Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsBad relations between MySQL and NuSphere. NuSphere, a subsidiary of Progress Software, has been working over the last year to make a living through the commercialization of the free MySQL database. To that end, NuSphere entered into an agreement with MySQL AB, the company created by the original authors of MySQL. The actual agreement is not public, but it involved NuSphere adding a number of high-end features to MySQL, and the ability of NuSphere to base products on MySQL. The two companies have evidently not seen eye to eye for some time, but, until recently, the dispute has been handled quietly. No more. NuSphere has filed suit against MySQL AB for "breach of contract, tortious interference with third party contracts and relationships and unfair competition." The legal proceedings did not set off MySQL AB, however, as much as NuSphere's launch of MySQL.org. That site, intended by NuSphere as a community resource independent of MySQL AB, hit the MySQL folks a little too close to home. They greeted the site with a strongly-worded press release entitled MYSQL COMMUNITY THREATENED BY OBSCURE .ORG WEBSITE: Marten Mickos, newly appointed CEO of MySQL AB, commented "We consider operating the mysql.ORG site illegal activity and we are taking steps to enforce our trademark and other rights."
Nusphere's response, in the form of a press release announcing MySQL.org, was not a whole lot better: MySQL.org is designed to more clearly separate church and state for the MySQL community. Developers will not encounter licensing demands or sales calls with MySQL.org, as they may with the MySQL.com Web site,' said Britt Johnston, chief technology officer, NuSphere.
Mr. Johnston was not able to provide us with any examples of "licensing demands or sales calls" resulting from use of the MySQL.com site. MySQL.org, however, is just the tip of an iceberg of disputes that includes:
The trademark issue has the look of something that could become a perennial problem for the free software community. Is a piece of software truly free if its name is not? This issue has come up before (i.e. ssh), and will again. The desire of software authors and companies to control the names they use is understandable, but an excess of trademarks could make a minefield for the free software community in the same way as software patents. This is an important and unresolved problem. The GPL issues are also relevant. Violations of the GPL are always a problem, and it is good that NuSphere has, for now, moved back into compliance. But what about NuSphere's charge against MySQL AB? According to NuSphere CTO Britt Johnston, the company's complaint centers around the following requirement, as seen on the MySQL AB policy page: A [commercial] license is required if... You have a commercial application that ONLY works with MySQL and ships the application with the MySQL server. This is because we view this as linking even if it is done over the network This is the old boundary issue in a new form: what, exactly, distinguishes "linking" from "aggregation"? That question, too, will return to haunt us, and it may have to be resolved in court. That, of course, would be unfortunate; judges are not necessarily well qualified to make that kind of determination. The real problem for MySQL users, though, could well be that people see this dispute and decide to use a different free database system (i.e. PostgreSQL or InterBase) instead. After all, if the developers are busy fighting each other instead of hacking and claims of licensing violations are flying, why not use another (entirely capable) system where life appears calmer? This dispute, if it continues, could result in a fork of the MySQL code, slowed development, and a reduced user community. None of that would be good. So it is encouraging to see some attempts being made to defuse the situation. MySQL AB has published an open invitation to NuSphere to talk about and resolve the problems. NuSphere's response is (mostly) positive, and the two companies are apparently scheduled to talk on July 20. With luck, they will manage to bring an end to a fight that can not do either of them, or the free software community, any good. The DMCA strikes again. Dmitry Sklyarov came over to "the land of the free" from Russia to speak at Defcon in Las Vegas. He was probably a little surprised to find himself arrested by the FBI and facing charges that could land him in prison for the next five years. The U.S. Attorney's Office was so pleased with itself that it issued a press release proclaiming the arrest. The crime Mr. Sklyarov is charged with is heinous indeed: he worked on a Russian commercial software product which allows people to copy and read files in the proprietary Adobe "eBook" format. The eBook format allows for highly restrictive control of copyrighted materials. It can only be processed by an Adobe eBook reader, and only on one computer. It can not be copied, printed, or excerpted. Many of the activities commonly seen as "fair use" are disallowed by this format. One could argue that the "Advanced eBook Processor" simply allows eBook customers to exercise their fair use rights. Adobe, of course, argues that it is a "circumvention device" which must be suppressed. The nature of the Digital Millennium Copyright Act does not get much clearer than this: write a program that interprets a proprietary file format, and you'll go to jail. For years. It is a serious threat to free software, and to civil liberties in the U.S. in general. Or even outside the U.S.: Mr. Sklyarov wrote his code for a Russian company - and the code is legal there. Like the DVD case, this prosecution will be an important one for the future of fair use and programming rights in the U.S. We'll be keeping an eye on it. Meanwhile, for further information, see:
There is also a Free Sklyarov mailing list, set up by Seth David Schoen, for those interested in following this situation. Conferences next week. The O'Reilly Open Source Convention starts in San Diego on July 23. Numerous prominent free software developers will be there. We'll also get to hear from Microsoft's Craig Mundie on the joys of "shared source." It may not be the friendliest reception he's ever encountered... Meanwhile, the Ottawa Linux Symposium starts up in, strangely enough, Ottawa on July 25. OLS is a smaller, development-oriented conference limited to 500 attendees. If past events are any guide, neither highly technical talk nor beer will be lacking. LWN will be present at both events; watch our pages for information from the show floors. Followup on .NET alternatives. Of course, the article last week on .NET alternatives did not manage to get them all. We're a little embarrassed at what got left out, actually. Here's a few other projects to look at, for those who are interested in what is happening in this space.
No doubt there are others worthy of a mention. Suffice to say the community is not standing still and letting the new net pass it by. It remains to be seen, however, whether any of these efforts will succeed in establishing itself as a standard. Doing that requires more than just a set of good technical ideas. Inside this LWN.net weekly edition:
This Week's LWN was brought to you by:
|
July 19, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Security page. |
SecurityNews and EditorialsNIST gives away vulnerability database. The National Institute for Standards Technology announced this week that they are giving away their vulnerability database, free for public use. The data is being provided on a royalty-free basis, for inclusion in both proprietary and free products. Check the ICAT home-page for more details. Note that the data is provided as a Microsoft Access 2000 file. Hopefully someone will massage it into a more friendly, open format in the near future. Snort: Planning IDS for Your Enterprise (Linux Journal). The Snort Intrusion Detection System gets a look in this Linux Journal article. "Snort is often referred to as a lightweight intrusion detection system. Snort is labeled lightweight because it is designed primarily for small network segments. Snort is very flexible due to its rule-based architecture. The designers of Snort have made it very easy to insert and expand upon rules as new security threats are detected". This month's CRYPTO-GRAM newsletter. Bruce Schneier's CRYPTO-GRAM Newsletter for July is out. The main topics of interest this month are Internet-based telephony (and the associated security risks) and security monitoring. Also from Bruce this month is a a copy of his written testimony provided for the Senate Subcommittee on E-consumer Science, Technology and Space. The favorite quote of the week is, of course, this one: What will happen when the CFO looks at his premium and realizes that it will go down 50 percent if he gets rid of all his insecure Windows operating systems and replaces them with a secure version of Linux? The choice of which operating system to use will no longer be 100 percent technical.
