Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsThe Liberty Alliance launches. Back in July LWN (and many others) expressed concern about Microsoft's "HailStorm" scheme, which looked like it could concentrate control of user identity and authentication in one place. In our opinion, no single organization should have that degree of control over how people deal with each other on the net. It has taken a while, but a credible alternative to HailStorm has just announced its existence. The Liberty Alliance is made up of an interesting and varied group of organizations. At one end of the spectrum, one sees groups like the Apache Software Foundation, CollabNet, and O'Reilly & Associates. Those groups can be trusted to work toward a set of protocols that preserve freedom and openness, but they lack the influence required to bring about the adoption of a new set of protocols by themselves. So it is an encouraging sign that the Liberty Alliance also includes companies like the Bank of America, United Airlines, General Motors, Dun and Bradstreet, and many others. The members' claim that they "currently represent over a billion network identities" may be a bit of a stretch, but it is true that they have the commercial strength required to push a new standard. The presence of companies like Nokia and NTT DoCoMo makes it likely that standards from the Liberty Alliance will have an advantage in the mobile arena as well. It is perhaps not surprising that the Alliance web pages carry a Sun Microsystems copyright. Exactly what the Alliance will do remains somewhat vague at this stage. The web site lists these goals:
These goals sound like a good start: enabling the next generation of network commerce while building in open standards and decentralized authentication. A lot of questions remain open, however. How will these standards be adopted - what is the decision making process? Will there be W3C-style problems with the inclusion of patented technology? What privacy safeguards will be built in? Who will be able to run an authentication service? Will the member companies show enough commitment that this endeavor will be more than a short-lived, Sun-led charge against Microsoft? And so on. It is not surprising that a lot of questions are unanswered at this point; the Alliance is just getting started. The coming months will tell us whether this group is serious about security, decentralization, and openness, or whether it's just another power play in its own right. In the mean time, the Alliance is soliciting additional members; companies with an interest in the future of network commerce and freedom should consider signing up so that their voices can be heard. Not-quite-free licenses: a bad thing? The free software community tends to see licenses in a very polarized way. Software is either free, or it is proprietary, and the discussion tends to end there. The truth is, however, that there are a number of in-between licenses that provide some, but not all, of the freedoms of licenses that meet the Open Source Definition. Such licenses include:
...and many more, including, even, perhaps, Microsoft's "shared source" license. Every one of these licenses makes source code available to licensees, but restricts the user's freedom in one way or another. Restricted licenses of this variety tend to draw a great deal of criticism from the free software community. In fact, the reaction to a hybrid license can be far more harsh than the reaction to a purely proprietary, no-source license. The end result can only be a greater polarization of licenses: they either go fully free, or fully closed. Some members of the community seem to prefer that code remain closed rather than become half free. Does this result really benefit the community? Certainly, much useful software has been developed and released under hybrid licenses. Consider Qt, ghostscript, qmail, bitkeeper, and so on. Modern distributions tend not to include xv, but it was a highly useful tool for many for a very long time. Even the Linux kernel was not completely free in its (very) early days. It would be difficult to argue that the community is not better off for the presence of that software. Companies and individuals who release software under hybrid licenses are trying to strike a balance that works for them: somehow they would like to make money while providing (and enjoying) the benefits of making the source available. In an economy where pure open source companies are, for the most part, having a hard time surviving, some experiments with mixed licenses may well be called for. Software licenses should, properly, meet the needs of both the producers and users of the code. Free software remains the best software, and, in many (if not most) situations, fully free licensing will be the best choice. But if the owner of some code decides that a not-quite-free license is needed, the community should give them the benefit of the doubt and refrain from excess criticism. As long as such software is not presented as being free, and does not violate the license of any other package, its existence harms nobody and could be beneficial to many. After all, if the license does not work for any individual user, they are not forced to run the code. Red Hat acquires VA Linux consulting group. Red Hat has announced that it has picked up VA Linux System's open source consulting group. This group no longer has a place in VA's new view of its business, so it's good that they found a new place to land. They have, apparently, brought much of their business with them. A list of the people involved can be found in this Linux Journal article. Next steps in W3C patent policy proposal. Here's an announcement from the W3C on how it will proceed with its patent policy. It includes the appointment of Bruce Perens and Eben Moglen to the patent policy board. There will be another public comment period before the policy is finalized, and more information will be shared with the public on this process. In other words, this battle is far from over, but there are some good signs that things are going in the right direction. The W3C has heard the comments from the community, and is apparently taking them seriously. The situation bears watching, but it may just come to a happy ending. On LWN's future.... not much to report, as yet. We have gotten much useful feedback from our readers on our mailing list; we still encourage others to drop in and let us know what you think. One way or another, we plan to continue to be here for our readers. We have noticed a distinct increase in people pulling down the entire LWN site since last week. In many cases, those downloads are probably unnecessary; no matter what happens, the LWN archives are not going to disappear abruptly from the net. There is no need for massive copying of the LWN site to keep that information from going away, we promise. Inside this LWN.net weekly edition:
This Week's LWN was brought to you by:
|
October 18, 2001
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Security page. |
SecurityNews and EditorialsBugtraq gets a new moderator. After six years of running the Bugtraq mailing list, Elias Levy (also known as Aleph1) has announced that he is moving on. "I'd like to think I did not do a half-bad job, but you are the judge of that." From LWN's point of view, Aleph1 has done a great job; Bugtraq is and remains the premier, required-reading list for anybody interested in computer and network security. He'll be missed, but we'll expect new and interesting things to come from his direction as he moves on to new challenges.We wish the new moderator, David Ahmad, the best of luck as he takes over this responsibility.
