[LWN Logo]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests

 Main page
 On the Desktop
 Linux in the news
 Linux History

Other LWN stuff:
 Daily Updates
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials

We still haven't made our point. Over the last week, much has been said of Microsoft's new source policy for its Windows operating systems. Many seem to see it as a response to the rise of free software, and even the beginning of an "open source" policy on Microsoft's part. There is little, if any, truth in such speculation.

The new policy allows a small number of very large customers access to the Windows source. Of course, the usual sorts of nondisclosure agreements must be signed, including providing the names of all people who will see the source to Microsoft. But it goes beyond that - no modifications of any sort are allowed. Even if you find a bug, it will be illegal (or, at least, a violation of the license agreement) for you to fix it. With such rules, it would not be surprising if the source distribution lacked a key piece or two, making it impossible to build a new, working system.

This sort of source distribution is not particularly new. Your editor had access to the Vax/VMS source twenty years ago. The fact that it came in the form of a thick stack of microfiche pretty well insured that nobody would try to make changes.

But much of the commentary out there conveys the impression that Microsoft's offering is something different. For a fun time, check out this pronouncement from the Meta Group, which was published by News.com. The Meta Group styles itself as "a leading research and consulting firm, focusing on information technology and business transformation strategies," so one would presume that its output would make some sense. This particular offering, entitled "Microsoft co-opts open source approach," is, instead, a classic example of what comes out when you have no understanding of how free software works.

Consider this quote:

The advantage of providing Windows source code is that Microsoft enlists tens of thousands of software professionals in 1,000 or more of its biggest and best customers to help it test its key operating systems in their unique environments. This will create a flood of bug fixes, improvements and extensions that will flow back to Microsoft to improve those products.

How this "flood" will come about is unclear, given that modification of the source is not allowed. Those who would create all of these goodies will be working in violation of their license, and will be completely isolated from the Windows developers and from like-minded developers elsewhere. They will not be able to distribute their changes, or to benefit from the work of others. How productive, exactly, are these "tens of thousands of software professionals" going to be?

Reading further:

In our opinion, the Windows source code will inevitably end up on the Web--within six months or less--where thousands more hackers will start working on it, exposing weaknesses. This will help Microsoft improve its products further until they are bulletproof.

The source may well end up on the net somewhere. One might guess, however, given Microsoft's rather hard-line position on "piracy," that its reaction would indicate a distinct lack of amusement. In fact, it would probably make the DeCSS witchhunt look like a pretty mild affair. One can only hope that Gnutella and Freenet will be up to handling some seriously large files by the time this source escapes.

What will happen when these "thousands more hackers" start "exposing weaknesses" is unlikely to be pretty. People who find bugs in the Linux source issue press releases to the effect. But even looking at Microsoft's source will be a crime. Given Microsoft's crackdown on those criminals who were redistributing its security alerts, one can imagine that they will not welcome others "exposing weaknesses" by looking at purloined source. Prediction: those who find security bugs from Microsoft's source will not issue press releases. They will make their achievements known in rather less polite ways, and they will not provide patches to fix the problems.

It's not done yet:

In effect, Microsoft is co-opting the open-source approach. It is essentially recruiting the technical staff of its largest customers (and potentially even the entire hacker community) to help it create improved versions of its software that only it will have the right to distribute. This becomes the vehicle that will drive the technical community to its new model for software development and distribution.

The Meta Group thinks that "the entire hacker community" will have no problems with creating "improved versions" of software for the sole benefit of Microsoft. Somehow, thousands of talented engineers are going to do free work for Microsoft, while not being able to (legally) make use of their own enhancements, much less distribute them to others. These engineers, working in isolation without community, communication, or shared goals, are going to create the new software development model.

We don't think so. Read-only access to source for a small number of customers is not going to create a new software development model. And it has nothing to do with free software, or even "open source."

Despite their best efforts, people in the free software community still haven't managed to communicate to much of the world what is really going on here. The creation of great software requires openness, communication, and peer review. It requires that the developers get something back: credit, software that meets their needs, constructive criticism, and the ability to share what they have done. And, of course, it requires freedom. Those who live in the free software community can assume that everybody understands these things. It is sad to see how far from that understanding much of the world still is.

Harlan Ellison vs. the right to code. Speaking of freedom, those who have not yet seen it may want to have a look at Harlan Ellison's rant against those who post copies of his works on the net. And a rant it is; Mr. Ellison, to our knowledge, never published a story written entirely in upper case. Such restraint is not evident here.

Stylistic issues aside, Mr. Ellison is seeking to protect his rights to his work, as provided by copyright law. We wish him luck in that fight; he owns his work, and he should not have to accept its wide distribution on the net if that is not his wish. As LWN has said before, free software licensing, too, depends on copyright law.

Deep down in the article, however, you'll find this chilling statement:

With the second amended complaint, we were able to add a complaint for vicarious infringement against AOL for the development of the Gnutella file transfer protocol by its Nullsoft division. Gnutella is Napster without a central processing hub. By setting up a 'sting' operation, one of our investigators was able to track the infringement of several works by Harlan and Isaac Asimov using Gnutella. This presents interesting issues regarding the responsibility for the release of software which effectively pollutes the intellectual property environment.

If it becomes a crime to "pollute the intellectual property environment," then the freedom to program our computers is truly lost. Why does Mr. Ellison not go after the makers of scanners, optical character recognition software, ethernet interfaces, modems, disk drives, and other tools of "vicarious infringement"? What makes software special? Should the author of GNU "cp" start looking for a lawyer?

Mr. Ellison has shown himself to be a visionary writer over his career, but he now appears to be at a loss as the world changes around him. Distribution networks like Gnutella may well prove to be an important tool of freedom over the coming years. Nobody should have absolute control over the flow of information, after all. An attack on a creator of this sort of technology in the name of "vicarious infringement" is an attack on freedom. We urge Mr. Ellison to adopt a different set of tactics in this fight.

News from the Free Standards Group. After a period of relative quiet, the Free Standards Group has come out with a whole set of announcements. They include:

  • Version 1.1 of the Linux Development Platform Specification has been released. The LDPS provides a set of practices that will help in the creation of applications which are portable across distributions. It serves as a sort of stand-in until the real Linux Standard Base comes out - someday.

    LDPS 1.1 includes information on printing (though the sad fact is that it still has to recommend that applications use "lpr"), an expanded FAQ, information on POSIX threads (and how Linux diverges from that standard), and more.

  • Version 2.2beta of the Filesystem Hierarchy Standard (FHS) has been announced. The FHS specifies where files should be placed in a compliant Linux distribution; it deserves a lot of credit for bringing about a degree of coherence as the distributors move closer to compliance. The beta period for FHS-2.2 lasts through the end of March; if you have comments, now is the time to get them in.

  • The FHS is a lengthy document, but it's just one chapter of the Linux Standard Base, the overall standard we have been expecting for, well, some time. Things have been quiet on the LSB front, but that doesn't mean that nothing is going on; LSB-0.6.2 was recently released. The group hopes to have a 1.0 version out by the end of the year.

  • The LSB also has a new leader. Daniel Quinlan has stepped aside, and George Kraft will be the new chairman of the LSB project. Daniel has led the LSB through a long and difficult process, and he deserves a great deal of credit. Happily, he's not going too far away; he'll still be working with the Free Standards Group, and with the FHS and LDPS standards as well.
All of the above events show a project that is finally coming to fruition. The wide variety of Linux distributions is one of the system's strengths, not a weakness. Nonetheless, a set of standards which promote portability across distributions is very much needed. It is good to see that those standards are coming together at last.

Inside this week's Linux Weekly News:

  • Security: TCP/IP initial sequence number randomization flaws, new vulnerabilities in icecast, XFree86, sgml-tools, slrn, Zope, Mesa, timed, rwhod, and the FTP File System.
  • Kernel: SCHED_IDLE; making the kernel preemptable; changing the kernel configuration system.
  • Distributions: Critera for the LWN Distributions List, Midori, FlightLinux, WinSlack, and more.
  • On the Desktop: Talking with Eazel about Nautilus 1.0.
  • Development: Savannah, MySQL to Oracle, OpenNMS progress, Bio languages, LISA 0.5a.
  • Commerce: The sad story of Linuxgruven; EuroLinux on software patents.
  • History: Attend Linux Expo for $2; Bruce Perens quits Debian; where is that flood of Linux viruses?
  • Letters: Does Mozilla release often enough; free software != socialism.
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:

March 15, 2001


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Security page.


News and Editorials

TCP/IP initial sequence number weakness. Now, before you read this article, note that we tend to have a slight bias against vulnerability reports that show up first in the media, rather than in technical/security forums (where we think they belong). That said, this week Computerworld published a story on a "security weakness in TCP/IP".

In the article, Guardent, a Waltham, Massachusetts-based security firm, claimed to know of a security flaw in TCP/IP whereby TCP initial sequence numbers that were supposed to be randomized were actually guessable, and could be used to hijack sessions or spoof connections. The company also declined to give additional details, which made evalution of their claims a bit difficult.

However, it appears that Guardent did go on to share their "copyrighted research" with CERT, who in turn has validated the existence of the weakness in this vulnerability note. This note still does not confirm what operating systems are vulnerable, though it has been hinted that Linux might be one of several.

Underlying the weakness is the question of whether a given operating system has implemented RFC 1948 ("Defending Against Sequence Number Attacks") properly. Potential security issues if this was not done have been known since the mid '80s.

Perhaps we should be grateful for Guardent's work to sensationalize this issue, if it results in every operating system auditing its TCP/IP implementation and making needed corrections to it. Nonetheless, the mixture of copyrighted research, secrecy and press exploitation are a bit nauseating. Meanwhile, there do not seem to be any published exploits for this problem as of yet. That makes waiting for vendor advisories and updates a bit more palatable.

Carnivore by any other name ... (ComputerWorld). Carnivore, the FBI's program for "monitoring" email communications of suspected criminals, was reviewed by outside consultants at the instigation of the Justice Department. One of the recommendation of those reviewers was that the name of the program be changed. So we're sure you'll all be much happier about the existence of DCS1000, the program formerly known as Carnivore. Given their choice of a cryptic, non-informational name, we'll take a hefty bet that the moniker "Carnivore" will stick, whether they want it to or not.

Meanwhile, there's no new information on any substantive changes to Carnivore or previous efforts to get them to Open Source the code.

Bad News for Snoops (ZDNet). There's a bit of news about the UK's passage of part three of the United Kingdom's RIP law, or Regulation of Investigatory Powers Act, in this ZDNet article, but the primary focus is on m-o-o-t, which is designed to protect UK citizens from possible abuse of the new laws by the British government. "The self-contained software will be shipped on a bootable CD. User data and mail will be encrypted and stored in offshore data havens, bypassing local storage. Untraceable e-mail and telephony are also in the works".

Security Reports

icecast buffer overflows. This week, several buffer overflows in icecast were reported. As a result, icecast 1.3.9 and 1.3.10 have been released in the past week. Icecast 1.3.9 is chock full of security fixes; icecast 1.3.10 contains additional fixes, but the website does not make a note of whether or not those fixes are security-related. In addition, icecast format string vulnerability reported in the January 25th LWN Security Summary has finally been officially repaired. As a result, this upgrade is strongly recommended.

XFree86 nextaw/xaw3d/xaw95 temporary file issues. Bug fixes for temporary file problems with the AsciiSrc and MultiSrc widget in the Athena widget library are now available to resolve situations where temporary files are handled incorrectly.

sgml-tools temporary file issues. Versions of sgml-tools prior to 1.0.9-15 are reported to handle temporary file creation insecurely. An upgrade to 1.0.9-15 or later is recommended.

slrn buffer overflow. A buffer overflow in the slrn newsreader was found and reported by Bill Nottingham. Check the Debian advisory for more details.

Zope 'aq_inContextOf' method access validation vulnerability. An access validation error in the 'aq_inContextOf' method can be exploited to gain access to Zope objects that should be denied, though they comment that a Zope expert would be required in order to succeed. Zope 2.3.0 alpha, beta and final versions and Zope 2.3.1 beta 1 are all affected. A hotfix has been issued to fix the problem until Zope 2.3.1 beta 2 is released. Applying the hotfix is recommended.

Caldera-specific IMAP/POP vulnerability. Caldera issued an advisory concerning several buffer overflows in imap, ipop2d and ipop3d, which are normally not exploitable, because they could only be used to get access to processes already owned by the uid of the attacker. However, a configuration problem makes it possible instead to gain access to the 'nobody' account and execute arbitrary programs. Updated packages are provided.

mailx buffer overflow. A buffer overflow has been found in /bin/mailx which, if the program is installed setgid, can be exploited locally to gain access to the gid of the binary. No fix for this problem has been reported. The best workaround currently available is to remove the setgid bit, which will still allow it to be used to send mail, but will severely limit other functionality on systems that require group mail for writing to the mail spool directory.

