[LWN Logo]
[LWN.net]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests


Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

Other LWN stuff:
 Daily Updates
 Calendar
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Archives/search
 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials


A big anniversary arrives. Picking the true birthday of Linux is not necessarily an easy task - what date would you choose? The first gleam in Linus's eye is probably too early, and nobody really knows when that was. The 1.0 release, of course, would be far too late. Where, in between, was Linux really born?

One date favored by many is August 25, 1991, when Linus first told the world, via the comp.os.minix newsgroup, that he was putting together a kernel.

I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones. This has been brewing since april, and is starting to get ready.

Linus clearly had not set his sights on World Domination quite yet.

Quite a bit of interest was generated by the above posting, even though no code was released (that happened on October 5). The world was clearly ready for a widely available free operating system. The growth of Linus's "just a hobby" over the last ten years has been truly phenomenal - and we have just begun. Linux has changed the world. It's been a great decade; the next will be even better.

Let's all beat up on Richard Stallman. LWN editor Liz Coolbaugh once found herself seated next to Richard Stallman for dinner at some conference. It turned out not to be one of the most pleasant experiences of her life; there was no way to bring an end to the discussion of whether this publication should change its name to the GNU/Linux Weekly News. Mr. Stallman is nothing if not tenacious.

He is also endlessly controversial. It is generally not surprising to other supporters of free software speaking out against him. This week, however, has been notable even on the RMS scale.

Consider, for example, the release notes for glibc 2.2.4. A minor C library release normally wouldn't draw a great deal of attention; there's not much in the way of exciting new features, and most people avoid upgrading glibc unless they really have to. But most point releases of glibc don't come with comments like:

Stallman recently tried what I would call a hostile takeover of the glibc development. He tried to conspire behind my back and persuade the other main developers to take control so that in the end he is in control and can dictate whatever pleases him....

The morale of this is that people will hopefully realize what a control freak and raging manic Stallman is. Don't trust him. As soon as something isn't in line with his view he'll stab you in the back.

Those would be fighting words.

The motivations behind an attempted Stallman takeover of glibc development are somewhat unclear. Some of it has to do, apparently, with the adoption of version 2.1 of the LGPL, with its references to "...the whole GNU operating system, as well as its variant, the GNU/Linux operating system." It could also have been motivated by a desire for less conflict with glibc maintainer Ulrich Drepper, who is also not always considered to be one of the easiest people to get along with. Unless Mr. Stallman acknowledges that this "hostile takeover" attempt truly happened, and explains his reasoning, it will be hard to understand what is really going on.

Richard Stallman does show signs, however, of wishing that his revolution had not gotten away from him. Free software has been more successful than many of us could have ever hoped, and Richard Stallman deserves much of the credit for that success. But much of the work has been done outside of the GNU project's organization since the beginning, and the proportion of non-GNU work is only increasing. Richard Stallman remains the head of the Free Software Foundation, but, if the larger Linux and free software movement has a head at all, it's not him.

That can be expected to hurt some. But, if you are trying to head up a movement or a community, you are playing a seriously political game, and political games are like that. Mr. Stallman might be well advised to let go of some of those ambitions, if he has them, not try to direct the development of our free system, and put his efforts into endeavors where we still truly need him.

Should we be talking about freedom? The O'Reilly Network site has been running a little debate on software and freedom. The sequence so far has been:

  1. Freedom Zero, by Tim O'Reilly. "Freedom Zero for me is to offer the fruit of your work on the terms that work for you"

  2. Freedom or Power? by Bradley Kuhn and Richard Stallman. "In the world that O'Reilly proposes, a few make the basic software decisions for everyone. That is power, not freedom."

  3. Tim O'Reilly's response to the above. "I want to return to the idea of freedom zero as my choice as a creator to give, or not to give, the fruits of my work to you, as a 'user' of that work, and for you, as a user, to accept or reject the terms I place on that gift. If that is power, so be it."
It's an interesting discussion. We also, now, have Eric Raymond's contribution to the discussion which takes a strong stance of its own:

In other words, Stallman and Kuhn want to be able to make decisions that affect other developers more than themselves. By the definition they themselves have proposed, they want power.

The bulk of the response, however, takes a different tack:

Some words (like "freedom") make this kind of semantic ping-pong game way too easy. They obfuscate more than they enlighten, they cloud the issues rather than clearing the air. This is a major reason I have spent the last three years trying to get open-source developers to stop talking about "freedom".

Reasonable people may differ on what balance creates the greatest degree of freedom. The unreasonable people have their opinions too, of course, but it's not clear they know more than anybody else. There is a claim LWN would like to put forward, however, made up of two parts:

  1. The concept of freedom is a crucial, inseparable part of what makes the free software movement vital and important. It may make life easier to sweep the concept under the rug at times, but that is a temptation that should be resisted.

  2. Richard Stallman has been one of our most articulate, vocal, and persistent proponents of software freedom for almost two decades. It is important that he not stop.
Code will have an increasing amount of control and influence in our lives. And, increasingly, the amount of freedom we all have will depend, partly, on how free that software is. When we communicate with each other, authenticate ourselves to somebody, or vote, we want to be using free software. Getting and maintaining that freedom will not be easy; it will not even be possible if freedom disappears as a topic of discussion.

Richard Stallman, certainly, should not be our only proponent of freedom. His approach is polemic and unyielding; he is a fundamentalist. But his is a voice that must continue to be heard. His efforts will keep freedom on the agenda and will counter the tendency of more moderate groups to compromise too much. Richard Stallman's point of view belongs in our debates.

That said, there's certainly plenty of room to disagree with what he says; LWN readers know that this publication has no objection to the existence of proprietary software, for example, even if we choose not to use it. The term "freedom" certainly means, as Eric Raymond says, different things to different people. But that doesn't mean we should avoid discussion of the term; why should we hide disagreements over something so fundamental? It's far better to get the viewpoints out on the table so that members of the community can make their own conclusions.

Dmitry Sklyarov's pretrial hearing (arraignment) was originally scheduled for August 23, but was postponed. Definitive information is still lacking, but it appears that his defense is negotiating for a dropping of the charges, and asked for the delay so that the negotiations could continue. The new hearing date appears to be August 30; see the EFF advisory for more information and a nice statement from Dmitry.

Those of you attending LinuxWorld should consider attending the protest march which has been scheduled for August 30. It starts at the Moscone center, so it should be easy for attendees to find, and proceeds to the Federal Building. This is an opportunity to generate a large turnout and draw a great deal of attention to Dmitry Sklyarov's situation and the DMCA in general.

The LinuxWorld Conference and Expo starts on August 28 in San Francisco. It will, as always, be an interesting event; LWN's Michael Hammel and Dennis Tenney will be there in both speaking and reporting roles. Stay tuned for our coverage from the conference.

Inside this LWN.net weekly edition:

  • Security: AirSnort, a new ssh attack, a new sendmail bug.
  • Kernel: Mutating min() and max(); network entropy.
  • Distributions: Compatibility between Linux distributions; Debian Linux for BeOS refugees.
  • On the Desktop: End user configuration management, Vector tool queries.
  • Development: The D language, FreeGIS updates, new ELC directors, new CUPS and Omni, license quickref, GCC 3.0.1.
  • Commerce: Boxed Penguin, Caldera to open source benchmarks, awk, and grep, Lineo gets $20M, Intel compilers for Linux.
  • History: The Linux Standards Association and trademarks; Linux-Mandrake's first year; MPAA won the first round of the DVD case.
  • Letters: The long reach of U.S. laws.
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:


August 23, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Security page.

Security


News and Editorials

AirSnort hits the net. AirSnort is a new packet sniffing tool, which has been released under the GPL. A particular feature of AirSnort, however, is that (1) it works with wireless networks, and (2) it is capable of recovering the encryption keys used with those networks.

It has been known for some time that the WEP protocol used with 802.11b networking is insecure, but nobody has, until now, produced a widely-available exploitation tool. And AirSnort is certainly such a tool; given a sufficient pile of sniffed data (100MB or more), it can come up with the master password in "under a second." Once an attacker has that password, he or she has free use of the wireless network.

The usual debate about whether it was appropriate to release this tool has arisen. The truth of the matter, however, is that the security problems exist and will be exploited; AirSnort did not cause them. But it will, perhaps, draw more attention to these problems, and, with luck, hasten a fix. Meanwhile, anybody running a wireless network should assume that it is open to the world.

Researchers develop SSH cracker (vnunet). vnunet.com is running an article describing a new attack on ssh developed by researchers at the University of California at Berkeley. It's more of a traffic analysis attack than one on the ssh protocol itself - it looks at the inter-packet timings and deduces keystrokes from that. "A password cracker program, dubbed Herbivore, was developed on the back of the research. Herbivore is capable of learning a user's password by monitoring SSH sessions."

More information is available in the white paper written by the researchers (Dawn Xiaodong Song, David Wagner, and Xuqing Tian).

Another look at full disclosure. Those interested in the full disclosure debate (as covered in last week's LWN.net Weekly Edition) may want to have a look at this paper by Jon Lasser. He looks at the evolution of the rpc.statd hole and its exploits, leading up to the Ramen worm, and how full disclosure may have helped those seeking to take advantage of this vulnerability.

Security Reports

Denial of service vulnerability with netfilter MIRROR target. The experimental MIRROR target, available with the 2.4.x netfilter code, may open up sites to denial of service attacks. See this report from Fabian Melzow for details and information on how to work around the problem.

An input validation problem with sendmail. It's been a little while since we had a serious sendmail vulnerability. Wait no longer; Dave Ahmed has reported an input validation problem which may be used by local users to obtain root access. An exploit for the problem has already been posted. The vulnerability is not exploitable remotely. For now, the solution to the problem is to upgrade to sendmail 8.11.6 (or, for beta users, 8.12.0Beta19). No distributors have issued updates as of this writing; keep an eye on the LWN.net Daily Updates Page to see when patched packages from the distributions become available.

SuSE fixes a problem with sdb. SuSE has posted an advisory for sdb; a Perl cgi script that sdb uses may be vulnerable by using untrustworthy client input (HTTP_REFERER). Exploiting the bug requires access to a local account.

Caldera Security Advisory for ucd-snmp. Caldera International, Inc. has found some problems in ucd-snmp, including "several potentially exploitable buffer overflows, format string bugs, signedness issues and tempfile race conditions." OpenLinux eServer 2.3.1 and OpenLinux eBuilder, using ucd-snmp-4.2.1-6b are vulnerable.

Proprietary products. The following proprietary products were reported to contain vulnerabilities:

  • Arkeia 4.2 (and probably other versions) has been reported to send encrypted passwords in clear text. An attacker with access to the local network could probably crack those passwords, which provide access to the Arkeia control interface.

  • Adobe Acrobat creates world-writable files in the user's home directory, according to this report from Michael Paoli. It turns out this is not a new problem - Darren Moffat notified Adobe of this problem back in 1999.

Updates

Buffer overrun vulnerabilities in fetchmail. (Found by Salvatore Sanfilippo). Two buffer overrun vulnerabilities exist in the much-used fetchmail program. Given a hostile server, arbitrary code can be run on the system running fetchmail. The solution is to upgrade to fetchmail 5.8.17. See the August 16 Security page for the initial report.

Previous updates:

Format string vulnerability in groff. A format string problem exists in groff; apparently it could be remotely exploited when it is configured to be used with the lpd printing system. (First LWN report: August 16, 2001).

The stable release of Debian is not vulnerable.

New updates:

Previous updates:

Mandrake-Linux advisory for gdm. MandrakeSoft has issued an advisory for gdm to address a very old (first covered in the May 25, 2000 LWN Security Page) remote exploit through XDMCP. Note the Mandrake-Linux doesn't configure XDMCP use by default, however.

Resources

Securing Sendmail with TLS (Linux Journal). The Linux Journal shows how to set up sendmail using transaction layer security channels. "The most obvious use of a cryptographically enabled Sendmail installation is for confidentiality of the electronic mail transaction and the integrity checking provided by the cipher suite. Everything between the two mail servers is encrypted, including the sender and recipient addresses. TLS also allows for authentication of either or both systems in the transaction."

LinuxSecurity.com's weekly newsletter for August 20 is available.

Events

Upcoming Security Events.
Date Event Location
September 11 - 13, 2001New Security Paradigms Workshop 2001(NSPW)Cloudcroft, New Mexico, USA
September 28 - 30, 2001Canadian Association for Security and Intelligence Studies(CASIS 2001)(Dalhousie University)Halifax, Nova Scotia, Canada.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Jonathan Corbet


August 23, 2001

LWN Resources


Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Security Projects
Bastille
Linux Security Audit Project
Linux Security Module
OpenSSH

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Turbolinux
Yellow Dog Errata

BSD-specific links
BSDi
FreeBSD
NetBSD
OpenBSD

Security mailing lists
Caldera
Cobalt
Conectiva
Debian
Esware
FreeBSD
Kondara
LASER5
Linux From Scratch
Linux-Mandrake
NetBSD
OpenBSD
Red Hat
Slackware
Stampede
SuSE
Trustix
turboLinux
Yellow Dog

Security Software Archives
munitions
ZedZ.net (formerly replay.com)

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
LinuxLock.org
LinuxSecurity.com
Security Focus
SecurityPortal

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Kernel page.

Kernel development


The current kernel release is 2.4.9, which was released on August 16. Linus then jetted off to Finland, so no prepatches have been forthcoming. 2.4.9 has compilation errors for a subset of users (see below), but appears stable for most.

The EMU10K1 (SB Live) driver is stabilizing in 2.4.9. Note, however, that you'll need the user-space tools from Creative to make full use of the sound card with the new driver.

Alan Cox's latest is 2.4.8ac9. As can be seen by the name, Alan has not yet synched up to the 2.4.9 release (he "doesn't see the point" right now), but he has included the usual vast list of fixes and improvements.

Those interested in how the Linus and ac kernels relate may want to take a look at this explanation from Alan, posted on Slashdot.

With the -ac tree I try and do rapid rolling releases, sucking in new code to test it and also its interactions with other new code. By doing releases every few days I get a high number of people testing and reporting bugs before there are too many possible causes. This is how Linus trees used to work long ago, and I still think its the better technique.

The redefinition of min() and max(). C programmers since the very beginning of the language have been familiar with the min() and max() macros, which are usually taken directly out of the first edition of the K&R book as:

    #define max(A,B) ((A) > (B) ? (A) : (B))
    #define min(A,B) ((A) < (B) ? (A) : (B))
Certainly kernel programmers have been reading their K&R - a quick grep of the 2.4.8 source turns up more than 150 individual definitions of min(). Usually, when a body of code contains that many duplicated definitions, it's time to consider a cleanup.

So, perhaps, not too many people may have been surprised when 2.4.9 included a common definition (in linux/kernel.h) for these two little macros. When, however, various modules started turning up compilation errors, and it turned out that the new min() and max() have a different interface, people were surprised indeed, and not particularly pleased. Interface changes during this stable series have become almost commonplace, but few people expected to see a change to something so common and fundamental.

It seems that the new min() and max() have a third argument, being the type of data being compared. So, to get the minimum of two integers, one would code:

    minimum = min(int, a, b);
There are perfectly good reasons for doing things this way; when values of different types are being compared, the explicit type determines what type will be used to do the comparison. It makes things explicit, and forces people to think about what they are doing.

Unfortunately, it also breaks quite a bit of existing code. Any code which defines its own version of these macros will end up with compilation errors. Even worse, for many, is the fact that there is no way to create backward compatibility macros to cover over the difference. A driver using these macros which compiles for 2.4.9 will not compile for earlier versions of the kernel. Linus has tended to not to be sympathetic toward developers who are trying to maintain portability to older kernels, but there are quite a few of them trying to do so anyway.

The question that has come up, of course, is: if Linus wanted a type-aware variant of min() and max(), why didn't he create something with a new name (i.e. typed_min()) and leave the classic macros alone? The answer seems to be that Linus wants to eradicate the old, two-argument macros from the kernel altogether, and so (by way of David Miller) chose an approach that would break code that has not been fixed. Doing things this way can produce more maintainable code in the long term, at the cost of some real short-term pain.

But, one would not normally make such a change in the middle of a stable kernel series, and not to something as well understood as min() and max().

Linus, of course, put this change out in 2.4.9 final and immediately fled the country; the cynical among us might surmise that he knew there would be some discontent. And discontent there is; among other things, Alan Cox does not plan to merge this change into the "ac" series; he'll make a typed_min() and typed_max() instead. Linus does not often back down on such decisions, though; it will be interesting to see how this one resolves itself.

Feeding entropy from network devices. The Linux kernel provides two pseudo-devices which generate random numbers: /dev/random and /dev/urandom. They both provide (seemingly) random numbers to applications, but they differ in one regard: /dev/random works much harder to ensure that the returned numbers are truly random.

The random number generator works through the maintenance of an "entropy pool," a collection of random data which has been collected from outside sources. The most common source of entropy (randomness) in Linux systems is device interrupts; the time periods between keystrokes or disk interrupts is unpredictable enough to provide a degree of true randomness that can not be had from a software-only random number generator. Each random event adds a certain amount of entropy to the pool. If an application reads random data from /dev/random, the kernel will make sure that there is sufficient entropy in the pool to return truly random numbers; if the entropy is inadequate, the read will block until sufficient entropy has been generated. /dev/urandom, instead, will generate numbers (using a secure hash algorithm) regardless of whether sufficient entropy exists; it never blocks waiting for entropy.

In theory, that difference means that a sufficiently clever attacker could, perhaps, predict the random numbers that will be generated by /dev/urandom. Using the predicted numbers, the attacker could proceed to make a mess of any cryptographic or security code using /dev/urandom. Such an attack remains entirely theoretical, however; it would be in no way easy, and nobody has ever demonstrated a way of successfully predicting Linux's random numbers.

Nonetheless, people worry, and many applications will only use random data from /dev/random. On some systems, this can lead to problems if the system is not generating enough entropy; suddenly ssh connections take a long time to start up, and things get unresponsive in general. Network firewalls, with no keyboard and little or no disk activity can be especially susceptible to this problem.

The answer, seemingly, would be to use the arrival of network packets as another source of entropy. Historically, this source of entropy has been avoided, since network traffic is susceptible to observation and manipulation by an attacker. In a highly paranoid world, one might worry about an attacker watching network traffic in an effort to predict the contents of the entropy pool on a target system; the attacker could also feed precisely-timed packets to the target in the hopes of influencing random number generation there. Once again, nobody has ever gotten close to demonstrating an attack of this nature, but if security people didn't worry they would have little to do.

Now, however, Robert Love has submitted a patch which allows the system to use entropy from network traffic, subject to a kernel configuration option. There is some real opposition to the patch; some people feel that network entropy should not be treated as entropy at all, and that applications should just be using /dev/urandom in these cases. The wider consensus, however, is that sometimes network entropy is the best you can get, and that it makes sense to give the user a choice of whether to use it. After all, when, ten years from now, some super cracker develops a network entropy exploit, you can always turn the feature off.

New no-bounce high memory I/O patches have been posted by Jens Axboe (see also the quick update that came out shortly afterward). This patch is rapidly approaching a state of readiness, and, with luck, should find its way into a stable kernel sometime soon. It eliminates the need to use "bounce buffers" on systems with large (multiple GB) amounts of memory, even on systems where the kernel does not directly address high memory. One user has reported a 40% performance increase when running with the patch.

Incorporated into Jens' patch is the new 64-bit PCI DMA interface designed by David Miller. He has also posted the PCI64 patches separately for those who would like to take a look at them. With these patches, DMA I/O is possible on systems with very large amounts of memory (more than 4GB) if the hardware is up to the task. There is also a later revision of this patch available. Between these two efforts, the kernel's support for high-end systems will be much improved.

Other patches and updates released this week include:

  • Ben LaHaise has a new patch which performs merging of virtual memory areas, addressing the problem discussed in the August 9 LWN Kernel Page. Ben claims a significant speedup for Mozilla when running with this patch.

  • A QNX4 filesystem implementation with write support has been made available by Sergey Tzukanov.

  • Keith Owens has posted modutils 2.4.7.

  • Ben Breear has released a patch which adds 802.1Q VLAN support to the kernel.

  • devfs 189 and devfsd v1.3.17 have been released by Richard Gooch.

  • Andrew Morton has released an ext3 filesystem patch for 2.4.9.

  • Rik van Riel has posted a patch allowing interested people to tune the virtual memory system on their machines. It's intended mostly for VM hackers and those running benchmarks.

  • Wichert Akkerman has released strace 4.4.

  • A version of User-mode Linux for 2.4.9 has been released by Jeff Dike.

  • Steve Best has announced release 1.0.3 of IBM's Journaling Filesystem.

  • Greg Kroah-Hartman has released a Compaq hotplug PCI driver for 2.4.8ac8.

  • Also from Greg is a security module release for the 2.4.9 kernel. The security module hackers are beginning to think about submitting the patch for inclusion into the kernel.

  • A new release of the IQ80310 board port has been announced.

Section Editor: Jonathan Corbet


August 23, 2001

For other kernel news, see:

Other resources:

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Distributions page.

Lists of Distributions
distrowatch
ibiblio
Kernelnotes
Linux.com
LinuxLinks
Woven Goods

Embedded Distributions:
3ilinux
Bifrost

BluePoint Embedded
Compact Linux
Coollinux
DSPLinux
ELinOS
ELKS
Embedded Debian
Embedix
Etlinux
FlightLinux
Hard Hat Linux
Jailbait
Linux/Coldfire
LEM
Midori
NeoLinux
OnCore Systems
PeeWeeLinux
RedBlue Linux
RedIce-Linux
Royal Linux
RTLinux
Tynux
uClinux
White Dwarf Linux

Handhelds/PDAs
Agenda-VR
Familiar (iPAQ)
Intimate (iPAQ)
Linux DA
PocketLinux
PsiLinux

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux
SmoothWall

Floppy-based
Brutalware
BYLD
Coyote Linux
DLX
Fd Linux
Fli4l (Floppy ISDN/DSL)
floppyfw
Floppix
FREESCO
Linux in a Pillbox (LIAP)
Linux Router Project
LOAF
muLinux
Nuclinux
Proxyfloppy
ShareTheNet
Small Linux
Tomsrtbt
Viralinux_II

CD-based
BasicLinux
BBLCD Toolkit
CDLinux
Crash Recovery Kit
DemoLinux
Devil-Linux
Finnix
Gibraltar
innominate Bootable Business Card
Linuxcare Bootable Business Card
LNX-BBC
MkCDrec
RunOnCD
Sentry Firewall
SuperRescue
Timo's Rescue CD
Ututo
Virtual Linux

Zip disk-based
NBROK
ZipSlack

Small Disk
hal91
MicroLinux
--> Peanut Linux
PKLinux
Relax Linux
TA-Linux
Tomukas
ttylinux
VectorLinux

Wireless
Bambi Linux
Flying Linux

Hardware-specific
(ARM)
ARM Linux
(Beowulf)
Scyld Beowulf
(IBM)
Think Blue Linux
(Oracle's NIC)
NIC Linux
(PA-RISC)
PA-RISC Linux
(Playstation)
Runix
(PowerPC)
Black Lab Linux
LinuxPPC
MkLinux
Yellow Dog
(Sparc)
Splack
UltraLinux
(Older Intel)
ClarkConnect
Monkey Linux
TINY

DOS/Windows install
Armed Linux
DragonLinux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools
K12LTSP
LTSP
Pygmy
Xdenu

Distributions


Please note that security updates from the various distributions are covered in the security section.

News and Editorials

Compatibility between Linux distributions. This week a lengthy thread arose on the debian-devel list on whether the Debian distribution should be Red Hat binary compatible. The answers ranged from "yes" to "no" to "maybe". As the LWN commerce editor for the last couple of years I can vouch for the fact that there are an increasing number of proprietary software packages being released specifically for Red Hat Linux. No doubt in Germany the distribution of choice is SuSE, and other countries will have other favorites. The point is Debian (or Slackware or many other smaller vendors) will not usually be the first choice for a proprietary software vendor who wishes to port software to Linux. Also this software, once ported to one flavor of Linux may or may not run on other Linux distributions.

The Linux Standard Base was created to address these compatibility issues and the current 1.0.0 release is certainly a good start. Obviously it's not all the way there yet. Also, there is no guarantee that all Linux vendors will follow the standard. If, for example, a large vendor like Red Hat chooses to ignore the LSB it is likely that the proprietary software vendors will also ignore those standards, and write software that runs only on Red Hat Linux. Making Red Hat a de facto standard in this manner puts additional pressure on a volunteer based distribution like Debian. It is really best if all distributions stick to the standard. There may still be some compatibility issues, but following standards will minimize the issues (or maybe just point out a place where the standards are inadequate).

Not all volunteer developers within Debian will agree that there is a need for proprietary software to run on Debian. This is certainly a valid choice. However, if a business chooses to run Debian and also chooses to use a proprietary software product shouldn't this combination just work? Should that business be forced to use a different distribution just because it is tied to a third party product? This is a mode of operation more reminiscent of certain proprietary operating systems than of Linux. World domination requires that vendors can port once and businesses can use whichever flavor of Linux they please without worrying about compatibility issues.

Debian Linux for BeOS refugees. Since Palm acquired Be's assets and Be intends to wind up its operations some time in the fall many BeOS refugees will be looking for alternatives, including Linux. One ex-Be user advocates Debian for BeOS refugees.

Mandrake Linux Community Newsletter - Issue #10. This issue of the Mandrake Linux Community Newsletter is available in English and in French. It includes information on the Mandrake 8.1 Beta, a reminder about the upcoming LinuxWorld show in San Francisco, and a spotlight on the KDE desktop environment.

New Distributions

CRUX. The CRUX distribution appears to have been around at least since last April and version 0.9 was released on July 7, 2001. Here's a description from the CRUX website.

CRUX is a lightweight, i686-optimized Linux distribution targeted at experienced Linux users. The primary focus of this distribution is "keep it simple", which is reflected in a simple tar.gz-based package system, BSD-style initscripts, and a relatively small collection of trimmed packages. The secondary focus is utilization of new Linux features and recent tools and libraries.

(Thanks to Joe Klemmer who found the link at DaveCentral.

Distribution News

Blue Linux announces the Development of Blue Linux EDU. Blue Linux announced that they will be working toward a Blue Linux Educational version that will be based on reaching out to the Educational Community. Blue Linux Founder Matt Jezorek said

"We hope that we can help cut the cost of running the school systems and keeping up with licensing so that learning can once again become the major part of todays schools."

Debian News. Debian release manager Anthony Towns has posted a request not to make major changes to the base as part of the ongoing freeze, and as a bonus included a list of the software to be included in the base as well as the "standard" packaging.

There will be a bug squashing party this weekend to help stamp out those Woody bugs.

If you are a prospective Debian developer looking for an existing developer to meet and sign your GPG key (for the Identification part of the new maintainer process), there is now a listing of developers available. Current Debian developers are encouraged to register so prospective developers can find you in the listing.

Some new mailing lists have been created for Debian developers. There's one for Debian's Catalan internationalization and localization team, some new bug lists, lists in Italian and French, and others.

Mandrake Linux 8.1 Beta1 for x86 on mirror sites. MandrakeSoft has informed us that the first beta release of Mandrake 8.1 for x86 systems is now available from their mirror sites. This version includes the 2.4.8 Linux kernel; the shiny new KDE 2.2; the latest Ximian Evolution 1.0 beta 2; and you can try your new digital camera with gphoto2; configure and reconfigure your printer with the reworked printerdrake and its new friend foomatic; and much more.

Yes, its a beta and it has bugs, but some of those bugs already have fixes available. So get busy, crash some machines and let Mandrake know what works and what doesn't.

Midori 1.0.0-beta3 released. Midori Linux 1.0.0-beta3 has been released. "Highlights: it compiles on Red Hat 7.1 (your mileage may vary, so please let us know how it works for you) and we've replaced the entire init script system with something much better (in our opinion, at least) than what's available on the average Linux system."

MontaVista's Linux port to the IQ80310. Here is the latest source drop for the Linux port to the IQ80310. You'll need the linux-2.4.7 kernel with patch-2.4.7-rmk3 to get it running.

Red Hat: Roswell, the return. There has been another sighting of Roswell, Red Hat's latest beta. Apparently lots of things have changed with this new version, which may still be rather buggy. The truth is out there.

Trustix releases Secure Linux 1.5. Trustix announced the release of Trustix Secure Linux version 1.5, nicknamed "MiddleWhere". A number of new features have been added to TSL with this version, based on user requests. Updates to this package include MySQL, PHP4, and modutils for 2.4, and SWUP for automatic updates and easy install of new software.

Turbolinux News. Turbolinux has announced the release of its z/Linux 6.5 distribution for IBM zSeries servers and S/390 mainframes.

Turbolinux also announced the availability of Turbolinux Workstation 7.0 for US-based OEMs.

Minor Distribution updates

DragonLinux. DragonLinux has a new phpwiki page available for users. DragonLinux documentation is available, and users can discuss and modify documents via wiki.