October CRYPTO-GRAM newsletter. Bruce Schneier's CRYPTO-GRAM newsletter for October is out. Covered topics include cyberterrorism vs. "cyberhooliganism," the Nimda worm, the SANS top 20 vulnerabilities, and the SSSCA. I have long argued that the entertainment industry doesn't want people to have computers. Computers give users too much capability, too much flexibility, too much freedom. The entertainment industry wants users to sit back and consume things. They are trying to turn a computer into an Internet Entertainment Platform, along the lines of a television or VCR. This bill is a large step in that direction. Worth a read, as always. Microsoft doesn't like disclosure. Microsoft has fingered the culprit for all those worms which have been feeding on its products: disclosure of security vulnerabilities, otherwise known as "information anarchy." The company is starting a new push to try to get security experts to clamp down on vulnerability information. In the words of Scott Culp, the manager of Microsoft's Security Response Center: But regardless of whether the remediation takes the form of a patch or a workaround, an administrator doesn't need to know how a vulnerability works in order to understand how to protect against it, any more than a person needs to know how to cause a headache in order to take an aspirin. In other words, "trust us, we'll tell you what to do." There are signs that some parts of Microsoft, at least, are taking security a bit more seriously. The company would be will advised to put its efforts into supporting those groups, rather than trying to keep information on its vulnerabilities as proprietary as its software. Security ReportsLogin vulnerability in PostNuke. The PostNuke web portal system (up to version 0.64) has a vulnerability which can allow an attacker to log into other users' accounts. A fix is included in the report. It appears that PhpNuke is also vulnerable to this attack. (We also still have not seen a new PhpNuke release fixing the severe, widely-exploited vulnerability in version 5.2.)Buffer overflow vulnerability in snes9x. Snes9x is a Super Nintendo emulator which runs on Linux; it is occasionally installed setuid root (though most Linux distributions do not ship it this way). There is a buffer overflow vulnerability in version 1.37 which may be exploited by a local attacker to get root access on the system. A new version is available from the snes9x web site which fixes the problem.
Improper credentials from login. A problem with the
login program (in the util-linux package) can, in some situations,
cause a user to be given the credentials of another user at login. Use of
the pam_limits module, in particular, can bring about this
problem. In general, distributions using the default PAM configuration are
not vulnerable; an upgrade is probably a good idea anyway.
Updates seen so far:
This week's updates: Previous updates:
OpenSSH restricted host vulnerability. Versions of OpenSSH prior to 2.9.9 have a vulnerability that can allow logins from hosts which have been explicitly denied access. The fix is to upgrade to OpenSSH 2.9.9. This problem first appeared in the October 4 LWN security page. This week's updates:
This week's updates: EventsUpcoming Security Events.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Jonathan Corbet |
October 18, 2001
LWN Resources | ||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Kernel page. |
Kernel developmentThe current kernel release is 2.4.12. Linus released 2.4.11 shortly after last week's LWN Kernel Page went to "press," only to discover that it contained an unpleasant bug: creation of files via a dangling symbolic link would cause filesystem corruption. So he rushed out 2.4.12 with a fix for that problem and a few other tweaks as well. One of those tweaks, unfortunately, was a parallel port change that fails to compile. As Linus said, "not a good week." In the same message, he also put out this teaser: On the other hand, the good news is that I'll open 2.5.x RSN, just because Alan is so much better at maintaining things ;) As of this writing, 2.5 still does not exist. There also is no 2.4.13; Linus evidently decided to take a more deliberate pace with the next release. Those wanting to build 2.4.12 should apply the fix for the parallel port problem first. 2.4.12 also has a problem in the disk partition code that can cause partitions to disappear. There is a fix available for that problem as well Alternatively, of course, there is the latest prepatch: 2.4.13-pre4. It contains those fixes along with several others, and "continued merging" from the "ac" series. Speaking of which, Alan Cox's latest is 2.4.12-ac3. It contains a much-awaited ext3 filesystem update, a bunch of ARM fixes, and many other tweaks and updates. Tidbits from the VM front. The question was asked this week: why is Andrea Arcangeli's "simple" virtual memory implementation in the Linus tree? Linus had a straightforward answer: The benchmarks I've seen says that the simple VM performs better - both in terms of repeatability and in terms of absolute performance. Alan Cox, meanwhile, says that he has "not reached any final conclusions on the VM." He is apparently still waiting to see how things settle out before deciding which implementation he wants to go with. Given that he is the "maintainer apparent" for 2.4 in the near future, his decision will be important. Rik van Riel continues to work in his implementation for the "ac" tree; his latest patch has generated some positive reviews. Randy Hron has published the results of some performance testing on a few VM implementations. The testing involved running a Linux Test Project utility to allocate most of the available virtual memory, while simultaneously playing music out his sound card. Some of his findings:
Conclusions are hard to draw at this point. Both 2.4 virtual memory implementations are improving under the pressure of the competition between the two trees. At some point, this issue will have to be resolved; in the mean time, more hacking and benchmarking appears to be called for. Modules, symbols, and licenses. There has been a scattered report or two of module loads failing in recent kernels due to conflicts with GPL-only symbols. These are actually a little surprising; the 2.4.12 kernel supports the EXPORT_SYMBOL_GPL macro, but no symbols are yet exported in this mode. The real problems are almost certainly elsewhere; the module loading code is just trying to be helpful by pointing out, when loading non-GPL modules, that the license may be the problem. The other half of that problem is that not all GPL-licensed modules have yet been fixed up with the appropriate MODULE_LICENSE tags. Thus causing the GPL complaint when loading the loop driver code, which is part of the kernel and has been covered by its license since 1993. A truly stable kernel would not have glitches of this variety, but.... A different change is coming in 2.5. Way back in 2.0, any symbols (variables) defined within a module would (1) be available for setting by the user at module load time, and (2) be exported to the rest of the kernel. In 2.2, load-time variables were tightened up; only variables which were explicitly designated can be changed when loading the module. But, unless the module declares explicitly to the contrary, all global symbols in the module will still be exported to the kernel. In 2.5, that will change; no symbols will be exported without explicit instructions to that effect. The module code is going to be more restrictive than that, however: if a module does not state its intention with regard to symbols one way or another, the system will refuse to load it. In the words of Keith Owens, the perpetrator of this change, "That will break a lot of modules." The fix for broken modules is usually easy. Very few kernel modules actually need to export symbols to the rest of the kernel; simply adding an EXPORT_NO_SYMBOLS line will make that explicit and allow the module to be loaded. There are those who would rather see EXPORT_NO_SYMBOLS simply become the default, avoiding the need to edit large numbers of modules. Keith's reasoning for requiring the change is to force somebody to actually look at each module and see what its symbol needs really are. Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
October 18, 2001 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Distributions page. Note: The list of Linux distributions has moved to its own page.