Mesa temporary file link vulnerability. A temporary file link problem has been reported in the Mesa 3-D graphics library by Ben Collins. Linux-Mandrake has issued updated Mesa 3.3 packages with a fix for the problem. Note that Mesa 3.4.1 was released on February 15th, but no mention of a fix for a temporary file link problem is mentioned, so presumably it is impacted as well.

timed denial-of-service vulnerability. FreeBSD has issued an advisory regarding a denial-of-service vulnerability in timed. The timed server crashes when sent malformed packets. Both a patch and updated packages are provided for FreeBSD. This problem is not specific to FreeBSD, but has not been confirmed on other BSD or Linux systems.

rwhod denial-of-service vulnerability. FreeBSD also issued a similar advisory for the rwhod demon.

FTP File System buffer overflow. FTP File System is a Linux kernel module that allows FTP repositories to be mounted locally as VFS file systems. A buffer overflow in FTPFS was reported this week by Frank Denis. The author has been notified. FTP File System 0.2.1 was released yesterday, March 14th. Although it does not reference the security report, the description for the update does say, "Sanity checks on mount parameters were added to prevent overflows", so it might be presumed that the new version resolves this problem.


ePerl buffer overflows. Check the March 8th LWN Security Summary for the initial report.

This week's updates:

Previous updates:

mc binary execution vulnerability. Check the March 8th LWN Security Summary or Bugtraq ID 2016 for more details.

This week's updates:

Previous updates:

Zope security update. Digital Creations released a security update to Zope (all versions up to 2.3b1) fixing a security vulnerability in how ZClasses are handled the week of March 1st. An upgrade is recommended.

This week's updates:

Previous updates:

joe file handling vulnerability. Check the March 1st LWN Security Summary for the initial report.

This week's updates:

Previous updates:

sudo buffer overflow. Check the March 1st LWN Security Summary for the original report.

This week's updates:

Previous updates:

XEmacs/gnuserv execution of arbitrary code. Check the February 8th LWN Security Summary or BugTraq ID 2333 for details. gnuserv 3.12.1 resolves the problem and is included with XEmacs 21.1.14.

This week's updates:

Previous updates:

Multiple glibc vulnerabilities. Multiple glibc vulnerabilities have been reported in recent weeks in glibc. Since glibc updates generally address all the problems, rather than one specific problem, the update report for them has been combined. For the original reports, check the January 18th, 2001, LWN Security Report under the topics "glibc RESOLV_HOST_CONF preload vulnerability" and "glibc local write/ld.so.cache preload vulnerability".

This week's updates:

Previous updates:

Borland InterBase backdoor. Check the January 18th LWN Security Summary for the initial report. This is the first related advisory we've seen, but note that InterBase is not shipped by default with most distributions.

GNU CFEngine format string vulnerability. Root access can be obtained on a local system by exploiting CFEngine's use of syslog and its related format string vulnerability. Check the October 5th LWN Security Summary for more details.

This week's updates:

Previous updates:

esound tmpfile link vulnerability. Check the September 7th LWN Security Summary for the original report of this problem from FreeBSD.

This week's updates:

Previous updates:


Minor Bastille testing update. Bastille Linux 1.2.0.pre11 was released this week, the latest in the testing series for this distribution.

KNARK rootkit analysis. Toby Miller has made available his analysis of the KNARK rootkit. "In the past if a box had a rootkit installed, an administrator could comb through the binaries and find traces of the rootkit. Not so in this case. The KNARK rootkit actually hides within the kernel making this rootkit almost impossible to find and analyze. How is this being done? Well, attackers are able to do this by using Loadable Kernel Modules (LKM)."


Registration for the 2001 FIRST Conference now open. Registration for this year's FIRST conference is now open. The conference will take place June 17-22, 2001, in Toulouse, France.

Upcoming security events.
Date Event Location
March 26-29, 2001. Distributed Object Computing Security Workshop Annapolis, Maryland, USA.
March 27-28, 2001. eSecurity Boston, MA, USA.
March 28-30, 2001. CanSecWest/core01 Network Security Training Conference Vancouver, British Columbia, Canada.
March 29, 2001. Security of e-Finance and e-Commerce Forum Series Manhattan, New York, USA.
March 30-April 1, 2001. @LANta.CON Doraville, GA, USA.
April 6-8, 2001. Rubi Con 2001 Detroit, MI, USA.
April 8-12, 2001. RSA Conference 2001 San Francisco, CA, USA.
April 20-22, 2001. First annual iC0N security conference Cleveland, Ohio, USA.
April 22-25, 2001. Techno-Security 2001 Myrtle Beach, SC, USA.
April 24-26, 2001. Infosecurity Europe 2001 London, Britain, UK.
May 13-16, 2001. 2001 IEEE Symposium on Security Oakland, CA, USA.
May 13-16, 2001. CHES 2001 Paris, France.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Liz Coolbaugh

March 15, 2001

LWN Resources

Secured Distributions:
Astaro Security
Engarde Secure Linux
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux

Security Projects
Linux Security Audit Project
Linux Security Module

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Yellow Dog Errata

BSD-specific links

Security mailing lists
Linux From Scratch
Red Hat
Yellow Dog

Security Software Archives
ZedZ.net (formerly replay.com)

Miscellaneous Resources
Comp Sec News Daily
Security Focus


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Kernel page.

Kernel development

The current kernel release is still 2.4.2. The current 2.4.3 prepatch from Linus is 2.4.3pre4, which contains a small collection of important fixes (and an item marked "Alan Cox: continued merging," which could cover a lot of stuff).

Alan Cox's prepatch is up to 2.4.2ac20, and it is rather larger. It includes a fair amount of more ambitious changes, some of which have ominous tags like "hopefully fix the buslogic corruptions."

There have been no announced 2.2.19 prepatch releases over the last week, though 2.2.19pre17 was quietly dropped onto the FTP site on March 11.

SCHED_IDLE, again. It was a relatively slow week on linux-kernel, so perhaps it's fitting that one of the topics that came up was the old idea of a SCHED_IDLE scheduling class. A SCHED_IDLE process would run only if no other process wanted the CPU. This behavior is different from the usual Unix behavior; normally, even very low-priority processes will get a little bit of CPU time. A true SCHED_IDLE class would allow you to run that compute-intensive pig latin song title encoding code without it getting in the way of those all-important kernel builds.

The problem with SCHED_IDLE hasn't changed, though. Even idle tasks occasionally need kernel resources. It is possible for an idle task to obtain an important kernel lock or semaphore, then get blocked out of the CPU by a regular task. At that point, the system can hang; the idle task can not run to release its resources, so everybody else just has to wait.

This is a variant of the classic "priority inversion" problem, where a low-priority process can monopolize resources needed by higher-priority tasks, and keep them from executing. Priority inversion can be a serious problem, especially if the system involved is on Mars at the time. But even terrestrial applications need to avoid situations that can cause this problem. For this reason, a true idle task has never been incorporated into the Linux scheduler.

This time around, the observation was made that processes rarely, if ever, hold important kernel resources when running in user space. In other words, locks and semaphores are only held while the process is running in kernel mode. So the usual sort of solution to priority inversion problems - complicated priority inheritance schemes and such - is overly complex for this situation. It should suffice to remove the idle task attribute from processes running in the kernel. Jamie Lokier posted a simple hack which implements this behavior on x86 systems.

Such changes are 2.5 material, of course, so it may be some time before we know if some form of this patch will go in or not. Linus has been hostile to the SCHED_IDLE idea in the past, and this fix may not be adequate to address his concerns. Nonetheless, it's a step in the right direction; Linux may yet have an idle task implementation.

Preemptable kernel patch. With little fanfare, Nigel Gamble (who works at MontaVista Software) posted a patch to the 2.4.2 kernel which makes the Linux kernel preemptable. Normally, the kernel follows longstanding Unix tradition in that kernel code can not have the processor taken away from it. When the system is running in kernel mode, the code will run until it voluntarily gives up the processor, or until it returns to user mode. The one exception to this rule is hardware interrupts, but very little work is supposed to be done by interrupt handlers.

This mode of operation has traditionally been convenient for kernel programmers, since it reduces the amount of concurrency (and, thus, race conditions) that they have to deal with. It also tends to increase latency, however; the amount of time it takes the system to respond to an event can increase. Thus, your sound card may be crying for more data, but if some other piece of kernel code is hogging the processor, the sound card will have to wait. In many situations, this sort of latency can cause problems.

The solution is to make the kernel preemptable, so that a higher-priority process can run even if the system is running in kernel mode. Once upon a time, this would have been a very large change, given the whole new set of concurrency issues that would have to be dealt with. But multiprocessor systems have all the same concurrency issues, and the kernel hackers have been forced to deal with them. At this point, adding preemption to the kernel adds very little in the way of problems.

So, Mr. Gamble's patch is surprisingly small. There are some scheduler changes, of course, to make the preemption happen. There is also a bit of code which disallows preemption anytime that the kernel code holds a spinlock. This is necessary for a number of reasons: spinlocks should be held for very short periods, so code which holds one should be allowed to run to completion. Spinlocks exist to prevent certain types of concurrency; a preemptable kernel patch should not defeat that purpose. Finally, preempting code which holds a spinlock could deadlock the system if another thread in the kernel attempts to obtain the same lock on the same processor.

This patch is not 2.4 material, of course; a change of this magnitude has to wait for the next development series. But Mr. Gamble has shown that this change is relatively straightforward; it would be surprising if some variant of this patch didn't show up early in the 2.5 series.

Is it time for a massive configuration variable renaming? Keith Owens thinks so, and has posted a patch which changes the name of every configuration variable that is automatically derived from other configuration variables. There are advantages to knowing which variables can not be changed directly by the user; this patch makes that knowledge explicit by appending a _DERIVED extension onto each such variable.

Now, anytime you post a patch which changes 130 variables and touches 553 source files, you're going to raise a few eyebrows. Doing so in a stable kernel series doesn't help, either. So it's not surprising that this patch attracted some complaints. These varied from the usual "it's unnecessary" or "wrong solution" variety through this query from Eric Raymond, who is under the impression that his CML2 configuration scheme will be adopted in 2.5, and is thus wondering why people are bothering to mess with the older scheme.

In fact, nobody came out in support of the proposed change. This patch would appear to be doomed. Hopefully the 2.5 kernel series really will see a replacement of the kernel configuration system; at that point, a lot of things will get easier.

Actually, things have been somewhat quiet on the CML2 front for a while; Eric has pronounced it ready, and is mostly just waiting for it to be incorporated into the development tree. There has been one bit of progress, however. Back in November, the CML2 system was examined on this page; one of the things we noticed is that the CML2 compiler took an awfully long time to run. Eric finally looked into the performance side of things, and found something interesting: the compiler took 28 seconds to run on his system, and 26 of those were spent in the automatically-generated expression parser code. One might just conclude that there is some room for optimization there.

And, in fact, after recoding the parser by hand, Eric reported that the compiler's execution time had been cut in half. 2.5 kernel configuration is not going to have to be slow after all.

Other patches and updates released this week include:

  • Geert Uytterhoeven submitted a patch fixing up the frame buffer penguin logo code. Among other things, the penguin has, once again, lost its glass of beer. If the new logo looks rather grumpy, you'll know why...

  • Rik van Riel has been on a mission to add documentation to the memory management code. He's put out a patch fixing up mm.h, mmzone.h, and swap.h. More is apparently coming, eventually.

  • Ulrich Windl has posted his PPSkit (nanosecond timekeeping) patch, ported to the 2.4.2 kernel.

  • Daniel Phillips has reworked his ext2 directory index patch to work with the Linux page cache, rather than the buffer cache. Once again, he provides a detailed and interesting writeup of what he had to do to make it all work. The page cache version is about twice as fast as the older, buffer cache version.

  • IBM has released version 2.0 of its "dynamic probes" debugging facility.

Section Editor: Jonathan Corbet

March 15, 2001

For other kernel news, see:

Other resources:


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Distributions page.

Lists of Distributions
Woven Goods

Embedded Distributions:

BluePoint Embedded
Compact Linux
Embedded Debian
Hard Hat Linux
OnCore Systems
RedBlue Linux
Royal Linux
White Dwarf Linux

Familiar (iPAQ)
Intimate (iPAQ)
Linux DA

Secured Distributions:
Astaro Security
Engarde Secure Linux
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux

Coyote Linux
Fd Linux
Fli4l (Floppy ISDN/DSL)
Linux in a Pillbox (LIAP)
Linux Router Project
Small Linux

BBLCD Toolkit
Crash Recovery Kit
innominate Bootable Business Card
Linuxcare Bootable Business Card
Sentry Firewall
Timo's Rescue CD
Virtual Linux

Zip disk-based

Small Disk
--> Peanut Linux
Relax Linux

Bambi Linux
Flying Linux

ARM Linux
Scyld Beowulf
Think Blue Linux
(Oracle's NIC)
NIC Linux
Black Lab Linux
Yellow Dog
(Older Intel)
Monkey Linux

DOS/Windows install
Armed Linux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools


Please note that security updates from the various distributions are covered in the security section.

News and Editorials

Criteria for the LWN Distributions List. Occasionally we get asked about the criteria we use for adding or removing distributions from the Distributions Lists that you see in the left and right-hand columns of this page. Usually, the request comes from someone who has a distribution that they would like to see listed. So far, we haven't turned anyone down.

The criteria for the LWN Distributions list have evolved organically over the years. This is our first attempt to codify those criteria and likely will be a bit buggy in its first draft.

