LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
Recent Features
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for October 7, 2004A busy week for the courtsVarious courts in the U.S. have handed down a set of decisions in the last week which have strong implications for the free software community. Here is a quick rundown of what the courts have been saying.
bnetdThe developers of bnetd had a straightforward goal: they wanted to be able to engage in networked gameplay, using their legally-purchased Blizzard games, without dealing with Blizzard's Battle.net servers. So they reverse-engineered the protocol used by Blizzard's games to talk to the server and implemented bnetd, which provides the same functionality. bnetd is licensed under the GPL.Blizzard did not like bnetd. The provision of alternative servers took players of Blizzard's games out of the company's control; it was no longer possible to throw advertisements at players. The Battle.net servers also check the registration key provided by the game client; if the key turns out not to be valid, or if multiple players attempt to use the same key, access to the server will be denied. The bnetd developers never quite got around to implementing the key checks; free software developers have little patience with that sort of thing, and, in any case, Blizzard provides no way for third parties to check the validity of registration keys. Blizzard's response was to send takedown notices, then file suit with a number of copyright infringement and contract claims. On September 30, a U.S. District Court in Missouri agreed with Blizzard, finding the bnetd developers guilty of breach of contract and violation of the anti-circumvention clauses of the Digital Millennium Copyright Act. The full ruling is available in PDF format. The contracts in question are the license agreement for the games and the terms of use for Battle.net. Among other things, these contracts forbid reverse engineering of the software and running services that compete with Battle.net. The court found that the EULA and TOU were binding in all respects. Among other things, a license agreement can forbid reverse engineering in all cases and that is just fine with the court. With regard to the DMCA charges, the court concluded that, by reverse engineering the handshake used to control access to the games' "Battle.net mode," the bnetd developers did circumvent an access control mechanism. In their defense, the developers stated that they fell within the DMCA's exemption for those trying to achieve interoperability. The court disagreed:
The Court find that the defendants' actions constituted more than
enabling interoperability. The bnetd emulator developed by the
defendants always allows the Blizzard game to access Battle.net
mode features even if the user does not have a valid or unique CD
Key, because the bnetd emulator does not determine whether the CD
Key is valid or currently in use by another player. Unauthorized
copies of the Blizzard games were played on bnetd servers. Then,
defendants distributed the bnetd program for free. Because the
bnetd source code was freely available, others developed
additional Battle.net emulators based on the bnetd source code....
Finally, the defendants did not create an independently created
computer program. The bnetd program was intended as a functional
alternative to the Battle.net service. Once game play starts there
are no differences between Battle.net and the bnetd emulator from
the standpoint of a user who is actually playing the game.
It is hard to know how to read this reasoning. Interoperability, it seems, is only a defense if the resulting program does not do anything interesting, and if it is not distributed as free software. The court also found that the developers had violated the DMCA's provisions regarding trafficking in anti-circumvention devices:
The defendants' purpose in developing the bnetd server was to avoid
the anti-circumvention restrictions of the game and to avoid the
restricted access to Battle.net. Thus, the sole purpose of the
bnetd emulator was not to enable interoperability. The bnetd
emulator had limited commercial purpose because it was free and
available to anyone who wanted to copy and use the program.
This language contradicts the court's statement of the "undisputed facts" in the first part of the ruling:
The users of the Battle.net service have occasionally experienced
difficulties with the service. Blizzard has also received
complaints about user profanity and users who cheated to win games
by modifying Blizzard's software ("client hacks")... To address
their frustrations with Battle.net, the defendants joined a group
of non-profit volunteer game hobbyists, programmers, and other
individuals called the "bnet project."
The above is, remember, an undisputed fact. The court chose, however, to ignore that fact and recast the purpose of bnetd to suit its reasoning. On top of that, the idea that bnetd is a circumvention device because it carries a free license is truly chilling. The end result is that Blizzard is able to place strong restrictions on the users of its games, preventing them from communicating via any sort of alternative service. Free software developers have been restricted in the sort of code they can develop, and the value of Blizzard's games for its own customers has been reduced. There are certainly problems with the DMCA which allow this sort of thing to happen. This is, however, also a problem with proprietary software; free software users do not have to cope with restrictions of this type. Unfortunately, it may be a long time before we see free games which offer the sort of experience provided by the best of today's proprietary offerings.
DieboldThe Diebold case was the source of another important ruling (PDF). In this case, Diebold attempted to use the DMCA to shut down distribution of leaked internal messages between its employees regarding problems with Diebold's electronic voting systems. The core of the ruling was that Diebold misused the DMCA by attempting to force a takedown of material which was not copyrightable.
The purpose, character, nature of the use, and the effect of the
use upon the potential market for or value of the copyrighted work
all indicate that at least part of the email archive is not
protected by copyright law. The email archive was posted or
hyperlinked to for the purpose of informing the public about the
problems associated with Diebold's electronic voting machines. It
is hard to imagine a subject the discussion of which could be more
in the public interest.
The Diebold ruling may not affect free software developers directly, but it should serve to put some limits on the use of DMCA takedown notices.
KodakA court in Rochester, NY (Kodak's home town) has found that Sun has infringed upon three of Kodak's patents. Kodak claims that Sun should owe it just over $1 billion for its crime. Intellectual property suits, it seems, are increasingly the strategy of choice for businesses in decline.The patents (numbers 5,421,012, 5,226,161, and 5,206,951) all read about the same; they would appear to describe any of a number of object request brokers or remote procedure call mechanisms. If they are upheld, Kodak can be expected to begin shaking down technology companies across the U.S.; they would be unlikely to limit themselves to those working with Java. This looks like a case with a reasonably high likelihood of being reversed on appeal. In the mean time, it serves as yet another reminder of what software patents are doing to the computing industry in the U.S. Until the U.S. patent system is reformed, these lawsuits will be a constant threat. One can only hope that the parts of the world which do not, yet, recognize software patents are paying attention.
SCOThe SCO group had a minor setback in the IBM case when Judge Kimball denied two of the company's motions regarding scheduling. The ruling is up on Groklaw. The judge had little sympathy for SCO's position:
However, there is nothing in the Amended Scheduling Order that
precludes IBM from filing motions for summary judgment, and there
is nothing in the Scheduling Order that relieves SCO from
responding to such motions. Thus, it is puzzling that SCO seeks to
"enforce" the Amended Scheduling Order when there is nothing in
that Order to justify SCO's request for a significant delay in
filing its responses.
The big ruling - on IBM's motion for a summary judgment on its tenth counterclaim (stating that its Linux work does not infringe SCO's copyrights) - is still pending. (What is also pending, incidentally, is the agreement with SCO's lawyers on putting a cap on SCO's legal costs. SCO may have encountered some difficulties in closing that deal.)
Red Hat acquiring Netscape Enterprise Solutions softwareLast week, Red Hat announced it had reached a deal to buy some of the software from the Netscape Enterprise Suite. Red Hat spokesperson Leigh Day said that the deal has not yet been finalized, but that it is expected to close in the next two weeks. Red Hat is paying $23 million for the software, but what is it getting, and why does the company want to buy software that it could develop instead? Day said that Red Hat is getting Netscape's Directory Server, Certificate Management, messaging and calendering software. According to Day, it was worth spending the $23 million because "Red Hat is gaining a tried and true technology that would take years to develop on its own." The company will also be taking on a team of developers from AOL/Netscape that have been working on the software. Though Netscape was acquired several years ago, the Directory Server software was still under active development. Netscape Directory Server 6.2 was released last December. It doesn't take a marketing expert to divine Red Hat's motives for the acquisition. When going head-to-head with Microsoft or Novell, Red Hat needs a mature directory services and groupware suite. Day confirmed that Red Hat would be using its acquisition to compete directly with directory server offerings from Microsoft and Novell. She also noted that Netscape's software is in use by a number of enterprise and government agencies. Whether Red Hat will gain those customers as part of the acquisition is another question. Day said that Red Hat has not yet announced whether the company would be taking over support for current users of Netscape Security Solutions. She also wasn't sure whether Red Hat's final product would support operating systems other than Linux. Netscape Directory Server currently runs on HP-UX, Solaris, Windows NT and 2000 and Red Hat Advanced Server. Red Hat currently ships OpenLDAP with its enterprise products. What does Netscape Directory Server offer that OpenLDAP does not? Both technologies implement the features of the Lightweight Directory Access Protocol (LDAP), but a glance at the features list for Netscape Directory Services shows that there are several features not implemented in OpenLDAP, including schema updates, server-side sort of search results, and a number of other features. Netscape's software also offers GUI administration tools and tuning tools that are probably a bit more user-friendly than OpenLDAP's tools. In keeping with Red Hat's open source policy, Red Hat will be releasing the software under the GPL, according to Day. As with the Sistina Global File System (GFS) software, it will be between six and twelve months before the code is released. Why such a lengthy process? Day said that Red Hat would use this time to optimize the code for its products, and for a community development process. Day said that the software would also be usable with Fedora, but wasn't sure if it would be released as part of Fedora Core. We also wondered whether any patents would be part of the deal. Netscape was issued several patents related to directory services prior to their acquisition by AOL. Patent 6,366,913 was issued to Netscape for "Centralized directory services supporting dynamic group membership," which no doubt applies to Netscape's Directory Server. Patent 6,094,485, covering a method for "SSL step-up" may apply to Netscape's Certificate Management software. Netscape also was issued patents for an automatic client configuration system, a system for schedule and task management, and others that may apply to the suite of applications Red Hat is buying. Day said that Red Hat's legal team is "probably still looking into that." One hopes that the lawyers are looking carefully, as it would not do to acquire the software while leaving AOL with the patents related to the software. Red Hat may also find need of a defensive patent portfolio in the future. In the long run, this should be very good for the Linux and open source community. The addition of Netscape's directory software and groupware solutions will give Linux yet another feature that it needs to compete with Microsoft in the enterprise market.