|
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsThe Common Linux Installer Group. LWN received an announcement for the "Common Linux Installer Group," an organization which is trying to develop a standard, GPL-licensed installer for Linux distributions. The group is being supported by the folks at Blue Linux. Normally LWN is all in favor of standards and this is, in fact, no exception. Nonetheless, we think it is doomed to failure. Why? Because the installation procedure is a stamp of individuality for many of the leading distributions. Reviewers will install an OS, run a few of their favorite applications, and then write the review. How the installation goes will often determine whether its a good review or a bad review. Just as there is no consensus on how packages are presented (rpm, apt, tgz, etc.) there will be no consensus on installers. We suggest that Blue Linux start with Red Hat's Anaconda, or another of the already GPL'd installers and go from there, instead of waiting for the major distribution vendors to agree on this one. Progeny Debian is no more. Progeny Linux Systems has announced the end of development on the Progeny Debian distribution. "The primary motivation for this decision is our desire for convergence with Debian proper. From a technical perspective, nearly all of the features we introduced in Progeny Debian have found or are finding their way into Debian, and it is thus becoming increasingly unnecessary for us to continue investing the resources required to maintain a separate 'Progeny enhanced' version." Progeny says it will continue to develop for Debian, and will continue to offer technical support. Distribution NewsBearOps Linux certified by Linuxcare. Alta Terra Ventures has announced that its BearOps Linux distribution has been certified by Linuxcare for installation on systems from Dell, HP, and IBM. Caldera. The Caldera 3.1.1 Workstation product is now in open beta. KDE 2.2.1 is included in this maintenance release which focuses on getting L18NUX certification ready, newer drivers (kernel, xfree), security updates, and other important stuff. Debian Weekly News. The October 15 Debian Weekly News is out, with news on automake problems, the search for a Debian Conference 2 leader, how packages get into 'testing', and much more. Mandrake. The xcin package released with Mandrake Linux 8.1 had a problem with the bimsphone.so library which was linked against the wrong db version. Because of this, certain Input Methods (IME) would not work properly. NSA SELinux third release. The third release of the NSA's Security Enhanced Linux is out there. It adds some new security-related capabilities and bug fixes, and comes with the 2.4.12 kernel. Terra Soft Unveils Yellow Dog Linux 2.1. Yellow Dog Linux version 2.1 has been released. "While, on the surface, version 2.1 might seem like a minor update, there are some substantial improvements. The 2.4 kernel is now default and we are pleased to be the first PowerPC Linux vendor to provide NVidia GeForce 2 video support," states Dan Burcaw, CTO of Terra Soft Solutions, Inc.
Trustix. There are several bug fix advisories for Trustix Secure Linux. While these are not classified as security bugs, it is recommended that you upgrade your system. For TSL 1.5 and some previous versions:
Minor Distribution updatesCoyote Linux. Coyote Linux v1.31 is available for download. This release fixes a few small bugs in the floppy creator script, adds ISDN support and has the start of a web administration utility. Sorcerer GNU Linux. Sorcerer GNU Linux is a source-based ix86 Linux distribution designed for advanced Linux adminstration. Aside from a bzipped bootable ISO9660 installation CDROM image, no binaries are downloaded. It features menu and command line interfaces that enable sysadmins to easily and quickly download, compile, and install source tarballs directly from the software authors' homepages. It is fast, lean, and current. Version 20011012 released October 12, 2001. ThinkBlue. On October 11, 2001 ThinkBlue/64 7.1a was released. This is a respin of ThinkBlue/64 7.1 with all updates integrated. Proprietary Distribution products2-Disk Xwindow System. The 2-Disk Xwindow System is a small Linux distribution which includes libc2.1, busybox, tinylogin, e3, pppd, several daemons, X, alloywm, chimera, and xpaint. The kernel (2.4.6) supports umsdos, ext2, initrd, floppy, iso9660, ppp, and networking. Version 1.0rc050 was released October 13, 2001. Astaro Security Linux. Astaro Security Linux is a firewall solution. It does stateful packet inspection filtering, content filtering, user authentication, virus scanning, VPN with IPSec and PPTP, etc. It is based on a special hardened Linux 2.4 distribution where most daemons are running in change-roots and are protected by kernel capabilities. Version 2.012 was released October 15, 2001. Section Editor: Rebecca Sobol |
October 18, 2001
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Development page. |
Development projectsNews and EditorialsWith the departure of Michael Hammel, and the resulting discontinuation of the On the Desktop Page, we will be folding some of the desktop development news back into the new Desktop Development section of the LWN Development page. Open source desktop projects will be the primary area of focus.Open Source BIOS Projects On many Linux computers, the BIOS is the only piece of proprietary software. BIOS programs have been around since before the first IBM PC, they existed in a simple form on ancient CP/M systems. Unfortunately, there has not been much independent control over the workings of BIOS software since the days of CP/M. What happens between the application of power and LILO is up to the BIOS manufacturers. As with much of the PC architecture, BIOSes were written with DOS in mind and tend to haul that baggage along with them despite big changes in the software that they boot. A Linux specific BIOS can offer a number of possible advantages:
OpenBIOS has been around for a number of years and is undergoing current development. the wish list shows some of the interesting possibilities that can be worked on. LinuxBIOS has also been around for several years. The project is aiming for a three second boot time. A number of motherboards are currently supported. FreeBIOS is a new project."The goal of the FreeBIOS project is to be a central gathering point for BIOS firmware code which can be used to initialize and boot various services. Initially, due to the large scope of the project, FreeBIOS will likely only boot the Linux kernel on a few chipsets. Eventually the goal will be to provide a complete BIOS replacement for many popular motherboards." Luckily, open-source software can be shared among these various projects, so it may not be necessary to reinvent every wheel. Open source BIOS developers face several problems, a big one is getting access to proprietary hardware design specifications. That problem has plagued Linux device driver writers in the past, but the growth of Linux has greatly improved the situation. The large variety of motherboards makes the process of writing an open-source BIOS challenging, it takes a lot of effort to keep up with the fast changing hardware industry. The list of supported motherboards can be narrowed down by focusing on a smaller number of widely used boards that are proven Linux performers. As with embedded Linux, open source BIOS projects can take advantage of the many eyes effect, and can produce more highly optimized code that better meets the needs of the end users. Who knows, a little competition could also cause the proprietary BIOS companies to give their code a look-over. AudioSlashdot discussion on Linux Audio. There is an ongoing discussion of the state of Linux audio software on Slashdot. See Audio Applications below for more audio stuff. DatabasesMySQL 4.0 alpha available. An alphpa version of MySQL 4.0 has been released. "The new version is intended as a platform for building mission critical, heavy load database solutions, and much effort has been put into providing a solid foundation for planned enhancements, some of which are included from the start. Although the current release is an alpha version, the development team expects to release a beta version after rapid initial testing and will also add a number of new features in the weeks to come." New features include an embedded MySQL server library, secure connections with SSL, better speed, and improved compatibility with other DBMS implementations and SQL. EducationLinux in Education Report. The SEUL/edu Linux in Education Report for October 15 is out, with a look at the Linux Public Broadcasting Network, TuxMath, MimerDesk, and more. Embedded SystemsEmbedded Linux Newsletter. The October 11, 2001 edition of the Embedded Linux Newsletter is out. This week features a look at a Linux based wireless phone, a review of a new Embedded Linux book, and an update to the Cool Devices quick reference guide. InteroperabilitySamba 2.2.2 Released. A new stable version of Samba has been announced. Samba 2.2.2 features a new winbind daemon that deals with Windows NT/2000 name service, new SSL and LDAP parameters, and a number of important bug fixes. An upgrade is recommended. Network ManagementPIKT 1.15.0 released. Version 1.15.0 of PIKT, the Problem Informant/Killer Tool has been released. PIKT is a GPL licensed tool for managing heterogeneous networked workstations. Printing SystemsLPRng-3.7.9 available. A new version of LPRng is available. This version apparently includes some modifications that were supposed to be included in the last release. TelephonicsNew release of GNU Bayonne telephone system software. The GNU Bayonne Project has announced, via a BusinessWire press release, that the seventh major release of its free telephony system has been released. Web-site DevelopmentZope Members News. The Zope.org members' news site looks at documentation this week and includes a new Unenlightened Zopistas Guide to exUserFolder and a free chapter from a new Zope book. Page Templates (avogato.org). Page Templates is a Zope derivative that can be used to optimize HTML coding. "Page Templates, a new template language inspired by Enhydra's XMLC and created in part by Python BDFL Guido van Rossum, offer a way to achieve true separation of logic and presentation on the web. First being introduced in Zope, they let HTML designers edit templates without losing the dynamic elements of the page." MiscellaneousGanymede 1.0.7. Ganymede 1.0.7 has been released. Ganymede is a network directory system that is available under the GPL. |
October 18, 2001
|
|
Desktop DevelopmentAudio ApplicationsNew releases of mpg321. Two new releases of mpg321, the free drop-in replacement for mpg123, have been announced. Version 0.2.1 features higher sound quality, a new option to verbose mode, and portability, compilation, and bug fixes. and version 0.2.2 fixes a bug in the previous version. Wavesurfer 1.1 released. A new version of the Wavesurfer audio editor has been released. Documentation on changes with this release are scarce. Audacity 0.97 released. A new version of Audacity, the open source, multi platform audio editor is available. This version includes several bug fixes and configuration improvements. BrowsersMozilla 0.9.5 released. Mozilla 0.9.5 has been announced. The release notes list a number of additional features. Galeon 0.12.4 released. For those of you without Mozilla's 64MB RAM requirement, Galeon 0.12.4 is also available. This release features bug fixes and compatibility with Mozilla 0.9.5. Desktop EnvironmentsKDE turns five. KDE Dot News reminds us that Matthias Ettrich's posting starting the KDE project went out on October 14, 1996. Congratulations are due to the KDE team for all they have achieved over the last five years; we're looking forward to the next five as well. What do you want in GNOME 2?. The Gnotices site is curious: what features would you like to see in GNOME 2? They're hoping to get a set of useful comments which can, eventually help to guide the GNOME developers toward what their users want. GNOME Foundation Accepting New Members. The GNOME Foundation has announced that it is, once again, accepting new members. Anybody who has contributed to GNOME is invited to apply. There is a board of directors meeting coming up in November; those interested in membership might want to apply relatively soon so that they can participate. XML You Can Touch (xml.com). Ed Dumbill writes about XML and Gnome on O'Reilly's xml.com. "Thanks in no small part to the efforts of Daniel Veillard, an ex-W3C hack now working at Red Hat, GNOME has adopted XML quite deeply. GNOME's core XML component, LibXML, provides the platform with an implementation of SAX, DOM, XSLT, and even OASIS catalogs." Final Draft: GUI Programming with Python and Qt. The final draft of GUI Programming with Python and Qt by Boudewijn Rempt has been made available on the web under the Open Publication License. It looks like a great resource for the Python and Qt programming communities; congratulations to the author for its completion! Office ApplicationsAbiWord Weekly News #65. The October 16, 2001 edition of the AbiWord Weekly News is out, with the latest AbiWord status and developments. |
Desktop Environments GNOME GNUstep KDE XFce XFree86 Window Managers Afterstep Enlightenment FVMW2 IceWM Sawfish WindowMaker Widget Sets GTK+ Qt |
|
Programming LanguagesCamlCaml Weekly News. The October 3 to 16, 2001 edition of the Caml Weekly News is out. Topics include shared objects on i386 ELF systems, O'Caml hints, a pre-release of OCamldoc, and a test release of Objective Caml 3.03 Alpha. Also, this addendum to the CWN came out with a look at LablGTK and LablGL. JavaManta 0.1 fast parallel Java compiler. A new GPL Java compiler known as Manta, is now available for download. "Manta is a native Java compiler. It compiles Java source codes to x86 executables. Its goals are to beat the performance of all current Java implementations. Currently it already contains a highly efficient RMI implementation (source code compatible with std. RMI). It is currently about 30 times faster than std implementations. Class libraries are taken from kaffe, classpath and homebrew." PerlPerl 5.8.0 TODO (use Perl). A Perl 5.8.0 TODO list was mentioned on use Perl. "The bad news is that it seems that the things on what I consider to be a todo list are relatively hard. The good news is that the list is not too long." PHPPHP Weekly Summary for October 15, 2001. The October 15, 2001 PHP Weekly Summary is out. Topics include A change of plans for PHP 4.0.7/4.1.0 releases, new Unicode support, Alternative syntax, Pctnl documentation, and more. Caching PHP Programs with PEAR (OnLamp.com). Sebastian Bergmann discusses PHP optimization through the use of caches on O'Reilly's OnLamp.com site. PythonThis week's Python-URL. Dr. Dobb's Python-URL for October 15 is out, with the usual collection of interesting happenings in the Python development community. News includes work on a faster Python compiler, pickling, and pSQL.py, a python to SQL syntax translator. Interactive Python (O'Reilly). Stephen Figgins covers Interactive Python on O'Reilly's onlamp site. "I love the command line more than any graphic interface. I want to type commands, not move graphics around on a screen. Working through my keyboard is faster than clicking for me, and what I do seems more real. I don't know what it is that makes the keyboard seem more real than icons in a window. They're both abstractions, different ways of interacting with a a flow of bits and bytes. Maybe I was brainwashed from my early exposure to Unix." Dive Into Python rev 3.7. A new revision of Mark Pilgrim's online book Dive Into Python is available. This revision adds some new chapters on packages and parsing XML. RubyThis week's Ruby Garden. The latest edition of the Ruby Garden looks at weird results from simple statements, replacing getoptlong with optparse, a Spanish Ruby list, and more. Tcl/TkThis week's Tcl-URL. Here's Dr. Dobb's Tcl-URL for October 15, with the latest from the Tcl/Tk development community. Topics include the need for a complete statistical package in Tcl, dealing with environment variables, Tcl and Java, and more. Tcl/TK quick start (IBM developerWorks). IBM's developerWorks is featuring a Tcl/TK quick start tutorial, registration is required. XMLXML Bookshelf : Extending XSLT (IBM developerWorks). Doug Tidwell presents one chapter from his book XSLT on IBM's developerWorks. "This chapter adapted from the O'Reilly book XSLT shows how to create XSLT extension functions and extension elements, and it demonstrates how to use them to generate interactive pie charts, query databases, and build JPEG graphics from a stylesheet." Putting XSL transformations to work (IBM developerWorks). Mark Colan writes about XSL translations on IBM's developerWorks. "This paper introduces the Extensible Stylesheet Language (XSL) and highlights several real-world business scenarios that benefit from the use of XSL transformations. XML data comes in many forms, so one of the most important technologies needed for XML applications is the ability to translate the data from one form to another and to convert it into document types -- such as HTML and PDF -- that can be rendered visible to end users." Transforming XML With SAX Filters (xml.com). Kip Hampton looks at Perl SAX filters on O'Reilly's xml.com. "A SAX filter is simply a class that is passed as the event handler to another class that generates SAX events, then forwards all or some of those events on the next handler (or filter) in the processing chain." Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Commerce page. |
Linux and BusinessSafeDisc LT copy protection comes to Linux. Just what we needed: Macrovision has announced that TransGaming Technologies has signed an agreement to implement Macrovision's "SafeDisc LT" copy protection system for Linux. If it helps to bring games to Linux, then perhaps this is even a good thing, but it is hard not to see many people taking it as a challenge. Linux Game Publishing opens its doors. A London-based company called Linux Game Publishing has announced its existence. It apparently has contracts to port "two major titles" to Linux, but we don't get to know what they are quite yet. Trolltech releases Qt 3.0. Trolltech has announced the release of Qt 3.0. New features include a database frontend capability, better internationalization and font handling, improved development tools, and more. Linuxcare names Avery Lyford as CEO. Linuxcare founder Art Tyde has stepped aside, and the company has appointed Avery Lyford as the new boss. Ximian Names Mitchell Kapor to Board of Directors. Ximian has announced that Mitch Kapor will take a seat on its board of directors. Mr. Kapor, of course, is the founder of Lotus and a co-founder of the Electronic Frontier Foundation. Red Hat Quarterly Report. For those interested in the details, here is Red Hat's amended quarterly report to the U.S. Securities and Exchange commission. Navy to Test the Water With Open-Source Software. Here is a press release from a group calling itself the "Open Source Software Institute." It seems that this group is working with the Naval Oceanographic Office to look at that office's use of open source software, and to come up with other ways in which open source can help. "Several of the information gathering operations [at the Oceanographic Office] rely on Linux as a mission critical application." Linux Stock Index for October 11 to October 17, 2001.