Distributions Critera:

  • The author/creator wants the distribution to be listed. We may also add a distribution to the list based on a reader tip or our own research. We would remove a distribution from our list upon the request of the author/creator. An exception to this would be if the creator was no longer involved and the project had continued without them. Just a matter of courtesy.

  • Non-Linux, open-source operating systems. Even though we report news from the Debian GNU/Hurd development, as well as FreeBSD, NetBSD and OpenBSD, we do not include them in our lists. A separate list for Free Software operating systems that aren't Linux would be a fine idea and is actually likely to pop up someday.

  • It isn't a distribution if it isn't distributed. Anytime someone takes a distribution and modifies it for their personal use, that could be considered a "new" distribution. However, if they don't distribute that modified version, then they are not "distributors" and the modified package does not go onto our list.

    The line is a bit murkier in large institutions, where tailored/modified versions are widely distributed internally. For our purposes, however, we'll only consider packages that are distributed outside of the company or organization.

  • We require a working URL for the project. Nothing in the GPL requires that the Internet be used as a distributions channel. A distribution that is freely available on floppy, if you send in a check and a Self-Addressed-Stamped-Envelope, is a legal distribution. However, if we don't have a URL that at least describes the mechanism for getting a copy of the distribution, then putting the distribution on our list is essentially useless; the name itself provides little useful information. A URL is required to give our readers a starting point for more research.

    As a corollary to this, of course, we remove distributions from the list if/when we no longer have a valid URL for them. Actually, we'd prefer to get a note from the author announcing the demise of the project -- a URL can sometimes be inactive temporarily, so removing it because it isn't functioning today could be premature. Informally, our policy is to be very conservative about removing links. Internally, we store the dead URLs indefinitely. Externally, we remove them from the list once they've been inactive for at least three months. A distribution will be removed from the list more quickly if we receive official notification.

    The truly compulsive of you (and we know you're out there) may have even noticed that we've removed several links in the past few weeks -- just enough so that even though we've added new distributions as well, our January total of 188 distributions on the list still stands, at least momentarily.

That's pretty much all there is to it. It was interesting this week to notice Evan Leibovitch's "Why Linux is like a Pizza" article this week, which nicely ties into this editorial. His description of the "Mettle" Linux distribution is a good example of a legal Linux distribution that won't make it onto the LWN Distributions list, because it is not distributed, it is only used internally at his company, Starnix.

Besides, the analogy of Linux to a pizza is a fun way to explain the proliferation of Linux distributions. "Does anyone ever fret about pizza recipes 'forking' because some new restaurant does it a little differently? Does the existence of well-known national brands like Pizza Hut and Domino's affect the popularity of Pizzeria Uno -- or of my personal favorite, Pendeli's in Montreal? Of course not." Note that the Linux/Pizza analogy had its source in this LinuxToday commentary by Brandioch Conner.

Tying in well with our discussion last week, Dominic Mitchell pointed out that Tim O'Reilly's Linux Anatomy poster does a much more complete job of describing the structure of Linux than the simple one we used last week. Now to get a poster or two of our own ...

Midori Linux from Transmeta. Midori Linux is a new embedded Linux distribution added to our list this week. This announcement made a slightly bigger splash than usual because Midori is Transmeta's Linux distribution, in use for some time, but formally announced this week. Any time Transmeta is mentioned, the press generally leap forward to drag in the fact that Linus works for Transmeta. This time was no exception, with Wired News commenting almost immediately on the potential conflict of interest.

What conflict of interest? Linus originally chose his job at Transmeta, according to wide report, partially in order to not choose sides amongst the early pioneers, Linux companies that based their revenue on packaging and shipping Linux. Of course, he also chose the job because he was interested in the work, liked the company, was willing to move, his wife said it was okay, and all the other hundreds of reasons that are involved when anyone chooses a new job.

Now the company he is working for is releasing a Linux distribution. Does that mean that Linus has finally chosen a side? Will this bias his work on the Linux kernel in favor of Midori and against other established Linux companies? Not at all. The landscape has changed since then. When there were only a few players in the field, the possible association of Linus with any one of them could have caused an instant branding, making the Linux distribution from that company the "real" Linux, the "only" Linux, etc. Now that we've got hundreds of them, the announcement of Midori is simply that, the announcement of a new embedded Linux distribution, bring our total of Linux embedded distributions to 27.

In addition, Midori Linux is aimed at a very small niche, doesn't run on your average PC or server and just is not designed to become "The Linux". So it made a good sound bite, but it's just the usual media frenzy. Meanwhile, you're encouraged to check out the site -- they did an excellent job and we like the artwork.

New Distributions

FlightLinux. FlightLinux is another new embedded distribution, this time based on Blue Cat Linux. The goal of FlightLinux is to develop a real-time based version of Linux for use aboard spacecraft. Newsforge put out an excellent article about FlightLinux, including interview material from talking with Pat Stakem, originator of the FlightLinux project and "senior staff engineer for the QSS Group, a high-tech contractor that counts NASA and other government agencies as its biggest clients."

Note that we're grabbing our distributions very young these days -- FlightLinux has not yet made it to its 0.1 release. Looks like a lot of fun, though.

WinSlack. WinSlack 1.0 was announced on March 2. Based on Slackware, WinSlack provides a GUI environment meant to duplicate the basic functionality found on Microsoft desktops. The project originated from the need to provide a workable operating system for computers donated to charity. The computers are reconfigured and, due to licensing issues, the original operating system is removed and replaced with WinSlack.

At that point, they are ready to be used by underprivileged and low income families. Kudos to the WinSlack team for their work in this area. Note that the modifications they've made, from their experience of what was necessary to make the systems more useable for their end customers, should be reviewed by any distribution trying to make Linux more user-friendly.

Scyld Beowulf. We've covered news about Scyld Beowulf several times in the past, on our front page and commerce page, but somehow we managed not to cover it on the distributions page until now. Thanks to Ray Jones for writing and pointing out the omission.

Scyld Beowulf is the Linux distribution put out by Scyld Computing, the company started by Donald Becker. Donald is the guy who first strung together a rack full of Linux systems and called it "Beowulf." He is also, incidentally, the author of a vast number of network drivers in the kernel.

Telemetry Box Distribution. We mentioned the Telemetry Box Distribution back in January, just after their announcement of the Telemetry Box Distribution 1.0. Dirk Manske pointed out, however, that we failed to include it in our list. Sorry for the oversight - it has been added.

For those that missed the original report, the Telemetry Box distribution bundles Open Source diagnostic software with Debian GNU/Linux to provide a distribution tailored for use in telemetry projects; that is, projects that "gather information from servers, preprocesses the information and then either directly displays or forwards the information via a secure link for further processing".

Distribution News

Caldera News. Caldera Systems has announced that its latest OpenLinux server release has gone into an open beta test period. It's called "Project 42," and it features things like the 2.4 kernel and a full set of server software.

Debian News. Debian 2.2r3 is in the works. This is a minor "point" release for Debian 2.2. Debian's point releases include all security updates since the previous release, making it possible to provide a stable and secure set of packages from which to burn new Debian CDs.

The next Debian Bug-Squashing Party will be held this weekend, March 16th through the 18th.

This week's Debian Weekly News focuses on security enhancements to Debian's package system, notably improved package signature handling and support for signed releases.

RedBlue Linux News. LinuxDevices reported this week on the Chinese Linux PDA solution based on the RedBlue embedded Linux distribution, which will be demonstrated at CeBit. "The Chinese Linux-based iPAQ solution includes: RedBlue embedded Linux operating system, RedBlue/Palmlike windows launcher, FLTK GUI application framework, PIM applications, power management, Internet access, an MP3 and MPEG player, picture viewer, fax, email, Chinese handwriting recognition, synchronization from IrDA and USB, ViewML web browser, games, and a file manager based on the RedBlue/Palmlike environment".

NIC Linux News. NIC Linux Version 2.0, a new version of the Linux distribution that runs on Larry Ellison's ThinkNIC Internet appliance, was announced this week. Enhancements in the new version include support for the latest Real Player and Macromedia Flash players, improved support for broadband and dial-up ISP connections, improved performance and reliability (translation: bugfixes), a new graphical boot-up and Netscape 4.76.

Coyote Linux News. From the Coyote Linux website, we found a link to this video by Mark Hagan on "How to build a Ghetto Router". The router is based on Coyote Linux.

Virtual Linux News. Virtual Linux, the Linux-Mandrake-based distribution tailored to run off of a CD, has found at home at Sourceforge, so it has been officially added back onto our list. They also released Virtual Linux 0.8 Rc0, which tests out a new KDE, and includes performance enhancements, vfat swap file support and more.

Distribution Reviews

SuSE Linux 7.1 -- 2.4.0 Kernel And More (Byte). Byte reviews SuSE 7.1. "I decided to install this SuSE distribution to ensure that my Internet server had access to all the latest security fixes, especially a bug-free version of Bind. I wanted a 2.4 kernel, with the journaling and without the previous 2-gigabyte file-size limit. What I ended up with was a development environment par excellence." (Thanks to Robert Graziani).

Review: Turbolinux Workstation Pro 6.1 (DukeOfUrl). The Duke of URL reviews Turbolinux Workstation Pro 6.1. "Installing TurboLinux is a snap. Like Slackware and Debian, it uses a text-based install routine, bucking the trend of the graphical installion tools found in many Linux distributions. Although it can be perceived by many to be behind the times, it did get the job done very effectively and with a minimum of mouse clicks."

Section Editor: Liz Coolbaugh

March 15, 2001

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.

Caldera OpenLinux
Debian GNU/Linux
Red Hat

Also well-known
Best Linux
Conectiva Linux

Rock Linux

Non-technical desktop
Icepack Linux
Redmond Linux

Boston University
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
Complete Linux
Console Linux
Corel Linux
Darkstar Linux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
HA Linux
Halloween Linux
ix86 Linux
Lanthan Linux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
Linux Pro Plus
LNX System
Lute Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
Project Ballantain
Rabid Squirrel
Root Linux
Serial Terminal
TimeSys Linux/RT
Tom Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WinLinux 2000

GNU/Linux Ututo
Definite Linux
Red Flag
Linux Esware
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
MCC Interim Linux
Storm Linux


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's On the Desktop page.

Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Office Suites
Ability (*)(w)
Anywhere Desktop (*)
(formerly "Applixware")
GNOME Office
StarOffice / OpenOffice
Siag Office
WordPerfect Office 2000 (*)(w)

Java / Web Office Suites
ThinkFree Office (*)
Teamware Office (*)
Cybozu Office (*)

Desktop Publishing
iceSculptor (*)
Maxwell Word Processor
Mediascape Artstream (*)

Web Browsers
Netscape (*)
Opera (*)

Handheld Tools
Palm Pilot Resources
Pilot Link

On The Desktop

Eazel releases Nautilus 1.0 and adds Text Tools, a text view search service.    Andy Hertzfeld, Software Wizard and Founder of Eazel, sees the desktop as a [Nautilus] graphical shell, something as powerful as the command line loved by hackers but with a graphical front end that made it accessible to the end user. Since the founding of his new company, Eazel, his vision has been to make that graphical interface for end users of Linux and other Unix-styled operating systems. Nautilus 1.0 is the realization of that vision.

This week Eazel introduced Nautilus 1.0, the first public release of the well publicized software that implements Hertzfeld's ideas. In preparation for that release, Eazel's Director of Product Management, Tom Goguen, called me to talk about Nautilus and Eazel's backend service business. Tom is an ex-product marketing henchman for Sun Microsystems who has been at Eazel for the past three months.

Tom opened up his discussion on Nautilus with words of praise for the developer community that helped reach this first stable public release. "We want to thank everyone who's been involved with it. This project involved over 100 engineers - fully 2/3 were from the developer community at large". That's a big project to manage and I asked Tom how dealing with a conglomeration of developers, most of whom are not under direct control of Eazel, changes the way development is done in a business.

"The only issue you run into is when [developers] arrive at the last minute with bug fixes and they discover that it's a few weeks to delivery and they try to get all their fixes in at once. It's a bit challenging managing that and the expectations associated with that". So the development process actually changes from traditional top down management. And it definitely changed Tom's view of that process.

"It changed my experience as a product marketing guy", he laughed, "partly because as a marketing person you never believe the times you get from the engineers, you always build in a little padding. With a 1.0 open source release there is always a little more variability as to when the product will show up. In a funny way it requires a little different approach from a marketing perspective. You don't make one big giant announcement to the world. You come out and talk to the community when it's ready and then tell the world shortly thereafter". Essentially you check to see how badly the developers revolt and if their response is "that wasn't too bad", then tell the world.

The infinitely growing shell - Nautilus.

As Goguen puts it, "Nautilus is infinitely extensible". Built around the popular GTK graphical toolkit, its interface is easily customizable by the end user, but configuration goes far beyond its look. Nautilus is also extensible on the back end, where services can be linked to specific file types. Developers can add services that expose file views to Internet services in a contextual way: text files can be exposed to text services, music files to music services, graphics files to graphics services. And that's where the use of the name Nautilus arose. The Nautilus is a shelled sea creature with an ever increasing number of chambers that give the shell its unique appearance. "Because the software is infinitely extensible graphical shell", says Gogue, "the Nautilus itself made a great symbol for us".

