One might think that there are already enough industry bodies working on
Linux in telephone applications. But, on November 14, a new group,
called the "Linux Phone Standards Forum" (or "LiPS") announced
. According to the release:
The LiPS Forum will accelerate the adoption of Linux in fixed,
mobile and converged devices by standardizing Linux-based services
and APIs that most directly influence the development, deployment
and interoperability of applications and user-level services.
In essence, LiPS wants to push toward the creation of a standard low-level
phone platform which allows vendors to focus their efforts on the
higher-level features which set their offerings apart. The appeal of this
idea is not that hard to understand. As an operating system for
telephones, Linux is hard to beat: it can be customized to taste, it is
efficient, and it lacks per-unit royalty costs. In addition, mobile
platforms have become powerful enough to run Linux, and many mobile
applications are sufficiently demanding to require a complete operating
system like Linux. On the other hand, Linux lacks the features specific to
telephony which can be found in a proprietary platform like Symbian. By
filling in that layer of telephony-specific features, LiPS hopes to create
a competitive platform for future products.
LiPS will probably be successful in scheduling meetings, generating white
papers, and cranking out press releases. But if LiPS truly wants to turn
Linux into a platform it can rely upon in the future, its management may
want to consider engaging openly with the development community;
"cooperating with OSDL" is not sufficient in this regard. If LiPS sees
itself as another proprietary, members-only consortium, it will cut itself
off from much that the community can provide.
A good start would be to admit some community projects to the group. For
example, since they claim to be trying to build platforms for telephony in
general - not limited to mobile devices - the LiPS member companies might
well benefit from having somebody from the Asterisk and Bayonne projects at
Even better would be to work with the community directly. A look at the
list of companies which have joined LiPS (ARM, Cellon, Esmertec, France
Telecom/Orange, FSM Labs, Huawei, Jaluna, MIZI Research, MontaVista
Software, Open-Plug and PalmSource) and the other companies which have been
active in Linux-based telephones (Motorola, Haier, Nokia, NEC, Panasonic,
Samsung, ...) has few intersections with the list of companies
participating in Linux kernel development. If the LiPS members truly want
to get the most out of Linux, they will be better off working with the
development community and contributing back their improvements. The recent
announcement by the
Consumer Electronics Linux Forum that it had hired a Linux kernel developer
is a step in the right direction, but it is only a beginning.
Finally, if LiPS truly wants to achieve world domination with Linux-based
phones, it should give some thought to the creation of a user-hackable
platform. A phone which can be extended to perform functions never
envisioned by its creators will be a far more valuable device, and it
should find a wider market. Unfortunately, the mobile phone market tends
to be dominated by companies which behave like, well, telephone companies,
with the result that even routine features (such as Bluetooth) can be
locked down, and user-hackable devices are a rarity. When a device is
fully locked down, it matters little to the user whether it is running
Linux or something else altogether. If LiPS were sufficiently enlightened
that it could go against the closed nature of the industry and
specify the creation of Linux-based phones which have not had the
natural freedom of Linux stripped out of them, it could be the start of
something truly interesting.
Comments (10 posted)
For most companies, simply being caught installing rootkit-like software
onto the systems of customers who simply thought they were playing a music
CD would be bad enough. Certainly, since the Halloween disclosure that
some SonyBMG discs install a rootkit (called "XCP") has been a source of grief for that
company, and rightly so. It takes a truly expansive interpretation of the
notion of "intellectual property rights" to believe that such rights allow
the installation of malware on other peoples' computers. As this event -
and those which have come after - have shown, however, SonyBMG appears to
have learned little from the whole episode.
Just how little the company has learned can be heard on this
NPR interview with SonyBMG manager Thomas Hesse. When asked about the
rootkit, Mr. Hesse responded:
Most people, I think, don't even know what a rootkit is, so why
should they care about it?
As the class-action suits begin to pile up, and as even Microsoft feels the
need to create a Sonyware removal tool, maybe Mr. Hesse will eventually
realize that people (who are rapidly learning what a rootkit is) do care.
SonyBMG has claimed that there is no "phone home" capability in this
software. Unfortunately for the company, connections back home are
relatively easy to detect. Some investigation
quickly showed that SonyBMG's software does indeed make a connection back
home when the CD is played. Nowhere has SonyBMG alerted its users to this
behavior and the associated privacy problems.
For additional amusement, see the EULA which
comes with the rootkit software.
SonyBMG has made an uninstaller available for those few users which are
capable of understanding what a rootkit does and being upset by it. It
turns out, however, that this uninstaller is worse than the original
rootkit. Running the uninstaller opens a number of holes - which can
be exploited via web pages - in the target system. So victims of SonyBMG's
rootkit who care about the security of their systems are in a bind; there
is currently no straightforward way to get that software off the system
without compromising the system even further.
Yet another ironic twist is the possibility
that Sony's rootkit includes some LGPL-licensed code, but does not comply
with the license. If this were true (and there are some doubts
on this point, though they seem to be getting
smaller), the hypocrisy would be complete.
In response to all this, SonyBMG announced that it would "temporarily" stop
making CDs with XCP on them. There was no apology, much less an offer to
compensate people whose systems have been compromised. Neither was there a
recall of the (apparently millions) of malware-infected discs which were
still in the retail pipeline. Only on November 15 did SonyBMG finally
give in, recall the outstanding XCP-infected CDs, and offer to replace
discs in the hands of its customers. Said users are still waiting for the
compensation offer, however.
It is also worth noting that Sony is still shipping CDs with
Sunncomm's MediaMax DRM code on them. MediaMax may not be quite as bad
as XCP, but it is still hostile software which, among other things, phones
In the end, SonyBMG appears to have been slapped down fairly hard for its
actions. It would be a mistake to assume that this sort of incident will
not happen again, however. The entertainment industry has managed to
create such a strawman enemy out of "pirates" that any sort of response
appears to be justified. In a world where these folks can dictate the
design of radios and televisions, attempt to legalize online attacks against
"pirates," and file lawsuits against children, the addition of malware to a
music disc seems like a small thing. Until such a time as this industry
stops seeing its own customers as enemies, it will fail to show those
customers any respect.
Linux users should not expect much respect either. Efforts like the
broadcast flag already threaten to make the creation of free television and
radio receivers impossible. Beyond any doubt, the music industry looks
forward to the day when even playing a song on a free system will be
disallowed. As Linux users, we are not much impressed by the idea that, in
order to play a music track, we must accept the installation of hostile
software onto our systems. Unfortunately, we may yet see a day when that
is the only choice we have.
(See also: the EFF's open
letter to SonyBMG and the Sony
timeline on BoingBoing).
Comments (56 posted)
One would think that free software would be a natural for a country like
India. With free software, a developing nation can take greater control of
its infrastructure, avoid paying hard-currency licensing fees, and worry
less about "pirates" creating difficulties with foreign companies and
governments. When the country also has vast numbers of smart and
highly-educated people, as India does, free software seems like an even
better fit. There is no doubt that use of free software in India is
growing, but the country has not always been strongly represented in the
Things are clearly changing however, and one of the clearest signs of that
change is the upcoming FOSS.IN conference,
starting November 29 in Bangalore. This conference, now in its fifth
year, expects some 3000 attendees, offers over 140 talks, 20 tutorials, and
a growing list of BOF sessions. The list of speakers includes many
Indian names, quite a few of which are known well beyond India. Other
speakers, whose names might be more familiar to most LWN readers, include
Andrew Cowie, Harald Welte, Alan Cox, Jeremy Zawodny, Brian Behlendorf,
Dave Phillips, James Morris, Rasmus Lerdorf, and Danese Cooper. The talks
cover a vast range of topics, including legal and advocacy issues, a strong
education track, embedded systems, kernel hacking, security, and much
in other words, is working toward being a world-class free software
This conference is certainly taken seriously within India. The
Visvesvaraya Technological University (the leading technical university in
the state of Karnataka) has sent out a letter to over 100
engineering colleges asking them to urge their students to attend FOSS.IN.
As it grows to become one of the largest technical free software events
anywhere, FOSS.IN is increasingly going for world-wide respect.
That notwithstanding, the conference organizers have also consented to let
LWN editor Jonathan Corbet speak at the event. This was an opportunity not
to be turned down, and your editor is looking forward to attending and
reporting from FOSS.IN (even if he's a little less enthusiastic about the
24-hour travel time each way). Look for the first reports in the December 1
(The image shown above was taken from this very nice set of
posters put together by Hari Krishnan).
Comments (none posted)
A reminder: the (U.S.) Thanksgiving holiday is next week. LWN's editors
traditionally publish the Weekly Edition one day early on Thanksgiving
week in order to be able to go join their families and eat enough food to
last through the end of the year. We'll return to the regular schedule
the following week.
Comments (2 posted)
Page editor: Jonathan Corbet
Inside this week's LWN.net Weekly Edition
- Security: Three "trusted computing" security modules; New vulnerabilities in emacs, ftpd, gdk-pixbuf, lynx, ...
- Kernel: 4K stacks again; VM: page migration and fragmentation avoidance; The end of isa_readb(); A software suspend decision point.
- Distributions: PC-BSD: FreeBSD For Dummies; Xandros Launches German Desktop OS; Bent Linux, G-ZyX
- Development: Asterisk - the Open-Source PBX, GNOME Dictionary report,
new versions of Shorewall, Bootchart, LDAS, WyattERP, KDE, Xfce, XCircuit,
ShadeVis, PyQt, Wine, bogofilter, OpenEMR, HylaFAX, StrBio, CinePaint,
DVDStyler, Jericho, ECL, XOAD, AFPL Ghostscript, JLog, PySizer, aegis.
- Press: New package management tools, Threats to Open Networking, Geek Cruise coverage, Open Source Symposium
coverage, Sleepycat's business model, Linux dominates supercomputer domain,
Open Inventions Network formed.
- Announcements: MS finds Linux expensive, PalmSource Joins LiPS, Bioinformatics for Linux,
JPEG patent challenge, Sony rootkit EULA, Moodle Newsletter, SC2005 press
releases, LC.AU program online, PyCon CFT, OSDL patent commons ref library.
- Letters: Linux boot time.