FreeBSD. FreeBSD v4.4 should be available by the end of the month. In the meantime Annelise Anderson, a frequent contributor to the FreeBSD mailing lists, has written "FreeBSD: An Open-Source Operating System for Your PC", an introduction to FreeBSD aimed at the new user. It is published by The Bit Tree Press, the ISBN is 0971204500, and it can be ordered from, amongst other places, the DaemonNews Mall.

Mindi Linux v0.38. This version of Mindi was released August 18th. There is now a 'mindi-kernel' plug-in, so that users can use a stock 2.4.7 kernel in case their kernel isn't right for a boot disk among other changes.

Distribution Reviews

Redmond Linux: Stripped-down Linux business aims at desktop newbies (NewsForge). NewsForge reviewed Redmond Linux. Joseph Cheek, CTO of Redmond Linux tells us there are a few inaccuracies in the article [Redmond Linux is based on Caldera Workstation 3.1, and Rick Collette is VP of Engineering, not VP of Marketing], however this is a good review overall. "The distribution has several goals, including, of course, "ease of use for people used to Windows," Collette says. The Redmond Linux coders also want seamless filesystem integration with other operating systems on a network, and a full suite of working applications."

Section Editor: Rebecca Sobol


August 23, 2001

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.


Leading
Caldera OpenLinux
Debian GNU/Linux
Linux-Mandrake
Red Hat
Slackware
SuSE
TurboLinux

Also well-known
ASPLinux
Best Linux
Conectiva Linux
e-smith

Progeny
Rock Linux

Non-technical desktop
easyLinux
Icepack Linux
Independence
LibraNet
Redmond Linux
WinSlack

Education
Boston University
kmLinux
LinuxFromScratch
OpenClassroom
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
BearOps
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
cLIeNUX
Complete Linux
Console Linux
Corel Linux
CRUX
Darkstar Linux
DLite
easyLinux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
FTOSX
FullPliant
Gentoo
Go!Linux
HA Linux
Halloween Linux
HispaFuentes
IceLinux
Ivrix
ix86 Linux
J-LINUX
JBLinux
Jurix
KRUD
KSI-Linux
Lanthan Linux
Laonux
LASER5
Leetnux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
LinuxPPP
Linux Pro Plus
Linux-SIS
LNX System
LoopLinux
LSD
Lute Linux
MageNet
Mastodon
MaxOS
minilinux
MSC.Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
PLD
Project Ballantain
PROSA
Rabid Squirrel
Repairlix
Root Linux
Scrudgeware
Serial Terminal
Sorcerer
spyLinux
Stampede
Stataboware
TechLinux
TimeSys Linux/RT
Tom Linux
Trinux
Turkuaz
Ute-Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WholeLinux
WinLinux 2000
XTeamLinux
ZipSpeak

Country-specific
Argentina
GNU/Linux Ututo
Britain
Definite Linux
Eridani
China
COSIX
Red Flag
France
Linux/MNIS
Italy
LinuxEspresso
Madeinlinux
Vedova
Spain
Linux Esware
Thailand
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
Dualix
Gentus
Giotto
MCC Interim Linux
OS2000
Storm Linux


   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's On the Desktop page.


Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Office Suites
Ability (*)(w)
Anywhere Desktop (*)
(formerly "Applixware")
GNOME Office
HancomOffice
KOffice
StarOffice / OpenOffice
Siag Office
WordPerfect Office 2000 (*)(w)

Java / Web Office Suites
ThinkFree Office (*)
Teamware Office (*)
Cybozu Office (*)

Desktop Publishing
AbiWord
iceSculptor (*)
Impress
Maxwell Word Processor
Mediascape Artstream (*)
Scribus

Web Browsers
Mozilla
Netscape (*)
Opera (*)
Konqueror
Galeon

Handheld Tools
KPilot
JPilot
Palm Pilot Resources
Pilot Link
SynCal

On The Desktop


End User System Management.  For many desktop users, be they Linux or Windows users, the day to day task of managing their computers is somewhat daunting. The process of managing installed packages alone can be a nightmare, but throw in network management and security, user management, and even the simple process of dialing out through a modem and users end up with a strong desire to toss the whole load out the window, put on a pair of sunglasses, a grass hat and wonder where Jimmy Buffett goes at times like these.

One of the sad parts of Linux is a lack of standardized configuration tools. Many distributions include the useful, if not completely reliable, Linuxconf toolset. This package is based on over 40,000 lines of C++ code and attempts to do what commercial Unix has never been able to do well - administer a standalone Unix (or in this case Linux) system. Linuxconf offers tools for configuring LAN connections via DHCP or manual addressing, dialup modems, the Apache Web server, firewalls, the LILO boot manager, printers, user and group management and a host of other features. An even larger feature set is provided in external modules.

Linuxconf is the current administrative interface used by many Linux distributions. It supports Caldera, Debian, Red Hat, Conectiva, SuSE, and Mandrake. There are text, ncurses, GTK and HTML based interfaces available as well. Many of the modules appear to have come from Conectiva, though it's not clear if the other modules come from other distribution vendors or not.

While Linuxconf appears complete, it does have its drawbacks. The web site mentions compatibility with many older distributions from the major Linux vendors, but there is little mention of the latest releases such as Red Hat 7.x, Mandrake 8 or SuSE 7.

Debian includes some support for Linuxconf but one Debian developer we talked to said that he expects that it has a very low use rate among Debian users. But a bigger issue may be that Linuxconf can often misconfigure some features or activate features unrelated to a users changes at inappropriate times. Many users may be willing to accept broken or incomplete software, but when it comes to systems administration, they should never accept software the works incorrectly. The stability of your system is at risk here.

And most distribution vendors are aware of these issues. Debian developers, we're told, have lately been interested in a Web based administration tool from Caldera, Webmin, though this interest is not at an official level (we haven't heard of them adding it to their distribution at this time). It's an open source (BSD license) application from a company that was recently purchased by Caldera and provides a plug-in style API that permits modules which can be both open source and proprietary. The application supports a large number of Linux distributions. The RPM installation was very clean and installs its own web server for managing your system. It can run with Apache, though the default server seemed quite sufficient for local (single user) administration. Most major tasks are supported in the default configuration, including DNS and networking, file sharing, user management, and even package management. The modular design offers quite a few options for the future.

Another alternative to Linuxconf and Webmin has recently started coming out of Ximian's GNOME product development. The Ximian Setup Tools (XST) is a frontend/backend design currently based on GNOME that also has support in development for the KDE environment. Most of the major Linux distributions are supported, including Debian. Backend tools can be written in any language (though Perl seems to dominate currently), using an XML transport, which means configuration information is passed between the backend and the frontend in XML. Use of XML provides a method (which may or may not be implemented in each backend) for saving past states which can be restored at a later date. This rollback option is something that neither Linuxconf nor Webmin provide.

As Ximian developer Michael Meeks puts it, XST provides "user level support to give a rubber knife to learner systems administrators instead of a scalpel." The architecture of XST offers great hope but not all the features expounded by Ximian are implemented yet. Rollbacks are still missing, as are remote host administration options. Local administration appears to work fairly well though we had a few problems with adding a new user. Features in the current, unstable release of XST include user and group management, time and date handlers, and boot, disk, memory, network, and file sharing management. After installation (which can be handled automatically using Ximian's Red Carpet facility) the tools end up as individual menu items in the Programs->Utilities menu under the GNOME menu panel.

Linuxconf is a bit monolithic in nature - all the bits and pieces are rolled into a single interface (though it appears they can be run individually from the command line). XST, on the other hand, uses a frontend/backend pair as a standalone application. The modularity provided in the backends for both XST and Webmin allows a separation of duties and prevents the problem Linuxconf brings when it performs duties you didn't really request of it. You aren't likely to accidently reset a network daemon while performing user management, for example. Such modularity also makes both XST and Webmin easily extensible. XST carries no dependencies other than the desktop environment (either GNOME or KDE, essentially). This makes XST and Webmin fairly even when it comes to future expansion. With Webmin being web based it should be free of all desktop dependencies other than an available browser.

Systems administration will always be a difficult task to manage for end users, but with tools like Webmin and XST there is hope of a less convoluted future.

Vector tools and the VFX industry.  We received a letter from a Windows-based graphics company (see our response to them) who mentioned customer requests for a Linux port of their product. There still isn't a publicly announced professional-level, native vector tool for Linux even though such a tool is highly desired. One problem this vendor has is with peripheral support:

We have looked at the Linux market before but the community and support (graphics tablet and other peripherals) for graphics products was not sufficiently advanced at that stage.

The Wacom tablet is fairly well supported under XFree86 4.0.x now, but support for other tablets is fairly spotty at best. Most Visual Effects (aka "VFX") houses working in the film industry tend to port their own drivers over to Linux as they need them, but few (if any) of these have been released back to the community. Still, this isn't a lost cause. Most of the VFX industry is migrating to Linux. Their biggest problem, according to a couple of industry insiders, is finding out how to get open source developers involved with them, and how they can get the industry itself to move from highly secretive productions to more open development.

Enlightenment.  The authors of the Enlightenment environment, which is evolving into a desktop environment to challenge GNOME and KDE, are interviewed about the year long march towards E17.

E17 is built for sheer performance. It should be able to equal or beat anything else doing anywhere near the same level of visual work - and many things doing a lot less visual work. Rememebr you can't compare something that displays 2 lines and a box with something that fills the srceen with alpha blended images and anti-aliased text. They are different levels of visual work, but even so - e17 should be not far off a lot fo the performance of the simpler visual displays. e17 isn't a whole desktop. It's a desktop shell - think of it as a window manager + desktop background manager + file manager + config tools all in one.

Desktop Environments

GNOME Summary for 2001-08-05 - 2001-08-15. This latest edition of the GNOME Summary is out, and covers topics including the addition of TrueType support to GNOME Print, an update to the Galeon project, updates to AbiWord, and hacks from Linux kernel developer Alan Cox on Nautilus.

Gnome on Slackware and Galeon wins browser review (GNOME Gnotices). GNOME Gnotices pointed us to the news that there are now Ximian GNOME packages available for Slackware. These don't appear to be official Ximian packages and, because Ximian doesn't support the gzipped tar (aka "tgz") format, don't include support for Red Carpet.

In another news tip from the same note, Canada Computes has done a review of Linux browsers, including Opera, Netscape, Konqueror, Mozilla, Galeon and Skipstone. Galeon came out on top.

GNOME Foundation adds Timothy Ney as Executive Director. The GNOME Foundation has finally announced their executive director: Timothy Ney. Ney most recently served as the managing officer of the Free Software Foundation for the past three years.

First review of KDE 2.2. Now that KDE 2.2 is out, reviews cannot be far behind. Here is the first. "The sad fact is that there is no Linux desktop that can yet match the ease of use, and comfortable usage of Microsoft Windows or Mac OS. KDE is getting there but still lacks some refining touches. My guess is that KDE 3.0 is going to provide a revolutionary step towards the desktop with Linux. " (Found at dot.kde.org)

Open Source Printing Summit. The Open Source Development Network (OSDN) along with Hewlett-Packard and IBM will be holding their second annual Linux Printing Summit in September in San Jose, California.

Window Maker web site redesign. Window Maker, an alternative desktop window manager which works with GNOME and KDE, had a web site relaunch earlier this month. The new site is much cleaner and more professional looking, though little new information on the product itself is available.

Office Applications

AbiWord 0.9.2 released. Version 0.9.2 of the AbiWord word processor has been released; see the release notes for a list of changes.

On a side note: The AbiWord Weekly News may be taking a two seek summer break as author Jesper Skov takes a well deserved vacation. Someone from the list may take over for Jesper, but if that does not work out, he'll write up a double issue on his return.

GnomeMeeting 0.10 released. A new release of GnomeMeeting, was announced this week. GnomeMeeting is a video conferencing system. Updates include support for both FreeBSD and KDE and includes packages in both RPM and .deb formats (Mandrake coming soon).

Desktop Applications

Gnumeric 0.70. A new release of Gnumeric was announced this week. This is a high priority upgrade from the 0.69 release, which broke MS Excel importing. Unfortunately, this release also reduces the stability of graphs. Remember that that the sub-1.0 releases are meant primarily for developers and testers - expect some problems.

And in other news...

Caldera CEO: The challenge of the desktop (ZDNet). ZDNet News interviews Caldera CEO Ransom Love. "The challenge of the desktop is evolving. The traditional monolithic desktop is not for Linux, but the evolving thin client desktop is ideal for it. Something like 80 to 90 percent of personal time is now spent in the browser, and as the Internet becomes predominant use of desktop, applications will follow."

Adding a new dimension to the desktop with 3Dwm (LinuxPower). 3 dimensional desktops are still quite a few years away from the common man, but work steadily progresses on at least one project in this arena: 3Dwm. "We expect to be releasing version 0.3.0 of 3Dwm shortly (just need to iron out a few things), and this release finally adds full input handling in the display server. This should allow you to not only navigate around in the environment (this has been possible from day one), but also to interact with the 3D objects in the scene. However, I would not recommend this release for users other than to just perhaps compile it and play around a little with it; there are still some pretty glaring things that keeps us far away from a 1.0 release."

VistaSource gets a makeover. The VistaSource web site has gotten a makeover. Despite earlier rumors, it appears that Applixware continues to be sold by the new company, though its name has been changed to Anywhere Desktop for Linux.

Section Editor: Michael J. Hammel


August 23, 2001


Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Desktop Environments
GNOME
GNUstep
KDE
XFce

Window Managers (WM's)
Afterstep
Enlightenment
FVMW2
IceWM
Sawfish
WindowMaker

Minimalist Environments
Blackbox

Widget Sets
GTK+
Qt

Desktop Graphics
CorelDRAW (*)(w)
GIMP
Kontour
Photogenics (*)
Sketch

Windows on Linux
WINE
Win4Lin
VMWare

Kids S/W
Linux For Kids

Send link submissions to lwn@lwn.net

   
vi

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Development page.

Development projects


News and Editorials

Last week, Walter Bright's D Programming Language was discussed at length on Slashdot. D is intended to be a successor to C and C++, and has been designed with compiler implementation in mind.

The language overview states that D is not an interpreted or scripting language, it is a compiled language that is designed to be higher level than C++. The language will not require a runtime virtual machine, as does Java and Smalltalk. D is intended to keep much of the C/C++ language look and feel, making it easy to transition to from those languages.

From C/C++, D will keep the compile/link/debug development model, will emphasize exception handling, and will use templates, although the template design will be newly designed. The documentation already contains text about Programming in D for C Programmers and Programming in D for C++ Programmers, making the learning process fairly straightforward.

While keeping many C/C++ features, D will eliminate the preprocessor, and thus include files. Also gone will be multiple inheritance, operator overloading, arbitrary Bit Fields, and support for 16 bit CPUs. Most of this is to simplify the language and eliminate infrequently used features.

One interesting feature of D is the ability to include optional built-in unit test code (go to the bottom): "Unit tests are a series of test cases applied to a class to determine if it is working properly. Ideally, unit tests should be run every time a program is compiled. The best way to make sure that unit tests do get run, and that they are maintained along with the class code is to put the test code right in with the class implementation code."

Another interesting, but slightly quirky feature is that the D compiler allows D language code to be embedded into html files. This allows functional code to be displayed in a browser with special highlighting for better readability, and the same file can be compiled. This feature could allow for some interesting documentation.

The D Programming Language Reference Document provides the complete language documentation as it exists, today. In all, it looks like D could become an important language if it can manage to get beyond the design phase into working code, and can attract a large enough following.

Audio

Ecasound 2.0.2 released. A new version of Ecasound is available. This version features bug fixes, minor improvements, and compatibility with the Gcc 3.0 compiler.

Also on the same site, Brad Bowman has written a Perl module that implements the Ecasound Control Interface.

CORBA

OpenOrb Enterprise Suite 1.2. The ExoLab Group has announced OpenORB Enterprise Suite 1.2, a CORBA 2.4 ORB written in Java. The OpenOrb home page has all of the details. OpenOrb has been released under a BSD license, a commercial OEM/ISV license is also available. (Thanks to Christof Meerwald)

Databases

PostgreSQL v7.1.3 released. A new version of the PostgreSQL database has been announced.

FreeGIS web portal updated. The FreeGIS web portal has been updated and now provides a search engine for finding tools from their database of over 125 applications relating to Geographic Information Systems.

Embedded Systems

Embedded Linux tops developers' 2002 wishlist (LinuxDevices). An Evans study on embedded OS usages shows Linux currently sits 4th behind home-grown solutions, VxWorks, and MS-DOS. "One of the most striking results of the survey is the indication of a dramatic shift away from "home grown" OSes [in 2002], which have traditionally accounted for between half and two-thirds of all embedded systems' OSes. The roll-your-own category practically vanishes in a single year, with much of the slack taken up by Embedded Linux..."

Embedded Linux Newsletter. This week's Embedded Linux Newsletter includes a review of John Lombardo's "Embedded Linux", a study of how Linux is being used in industrial controls, and a look at IBM's TechMobile, a Ford Explorer that runs Linux.

ELC announces new board of directors. The Embedded Linux Consortium has announced its new board of directors. "Five incumbents were re-elected and two new candidates gained board seats. Re-elected are Dr. Inder Singh (chairman and CEO, LynuxWorks); Michael Tiemann (chief technology officer, Red Hat); James Ready (CEO, MontaVista Software); Dan Bandera (business line manager, IBM Pervasive Computing); and Greg Wright (an independent Linux community member). The two new board members are Dr. Kiwon Lee (head of corporate technology operations and executive vice president, Samsung Electronics); and Victor Yodaiken (CEO, FSMLabs). Yodaiken's election fills a vacant position and brings the board to full strength."

Multi-vendor open source set-top box project launches (LinuxDevices). LinuxDevices reports on Linux4.TV, another project to put Linux into a set top box. "An open source set-top box design based on National's Geode system-on-chip processor is said to be available for immediate download. Downloadable software components include Century's WebMedia set-top box front-end application, which provides a video middleware API, and National's enhanced Video for Linux 2 (V4L2) API, which provides features such as alpha blending, VIP, overlay, and picture-in-picture (PIP) support."

Interoperability

Wine Weekly News for August 16, 2001. The August 16, 2001 edition of the Wine Weekly News is out. This edition covers 16 bit printer drivers, navigating through Wine, debugging techniques for Winelib applications, and lots more.

Printing Systems

Updated CUPS Source Distribution. A new source distribution of the CUPS printing system, version 1.1.10, has been released. The release notes document the changes, which include job priority tweaking, support for Dymo label printers and lots of bug fixes. A next-day bug fix release was also released, version 1.1.10-1 fixes a few minor filter and installation bugs.

Omni Printer Driver version 0.40 released. Version 0.40 of the Omni printer driver is now available for download. This release includes drivers for 21 HP LaserJet printers, support for hardware scaling printers, updated Epson Stylus support, and lots of bug fixes.

System Administration

Consolidating Servers Under Linux (O'Reilly). David H M Spector discusses the consolidation of multiple server functions under a single Linux system. "'Server consolidation' is a term that is often used in IT jargon to mean 'we're getting rid of platform X' where 'X' is SPARC, Intel, Hewlett-Packard, or some other unlucky victim of a corporate popularity contest. These days, you should be thinking about a different kind of server consolidation -- how to reduce the number of servers that your company has to support and how to bring more services together on the servers that remain."

Web-site Development

MnoGoSearch 3.1.19 released. Version 3.1.19 of the MnoGoSearch web server search tool has been announced. This is mostly a bug fix release, although it also features content encoding support.

Zope News for August 17, 2001. The August 17, 2001 edition of the Zope News is out. This issue features a new editor, Chris McDonough, and a name change from the Zope Weekly News to just Zope News. This is slightly confusing due to the fact that zope.org also has another Zope News site, hopefully all of that will be straightened out in time. Topics from this new edition include the release of Zope 2.4.0, some security issues, and more.

Zope 2.4.1 beta 1 released. A new version of Zope, version 2.4.1 beta 1 has been released. This version features a number of bug fixes.

Word Processors

Sun releases OpenOffice Development Kit. Sun Microsystems has released ODK, the OpenOffice.org Development Kit. "The ODK is a set of tools, libraries, jar files, header files and idl files which are necessary to develop components for the OpenOffice.org using the OpenOffice API and the OpenOffice.org component technology UNO (Universal Network Objects)." A Linux/Intel version of the kit is available. The licensing information for OpenOffice.org states that it is released under a dual LGPL and SISSL license, SISSL is the Sun Industry Standards Source License.

Miscellaneous

Quick Reference For Choosing a Free Software License (zooko.com). Bryce Wilcox-O'Hearn has published a Quick Reference Guide for choosing free software licenses. If you are uncecided about which license to use for an open-source project, this would be a good place to start.

Section Editor: Forrest Cook


August 23, 2001


Application Links
GIMP
Mozilla
Galeon
High Availability
ht://Dig
mnoGoSearch
MagicPoint
Wine
Worldforge
Zope

Open Source Code Collections
Berlios
Freshmeat
OpenSourceDirectory
Savannah
Le Serveur Libre
SourceForge
Sweetcode

   

 

Programming Languages


C

GCC 3.0.1 Released. Version 3.0.1 of GCC has been released. Changes with this release include numerous bug fixes, and a port to the S/390 architecture. (Thanks to Roberto Bagnara)

Caml

Caml Weekly News for August 21, 2001. The August 21, 2001 edition of the Caml Weekly News has been delivered. Topics this week include a rewrite of David Fox's FFI C interface generator, and FORT 0.3, the Framework for Ocaml Regression Testing.

Java

Study: Java to overtake C/C++ in 2002 (ZDNet). According to a study by the Evans Data Corp, Java developers will outnumber C/C++ developers by early 2002. "The research also shows that Java usage has been rising at the expense of Visual Basic and C/C++." The study also praises Linux as a stable and popular platform for software development.

Embedded Java (O'Reilly). Vincent Perrier examines some embedded Java issues in an O'Reilly article. "Java's strong appeal for embedded applications is sometimes offset by concerns about its speed and its memory requirements. However, there are techniques that you can use to boost Java performance and reduce memory needs, and of course the Java virtual machine you choose affects Java performance, too. You can make better-informed decisions about using Java by understanding the factors that affect its performance and selecting meaningful benchmarks for embedded applications."

Jlouiss java tracer updated. Albrecht Kleine has announced the availability of a new version of his jLouiss Java tracer. JLouiss is licensed under a GPL license.

Lisp

OpenMCL 0.6 released. Version 0.6 of the OpenMCL lisp compiler has been released. This version adds a new foreign type system, different command line argument processing, a new Linux system call mechanism, and more.

Perl

This Week on Perl 6 (O'Reilly). The August 12-18, 2001 edition of the Perl 6 Porters digest is out with coverage of all of the latest Perl 6 development activity.

Gluing C++ And Perl Together. John Keiser has put together a tutorial on binding Perl XS, the Perl native glue, and C++. The tutorial fills in areas that the existing documentation has failed to cover.

Python

Hypercard and Python (O'Reilly). Stephen Figgins takes a look back at the classic Macintosh application Hypercard, and a new embryonic project known as PythonCard. The PythonCard project aims to be a Python based software construction kit that allows GUI development with minimal coding. PythonCard is being released under a Python 2.1 license.

Daily Python-URL. The latest items in the Daily Python-URL include a discussion on Extended HTTP functionality and WebDAV, MySQL performance tuning, the Java Python Extension (JPE), scientific calculations with SciPy, and more.

SCons design document. Based on a design from last year's Software Carpentry Contest, the Python based SCons software construction tool is under design, with an alpha release due out in several months. A design document for SCons has been announced and is open for review.

PyDO 1.0 Object Relational Database Tool. A new version of the the PyDO Object Relational Database tool has been announced. This release works with Python 2.2a1 and features an improved PostgreSQL driver.

Ruby

The latest from the Ruby Garden. The Ruby Garden reports an increasing number of posts to the Ruby-talk mailing list, indicating that the language is catching on. Also, string comparison techniques in Ruby are discussed.

Smalltalk

The latest Smalltalk Chronicles. After a bit of a hiatus, the Smalltalk Chronicles has returned with a fancy new design. This issue includes an interview with Dan Ingalls on the future of Squeak, cranking on real-time physics problems with ElastoLab, The Moose, a Smalltalk environment for re-engineering code, and refactoring patterns.

XML

XML for Data: Four tips for smart architecture (IBM developerWorks). Kevin Williams looks at common XML design mistakes and illustrates how to deal with them in an IBM developerWorks article. For the impatient, here are the tips:

  • Tip 1: If you don't need it, throw it away
  • Tip 2: Don't use XML for searching
  • Tip 3: Don't use XML for summarization
  • Tip 4: Use XML to drive rendering

Miscellaneous

glibc maintainer lashes out at RMS. The release notes for glibc 2.2.4 have been posted, and include some fairly strong anti-Stallman sentiments.

Section Editor: Forrest Cook

 
Language Links
Caml
Caml Hump
Tiny COBOL
Erlang
g95 Fortran
Gnu Compiler Collection (GCC)
Gnu Compiler for the Java Language (GCJ)
Guile
Haskell
IBM Java Zone
Jython
Free the X3J Thirteen (Lisp)
Use Perl
O'Reilly's perl.com
Dr. Dobbs' Perl
PHP
PHP Weekly Summary
Daily Python-URL
Python.org
Python.faqts
Python Eggs
Ruby
Ruby Garden
MIT Scheme
Schemers
Squeak
Smalltalk
Why Smalltalk
Tcl Developer Xchange
Tcl-tk.net
O'Reilly's XML.com
Regular Expressions
   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Commerce page.

Linux and Business


Boxed Penguin. Mekinok Systems Engineering has introduced Boxed Penguin: Instant Infrastructure. This product is similar to those mentioned on the LWN Front page last week, as it takes a particular distribution (in this case Debian GNU/Linux) and adds additional packages to create a complete infrastructure. Open AFS (server and client), Kerberos V5 (kdc and services), PAM (with krb5 and ldap support), Cyrus IMAP with SASL+krb5 support, Postfix, Mailman, and LDAP are all included with the Debian distribution to provide a complete system, right out of the box. Of course it is all free/open source software, available without charge. Mekinok hopes to make money on support.

Caldera to open sources benchmarks, regular expression parser. Caldera has announced it will Open Source the AIM performance benchmarks and the UNIX Regular Expression Parser, along with two UNIX utilities awk and grep. These technologies will be released under the GPL (Gnu General Public License).

LPI-News, August 2001. An news update for the Linux Professional Institute has been posted. Topics include news on Level 2 and Level 1 certifications, LPI in Japan, and LPI at LinuxWorld San Francisco and LinuxWorld Frankfurt.

Lineo Receives $20 Million Investment. Lineo has announced the closing of a strategic investment round of $20 million, including investments from both Sun and Hitachi.

Intel to boost Linux programming tools (News.com). Intel's compilers, due out in September, will be commercial products, not part of GCC, and are aimed at C++ and Fortran developers.

Linux Stock Index for August 16 to August 22, 2001

LSI at closing on August 16, 2001 27.68
LSI at closing on August 22, 2001 26.77

The high for the week was 27.68
The low for the week was 26.55

Press Releases:

Open source products

Distributions and bundled products

Proprietary Products for Linux

Hardware and bundled products

Products and Services Using Linux

Products With Linux Versions

Java Products

Partnerships

Investments and Acquisitions

Personnel & New Offices

Financial Results

Linux At Work

Section Editor: Forrest Cook.


August 23, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Linux in the news page.

Linux in the news


Recommended Reading

Why artists should be using Ogg Vorbis. Daniel James offers some interesting arguments from the perspective of the musician on why artists should be using Ogg Vorbis instead of MP3. Daniel is also advocating the use of The Personal Music License as a means of keeping the musician in the monetary loop when music is sold while allowing the music to be freely shared when it is given away. Ogg Vorbis is an open-source musical compression scheme that is similar to the popular MP3 format. (Thanks to Daniel James)

Ethernet MP3 Player for Linux (MP3newswire). Another MP3 player, the SLiMP3 , based on Linux and designed for network playing is covered in an article from the MP3Newswire.

Dmitry Sklyarov, Adobe, and the FBI (Byte). Jerry Pournelle has written about the Dmitry Sklyarov case. "I predict that if the case ever comes to trial the law will be thrown out, either on Constitutional grounds or on the narrower principle that it is too hopelessly vague to be enforceable. If the matter is ever put to a grownup in the Department of Justice, the only question will be 'How do we get out of this with a minimum of egg on our faces?'"

Arrested Russian programmer thanks supporters (News.com). Dmitry Sklyarov says he's grateful for the world outpouring of support in his trials against the DMCA. "Protests in support of Sklyarov are scheduled outside the hearing in San Jose, as well as later this week and next in Russia, England, San Francisco, Los Angeles, Minneapolis, Boston and even "Black Rock City" in Nevada, the desert site for the annual Burning Man cultural arts festival, according to the statement."

Why Austin TX is considering a Microsoft Enterprise license ( LinuxWorld). The city of Austin, Texas doesn't quite know how to get out of the license fiasco forced on them by Microsoft - pay a big fine, or buy a big contract with lousy conditions. According to one city official: "As the specialty for Linux is servers, and servers make up only 1% of the costs for Microsoft licensing, the financial impact is a fraction of the Microsoft licensing issue. The other 99% of the costs are related to MS Office, MS exchange, Desktop OS, Visio, MS Project, and other products for which Linux does not provide a solution." As author Joe Barr suggests, "Someone needs to tell that to the 400 employees of the City of Largo, Florida."

