUPS is reported to be a big help for those dealing with multiple UNIX platforms and network printers. Ghostscript gets a new maintainer. Raph Levien has announced that he is the new maintainer of Ghostscript. The announcement contains a lot of useful information on the Ghostscript project's upcoming directions. Mr. Levien has an ambitious list of tasks to accomplish, not the least of which is simplifying the licensing model. Congrats, Raph - we expect you're going to be busy... (Thanks to Andrea Fogazzi). ScienceRFC: Journal of Open Source Medical Software (Linux Med News). Linux Med News has an announcement about an RFC for the development of a scholarly journal on Open Source medical software. If you are working in that arena, check it out. Editorial board positions are available. Ocularis: Leading the Way for Blind Linux Users (Linux News). Linux News has run an article on Ocularis, an open-source project using Linux that aims to create a "Seeing Eye Penguin" for the blind. "Eventually, Ocularis should be able to offer a variety of basic programs intended to allow visually impaired users to carry out certain core functions. 'The basic applications that Ocularis will possess are a word processor, calendar, calculator, basic accounting or finance application, file manager, Internet browser, and e-mail client,' the site explains. 'In addition, easy to use, all-purpose screen reading software will be included to provide access to nearly any console-based program.'" Web-site DevelopmentMidgard Weekly Summary for September 14. The Midgard Weekly Summary for September 14 is out, covering an admittedly "slow week" in the development of the Midgard application server. Zope 2.2.2 released. Zope 2.2.2 has been released. It's mostly a bugfix release, but it should be of interest especially to ZEO users. There is also a Zope 2.3.0 plan available which shows some of the things the developers are thinking of adding for the next major release. Zope Weekly News. Here is the Zope Weekly News for September 20. It covers recent events in the Zope development world, and announces a Zope job available at a "Fortune 100 media company." ZGDChart 0.4.2b released. Zope.org has released a new version of ZGDChart, a Zope based chart drawing facility. " ZGDChart is based on Michael Ray Steed's Python module gdchart, which in turn is based on Bruce Verderaime's GDCHART C library, which in turn is based on Tom Boutell's GD C graphical library. " ZGDChart can help you draw spiffy graphics with Zope. Section Editor: Forrest Cook |
September 21, 2000
|
|
Programming LanguagesC/C++Common threads: POSIX threads explained, Part 3 (IBM). IBM's developerWorks has run the third and last article by Daniel Robbins on using Posix threads. This article covers condition variables. You may want to start with the first and second articles if you have not read them already. Gtk-- 1.2.3 released. A new release of Gtk-- has been announced. Gtk-- is a C++ interface to the Gtk GUI library. This release contains mostly bugfixes. Gtk-- is distributed under the LGPL license. JavaJava code samples (IBM). IBM's developerWorks has published a useful set of Java and JavaScript code samples. If you are thinking about getting into Java, this might be a good place to start. DeveloperWorks has also run an article on how to Acquire multiple locks in a fixed, global order to avoid deadlock in Java. PerlPerlMonth issue 11. Perl Month Issue 11 has a number of useful articles on using Perl. Topics include debugging Perl CGI scripts, searching LDAP servers, and using various HTML:: perl libraries. PythonThis week's Python-URL. Here is Dr. Dobb's Python-URL for September 19, covering what looks like a busy week in Python development. Python-dev Summary for September 15. A.M. Kuchling's Python-dev Summary for September 15 is out. It covers the latest Python releases, licensing issues, and many other Python development topics. PyQt/PyKDE Python Bindings for Qt and KDE. The Kompany has announced new versions of Sip, PyQt, and PyKDE, which are tools for binding Python to Qt and KDE. The software is available for download. Charming Python: Curses programming (IBM). IBM's developerWorks has a new article by David Mertz on Curses programming in Python. The article walks you through the process of coding a Curses based application in Python. Tcl/tkThis week's Tcl-URL. Here is Dr. Dobb's Tcl-URL for September 19. It covers this week's happenings in the Tcl/Tk world, including the release of Expect 5.32. Section Editor: Forrest Cook |
Language Links Erlang Guile Haskell Blackdown.org IBM Java Zone Perl News PHP Daily Python-URL Python.org Python.faqts JPython Smalltalk Tcl Developer Xchange Tcltk.com |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Commerce page. |