Security Inside SELinux on Fedora Core 3Following up on a previous overview of Security Enhanced Linux (SELinux), this article looks more closely at the implementation of Security Enhanced Linux (SELinux) in Fedora Core 3 test2 (FC3). FC3 provides two separate SELinux policies, a default "targeted" policy and the more restrictive "strict" policy. The targeted policy focuses on a handful of specific system daemons and locks down their access while allowing the rest of the system to run using the standard Linux security mechanisms. The FC3 SELinux FAQ describes the reasoning behind the targeted policy:
Initially, when SELinux was included in Fedora Core, the NSA strict
policy was enforced. For testing purposes, this helped to find hundreds
of problems in the strict policy. In addition, it became obvious that
applying a single strict policy to the many environments of Fedora users
was not feasible. Managing a single strict policy for anything other
than default installation was going to require local expertise.
There are 9 daemons currently handled by the targeted policy, all network services of various sorts (httpd, named, snmpd, etc.) and more daemons will be added to the policy in the future. The top-level configuration file (/etc/selinux/config) for SELinux on FC3 allows one to choose which of the policies to use and also what enforcement level to use. In particular, the "permissive" level is useful for finding problems in the policy for a specific installation as it just warns when the policy has been violated. Once the policy has been adjusted, the level can be set to "enforcing," which will cause SELinux to enforce the policies. In addition, the enforcement level can be set to "disabled" which effectively turns off SELinux. Any changes made to the configuration file require a reboot to take effect, but the enforcement level can be changed in a running system using the setenforce command. While changing the enforcement level is painless, the same is not true for changing policies. SELinux uses the extended attributes in Linux filesystems to permanently associate a security context with each file and when changing policies, the attributes of many files in the filesystem must also be changed. The fixfiles command is available to traverse the filesystem and make the required changes based on the information provided in the file_contexts file associated with the policy. file_contexts maps a regular expression describing some subtree of the filesystem (possibly down to an individual file) to a security context and fixfiles (and the related setfiles command) parse this file and set the attributes appropriately. FC3 puts the SELinux configuration in the /etc/selinux directory and the specifics for each policy in /etc/selinux/<policyname>. For example: /etc/selinux/targeted/contexts/file_contexts provides the security context configuration for files in the targeted policy. To support examining the security context of various entities in the SELinux system, the -Z command line parameter has been added to several standard utilities. The ls, ps, and id commands have been modified to display the security context of files, processes and users respectively and are very useful when diagnosing policy issues. To get a sense of what goes into the policy configuration and how complex it is, we examined the targeted policy configuration for the ntpd program. Once the selinux-policy-targeted-sources package is installed, the configuration file for ntpd can be found in /etc/selinux/targeted/src/policy/domains/program/ntpd.te. This file specifies the access that the daemon will be allowed to have and should specify all of the system entities (files, sockets, etc.) that the program needs to access for correct operation. The level of detail required in this file is rather eye opening:
New vulnerabilities cups: information leak
freenet6: file protection problem
net-acct: temporary file vulnerability
netkit-telnet: invalid free pointer
php: information disclosure and file upload vulnerabilities
rp-pppoe, pppoe: missing privilege dropping
samba: unauthorized file access
sharutils: arbitrary code execution
Updated vulnerabilities Apache mod_proxy: denial of service
apache: protected pages vulnerability
apache2: stack-based buffer overflow in ssl_util.c
aspell: bounds checking problem
cdrecord: failure to drop privilege
cups: denial of service
Filename disclosure vulnerability in fam
flim: insecure file creation
Foomatic: Arbitrary command execution in foomatic-rip
FreeRADIUS: denial of service
Gaim: remote code execution vulnerability
gtk2, gdk-pixbuf: buffer overflows
getmail: filesystem overwrite vulnerability
glibc: Information leak with LD_DEBUG
gnome-vfs: backend script vulnerabilities
gtkhtml: malformed messages cause crash
apache2: IPv6 denial of service
imagemagick: buffer overflow vulnerability
imlib2: buffer overflows
iproute: local denial of service
jabberd: remote denial of service vulnerability
kdebase: multiple vulnerabilities
kernel information leak
kernel-utils: setuid vulnerability
lha: stack-based buffer overflow
libpng: multiple vulnerabilities
libxml2 - arbitrary code execution
libxpm4: stack and integer overflows
logcheck: symlink vulnerability
Midnight Commander: extfs vfs vulnerability
mikmod: buffer overflow
mod_python: denial of service vulnerability
mozilla products: arbitrary code execution and other vulnerabilities
mpg123: buffer overflow bug
mpg321: format string vulnerability
neon: buffer overflow
netpbm: insecure temporary files
OpenOffice: information disclosure
openssh: timing attack leads to information disclosure
OpenSSL: denial of service vulnerabilities
pavuk: buffer overflow
php: remotely exploitable memory errors
PuTTY: pre-authentication arbitrary code execution problem
python: buffer overflow
qt3: BMP image parser heap overflow
rsync: path-sanitizing bug
ruby: insecure file permissions
sendmail: pre-set password
sox: buffer overflow
SpamAssassin: Denial of Service vulnerability
squid: buffer overflow
SquirrelMail cross site scripting vulnerabilities
Subversion: Remote heap overflow
subversion: metadata information disclosure
sysstat: temporary file vulnerability
File overwrite vulnerability in tar and unzip
tcpdump: ISAKMP payload handling denial-of-service vulnerabilities
Multiple vendor telnetd vulnerability
wv: buffer overflow
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
zlib: denial of service
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.9-rc3, announced by Linus on September 29. Changes this time include lots more annotations for the "sparse" checker, an NTFS update, a patch causing ICMP "source quench" messages to be ignored, the new I/O memory access functions (see the September 23 Kernel Page), a big set of input driver patches, m32r architecture support, a User-mode Linux update, the merger of the two in-kernel software suspend implementations, a tunable "max sectors" limit for block I/O requests (a latency reduction feature), and a new prctl() option allowing programs to change their name. The long-format changelog has the details.For what it's worth, Andrew Morton estimates that 2.6.9-rc4 will be out "later this week," with the final 2.6.9 release happening about a week after that. Linus's BitKeeper repository contains another big set of "sparse" annotations, the removal of get_cpu_ptr(), a generic, netlink-based network statistics interface, some networking fixes, and a number of architecture updates. Also to be found in BitKeeper is a kernel management style document which Linus quietly committed as "wisdom passed down the ages on clay tablets."
This preemptive admission of incompetence might also make the
people who actually do the work also think twice about whether it's
worth doing or not. After all, if _they_ aren't certain whether
it's a good idea, you sure as hell shouldn't encourage them by
promising them that what they work on will be included. Make them
at least think twice before they embark on a big endeavor
The current prepatch from Andrew Morton is 2.6.9-rc3-mm2. Recent changes to -mm include a reworking of the IRQ subsystem, a set of ext3 online resizing fixes, a "completely fair queueing" I/O scheduler update, the switchable I/O schedulers patch, an I/O write barrier primitive, a security module for BSD secure levels, and lots of fixes. The current 2.4 prepatch remains 2.4.28-pre3, which dates back to September 11.
Kernel development news Quotes of the week
And I have to warn people if they think that the churn is fast
and the rate of change in the networking is high right now, you
have seen absolutely nothing yet. :-)
-- David Miller
The _reality_ is that there is _no_ point in time where you and Linus allow
for stabilization of the main tree prior to release. The release criteria
has devolved to a point where we call it done when the stack of pancakes
gets too high.