IBM demos car of the future (CNN). CNN provides a bit more detail on the Linux-based TechMobile from IBM. "Blue Eyes detects movements of the retina and frequency of eye blinks. Using this technology, the alphaWorks team created an alarm system. An infrared camera watches the eyes, and if the system does not detect the eyeballs, it assumes the driver has fallen asleep and an alarm is sounded."

Companies

Why Apple's bass-ackwards Unix approach is the right way (ZDNet). Apple's desktop oriented Unix is a smart play for the company, avoiding the server market entrance most Unix vendors opt for in the long run, according to this ZDNet story. "This tack is a novel inversion of the path of least resistance. Apple could've tried to compete in the workgroup server market--a place where it's had decent success in the past--and worked on the client version of the OS while the server variant established itself. Instead, realizing the desktop was more important, Apple is focusing its efforts there."

Caldera to open source benchmarks, regular expression parser. Caldera has announced it will Open Source the AIM performance benchmarks and the UNIX Regular Expression Parser, along with two UNIX utilities awk and grep. These technologies will be released under the GPL (Gnu General Public License).

HP to sell secure version of Linux (News.com). HP's Secure OS Software for Linux is expected to be officially announced on Wednesday, according to this C|Net story. "The secure Linux product will be available for HP servers or others that pass the qualification tests Red Hat uses to assure a computer can run its latest version 7.1, said Bill Wear, product manager for HP's secure Linux offerings."

When Linux grows up, IBM glad to boot AIX (IDG). IBM is almost ready to boot AIX in favor of Linux, but the community champ has still has some maturing to do yet. "While IBM officials concede that Linux might not emerge as the operating system of the future, the company is ready to back it now with millions of dollars and as many developers as it can find. If these bets pay off, IBM will likely send AIX packing, opting to put a penguin inside every server instead."

IBM to open source WebSphere Linux tools (ZDNet). ZDNet reports on IBM's reported release of WebSphere to open source. "IBM plans to first move all of the tools that developers plug into the Workbench into a shipping product on both Linux and Windows so that all the tools would work on both platforms."

Denver Firm Allows Internet Programmers to Collaborate on Software Projects (Denver Post). The Denver Post covers the Jabber instant messaging project. The article talks about the open source model for developing software projects (Jabber is open source). "To abide by the code of conduct in the open-source world, Durand said Jabber.com puts its proprietary code on the website after a new version of its software is released. Jabber.com even put Miller and three programmers on the payroll so they could continue to write code for the original, nonprofit Jabber.org site."

Penguin Computer lays off 24 percent (News.com). Penguin Computing (not Penguin Computer) cut 25 employees last Friday, according to C|Net.

Red Hat Plugs E-Biz Apps Gap For Linux (TechWeb/Yahoo! News). TechWeb/Yahoo covers Red Hat's e-commerce business rollout. "... analysts agreed with Gold's assessment that midmarket companies are likely to accept the new Red Hat E-Commerce package mostly for cost reasons. The sell-side application, used mostly by retailers or B2B companies selling or managing customer support online, has been tested for reliability and performance by thousands of developers, and its lack of proprietary code makes it cheaper to maintain than other platforms."

Business

Linux: Lusty or Listless? (IT-Director). IT-Director says that it's hard to tell if the Linux industry is getting strong or failing quietly. "We feel that the hype is over. The go-go days have ended and the put-up or shut-up time is here. Linux companies need to come up with an appropriate and viable business model that will allow them to compete."

Linux is ready for the long haul (ZDNet). C|Net interviewed a number of industry analysts to find out what might be in store for Linux over the long haul. Says one Forrester Research analyst: "Hardware firms such as IBM and HP love Linux because it removes OS costs from boxes such as firewalls and Web server appliances. With appliance makers able to take what they need and exclude what they don't, we see a Linux foundation for most computing appliances by 2005..."

Linux making corporate inroads (News.com). News.com reports on the latest IDC study on corporate Linux adoption. "The studies found that 40 percent of the 800 decision makers surveyed in North America and Western Europe are actively using or piloting Linux, and that Linux unit replenishment rates were twice as high as those for Unix."

Interviews

Peace, Love, and Linux (Consulting Times). Caldera's CEO Ransom Love talks with Consulting Times about recent criticisms of his company and defends the need for commercial Linux solutions. "I think you can build on top of GNU, the layers that make it more of a total solution to a specific segment. I don't think you can do it generically, but I think if you know who your customers are you can build an integrated solution that utilizes those resources. You have to play within the rules and you contribute back to the back to the components that you use. That's fine, and that works."

Miscellaneous

To upgrade or not to upgrade (BBC). The BBC looks at alternatives to upgrading Windows on your older hardware. "Despite all the improvements, installing Linux still takes a little technical courage, though the benefits in terms of learning how your machine works can be substantial."

Section Editor: Forrest Cook


August 23, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Announcements page.

Announcements


Resources

A Must-Have Tool (LinuxLookup). LinuxLookup's Tip of the Week looks at using VNC, the Virtual Network Computing open source software from AT&T. VNC allows you to display a remote desktop on a local system, even when the remote and local systems are running different operating systems.

.comment: We're Getting There!. LinuxPlanet comments on GNOME, Red Hat, and package managers. "In due course I was booted to the Gnome desktop. As a longtime KDE user, and an unashamed admirer of that desktop, I found nothing that was sufficiently unusual or different that I couldn't do work at once -- such as writing this column. I do wonder what the point is, because I think KDE is far ahead of Gnome development and otherwise the two are in all important ways virtual clones, but I find nothing particularly objectionable about Gnome..."

Events

Wizards of OS 2. Wizards of OS 2, Open Cultures and Free Knowledge, is an International Conference at the House of World Cultures Berlin coming October 11 - 13, 2001.

Events: August 23 - October 18, 2001.
Date Event Location
August 23 - 25, 2001LinuxWorld Hong KongHong Kong
August 23 - 24, 2001HP World 2001(McCormick Place)Chicago, IL, USA.
August 25 - September 1, 2001The Linuxbierwanderung (Linux Beer Hike) 2001Bouillon, Belgium
August 25, 2001"Linux10" - Linux 10th anniversary picnicSunnyvale, California
August 26 - 30, 2001LinuxWorld Conference & ExpoSan Francisco
August 26 - 31, 2001COMDEX Sucesu-SP Brazil 2001Sao Paulo, Brazil
September 1 - 2, 2001LinuxCertified.com Linux System Administration BootcampCupertino, California
September 2, 2001Erlang Workshop - FirenzeItaly
September 4 - 7, 2001Embedded Systems Conference(Hynes Convention Center)Boston, MA
September 6 - 7, 2001Open Source Health Care Alliance(OSHCA)(The Posthouse Hotel Kensington)London, UK
September 17, 2001XML Information DaysAmsterdam
September 18 - 21, 2001O'Reilly Peer-to-Peer ConferenceWashington, DC.
September 18, 2001XML Information DaysBrussels
September 19, 2001XML Information DaysMunich
September 20, 2001XML Information DaysZurich
September 21, 2001XML Information DaysMilan
September 24, 2001XML Information DaysParis
September 25, 2001XML Information DaysCopenhagen
September 26, 2001XML Information DaysOslo
September 26 - 28, 2001Australian Unix User Group's Annual Conference(AUUG 2001)Sydney, Australia
September 27, 2001XML Information DaysStockholm
September 28, 2001XML Information DaysHelsinki
September 30 - October 4, 2001XML OneSan Jose, California
October 1, 2001XML Information DaysBudapest
October 2 - 5, 2001Federal Open Source Conference(Ronald Reagan Building)Washington DC
October 11 - 13, 2001Wizards of OS 2(House of World Cultures)Berlin, Germany
October 15 - 17, 2001ApacheCon Europe - Canceled.Dublin, Ireland

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

User Group News

LUG Events: August 23 - September 6, 2001.
Date Event Location
August 23, 2001Omaha Linux User Group(OLUG)Omaha, Nebraska
August 25, 2001Consortium of All Bay Area Linux(CABAL)Menlo Park, CA
August 25, 2001AaLUG: Weekend arrangement sammen med ProsaDenmark
August 27, 2001Haifa Linux Club(Technion CS dept. bldg.)Haifa, Israel
August 27, 2001Roseville Area Linux Users Group(roselug)(Nerd Books)Roseville, California
August 28, 2001
September 4, 2001
Kalamazoo Linux Users Group(KLUG)(Western Michigan University)Kalamazoo, Michigan
August 28, 2001FLUG: DNS af Michael NielsenDenmark
August 29, 2001Central Ohio LUG(COLUG)Columbus, Ohio
August 29, 2001Nashville Linux User's Group(NLUG)Nashville, Tennessee
September 1, 2001Twin Cities Linux Users Group(TCLUG)Minneapolis, MN
September 1, 2001LEAP-CF InstallfestOrlando, FL.
September 3, 2001Baton Rouge Linux User Group(BRLUG)Baton Rouge, LA.
September 4, 2001Linux User Group of Davis(LUGOD)(Z-World)Davis, CA
September 4, 2001Missouri Open Source LUG(MOSLUG)Kirkwood, Missouri
September 4, 2001AaLUG: ForedragsaftenDenmark
September 5, 2001Silicon Valley Linux Users Group(SVLUG)San Jose, CA
September 5, 2001KCLUG InstallfestKansas City, MO.
September 5, 2001Southeastern Indiana LUG(SEILUG)(Madison/Jefferson County Public Library)Madison, IN
September 6, 2001Edinburgh LUG(EDLUG)Edinburgh, Scotland
September 6, 2001St. Louis Area Computer Club Linux workshopSt. Louis, MO
September 6, 2001Gallup Linux Users Group(GalLUG)(Coyote Bookstore)Gallup, New Mexico
September 6, 2001UNIX/Linux Special Interest Group of the Dayton Microcomputer Association(DMA office at 119 Valley St)Dayton, OH, USA.
September 6, 2001SSLUG: Hyggemöte på Malmö HögskolaDenmark
September 6, 2001Ottawa Canada Linux Users Group(OCLUG)(Algonquin College Rideau Campus)Ottawa, Ontario, Canada

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn-lug@lwn.net in a plain text format.

Section Editor: Rebecca Sobol.


August 23, 2001

   

 

Software Announcements


Here are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways:

The Alphabetical List and Sorted by license

 

Our software announcements are provided courtesy of FreshMeat

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Linux History page.

This week in Linux history


Three years ago (August 27, 1998 LWN): The short-lived Linux Standards Association had its biggest day in the spotlight when it publicly questioned the validity of the Linux trademark. That move forced the hand of Linus Torvalds and Linux International, and brought about an intervention by the lawyers. The LSA, in the end, backed down and started explicitly acknowledging the trademark.

At that time, trademark acknowledgements were relatively rare. The Linux International site did not have one, and neither did many distributions. After this episode, that all changed. Nobody really questions Linus's trademark anymore.

This was also the week in which the Linux Standard Base (LSB) and Linux Compatibility Standards (LCS) projects merged back together. Current efforts toward Linux standards continue at www.linuxbase.org.

ZDNet chimed in with some Good Old Time FUD:

Technically, Linux might be a reasonable choice, but what kind of company is going to rely on unsupported freeware or something that's supported by two tiny vendors? Rejecting Linux is a straightforward business decision. If it were supported by an IBM or a Hewlett-Packard, then that would be an entirely different matter.

Nowadays, of course, it's an entirely different matter...

Red Herring named Transmeta as one of its top 100 technology companies, even though it had no idea what Transmeta was up to.

Two years ago (August 26, 1999 LWN): Linux-Mandrake celebrated the end of its first year with two "Editor's Choice" awards from LinuxWorld, its first big equity investment, and the launch of its "Cooker" development version. LWN marked the events with an interview with Linux-Mandrake creator Gaël Duval.

Jesse Berst thought that Sun buying StarDivision (creators of StarOffice) was the not the smartest thing he had ever heard of.

Hang on, give me a second? I'm thinking... I'm trying to decide if that's the dumbest idea I've heard this year.

Dumber than Republicans passing off Ken Starr as an independent counsel?
Dumber than Bill Clinton lying about Monica?
Dumber than Ginger leaving the Spice Girls?

Yes, despite stiff competition, McNealy's idea is the dumbest thing I've heard so far.

Two year later, Sun has shown no signs of buyer's remorse, though StarDivision can not be making the company a great deal of money.

Caldera Systems and Red Hat were the first distributors to claim year-2000 compliance for their systems. It seemed important at the time.

Ted Nelson's long-hyped Xanadu system was released as open source this week, after well over two decades of development. It also seemed important at the time.

One year ago (August 17, 2000 LWN): The first round of the DVD case ended, with the MPAA a clear winner. Bad news for free software, especially in the United States.

The previous week's announcement of the GNOME Foundation brought out a rash of GNOME vs. KDE articles. The supposed war seemed to be mostly in the minds of the media, as most developers acknowledged that the competition had improved both desktops.

For a war that supposedly isn't, the battle over open-source desktops seems to be getting bloodier. It's GNOME vs. KDE. And even though many open-source backers are loath to admit the existence of a rift within their ranks on any software development front, sides are being taken and two distinct camps are forming.
-- ZDNet.

The current development kernel release was 2.4.0-test7 and the current stable kernel release was still 2.2.16. vger.rutgers.edu died and was reborn as vger.kernel.org, moving from Rutgers to Red Hat in the process.

Eric Raymond took Linus to task for insufficient software engineering discipline:

I used to worry about what would happen if Linus got hit by a truck. With all respect, I still worry about what will happen if the complexity of the kernel exceeds the scope of your astonishing native talent before you grow up.

One year later, not a whole lot has changed with regard to how Linus manages kernel development. It seems to be holding together, for now...

Debian's "testing" distribution is now one year old. They're still testing it.

Transmeta filed for an IPO. Transmeta (NasdaqNM:TMTA) stock was at 2.76 at this writing.

VA Linux Systems reported revenue of $120 million. The company was still losing money, but was getting closer to profitable. Unfortunately things went downhill from there.

Section Editor: Rebecca Sobol.


August 23, 2001

LWN Linux Timelines
1998 In Review
1999 In Review
2000 In Review
2001 In Review

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 On the Desktop
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Letters page.

Letters to the editor


Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.

August 23, 2001

   
From:	 Peter Schmitteckert <peter@schmitteckert.com>
To:	 ask@eff.org
Subject: DCMA vs. Security patches
Date:	 Tue, 21 Aug 2001 15:53:46 +0200
Cc:	 letters@lwn.net

Dear All,

I'm still dreaming of visiting the US national parks one
day, so I really do not want to break any US laws. 

But two weeks ago I got really puzzled. The notebook of a
friend was infected with the so called CodeRed worm.
My friend then searched the Web and found some patches
to remove the worm. But wait, being able to provide patches
the worm had to be re-engineered. Isn't that a clear violation
of the DCMA ? In addition, Microsoft is providing patches
to circument the effect of CodeRed, isn't that another
violation of DCMA. Thinking more about it, aren't all the
anti-virus software products illegal under DCMA ?
Well I'm lucky, I never had to remove worms or viruses from system
since DCMA was passed by legislation. But if I'll have to,
will I be arrested on my next trip to the states ?

O.k., I don't know the law precisely, so maybe you tell me,
that DCMA doesn't apply to criminal software ? But then there
is no reason to arrest Dmitry, since ADOBE was lying to their
customers -- saying ebooks encryption is strong --, so they are
criminals (suppose I sell you an air plane claiming that it is safe,
and your family dies because it isn't, won't you call me a criminal?
Of course, you would).

Could someone please correct me if I'm wrong?

Thanks in advance,
best regards,

Peter Schmitteckert

________________________________________
Dr. Peter Schmitteckert / IT-Consulting
s-mail:	Fridolinstr. 19, 68753 Waghäusel
Web:	http://www.schmitteckert.com
e-mail:	peter@sch_______ert.com

   
From:	 Richard Simpson <rsimpson@ewrcsdra.demon.co.uk>
To:	 letters@lwn.net
Subject: The reach of US laws?
Date:	 Thu, 16 Aug 2001 19:09:33 +0100

Sir,

In your 16th Aug letters page Bryan Henderson wrote:

> it's well established, and makes sense, that you can violate
> US laws while standing on a foreign shore.  Placing drugs on a ship bound
> for the US is a classic example.  Putting a program onto a network that
> reaches into the US isn't much of a stretch from that.

The problem with this view is that many Americans seem to feel that it should 
only work one way.  A hypothetical example might help:

Ali is a 2nd generation US citizen and a keen homebrewer (i.e. he brews his 
own beer).  In most US states this is legal provided the results are for home 
consumption.  He runs a homebrewing web site with recipes, tips, 
reviews, homebrewing jokes etc.  Since he speaks English and Arabic his web 
site is in both languages.  One day he decides to visit some relatives who 
live in Saudi Arabia.  On arrival the Saudi police arrest him because his US 
based web site breaks Saudi law.

Now, if this happened would your US readers;

a) Feel that this was perfectly reasonable and that Ali deserved to spend 
years in a Saudi jail, or

b) Feel the same sense of anti-imperialist rage that many Europeans feel 
towards the USA?

Note to Saudi readers:  I am not suggesting for one moment that your 
government would actualy behave in such an unreasonable manner.

Richard Simpson

-- 
----------------------------------------------------------------------------

Richard Simpson
Farnborough, Hants, Uk                 Fax: 01252 455596
rsimpson@ewrcsdra.demon.co.uk
   
From:	 "Bruce Ide" <ide@us.ibm.com>
To:	 letters@lwn.net
Subject: Xerox firmware update
Date:	 Thu, 16 Aug 2001 08:32:16 -0600

You said: "Xerox has a firmware upgrade available for N40 printers which,
it seems, do not handle Code Red scans well. of course, one could question
the wisdom of putting a network printer in a place where it is exposed to
Code Red attacks in the first place."

What, you mean on a network? Code Red has been playing holy hell on our
internal network for a few weeks now. The only place where you're safe from
code red scans is completely off the network. All it takes is for one
employee to get his system infected while surfing the net at home and then
all he has to do is fire up the VPN software that routes his network
connections into the company's network and you've got a problem. A big
problem as it turns out.

Of course what with your network having multi-day outages and dramatically
reduced performance, you'd think printers would be a relatively small
concern, but I guess someone has to worry about them...

--
Bruce Ide / Boulder
T/L 263-4452 / Outside (303) 924-4452

"So you see, with Automatic Volume Recognition your operators can pre-mount
labelled tapes on any online tape drive and they'll be allocated to the
correct jobs. But this doesn't mean you can hire CHIMPANZEES to run your
systems!..."
- IBM Instructor, "Introduction to System/360," Circa 2Q 1966


   
From:	 "George B. Moody" <george@mit.edu>
To:	 letters@lwn.net
Subject: LWN Daily Updates
Date:	 Tue, 21 Aug 2001 22:23:21 -0400

I was amused to read (in "Adding a new dimension to the desktop with 3Dwm")
that "3 dimensional desktops are still quite a few years away from the
common man, but work steadily progresses on at least one project in this
arena: 3Dwm."

I don't mean to brag, but I've had one of these 3D desktops for years.  I
don't have a file manager for it any more (I could never get those clips to
stay in place), but it supports SFS (the sedimentary file system), a
telephone interface, a clipboard, and there's a recycling bin beneath. :-)

Cheers and keep up the good work!
George
   
Eklektix, Inc. Linux powered! Copyright © 2001 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds