![[LWN Logo]](http://old.lwn.net/images/lcorner.png)
![[LWN.net]](http://old.lwn.net/images/bigpage.png)
|
|
|
Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
 Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsThe Python team moves - again. Last May Guido van Rossum, the Python BDFL (Benevolent Dictator For Life) announced that he was moving, along with much of the Python development team, to BeOpen. This move was intended to be a good thing for Python, allowing the language to develop more quickly than had been the case so far. To some, BeOpen seemed like a bit of an awkward fit. And it turns out that it was - On October 27, Guido sent out a new announcement stating that the PythonLabs team was moving again - this time to Digital Creations. The hope, clearly, is that the new home will work out better: "We trust that Digital Creations will provide a stable home for Python for many years." What went wrong with BeOpen? Consider that the Python group consists of five top-level hackers (Guido, along with Tim Peters, Barry Warsaw, Jeremy Hylton, and Fred Drake); just keeping them supplied with pizza could be an expensive proposition, and payroll even more so. BeOpen would not commit itself to such a drain on its checkbook without having some idea of just how the Python team would bring in revenue to offset the expense. That idea, according to a conversation we had with Guido, was to build an advertising-supported Python portal site. But that's a hard business and it didn't work out; neither did any of the other ideas that came up. Says Guido: In the end the plan was that the PythonLabs team would do Python consulting to bring in revenue to fund the entire company. But even that didn't work, and they couldn't pay our salaries. At that point we figured we'd waited long enough for things to get better, and decided to cut our losses.
Digital Creations, of course, will have the same sorts of concerns; will things go more smoothly this time around? The view from the outside suggests that it should. We talked with Digital Creations CEO Paul Everitt about this move, and it became clear that the company has the potential to be a good match for the Python team. Digital Creations, of course, is the home of Zope, the Python-based, open source web application server that has been on a growth path for the last couple years. Zope has derived great benefit from Python and the capabilities it provides. It is also true, however, that Python has benefitted from Zope, which was the "killer app" the language needed to push it further into the mainstream. The business case for hosting the Python group seems clear. Digital Creations is a classic example of the value of branding. Anybody can set up a Zope-based site, but DC is the company that created Zope. They will be the first provider on anybody's list when they are thinking about Zope. That branding effort can only be helped by also having on board the people who created Python. There is also the little fact that DC has a lot of Python programming that it needs to get done. The PythonLabs group will spend part of its time doing DC's work, which can include hacking directly on Zope. The rest of their time is to be spent doing whatever they think needs doing to push Python forward. According to Paul Everitt: One of our strongest differentiators is time-to-market, and Python is core to our ability to deliver on that story.
So having the Python group around clearly makes sense, even without Paul's last reason, which could justify hosting this group by itself: "Finally, we've bet the business on Python. We need to help secure its future and increase its success." There was another important bit of news in Guido's note: a non-profit organization (the "Python Software Foundation") is being created to hold the copyrights to the core Python code. Python will not be owned by Digital Creations. This is a good move on Guido's part; as the acquisition of Ajuba Solutions (covered in last week's LWN weekly edition) shows, a company's priorities can change very quickly. Digital Creations looks pretty solid as it is, but having Python set up to thrive if things change makes a lot of sense. (See also: Paul Everitt's ZopeNewbies posting on the move; LWN's interview with Paul and with Guido, which have more interesting information, the Ninth International Python Conference, which should be a most interesting event next March, and this reminder that papers for that conference are due by November 6).
Turbolinux Inc. files for IPO. The pace is picking up: Turbolinux announced on October 30 that it has filed for an initial public offering of stock. As usual, we've gone and taken a look at Turbolinux's IPO filing. The result is an interesting picture of a true Linux software company - there is no reliance on service plans or web portals in this plan. There's also some interesting information on just how Turbolinux parted ways with its founders, Cliff and Iris Miller. Have a look at our writeup for the full scoop. It seems that the Linux IPO drought may finally be coming to an end. No Linux company has managed to go public since Caldera Systems squeezed in last March, and many that were expected to didn't even try. But now there are three Linux companies with IPOs outstanding: Lineo, LynuxWorks, and TurboLinux. Actually, there's four if you count Transmeta, which is currently due to hit the market on November 6 or 7. OK, five if you count Rackspace, which still does not have a date. Of course, filing for an IPO and actually accomplishing one are two different things, as Lineo (which filed in May) can attest. It remains to be seen whether any of these companies actually get their stock out there. The markets are hostile, and quite a few investors may be a little worried about Linux stocks. But then, Linux is stronger than ever, and people (outside the Linux community) may be beginning to figure that out. If they come back to the Linux market with more realistic expectations, things should be better off all around. U.K. Patent Office consultation on software patents. The U.K. Patent Office has put up a request for comments on how software (and business method) patents should be treated in the U.K. and Europe. There is also some interesting information to be found in there, including the fact that some 15% of all U.K. patents now are "software-based." They seem truly interested. "We want to know what you think about this so that Government policy is evidence-based and relevant to business, commerce, and consumers - in other words to you. So, whether you are in the software industry, financial services, are a software user, a consumer, or are otherwise interested, we want to hear from you." The deadline for responses is December 15. (Thanks to Alan Cox). Linuxcare ups and ... well, ups. The news out of San Francisco this week was the appointment of Art Tyde as CEO to Linux services company Linuxcare. Tyde was one of the original founders, along with David L. Sifry, Linuxcare's Chief Technology Officer, who talked with us about Linuxcare's future. LWN: Linuxcare has shut down its European operation, which unfortunately means a lot of people are out of work. The company has also put Art Tyde in as CEO (replacing Fernand Sarrat who was let go in April) after a exhaustive search for a IPO-targeted "brand name" chief. Why? Sifry: Why is Art CEO? It was a business decision. As a company we've been in a search for a CEO since April/May. Various search agencies were helping (including Christian and Timbers, who helped put [Carla] Fiorina in charge at HP) - we wanted the right person, someone who understands open source and Linuxcare, which has grown up out of the community. Someone who understands that philosophy and not be like a hardware company. An advocate for the customer who understands the culture, but then also understands business. Someone who can take a company from $1M to $10M, who can deal with investors and the public sector. We wanted a leader, a visionary - someone who can motivate the company. You can find people with one or two of these attributes, but seldom all three. There was no lack of candidates, but we had a hard time finding the right person. After 6 months the board thought they had set their standards too high for a single person. They looked around the company itself and found those attributes in various people - in fact two people. The board was happier looking inside the company instead of outside - continuance of leadership instead of someone coming in with their own people. The business was doing well - deals with HP, Motorola, $30M in venture, all without a CEO. This was a testament to the company's business being fundamentally strong. The board said "lets get creative". They made Art CEO - the visionary, the business type - and backed him up with Christian Paul as COO. Art has overall responsibility for the actions of the company. He's focusing his time with customers and partners, as well as providing leadership and vision to the troops. Chris is responsible for managing the day-to-day business operations of the company, such as finance. We then looked at our business and where we were making our money. For now, the majority of money is being made in North America and Asia. We weren't making a lot in Europe. When the market was hot we hired on a bunch of people, but things settled out and the way the market looks the business was not coming from Europe. If we can't play to win - if we're not willing to invest in the infrastructure then we shouldn't be there. It had nothing to do with the people - they were some terrific developers. But it came down to a business sense - were we really focusing on core markets. We fully expect to be back in Europe in force, but when we can focus on a market that exists (when it does). We realized we had overextended a little. As a company we play to win, if we're going to be in a market we want to be the dominant player. LWN: So is this the end of the Venture Capital driven strategy? Are VC's still driving Linuxcare? Sifry: VC are interested in results. They aren't particularly interested in the details. As a company, they want to know if we have focus. Do we have a position in the markets we're playing in where we are dominant? That's what VC's (and investors) ask. Linuxcare's board, which only has 2 VCs, includes such people as:
LWN: Does the re-appointment of Art Tyde indicate that Linuxcare has a reduced interest in attracting investors? Have you had any negative feedback with Art's appointment? Sifry: No negative feedback. He was already there, now it's just more permament. LWN: Might the appointment indicate that the VC world is giving up on Linuxcare? Sifry: We raised $30M earlier (in September I think), and we are hitting our numbers. LWN: Will Linuxcare be seeking further investments in the near future? Sifry: No current plans. We expect to be profitable by the end of next year. LWN: What are the priorities for Linuxcare now? Where will the money be coming from? Has the business model changed? Sifry: Revenue will come from services for open source software. We continue to see ourselves as scaling in more automated ways. Our focus will stay in professional services, with our knowledge base. You can expect more big announcements by the end of the year, but I can't give any details right now. LWN: What lessons have been learned about how free software businesses should work with the investment community? Sifry: We both have to learn a common language. We had to train our investors and board on what we do. Once they understood that and had their expectations correctly set it's been a smooth relationship. The need for a common language was key. What they taught us was discipline and focus for the business. You have to be selective about what markets you target. Summary: The closing of the European offices was unfortunate, but a definite sign that Linuxcare is refocusing to meet investor expectations and internal strengths. The company is slowly regaining its focus as a free software company, rather than an "IPO missile." Dave Sifry's summary suggests that things are on the right track: "I'm happier now than I've been in a year and half." Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
November 2, 2000
|
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Security page. |
SecurityNews and EditorialsLessons from the Microsoft network intrusion. By far the most notorious of security news this past week was the admission by Microsoft that their internal network had been compromised, the FBI called in to investigate and the source code to Microsoft Windows and/or other Microsoft products possibly accessed by the intruders. Below, we've listed a compendium of sites that have coverage on the issue, so feel free to glut yourself. Most of the coverage has looked either at the mystery of who the intruders were, what their intent was, or the possible repercussion. For better or worse, though, these are all speculation; real answers will come later or possibly not at all. We'd like to focus, instead, on the lessons to be learned from this intrusion. First and foremost, the clearest message we see is that "all bugs deserve to be fixed". We cannot resist pointing out this old, and infamous, interview with Bill Gates in which he states, "There are no significant bugs in our released software that any significant number of users want fixed". The largest "bug", in this case, has been the vulnerability of the various Microsoft operating systems to viruses and the unintended execution of suspect binaries. Rather than fix this fundamental flaw, Microsoft allowed and encouraged an entire industry built on "protecting people" from its impact. Unfortunately, the ease in which new viruses can be developed, or mutated from previous viruses, plus the reality of the amount of personnel resources needed to keep virus databases up-to-date and computers secured, makes a joke of the ostensible purpose of this industry. The real purpose of the virus-protection software industry is to make money and they were given a wonderful business model for it -- a never-ending supply of new viruses, guaranteeing that people would have to pay money, again and again, in order to "get the latest protection". People didn't end up truly secure, just poorer. In the end, it is poetic justice that Microsoft itself should suffer for its choice. What user cares about having this bug fixed? In this case, Microsoft is one user that must wish this bug had been fixed. They are far from the only one. Another lesson from this intrusion is the fallibility of the closed source security model. Time and time again, security experts in the Open Source community have warned that security which has not been exposed or scrutinized cannot be counted on. Now with the possibility that the Microsoft operating system code has been exposed, and exposed to people with a track record for exploiting security vulnerabilities, we're about to get a graphic lesson on the topic. Given the wide-spread use of Microsoft products, what country, what company, is not currently wondering what impact this will have on them. Many people believe there are back-doors in Microsoft products -- if there are and the source code has truly been exposed, they will be exploited. If I were a foreign government, I would be strongly tempted to make an international incident of this intrusion, demanding immediate disclosure of the source code, so that everyone at least has an equal chance of finding security vulnerabilities and protecting themselves against them. In the end, the final lesson: while access to the source code can't protect you from security problems, it is an essential first step towards security. You can't protect yourself without it. Press Coverage:
Princeton Team Cracks SDMI (Web Developer). The Secure Internet Programming team at Princeton chose to pick up the SDMI Challenge. As a result, they announced this week their defeat of the SDMI watermark technology, a critical part of SDMI's boasted security. The Princeton team explained their decision to participate in the challenge in their FAQ, which is well worth a perusal. Here is one quote: "Still, wouldn't it have been better for opponents of SDMI if you let SDMI go ahead and deploy a flawed technology, so music lovers could teach them a lesson by copying music despite the technology?They go on to discuss the implications of the Digital Millennium Copyright Act (DMCA), which they felt would have made research into the SDMI Security outside the announced contest potentially illegal, and the glaring faults of the contest itself, which did not give contestants access to the software equal to that which a consumer will have if the software is deployed. Princeton waived the potential reward in return for free disclosure of what they found. We can only hope that their work helps bridge the knowledge gap with proponents of SDMI. Zero Knowledge marks Freedom milestone (Upside). Mike Shaver, Zero Knowledge's Chief Software Officer and well known Mozilla veteran, wanted to put an open source spin on the company's products. With the release of Freedom 2.0, they've made it official. "Freedom 2.0 is a software tool that lets users encrypt Internet communications and route those encrypted messages through a collection of independent servers which, in turn, add their own layers of encryption. Users who run the client on their desktop machines can use it to manage a collection of pseudonymous identities." Tripwire Open Source, Linux Edition Now Available. Tripwire, Inc. has released Tripwire Open Source Linux Edition, a project being hosted on Sourceforge. Interview with AES Winner (LinuxSecurity.com). Vincent Rijmen, co-author of the AES winning algorithm known as Rijndael, is interviewed by LinuxSecurity.com for his thoughts on the development of the Rijndael algorithm, its selection as the NIST algorithm of choice for AES, thoughts on Linux and security, and the future of Internet security. "Vincent Rijmen: ... I think there is an important challenge in making the distinction between complexity and security. Some people still believe that added complexity increases automatically security. This belief should be erased. We should keep on working towards secure and simple systems, that are as easy to understand for the people as a door lock, a sealed envelope, etc." Security ReportsSamba 2.0.7 SWAT vulnerabilities. Multiple vulnerabilities in SWAT, the Samba Web Administration Tool, were reported this past week. They can be used to bruteforce username and passwords and, if logging is enabled, a race condition can be exploited locally to gain root access. Last, a denial-of-service attack can also be implemented. No fixes for this have been posted as of yet. Disabling SWAT, or restricting access to the service, is recommended.nss_ldap race condition. Red Hat has reported a race condition in nss_ldap, a set of C library extensions which enable the use of X.500 and LDAP directory servers. Updated packages are provided. This problem will affect any Linux system using the nss_ldap package. No update from PADL Software, the official maintainer of nss_ldap, has been seen yet.pam_mysql trusted input vulnerability. Pam_mysql, a pluggable authentication module used to authenticate users against a mysql database, uses the user-provided username and password to construct SQL statements. This can be exploited both locally and remotely to gain access to plaintext passwords/hashes or, with pam_mysql > 0.4, to gain an unauthorized login. Check the original advisory for additional details.An upgrade to pam_mysql 0.4.7 will fix the problem. bftpd buffer overflow. An exploitable buffer overflow was reported in bftpd 1.0.11. bftpd 1.0.12 has been released with a fix for this problem.Multiple buffer overflows in tcpdump. FreeBSD discovered multiple buffer overflows in tcpdump 3.5 during an internal audit. They have released a patch to fix the problems.Format string vulnerability in FreeBSD chpass utilities. FreeBSD reported a format string vulnerability which impacts multiple commands, including chfn, chpass, chsh, ypchfn, ypchpass, ypchsh, and passwd. Local root access can be obtained. They have released patches for the problem. Note that other BSD variants are likely affected; we do not know whether or not this code is shared with Linux.dump-0.4b15 local root access. An input-trust vulnerability in dump-0.4b15 allows dump's environment variables to be used to gain local root access, according to this report on BugTraq. No patch for this has been released as of yet.Red Hat cyrus-sasl advisory. Red Hat has released a security advisory for the cyrus-sasl packages shipped with Red Hat 7. Due to a bug, users who had been successfully authenticated were allowed to access resources that should have been blocked from them. Versions of cyrus-sasl shipped with earlier Red Hat Power Tools packages do not have the reported problem.host 8.21 exploitable buffer overflow. An exploitable buffer overflow was apparently found and fixed in the host command some months ago, without announcement. host 8.21 has been verified as exploitable. No information on what version of host contains the fix for this is yet available.lpr group permissions elevation. An IRC chat session reported vulnerabilities in lpr-0.50-4 and earlier which can be exploited locally to gain elevated permissions. In combination with a wu-ftpd install, it can be used to gain root. Note that newer versions of lpr are widely available, but you may want to check the version you are using.Commercial products. There appears to have been a minor conspiracy to release advisories regarding security flaws in commercial products this week. The following commercial products were reported to contain vulnerabilities
UpdatesConectiva update to XFree86 vulnerabilities. Andreas Hasenack of Conectiva sent in this update regarding our report on XFree86 vulnerabilities last week:Regarding your story on XFree86 vulnerabilities, we have released an update for one of the vulnerabilities (in Portuguese)[bugtraq #1235) for the CL 5.0 distro (others, where applicable, were also updated). That update was done at a time when we were not sending update notices to lwn.net nor bugtraq, but only to our own local lists (in pt_BR). The other XFree86 issues are being investigated and will be addressed soon.