-- Jeff Garzik (among others) is concerned about the current development model.
The -mm development treeAndrew Morton's -mm kernel tree now fills the role which might have once been taken by an odd-numbered development series. We don't have 2.7.x; instead, new stuff finds its way into 2.6.x-mm. So it can be interesting to step back, occasionally, and look at what patches are lurking there.2.6.9-rc3-mm2 contains a full 1213 patches. About half of these come from trees managed by various subsystem maintainers; seeing what those are usually requires pulling a separate BitKeeper tree and looking inside. These trees hold patches which are usually (usually!) relatively small and maintenance-oriented. The external trees brought into -mm currently include those dedicated to the ACPI, AGPGART, ALSA, i2c, IDE, IEEE 1394, input, serial ATA, networking, NTFS, driver core, PCI, USB, and SCSI subsystems. Among the other 654 patches in 2.6.9-rc3-mm2 are found:
Mixed in with these big patches is the usual array of architecture updates, subsystem fixes, etc. In other words, -mm is a big patch; it is significantly different from the mainline kernel. For some developers, it is too far removed; David Miller recently responded to a request to test networking changes in -mm this way:
Putting the net stuff into -mm makes debugging of networking
changes harder, as -mm has a ton of experimental stuff in it as
well. -mm frequently makes machines unbootable, and particularly
this is felt on non-x86 platforms such as sparc64 which is where I
do all of my work.
This kind of observation is not new; many developers continued to create their patches on the 2.4 kernel long after the 2.5 branch opened because 2.5 struck them as being too unstable. When one is trying to shake out bugs in new code, it is nice to minimize the number of other unrelated, disruptive changes. That said, -mm continues to be the main staging area for much of the code going into the mainline, and many developers target it specifically with their patches. Given the number of bugs found after patches go into -mm, people are clearly running it as well.
Active memory defragmentation"High order" allocations, in the kernel, are attempts to obtain multiple, contiguous pages for an application which needs more than one page in a single, physically-contiguous block. These allocations have always been a problem for the kernel to satisfy; once the system has been running for a while, physical memory is usually fragmented to the point that very few groups of adjacent, free pages exist. Last month, this page looked at Nick Piggin's kswapd changes which attempt to mitigate this problem somewhat. There are other people working in this area, however.One of those is Marcelo Tosatti, who posted a patch which adds active memory defragmentation to the kernel. At a high level, the algorithm used is relatively simple: to obtain free blocks of order N, start with the largest, smaller blocks you can find, and try to relocate the contents of the pages immediately before and after the block. If enough pages can be moved, a larger block of free pages will have been created. Naturally, this process seems rather more complicated when looked at closely. Not all pages can be relocated; those which are locked or reserved, for example, are not touchable. The patch also declines to work with pages which are currently under writeback; until the writeback I/O completes, those pages must not move. A number of more complicated cases, such as moving pages which are part of a nonlinear mapping, are not handled with the current patch. If a page does appear to be relocatable, it must first be locked and have its contents copied to the new page. Then all page tables which reference the old page must be re-pointed to the new page. Reverse mapping information, if any, must be set correctly. If there is a copy of the page in swap, that copy must be connected with the new page. And so on. Marcelo's patch responds to many of the more complicated cases by simply refusing to move the page. Even so, Marcelo reports good results in creating large, contiguous blocks of free memory. Of course, there are a few glitches, including problems on SMP systems. But, says Marcelo, never fear:
But it works fine on UP (for a few minutes :)), and easily creates
large physically contiguous areas of memory.
It was pointed out that this patch has some common features with a different effort: the drive to support hotpluggable memory. When memory is to be removed from the system, all pages currently stored in that memory must be relocated. In essence, the hotplug memory patches seek to create a large block of free memory which happens to cover a specific set of physical addresses. Dave Hansen described two patches adding hotplug memory support - one done at IBM, and one from Fujitsu. Each apparently has its strong and weak points. Between Marcelo's work and the hotplug patches, there is a significant amount of experience in moving pages aside to free blocks of memory. An effort to bring together those patches into a single one containing the best of each will probably be necessary before any can be merged. But the end result of that work could be an end to problems with high-order allocations.
When should a process be migrated?The performance of modern computers is heavily influenced by how well they use the processor's memory cache. Going to main memory is a slow operation (from a processor's point of view); an operating system which forces main memory accesses too often will run slowly. One of the things the Linux kernel does to optimize cache use is to try to avoid moving processes between CPUs if it is likely that those processes have a fair amount of useful data in the cache. When a process moves, it leaves its cached data behind and must begin populating the new CPU's cache from the beginning. That repopulation requires memory accesses and slows things down.The metric used by the kernel to decide whether moving a particular task is advisable is a scheduling domain parameter called cache_hot_time. If the process has run in the current processor within the "hot time," it is considered to have significant data in the cache and is not moved unnecessarily. In recent kernels, cache_hot_time for processors on non-NUMA, SMP systems is 2.5ms. Kenneth Chen recently did some tests to see if that value makes sense. On his four-processor system, he found that workload throughput with a 2.5ms hot time was 12% below its peak level - which happens with a 10ms value. As it turns out, 10ms was once the default value for the cache hot time; Kenneth proposes that this value be restored. Others have, instead, suggested that a new tunable parameter be provided so that administrators could find and set the optimal value for their systems. Ingo Molnar has come up with a different approach - have the computer figure out for itself what the optimal "cache hot" time is. To this end, his code performs the following steps for each pair of processors on the system:
The time required for the third step is, to an approximation, a worst case scenario for what it costs to move a process when it has filled the local cache with data. Ingo tested the code on a few systems and got optimal values which vary from 5ms (on a four-processor Pentium 4 system) to 87ms (for an eight-processor, semi-NUMA, Pentium 3 system). Clearly, one default value for all systems is not the right answer. This also looks like a good number for the computer to find for itself - assuming subsequent tests show that this patch (or a successor) is finding something close to the optimal value.
Patches and updates Kernel trees
Core kernel code
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials AGNULA/DeMuDi - A Distribution for Musicians and ComposersWhen DeMuDi (Debian Multimedia Distribution) was announced in July 2001, it generated considerable interest. Back in those days, playback of many audio and video formats under Linux suffered from two common perceptions: the difficulty in getting many proprietary formats to produce sound and images on a Linux system, and the question of complying with copyright, encryption, and intellectual property laws while doing so. Although the goals of DeMuDi were much less ambitious than initiating legal fights with the powerful music and movie industry players over the rights of Linux users, the project's name and goals sounded sweet to the ears of many who missed the trouble-free playback of audio and video on their previous operating system.It wasn't long after the initial announcement that the project was renamed to AGNULA (A GNU/Linux Audio Distribution). The term DeMuDi was still used to refer to the Debian-based distribution, which, by then, was joined by a sister sub-project - the Red Hat-based ReHMuDi (Red Hat Multimedia Distribution). This was because AGNULA had received funding worth €1.7 million over 24 months from the European Commission, and several prominent European companies and organizations, including Red Hat France and Free Software Foundation Europe, joined the AGNULA development effort. The objectives of the project also underwent a revision - instead of embracing all of what falls under the term "multimedia", its focus scaled down to cover audio only, with the goal of producing Linux-based operating systems containing software for musicians and composers. By the time funding by the European Commission ended in April this year, the project produced DeMuDi 1.1.0 (based on Debian Woody) and ReHMuDi 2.0 (based on Red Hat Linux 9), as well as a DeMuDi live CD for presentation purposes. Although these releases did not attract much attention in the Linux media -- perhaps due to the specialist nature of the products -- they were much appreciated by many musicians and composers. This prompted the lead developer to continue working on DeMuDi on a volunteer basis, even after funding by the European Commission dried up. Most of the development is now handled by Andrea Glorioso and Free Ekanayaka of Firenze Tecnologia in Florence, Italy. Their continued effort resulted in AGNULA/DeMuDi 1.2.0, which was released last week. Unlike the previous version, this one is a much more up-to-date build based on Debian Sarge and complete with a recent Sarge beta installer with all its features, such as hardware autodetection and autoconfiguration, automatic boot manager setup (GRUB), and a selection of journaling file systems. Additionally, this version includes a custom dialog allowing users to choose from a list of specialist audio applications to install. The installer provides another option - a choice between Fluxbox and GNOME 2.6 desktops, recommending the fast Fluxbox for professionals and the easy-to-use GNOME for first-time Linux users. Once the system is installed and booted, it differs little from most other Linux distribution. However, as soon as you glance under the "Multimedia" and "Audio" menus, you will be quickly reminded about the purpose of this operating system and its usefulness as a comprehensive tool designed to help creative artists. DeMuDi comes with a mind-boggling range of audio tools; here is a brief list of some of the more interesting among them:
DeMuDi is, essentially, the most comprehensive collection of free audio tools for Linux, running on top of a Debian base system. If you've ever thought about putting your musical talent to good use and compose a few original tunes, download the latest version and take a look at what is available. Even if your creation doesn't end up on the Top 40 music charts, DeMuDi is guaranteed to give you hours of free entertainment.