In this 1.0 release, Eazel is introducing a new feature called Text Tools, a backend service for doing Internet-based searches on text files. While you have already been able to view a text file inline from within earlier releases of Nautilus, in 1.0 you can now highlight any word within that file and do searches in dictionaries or through Google or other search engines or perhaps even have the highlighted word translated. Eazel feels this feature will interest developers and application service providers.

"This gives an example of how you can now deliver services directly to the desktop and expose them to the media people are using. You can imagine doing this in the music view or the image view. You could add a 'Print At...' that would allow an image view to be printed at an Internet connected service bureau (a printer for high end graphic prints). It's pretty powerful and pretty cool. We think it will be interesting over the next few month in terms of how developers begin exposing their online services through the interface".

Eazel demonstrated some beta versions of Text Tools at LinuxWorld but really hadn't talked about it outside of that till now. Right now, the feature is just implemented with text files, not across other media formats. "It is just implemented in text files right now because the services are specific to the media type", said the Eazel director. This means that other services are expected to be added later for other file types. Notes Goguen on the text views support, "What's interesting to me is that every word in every text document is a potential hyperlink now, driven by the user instead of the author".

"We anticipate people taking, say, the music view and adding services such as burning CDs or pulling information about artists or songs or whatever". With the current implementation, Eazel has used Google as the backend search engine for the Text Tools services. But users can modify the XML configuration file to use different search engines. "We expect developers to establish initial settings for their services, but users will be able to modify them as they see fit. It's a completely exposed interface for developing views for passing the information through GNOME VFS out to the Internet or a network file system".

While Eazel is releasing a full-fledged software distribution of Nautilus, they won't offer a packaged product. Their main source of income will come from those backend services similar to the Text Tools search engine. Their current set of services includes a software catalog, internet storage service and in the next few weeks they will have a software updating service online. The key to Eazel's success is getting Nautilus onto as many desktops as possible, so that, in the long term, access to these services will be not just desirable to end users, but readily available from their desktops.

Yet despite Eazel's focus on services, packaged versions of Nautilus are in the works. "Nautilus is going out with Red Hat, both 6.2 and 7.0, and we also did a joint agreement that includes backend services which include update services. Red Hat and Eazel are collaborating on the infrastructure for that", said Goguen.

"Out the door we're supporting RH 6.2 and 7.0. We're working on Mandrake next, followed by SuSE and others. We have it running on Solaris in the office". While Ximian showed GNOME on HP at LinuxWorld, Eazel hasn't started work on that platform yet. "If the Ximian guys are going to support that with 1.4, then we'll eventually support it. Nautilus will be in 1.4. One of our guys is actually co-release manager of GNOME 1.4".

So who exactly is supposed to use Nautilus? Says Goguen, "If you're an end user managing lots of data, lots of files, lots of digital media then this is going to be a killer tool for you. It has lots of features that help you do this: zoomable interfaces, thumbnailing of documents and images, ability to preview documents, images and music. All of these combine to make Nautiuls incredibly powerful. Of course, tied to that are the online services. It's intuitive to tie into our services, and even third party services, by tying those services directly to the media". But is it ready for the secretarial world? "Let's be frank, there aren't a lot of them with Linux on their desktops yet, but Nautilus will make it easier to put them there".

"Nautilus is redefining the user experience. It's no longer a question of finding an application to edit a file. Nautilus has flipped this view on end. It's a question of managing my data from my data", explains Goguen. "Nautilus will tell me what tools I can use to view or edit the document using MIME types. Instead of thinking of a desktop with a bunch of tools, Nautilus makes the desktop more like a dashboard where you look at your information and examine it with the services you have".

Desktop file thumbnails and previews for image files appear to be handled by thumbnailing the image initially and then scaling the thumbnail. The first time the file is encountered, the thumbnailing can take a while if the files are very large, but, after that, performance is better because processing is handled through the thumbnail and not the original image. I didn't ask but one wonders what methods are used to keep the thumbnail synchronized to changes made to the larger image file.

Transparency and alpha-blending are built into Nautilus, thus there is no need for the recent updates to XFRee86 from Keith Packard to clean up the X interface. There are couple of people who are key contributors to the FreeType project working at Eazel, and Eazel has taken advantage of their skills to help tidy up the display. According to Goguen, there is an option in Nautilus to let Nautilus render the desktop to make it look cleaner.

Eazel's Software Catalog also gets an update.

Eazel's Software catalog is also getting a new look this week, making it easier to use with the introduction of software suites. "In Nautilus, you'll see, for example, a music suite on the software catalog which will help you find everything you need to RIP and play MP3 files", says Goguen. Today, their software checks dependencies to make sure you have what you need and won't have any conflicts. In the future, what you'll see with suites like the Music suite is an ability to get several applications that can work together. For example, in an MP3 environment you'll find applications for playing, ripping and moving files. Goguen adds, "We'll have a browser suite which will provide a browser and all of the plug-ins that go with it. This gets us much closer to what a casual user would enjoy using".

The software catalog is accessible both through the web and with the Nautilus software, but to do the easy software installs, you need to be running Nautilus. The top right hand side of the Nautilus window has a button that takes you to Eazel's services. When asked about issues related to low-bandwidth connections, they replied "Nothing more than the issues you normally encounter with large files. Right up front, when the software catalog does its checking, it decides what packages you need and tells you the sizes of the collective download before you start it". One of the things they're working on is providing downloads of file differences, essentially a form of rsync that will reduce the actual amount of data downloaded in order to get packages to users.

Goguen closed our discussion with something he's been telling Windows fans who have been saying Windows XP will have similar similar features at its release. Quotes the Eazel exec, "Linux has Nautilus now".

You can download Nautilus 1.0 from Eazel's website at http://www.eazel.com/download

Desktop Environments

Kernel Cousin KDE launches. The first issue of Kernel Cousin KDE, a news site covering KDE development, has hit the web. Topics in the inaugural issue include the KDE printing system, the 2.1 release schedule, and more.

GNUStep weekly update, March 11, 2001. The GNUStep weekly development update has been posted.

Section Editor: Michael J. Hammel

March 15, 2001

Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Desktop Environments

Window Managers (WM's)

Minimalist Environments

Widget Sets

Desktop Graphics
CorelDRAW (*)(w)
Photogenics (*)

Windows on Linux

Kids S/W
Linux For Kids

Send link submissions to lwn@lwn.net


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Development page.

Development projects

News and Editorials

In past issues of LWN, we have discussed the need for alternatives to the popular SourceForge site at VA Linux. SourceForge provides an excellent resource for open-source development, but we firmly believe in the axiom "Don't put all of your eggs in one basket". Currently, SourceForge lists over 17,000 projects and over 134,000 users. That's a lot of eggs.

Some fairly recent entries into the world of open-source project hosting include BerliOS which currently hosts 85 projects and has 265 registered users, and Savannah [Savannah] which claims 85 projects and has 328 registered users. Savannah is based on the SourceForge 2.0 code, which is freely available.

Savannah seems to be strongly oriented toward GNU projects, leading to the question of whether non-GNU projects can be hosted there. Not everybody wants to work within the rules for GNU projects (i.e. signing copyright over to the FSF, coding standards, etc.). One has to dig pretty far into the site before finding the following text:

The FSF would like to extend an invitation to any Free Software project to be hosted for no price and no catch. This is our token of appreciation to the people who help make the GNU project a reality.

Thus, it is not necessary to go the full GNU project route, as long as the software involved has an FSF-approved free license.

The open availability of SourceForge software takes a lot of the work out of starting a new software hosting site, it seems like the time is ripe for some new sites to open up.

Surprisingly, there are not very many small, focused-area software hosting sites. Many areas of focus are available, including among other things, specific languages, embedded systems, and database and web applications to name a few.

Whether it is possible to make money with a software hosting site remains to be seen, but such a site brings a level of community recognition that money can't buy. One would think that a few of the larger, well established computing companies such as Sun or IBM would venture into the software hosting arena. It's probably only a matter of time before they do.

Meanwhile, the launch of Savannah should provide a much-needed alternative to SourceForge. (Thanks to Marko Schulz for the pointer to Savannah).


Oracle MySQL conversion available. A conversion kit from MySQL to Oracle has been mentioned on the MySQL site. "At MySQL AB we are pleased to note that Oracle Corporation has shown their recognition of the significant MySQL impact in the database market by creating a MySQL-Oracle migration kit. We are delighted that Oracle shares our view that it should be easy to transfer data between various database architectures."

Embedded Systems

Embedded Linux Newsletter, March 8, 2001. The latest summary for the week that was in the embedded Linux market has been published: LinuxDevices.com's Embedded Linux Newsletter for March 8, 2001.


Wine Weekly News for March 12, 2001. The March 12, 2001 edition of the Wine Weekly News has been published. This issue covers a new Wine web site with lots of tips for dealing with real-world problems, asynchronous I/O performance tests, and other Wine speed improvements.

Mail Software

Mailman 2.0.3 released. Version 2.0.3 of Mailman has been announced. Mailman manages electronic mail lists with a web based interface. This version includes an important privacy patch.

Network Management

A Visit to OpenNMS. Pete Siemsen made a trip to the OpenNMS facilities in North Carolina and posted some useful tips that he learned about getting OpenNMS installed and running on his system. "A functional system has several pieces: Java, OpenNMS, PostgreSQL, Tomcat, Xerces, RRD, Ant, etc. Versionitis is a problem. On my system, some components had to be upgraded because they were all of a month old! The team will bundle things for releases, but this problem will make life interesting for developers."

Two new OpenNMS Updates.

  • The March 6, 2001 issue of the OpenNMS update is out. This issue covers project status, an upcoming OpenNMS release, and road shows.
  • The OpenNMS update for March 13, 2001 also showed up. Topics include the release of OpenNMS 0.7.1, ongoing DSL hassles, improving the ease of installation, and more.


Major Releases for BioPython and BioPerl (bioinformatics.org). Two major releases of Biopython and Bioperl have been released. Both projects consist of collections of tools for use in molecular biology and genome research science. Last, but not least, there is also a BioLisp project.

Software Development Tools

Gnu Visual Debugger 1.1.0 released. Version 1.1.0 of the Gnu Visual Developer has been released. "Besides providing all the features of other debugger GUIs, GVD includes advanced data display and visualization capabilities. Furthermore, GVD allows the debugging of multi-process/multi-threaded applications in the same debugging session." For an added challenge, GVD is written in Ada...

Software Testing

Testing, fun? Really? (IBM developerWorks). Jeff Canna discusses software testing in an IBM developerWorks article. "Testing. Yuck! Puh! Aagh! I've always hated testing. Testing, both unit and functional, is something that gets in the way of the 'real' work. Everyone knows that their code is perfect, right? In the unlikely event that the code does need to change, the comments are so well written that anyone could figure it out. Wow, am I in need of growth (maybe some counseling as well.)"

Web-site Development

New Zope Documentation. Michel Pelletier has announced the creation of several new Zope publications, some of which are still in the planning stages. Included are the Zope book, a Zope Developer's Guide, and a Zope Administrator's Guide. All three documents are being released under the Open Publication License.

Window Systems

Qt 2.3. Trolltech announced the release of Qt 2.3, now with anti-aliased fonts and True Type and Type 1 font support for printing.

The People Behind KDE: Dirk Mueller. This week Tink interviews Dirk Mueller. Dirk has been working on the Konqueror HTML engine of KDE 2.x. "How and when did you get involved in KDE?

I read about KDE the very first time by following a link posted in a Linux related newsgroup to an archive that contained Matthias Ettrich's initial call for programmers back in early 1997. I read the article about KDE by Kalle in the german computer magazine c't later that year and from those days on I started to follow KDE development, mainly as a user and a convert from the Linux console, where I've been previously porting a text based C++ News and Mailreader too."

Recommended Reading

Debunking the myths of UI design (IBM developerWorks). Paul Smith discusses the importance of user interface design in an IBM developerWorks article. "Everyone in product development does design work, whether they know it or not. Moreover the design is the dimension of a product that customers see and feel; it is what satisfies or disappoints them."

Section Editor: Forrest Cook

March 15, 2001

Application Links
High Availability

Open Source Code Collections
Le Serveur Libre



Programming Languages

Expressiveness and language choice (IT World.com). Robert C. Martin discusses dynamically typed languages in an IT World.com article. "As this decade progresses I expect to see an ever increasing use of dynamically typed languages such as Python, Ruby, and even Smalltalk. These languages are often referred to as 'scripting languages'. I think this is a gross injustice. It is these languages, and languages of their kind that will be mainstream industrial languages in the coming years."


Catching more errors at compile time with Generic Java (IBM developerWorks). Keith Turner discusses Generic Java and parametric types in an IBM developerWorks article. "The elegance and expressiveness of the Java programming language has won the hearts of academics and developers alike. Additional features may enhance the Java language, but it is hard to reach a consensus on what to include and how to implement it. For example, there is an intense debate over whether to include operator overloading. On the other hand, there seems to be a general consensus that parametric types would be a welcome addition to the language specification. Here the contention exists over how parametric types should be added. One popular proposal is called Generic Java (GJ). This article will introduce parametric types and discuss some of the strengths and weaknesses of GJ. "


LISA 0.5a released. The first public alpha release of LISA, the Lisp-based Intelligent Software Agents, has been announced.

