![[LWN Logo]](http://old.lwn.net/images/lcorner.png)
![[LWN.net]](http://old.lwn.net/images/bigpage.png)
|
|
|
Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
 Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsSklyarov: the U.S. raises the stakes. Last week's delay in Dmitry Sklyarov's arraignment fed hopes that some sort of agreement was being pursued that would allow Dmitry Sklyarov to go free. No such luck. On August 28, a federal grand jury sent down an indictment charging both Sklyarov and Elcomsoft with trafficking in a copyright circumvention device. For good measure, they threw in a set of conspiracy charges as well. As a result, Mr. Sklyarov faces a total of five counts; if found guilty, he could be sentenced to 25 years in prison and a $2.25 million dollar fine. In other words, he could be a guest of the U.S. prison system long after the mere armed robbers, rapists, and child molesters are allowed back into society. It will be interesting to see how the U.S. decides to pursue the indictment against Elcomsoft the company; it's hard to sentence a corporation to jail. Elcomsoft President Alex Katalov is showing some serious bravery by remaining in the U.S. despite all that has happened. The U.S. government, clearly, is serious about this prosecution. Somebody, somewhere, wants to put an immediate and forceful stop to the creation of "circumvention devices" and the exposure of third-rate encryption schemes. The raising of the stakes may be an attempt to intimidate Mr. Sklyarov into pleading guilty to a lesser charge, or perhaps the government wishes to make an example of him that nobody can ignore. One way or another, we are now seeing the degree of repression that the U.S. is willing to apply to ensure that certain kinds of software are not written. It is time for the free software community worldwide to get serious as well. This is a threat we can not ignore. If this prosecution is successful, we will certainly see an increasing number of attempts to control, with force, how we can use our computers and what software we can write. It takes very little imagination to picture a future where the general-purpose computer has been replaced by a "trusted computing platform" and systems which do not "seal data within domains" are treated as "circumvention devices." At what point, exactly, does Linux become an illegal device under the DMCA? In a world where programmers face 25-year sentences for code that was legal where they wrote it, this vision should not be seen as overly paranoid. It is time to get serious. How can that be done?
It is also time to consider pulling Adobe's name back into this whole affair. It is Adobe that started this particular prosecution; the company should not, at this point, be able to get out with one simple joint press release with the EFF. Adobe started this thing; it should help end it. The free software community is faced with a challenge that is far more daunting than that of creating a top-quality, free operating system. Most of us are well out of our competence and comfort when dealing with this sort of oppressive politics. But this issue is going to come to us, whether we choose to address it or not. We can win this fight; even in the U.S., justice can usually be made to prevail. But it is going to take an effort beyond just putting "free Sklyarov" in our .signature files. The Sklyarov story is developing quickly; see the LWN.net Daily Updates Page for the latest news. (See also: the EFF advisory on the Sklyarov indictment. The indictment itself is available in PDF format. The Free-Sklyarov mailing list is a good, if occasionally high bandwidth, source of information and rallying point.)
VA Linux goes proprietary? VA Linux Systems started off with the
bad news: in its fiscal fourth quarter, the company managed to lose an
amazing $5.58 per share. Much of this loss ($267 million) is a result
Losses are going to have to keep getting smaller, though. The current projection is for a loss of $10 to $13 million in the next quarter. VA Linux Systems currently has $83 million in the bank, of which it expects to burn $6 million above its loss in the first quarter of fiscal 2002. That can not be sustained for very many quarters before something has to give. The next bit of news out of VA Linux was, to some observers, even worse. In a letter to SourceForge users, the company explained that it plans to start offering commercial versions of the SourceForge software that include proprietary components. The nature of those components has not been made all that clear; it seems to include glue to integrate SourceForge with customer-owned proprietary systems (such as databases). Interestingly, SourceForge.net, the free software development site, will be using a version of the SourceForge software with proprietary components. From the FAQ: SourceForge.net will be using SourceForge Portal Edition, which will also include proprietary extensions, because it provides functionality that won't be available in future releases of SourceForge Open Edition. So developers of free software on SourceForge.net will be using proprietary software to do their work. A different spin on VA's new business direction can be found in Eric Raymond's mailing. According to Eric, VA is not changing its focus as an open source company in any way, it's just finding a way to more readily sell its free software and services by catering to the conservative instincts of middle managers. What VA is doing instead is throwing a sop to those instincts by hanging some proprietary tinsel off the product. This makes it psychologically easier for Mr. Middle Manager to sign the check; he can think "I'm buying something real" -- as if bits on a disk are more real than the people-hours in the service contract that goes with it. But there it is; most sales and marketing is founded on the reality that people aren't very rational. This, of course, is not a particularly complimentary attitude for a company to take toward its customers, but there may be some truth there. Maybe a bit of "proprietary tinsel" will succeed in making the SourceForge product more appealing to certain classes of customers. The proof will be in VA's results in the coming quarters. It is difficult to criticize VA for doing what it thinks it needs to do to survive. If selling tinsel allows the company to continue to exist, employ free