Distribution News Turbolinux 10 Server releasedRemember Turbolinux? The company has just sent out a press release announcing the availability of Turbolinux 10 Server, a 2.6-based distribution with, seemingly, an emphasis on security.
SUSE Linux Professional 9.2 releasedNovell has announced the November availability of SUSE Linux Professional 9.2. The usual new features are included: 2.6 kernel, KDE 3.3, GNOME 2.6, Evolution 2.0, X.org X11R6.8.1, etc. SUSE also claims improved Bluetooth support.
MandrakelinuxMandrakesoft has released the second edition of its live CD distribution, which is now called simply "Move." It is based on Mandrakelinux 10.0, and is intended to be an easy way for new users to start with Linux. "Move is also a great tool for those who want a portable Linux environment. Along the lines of Mandrakesoft's recently released GlobeTrotter, Move lets users carry around both settings and files on a USB key."The release of Mandrakelinux 10.1 Community is the top story in the Mandrakelinux Community Newsletter Issue # 96, which also takes a look some new projects in the cooker, support for LSB 2.0 and several other topics. Mandrakelinux updates the kernel package for 10.0, with prism54 support added to the 2.4 kernel and more enhancements and bug fixes in the 2.6 kernel.
Debian GNU/LinuxThe Debian Weekly News for October 5 is out; it looks at the second Debian Installer testing candidate, the status of the non-US archive, Debian GNU/Hurd K7, and more.Here's the latest update on the progress of the third revision of Debian GNU/Linux 3.0 (woody). DebConf5 will take place July 2005 in Helsinki, Finland. Some funding is available for Debian developers who would like to attend, but can't afford to. This year the organizers are starting early to take advantage of better flight prices and special offers.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of October 4, 2004 looks at the finalists in the website redesign contest, the appearance of Bryon Roche at the international Gentoo PPC developer meeting, and several other topics.
FedoraFedora News Updates Issue 16 is out: FC3test2 has been released, FC1 has been passed on to Fedora Legacy, new documentation for translators, and more in this edition.Fedora Core 2 has updated the following packages due to new kernel scsi filtering: dvd+rw-tools, xcdroast, k3b, cdrdao and cdrtools.
DistroWatch Weekly, Issue 69The DistroWatch Weekly for October 4, 2004 looks at a newsletter for Ubuntu users, OpenBSD 3.6 CDs, Bayanihan Linux and more.
New Distributions GNUstep Live CDThe GNUstep Live CD contains GNUstep software. GNUstep is a a free implementation of the OPENSTEP framework (which was used as the base for Cocoa in Mac OS X).
Minor distribution updates AGNULA/DeMuDi 1.2.0 releasedVersion 1.2.0 of AGNULA/DeMuDi, a Debian distribution oriented around audio applications, is out. "This release is first the 1.2.x series, which sports tighter integration with Debian, using the Sarge Debian Installer and the CDD (Custom Debian Distributions) framework."
Aurox LinuxAurox Linux has released Aurox 10.0 (Amber). "Changes in this release are related mainly to 'core' components of the system: kernel and hardware detection tools."
IPCop FirewallIPCop Firewall version 1.4.0 has been released. This version supports more hardware, uses a LFS (Linux from Scratch) build system, a new GUI and more.
Lineox Enterprise Linux 2.1 ReleasedLineox Enterprise Linux 2.1 has been released with Always Current version and update service, built from Red Hat Enterprise Advanced Server 2.1 sources. for Lineox and Red Hat Enterprise Linux 2.1. Click below for more details.
Trustix Secure LinuxTrustix has added support for more hardware in hwdata and upgrades mod_php4 to 4.3.9 to fix lots of bugs. Click below for details.
Distribution reviews Xandros 2.5: Linux for a Windows Crowd (PC World)PC World takes a quick look at Xandros Linux 2.5. "Want to give Linux a try with little fuss and bewilderment? Xandros may have just what you're looking for. I took a shipping version of Xandros Desktop OS Deluxe 2.5 for a spin and was pleased to find that everything just plain worked."
SimplyMepis 2004.01 Review (Linuxgruven)Linuxgruven reviews SimplyMepis 2004.01. "I have been using Mepis since 2003.10.08. SimplyMepis 2004 continues the excellent user experience and manages to top out any other desktop-oriented distribution that I have used. I originally found Mepis while searching for an affordable option for our undergraduate labs at work. I had been using Xandros Desktop 2.0 since it had been released and was very happy with it. However, Xandros' license agreement was and remains very limiting. Also, I found their file manager to be significantly less flexible than KDE's Konqueror. Mepis offers a similarly straightforward desktop experience while remaining far truer to it's Debian roots. In fact, at the end of the day, Mepis is pretty much just a well-configured and tested Debian desktop distribution with refreshingly little "special sauce" thrown in. Instead, Mepis distinguishes itself by preconfiguring many details, making the menus and defaults clean, and including the best tools for most tasks."
Page editor: Rebecca Sobol Development The R Project for Statistical ComputingThe R project is building an open-source GPL-licensed language for statistical computing and graphics, R has its roots in the S language, which was originally developed by AT&T's Bell Labs. See the Evolution of S document for a complete history of the language. The R project was originally started at the University of Auckland, it now includes a lengthy list of contributors. R is being developed under the guidance of The R Foundation for Statistical Computing.
R can be considered as a different implementation of S. There are some important differences, but much code written for S runs unaltered under R.
R provides a wide variety of statistical (linear and nonlinear modelling, classical statistical tests, time-series analysis, classification, clustering, ...) and graphical techniques, and is highly extensible. The S language is often the vehicle of choice for research in statistical methodology, and R provides an Open Source route to participation in that activity.
The R environment contains an integrated set of software tools including:
Version 2.0.0 of R was released this week. "This new release marks more a coming of age than a radical change of the product. Since the release of 1.0.0 on February 29, 2000, R has developed steadily and settled on a release cycle with a "dot-release" two times per year." New features available in R 2.0.0 include:
If you are looking for an extensive set of tools for visualizing data, R is certainly worth investigating. The source code for R is available from the The Comprehensive R Archive Network (CRAN).
System Applications Audio Projects FLAC 1.1.1 has been releasedVersion 1.1.1 of FLAC, the free, lossless audio codec, has been released. "There is a new changelog with a complete list of changes/fixes/improvements, but the main ones include: almost 2x decoding speedup on Macintosh, better Ogg FLAC support, and several new options to flac and metaflac."
Database Software New test version of knoda 0.7.2-test1 releasedVersion 0.7.2-test1 of Knoda, a database front-end is available. "The main new features: View support for PostgreSQL, Sqlite, and ODBC has been added. The ODBC driver has been improved a lot. Some bugs have been fixed."
PostgreSQL 8.0 Beta 3 ReleasedVersion 8.0 Beta 3 of PostgreSQL has been released. "Its been almost 4 weeks since we've released PostgreSQL 8.0 Beta2, and there have been enough improvements to the code to warrant a new Beta, to reduce the number of "already fixed" bug reports."
PostgreSQL Weekly NewsThe October 5, 2004 edition of the PostgreSQL Weekly News is online with the week's PostgreSQL database development news.
How to Misuse SQL's FROM Clause (O'Reilly)Stéphane Faroult looks at common problems with the SQL FROM clause on O'Reilly. "It may seem surprising to state it so, but the FROM clause of SQL statements seems to be one of the most often misused parts of SQL queries. Misused? How is that possible? We put into the FROM clause all the tables to join together in a query, don't we? Well, well, well. Not quite. At the risk of sounding pedantic, perhaps a bit of (applied) theory would be welcome."
Embedded Systems Embedded Linux Training MaterialsMichael Opdenacker has announced a 500 page training document on embedded Linux systems. "It features 3 trainings (Introduction to Unix and GNU/Linux, Embedded Linux kernel and driver development, Development tools) as well as 4 presentations (Java in embedded Linux systems, Linux 2.6 new features, Introduction to uClinux, Real-time in embedded Linux systems). The 500-page materials are released under the GNU Free Documentation License".
Filesystem Utilities Announcing gnomevfs-mount 0.0.1The initial release of gnomevfs-mount is out. "Since I saw gmailfs, I wondered why gnome does not have a way to mount gnomevfs-uris on the linux filesystem. I have taken a look into fuse and I realized it would be very easy doing the same with gnomevfs."
