Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsWe still haven't made our point. Over the last week, much has been said of Microsoft's new source policy for its Windows operating systems. Many seem to see it as a response to the rise of free software, and even the beginning of an "open source" policy on Microsoft's part. There is little, if any, truth in such speculation. The new policy allows a small number of very large customers access to the Windows source. Of course, the usual sorts of nondisclosure agreements must be signed, including providing the names of all people who will see the source to Microsoft. But it goes beyond that - no modifications of any sort are allowed. Even if you find a bug, it will be illegal (or, at least, a violation of the license agreement) for you to fix it. With such rules, it would not be surprising if the source distribution lacked a key piece or two, making it impossible to build a new, working system. This sort of source distribution is not particularly new. Your editor had access to the Vax/VMS source twenty years ago. The fact that it came in the form of a thick stack of microfiche pretty well insured that nobody would try to make changes. But much of the commentary out there conveys the impression that Microsoft's offering is something different. For a fun time, check out this pronouncement from the Meta Group, which was published by News.com. The Meta Group styles itself as "a leading research and consulting firm, focusing on information technology and business transformation strategies," so one would presume that its output would make some sense. This particular offering, entitled "Microsoft co-opts open source approach," is, instead, a classic example of what comes out when you have no understanding of how free software works. Consider this quote: The advantage of providing Windows source code is that Microsoft enlists tens of thousands of software professionals in 1,000 or more of its biggest and best customers to help it test its key operating systems in their unique environments. This will create a flood of bug fixes, improvements and extensions that will flow back to Microsoft to improve those products.
How this "flood" will come about is unclear, given that modification of the source is not allowed. Those who would create all of these goodies will be working in violation of their license, and will be completely isolated from the Windows developers and from like-minded developers elsewhere. They will not be able to distribute their changes, or to benefit from the work of others. How productive, exactly, are these "tens of thousands of software professionals" going to be? Reading further: In our opinion, the Windows source code will inevitably end up on the Web--within six months or less--where thousands more hackers will start working on it, exposing weaknesses. This will help Microsoft improve its products further until they are bulletproof. The source may well end up on the net somewhere. One might guess, however, given Microsoft's rather hard-line position on "piracy," that its reaction would indicate a distinct lack of amusement. In fact, it would probably make the DeCSS witchhunt look like a pretty mild affair. One can only hope that Gnutella and Freenet will be up to handling some seriously large files by the time this source escapes. What will happen when these "thousands more hackers" start "exposing weaknesses" is unlikely to be pretty. People who find bugs in the Linux source issue press releases to the effect. But even looking at Microsoft's source will be a crime. Given Microsoft's crackdown on those criminals who were redistributing its security alerts, one can imagine that they will not welcome others "exposing weaknesses" by looking at purloined source. Prediction: those who find security bugs from Microsoft's source will not issue press releases. They will make their achievements known in rather less polite ways, and they will not provide patches to fix the problems. It's not done yet: In effect, Microsoft is co-opting the open-source approach. It is essentially recruiting the technical staff of its largest customers (and potentially even the entire hacker community) to help it create improved versions of its software that only it will have the right to distribute. This becomes the vehicle that will drive the technical community to its new model for software development and distribution.
The Meta Group thinks that "the entire hacker community" will have no problems with creating "improved versions" of software for the sole benefit of Microsoft. Somehow, thousands of talented engineers are going to do free work for Microsoft, while not being able to (legally) make use of their own enhancements, much less distribute them to others. These engineers, working in isolation without community, communication, or shared goals, are going to create the new software development model. We don't think so. Read-only access to source for a small number of customers is not going to create a new software development model. And it has nothing to do with free software, or even "open source." Despite their best efforts, people in the free software community still haven't managed to communicate to much of the world what is really going on here. The creation of great software requires openness, communication, and peer review. It requires that the developers get something back: credit, software that meets their needs, constructive criticism, and the ability to share what they have done. And, of course, it requires freedom. Those who live in the free software community can assume that everybody understands these things. It is sad to see how far from that understanding much of the world still is. Harlan Ellison vs. the right to code. Speaking of freedom, those who have not yet seen it may want to have a look at Harlan Ellison's rant against those who post copies of his works on the net. And a rant it is; Mr. Ellison, to our knowledge, never published a story written entirely in upper case. Such restraint is not evident here. Stylistic issues aside, Mr. Ellison is seeking to protect his rights to his work, as provided by copyright law. We wish him luck in that fight; he owns his work, and he should not have to accept its wide distribution on the net if that is not his wish. As LWN has said before, free software licensing, too, depends on copyright law. Deep down in the article, however, you'll find this chilling statement: With the second amended complaint, we were able to add a complaint for vicarious infringement against AOL for the development of the Gnutella file transfer protocol by its Nullsoft division. Gnutella is Napster without a central processing hub. By setting up a 'sting' operation, one of our investigators was able to track the infringement of several works by Harlan and Isaac Asimov using Gnutella. This presents interesting issues regarding the responsibility for the release of software which effectively pollutes the intellectual property environment.
If it becomes a crime to "pollute the intellectual property environment," then the freedom to program our computers is truly lost. Why does Mr. Ellison not go after the makers of scanners, optical character recognition software, ethernet interfaces, modems, disk drives, and other tools of "vicarious infringement"? What makes software special? Should the author of GNU "cp" start looking for a lawyer? Mr. Ellison has shown himself to be a visionary writer over his career, but he now appears to be at a loss as the world changes around him. Distribution networks like Gnutella may well prove to be an important tool of freedom over the coming years. Nobody should have absolute control over the flow of information, after all. An attack on a creator of this sort of technology in the name of "vicarious infringement" is an attack on freedom. We urge Mr. Ellison to adopt a different set of tactics in this fight. News from the Free Standards Group. After a period of relative quiet, the Free Standards Group has come out with a whole set of announcements. They include:
Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
March 15, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Security page. |
SecurityNews and EditorialsTCP/IP initial sequence number weakness. Now, before you read this article, note that we tend to have a slight bias against vulnerability reports that show up first in the media, rather than in technical/security forums (where we think they belong). That said, this week Computerworld published a story on a "security weakness in TCP/IP". In the article, Guardent, a Waltham, Massachusetts-based security firm, claimed to know of a security flaw in TCP/IP whereby TCP initial sequence numbers that were supposed to be randomized were actually guessable, and could be used to hijack sessions or spoof connections. The company also declined to give additional details, which made evalution of their claims a bit difficult. However, it appears that Guardent did go on to share their "copyrighted research" with CERT, who in turn has validated the existence of the weakness in this vulnerability note. This note still does not confirm what operating systems are vulnerable, though it has been hinted that Linux might be one of several. Underlying the weakness is the question of whether a given operating system has implemented RFC 1948 ("Defending Against Sequence Number Attacks") properly. Potential security issues if this was not done have been known since the mid '80s. Perhaps we should be grateful for Guardent's work to sensationalize this issue, if it results in every operating system auditing its TCP/IP implementation and making needed corrections to it. Nonetheless, the mixture of copyrighted research, secrecy and press exploitation are a bit nauseating. Meanwhile, there do not seem to be any published exploits for this problem as of yet. That makes waiting for vendor advisories and updates a bit more palatable. Carnivore by any other name ... (ComputerWorld). Carnivore, the FBI's program for "monitoring" email communications of suspected criminals, was reviewed by outside consultants at the instigation of the Justice Department. One of the recommendation of those reviewers was that the name of the program be changed. So we're sure you'll all be much happier about the existence of DCS1000, the program formerly known as Carnivore. Given their choice of a cryptic, non-informational name, we'll take a hefty bet that the moniker "Carnivore" will stick, whether they want it to or not. Meanwhile, there's no new information on any substantive changes to Carnivore or previous efforts to get them to Open Source the code. Bad News for Snoops (ZDNet). There's a bit of news about the UK's passage of part three of the United Kingdom's RIP law, or Regulation of Investigatory Powers Act, in this ZDNet article, but the primary focus is on m-o-o-t, which is designed to protect UK citizens from possible abuse of the new laws by the British government. "The self-contained software will be shipped on a bootable CD. User data and mail will be encrypted and stored in offshore data havens, bypassing local storage. Untraceable e-mail and telephony are also in the works". Security Reportsicecast buffer overflows. This week, several buffer overflows in icecast were reported. As a result, icecast 1.3.9 and 1.3.10 have been released in the past week. Icecast 1.3.9 is chock full of security fixes; icecast 1.3.10 contains additional fixes, but the website does not make a note of whether or not those fixes are security-related. In addition, icecast format string vulnerability reported in the January 25th LWN Security Summary has finally been officially repaired. As a result, this upgrade is strongly recommended.
XFree86 nextaw/xaw3d/xaw95 temporary file issues. Bug fixes for temporary file problems with the AsciiSrc and MultiSrc widget in the Athena widget library are now available to resolve situations where temporary files are handled incorrectly.sgml-tools temporary file issues. Versions of sgml-tools prior to 1.0.9-15 are reported to handle temporary file creation insecurely. An upgrade to 1.0.9-15 or later is recommended.slrn buffer overflow. A buffer overflow in the slrn newsreader was found and reported by Bill Nottingham. Check the Debian advisory for more details.
Zope 'aq_inContextOf' method access validation vulnerability. An access validation error in the 'aq_inContextOf' method can be exploited to gain access to Zope objects that should be denied, though they comment that a Zope expert would be required in order to succeed. Zope 2.3.0 alpha, beta and final versions and Zope 2.3.1 beta 1 are all affected. A hotfix has been issued to fix the problem until Zope 2.3.1 beta 2 is released. Applying the hotfix is recommended.Caldera-specific IMAP/POP vulnerability. Caldera issued an advisory concerning several buffer overflows in imap, ipop2d and ipop3d, which are normally not exploitable, because they could only be used to get access to processes already owned by the uid of the attacker. However, a configuration problem makes it possible instead to gain access to the 'nobody' account and execute arbitrary programs. Updated packages are provided.mailx buffer overflow. A buffer overflow has been found in /bin/mailx which, if the program is installed setgid, can be exploited locally to gain access to the gid of the binary. No fix for this problem has been reported. The best workaround currently available is to remove the setgid bit, which will still allow it to be used to send mail, but will severely limit other functionality on systems that require group mail for writing to the mail spool directory.