In addition, however, many of his other comments are also worth reviewing, including his belief that the Internet will never be secure, but will, in fact, grow less secure. He emphasizes that automatic security will always be flawed and human intervention required. Which Is More Secure? -- Open Source Vs. Proprietary (Interactive Week). Jeremy Allison provides the open source argument in this two-sided story on Security from Interactive Week. "Most often, a security alert is issued for a proprietary software package once a cracker has created and published an exploit to take advantage of a problem. Most open source security alerts are issued because of third-party audits, not published exploits, and an alert is published in the spirit of openness to notify any users of the broken software about upgrades." PortSentry (Linux Journal). Linux Journal looks at PortSentry and LogCheck, two tools in the arsenal of security. "Once a host is targeted by an attacker, a port scan is almost always performed. The port scan is done to expose all services available on the target host and to provide a starting point for break-in attempts. PortSentry detects such scans by monitoring the unused ports on the host. " Security ReportsLinux init default umask vulnerability. Linux kernel versions 2.4.3 through 2.4.6 create the init process with a default umask of 0000. If a specific Linux distribution does not explicitly change this umask, this vulnerability can be exploited locally to gain root privileges. Check BugTraq ID 3031 for more details.Adding 'umask 022' to the beginning of the rc.sysinit file will resolve the problem, which has been fixed as of 2.4.7pre7. CERT security advisory for LDAP. CERT has issued a security advisory describing denial of service and remote compromise vulnerabilities in numerous LDAP servers, including OpenLDAP. CERT does not normally get into the picture until problems are being actively exploited, so, if you're running LDAP, it's probably worth taking a look and doing a quick update.Vulnerable versions of OpenLDAP include 1.x prior to 1.2.12 and 2.x prior to 2.0.8. Note that OpenLDAP was only found to be vulnerable to denial-of-service attacks; no remote compromise vulnerabilities were found. Check also BugTraq ID AllCommerce temporary file creation vulnerability. AllCommerce, a Perl and SQL92-based e-commerce application, has been reported to contain a temporary file creation vulnerability. Check also BugTraq ID 3016.
Engarde Secure Linux-specific sudo vulnerability. The default configuration of Engarde can lead to elevated privileges for accounts included in the admin group. They have issued an advisory and recommended workarounds. Check also BugTraq ID 3019.vipw insecure file permissions vulnerability. Red Hat has issued an advisory for vipw in Red Hat 7.1. If vipw is used to edit the /etc/shadow file, the modified file will be saved with improper permissions. Check also BugTraq ID 3036.Slackware /var/man permissions vulnerability. Slackware 8.0 and earlier has been reported to contain a vulnerability due to the permissions shipped by default on the /var/man/cat* directories. These directories are shipped with permissions "1777", allowing world-write access. Using symlinks, this access can be exploited to overwrite files owned by the person running the man command. In particular, if man is run by root, this can be exploited locally to gain root privileges. Modifying the permissions on the directories will close the vulnerability. BugTraq ID 3054.Opera malformed header vulnerabilty. The Opera web browser version 5.0 for Linux has been reported to have difficulties handling malformed headers. As a result, this can be exploited by malicious webmasters to cause the browser to crash. No response from Opera has been seen so far.web scripts. The following web scripts were reported to contain vulnerabilities:
Proprietary products. The following proprietary products were reported to contain vulnerabilities:
UpdatesOpenSSL Pseudo-random number generator weakness. Check the July 12th LWN Security Summary for the original report or BugTraq ID 3004. This week's updates: Previous updates:cfingerd buffer overflow and format string vulnerabilities. Check the June 28th LWN Security Summary for the original report or BugTraq ID 2914. These vulnerabilities can be exploited locally to gain elevated privileges, possibly including root access.This week's updates: fetchmail buffer overflow. Check the June 21st LWN Security Summary for the original report. This is remotely exploitable and could lead to root access if fetchmail is run by root. An upgrade to fetchmail 5.8.6 will resolve the problem.This week's updates:
Horde IMP Message Attachment symbolic link vulnerability. Check the June 7th, 2001 LWN Security Summary for the initial report (or BugTraq ID 2805). Horde Imp versions prior to 2.2.5 contain this vulnerability, which stems from the use of the PHP tempnam function for creating temporary files. Upgrading to Imp 2.2.5 and PHP 4.0.5 is recommended.This week's updates: elm alternate folder buffer overflow. Check the March 1st LWN Security Summary for the initial report. Elm 2.5 PL3 was impacted. The problem was fixed in elm 2.5.4. Updated versions of elm are available. Check BugTraq ID 2403 for more details.This week's updates:
Multiple buffer overflows in tcpdump. Multiple buffer overflows in tcpdump were reported in our November 2nd, 2000 edition. Check also BugTraq ID 1870This week's updates:
Events10th Usenix Security Symposium. The 10th Usenix Security Symposium is scheduled for August 13th through the 17th in Washington, D.C. Richard M. Smith, CTO of the Privacy Foundation, will be giving the keynote. Edward W. Felten, Princeton University, and his research team will be presenting a refereed paper on "Reading Between the Lines: Lessons from the SDMI Challenge". Upcoming Security Events.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Liz Coolbaugh |
July 19, 2001
LWN Resources | ||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Kernel page. |
Kernel developmentThe current kernel release is still 2.4.6. Linus's 2.4.7 prepatch is up to 2.4.7pre7, with no word on when a real 2.4.7 release will happen (to say nothing of the much-awaited 2.5.0). Alan Cox, meanwhile, is at 2.4.6ac5. Keeping your processes from wandering. In an ideal world, all processors on an SMP system would be identical, and it would not matter where any particular process runs. Life is different, of course, in the real world. Here, not all processors are the same from a process's point of view. The bottleneck between the processor and memory forces the use of multiple layers of cache memory within each processor itself. By keeping frequently-accessed memory close to the processor, the cache has a major accelerating effect on performance. Often the best performance optimizations don't involve squeezing out instructions or unrolling loops; instead, the best results often come from changing data access patterns to work better with the processor cache. Foremost among those optimizations, certainly, is to avoid trashing the cache completely. But that is what happens when a process moves from one CPU to another. The cache which has been built up in the old CPU does not follow the process to its new home. As a result, the process runs slowly for some time as it fills the cache on the new processor, perhaps forcing out another process's data while it's at it. For this reason, the Linux scheduler tries hard to avoid moving processes between CPUs. Normally it works reasonably well; if two jobs are running on a two-processor system, one would expect each job to stick to one processor. So a group of kernel hackers were surprised when they found a case where processes would continually cycle through all of the processors on a system. Another user reported similar behavior; he found that running a single, compute-intensive process on a two-processor system would actually go faster if he fired up "setiathome" to keep one of the processors occupied. What appears to be happening is this: one CPU is happily running a process (we'll call it "p1") when it does something that makes another process ("p2") runnable. The scheduler decides that p2 should execute on a different CPU, so it sends an "inter-processor interrupt" to force the other CPU to go into the scheduler and pick up the new task. All appears to have been properly arranged, and the scheduler on the original CPU returns to the original process (p1) that was running there. That process, however, quickly hits a stopping point, forcing a new scheduling decision. Because inter-processor interrupts take a while, p2 still has not started running on its intended CPU. Instead, the first CPU sees p2 ready to go, and starts running it. When p1 again becomes runnable, it will find that p2 has taken its place; it's p1 that gets booted out of its processor and has to move to a new home with a cold, unwelcoming cache. With the right kind of load, that sequence of events can happen over and over, causing processes to move frequently through the system. The result is poor performance, bad benchmark results, and an increase in "Linux sucks" posts on the net. The fix, as posted by Hubertus Franke, is to mark a process when it is decided that said process will run on a different CPU. Other processors will not attempt to run a process marked in this way, while the target processor will make a point of running it. The fix removes the race condition between the two processors, and restores a bit of stability in this particular case. Of course, being a scheduler change, it may well make things worse for some other type of load, but nobody has identified that load yet... Journaling filesystems are slower? While nobody disputes the benefits provided by journaling filesystems, the generally-accepted wisdom seems to be that journaling necessarily slows things down. After all, a journaling filesystem adds the overhead of maintaining the journal and very carefully serializing operations to preserve the integrity of the filesystem at all times. That extra work costs. It turns out, however, that there is an important class of applications for which a journaling filesystem can be faster. Certain applications need to know when data written to the disk is actually committed to the platter; usually they are working with explicit data ordering constraints of their own. Such applications will use one of the synchronous write operations in the filesystem to enforce these constraints. Database systems can operate in this mode. The NFS protocol also requires that a (strictly conforming) NFS server also perform synchronous writes. A synchronous write operation can cause several disk head seeks, as the data and associated metadata are updated. And that, of course, can take a while. When journaling is in use, however, the story is different. Once all of the relevant data is in the journal, the filesystem can report a synchronous write as being complete; the full writeback can then happen at leisure, since the data is safe in the journal. And the journal, of course, is laid out on a contiguous piece of the disk. Journaling, thus, removes the head seeks from synchronous writes and eliminates much of the latency from those operations. With some preliminary tests using ext3 and knfsd, performance was reported to be 1.5 times better. Journaling is not only safer; it may even be faster. Cleaning out the right zones. Marcelo Tosatti has been working on a patch which provides detailed information on how the memory management system is working in the 2.4 kernel. After all, the various efforts to improve memory management can only be helped by having a view of what is actually going on. One of the first results that Marcelo has found is that the code that tries to free up pages in response to memory shortages is often not looking in the right place. Linux divides physical memory into multiple "zones," each of which has different physical characteristics; for example, the DMA zone contains memory that may be used for DMA operations to ISA devices. (See the June 7 kernel page for a more detailed discussion of zones.) Memory allocation can be requested from one or more zones in particular. Often, only a specific zone will do for a particular request. The problem is that, while the kernel allocates memory from specific zones, it does not take zones into account when freeing memory. Instead, it blindly passes through memory freeing anything that looks useful. As a result, the kernel could be freeing memory (i.e. taking it from processes that could use it) that belongs to a zone that already has plenty of free memory and does not need any more. Meanwhile, another zone could be under tremendous pressure which is not helped in any way by freeing memory from the first zone. This sort of behavior has been suspected in the past, but Marcelo's instrumentation has shown that it really happens. So what is to be done but make a new patch which causes the kernel to go after pages belonging to the specific zones that are feeling pressure? Evidently some sorts of deadlock problems have already been solved by this patch. It will see some reworking (Linus had some quibbles with the implementation), but this one looks destined for a 2.4 kernel sometime soon. (See also: Dave McCracken's patch for a silly swapping bug that would prevent the use of high memory for swap reads; this one, too, could be responsible for a lot of problems.) Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
July 19, 2001 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsNew DistributionsWhile Liz Coolbaugh was on vacation, reader/contributor Fred Mobach was still hard at work. He sent in so many new distributions for inclusion on our distributions list that we were only able to partially process them for this week's edition. The rest will show up next week.