Linux and BusinessRed Hat second quarter results. Red Hat has announced its second-quarter results (fiscal 2001). Revenue was $18.5 million, up from $10.5 million a year ago. The adjusted net loss was reported to be $1.9 million, compared to an adjusted net loss of $4.3 million at this time last year. The company seems well on its way to becoming profitable sometime in 2001. In other news, Red Hat and NetSilicon have announced a partnership to deliver products and services oriented toward Internet appliance systems. The first product is "NET+Lx," an Internet appliance development platform, running a version of uClinux which was ported by Red Hat to NetSilicon's NET+ARM(TM) processor. Intel delivers an open source language research platform. Intel has announced the release of its "Open Runtime Platform" under an open source license. The ORP is an optimized Java runtime environment, which initially interoperates with GNU Classpath. GNU Classpath is an open source library for Java. The basic system incorporates a fast code generating Just-In-Time compiler (JIT) as well as an optimizing JIT. It also includes several Garbage Collection (GC) algorithms, ranging from a simple mark-sweep algorithm to an advanced train algorithm. MontaVista joins Intel ACPP. The Intel Applied Computing Platform Provider (ACPP) program consists of third-party board and software vendors who meet Intel's strict criteria for quality assurance, design capability, tools, support and in the case of the hardware vendors, manufacturing capacity. MontaVista Software has announced that it has joined Intel's "Applied Computer Program Provider" program. Intel, too, has issued a press release on this event. RadiSys and LynuxWorks to develop high-availability Linux system. RadiSys and LynuxWorks have announced their intent to create a new, high-availability Linux system targeted for telecom and embedded system applications which require "five-nines" or better availability. RadiSys and LynuxWorks are both active members of the ACPP as well as charter members of the High Availability on Intel Architecture Forum sponsored by Intel Corporation. Recent Surveys. VA Linux Systems has issued a press release on the latest IDC results, which show VA in the number two position for Linux server shipments in the U.S. and third worldwide. A company called Evans Data has announced the results of a new survey: evidently they found a large increase (50% in 6 months) in the number of developers who are working on Linux wireless applications. InterVideo launches Linux DVD player. InterVideo has announced the availability of a Linux-based software DVD player "with integrated CSS copy protection." Yggdrasil ships Linux DVD9-ROM. Yggdrasil has announced the availability of what it claims is the first Linux DVD9-ROM. The DVD9-ROM format allows them to put 8GB worth of Linux stuff (from Metalab and ftp.gnu.org) onto a single disk. MandrakeSoft issues response to Bill Gates. MandrakeSoft has issued a response to recent comments by Bill Gates about Linux. "What Mr. Gates calls 'hype' is actually a worldwide, grass-roots, fundamental change in how computing is performed." It's fragtime for the Dust Puppy. UserFriendly.org is sponsoring the Loki Software Quake III Arena Contest. Contestants will create and modify "skins" and levels based on the cast of characters from the UserFriendly.org episodic comic strip for use with Quake III Arena. Lineo provides services for Embedded OEMs. Lineo has announced that its Professional Services Group will be expanding into providing services for embedded Linux original equipment manufacturers. Press Releases:Commercial Products for Linux
Products Using Linux
Products with Linux Versions
Java Products
Books and Training
Partnerships
Investments and Acquisitions
Financial Results
Personnel
Linux At Work
Other
Section Editor: Rebecca Sobol. |
September 21, 2000
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Linux in the news page. |
Linux in the NewsOpen SourceWhat makes software open source? (Upside). Upside looks at the Python license issue. "What's the difference between a GPL-compatible and a non-GPL-incompatible software license? In the case of the version 1.6 license for Python, the interpreted object-oriented language developed by Dutch hacker Guido Van Rossum and the Free Software Foundation (FSF), the hacker group charged with overseeing the Gnu General Public License (GPL), the answer is: 20 words." U.S. Government Should Foster Development of Free Software (LinuxToday). LinuxToday covers the President's Information Technology Advisory Committee (PITAC) and the recently issued 'Recommendations of the Panel on Open Source Software For High End Computing.' "The