Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsLinux in the schools. Red Hat CEO Matthew Szulik lectured LinuxWorld attendees on the importance of getting Linux into the public schools. One might argue that his position is a little self-interested, but, in truth, he has a point. The Linux community should be working at getting free software into schools worldwide. The effort will benefit both our children and free software. One can come up with a number of reasons why the schools should be running free software. Often it is simply the best alternative available. Schools do not need to hassle with daily crashes and ongoing security problems. What they need is stable software that runs on modest, perhaps ancient hardware and provides the capabilities that students need. For much of what's done in schools now, Linux is more than adequate. The financial justification for scholastic Linux requires little argument. Public schools seem to operate with a chronic cash shortage; it makes little sense for them to pour large amounts of money into proprietary software licenses. Schools also should not have to deal with Microsoft software audits and other such indignities; they should be putting their efforts into teaching our children. But the real reason to put free software into the schools is to teach our children about software freedom and taking control of our computers. Children who have seen how free software works are likely to remain interested in using it later in their lives. After all, going back to proprietary software after using the free variety is usually not very much fun. Going back to licensing hassles, corporate release schedules, and black box software after experiencing free redistribution, collaborative development, and total control can be intolerable. Children who experience free software in the schools will turn into some of its strongest advocates later in their lives. Besides, some of those school kids will probably send in some great patches. Of course, there are some obstacles to massive deployments of Linux in the schools. Many schools have already built infrastructures around proprietary software; school networks are often run by fairly conservative people who are not inclined to tear things out and start over again. Convincing them to give Linux a try could be hard. Then, there is the lack of high-quality educational software. There is a whole class of software for tutoring, drilling, and entertainment of students that is simply not available for Linux. Until more software is either written or ported, Linux systems will be unable to perform a number of tasks in the classroom environment. One thing that would help in the solution of both problems would be a higher level of hacker interest in school deployments. The number of educational projects is low; KDE has a short educational software listing; GNOME has no educational category at all. Neither desktop project appears to have an organized educational effort. A look at SourceForge's educational category turns up a more encouraging 581 projects, but only 66 are listed as being production-ready. Clearly there's some hacking to be done still. Free software advocates also have not, as a whole, made school deployments a priority. It will be interesting to see how that changes as more free software developers get older and start having children. Having your children complain that they cannot produce a Word-compatible report tends to get your attention. Children are the future, and they will have a large effect on the future of free software as well. The sooner the two are brought together, the better it will be. (See also: the SEUL/edu page for a comprehensive listing of educational software, regular reports, and more. Update: Thanks to Bill Soudan for pointing out the KDE Edutainment Project and the kde-edu mailing list, of which we had been unaware.) More hard times. In case anybody still needed a confirmation that we are in a different and difficult economic climate, consider the following developments:
Seen together, that's a disturbing pile of bad news. The shutdown of AppWatch suggests that there is not room for more than one large free software directory on the net. After all, one presumes that CNet knows how to keep a web site going. The SuSE bailout says something similar: might there truly be room for only one large Linux distributor? In some ways, the shutdown of the NOW project is the scariest of all. If the Linux community is unable to fund and sustain long-term development projects, where will it be in a few years? Of course, that view is overly pessimistic on all counts. We are in the middle of an increasingly severe economic downturn; of course there will be consequences for Linux businesses just as there is with all other computing sectors. The easy money boom period of the last 1990's made the problem worse by funding businesses that never had a serious chance at success before their bubbles burst. Still, it is a difficult today even for well-run companies with solid business plans to find profitability. This, too, shall pass. When it is over, Linux will still be there, getting stronger, and attracting more users. That much is easy to predict. The success of Linux says little for the prospects of any individual Linux company, however. The Linux business community will certainly see more changes before things pick up again, and they will not all be pleasant. GFS is no longer free software. The Global Filesystem (GFS) is a clustered filesystem developed by Sistina. It is meant for the implementation of high-performance, high-availability filesystems on "storage area networks." It has long been available under the GPL, and was considered as a candidate for inclusion into the Linux kernel if and when the 2.5 series comes into existence. That was until version 4.2 came out under the new "Sistina Public License." This license looks somewhat like a free software license, in that source is available. The similarity ends there, however. Redistribution requires that a license fee be paid to Sistina; one must also pay if GFS is used to offer a commercial service, even if the software is not redistributed. The SPL is certainly not a free software license. It has more of a "shared source" smell to it. One can certainly argue that Sistina, as the copyright holder, has the right to change the licensing on its code. It is yet another business that is trying to find a way to make money, after all. One would think that only those who think that proprietary software should be illegal would complain about this license change. It is not quite that simple, though. GFS, after all, must be linked into the Linux kernel to be useful. And linking GFS is not just a matter of inserting a binary module; it requires some extensive patches to the kernel source itself. By reaching past the module interface, GFS exceeds the GPL exemption granted by Linus to binary modules. With the 4.2 release, Sistina has separated the kernel patches into a separate, GPL-licensed file, but that is unlikely to satisfy many people. There is already a challenge out there: Alan Cox believes that GFS violates his copyright, and has sent Sistina a letter to that effect. If they were simply doing a non-free release that used existing kernel API's I'd be annoyed but not bothered, as it is they seem to be doing dirtier things and more blatantly than any company before. I'm hoping they will resolve this sensibly, we shall see. A few days have passed, but Sistina shows no signs of budging. Meanwhile, the OpenGFS project has started up, using the last GPL release of GFS as a starting point. Sistina may well find itself in a position similar to that of SSH Communications Security - a free version of an early release could overtake its more recent, proprietary products. See also: the Sistina Public License FAQ. Dmitry Sklyarov update. The Sklyarov story is moving into a slower mode as the U.S. Justice system grinds along. A few developments:
Inside this LWN.net weekly edition:
This Week's LWN was brought to you by:
|
September 6, 2001
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Security page. |
SecurityNews and EditorialsTrouble with Apache SQL authentication modules. The Apache web server supports several modules which can perform user authentication from a relational database. They are certainly widely used; a site does not have to grow very large before the classic htpasswd mechanism becomes unusable. So this advisory pointing out "SQL insertion" vulnerabilities in several of these modules is worthy of some concern.SQL insertion happens when a hostile user, through a clever request to the web server, is able to pass arbitrary SQL code through to the underlying database. This code can disclose or modify data, or corrupt the integrity of the database in a number of ways; it can also, usually, be used to allow unauthorized access to the web site. This type of vulnerability comes about as a result of the combination of inadequate checking of user-supplied data and the passing of that data across module boundaries. It is an easy sort of mistake to make, and it is certain that numerous other, database-driven web applications have similar vulnerabilities. Fixing this sort of problem is relatively easy, once the programmer thinks of it. A "white list" of allowed characters filters out most such attacks without trouble. But, when passing user strings between modules, filtering in one module can require a knowledge of what strings can cause problems in the other. This kind of knowledge goes against the information hiding techniques that are usually seen as good, modular programming. As a result, programmers can be surprised, even if they are thinking about properly sanitizing user-supplied data. As applications become more component driven, the chances are that this sort of cross-module interaction will be seen more often. Security is hard, and it's not getting any easier. The X.C worm is apparently loose. This work takes advantage of the buffer overrun vulnerability in telnetd (see updates, below) to infect new systems. So far, this worm does not appear to have caused a lot of problems; many systems are no longer running telnet services, and, hopefully, most of those that still do have applied the updates. Nonetheless, for those who are concerned, a X.C discovery and removal tool has been made available by William Stearns. Security ReportsA security audit of xinetd. Solar Designer has performed an extensive audit of xinetd looking for certain types of security vulnerabilities. So many problems were found in the code that the resulting patch weighed in at over 100KB. This patch was only fully merged as of xinetd 2.3.3. The patched xinetd will certainly be safer, but Solar Designer's disclaimer is worth noting: To summarize the results, xinetd may be reasonably safe to use with these patches, but the code remains far from clean and certain bugs are there by design.