Apache mod_rewrite vulnerabilty. Files outside of the document root can be accessed, if the mod_rewrite module for Apache is in use. For more details, check the October 5th LWN Security Summary.This week's updates: Previous updates:
Pine buffer overflow vulnerability. An exploitable buffer overflow in Pine was reported to BugTraq in early October. The problem involves Pine's handling of incoming mail during an open session. Check the October 5th LWN Security Summary for the initial report. Note that the FreeBSD update below is the first one we've seen for this problem.Also announced this week was pine 4.30, which, judging by the Changes, fixes this problem. This week's updates: ncurses buffer overflow. Check the October 12th LWN Security Summary for the initial report of this problem. Updates for this vulnerability continue to trickle in more slowly than usual.This week's updates: Previous updates:
Boa webserver directory transveral vulnerability. Check the October 12th LWN Security Summary for more details. Boa 0.94.8.3 fixes this problem.This week's updates: Previous updates:
NIS/ypbind format string vulnerability. A format string vulnerability in NIS/ypbind can be remotely exploited to run arbitrary code as root. An immediate upgrade is recommended. For more information, check the October 19th LWN Security Summary.This week's updates: Previous updates:
GnuPG false signature verification. GnuPG fails to correctly validate multiple signatures in a file. Check the October 19th Security Summary for details. GnuPG 1.0.4 has been released and contains the fix for this problem. Anyone using GnuPG will want to upgrade their package as soon as possible.This week's updates: Previous updates:
Buffer overflows in ping. Multiple buffer overflows in Alexey Kuznetsov's ping were discussed October 19th.This week's updates: Previous updates:GNU CFEngine format string vulnerability. Root access can be obtained on a local system by exploiting CFEngine's use of syslog and its related format string vulnerability. Check the October 5th LWN Security Summary for more details.This week's updates: Previous updates:
EventsUpcoming security events.
Section Editor: Liz Coolbaugh |
November 2, 2000
LWN Resources | |||||||||||||||||||||||||||||||||||||||||||||
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is 2.4.0-test10. We could report on Linus's comments from his announcement of this release, but they really stand on their own: Ok, test10-final is out there now. This has no _known_ bugs that I consider show-stoppers, for what it's worth. There has been the occasional objection that 2.4.0-test10 is not ready, but those have been very small in number. It looks like we're getting close. The current stable kernel release is 2.2.17. The 2.2.18 prepatch is up to 2.2.18pre18. This one comes with more than the usual number of warnings, due to the deep nature of one of the fixes; if anybody has been burned, however, they are keeping very quiet about it.
Timpanogas Research Group appoints Andre Hedrick as CTO. The Timpanogas Research Group has announced the hiring of Andre Hedrick as CTO. Andre is best known as "the Linux IDE guy," the person in charge of the IDE disk subsystem. LynuxWorks patents loadable modules? LynuxWorks recently filed for an IPO. The casual reader of the (2.5MB) IPO filing might easily have missed this little bit of interesting material: We have developed a patented technology that enables LynxOS to be configured to leave out portions of the operating system not required for a given application, thereby reducing the amount of memory used. [...]
We have not yet succeeded in either finding the relevant patents in the database or getting patent numbers out of LynuxWorks. But from this description, it sure looks like the company is talking about loadable modules. Such modules, of course, are an important part of most Linux installations, and have been a feature of many operating systems for a very long time. It would be surprising if LynuxWorks had really come up with something new in this area. As always, though, these patents are worrisome. It is getting harder to build a system without encountering more and more of them. A new Linux IPv6 project. The USAGI Project announced its existence this week. USAGI stands for "UniverSAl playGround for Ipv6"; the project is digging into the Linux IPv6 stack with the intent of bringing it up to modern standards. That work includes bringing the code into compliance with a number of IPv6 RFC's, integrating IPSEC, and a bunch of other stuff. The project's first release was also part of the announcement. It's based on 2.4.0-test9, and includes a number of enhancements and bug fixes to the standard IPv6 implementation. They have even made an IPv6 version of khttpd. Further releases are planned on a two-week schedule. More information may be found on the linux-ipv6 web page. (Thanks to Per Harald Myrvang). /proc in XML? A posting from somebody identified as "Joe" raised an intriguing idea: why not have the /proc filesystem return data in XML format? In this scheme, a file like /proc/meminfo would have lines like: <MemTotal>63036 KB</MemTotal>Instead of the current: MemTotal: 63036 kBSuch a scheme would have some advantages. Almost every language now has a library that makes parsing of XML easy, so parsing the /proc entries should not be a problem. If the new format were properly done, the past problems where changes in the format of /proc files breaks applications should happen no more. And, most importantly, think of the great buzzword compliance that an XML-generating kernel would provide. On the downside, this would be yet another /proc format change that breaks applications. And all that XML boilerplate would bloat the kernel image a bit. But the real reason why this change will never happen is that the vision for /proc is a bit different. The plan is to split apart /proc entries so that each contains a single value, replacing file formatting with a directory structure. There's no need or place for XML in such a scheme, and parsing problems mostly just go away. But it's a fun idea... Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
November 2, 2000 For other kernel news, see: Other resources: |
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsFirst Progeny Linux Beta ships. Progeny Linux Systems is an effort by Debian founder Ian Murdock (and funded by the Linux Capital Group, headed by former Debian leader Bruce Perens). Its purpose is to "make Debian ready for the market" while preserving all that makes Debian special.Progeny announced the first beta of its distribution on October 31. It's on the bleeding edge, being based on the unstable "woody" version of Debian. They have added some nice things, like hardware autodetection; in general making the Debian install a friendlier process seems to be a priority for Progeny. Interestingly, you can not simply download the distribution itself; it is packaged as an upgrade to Debian 2.2. To install Progeny, simply make a one-line configuration file adjustment and run apt-get. There will also be a formal beta testing program, with boxed sets being sent to the participants. Interested people should read the announcement and go fill out the application. An interesting question is that of just how Progeny will keep its product unique. Proprietary software is anathema to the people involved; they will be giving all of their work back to Debian. So they may well push forward the state of the art, but Debian as a whole will follow them closely. The company must certainly have a plan in mind; it will be interesting to see it unfold.
Counting source lines of code. David A. Wheeler has posted a lengthy article in which he examines the amount of code present in a Red Hat 6.2 installation. He came up with over 17 million total source lines; a bit of number crunching leads him to conclude that this installation represents over 4500 person-years of development effort, with a value of some $600 million. Check out the paper for more, including a description of his methodology. Distribution reviewsMaking Linux Work in the Workplace: Installing Linux Mandrake (Linux Orbit). A brief look at installing Linux Mandrake vs Microsoft NT, this article from Linux Orbit is well written if not exactly detailed. "The Linux Mandrake 7.1 installation program, like most other top-notch Open Source software, is generally an almost-ready-for-prime-time product. It definitely has the eye candy factor to its advantage, it has tons of options, and great features (the progress stars, notably). Aside from problems configuring X, the installation can be buggy, as it will sometimes install items that had not been selected, or worse, it will not install items that had been selected." The Virtues of MaxOS (TechRepublic). TechRepublic has an in depth interview with Dexter Dombro and Donald Warman, the creators of yet another Linux Distribution - MaxOS. "The other thing we set out to do was deliberately exclude any GNOME, because of the instability problems. Every single application and utility we have on our desktop we know is stable. And at the same time, all the resources you could possibly ask for are in there. So whether you're a developer or gamer or somebody who wants to run a network, you'll still have Apache, and you'll have Kdeveloper." VMWare is also included as a 30 day trial package. The Alta Terra team focused on ex-Microsoft users: "So we have something like My Computer. It says Max Computer, and you go in there and it shows you a C: drive and an A: drive, and things like that, and we've created a Control Panel setting for people so that they're not immediately wondering 'Well, what do I do with the console?'" The article is in two parts (Part 1, Part 2). While no contact or URL information is provided, LWN already had MaxOS (skipping the Flash introductory page) listed on the Weekly Distributions Page. New DistributionsNanix. Another of the embedded class Linux distributions hit the streets this week: Nanix, from Charmed Technologies. Charmed is a company focused on wireless (and apparently wearable) computing. According to the website, NANIX[tm] is a Linux-based operating system distribution optimized for small wireless Internet devices. Support will be included for power management, wireless connectivity (802.11, IRDA, Bluetooth), and non-conventional input/output such as handheld keyboards, voice-recognition, head mounted displays, and palm-sized LCD monitors.
General-Purpose DistributionsBlack Lab Linux to be shown at SC2000. Terra Soft Solutions will be demonstrating CSP, Inc's. high-density, multiple G4 processor Fast Cluster as well as a 6 node, Apple G4 cluster running Black Lab Linux at the Super Computing 2000 show in Dallas, Texas from November 7th to the 9th. Caldera ratings and awards.
Caldera Systems Inc. (OREM, Utah) reported that OpenLinux
was given the highest rating in VARBusiness' 2000 Annual Report
Card. Debian gets a search engine. Visitors to the Debian web site have long been frustrated by the lack of a working search engine. No longer, however; the Debian Project has announced that UdmSearch will be used as the search engine on the site. It is up and running now.
Linux-Mandrake News: 7.2 released and OpenOffice RPMS.. Linux-Mandrake 7.2 (aka Odyssey) has been released. This release includes the ViaVoice voice recognition software and the latest GNOME 1.2 release. Linux-Mandrake also sent word of the availability of the OpenOffice RPMS. They claim to be (to their knowledge) the first company to publish such a package. "It feels good to know that all this code REALLY compiles on Linux box. FYI, it took Frederic ca. 1 week of work to get it all compiled, so it really wasn't trivial..." SuSE News: KDE 2.0 and S/390 support. SuSE Linux this week announced the availability for download of the latest version of the Linux desktop KDE and the forthcoming release of an update package for KDE 2.0. SuSE also rolled out the big iron this week, announcing support for IBM S/390 servers. Rumor mill: Slackware goes Sparc. Slashdot had quite a bit of activity around a rumor that Slackware had released a version of their distribution for the Sparc. The supplied URL to the supposed distribution took visitors to an FTP repository of the Slackware packaging tool, protopkg. No sign of the supposed Sparc port could be found at that site. A number of posters to the discussion thread wondered if Slackware was responding to Red Hat's decision to drop Sparc support. However, this also turned out to be a rumor as Red Hat has not officially dropped support for Sparc. They simply didn't release a version of Red Hat 7 for that platform. One Slashdot poster noted that the Slackware distribution actually did exist but the announcement regarding its availability was meant for Slackware developers only and that the distribution was available only via an rsync download. Attempts to contact Patrick Volkerding directly to confirm this possibility - and the existence of the Slackware Sparc port - were not successful. Embedded DistributionsLineo ports to IDT's RC32334 integrated processor. Lineo has ported their Linux product, Embedix, to the IDT RC32334 integrated processor, a MIPS based CPU with an on-chip PCI bus. Section Editor: Liz Coolbaugh |
November 2, 2000
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Development page. |
Development projectsBrowsersMozilla Chameleon Theme Builder makes progress. Progress is being made on the Mozilla Chameleon Theme Builder, a tool that is used for customizing the appearance of your browser screen. The screenshots of Chameleon look pretty interesting. DatabasesOracle could face a Linux-like threat (CBS). CBS MarketWatch's Mike Tarsala discusses the threat of open-source databases on proprietary database companies. "'Databases have been overpriced for a long time,' said Michael Widenius, founder of MySQL, the most widely used open-source database. 'The bigger market we get, the more the commercial database companies don't get. Their profit returns are going to decrease rapidly.'" DocumentationLinux Documentation Project updates. The LDP has received a slew of updates since the last time we reported on them. A stronger emphasis is being placed on categorizing and maintaining documents, and a summit was held to talk about future directions for the project. Embedded SystemsEmbedded Linux Newsletter (Linux Devices). The latest edition of the Embedded Linux Newsletter has been posted. Included is a feature article on the RedBoot open source BIOS, and profiles of several embedded devices. Check it out for news from the Embedded Linux world. Trolltech to Add GPL Licensing to Qt/Embedded. Trolltech announced that the current version of Qt/Embedded will be licensed under the GNU General Public License (GPL) and also a commercial license. Linux Devices has a related article that discusses Qt/Embedded. "Thanks to application program interface (API) commonality between Qt/Unix and Qt/Embedded, Linux programs can easily be recompiled to run on embedded systems, making a large number of programs immediately available to newly developed embedded devices." InteroperabilityWine 20001026 snapshot available. A new snapshot of Wine, dated October 26, 2000 has been announced. Visit the download site for your copy. This version includes many bug fixes, exec support from DOS mode, and header fixes for Winelib compiles. Office ApplicationsEazel Will Influence Re-vamped GNOME Interface Team (LinuxToday). LinuxToday covers the recent UI team reorganization over at GNOME. "Currently the team at Eazel is busy with the upcoming Nautilus release, but the efforts should be fully blended. While Eazel is currently focused on Nautilus, other people can look at other applications in the whole GNOME desktop and contribute to each application," [GNOME leader Miguel de Icaza] said. What's New with GnuCash (LinuxNews.com). LinuxNews.com talks with GnuCash hacker Rob Browning. "'Right now we have four full-time developers, and we're about to hire a few more,' he said, attributing the growth of the staff--and the project--to financial backing from Gnumatic Incorporated, announced August 14, 2000." Gimp 1.1.29 released. Release 1.1.29 of the Gimp is now available, this version is a release candidate for stable version 1.2, bug reports are requested should you find anything amiss. On the DesktopCandidates for GNOME Foundation Elections Announced. The candidates for the first GNOME Foundation board of directors election have been announced. The list includes a number of prominent names (de Icaza, Gettys, Levien, Pennington, Perens, Mena Quintero), but there are many other interesting candidates as well. There's still time - barely - to register to vote if you've contributed to the GNOME project. Eleven of the 33 candidates will be elected. GNOME Documentation Project Status Report #3. The third GDP Status Report was just released. "Nautilus is getting even better at rendering SGML