Markup Languages

Ximian soups up SOAP for Linux (ZDNet). SOAP is an XML-based protocol designed for sharing data in a distributed environment. Here's an article about SOUP, Ximian's SOAP compiler. "Ximian is creating a tool that will allow Web services written for Linux to be compiled for SOAP. De Icaza said the compiler could be available to developers within two months. A compiler changes the software code into language a computer can understand, allowing the computer to run the program. "


Perl5 Porters for March 12, 2001. The March 12, 2001 edition of Perl5 Porters is out. Topics covered this week include podchecker questions, EBCDIC and UNICODE, and uses for the previously undocumented PERL_DL_NONLAZY environment variable.

Writing GUI Applications in Perl/Tk (perl.com). Nick Temple discusses multi-platform Perl/Tk GUIs in an article on perl.com. "In this article, I will introduce the basics of installing the Perl interpreter for Win32 and writing a visual application using the Tk (toolkit) modules. This system is geared toward the Win32 and Linux developers; however, most of the information presented pertains to other operating systems as well."

VoiceXML Adventure Game (WebRef). Continuing in the series on VoiceXML, a WebRef article discusses the writing of a voice based Adventure game on the Tellme site.

  Tellme: You are in a small room with three doors.
  Tellme: To open the first door, press 1.
  Tellme: To open the second door, press 2.
  Tellme: To open the third door, press 3.
  User: (pressed 1)
  Tellme: You see a large hungry monkey.
We can only hope that this doesn't get popular with commuters who own cell-phones.

Test Shows 99.99% of High School Seniors Can't Read Perl (bbspot). Showing a growing trend towards code illiteracy, this study tells of a developing crisis: "San Francisco, CA - Recent results from standardized Perl Fluency Test showed that 99.99% of US high school seniors can't read Perl. This disturbing statistic shows that American students are painfully unprepared for life after graduation."

Two New Perl/Tk widgets. Robert Kiesling has announced the availability of two new Perl/Tk widgets, Tk::SimpleFileSelect and Tk::Browser.


PHP Weekly Summary for March 12, 2001. The March 12, 2001 issue of the PHP Weekly Summary is out. This issue covers the newly redesigned PHP Net site, PHP 4.0.5 RC1, compressed output buffering benchmarks, and more.


Python Conference Coverage (zopeNewbies). The zopeNewbies site has coverage of the O'Reilly Python Conference last week in Long Beach, California.

O'Reilly also has coverage of the Python conference by Laura Lewin, and Frank Willison.

Jython 2.1 alpha released. The first alpha release of Jython 2.1 has been announced. Jython, of course, is the Java implementation of the Python language; the 2.1 release mirrors the Python 2.1 release.

Linux version of Installer for Python 2. Gordon McMillan has announced the Linux version of Installer for Python 2. The installer provides a way of packaging Python applications and dependencies for distribution.


The latest issues of Dr. Dobb's Tcl-URL!.

  • The March 8, 2001 Tcl-URL! covers the announcement of a puzzle game called tkSokoban, the creation of a shared SourceForge project for small Tcl programs, and creating linear filters in Tcl.
  • The March 12, 2001 Tcl-URL! discusses running Tcl from Java, Chinese characters, changes to the TkGS font project, and more.

tclpython 2.0 announced. Tclpython version 2.0 has been announced. Tclpython allows the execution of Python code from within a Tcl script.

Section Editor: Forrest Cook

Language Links
Caml Hump
g95 Fortran
Gnu Compiler Collection (GCC)
Gnu Compiler for the Java Language (GCJ)
IBM Java Zone
Free the X3J Thirteen (Lisp)
Use Perl
O'Reilly's perl.com
Dr. Dobbs' Perl
PHP Weekly Summary
Daily Python-URL
Python Eggs
Ruby Garden
MIT Scheme
Why Smalltalk
Tcl Developer Xchange
O'Reilly's XML.com
Regular Expressions

 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Commerce page.

Linux and Business

The sad story of Linuxgruven. The name sounds cool, the web site looks cool, but what's happening now is both sordid and sad. You can read the St. Louis Post-Dispatch report on the troubles at Linuxgruven, or the official statement from Linuxgruven co-founder and acting CEO James Hibbits, or you can wade through piles of posts on Slashdot and the kulua archives (kulua = Kansas Unix & Linux Users Association), but all those sources provide more questions than answers.

The kulua archives from last January report that the Clayton, Missouri company was in trouble with the Kansas City Better Business Bureau, and responses from then CEO Matt Porter failed to provide any answers. Linuxgruven's main business seems to be Linux training. According to the web site you can train for Sair GNU/Linux certification or LPI certification. In fact LPI (Linux Professional Institute) lists them as a Bronze Sponsor. However according to this St. Louis Post-Dispatch story (dated Feb. 8) "Sair Linux of Oxford, Miss., has suspended Linuxgruven as one of its accredited centers for learning Linux. Sair Linux says Linuxgruven failed to hire instructors that have passed Sair's tests on using its teaching materials." This article also states that Linuxgruven is under investigation by the Better Business Bureau's of Eastern Missouri and Southern Illinois.

The essence of the allegations against Linuxgruven deal with a sort of bait and switch scam in which a job is advertised, but an applicant is first required to pay for a class, which they must pass to get the job. In the worst case one poster told of being offered a job, and was then asked how they wished to pay for it.

While it is difficult to determine the magnitude of the Linuxgruven offenses, it is even harder to determine whether the alleged abuses were the result of the actions of a single individual, or several individuals or some deliberate company policy. Here are some of the facts, as far as we have been able to determine.

  • Linuxgruven is in the training business.
  • Linuxgruven did offer jobs to people who could obtain Linux certification.
  • Linuxgruven also offered its classes, with payment in advance, to train for the certification exams.
What also appears to be true is that:
  • At least some of Linuxgruven's students received their certification and were subsequently employed by Linuxgruven.
  • Students who remained employed at Linuxgruven for a year received a refund of their tuition (as promised).
  • Not everyone employed by Linuxgruven took classes at Linuxgruven (they received training elsewhere and were able to pass Linuxgruven's certification exams).
  • A large number of Linuxgruven students never received any type of Linux certification (they failed the tests or dropped out).

The founders of the company lay the blame on the management team they hired last year, and vow to try again.

EuroLinux open letter to the European Commission on software patents. The EuroLinux Alliance has sent an open letter to the European Commission regarding its consultation process on software patents, which appears to have stalled. Even worse, there is evidently a move afoot to set up software patents in Europe without finishing the consultation process. EuroLinux, of course, wants the Commission to think things through a little better first; we wish them luck.

EuroLinux has also sent the EC some proposals for EC consultation on software patents.

Lineo breaks ground for new corporate headquarters. Some companies go into crisis mode and cut staff when their IPO's fail to happen; Lineo, instead, is starting construction on a new headquarters building. It will have room to hold 450 people, even though Lineo currently only has 140 in Utah.

Zero-Knowledge Systems Raises US$22 Million Financing. Zero Knowledge Systems has announced the receipt of $22 million in venture funding - an impressive achievement in these times. A somewhat more ominous paragraph can be found at the end of the release, though: "In addition to securing financing, Zero-Knowledge also announced today that it is reorganizing the company to focus on delivering its technology and services in the most effective manner to its customers, both enterprises and consumers. This reorganization will allow Zero-Knowledge to continue to provide the best privacy technologies to its customers."

OSDN and BRIE to present symposium on ''rethinking business in light of open source''. The Open Source Developer Network and the Berkeley Roundtable on the Internet Economy have announced a symposium on "rethinking business in light of open source." A number of well-known Linux figures will be there, along with representatives from IBM, Mozilla, the EFF, and more. It's happening on April 18 in San Francisco.

AMD, Linux NetworX deliver Linux cluster to Boeing. We have press releases from both AMD and Linux NetworX proclaiming the sale of a Linux cluster to Boeing. The cluster features 96 AMD Athlon processors, and it will be handling fluid dynamics problems for Boeing.

Caldera's New OpenLinux server product enters beta. Caldera Systems has announced that its latest OpenLinux server release has gone into an open beta test period. It's called "Project 42," and it features things like the 2.4 kernel and a full set of server software.

Separately announced is a deal with Lutris to ship the Enhydra application server with "Project 42."

RidgeRun Releases Open Source Service Discovery Protocol. RidgeRun, Inc. announced that it has added support for Bluetooth Service Discovery Protocol (SDP) to the OpenBT Linux Bluetooth stack sponsored by Axis Communications. SDP will be incorporated into RidgeRun's upcoming distribution of DSPLinux which is focused on Texas Instruments' Digital Signal Processors (DSPs).

MontaVista, ITT announce handheld radio agreement. MontaVista Software, Inc. and ITT Industries, Inc. announced that they are working together to enhance a handheld radio communications system for soldiers. The ultra-capable communications system relies on Hard Hat Linux to support multiple StrongARM processors.

Agenda Computing Launches Pure Linux PDA. Agenda Computing will soon launch a pure Linux PDA (personal digital assistant) called the VR3. The launch is scheduled for COMDEX in Chicago beginning April 3.

Linux Stock Index for March 08 to March 14, 2001.

LSI at closing on March 08, 2001 ... 33.33
LSI at closing on March 14, 2001 ... 30.22

The high for the week was 33.33
The low for the week was 29.65

Press Releases:

Open source products

Unless specified, license is unverified.

Proprietary Products for Linux

Products and Services Using Linux

Products With Linux Versions

Java Products

Books & Training




Section Editor: Rebecca Sobol.

March 15, 2001


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Linux in the news page.

Linux in the news

Recommended Reading

DeCSS 2? DVD code broken again (ZDNet). Seven lines of perl code is all it takes these days to read DVD's, according to this ZDNet article. "Last week, a Web site published the pair's seven-line program, which unscrambles the protection around a DVD so quickly that a movie can play at the same time, although the film appears choppy. It's the shortest program to break DVD defenses to date."

The Story Behind Tux the Penguin (Wired). Wired News has posted this article on the Linux logo. "'When I saw the new IBM Linux advertising campaign, I wondered how much of their multi-million dollar budget went to licensing fees for the penguin,' said a public relations representative who requested his name not be used. 'I was amazed to find out that anyone with a Linux-related product or project has the right to use the penguin. Normally, teams of always-angry lawyers fiercely protect logos. And when I discovered you could alter the penguin however you choose, I was flabbergasted. Logos are sacred, untouchable icons in corporate culture.'"

Putting the Web in a Bind (ZDNet). Here's an article about security and BIND bugs. "When asked why more system administrators don't upgrade BIND on their DNS servers, ISC's Vixie said it is purely their option to do so. The ISC does not monitor BIND users or notify them of changes. Registering BIND users is contrary to the concept of freely available software as open source code, he added. The only requirement asked of a downloader is "to use it in good health," he said. Vixie said BIND users may sign up for a newsletter that fills them in on patches and when upgrades are available, but fewer than 500 have done so. He estimated there are at least 30,000 administrators of DNS servers who would need to be notified. "

Is Open Source Un-American? (O'Reilly Onlamp.com). Tim O'Reilly replies to readers responding to his swing at Microsoft's recent comments on open source. "Regarding Kerberos, Jim insists that Microsoft's Kerberos implementation is interoperable. He admits that you can't use the additional Microsoft-specific features in other systems, but says that if it isn't interoperable, he will make it so."

It's Tool Time (ZDNet). ZDNet reports on open source methodologies and philosophies and says that even open source is prone to basic software issues. "Regardless of who's in charge, open-source development methods can't free you from management foibles. The lessons of Fred Brooks' software project management classic, The Mythical Man Month, remain as true as ever. For instance, throwing more programmers at a late project will just make it later. As the unofficial delays in the release of Linux 2.4 showed, that's still true-with or without open source."


Ted Ts'o (ZDNet). ZDNet covers kernel lieutenant Ted Ts'o. "Now, as a principal engineer for systems integrator VA Linux Systems, Linux is his full-time job, which continues into the late evening as he tries to catch up on messages dealing with bugs."

Pop goes the Eazel (ZDNet). Here is ZDNet's take on the layoffs at Eazel. "The company had $15 million in funding from investors, with Accel Partners holding the lion's share. Now, with most of that money burned through, Eazel is looking for more funds. Sources close to the matter say though that the venture capitalists are not pleased with Eazel's path to profitability."

Eazel lays off more than half its staff (News.com). According to News.com, Eazel has just laid off about 40 employees. "'What we're doing is getting our burn rate and business plan more in line with the more sober economic environment,' said Brian Croll, Eazel's vice president of marketing."

Linux company [Eazel] to release key software (News.com). News.com reports on the release of Nautilus 1.0. "One significant change to Nautilus 1.0 over earlier test versions is the addition of 'text tools,' which will allow computer users to take actions when they highlight words in a text document. For example, people will easily be able to submit that text to the Google Internet search site or to an online dictionary."