GParted 0.0.5 releasedVersion 0.0.5 of GParted, the Gnome partition editor, is available. Changes include i18n support, bug fixes, and UI improvements.
Libraries libannodex 0.5.68 ReleasedVersion 0.5.68 of libannodex has been announced. "libannodex is a C library providing a simple programming interface for reading and writing Annodex media. Annodex is an open standards based technology that extends the World Wide Web's hyperlinking, searching, and compositing infrastructure to time-continuous data, enabling video surfing, searching for clips of audio and video files using ordinary Web search engines, and on-the-fly composition of a video on a Web server from previously annodexed clips." This release features improved temporal interleaving, lookahead for the Ogg and Anx importers, improved EOS handling, and more.
liboggz 0.8.5 ReleasedVersion 0.8.5 of liboggz, a C library for working with Ogg format compressed audio streams, is out. Changes include a new oggzmerge tool, a new OggzReadPage API, improvements to the seeking behavior, a seek-stress example program, bug fixes, and more.
libxklavier 1.04 releasedVersion 1.04 of libxklavier, the X Keyboard utility library, has been released. "This release is mostly bugfix. Some compilation problems on non-linux systems are resolved - and a small attempt to resolve some runtime problems was made (without breaking compatibility - more stuff will go into the devel branch to be started soon). Some memory leaks are cleaned up (thanks to kmaraas and valgrind). The only non-bugfix change is introduction of some simple test apps into the package - useful for debugging and as examples."
Mail Software bogofilter 0.92.7 releasedVersion 0.92.7 of bogofilter, a spam filter, is available. "A variety of small fixes have been made to bogofilter and bogotune and to their documentation."
Reporting Application Errors by Email (O'ReillyNet)Sean C. Sullivan shows how to send error messages via email in an O'Reilly article. "Even if your application logs an error to a local file, the developer doesn't know there's a problem until a user notices it and sends the log file back. It can be more useful for apps to email their own error messages back. And as Sean C. Sullivan explains, it's not hard to do with either log4j or java.util.logging."
Networking Tools Pads 1.1.3 Released (SourceForge)Version 1.1.3 of Pads, a signature-based network asset detection engine, is available. "This version of Pads is a feature and bug fix release. It has a new feature that allows MAC addresses to be resolved into hardware vendor names along with minor bug fixes."
Printing Common UNIX Printing System 1.1.22rc1Version 1.1.22rc1 of CUPS, the Common UNIX Printing System, has been released. "CUPS 1.1.22 is a bug fix release which fixes device URI logging, file descriptor and memory leaks, crashes related to printer browsing, and error handling in the browsing code. The new release also adds support for PostScript files from other Windows PostScript drivers."
Security Unicornscan 0.4.2 announcedUnicornscan, an information gathering and correlation engine, was launched this week. "Unicornscan is an attempt at a User-land Distributed TCP/IP stack. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network."
Web Site Development MediaWiki 1.3.5 released (SourceForge)Version 1.3.5 of MediaWiki, the collaborative editing software that runs the Wikipedia free encyclopedia, is out. "MediaWiki 1.3.5 is a security update, which contains a small fix for a potential cross-site scripting vulnerability. All MediaWiki 1.3.x users are strongly encouraged to upgrade to this latest release."
Quixote 1.1 ReleasedVersion 1.1 of Quixote, a Python-based web applications framework, has been released. The CHANGES file lists numerous bug fixes.
Silva 1.1 releasedVersion 1.1 (final) of Silva, a browser-based CMS for creating publications for the web, paper, and other media, is available. New features include XSLT support for rendering Silva objects, an XML export/system, abbr and acronym support, a new parser for the SilvaDocument forms-based editor, and bug fixes.
Whitebeam 0.9.30 ReleaseVersion 0.9.30 of Whitebeam, an XML based web application server, has been released. "This release of Whitebeam exposes a comprehensive server-side JavaScript API to the Postgres database."
NMS Project Needs Help (use Perl)Use Perl has posted a plea for help with the NMS project. "The nms project is a project that provides drop-in replacements for the CGI programs provided by Matt's Script Archive. The idea is to provide users with secure and well-written alternatives to Matt Wright's scripts. Even Matt recommends them. But the project is in danger of becoming a victim of its own success. We have a large number of users which is growing daily. And although we makes the programs as easy to install and use as possible, the... er... inexperience of our users means that we are getting a lot of support requests. We've also got a lot of ideas for enhancements but not enough time to implement them."
Miscellaneous GNOME CPU Frequency Scaling Monitor 0.3 announcedVersion 0.3 of the GNOME CPU Frequency Scaling Monitor (GNOME CPUFreq Applet), is out. Changes include the ability to change the CPU frequency, new and improved governors, and more.
Desktop Applications Accessibility ATutor 1.4.2 ReleasedVersion 1.4.2 of ATutor, a Web-based Learning Content Management System (LCMS) designed for accessibility and adaptability, is out. New features include: "Surveys and unmarked tests, secure content, system wide searching, category based themes, new languages, and more."
Business Applications OpenWFE 1.4.4 released (SourceForge)OpenWFE 1.4.4 is available. "OpenWFE is an open source java workflow engine. It is a complete Business Process Management suite, with 4 components : an engine, a worklist, a webclient and a reactor (host for automatic agents). It can also be used behind the scene. OpenWFE 1.4.4 introduces an important new feature in its process definition language : variable substitution. ${myvar}, when used in the attribute value of a tag gets resolved to the content of the myvar variable. Coupled to an iterator or a concurrent-iterator, it can simplify definitions dramatically."
CAD Seventeenth release of PythonCAD availableRelease 17 of PythonCAD, a Python-based CAD package, is available. "The seventeenth releases of PythonCAD can print! This release includes the ability of the program to generate a PostScript file that can either be sent to a printer or saved directly to a file. Printing support is not entirely complete however, and will be enhanced over the next several release. This release also includes improvements in the user interface for changing existing drawing entities, especially text and dimensions."
Desktop Environments KDE CVS-Digest (KDE.News)The October 1, 2004 edition of the KDE CVS-Digest is available. "Highlights of this week: XML autoindenter in Kate. Rendering speedups in Kolourpaint. New media:/ kioslave. Improved SQL parser in Kexi. Konversation adds support for SSL. Summary of Network-Integrated Multimedia Middleware, from the aKademy presentations."
Xfce 4.2 BETA1 is outThe Beta 1 release of Xfce version 4.2 has been released. "This is the first release based on the 4.1 development branch of Xfce, so inevitably it may include bugs. This beta release introduces many new features in comparison with Xfce 4.0.x."
Desktop Publishing LyX 1.3.5 is releasedVersion 1.3.5 of LyX, a document processor built on top of TeX, has been released. "This is mainly a bugfix release, with few notable user-visible improvements."
Advanced XML-based typesetting and printing (NewsForge)Jonathan Bartlett works with DSSSL, the Document Style Semantics and Specification Language, in a NewsForge argicle. "DSSSL is more than just a styling language like CSS. It is a full programming language, which means you can have stylesheets that are as complex and context-sensitive as you want. You can have if statements, procedures, and loops in your stylesheet, and you can custom-process XML documents yourself. DSSSL is based on the Scheme programming language."
Electronics Oregano 0.3.1 releasedVersion 0.3.1 of Oregano, a schematic capture and circuit simulation package, has been announced. "This release fixes backwards compatibility with GTK 2.2. There some UI bugfixes, Gnome HIG fixes, and Mac OS X support. Some translations are updated, and many are out of date."
XCircuit 3.3.0 releasedVersion 3.3.0 of XCircuit, an electronic schematic drawing package, is out. Changes include a new spice parser and PostScript display improvements.
Games Cyphesis 0.3.4 ReleasedVersion 0.3.4 of Cyphesis has been released. "Cyphesis is a small to medium scale server for WorldForge games, with builtin AI. This version includes the demo game Mason which is currently in development. This release is intended for server administrators wishing to run a Mason server or anyone wishing to work on serverside game development."
G3D 6.04 Released (SourceForge)Version 6.04 of G3D has been announced. "The G3D 3D Engine powers commercial games, graphics research, university courses, and hobbyist projects. You can use it to make your own 3D programs for MSVC 6, MSVC.NET, Linux, and OS X. The 6.04 release adds a new manual and tutorial, OpenGL 2.0 support, easy-to-use access to programmable hardware, and new demos including a network game infrastructure."
Four Cool Ways to Use Neural Networks in Games (O'Reilly)David M. Bourg and Glenn Seeman apply Neural Networks to Game software on O'Reilly. "In our book, AI for Game Developers, we cover many different AI techniques that are used in games. Many of the techniques we cover, such as chasing and evading, pathfinding, finite state machines, and rules-based systems, among others, have obvious applications in games. However, some of the other techniques we cover, such as neural networks, genetic algorithms, and Bayesian techniques, are not as familiar and thus their applications in games may not be as obvious."
GUI Packages PyGTK 2.4.0 announcedVersion 2.4.0 of PyGTK, the Python language bindings to GTK, is available. Changes include wrapping for objects in GTK+ 2.4.0, Enum and Flags wrapping, better constructor integration, threading improvements, bug fixes, and more.
Mail Clients Evolution 2.0.1 releasedStable version 2.0.1 of the Evolution mail client is out. "Evolution 2.0 is the stable version of the 1.5.x development series. It will upgrade your existing 1.4 install if you were not using 1.5 previously, but will not delete it until told to." Numerous bug fixes are included.
Multimedia KPlayer 0.5.2 released (SourceForge)Version 0.5.2 of KPlayer, a KDE media player, has been released. "The new 0.5.2 version features a brand new user manual, whats-this hints throughout the user interface including configuration dialog and file properties, improved mouse wheel support, several other improvements and bug fixes, and new Hungarian and Polish translations."
Office Applications Gnumeric 1.3.91 is outVersion 1.3.91 of the Gnumeric spreadsheet is available. "I would have liked to characterise this as just stabilisation release, but there is more in here than bug fixes. Yaacov Zamir and Morten cleared out lots of old code and synced the cell printing to use the same pango generation we used for display. While that was going on Emmanuel added some nice eye candy to the plots, grid lines. I was surprised by how much they add to the charts. The docs are also shaping up nicely."
Office Suites OpenOffice.org 1.1.3 is outStable version 1.1.3 of the OpenOffice.org office suite has been released. "OpenOffice.org 1.1.3 is ready for use by businesses, enterprises, governments and individuals, and offers near-perfect compatibility with legacy proprietary office suites such as Microsoft Office."
OO.o build-1.3.5.5 releasedBuild 1.3.5.5 of OpenOffice.org is available. "This package contains Desktop integration work for OpenOffice.org, several back-ported features & speedups, and a much simplified build wrapper, making an OO.o build / install possible for the common man. It is a staging ground for up-streaming patches to stock OO.o."
OpenOffice.org NewsletterThe September 2004 edition of the OpenOffice.org Newsletter is online with the latest OOo office suite news.
Web Browsers Firefox 0.10.1 Released (MozillaZine)Version 0.10.1 of the Firefox browser has been announced. "The Mozilla Foundation today released Firefox 0.10.1, which patches a security hole that was discovered this week."
Mozilla 1.8 Alpha 4 Released (MozillaZine)MozillaZine has the announcement for Mozilla 1.8 Alpha 4. "New features include partial support for some new Web standards (such as CSS3), improvements to the popup blocker, keyboard shortcut improvements, virtual folders in Mail and Newsgroups (allowing one to save searches), a spellchecker included by default on Linux and, of course, too many bug fixes to mention."
Miscellaneous GNOME screen ruler announcedA new project, the GNOME screen ruler, has been announced. "This new app lets you measure things on the screen in pixels (inch and millimeter metrics coming soon). This type of ruler is quite popular on OSX. It's useful for graphics artists, GUI designers, maybe others."
viewglob 1.0 released (SourceForge)Version 1.0 of viewglob is out. "viewglob is a tool to increase the usability of the Unix shell by leveraging the expressiveness of graphical environments. It sits as a layer beneath an xterm and watches your bash or zsh shell activity as you type. An interactive GTK+ display shows the layout of relevant directories and highlights file selections and potential name completions. This 1.0 release makes several stability fixes and adds two useful features".
Languages and Tools Caml Caml Weekly NewsThe September 28 - October 5, 2004 edition of the Caml Weekly News is available. Take a look for the latest Caml language news.
Java Reduce code bloat with XDoclet (IBM developerWorks)Sing Li reviews XDoclet on IBM's developerWorks. "The open source XDoclet code-generation engine, an integral part of many leading Java frameworks, is often heralded as an enabler for attribute-oriented programming and continuous integration. But XDoclet also has an undeserved reputation for being difficult for beginning developers to grasp and master. In this article, the ever-popular Sing Li takes on XDoclet and reveals the simple yet elegant design at its heart, enabling you to understand the technology and put it to productive use."
Twice as Nice (IBM developerWorks)Andrew Glover explores Nice on IBM's developerWorks. "Nice is a JRE compatible, object-oriented language that brings tremendous expressiveness to the Java platform. Nice also lets you implement many of the cutting edge features found in Java 5 on any Java virtual machine. In this fourth installment of the alt.lang.jre series, regular contributor and all around "Nice" guy Andrew Glover walks you through some of the most exciting features of Nice."
Lisp SBCL 0.8.15 releasedVersion 0.8.15 of SBCL (Steel Bank Common Lisp) is available. "This version renames the image saving hooks, adds single-stepping of code to debugging facilities, supports saving cores with foreign code loaded, and fixes some bugs."
Using Java with LispBill Clementson has assembled a set of weblog entries on the topic of using Java with Common Lisp.
PHP Scry 1.1 Released (SourceForge)Version 1.1 of Scry, the Simple PHP Photo Album is available. "New features include: pagination, two URL modes, better legacy GD compatibility, easier setup, and optional exif support. Version 1.1 also corrects a number of outstanding bugs reported on SourceForge."
Conduct Web experiments using PHP, Part 1 (IBM developerWorks)Paul Meagher uses PHP to analyze web data on IBM's developerWorks. "This two-part article series offers Web developers a practical introduction to the design of experiments (DOE) and categorical data analysis (CDA). This first part demonstrates how to use PHP to implement an experimental protocol for measuring the effectiveness of a Web-based offer. The second part will examine analyzing the resulting data using CDA tools that we'll implement using PHP."
Python GnomePython 2.6.0 announcedVersion 2.6.0 of GnomePython, the Python language wrappers for the GNOME 2.6 APIs, is out with lots of changes.
Dr. Dobb's Python-URL!The October 4, 2004 edition of Dr. Dobb's Python-URL! is available. Take a look for numerous Python language articles.
python-dev SummaryThe latest python-dev Summary is out with coverage of the python-dev mailing list from September 1-15, 2004.
Tcl/Tk Dr. Dobb's Tcl-URL!The October 5, 2004 edition of Dr. Dobb's Tcl-URL! is out with the week's Tcl/Tk article links.
UML Gaphor 0.6.0 announcedVersion 0.6.0 of Gaphor, a Python-based UML modeling environment, is out. New features include a code reverse engineer plugin, a diagram layout engine, and improved plugin support.
XML Don't Be Afraid to Drop the SOAP (O'Reilly)Sam Tregar explains some problems with SOAP on O'Reilly. "Two years ago I added a SOAP interface to the Bricolage open source content management system. I had high expectations. SOAP would give me a flexible and efficient control system, one that would be easy to develop and simple to debug. What's more, I'd be out on the leading edge of cool XML tech. Unfortunately the results haven't lived up to my hopes. The end result is fragile and a real resource hog. In this article I'll explore what went wrong and why."
Build Tools iCompile Automatic C++ Build System (SourceForge)Version 0.3 of iCompile, an automated C++ build tool, has been released. "This release contains a new manual and several new features like a --quiet option, the ability to automatically build static and dynamic libraries, and new configuration options."
Editors MlView 0.7.0 releasedVersion 0.7.0 of MlView, the GNOME XML editor, is available with a long list of improvements and bug fixes.
Miscellaneous Groovy, Java's New Scripting Language (O'ReillyNet)Ian F. Darwin explores Groovy in an O'Reilly article. "When some Java developers hear about Groovy, their first reaction often is, as mine was, "Oh, no, not another scripting language for Java." We already have, after all, JavaScript and Rhino, Jython, Jelly, BeanShell, JRuby, Tcl/Java, Sleep, ObjectScript, Pnuts, Judoscript, the Bean Scripting Framework (BSF)--which gives access to Perl, TK/Tcl, and more--and many others. But other developers have been hoping for a scripting language with the power of Perl, Python, or Ruby but without having to re-learn everything from the ground up."
Page editor: Forrest Cook Linux in the news Recommended Reading Gaim-Encryption: Simple encryption for instant messages (NewsForge)NewsForge looks at securing chat sessions. "Gaim-Encryption uses a public/private key mechanism similar to the one that PGP uses. When you first run Gaim-Encryption, it generates a set of keys -- essentially secret codes that others can use to communicate with you. By default, the settings for automatically finding out if another Gaim user has Gaim-Encryption is enabled, so when you first IM a person who uses Gaim-Encryption, the public keys are exchanged. From then on, the conversation between the two parties is encrypted during transport; though a snooper could see you're IMing, the message contents will be encrypted."
Desktop Linux is Windows piracy aide (Silicon.com)Silicon.com covers an interesting and somewhat unbelievable Gartner study. "PCs running Linux are growing in popularity in part because they can be loaded with a pirated copy of Windows, according to a study from analyst Gartner. The consulting firm has issued a report stating that about 40 per cent of Linux PCs will be modified to run an illegal copy of Windows, a bait-and-switch manoeuvre that lowers the cost of obtaining a Windows PC. In emerging markets, where desktop Linux enjoys wider popularity, the trend is even starker. Around 80 per cent of the time, Linux will be removed for a pirated copy of Windows."
OSIA to Gartner: Get A Clue over Desktop LinuxOpen Source Industry Australia (OSIA) responds (click below) to a Gartner study on Desktop Linux and piracy. "If Gartner's conclusion that pre-installing Linux encourages people to steal copies of Windows were correct, then we can extend this tenuous logic by stating that pre-installing Windows in turn must clearly encourage people to pirate application-level software; if there was no Windows OS on the PC, then users couldn't pirate other products like Photoshop, Microsoft Office or Dreamweaver which need Windows in order to be used. One can quickly see how this process of thought leads to ridiculous conclusions and we are surprised that Gartner started down this path."
Trade Shows and Conferences Linux: Millennium Momentum (LXer)LXer provides a wrap-up of the Ohio Linux Fest. "A smashingly successful Ohio LinuxFest has just finished, and our on-the-scene (and anonymous) reporter has written an excellent (and at times hilarious) roundup of the event. Congratulations go out to the organizers of the OLF, and a special thanks to maddog for helping them with last minute needs. Well done all!"
The SCO Problem SCO Asks to File Another Overlength Memo (Groklaw)Groklaw covers the latest move in the SCO vs IBM case. "So, we get to read more legalese from the SCO team. zzzzzz First, the Ex Parte Motion. Then I will put up the order. I believe I have discerned their real strategy. Yes, it's "anywhere but here", as IBM attorney Evan Chesler put it at the September 15th hearing. But I detect a water-torture strategy as well. Drip, drip, drip, more memoranda, more motions, more words until we all waive our little white flags from the parapet and beg them to stop at any cost. One thing is for sure. They can't appeal on the grounds that they didn't get to tell the court every last thought they could possibly dream up."
Judge Kimball Denies SCO's 2 Motions (Groklaw)Groklaw has a ruling from Judge Kimball in SCO v. IBM regarding SCO's scheduling motions. SCO loses all the way. "However, there is nothing in the Amended Scheduling Order that precludes IBM from filing motions for summary judgment, and there is nothing in the Scheduling Order that relieves SCO from responding to such motions. Thus, it is puzzling that SCO seeks to 'enforce' the Amended Scheduling Order when there is nothing in that Order to justify SCO's request for a significant delay in filing its responses." This is a minor and expected setback for SCO; the ruling on the first of IBM's summary judgment motions is still pending.
Companies Ballmer calls for horse-based attack on Star Office (Register)Here's the latest set of Steve Ballmer quotes, courtesy of The Register. "He blamed the success of Linux in the public sector on influential academics, who favour it because universities are Unix environments, and politicians reacting to 'noisy constituents - and those Linux people are noisy.'"
Red Hat acquires AOL's Netscape server software (News.com)Red Hat has purchased AOL's Netscape server software. "In a move to add more open-source arrows to its quiver, Linux seller Red Hat has acquired the Netscape server software products of AOL Time Warner, the companies plan to announce Thursday. Red Hat plans to release the Netscape Enterprise Suite as open-source software, meaning that anyone will be able to use, modify and redistribute the products, News.com has learned."
Sun pushes OpenOffice standard (News.com)News.com reports that Sun Microsystems is backing European Union efforts to standardize office document formats. "In a recent letter to the European Commission, Sun President Jonathan Schwartz said he agrees with a recommendation by the EC's Interchange of Data between Administrations unit to establish the format used by OpenOffice.org, an open-source productivity suite based on Sun's StarOffice, as an international standard."
Linux Adoption ATT Tests Linux to Replace Microsoft's Windows on 70,000 PCsBloomberg reports that AT&T is considering deploying Linux on tens of thousands of desktops - or is, perhaps, just trying to get a lower price out of Microsoft. "A surge in virus attacks on Windows spurred AT&T to consider using Linux, [AT&T CIO Hossein] Eslambolchi said. AT&T could also save 50 percent to 60 percent on the cost of desktop software by using Linux, he said."
Interviews Open source lives on Mars with rover mission extension (NewsForge)NewsForge talks with Jeff Norris, a senior computer scientist at NASA's Jet Propulsion Laboratory who headed development of the Martian rovers' Science Activity Planner. "Norris said open source software is not necessarily onboard the Martian rovers, but is instead here on Earth controlling them and communicating with them. He explained that during development, NASA engineers were able to focus on their mission rather than those components that were going to rely on open source."
KOffice Interview (KDE.News)KDE.News talks with David Faure about KOffice. "An office suite is a huge thing to develop. Work is needed in almost every part of it, and it's hard to simply follow users' demands as everyone's 'must have' feature is a different one. More specifically, I can see that the immediate future is going to be: finishing the OASIS file format implementation and working on the document converters to make them use the OASIS format, then looking at whether to rewrite our text engine (as well as KWord and KPresenter) to be based on Qt4's new text engine (dubbed 'Scribe'), which looks very promising."
Neowin Interview : Ben Goodger, chief developer of Firefox (Neowin.net)Neowin.net talks with Ben Goodger about the Firefox browser. "Firefox : 1.0. What's new since 0.9?Lots of things - you can now read RSS feeds in Bookmarks with our new "Live Bookmarks" feature - Feed links become bookmarks inside dynamic folders. We've made a lot of improvements to Find in page to make it less annoying and make the "Find as you Type" highlighting feature more discoverable. Extension Update is now up and running, you can open blocked popups, sort Bookmarks in the menu, and a number of other things"
Resources Windows PCs vs. X Terminals: A Cost Comparison (Linux Journal)Salvador Peralta compares the long term price of Windows PCs to X terminals in a Linux Journal article. Here's his conclusion: "Excluding administrative costs, the 15-year cost of 25 Linux systems in a lab environment is estimated to be $41,359 versus a 15-year cost of $100,000 to $155,000 for Windows PCs serving the same function. Although these estimates are based on rough cost estimates, the overall cost of hardware and software deployment, coupled with the shorter overall time spent on administrative tasks, yields significant cost savings over long-term deployment cycles in our work environment."
What to do if you're involved in code-dispute litigation (NewsForge)NewsForge advises a calm approach to code disputes. "If you run a sloppy project, you're asking for trouble. If you don't know who contributed each piece of code, how to contact them, and when the code was contributed, then you are not properly documenting your work. In addition to having a written agreement with your contributors, you'll also want to form a committee to deal with potential infringement claims. Lastly, you should try to consolidate ownership of the entire code base for the project."
Reviews Programming Tools: Eclipse 3.0.1 (Linux Journal)Linux Journal looks at Eclipse. "Although Eclipse was written in Java and has a well-developed Java IDE, I was curious to see how it would work with languages other than Java and C++. A feature currently in beta testing, pydev, provides a Python IDE within the Eclipse platform. Given the beta nature of pydev, incorporating it into the Eclipse platform went quite well. I tested pydev on some projects I am developing, and it worked adequately. In the future, the promise of Eclipse and its rich set of features makes it a viable contender for a Python IDE."
The future of Linux multimedia (NewsForge)NewsForge takes a look at multimedia on Linux. "Today the biggest Linux multimedia projects, like xine and MPlayer, are about to release full 1.0 versions, which means stable and powerful support. One of the net's biggest multimedia companies, Real Networks, has a brand new release of the ever-popular RealPlayer. Sound drivers via Advanced Linux Sound Architecture (ALSA) are well into 1.0 status, giving us fully functional surround sound and a stable API. As for visuals, The two biggest video card manufacturers, ATI and nVidia, officially support Linux."
SQLite 3.0.7 (Linux Journal)Linux Journal reviews SQLite. "D. Richard Hipp's SQLite database engine has earned a well-respected place in the toolbox of many programmers. Its small size and simple distribution make it a natural choice for standalone and embedded applications. Wide support by many programming languages, including PHP, has made SQLite popular for Web applications that need persistent data storage but don't need the kind of multi-user scaling capabilities provided by server-based solutions."
Miscellaneous Coders win, winners code (NewsForge)NewsForge covers coding contests by TopCoder. "TopCoder announced on September 29 the completion of the final elimination round in the Algorithm Competition portion of its 2004 annual TopCoder Open coding contest. But the real winner may be TopCoder's open source development model, which gives programmers a chance to build enterprise applications for cash prizes."
Page editor: Forrest Cook Announcements Non-Commercial announcements FSFE and Microsoft vs. the ECThe Free Software Foundation Europe reports on the first part of the hearing in the appeal procedure by Microsoft vs. the EC. The Court heard from Jeremy Allison, introduced by Carlo Piana from the Milan-based Tamos & Piana law firm, on behalf of the Free Software Foundation Europe. "My name is Jeremy Allison, and I'm speaking on behalf of the FSFE who is representing the Samba Team, who have a great interest in this case. Samba is one of the few competing products to Microsoft in the Workgroup server market. It is commonly shipped with Linux, but is developed separately. I am one of the original authors of the Samba code, and with my colleague from Germany Volker Lendecke have been working on interoperating with Microsoft software for over 12 years."
Allianz Group will suffer because of software patentsThe Free Software Foundation Europe (FSFE) has sent a letter of protest to the CEO of the Allianz Group over software patents in Europe.
Gluecode Contributes BPM Engine to Apache Software FoundationGluecode Software has announced the contribution of Project Agila, the Apache Software Foundation's first embeddable open source business process management (BPM) engine. To ensure that it conforms to Apache Software Foundation's policies for code contributions, Agila is proceeding through the foundation's standard incubation stage. Once the incubation process is complete, Agila will become part of the Apache Jakarta Project.
LPI announces sponsorship by HP Education ServicesThe Linux Professional Institute has announced new sponsorship by Hewlett-Packard's Education Services. "Hewlett-Packard Germany was providing the sponsorship to LPI international to assist with LPI-German marketing and business development activities in Germany, Austria and Switzerland."
Microsoft FAT patent overturnedThe Public Patent Foundation has put out a release proclaiming its role in the US patent office's action rejecting all claims in Microsoft's patent on the FAT filesystem format. The office's action is available in PDF format for people wanting the details.
OpenOffice.org announces Engineering Steering CommitteeA new OpenOffice.org Engineering Steering Committee has been announced. "Composed of senior developers appointed by the Community Council, the ESC represents the technical groups making up the Project. Its advice therefore will have impact both on the nature and direction of the source, as well as on the processes for code submission and review. Its creation represents a further step in making OpenOffice.org more open to developers."
OSDL Names Thomas Hanrahan Head of Linux EngineeringOpen Source Development Labs has announced the appointment of Thomas Hanrahan as the Lab's new director of Linux engineering. OSDL Lab director Timothy Witham has been promoted to Chief Technology Officer.
Commercial announcements Black Duck Names Open Source Attorney Lawrence Rosen as Senior AdvisorBlack Duck Software has announced that Lawrence Rosen has joined the company as a senior advisor. Rosen, a noted attorney and computer specialist, is the author of Open Source Licensing: Software Freedom and Intellectual Property Law.
CompTIA Linux+ Beta ExamCompTIA is holding the CompTIA Linux+ Beta exam. "For the next eight weeks, anyone interested in demonstrating that he or she has the equivalent of six to 12 months of experience with the latest Linux applications can do so for $75 by passing the CompTIA Linux+(tm) beta exam."
Cray Targets CAE Market with New Cray XD1 SupercomputerCray Inc. has announced the new Cray XD1 Opteron/Linux-based supercomputer. The USDA Forest Service is using the Cray XD1 to predict and track the paths of smoke plumes from wildfires.
IBM Broadens Linux Support for Middleware Industry SolutionsIBM has announced that it is broadening its support of its Middleware Industry Solutions on Linux. "IBM's middleware solutions for various industries include technology from its five software brands (WebSphere, DB2, Tivoli, Lotus and Rational), industry-specific middleware, industry-specific services expertise from IBM and others, and industry-specific application software from IBM's network of ISV partners."
Red Hat to buy back stockRed Hat has announced a stock repurchase plan. "Red Hat ... today announced that its Board of Directors has authorized the repurchase of up to $100 million of the Company's common stock from time to time on the open market or in privately negotiated transactions. 'We believe, that based on current market prices, our stock is undervalued and that it is in the best interest of our shareholders for us to acquire shares in the open market. In addition, our repurchase program will help to offset dilution associated with our employee stock plans,' said Matthew Szulik, Chairman and Chief Executive Officer." One almost wonders if they borrowed the wording from SCO's repurchase announcement.
SpamHippo V2.02 - Email Spam & Virus Protection SystemPathlink Technology Corporation has released a new and improved version of SpamHippo anti-spam and anti-virus email protection system. Available in both server software and commercial outsource email service forms, SpamHippo captures and devours spam and virus ridden email, utilizing spam trapping logic (STL).
Sun Ships New Version of Java PlatformSun Microsystems, Inc. has announced the release of the Java 2 Platform Standard Edition version 5.0. "As one of the largest-scale projects developed through the Java Community Process(SM) (JCP(SM)), J2SE 5.0 involved nearly 160 expert members designing over 100 features that drive extensive developer benefits including ease of use, overall performance and scalability, system monitoring and management, and rich client desktop development." See the New Features and Enhancements document for a technical description of the new capabilities in J2SE 5.0.
New Books "Java Threads, Third Edition" Released by O'ReillyO'Reilly has published the book Java Threads, Third Edition by Scott Oaks and Henry Wong.
Steal This File Sharing BookNo Starch Press has published the book Steal This File Sharing Book by Wallace Wang.
Resources The LDP Weekly NewsThe October 6, 2004 edition of the Linux Documentation Project Weekly News is online with the latest documentation changes.
Contests and Awards Grand Central Communications Unveils New Developer ProgramGrand Central Communications, Inc. has announced "The Golden Spike Developer Contest". The contest is open to all Early Access Program participants, which is also announced in this press release. Developers can submit one or more entries in the following categories: Best Business Process, Best Use of SOAP APIs and Best Use of Rich Client.
Event Reports LAC 2004 recordings now onlineThe recordings of the linux audio conference 2004 are available online.
Audio for RMS talk at SANEAn audio download of Richard Stallman's talk at SANE 2004 is available. "It is a 24MB .ogg file."
Upcoming Events Boston GNOME Summit WikiA wiki site is online for the Boston GNOME Summit, the event will take place in Cambridge, MA on October 9-11, 2004.
TCM Hosts Open Source Enterprise Solutions ConferenceThe Technology Council of Maryland has will be hosting the "Open Source Enterprise Solutions Conference" at the University of Maryland Shady Grove Campus, October 27, 2004. "The conference will deliver insights into how organizations have released their own versions of operating systems based on open source. Representatives of leading corporations and federal agencies will discuss the impact that open source has had on their organizations."
CfP: German Perl Workshop 2005 (use Perl)Use Perl has published a call for papers for the 7th German Perl-Workshop. The event will be held from February 9-11, 2005 in Dresden, Germany.
Randal L. Schwartz and the 'Learning Perl' SeminarHurricane Electric will be holding two commercial educational seminars on the Perl language by Randal L. Schwartz. The events will take place in Fremont, CA on October 30 and November 20, 2004.
2005 MySQL Users Conference: Call for Participation Is OpenA Call for Participation has gone out for the 2005 MySQL Users Conference. The event will take place in Santa Clara, California on April 18-21, 2005.
IBM eServer pSeries, AIX & Linux Technical ConferenceIBM will be holding a technical conference on IBM eServer pSeries, AIX and Linux. The event will take place in Munich on October 26-29, 2004.
Events: October 7 - December 2, 2004
Web sites The SnakeHandlers.net Python SiteSnakeHandlers.net is: "The place to speak in tongues, juggle snakes, and ask your Python Questions!"
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Miscellaneous WIPO mission change effort succeedsA couple of weeks ago, we reported on an effort, sponsored by Brazil and Argentina, to change the official mission of the World Intellectual Property Organization (WIPO). Today, Cory Doctorow reports that this effort was approved by the WIPO General Assembly. "...at the general session of the WIPO in Geneva this weekend, the Assembly [adopted] a decision to put development and the promotion of creativity front-and-center in its goals. That means that from now on, WIPO isn't an organization that blindly supports more IP no matter what, but rather one that seeks to improve the world by whatever tool is best suited to the job."
Page editor: Forrest Cook Letters to the editor Re: "I2O specification"
The I2O specification was kept secret until it leaked. When a copy of the
You're talking about the same man who...
...didn't even see the Internet coming, so shipped the first edition of
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[R]](/images/ns/rlogo.png)
The