documents, ScrollKeeper is quickly approaching its first beta release, a bunch of new people have joined the GDP and started writing various documents, a solution to licensing issues has been found, a number of documents have recently been finished, more Sun contributors have trickled in and quietly started working, a GNOME style guide is slowly being prepared for discussion on the mailing list, and more." New Plans for KDE Multimedia (KDE Dot News). A draft proposal concerning the update of KDE multimedia applications and infrastructure has been placed online. While "multimedia" seems to mean many things to many people, this proposal appears to be aimed mainly at audio issues. People Behind KDE: Reginald Stadlbauer (KDE Dot News). This week The People Behind KDE interviews Reginald Stadlbauer, the programmer originally behind such things as KPresenter and KWord. "I posted to the KDE lists that I would write a PowerPoint clone. As I was new to C++ and Qt/KDE, nobody took me seriously." KDE 2.0 Developer book online (Andamooka). A KDE 2.0 book for developers is scheduled for a November release both in print and online versions. The book is being published under an open content license. Linux Mandrake KDE2 tutorial. Linux Mandrake has published an online beginner's tutorial for KDE 2.0 The tutorial provides a nice overview of KDE2 for beginners and is a good way to view the capabilities and features of KDE2. ScienceWill free software come to the rescue of the UK's health service? (ZDNet). ZDNet's UK division has an article that discusses the advantages of using open-source software in the British health service. "'Free software concepts make particular sense in medicine,' says Dr Douglas Carnall, associate editor of the Journal. 'Once a customer is "locked into" proprietary software, its makers can demand premium prices, safe in the knowledge that the client would find it even more expensive to change. Much better instead to invest time on a system licensed under the General Public License that will always be free,' he says." Web-site DevelopmentZope Weekly News for November 1, 2000. The late breaking November 1 edition of the Zope Weekly News has been published. News includes the addition of the Python Labs group to Zope, progress on the Write Locking and HiperDom projects, and several new proposals. Zope Weekly News for October 25, 2000. The October 25 edition of the Zope Weekly News is also available. The status reports of various Zope projects are featured. Michel Pelletier and Amos Latteier have published an alpha release of their upcoming Zope book and are interested in feedback. "Documentation has been an albatross for Zope for a long time and this book is a huge opportunity to rectify that - please do your part in making it the best it can be by taking an early look and contributing your thoughts or concerns!" MoinMoin release 0.4. Release 0.4 of the MoinMoin collaborative hypertext environment has been announced. MoinMoin is a Python based clone of a WikiWikiWeb system. Section Editor: Forrest Cook |
November 2, 2000
|
|
|
Programming LanguagesErlangErlang R7B available as rpm. An RPM packaged version of Erlang version R7B has been made available by Goeff Wong. If you are interested in getting Erlang on your system, this should be a quick route. PerlLarry Wall gives ALS Keynote. Larry Wall gave a keynote at the Atlanta Linux Showcase in which he discussed his current thinking on the state of Perl. An MP3 version of the talk is available as are the slides and the full text. Simpleware vs hypeware - Why PERL isn't dead yet (CNET). Srikant Sreenivasan has written an interesting article that discusses the pitfalls of moving code from older, more stable languages to trendy new languages. "Don't get me wrong. I'm no frenzied zealot of an anti new languages or technologies movement. My only passion is technology. But I really see that all these so called new languages are not enhancing my productivity as a developer nor giving me any major benefits in a production environment." This article is worth reading even if you aren't working with Perl. University of Perl Day 1.3 (Use Perl). Nathan Torkington has published Day 1.3 in his continuing series of journals from the traveling University of Perl classes. Check it out for a glimpse into the world of Perl culture. PHPPHP Weekly Summary for October 30, 2000. The October 30, 2000 edition of the PHP Weekly Summary is out. News includes Apache 2.0 support, and work on serializing references. A new feature wish list has been included as well. PythonThis week's Python-URL. Here is Dr. Dobb's Python-URL for November 1 with the latest in python development news, including Guido's announcement of the PythonLabs move and some discussions on locking mechanisms. Call for Papers: Ninth Python Conference. November 6, 2000 is the deadline for submitting papers for the Ninth Python Conference which will be held from March 5 through 8, 2001 in Long Beach, California. Python-dev summary, October 17-31, 2000. The October 17-31 issue of the Pythondev summary is out. Included are discussions of the Python team's migration to Digital Creations, and questions about the future of Python and Tcl/tk. Tcl/tkThis week's Tcl-URL. Here is Dr. Dobb's Tcl-URL for October 30 with the latest in Tcl development news, including a look at the acquisition of Ajuba Solutions and whether [incr Tcl] should be part of the core distribution. XMLXML Matters #4 (IBM developerWorks). David Mertz has put together the fourth article in his series on XML Matters. He discusses the use of the DocBook XML dialect for pulling many document formats into a single standard XML format. The XML Elements of Style (O'Reilly). O'Reilly author Steve Muench presents his own Elements of Style (ala Strunk and White) in this article on the rules for creating a well-formed XML document. "The first, outermost element in an XML document is called the document element because its name announces what kind of document it is--<FAQ-List>, <Book>, <Transaction>, <TrackingStatus>, etc. You must have only one document element per document." Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Commerce page. |
Linux and BusinessInvesting in Open Source. Here are a couple of companies that have found new investors. EBIZ, Inc. has acquired an equity investment from the Canopy group. EBIZ is the parent company of several Linux/open source related web sites, including TheLinuxStore.com and the recently acquired LinuxMall.com. The announcement states that the investment is for 2.5 million shares of EBIZ and creates $2.5 million in cash for the company. The investment will be used for debt reduction and future growth. BSDi announced that they have received a $5 million strategic investment from Livin' On The Edge (The Edge), a Japanese Internet solutions provider. It seems The Edge uses FreeBSD extensively, and the company intends to work closely with BSDi to ensure the ongoing development and commercial viability of the BSD platform. BSDi will use the proceeds from the investment to continue to develop and market advanced BSD operating systems and its iXtreme Series line of Internet server computing systems and to provide ongoing backing for the FreeBSD Project. OpenSales changes name, expands services. San Mateo-based OpenSales announced a name change - to Zelerate. The Zelerate AllCommerce e-business application suite is licensed under the GPL. Zelerate plans a December launch of an open source warehouse management system, which will also be licensed under the GPL. The company has also expanded its consulting services. JYACC releases Open Source POSSL. A company called JYACC, Inc. announced the availability of the source code for its POSSL (Panther Open Source Software for Linux) technology and the establishment of a new open source online community at possl.org. POSSL is an enterprise application development environment that simplifies the building of transactional, component-based Web applications. CollabNet is providing its SourceCast environment as the infrastructure for the possl.org community site. POSSL's source code license is modeled after the BSD license. Caldera releases Volution to beta. Caldera Systems Inc. announced Caldera Volution (Volution). Volution is a browser- and directory-based management product for Linux systems that utilizes the inherent strengths of LDAP directories. Formerly known by its internal codename "Cosmos", Volution is currently in open beta. EFI Announces Fiery X3 Server, Minolta copier support. We noticed that EFI (Electronics for Imaging), a fairly well known printer solutions company, has released a new server for use with a large range of Minolta copiers in a networked environment. While the announcement doesn't stress the point, hidden inside is the part we wanted to hear: "Regardless of the size of most files, the Linux-based Fiery X3 Pi5500 drives the Di550 and Di450 at their full-rated speeds for greater overall throughput." Linux, it seems, does copiers too. Indrema Offers Alternative to Hard-to-Find PlayStation2. Indrema has put out a humorous press release with ten reasons why people should buy its game console instead of the competition. "#2: Xbox says: 'We are Microsoft. Resistance is futile.' Indrema says: 'We are Open Source. Viva la resistance!'" Press Releases:Open Source ProductsUnless specified, license is unverified.