The high for the week was 24.20 Press Releases:Open source products
Distributions and bundled products
Proprietary Products for Linux
Hardware and bundled products
Products and Services Using Linux
Products With Linux Versions
Java Products
Books & Training
Partnerships
Personnel & New Offices
Linux At Work
Section Editor: Rebecca Sobol. |
October 18, 2001
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux in the news page. |
Linux in the newsRecommended ReadingHow to End Microsoft's Monopoly (Law.com). This Law.com article argues, in a halfhearted manner, that the best way for the government to deal with the Microsoft monopoly is to support Linux. "The federal government, with its huge base of personal computers, could make the open source Linux a viable contender to Windows simply by licensing and using it. But this is easier said than done. Indeed, Linux appears to have only a miniscule share of the federal personal computer market. There are reasons for this." Linux-based GUIs: A perspective (ZDNet). ZDNet has a lengthy comparison of Linux desktop environments written by the Gartner Group. "On the development side, various thumbnail comparisons cite KDE as more developed and stable and GNOME as more customizable. KDE, despite being developed by scores of contributors in the open source tradition and perhaps because of its head start, is a more integrated system of parts working together. GNOME, by contrast, does not, for example, have its own window manager but works with several different ones produced in the open-source community." How safe is any Platform? (IT-Director). IT-Director questions the statistics on web site defacements. "However, what is obvious is that Windows is the most defaced platform around and Microsoft needs to address the vulnerabilities urgently. However, Linux vendors and users can see that they are in no position to relax and the same can be said for Solaris as well." CompaniesIBM and Citizen Watch develop Linux-based 'WatchPad' (LinuxDevices). LinuxDevices.com has posted a look at the latest Linux-powered watch prototype from IBM and Citizen. "The watch contains a high speed, low power 32 bit MPU, 16 megabytes of flash memory, and QVGA liquid crystal display. The watch has both voice-enabled Bluetooth and infrared red wireless connectivities. Users interact with the WatchPad through a touch panel, button, and modified winding crown. In addition, accelerometer is embedded to study if arm movement to become a potential input method." Newest Mandrake Linux delayed (News.com). News.com reports on the delay in shipping Mandrake Linux 8.1. It seems that moving CD production to the U.S. has not gone as smoothly as they would have liked. "MandrakeSoft is based in France, but most of its business is in North America, Chief Executive Jacque le Marois said in an e-mail interview. Half of sales are in the United States and 4 percent are in Canada, while France accounts for 5 percent of sales." Progeny reborn as Linux services company (News.com). News.com looks at the changes at Progeny Linux Systems. "In addition to easing the strain on Progeny's checkbook, the move means the company won't create a proprietary version of the free operating system, a possibility that worried some Linux developers. However, by moving away from a proprietary version and rejoining the original Debian Linux effort, Progeny is favoring a Linux distribution that is the slowest to integrate new software developments." Will You See Open Source J2EE Implementations? (OnJava). OnJava looks at obstacles to an open source J2EE implementation. "Another problem -- and this leads us to the Lutris case -- is that Sun has taken the position that any licensee of the J2EE specification is privy to Sun's intellectual property, and can't legally release an open source implementation. (In particular, they have told Lutris that they may not apply an open source license to their Enhydra J2EE platform.)" ResourcesCopy Protection Robs The Future. Here's an essay by Dan Bricklin pointing out another problem with copy protection schemes. "I believe that copy protection will break the chain necessary to preserve creative works . It will make them readable for a limited period of time and not be able to be moved ahead as media deteriorates or technologies change. Only those works that are thought to be profitable at any given time will be preserved by their 'owners' (if they are still in business)." ReviewsNetfilter and iptables: Stateful firewalling for Linux (ZDNet). ZDNet looks at the Netfilter system in the 2.4 kernel. "For sites already using Linux for firewalling, the move to this new infrastructure can be difficult, as it requires administrators to learn the new interface. But it's well worth the effort; the vast improvement in security justifies the move to Netfilter and iptables, especially for sites still using ipchains." A developer's review of MontaVista's Hard Hat Linux SDK (LinuxDevices). LinuxDevices.com is running a lengthy review of Montavista's Hard Hat Linux 2.0 software development kit. "Target deployment is perhaps the weakest area of Hard Hat, having the poorest documentation. Support for target deployment consists of the following statement in the manual: 'You can now use fdisk, mke2fs, and lilo to format and install the target environment on a hard disk attached to the target.' Clear enough for an experienced Linux user, perhaps, but a novice will need a bit more detail." InterviewsInterview With Linus Torvalds (OSNews). OSNews interviews Linus Torvalds. "I don't want to open a 2.5.x development tree until I'm happy with the pending issues for 2.4.x - it's taken longer than I hoped for, but it's getting there. Within the month." Interview: Robert Love (Kerneltrap). Kerneltrap is running an interview with Robert Love. "First, the kernel would degenerate into a pile of cat phlegm with me at the helm. For whatever complaints I or others have against Linus, he is not just an incredible hacker but a superb manager. Linux needs him." Section Editor: Forrest Cook |