cover letter to the report says that PITAC 'believes the open source development model represents a viable strategy for producing high quality software.' A promising start. " Know your rights (regarding open source software) (ZDNet). Here's a quick survey of software licenses on ZDNet. "The real downside of the GPL, particularly for embedded developers, is that it's designed to discourage the creation of proprietary software and to encourage free software. If you wanted to build your firmware around a GPL package or library, you'd be forced to give away the source code to your firmware. But this is not a problem with an LGPL package, like the GNU C library, which can be legally included as part of proprietary software." The Failure of the Free Software Movement (Dr. Dobb's). Here's an opinion piece in Dr. Dobb's Journal claiming that the free software community has fallen short of its goals. "Although the Free Software Movement has succeeded in creating GNU/Linux and other free software, it has made little progress in its larger goal of making all software free, and faces serious challenges due to increased popularity of existing free software." (Thanks to Alexandre Dulaunoy). Real-time on LinuxDevices.comThe Real-time Linux Quick Reference Guide (LinuxDevices.com). LinuxDevices.com has posted a quick reference guide to real-time Linux. "Given the somewhat bewildering variety of alternatives, we've assembled the LinuxDevices.com 'Real-time Linux Quick Reference Guide' which we hope will assist you in locating Linux-based solutions that match your system requirements." Real-time Linux -- what is it...? (LinuxDevices.com). LinuxDevices.com has put up a tutorial article explaining real time applications and the various approaches to real time that can be found in the Linux world. "First, we'll define terms like real-time, hard real-time, soft real-time, and learn how real-time performance is characterized. Next, we'll learn what sorts of systems need real-time, and how much they need. Then, we'll compare some of the basic approaches used to add real-time to Linux." When hard real-time goes soft (LinuxDevices.com). LinuxDevices has run a guest column by Jeff Dionne of Lineo on the distinction between hard and soft real time applications. "Of course you need to define the response time requirements for your real-time system. However, it is the fact that you have strictly defined those requirements (say, before the spacecraft goes out of view or before the shaft on the motor you're controlling turns more than 0.3 degrees) that have made your system hard real-time as opposed to soft real-time." Red HatCan Linux Make Money? (ZDNet). ZDNet looks at Red Hat's prospects. "A year ago it was enough to have a dream, a hot technology and a good name. Today, however, tech stocks--such as Red Hat, the leading Linux distributor--need more. They need, if not profits, than solid bottom-line improvements. Red Hat delivered." Linux seller Red Hat narrows losses (News.com). News.com reports on Red Hat's quarterly results. "Companies that hired Red Hat in the past quarter to help push Linux into embedded devices included Samsung, Eastman Kodak, Hitachi, Ericsson, Cirrus Logic, Cradle Technologies and Intel, Red Hat chief operations officer Tim Buckley said during a conference call today. Such contracts typically have garnered Red Hat revenue from $100,000 to more than $1 million each, he said." Downgrade, sell-off zap Red Hat shares (News.com). News.com reports on the fall in Red Hat's stock price despite the company's good quarterly results. "Meanwhile, Oracle sold off 800,000 Red Hat shares for $19.4 million, and Novell sold off 50,000 for $1.35 million, according to regulatory filings yesterday and today." Sun buys CobaltSun to buy Cobalt in $2 billion stock deal (Reuters). Here's a Reuters article reporting that Sun intends to buy Cobalt Networks for $2 billion in stock. Each share of Cobalt will be replaced with a half-share of Sun. Sun buys Cobalt in $2 billion deal (News.com). News.com covers Sun's purchase of Cobalt Networks. "The deal also means that Sun, at least for the time being, will be adopting two foreign technologies into its product line: Intel-compatible Advanced Micro Devices CPUs and the Linux operating system." Sun Buys Cobalt Networks (ZDNet). ZDNet looks at Sun's purchase of Cobalt. "Sun Microsystems is presenting its stock-for-stock merger with leading Linux network appliance maker Cobalt Networks Inc. as primary being a way to accelerate Sun's entry into the server appliance marketplace. That's one way to take it. The other, while not mentioned by Sun in its press release, is that it gives Sun an instant entry into the Linux market. Unlike the quiet Solaris on