Commercial Products for Linux
Products Using Linux
Products with Linux Versions
Java Products
Books and Training
Partnerships
Financial Results
Personnel/New Offices
Linux At Work
Other
Section Editor: Rebecca Sobol. |
November 2, 2000
|
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Linux in the news page. |
Linux in the newsRecommended ReadingTriumph of the free-software will (Salon). The spirit of the open source world runs the gamut of emotion, from short chastising to verbal battery to praise and worship. Andrew Leonard takes a deeper look at himself and the movement in this Salon piece: "Accusations of betrayal cut pretty deep. And yet, even as I wince every time I check my mail, I am paradoxically heartened by the anger. I originally became obsessed with covering the free-software movement because I was fascinated by the passion that motivated so many free-software developers or advocates. The severity of their response to my article proved to me, once again, that I was playing with a fascinating holy fire." CompaniesRed Hat boss joins Tucows board. The word is out: this story in the National Post covers the appointment of Red Hat founder Bob Young to the Tucows board of directors. "Mr. Young has earned a reputation as a pioneer and respected activist in the Open Source and Linux communities. Because of that he will bring an additional degree of legitimacy and notoriety to Tucows, known to most consumers as a repository of popular software programs." Tucows is, of course, LWN's parent company. (Thanks to Gary Lawrence Murphy). Riding on the open-source wagon (ZDNet). ZDNet looks at how e-commerce players Akopia and Zelerate (formerly OpenSales) are dealing with an open source business model. "There's no question that commercial versions of applications that are built in adherence to open-source development procedures are proliferating. To qualify as a true open-source product, software is expected to be licensed under the GNU General Public License. Any changes made to the base source code by vendors, service providers, and/or customers must be returned to the developer community." Covalent mixes proprietary and open source software (Upside). Upside looks at Covalent and Transmeta in this two part article on open source related companies. "Because translating programs through a layer of software takes longer than running the instructions on base silicon, Crusoe chips operate slowly at first as they adapt to programs they run. Once this adaptation process is complete, however, Transmeta demonstrations have shown that the chips do achieve speeds and efficiencies competitive with traditional chip designs." Can Transmeta buck the IPO market? (CBS MarketWatch). CBS MarketWatch (via ExciteNews) takes a brief look at Transmeta's history and IPO future. "But perhaps the most notable member of the Transmeta team is Linus Torvalds. Yep, he's the guy who invented Linux and revolutionized computing with open source development. At Transmeta, he helped develop the Code Morphing software." Ok, maybe invented might not be the right word here... Linuxcare co-founder resumes CEO job (News.com). News.com reports on the latest from Linuxcare: co-founder Art Tyde is back running the company, and the entire European operation has been shut down. The article says that only sales and administrative people were laid off, but Linuxcare most certainly did have technical staff in Europe, too. Linux firm Lineo woos industry veterans (News.com). Changes in the management team at embedded Linux vendor Lineo is the focus for this C|Net News.com article. " Lineo has wooed three new executives from better-established companies in its effort to hasten the adoption of Linux in non-PC computing devices." Fork gets Samba back in tune (Upside). Upside has posted a lengthy article on the split in the Samba project. "So what lessons can the open source community learn from the Samba-TNG episode? [Jeremy] Allison sees it as a reminder that forking can and should be a healthy part of the open source development process." BusinessIBM Japan to Install 15,000 Linux Servers in Lawson Stores (AsiaBizTech). In one of the larger rollouts of Linux systems we've seen in some time, IBM will be installing 15,000 Linux-based "e server X Series" systems in Lawsons stores throughout Japan. Total rollout of this installation should be complete by March 2001. (Thanks to Maya Tamiya) Those nagging open source details (Upside). Open source databases and the developers who love them is the focus of this Upside piece. "Open source database developers have a reason to be optimistic. At a time when projects such as Apache and the Linux kernel are losing their media luster, aging database projects such as MySQL and PostgreSQL have suddenly been recast as the fresh-face of the open source community." The Fourth Member of ZZ Top? (Business 2.0). Business 2.0 worries that there is no succession plan should Linus get tired of kernel work. Much of the article is spent talking about Alan Cox's appearance (thus the title) and mistakenly puts him in England (he's in Wales). "When a corporation is headed by a charismatic leader who won't spell out a clear path of succession, investors usually get spooked. Are Linux customers worried? There is little evidence at the moment. But they may be unaware of how loose and uncertain is the structure that Torvalds sits upon." But will user expectations spoil its chances? (ZDNet). ZDNet reports on the OpenOffice release, and raises some interesting concerns... "Mike Doyle, IT manager at charity Cooperation Ireland, where Office 97 is deployed, said managing user expectations could be a problem with an open source office suite. 'If people know we have the source code they may expect us to fix a bug, but we are not staffed up to do this sort of work. Managing user expectation, which is already difficult enough, will become even more difficult.'" (Thanks to Wesley Darlington). Office politics (ZDNet). Depending on who you talk to or what you read, GNOME seems to be replacing AbiWord with Sun's recently released OpenOffice word processor. ZDNet has posted an article fanning the flames of this debate, questioning if the politics of GNOME are more than they appear. "How can I put this lightly? The GNOME Foundation, clearly salivating over OpenOffice and Sun's embracing of its desktop, appears to be abandoning some of GNOME's longtime friends." Getting Beyond the Innovation Fetish (Fortune). Innovation overflows in our computer culture, and in this article from Fortune, credit for at least part of this is given to the open source community. "The `open source' movement--perhaps the most influential initiative in software today--is the apotheosis of these innovation economics." ResourcesRedboot -- an open source boot/debug environment (ZDNet). A closer look at the Redboot bootstrap and debugging environment comes from a reading of this article from ZDNet. "Because RedBoot is based on eCos, which is capable of running on many architectures, and because its debugging support is based on gdb, RedBoot can become a common embedded standard." One statement suggests Redboot could replace the standard BIOS in PCs. Note that the article was written by someone from Red Hat. Plain Text Editors - Unsung Heroes. WebTechniques is carrying an article on the use of text editors for developing HTML, a rather interesting comparison of using Netscape Composer and DreamWeaver versus a traditional text editor. "Another problem with generated markup from a visual tool is that it's less organized. Dreamweaver's markup is all jammed together. I would write my document with a lot of white space, flush certain tags to the left, and add comment tags. I would add the DOCTYPE declaration and accessibility features like the ALT attribute, and follow a standard. If I were truly writing this code today, I'd write it as XHTML 1.0, which Dreamweaver UltraDev-a brand new product-can't do." November Linux Gazette is out. The November 2000 issue of the Linux Gazette is out. It includes an article by Chris Jones on The Australian History of Tux (the penguin): "During the 1940s and 50s in Australia there was a literary magazine called, of all things, The Angry Penguins. This magazine was an avant-garde modernist poetry magazine edited by Max Harris and had modernist painters and writers grouped around it whose names are now legend in Australian art. But at that time they were just considered weird and way out. You know, the stereotype of mad deluded poets and artists starving and living in sub-standard housing." ReviewsKDE brings Linux closer to corporate desktop (ZDNet). eWeek takes a look at KDE 2.0 and decides Linux must be ready for the desktop. "In eWEEK Labs' tests of the software's final release candidate, KDE2 impressed us with the progress it has made in the areas of user experience and included applications -- we recommend that sites looking at Linux as a future desktop alternative take the time to evaluate KDE2." The review isn't of the official 2.0, but the reviewers seemed pleased anyway. .comment: KOffice Is A Good Start (LinuxPlanet). LinuxPlanet reviews the KOffice suite as found in KDE2. "KDE2 in general benefitted from the participation of someone at Corel Corporation who did little but find and holler about inconsistencies among applications. As a result, KDE2 has a consistent design. Because Corel also markets its own office suite for Linux, it did not provide this service to KOffice, and it shows." Linux is cooking in my kitchen (The Guardian). The Guardian Unlimited gives us another " I tried Linux" article, this one with a little success, a few failures and some basic honesty. "A first piece of advice: read the (expletive deleted) manual. Linux may well be, as claimed, stable as a rock compared with Windows, logical and in open code for teccies; but intuitive it is not." Note - "teccies" is the authors spelling, not LWN's. InterviewsInterview: Richard Stallman (France-Invest). France-Invest.com has posted an interview (in French) with Richard Stallman. It covers the sale of free software, software patents in Europe, and other topics of interest. English text is available via Babelfish. (Found in Da Linux French Page). Interview: Sergey Brin (O Linux). O Linux interviews Sergey Brin of Google.com. "Linux is used everywhere...on the 6,000+ servers themselves, as well as desktop machines for all of our technical employees. We chose Linux because if offers us the price for performance ratio. It's so nice to be able to customize any part of the operating system that we like, at anytime." Section Editor: Rebecca Sobol |
November 2, 2000 |
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Announcements page. |
AnnouncementsResourcesIBM launches developerWorks China. IBM announced the launch of the beta version of its developerWorks site for China. IBM developerWorks Highlights Linux Usability. IBM developerWorks* announced a two-week discussion forum on Linux usability trends from October 31 through November 15 to help boost developers' Linux know-how. LinuxPrinting.org now offers forums. For those of you who are dealing with printing under Linux, LinuxPrinting.org offers several new forums from the general to the specific. EventsToronto Linux Expo. Stefane Fermigier sent in a detailed view of Linux Expo in Toronto. Day 1: "This first edition of Linux Expo Toronto is more a conference than an expo, with just 15 registered exhibitors, and none if the big names like Red Hat, MandrakeSoft, SuSE, Corel, Caldera, VA or Lineo. Fortunately, the conference program is rich [with] tutorials [and] keynotes [including] Bob Young - Red Hat [and] Jacques Lemarois - MandrakeSoft." Day 2, keynotes from Bob Young and Jacques Lamarois: "Open source is not only sharing code, it is a development process. You have to behave accordingly: share information, release frequently, be close to your users to build a strong community. You also have to use the right tools (Web site, CVS, mailing lists).." IFIP Namur Award. The International Federation for Information Processing has announced the acceptance of nominations for the IFIP Namur Award. This award will be "...for an outstanding contribution with international impact to the awareness of social implications of information technology." Past winners include Joseph Weizenbaum. It seems that there should be a place for a well-crafted nomination for one or more free software figures... Netherlands Unix Users Group fall conference. NLUUG will have their fall conference on November 9, 2000. Talks include: JFS Journaling File System for Linux by Moshe Bar and Linux Failsafe by Lars Marowsky-Brée (SuSE). XML DevCon 2000 Panel. Here's a press release on the speakers for XML DevCon Fall 2000, to be held in San Jose, California, from November 12 to 15, 2000. LinuxCertified holds Linux for beginners. The Linux for beginners course is designed for busy professionals with no prior experience with Linux or any other flavor of UNIX. Attendees get a Linux laptop to take home. The course will be held in Cupertino, California, December 2 - 3, 2000. November/December events.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. User Group NewsLUG Events: November 2, 2000 - November 16, 2000.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. |
November 2, 2000 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
Software AnnouncementsHere are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways: |
Our software announcements are provided courtesy of FreshMeat
 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Back page page. |
Linux Links of the WeekZeligConf is the "European meeting of digital counter-cultures." It will be happening in Paris, December 15-17. The program covers a number of topics of interest, such as software patents. Could be fun if you're in the neighborhood... LinuxDevices.com turned one year old on Halloween. Congratulations to Rick Lehrbaum for a great year, and here's to many more! Section Editor: Jon Corbet |
November 2, 2000 |
|
|
This week in historyTwelve years ago: The Internet Worm was released, rendering the entire Internet unusable for two or three days. Two years ago (November 5th, 1998): The first of the infamous Halloween memos from Microsoft was leaked to the public. The topic of the first memo was Microsoft's possible responses to the Linux/Open Source Software phenomena. If you're new to Linux, we strongly recommend you check out these documents. OSS poses a direct, short-term revenue and platform threat to Microsoft, particularly in server space. Additionally, the intrinsic parallelism and free idea exchange in OSS has benefits that are not replicable with our current licensing model and therefore present a long term developer mindshare threat.
The Linux 2.2 kernel was poised for release, but the NFS implementation was known to be substandard. This problem has plagued Linux for a long time. Fortunately, the current Linux 2.2.18 prepatch series has a decent NFS implementation in it, so, once the next stable kernel is released, that problem should finally be behind us - two years later. Matthew Szulik became President of Red Hat. That was the beginning of the change of guard, with the gradual departure of most of the Red Hat founders from the very top. Here's the current Red Hat Executive bios. Red Hat 5.2 was announced. LWN's impressions of the release were mostly positive, but it contained so many security-related bugs and unnecessary setuid programs that Chris Evans set up a website just to track them and harass Red Hat to fix them. That website survived through the Red Hat 6.0 release and its subsequent series of updates, but now reports "no known issues". The Debian 2.1 freeze began. Debian 2.1 was finally released four months later, in early March, 1999. Supercomputing 1998 hosted Beowulf talks for the first time. Supercomputing 2000 will start this Saturday, November 4th, and run through November 10th. Here is a summary of Linux or Beowulf-related talks planned for this year. And, not to be forgotten, Worldforge, a project to develop a complete system for massive multiplayer on-line role-playing games, came into being. They celebrated their first birthday a year later. One year ago (November 4th, 1999): The DeCSS source code was made publicly available. The repercussions from this are ongoing. The curtailment of free speech peaked with a federal judge ruling that linking to a site that contained the source code was also prohibited by the Digital Millennium Copyright Act. Plans are in the work to appeal that decision to the Supreme Court (financed by the Electronic Frontier Foundation). Last year, Don Marti and others organized Burn All GIFs day, an event planned to eliminate all GIFs on the Internet, in protest of the Unisys patent. Many GIFs went away, including some on the LWN site, but many, many more remain. 64GB memory on the IA-32 became a reality! Support for up to 64GB of memory slipped into the 2.3 kernel series, courtesy of Ingo Molnar. This removed an embarrassing limitation of the Linux kernel. Each individual process, though, can only use up to 4GB of virtual memory. Red Hat announced the Red Hat Center for Open Source. Money for the new center was donated, in cash and stock, by Red Hat and three of the initial founders. The Red Hat Center has focused primarily on awarding grants for activities to entities such as the Electronic Frontier Foundation. They operate now under a shortened name, Red Hat Center, and a new mission statement in support of "transparent technology". Slackware 7.0 was announced. Patrick Volkerding also explained his decision to "join the crowd" and jump Slackware from 4.0 to 7.0. The planned feature freeze for Debian 2.2 was postponed, finally occurring almost three months later, in January of 2000. The official release of Debian 2.2 happened eight months after that, in August this year.
| |
|
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
To: letters@lwn.net Subject: GNOME From: Maciej Stachowiak <mjs@eazel.com> Date: 26 Oct 2000 02:57:33 -0700 The Oct 26 issue of Linux Weekly News cites GNOME as an example of a project with "a prominent corporate sponsor", namely, Helix Code. Actually, things are even better than that for the GNOME project - it has many prominent corporate sponsors! Helix Code as well as other companies, including Eazel, Red Hat, Sun, Henzai and Gnumatic are contributing significant amounts of code to GNOME and supporting the platform. Better yet, the GNOME Foundation, a membership organization of the people who have created GNOME, is in charge of the platform' future as an independent voice. It is true many corporations and non profit organizations (including the ones mentioned above, plus HP, IBM, Compaq, the FSF and the OMG, with more along the way) have joined the Foundation advisory board, showing a broad base of corporate support. But the Foundation itself is holding elections where the developers, documentors, artists, designers and organizers of GNOME will represent the project on a Board of Directors. While GNOME does enjoy a healthy level of corporate support, it remains a community project and its fate is not tied to the future of any one company; so it's incorrect to lump it with projects that may be in trouble if the one sponsoring company does not do well. Sincerely, Maciej Stachowiak Member, GNOME Steering Commitee Hacker, Eazel Inc. | ||
Date: Thu, 26 Oct 2000 14:55:08 -0400 (EDT) From: Joe Klemmer <klemmerj@webtrek.com> To: letters@lwn.net Subject: Re: KDE2 On the front page of issue 1026 - > Two years ago, critics were still saying that the free software world > was not capable of producing something as complicated as a modern > desktop. How much fun it is to point out to those critics that we now > have two... I want to point out that there are three open source modern desktop options available. XFce <http://www.xfce.org> is extremely capable and more advanced than GNOME and KDE. It was the subject of one of the talks at ALS and it received a very strong and favorable response from people who saw it there. I would recommend that anyone looking for an alternative to GNOME or KDE that uses _much_ less resources and is easier to manage and use to look at XFce. I know that Sun and IBM _might_ possibly be looking at it in place of GNOME. Disclaimer: I am <B>NOT</B> trying to start another desktop holy war! GNOME is good! KDE is good! There is nothing wrong with using either of them. I just wanted to point out another option. The strength of open source is the power of choice. The more choices we have the better off we are. --- There are just 67 days till the beginning of the 21st century and the next millennium! | ||
Date: 26 Oct 2000 17:38:37 -0000
From: Eric Smith <eric@brouhaha.com>
To: letters@lwn.net
Subject: Treaties
Gentlemen,
In your 26-October-2000 issue, you talk about problems with the Cybercrime
Treaty:
> Another reason for concern is the fact that this treaty is so
> far-reaching, yet the process of developing it side-steps the internal
> process of the U.S. and other countries for guaranteeing input and
> review from citizens.
By their very nature they are not developed through the same process as
the internal laws of nations. In this regard the draft Cybercrim treaty
is no different than any other treaty. There's no reason to be upset
about the process, but we should still try to influence it.
I'm only familiar with the treaty process as applied to the US, though I
assume other countries deal with them similarly. As US citizens we have
three additional ways to prevent bad treaties from taking effect:
1) Convince the US Administration not to sign the treaty
2) Convince the US Congress not to ratify the treaty
3) Convince the US Congress not to pass legislation enacting or
enforcing the terms of the treaty. (This is harder to do if the
previous steps fail.)
Without our signature, ratification, and legislation, the treaty has
no effect on us.
In any case, no treaty can supercede our Constitution (as amended). The
*only* way to do that is to pass a new Constitutional Amendment. As a
last resort, the courts can be used to block implementation of any
unconstitutional provisions. For instance, there are currently
conflicting circuit court rulings on whether software source code is
speech, and thus protected by the First Amendment. This issue may be
decided by the Supreme Court within the next few years. It may turn out
that even if this horrible Cybercrime Treaty is signed and ratified,
that the imposed limitations on source code may end up being
unenforceable.
Sincerely,
Eric Smith
| ||
From: rongage@att.net To: lwn@lwn.net Subject: Microsoft cracked - personal perspective Date: Fri, 27 Oct 2000 13:32:18 +0000 Hi folks: You just recently posted the note about the Microsoft breakin along with the comment "It's not really a Linux story, so we'll pass these on and be done with it". Well, that's not entirely true. You see, since Microsoft has (for some time) been telling the world that the Linux security model is insecure, it is entirely appropriate for "us" to prominently note anything that "refutes the FUD". Sure, we can take the "high road" and remain silent but I would suggest to you that doing this would be a huge mistake. As we all can currently see with all the election garbage on the TV and radio, the candidate that does not respond effectively to the garbage gets trampled and eventually loses the effort. This breakin story is a Linux story. It's a testimonial about how effective the Windows security model really is. If Microsoft can't defend itself, how on earth can the corporate world possibly hope to. This is where Linux comes in. By being effectively immune to these sorts of attacks (software that installs itself into a trusted system), Linux (and other unix based system like *BSD, Solaris, HP/ux, and Tru64 to mention a few) is shown to be the truely superior security model. Yes, this story is indeed a Linux story - it's probably some of the best advertising we could ever hope to get! Ron Gage - Saginaw, MI (rongage@att.net) | ||
Date: Mon, 30 Oct 2000 15:44:28 -0500 (EST) From: "Donald J. Barry" <don@astro.cornell.edu> To: don@isc4.tn.cornell.edu, felten@cs.princeton.edu, letters@lwn.net Dear Dr. Felten, You'll receive dozens of moralistic letters about your team's attack on SDMI: this is one of them. It's convenient for scientists to hide under cover of the claim that pure analysis is apolitical---after all, it's a lot of fun. But there's always a political subtext when the subject is so charged as a technology which either affects the lives of millions or stands as a barrier between people and millions in potential profits. In this case, SDMI is one part of a broad deployment of both technological and legal barriers intended to containerize information. Its advocates are a distinct political entity, and its effects, in practice and in intended function, are to eliminate, among many other things, existing standards of fair use. Because of this, I regard it as unfortunate that your team has chosen to do intellectual work complementary to that of the SDMI advocates. Ultimately, this type of analysis, when done prior to deployment, aids and abets those seeking to deploy practically effective technology. It does so because you neglect the legal part of the DMCA which seeks to force analysis underground. If one's goal is to protect freedoms, in particular that of fair use, which I hope you would share as a fellow academic, then an analysis of method including both the purely technical aspect and the sociological aspect of contributing one's art and industry is essential. Without this sort of approach, one's creative labors too easily find themselves in the service of ends which, in the full analysis, we would oppose. Cheers, Don Barry, Cornell University | ||
Copyright © 2000
Eklektix, Inc., all rights reserved