October 18, 2001 |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Announcements page. |
AnnouncementsResourcesLinux Buyer's Guide #13. The Duke of URL has posted a new Linux Buyer's Guide. Check it out for an overview of current Linux compatible hardware. The article illustrates how to piece together an 850 Mhz low-end system for under $400. High end systems are also featured. The Ultimate Linux Box 2001: How to Design Your Dream Machine (Tuxedo.org). Eric Raymond also describes the building of a top-performance Linux system in this article. "And oh, yes, the software. I realize that favorite Linux distribution is a religious war, but I can't resist putting in a plug for mine -- KRUD Linux from Kevin Fenzi and the good folks at tummy.com. Subscribing to KRUD gives you a Red Hat base, plus a monthly update including all security fixes and a tasty selection of additional programs and tools." Stand Up and be Counted. The Linux Counter project has announced that it will be removing 90,000 old accounts in an effort to improve its data quality. Current users are encouraged to sign up. EventsALS Goes Free, as in Beer (Linux Journal). The Annual Linux Showcase, to be held in Oakland California November 5-10, 2001, will feature free admission. "'The USENIX board hopes that by making the conference free, we would encourage people to come and discuss what can be done about things like SSSCA and the W3C RAND patenting discussion', maddog said. The SSSCA is The Walt Disney Company's attempt to effectively ban free software operating systems by requiring mandatory copy restriction in all digital devices." LL1: Lightweight Languages Workshop 2001. MIT is hosting the first Lightweight Languages Workshop on Saturday, November 17, 2001 in Cambridge MA. Carly Fiorina to deliver LinuxWorld keynote. IDG World Expo has announced that the opening keynote at the next LinuxWorld Conference and Expo (New York, January 29 to February 1) will be HP CEO Carly Fiorina. Also lined up to give keynotes are Sanjay Kumar (President, CEO of Computer Associates) and William Zeitler (an IBM VP). Distinctly missing from the agenda is Linus Torvalds or any other community figure. Events: October 18 - December 13, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. Web sitesAnnouncing New KDE-PIM Site. A new web site that focuses on KDE Personal Information Management (PIM) has been announced. The new site is located at pim.kde.org. User Group NewsLUG Events: October 18 - November 1, 2001.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn-lug@lwn.net in a plain text format. Section Editor: Forrest Cook. |
October 18, 2001 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software AnnouncementsHere are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways: The Alphabetical List and Sorted by license |
Our software announcements are provided courtesy of FreshMeat
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux History page. |
This week in Linux historyThree years ago (October 22, 1998 LWN): Jonathan Postel, one of the founding fathers of the Internet, died from complications from heart surgery. LinuxWorld went online and LWN contemplated retirement. So LWN is at a turning point. We could retire, let the trade press take over, and regain a lot of time in our lives. But we don't want to do that. We feel we have something to offer the Linux world. We want to be here next year. Ironically, LWN is once again questioning its continued existence. (See last week's front page for details.) Microsoft went on the offensive with an open letter in France: Linus Torvald [sic] left the university last year to join a Californian company. The development of Linux since slowed down considerably. In the same way, the maintenance of each functionality of Linux depends on the mobilization of the teams. Thus, certain functionalities have not known updating for two years. In other words, delays in the delivery of new stable kernels are not particularly new... (LWN ran a full English translation of the letter). Gaël Duval announced plans to form a corporation around Linux-Mandrake. Three years later, MandrakeSoft is doing well. Two years ago (October 21, 1999 LWN): The first signs came out of the U.S. administration that crypto export laws would be relaxed somewhat. It took another year to see distributions shipping (in the U.S.) with crucial software like ssh. LWN covered the third Atlanta Linux Showcase. We even had our own Booth Babe. LinuxToday was acquired by Internet.com and co-founder Dave Whitinger left, to turn up later at Atipa. One year ago (October 19, 2000 LWN): Red Hat got some grief for releasing development versions of the compiler and C library with Red Hat 7. In other words, glibc's maintainers haven't expressed confidence that anything newer than 2.1.3 will be stable, and you can't even find anything newer than 2.1.91 on the official glibc website. Yet something newer than both is exactly what's in today's shipping release of Red Hat. -- Evan Leibovitch, ZDNet
Sun released OpenOffice, the open source version of StarOffice. People were not too excited. Is it just me or does this seem a like putting 450 rugged individualists on a ship and launching them to sea, while we stand on the dock waving our Linux flags -- never expecting to see them again? More casualties of war and adventure. I hope they at least have fun. -- ZDNet
The current development kernel release was 2.4.0-test9, with a test10 prepatch in its fourth revision. People were wondering how to get a faster kernel update cycle. Many ideas were discussed, none were chosen. Kernel releases happen when they are ready, and not before. Lineo put out a new S-1 filing in an attempt to revive its IPO. They eventually gave up though.