Mesa temporary file link vulnerability. A temporary file link problem has been reported in the Mesa 3-D graphics library by Ben Collins. Linux-Mandrake has issued updated Mesa 3.3 packages with a fix for the problem. Note that Mesa 3.4.1 was released on February 15th, but no mention of a fix for a temporary file link problem is mentioned, so presumably it is impacted as well.
timed denial-of-service vulnerability. FreeBSD has issued an advisory regarding a denial-of-service vulnerability in timed. The timed server crashes when sent malformed packets. Both a patch and updated packages are provided for FreeBSD. This problem is not specific to FreeBSD, but has not been confirmed on other BSD or Linux systems.rwhod denial-of-service vulnerability. FreeBSD also issued a similar advisory for the rwhod demon.FTP File System buffer overflow. FTP File System is a Linux kernel module that allows FTP repositories to be mounted locally as VFS file systems. A buffer overflow in FTPFS was reported this week by Frank Denis. The author has been notified. FTP File System 0.2.1 was released yesterday, March 14th. Although it does not reference the security report, the description for the update does say, "Sanity checks on mount parameters were added to prevent overflows", so it might be presumed that the new version resolves this problem.UpdatesePerl buffer overflows. Check the March 8th LWN Security Summary for the initial report.This week's updates: Previous updates:
mc binary execution vulnerability. Check the March 8th LWN Security Summary or Bugtraq ID 2016 for more details.This week's updates:
Zope security update. Digital Creations released a security update to Zope (all versions up to 2.3b1) fixing a security vulnerability in how ZClasses are handled the week of March 1st. An upgrade is recommended.This week's updates: Previous updates:
joe file handling vulnerability. Check the March 1st LWN Security Summary for the initial report.This week's updates: Previous updates:
sudo buffer overflow. Check the March 1st LWN Security Summary for the original report.This week's updates:
Previous updates:
XEmacs/gnuserv execution of arbitrary code. Check the February 8th LWN Security Summary or BugTraq ID 2333 for details. gnuserv 3.12.1 resolves the problem and is included with XEmacs 21.1.14.This week's updates: Previous updates:
Multiple glibc vulnerabilities. Multiple glibc vulnerabilities have been reported in recent weeks in glibc. Since glibc updates generally address all the problems, rather than one specific problem, the update report for them has been combined. For the original reports, check the January 18th, 2001, LWN Security Report under the topics "glibc RESOLV_HOST_CONF preload vulnerability" and "glibc local write/ld.so.cache preload vulnerability". This week's updates:
Borland InterBase backdoor. Check the January 18th LWN Security Summary for the initial report. This is the first related advisory we've seen, but note that InterBase is not shipped by default with most distributions.
GNU CFEngine format string vulnerability. Root access can be obtained on a local system by exploiting CFEngine's use of syslog and its related format string vulnerability. Check the October 5th LWN Security Summary for more details.This week's updates: Previous updates:
esound tmpfile link vulnerability. Check the September 7th LWN Security Summary for the original report of this problem from FreeBSD.This week's updates:
ResourcesMinor Bastille testing update. Bastille Linux 1.2.0.pre11 was released this week, the latest in the testing series for this distribution. KNARK rootkit analysis. Toby Miller has made available his analysis of the KNARK rootkit. "In the past if a box had a rootkit installed, an administrator could comb through the binaries and find traces of the rootkit. Not so in this case. The KNARK rootkit actually hides within the kernel making this rootkit almost impossible to find and analyze. How is this being done? Well, attackers are able to do this by using Loadable Kernel Modules (LKM)." EventsRegistration for the 2001 FIRST Conference now open. Registration for this year's FIRST conference is now open. The conference will take place June 17-22, 2001, in Toulouse, France. Upcoming security events.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Liz Coolbaugh |
March 15, 2001
LWN Resources | |||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Kernel page. |
Kernel developmentThe current kernel release is still 2.4.2. The current 2.4.3 prepatch from Linus is 2.4.3pre4, which contains a small collection of important fixes (and an item marked "Alan Cox: continued merging," which could cover a lot of stuff). Alan Cox's prepatch is up to 2.4.2ac20, and it is rather larger. It includes a fair amount of more ambitious changes, some of which have ominous tags like "hopefully fix the buslogic corruptions." There have been no announced 2.2.19 prepatch releases over the last week, though 2.2.19pre17 was quietly dropped onto the FTP site on March 11. SCHED_IDLE, again. It was a relatively slow week on linux-kernel, so perhaps it's fitting that one of the topics that came up was the old idea of a SCHED_IDLE scheduling class. A SCHED_IDLE process would run only if no other process wanted the CPU. This behavior is different from the usual Unix behavior; normally, even very low-priority processes will get a little bit of CPU time. A true SCHED_IDLE class would allow you to run that compute-intensive pig latin song title encoding code without it getting in the way of those all-important kernel builds. The problem with SCHED_IDLE hasn't changed, though. Even idle tasks occasionally need kernel resources. It is possible for an idle task to obtain an important kernel lock or semaphore, then get blocked out of the CPU by a regular task. At that point, the system can hang; the idle task can not run to release its resources, so everybody else just has to wait. This is a variant of the classic "priority inversion" problem, where a low-priority process can monopolize resources needed by higher-priority tasks, and keep them from executing. Priority inversion can be a serious problem, especially if the system involved is on Mars at the time. But even terrestrial applications need to avoid situations that can cause this problem. For this reason, a true idle task has never been incorporated into the Linux scheduler. This time around, the observation was made that processes rarely, if ever, hold important kernel resources when running in user space. In other words, locks and semaphores are only held while the process is running in kernel mode. So the usual sort of solution to priority inversion problems - complicated priority inheritance schemes and such - is overly complex for this situation. It should suffice to remove the idle task attribute from processes running in the kernel. Jamie Lokier posted a simple hack which implements this behavior on x86 systems. Such changes are 2.5 material, of course, so it may be some time before we know if some form of this patch will go in or not. Linus has been hostile to the SCHED_IDLE idea in the past, and this fix may not be adequate to address his concerns. Nonetheless, it's a step in the right direction; Linux may yet have an idle task implementation. Preemptable kernel patch. With little fanfare, Nigel Gamble (who works at MontaVista Software) posted a patch to the 2.4.2 kernel which makes the Linux kernel preemptable. Normally, the kernel follows longstanding Unix tradition in that kernel code can not have the processor taken away from it. When the system is running in kernel mode, the code will run until it voluntarily gives up the processor, or until it returns to user mode. The one exception to this rule is hardware interrupts, but very little work is supposed to be done by interrupt handlers. This mode of operation has traditionally been convenient for kernel programmers, since it reduces the amount of concurrency (and, thus, race conditions) that they have to deal with. It also tends to increase latency, however; the amount of time it takes the system to respond to an event can increase. Thus, your sound card may be crying for more data, but if some other piece of kernel code is hogging the processor, the sound card will have to wait. In many situations, this sort of latency can cause problems. The solution is to make the kernel preemptable, so that a higher-priority process can run even if the system is running in kernel mode. Once upon a time, this would have been a very large change, given the whole new set of concurrency issues that would have to be dealt with. But multiprocessor systems have all the same concurrency issues, and the kernel hackers have been forced to deal with them. At this point, adding preemption to the kernel adds very little in the way of problems. So, Mr. Gamble's patch is surprisingly small. There are some scheduler changes, of course, to make the preemption happen. There is also a bit of code which disallows preemption anytime that the kernel code holds a spinlock. This is necessary for a number of reasons: spinlocks should be held for very short periods, so code which holds one should be allowed to run to completion. Spinlocks exist to prevent certain types of concurrency; a preemptable kernel patch should not defeat that purpose. Finally, preempting code which holds a spinlock could deadlock the system if another thread in the kernel attempts to obtain the same lock on the same processor. This patch is not 2.4 material, of course; a change of this magnitude has to wait for the next development series. But Mr. Gamble has shown that this change is relatively straightforward; it would be surprising if some variant of this patch didn't show up early in the 2.5 series. Is it time for a massive configuration variable renaming? Keith Owens thinks so, and has posted a patch which changes the name of every configuration variable that is automatically derived from other configuration variables. There are advantages to knowing which variables can not be changed directly by the user; this patch makes that knowledge explicit by appending a _DERIVED extension onto each such variable. Now, anytime you post a patch which changes 130 variables and touches 553 source files, you're going to raise a few eyebrows. Doing so in a stable kernel series doesn't help, either. So it's not surprising that this patch attracted some complaints. These varied from the usual "it's unnecessary" or "wrong solution" variety through this query from Eric Raymond, who is under the impression that his CML2 configuration scheme will be adopted in 2.5, and is thus wondering why people are bothering to mess with the older scheme. In fact, nobody came out in support of the proposed change. This patch would appear to be doomed. Hopefully the 2.5 kernel series really will see a replacement of the kernel configuration system; at that point, a lot of things will get easier. Actually, things have been somewhat quiet on the CML2 front for a while; Eric has pronounced it ready, and is mostly just waiting for it to be incorporated into the development tree. There has been one bit of progress, however. Back in November, the CML2 system was examined on this page; one of the things we noticed is that the CML2 compiler took an awfully long time to run. Eric finally looked into the performance side of things, and found something interesting: the compiler took 28 seconds to run on his system, and 26 of those were spent in the automatically-generated expression parser code. One might just conclude that there is some room for optimization there. And, in fact, after recoding the parser by hand, Eric reported that the compiler's execution time had been cut in half. 2.5 kernel configuration is not going to have to be slow after all. Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
March 15, 2001 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsCriteria for the LWN Distributions List. Occasionally we get asked about the criteria we use for adding or removing distributions from the Distributions Lists that you see in the left and right-hand columns of this page. Usually, the request comes from someone who has a distribution that they would like to see listed. So far, we haven't turned anyone down. The criteria for the LWN Distributions list have evolved organically over the years. This is our first attempt to codify those criteria and likely will be a bit buggy in its first draft. Distributions Critera:
Besides, the analogy of Linux to a pizza is a fun way to explain the proliferation of Linux distributions. "Does anyone ever fret about pizza recipes 'forking' because some new restaurant does it a little differently? Does the existence of well-known national brands like Pizza Hut and Domino's affect the popularity of Pizzeria Uno -- or of my personal favorite, Pendeli's in Montreal? Of course not." Note that the Linux/Pizza analogy had its source in this LinuxToday commentary by Brandioch Conner. Tying in well with our discussion last week, Dominic Mitchell pointed out that Tim O'Reilly's Linux Anatomy poster does a much more complete job of describing the structure of Linux than the simple one we used last week. Now to get a poster or two of our own ... Midori Linux from Transmeta. Midori Linux is a new embedded Linux distribution added to our list this week. This announcement made a slightly bigger splash than usual because Midori is Transmeta's Linux distribution, in use for some time, but formally announced this week. Any time Transmeta is mentioned, the press generally leap forward to drag in the fact that Linus works for Transmeta. This time was no exception, with Wired News commenting almost immediately on the potential conflict of interest. What conflict of interest? Linus originally chose his job at Transmeta, according to wide report, partially in order to not choose sides amongst the early pioneers, Linux companies that based their revenue on packaging and shipping Linux. Of course, he also chose the job because he was interested in the work, liked the company, was willing to move, his wife said it was okay, and all the other hundreds of reasons that are involved when anyone chooses a new job. Now the company he is working for is releasing a Linux distribution. Does that mean that Linus has finally chosen a side? Will this bias his work on the Linux kernel in favor of Midori and against other established Linux companies? Not at all. The landscape has changed since then. When there were only a few players in the field, the possible association of Linus with any one of them could have caused an instant branding, making the Linux distribution from that company the "real" Linux, the "only" Linux, etc. Now that we've got hundreds of them, the announcement of Midori is simply that, the announcement of a new embedded Linux distribution, bring our total of Linux embedded distributions to 27. In addition, Midori Linux is aimed at a very small niche, doesn't run on your average PC or server and just is not designed to become "The Linux". So it made a good sound bite, but it's just the usual media frenzy. Meanwhile, you're encouraged to check out the site -- they did an excellent job and we like the artwork. New DistributionsFlightLinux. FlightLinux is another new embedded distribution, this time based on Blue Cat Linux. The goal of FlightLinux is to develop a real-time based version of Linux for use aboard spacecraft. Newsforge put out an excellent article about FlightLinux, including interview material from talking with Pat Stakem, originator of the FlightLinux project and "senior staff engineer for the QSS Group, a high-tech contractor that counts NASA and other government agencies as its biggest clients." Note that we're grabbing our distributions very young these days -- FlightLinux has not yet made it to its 0.1 release. Looks like a lot of fun, though. WinSlack. WinSlack 1.0 was announced on March 2. Based on Slackware, WinSlack provides a GUI environment meant to duplicate the basic functionality found on Microsoft desktops. The project originated from the need to provide a workable operating system for computers donated to charity. The computers are reconfigured and, due to licensing issues, the original operating system is removed and replaced with WinSlack. At that point, they are ready to be used by underprivileged and low income families. Kudos to the WinSlack team for their work in this area. Note that the modifications they've made, from their experience of what was necessary to make the systems more useable for their end customers, should be reviewed by any distribution trying to make Linux more user-friendly. Scyld Beowulf. We've covered news about Scyld Beowulf several times in the past, on our front page and commerce page, but somehow we managed not to cover it on the distributions page until now. Thanks to Ray Jones for writing and pointing out the omission. Scyld Beowulf is the Linux distribution put out by Scyld Computing, the company started by Donald Becker. Donald is the guy who first strung together a rack full of Linux systems and called it "Beowulf." He is also, incidentally, the author of a vast number of network drivers in the kernel. Telemetry Box Distribution. We mentioned the Telemetry Box Distribution back in January, just after their announcement of the Telemetry Box Distribution 1.0. Dirk Manske pointed out, however, that we failed to include it in our list. Sorry for the oversight - it has been added. For those that missed the original report, the Telemetry Box distribution bundles Open Source diagnostic software with Debian GNU/Linux to provide a distribution tailored for use in telemetry projects; that is, projects that "gather information from servers, preprocesses the information and then either directly displays or forwards the information via a secure link for further processing". Distribution NewsCaldera News. Caldera Systems has announced that its latest OpenLinux server release has gone into an open beta test period. It's called "Project 42," and it features things like the 2.4 kernel and a full set of server software. Debian News. Debian 2.2r3 is in the works. This is a minor "point" release for Debian 2.2. Debian's point releases include all security updates since the previous release, making it possible to provide a stable and secure set of packages from which to burn new Debian CDs. The next Debian Bug-Squashing Party will be held this weekend, March 16th through the 18th. This week's Debian Weekly News focuses on security enhancements to Debian's package system, notably improved package signature handling and support for signed releases. RedBlue Linux News. LinuxDevices reported this week on the Chinese Linux PDA solution based on the RedBlue embedded Linux distribution, which will be demonstrated at CeBit. "The Chinese Linux-based iPAQ solution includes: RedBlue embedded Linux operating system, RedBlue/Palmlike windows launcher, FLTK GUI application framework, PIM applications, power management, Internet access, an MP3 and MPEG player, picture viewer, fax, email, Chinese handwriting recognition, synchronization from IrDA and USB, ViewML web browser, games, and a file manager based on the RedBlue/Palmlike environment". NIC Linux News. NIC Linux Version 2.0, a new version of the Linux distribution that runs on Larry Ellison's ThinkNIC Internet appliance, was announced this week. Enhancements in the new version include support for the latest Real Player and Macromedia Flash players, improved support for broadband and dial-up ISP connections, improved performance and reliability (translation: bugfixes), a new graphical boot-up and Netscape 4.76. Coyote Linux News. From the Coyote Linux website, we found a link to this video by Mark Hagan on "How to build a Ghetto Router". The router is based on Coyote Linux. Virtual Linux News. Virtual Linux, the Linux-Mandrake-based distribution tailored to run off of a CD, has found at home at Sourceforge, so it has been officially added back onto our list. They also released Virtual Linux 0.8 Rc0, which tests out a new KDE, and includes performance enhancements, vfat swap file support and more. Distribution ReviewsSuSE Linux 7.1 -- 2.4.0 Kernel And More (Byte). Byte reviews SuSE 7.1. "I decided to install this SuSE distribution to ensure that my Internet server had access to all the latest security fixes, especially a bug-free version of Bind. I wanted a 2.4 kernel, with the journaling and without the previous 2-gigabyte file-size limit. What I ended up with was a development environment par excellence." (Thanks to Robert Graziani). Review: Turbolinux Workstation Pro 6.1 (DukeOfUrl). The Duke of URL reviews Turbolinux Workstation Pro 6.1. "Installing TurboLinux is a snap. Like Slackware and Debian, it uses a text-based install routine, bucking the trend of the graphical installion tools found in many Linux distributions. Although it can be perceived by many to be behind the times, it did get the job done very effectively and with a minimum of mouse clicks." Section Editor: Liz Coolbaugh |
March 15, 2001
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's On the Desktop page.
|
On The DesktopEazel releases Nautilus 1.0 and adds Text Tools, a text view search service. Andy Hertzfeld, Software Wizard and Founder of Eazel, sees the desktop as a graphical shell, something as powerful as the command line loved by hackers but with a graphical front end that made it accessible to the end user. Since the founding of his new company, Eazel, his vision has been to make that graphical interface for end users of Linux and other Unix-styled operating systems. Nautilus 1.0 is the realization of that vision. This week Eazel introduced Nautilus 1.0, the first public release of the well publicized software that implements Hertzfeld's ideas. In preparation for that release, Eazel's Director of Product Management, Tom Goguen, called me to talk about Nautilus and Eazel's backend service business. Tom is an ex-product marketing henchman for Sun Microsystems who has been at Eazel for the past three months. Tom opened up his discussion on Nautilus with words of praise for the developer community that helped reach this first stable public release. "We want to thank everyone who's been involved with it. This project involved over 100 engineers - fully 2/3 were from the developer community at large". That's a big project to manage and I asked Tom how dealing with a conglomeration of developers, most of whom are not under direct control of Eazel, changes the way development is done in a business. "The only issue you run into is when [developers] arrive at the last minute with bug fixes and they discover that it's a few weeks to delivery and they try to get all their fixes in at once. It's a bit challenging managing that and the expectations associated with that". So the development process actually changes from traditional top down management. And it definitely changed Tom's view of that process. "It changed my experience as a product marketing guy", he laughed, "partly because as a marketing person you never believe the times you get from the engineers, you always build in a little padding. With a 1.0 open source release there is always a little more variability as to when the product will show up. In a funny way it requires a little different approach from a marketing perspective. You don't make one big giant announcement to the world. You come out and talk to the community when it's ready and then tell the world shortly thereafter". Essentially you check to see how badly the developers revolt and if their response is "that wasn't too bad", then tell the world.
The infinitely growing shell - Nautilus. As Goguen puts it, "Nautilus is infinitely extensible". Built around the popular GTK graphical toolkit, its interface is easily customizable by the end user, but configuration goes far beyond its look. Nautilus is also extensible on the back end, where services can be linked to specific file types. Developers can add services that expose file views to Internet services in a contextual way: text files can be exposed to text services, music files to music services, graphics files to graphics services. And that's where the use of the name Nautilus arose. The Nautilus is a shelled sea creature with an ever increasing number of chambers that give the shell its unique appearance. "Because the software is infinitely extensible graphical shell", says Gogue, "the Nautilus itself made a great symbol for us". In this 1.0 release, Eazel is introducing a new feature called Text Tools, a backend service for doing Internet-based searches on text files. While you have already been able to view a text file inline from within earlier releases of Nautilus, in 1.0 you can now highlight any word within that file and do searches in dictionaries or through Google or other search engines or perhaps even have the highlighted word translated. Eazel feels this feature will interest developers and application service providers. "This gives an example of how you can now deliver services directly to the desktop and expose them to the media people are using. You can imagine doing this in the music view or the image view. You could add a 'Print At...' that would allow an image view to be printed at an Internet connected service bureau (a printer for high end graphic prints). It's pretty powerful and pretty cool. We think it will be interesting over the next few month in terms of how developers begin exposing their online services through the interface". Eazel demonstrated some beta versions of Text Tools at LinuxWorld but really hadn't talked about it outside of that till now. Right now, the feature is just implemented with text files, not across other media formats. "It is just implemented in text files right now because the services are specific to the media type", said the Eazel director. This means that other services are expected to be added later for other file types. Notes Goguen on the text views support, "What's interesting to me is that every word in every text document is a potential hyperlink now, driven by the user instead of the author". "We anticipate people taking, say, the music view and adding services such as burning CDs or pulling information about artists or songs or whatever". With the current implementation, Eazel has used Google as the backend search engine for the Text Tools services. But users can modify the XML configuration file to use different search engines. "We expect developers to establish initial settings for their services, but users will be able to modify them as they see fit. It's a completely exposed interface for developing views for passing the information through GNOME VFS out to the Internet or a network file system". While Eazel is releasing a full-fledged software distribution of Nautilus, they won't offer a packaged product. Their main source of income will come from those backend services similar to the Text Tools search engine. Their current set of services includes a software catalog, internet storage service and in the next few weeks they will have a software updating service online. The key to Eazel's success is getting Nautilus onto as many desktops as possible, so that, in the long term, access to these services will be not just desirable to end users, but readily available from their desktops. Yet despite Eazel's focus on services, packaged versions of Nautilus are in the works. "Nautilus is going out with Red Hat, both 6.2 and 7.0, and we also did a joint agreement that includes backend services which include update services. Red Hat and Eazel are collaborating on the infrastructure for that", said Goguen. "Out the door we're supporting RH 6.2 and 7.0. We're working on Mandrake next, followed by SuSE and others. We have it running on Solaris in the office". While Ximian showed GNOME on HP at LinuxWorld, Eazel hasn't started work on that platform yet. "If the Ximian guys are going to support that with 1.4, then we'll eventually support it. Nautilus will be in 1.4. One of our guys is actually co-release manager of GNOME 1.4". So who exactly is supposed to use Nautilus? Says Goguen, "If you're an end user managing lots of data, lots of files, lots of digital media then this is going to be a killer tool for you. It has lots of features that help you do this: zoomable interfaces, thumbnailing of documents and images, ability to preview documents, images and music. All of these combine to make Nautiuls incredibly powerful. Of course, tied to that are the online services. It's intuitive to tie into our services, and even third party services, by tying those services directly to the media". But is it ready for the secretarial world? "Let's be frank, there aren't a lot of them with Linux on their desktops yet, but Nautilus will make it easier to put them there". "Nautilus is redefining the user experience. It's no longer a question of finding an application to edit a file. Nautilus has flipped this view on end. It's a question of managing my data from my data", explains Goguen. "Nautilus will tell me what tools I can use to view or edit the document using MIME types. Instead of thinking of a desktop with a bunch of tools, Nautilus makes the desktop more like a dashboard where you