Intel efforts, this move gives Sun not only its first Linux products, but it also marks the first time that Sun has made a splashy entry into the non-Sun hardware product market." CompaniesCommentary: VA Linux tees up in the storage server market (News.com). News.com is carrying a column from the Gartner Group on VA's new network attached storage product. "For the regional ASPs that are experiencing explosive storage growth and companies that run storage-hungry applications, VA Linux's NAS products are a much less costly alternative. VA Linux, on the other hand, should enhance its storage management software features." TurboLinux wins supporting role in Hollywood bank (News.com). News.com looks at the use of TurboLinux at the First Credit Bank of Los Angeles. "Winning over financial institutions is an important step in establishing the legitimacy of comparatively new companies such as San Francisco-based TurboLinux. But there's plenty of room for improvement, as First Credit Bank will be using the TurboLinux servers only for relatively minor server tasks such as sharing files, sending print jobs to printers and transferring files over the Internet, TurboLinux said." An Open-Source Maven Closes In on Oracle (Business Week Daily). Business Week Daily looks at Great Bridge Software and its plans for the PostgreSQL database. "But convincing corporations that an open-source database, created by thousands of unknown contributors, is secure and stable enough to trust could prove difficult. That reluctance comes, in part, from the crucial role databases play in everything from stock-market transactions to air-traffic control -- a role many information architects claim is even more crucial than that of operating systems." Embedded Linux Development Site Set to Unveil (InternetNews). InternetNews.com reports on DevelopOnline, an embedded Linux site set to launch at the beginning of October. "Targeted primarily at the embedded Linux community, the site offers developers open source software (multiple versions of Linux) and a database of complete open hardware platforms, including reference designs, schematics and board layouts." Lesser-known Linux companies join forces (News.com). Here's a News.com article about Caldera's investment in EBIZ. "Although Caldera is one of the Linux companies that went public before Wall Street grew testier this spring, analysts say it doesn't have the revenue or brand recognition of Linux companies such as Red Hat or VA Linux Systems." BusinessGnome needs a facelift (ZDNet). ZDNet comments on GNOME and the GNOME Foundation. "If you've ever attempted to use the Gnome desktop, you'll know that even in its newer, much improved incarnations, it's not going to find favour with many IT support departments. They will not want to do battle with its installation routines, and explain its complicated file management processes to users. If the Gnome Foundation is serious about making Gnome a viable mainstream solution, it needs to look further than using it as a vehicle for pushing the open source message, and begin to apply some real design expertise." Console makers face a brand new game (Upside). Upside reports on the next generation of game consoles, including the Linux-based Indrema. "So which strategy will be successful? Indrema's won't. The L600 consoles will end up as high-end engineering curiosities, like the DeLorean, if they ever get made." Yggdrasil riddle (ZDNet). Evan Leibovitch looks at Yggdrasil, a once-prominent Linux distributor. "[Yggdrasil owner Adam] Richter said the company didn't go after the venture capital, staffing expansion or marketing blitzes of other Linux companies of the last few years because the company wasn't ready for it -- then." Linux and Napster users: Cut from the same yarn (Upside). Despite its title, this Upside article has nothing to do with Napster. It is, instead, a comparison of the Linux community with modern music producers. "After all, today's hackers and DJs share more than just a penchant for expensive electronic toys and ill-advised haircuts. In a world characterized by information overload, both cultures have emerged as separate appendages of the same post-modern beast. Whether it's Gnome hackers appropriating the GIMP tool kit for their own benefit or musicians such as DJ Spooky overhauling Metallica's 'For Whom the Bell Tolls,' throwing in hip-hop samples underneath, the underlying creative concepts are the same: Take the best. Dump the rest. Integrate and start over." MP3.com yanks song with illegal DVD-hacking code (News.com). News.com covers the banning of the DeCSS song from MP3.com. "The song, called DeCSS.MP3, offers an English language rendition of computer code that, depending on whom you ask, is