New Sylvania Internet/TV has "Linux inside" (LinuxDevices). LinuxDevices reports on the Sylvania's upcoming digital TV which will run an embedded version of Linux. "The new Sylvania Internet/TV receives standard broadcast or cable TV signals via a built-in TV tuner and is usable as a high resolution display for external video sources including VCRs, DVD players, DSS, cable boxes, and computers (up to 800 x 600 SVGA resolution). The system is also "HDTV-ready," which means it will be able to display the high bandwidth video signals produced by an external HDTV receiver. "

Guest editorial: Microsoft's Ironic Valentine (LinuxDevices). Michael Tiemann, CTO of Red Hat, comments further on recent Microsoft attacks on Open Source and Linux. "By using the non-proprietary HTML file format, and by publishing the source code to the HTTP protocol, Berners-Lee made it easy for others to create their own Web content and Web sites. People immediately ported this software from the quirky NeXT platform to mainstream systems by Sun Microsystems, IBM, Hewlett-Packard, Silicon Graphics and even Microsoft. Dozens, then hundreds, then thousands, and now tens of millions of people have created their own Web sites, Web content, search engines and other innovations."

Opening proprietary code doesn't come easy for HP (ZDNet). ZDNet looks at HP's OpenMail vs open source situation. Historically, HP has been open source unfriendly. Carly Fiorina, HP CEO, at October's NetWorld+Interop show, signaled a change in her keynote speech by saying that, "The open source movement is natural, inevitable and creates huge benefits. It's part of the next wave of computing."


Only the strong survive in Linux landscape (News.com). Here's a News.com article about the tougher business environment. "Few doubt there is a future for Linux itself: It is the second-most popular server operating system, won the heart of IBM, and was identified as Microsoft's 'threat No. 1' by Chief Executive Steve Ballmer in a January speech. And the cooperative programming effort that creates Linux shows no signs of slacking off. But much of the entrepreneurial momentum behind the operating system is gone."

Is that a penguin roosting in Redmond? (ZDNet). Here's a ZDNet opinion piece saying that Microsoft should buy Corel's Linux division. "Still not convinced? I'm sure there are plenty of nattering nabobs of negativism (apologies to Spiro Agnew) out there who think that Microsoft is the absolute worst thing that could happen to Linux. But, let's face it, the vox populi act can only be played out for so long. Don't the guys who talk the open source talk while reaping the benefits of reselling an essentially free operating system strike you as just a bit disingenuous?"

Commentary: Linux faces the law of capitalism (News.com). News.com is running a Gartner Group pronouncement on the future of Linux businesses (and distributors in particular). "The current level of activity suggests the opportunity for Linux has not yet peaked. Still, the route to success will become much more complicated (and expensive) for Linux distributors. Providing obvious added value will become critical and will probably involve an operating system/middleware software stack, not just operating system distribution."


Agenda to challenge Palm with "pure Linux PDA" (LinuxDevices). LinuxDevices looks at Agenda Computing's new VR3 PDA, and other Linux-based PDAs. "All these efforts are aimed at establishing PDA-Linux as a popular community phenomenon, supported by thousands of application developers worldwide, in hopes of creating a viable "open source" alternative to the proprietary -- though hugely successful -- PalmOS."

Device review: Axis 2120 Network Camera (LinuxDevices). LinuxDevices is carrying this review of the Axis 2120 Network Camera. "The camera itself -- weighing in at only (approximately) two pounds, it's hard to believe that Linux lives in there."

Tribes 2 Linux Preview (Duke of URL). The Duke of URL reviews Loki's latest entrant in the games domain: Tribes 2. "Loki has done an outstanding job with keeping up with the port, and I can't help but commend their efforts on this project. Still, there seems to be several issues with Mesa-based drivers currently, but there are many volunteers in the open source community currently working on this problem. However, until then, the NVIDIA cards are the only ones that work with decent speed."

Hello Crusoe: New notebooks debut (ZDNet). ZDNet reports on new Crusoe powered notebooks that will be hitting the market soon. Most will come with Win2k, though at least one model will have a Win2k/Linux dual boot option. "Along with potentially expanding Crusoe's presence in the United States, the new machines exemplify major currents in Transmeta's overall strategy. For one, Transmeta and its PC manufacturers are clearly trying to occupy a high ground when it comes to design."


Building communities on the internet (Financial Times). The Financial Times talks with MandrakeSoft CEO Henri Poole. "Unlike much of the computer industry, Mr Poole believes that Linux is ready for the desktop. He says that he uses Linux for all his office work, mostly by using StarOffice, the office suite, recently bought by Sun Microsystems, that is similar to the popular Microsoft Office. Sun has now released StarOffice with an open source licensing scheme under the name OpenOffice."

The 5 Faces Changing The Linux Desktop, Part 1 (LinuxOrbit). This interview with Shawn Gordon (of theKompany.com) is part 1 of a 5 part series covering the people who are changing the Linux desktop. "With the release of KDE 2.0 the bar has been moved higher, and GNOME is not sitting on its hands. GNOME's new graphical shell, Eazel 1.0 is due out very soon, and Ximian (formerly Helixcode) is releasing Evolution and Red Carpet to the huddled masses in the very near future. It's going to rock to use GNOME this year. KDE has already released KDE 2.1, which is more of an internal upgrade than anything else, and are already planning their next big move. It's going to rock to use KDE this year, too."


Game Arrives Only in Dreams (Wired). Here's a Wired News look at Indrema and the delays in the launch of its gaming console system. "And so far, Indrema does looks like classic vapor. The company has sidestepped each delay by promising a more and more elaborate system. Now, instead of a mere gaming system, the console will have to be nothing less than 'The Future of TV' to make some people wonder if the delay is worth it."

Will penguins rule? Not any time soon (ZDNet). This article from ZDNet asks if the price differential between Linux and the upcoming Windows XP will be enough to sustain Linux growth on the desktop. "Although Linux's considerable system stability edge over Windows will die along with the 9x code base -- as anyone who's already moved to Windows 2000 can attest -- the low price of Linux will remain a significant advantage over Windows. An upgrade version of Windows 2000 Professional retails for $219, and the Windows ME upgrade sells for $109."

Section Editor: Forrest Cook

March 15, 2001


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Announcements page.



Linux on a Laptop: Upgrading to 2.4.x. LinuxOrbit looks at the process of upgrading a laptop to the 2.4.x kernel. "When upgrading your system to a new kernel, always make backup of key files. This should include your source files in /usr/src/linux for your current working kernel. I recommend using the compression method. That means going to the /usr/src directory as root and using the command."

CVS for the Developer or Amateur. Here's a tutorial on CVS, the Concurrent Versions System. Registration is required.

O'Reilly Signed Book Giveaway. The Duke of URL is giving away 6 copies of O'Reilly's Evil Geniuses in a Nutshell signed by its author, Illiad. And they also have 8 copies of O'Reilly's The Cathedral and the Bazaar signed by author, Eric Raymond. Go to www.thedukeofurl.org/contests.shtml to enter the contest. Enter by March 21, 2001.

Why go wireless?. LinuxLookup has an article on wireless networks.

Installing and Using CPAN.pm. Linuxnewbie.org has a how-to article on CPAN.pm. "Quite simply CPAN.pm takes care of those piddling details which can make perl module installation so painful - it will find, ftp, decompress, install and make any module you want...".

TOTW: More to Math Than Counting. This week LinuxLookup follows up on last week's 'wc' command with the GNU/Linux calculators bc and dc.

LinuxUser issue 7 now available for download. Here's a list of files in LinuxUser issue 7, or you can download the PDF files here.


OMG Days Europe 2001. The last two Object Management Group (OMG) Information Days on "Enterprise Application Integration with CORBA and UML", organized by LogOn Technology Transfer, are this week: Helsinki, March 15, 2001 and Budapest, March 19, 2001.

CeBIT lodgings. If you are looking for a place to stay while attending CeBIT (Hannover, Germany, March 22 - 28, 2001) there are some accomodations still available.

MontaVista presents free seminars. MontaVista Software is hosting two free seminars on developing embedded applications with Linux. The first happens March 23, 2001 at the Bellevue Hilton in Bellevue, Washington. The second will be held March 27, 2001 at the Hotel Boulderado in Boulder, Colorado.

OSDN and COMDEX to Present ``Open Source Answers for Business'' Conference At LINUX Business Expo. The Open Source Development Network (OSDN.com) and COMDEX are collaborating to produce the best LINUX Business Expo yet at COMDEX Chicago 2001, April 2 - 5 in Chicago.

XML DevCon Spring 2001. Here's a press release with additional info about XML DevCon, April 8 - 11, 2001 in New York.

Twin Cities Linux Solutions Conference. The 2001 Twin Cities Linux Solutions Conference, a Real Time Perspective, will be held at the Radisson South, Bloomington, MN on April 12, 2001. The Twin Cities Linux User Group (TCLUG) will be on hand to host an Install Fest.

Linux@work in 12 cities in Europe in 2001. LogOn Technology Transfer is again organizing a series of Linux events throughout Europe called Linux@work. These 1-day, city-to-city events, will take place in 12 European venues in 2001, beginning May 8 in Copenhagen and ending June 15 in Amsterdam.

The Internet Security Conference to Expose Hacking. The Internet Security Conference (TISC) will present ULTIMATE HACKING, an intense two-day, hands-on workshop conducted by Hacking Exposed author, George Kurtz, and the Foundstone security team. TISC will be June 4 - 8, 2001 at the Century Plaza Hotel in Los Angeles, California.

2001 USENIX Annual Technical Conference. The 2001 USENIX Annual Technical Conference will be held June 25 - 30, 2001 at the Marriot Copley Place Hotel in Boston, Massachusetts.

Linux 2001 -- UK Linux Developers' Conference. The UKUUG (UK Unix User Group) Linux 2001 Developers' Conference will be held in Manchester from 29th June to 1st July. The call for papers is open now and will close March 30th.

For those considering a trip abroad to visit this and other conferences, the organisers have a handy list of URLs for conferences with a UK/European bias.

HAL 2001. Hackers At Large 2001: debating the future of the Internet, will be held August 9 - 12, 2001 at the campus of the University of Twente in Enschede, The Netherlands.

EIC Chairpeople. The 2nd annual Embedded Internet Conference, will be held on August 14 - 16, 2001 at the Santa Clara Convention Center. They are looking for people to chair various discussion groups.

Events: March 15 - May 15, 2001.
Date Event Location
March 15, 2001. Linux convention (in Icelandic). Iceland.
March 19 - March 22, 2001. SGI Global Developer Conference Burlingame, California.
March 20 - March 22, 2001. FOSE 2001 Washington DC Convention Center.
March 21 - March 24, 2001. Singapore Linux Conference / LinuxWorld 2001 Singapore.
March 22 - March 23, 2001. Linux Accessibility Conference Los Angeles, California.
March 22 - March 28, 2001. CeBIT 2001 Hannover, Germany
March 26 - March 29, 2001. O'Reilly Conference on Enterprise Java Westin Hotel, Santa Clara, California.
March 28 - March 29, 2001. LinuxBazaar 2001 Czech Republic.
March 30, 2001. Colorado Linux Info Quest Denver Marriott Tech Center, Denver, Colorado.
April 2 - April 5, 2001. COMDEX Chicago McCormick Place, Chicago, Illinois.
April 4 - April 5, 2001. Linux Expo Madrid Palacio de Congresos, Madrid, Spain.
April 4 - April 6, 2001. ApacheCon 2001 Santa Clara, California.
April 6 - April 8, 2001. GNOME Users And Developers European Conference (GUADEC) 2001 Copenhagen, Denmark.
April 8 - April 11, 2001. XML DevCon Spring 2001 New York Marriott Marquis, New York City.
April 9 - April 13, 2001. Embedded Systems Conference San Francisco, California.
April 12, 2001. 001 Twin Cities Linux Solutions Conference - A Real Time Perspective Radisson South, Bloomington MN.
April 20, 2001. 2nd Annual Symposium on Pliant Implementation and Concepts (ASPIC 2001) Paris, France.
April 23 - April 27, 2001. Linux Expo Road Show Eastern Europe.
April 24 - April 26, 2001. Linux Africa Kyalami Exhibition & Conference Centre, Johannesburg, South Africa
May 8, 2001. Linux@work Copenhagen, Denmark.
May 9, 2001. Linux@work Oslo, Norway.
May 9 - May 10, 2001. Linux Expo Brazil São Paulo - Anhembi - Palácio das Convenções.
May 10, 2001. Linux@work Stockholm, Sweden.
May 11, 2001. Linux@work Helsinki, Finland.
May 15, 2001. Linux@work Frankfurt, Germany.
May 15 - May 18, 2001. Linux Expo China Shanghai Mart, Shanghai, China.
May 16, 2001. Linux@work Zurich, Switzerland.
May 17, 2001. Linux@work Milan, Italy.
May 18, 2001. Linux@work Vienna, Austria.
May 20 - May 23, 2001. eXtreme Programming - XP2001 Villasimius, Cagliari, Sardinia, Italy.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

Web sites

Italian Linux portal LinuxValley reorganizes. LinuxValley sent in a press release announcing recent updates to their site. The changes give this Italian Linux portal a decidedly professional look.