look at your information and examine it with the services you have". Desktop file thumbnails and previews for image files appear to be handled by thumbnailing the image initially and then scaling the thumbnail. The first time the file is encountered, the thumbnailing can take a while if the files are very large, but, after that, performance is better because processing is handled through the thumbnail and not the original image. I didn't ask but one wonders what methods are used to keep the thumbnail synchronized to changes made to the larger image file. Transparency and alpha-blending are built into Nautilus, thus there is no need for the recent updates to XFRee86 from Keith Packard to clean up the X interface. There are couple of people who are key contributors to the FreeType project working at Eazel, and Eazel has taken advantage of their skills to help tidy up the display. According to Goguen, there is an option in Nautilus to let Nautilus render the desktop to make it look cleaner. Eazel's Software Catalog also gets an update. Eazel's Software catalog is also getting a new look this week, making it easier to use with the introduction of software suites. "In Nautilus, you'll see, for example, a music suite on the software catalog which will help you find everything you need to RIP and play MP3 files", says Goguen. Today, their software checks dependencies to make sure you have what you need and won't have any conflicts. In the future, what you'll see with suites like the Music suite is an ability to get several applications that can work together. For example, in an MP3 environment you'll find applications for playing, ripping and moving files. Goguen adds, "We'll have a browser suite which will provide a browser and all of the plug-ins that go with it. This gets us much closer to what a casual user would enjoy using". The software catalog is accessible both through the web and with the Nautilus software, but to do the easy software installs, you need to be running Nautilus. The top right hand side of the Nautilus window has a button that takes you to Eazel's services. When asked about issues related to low-bandwidth connections, they replied "Nothing more than the issues you normally encounter with large files. Right up front, when the software catalog does its checking, it decides what packages you need and tells you the sizes of the collective download before you start it". One of the things they're working on is providing downloads of file differences, essentially a form of rsync that will reduce the actual amount of data downloaded in order to get packages to users. Goguen closed our discussion with something he's been telling Windows fans who have been saying Windows XP will have similar similar features at its release. Quotes the Eazel exec, "Linux has Nautilus now". You can download Nautilus 1.0 from Eazel's website at http://www.eazel.com/download Desktop EnvironmentsKernel Cousin KDE launches. The first issue of Kernel Cousin KDE, a news site covering KDE development, has hit the web. Topics in the inaugural issue include the KDE printing system, the 2.1 release schedule, and more. GNUStep weekly update, March 11, 2001. The GNUStep weekly development update has been posted. Section Editor: Michael J. Hammel |
March 15, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Development page. |
Development projectsNews and EditorialsIn past issues of LWN, we have discussed the need for alternatives to the popular SourceForge site at VA Linux. SourceForge provides an excellent resource for open-source development, but we firmly believe in the axiom "Don't put all of your eggs in one basket". Currently, SourceForge lists over 17,000 projects and over 134,000 users. That's a lot of eggs.Some fairly recent entries into the world of open-source project hosting include BerliOS which currently hosts 85 projects and has 265 registered users, and Savannah which claims 85 projects and has 328 registered users. Savannah is based on the SourceForge 2.0 code, which is freely available. Savannah seems to be strongly oriented toward GNU projects, leading to the question of whether non-GNU projects can be hosted there. Not everybody wants to work within the rules for GNU projects (i.e. signing copyright over to the FSF, coding standards, etc.). One has to dig pretty far into the site before finding the following text: The FSF would like to extend an invitation to any Free Software project to be hosted for no price and no catch. This is our token of appreciation to the people who help make the GNU project a reality. Thus, it is not necessary to go the full GNU project route, as long as the software involved has an FSF-approved free license. The open availability of SourceForge software takes a lot of the work out of starting a new software hosting site, it seems like the time is ripe for some new sites to open up. Surprisingly, there are not very many small, focused-area software hosting sites. Many areas of focus are available, including among other things, specific languages, embedded systems, and database and web applications to name a few. Whether it is possible to make money with a software hosting site remains to be seen, but such a site brings a level of community recognition that money can't buy. One would think that a few of the larger, well established computing companies such as Sun or IBM would venture into the software hosting arena. It's probably only a matter of time before they do. Meanwhile, the launch of Savannah should provide a much-needed alternative to SourceForge. (Thanks to Marko Schulz for the pointer to Savannah). DatabasesOracle MySQL conversion available. A conversion kit from MySQL to Oracle has been mentioned on the MySQL site. "At MySQL AB we are pleased to note that Oracle Corporation has shown their recognition of the significant MySQL impact in the database market by creating a MySQL-Oracle migration kit. We are delighted that Oracle shares our view that it should be easy to transfer data between various database architectures." Embedded SystemsEmbedded Linux Newsletter, March 8, 2001. The latest summary for the week that was in the embedded Linux market has been published: LinuxDevices.com's Embedded Linux Newsletter for March 8, 2001. InteroperabilityWine Weekly News for March 12, 2001. The March 12, 2001 edition of the Wine Weekly News has been published. This issue covers a new Wine web site with lots of tips for dealing with real-world problems, asynchronous I/O performance tests, and other Wine speed improvements. Mail SoftwareMailman 2.0.3 released. Version 2.0.3 of Mailman has been announced. Mailman manages electronic mail lists with a web based interface. This version includes an important privacy patch. Network ManagementA Visit to OpenNMS. Pete Siemsen made a trip to the OpenNMS facilities in North Carolina and posted some useful tips that he learned about getting OpenNMS installed and running on his system. "A functional system has several pieces: Java, OpenNMS, PostgreSQL, Tomcat, Xerces, RRD, Ant, etc. Versionitis is a problem. On my system, some components had to be upgraded because they were all of a month old! The team will bundle things for releases, but this problem will make life interesting for developers." Two new OpenNMS Updates.
ScienceMajor Releases for BioPython and BioPerl (bioinformatics.org). Two major releases of Biopython and Bioperl have been released. Both projects consist of collections of tools for use in molecular biology and genome research science. Last, but not least, there is also a BioLisp project. Software Development ToolsGnu Visual Debugger 1.1.0 released. Version 1.1.0 of the Gnu Visual Developer has been released. "Besides providing all the features of other debugger GUIs, GVD includes advanced data display and visualization capabilities. Furthermore, GVD allows the debugging of multi-process/multi-threaded applications in the same debugging session." For an added challenge, GVD is written in Ada... Software TestingTesting, fun? Really? (IBM developerWorks). Jeff Canna discusses software testing in an IBM developerWorks article. "Testing. Yuck! Puh! Aagh! I've always hated testing. Testing, both unit and functional, is something that gets in the way of the 'real' work. Everyone knows that their code is perfect, right? In the unlikely event that the code does need to change, the comments are so well written that anyone could figure it out. Wow, am I in need of growth (maybe some counseling as well.)" Web-site DevelopmentNew Zope Documentation. Michel Pelletier has announced the creation of several new Zope publications, some of which are still in the planning stages. Included are the Zope book, a Zope Developer's Guide, and a Zope Administrator's Guide. All three documents are being released under the Open Publication License. Window SystemsQt 2.3. Trolltech announced the release of Qt 2.3, now with anti-aliased fonts and True Type and Type 1 font support for printing. The People Behind KDE: Dirk Mueller. This week Tink interviews Dirk Mueller. Dirk has been working on the Konqueror HTML engine of KDE 2.x. "How and when did you get involved in KDE? I read about KDE the very first time by following a link posted in a Linux related newsgroup to an archive that contained Matthias Ettrich's initial call for programmers back in early 1997. I read the article about KDE by Kalle in the german computer magazine c't later that year and from those days on I started to follow KDE development, mainly as a user and a convert from the Linux console, where I've been previously porting a text based C++ News and Mailreader too." Recommended ReadingDebunking the myths of UI design (IBM developerWorks). Paul Smith discusses the importance of user interface design in an IBM developerWorks article. "Everyone in product development does design work, whether they know it or not. Moreover the design is the dimension of a product that customers see and feel; it is what satisfies or disappoints them." Section Editor: Forrest Cook |
March 15, 2001
|
|
Programming LanguagesExpressiveness and language choice (IT World.com). Robert C. Martin discusses dynamically typed languages in an IT World.com article. "As this decade progresses I expect to see an ever increasing use of dynamically typed languages such as Python, Ruby, and even Smalltalk. These languages are often referred to as 'scripting languages'. I think this is a gross injustice. It is these languages, and languages of their kind that will be mainstream industrial languages in the coming years." JavaCatching more errors at compile time with Generic Java (IBM developerWorks). Keith Turner discusses Generic Java and parametric types in an IBM developerWorks article. "The elegance and expressiveness of the Java programming language has won the hearts of academics and developers alike. Additional features may enhance the Java language, but it is hard to reach a consensus on what to include and how to implement it. For example, there is an intense debate over whether to include operator overloading. On the other hand, there seems to be a general consensus that parametric types would be a welcome addition to the language specification. Here the contention exists over how parametric types should be added. One popular proposal is called Generic Java (GJ). This article will introduce parametric types and discuss some of the strengths and weaknesses of GJ. " LispLISA 0.5a released. The first public alpha release of LISA, the Lisp-based Intelligent Software Agents, has been announced. Markup LanguagesXimian soups up SOAP for Linux (ZDNet). SOAP is an XML-based protocol designed for sharing data in a distributed environment. Here's an article about SOUP, Ximian's SOAP compiler. "Ximian is creating a tool that will allow Web services written for Linux to be compiled for SOAP. De Icaza said the compiler could be available to developers within two months. A compiler changes the software code into language a computer can understand, allowing the computer to run the program. " PerlPerl5 Porters for March 12, 2001. The March 12, 2001 edition of Perl5 Porters is out. Topics covered this week include podchecker questions, EBCDIC and UNICODE, and uses for the previously undocumented PERL_DL_NONLAZY environment variable. Writing GUI Applications in Perl/Tk (perl.com). Nick Temple discusses multi-platform Perl/Tk GUIs in an article on perl.com. "In this article, I will introduce the basics of installing the Perl interpreter for Win32 and writing a visual application using the Tk (toolkit) modules. This system is geared toward the Win32 and Linux developers; however, most of the information presented pertains to other operating systems as well." VoiceXML Adventure Game (WebRef). Continuing in the series on VoiceXML, a WebRef article discusses the writing of a voice based Adventure game on the Tellme site. Tellme: You are in a small room with three doors. Tellme: To open the first door, press 1. Tellme: To open the second door, press 2. Tellme: To open the third door, press 3. User: (pressed 1) Tellme: You see a large hungry monkey.We can only hope that this doesn't get popular with commuters who own cell-phones. Test Shows 99.99% of High School Seniors Can't Read Perl (bbspot). Showing a growing trend towards code illiteracy, this study tells of a developing crisis: "San Francisco, CA - Recent results from standardized Perl Fluency Test showed that 99.99% of US high school seniors can't read Perl. This disturbing statistic shows that American students are painfully unprepared for life after graduation." Two New Perl/Tk widgets. Robert Kiesling has announced the availability of two new Perl/Tk widgets, Tk::SimpleFileSelect and Tk::Browser. PHPPHP Weekly Summary for March 12, 2001. The March 12, 2001 issue of the PHP Weekly Summary is out. This issue covers the newly redesigned PHP Net site, PHP 4.0.5 RC1, compressed output buffering benchmarks, and more. PythonPython Conference Coverage (zopeNewbies). The zopeNewbies site has coverage of the O'Reilly Python Conference last week in Long Beach, California. O'Reilly also has coverage of the Python conference by Laura Lewin, and Frank Willison. Jython 2.1 alpha released. The first alpha release of Jython 2.1 has been announced. Jython, of course, is the Java implementation of the Python language; the 2.1 release mirrors the Python 2.1 release. Linux version of Installer for Python 2. Gordon McMillan has announced the Linux version of Installer for Python 2. The installer provides a way of packaging Python applications and dependencies for distribution. Tcl/TkThe latest issues of Dr. Dobb's Tcl-URL!.
tclpython 2.0 announced. Tclpython version 2.0 has been announced. Tclpython allows the execution of Python code from within a Tcl script. Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Commerce page. |
Linux and BusinessThe sad story of Linuxgruven. The name sounds cool, the web site looks cool, but what's happening now is both sordid and sad. You can read the St. Louis Post-Dispatch report on the troubles at Linuxgruven, or the official statement from Linuxgruven co-founder and acting CEO James Hibbits, or you can wade through piles of posts on Slashdot and the kulua archives (kulua = Kansas Unix & Linux Users Association), but all those sources provide more questions than answers. The kulua archives from last January report that the Clayton, Missouri company was in trouble with the Kansas City Better Business Bureau, and responses from then CEO Matt Porter failed to provide any answers. Linuxgruven's main business seems to be Linux training. According to the web site you can train for Sair GNU/Linux certification or LPI certification. In fact LPI (Linux Professional Institute) lists them as a Bronze Sponsor. However according to this St. Louis Post-Dispatch story (dated Feb. 8) "Sair Linux of Oxford, Miss., has suspended Linuxgruven as one of its accredited centers for learning Linux. Sair Linux says Linuxgruven failed to hire instructors that have passed Sair's tests on using its teaching materials." This article also states that Linuxgruven is under investigation by the Better Business Bureau's of Eastern Missouri and Southern Illinois. The essence of the allegations against Linuxgruven deal with a sort of bait and switch scam in which a job is advertised, but an applicant is first required to pay for a class, which they must pass to get the job. In the worst case one poster told of being offered a job, and was then asked how they wished to pay for it. While it is difficult to determine the magnitude of the Linuxgruven offenses, it is even harder to determine whether the alleged abuses were the result of the actions of a single individual, or several individuals or some deliberate company policy. Here are some of the facts, as far as we have been able to determine.
The founders of the company lay the blame on the management team they hired last year, and vow to try again. EuroLinux open letter to the European Commission on software patents. The EuroLinux Alliance has sent an open letter to the European Commission regarding its consultation process on software patents, which appears to have stalled. Even worse, there is evidently a move afoot to set up software patents in Europe without finishing the consultation process. EuroLinux, of course, wants the Commission to think things through a little better first; we wish them luck. EuroLinux has also sent the EC some proposals for EC consultation on software patents. Lineo breaks ground for new corporate headquarters. Some companies go into crisis mode and cut staff when their IPO's fail to happen; Lineo, instead, is starting construction on a new headquarters building. It will have room to hold 450 people, even though Lineo currently only has 140 in Utah. Zero-Knowledge Systems Raises US$22 Million Financing. Zero Knowledge Systems has announced the receipt of $22 million in venture funding - an impressive achievement in these times. A somewhat more ominous paragraph can be found at the end of the release, though: "In addition to securing financing, Zero-Knowledge also announced today that it is reorganizing the company to focus on delivering its technology and services in the most effective manner to its customers, both enterprises and consumers. This reorganization will allow Zero-Knowledge to continue to provide the best privacy technologies to its customers." OSDN and BRIE to present symposium on ''rethinking business in light of open source''. The Open Source Developer Network and the Berkeley Roundtable on the Internet Economy have announced a symposium on "rethinking business in light of open source." A number of well-known Linux figures will be there, along with representatives from IBM, Mozilla, the EFF, and more. It's happening on April 18 in San Francisco. AMD, Linux NetworX deliver Linux cluster to Boeing. We have press releases from both AMD and Linux NetworX proclaiming the sale of a Linux cluster to Boeing. The cluster features 96 AMD Athlon processors, and it will be handling fluid dynamics problems for Boeing. Caldera's New OpenLinux server product enters beta. Caldera Systems has announced that its latest OpenLinux server release has gone into an open beta test period. It's called "Project 42," and it features things like the 2.4 kernel and a full set of server software. Separately announced is a deal with Lutris to ship the Enhydra application server with "Project 42." RidgeRun Releases Open Source Service Discovery Protocol. RidgeRun, Inc. announced that it has added support for Bluetooth Service Discovery Protocol (SDP) to the OpenBT Linux Bluetooth stack sponsored by Axis Communications. SDP will be incorporated into RidgeRun's upcoming distribution of DSPLinux which is focused on Texas Instruments' Digital Signal Processors (DSPs). MontaVista, ITT announce handheld radio agreement. MontaVista Software, Inc. and ITT Industries, Inc. announced that they are working together to enhance a handheld radio communications system for soldiers. The ultra-capable communications system relies on Hard Hat Linux to support multiple StrongARM processors. Agenda Computing Launches Pure Linux PDA. Agenda Computing will soon launch a pure Linux PDA (personal digital assistant) called the VR3. The launch is scheduled for COMDEX in Chicago beginning April 3. Linux Stock Index for March 08 to March 14, 2001.
LSI at closing on March 08, 2001 ... 33.33
The high for the week was 33.33
Press Releases:Open source productsUnless specified, license is unverified.
Proprietary Products for Linux
Products and Services Using Linux
Products With Linux Versions
Java Products
Books & Training
Partnerships
Personnel
Other
Section Editor: Rebecca Sobol. |
March 15, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux in the news page. |
Linux in the newsRecommended ReadingDeCSS 2? DVD code broken again (ZDNet). Seven lines of perl code is all it takes these days to read DVD's, according to this ZDNet article. "Last week, a Web site published the pair's seven-line program, which unscrambles the protection around a DVD so quickly that a movie can play at the same time, although the film appears choppy. It's the shortest program to break DVD defenses to date." The Story Behind Tux the Penguin (Wired). Wired News has posted this article on the Linux logo. "'When I saw the new IBM Linux advertising campaign, I wondered how much of their multi-million dollar budget went to licensing fees for the penguin,' said a public relations representative who requested his name not be used. 'I was amazed to find out that anyone with a Linux-related product or project has the right to use the penguin. Normally, teams of always-angry lawyers fiercely protect logos. And when I discovered you could alter the penguin however you choose, I was flabbergasted. Logos are sacred, untouchable icons in corporate culture.'" Putting the Web in a Bind (ZDNet). Here's an article about security and BIND bugs. "When asked why more system administrators don't upgrade BIND on their DNS servers, ISC's Vixie said it is purely their option to do so. The ISC does not monitor BIND users or notify them of changes. Registering BIND users is contrary to the concept of freely available software as open source code, he added. The only requirement asked of a downloader is "to use it in good health," he said. Vixie said BIND users may sign up for a newsletter that fills them in on patches and when upgrades are available, but fewer than 500 have done so. He estimated there are at least 30,000 administrators of DNS servers who would need to be notified. " Is Open Source Un-American? (O'Reilly Onlamp.com). Tim O'Reilly replies to readers responding to his swing at Microsoft's recent comments on open source. "Regarding Kerberos, Jim insists that Microsoft's Kerberos implementation is interoperable. He admits that you can't use the additional Microsoft-specific features in other systems, but says that if it isn't interoperable, he will make it so." It's Tool Time (ZDNet). ZDNet reports on open source methodologies and philosophies and says that even open source is prone to basic software issues. "Regardless of who's in charge, open-source development methods can't free you from management foibles. The lessons of Fred Brooks' software project management classic, The Mythical Man Month, remain as true as ever. For instance, throwing more programmers at a late project will just make it later. As the unofficial delays in the release of Linux 2.4 showed, that's still true-with or without open source." CompaniesTed Ts'o (ZDNet). ZDNet covers kernel lieutenant Ted Ts'o. "Now, as a principal engineer for systems integrator VA Linux Systems, Linux is his full-time job, which continues into the late evening as he tries to catch up on messages dealing with bugs." Pop goes the Eazel (ZDNet). Here is ZDNet's take on the layoffs at Eazel. "The company had $15 million in funding from investors, with Accel Partners holding the lion's share. Now, with most of that money burned through, Eazel is looking for more funds. Sources close to the matter say though that the venture capitalists are not pleased with Eazel's path to profitability." Eazel lays off more than half its staff (News.com). According to News.com, Eazel has just laid off about 40 employees. "'What we're doing is getting our burn rate and business plan more in line with the more sober economic environment,' said Brian Croll, Eazel's vice president of marketing." Linux company [Eazel] to release key software (News.com). News.com reports on the release of Nautilus 1.0. "One significant change to Nautilus 1.0 over earlier test versions is the addition of 'text tools,' which will allow computer users to take actions when they highlight words in a text document. For example, people will easily be able to submit that text to the Google Internet search site or to an online dictionary." New Sylvania Internet/TV has "Linux inside" (LinuxDevices). LinuxDevices reports on the Sylvania's upcoming digital TV which will run an embedded version of Linux. "The new Sylvania Internet/TV receives standard broadcast or cable TV signals via a built-in TV tuner and is usable as a high resolution display for external video sources including VCRs, DVD players, DSS, cable boxes, and computers (up to 800 x 600 SVGA resolution). The system is also "HDTV-ready," which means it will be able to display the high bandwidth video signals produced by an external HDTV receiver. " Guest editorial: Microsoft's Ironic Valentine (LinuxDevices). Michael Tiemann, CTO of Red Hat, comments further on recent Microsoft attacks on Open Source and Linux. "By using the non-proprietary HTML file format, and by publishing the source code to the HTTP protocol, Berners-Lee made it easy for others to create their own Web content and Web sites. People immediately ported this software from the quirky NeXT platform to mainstream systems by Sun Microsystems, IBM, Hewlett-Packard, Silicon Graphics and even Microsoft. Dozens, then hundreds, then thousands, and now tens of millions of people have created their own Web sites, Web content, search engines and other innovations." Opening proprietary code doesn't come easy for HP (ZDNet). ZDNet looks at HP's OpenMail vs open source situation. Historically, HP has been open source unfriendly. Carly Fiorina, HP CEO, at October's NetWorld+Interop show, signaled a change in her keynote speech by saying that, "The open source movement is natural, inevitable and creates huge benefits. It's part of the next wave of computing." BusinessOnly the strong survive in Linux landscape (News.com). Here's a News.com article about the tougher business environment. "Few doubt there is a future for Linux itself: It is the second-most popular server operating system, won the heart of IBM, and was identified as Microsoft's 'threat No. 1' by Chief Executive Steve Ballmer in a January speech. And the cooperative programming effort that creates Linux shows no signs of slacking off. But much of the entrepreneurial momentum behind the operating system is gone." Is that a penguin roosting in Redmond? (ZDNet). Here's a ZDNet opinion piece saying that Microsoft should buy Corel's Linux division. "Still not convinced? I'm sure there are plenty of nattering nabobs of negativism (apologies to Spiro Agnew) out there who think that Microsoft is the absolute worst thing that could happen to Linux. But, let's face it, the vox populi act can only be played out for so long. Don't the guys who talk the open source talk while reaping the benefits of reselling an essentially free operating system strike you as just a bit disingenuous?" Commentary: Linux faces