Distribution NewsRed Hat News. We mentioned last week that Red Hat 7.1 for the Itanium was released. Along with that, we failed to provide a pointer to the release notes and to both mirrors and a Red Hat/IA64-specific mailing list. Judging by the conversations this past week on the Red Hat Seawolf mailing list, the "more secure" defaults of Red Hat 7.1 have ruffled a few favors. In this case, sendmail users should note that although a default sendmail.cf file is provided in Red Hat 7.1, it will look only at the loopback device. This is apparently documented in the Release Notes, but is easy to miss. If you're planning on upgrading to Red Hat 7.1 anytime in the near future, particularly via a fresh, full install, start walking through the release notes now to watch out for similar pitfalls. We sympathize, but a more secure default installation is the right way to go. Linux-Mandrake News. The July 9th issue of the Linux-Mandrake Community Newsletter announces the availability of Mandrake Linux 8.0 ProSuite Edition, a version of Linux-Mandrake designed specifically for small and medium-sized businesses. In addition, the PPC Beta mailing list has a new web archive. Their business case of the week takes a look at the Hotel Jan II Sobieski in Poland, which we covered in February of 2000 in this article, originally published in Linux Plus and translated to English by Pawel Moszumanski. Also announced this month was the new MandrakeExpert of the Month contest. As per the name, they will be rewarding the best voluntary expert from MandrakeExpert.com. Hardware prizes will be awarded and winners may be authorized to receive payments for their responses. Debian News. This week's Debian Weekly News reports plans to add capabilities support to Debian by default. It also covers the status of release-critical bugs that need to be fixed as part of the current Debian freeze. Check it out also for the latest debian art, BugSquash party reports and Debian Day at LinuxTag 2001. Meanwhile, on the Hurd front, the Kernel Cousin Debian Hurd for July 17th reports some good bug fixes, progress on the F3 CDs, raising the Hurd profile and why the HURD will be POSIX-compliant but not always UNIX API-compliant. Don't expect it to be LSB-compliant either, folks ... Slackware News. Although the Intel Changelog for Slackware has been quiescent since Slackware 8.0 was announced on June 30th, the Alpha Changelog finally started registering new modifications on July 17th, the first activity there since May 31st. Presumably, after a well-earned vacation, the Slackware team is back to finish off the non-Intel ports of Slackware 8.0. In this case, e2fsprogs was upgraded to 1.22, procinfo was upgraded to -18, psmisc was upgraded to -20.1 and bugfixes went into gpm, procps, in.comsat, and netconfig.color. Also seeing upgrades this past week were man-pages, vim, automake, mutt and wget. Unmaintained postscript docs were removed. No activity has been posted for the Sparc port since June 1st. EnGarde Secure Linux News. The first edition of the EnGarde Secure Linux Newsbrief is out. The Newsbrief is intended to be a monthly newsletter describing EnGarde development, news, tips, etc. It's even available in Italian, Spanish, Chinese, and Croatian. We're again pleased to see another distribution stepping forward to keep their customers better informed (it makes our job easier, too ...). Unfortunately, the inaugural issue had more generalities than specifics. The next full release of Engarde Secure Linux will be coming "this fall" and readers are directed to the mailing lists and IRC groups to dig up their own specifics. Scyld Beowulf News. Scyld Computing Corporation has announced the release of Scyld Beowulf Professional Edition. This version includes a great many new features, including increased hardware support, a batch queue system, and automatic node addition. "New enhancements on the latest Professional Version include, full Alpha support including simplified installation tools, full Myrinet and Gigabit Ethernet support, the Scyld Beowulf Batch Queue system (BBQ), automatic node addition, web based administration and job monitoring, advanced hardware health and status monitoring, Parallel Virtual File System (PVFS), NFSv3, and ROMIO file systems, library, and much more". Yellow Dog Linux News. The Terra Soft Team will be bringing Camp Yellow Dog to MacWorld this year and they are inviting people to come enjoy a bit of the Colorado Rockies with the team that produces and maintains Yellow Dog Linux. "Terra Soft's booth #1342 will feature a tent, camping chairs, a mountain backdrop, the Terra Soft team in hiking boots, and live acoustic guitar played by the designer of the famed YDL logo. ... 'If you find that your feet are tired and you would enjoy some conversation, we'll have a chair for you at the camp fire,' states Kai Staats, co-founder & CEO of Terra Soft Solutions, Inc." Minor Distribution updates
Distribution ReviewsYellow Dog Linux 2.0. The Duke of URL reviews Yellow Dog Linux 2.0. "Linux is making huge strides on the PowerPC architecture, especially since its supported machines list is much more extensive than OS X's own list. It has a quick interface and all the UNIX tools any user could ever need and want. In addition to this, with OS X being pushed, Apple users seem to be warming up to the *NIXes out there, and just might be more ready for Linux than some Windows users." Section Editor: Liz Coolbaugh |
July 19, 2001
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's On the Desktop page.
|
On The DesktopA better cup o' Java in the morning Java on Linux has never been one of the OS's strong points. Sure, lots of vendors are using Java on Linux for embedded systems, but the desktop user seldom sees these systems. The desktop user mostly uses the Java runtime environment (aka Java RE) found in their browser. And typically, that environment lacks, to be polite, stability. Users often find their Netscape 4.x browsers locking up or crashing outright when running Java applets on various web sites. The problem has been so severe that many users simply disable Java, with the result being that many sites lack the visible information that users are seeking. Fortunately, starting with Netscape 4.0, users have had the ability to use alternative Java RE plugins with their browser. These plugins replace the existing Java RE in Netscape, hopefully providing more stability. Newer browser alternatives including Mozilla and Konqueror also allow for using alternative Java environments. Earlier this month the Blackdown team released a new version of the Java 2 RE Standard Edition, a complete runtime environment that can be used for standalone Java applications which also includes a browser plugin. The Java 1.3.1 FCS release notes say that the package is available in bzip2, Debian and RPM formats but the status page says only the first two are actually available. A search of archives on the mirrors page turns up no RPM packages.