User Group News

Linux activity in Assen (Netherlands). On Saturday March 17, 2001 the Linux Users Group of HCC department Groningen will be present in Assen, from 10:00 until around 17:00. The meeting (free entrance) is in the usual location: De Schulp, Buizerdstraat 10, Assen.

Programming in Perl. The Haifa Linux Club presents a Programming in Perl lecture series. The series will start on Monday March 26, 2001. The audience is not required to have previous knowledge of Perl, but a general knowledge of programming is considered mandatory.

Bergen Linux User Group. BLUG sent us information about their next 2 meetings. On March 29, 2001 at 7pm in Stort auditorium, Høyteknologisenteret, Thormøhlens gate 55, Bergen, Norway, Vidar Madsen, author of GIMPressionist, a GIMP "painting generator" plugin, will lecture and demonstrate GIMPery. For the April meeting, to be held on Thursday, April 26 Alan Cox will be visiting, to lecture on Linux matters.

LUG Events: March 15 - March 29, 2001.
Date Event Location
March 15, 2001. Linux User Support Team, Taegu (LUST-T) Taegu, Korea.
March 15, 2001. South Mississippi Linux Users Group (SMLUG) Barnes & Noble, Gulfport, Mississippi.
March 15, 2001. St. Louis Unix Users Group (SLUUG) - Linux SIG St. Louis County Library, Indian Trails Branch, St. Louis, Missouri.
March 17, 2001. North Texas Linux Users Group (NTLUG) Nokia Centre, Irving, Texas.
March 17, 2001. Silicon Valley Linux Users Group Installfest Computer Literacy Bookshop, San Jose, CA.
March 17, 2001. Eugene Unix and GNU/Linux User Group Eugene, Oregon.
March 18, 2001. Beachside Linux User Group Conway, South Carolina.
March 18, 2001. Linux Users' Group of Davis (LUGOD) Installfest Davis, CA.
March 19, 2001. Haifa Linux Club Technion CS dept. building, Haifa, Israel.
March 19, 2001. Linux Users' Group of Davis (LUGOD) Z-World, Davis, CA.
March 20, 2001. Linux Stammtisch Bandersnatch Brew Pub, Tempe, AZ.
March 20, 2001. Kansas City Linux Users Group DemoDay (KCLUG) Kansas City Public Library, Kansas City, MO.
March 20, 2001. Bay Area Linux User Group (BALUG) Four Seas Restaurant, Chinatown, San Francisco.
March 21, 2001. Arizona State University Linux Users Group (ASULUG) Tempe, AZ.
March 21, 2001. Linux User Group of Groningen Groningen, Netherlands.
March 21, 2001. Central Iowa Linux Users Group (CIALUG) West Des Moines, IA.
March 22, 2001. Hazelwood LUG Installfest planning Prairie Commons Branch Library, Hazelwood, Missouri.
March 23, 2001. Rock River Linux Users Group (RRLUG) Rockford College, Rockford, Illinois.
March 24, 2001. St. Louis and Hazelwood LUG Installfest Westchase Park, St. Louis, MO.
March 24, 2001. Consortium of All Bay Area Linux (CABAL) Menlo Park, California.
March 27, 2001. West Side Phoenix Linux Users Group (PLUG) Glendale Community College, Glendale, AZ.
March 27, 2001. Hazelwood Linux User Group (HZLUG) Prairie Commons Branch Library, Hazelwood, Missouri.
March 28, 2001. Linux User Group of Assen Assen, Netherlands.
March 29, 2001. Bergen Linux User Group (BLUG) Bergen, Norway.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

March 15, 2001



Software Announcements

Here are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways:

The Alphabetical List and Sorted by license


Our software announcements are provided courtesy of FreshMeat


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Linux History page.

This week in Linux history

Five years ago: the second "NCSU Linux Expo" was announced. There were no specific speakers named, and attendance cost all of two dollars.

Also announced was Red Hat 3.0.3. It included a bleeding-edge 1.3.57 kernel, RPM 2.0, and a number of other goodies.

Three years ago (March 19, 1998 LWN): Bruce Perens resigned as the leader of the Debian Project. Said Bruce:

I'm sorry it had to be this way, but I feel that my mission to bring free software to the masses really isn't compatible with Debian any longer, and that I should be working with one of the more mainstream Linux distributions.

He never did end up working with a "more mainstream" distribution, though...

Debian, meanwhile, went into code freeze for its 2.0 release.

Eric Allman announced the creation of Sendmail, Inc., which would seek to make money from the sendmail system.

The GIMP 1.0 release was delayed, not for the last time.

Two years ago (March 18, 1999 LWN): Apple announced that parts of its upcoming OSX would be released under an open source license. Those parts, of course, were mostly the BSD core, which were already available under a free license. Apple, however, created its own "Apple Public Source License," which, after some tweaks, got the Open Source Initiative's seal of approval as "open source." Bruce Perens immediately objected, and posted a complaint, coauthored by Wichert Akkerman, and Ian Jackson. Richard Stallman also complained. The objections mostly centered around a notification requirement for changes, and a clause allowing Apple to revoke the license at any time.

The Open Source Initiative responded with a note of its own:

The OSI stands behind its endorsement, applauds Apple's vision, and confidently expects the APSL terms will serve as a model for the open-sourcing of other Apple technologies -- perhaps, indeed, for the open-sourcing of operating systems from other computer systems manufacturers now that Apple has taken the first groundbreaking step.

The Apple issue eventually faded away - and the APSL certainly has not served as a model for too many other releases. But this event perhaps marks the beginning of a new phase in the open disagreement between the "open source" and "free software" camps - things only got uglier from there.

Raymond's cozy relationship with big business has caused a rift with Perens, who has been vocal in his criticism of things he sees as detrimental to the philosophy of the free software movement, championed by such people as Richard Stallman of the Free Software Foundation.

In February, Perens stepped down from his position on the board of the Open Software Initiative, a group that he founded with Raymond.

Press reports attributed the division to an argument in which Perens referred to book publisher Tim O'Reilly -- an advocate for open-source software -- as "one of the leading parasites of the free software community." -- Wired News.

Linux-Mandrake merged with the BeroLinux project. Conectiva Linux 3.0 was released.

Linux Expo was putting out announcements again. The fifth (and last) Linux Expo featured Red Hat's Bob Young as the keynote speaker.

One year ago (March 16, 2000 LWN): version 1.1 of the GNU Free Documentation License (FDL) was released. One year later, there does not appear to have been a great deal of documentation released under this license.

XFree86 4.0 was released, finally. This release, too, has taken a long time to work its way into widespread use - but it's getting there.

Trustix Secure Linux 1.0 was released, as was FreeBSD 4.0 and ROCK Linux 1.3.8. The first alpha release of Apache 2.0 was made available; one year later, the release is called 2.0.14 - but it's still an alpha release.

Linus announced another pre-2.4 code freeze. This one, too, would prove rather soft, and the real 2.4 release was a good nine months away, still.

Simson Garfinkel predicted a flood of Linux viruses:

No, what's stopped the spread of viruses on the Linux platform isn't technology, but the lack of interest from the virus writers. Why write a Linux virus when the same skills will let you bring up a new web-site and become a millionaire in just a few weeks? But if the economy goes south, we're likely to see a suddenly bloom of viruses from out-of-work overachievers.

If he's right, that virus flood should show up any day now....

March 15, 2001


 Main page
 On the Desktop
 Linux in the news
 Linux History

See also: last week's Letters page.

Letters to the editor

Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.

March 15, 2001

From: "Kapil H. Paranjape" (user: kapil host: imsc.ernet.in)
Date: Mon, 12 Mar 2001 12:12:44 +0530
To: letters@lwn.net, greve@gnu.org
Subject: Does free mean "free from" or "free to"?


While there is a lot of discussion on the "free beer" versus "free
speech" distinction along with the emphasis on free as in "freedom",
there is perhaps not enough said about the *duties* that go with
freedom. In High School civics (in India) the fundamental rights of
people were always tied to the fundamental duties---there's that
uncomfortable "d" word again.

One of the duties that goes with free (mukta) software is that of climbing
the learning curve. Users should be continually encouraged to step beyond
the boundaries of their current knowledge---not sit tight in beautifully
designed boxes of their favourite desktop/window manager/user interface. I
have yet to see an interface that encourages such exploration the way
(for example) adventure and nethack do at the level of games.

When we emphasise the development of software that makes computers easy
to use we should also beware that this should not lead to the "computer
is a toaster" analogy that many proprietary vendors like to promote.
Let us not bring more users into the free software fold by telling them
that life is easier here--rather that there are more opportunities to
use ones' abilities to the creative fullest.

Unfortunately, as long there will be people willing to "take the easy
way", there will also be a MicroSoft that leads them to a beautifully
decorated creative dead-end.


Date: Thu, 8 Mar 2001 12:18:29 +0000
To: letters@lwn.net
Subject: Mozilla Matters
From: home@alexhudson.com

RE: Luke Subert, 'Will Mozilla 1.1.1 be released in 2001?', 2/3/2001.

How Mr Subert is able to talk of the 'slow pace of Mozilla development'
defies belief. For anyone who has been using the software, the rapid
advancement (particularly noticable recently with the 0.8 release) is
obvious, and to further state that Mozilla 'will [not be ready] until
[release] 1.1.1' is bordering on ridiculous. Can I ask if Mr. Subert has
used Mozilla? It is now my primary browser, and I can say I am very happy
with it.

To further compare Mozilla to other browsers shows Mr. Subert's lack of
actual usages of these products. Mozilla compares very well to Galeon (it
should do, Galeon is based on Mozilla!), and already is more feature-rich
than either Konq or Opera (no disrespect to those browsers). Further,
Mozilla is being used in more and more projects (Galeon, as mention,
SkipStone, as well as a host of Gnome projects using Mozembed, and
countless others). Mozilla is in far wider use than Mr. Subert obviously
recognises, and is not only complying with standards, but setting them also
(witness XBL 1.0, for example).

I suggest Mr Subert downloads the current 0.8 build of Mozilla (or perhaps
wait for 0.8.1, or 0.9) and actually try it. Try building Galeon with it. I
think he would be surprised. Let's get off the Mozilla teams' back, shall
we? Try the software, it's actually really rather good :-)

Kind regards,

Alex Hudson.
From: "Matt.Wilkie" <Matt.Wilkie@gov.yk.ca>
To: editor@lwn.net
Subject: RE: Free Software has forgotten release often?
Date: Thu, 8 Mar 2001 17:47:13 -0800 

> While free software has many advantages, many projects 
> seem to have forgotten the "release often" rule. Long 
> cycles for projects like Mozilla (4 years to the 1.0 
> release) and GIMP (2 years between 1.0 and the next major 
> release of 1.2) leave ordinary users wondering just where 
> the added value of open source really lives. 


There is a new release of Mozilla every day via the nightly 
tarballs if you like the leading edge, and if you prefer a 
little more stability, more or less quarterly milestones (now
minor dot releases). I don't follow GIMP development as 
closely; I've only upgraded my installation four or five times 
in the last twelve months.

Yes I wish Mozilla was "done". Yes I wish for a couple of
new GIMP features (not that can think of many). However I'm
quite willing to trundle along with not quite perfect 
versions while the coders sweating in the smithy bang away,
folding the metal over a hundred times to build the best 
possible edge. Not that I'm above the occasional whiny "are 
we there yet?" ;-)

The proprietary softwares I make my livelihood with have
fairly regular "releases" about every 18 months or so. 
For minor programs it is standard policy to wait an extra 
6 months to a year before forking out the dough ("never 
buy a .0 version"). For our major program (ArcInfo) we 
pay the multi-thousand dollar yearly support fees and get
the latest and greatest. However we've been using the last
major version for about a year, and we -still- haven't
rolled it out into production use because it's too slow 
and crash prone. In my grumpy opinion it's still a beta
version (feature complete but not stable or optimised) and 
should be labeled as such.

So, version numbers can be a useful tool when wielded 
appropriately. Unfortunately too many major players in the
industry play fast and loose with them so they don't really
mean much anymore, if they ever did.


These are my own opinions and do not necessarily represent
my employer.
From: Anton Ertl <anton@a0.complang.tuwien.ac.at>
Subject: What is a Linux Distribution?
To: letters@lwn.net
Date: Sun, 11 Mar 2001 10:34:57 +0100 (MET)

To me a "Linux" system feels quite different from a plain NetBSD
system (as well as out-of-the-box proprietary Unices), mainly because
a typical "Linux" distribution is a GNU distribution and thus offers
many practical commands and command features that non-GNU systems

And I use these features quite frequently, as I noticed when I worked
on a NetBSD system: I had problems on most commands I entered, because
I used some GNUicism (starting with bash features).

OTOH, a proprietary Unix with lots of GNU packages installed feels
much more familiar.

Strangely, even tomsrtbt, which replaces many of the GNU tools with
smaller programs, feels much more GNU/Linux-ish than other Unices do

- anton
To: letters@lwn.net
Subject: Debian GNU/Hurd is a ``Linux distribution?''
From: Gordon Matzigkeit <gord@fig.org>
Date: 08 Mar 2001 10:37:56 -0600


   However, we would not call NetBSD a "Linux distribution". Why not?
   Well, to start, the NetBSD folks might very well get offended,
   since they've been around a lot longer than Linux.

You might also find some GNU folks who would be offended at having GNU
called a ``Linux distribution,'' since they've been around a lot longer
than Linux.

Debian GNU/Hurd is free applications (many of which are officially
GNU), running on the GNU C Library, on the GNU Hurd kernel servers, on
a GNU variant of the Mach microkernel.

That makes GNU at the very least two out of three of the core system
components you described.  People once argued that you could call
something a ``Linux system'' no matter what its makeup, so long as it
ran the Linux kernel.  Now, it seems, the argument is that you can
call it a ``Linux system'' if it shares any applications at all in
common with systems that run Linux kernels (so long as it doesn't have
BSD heritage).  Rationale?

To me, it's a problem of credit, and the unfortunate thing is that
it's probably impossible to reconcile ``Linux camp'' and ``GNU camp''
notions of where credit should lie.  This issue doesn't come up in
proprietary systems, because there's a single vendor who owns the
system, and says what the system is called.

I see the GNU/Linux, and GNU/Hurd designations as a compromise to give
both idealists and kernel hackers credit.  Of course, there could be
other groups who feel underrepresented, but they haven't been as vocal
as the kernelists.  Until I see a better naming proposal, that's the
one I choose to use.

BTW, thanks for your excellent coverage of Debian GNU/Hurd... it's a
high compliment when what I read in LWN makes the issues clearer than
being subscribed to the mailing lists.

 Gordon Matzigkeit <gord@fig.org>  //\ I'm a FIG (http://fig.org/)
Committed to freedom and diversity \// I use GNU (http://fig.org/gnu/)
Subject: What about Domino?
Date: Thu, 8 Mar 2001 16:15:23 -0500
From: "Sightler, Tom" <tsightler@zeusinc.com>
To: <letters@lwn.net>

I'm writing to point out what I believe to be an inaccuracy in the
following statement on the Main Page of your March 8th, 2001 issue.  You
make the following statement:

'OpenMail is the only "enterprise ready," Exchange-compatible mail
server product which is available on Linux. Its demise leaves an
important corporate function with no Linux-based solution; all that's
left is windows-based, proprietary systems - and not very many of

Unless there's been an anouncement that I've missed, Lotus Domino still
fully supports running on Linux, as well as quite a few other platforms
as well.  They also support Microsoft Outlook 98/2000 with their iNotes
Access for Microsoft Outlook product.  I certainly think Domino
qualifies as "enterprise ready" and offers many features that Exchange
does not have.  Domino supports all major internet standards such as
SMTP, POP, IMAP, and LDAP so I don't really see how this makes them a
worse choice than OpenMail (maybe you just liked them because they used

Some have critisized Lotus for supporting their server platform on Linux
without providing a Linux client, but they do at least offer
step-by-step instuction on setting up the Win32 client to run under
Linux by using Wine, which is more than many companies do, and of course
you can use any standard POP or IMAP client for basic email services.

I did like OpenMail very much, but I think Domino on Linux still means
that Linux has can server this very critical corporate function.

Tom Sightler

To: letters@lwn.net
Subject: Source code
From: Ketil Malde <ketil@ii.uib.no>
Date: 09 Mar 2001 08:34:45 +0100


In Leon Brooks' letter concerning the DVD-CCA's threats against
Dr. Touretzky the issue of whether source code can be seen as a
"device" - more specifically, a "circumvention device" - is raised.

I think this issue may have bearing upon more than the DeCSS case, and
that some exploration of the concepts involved could be fruitful.

Clearly, source code in high level languages exists for the benefit of
humans, not computers.  Source code is only a means to express
algorithms in a manner close enough to natural language that humans
can understand them, yet precise enough to not be ambigous.

The compiled, binary (machine) code, on the other hand, exist only so that
together with the appropriate processor and other hardware, some task
can be performed - in other words, the hardware and software form a

Or, to analogize: Source code is the floor plan, machine code is the
building.   Given the former and the right tools, you can construct
the latter, which is actual useful.

The interesting thing is that if this view is accepted, it seems
source code might be a way out of a lot of problems for free
software.  For instance, I find it hard to accept that patents can
apply to anything but the compiled program.  The source code is just
an exact description of the (patented) process involved, you need the
compiled program to actually *perform* the process.

If distributing source code is a breach of the patent, then so must
distributing the actual patent text be, since it contains the same
information!  Surely I don't have to license a patent to read it?

If I haven't seen further, it is by standing in the footprints of giants
To: lwn@lwn.net
Subject: LWN: perltidy
From: Andrew Hilborne <andrew.hilborne@uk.concentric.com>
Date: 12 Mar 2001 18:24:33 +0000


Well, I like what perltidy did to dailystrips: dailystrips is a *real* mess and 
it _appears_ that perltidy didn't break anything...

..except: it wrote an output file by default. Happily it didn't overwrite the
input file, which would have been the greatest of sins, but even this isn't
good enough.

Unix programs should obey the principle of least-surprise, and they should
behave like filters by default. This makes them easier to stitch together in
ways unthought-of by their authors, with the minimum of extra flags. (Another
good rule is that an invocation with no flags should perform the "most common
task." Eg look at pr(1).)

While I'm at it, let me note that, to paraphrase someone from an old Bell Labs
Journal, "Unix is a mute slave: it assumes you know what you're asking for and, 
so long as there are no errors when it does it, doesn't report anything
back. This lets you, the user, get on with the next task as simply as
possible. Many programs break this rule: the BSD Mail program started the
trend, and GNU bc continues it.

I'm sure you know all this stuff, but I wish those who don't would read, for
example, "The Unix Programming Environment," by Kernighan and Pike.


Andrew Hilborne
From: Eric <esr@golux.thyrsus.com>
To: letters@lwn.net
Subject: Thomas Hood's LTE
Date: Thu, 08 Mar 2001 10:46:46 -0800

Thomas Hood's letter describing the goals of the open-source and
free-software movements as "socialistic" is dangerously confused.
"Promoting a social goal" is not the same as "socialism"; the key
difference is whether cooperation is voluntary or not.

In our community, cooperation is voluntary -- we don't force anyone to
write or share software.  Under socialism, if you do not choose to
"cooperate", you will be oppressed, imprisoned, and quite possibly

The difference is important.
		<a href="http://www.tuxedo.org/~esr/">Eric S. Raymond</a>

A wise and frugal government, which shall restrain men from injuring
one another, which shall leave them otherwise free to regulate their
own pursuits of industry and improvement, and shall not take from the
mouth of labor the bread it has earned. This is the sum of good
government, and all that is necessary to close the circle of our
	-- Thomas Jefferson, in his 1801 inaugural address
From: andrew@pimlott.ne.mediaone.net (Andrew Pimlott)
Date: Thu, 8 Mar 2001 13:51:38 -0500
To: Thomas Hood <jdthoodREMOVETHIS@yahoo.co.uk>
Subject: Re: Stallman on Freedom and the American Way

Thomas Hood wrote:
> The GPL is socialistic in that it is designed to promote a social
> goal

You make with this statement both a marvelous insight and a terrific

Your insight is that Free Software is above all a social mission: it
seeks to create a community based on certain ideals (a utopia, if
you will), into which anyone may enter.  It does not (to a first
approximation) seek impose change on any individual or state, beyond
any natural outcome of voluntary choices.  Anyone who doesn't
appreciate this is encouraged to read the GNU Manifesto.

Your blunder is to confound a "social goal" with "socialism".  I am
not prepared to enter into a debate on socialism, but it is
generally considered a political movement, and so is inherently
different from a social movement.  You ascribe to socialism the
tenet, "To each according to his need; from each according to his
ability".  But this is not espoused by the Free Software movement.
Indeed, the Free Software movement is happy to give software to
anyone, independent of need; and does not pressure anyone into
contributing.  It argues that, if you write software, making it free
is the right thing to do; but this is very different.  I challenge
you to find a statement from RMS to the contrary.

The Free Software movement does have a political aspect, I will not
deny (the politial and the social can rarely be separated entirely);
but I believe it is clearly overshadowed by the social aspect (and
also by the philosophical and ethical aspects).

Date: Sat, 10 Mar 2001 18:38:00 -0500
From: Steve Waldman <swaldman@mchange.com>
To: letters@lwn.net
Subject: Thomas Hood on "Stallman on Freedom and the American Way"

In your March 8 2001 letters, Thomas Hood writes:

  I think we should be frank.  There is no point in fighting
  a war of propaganda.  There is no denying the accusation
  that one of the main aims of the free software movement is
  a socialistic one... The goal is to revolutionize the means 
  of production of software and to establish a new mode of 
  software distribution: To each according to his need; from 
  each according to his ability. 

As a software developer who releases code under the GPL, I too 
think we should be frank.

I, like may others in the free software community, am a
filthy capitalist bastard, and offer absolutely no apologies
for that. I hope and expect to derive from my work far more
wealth than I in any sense need, by virtue of fully exploiting
my own abilities.

I participate in the free software community and release code
under GPL out of a carefully calculated self-interest. Proprietary 
software licenses have created a distorted and inefficient market 
for the skills and services that I sell. In the proprietary software
world, success derives largely from incumbency and interoperability 
requirements; from the ability to define and the wherewithal to
enforce crafty licenses, contracts, and patents; from strategic
connections and marketing reach; and (as Mr. Allchin's comments 
underline) from political influence.

As a programmer, I am confident that I can compete successfully in 
fair contests with my peers based on skill. Thus, I am directly 
harmed by a situation where market power, rather than technical 
ability, determines how wealth is allocated in my industry. I am 
also harmed when, to use the tools prerequisite to my trade, I must 
cede rights over my own work to parties that may exact monopoly 
rent from me or my clients, or otherwise interfere with my full 
enjoyment of the fruits of my work.

GPLing code serves my interest in several ways. A vibrant,
copyleft free software community harms powerful incumbents who 
compete against me unfairly. Since what I sell is expertise at 
solving problems, not software that I have already been written, 
it harms me very little to make the code I write generally available. 
No matter how much free software there is, I am not concerned that
the world will run out of software problems to solve. There
would be some harm if my competitors had no-strings-attached 
access to my software tool-set while I was prevented from free
(in both senses) access to theirs. Here the GPL makes for a fair
bargain, a level playing field: you can use mine if I can use yours,
under the same terms. Lastly, but importantly, making code
widely available is excellent marketing, increasing demand for
my services and the rates I can charge.

There is no conflict between the RMS-style, copyleft free software
movement and a very deep capitalism. In fact, the free software
movement is just capitalism working well, destroying through
competition inefficiency and corruption in the marketplace. If 
Thomas Hood and Jim Allchin (strange bedfellow, I'm sure) wish 
to emphaisize analogies to socialism in the free software movement, 
they are entitled to. But the socialism they see is in their own 
eyes; it has little to do with free software itself.

        Steve Waldman

Date: 13 Mar 2001 12:16:08 -0800
To: letters@lwn.net
From: P Jones <pja@justice.com>
Subject: Stallman's Alleged Hidden Agenda

I wish to respond to Mr. Hood's false assertion that Richard Stallman has a
hidden agenda, namely socialism, behind his Free Software Foundation.

I have directly inquired of Mr. Stallman as to his position on this very
issue.  He told me pointblank that he believes in the free enterprise

I have seen Richard accused of being a socialist/communist many times on
various boards.  This is not true, and he has denied it publicly, on
Slashdot, to mention one forum.  It wasn't until I read Mr. Allchin's
remarks that I began to seriously wonder if there is an organized campaign
to misrepresent Stallman's views, as in FUD. While I cannot speak
authoritatively on this, obviously, my warning bells are going off and I
think everyone else should be on the alert as well.

I think it is important to respond and assert the truth.  No one should be
able to casually slander a man just for fun.  Not for profit either.  A
public forum isn't the same as a private dinner party conversation, where
any number of foolish things can be said, and often are, without serious
consequence. But when you publicly defame someone, as Mr. Hood did, he
ought to at least provide some proof of his opinion. He certainly did not
do so. Nor can he, because what he wrote is not founded on truth, though he
may not know it, having been himself influenced by what I now suspect is a
campaign of vilification.  Richard Stallman isn't a socialist. Period.
There is no hidden agenda.

If there is one thing that *can* be authoritatively stated it is that
Richard Stallman has *nothing* hidden. His views are well known.  He isn't
a politician.  He writes software.  He encourages the use of and openly
promotes free software, free as in speech.  Selling the software is fine
with him, and he does so himself.  What Stallman wrote in response to
Mr. Allchin's remarks on the American Way came from his heart.  That is who
he is and what he believes.  To accuse him of lying, which is in essence
what Mr. Hood wrote, is calumny, and you really ought not to have printed
Mr. Hood's letter.  It was irresponsible, in my opinion.  Yours is not an
open forum, like Slashdot's, where all kinds of idiotic comments can be
posted (and are).  Because you have editorial oversight of what is posted
on your site, you are responsible for what is posted. I hope you will find
a way to correct the error and that you will be more careful in the future.
A man's reputation is a very precious thing.

P. Jones <pja@nospamjustice.com> 

FindLaw - Free Case Law, Jobs, Library, Community
Get your FREE @JUSTICE.COM email!
Eklektix, Inc. Linux powered! Copyright © 2001 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds