LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for March 24, 2005RHEL, kernel vulnerabilities, and days of riskSecurity Innovation has joined the elite group of Microsoft-funded researchers who somehow manage to reach pro-Microsoft conclusions. This company's latest output is a report on the relative security of Linux and Windows web servers [PDF] which states that Windows is more secure, in this role, than Red Hat Enterprise Linux. The group did its work by looking at all of the vulnerabilities fixed by each vendor in 2004 (as designated by CVE numbers), and determining how much time passed between the initial disclosure of the problem and the resulting fix. Windows showed fewer vulnerabilities, and significantly fewer "days of risk" when disclosed problems lacked a patch.Those who want to poke holes in this study should be able to find ample opportunity. Microsoft vulnerabilities are less likely to be disclosed prior to patching, to the point that the median "days of risk" for Windows was zero. The report cautions against writing off "low risk" vulnerabilities, but, somehow, Microsoft simply does not have any "low risk" problems. Either that, or Microsoft doesn't bother to fix them, resulting in many undisclosed "days of risk." Red Hat will also have gotten burned by this libpng vulnerability, which, by mistake, remained unfixed for two years. That's a lot of days of risk, even though no known exploits of this vulnerability took place. Let's focus on one specific claim, however:
There were thirty one [RHEL] vulnerabilities fixed in 2004 that had
more than 90 days of risk, and of these, seven were designated by
ICAT as high severity... Eleven of these vulnerabilities were in
the operating system kernel.
The report does not list the actual vulnerabilities it looked at, so we'll have to try to reproduce that work ourselves. Here's the kernel vulnerabilities fixed by Red Hat in 2004:
The attentive reader may have noticed that this is a rather long list of vulnerabilities. Summed up, it amounts to a total of 2943 days of risk - a substantial portion of the 12,415 days of risk cited in the report. One immediate conclusion is that, in many cases, we are talking about "days of very low risk." The strncpy() information leak was worth fixing, but few people were likely to be overly worried during the 305 days it took for Red Hat to issue updates with that fix. The same is true of the TTY character count leak (737 days of risk). Both ia-64 users could probably live with the floating point leak on that platform (209 days of risk). In other words, many of the vulnerabilities which had a big contribution to the total number of days of risk were of little concern. On the other hand, Red Hat was slow in fixing some important problems. The kmod denial of service and ELF vulnerabilities took months to fix - and they were clearly (locally) exploitable problems. Red Hat is, at times, leaving its paying customers with known security problems for longer than it should. Interestingly, many of these problems were fixed more quickly in other distributions - including Fedora Core. Red Hat's stability goals for its Enterprise Linux line could be an issue here. The need for more stress and regression testing of kernel updates, combined with a clear wish to minimize the number of disruptive kernel updates (many updates fixed several vulnerabilities), is causing those updates to be delayed. Thus, one might draw the ironic conclusion that, if you want the fastest security updates, you're better off not paying for them. There are some more predictable conclusions as well. One is that reports like the one from Security Innovation still do not mean a whole lot. There are too many variables; it is hard to get a handle on which system is truly more secure, and it is too easy to tilt the data in one direction or the other. Of course, one could look at the number and cost of actual security incidents, but these Microsoft-funded surveys tend not to do that. The final, predictable conclusion is this: regardless of how Linux performs relative to other systems, we are not doing nearly well enough. As long as we are producing such long lists of bugs (for a single system component), our claims to security will only hold so much water.
A look at Ubuntu "Hoary Hedgehog" and KubuntuThe Ubuntu team is closing in on its second release. The Ubuntu project announced the preview release for 5.04, better known as "Hoary Hedgehog," on March 10; the final release is scheduled for early April.
For those not familiar with the project, the Ubuntu distribution is based on Debian, but with a six month release schedule, much like GNOME and OpenBSD. Releases are supported, meaning critical bug fixes and security updates, for 18 months. Ubuntu has a bit narrower scope than Debian, however. Ubuntu supports only three architectures, Intel/x86, AMD64 and PowerPC, and has a more limited set of packages (the "main" and "restricted" repositories) to provide updates for. A larger set of packages are available through the "universe" and "multiverse" repositories. The release numbers may seem like version inflation, but actually reflect the year and month of the release, hence 5.04 for Hoary Hedgehog and 4.10 for Warty Warthog -- the first Ubuntu release, from October 2004. We installed the Ubuntu preview release on a Pentium 4 laptop with 1 GB of RAM. The installation was completely painless, requiring minimal user input and a bit of patience while packages were downloaded from the Ubuntu archive. Ubuntu had no problem detecting all of the laptop's hardware. No manual configuration or tweaking was necessary for X.org or anything else. Mileage may differ on other hardware, of course.
To install Kubuntu, we simply followed the instructions on the Kubuntu
documentation page. After running "
Overall, we like the choice of packages that are installed with Ubuntu and Kubuntu by default. Developers and power-users will have to grab additional packages, but for typical desktop use, Ubuntu is ready "out of the box." Users that prefer other applications should be able to find them in Ubuntu's universe repository. For example, this writer still prefers XMMS to Rhythmbox. Though Rhythmbox is the default music player installed with Ubuntu, XMMS is easily added using Synaptic or apt-get. By default, Ubuntu does not set up a password for the root user. Instead, the first normal user set up at install time can use "sudo" to perform tasks, like installing software or configuring a network card, usually done by root. This was a bit off-putting at first for this writer, but after a few days of working with Hoary, it's become second-nature. (In the past, this writer has simply gotten around using sudo on Ubuntu by running "sudo su" and setting a root password and using root normally from there on.)
Even though this is only a preview release, it seems exceptionally solid. Though the preview releases contain a lot of "cutting edge" software, we didn't find any major application bugs or problems of any kind. We've also been grabbing updates on a regular basis since installing Ubuntu Hoary, and it's obvious the Ubuntu team is keeping busy. The only glitches we ran into were, more or less, self-induced. We tried upgrading from the default 2.6.10 kernel that was installed to the 2.6.11 package that's available. For some reason, our system locked up each time we tried to log into GNOME or KDE after installing the 2.6.11 kernel. After going back to 2.6.10, everything ran smooth as silk. There are also 2.4.x series kernels in the Ubuntu Universe repository for users who require the 2.4.x series for some reason, though we didn't test any of those kernels. The Hoary release can be found at http://releases.ubuntu.com/hoary/. Live CDs and install CDs are available for Intel/x86, PowerPC and AMD64. Users who prefer to go the KDE route can download installation media or live CDs from http://cdimage.ubuntu.com/kubuntu/releases/hoary/preview/. The next Ubuntu release is scheduled for October, and has been dubbed "Breezy Badger." Users looking for a cutting-edge Linux distribution that "just works" should try out Ubuntu. The distribution is put together very well, offers an excellent selection of packages and a very active and helpful user community.
GreaseMonkey: a two-edged swordThe Mozilla Firefox extension mechanism is a powerful feature; it gives browser users a great deal of flexibility in controlling how things work. One of the extensions attracting the most attention in the last few months is GreaseMonkey. It is, in fact, a classic example of why free software is a great thing, but also an illustration of how users can be invited to harm themselves.The core idea behind GreaseMonkey is simple: it allows the user to associate JavaScript programs with specific sites on the net. When one of the identified pages (as determined by a regular expression) is loaded, the script gets a chance to rewrite things before the page is displayed. GreaseMonkey is, in other words, a mechanism which enables readers to automatically rework web pages into the form they would have liked them to be in the first place. The GreaseMonkey script repository shows that there is a demand for this capability. Scripts have been posted which:
And so on; the list appeared to be growing as this article was being written. The operators of various web sites will, beyond doubt, get upset if GreaseMonkey use takes off. To anybody who wishes to have a high degree of control over the appearance and use of their site, GreaseMonkey will be a threat. But GreaseMonkey is a clear expression of software freedom: we will control how things work on our own computers. Our tools are written to maximize that control, and there is little that can be done about it. GreaseMonkey does, however, potentially threaten that control in a different way. A tool which encourages users to download and run scripts from random parts of the net would appear to be an open door for security problems. If the browser's sandboxing works properly, a script should not be able to affect the system outside of the browser. But even the mere ability to rewrite HTML is asking for some trouble: how long will it be until some phisher posts a script that, while perhaps doing something useful, also redirects links within financial sites? It is not entirely clear how that sort of problem can be addressed - the same capability which can redirect all New York Times links to the "printable" version can point a password submission form to a third-party site. In other words, while GreaseMonkey is a cool and powerful tool, it should be used with great care. Install a minimum number of scripts, look them over first, and, preferably, write them yourself. As the GreaseMonkey community grows, there will certainly be exploit attempts. Firefox is a relatively secure web browser; it would be a shame to ruin that by inviting in random malware from the net.
Security Attack of the killer CDThis story starts to get a little tiresome: a security researcher has found yet another set of vulnerabilities in the Linux kernel. The researcher this time is Michal Zalewski, who, in the past, has had great luck finding problems by feeding random data to code. It didn't take him too long to find a few ways to crash the kernel with corrupted CD images.The impact of this bug is that anybody who can cause a CD to be mounted can crash the system, and, potentially, obtain root access. Mounting a disk is normally a privileged operation, but many systems are set up to automatically mount a CD (and, perhaps, fire off a file manager window) on insertion. Others are set up to allow unprivileged users to mount a CD on demand. So corrupt CDs are, indeed, a mechanism which could be used to compromise a system. Of course, it is true that anybody who gets into a position where they can insert a CD into the system may well find a way to compromise it anyway. It is hard to defend against an attacker with physical access. Even so, there is no point in making any sort of attack easier. The bugs in this case are ancient; much of the ISO9660 code dates back to the early 1990's, and it hasn't seen a great deal of maintenance since. In some places, values obtained from the filesystem are not properly checked, leading to inappropriate memory accesses. In one other, the check was in place, but the code responds to a corrupt disk by calling panic(), thus creating a nice denial of service situation. There's guaranteed to be other problems which have not yet been found; as Linus put it, "The code is a mess." Other filesystems may have similar problems. An on-disk filesystem is a complicated data structure, and it can be very hard to defend against any sort of corruption. Users are plugging in filesystems more frequently; many consumer gadgets, such as cameras and music players, just look like another disk to the computer. So the opportunities for filesystem-based attacks are growing. Expect more patches as more ten-year-old bugs are found and fixed.
New vulnerabilities dyndnsupdate: multiple vulnerabilities
evolution: message crash vulnerability
firefox: multiple vulnerabilities
kdelibs: dcopserver vulnerability
LTris: buffer overflow
rxvt-unicode: buffer overflow
xloadimage: missing input sanitizing, integer overflow
Updated vulnerabilities a2ps: input validation error
cpio - file permissions error
cURL: buffer overflow
cyrus-imapd: buffer overflows
cyrus-sasl: remote buffer overflow
dhcp: format string vulnerability
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
Ethereal: Multiple vulnerabilities
evolution: arbitrary code execution
f2c: insecure temp files
Foomatic: Arbitrary command execution in foomatic-rip
gaim: client freezes
gettext: Insecure temporary file handling
gftp: missing input sanitizing
ghostscript: symlink vulnerabilities
glibc: Information leak with LD_DEBUG
glibc: tempfile vulnerability in catchsegv script
gnupg: information leak
grip: buffer overflow
groff: insecure temporary directory
gtkhtml: malformed messages cause crash
htdig: cross site scripting
imagemagick: .psd image file decode vulnerability
imagemagick: format string vulnerability
imap: buffer overflow in c-client
imlib2: buffer overflows
IPsec-Tools: denial of service
kdelibs: unsanitzied input
kdenetwork: file descriptor leak
libdbi-perl: insecure temporary file
libexif: improper validation
libgd2: buffer overflows in PNG handling
libtiff: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
luxman: buffer overflow
lvm10: creates insecure temporary directory
mailman: cross-site scripting
mailman: path traversal
MediaWiki: multiple vulnerabilities
mikmod: buffer overflow
mod_python: remote access vulnerability
Mozilla and Mozilla Firefox: out of memory heap corruption
mpg321: format string vulnerability
mysql: several vulnerabilities
MySQL: input validation and temporary file vulnerabilities
mysql-dfsg: insecure temporary files
nasm: Buffer overflow vulnerability
ncpfs: multiple vulnerabilities
netkit-telnet: invalid free pointer
nfs-utils: denial of service
nfs-utils: arbitrary code execution
openslp: buffer overflows
openssl: der_chop script temp file vulnerability
OpenSSL: denial of service vulnerabilities
Opera: multiple vulnerabilities
perl: setuid vulnerabilities
perl: symlink vulnerability
php: multiple vulnerabilities
postfix: error in IPv6 handling
postgresql: EXECUTE privilege vulnerability
python: illegal function internals access
qt3: BMP image parser heap overflow
RealPlayer: buffer overflows
Ringtone Tools: buffer overflow
rp-pppoe, pppoe: missing privilege dropping
ruby: infinite loop
samba: integer overflow vulnerability
sharutils: arbitrary code execution
SpamAssassin: Denial of Service vulnerability
Squid: DNS response handling
SquirrelMail: multiple vulnerabilities
sudo: environment variable sanitizing
sylpheed: buffer overflow
File overwrite vulnerability in tar and unzip
tiff: buffer overflows
UnAce: buffer overflow and directory traversal
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xorg-x11: integer overflows
xpdf: buffer overflow
xpdf: buffer overflow
xpdf: vulnerabilities on 64 bit platforms
zlib: denial of service
Resources Security Innovation's Microsoft/Linux web server security studySecurity Innovation has announced the availability of its (Microsoft-funded) web server security survey which found Windows to be a more secure platform. The document itself is available in PDF format. "For example, CAN-2004-0957 discusses a bug in MySQL's mysql_real_connect() function. This was entered into the MySQL bug database on 4th June 2004, and fixed in the source tree 17th June 2004. However, Red Hat only packaged this fix in RHSA-2004:611, issued on the 27th of November. This problem of the management of fixes from a third-party is a difficult one, and one which could represent a significant challenge to Linux on a go-forward basis."
Events RUXCON 2005 Call for PapersRUXCON ("an attempt to bring together the individual talents of the security community through live presentations, activities and demonstrations") will be held October 1 and 2 in Sydney, Australia. Submissions are due by August 31.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current stable 2.6 kernel is 2.6.11.5, released on March 18.The current 2.6 prepatch is 2.6.12-rc1, released (without an announcement) by Linus on March 18. This huge patch contains, among many other things, a driver for the "trusted computing" TPM chip (see the Trusted Computing Group site for more information on TPM), SuperHyway bus support, a new multi-level security implementation for SELinux, the "cpuset" patch (see cpusets.txt for information on cpusets), a new nVidia framebuffer driver, the device mapper multipath patches, an IPv6 update (including a patch removing the "experimental" designation for IPv6), a patch enabling an administrator to enable a subset of the "magic SysRq" functions, numerous driver updates, the address space randomization patches, a new packet classifier mechanism for the networking layer, a Tiger digest algorithm implementation, the restoration of the Philips webcam driver, some software suspend improvements, a big block I/O barrier rewrite (which enables full barrier support on serial ATA drives), a set of patches to shrink the kernel for embedded use, and high-resolution POSIX CPU clock support (not the full high-resolution timers patch). The details can be found in the long-format changelog. Linus's BitKeeper repository contains some architecture updates, some networking fixes, and an IPv4 multipath implementation. Linus is out of the office this week, so patches are not being merged for a little bit. Andrew Morton, meanwhile, is encouraging developers to work on shortening his list of 140 2.6.12-rc1 bugs. The current -mm tree is 2.6.12-rc1-mm1. Recent changes to -mm include ACPI-based PCI bridge hotplug support, the pluggable TCP congestion avoidance modules patch (see below), and some kernel timer improvements. The current 2.4 prepatch is 2.4.30-rc1, released by Marcelo on March 18.
Kernel development news Device model changes in storeThe Linux device model is a core subsystem which implements various useful device-level functions, including reference counting, sysfs, hotplug event generation, and more. Some of the lower-level device model subsystems were covered in the LWN driver porting series; there is also a device model chapter in LDD3. All of that nice documentation is now threatened with obsolescence, however; a number of device model changes are currently in the works.
Class code changesThe device model "class" code is the mechanism behind /sys/class. Its purpose is to make information about devices (and more) available in a way which is independent of the underlying hardware topology. The largest use of classes, probably, is to export device numbers which can be used (by tools like udev), to create device nodes when hardware is added to the system. The class subsystem, like much of the device model code, has proved to be somewhat complex and error-prone to work with. As a way of making things easier, the "class_simple" interface was added some time ago. This interface handles much of the boilerplate code for allocation of class structures, management of attributes, and life cycle management. Greg Kroah-Hartman has now concluded that class_simple was the sort of interface which was needed from the outset, so he has posted a set of patches which move the full class interface in that direction. With the new interface, class structures are no longer created by the driver. Instead, one is allocated with a call to:
struct class *class_create(struct module *owner, char *name);
This function will allocate the structure, initialize it, and register it with the given name. When the structure is no longer needed, it can be handed to class_destroy(), which will unregister it, decrement its reference count, and, eventually, get rid of it. The class_device structure, which represents a single device under a class, also gets a dynamic allocation function:
struct class_device *class_device_create(struct class *cls, dev_t devno,
struct device *device,
char *fmt, ...);
The devno parameter is the device number; it is used to create the dev attribute for the class device entry. If device is non-NULL, it will be used to create a symbolic link to the appropriate entry under /sys/devices. The name of the device is passed in as a printk()-style format string. Interestingly, a class_device structure is not destroyed directly; instead, the driver should call:
void class_device_destroy(struct class *cls, dev_t devno);
The class code will find the class_device entry corresponding to the given device number and get rid of it. The new functions may just look like some added convenience utilities, but Greg's long-term intent is to phase out the current class interface in favor of the new functions. The older versions, he says, are simply too hard to use correctly. Others may agree with this point, but there have been a few objections to this change. It really does represent a different way of doing things with the driver model. Under the old scheme, class and class_device structures are typically embedded within larger, bus-specific (or driver-specific) structures. The reference counting implemented for the class-subsystem structures also worked for the containing structure. Thus the higher-level code, if written right, did not have to implement separate reference counting and life cycle management for its own structures. The new way of doing things makes it impossible to embed the class structures in this way; they must, instead, be allocated separately and accessed via a pointer. So the bus-level or driver-level code must do its own reference counting for its own structures. The changes are often small. The patch to change the USB subsystem over, for example, adds a kref to struct usb_bus. Then, the function for obtaining a reference to a USB bus structure is changed this way:
struct usb_bus *usb_bus_get(struct usb_bus *bus)
{
if (bus)
- class_device_get(&bus->class_dev);
+ kref_get(&bus->kref);
return bus;
}
So the changes are not all that huge, but, if all users of the old interface are to be switched over, new reference counts will have to be added in a number of places. If this change goes through, look for similar changes to other parts of the device model API in the future.