Distributor updates seen so far include: Fun with Bugzilla Users of the Bugzilla bug tracking system should upgrade to the new 2.14 release, which fixes several security holes. The worst of these vulnerabilities could lead to the disclosure of "confidential" bugs, or the compromise of the Bugzilla server as a whole. A new lpr vulnerability. A new buffer overrun vulnerability in lpr has been reported. This time around, an attacker crafts a special, incomplete print job; a subsequent request to view the printer queue causes the overrun to happen. The advisory only mentions BSD systems, but numerous Linux distributions run BSD lpr as well. Stay tuned for updates... An HTML injection vulnerability with gnut. The "gnut" Gnutella client is vulnerable to the injection of arbitrary HTML (including scripts) if a hostile user shares a file with HTML tags embedded in its name. This bug is compounded by the fact that gnut, apparently, loads a lot of files from the local drive; browsers impose fewer security restrictions in this situation. Upgrade to gnut 0.4.27 for a fix. POP3Lite message processing vulnerability. The POP3Lite POP server fails to escape leading dots in mail messages, opening it up to denial of service attacks and the creation of untraceable forged messages. Upgrading to version 0.2.4 fixes the problem.
SuSE updates screen. SuSE has issued a security update to screen fixing a local
root exploit vulnerability in that package. It seems that, if screen is
installed setuid root, a clever user can engage in some /tmp
trickery to get root privileges. SuSE's fix deals with the problem in the
code, and also removes the setuid bit. That, in turn, reduces the
functionality of screen slightly; see the advisory for information on
whether you might need to restore the setuid bit after applying the
update.
web scripts.
Proprietary products. The following proprietary products were reported to contain vulnerabilities:
UpdatesBuffer overrun vulnerabilities in fetchmail. (Found by Salvatore Sanfilippo). Two buffer overrun vulnerabilities exist in the much-used fetchmail program. Given a hostile server, arbitrary code can be run on the system running fetchmail. The solution is to upgrade to fetchmail 5.8.17. See the August 16 Security page for the initial report. Previous updates:
Previous updates:
This week's updates:
Previous updates:
Multiple vendor telnetd vulnerability. This vulnerability, originally thought to be confined to BSD-derived systems, was first covered in the July 26th Security Summary. It is now known that Linux telnet daemons are vulnerable as well.
This week's updates: Previous updates:
Buffer overruns in Window Maker A buffer overrun exists in Window Maker which could, conceivably, be exploited remotely if the user runs a hostile application. This problem initially appeared in the August 16, 2001 LWN security page. New updates: Previous updates:
Previous updates:
ResourcesThe LinuxSecurity.com Weekly Newsletter for September 3 is available.EventsComputer Security Mexico will be held November 24 to 30 in Mexico City. The call for papers has been issued; with submissions being due by October 12.Upcoming Security Events.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Jonathan Corbet |
September 6, 2001
LWN Resources | |||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Kernel page. |
Kernel developmentThe current kernel release is still 2.4.9. The latest prepatch from Linus is 2.4.10-pre4, which was released on September 3; it contains the usual array of fixes and updates. Also included is a new set of functions for access to the PCI configuration space; how this access is done has changed somewhat, but the API visible to drivers and such remains the same. A large PowerPC update is also part of this patch. Linus has kept a relatively low profile on linux-kernel since this patch came out. Alan Cox's latest is 2.4.9-ac9. It contains a merge of 2.4.10pre4 and many more changes, including a set of knobs for virtual memory tuning, a new MODULE_LICENSE tag (see below), a big PowerPC-64 merge, and more. Andrea Arcangeli has released 2.4.10pre4aa1, which contains some direct and raw I/O fixups and User-mode Linux. License tagging in modules is now a part of the "ac" kernel series. A new macro has been added, and all loadable modules should specify their licensing with a line like: MODULE_LICENSE("GPL");The next version of the modutils package (and the insmod command in particular) will complain when presented with modules that lack the license metadata. People who maintain modules will probably want to add these tags soon. Some people have, reasonably, asked what the purpose of this information is. The answer is that there's a few things one could do with licensing information; for example, one can imagine a tool that verifies that a particular system is running only free code. The Lineo GPL Compliance Toolset could make use of this information. The real purpose, however, is that Alan Cox is tired of receiving bug reports from people who are running proprietary modules in their systems, and wants an easy way to throw them out. Unfortunately I get so many bug reports caused by the nvidia modules and people lying when asked if they have them loaded that some kind of action has to occur, otherwise I'm going to have to stop reading bug reports from anyone I don't know personally. In other words, the loading of a proprietary module will "taint" a running kernel, and greatly reduce the user's chance of getting help from the core kernel hackers. This has always been the case; the only change is that it has, evidently, become necessary for the kernel to track its own taintedness. This tracking will happen via a sysctl flag like /proc/sys/kernel/tainted; the loading of a non-GPL module (or one lacking license information) will cause that flag to be set. Once set, the tainted flag can not be reset without rebooting. The tainted flag will be printed whenever the system panics, and post-mortem tools (i.e. ksymoops) will recover it as well. So anybody trying to track down a kernel problem will be able to see quickly if proprietary modules have ever been loaded. Of course, if users lie about which modules they load, they could conceivably mess with the tainted setting. But people aren't too worried about that happening; most users who would be able to do that are probably not the type who actually would. And, besides, as Alan points out, in the U.S. such an act could be seen as defeating a digital rights management scheme, and subject the guilty party to a five-year prison sentence, plus extra for conspiracy... The case of the conflicting block ioctls. How do you access the last sector on a odd-sized disk? The Linux kernel (normally) likes to deal with a 1K block size, which (normally) gets mapped into two contiguous, 512-byte sectors on a disk drive. But, if the drive contains an odd number of sectors, this scheme leaves the last sector unreachable. That is not normally considered to be a big problem; one missing sector does not make a very large dent in the capacity of a modern disk drive. It turns out, however, that the IA-64 architecture has defined a new partitioning scheme which stores a copy of the partition table in the last sector on the disk. With this scheme, it matters if that sector is not reachable - there is no way for an administrator to change the partition table when running under Linux. This kind of limitation can lead administrators to do irrational things, like install Windows. Clearly a fix was required. So, back in February, Michael Brown created a new ioctl call specifically to provide access to the last sector on a disk; that call is now part of the IA-64 port. It is not, however, to be found in the mainstream kernel at this time, which is part of the problem. Ben LaHaise, meanwhile, needed an ioctl call that would retrieve the