$HOME/.netscape/pluginsdirectory (see the INSTALL file in the Blackdown distribution for complete details). Then all that's necessary is to tell Netscape to use the Java plugin. To do this, select Edit->Preferences to open the Preferences dialog window. Click on the Advanced category and make sure the "Enable Java" and "Enable Java Plugin" buttons are selected. The Plugin option won't be available unless Netscape sees the plugin when it starts up, so you may need to restart Netscape after installing the javaplugin.so plugin. The plugin also has a number of configurable options, such as use with proxies, which can be set using the JavaPluginControlPanel.html page found in the Blackdown Java installation directory. You can verify the plugin has been installed by using the about:plugins feature of Netscape. Performance for the new plugin is hard to measure but overall the stability seems to be improved in the short time we've had to run with the new plugin. LWN.net examines many web sites each week and crashes with Netscape are common. With the new Java plugin installed those crashes have been noticeably reduced. Blackdown, however, is not the only source for Java environments on Linux. IBM has a freely downloadable Java 2 environment as well. Installation instructions are available for this release. Registration is required in order to download the software and you need to agree to certain terms if you plan on redistributing the runtime environment with any software you sell or distribute. Installation using the RPM puts the plugin under /opt (the Blackdown distribution, because it is a simple compressed tar archive, can be placed anywhere). After installing the RPM, you need to install the plugin, just as you did with the Blackdown version: ln -s /opt/IBMJava2-13/jre/bin/javaplugin.so \ $HOME/.netscape/plugins/According to the IBM documentation provided, Red Hat 7.1 requires you work around an issue with the "floating stacks feature" of that release. The plugin will handle this automatically, but if you run the java virtual machine (aka "java") manually, you need to set an environment variable. The documentation states clearly how to handle this situation and the package includes wrapper scripts for dealing with the issue. Testing We tested both plugins with some of the applets found on Sun's Applet Resource site. In the following, a "yes" note reflects a successful test, a "no" means the applet didn't work.
The tests showed that both plugins worked exactly the same, though checking the version of each shows they may come from different code bases: For IBM's Java: mjhammel(tty0)$ ./java -version java version "1.3.0" Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0) Classic VM (build 1.3.0, J2RE 1.3.0 IBM build cx130-20010626 (JIT enabled: jitc))For Blackdown's Java: mjhammel(tty0)$ ./java -version java version "1.3.1" Java(TM) 2 Runtime Environment, Standard Edition (build Blackdown-1.3.1-FCS) Java HotSpot(TM) Client VM (build Blackdown-1.3.1-FCS, mixed mode)For Blackdown Java most failed tests popped up a window stating that the arguments for the applet "couldn't fit into locals", a java.lang.ClassFormatError. The same problem applied to the failed versions under the IBM JVM, but without the pop up window. Interestingly, some tests with the IBM Java RE were run on a Red Hat Linux 7.1 system initially (until we could get them properly installed on the Red Hat Linux 6.1 system where Blackdown had been installed). Here, ImageTest failed on a Red Hat Linux 7.1 system with the IBM Java RE plugin when the rotating Tumbling Duke caused Duke to disappear. This didn't happen on the Red Hat Linux 6.1 box. Something wasn't quite right on 7.1 with IBM Java's image processing features. KDE Report: LinuxTag 2001. KDE Dot News carried a report from LinuxTag this week covering that projects presence at the show. "The well decorated and overcrowded 24 square meter KDE booth and its crew enjoyed the feedback and interest of several thousand visitors, among which remarkably many stopped by to talk to the KDE women team." Mtools: KDE's answer. Last week we mentioned that mtools, the DOS utilities for Linux/Unix systems, has a GTK+ based graphical interface. A KDE fan wrote in stating that KDE has abstracted access to the floppy device, via mtools, using a URL of "floppy:/". This interface seems even more intuitive than the file manager method, though you'll always find users who would argue that point one way or the other.Desktop EnvironmentsKDE 2.2 Release Schedule Update. A new schedule for KDE 2.2 was published this past week. The updates push the release out another 2 weeks to address stability and security issues. Konqueror Gets Text-to-Speech Synthesis. A text-to-speech system is being added to Konqueror, the KDE web and file browser, with the first trial version submitted to CVS. In this first version the new system requires manual selection of text and then manually running the speech synthesis tool. Later these steps will be more automated. Kernel Cousin KDE #17. The benefits of a backported QRichText object from Qt3 into Qt2 has resulted in discussion of a new library for KDE to handle text, tentatively called libkofficetext. This and more are covered in the expanded Kernel Cousin KDE this week. KDE Print framework. Michael Goffioul, author of the new print subsystem in KDE, has posted his slides on the subject which he presented at LinuxTag in Germany. The slides are now available in HTML format. Minutes of the GNOME Board meeting. This week's GNOME Board meeting highlight was the formal agreement on job description, salary, and benefits for the executive director of the GNOME Foundation. The director has apparently been hired, though a name has yet to be released. Office ApplicationsAbiWord weekly news #52. There were various bug fixes noted in this week's AbiWord Weekly News and the mailing lists noted the availability of an english-only thesaurus package along with an attempt at a source tree closing in preparation for the next release, but that attempt met with resistance due to a number of show stopping bugs still to be resolved. Open-source OpenOffice for OS X faces uphill battle (ZDNet). OpenOffice's OS X port is in search of a project lead, according to this ZDNet report. "Hutinger said, it's not as though he's starting from scratch. ``Sun, Patrick Luby [a senior engineer at Sun and former manager for the Mac OS X port who is now working on the Solaris and Linux ports of OpenOffice] and his team have done a lot of the ground work, or should I say all the hard work. They have fixed all the problems with the current tool chain Apple is using.''" Desktop ApplicationsKIllustrator name change. Seeking to resolve the issue with Adobe, KIllustrator's author has reportedly changed the name of the package to Kontour. According to a report from Heise Online (German language, with a BabelFish translation), Adobe won't try to prevent KIllustrator from being distributed as long as that project does change its name. And in other news...A Linux desktop is on the way (ZDNet). This ZDNet commentary provides a set of requirements for the Linux desktop, ranging from better configuration and application installation tools to more productivity tools and even Windows support, that are necessary in order for it to become viable in the marketplace. "While Kmail is nice, and pine will get you by in a pinch, we need a true tool on par with Outlook/Notes. No matter how much I love Linux, I still like Outlook for its integration. And while I have tried Evolution, Magellen and its offspring, none are ready for primetime. Evolution is getting close, but there is still a ways to go. And these tools need a backend server for Mail, Calendar, Address Book, and Collaboration. Until these ripen, a lot of people will never come over." Despite this particular quote, this is mostly a positive piece about the Linux desktop. Libart API documentation. The libart library API has been documented. The documentation includes an example program under GTK+, however some parts of libart are currently missing such as micro tile arrays. CFP: Unix and the desktop. The Netherlands Unix User's Group (NLUUG) is inviting submissions for talks on end user experiences and new developments related to the Unix desktop and multimedia applications. Section Editor: Michael J. Hammel |
July 19, 2001
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Development page. |
Development projectsNews and EditorialsLinux PDAs as Embedded ControllersThe Linux powered PDA has been getting a lot of attention lately. The Linux-PDA and PDA-Linux Quick Reference Guide on the LinuxDevices site lists nine different hardware platforms that currently run Linux and more will certainly show up in time. Normal uses for PDAs include numerous desktop applications such as calendars, memo pads, browsers, games, and the like. Embedded computing would be a natural extension for a palm device. Consider that a typical PDA is an inexpensive, mass produced computer with a graphical display for output and a touch pad or keyboard for input. Most PDAs also include one or more I/O channels for communicating with the outside world. PDAs usually contain a fair amount of RAM as well as flash memory for permanent data storage. PDAs are optimized for low power consumption, making them natural candidates for portable use. Many embedded applications require exactly this set of features. If one were to assemble parts to make an embedded computer with all of the features found in a typical palm device, the hardware price and size would be much larger than the typical $200 to $300 price tag of a palm device. A large amount of hardware engineering talent would be required to reproduce such a platform, making it only practical for high volume projects. Palm devices have the advantage of already being mass-produced for sale to a wide market. Starting and embedded project with mature user interface software is also a big step ahead when compared to a custom designed system. So, instead of assembling a lot of special purpose components into an embedded system, a palm device could be used for the bulk of the system. Special purpose I/O would be the only place where custom hardware and software was required. The list of peripheral ports available on the current palm devices is fairly long. Currently, it is possible to purchase Linux based PDAs with PCMCIA, CompactFlash, RS-232, IrDA, USB, and Bluetooth interfaces. Modem ports are also common PDA peripherals. Interfaces that are not so common are IDE ports, Ethernet adapters, high resolution audio I/O, and cameras. Some of these limitations could be worked around by purchasing or designing adapters for the existing busses, although I/O bandwidth is always a consideration in such designs. Example uses for a palm based embedded system include solar powered remote data loggers, industrial controllers, remote cameras, robotic controllers, wired and wireless data entry terminals, and user interface/controllers for a variety of devices which can be controlled digitally. Disadvantages of palm devices include reliance on another vendor for a critical part, and a fixed form-factor that may not work for some applications. It would be difficult to use a palm device as an MP3 car audio player, for example. The palm device may be too fragile for some applications, but since it is easily replaced, that may not be a big concern. The ability to run Linux is an obvious advantage, all of the power of the device can be accessed by the developer. Mature networking software and a widely understood development platform are also obvious pluses. Of course, no mention of embedded Linux would be complete without mentioning the lack of license fees.
Maybe it's about time to consider what your palm device is capable of doing besides playing games and storing phone numbers. DocumentationLinux Documentation Project Updates. The Linux Documentation Project has updated a number of existing documents. Take a look for all of the latest documentation. Embedded SystemsA Linux-powered humanoid robot. Kawada Industries and the University of Tokyo have produced a humanoid robot powered by a couple of Pentium processors and RTLinux. It can walk, handle stairs, carry items, and recognize faces. Some of the technical details can be found on this page, but it's all in Japanese. A look at the university laboratory's home page (English) shows a number of other robot projects, including a robotic penguin. (Thanks to Maya Tamiya). Linux In The Palm Of Your Hand (TechWeb). This fairly detailed article on Linux PDAs and the embedded market says that Linux on handhelds is a good idea, but standards need to be developed for things like graphical interfaces. "The ELPS currently is available only to consortium members as a draft specification. It will be based in part on the Linux Standard Base, a standard for the Linux desktop and server markets that hasn't been released yet. While the Linux Standard Base nominally specifies X-Windows as the graphical user interface for desktop and server versions of Linux, it's not clear yet how the consortium will handle GUIs for PDAs." Embedded Linux Newsletter for July 12, 2001 (LinuxDevices). This week's Embedded Linux Newsletter includes stories on Java technology for the embedded Linux market, tiny widgets for Nano-X, and the .Net stories of the week. InteroperabilityWine Weekly News number 24. Issue 24 of the Wine Weekly News is out. Topics include accessing serial port dongles, compatibility issues between the win16 and win32 APIs, Wine and sym links, and more. Samba 2.2.1a released. A minor bugfix release of Samba is now available. Version 2.2.1a fixes a Samba PDC bug. This is not a security related release. Network ManagementOpenNMS Update, July 17, 2001. The weekly update for the OpenNMS project is out. This edition includes project status, some extra help for installing OpenNMS 0.8.0, and more. Printing SystemsLPRng 3.7.5. A new version of LPRng, dated June 22, 2001, is available for download. The LPRng web site contains no announcement for this release, but those wishing to play with the latest and greatest version may want to give it a try. System AdministrationAutomating UNIX system administration with Perl (IBM developerWorks). This article from IBM's developerWorks explains how to use Perl and cfengine to automate systems administration tasks for any Linux, BSD or Sun-based system. "Even though you can do with Perl all the things that cfengine does, why would you want to reinvent the wheel? Editing files, for instance, can be a simple one-liner if you want to replace one word with another. When you start allowing for system subtypes, logical system divisions, and all the other miscellaneous factors, your one-liner could end up being 300 lines. Why not do it in cfengine, and produce 100 lines of readable configuration code?" Web-site DevelopmentProcessing WSDL in Python -- an open-source library (IBM developerWorks). This tutorial from IBM developerWorks (subscription required) explains how to use Python for WSDL, the Web Services Description Language. FastIndex search engine. The FastIndex search engine has been released as open source software under the LGPL license. MiscellaneousDotGNU press release. The DotGNU Project (covered in last week's LWN.net Weekly Edition) has issued a press release describing the project and what it plans to accomplish. Section Editor: Forrest Cook |
July 19, 2001
|
|
Programming LanguagesCamlCaml Weekly News for July 10 to 18, 2001. The latest Caml Weekly News is available. Topics include regexp matching, the partial order library, the O'Caml runtime environment, and more. JavaPondering our Linux/Java future (Linux Devices). Jason Briggs discusses possibilities for embedded Java in a Linux Devices guest editorial. "Using your Linux/Java PDA, you bring up a house-controller application which shows a small map of the rooms in your home. You click on the lounge and kitchen areas, then click on the heating icon, then enter a start time. The house-controller app connects to your home services gateway, sending the necessary instructions. The gateway calls the heater in the lounge (a 'model 2' heater) and sets the time it should switch on. The heater in the kitchen is a 'model 1' however, so it only has a simple on/off switch; therefore the gateway will wait until the specified time to send an 'on' signal. " Threading Lightly: Synchronization is not the enemy (IBM developerWorks). Brian Goetz discusses Java thread synchronization in an IBM developerWorks article. "Unlike many other programming languages, the Java Language Specification included explicit support for threading and concurrency. While having language support for concurrency makes it easier to specify and manage constraints on shared data and the timing of operations across threads, it doesn't make the complexities of concurrent programming any easier to understand. This three-part series aims to help programmers understand some of the major issues behind multithreaded programming in the Java language, and in particular to understand the impact of thread safety on Java program performance." LispComp.lang.lisp FAQ project. A new project is underway to update the comp.language.lisp FAQ. Lend a hand if you can. PerlPerl News (use Perl).
The latest news from use Perl includes the following:
Perl 5 Porters for July 16, 2001. The July 16, 2001 edition of Perl 5 Porters is out. This issue covers Perl 5.7.2, a debate on SUPER::, and more. Symmetric Cryptography in Perl (O'Reilly). Abhijit Menon-Sen talks about writing cryptography code with Perl in an O'Reilly perl.com article. PHPPHP Weekly Summary for July 16, 2001. The July 16, 2001 edition of the PHP Weekly Summary is out. Topics include the XML-RPC error code patch, talk of splitting PHP development into multiple working groups, a discussion on application servers, and the availability of new functions for parsing arguments. A PHP-Nuke project fork. The PHP-Nuke project, a weblog system built on PHP, has undergone a fork because of a difference of opinion on how development should be done. The new project is Post-Nuke , or "the fallout release." See this page for a description of the rationale behind the fork. PHP Review 0.9.0 rc1 available. A new beta version of the PHP Review book review project is available. The WHATSNEW file documents the numerous improvements and bug fixes. PythonDr. Dobb's Python-URL!. Another weekly edition of the Dr. Dobb's Python-URL! is now available. This week saw the release of 2.1.1c1, a discussion on working on Python itself, and a new release of wxPython, among other things. Python 2.2a1 released. The first alpha release of Python 2.2 is out. It includes a number of new features, including iterators and generators, the client-side XML-RPC library, and some significant changes to the way builtin types and classes are handled. That last change may break things, and the developers are looking for feedback on whether the feature should be included in the final 2.2 release or not. If you make heavy use of Python, giving this release a test run might be a good idea. See also: Andrew Kuchling's "What's New in Python 2.2" document. Jython 2.1 alpha 2 released. Version 2.1 alpha 2 of Jython, the Java language implementation of Python has been released. The release notes detail the changes which include a new ReadlineConsole class, zlib, gzip and zipfile modules, a Display Hook for Interactive Use, and numerouse bug fixes. Python News in Spanish. A new web site has been created with all of the latest Python news in Spanish. Pychecker 0.7 released. Pychecker 0.7, a Python language bug checker has been released. This version contains a number of new checks as well as bug fixes. SCons, a Python replacement for Make. Active development of SCons, a software building tool has been announced. "SCons is implemented as a Python script around a central set of Python build-engine modules. SCons configuration files are actually executed as Python scripts, allowing you to use full Python functionality to control your build. You use Python functions and methods in the configuration files to tell the central build engine about your input and output files." Tcl/TkThis Week's Tcl-URL. Dr. Dobb's Tcl-URL for July 16, 2001 is out, with the latest from the Tcl/Tk development community. Topics covered include troubles with the Tcl Wiki, using linear algebra, availability of a new multicolumn listbox, negative clock clicks, and more. MiscellaneousAn introduction to neural networks (IBM developerWorks). Andrew Blais and David Mertz discuss the application of neural networks in an IBM developerWorks article. "Neural nets may be the future of computing. A good way to understand them is with a puzzle that neural nets can be used to solve. Suppose that you are given 500 characters of code that you know to be C, C++, Java, or Python. Now, construct a program that identifies the code's language. One solution is to construct a neural net that learns to identify these languages. This article discusses the basic features of neural nets and approaches to constructing them so you can apply them in your own coding. " Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Commerce page. |
Linux and BusinessNew Clustering Products - Beowulf Professional Edition from Scyld; Lineo Availix Vertical Clustering 1.0. Clustering, joining computers together to make a more powerful and more reliable system, is increasingly common. As these systems become more prevalent, so too are products designed to ease to way. Here are two such products. Beowulf clusters can be defined as a series of Linux-based computers tied together to create a supercomputer. The Beowulf Professional Edition from Scyld Computing Corporation strives to make supercomputing as easy (and as economical) as possible. This product provides all the software required to create the system (on all computers) and allows control of all computers from a single interface. This version of Scyld's Beowulf product features increased hardware support, a batch queue system, automatic node addition, and more. Lineo's clustering solution high availability product. The Availix Vertical Clustering (Availix VC) architecture consists of interconnected CompactPCI clusters (called Horizontal clusters) and data storage devices over a storage area network. Availix Vertical Clustering 1.0 features a second level of high availability load balancing, monitoring for fail over management, secured shared data, and much more. Red Hat's new GNUPro Design Tools, Subscription Support Offerings. Red Hat announced the availability of the latest version of the Red Hat GNUPro Toolkit and Support. The latest version of the GNUPro compiler/debugger along with added subscription support options and development platform ports. Linux for the Palm III. Empower Technologies has announced the availability of "Linux DA O/S DB v1.0," otherwise known as a Linux distribution for Palm IIIx and IIIxe handhelds. A "demo" version is available for download now; the full product appears to include proprietary applications and will not be freely distributable. Lineo Processor Support Approaches Century Milestone. Lineo, Inc. announced support for more than 90 processors through the Lineo family of embedded system software. Korean Air deploys Linux on the eServer. IBM and Korean Air have issued a press release describing Korean Air's deployment of Linux on an eServer system. The flight schedule inquiry system and daily revenue accounting will be running on the Linux system. Transvirtual gets $4.0M, launches XOE device platform (LinuxDevices). Transvirtual Technologies, founded by the makers of the Kaffe Java Virtual Machine, unveiled new offices, a new round of funding and a new appliance platform. "In addition to providing an application environment and other services, Transvirtual's XOE package also includes a suite of mobile computing applications -- things like schedule, notepad, addresses, calculator, browser, and so on." Red Hat filing 10-Q (Quarterly Report). For those interested in the details, Red Hat's report for the quarter ending May 31 is now available online. EBIZ letter to shareholders. EBIZ Enterprises, operator of LinuxMall.com, among other things, has posted a letter to its shareholders on the fall in its stock price, which is a bit scary even by current standards. "Simply put, more working capital needs to be invested in the company immediately. Without additional working capital the company is not viable as it is currently structured." Linux Stock Index for July 12 to July 18, 2001.
LSI at closing on July 12, 2001 ... 28.75
The high for the week was 29.17
Press Releases:Open source products
Distributions and bundled products
Proprietary Products for Linux
Hardware and bundled products
Products and Services Using Linux
Products With Linux Versions
Books & Training
Partnerships
Investments and Acquisitions
Personnel & New Offices
Linux/Open Source At Work
Section Editor: Rebecca Sobol. |
July 19, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux in the news page. |
Linux in the newsRecommended ReadingSecurity expert: Tighter measures needed (CNN). Bruce Schneier told a Senate subcommittee that companies will start to make security decisions based on insurance premiums - and the result will be a move to Linux. "What will happen when the CFO looks at his premium and realizes that it will go down 50 percent if he gets rid of all his insecure Windows operating systems and replaces them with a secure version of Linux? The choice of which operating system to use will no longer be 100 percent technical." Free Software: Nothing is more appropriate for India (The Hindu). The Hindu covers Free Software in conjunction with Richard Stallman's visit to India. "It is clearly time for India to join the Free Software movement. Urged by this firm belief and commitment, a group of Free Software practitioners and enthusiasts in India have been successful in persuading Richard Stallman to establish an Indian Chapter of FSF. The Free Software Foundation of India (FSF-I) will be inaugurated by Stallman on July 20 in Trivandrum at the Freedom First! conference." (Thanks to Tony Stanco) So long and thanks for all the fish! (VarLinux.org). VarLinux.org is running Paul Ferris's goodbye letter to LinuxToday. "I wish I'd had some more time to fix some more bugs in the code I've written for internet.com, but alas, that's the way things go. In addition to my new job, I've been asked to do some community service of another kind, so I'm sure you will see me around. Look for an announcement in the coming weeks." Win an Earthlink embedded-Linux telematics system (LinuxDevices). Earthlink is sponsoring a contest for Linux, XML, Java, wireless, and Web application developers. The contest seeks creative application ideas for a prototype open-standards "Automotive Vehicle Location" (AVL) telematics platform that was created by EarthLink's R&D team. Maddog's MS Justice (ZDNet). Linux International Director Jon "maddog" Hall speaks out on the MS Appeals Court case. "I (and various Linux International members) feel that the officers of Microsoft--both current and former--should be punished for their actions. They broke the law. They forced good companies out of business. They stifled--not encouraged--innovation." Developing for the Linux desktop (NewsForge). This NewsForge article is aimed at the aspiring open source developer. "While simply asking about a project is not a "till death do us part" proposition, [KDE developer Andreas] Pour suggests that a better way to win friends in the developer's community is to submit a patch. A patch is an addition or enhancement to the application, like a bug fix, an additional dialog, or a driver. In other words, don't ask about helping, just do it." Linux in a single PBGA IC package (plus 1 crystal) (LinuxDevices). Axis Communications is making Linux-based device designs even simpler by integrating over fifty components into a single 27mm x 27mm PBGA IC package. A review of the new ETRAX 100LX Multi Chip Module. Scaling Supercomputers With Linux (TechWeb). Information Week explains how Linux is helping make scalable systems of low cost PCs. "``Lashing together tens or hundreds of thousands of processors isn't as easy as it appears when you apply it to real-world problems,'' says Gary Smaby, a supercomputing analyst and a principal of Quatris Fund, an investor in Unlimited Scale." IBM develops wireless LAN security analyzer (CNN). IBM's Linux-based system detects wireless nodes that are vulnerable to attack. "The Wireless Security Auditor prototype presents detailed information for all access points on an 802.11 wireless network, including station and network name, address, location, and security state." Use P2P, Go to Jail. Any Questions? (O'Reilly). According to this O'Reilly story, a systems administrator at a Georgia institute installed a screen saver that ran distributed processing and may face criminal charges - for using bandwidth at a rate of 59 cents a second. "Since most of the infringing time happened in December, when very few people were working at the school, this bandwidth usage occurred when the bandwidth was not otherwise being used. Assuming the school pays for bandwidth whether it's used or not, it's hard to understand the logic that says the school system was ripped off." DeCSS Encryption Case Could Change Your IT Shop (TechWeb). In anticipation of an appeals court ruling sometime soon, TechWeb has posted a detailed history of the DVD case and an accompanying timeline. There won't be much new there for those who have followed the case closely, but it's a well-done piece. "Essentially, the DVD CCA alleged that the Linux hackers were pirates. It contended that if they continued to distribute DeCSS, it would lead to widespread illegal copying of DVD movies, thus injuring the profitability of the movie industry. The problem with that argument, though, is that the encryption only hinders playback. Anyone with the proper equipment can copy and reproduce DVDs without the benefit of DeCSS." Open Source movement steps into .NET territory (IT-Director). IT-Director reports on the Mono project. "So far the war between Microsoft and Open Source has been fought between the operating systems with Linux starting to invade the commercial user base that was once the sole domain of Windows. With this latest move, the Open Source movement are recognising the commercial and technical importance of .NET, but are also keen to open up the competition before Microsoft establish their dominance." New front opens in Web standards war (ZDNet). Standards proponents are turning from the browser makers to the authoring tools vendors in their fight to clean up the Web. "Now, however, some standards advocates are asking developers to do their part in convincing the technology laggards to upgrade--even at the risk of alienating un-savvy Web surfers who might be challenged or intimidated by the task of downloading and installing new software. That effort is causing some tension with Web developers, who insist they, too, are eager for a more fully standards-compliant Web." UCITA running on empty (InfoWorld). InfoWorld looks at the current status of the UCITA "shrink-wrap software" bill, and is pleased to see that things are not going very far. "Anti-UCITA 'bomb-shelter' bills, which protect a state's consumers from having UCITA invoked against them, have generally met with better reception than has UCITA itself during this year's legislative sessions. Iowa renewed the one-year bomb-shelter law it enacted last year, and West Virginia passed a similar law. Other states that have bomb-shelter bills under consideration include New York, Oregon, and Ohio." CompaniesGreat Bridge Seeks Investments, Partnerships (Virginian-Pilot). The (Norfolk) Virginian-Pilot has run an article about Great Bridge. "[CEO Robert] Gilbert said that Landmark had been approached by someone interested in investing in Great Bridge, and that Great Bridge is examining 'more than one' possible strategic investment by outsiders." IBM Linux Technology Center Bulletin. The biweekly IBM Linux Technology Center Bulletin is out, detailing IBM's recent contributions to the community. Most of them are kernel-oriented, but there are exceptions (internationalization patches for bash, for example). Quarrel Dogs Open Database Effort (ZDNet). ZDNet describes the rift formed between MySQL AB and NuSphere that led to, and follows after, the announcement of MySQL.org. "Since launching its product line, NuSphere sought to submit changes to the MySQL development community at MySQL, but was confronted with a requirement that it turn over ownership of the changes to the Swedish company." Linux lends a hand to Sun engineers (CNN). CNN reports on Sun's internal handheld project for field engineers that uses a Red Hat tweaked embedded Linux operating system. "Engineers with Red Hat did most of the work tailoring the Linux kernel for the handheld, while Sun's engineers fine-tuned a JVM for Linux. Symbol Technologies adapted one of its existing wireless handhelds, which usually runs Palm OS or Microsoft PocketPC software, for Sun. The device incorporates a bar code scanner and a wireless modem." Turbolinux gets new CEO (News.com). The new CEO of Turbolinux comes in with 13 years of developer experience at Wang and 5 years management of the Apple OS 8 project. "Turbolinux, though, has enough cash to reach profitability under its current plan without having to raise more investments, [new CEO Ly-Huong Pham] said. The company has fewer than 200 employees. ``I'm very comfortable with our financial status, our burn rate ... and our revenue,'' she said." BusinessRetailer Checks Out Linux (TechWeb). Burlington Coat Factory made headlines two years ago by installing a number of (Red Hat) Linux-based Dell workstations in its stores. Now the company has begun a two-year effort to switch over to Linux-based point-of-sale terminals, according to this TechWeb article. "The clothing retailer, which operates nearly 300 stores, will run Linux on all the terminals in its new stores, and expects to finish migrating older stores' terminals to Linux in the next couple of years. The company is replacing NCR registers that run on Intel 286 and 386 chips." ResourcesWhat is MP3? (LinuxDevices). LinuxDevices examines the technologies behind the MP3 compression system. "Fraunhofer (a member of MPEG) released their new audio-compression algorithm called MPEG-1 Audio layer-3 (MP3). The good news was that MP3 could compress audio signals such as music by a factor of 10 to 12, with almost no audible loss. This breakthrough meant that songs which previously required 40 Mbytes of storage space now could fit in just 3-4 Mbytes." ReviewsBig-Time Management (TechWeb). TechWeb reviews Rebel.com's NetWinder 3100 Internet appliance. "The NetWinder runs BSD and Apache Web Server on a 533-MHz Transmeta Crusoe TM5400 processor with a 4-MB parallel boot flash that utilizes Code Morphing Software and the Linux 2.4 kernel. The 3100 we tested had a 10-GB hard drive and 128-MB PC133 CL3 SDRAM." Section Editor: Forrest Cook |
July 19, 2001 |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Announcements page. |
AnnouncementsResourcesHandspring Visor and J-Pilot Guide (LinuxLookup). A quick reference guide for using the Handspring Visor with the Linux desktop through the J-Pilot interface has been posted to the LinuxLookup site. When the going gets weird: Getting help in StarOffice (LinuxOrbit). This HOWTO on LinuxOrbit "will give you the steps to follow to resolve many of your Linux desktop problems. Because StarOffice, Sun Microsystems' open-source office suite, is a program that just about every Linux desktop user will encounter, we'll use it as an example. You should find that following these steps will help for many other programs as well." HOWTO set up NVIDIA 3D drivers on Red Hat 7.1. Evil3D has posted a new HOWTO for setting up the NVIDIA 3D drivers. This HOWTO covers the Linux distro Red Hat 7.1, and the unique steps needed for both Intel and non-Intel motherboards. EventsBOFs at O'Reilly Open Source Convention. There will be a number of Birds of a Feather Sessions (BOFs) at the O'Reilly Open Source Convention in San Diego, CA, July 23 - 27, 2001. Topics include (but are not limited to) Perl, Python, Java and FreeDOS. Caldera International hosts Forum 2001. Caldera International Inc. announced that it will host Forum 2001, August 19 - 22, 2001 at the University of California at Santa Cruz, Calif. Forum 2001 will focus on development, deployment and management solutions for Linux and UNIX systems. LinuxWorld San Francisco to Showcase Embedded Linux Solutions. IDG World Expo announced that the upcoming LinuxWorld Conference & Expo, to be held August 26 - 30, 2001 at San Francisco's Moscone Convention Center, will feature an Embedded Linux Pavilion sponsored by the Embedded Linux Consortium (ELC). Also at LinuxWorld, a Job Fair. Events: July 19 - September 13, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. User Group NewsLinux Users' Group of Davis. LUGOD, The Linux Users' Group of Davis, will be holding a Linux demonstration on Saturday July 21, 2001 at the Davis Food Co-Op, Davis, CA. LUGOD's regular meeting on August 8, 2001 features "Automated Retrieval System (Robotic Cranes)", presented by Michael Egan, Sonoma State University. CFP: Unix and the desktop. The Netherlands Unix User's Group (NLUUG) will hold its annual autumn conference November 8, 2001 in De Reehorst, Ede (Netherlands). The call for papers, inviting submissions for talks on end user experiences and new developments related to the Unix desktop and multimedia applications, remains open until August 24, 2001. LUG Events: July 19 - August 2, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn-lug@lwn.net in a plain text format. Section Editor: Rebecca Sobol. |
July 19, 2001 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software AnnouncementsHere are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways: The Alphabetical List and Sorted by license |
Our software announcements are provided courtesy of FreshMeat
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux History page. |
This week in Linux historyFive years ago: Bruce Perens announced that the Debian Project and the FSF had patched up their differences and would resume cooperation - though there would be no further FSF sponsorship of Debian. To mark the new atmosphere, Debian once again started calling its distribution "GNU/Linux." Three years ago (July 23, 1998 LWN): Oracle announced support for Linux. Computer Associates (Ingres) and Informix had announced Linux support earlier in the year. This ZDNet article echoed some common sentiments: A Linux evangelist said a port of an enterprise-size database such as Oracle would help lend credibility to Linux in the eyes of business managers.
Linus made clear his position that 4MB machines would no longer be a development priority or interest for the 2.1.X development tree. Nowadays, finding a PC with only 4MB of memory might be difficult. Even projects such as TINY Linux, which is designed especially for old, recycled computers, requires at least 8MB (but still supports the i386 chip). The release of perl 5.005 was imminent. Perl 5.7.2 has just been released.
Two years ago (July 22, 1999 LWN): The biggest news was Red Hat's announcement of a community stock offering. Some viewed it with suspicion; an effort to get more people to buy stock and drive up the price or maybe just spam from an unexpected source. In addition, the list of people Red Hat put together accidently left off a lot of important contributors. Nonetheless, in the long run, a lot of people made a little bit of unexpected money as a result and the offering set a precedent for including the community that was later followed by the VA Linux and Caldera IPOs. None of them went perfectly or smoothly, but again, at least some people got an unexpected bonus for the work they had done gratis for so long. On a slightly different note, Red Hat unveiled more of its IPO plans, including a major investment in developing their 'web portal'. Plans included the hiring of over 20 people, setting up their own news service and much more. Of course, nowadays that has gone by the wayside and Red Hat is looking in much different fields (such as embedded Linux) for new revenue models. Caldera Thin Clients reinvented itself as Lineo.
One year ago (July 20, 2000 LWN): Miguel de Icaza gave his "Unix sucks" speech at the Ottawa Linux Symposium. Sun announced that StarOffice would be released under the GPL. SCO released flagging financial results, creating rumors of how Linux might save the failing UnixWare business. Forbes noted that SCO had been selling support services for Caldera and TurboLinux, but inaccurately predicted that the company would strike a deal with MandrakeSoft. This article in OSOpinion speculated: The most likely scenario seems to have SCO spinning off Tarantella (probably as an immediate acquisition target), and looking for a Linux vendor to merge with the rest. If they could find some more VC cash, I think that TurboLinux could be a fairly straightforward candidate, as they could hone their focus in on Linux clustering, already their strongest point and a very promising market niche. ZDNet had better inside information as this article accurately predicted: Caldera Systems, a leading Linux distributor, is on the verge of buying SCO's Server--aka, Unix--division for a price expected to be north of $70 million in stock, according to multiple sources claiming familiarity with terms of the deal in progress.
Section Editor: Rebecca Sobol. |
July 19, 2001
LWN Linux Timelines |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Letters page. |
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. |
July 19, 2001 |
From: Gerard Fernandes <gerry@vigorsoft.com> To: "'lwn@lwn.net'" <lwn@lwn.net> Subject: Free Software response to .NET Date: Fri, 13 Jul 2001 17:12:43 +0530 What is the whole point of talking about innovation when we have come back to square one - playing catch up to .NET and providing alternatives to the same thing, old wine in a new bottle, per-se? It would have been much better if the Free Software response took up Java as the question to which .NET is an improper answer and continue to put in efforts behind Java. Java has already provided a broad infrastructure for networked, cross-platform, and distributed applications. And it has been available (not to mention, working) for quite some time. Why not put in the effort that is senselessly going into developing an Open Source version of .NET (and in the course of this, leaving the Open Source foundation liable to law suits), into developing better and more competitive Application Servers (like JBoss) and therefore anull the .NET attack in the first place? It (.NET) is a half-baked attempt of Microsoft to get back some ground lost to Java. And the Open Source community is inadvertently playing into Microsoft's hands by packaging Microsoft Wine in the OpenSource bottle. Where is the innovation that you were looking for? Is innovation nothing but aping the competition? If not, then why is the Open source sommunity so intent on re-implementing .NET? This has been and seems to be continuing to be, the single biggest hurdle that Open Source is going to be facing - an internally fragmented developer community. This can be the only explanation why Open Source cannot see that they already have a winner (albeit, provided by Sun) and is instead trying to compete with what can actually give Open Source a huge lead in terms of distributed computing development infrastructure. To put it in a nutshell, the Open Source community is its own biggest enemy. Until the Open source community grows up and acts more mature, we are going to continue to have emotional outbursts of this kind. What else can one make of an attempt like this? Do you really need to build a ship with a hole just because Microsoft has done it again? Think about it. regards, Gerard. | ||
From: "Jay R. Ashworth" <jra@baylink.com> To: press@mysql.com Subject: Trademark infringement press release Date: Fri, 13 Jul 2001 11:00:09 -0400 Cc: letters@lwn.net <sigh> I see you folks have drunk the Kool-Aid<tm> as well. Please understand something: mere existence of a domain name which has a trademark in it does *not* in any way violate the Lanham Act, and is therefore not a trademark violation, at least in the United States (although IANAL). If the holder of such a domain name engages in confusion, dilution, or disparagement, then perhaps you might have a case. But, at least from my point of view, this insecure, ranting reaction is just one more reason for *me* to spec PostGreSQL instead of MySQL. If your users are dumb enough to confuse mysql.org and mysql.com, then maybe they, and you, deserve the results. If that sounds elitist, so be it. I'm getting tired, after 20 years, of listening to whining. Cheers, -- jra -- Jay R. Ashworth jra@baylink.com Member of the Technical Staff Baylink RFC 2100 The Suncoast Freenet The Things I Think Tampa Bay, Florida http://baylink.pitas.com +1 727 804 5015 OS X: Because making Unix user-friendly was easier than debugging Windows -- Simon Slavin in a.f.c | ||
From: Nathan Myers <ncm@nospam.cantrip.org> To: letters@lwn.net Subject: MySQL and the GPL Date: Wed, 18 Jul 2001 00:20:07 -0700 The MySQL AB vs. NuSphere dispute is turning out to be really interesting, and not because of anything about their products. (PostgreSQL is a lot more interesting, as a database.) What's interesting is how it points up fun features of the GPL. Apparently NuSphere has been violating the GPL by shipping their proprietary Gemini library linked with MySQL, and keeping the source code secret. They have also been giving binaries out via the web, protected by a sign-up sheet. One feature this highlights is that if they had offered their sources (under the GPL) only to people they had given binaries to, they wouldn't have had to offer them to anybody else. Hence, it wasn't clear whether they actually had violated the GPL, until I verified that even their customers don't get the source code. (Of course they would not be able to keep their customers from mirroring it.) Even the sign-up web page is OK under the GPL; if you haven't given somebody the code, you have no obligations to them. Again, though, once you give them the code, you can't keep them from mirroring the source code once they get it, so a sign-up page for GPL'd code tends to become voluntary. More interesting is what happens next. You see, even if NuSphere goes ahead and GPLs their library and puts sources up for FTP, they are _still_ in violation of the GPL. Once you've violated the GPL, you have lost _all_ your rights under it. NuSphere can still post their own code, but they can't legally distribute binaries linked with it any more, or even use it in-house. Before they will have any rights under the GPL again, they will need forgiveness from the copyright holders. Yes, from MySQL AB -- the company they are engaged in lawsuits and public spats with. Amusingly, if NuSphere does put Gemini under the GPL, users will be able to distribute MySQL+Gemini while NuSphere still can't, until they get forgiveness. The longer they continue violating the license, the worse trouble they're in, and the more forgiveness they'll need from MySQL AB. This isn't one of those corner cases where the GPL is considered a bit iffy. This is square in the middle, where it's firmly backed by copyright law. If NuSphere angers MySQL AB enough, and the lawyers don't back down, we may see a nice, clear court test of the GPL under near-ideal circumstances. That the MySQL database is involved is unfortunate, but since it doesn't really affect users much, that's not so bad. The GPL is a lot like an alligator snout. You can hold it shut with one hand, but if you stick your head in it bites like hell. -- Disclaimer: I am not a lawyer, and the above should not be taken as legal advice. Some dogs know more than I do. "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night, the ice weasels come." -- Matt Groening | ||