Delaying hotplug eventsWhen a device is added to (or removed from) the system (more specifically, when a kobject representing that device is added or removed), the kernel generates a hotplug event to inform user space. That event is passed on to a tool like udev, which looks up the device number in sysfs and creates the appropriate device node(s). As it turns out, however, the hotplug event is generated before the sysfs attribute containing the device number is created. So, if the timing works out badly, udev must spin in a loop waiting for the attribute it needs to show up. Kay Sievers has posted a series of patches which addresses this problem by making a change to the kobject API. In particular, kobject_add() and kobject_del() no longer generate hotplug events. Kernel code which uses those interfaces must explicitly generate hotplug events itself through calls to kobject_hotplug(). This change would appear to put extra work on higher-level code, but it has an important advantage: the kobject_hotplug() call can be made after the relevant sysfs attributes have been set up properly. Making the system as a whole work more smoothly is worth a small amount of added complexity. The wrapper functions kobject_register() and kobject_unregister() have not been changed, and still generate hotplug events.
Locking and klistsThe device model implements a shockingly complex data structure which must be protected against concurrent access. Much of that protection is handled by a reader-writer semaphore (rwsem) kept in the top-level subsystem structure. There has been a slow stream of patches aimed at removing that rwsem for a while now; it is seen as inelegant and a performance bottleneck. Pat Mochel has just posted a series of patches aimed at pushing this process forward some more. Many of the structures needing for locking are linked lists. In the current device model code, the standard kernel list type is used to implement these lists. Pat has decided that a new list type, which he calls a klist, is the right way to deal with many of the locking issues in the device core. The klist is built on the regular list_head type, but it adds some interesting properties. The first of those properties is that the real head of the list has a different type (struct klist) from the entries in the list (struct klist_node). So klists are not explicitly circular lists; they have a clear starting point. The klist structure contains a spinlock which is used to serialize access to the list itself (but not to the individual nodes on the list). The set of basic klist functions is rather smaller than the equivalent list_head functions:
void klist_init(struct klist *list);
void klist_add_tail(struct klist *list, struct klist_node *node);
void klist_add_head(struct klist *list, struct klist_node *node);
The node structure is initialized automatically when it is added to the list, so there is no need for the caller to worry about it. The klist_node structures contain their own reference count; as long as the count is non-zero, the node will continue to be part of the list. There are two removal functions:
void klist_del(struct klist_node *node);
void klist_remove(struct klist_node *node);
A call to klist_del() will decrement the node's reference count and return immediately; the entry may still exist on the list at that point. klist_remove() is like klist_del(), but it will, if necessary, sleep until the last reference has been given up and the node has actually been taken off the list. Working through a klist requires the creation of an iterator structure - struct klist_iter. Iteration is started with a call to one of:
void klist_iter_init(struct klist *list, struct klist_iter *iter);
void klist_iter_init_node(struct klist *list, struct klist_iter *iter,
struct klist_node *node);
The first form starts iteration at the beginning of the list, while the second can be used to start at an arbitrary entry within the list. Stepping through the list is accomplished with:
struct klist_node *klist_next(struct klist_iter *iter);
This function will return a pointer to the next node in the list, if there is one. It also will grab a reference to that node, so that it will not go away while the iterating code is working with it. Among other things, that feature makes it safe to call klist_del() on a node while iterating through the list; that node will continue to exist (at least) until klist_next() is called. Also implied is that calling klist_remove() while iterating through a list is a very bad idea; it will wait rather longer than the caller intended. Iteration is ended with:
void klist_iter_exit(struct klist_iter *iter);
This function will release the reference on the last node returned from klist_next() (if any) and stop the iteration. The klist code drew an objection about the obfuscation caused by all of the device model "kfoo stuff." Pat responds that the klist code is, instead, a step toward cleaning up some of that obfuscation. There were not a whole lot of other comments on this patch series. It's worth noting that, as of this writing, none of the patches described above have been merged. They are sufficiently disruptive that, at this point, they may have to wait until 2.6.13.
Pluggable congestion avoidance modulesMany years ago, when the TCP/IP protocols were young, the early Internet went through a bad period. As the number of systems on the net grew, the high-speed (56K) long-haul links which tied the backbone sites together became clogged and the net became very difficult to use. The TCP implementations in use at that time did not understand how to deal with (or even detect) congestion, and, as a result, made the problem worse. Some people began to ask if TCP was going to work at all.Van Jacobson saved the situation with a simple observation: there is no point in sending data faster than the slowest link between the endpoints can handle it, even if the local network connection is very fast. Overwhelming the long-haul link just causes lots of dropped packets, retransmissions, and even more congestion. The solution was to start transmitting data slowly on a new connection, then to ramp up the speed until packets started getting dropped. The optimal speed was deemed to be one at which just a very small number of packets would fail to arrive. That speed would be adjusted over the life of the connection as conditions on the network changed. With TCP tweaked in this way, communicating systems would scale back their transmissions as the network got more congested, but would ramp up when the bandwidth became available. The result was a net which actually worked for everybody involved. It became possible, for example, to download the entire GNU emacs distribution without having to split it into dozens of small pieces first. We had to content ourselves with what we could get in those days. Since then, the net has become much larger, more complex, and faster. The congestion avoidance problem has grown as well, to the point that there are several competing algorithms seeking to provide the best TCP performance while being fair to other network users. Several of these algorithms have found their way into Linux, with a corresponding increase in the complexity of the TCP code. As a way of helping those experimenting with congestion avoidance and eliminating the need to patch the TCP code directly, Stephen Hemminger has posted a new infrastructure which allows congestion avoidance algorithms to be written as pluggable modules. He has also reworked the existing algorithms in the kernel to use the new infrastructure. The result is, among other things, an opportunity to look at how these algorithms work. The core of the TCP protocol is the concept of a "window," being the amount of data which one side is willing to accept from the other at any given time. The window size reflects what the receiving system can handle - how much buffer space it has available - but it says nothing about what the routers in between can deal with. Congestion avoidance algorithms try to account for the slowest link serving a connection with a "congestion window," which is the maximum amount of data which can be in transit without an acknowledgment from the remote end. An ideal congestion window setting will allow a system to maximize throughput on a connection without excessive packet loss rates, and without taking an unfair amount of the shared network bandwidth. Finding that setting is still more of an art than a science. Stephen's patches create a new structure to identify a congestion avoidance algorithm:
struct tcp_ca_type {
void (*start)(struct tcp_sock *tp);
u32 (*ssthresh)(struct tcp_sock *tp);
u32 (*min_cwnd)(struct tcp_sock *tp);
void (*cong_avoid)(struct tcp_sock *tp, u32 ack,
u32 rtt, u32 in_flight, int good);
void (*rtt_sample)(struct tcp_sock *tp, u32 rtt);
void (*set_state)(struct tcp_sock *tp, u8 new_state);
void (*cwnd_event)(struct tcp_sock *tp, enum tcp_ca_event ev);
u32 (*undo_cwnd)(struct tcp_sock *tp);
void (*get_info)(struct tcp_sock *tp, u32 ext, struct sk_buff *skb);
struct list_head list;
struct module *owner;
const char *name;
};
Each of the methods in this structure is a hook into the TCP code which allows the algorithm to obtain information on network conditions and react accordingly:
The TCP "Reno" algorithm is Van Jacobson's original; it remains wired into the kernel in a non-pluggable form (though it can be overridden). The congestion window starts at the min_cwnd() value, and increases by one segment for each sequential acknowledgment received from the remote end until it hits the slow-start threshold. At that point, the congestion window increases much more slowly until it either hits the TCP window size or packet loss happens. When congestion is detected, the congestion window is cut in half (to a minimum of two segments) and the process starts over. The Westwood algorithm is a tweak to the Reno approach. The Westwood code carefully tracks the round-trip times of the packets sent, and uses that information to estimate the effective bandwidth of the network connection. When packets get dropped, the congestion window and slow start thresholds are set relative to that bandwidth estimate. As a result, Westwood tends to back off more slowly than Reno, and should, thus, get better bandwidth overall. Its authors claim that Westwood is especially good for wireless links or other situations where the loss of an occasional packet may have nothing to do with congestion. TCP Vegas also makes use of detailed round-trip time information. In particular, it tries to address a perceived failure in the Reno algorithm, which determines the optimal packet rate by increasing the congestion window until that rate is exceeded. Vegas, instead, monitors changes to the packet round-trip time as the congestion window is increased. If a larger window leads to longer round-trip times, the algorithm concludes that congestion is about to set in and the window is reduced slightly. The Vegas algorithm (or at least the Linux implementation thereof) does not perform well in all environments, so it is not enabled by default. Binary Increase Congestion Control (BIC) [PDF] tries to be smarter about how the congestion window size is adjusted. Among other things, it is aimed at high-performance networks where the TCP window may be quite large. The other algorithms may, in congestion avoidance mode, make large changes to the congestion window which can result in abrupt increases in network traffic. The BIC code combines two algorithms as a way of trying to quickly converge on the proper congestion window while avoiding massive packet dumps. The core technique is a binary search; if the window is to be increased, the point midway between the current value and the maximum size is chosen. Decreases are handled by picking the midpoint between the current value and the threshold. If, however, the endpoints are too far apart, an "additive increase" is done instead - the congestion window is resized by a constant value. The High-speed TCP algorithm is optimized for very fat pipes - 10G Ethernet and such. When things are congested, it behaves much like the Reno algorithm. When the congestion window is being increased, however, the high-speed algorithm makes use of a table to pick large increment values. This approach lets the congestion window get very large (i.e. tens of thousands of segments) quickly, and to stay large, without requiring that the network function for long periods of time without a single dropped packet. The last of the pluggable modules is the TCP Hybla implementation. Hybla is based on the observation that the other algorithms, which use round-trip times heavily in their calculations, tend to be biased against satellite links and other high-latency connections. So Hybla includes a calculation which allows the congestion window to become larger, more quickly, when the round-trip time is very high. In this way, it tries to keep the pipe full enough to make use of the available bandwidth, even though the time to turn around any individual packet is long. Stephen is currently suggesting that this patch set should go into 2.6.13, after a good shakedown period in the -mm tree. There does not seem to be a whole lot of opposition, so things may well happen just that way.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials First Look at Linspire 5.0A new version of Linspire (formerly LindowsOS) was released last week. Unlike the previous versions, which were being produced and marketed at a furious pace, the Linspire developers and beta testers took their time with version 5.0 - it came out exactly 15 months after the distribution's previous stable release - Linspire 4.5. This would indicate that the company's strategy has undergone some changes - there seems to be less emphasis on marketing and hype, and more focus on true usability and feature enhancements to make the product accessible to non-technical users. And indeed, Linspire 5.0 is an excellent, user-friendly distribution with many new features and intriguing enhancements.The release is available for instant purchase and download from Linspire's online store for $49.95. Current active members of the $5/month Click-N-Run (CNR) application warehouse can get it free of charge - either from one of the company's FTP/HTTP servers, or via BitTorrent. Interestingly, the CD image serves both as an installation medium and a live CD, and users have an opportunity to choose one or the other from the initial GRUB boot menu. GRUB makes its first appearance in Linspire 5.0 and it gives an early indication that the distribution now comes with a brand new installer - a more powerful one than any of the installers in previous versions. Naturally, the ultra-simple "take over the hard disk" installation method is still available, but the "advanced" installation option now lives up to its name; it not only allows users to choose a hard disk partition to install Linspire on, it also gives a choice between ReiserFS (default) and Reiser4 (experimental) file systems. Various boot options can also be configured here. Once done, the installer will simply copy the files from the CD onto the hard disk before prompting the user to reboot the system. After rebooting we found ourselves looking at a long GRUB menu listing several operating systems (the installer is capable of detecting and setting up other installed operating systems, both Windows and Linux), as well as two other menu items: "Redetect" and "Diagnostics". The former is useful in case a new piece of hardware has been added to the computer, while the latter allows users to boot into a single-user mode for any troubleshooting, and even provides a diagnostics output that can be forwarded to the Linspire support personnel. The default option will boot into "ldm", a graphical login screen with entries for "Administrator", as well as any available user accounts. The only desktop on the Linspire 5.0 installation CD is a heavily beautified and customized KDE 3.3.2. But underneath the pretty user interface it is still Linux (or Debian GNU/Linux, to be more precise), so what exactly differentiates Linspire from other major Linux distributions on the market? As one would expect from a beginner-friendly operating system, Linspire comes with some exciting usability enhancements. The "Linspire Web Suite" is one of the applications with added functionality compared to the stock Mozilla browser; these include a check-as-you-type spell-checking application (with suggested replacement words), as well as "Hot Words". Hot Words is an interesting technology that auto-highlights words on a web page and brings up a customizable context menu with quick links to search, news, dictionary, thesaurus and other relevant web sites. This feature is turned off by default, but once you get used to the concept, you might find that web browsing is suddenly an altogether different and more pleasant experience. Disappointingly, this feature is not available in Firefox or Konqueror. Linspire has been developing its own set of applications to overcome some obvious difficulties in adoption of Linux on the desktop. The range of these L* applications now includes Lphoto, Lsongs, Lassist and LTorrent, complemented by a web authoring application called Nvu. Some of these have been nicely integrated into Linspire - as an example, Lphoto detects a digital camera storage device in the USB port and offers to import all images into the application. It also provides the ability to organize images into virtual photo albums, launch a slide show, or email images. Lsongs is a media player and a budding competition to iTunes, with options to buy MP3 music files from MP3tunes.com - a new business venture launched recently by Linspire's founder Michael Robertson. Some of these applications still need work before they mature, but as a general rule, they are easy-to-use and add to the overall desktop usability of Linspire. As far as Linspire's view of computer security is concerned, not much has changed since earlier releases, and the default state is still "run as passwordless root". That said, a superuser password can be optionally entered during installation and new user accounts can be created from a configuration screen, right after the first boot. I had a lengthy email exchange about these issues with Linspire's president Kevin Carmony. He insisted that enforcement of passwords and user accounts is an annoying and inconvenient "hoop", similar to enforcing strict airport security or placing 12 extra locks on one's house. More interestingly, he also disclosed that Linspire was sponsoring work "at the file system level that will make the OS more secure than it has ever been before, and all without expecting grandma to jump through complicated hoops." And while on the subject of security, it is worth noting that encryption of users' home directories, a concept so nicely implemented in Xandros Desktop OS 3, is not available in Linspire 5.0. There are many other small ideas that make Linspire 5.0 a truly great operating system for non-technical users. A set of Flash-based audio-visual tutorials guide new users through the very basics of computer usage. File extensions have been properly associated with default applications. Flash, Java, and media playback support are integrated into the default browser. Supermount for removable devices works reliably. The hardware detection and configuration is quite possibly the best in the industry - now also with support for wireless networking, 802.11g, and WiFi profiles. The CNR warehouse, with thousands of Debian packages available at a click of a mouse, nicely compliments the entire package. Even experienced Linux users would surely appreciate all these conveniences that greatly contribute towards more productive use of their computers. Overall, Linspire gets a top mark for their effort at bringing Linux to the masses. Their latest release is not the fastest operating system on earth, but it is beautiful, well-designed, has excellent hardware support, and many small improvements that make computers so much more fun. Highly recommended - not only to grandmas, but also to users who value their time.
New Releases Kubuntu Preview ReleasedThe Kubuntu team has announced the preview of their first release. Kubuntu is a new distribution using Ubuntu and the KDE 3.4 desktop. This release follows the preview release last week of Ubuntu 5.04. The final release of Kubuntu 5.04 will be on April 6th. The preview release includes both install CDs and bootable Live CDs for three architectures.
Distribution News A new Mandrakelinux roadmapMandrakesoft has sent out an announcement detailing a few changes in how the Mandrakelinux distribution will be produced. The company is moving to an annual release cycle; the next scheduled Mandrakelinux release will be "Mandrakelinux 2006," due in the (northern hemisphere) fall. The company plans to have merged all the good stuff from Conectiva by then. There will also be one "transitional" release ("Mandrakelinux Limited Edition 2005") in a few months.
Debian GNU/LinuxThe first call for votes for the Debian Project Leader Election has gone out. All votes must be GPG signed (or PGP signed) with your key that is in the Debian keyring and should not be encrypted. A transcript of the debate is available as are the raw logs of the four channels involved in the debates. The platforms for the candidates are also available. The Vote Page is a good place to find all the available information on this year's election.Enrico Zini has announced the results of the Survey on Debian Usage. "The presentation pages provide some views on the results, which I consider quite successful in giving various insights on our community, as well as some interesting ideas to direct further development."
FRG-0.1.97 Beta GNOME 2.10.0 packages for Slackware 10.1 (GnomeDesktop)New versions of the GNOME 2.10.0 packages for Slackware have been announced. "This is our 6th testing release of GNOME 2.10.0 packages for Slackware. The packages are stable. We wanted to annouce this release to get wider testing of the packages. So test them and send feedback. See the support section of the website for contact details."
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for March 22, 2005 is out. This week's edition looks at the license of the Linux kernel (GPL v2) with speculation about what happens after GPL v3 is released, the third release candidate for the Debian-installer, the Creative Commons 2.0 Licenses, resurrecting old PCs with Debian, and more.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of March 21, 2005 looks at additions to the documentation collection, difficulties with Acrobat Reader 7 for Linux, reasons for Gentoo/FreeBSD, a summary of PPC meeting, Xen, and several other topics.
DistroWatch Weekly, Issue 92The DistroWatch Weekly for March 21, 2005 is out. "Two "newbie-friendly" distribution releases appeared on the scene last week - one of them a very nicely designed product with superb usability and great, innovative features (Linspire 5.0), while the other is a promising new product, which is let down by a poor installer, obvious bugs and lack of polish (Ark Linux 2005.1). On the BSD front, a new initiative to create a BSD certification programme is under way. Happy reading!"
Minor distribution updates Ark Linux 2005.1 ReleasedArk Linux has released Ark Linux 2005.1. "Ark Linux 2005.1 is built around the latest desktop technologies, including KDE 3.4, OpenOffice.org 1.1.4 (a preview of 2.0 is also available on the Ark Extra Software CD), glibc 2.3.4, X.Org 6.8.2, and kernel 2.6.11." (Found on KDE.News)
Devil-Linux v1.2.4 releasedDevil-Linux v1.2.4 has been released. "The changes include a critical security fix for PAX, fixes for serial console support, various program updates and a few new Perl modules."
Pingwinek GNU/Linux 1.0preview1Pingwinek GNU/Linux has released the first preview of version 1.0 in a live CD with GNOME 2.10. (Found on GnomeDesktop)
Gnome Live CD customized for Chinese Available (GnomeDesktop)Gnome Desktop covers a live CD in Chinese with GNOME. "Base on Ubuntu Live CD to customize for Chinese is ready for download. This CD is especial suitable for Tradition Chinese user, and also Simpified Chinese user."
Package updates Fedora updatesFedora Core 3 updates: libgal2-2.2.5-1 (bug fixes and updated translations), libsoup-2.2.2-1.FC3 (upgrade with bug fixes), evolution-data-server-1.0.4-3 (numerous bug fixes), evolution-2.0.4-1 (numerous bug fixes), evolution-connector-2.0.4-1 (numerous bug fixes), selinux-policy-targeted-1.17.30-2.89 (backport rawhide changes, bug fixes), policycoreutils-1.18.1-2.10 (updates), gimp-2.2.4-0.fc3.3 (fixes some barfing and crashing), procps-3.2.3-5.2 (bug fixes), lsof-4.72-2.1 (src.rpm cleanup), lockdev-1.0.1-4.1 (fix lockdev errors), boost-1.32.0-5.fc3 (bug fixes).
Mandrakelinux update MDKA-2005:015Mandrakelinux has fixed several bugs in KDE for ML 10.1. Click below for the gory details.
Trustix Secure Linux Bugfix Advisory #2005-0010Trustix has fixed bugs in cpplus, setup and squid for TSL 2.2. Click below for gory details.
Newsletters and articles of interest For network security, build a m0n0wall (NewsForge)NewsForge explores M0n0wall, a FreeBSD based firewall. "M0n0wall has a nice Web interface for configuring firewall settings. Most of the configuration can be done via the Web interface and all the values are stored in a single XML file. The configuration can be saved on a diskette, hard disk, or external storage card. This makes it easy to deploy several firewalls with a similar hardware setup."
Distribution reviews Linux in Government: Linux Desktop Reviews, Part II (Linux Journal)Linux Journal takes a look at Novell Linux Desktop 9. "Novell has a long history of providing support, training, back-office functionality, innovation in managing desktops and networks and a significant partner ecosystem. Since the company embraced the open-source model with the purchase of SUSE and Ximian, it has transformed the open-source model into one of maturity."
Arch Linux: Why It Rocks (OS News)OSNews reviews Arch Linux. "Arch is an i686-optimized Linux distributions based upon the ideas of CRUX and Slackware. It incorporates their stability, speed and most of all, their keep-it-simple philosophy. When Judd Vinet started Arch towards the end of 2001 he did it because he needed n operating system that resembled CRUX or Slackware but with a package manager that had the ability to track dependencies. So he sat down, used LFS to put together his distro and wrote 'pacman' from scratch, his minimalistic and yet very usable, package manager."
SUSE LINUX 9.3 Professional ReviewNovell's Cool Solution reviews the current beta of SUSE Linux 9.3. "All the buzz about the release of SUSE 9.3 Professional got me excited. This very morning, I downloaded and installed SUSE Linux 9.3 Professional beta 4. The installation is similar to 9.2 though the screens seem crisper. It has definitely had some work, as it will do an md5sum check on the installation media to make sure it's not been corrupted. Also, when Grub was installed, it recognized the other bootable partitions. It put these partitions into the Grub menu automatically. It did not do this in previous versions. That's all I'm going to mention about the installation. Instead, let's take a look at some of the changes you'll in the newest version of SUSE when you are actually using it."
My Workstation OS: Gentoo (NewsForge)Here's a quick look at Gentoo, on NewsForge. "What separates Gentoo from other GNU/Linux distributions? It isn't really a distribution. It's more of a meta-distribution, a collection of tools that manage the "from scratch" approach. It doesn't have any packages per se, just ebuilds that describe where the source packages can be downloaded, and how to include your specified compilation preferences in the process."
Linspire 5.0 raises the desktop Linux standard (Techworld.com)Techworld takes a look at Linspire Five-0. "Linspire, the company once known as Lindows, has released its latest Linux version, Linspire Five-0. More than a year in the making and with more than 1,200 improvements, the company reckons the new product "boasts enhancements in every core application and provides the most secure, reliable and easy-to-use desktop Linux experience available for home, business and school users.""
Page editor: Rebecca Sobol Development GRASS GIS Version 6.0.0Version 6.0.0 of GRASS GIS, the Geographic Resources Analysis Support System Geographic Information System, was recently announced. The project is summarized on the freegis.org site:
GRASS GIS (Geographic Resources Analysis Support System) is a Free Software Geographical Information System (GIS) with raster, topological vector, image processing, volume voxel management/visualization, 2D/3D vector engine with vector network analysis and graphics production functionality that operates on various platforms through a graphical user interface and shell in X-Window.
![[GRASS GIS]](/images/ns/grassgis.png)
GRASS GIS is written in the C language, it runs on a wide variety of operating system platforms, and it has been licensed under the GNU GPL. GRASS GIS is suitable for use in a wide variety of applications, it is used in the scientific domains of Geography, Landscape ecology, Urban planning, Biology, Geophysics, Hydrology, and Geostatistics. Version 6.0.0 of GRASS GIS adds many new features, with a focus on Vector geometry features:
GRASS GIS is well documented, the GRASS Documentation Project has links to manual pages, books, tutorials, and more. New documentation for this version includes a GRASS 6.0 Vector Tutorial, GRASS GIS 6.1.cvs Reference Manual, and a version 6.0.0 Programmer's Manual. A set of online screenshots show various uses of the software. The software is available for download in both packaged and source code formats here.
System Applications Audio Projects Planet CCRMA ChangesThe latest changes from the Planet CCRMA audio utility packaging project include a new version 2.6.11 Linux kernel, changes to the ALSA packages, and more.
Clusters and Grids Simple Grid Protocol 1.0Version 1.0 of the Simple Grid Protocol is out. "Brendan Kosowski has released Simple Grid Protocol 1.0, the first public release of a grid computing package. The system, which runs on the GNU CLISP Common Lisp implementation under Linux/BSD, "Allows computer programs to utilize the unused CPU resources of other computers on a network or the Internet"."
Database Software Firebird 2.0 Alpha-01 ReleaseThe Alpha 01 release of the Firebird version 2.0 database is out. "This release contains a large number of new features, including derived tables, support for Execute Block, increased table sizes, new improved index code (the 252-byte index length limit is no longer applicable), expression indices, numerous optimiser improvements, enhanced security features, support for on-line incremental backups along with numerous other improvements and bug fixes."
knoda 0.7.3 releasedVersion 0.7.3 of Knoda, a database frontend, is out with bug fixes and lots of new features.
PostgreSQL Weekly NewsThe March 19, 2005 edition of the PostgreSQL Weekly News is out with the latest news and resources for the PostgreSQL database.
Modifying Slony Clusters (O'ReillyNet)A. Elein Mustain works with Slony in an O'Reilly article. "Slony is the intended replication project for the PostgreSQL database. As you might expect, it supports changing your cluster's configuration. A. Elein Mustain demonstrates how to add nodes, switch masters, fail gracefully, and change schemas with Slony."
Filesystem Utilities Monitoring RAID with NetSaint (O'Reilly)Dan Langille monitors a RAID array on a NetBSD system with NetSaint (renamed Nagios). "In my previous article, I talked about my RAID-5 installation. It has been up and running for a few days now. I'm pleased with the result. However, RAID can fail. When it does, you need to take action before the next failure. Two failures close together, no matter how rare that may be, will involve a complete reinstall"
Interoperability Samba 3.0.12 Available for DownloadStable version 3.0.12 of Samba has been released with bug fixes and new features. "Samba 3.0.12pre1 introduces a specific mechanism for dealing with file services that frequently contain a large number of files per directory. Historically Samba's performance has suffered in such environments due to the translation from case insensitive lookups by Windows client to the case sensitive storage mechanisms used by UNIX filesystems."
Mail Software Bogofilter 0.94.1 ReleasedVersion 0.94.1 of Bogofilter, a bayesian email spam filter, is out. "The big change since the stable release (version 0.92.8) is that Berkeley DB support now includes the Transaction API to allow multiple readers and writers for wordlists and to provide insurance against program or system crashes. "
Printing Tea4CUPS 2.00 announcedVersion 2.00 of Tea4CUPS, a command that allows files to be submitted to multiple printers in the manner of the tee command, is out with many improvements.
Web Site Development Online Grades 3.1.0 Released (SourceForge)Version 3.1.0 of Online Grades, a web based grade posting system, is out. "I am proud to announce that Online Grades has released its newest version 3.1.0. The latest version contains numerous bug fixes, including many related to PHP E_ALL setting. We have also improved the update checker in this release; in the past it was checking on every page load, now it will only check on the main page."
Introducing Hamlets (IBM developerWorks)Rene Pawlitzek introduces Hamlets on IBM developerWorks. "Servlets are a key component of server-side Java development, but despite a number of attractive traits, servlets do not support or enforce the separation of content and presentation. To master that functionality, René Pawlitzek proposes Hamlets -- servlet extensions that provide this functionality within a lightweight framework implemented with less than 500 lines of Java source code."
Desktop Applications CAD PythonCAD release 23Release 23 of PythonCAD, an open-source CAD application, is out. "The twenty-third release contains a several bug fixes, the largest of which is the correct restoration of dimension string text properties when the deletion of a dimension is undone. Another fix included in this release is the removal of some deprecated constants flagged by the 2.6 PyGTK release when they are encountered. This release also features the beginnings of the scripting enhancements planned for PythonCAD."
Data Visualization matplotlib 0.73.1 is availableVersion 0.73.1 of matplotlib, a Python-based data plotting package, is out. Changes include a new contour functionality, native font support for PostScript, a figure method for the colorbar, and more. See the what's new document for details.
Desktop Environments GNOME Software AnnouncementsGNOME Software Announcements The following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE CVS-Digest (KDE.News)The March 18, 2005 edition of the KDE CVS-Digest has been published, here's the content summary: "KDevelop adds a security problem detector plugin. Digikam adds a white balance plugin. khtml implements Javascript window.atob/btoa. Cervisia implements folding/unfolding selected folder. Request for comments on the new KDE multimedia Framework."
Xfce 4.2.1.1 releasedVersion 4.2.1.1 of Xfce is available. "Xfce 4.2.1.1 has been released quickly after 4.2.1. It includes a fix for a bad bug where panel loses its configuration when saving the session in 4.2.1."
Financial Applications SQL-Ledger 2.4.11 releasedVersion 2.4.11 of SQL-Ledger, a web-based accounting system, is out. It features better error checking, bug fixes, and translation work.
GUI Packages FLTK NewsThe latest news from the FLTK project include the release of Glito 1.1, an IFS fractal generator, and a new publication of the FLTK Human Interface Guidelines.
Mail Clients Mozilla Thunderbird 1.0.2 Released (MozillaZine)Version 1.0.2 of Mozilla Thunderbird, an email client, has been announced. "Consisting of security and stability fixes, this version is an essential upgrade for all Thunderbird 1.0 users."
Music Applications njl-plugins 0.2 releasedVersion 0.2 of njl-plugins, an suite of LADSPA plugins that implements the continuous Risset scale, is available.
Office Applications DataVision 0.9.2 released (SourceForge)Version 0.9.2 of DataVision has been announced, it includes new features and bug fixes. "DataVision (http://datavision.sf.net) is an Open Source reporting tool similar to Crystal Reports. Reports can be designed using a drag-and-drop GUI. They may be run, viewed, and printed from the application or exported as HTML, XML, PDF, LaTeX2e, DocBook, or tab- or comma-delimited text files. The output files produced by LaTeX2e and DocBook can in turn be used to produce PDF, text, HTML, PostScript, and more."
Science J-Bird version 0.4.4 (alpha) (SourceForge)Version 0.4.4 alpha of J-Bird, a listing application for bird watchers, is out. "New to this release: The interface has been converted from a hybrid AWT/Swing interface to purely Swing. Desktop shortcuts have been improved on MS Windows and Linux by upgrading the installer to the latest version."
Web Browsers Firefox 1.0.2 releasedFirefox 1.0.2 is out with fixes for three new security problems. See the 1.0.2 release page for information and downloads.
Mozilla 1.7.6 Released (MozillaZine)Version 1.7.6 of the Mozilla browser has been announced. "Mozilla 1.7.6 includes several security updates and fixes for a number of other bugs, including some crashers."
Mozilla Firefox and Thunderbird 1.0.2 Release Candidates (MozillaZine)Release candidate builds 1.0.2 of Mozilla Firefox and Mozilla Thunderbird have been announced. "Asa Dotzler has announced the availability of Mozilla Firefox 1.0.2 and Mozilla Thunderbird 1.0.2 release candidate builds. Testers have been asked to focus on a few areas in particular, including drag and drop, iframes in XUL windows, the state of the lock icon when navigating to named anchors on secure pages and bookmarked pages in the sidebar. If no significant problems are found, Firefox 1.0.2, Thunderbird 1.0.2 and Mozilla 1.7.6 will likely be released next week."
Independent Status Reports (MozillaZine)The March 20th, 2005 Mozilla Independent Status Reports have been announced. "The latest set of independent status reports includes updates from chatnsearch, YellowMapBar, galician, SpurlBar, PasswordMaker, Proxybutton, Flashblock, telugutoolbar, biobar, TrustBar, WebmailCompose, easyGestures, modifyheaders, XHTMLMP, Browse Images, Maple, Padma, MAF, cucbcflag and InFormEnter."
Minutes of the mozilla.org Staff Meeting (MozillaZine)The minutes from the March 14, 2005 mozilla.org staff meeting have been announced. "Issues discussed include Mozilla 1.8 beta 2, Security Updates, Firefox/Thunderbird 1.1, Seamonkey Transition and Mozilla China."
Miscellaneous Alexandria 0.5.0 (GnomeDesktop)Version 0.50 of Alexandria, a book collection manager for GNOME, has been announced. "This release introduces amongst other things the possibility to generate XHTML Web pages (themable with CSS) from your libraries, book information retrieval from the Spanish Ministry of Culture, loaning support and a lot of bug fixes and usability/performances improvements!"
iPodder version 2.0 is released (SourceForge)Version 2.0 of iPodder, a cross-platform interface to portable MP3 players, has been released, although the Linux version is not yet available. Changes include a redefined GUI, a streamlined subscription process, improved cleanup capabilities, proxy support, threaded scans and downloads, and more.
Languages and Tools Caml Caml Weekly NewsThe March 15-22, 2005 edition of the Caml Weekly News is online with the week's Caml language articles.
Java GNU Classpath 0.14 releaseRelease 0.14 of GNU Classpath is out. "GNU Classpath, essential libraries for java, is a project to create free core class libraries for use with runtimes, compilers and tools for the java programming language. The GNU Classpath developer snapshot releases are not directly aimed at the end user but are meant to be integrated into larger development platforms. This 0.14 release snapshot can be seen as the feature complete base library that will be used in the upcoming GCC 4.0 (gcj) and Kaffe 1.1.5 runtimes, compilers and tools collections."
Buoy makes simple Java UI programming a snap (IBM developerWorks)Peter Seebach introduces Buoy on IBM developerWorks. "Buoy, a free user-interface (UI) tool kit built on top of Swing, offers convenience and simplicity to UI developers. In this article, developer and writer Peter Seebach takes a look at what Buoy does and why it works, using a simple fractal UI program."
Screen-scraping with XQuery (IBM developerWorks)Brian Goetz scrapes screens with XQuery on IBM developerWorks. "XQuery is a W3C standard for extracting information from XML documents, currently spanning 14 working drafts. While the majority of interest in XQuery is centered around querying large bases of semi-structured document data, XQuery can be surprisingly effective for some much more mundane uses as well. In this month's Java theory and practice, columnist Brian Goetz shows you how XQuery can be used effectively as an HTML screen-scraping engine."
Lisp ParenScript 0.1.0 announcedInitial release 0.1.0 of ParenScript, a Lisp to JavaScript translator, is out. "According to the author, "ParenScript is a simple language that looks a lot like Lisp, but actually is JavaScript in disguise. Actually, it is JavaScript embedded in a host Lisp. This way, JavaScript programs can be seamlessly integrated in a Lisp web application." ParenScript is written in Common Lisp."
Overview of the CLOS MOP - parts 1 and 2A two part series on MOP, the Meta-Object Protocol of CLOS, the Common Lisp Object System, has been announced. "In the first posting, we saw how to create custom slot definition objects, and how to add new slots to a class definition. In this posting we will see how we can use these custom slot objects to control slot access to our indexed objects."
Perl Symbol Table Manipulation (O'Reilly)Phil Crow works with symbol tables under Perl on O'Reilly. "My purpose here is not really to introduce you to this beautiful module. Instead, I'll explain how to build façades like this. To do so, I'll work through another, simpler CPAN module called Class::Colon. It turns colon-delimited files into classes and their lines into objects. Here's an example from a checkbook application. This program computes the balance of an account on a user-supplied date or the end of time if the user doesn't supply one."
Python Python 2.4.1, release candidate 2Release candidate 2 of Python 2.4.1 is available. "Python 2.4.1 is a bug-fix release."
Dr. Dobb's Python-URL!The March 18, 2005 edition of Dr. Dobb's Python-URL! is out with the latest collection of Python language articles.
python-dev SummaryThe March 1-15, 2005 edition of the python-dev Summary has been published. Take a look to see a summary of the python-dev mailing list activity.
Ruby Ruby Weekly NewsThe March 20th, 2005 edition of the Ruby Weekly News has been posted. It summarizes the latest news and discussion from the ruby-talk mailing list.
UML Unified Modeling Language version 2.0 (IBM developerWorks)Bran Selic discusses UML 2.0 on IBM developerWorks. "So-called "model-driven" development (MDD) methods, which are based on higher levels of abstraction and greater use of automation compared to traditional methods, have already demonstrated their potential for radical improvements in the quality of software and the productivity of development. Since the role of modeling languages is crucial to the success of MDD, a major revision of the industry-standard Unified Modeling Language (UML) was recently completed. While several important new modeling capabilities were added -- such as the ability to more accurately capture software architectures -- the dominant characteristic of this revision is the heightened precision of the language definition that enables greater levels of automation. This article explains how this was achieved and also describes other highlights of UML 2.0."
XML Tracking Packages with RSS (O'Reilly)Yakov Shafranovich uses RSS to track package shipments on O'Reilly. "With the increasing popularity of RSS and Atom, syndication is beginning to be used for many more innovative purposes than simply distributing website updates. In this article I want to show how to simplify such mundane tasks as tracking packages by converting tracking data into an RSS 2.0 feed."
Writing and Reading XML with XIST (O'Reilly)Uche Ogbuji works with XIST on O'Reilly. "XIST is a very interesting project I've been meaning to dig into for some time. If you've been following the news section at the end of each of these columns, you'll have noticed the steady work that Walter Dörwald, the project leader, has put into this toolkit. It started out as a framework for generating HTML and incidentally XML, but the XML facilities have steadily grown and matured, until it is now a sophisticated system for not only generating, but also processing, XML."
Profilers OProfile 0.8.2 has been releasedVersion 0.8.2 of OProfile, a system-wide profiler for Linux, is available. Changes include support for PPC64 and MIPS performance counters, removal of unused features, and bug fixes.
Version Control An open source BitKeeper clientBitMover has announced the availability of an open source BitKeeper client. The functionality is minimal - it can pull down the current copy of a public BitKeeper tree, and not much else. It will be useful, however, for those wanting to get at BitKeeper-hosted code without using proprietary software. It's available under the "no whining" license which, while not being OSI-certified, is likely to be free enough.
Page editor: Forrest Cook Linux in the news Recommended Reading Linux Kernel Security, Again (Security Focus)Jason Miller delves into Linux kernel vulnerabilities in this Security Focus article. "Not being as intimately familiar with the various Linux distributions as I am with the three BSDs, I figured that I'd have a quick peek into his claim and see what happens. I wrote up a very simple bourne shell script on my work machine, which runs Mandrake Linux, and executed it under my non-privileged account. Within seconds, the machine was brought to its knees -- totally crippled and unusable. I stared at my screen in disbelief for a few moments, totally stunned with what had just happened. " (Thanks to James Feeney)
Expanded ISV Support Gives Linux More Bite (eWeek)eWeek takes a look at the Free Standards Group. "The Free Standards Group, which has just appointed Arthur Tyde - former CEO and co-founder of Linuxcare, now known as Levanta Inc. - as its chief technology officer, is embarking on an aggressive campaign to recruit independent software vendors as members. The FSG, which provides the Linux Standards Base specification, last year released Version 2.0 of the Linux Standard Base with the full support of all major Linux distributions, but large-scale ISV support remained the missing link."
Trade Shows and Conferences Novell's Brainshare 2005: Day 2 (NewsForge)NewsForge reports from Brainshare 2005. "CEO Jack Messman kicked off Day 2 at Brainshare 2005 with a confident keynote that recounted promises made last year, Novell's execution of those, and a flurry of new product announcements. If Novell is acting in desperation, as some have suggested of their move to Linux, it doesn't show itself in their public face. NewsForge also spent some time on the exhibition floor and a lot of time in the press room, where Novell was conducting rapid-fire one-on-one briefings for the media."
O'Reilly ETech CoverageO'Reilly has assembled a long list of articles that cover many aspects of the Emerging Technology (ETech) conference. Today is the last day of the conference.
FUDCon Footage OnlineVideo and audio coverage of the recent Red Hat FUDCon is available in Ogg Theora and Ogg Vorbis formats.
The SCO Problem SCO Plans for the Future (eWeek)We know you all have been wondering when you would see a new Darl McBride interview. Well, eWeek has the goods. "Anyone who buys us now would have to pay a super-premium on price because any price would be based on our IBM litigation being successful."
Companies Snort (rules) for sale (SearchSecurity)SearchSecurity.com reports on the new subscription program for up-to-date rules for the Snort intrusion detection system. "Updated Snort rules will be available as part of a subscription service, costing companies $195 per month, $495 per quarter or $1,795 annually. Educational institutions will be eligible for a discount. Others not concerned as much with timeliness can wait five days and get updated rules for free." For the curious, here is the license for the rules, which is clearly non-free.
Yahoo vows to open all services to Firefox users (ZDNet)ZDNet Australia reports that Yahoo! will be releasing all new features, and testing all new services on both Microsoft Internet Explorer and Firefox. "'The momentum right now is behind Firefox . The Internet players are making sure they don't miss out if there is a mass migration--they have realised that it is not just a Microsoft game anymore,' said [analyst Foad] Fadaghi."
Linux Adoption Linux is a PGA Tour winner (NewsForge)NewsForge covers the switch to Linux at the PGA Tour. "Most of the organization's staff was Microsoft-certified, but also familiar with Unix. When the company began thinking about using Linux internally, one of the biggest hurdles was to get IT employees trained in the open source operating system. Evans had the staff go through Red Hat certification. Once the staff got comfortable with Linux, PGA Tour adopted a new policy: If it can be Linux, that's what we prefer."
Legal Slip, Sliding Away on Software Patents (Groklaw)Groklaw looks at the European software patent issue: "Well, kiddies, take a look at this decision, by the Technical Board of Appeal, on an appeal by, sad to say, IBM, in which the appeal board found a way to say that maybe computer programs can be patented after all, even under the current rules. It's found in the EPO's journal for October of 1999. I thought you might like to see the EU equivalent to the US case, State Street Bank & Trust v. Signature Financial Group. Both in the US and in Europe, the beginnings were small and everyone said software couldn't be patented except in very restricted circumstances, and then the slide begins."
Irish Open-Source Groups Protest Software Patents (eWeek)eWeek covers Irish open-source advocates, and what they have been doing to combat software patents in the European Union. "The document, timed to reach MEPs on Wednesday, was created in response to members' own queries about the subject, said Barry O'Donovan, an open-source activist who helped draft the brief. It follows an e-mail-writing campaign by Irish academics and developers that began early last week, following the EU Council's official endorsement of the EU's controversial draft directive on software-related patents."
Interviews Defender of the Linux faith (News.com)News.com interviews Harald Welte about GPL violations. "Welte is one of the core developers of the Linux kernel firewall engine Netfilter/iptables and the maintainer of the packet filter subsystem in the Linux kernel. In 2004, he set up Gpl-violations.org, which aims to prevent companies from contravening the rules set down in the GNU General Public License."
Miguel de Icaza Explains How To 'Get' Mono (O'ReillyNet)O'ReillyNet interviews Miguel de Icaza about Mono. "Mono's memory consumption is lower than ever, and for GUI applications, it actually consumes less than the equivalent programs written in Perl or Python. It has been an important goal of us to reduce memory usage in Mono. Java, in particular, made people afraid of large virtual machines, and we are working very hard to avoid giving anyone that impression."
Inside GnomeMeeting (O'ReillyNet)O'ReillyNet talks with Damien Sandras about GnomeMeeting. "Damien Sandras says his programming philosophy is "the UNIX way:" designing individual programs that do unique tasks well and interoperate with one another, instead of one program that attempts to do several tasks that other programs already do. His GnomeMeeting is a voice-over-IP (VoIP) and video-over-IP application for Linux that builds upon open source libraries and open telephony standards."
Resources Track bugs with Bugzilla on Linux (developerWorks)developerWorks shows how to get started with Bugzilla. "For those in the support arena, keeping track of issues, problems, and the fixes applied to them can be a daunting task; however, there is a perfect open source answer to this challenge: Bugzilla. Once it is installed, you can easily track bugs and be notified when certain issues and solutions are discovered. This article provides a step-by-step guide for installing Bugzilla on a Linux system."
Getting Started with a TV Tuner Card (Linux Journal)Ron Powell explains how to get a television and FM radio receiver card working on a Linux box. "In preparation, I did a bunch of Googling and reading, and I subscribed to the Video4Linux mailing list (see Resources). This research was vital to the success of the overall project. I strongly recommend that anyone interested in using a TV tuner card in his or her Linux system spend some time researching before purchasing, as proper research can make all the difference. After checking prices and researching various tuner cards, I finally settled on the Hauppauge WinTV Radio card."
Reviews Karamba, what an attractive desktop! (NewsForge)NewsForge reviews SuperKaramba. "The user interface for SuperKaramba themes is defined by a markup language, in which the various user interface elements are loaded from PNG files, placed, possibly color-tinted, and more. This allows for some interesting effects, as shown in the screenshots. SuperKaramba themes encompass everything from neat, techy-looking system monitors to calendars, e-mail notifiers, and more. Through the use of the alpha (transparency) channel in PNG images, many of the downloadable themes integrate well into most desktop environments, be they minimalistic or gaudy. Having a system monitor, calendar, and analog clock running on the desktop background can look really cool."
KDE 3.4 Unleashed (tuxmachines.org)Tuxmachines.org reviews KDE 3.4. "One of the most obvious things one might notice upon their login to 3.4 is the vastly improved speed at which it functions. Desktop start up time is decreased by my approximations of 50% over 3.3. The applications on my desktop open up in about one second. I usually have one instance of konqueror preloaded and I open it to a blank page, but it's opening is just to fast for this human to clock as it is almost instanteous. Kontact takes about one second and kcontrol about two." (Found on KDE.News)
NeroLinux vs K3b (Flexbeta)Flexbeta compares two CD burning applications for KDE, NeroLinux and K3b. "This week Ahead Nero introduced a Linux version of their popular CD burning application dubbed NeroLinux. NeroLinux promises to bring the great features found in the Windows version to the Linux domain. Though the Windows version of Nero is loved by many, how well does NeroLinux stack up against already existing CD Burning applications such as K3b?"
Synchronizing PalmOS devices with Linux (NewsForge)NewsForge reviews a number of open-source applications for connecting with PalmOS-based PDAs. "Smart handheld devices or personal digital assistants (PDA) extend our access to the information on our desktops, from addresses to telephone numbers. Unfortunately, when it comes to vendor support for synchronizing this information with a *nix operating system, the options are limited. In this article, we'll review the various GPL-based suites available for synchronizing PalmOS-based devices with Linux."
Miscellaneous Zeta OS is rising from BeOS ashes (NewsForge)NewsForge covers BeOS successor Zeta OS. "yellowTAB has just announced details of what is to be expected for Zeta 1.0. The list includes an updated kernel and virtual machine (VM) manager for speed increases of up to 40%, breaking the 1GB memory barrier, fixes to BFS, an NDIS wrapper that is expected to greatly improve wireless networking support, a CUPS port for much improved printer support, and a new non-destructive partition manager for easy installation of Zeta on machines that already have Windows or other OS installed. Zeta 1.0 will also come with numerous development tools, including Python 2.4 with a working Bethon (Python modules for Zeta), GNU bash 3.0, GNU coreutils (5.2.1), OpenSSH, and Bash autocomplete with Zeta-specific completion templates."
Page editor: Forrest Cook Announcements Non-Commercial announcements FSFE to help bring Microsoft to its feetThe Free Software Foundation Europe turns its attention to the European Union antitrust case against Microsoft. ""Microsoft has behaved much like unruly children who throw themselves to the ground and have to be dragged along every step of the way," Georg Greve, president of FSFE says. "Since Microsoft seems unwilling to get up and walk, we will help the Commission to bring Microsoft to its feet and move towards reestablishing competition. If they keep dragging their feet, the Commission should end this unworthy spectacle and ultimately fine Microsoft with 5% of the net turnover per day of the relvant market for each day they are not in compliance.""
Korea's ETRI Joins OSDLThe Open Source Development Labs has announced that Korea's Electronics and Telecommunications Research Institute (ETRI) will participate in the Lab's Carrier Grade Linux (CGL) and Data Center Linux (DCL) working groups as OSDL's first Korean member.
Commercial announcements AMD to sponsor linuxaudio.org at Sounds ExpoAMD will be sponsoring linuxaudio.org at the Sounds Expo trade show. "AMD has offered significant sponsorship which will allow linuxaudio.org to have a stand at the Sounds Expo music technology trade show in London, 14-16 April 2005. This will be our second exhibit at Sounds Expo, following generous sponsorship from the AGNULA project last year."
BroadVision Japan and MIRACLE LINUX Announce PartnershipBroadVision and MIRACLE LINUX have announced a partnership. "BroadVision, Inc. a global provider of self-service web applications, and MIRACLE LINUX, a dedicated provider of Linux server operating system products and services to customers in Asia-Pacific-Japan (APJ), announced a strategic partnership to provide BroadVision self-service web applications on the MIRACLE LINUX platform."
Daffodil announces Customer Relationship Management softwareDaffodil has announced version 1.1 of their Customer Relationship Management software. "Daffodil CRM is an open source Customer Relationship Management software that seamlessly integrates all aspects of the customer life cycle - from identifying business opportunities to sustaining existing customers."
Free Standards Group Announces Broad ISV Support for Linux Standard BaseThe Free Standards Group has announced it has raised significant ISV (Independent Software Vendor) support for the Linux Standard Base (LSB) including pledges from industry-leading software vendors such as BakBone Software, IBM, Levanta, Lymeware, MySQL, Novell, Oracle, UGS, VERITAS and others. The FSG also announced it has greatly expanded its member roster with the addition of over a dozen new members.
Nero Introduces NeroLINUX optical recording systemNero has announced their NeroLINUX CD burning application. "NeroLINUX is a comprehensive and flexible application available to LINUX users that want the power and quality of Nero's award-winning burning engine to perform all essential optical burning tasks."
Novell's Brainshare 2005 AnnouncementsNovell has unveiled a series of product, program and partner announcements at their Brainshare 2005 conference. Click below to see the list of announcements, or visit the press room to find out more about these announcements and the Brainshare conference.
Novell to Debut Open Source Technology CenterNovell, Inc. has announced it is establishing the Novell Open Source Technology Center on the site of its Provo, Utah, business campus. The Center will be used to promote innovation in the design and development of open source based applications.
O'Reilly Launches SafariU Custom Publishing PlatformO'Reilly and Safari Books Online have launched a Custom Publishing and Online Platform for Educators. "O'Reilly Media and Safari Books Online announce SafariU, a new service that offers computer technology educators and trainers a rich platform for creating both online and print materials tailored precisely to their teaching needs."
New Books "Head First Java, Second Edition" Released by O'ReillyO'Reilly has published the book Head First Java, Second Edition by Kathy Sierra and Bert Bates.
Mandrakelinux CDs bundled with new booksMandrakesoft has partnered with O'Reilly in the distribution of two new books that are bundled with operating system CDs. "Mandrakesoft today announced the release of two new books for beginners and more advanced users of the Mandrakelinux operating system: 'Discovery 10.1 - Your First Linux Desktop' and 'PowerPack 10.1 - The Full Power of Linux Desktop'. These highly informative guides are both bundled with a copy of Mandrakelinux, and include support services."
Resources New Audio Libre ArticleLinuxaudio.org has a new article (pdf) about the audacity audio recorder application entitled "The Audacity of it!".
The SRA America Open Source NewsletterIssue #1 and #2 of a publication called the SRA America Open Source Newsletter is online. "SRA is member of a growing community of businesses who support Open Source solutions, of which our crown jewel is PostgreSQL. Our support includes a commercial version of PostgreSQL, for the Microsoft Windows platform, called PowerGres which has been in the market for a number of years in Japan and is now being offered in North America. So what's this newsletter about? This, being our first edition, is a bit of a manifesto. There is, as a matter of fact, quite a bit here for the DBA, developer and IT manager alike. You'll find feature PostgreSQL articles, case studies, how-tos, and FAQs. Our objective is two-fold; firstly, to get the word out to our clients what we can do for them and secondly one to support the Open Source community in a very real and direct manner by providing resources and assistance."
Contests and Awards Bug 300000 Sweepstake Announced (MozillaZine)MozillaZine has an announcement for the Bugzilla 300,000 Bug Sweepstake. "The winner of the contest will get some Mozilla merchandise. Gerv's weblog posting has full details of how to enter, which involves specifying the exact time and date that you believe bug 300000 will be filed."
The UKUUG Award for 2005Entries for the 2005 UKUUG Award (£500) are due by April 2, 2005. "The UKUUG Award is given annually for a significant contribution to free and open source software, in the form of an article or paper, software product, or other contribution."
O'Reilly Receives Five Jolt AwardsO'Reilly has won five Jolt awards. "On Wednesday, March 16, 2005, the magazine's editors announced winners of the 15th Annual Software Development Jolt Product Excellence and Productivity Awards, recognizing O'Reilly Media, Inc. with top honors in three categories and Productivity Awards in two others."
Upcoming Events aKademy 2005 Dates and Call for Papers (KDE.News)A Call for Papers has gone out for the KDE World Summit (aKademy 2005). The event will take place from August 27 - September 4, 2005 in Málaga Spain. Papers are due by June 5.
Preliminary GUADEC schedule postedThe preliminary schedule for the GNOME User and Developer European Conference (May 29 to 31, Stuttgart, Germany) has been posted. It looks like three days of interesting talks; we wish we could be there.
Call for contributions for scientific research topics at LSM 2005A call for contributions has gone out for the Libre Software Meeting 2005. The event will take place in Dijon, France from July 5-9, 2005. Submissions are due before the end of March.
Notacon: Apr. 8-10, 2005 in Cleveland, OHThe 2005 Notacon event has been announced. "Notacon is the second iteration of an annual technology event held in Cleveland, OH. The event will run from the morning of Friday, April 8th through Sunday, April 10th. This years focus is on community and technology."
Red Hat Announces Headliners for SummitRed Hat, Inc. has announced the headline speakers for its Red Hat Summit. The event will take place from June 1-3, 2005 in New Orleans, LA. "Matthew Szulik, Chairman and CEO will kick off the opening day of the Summit giving his perspective on where the open source is headed in the coming years. Michael Tiemann, vice president of Open Source Affairs and President of OSI will open the second day of the Summit." Speakers from HP, Intel, and other companies will also be featured.
Tcl'2005 Conference, First Call for PapersThe first call for papers has gone out for the Tcl/Tk 2005 conference. The event will be held in Portland, Oregon around the end of October, papers are due by July 1.
YAPC::NA::2005 Registration Open (use Perl)Registration for the YAPC::NA Perl conference has been announced. The event will take place in Toronto, Ontario, Canada on June 27-29, 2005.
Zend/PHP Conference and Expo 2005The Zend/PHP Conference and Expo 2005 will be held at the Hyatt Regency San Francisco Airport Hotel on October 18-21, 2005.
Events: March 24 - May 19, 2005
Web sites New art.gnome.org released (GnomeDesktop)GnomeDesktop.org has an announcement for the redone art.gnome.org site. Changes include a redesigned web site, a new user system, a comment system, a rating system, and more.
New Jython WikiA new Jython wiki site has been announced. "The Jython project has begun a new wiki. John Reynolds writes in, "Efforts are underway to close the gap between CPython and Jython, and to port Jython to JDK 5. The new Jython Wiki is documenting the progress.""
Page editor: Forrest Cook Letters to the editor Sun Rays
Sir: Regarding Mr. Brook's letter (http://lwn.net/Articles/126572/) of 7 March 2005 (LWN Weekly, 10 March 2005) In the conclusion section, we see: > A Sun Ray user interrupted at work can, for example, pull > her java card from the machine she is working on, cross the country to > another office, plug the card into a machine there, and continue typing > where she left off. Your correspondant retorts: > The trick with the SunRay is nice, and looks really cool, but is > hardly worth the money in 99% of cases. Ask Sun how much more your > network infrastructure costs when you've set it up to arbitrarily > pipe video all over the country. As a Sun Ray administrator (and private owner) I can personally tell you the following: - Yes, your server infrastructure is higher; however since you are not putting $2000 computers on everyone's desks any more, these higher costs get recouped much faster than you realize. - Sun Rays do very well over low bandwidth links -- I have personally run my Sun Ray at home over a VPN link yielding less than 250Kb/s with acceptable performance. OK, I'm not going to play a movie or music over this link, but as a comparison a typical X application on a Sun Ray over such a link is far more usable than the same X application directly forwarded to a display on the same network. Over all it is amazing how _little_ money this solution actually requires and how well it can operate on exiting (presumably already paid-for) infrastructure. Since I have adopted a Sun Ray as my primary desktop at the office, and a Sun Ray at home (connected to a local computer), I hardly ever use my laptop any more. Sun Rays are an elegent solution to many of computing's logistical and financial challenges. -- /\oo/\ / /()\ \ David Mackintosh | Public Key: dave@xdroop.com | http://www.xdroop.com/dave/gpg.html $ gpg --recv-keys --keyserver subkeys.pgp.net 4C032504 Mystery attachment? http://xdroop.dhs.org/space/GPG
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Kubuntu]](/images/ns/kubuntu-circle.png)
![[Ubuntu GNOME screenshot]](/images/ns/ubuntu_gnome-sm.png)
![[Kubuntu screenshot]](/images/ns/kubuntu-sm.png)