size of a device as a 64-bit quantity - disks are getting big, after all. So he put together a patch with the new ioctl call. Part of his patch was to the ext2 utility programs; that patch was accepted and distributed as part of the e2fsprogs distribution a little while back. The problem: both new ioctls needed a new ioctl number. The block I/O ioctl numbers are defined in linux/fs.h, and it is a natural thing to do to pick the next one in series. There is no central registry for these ioctl numbers other than the source itself; if you have not put in a patch reserving a given ioctl number, it's not really yours. Unfortunately, Michael Brown did not put in any such patch. Ben LaHaise also failed to do so before (accidentally) getting the ioctl number included in the e2fsprogs distribution. Of course, both chose the same number. This week, Ben put in a patch to reserve the number for his ioctl. His reasoning: renumbering the IA-64 ioctl will be less disruptive than changing e2fsprogs. He also believes that the ioctl is the wrong solution to the problem; it should have been fixed for all systems in the general block code, rather than being an IA-64-specific ioctl. Michael has also sent in a patch trying to reserve the same ioctl number. Just asking for a number is not enough, though, as can be seen from Alan's reaction to Michael's patch: Rejected. I still think this is an ugly evil hack and want no part in it Ben, meanwhile, gave up on the old ioctl number and put in a new patch using a higher number. That one, too, turned out to be problematic, causing BLKGETSIZE64 to move up one more time... A new 64-bit PCI interface has been posted by David Miller. This iteration is different from previous versions in that it looks a lot more like the standard, 32-bit interface. All of the pci64_ calls have gone away, and the dma_addr_t type can be used in all drivers again. There is a new set of pci_dac_ functions for drivers needing (and able to support) a 64-bit DMA space. It has been pointed out that the PCI interface still lacks one important capability - peer-to-peer DMA transfers. There are situations where it would be helpful to move data directly between two PCI devices; for example, moving an image from a video capture device directly to video memory. There is some interest in supporting this sort of operation; an API will likely be developed in the near future. Page aging is broken? Much work is going into the improvement of the virtual memory system in 2.4 - one of the biggest remaining problems. It would be hard to summarize everything here, but one development stands out: Jan Harkes has discovered that the page aging algorithm in the kernel does not work at all. Page aging is the process of tracking the usage of pages in memory in the hopes of identifying those which have not been used in the longest time. The "oldest" pages are the first candidates to throw out when memory is tight. The 2.4 kernel, however, is aging pages so aggressively that almost all pages on the system look ancient. So a significant part of the VM system is essentially inactive, and nobody noticed until now. Alan Cox responded with a claim that the "ac" series has better VM performance due to a more disciplined approach to VM patches. Jan Harkes pointed out that the "ac" series has serious page aging problems as well. "I guess it is just more carefully papering over the existing problems." The solution, according to Rik van Riel, is to be found in the "reverse mapping" patch that he is currently working on. The current page aging scheme looks at virtual memory, via process page tables. It would be far more efficient to look at physical memory, since that is, in the end, the resource that is being managed. But it is currently difficult to find the page tables that reference a given physical page. Once reverse mapping is in place, a lot of page aging (and VM in general) problems should become easier to manage. Of course, reverse mapping looks like a fairly serious patch to be considering for the 2.4 stable series... (Those interested in trying out the reverse mapping patch should look at this posting for the latest version and a changelog). Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
September 6, 2001 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsEmbedded Distributions in the news. Embedded Linux is hot stuff right now. Now that Linux has a strong foothold in the server market, the embedded market is the next obvious target and bundled tools, such as Red Hat's Embedded Linux Developer Suite (covered on this week's Development page), will make all the difference between a superior OS and a superior OS that gets used. Consider MontaVista Software's announcement of VisualAge Micro Edition 1.4 (VAME) for Hard Hat Linux 2.0. VAME is a development and deployment solution from IBM/OTI, used for building multi-modal Java applications and the embedded devices that run them. This package combines the J9 Virtual Machine and Hard Hat Linux. Having your embedded OS run on more platforms is always helpful as well. To that end MontaVista and Tensilica disclosed a technical and marketing agreement that puts Hard Hat Linux on to Tensilica's Xtensa processor architecture. The Xtensa platform has a configurable processor core so the devices which could be built would have more flexibility than the average embedded device. MontaVista Software Hard Hat Linux support for Tensilica's Xtensa processor architecture will be available in second quarter 2002 and will be included in Hard Hat Linux Professional Edition. LynuxWorks Inc. also understands this as can be seen in this announcement of a new series of "bundle options" to include service and support with enhanced tools for the BlueCat Linux operating system platform. At the core of the bundle options is LynuxWorks BlueCat Linux 3.1, which supports architectures including Intel IA-32 and XScale micro-architecture, MIPS, ARM family (including Thumb extensions), StrongARM, PowerPC (including PowerQUICC) and Hitachi SuperH. REDSonic is expanding into the industrial control and automation market. Soon REDICE-Linux will be running a variety of automation projects. Distribution NewsDebian News. The Debian Weekly News for September 3 reports on German use of Debian by professionals with Linux experience and incompatibilities with Red Hat C++ binaries. Anyone interested in integrating Kerberos into Debian should probably join this mailing list. The Kernel Cousin Debian Hurd #105 For 28 Aug discusses available jobs and fixing stat, CD GRUB extras, Hurders Unhappy As Lookup Of "" Must Fail (differing symlink semantics), and other topics. Mandrake News. This week's newsletter from Mandrake-Linux (issue #12) covers updates in Mandrake 8.1 Beta 2, the U.S. Air Force's use of Mandrake for public Internet access, and MacWorld coverage of Mandrake for the PPC. The Mandrake Cooker Weekly News - September 3rd, 2001 contains the latest news about Mandrake Linux 8.1 (Raklet) beta (bugs found and why two betas); Cooker is frozen - new versions and features are banned from cooker, now its just bug fixes and more testing; there are tips on reporting bugs; and more. OpenBSD drops qmail, djbdns. Those of you who enjoy licensing flamewars may want to wander into this incendiary discussion on the OpenBSD list. It seems that OpenBSD has dropped Daniel Bernstein's software due to licensing concerns - the same concerns that have kept qmail and djbdns out of most Linux distributions as well. (Found on LinuxFR.org). Minor Distribution updatesCoyote Linux. The primary archive for Coyote Linux is being changed from ftp.vortech.net to ftp.coyotelinux.com. ttylinux. ttylinux released version 1.12 on August 31. See the ChangeLog for details. Section Editor: Rebecca Sobol |
September 6, 2001
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's On the Desktop page.
|
On The DesktopHancomLinux merges with theKompany. Hancom announced the merger of its product line with long time KDE stalwart theKompany. Shawn Gordon, CEO and founder of theKompany, was appointed the CEO of the U.S. division of the combined operations, to be known as HancomLinux, USA. Gordon is currently staffing the new Orange County offices of HancomLinux USA. "The word processor started out as a Windows application which was ported via Wine initially," said Gordon during a LinuxWorld interview with LWN.net. "The other applications, as I understand it, were written directly for Qt. The word processor has now been ported to Qt, though it's still beta quality right now." All of theKompany's products, which include the Visio-like Kivio and the PIM application Aethera, have been ported to the new Qt3 windowing toolkit. That makes them readily portable to Windows and the Mac, along with Linux. But Hancom's products still require porting to the new widget set. "We plan on starting that process next week with the completion scheduled for a November release," said Gordon. HancomOffice 2.0 will include the standard word processor, spreadsheet, presentation graphics and raster graphics tools along with a flowcharting tool, database management package, web page designer and PIM (Personal Information Manager). theKompany brings their Aethera PIM product, renamed as QuickSilver in HancomOffice 2.0, to the table in this deal, along with Kivio (flowchart tool). With a complete package like this, KDE becomes more attractive to desktop solutions providers. Despite GNOME's strong design and energetic development effort, it still lacks production level applications of this nature. HancomLinux, which has approximately 80 employees in 3 locations, was formed in 1999 to take the Linux product line from Korean software company Haansoft. Haansoft has been the reported market leader in the word processing market in Korea with an estimated 83% share in 2000. We'll be posting the full interview with Shawn Gordon later, after some of the post LinuxWorld dust has had a chance to settle here. Desktop EnvironmentsKDE wins 'Best Open Source Project' at LinuxWorld. KDE dot News reported that the KDE project won the "Best Open Source Project" award at LinuxWorld. KDE was well represented by both developers and the KDE League, which helps promote the environment. A summary of the event for KDE has been posted, along with a fair number of related images. KMail 1.0.x, 1.1 billionth second problems. KMail users take note: versions prior to 1.0.29.x of this email package will stop working and cause mail folder corruptions on September 9th! Users of version 1.0.29.x will only lose functionality, but no folders will be damaged. The problem stems from improper handling of the billionth second of Unix time, which started officially on January 1st, 1970. It is, essentially, a minor Y2K of Unix time, though this is the first instance of a known problem stemming from this magic date. Interview With KDE's Konqueror Team (OSNews). OSNews is running an interview with the Konqueror development team. "No, the goal is to make Konqueror as fast as Galeon, and preferably even faster, without stripping it down. Any stripping down would have to happen in Konqueror (which provides the user-interface) because KHTML only provides the rendering engine, there is little that can be stripped from the rendering engine without sacrificing standards compliance." (Thanks to Stéfane Fermigier). KC KDE Issue #21. The latest Kernel Cousin KDE is out. This issue is devoted to the events surrounding the start of KDE3 development and the Qt3 porting efforts. This week's GNOME Summary. The GNOME Summary for September 1 is available. It covers the GNOME Accessibility Framework release, Sun's desktop division, and more. GNOME 1.4.1 Beta 2. Another beta of the upcoming 1.4.1 point release for GNOME has been announced. GNUstep Community site. The GNUstep project has a new web site. The site is expected to have a new user oriented editorial each Friday helping end users make use of the evolving environment. Xfce news. A new release of XFce was announced last week. The new version, 3.8.7 adds a few new features like disabling user configuration options (for use in kiosks and set top boxes, for example) and fixes numerous bugs. In other XFce news, the XFce developers agreed to drop their file manager, known as xftree, in favor of an independently developed file manager known as ROX filer. Office ApplicationsSun shows new version of StarOffice (News.com). News.com looks forward to StarOffice 6.0. "But the current version, 5.2, has been roundly criticized as a large and sluggish product. By default, the program tries to take over many desktop functions, coming with its own 'Start' button and file browser, and all its programs load at once. Version 6.0 will break these programs into individual applications that can run independently, said software demonstrators at the LinuxWorld Conference and Expo where the software has been demonstrated this week." Is StarOffice ready to take on Microsoft Office? (ZDNet). This article on StarOffice is mostly targeted at the Windows platforms but is still relevant to users of StarOffice on Linux. "China views Microsoft's desktop dominance with suspicion, raising the possibility that it will adopt Linux or even StarOffice on Windows. Microsoft's recent increase in licensing fees has inadvertently helped make StarOffice more attractive to Latin America and also to extremely budget-conscious organizations." Desktop ApplicationsMacGIMP reviewed. GIMP for MacOS X was reviewed this week by MacWrite.com. "As possibly the first packaged application for Mac OS X, MacGIMP opens up a new chapter in OS X's fresh history. It may well usher in a host of X11 applications meant to run locally on your Mac. This one also uses the X Window System very effectively, and sets a benchmark for other applications to reach for." (Thanks to GIMP News) Appgen, Macmillan to launch Moneydance 3.0 and MyBooks 5.1 for Retail Vision. Are these Linux based retail editions? Yes, they are. Review them a little. GNOME applets 1.4.0.4. A new release of the GNOME Applets package was announced this past week. The GNOME Applets are a series of small applications such as clocks, file browsers and sound mixers that can be embedded in GNOME Panels. This is mostly a bug fix release. And in other news...Another new Linux-based Korean PDA expected soon (LinuxDevices). LinuxDevices.com previews an upcoming Linux PDA, complete with picture. "The new PDA's application software includes PDA PIM (Personal Information Management) applications, Internet functions (web browsing, email, etc), and extensive multimedia capabilities (players for MPEG, MP3, etc.). A Korean-English dictionary and several games are also included with the device." gdkxft 1.1 released - Anti-Aliased fonts for GTK+ 1.2. Within days of the 1.0 release, a 1.1 release of gdkxft has been announced. This package permits existing GTK+ 1.2 applications to incorporate anti-aliased text rendering in their widgets without recompiling the application. This works only with dynamically linked applications, of course. There are varied reports of success with this and the primary web site for the project presents an ominous disclaimer: A botched install of gdkxft has the potential to make your X configuration unworkable. Note that gdkxft only works with XFree86 4.x, with 4.1 recommended. GTK+ 1.3.7. Owen Taylor posted a note for the release of GTK+ 1.3.7, a developers version of the pre-GTK+ 2.0 series. This one still has lots of bugs, so only developers wishing to learn more about what 2.0 will be like or who are interested in working on GTK+ itself should take the plunge. Section Editor: Michael J. Hammel |
September 6, 2001
| |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Development page. |