software developers, and operate SourceForge.net, then perhaps it is the best thing for the company to do. SourceForge.net, in particular, is a heavy, expensive commitment to the free software community. The lower VA's cash reserve gets, the more concerned SourceForge users (i.e. all of us, in one way or another) should be. As long as VA respects the licenses of the software it works with (and there are not allegations to the contrary), one can only wish the company luck as it looks for the combination that actually makes money. Still, it is disturbing to consider the implication that excellent free software and services are not, themselves, sufficient to sustain a business the size of VA. That, certainly, is not the conclusion that many in the free software community were hoping to reach. Perhaps, as Eric Raymond says, the need for proprietary add-ons is temporary. And certainly the current economic climate is not helping. But it would have been nice to have more clear-cut free software business success stories by now. Linux as a sound business move. Last week's History Page included a quote from a three-year-old ZDNet article: Technically, Linux might be a reasonable choice, but what kind of company is going to rely on unsupported freeware or something that's supported by two tiny vendors? Rejecting Linux is a straightforward business decision. If it were supported by an IBM or a Hewlett-Packard, then that would be an entirely different matter. That sort of stuff is always fun to pull out for a quick laugh; some of us, after all, had no doubts of Linux's bright future even in the prehistoric days of 1998. There is an interesting thing to note here, though: nobody talks that way anymore. One might reasonably question whether running a Linux business is a reasonable decision, but running a business on Linux is no longer controversial. As an example of how entirely different the matter really is, consider this press release from IBM. It seems that the Securities Industry Automation Corporation (SIAC) is moving its "ARTMAIL" system to an IBM zServer running Linux. ARTMAIL operates as part of the New York and American stock exchanges, generating transaction reports for brokers. It's hard to imagine a more conservative environment for Linux than the shuffling of financial data for the highest-volume stock exchange on the planet. Linux users will not doubt that the system can handle that sort of task; the fact that stock brokers now understand as well says a lot. Using Linux is not just a straightforward business decision; it's often the best decision. Inside this LWN.net weekly edition:
This Week's LWN was brought to you by:
|
August 30, 2001
|
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Security page. |
SecurityNews and EditorialsNew NSA SELinux release. A new release of the NSA's Security Enhanced Linux has been announced. This version is based on the 2.4.9 kernel; the most interesting new feature, though, is likely to be that this release is built on the new Linux security module architecture. It's the first release of this work as part of an integrated product, and thus it gives an indication of how future secure Linux releases will look. The security module project, remember, started after the Kernel Summit last March. Linus Torvalds had stated that he wanted the various security projects to agree on a framework for hooking security extensions into the kernel, so that users could easily experiment with (and switch between) them. Work on the security module project has been proceeding quickly, to the point that the developers are beginning to consider proposing it for inclusion in the 2.5 kernel. Assuming there ever is a 2.5 kernel, of course. The SELinux release is a good step in that direction, since it provides a demonstration of a security-enhanced kernel using the new architecture. It will also allow for wider testing of the security module code and help to shake out the remaining problems. See the NSA Security-Enhanced Linux pages for more information. The generic security module code can be found on the Linux Security Module page. CERT's quarterly summary is available; as usual, it points out the security vulnerabilities that (in CERT's opinion) people should be most worried about. It is dominated this time around by Windows-specific problems - Code Red, Sircam, etc. There is one issue in the list that is relevant for Linux users, though: the telnetd vulnerability. The current list of telnetd updates appears in the "Updates" section below; anybody who is still running telnet should be sure to apply the relevant update to their systems. Security ReportsBuffer overflow in AOLserver. The AOLserver web server has been reported to crash when fed a long authorization string as input. Such problems are usually exploitable, though no exploit has yet been reported in this case. Older versions of AOLserver (3.0, 3.2) are vulnerable; the current version (3.4) is not.
String handling problems in xinetd. A new set of problems has
been found in xinetd, having to do with how it handles strings. Versions
prior to 2.3.1 are vulnerable, and should be upgraded. As of this writing,
the only distributor update available is from Conectiva.
web scripts.
Proprietary products. The following proprietary products were reported to contain vulnerabilities:
UpdatesLinux Kernel 2.4 Netfilter/IPTables vulnerability. Check the April 19 LWN Security Summary for the original report. The NetFilter team has provided a patch for Linux 2.4.3.Previous updates:
Previous updates:
This week's updates:
Previous updates:
Multiple vendor telnetd vulnerability. This vulnerability, originally thought to be confined to BSD-derived systems, was first covered in the July 26th Security Summary. It is now known that Linux telnet daemons are vulnerable as well.
This week's updates: Previous updates:
Previous updates:
ResourcesLinuxSecurity.com's weekly newsletters (Linux Security Week and Linux Advisory Watch are available.EventsRAID 2001, the Fourth International Symposium on Recent Advances in Intrusion Detection, will happen in Davis, California, on October 10 to 12. A call for participation has been posted.
The 14th Annual Computer Security Incident Handling Conference will
be held on June 24 to 28 at the Hilton Waikoloa Village in
Hawaii. The call for papers has been issued; the
submission deadline is November 16.
Upcoming Security Events.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Jonathan Corbet |
August 30, 2001
LWN Resources | ||||||||||||
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Kernel page. |
Kernel developmentThe current kernel release remains 2.4.9. The current 2.4.10 prepatch is 2.4.10pre2, which contains a number of fixes and cleanups, but nothing too revolutionary. Alan Cox's current patch is 2.4.9ac3. This one contains everything from 2.4.9, with the exception of the min()/max() stuff and the virtual memory changes. The VM work, at least, is likely to find its way into the "ac" series slowly, in order to make it easier to assess the effects of each change individually. Also present in the 2.4.9ac series is a large merge of the MIPS port. Whither 2.5? Back on June 21, Linus said that the 2.5 series "will open in a week or two." That, of course, was more than two months ago. As of September 4, it will have been a full eight months since 2.4 came out. Never in ten years of Linux development has there been such a long period without a development kernel. This hiatus is making itself felt in a number of ways. One is that development items are finding their way into the "stable" kernel series. Back in January, Linus had laid out a stern policy on patches for 2.4: In order for a patch to be accepted, it needs to be accompanied by some pretty strong arguments for the fact that not only is it really fixing bugs, but that those bugs are _serious_ and can cause real problems. Patches since then have included API changes, wholesale driver replacements, zero-copy networking, and numerous other changes that would seem to have bent the above rule just a little bit. Meanwhile, much of the serious development work that is on tap for 2.5 remains isolated and untested, or not done at all. And developers are increasingly wondering when the 2.5 series will start. It is important, certainly, to hold the line on development work while the 2.4 kernel stabilizes. The developers need to maintain their focus on stability until the job is really done, and an open development series could easily distract many of them. But eight months is a long time without a development kernel. It seems time for 2.5 to start. The min() and max() issue... Linus returned from Finland and put in his contribution to the debate on the changes to min() and max(): Yes, the new Linux min/max macros are different from the ones people are used to. Yes, I expected a lot of flamage. And no, I don't care one whit. Unlike EVERY SINGLE other C version of min/max I've ever seen, the new Linux kernel versions at least have a fighting chance in hell of generating correct code. In other words, he does not intend to back down on this change, and people should just deal with it and get on with things. Most of the kernel hackers seem to have accepted this, with, perhaps, a final grumble or two and the discussion has died down. An open question, still, is what Alan Cox will do in the "ac" series. 2.4.9ac3 does not have "the min/max thing which needs to be dealt with." Last week Alan had said that he would not incorporate this change in this form - though he does agree with the basic goals of the change. This change, however, affects a lot of files throughout the kernel, and maintaining a kernel that differs from Linus's in this respect would be a lot of work for Alan and many other kernel developers. It would probably be much easier for everybody involved to just adopt Linus's new way of doing things and be done with it. Then, there was the well-intentioned guy who suggested supporting both the new and the old min/max macros, and surrounding each call with a #ifdef. That idea didn't get too far... In search of smart readahead. This week saw a complaint that disk read performance is very slow when numerous threads are all reading simultaneously. One suggestion that came out quickly was to increase the readahead limit for disk files. It's an approach that has worked for some people, but a more general solution requires a deeper look. "Readahead," of course, is the act of speculatively reading a file's contents beyond what a process has asked for, with the idea that the process will get around to asking for it soon. When properly done, readahead can greatly increase read performance on a system, and most operating systems implement the technique. A larger readahead limit can help performance by creating more contiguous I/O operations for the disk, and by making it easier to stay ahead of the reading process. So increasing the readahead size would seem like a fairly straightforward decision. Until, of course, you realize that readahead requires memory, and the system might just have one or two other possible uses for that memory. In fact, it can even be worse than that. As Rik van Riel points out, awful things can happen if the system tries to perform more readahead than it has memory for. When memory gets tight, pages used for readahead can be reclaimed for other purposes, with the result that the data so carefully read ahead gets dropped on the floor. When the reading process gets around to asking for that data, it has to be read from the disk again. In this mode, all readahead does is increase memory pressure and duplicate I/O operations; the system would be better off giving up on readahead. The solution, it would seem, would be to be smarter about just how much readahead is done. When lots of memory is available, the readahead window should be large; as memory gets tight that window should be reduced. There are several ideas on how smartness should be implemented, however.
Rik van Riel has stated his intention to proceed (with others) on an approach which dynamically scales the readahead window size "using heuristics not all that much different from TCP window scaling." Stay tuned for a patch.
Journaling filesystem performance comparison. Andrew Theurer (of IBM) has posted the results of a performance comparison between several Linux filesystems. The standard ext2 filesystem beat all of the journaling filesystems by a fair amount; JFS was the fastest among the journaling systems. ReiserFS came in last in this set of tests. It turns out that Randy Dunlap, too, has been testing journaling filesystems. He is using a different benchmarking tool, but has come up with roughly similar results. The ReiserFS testing, as it turns out, was done with a default mount option that reduces performance (but which saves disk space). People interested in performance in ReiserFS should mount with the -notails option. The above tests will be rerun with that option, but no results had been posted as of "press" time. Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
August 30, 2001 For other kernel news, see: Other resources: |
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsLNX-BBC version 1.618. Remember, back in 1999, when Linux businesses had the time and money to spare for free software projects that were simply cool? In those distant days, Linuxcare created its "bootable business card" (BBC), a card-size CD that would boot a system into a scaled-down Linux system that was oriented toward system rescue tasks. The BBC was a much sought-after system admin tool. Of course, those happy days have passed into history, and Linuxcare has long since ceased supporting BBC development (or much of any other sort of development, for that matter). (Update: it turns out that Linuxcare does have a bootable business card distribution project underway. We regret the error.)The bootable business card is not dead, though. Many of the original BBC developers went off and created the LNX-BBC project to continue the BBC work. This project has recently come out with version 1.618 (the version number is a long story...) of this distribution, and has cranked out a few thousand copies to hand out at LinuxWorld. Get one if you can, the LNX-BBC project has created a high-quality distribution. The new BBC boots into a 2.2.19 kernel; you can even get it to run in the framebuffer mode if you don't mind the cute but distracting business card logo on the top of the screen. It's a full kernel, with support for PCMCIA, ReiserFS (and about any other filesystem you could name), FreeS/WAN, and more. The boot process attempts to locate and mount all of the filesystems on the host system, which can make life easier if you're trying to fix a seriously hosed system. If you need networking, just run the trivial-net-setup script. It needed a little help in picking a module for the adapter driver, but was able to come up with the right guess on our test system. Once you're up, you're talking to a Debian-derived Linux system with a full complement of utilities; the LNX-BBC folks have managed to shoehorn an awful lot of stuff into that little disk. Everything you would expect in a rescue system is there: utilities for disk diagnosis and repair, restoring of backups, hardware diagnosis, network debugging, and so on. But it doesn't stop there; LNX-BBC also includes an X server, and tools like cdrecord, cvs, links and lynx, perl, python, pilot-link, and a highly useful little gadget called "sl", which makes a steam locomotive chug across the screen. There's even a version of kerneld, though, with a 2.2 kernel, it's not clear why that would be necessary. Also included is an experimental Debian installer. Thus, the LNX-BBC can be used as a quick and easy way to install Debian on any system that crosses your path. Doing so with those Windows-only systems in the LinuxWorld press room would probably be considered to be in poor taste, however. The new LNX-BBC should find its way into any system administrator's toolkit. Be sure to grab your copy at LinuxWorld, or download one from the LNX-BBC web site. Note: The German firm innominate also supplies a bootable business card rescue disk. New DistributionsEmpower Technologies Inc. Creates Operating System Choice for Palm Users and Palm-Compatible Manufacturers. Empower Technologies announced its Linux DA operating system for the Palm Pilot. Linux DA O/S v1.0 DBE replaces the Palm O/S within the actual handheld device, but still remains fully compatible with the Palm and Palm-compatible hardware. Omoikane GNU/Linux. Omoikane GNU/Linux is a Japanese commercial distribution based on Debian. The base system is Debian 2.2r2. They actually offer four types of distribution: Workstation (a compact system for desktops), Workstation++ (which adds more packages to Workstation, mainly for development), Server (which, as you might guess from the name, provides server packages such as Apache, BIND, Namazu2 (a Japanese text search engine), PHP4, PostgreSQL and squid), and lastly X-Term (an unusual system which turns a PC into an X terminal using a live boot system, so it requires no installation). Omoikane isn't a new distribution, but as it is focused on the Japanese market, it seems to be largely unknown outside of Japan. Their website is in Japanese. (Thanks to Bruce Harada for the pointer and the translation.) Distribution NewsEnGarde Secure Newswire!. EnGarde Secure Linux presents the EnGarde Secure Newswire #2. This monthly newsletter contains details on EnGarde development, usage tips, news and reviews pertaining to EnGarde, and information on the latest software released by Guardian Digital for EnGarde. This issue contains reviews and information about the latest software updates. LASER5 Linux 7.1. LASER5 started out as a project to localize Red Hat Linux to Japanese. Though LASER5 and Red Hat parted ways two years ago, the project has stayed active. They have a new release as of August 24. At least I think that's what it says. The website is, of course, in Japanese. Linux Mandrake News. The Mandrake Community News #11 is available in French and available in English. Mandrake Linux PPC 8.0 final release is now available. Mandrake Linux 8.1 beta 2 is also available. New features this time around include improved administration tools and the Prelude intrusion detection system. New NSA SELinux release. A new release of the NSA's Security Enhanced Linux has been announced. Among other things, this release includes the security module work that has been proceeding so quickly over the last few months. SuSE Linux. SuSE president and CTO Dirk Hohndel has announced his intention to leave the company. "Dirk steps away from SuSE to pursue his personal and professional interests." No word as yet on who the replacement might be. SuSE has announced the release of SuSE Linux Enterprise Server 7. It's strongly aimed at corporate users, of course, and, beyond all of the features one would expect in a server product, it includes maintenance services. Also listed as a feature is a one-year release cycle. SuSE announced a back to school special. SuSE's Free Linux Program for US High Schools is in Phase II of its successful campaign to develop greater awareness of open source computing and SuSE Linux throughout US high schools. Redmond Linux build 38. Build 38 of the Redmond Linux distribution has been announced. A number of fixes and new features are included; it's not quite ready to be called a release candidate, however. Minor Distribution updatesClarkConnect. ClarkConnect is an Internet gateway software package based on Red Hat 7.1. Version 0.8.1 was released August 20, 2001. Astaro Security Linux. Astaro Security Linux version 2.0 was released August 24, 2001. The new version significantly enhances the included software with added functionality such as VPN for IPSec, PPTP for secure road warrior communications and SCSI-Support for high availability security solutions. The complete list of enhancements included in Astaro Security Linux 2.0 can be found in the press release. Distribution ReviewsThe Linux lineup (ZDNet). ZDNet compares a slew of recent Linux distributions, including Caldera OpenLinux eServer 2.3, Linux-Mandrake 8.0, Slackware Linux 7.1, Turbolinux Workstation Pro 6.1, Debian GNU/Linux 2.2, Red Hat Linux 7.1, SuSE Linux 7.2 Professional. Vector Linux 2.0 Review (Evil3d.net). The folks at Evil3d.net have reviewed Vector Linux 2.0. "80MB heavier, VectorLinux 2.0 is still going to be my choice of a gaming box distribution. It is still very light, still up to date, and it includes better configuration tools than the previous version." Yellow Dog 2.0 Review (MaximumLinux.org). Here's a review of Terra Soft Solutions' Yellow Dog Linux from MaximumLinux.org. "Yellow Dog Linux is a very robust distribution based heavily on the Red Hat x86 distro. With two big differences, it's uses a PPC kernel (obviously), and the default installation is much more secure than Red Hat's distribution. Yellow Dog leaves all ports turned off by default leaving it up to you turn on which services you plan to use for your particular application." Section Editor: Rebecca Sobol |
August 30, 2001
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's On the Desktop page.
|
On The Desktop'On the Desktop' editor Michael Hammel is at LinuxWorld, so this page will be a little thinner than usual. The full Desktop page will return next week.
KOffice 1.1 released. KOffice 1.1 is out; see the announcement for the details. The list of changes is lengthy and impressive. These changes include:
Those interested in KOffice might also want to look at the KDE dot News story on the release, which, among other things, points out a number of the shortcomings that the KOffice developers still have to address. The proprietary format filters seem to be at the top of that list. As a work in progress, KOffice certainly will have areas that could be improved; that does not, however, change the fact that this free office suite has come a long way in a short time, and shows no signs of slowing down. Webmin/Debian update. Last week we said that Debian developers were looking seriously at the Webmin administration interface but we weren't sure if they were adding it to the Debian distribution. Well, they are. The Webmin maintainer for Debian, Jaldhar H. Vyas, tells us: Webmin packages are available in the testing and unstable distributions and I will make unofficial packages for stable available from my websiteWebmin packages are available in the testing and unstable distributions and I will make unofficial packages for stable available from my website.
Desktop EnvironmentsGnome Board Meeting. Daniel Veillard has sent us the minutes from the August 21, 2001 GNOME board meeting. Interview: James Henstridge and libglade. The GNOME folks are starting up a series of interviews with their developers; the first is this interview with James Henstridge, developer of libglade and several other things. The interview concentrates mostly on libglade and its future. Sun's Desktop Division making headway (linuxpower). Christian Schaller interviews a number of GNOME developers at Sun. "Still, most of the Sun hackers and their work is not well known to all members of the GNOME community and definitely not to the Linux community in general. To do something about this, I decided to interview some of the members of Sun's Desktop Division and ask them what kind of things they are working on. The number of people interviewed here is still just a small subset of the people working at Sun on GNOME and GNOME related technologies. Most of the people in this interview work at Sun's offices in Ireland." KC KDE Issue #20. The Kernel Cousin KDE is back with "... stories on continuing efforts to improve Konqueror's support for EMCAScript (JavaScript), security issues when using webform completion, efforts to create SCP and SFTP KIOSlaves, and much more." Office ApplicationsAbiword Weekly News. Well, he said he'd be gone for two weeks, but Jesper Skov has published another issue of the AbiWord Weekly News this week. Topics this week include lots of discussions on new feature requests such as tabbed windows instead of multiple top level windows and better PalmDoc support. Desktop ApplicationsBonobo Clipboard 0.1 'Hey! It compiles!'. The first release of the Bonobo Clipboard, version 0.1, has been announced. Since this is an early release, several testing programs are included. And in other news...Roundup Issue Tracking System. Version 0.2.7 of the Roundup Issue Tracking System has been announced. " Roundup is a simple-to-use and -install issue-tracking system with command-line, web and e-mail interfaces. It is based on the winning design from Ka-Ping Yee in the Software Carpentry "Track" design competition." Simutrans for economic simulation (Linux For Kids). Linux For Kids reviews Simutrans, an economic simulation game that is similar to Railroad Tycoon. "The graphics are very good, with little animations a la Simcity. There is an AI that competes against you by building its own roads and tracks between lucrative spots on the map. You only make money by delivering the goods, not for manufacturing. Once you build the roads, you will see houses starting to pop up, and car traffic starting to use the roads you built for your trucks." Section Editor: Michael J. Hammel |
August 30, 2001
|
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Development page. |
Development projectsNews and EditorialsThe GPLFarm is a new project under the leadership of Francisco Burzi. The goal of GPLFarm is to bring high quality desktop software to the Linux platform.GPL Farm is a developers family with a very innovative idea. GPL Farm will collect Linux developers around the world throught our developers center, each developer subscribes in our site, then we will launch a software project with guidelines and a fixed timeline. Registered developers will subscribe to a project, then we'll select a programmer who will work on the project and will assign it. Then the programmer starts making the requested software, within the established time. The programmer submit his work to GPL Farm, then we'll test it with our Testers Staff. At this point we pay to the programmer the accorded ammount and the final step is that GPL Farm will release the software under the GPL license. Easy no? ![[GPL Farm]](gplfarm.jpg)
The project is looking for sponsor organizations and individuals, with
the hope of raising US$2 Million to get the project off the ground.
Benefits for sponsors include lots of good publicity on the GPL Farm web
site as well as mention within the developed applications. Currently,
MandrakeSoft is the only sponsor listed.
Payment for projects will range from around US$500 to US$30,000 depending on the complexity of the project. Projects are categorized into groups of life forms such as insects, birds, reptiles, mammals and dinosaurs. Insect projects are small and easy to develop, whereas dinosaur projects are large and long term. Developers will be required to sign a contract, and payment will be made when the project reaches beta testing status. Developers who don't complete projects will be ineligible for further work. Once finished, the project will belong to the GPL Farm, and will be released with a GPL license. Beta testers will work for free, they will have access to the code in an early state, and presumably, will be able to add their direction to the project with feedback to the developer. The documentation does not go into much detail about how the various projects will be selected, presumably, that will be done by the GPLFarm leaders. It does not appear that the sponsors will have a lot of power in choosing categories that their funds will support, although that does seem like a logical method for assuring more motivated sponsors. The GPL Farm looks like a novel idea, and will hopefully succeed in focusing developer efforts onto useful new projects for Linux. AudioLinux Audio Mailing Lists. In the current Musings section of the Linux Sound Software site, Dave Philips mentions a new mailing list for Linux sound enthusiasts, the Linux Audio User list, which focuses on the user side of Linux audio software. Also, for the more development oriented people, the Linux Audio Developer list covers the software side of Linux sound. DatabasesRelease 0.1 of myperl. Brian (A.K.A. Krow) discusses the embedding of Perl code in mySQL as a stored procedure, and introduces an experimental project called myperl for achieving this capability. EducationGNU/Linux in education report #51 for August 24, 2001. The GNU/Linux in education report for August 24, 2001 is out and includes discussions on Linux in Australian schools, free software at the World Education Forum, and a new project that is assembling case studies of open source software in schools. ElectronicsNew Icarus Verilog Snapshot. A new snapshot release of the Icarus Verilog compiler, dated August 26, 2001, is available. This version includes speed optimizations, and adds functionality for general bit selections. Embedded SystemsEmbedded Linux applications (IBM developerWorks). IBM's developerWorks explains the benefits of embedded Linux and offers some options in this arena. "Some real-time hardware and software Linux APIs to consider are RTLinux, RTAI, EL, and Linux-SRT. RTLinux is a hard real-time Linux API originally developed at the New Mexico Institute of Technology. RTAI (DIAPM) is a spin-off of the RTLinux real-time API that was developed by programmers at the Department of Aerospace Engineering, Polytechnic Politecnico di Milano (DIAPM). EL/IX is a proposed POSIX-based hard real-time Linux API being promoted by Red Hat. And Linux-SRT is a soft real-time alternative to real-time APIs, which provides performance-enhancing capabilities to any Linux program without requiring that the program be modified or recompiled." Embedded Linux Newsletter for August 23, 2001. The August 23, 2001 edition of the Embedded Linux Newsletter includes news of HP's expanded role in the embedded Linux market, the multivendor set top box project known as Linux4.tv, and Lineo's latest financing deal. HP expands commitment to Linux in devices (LinuxDevices). LinuxDevices covers HP's upcoming LinuxWorld announcements, including the new Chai-LX. ``Bruce Perens, HP's senior strategist on Linux and Open Source, put HP's commitment to Embedded Linux this way: "Linux is now the standard operating system platform for embedded systems at HP."'' BusyBox 0.60.1 released. A new minor release of the BusyBox integrated toolkit is available. Version 0.60.1 fixes a few minor bugs that showed up in the recent 0.60 release. Embedded Open Motif. ICS has announced the availability of their version of Open Motif and some accompanying applications for embedded Linux systems on the Compaq IPAQ and the Agenda VR3. The applications will be released with a GPL license. MontaVista releases library optimizer tool. MontaVista has announced the open source release of its "Library Optimizer Tool," which trims down library code in order to produce smaller executable files for embedded applications. InteroperabilityWine Snapshot for August 24, 2001. A new Wine snapshot, dated August 24, 2001, is available for download. The Wine Announcements page lists the following improvements:
IRC SoftwareJabber Weekly News for August 29, 2001. The August 29, 2001 issue of a new newsletter, the Jabber Weekly News, has been published. Network ManagementOpenNMS Update for August 24, 2001. The latest update is available from the OpenNMS project. News includes a switch from JSDT to OpenJMS, dealing with the demise of ICMPD, the replacement of SCM, and new functionality for the Web UI. The OpenNMS people have also released some new documentation, see the new Quick Start doc and the OpenNMS Install Guide. ScienceReport on Open Source Initiatives in Bioinformatics (bioinformatics). Bioinformatics looks at a new report that examines the role of open source software in genetic studies. The report is in pdf format. Web-site DevelopmentThe latest from Zope Newbies. This week, the Zope Newbies Site includes discussions on xml-rpc, optimizing PostgreSQL, paying for web services, and an Athlon 1.33 Ghz box that broke the 20,000 Pystones/sec speed limit. SkunkWeb 3.0 released. Version 3.0 of the SkunkWeb Web Application Server has been released. This version follows several beta version and features fixes for a number of bugs. Window SystemsFLTK 1.1.0b1 is available. Version 1.1.0b1 of FLTK, the Fast Light Tool Kit, has been announced. This release includes many new features. If you are not familiar with FLTK, the FLTK Home Page may be a good place to start. GNOME 2.0 Accessibility Framework early release. The GNOME Foundation has announced the early access release of the GNOME 2.0 Accessibility Framework. The Framework assists users with disabilities as they work with GNOME applications. Much of this work has apparently been contributed by Sun. MiscellaneousLetter to SourceForge users. Here is a letter to SourceForge users (and that's all of us, in one way or another) on VA Linux's plans to sell a proprietary version of the SourceForge system. "By selling proprietary software together with Open Source software, VA is making it easier for its enterprise customers to purchase and deploy SourceForge software. VA Linux will be distributing SourceForge Enterprise Edition to its corporate customers under a combination of the Mozilla Public License (version 1.1) and a proprietary software license." The word is that nothing will change for SourceForge.net users. Section Editor: Forrest Cook |
August 30, 2001
|
|
|
Programming LanguagesCamlCaml Weekly News for August 22 to 28, 2001. The latest Caml Weekl News is available. Topics include a Vim 6.0 OCaml indent file, a binding between OCaml 3 and OpenSLP 1.0.1, and the CamlZip library. FORTRANCaldera Intel developing debugger for Fortran 95. Caldera seems to have decided that its customers want Fortran; the company has announced a joint venture with Intel to add Fortran 95 support to the gdb debugger on both the IA32 and Itanium architectures. JavaThe Go-ForIt Chronicles: Memoirs of eXtreme DragonSlayers, Part 5 (IBM developerWorks). Allison Pearce Wilson covers view beans in an IBM developerWorks article, the fifth in a series on Java. "This article discusses how view beans can solve a common design dilemma -- where to code presentation logic. Allison explains how to use view beans to cleanly separate components in a Web application while still providing a rich user interface." Catching OutOfMemoryErrors to Preserve Monitoring and Server Processes (O'Reilly). Jack Shirazi gives some ideas on the best ways to deal with Java out of memory errors in an O'Reilly article. "Encountering an OutOfMemoryError means that the garbage collector has already tried its best to free memory by reclaiming space from any objects that are no longer strongly referenced." PerlNew list for perl and open source in government (use Perl). There is a new mailing list for the discussion of perl and other open source software in use in government. Perl 5 Porters for August 27, 2001. The August 27, 2001 edition of the Perl 5 Porters digest is out. This week's topics include tricks with vstrings, callbacks in the core, CvMETHOD and ->can(), coderefs in @INC, malloc madness, and more. Perl 6 Porters for August 27, 2001. The August 27, 2001 edition of the Perl 6 Porters digest is also out. Topics include a debate on closures, method signatures, Perl 6 internals, and a module plan for Perl 6. PHPPHP Weekly Summary #51. The August 27, 2001 edition of the PHP Weekly Summary is available. Topics include an updated Universe CORBA extension, changes to rand(), new PDF functions, the Apache 2 module, DOMXML, API changes, and more. PHP Review 0.9.0-rc2 available. Version 0.9.0-rc2 of the PHP Review book review project is available with a number of internal simplifications. PythonDr. Dobb's Python-URL! for August 23. This week's Python-URL! covers topics such as unit testing and GUIs, python IDEs, and a number of software announcements. Python 2.2a2 released. The second alpha of Python 2.2 has been released. Python 2.2 has a number of new features; see Andrew Kuchling's writeup for the full list. PySSH 0.1 released. Version 0.1 of PySSH, the Python module for controlling ssh and scp, has been announced. PySSH is released under the Python license. Python Installer 4a3 released. Python Installer version 4a3 has been released. Python Installers allows you to build self extracting executables out of Python scripts. Python Installer is released under the Old Python Style license. PyInline: Put C source code into Python. Ken Simpson has released PyInline, a module that allows source code from other languages to be installed into Python code. Profiler for multi-threaded Python. Itamar Shtull-Trauring has released threaded_profile, a pofiler for multi-threaded Python programs. RubyThe latest from the Ruby Garden. This week, the Ruby Garden features articles on hidden per-method variables, compression of Ruby libraries, an extension to the Binding class to add reflection capabilities, and more. SmalltalkReport from Camp Smalltalk Essen ESUG 2001. John M. McIntosh writes about ESUG 2001, the Essen Camp Smalltalk conference. Check it out for the latest Smalltalk happenings. Get Smalltalk News Updates Via Email. Monty Kamath has announced a new email list that you can sign up for to receive the latest Smalltalk news and event information. Tcl/TkDr. Dobb's Tcl-URL! for August 25, 2001. Here is the latest Dr. Dobb's Tcl-URL!, which looks at Tcl as a part of an SDL-mediated solution to grab video from your QuickCam. Other video applications that use Tcl are discussed. Integrated Development EnvironmentsBuild Better Java Apps (TechWeb). Here's a review of Lutris Enhydra, a Java application server and development environment that runs on a number of platforms, including several flavors of Linux. "An interesting note: Enhydra can be used on systems ranging from totally open source to completely commercial. Running it on a totally open-source system can save thousands of dollars in start-up costs. However, this assumes that an organization has the infrastructure to keep these systems up and running. This is especially important given the lack of formal tech support for most open-source programs." MiscellaneousAutomake 1.5 is available. Version 1.5 of Automake has been announced, and is available for download. Automake is a tool for generating Makefiles. Version 1.5 brings several new conditional tests, support for Python and compiled Java, along with numerous bug fixes. Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Commerce page. |
Linux and BusinessClusters of LinuxWorld announcements. This week San Francisco hosted IDG World Expo's LinuxWorld Conference & Expo. This large and very commercial Linux event is always accompanied by lots of press releases. New partnerships are formed, new products are announced and demonstrated at this premier event. This year was no exception. But the flood of announcements reviewed by LWN has nothing to do with the today's title. Instead it was prompted by a large number of announcements about cluster solutions. New solutions, deployed solutions, even solutions that can cluster machines running multiple platforms -- and most of the announcements were made in conjunction with LinuxWorld.
Xandros announces strategic licensing agreement with Corel. It seems that an outright sale of Corel Linux wasn't in the cards after all: the new company called Xandros has announced a "strategic licensing agreement" with Corel that allows Xandros to develop and sell the Corel Linux distribution. Xandros is also evidently employing the Corel Linux developers as well. The first release of the distribution will happen "in the coming months." Xandros is funded by the Linux Global Partners, which is also a big investor in Ximian. So when they say "We are now working to incorporate our portfolio companies into the Xandros OS which will provide a complete desktop application for Linux" some interesting things come to mind. HP expands open source offerings. Here's HP's press release describing its latest Linux offerings. They include the "Secure OS Software," a set of security enhancements for the Linux kernel. Also listed is the Embedded Linux Software Platform, the Embedded Software Developer's Network, and a set of management and high-availability tools. SourceForge Portal Edition to run HP Embedded Software Developer's Network. VA Linux Systems has gotten a high-profile sale: according to this press release, the "Portal Edition" of the SourceForge software will be powering HP's new Embedded Software Developer's Network. Product and service announcements from Ximian. Ximian helped start the LinuxWorld stampede with a couple of announcements: First is a set of new services based on Red Carpet. Pay Ximian some money and you can have priority access to the download servers. There's also "Red Carpet CorporateConnect" which is positioned as a system to help companies handle their internal software management and distribution. Mission Critical Linux will be reselling these services as well. Also available is a pair of boxed products. The "Ximian Desktop" is a $29.95 packaging of GNOME and the usual utilities, along with 30 days of support. The "Professional" version ($49.95) throws in StarOffice and 90 days of support. Announcements from MontaVista. MontaVista Software has also come out with a set of announcements for LinuxWorld. The High-availability Framework is a new failover system for compact PCI systems. The company also has announced support for the Intel XScale architecture in Hard Hat Linux. Finally, MontaVista has a "graphics strategy" seemingly designed to please everybody: you can get either "Hard Hat Graphics," based on Tiny X and GTK+, or you can have Trolltech's Qt/Embedded. Red Hat, Compaq, and Pioneer-Standard to sell preloaded E-commerce systems. Red Hat has announced a deal with Compaq and Pioneer-Standard to sell systems loaded with Red Hat's E-Commerce Suite; offerings vary from single systems through five-server clusters. SuSE Linux Database Server. SuSE is getting into the database business. This announcement describes the new "SuSE Linux Database Server" product, which is a version of the SuSE Linux distribution bundled with IBM's DB2. Largo, Florida chooses Bynari groupware. Here's a press release from Bynari Inc. on how the city of Largo, Florida has deployed Bynari's messaging system. "The Insight solution enables Largo's city government to run messaging and collaboration on a Linux-based thin client network in a Windows-free environment. The move saves taxpayers millions of dollars in hardware, software, support, and upgrade costs." Linux Stock Index for August 23 to August 29, 2001.
LSI at closing on August 23, 2001 ... 26.46
The high for the week was 27.28
Press Releases:Open source products
Distributions and bundled products
Proprietary Products for Linux
Hardware and bundled products
Products and Services Using Linux
Products With Linux Versions
|
![[VA Logo]](va.png)