Section Editor: Rebecca Sobol. |
October 18, 2001
LWN Linux Timelines |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Letters page. |
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. |
October 18, 2001 |
From: "Bill Rugolsky Jr." <rugolsky@ead.dsa.com> To: lwn@lwn.net Subject: 2.5 and the -linus/-ac kernel split Date: Thu, 11 Oct 2001 09:05:57 -0400 Since Alan Cox has referred to 2.4.10+ as "2.5", and he intends to continue developing the -ac series, the problem seems to mostly be one of naming. Alan can essentially treat -ac as the main line of development once Linus opens the "real" 2.5.x, and "backport" fixes from the Linus tree into -ac, while forward porting features and fixes like standards compliance from 2.4 into 2.5, as he did with 2.2/2.3. If Andrea's VM stabilizes and is a vast improvement over Rik's VM, Alan may integrate it into 2.4. Again there is precedent, as Alan took Andrea's 2.2.x VM changes into 2.2.19. Historians can debate when 2.5 began; the rest of us will just use what works. :-) Regards, Bill Rugolsky | ||
From: michaeld@senet.com.au To: letters@lwn.net Subject: Re: GNOME version 2.0 officially 'not of use to anyone' Date: Fri, 12 Oct 2001 12:43:26 +091800 It's a shame that you didn't follow up your link to this story... The Register have already indicated (http://www.theregister.co.uk/content/35/22077.html) that this was a trawl, and that "they were just having a little bit of fun". The GNOME 2 release mentioned was an alpha release of the libraries that developers of GNOME applications can use for porting their applications to the GNOME 2 platform. It was never intended for general consumption. Michael... -- Michael Davies "Do what you think is interesting, do michaeld@senet.com.au something that you think is fun and mirky on irc worthwhile, because otherwise you won't do it well anyway." -- Brian Kernighan ------------------------------------------------- This mail sent through SE Net Webmail http://webmail.senet.com.au | ||
From: "Robert K. Nelson" <rnelson@airflowsciences.com> To: dan@ssc.com Subject: Ultimate Linux Box Date: Tue, 16 Oct 2001 08:52:55 -0400 Cc: letters@lwn.net Eric Raymond's Article on the Ulitmate Linux Box was great, but it included at least one technical error. It is quite possible to run dual Processor Pentium IV machines under Linux. We are currently running these machines (purchased from ASL, Inc.). Robert K. Nelson Airflow Sciences Corporation 37501 Schoolcraft Road, Livonia, MI 48150-1009 (734) 464-8900 FAX (734) 464-5879 www.airflowsciences.com | ||
From: jerry <jerry@pc-intouch.com> To: <jimjohn@erol.com> Subject: MicrosoftMonopoly Date: Wed, 17 Oct 2001 09:07:29 -0700 (PDT) Cc: <letters@lwn.net> Regarding your article in law.com.. I think that your perspective hasn't allowed you to understand from where Microsoft Success came. You said that Microsoft is a technically superior system.. That is INCORRECT. Many experts concede that Beos, Macintosh, Solaris, and others are technically superior. Linux is technically superior. Microsoft gained its edge 20 years ago by being more AVAILABLE than other systems. When the IBM pc was introduced (with MS operating system), we had many many brands of computers on the market, but no commonality of standards especially for file and interface standards. None of the popular pcs of the time offered a standard RS232 port, or a standard file format. Hardware and Software was totally incompatible between brands.... Microsoft and IBM clones offered standards. These standards were important at that time, triggered a lot of the popularity. You had CHOICES of hardware, competition in software, and unbelievably large after-market support. Microsoft DOS was widely copied, and when Windows came out, again wholesale plagiarism made it widely available to anybody who wanted to copy it.. Microsoft wasn't better than competition, it was AVAILABLE. And everybody jumped on the bandwagon. Microsoft is still HIGHLY AVAILABLE and easy to acquire. It is very easy to buy a pc with MS OS. All you need is money. Apple and Macintosh computers were very competitive technically, but they existed in an environment where they tried mightily to controll the users... But why pay that much for a pc that had the hood welded shut, when you could build an IBM clone with plagiarized software for 1/3 the cost. Because of the cost of hardware and memory, UNIX was not even considered by home users... And with their bickering and proprietary changes, they splintered the business market.. FreeBSD and Linux have changed the equation......FreeBSD is a technically superior system, with a free'd copyright. Linux is superior not because it is a good UNIX, but more importantly, it is GPL'D. The GeneralPublicLicense is not the answer to everything, but Microsoft is right. It has a viral nature and cannot be stopped. It is enhanced by it's AVAILABILITY. You cannot plagiarize Linux, you cannot hide the OS, you cannot hide "backdoors". There are NO SECRETS. By the open design, it is more secure, and any SA knows security is enhanced by what you know, not by what you don't know. If you reveiw the internet regarding linux security, you find that it is widely supported and continually enhanced. You have ONLY Microsoft's word that they are that active.. Microsoft has an excellent Graphical User Invironment, excellent mulitimedia, and some excellent software, and an incredibily large and diverse choice of software, most of which comes from after-market vendors. Microsoft, has earned much of the market.. But they are becoming more controlling, more arrogant, and more expensive. They are retracting the ACCESSIBILITY that they once enhanced. AND they are hiding the technical detail from the masses. Microsoft technicians are masters of mysticism waving magic wands, speaking incantations, and following very specific practices to install and repair. The 3 R's of MS repair is Reboot, Reboot, and Re-install.. They cannot be allowed to change or even see the underlying source code. The early day plagiarism actually helped Microsoft gain market recognition and share. They are no longer allowing that to happen.. There is legislation being proposed that will be highly detrimental to the GPL movement. Senator Fritz Hollings currently is proposing a bill THAT COULD MAKE LINUX ILLEGAL. Such freedom-robbing legislation is the ONLY thing that will stop the GPL (orLinux).. And that could(?) happen in this country, but it won't stop INDIA, CHINA, or BRAZIL.. Eventually the free software of GPL will win.. The world will go to GPL-Linux..ALL modern and recent platforms have or are having Linux ported to them. Linux is already out the gate in the 64 bit cpu world. The economy cannot stop it, there is no capital investment needed. Microsoft cannot stop it.. GPL opens up the mysteries of computing to anybody who desires it.. Free knowledge cannot be stopped. LINUX or a GPL software WILL achieve world domination because of its AVAILABILITY and ACCESSIBILITY. de Jerry Sharp | ||