the law of capitalism (News.com). News.com is running a Gartner Group pronouncement on the future of Linux businesses (and distributors in particular). "The current level of activity suggests the opportunity for Linux has not yet peaked. Still, the route to success will become much more complicated (and expensive) for Linux distributors. Providing obvious added value will become critical and will probably involve an operating system/middleware software stack, not just operating system distribution." ReviewsAgenda to challenge Palm with "pure Linux PDA" (LinuxDevices). LinuxDevices looks at Agenda Computing's new VR3 PDA, and other Linux-based PDAs. "All these efforts are aimed at establishing PDA-Linux as a popular community phenomenon, supported by thousands of application developers worldwide, in hopes of creating a viable "open source" alternative to the proprietary -- though hugely successful -- PalmOS." Device review: Axis 2120 Network Camera (LinuxDevices). LinuxDevices is carrying this review of the Axis 2120 Network Camera. "The camera itself -- weighing in at only (approximately) two pounds, it's hard to believe that Linux lives in there." Tribes 2 Linux Preview (Duke of URL). The Duke of URL reviews Loki's latest entrant in the games domain: Tribes 2. "Loki has done an outstanding job with keeping up with the port, and I can't help but commend their efforts on this project. Still, there seems to be several issues with Mesa-based drivers currently, but there are many volunteers in the open source community currently working on this problem. However, until then, the NVIDIA cards are the only ones that work with decent speed." Hello Crusoe: New notebooks debut (ZDNet). ZDNet reports on new Crusoe powered notebooks that will be hitting the market soon. Most will come with Win2k, though at least one model will have a Win2k/Linux dual boot option. "Along with potentially expanding Crusoe's presence in the United States, the new machines exemplify major currents in Transmeta's overall strategy. For one, Transmeta and its PC manufacturers are clearly trying to occupy a high ground when it comes to design." InterviewsBuilding communities on the internet (Financial Times). The Financial Times talks with MandrakeSoft CEO Henri Poole. "Unlike much of the computer industry, Mr Poole believes that Linux is ready for the desktop. He says that he uses Linux for all his office work, mostly by using StarOffice, the office suite, recently bought by Sun Microsystems, that is similar to the popular Microsoft Office. Sun has now released StarOffice with an open source licensing scheme under the name OpenOffice." The 5 Faces Changing The Linux Desktop, Part 1 (LinuxOrbit). This interview with Shawn Gordon (of theKompany.com) is part 1 of a 5 part series covering the people who are changing the Linux desktop. "With the release of KDE 2.0 the bar has been moved higher, and GNOME is not sitting on its hands. GNOME's new graphical shell, Eazel 1.0 is due out very soon, and Ximian (formerly Helixcode) is releasing Evolution and Red Carpet to the huddled masses in the very near future. It's going to rock to use GNOME this year. KDE has already released KDE 2.1, which is more of an internal upgrade than anything else, and are already planning their next big move. It's going to rock to use KDE this year, too." MiscellaneousGame Arrives Only in Dreams (Wired). Here's a Wired News look at Indrema and the delays in the launch of its gaming console system. "And so far, Indrema does looks like classic vapor. The company has sidestepped each delay by promising a more and more elaborate system. Now, instead of a mere gaming system, the console will have to be nothing less than 'The Future of TV' to make some people wonder if the delay is worth it." Will penguins rule? Not any time soon (ZDNet). This article from ZDNet asks if the price differential between Linux and the upcoming Windows XP will be enough to sustain Linux growth on the desktop. "Although Linux's considerable system stability edge over Windows will die along with the 9x code base -- as anyone who's already moved to Windows 2000 can attest -- the low price of Linux will remain a significant advantage over Windows. An upgrade version of Windows 2000 Professional retails for $219, and the Windows ME upgrade sells for $109." Section Editor: Forrest Cook |
March 15, 2001 |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Announcements page. |
AnnouncementsResourcesLinux on a Laptop: Upgrading to 2.4.x. LinuxOrbit looks at the process of upgrading a laptop to the 2.4.x kernel. "When upgrading your system to a new kernel, always make backup of key files. This should include your source files in /usr/src/linux for your current working kernel. I recommend using the compression method. That means going to the /usr/src directory as root and using the command." CVS for the Developer or Amateur. Here's a tutorial on CVS, the Concurrent Versions System. Registration is required. O'Reilly Signed Book Giveaway. The Duke of URL is giving away 6 copies of O'Reilly's Evil Geniuses in a Nutshell signed by its author, Illiad. And they also have 8 copies of O'Reilly's The Cathedral and the Bazaar signed by author, Eric Raymond. Go to www.thedukeofurl.org/contests.shtml to enter the contest. Enter by March 21, 2001. Why go wireless?. LinuxLookup has an article on wireless networks. Installing and Using CPAN.pm. Linuxnewbie.org has a how-to article on CPAN.pm. "Quite simply CPAN.pm takes care of those piddling details which can make perl module installation so painful - it will find, ftp, decompress, install and make any module you want...". TOTW: More to Math Than Counting. This week LinuxLookup follows up on last week's 'wc' command with the GNU/Linux calculators bc and dc. LinuxUser issue 7 now available for download. Here's a list of files in LinuxUser issue 7, or you can download the PDF files here. EventsOMG Days Europe 2001. The last two Object Management Group (OMG) Information Days on "Enterprise Application Integration with CORBA and UML", organized by LogOn Technology Transfer, are this week: Helsinki, March 15, 2001 and Budapest, March 19, 2001. CeBIT lodgings. If you are looking for a place to stay while attending CeBIT (Hannover, Germany, March 22 - 28, 2001) there are some accomodations still available. MontaVista presents free seminars. MontaVista Software is hosting two free seminars on developing embedded applications with Linux. The first happens March 23, 2001 at the Bellevue Hilton in Bellevue, Washington. The second will be held March 27, 2001 at the Hotel Boulderado in Boulder, Colorado. OSDN and COMDEX to Present ``Open Source Answers for Business'' Conference At LINUX Business Expo. The Open Source Development Network (OSDN.com) and COMDEX are collaborating to produce the best LINUX Business Expo yet at COMDEX Chicago 2001, April 2 - 5 in Chicago. XML DevCon Spring 2001. Here's a press release with additional info about XML DevCon, April 8 - 11, 2001 in New York. Twin Cities Linux Solutions Conference. The 2001 Twin Cities Linux Solutions Conference, a Real Time Perspective, will be held at the Radisson South, Bloomington, MN on April 12, 2001. The Twin Cities Linux User Group (TCLUG) will be on hand to host an Install Fest. Linux@work in 12 cities in Europe in 2001. LogOn Technology Transfer is again organizing a series of Linux events throughout Europe called Linux@work. These 1-day, city-to-city events, will take place in 12 European venues in 2001, beginning May 8 in Copenhagen and ending June 15 in Amsterdam. The Internet Security Conference to Expose Hacking. The Internet Security Conference (TISC) will present ULTIMATE HACKING, an intense two-day, hands-on workshop conducted by Hacking Exposed author, George Kurtz, and the Foundstone security team. TISC will be June 4 - 8, 2001 at the Century Plaza Hotel in Los Angeles, California. 2001 USENIX Annual Technical Conference. The 2001 USENIX Annual Technical Conference will be held June 25 - 30, 2001 at the Marriot Copley Place Hotel in Boston, Massachusetts. Linux 2001 -- UK Linux Developers' Conference. The UKUUG (UK Unix User Group) Linux 2001 Developers' Conference will be held in Manchester from 29th June to 1st July. The call for papers is open now and will close March 30th. For those considering a trip abroad to visit this and other conferences, the organisers have a handy list of URLs for conferences with a UK/European bias. HAL 2001. Hackers At Large 2001: debating the future of the Internet, will be held August 9 - 12, 2001 at the campus of the University of Twente in Enschede, The Netherlands. EIC Chairpeople. The 2nd annual Embedded Internet Conference, will be held on August 14 - 16, 2001 at the Santa Clara Convention Center. They are looking for people to chair various discussion groups. Events: March 15 - May 15, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. Web sitesItalian Linux portal LinuxValley reorganizes. LinuxValley sent in a press release announcing recent updates to their site. The changes give this Italian Linux portal a decidedly professional look. User Group NewsLinux activity in Assen (Netherlands). On Saturday March 17, 2001 the Linux Users Group of HCC department Groningen will be present in Assen, from 10:00 until around 17:00. The meeting (free entrance) is in the usual location: De Schulp, Buizerdstraat 10, Assen. Programming in Perl. The Haifa Linux Club presents a Programming in Perl lecture series. The series will start on Monday March 26, 2001. The audience is not required to have previous knowledge of Perl, but a general knowledge of programming is considered mandatory. Bergen Linux User Group. BLUG sent us information about their next 2 meetings. On March 29, 2001 at 7pm in Stort auditorium, Høyteknologisenteret, Thormøhlens gate 55, Bergen, Norway, Vidar Madsen, author of GIMPressionist, a GIMP "painting generator" plugin, will lecture and demonstrate GIMPery. For the April meeting, to be held on Thursday, April 26 Alan Cox will be visiting, to lecture on Linux matters. LUG Events: March 15 - March 29, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. |
March 15, 2001 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software AnnouncementsHere are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways: The Alphabetical List and Sorted by license |
Our software announcements are provided courtesy of FreshMeat
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux History page. |
This week in Linux historyFive years ago: the second "NCSU Linux Expo" was announced. There were no specific speakers named, and attendance cost all of two dollars. Also announced was Red Hat 3.0.3. It included a bleeding-edge 1.3.57 kernel, RPM 2.0, and a number of other goodies. Three years ago (March 19, 1998 LWN): Bruce Perens resigned as the leader of the Debian Project. Said Bruce: I'm sorry it had to be this way, but I feel that my mission to bring free software to the masses really isn't compatible with Debian any longer, and that I should be working with one of the more mainstream Linux distributions. He never did end up working with a "more mainstream" distribution, though... Debian, meanwhile, went into code freeze for its 2.0 release. Eric Allman announced the creation of Sendmail, Inc., which would seek to make money from the sendmail system. The GIMP 1.0 release was delayed, not for the last time. Two years ago (March 18, 1999 LWN): Apple announced that parts of its upcoming OSX would be released under an open source license. Those parts, of course, were mostly the BSD core, which were already available under a free license. Apple, however, created its own "Apple Public Source License," which, after some tweaks, got the Open Source Initiative's seal of approval as "open source." Bruce Perens immediately objected, and posted a complaint, coauthored by Wichert Akkerman, and Ian Jackson. Richard Stallman also complained. The objections mostly centered around a notification requirement for changes, and a clause allowing Apple to revoke the license at any time. The Open Source Initiative responded with a note of its own: The OSI stands behind its endorsement, applauds Apple's vision, and confidently expects the APSL terms will serve as a model for the open-sourcing of other Apple technologies -- perhaps, indeed, for the open-sourcing of operating systems from other computer systems manufacturers now that Apple has taken the first groundbreaking step. The Apple issue eventually faded away - and the APSL certainly has not served as a model for too many other releases. But this event perhaps marks the beginning of a new phase in the open disagreement between the "open source" and "free software" camps - things only got uglier from there. Raymond's cozy relationship with big business has caused a rift with Perens, who has been vocal in his criticism of things he sees as detrimental to the philosophy of the free software movement, championed by such people as Richard Stallman of the Free Software Foundation.
Linux-Mandrake merged with the BeroLinux project. Conectiva Linux 3.0 was released. Linux Expo was putting out announcements again. The fifth (and last) Linux Expo featured Red Hat's Bob Young as the keynote speaker. One year ago (March 16, 2000 LWN): version 1.1 of the GNU Free Documentation License (FDL) was released. One year later, there does not appear to have been a great deal of documentation released under this license. XFree86 4.0 was released, finally. This release, too, has taken a long time to work its way into widespread use - but it's getting there. Trustix Secure Linux 1.0 was released, as was FreeBSD 4.0 and ROCK Linux 1.3.8. The first alpha release of Apache 2.0 was made available; one year later, the release is called 2.0.14 - but it's still an alpha release. Linus announced another pre-2.4 code freeze. This one, too, would prove rather soft, and the real 2.4 release was a good nine months away, still. Simson Garfinkel predicted a flood of Linux viruses: No, what's stopped the spread of viruses on the Linux platform isn't technology, but the lack of interest from the virus writers. Why write a Linux virus when the same skills will let you bring up a new web-site and become a millionaire in just a few weeks? But if the economy goes south, we're likely to see a suddenly bloom of viruses from out-of-work overachievers. If he's right, that virus flood should show up any day now.... |
March 15, 2001 |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Letters page. |
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. |
March 15, 2001 |
From: "Kapil H. Paranjape" (user: kapil host: imsc.ernet.in) Date: Mon, 12 Mar 2001 12:12:44 +0530 To: letters@lwn.net, greve@gnu.org Subject: Does free mean "free from" or "free to"? Hello, While there is a lot of discussion on the "free beer" versus "free speech" distinction along with the emphasis on free as in "freedom", there is perhaps not enough said about the *duties* that go with freedom. In High School civics (in India) the fundamental rights of people were always tied to the fundamental duties---there's that uncomfortable "d" word again. One of the duties that goes with free (mukta) software is that of climbing the learning curve. Users should be continually encouraged to step beyond the boundaries of their current knowledge---not sit tight in beautifully designed boxes of their favourite desktop/window manager/user interface. I have yet to see an interface that encourages such exploration the way (for example) adventure and nethack do at the level of games. When we emphasise the development of software that makes computers easy to use we should also beware that this should not lead to the "computer is a toaster" analogy that many proprietary vendors like to promote. Let us not bring more users into the free software fold by telling them that life is easier here--rather that there are more opportunities to use ones' abilities to the creative fullest. Unfortunately, as long there will be people willing to "take the easy way", there will also be a MicroSoft that leads them to a beautifully decorated creative dead-end. Kapil. | ||
Date: Thu, 8 Mar 2001 12:18:29 +0000 To: letters@lwn.net Subject: Mozilla Matters From: home@alexhudson.com RE: Luke Subert, 'Will Mozilla 1.1.1 be released in 2001?', 2/3/2001. How Mr Subert is able to talk of the 'slow pace of Mozilla development' defies belief. For anyone who has been using the software, the rapid advancement (particularly noticable recently with the 0.8 release) is obvious, and to further state that Mozilla 'will [not be ready] until [release] 1.1.1' is bordering on ridiculous. Can I ask if Mr. Subert has used Mozilla? It is now my primary browser, and I can say I am very happy with it. To further compare Mozilla to other browsers shows Mr. Subert's lack of actual usages of these products. Mozilla compares very well to Galeon (it should do, Galeon is based on Mozilla!), and already is more feature-rich than either Konq or Opera (no disrespect to those browsers). Further, Mozilla is being used in more and more projects (Galeon, as mention, SkipStone, as well as a host of Gnome projects using Mozembed, and countless others). Mozilla is in far wider use than Mr. Subert obviously recognises, and is not only complying with standards, but setting them also (witness XBL 1.0, for example). I suggest Mr Subert downloads the current 0.8 build of Mozilla (or perhaps wait for 0.8.1, or 0.9) and actually try it. Try building Galeon with it. I think he would be surprised. Let's get off the Mozilla teams' back, shall we? Try the software, it's actually really rather good :-) Kind regards, Alex Hudson. -- | ||
From: "Matt.Wilkie" <Matt.Wilkie@gov.yk.ca> To: editor@lwn.net Subject: RE: Free Software has forgotten release often? Date: Thu, 8 Mar 2001 17:47:13 -0800 > While free software has many advantages, many projects > seem to have forgotten the "release often" rule. Long > cycles for projects like Mozilla (4 years to the 1.0 > release) and GIMP (2 years between 1.0 and the next major > release of 1.2) leave ordinary users wondering just where > the added value of open source really lives. ??? There is a new release of Mozilla every day via the nightly tarballs if you like the leading edge, and if you prefer a little more stability, more or less quarterly milestones (now minor dot releases). I don't follow GIMP development as closely; I've only upgraded my installation four or five times in the last twelve months. Yes I wish Mozilla was "done". Yes I wish for a couple of new GIMP features (not that can think of many). However I'm quite willing to trundle along with not quite perfect versions while the coders sweating in the smithy bang away, folding the metal over a hundred times to build the best possible edge. Not that I'm above the occasional whiny "are we there yet?" ;-) The proprietary softwares I make my livelihood with have fairly regular "releases" about every 18 months or so. For minor programs it is standard policy to wait an extra 6 months to a year before forking out the dough ("never buy a .0 version"). For our major program (ArcInfo) we pay the multi-thousand dollar yearly support fees and get the latest and greatest. However we've been using the last major version for about a year, and we -still- haven't rolled it out into production use because it's too slow and crash prone. In my grumpy opinion it's still a beta version (feature complete but not stable or optimised) and should be labeled as such. So, version numbers can be a useful tool when wielded appropriately. Unfortunately too many major players in the industry play fast and loose with them so they don't really mean much anymore, if they ever did. -matt ----------------------------------------------------------------- These are my own opinions and do not necessarily represent my employer. ----------------------------------------------------------------- | ||
From: Anton Ertl <anton@a0.complang.tuwien.ac.at> Subject: What is a Linux Distribution? To: letters@lwn.net Date: Sun, 11 Mar 2001 10:34:57 +0100 (MET) To me a "Linux" system feels quite different from a plain NetBSD system (as well as out-of-the-box proprietary Unices), mainly because a typical "Linux" distribution is a GNU distribution and thus offers many practical commands and command features that non-GNU systems lack. And I use these features quite frequently, as I noticed when I worked on a NetBSD system: I had problems on most commands I entered, because I used some GNUicism (starting with bash features). OTOH, a proprietary Unix with lots of GNU packages installed feels much more familiar. Strangely, even tomsrtbt, which replaces many of the GNU tools with smaller programs, feels much more GNU/Linux-ish than other Unices do out-of-the-box. - anton | ||
To: letters@lwn.net Subject: Debian GNU/Hurd is a ``Linux distribution?'' From: Gordon Matzigkeit <gord@fig.org> Date: 08 Mar 2001 10:37:56 -0600 Greetings, However, we would not call NetBSD a "Linux distribution". Why not? Well, to start, the NetBSD folks might very well get offended, since they've been around a lot longer than Linux. You might also find some GNU folks who would be offended at having GNU called a ``Linux distribution,'' since they've been around a lot longer than Linux. Debian GNU/Hurd is free applications (many of which are officially GNU), running on the GNU C Library, on the GNU Hurd kernel servers, on a GNU variant of the Mach microkernel. That makes GNU at the very least two out of three of the core system components you described. People once argued that you could call something a ``Linux system'' no matter what its makeup, so long as it ran the Linux kernel. Now, it seems, the argument is that you can call it a ``Linux system'' if it shares any applications at all in common with systems that run Linux kernels (so long as it doesn't have BSD heritage). Rationale? To me, it's a problem of credit, and the unfortunate thing is that it's probably impossible to reconcile ``Linux camp'' and ``GNU camp'' notions of where credit should lie. This issue doesn't come up in proprietary systems, because there's a single vendor who owns the system, and says what the system is called. I see the GNU/Linux, and GNU/Hurd designations as a compromise to give both idealists and kernel hackers credit. Of course, there could be other groups who feel underrepresented, but they haven't been as vocal as the kernelists. Until I see a better naming proposal, that's the one I choose to use. BTW, thanks for your excellent coverage of Debian GNU/Hurd... it's a high compliment when what I read in LWN makes the issues clearer than being subscribed to the mailing lists. -- Gordon Matzigkeit <gord@fig.org> //\ I'm a FIG (http://fig.org/) Committed to freedom and diversity \// I use GNU (http://fig.org/gnu/) | ||
Subject: What about Domino? Date: Thu, 8 Mar 2001 16:15:23 -0500 From: "Sightler, Tom" <tsightler@zeusinc.com> To: <letters@lwn.net> I'm writing to point out what I believe to be an inaccuracy in the following statement on the Main Page of your March 8th, 2001 issue. You make the following statement: 'OpenMail is the only "enterprise ready," Exchange-compatible mail server product which is available on Linux. Its demise leaves an important corporate function with no Linux-based solution; all that's left is windows-based, proprietary systems - and not very many of those.' Unless there's been an anouncement that I've missed, Lotus Domino still fully supports running on Linux, as well as quite a few other platforms as well. They also support Microsoft Outlook 98/2000 with their iNotes Access for Microsoft Outlook product. I certainly think Domino qualifies as "enterprise ready" and offers many features that Exchange does not have. Domino supports all major internet standards such as SMTP, POP, IMAP, and LDAP so I don't really see how this makes them a worse choice than OpenMail (maybe you just liked them because they used sendmail). Some have critisized Lotus for supporting their server platform on Linux without providing a Linux client, but they do at least offer step-by-step instuction on setting up the Win32 client to run under Linux by using Wine, which is more than many companies do, and of course you can use any standard POP or IMAP client for basic email services. I did like OpenMail very much, but I think Domino on Linux still means that Linux has can server this very critical corporate function. Tom Sightler | ||
To: letters@lwn.net Subject: Source code From: Ketil Malde <ketil@ii.uib.no> Date: 09 Mar 2001 08:34:45 +0100 Hi In Leon Brooks' letter concerning the DVD-CCA's threats against Dr. Touretzky the issue of whether source code can be seen as a "device" - more specifically, a "circumvention device" - is raised. I think this issue may have bearing upon more than the DeCSS case, and that some exploration of the concepts involved could be fruitful. Clearly, source code in high level languages exists for the benefit of humans, not computers. Source code is only a means to express algorithms in a manner close enough to natural language that humans can understand them, yet precise enough to not be ambigous. The compiled, binary (machine) code, on the other hand, exist only so that together with the appropriate processor and other hardware, some task can be performed - in other words, the hardware and software form a "device". Or, to analogize: Source code is the floor plan, machine code is the building. Given the former and the right tools, you can construct the latter, which is actual useful. The interesting thing is that if this view is accepted, it seems source code might be a way out of a lot of problems for free software. For instance, I find it hard to accept that patents can apply to anything but the compiled program. The source code is just an exact description of the (patented) process involved, you need the compiled program to actually *perform* the process. If distributing source code is a breach of the patent, then so must distributing the actual patent text be, since it contains the same information! Surely I don't have to license a patent to read it? -kzm -- If I haven't seen further, it is by standing in the footprints of giants | ||
To: lwn@lwn.net Subject: LWN: perltidy From: Andrew Hilborne <andrew.hilborne@uk.concentric.com> Date: 12 Mar 2001 18:24:33 +0000 <RANT> Well, I like what perltidy did to dailystrips: dailystrips is a *real* mess and it _appears_ that perltidy didn't break anything... ..except: it wrote an output file by default. Happily it didn't overwrite the input file, which would have been the greatest of sins, but even this isn't good enough. Unix programs should obey the principle of least-surprise, and they should behave like filters by default. This makes them easier to stitch together in ways unthought-of by their authors, with the minimum of extra flags. (Another good rule is that an invocation with no flags should perform the "most common task." Eg look at pr(1).) While I'm at it, let me note that, to paraphrase someone from an old Bell Labs Journal, "Unix is a mute slave: it assumes you know what you're asking for and, so long as there are no errors when it does it, doesn't report anything back. This lets you, the user, get on with the next task as simply as possible. Many programs break this rule: the BSD Mail program started the trend, and GNU bc continues it. I'm sure you know all this stuff, but I wish those who don't would read, for example, "The Unix Programming Environment," by Kernighan and Pike. </RANT> -- Andrew Hilborne | ||
From: Eric <esr@golux.thyrsus.com> To: letters@lwn.net Subject: Thomas Hood's LTE Date: Thu, 08 Mar 2001 10:46:46 -0800 Thomas Hood's letter describing the goals of the open-source and free-software movements as "socialistic" is dangerously confused. "Promoting a social goal" is not the same as "socialism"; the key difference is whether cooperation is voluntary or not. In our community, cooperation is voluntary -- we don't force anyone to write or share software. Under socialism, if you do not choose to "cooperate", you will be oppressed, imprisoned, and quite possibly killed. The difference is important. -- <a href="http://www.tuxedo.org/~esr/">Eric S. Raymond</a> A wise and frugal government, which shall restrain men from injuring one another, which shall leave them otherwise free to regulate their own pursuits of industry and improvement, and shall not take from the mouth of labor the bread it has earned. This is the sum of good government, and all that is necessary to close the circle of our felicities. -- Thomas Jefferson, in his 1801 inaugural address | ||
From: andrew@pimlott.ne.mediaone.net (Andrew Pimlott) Date: Thu, 8 Mar 2001 13:51:38 -0500 To: Thomas Hood <jdthoodREMOVETHIS@yahoo.co.uk> Subject: Re: Stallman on Freedom and the American Way Thomas Hood wrote: > The GPL is socialistic in that it is designed to promote a social > goal You make with this statement both a marvelous insight and a terrific blunder. Your insight is that Free Software is above all a social mission: it seeks to create a community based on certain ideals (a utopia, if you will), into which anyone may enter. It does not (to a first approximation) seek impose change on any individual or state, beyond any natural outcome of voluntary choices. Anyone who doesn't appreciate this is encouraged to read the GNU Manifesto. Your blunder is to confound a "social goal" with "socialism". I am not prepared to enter into a debate on socialism, but it is generally considered a political movement, and so is inherently different from a social movement. You ascribe to socialism the tenet, "To each according to his need; from each according to his ability". But this is not espoused by the Free Software movement. Indeed, the Free Software movement is happy to give software to anyone, independent of need; and does not pressure anyone into contributing. It argues that, if you write software, making it free is the right thing to do; but this is very different. I challenge you to find a statement from RMS to the contrary. The Free Software movement does have a political aspect, I will not deny (the politial and the social can rarely be separated entirely); but I believe it is clearly overshadowed by the social aspect (and also by the philosophical and ethical aspects). Andrew | ||
Date: Sat, 10 Mar 2001 18:38:00 -0500 From: Steve Waldman <swaldman@mchange.com> To: letters@lwn.net Subject: Thomas Hood on "Stallman on Freedom and the American Way" In your March 8 2001 letters, Thomas Hood writes: I think we should be frank. There is no point in fighting a war of propaganda. There is no denying the accusation that one of the main aims of the free software movement is a socialistic one... The goal is to revolutionize the means of production of software and to establish a new mode of software distribution: To each according to his need; from each according to his ability. As a software developer who releases code under the GPL, I too think we should be frank. I, like may others in the free software community, am a filthy capitalist bastard, and offer absolutely no apologies for that. I hope and expect to derive from my work far more wealth than I in any sense need, by virtue of fully exploiting my own abilities. I participate in the free software community and release code under GPL out of a carefully calculated self-interest. Proprietary software licenses have created a distorted and inefficient market for the skills and services that I sell. In the proprietary software world, success derives largely from incumbency and interoperability requirements; from the ability to define and the wherewithal to enforce crafty licenses, contracts, and patents; from strategic connections and marketing reach; and (as Mr. Allchin's comments underline) from political influence. As a programmer, I am confident that I can compete successfully in fair contests with my peers based on skill. Thus, I am directly harmed by a situation where market power, rather than technical ability, determines how wealth is allocated in my industry. I am also harmed when, to use the tools prerequisite to my trade, I must cede rights over my own work to parties that may exact monopoly rent from me or my clients, or otherwise interfere with my full enjoyment of the fruits of my work. GPLing code serves my interest in several ways. A vibrant, copyleft free software community harms powerful incumbents who compete against me unfairly. Since what I sell is expertise at solving problems, not software that I have already been written, it harms me very little to make the code I write generally available. No matter how much free software there is, I am not concerned that the world will run out of software problems to solve. There would be some harm if my competitors had no-strings-attached access to my software tool-set while I was prevented from free (in both senses) access to theirs. Here the GPL makes for a fair bargain, a level playing field: you can use mine if I can use yours, under the same terms. Lastly, but importantly, making code widely available is excellent marketing, increasing demand for my services and the rates I can charge. There is no conflict between the RMS-style, copyleft free software movement and a very deep capitalism. In fact, the free software movement is just capitalism working well, destroying through competition inefficiency and corruption in the marketplace. If Thomas Hood and Jim Allchin (strange bedfellow, I'm sure) wish to emphaisize analogies to socialism in the free software movement, they are entitled to. But the socialism they see is in their own eyes; it has little to do with free software itself. respectfully, Steve Waldman swaldman@mchange.com | ||
Date: 13 Mar 2001 12:16:08 -0800 To: letters@lwn.net From: P Jones <pja@justice.com> Subject: Stallman's Alleged Hidden Agenda I wish to respond to Mr. Hood's false assertion that Richard Stallman has a hidden agenda, namely socialism, behind his Free Software Foundation. I have directly inquired of Mr. Stallman as to his position on this very issue. He told me pointblank that he believes in the free enterprise system. I have seen Richard accused of being a socialist/communist many times on various boards. This is not true, and he has denied it publicly, on Slashdot, to mention one forum. It wasn't until I read Mr. Allchin's remarks that I began to seriously wonder if there is an organized campaign to misrepresent Stallman's views, as in FUD. While I cannot speak authoritatively on this, obviously, my warning bells are going off and I think everyone else should be on the alert as well. I think it is important to respond and assert the truth. No one should be able to casually slander a man just for fun. Not for profit either. A public forum isn't the same as a private dinner party conversation, where any number of foolish things can be said, and often are, without serious consequence. But when you publicly defame someone, as Mr. Hood did, he ought to at least provide some proof of his opinion. He certainly did not do so. Nor can he, because what he wrote is not founded on truth, though he may not know it, having been himself influenced by what I now suspect is a campaign of vilification. Richard Stallman isn't a socialist. Period. There is no hidden agenda. If there is one thing that *can* be authoritatively stated it is that Richard Stallman has *nothing* hidden. His views are well known. He isn't a politician. He writes software. He encourages the use of and openly promotes free software, free as in speech. Selling the software is fine with him, and he does so himself. What Stallman wrote in response to Mr. Allchin's remarks on the American Way came from his heart. That is who he is and what he believes. To accuse him of lying, which is in essence what Mr. Hood wrote, is calumny, and you really ought not to have printed Mr. Hood's letter. It was irresponsible, in my opinion. Yours is not an open forum, like Slashdot's, where all kinds of idiotic comments can be posted (and are). Because you have editorial oversight of what is posted on your site, you are responsible for what is posted. I hope you will find a way to correct the error and that you will be more careful in the future. A man's reputation is a very precious thing. P. Jones <pja@nospamjustice.com> _________________________________________________ FindLaw - Free Case Law, Jobs, Library, Community http://www.FindLaw.com Get your FREE @JUSTICE.COM email! http://mail.Justice.com | ||