either a harmless exercise in experimental software engineering or a missile aimed at the heart of Hollywood." Building a Black Hole with OpenGL (O'Reilly Network). This lengthy O'Reilly artcle looks at the physics of black holes and OpenGL. "What we can do fairly inexpensively is simulate the physics of a very strong gravity field acting upon a number of particles. By simulating a thousand particles or so, a very pleasing visual display can be created. Using a simple iterative solution, the physics can be calculated quickly, while still resulting in true "Kepler" orbits, within limits. We'll use OpenGL as the 3D API in order to leverage any 3D hardware that might be available on the machine." Resources.comment: Visiting the Kernel (LinuxPlanet). LinuxPlanet plays with the 2.4.0-test kernel. "As Eric S. Raymond has famously noted, programming in our sphere is done because the programmer has an itch he or she wants to scratch. I'd like to extend that--pre-release software is installed by itchy users." LinuxDevices.com Embedded Linux Weekly Newsletter. Here is the LinuxDevices.com Embedded Linux Weekly Newsletter for September 14. As usual, it contains a detailed summary of embedded Linux happenings over the last week. ReviewsHelix Code GNOME 1.2 (DukeofURL). Here's a long look at Helix Code's GNOME 1.2 from the Duke of URL. "Thanks to intelligent design, if you already have a desktop environment, installing Helix Code GNOME is as easy as a couple commands. If you don't have some sort of desktop environment installed already, it's no harder than KDE or other environment. Installation can be done via RPM or source, and can be done with Helix Code's handy installer." DigitalDevices: From old PC to powerful server (ZDNet). ZDNet reviews the NetMAX Professional Suite. "Installation isn't pretty during the first section, consisting of bewildering Linux text messages scrolling up the screen. Linux-phobes aren't asked to do anything even resembling a command, however; the program just answers a few quick questions and continues to the browser-based installation screens, which are clean and attractive." Opening a Few Windows with PHP (ZDNet). ZDNet has run a lengthy article on PHP - for Window systems. "The intention of this article is not to engage in platform warfare, but to simply inform folks that PHP is not just for Linux." InterviewsInformation on a Korean combo cell phone + PDA (LinuxDevices.com). LinuxDevices.com talks with Minsuk Lee of PalmPalm Technology, which is working on a new, Linux-based cellular phone/PDA system. "There were some some disadvantage in using Linux in embedded applications: It's BIG! It needs much more memory than typical embedded RTOSes, but still less than WinCE" Section Editor: Rebecca Sobol |
September 21, 2000 |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Announcements page. |
AnnouncementsResourcesThe return of Kuro5hin. Rusty Foster has announced that Kuro5hin.org would return to the net effective Monday, September 18th, after nearly two months of absence. The announcement stated the site was to be up at 10:00 AM U.S. Pacific time (GMT - 7). New Linux job site. A Linux-oriented job site, called MonsterLinux, has hit the net. Immediately after launching it was throttled into a name change by Monster.com. The site is now called Mojolin.com. The new domain should be up and working very soon. EventsPlanet IT Roundtable on Linux. Alex Samonte, chief engineer at SiteSmith, is leading a Linux roundtable discussion on Planet IT based on his background in network administration and software engineering in the Linux environment. The roundtable will run from September 15, 2000 through October 14, 2000. Note that this page requires a member login. Not Your Parents' Appliances. Here's a look at what's coming to the upcoming Embedded Systems Conference, September 24-28, 2000 at the San Jose Convention Center in San Jose, Calif. Keynotes at LINUX Business Expo - Atlanta. Here's a press release about the keynote addresses at the upcoming LINUX Business Expo. Robert Young, Red Hat Chairman and Co-founder and Nicholas Petreley, Linux Journalist and Caldera Systems Linux Evangelist are both giving speeches. Conference tracks, workshops and show highlights are also listed. Atlanta Linux Showcase and Conference. The 4th Annual Linux Showcase & Conference is coming up, October 10 - 14, 2000 at the Cobb Galleria in Atlanta, Georgia. This press release is about the USENIX Association's contributions to the event and it introduces the keynote speakers. September/October events.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. User Group NewsCentral Ohio Linux Users Group. COLUG is meeting on September 27, 2000. Presentations on SSH and OpenSSH and much more. The people of Delfzijl are introduced to Linux. Linux will be introduced to
the people in Delfzijl (a harbour on the north east coast of the
Netherlands), in three meetings: These meetings will start at 20:00 and will occur at wijkcentrum Kuilsburg, Camperlicht 1, Delfzijl. The language at the meetings will be dutch. LUG Events: September 21 - October 5, 2000.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. EmploymentJobs in Dallas, Texas. The ideal candidate should have experience in the following areas: 5+ years experience working with Linux and 5+ years experience developing desktop applications software with the Linux development tools.Linux Today Jobs. Linux Today has a new job site. Job posters are charged $45; no charge for job seekers. |
September 21, 2000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software AnnouncementsLWN will continue to bring you Freshmeat software announcements frozen at this point in time. Now, instead of offering them inlined on this page we will make them available in a separate file. In fact, two separate files, because Freshmeat now offers the announcements in two different ways: |
Our software announcements are provided courtesy of FreshMeat
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Back page page. |
Linux Links of the WeekThe Link Controversy Page is an attempt at a comprehensive collection of information on the use of links on the web. If linking issues, such as those that came up in the DVD case, interest you, this is the place to find more information. A related site is EFF's Campaign for Audiovisual Free Expression. Check it out for news from that front of the fight for freedom. Section Editor: Jon Corbet |
September 21, 2000 |
|
This week in historyTwo years ago (September 24, 1998 LWN): The Uniform Driver Interface (UDI) burst on the scene with great fanfare. UDI was a layer intended to make it possible to write device drivers that would work on multiple systems. Surprisingly, Linux was not only to be supported by UDI, but was being actively courted: However, writing new drivers for the thousands of peripherals on the market is a daunting task. Hence, Project UDI is hoping the Linux community will help... A reference platform will be distibributed as freeware for Linux, and the Project UDI members will be counting on the Linux community to work on device drivers...
The Linux community showed little enthusiasm for the idea of providing device drivers for the convenience of proprietary Unix vendors, and UDI faded away. The development kernel release remained at 2.1.122. Linus called for a change in how the network drivers worked, because it was all wrong at the time. The changes called for happened, but not until 2.3.43. IBM finally got around to announcing that its DB2 database would be made available for Linux. Sybase, too, got in on the act with its release of "Adaptive Server Enterprise." One year ago (September 23, 1999 LWN): A previously obscure company called LinuxOne released a new distribution (called by some "Red Hat with the serial numbers filed off") then promptly filed for an IPO. Needless to say, this move was not well received. One year later, now, the IPO has not happened. Corel Linux went into beta test. The event was overshadowed, however, by a rather severe nondisclosure agreement that beta testers were expected to sign. Linux-Mandrake 6.1 was made available for download. LinuxOne was not the only IPO filing that week; Andover.Net also put in for an offering. They had rather more success at it. | |
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Thu, 14 Sep 2000 14:18:20 -0600 From: yodaiken@fsmlabs.com To: lwn@lwn.net Subject: RTLinux story Your story was very nice, but, of course, I have to complain about something. And the something is RTLinux makes many changes to the standard kernel source, while RTAI takes a minimalist approach to kernel changes. RTLinux has always done only minimal changes to Linux: working only at the lowest level of the architecture dependent interrupt handling. RTLinux on PowerPC requires no changes at all to Linux kernel and on x86 and Alpha the changes are all localized. In fact, from the beginning of this project, making it easy to track the kernel and staying out of the core operating system have been priorities for us. -- --------------------------------------------------------- Victor Yodaiken Finite State Machine Labs: The RTLinux Company. www.fsmlabs.com www.rtlinux.com | ||
From: Massimo Dal Zotto <dz@cs.unitn.it> Subject: Re: Cisco patents NAT To: lwn@lwn.net Date: Wed, 20 Sep 2000 22:06:39 +0200 (MEST) Hi, the Cisco patent on NAT was filed on 3 Nov 1995 and my old copy of the linux-1.3.20 kernel, dated approximately August 1995, already contains many references to the constant CONFIG_IP_MASQUERADE, so we have a clear case of prior art in the linux kernel itself. Should this be enough to invalidate the Cisco patent or do we need some legal battle to defend our version of the same idea? -- Massimo Dal Zotto +----------------------------------------------------------------------+ | Massimo Dal Zotto email: dz@cs.unitn.it | | Via Marconi, 141 phone: ++39-0461534251 | | 38057 Pergine Valsugana (TN) www: http://www.cs.unitn.it/~dz/ | | Italy pgp: see my www home page | +----------------------------------------------------------------------+ | ||
Date: Wed, 20 Sep 2000 15:03:18 -0500 From: Dave Finton <surazal@chef.nerp.net> To: letters@lwn.net Subject: Am I the only one? Lately I've noticed a big trend with Linux news sites. Due to it's rather populist roots, Linux advocates have always been extremely passionate about their beliefs (I know this because I'm from the same camp myself). No more is this true than with those who run popular Linux-oriented web sites, such as Slashdot and LinuxToday. This, too, is the result of a long history, where these types of web sites were the voices of Linux and Open Source in the earlier days. Nowadays, Linux is jockeying for position in multiple markets (successfully in many cases) and the concept of "Open Source" or "Free Software" (or whatever your preferred buzzword is) has taken root even in business executives' minds. Linux has hundreds of millions (if not billions) of dollars surrounding it when counting public and private companies together. Times have changed, in other words. So why haven't our advocacy methods changed at all? Take the recent ruckus with online polling between LinuxToday and MSNBC. MSNBC has so far refused to comment in great deal concerning the mess. They have so far refrained from trying to sully LinuxToday's reputation. This is simply because LinuxToday is doing a fine job of shooting itself in the foot on its own. What the Paul Ferris's and the Rob Malda's of the world have to realize is that it ain't the best strategy to provoke an opponent to react to outrageous actions they've committed and then whine when the opponents do react in some way. I can't fault MSNBC for rigging its own polls, because LinuxToday forced them to. Yes, we all know online polls are a joke, but I disagree with the methods being used to combat their use in public discourse. What is LinuxToday trying to accomplish with this? Are they pointing out that MSNBC is owned by a corporation with a conflict of interests a mile long when it comes to technical journalism? Well no duh. Are they trying to say that MSNBC was at fault for reacting to a (what could be interpretted as) legitimate attack on their servers? Maybe, but personally I am beyond caring at this point. Are they trying to improve their corporate image? If so, man do they ever need help in that department. Personally I find the behavior of the Linux advocates highly questionable, simply because it just looks like (to me) a provocation done for the sake of provocation. Even though I single out LinuxToday in this rant, a lot of news publications devoted to Linux are guilty of the same misdeeds. And when someone like me (a Linux advocate who's more than likely ventured out into the land of zealotry on more than one occasion in the past) finds that behavior extreme, what does it say to "the unwashed masses"? Do they think that this is supposed to make themselves look good to the public? If so, how? My criticism is harsh, but I think the point needs to come across some of the "great leaders" of this big movement that we need to move on. When trying to paint a friendly face on Linux and Open Source, it's best to put your best face forward, not scream and hollar like children whenever things don't go the way we want them to. We must all learn to adapt. If we don't, soon we'll find ourselves starting at square one all over again. -- - Dave Finton --------------------------------------------------------- | If an infinite number of monkeys typed randomly at | | an infinite number of typewriters for an infinite | | amount of time, they would eventually type out | | this sentencdfjg sd84wUUlksaWQE~kd ::. | | ----------------------------------------------------- | | Name: Dave Finton | | E-mail: surazal@nerp.net | | Web Page: http://surazal.nerp.net/ | --------------------------------------------------------- | ||
Date: Thu, 14 Sep 2000 11:44:25 -0600 From: Jim Easter <jre@sni.net> To: letters@lwn.net Subject: A hit with a bullet? Regarding "MP3.com yanks song with illegal DVD-hacking code (News.com)": Years ago, my family lived next door to a man named Dolf, who had grown up in Poland during the 1940s and 50s. We were talking about popular music one day, and Dolf told us about how new songs had gotten exposure in the Poland of his youth. He said that the coffeeshops and bistros of Polish cities had a kind of permanent open-mike policy, and that aspiring musicians would hang out there in search of fame. Some got well-known over the course of time, but the best shortcut to renown was the government censor. Each coffeehouse had a government representative sitting at the side of the stage, whose job it was to stop performers from singing political satire which strayed into forbidden territory. When that happened, the censor would step forward and firmly state that the song in question could not be sung. According to Dolf, the coffeeshop would then empty out as people ran to their friends' houses with the new song: "Didja hear the song the censor just shut down? It goes like this ..." I can't speak for anyone else, but this story was all the encouragement I needed to download Joe Wecker's hilarious song from the (perfectly legal) Gallery of DeCSS Descramblers [1] maintained by Dr. David Touretzky. Give it a listen. It should be noted that MP3.com is a reluctant censor, acting out of fear rather than malice, but the effect is the same as if the DVD CCA had been sitting at the side of the stage. Fortunately, the end result is that these threats tend to backfire. You can't buy that kind of publicity! [1] Touretzky, D. S. (2000) Gallery of CSS Descramblers. Available: http://www.cs.cmu.edu/~dst/DeCSS/Gallery, (14 Sept 2000) | ||
Date: Fri, 15 Sep 2000 04:56:52 -0500 (CDT) From: <shane@time-travellers.org> To: Jon Corbet <lwn@lwn.net> Subject: Teensy ELF Executables [Regarding last week's link of the week on teensy ELF executables: http://www.muppetlabs.com/~breadbox/software/tiny/teensy.html ] Given that this isn't really an ELF file that you end up with, why not just use the following: $ echo -n 'exit 42' > a.out $ chmod +x a.out $ ./a.out ; echo $? 42 $ wc -c a.out 7 a.out Frankly, I'm tired of those bloated 45 byte executables. BTW, this works on all Unix variants. Shane p.s. Yes, this requires a interpreter, but given that /bin/ash is about 60 Kbyte and /boot/vmlinuz is about 600 Kbyte, I'd say that's fair. :) | ||
Date: Wed, 20 Sep 2000 12:34:22 +0100 From: Richard Kay <rich@driveout.demon.co.uk> To: jim@mischel.com, letters@lwn.net Subject: Failure of the free software movement ? Your article in Dr Dobbs Journal might describe the as yet incomplete success of what to some seems an extreme ideology perhaps. The many examples of adoption of open-source development methodologies which you record for perfectly good commercial reasons also suggests very considerable pragmatic success of this movement. I also don't see the core free software ideology as anti-commercial, though a few who claim to support this may seem to do so for such motives. Another factor you miss is the noticeable drift of important semi-free software such as Netscape/Mozilla, Star-Office and KDE towards becoming completely free software, also for very pragmatic commercially-driven reasons. Your anti-GUI ease of use argument is way out of date. I might accept your critique that Linux is less easy for newbies to use in respect of my more than 2 year old Slakware 3.4 FVWM95 system. Having very recently upgraded this using the new Mandrake 7.1 basedKDE desktop this gives such a significant improvement on the GUI ease of use front that this is an improvement over Windows 98 and NT4 in this area, let alone Windows 3.1. There exists a core issue to do with the principles behind free software which your article fails to address. The progress of the free software movement described and the general advantages to inventors, authors, programmers and artists of having access to free distribution not mediated by powerful corporations is leading many of us to question in whose interest the copyright and patenting system works. This leads to a definite political question: should the state be involved in the protection of the private vested interests which patent and copyright laws involve ? To what extent do these laws protect the interests of inventors and authors as opposed to those of corporations and publishers ? There was clearly a case for such state protection 200 years ago when a well capitalised printer could readily cream the commercial value of an impoverished author's work, but copyrights and patent laws are no longer seen to protect those in whose interests they were originally passed. It is now up to those who would seek to maintain these protections to justify why the general public should be deprived, by the force of law, of their pre-existing natural right to make copies of works considered worth copying. Richard Kay | ||