Development projectsNews and EditorialsRed Hat's Embedded Linux Developer Suite. Following a relatively quiet week at LinuxWorld, Red Hat announced a new offering this week: the Red Hat Embedded Linux Developer Suite. The suite includes an embedded version of Red Hat Linux, the gcc cross-development tool suite, an embedded boot loader, and the usual set of associated services. Support is provided for several processors. Red Hat recently announced a number of other initiatives including an e-commerce offering and a PostgreSQL based database package. But their foray into the embedded Linux marketplace, ignoring their eCOS alternative, has been rather minimal up to this point. Red Hat has supported the tools essential to embedded work (i.e. gcc, binutils, and glibc), but as avoided the creation of its own embedded distribution. One of the few bright spots of late for computing has been the embedded space, which Linux vendors have nearly saturated. Vendors such as MontaVista, Lineo, LynuxWorks and RidgeRun already market Linux based distributions for embedded systems. The question is whether Red Hat can use it's relatively well known name to power its way into a growing but well seeded arena. Red Hat's advantages, of course, are its long experience (by way of Cygnus) and its high-profile name. Given those, the company may just be able to muscle its way into the embedded distribution market, despite a late start. Research Triangle Park, N.C. based Red Hat is expected to ship the new embedded product sometime in October. Mozilla leader laid off from Netscape. Mitchell Baker, lead wrangler of Mozilla.org, was laid off last Thursday from Netscape (or rather AOL's Netscape Division). Her personal notice to the Mozilla project members states that while she is no longer with Netscape, she intends to remain active with the Mozilla project. There have been unconfirmed reports that this may be have been part of a larger layoff, which spawned rumors that it was all part of Netscape's earlier announcements stating that company's intent to exit the browser market. However, as of press time, LWN.net has been unable to confirm the larger layoff reports. A brief notice was posted to Bugzilla noting Baker's departure, but there has been little added discussion there. Users of Bugzilla have requested that visitors not burden the server looking for what isn't there. The story didn't escape Slashdot's faithful. One feedback post says Baker was fired from Netscape, though Mitchell's own account says her position was eliminated. Requests for comments on this situation from various Netscape and Mozilla members has produced no additional information as yet, though we're still looking into the matter. It should be pointed out - though it shouldn't need to be - that even if AOL/Netscape were to completely eliminate all staff actively working on Mozilla, the project wouldn't die. Therein lies the beauty of open source. The company need not continue the financial burden of such a project, but the project need not be held hostage to corporate whims or economic downturns. Well wishes go out to Baker and any other ex-Netscape Mozilla contributors with hopes that they'll land on their feet in short order. LSB Filesystem Hierarchy Standard 2.2 test suite. The LSB Filesystem Hierarchy Standard 2.2 test suite is now available. The FHS, of course, specifies where files should be located in a Linux distribution as part of the Linux Standard Base. This test suite may be used to verify a distribution's compliance with version 2.2 of the FHS. Embedded SystemsA walk on the embedded side . . . of LinuxWorld SF 2001 (LinuxDevices.com). Rick Lehrbaum of LinuxDevices.com says embedded Linux is on the rise as he takes a walk on the embedded side of LinuxWorld. "In the past, Embedded Linux products and technologies accounted for roughly 10 percent of what was showcased at LinuxWorld. At this show, the Embedded Linux fraction seems to have increased to around 15-20 percent. Not surprising, given the strong growth in developer interest in Embedded Linux reported in recent months by market analysts VDC (story), Evans Data Corp (story), and others (story)." DatabasesNuSphere MySQL (Unix Review). Unix Review reviews NuSphere MySQL. "All in all, I'm disappointed that NuSphere did not do a better job of documenting their product. Remember, most of the software included in NuSphere MySQL is freely available. What a user is really paying for is convenience, information and support." MiniSQL updates. MiniSQL, known more commonly as mSQL, has had a couple of new releases this past week. The first is the last stable release of the 2.0 series, version 2.0.12. This release fixes a security problem with the w3-auth access control. Also this week, the third beta release for the new 3.0 version was announced. Database Gorilla Hunter (TechWeb). TechWeb reviews PostgreSQL 7.1 from GreatBridge. "If your business has hefty database requirements, it's hard to imagine an open-source option that's a true alternative to the established commercial database engines. Great Bridge, however, brings software, service and support together in a product that can be safely considered for many smaller organizations or apps." phpMyAdmin 2.2.0 released. phpMyAdmin 2.2.0, a web administration tool for MySQL, has been released. There are security fixes in this release, so an upgrade is recommended; there's also a long list of new features. EducationSeul/EDU Linux in Education Report. The Seul/EDU Linux in Education Report for September 3 is out; this issue has a strong emphasis on putting Linux systems in schools, and delves into the question of whether an education-specific distribution is called for. Why should open source software be used in schools?. LinuxMedNews pointed us to an article on why open source software should be used for general education. "Students should, at least, be given the opportunity to see how their new tools work. They should be given the opportunity to examine the inner workings of software. They should be given the opportunity to extend the functions of their tools, where they see or imagine possibilities. They should not be held back by locking the toolbox of the Information Age and told they must not peer inside, must not try to discover how it works, must not share their tools with others, must not use their tools without paying proper tribute to the software overlords, under penalty and punishment of law." Plenty of links are used to back up the arguments here, making this is a useful reference for educators working on Linux in the classroom projects. Electronicsgerbv 0.0.2 and prerelease Savant. The gEDA site pointed out the releases of two early-stage projects: gerbv 0.0.2 and Savant. Printing SystemsCUPS Book. A book on CUPS, published by SAMS and written by Easy Software Products founder Michael R. Sweet, is now available from the Easy Software website. Omni printer driver 0.4.2. Another release of the Omni printer driver has been made available from IBM's Linux Technology Center. This release was created to allow Omni to be used with the latest levels of Foomatic and printconf. StandardsWorld Wide Web Consortium Issues SVG 1.0. W3 has issued the SVG 1.0 specification as a recommendation, meaning that the specification is stable, contributes to Web interoperability, and has been reviewed by the W3C Membership, who favor its widespread adoption. Web-site DevelopmentZope News for August 31. The Zope News for August 31, 2001 is out. It covers the Zope 2.4 beta release, a new ZEO beta release, the SecurityJihad project, Paul Everitt's new son, and more. Zope 2.4.1 released. Zope 2.4.1 has been released; it is primarily a bugfix release, which includes the recent security updates. Section Editor: Michael Hammel |
September 6, 2001
|
|
Programming LanguagesLispLISA 1.0 released. The official release of LISA 1.0 was announced this past week. LISA is a platform for the development of Rete-based intelligent systems in Common Lisp. The most significant new feature in Version 1.0 is full support for rule redefinition within a running inference engine. The full announcement can be found online. CMU CL CVS server move causes temporary service disruption. The CVS repository for CMU CL is being moved to a new server, which will keep the sources and binary distributions unavailable from their normal locations for a few weeks. Until then, backup repositories have been made available. PHPPHP Weekly Summary #52. This week's summary for PHP development includes talk of some new gettext additions, a fix for broken output buffering, and word of tighter Apache integration in future versions. PythonImproving the social infrastructure of Python (developerWorks). Here's an article on Python documentation and distribution utilities on IBM's developerWorks site. "By way of background for any Python beginners reading this, Python has long had some semi-formal documentation standards. These standards have not attempted to constrain developers unduly, but rather to offer the 'one obvious way to do it.' Fortunately, Python developers, as a rule, have always been far better documenters than typical developers in other languages." This week's Python-URL. Here is a relatively thin Dr. Dobb's Python-URL for August 30, 2001. Topics include a look at WebWare, WebDAV module progress, a look at Tinter, and file locking issues. Tcl/TkThis week's Tcl-URL. Here is Dr. Dobb's Tcl-URL for August 31, with the latest from the Tcl/Tk development community. This issue looks at XML and XSL, tcl plugins, and new versions of e4graph, sgxTools, ActiveTcl, and moodss. Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux in the news page. |
Linux in the newsRecommended ReadingNow Showing: Dmitry Sklyarov's Las Vegas Gamble (Planet PDF). Planet PDF has posted a detailed description and commentary on Dmitry Sklyarov's Las Vegas presentation. "At that point, a voice from the darkened room shouts a question, seemingly wanting to verify whether the full commercial version of AEBPR is still available. 'Not at this time,' Sklyarov says. The voice persists, apparently seeking further explanation on the product and on ElcomSoft's intent. 'We don't make our mind up to hit publisher,' Sklyarov says. 'We must prove that eBook distribution based on PDF technology is insecure.' During the remainder of the presentation, he methodically proceeds to do so." Senator plans anti-piracy copyright legislation (NewsBytes). As if the DMCA weren't enough: here's a NewsBytes article on the next bright idea from Washington: "Consumer electronics hardware makers, including computer manufacturers, would be required to develop anti-piracy technology to be included in their products under proposed legislation from Senate Commerce Committee Chairman Ernest 'Fritz' Hollings, D-S.C." Commentary: Making the move to Linux (News.com). The Meta Group, via News.com, says, Linux is still a fringe player in the corporate world, however the "Meta Group now recommends that large enterprises consider a limited number of Linux server deployments or pilot projects." This is about as positive as Meta has ever been... LinuxWorldLinux debate focuses on future (News.com). News.com has put up a series of video clips on discussions about the future of Linux. Participants include Linus Torvalds, Dirk Hohndel, and Brian Behlendorf. MS Hailstorm is no threat - Torvalds (Register). The Register reports from the "Future of Linux" panel at LinuxWorld. "Torvalds' genius for project management, and specifically for resolving the most acrimonious disputes amicably is often remarked upon, but here was a perfectly example of it in practice. His soundbyte incited the largely libertarian audience to an ovation, but contained the message that governments do have the power to draw boundaries around private greed." (Thanks to Dave Killick). Linux World Starts with a Bang (IT-Director). IT-Director reports from LinuxWorld as a way of looking at the Linux industry as a whole. "As Linux begins to be significant in the Enterprise space, organisations must use suppliers that have a global presence. In this respect SuSE needs to face the challenge posed by market leader Red Hat. It will be a tough fight for SuSE." Red Hat CEO pushes Linux in schools (News.com). Here's a report on Matthew Szulik's LinuxWorld keynote on News.com. "Linux developers must take some of the time they now devote to programming and put it toward boosting open-source software in education, Red Hat Chief Executive Matthew Szulik said Thursday." Lawyer Lessig raps new copyright laws (News.com). News.com covers Lawrence Lessig's LinuxWorld keynote. " Lessig accused programmers of two counterproductive attitudes that will lead to the collapse of the current climate of innovation. Under the first, programmers argue that they're just writing code and that they'll leave politics to the politicians. Under the second, programmers argue that 'what goes on in Washington is a pathetic waste of life,' and that 'we should build a world of freedom that they can't penetrate.'" CompaniesEgenera to debut $250,000 Linux server (News.com). News.com reports on the new high-end server from Egenera. "Egenera hopes to succeed where other server specialists such as VA Linux Systems, Cobalt Networks and Network Engines have struggled. Analysts say Egenera's market--financial-services companies and service providers--is small but lucrative." Compaq boosts Red Hat ecommerce suite (Register). The Register looks at the Red Hat/Compaq e-commerce offering. "One point worth considering before anyone ventures out and buys the five system cluster is that of the database. Red Hat's database is based on the PostgreSQL database which, although fine under normal loads, has little in terms of proof points when it gets into real heavy-duty work. It is, essentially, unproven at the high end which is, presumably, the kind of work it will encounter on a five node cluster." TurboLinux Intros Automated Configuration Software (TechWeb). Here's TechWeb's take on Turbolinux' PowerCockpit. "The software lets the IT manager set up each Linux configuration separately and then collect an image from the fully configured server and put it into a repository. Later, if that configuration is need on another server, it can be redeployed. One configuration might be TurboLinux with IBM WebSphere, another might be Red Hat with Apache. " Turbolinux tool eases provisioning of Linux servers (ZDNet). ZDNet has an article on the new, proprietary "PowerCockpit" tool from TurboLinux. "Enterprise users and manufacturers spend a lot of time configuring and deploying systems, and Linux, with its flexibility, makes that task even more challenging. The time-consuming process of upgrades and incremental adds to corporate IT infrastructures has been taking its toll, so Turbolinux focused on providng a solution that offers flexible processing power." Sun shows new version of StarOffice (News.com). News.com looks forward to StarOffice 6.0. " But the current version, 5.2, has been roundly criticized as a large and sluggish product. By default, the program tries to take over many desktop functions, coming with its own 'Start' button and file browser, and all its programs load at once. Version 6.0 will break these programs into individual applications that can run independently, said software demonstrators at the LinuxWorld Conference and Expo where the software has been demonstrated this week." Corel sells Linux desktop OS to Xandros (ZDNet). This ZDNet article looks at Xandros's acquisition of Corel Linux. "'In terms of the deal, we get the code to Corel's Linux distribution and all licensing rights,' [Xandros president Michael] Bego said. 'Corel has also signed an 18-month non-compete agreement. So, essentially, we have bought Corel's Linux operating system, including its as-yet unreleased third-generation software, as well as access to its channel, support and sales pipeline.'" When VA was the news (NewsForge). NewsForge looks at VA Linux Systems. "Whatever the deficits of VA's business plan, it was brilliant compared to businesses that decided that the Internet was the ideal way to sell broccoli or Kibbles n Bits. Unfortunately for VA, by the time the company had fully ramped up to sell to this market it had disappeared." BusinessA month Microsoft won't forget (ZDNet). ZDNet looks back at a hard month for Microsoft. "All you need to do is scan the headlines for the last 30 days to see that Linux and open source have gained significant momentum, beautifully leveraging the turmoil in which Microsoft now finds itself. In all its life, IBM OS/2 never achieved the popularity Linux has in just the past month. Fortunately, for IBM, the company couldn't have picked a more precise moment to announce its big customer wins that include Linux running on a range of systems that span low-end servers to big iron." ReviewsLSP: migrate from Windows NT to Linux (ZDNet). ZDNet reviews DAS Technology's LSP, a utility that automates migrating file and print sharing services from a Windows machine to a Linux box. "LSP's NT to Linux migration process happens in four stages, alternating between the NT and Linux servers. The first stage involves running a data collection program on the NT server--this process obtains the server information--such as share names, directory and file structures, Internet Information Server configuration data, and so on--that LSP will migrate." MiscellaneousLeave Linux to the Geeks (TechTV). TechTV has a unique take on the 10th anniversary of Linux. "Linux is not for the masses. Trust me, we'll just screw it up. If you don't believe me, look what we did with the Internet. Happy birthday Linux. Now please keep it to yourself." Chipmakers angle for Linux support (News.com). C|Net's News.com says Linux leads with support for new chips. "Linux--with a strong developer community and a flexibility that allows the Unix clone to run on numerous chips--has become an asset the chipmakers want on their sides as they prepare future chip designs. Linux has become a tool to secure quick support for a new chip." Red Hat Weighs Nonprofit Group To Promote Open-Source Software In Schools (TechWeb). Red Hat CEO Matthew Szulik is advocating Linux and other open source software in the US school system. "Szulik says he's traveled to poor rural and urban school districts in North Carolina, Massachusetts, and Missouri, and spoken with former North Carolina Gov. Jim Hunt and other elected officials about his plan to promote open-source software as an alternative for public schools. "Someone from the open-source industry had to step forward, and that's Red Hat's responsibility," he says. " Jean Louis Gassée on The Antitrust dog that never barked (Register). Be Inc founder Jean Louis Gassée offered to testify in the Microsoft antitrust trial, regarding the Microsoft boot loader, but the DoJ wasn't interested. "Now for the interesting bit, and listen up you folks who dream of Linux booting on machines from CompUSA. Gassée offered to testify on behalf of the Department of Justice on the boot loader question, reports Hacker, but the prosecution was only interested in browser integration." The State of Corporate IT: A case for Linux (AnandTech). Here is a lengthy article on AnandTech tracing a company's move from legacy systems to Windows NT and finally to Linux. Linux is not mentioned until the end of page 4, but the article is well worth the read. "Linux was not the right tool for every job, but it certainly had proved its mettle as a cost effective alternative and helped give them some breathing room as they worked to bring soaring IT costs under control and reduce TCO (Total Cost of Ownership). It was ironic that only by turning to an alternative operating system were they able to realize some of the cost savings promised them when they initially switched over to NT. Linux had not only given them tangible benefits, it had increased confidence in their ability to manage their own systems." (Thanks to Paul Hewitt and Walter Smith) Wireless Hype Chugging Along (TechWeb). According to this TechWeb article companies are spending too much on deployment of wireless networks, and not enough on development. "And let's not forget wireless's real problem: security. Just this week, software called AirSnort hit the Internet. Utilizing nothing more than a Linux system with an 802.11b wireless card installed, AirSnort specializes in breaking the WEP encryption that protects an 802.11 network. Once inside, AirSnort offers convenient packet-reading features that let hackers manage operations, such as password grabs, quickly and easily." FBI Warns of New Worm, Says No Code Red Suspects Yet . NewsBytes is carrying a story on the FBI's efforts toward a worm-free Internet. "Separately, the FBI today issued a caution to operators of systems based on the Unix operating system. According to the agency, a new worm dubbed 'X.C.' has been targeting a vulnerability in the telnet daemon that ships with Sun's Solaris, IBM's AIX, and several versions of Linux." Protesters declare war on copyright law (News.com). News.com reports from the Sklyarov fund-raiser in San Francisco. "Almost 200 Linux enthusiasts, programmers and digerati attended the fund-raiser, held by 2-month-old start-up AllSeer in a five-story warehouse on the edge of the now depopulated Multimedia Gulch in San Francisco." Section Editor: Forrest Cook |
September 6, 2001 |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Announcements page. |
AnnouncementsResourcesLinux Gazette issue #70. The Linux Gazette issue #70 for September is now available. Topics in this issue include the usual features and articles such as "How to use an Atari ST machine as a Linux terminal", by Matthias Arndt and "GNOME Programming in Linux using GTK+", by Subhasish Ghosh. Linux Unicode programming. IBM developerWorks has an article on how to incorporate and utilize Unicode for worldwide language support within Linux. "Unicode allows programmers to provide software that ordinary people can use in their native language. The prerequisite of learning a foreign language is removed and the social and monetary benefits of computer technology are more easily realized. It is easy to imagine how little computer use would be seen in America if the user had to learn Urdu to use an Internet browser. The Web would never have happened." Tip Of The Week - Scheduling Commands with "at" (Linuxlookup.com). Sometimes you want a program to run when no one is around, including you. This week's TOTW shows how to use "at" to do just that. EventsLinuxWorld Coverage. Another LinuxWorld has come and gone, leaving a wealth of press releases and articles in its wake. From IDG World Expo, the organizers of the event, comes a press release listing the various award winners. The Community Award went to the Free Standards Group; the "best of show" was the IBM eServer iSeries. See the PR for the full list. The Open Source Development Laboratory has announced that its first "Enterprise Achievement Award" has gone to Heinz Mauelshagen, the author of the Linux Logical Volume Manager. NuSphere had its own announcement about winning the Open Source product excellence award and NuSphere PHPEd Advantage was named best developer tool. Marc Merlin has posted his report from LinuxWorld. As with all of Marc's reports, this one is detailed, comprehensive, and with lots of pictures. Some of LWN's coverage is still in progress, but here is LWN's Tuesday coverage. Have a look for coverage of the keynote, the DreamWorks feature presentation, and more. KDE dot News looks at LinuxWorld from a KDE perspective. Jonathan "Jonny5" Buset reports on LinuxWorld for LinuxLookup.com, with a seperate report for Day 1, Day 2 and Day 3. LinuxDevices.com asks and answers How many attendees were at LinuxWorld in SF? Jabber, Inc. Recaps a Highly Successful Inaugural Conference. Jabber partners, commercial developers and the Open Source Community participated in JabberCon. Linux.conf.au call for papers. The 2002 version of linux.conf.au will happen February 6 to 9 in Brisbane, Australia. The call for papers has just gone out; the submission deadline is the end of October. This should be a good event, and Brisbane is a nice place... Events: September 6 - November 1, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. User Group NewsSacramento Installfest. Three Sacramento-area clubs, the Linux Users' Group of Davis (LUGOD), the Sacramento Linux Users Group (SacLUG), and the Roseville Area Linux Users Group (RoseLUG) will be holding a free 'Linux Installfest' workshop on September 16, 2001 at the Coloma Community Center in Sacramento, California. Hazelwood MO Linux Users Group. The Hazelwood LUG will meet on September 25, 2001 at the Prairie Commons Branch Library in Hazelwood, Missouri. LUG Events: September 6 - September 20, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn-lug@lwn.net in a plain text format. Section Editor: Rebecca Sobol. |
September 6, 2001 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software AnnouncementsHere are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways: The Alphabetical List and Sorted by license |
Our software announcements are provided courtesy of FreshMeat
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux History page. |
This week in Linux historySix years ago: "bob@acc-corp.com," otherwise known as Bob Young at Red Hat's precursor company, announced the Linux events at New York's Unix Expo; included was a panel with Matt Welsh, Michael K. Johnson, Eric Troan, and Marc Ewing. (For those who are interested, "acc-corp.com" is now owned by American Concrete Cutting Corporation...) Three years ago (September 10, 1998 LWN): industry journalists complained in a big way about being flamed by Linux zealots - a problem that still comes back to haunt the community at times. Prediction of the week: Linux will never go mainstream. But it will have a powerful influence nonetheless. Perhaps it depends on your definition of "mainstream"... The development kernel was 2.1.121. A fair amount of controversy surrounded the addition of the QNX filesystem, since the kernel was alleged to be in a feature freeze at the time. Oracle announced its first set of marketing partnerships, with Red Hat, VA Research (now VA Linux), Pacific HiTech (now TurboLinux) and S.u.S.E. (now SuSE). Dell, it was revealed, had been selling Linux-installed systems to a few big customers for a year, despite its public denials that there was even interest in such systems. Two years ago (September 9, 1999 LWN): Licensing problems turned up with some of the code distributed with Bind 8.2, a crucial piece of network infrastructure. In the end, all was worked out, but it showed the kind of difficulties that licensing conflicts can cause. SCO distributed a brochure in northern Europe: Linux at this moment can be considered more a play thing for IT students rather than a serious operating system in which to place the functioning, security and future of a business. Because Linux is basically a free-for-all it means that no individual person/company is accountable should anything go wrong, plus there is no way to predict which way Linux will evolve They certainly failed to predict how things would evolve... Quote of the week: Any time you're sort of slacking off or saying you're thinking of taking a day off our president says, 'You know, I'll bet Bill Gates is working today.'
Ah, the good old days: Red Hat's stock continued its climb today, soaring by nearly 15 points to reach 122.8125 in mid-morning trading, making Red Hat founder and chief technical officer Marc Ewing and CEO Robert Young billionaires as well, at least on paper
The latest, greatest NFS patches were withheld from the 2.2.12 (and later) stable kernel release, due to fears that they would destabilize things. Caldera 2.3 was launched this week. MandrakeSoft announced the opening of its Chinese offices, in cooperation with a little-known (at the time) company called LinuxOne. That partnership did not last long. Red Hat, meanwhile, announced "Lorax", the beta version of its 6.1 release. One year ago (September 7, 2000 LWN): Trolltech announced that Qt 2.2 would be released under the GPL and QPL giving developers a choice of license. This was a move that should have brought an end to more than two years of controversy centered around the Qt license. However some people are never satisfied. Richard Stallman felt that the legal status of KDE remained clouded. Qt 2.2 provides the basis to solve this secondary problem, but a certain amount of cleaning up will be needed to fix it thoroughly. Misusing a GPL-covered program permanently forfeits the right to distribute the code at all. Such situations have occurred in KDE, and now they ought to be cleaned up.
A company called Digital Convergence came up with an interesting idea. They would give away a cheap barcode reader (called the ":CueCat") and some (Windows) software. People could plug the reader into their computer, then use it to read a special code printed with advertisements and such. Naturally Linux hackers starting creating drivers for the :CueCat -- something Digital Convergence didn't like. See, in the original software each use of the :CueCat would send in some personal information, along with the serial number of the device. Every code scanned would get tied together with your information, building a nice little profile. The Linux drivers circumvented that profile building. The FBM site put together this page documenting it all, from the first release of :CueCat to the demise of Digital Convergence. The first public release of the TUX web server happened. Perl 5.7.0 was released, as were Python 1.6 and Python 2.0 beta 1. A company called "iRobot" announced a new product: the "iRobot-LE", a Linux-powered robot aimed at household use. It could be monitored and controlled from anywhere on the net via a web browser. It climbed stairs, and had sonar and infrared systems for avoiding obstacles. Suggested uses include monitoring the babysitter, home security, and so on. LWN editors met iRobot at COMDEX. Section Editor: Rebecca Sobol. |
September 6, 2001
LWN Linux Timelines |
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Letters page. |
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. |
September 6, 2001 |
From: Torsten Howard <torsten@inetw.net> To: letters@lwn.net Subject: SourceForge Date: Thu, 30 Aug 2001 20:33:16 -0500 Dear Editor: I read with some concern your subtopic, " VA Linux goes proprietary?" It is a critical failure to concenctrate too much power in the hands of a few. Good systems are engineered without such a single point of failure. Politics has usurped power from dictators. Microsoft has bore the condemnation of the courts for abuse of its power. And thus the saying, "Power corrupts. Absolute power corrupts absolutely." Dr. Albert Einstein defined insanity as doing the same thing over and over, and expecting different results each time. At some point, I begin to wonder. Exactly when do we learn from the mistakes past? From the politics of GPL radicals, one would take a look and realize there is a huge concentration of power in the sourceforge website. The same company owns two of the most visible advocacy sights, Freshmeat and Slashdot.org. In addition, sourceforge is abusing their power. Let me explain. When I download non-sourceforge GPL software and wish to communicate to the author or mailing lists, I do so. Sourceforge has hidden all communication to its projects behind a "login." It is the attempt to control communication, mailing lists, and access to emails which is an abuse of power. It is this very communication which is the lifeblood of open-source contributive projects. Now we see the insanity of repetition, and failure to change the way things are done. We have not learned that concentrating power is a poor choice. So what does this topic have to do with SourceForge.net adding proprietary extensions? Only that they have the power to do so - the power to undermine the ideas upon which they stand without falling over - because nobody is pushing. And one final quote - "Power concedes nothing without demand." Thank you for your time. Sincerely, Torsten Howard | ||
From: Michael Carniello <mlcarn1@home.com> To: <letters@lwn.net> Subject: VA Linux Date: Thu, 30 Aug 2001 21:18:32 -0500 To The Editor, Your recent piece on VA Linux (8/30/2001) was interesting, as most of your leading items are ... and it reflects a fact which you and most of this community truly believe, yet with a strange duality, fail to recognize. And that fact, reflected in a quote from your article, is this: "VA is ... just finding a way to more readily sell its free software..." Somebody may think of a clever of selling free stuff in the future, but it hasn't worked in the past. I'm not saying that free software isn't good or right, I'm saying that (right now, with current business models), it's impossible to make money off that which can be had for free. Mike Carniello mlcarn1@home.com | ||
From: "jacob navia" <jacob@jacob.remcomp.fr> To: <letters@lwn.net> Subject: Selling free software Date: Sat, 1 Sep 2001 14:04:17 +0200 Dear Sir: I would like to point you to this sentence in your magazine: "According to Eric, VA is not changing its focus as an open source company in any way, it's just finding a way to more readily sell its free software" Excuse me but if it's free of charge it can't be sold, and if it is sold, int can't be free of charge. I am sorry but I think logic should at least play a part in this discussion. VA Linux is beginning to fail financially, because there is no way around logic, no matter how many lengthy explanations you come up with. Yours sincerely --- Jacob Navia Logiciels/informatique 41 rue Maurice Ravel 93430 Villetaneuse France | ||
From: Seth David Schoen <schoen@loyalty.org> To: letters@lwn.net Subject: LNX-BBC and LBT Date: Wed, 29 Aug 2001 23:57:57 -0700 Thanks for the nice review of the LNX-BBC project! We've also enjoyed the reaction from people at LinuxWorld who came by to pick up copies. Your article says that Linuxcare is no longer developing a bootable CD project. Although we thought that might be the case when we sent our CD to press, it turns out that Linuxcare has done a new version of their project, now called LBT (Linuxcare Bootable Toolbox). They have been giving these out at LinuxWorld; that means there are now two maintained projects derived from the Linuxcare Bootable Business Card, their project http://lbt.linuxcare.com/ and our project http://www.lnx-bbc.org/ -- Seth David Schoen <schoen@loyalty.org> | Its really terrible when FBI arrested Temp. http://www.loyalty.org/~schoen/ | hacker, who visited USA with peacefull down: http://www.loyalty.org/ (CAF) | mission -- to share his knowledge with http://www.freesklyarov.org/ | american nation. (Ilya V. Vasilyev) | ||
From: "Toni SOUEID" <djt2000@inco.com.lb> To: <letters@lwn.net> Subject: Fighting the DMCA and the Like. Date: Thu, 30 Aug 2001 18:04:13 +0200 Dear reader, It is with sorrow and anger that I read the news about Dmitry Slyarov's case. What a shame for all of us if researchers and developers will begin to be threatened just for writing a good paper or publishing a good piece of software. Some of us think the DMCA is good (especially governments and big corporations) and some think is it bad. Those who think it is good are enforcing it by every mean imaginable. So what can we do, we who think the DMCA is bad ? The answer is pretty simple. Fighting fire with fire. Fighting law with law. We all need to get involved in Free/Open Source software and/or in Free/Open Content documentation movements. While donating money for such initiatives is fine and necessary it is not enough. Contributions should be made by writing, using and reviewing such software and documentation. People should be educated about the GPL, the FDL, the OPL and other similar licenses. They should also be encouraged to use such licenses. Who will need to buy copyrighted material protected by a restrictive license when Free alternatives exist ? If just everyone of use could write a little piece of software or a little piece of documentation in one of his areas of interest, and release it under Free/Open licenses we could build a huge alternative library of software and documentation that could benefit all of Humanity and at the same time protect it's rights. I've decided to release all of my own written tutorials under the OPL and all of my own written software under the GPL to help protest against what's happening out there. On another hand I've decided to erase every piece of proprietary file formats from my website and replace them with standards compliant ones. Can you do the same ? Toni SOUEID, Beirut - LEBANON. | ||
From: rjh@world.std.com To: letters@lwn.net Subject: Financial customers are not conservative Date: Thu, 30 Aug 2001 15:30:55 -0400 (EDT) The financial marketplace is "conservative" in their financial attitudes, not their computer purchasing. They have long been Unix strongholds. Sun workstations, Thinking Machine supers, and other leading edge hardware has a long history of penetration of these financial markets. The IBM sale to SIAC is signficant for Linux, not for the Unix family. Several major stock market functions are Unix based. More than 10% of the world stock settlements traffic has gone through SCO Unix based systems for several years. So while the SIAC sale is important and worth publicizing, do not read too much into it. R Horn | ||
From: Vulture <t.sippel-dau@ic.ac.uk> To: letters@lwn.net Subject: Terabyte disks and Linux kernels Date: Mon, 03 Sep 2001 18:51:11 +0100 Hello, some weeks ago I got my sweaty palms on one of the Barracuda-180 disks and fitted it into a system. However, I see a problem lurking on the horizon: SCSI commands have a 32 bit block address in the command, and can be formatted for blocks of size of any power of 2 bits, up to 2**35. However, Linux systems (and many others) have so far used "sector" sizes of 4096 bit (512 bytes), and aggregated these into "blocks", typically 2, 8, or 16 sectors per block. File systems and paging work in these block sizes, but at the device driver level it will go down to the smaller sectors again. Now 4 billion blocks times 4000 bit gives 16 Tb or two Terabytes, and that is only 12 times as big is as currently available disks, and will probably be surpassed in 4 years or so. We could start making the sectors bigger, up to 32 kb (8 kilobytes) for 64 bit systems with an 8 kilobyte page size, but how many disks will take kindly to a format-unit command specifying anything but 4096 bit blocks is anybodies guess. Disk manufacturers could also start to subdivide their disks into up to 8 "logical units" for another 4 year's leeway or so. However, it might be a good idea to start thinking now about that particular limit and how to handle it in the kernel. A quick Google search yielded many articles on "Terabytes", but I found none that discussed it as a problematic limit. N.B. IDE drives have their next limit at 137 Gigabytes (according to http://support.microsoft.com/support/kb/articles/Q114/8/41.ASP), which should become a problem in weeks rather than months. Thomas * Why not use metric units and get it right first time, every time ? * * email: cmaae47 @ imperial.ac.uk * voice: +4420-7594-6912 (day) * fax: +4420-7594-6958 * snail: Thomas Sippel - Dau * Linux Services Manager * Customer Relations Group * Information and Communication Technology * Imperial College of Science, Technology and Medicine * Exhibition Road * Kensington SW7 2BX * Great Britain | ||