LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for December 1, 2005A day at FOSS.INFOSS.IN 2005 got underway on November 29. The conference got off to a bit of a rough start; funding problems and travel hassles led to the last-minute cancellation of a number of talks. On opening day, glitches in the registration process resulted in hundreds of attendees standing in line under the strong Bangalore sun while the (already delayed) sessions began without them. These little problems notwithstanding, FOSS.IN has the look of a successful conference.Frequent attendees of technical conferences become used to spending their days in closed auditoriums and cavernous ballrooms. FOSS.IN, instead, consists of temporary buildings (essentially large, canvas tents with steel frames) set up in a dirt field. The Bangalore Palace makes an interesting backdrop for the event, but it hosts only a few of the sessions. Dogs wander between the lecture halls, though the cows have, so far, avoided the area in favor of the traffic-choked roads nearby. Inside, the conference buildings have all the usual facilities; they are a pleasantly airy space. Just watch out for the rough floor. If there is an underlying theme to this event, it is participation. India's presence in the free software community, and its contributions to that community, are relatively small relative to its population and its use of free software. The conference's organizers and speakers would like to change that. In the opening remarks, organizer Atul Chitnis noted that, if even ten members of the audience were motivated to start hacking and giving back to the community, the event could be considered to be a success.
Example: quite a few companies in India are doing free software work, but they are not contributing their changes back. Many of them, it seems, are afraid of the possibility that the community might fork their code. Indian companies fear that possibility so much that they are unable to relinquish control, and, as a result, keep their code to themselves. These companies need gorillas, somebody who will make the case for letting go and giving the code back to the community. Another problem in need of attention is universities which make claims on the work done by their students. These universities need to let go and let their students take their ideas forward. The reputational benefit to the universities will far exceed the benefits of any revenue which might come from commercialization. Danese is also concerned about the number of Indian startups which target the American market. Yes, that market is large, but it is also distant and highly competitive. Indians would be better advised to work on problems in India. The talk also discussed reasons for participating. By participating in the free software community, countries like India can reap benefits beyond simply avoiding license payments to distant companies. Working on free software helps to improve the population's technical skills. The development of local expertise will lead to local wealth creation, and the establishment of a reputation for strong software development. Zaheda Bhorat talked about how Google participates in the free software process. The talk covered Google's reasons (most of which will be well familiar to LWN readers), some of Google's released code (found on code.google.com, and various other things Google is doing to help. There was also a lengthy discussion of the "Summer of Code" program and the benefits that have come from it. There were a few Indian participants in the Summer of Code, but far fewer than from the US and Europe. Zaheda would like to see that change for any future programs. A final inducement to participation could be seen in the small exposition area. Many of the participating companies had the obligatory product and service brochures, but quite a few of them are also using their booths to recruit developers. It would seem that, for Indian hackers with free software skills, now is a good time to be looking for a job.
When Is a Standard Truly Open? - When It's Universal, Reflections on Massachusetts and Microsoft's XMLThere are standards and there are standards. They are not all born equal.What makes one standard open and not another? Massachusetts, when deciding to use the OpenDocument Format, as set forth in its Enterprise Information Technology Architecture (ETRM) document [PDF], set the bar here: [Secretary of Administration
& Finance for the Commonwealth of Massachusetts Eric] Kriss emphasized,
however, that the state is not moving to open standards for economic
reasons but to protect the right of the public to open and free access
to public documents for the foreseeable future. "What we've backed away
from at this point is the use of a proprietary standard and we want
standards that are published and free of legal encumbrances, and we
dont want two standards," Kriss said. A recent statement by the Governor's office in Massachusetts, expressing optimistic hopes that Microsoft's Office Open XML document formats will meet their standard for an "open format" someday raises two questions: Is the Microsoft covenant not to sue, assuming it is someday offered for their new version of XML schemas, and their plans to submit their XML to standards bodies ECMA and ISO sufficient to meet the Massachusetts requirements for openness? If so, what are the implications for the Internet? If not, will Massachusetts decide their bar was set too high, in order to include Microsoft? If the bar was set too high, which part shall we lop off?
Shall we say the public has no right to open and free access to documents their tax money paid for? No. Massachusetts has a Public Records Law [PDF] that mandates [PDF] that "all people have an absolute right of access to public information". The law doesn't distinguish between paper documents and digital documents. The disabled have a right of access, but so do the rest of us.
Are proprietary standards acceptable if nonproprietary, universally available standards are available? Can a government dictate which operating system you have to use to access those documents? More pointedly, can it favor one proprietary vendor and compel citizens to spend money on a proprietary system, when they already have a perfectly functional operating system on their computers already?We already saw in the Katrina disaster what happens when a government agency enables Windows-only access. I wrote about that in "When Open Standards Really Matter: the Katrina Factor", which begins like this, trying to explain why standards matter: If you have
any doubts about the direction Massachusetts is following in requiring
open standards for all government documents, consider what happened when
Hurricane Katrina knocked out almost all communications except the
Internet. Cell phones and walkie talkies failed, once again, just as
they did in 9/11, as David Kirkpatrick tells us in an article in
Fortune:
In the immediate aftermath of the hurricane, much of the regions
communication systems failed or didnt work properly. Water and wind
knocked out power, toppled phone lines, and destroyed cellphone towers.
What systems remained were quickly overwhelmed. When rescue workers did
have working equipment, like walkie-talkies, they often couldnt connect
with others on different communication systems. Catch that? "On different communication systems." The same thing happened after the tsunami disaster in Thailand, as a report just released by the ePolicy Group reports:
"Responding agencies and nongovernmental groups are unable to share
information vital to the rescue effort," the report recalls of the
government in Thailand in the tsunami's immediate aftermath. "Each uses
different data and document formats. Relief is slowed; coordination is
complicated. The need for common, open standards for disaster management
was never more stark or compelling." Isn't it time, after so much suffering, to recognize that keeping people alive is more important than allowing private companies to lock in customers into proprietary systems that don't then work in an emergency? And why does the Internet always work, no matter who you are or what operating system you use? Because it was built, not on proprietary standards, but entirely on open standards. That's why you can send an email to me, even if you are using Microsoft Outlook. I don't run any Microsoft products currently, but because of open standards, I can still read your email, and in an emergency, we will not be disconnected because we are on "different communication systems." Accepting Microsoft's proprietary XML *with its proprietary extensions* as the language of the Internet would certainly alter the openness and universality of the Internet. Proprietary, by definition, means it isn't universal. Is that what we want? If Massachusetts accepts proprietary extensions, it will inevitably be excluding some of its citizens, I think. Can any government, including Massachusetts, in the Internet age, justify telling its citizens, by the decisions it makes, that they must stop using their operating system of choice -- one used by millions all over the world -- and instead purchase a proprietary vendor's product instead if they wish to interact with their government? In any case, in an emergency, it may not be possible to quickly buy a Windows operating system. People use what they have. Sometimes it's all they have access to; sometimes it's all they can afford. On what basis would you argue a government should do that? More pointedly, on what *legal* basis would you argue they can? Should Massachusetts wait for a future, yet-to-be-developed proprietary standard, not yet published, on terms that are not yet fully known, controlled by a single vendor, when you have one that is vendor-neutral and is already available? On what basis could the Commonwealth justify such favoritism to a single company? In the FAQ on the Commonwealth's ETRM, they state this: The Final ETRM
Version 3.5 does not require that agencies use only one office product.
To the contrary, it offers agencies many choices. Agencies may choose to
retain their existing MS Office licenses, as long as they use a method
to save documents in Open Document Format. They may also use one of the
many office tools that support Open Document Format in native format---
OpenOffice, StarOffice, KOffice, Abiword, eZ publish, IBM Workplace,
Knomos case management, Scribus DTP, TextMaker and Visioo Writer.
Because the Open Document Format is an open standard, it increases the
vendor pool available to state agencies by encouraging and permitting
vendors not already in this field to develop products that support the
standard. Adoption of the Final ETRM Version 3.5 will greatly
increase competition among vendors for the sale of office applications
to agencies. What about legal encumbrances? There are still questions about legal encumbrances on the MS XML and related licenses and EULAs. Is that going to be the part Massachusetts should wink at? They'd likely be sued if they tried, I think, and I doubt they will try, because it would be impossible to justify it in public, for one thing. That's the kind of thing that only works in back rooms, and nothing about this process will be hidden from the public's gaze.On the issue of license clarity, obviously, if you can't understand the license, you won't dare to use the standard. I don't understand all the legalities of Microsoft's covenant not to sue and I don't know anyone who does. The danger is in establishing a standard that would, in effect, block Linux and GNU/Linux developers from participation. Do you imagine that could never happen? Consider your history. Remember the SenderID flap? Who was to be left out in the EU Commissioner-MS deal? Do you really want to set up a world where Linux could never happen again, a world where the Linux we have is exiled to the backwaters of technology? Just being an ECMA standard doesn't mean it is open enough for *government* use. ECMA standards, by their own self-description, are for industry use: Ecma is driven by industry to meet the needs
of industry, generating a healthy competitive landscape based on
differentiation of products and services, rather than technology models,
generating confidence among vendors and users of new
technology. The needs of government are not identical to the needs of industry. It's up to industry to meet the needs of government, not the other way around. The government is the customer, after all, so they get to state what they need in a product and to choose whatever meets their needs best. Finally, shall we have two standards? That seems to be what they are leaning toward. The Commonwealth has already stated that the disabled can continue to use Microsoft's products, if there are no better options they like, so that might be one area of carve-out. From what I've heard, however, that will be a solved problem for ODF by the time of the 2007 rollout. So again, the issue is going to be: should a government favor a proprietary solution, when there is a universally available solution that isn't proprietary and excludes no one? Tim Bray has made a sensible suggestion:The ideal outcome would be a common
shared office-XML dialect for the basicsand it should be ODF (or a
subset), since thats been designed and debuggedthen another extended
vocabulary to support Microsoft features , whether theyre cool new
whizzy features or mouldy old legacy features (XML Namespaces are
designed to support exactly this kind of thing). That way, if you stayed
with the basic stuff youd never need to worry about software lock-in;
the difference between portable and proprietary would be crystal-clear.
And, for the basic stuff that everybody uses, thered be only one set of
tags.
This outcome is technically feasible. Who could possibly be against it? Let's think about what we should look for in a standard, what elements justify even calling it a standard. I'd like to redefine the issue, if I may. I think the sine qua non for a standard isn't whether it's open or proprietary. If, for example, Microsoft can open up its XML to match ODF's, that's fine with me. The real issue isn't openness alone. It's universality. Let me explain. In trying to understand fully the standards issue in Massachusetts, I came across a helpful list on Bob Sutor's blog dating back to September. I hadn't read it, and perhaps you didn't either, so I'd like to provide here the danger signs that a standard isn't as open as it needs to be. I think it's pertinent, because Microsoft folks are telling the world that by applying to ECMA, the conversation about whether their XML is open enough should be over. It's only just beginning, actually, as they will discover. Consequently, let's list the elements Sutor provides that indicate there is a problem with a standard and you can judge for yourself: In practice, I think it is probably easiest to tell when a
standards effort is less open than you think it should be. Here are some
danger signs:
I see at least 6 items that would apply to Microsoft's XML. I'm sure I don't have to underline for you that the last is the deal-breaker, proprietary extensions. It's not a standard unless it's universally available and usable by everyone. The whole point of a standard is interoperability. Can everyone use it and have it work? Proprietary extensions, by definition, hamper interoperability. The real question to me isn't just whether a standard is open. That's a continuum anyway, with various degrees of openness. The real question that matters is: is it universal? Can everyone freely use it? If not, should it be a standard?
XML Standards Impact the Internet, Not Just Massachusetts When we're talking about XML, we're talking the Internet, not just about Massachusetts, because XML is the language of the future Internet. HTML was fine as the universal language for the Internet for its babyhood, but the future is XML, and so any discussion about standards for XML involve the Internet too. It's the next step, because it enables collaborative computing and universal data exchange.No doubt Microsoft wants its proprietary version of XML to be adopted as a standard. But seriously, do you want the Internet's common language to belong, in essence, to one US company? And what a company! Ask yourself one question, and let your natural, first instinctive response answer: Do you trust Microsoft? If you do, kindly tell me why, in light of their history. This is a company twice found guilty of antitrust violations, on two continents. What should that tell you? They had a version of the Internet too, remember? Happily no one was foolish enough to accept it. The theme of the Internet is universality, not proprietary walled gardens. Do you remember how Microsoft added proprietary extensions to HTML and degraded performance for competing browsers? In the ETRM document, referenced above, the Commonwealth pointed out something very important: Initiatives such as Homeland Security rely upon all parties
adhering to Community of Interest XML specifications, defined by open
standards bodies comprised of representatives from Government, Business
and Technology Communities. Open formats for data files ensure that
government records remain independent of underlying systems and
applications thereby preserving their accessibility over very long
periods of time. Do you really think the Internet language should be determined by just one US proprietary company motivated by their own profit? The rest of the world will not go along with that, even if Massachusetts were to think so. And then how will they interchange data with countries and governments abroad? Massachusetts will be odd man out. Accepting Microsoft's version of XML with its proprietary extensions as the standard will thus result in serious issues ahead. The Internet only works well if *everyone* uses the same language, and frankly, the whole world isn't going to accept Microsoft's proprietary XML as that common language. Can you imagine Europe agreeing to that? Or China? Or South America? FOSS developers? The next question is: Do we want two standards? Two Internets, in effect? That destroys the very purpose of the Internet, which is universality. Can there be justification for degrading the performance of something as important to us as utilities are for the sole benefit of a single proprietary vendor? I understand why Microsoft wants that, but why should you? And there is a choice. ODF is here right now. There is no pie in the sky about it. It's not a year away. It's a universal standard, not vendor-controlled, which everyone can use, including Microsoft, without having to open up in any way themselves. We're not just talking about Microsoft and Massachusetts, then. We're talking about the Internet, which doesn't belong to any company or any country. It's for everyone, and everyone uses it. Because it's universally available and usable, shouldn't the language of the Internet be universal too?
The Grumpy Editor's guide to music managersYour editor's computerized music collection started small - a few CDs converted to Oggs and placed on the laptop to eliminate the need to carry a CD player when traveling. Then the live music trading community, of which your editor is occasionally a part, moved away from complex and unreliable tape formats to optical media, and, increasingly, online exchange. The digital music player showed up, replacing the old CD player as another gadget which must be hauled (along with charger) in your editor's increasingly heavy backpack; it brought with it a larger collection of highly compressed music files. Over time, the pile of digital music has become an unorganized mess of files in several formats, overflowing from its own, dedicated disk drive. There must be, one would think, a better way.In search of better ways, and looking for an excuse to listen to more music while pretending to work, your editor delved into the world of free music managers. The manager part of that is key: the world is full of music players, but they are generally not helpful in organizing that big pile of music files. Your editor would like a tool which brings some order to the mess, makes finding and playing music easy, and helps with the management of one or more digital audio players. The search turned up three tools, all of which have some nice features, but none of which are, yet, a full solution. Before getting into the specific tools, however, please indulge your editor with a topic which brings out his grumpiest side. Most of the tools discussed below offer iPod support. They can move files back and forth, interface with the on-device database, and generally perform the functions that an iPod owner might like to do. Your editor does not own an iPod. None of the applications reviewed has any useful concept of working with other digital audio players. Supporting only the iPod is as foreign to the free software way of doing things as supporting, say, only the i386 architecture or the Word document format. The iPod, as nice as it is, remains a highly proprietary device in a sea of alternatives. One can understand if iPods are supported first, since so many of them are out there; your editor very much hopes, however, that the developers have thought a little beyond the iPod and designed a digital audio player interface layer which is capable of a little more flexibility. Beyond that, few of the managers reviewed appear to have much idea that a digital audio player is a separate domain, with, perhaps, its own rules. These players, for example, generally require lossy, compressed audio formats. But, when using a larger system, the idea that lossy audio is fit to be pumped through one's $1500 (each) speaker cables is insulting at its core. If much of one's audio collection is in lossless formats (FLAC, say), it would be nice to be able to move files to a portable player and have them automatically transcoded into a format that works on that player. In the absence of such a feature, it becomes necessary to keep music around in multiple formats - and most music managers do not deal well with that.
Rhythmbox
Rhythmbox is a longstanding GNOME music
manager. It contains many of the expected features, but it has also been
subject to a certain amount of muttering in the GNOME ranks. The biggest
The initial Rhythmbox display is sparse, essentially a large, blank window. Gaining access to music requires "importing" it into the "library." An entire directory tree can be imported at once, but Rhythmbox feels the need to complain about every non-music file it finds in the process. After the import process, the user is presented with a list of every known track in one very long, scrolling window. There is not a great deal of organization evident at this point. A small button marked "show browser" opens a pair of panes allowing the selection of a subset of tracks based on the artist and/or album. There is also a "search" blank which restricts the list to tracks which contain (in the artist, album, or title field) a given string. Searching can be used, say, to find that recording of "Louie, Louie" that you know you have somewhere, or, for fans of a certain persuasion, to get a full list of all performances of "Dark Star" in the collection. The results form a sort of instant playlist, so one can perform a quick search, hit "play," and get hours of uninterrupted, out-of-tune Jerry Garcia goodness. Not that your editor would be into such a thing, of course. Speaking of playlists: they are created from a menu entry, and appear in the left side pane. Creating playlists is a simple matter of dragging and dropping songs into it. It is not possible, however, to see the contents of a playlist and the library at the same time, so the creation process is somewhat blind. One obnoxious feature of Rhythmbox is how it treats albums: it sorts the tracks by title if the track files do not, themselves, contain ordering information. Since much on-disk music is created with file names which describe the order of the tracks, it would be nice of Rhythmbox would use that information. The music player itself is functional, if rudimentary. It has repeat and shuffle modes, as one would expect. There is a scrollbar which can be used to move within a track, but it is strangely located far from the other player controls. Rhythmbox, like most of the other applications reviewed here, puts an icon in the panel tray, allowing it to be controlled without having a window on-screen. Rhythmbox also understands (and can "tune into") Internet radio stations. Of course, the out-of-the-box install fails to cope with the formats used by most stations, but some quick searching and installing takes care of that problem. Additional features (help in finding stations, recording from a stream) would be nice, but what's there is a start. Rhythmbox has the ability to import tracks from CD - though it outsources the work to SoundJuicer. It is unable to burn tracks to CD. Rhythmbox also lacks any sort of digital audio player support; not even the iPod is supported. Banshee
When GNOME users talk about replacing Rhythmbox, the most
The initial Banshee experience is similar to what one sees with Rhythmbox. After an import process, a long list of tracks appears. Unlike Rhythmbox, however, Banshee has no features for narrowing the list of tracks by artist or album. The search facility can often be pressed into service to obtain similar results, but it is more awkward. Playlists are handled in pretty much the same way as in Rhythmbox. Banshee lacks Internet radio capability. Banshee does have a couple of nice features. One of those is the ability to edit the metadata in music files. A CD ripped using information from one of the online databases often ends up with some very strange metadata: it's always fun to find that whoever entered the information decided that Led Zeppelin belongs in the "ambient" genre, or that they decided to change the spelling of disk set name between the first and second CDs. Once you find the metadata editor (nicely hidden as "properties" on the "view" menu), you can fix problems like that. By most accounts, Banshee has the best iPod support among the available free music managers. Among other things, it understands that it may have to transcode music as it moves it between the computer and the player. Banshee has a few different ways of controlling the movement of music to and from the iPod; it can be done entirely manually, or the library can be automatically synchronized with the player. Banshee has a CD importer built into it, and it can import to a number of different formats. The ability to burn CDs is also there. At least, the web page says so; the version of Banshee from the Ubuntu repository does not appear to be able to perform either task.
Quod Libet
Quod Libet is a GTK+
Quod Libet resembles other managers at startup time, and users go through the same sort of import process. Tracks are displayed in one big window. It is possible to get a browser which narrows based on artist and album, but the user must explicitly ask for it, and the browser is separate from the music player controls. In fact, there are two different browsers with very similar functionality. When a playlist is created, a separate window is popped up; the usual drag-and-drop mechanism will populate the list. Access to playlists is via a pulldown menu slipped in between the player controls and the track list. It's a somewhat awkward interface, especially as the number of playlists gets large. The distinguishing feature found in Quod Libet, perhaps, is its plugin mechanism. A simple Python interface makes it easy to add new features to the system; some of the available plugins include a song blacklist, various features for obtaining and displaying album cover art, a CD burning feature, an AudioScrobbler client, and a simple plugin for copying files to a portable player.
Amarok
Amarok appears, as of this writing, to
be where much of the
music management action is happening. The Amarok hackers have, in a short
Amarok makes an immediate impression when it is started; the developers have clearly put quite a bit of effort into its appearance. The interface makes more use of color than the other music managers. It also never sits still; like a jukebox in a bar, Amarok is always flashing lights and generally trying to attract attention to itself. Some of the gaudier features (like the "on-screen display" which comes up every time Amarok starts playing a new track) can be turned off, but others (the flashing track name in the playlist display) are seemingly permanent. The work which has gone into creating a visually appealing tool is appreciated, but not everybody likes flashing distractions on their screen. Needless to say, Amarok does album covers. They can be obtained from the net, browsed, and saved by the user, and come up with the relevant tracks are played. It also has features for digging up song lyrics and looking up artists in Wikipedia. Tracks are imported into the "collection" in the usual way, but things change after that. The music collection is displayed in the left pane in file manager-like presentation. Nothing one might try in that pane, however, will cause a track to be played. In Amarok, everything is a playlist, and tracks must be added to a list before one can hear them. Double-clicking on an album will cause all of its tracks to be moved to the current playlist; from there, they can be heard. Individual tracks can also be dragged over. The playlist is cumulative, so a bit of wandering around in the collection can create a truly eclectic selection of tracks in the list. Playlists can be saved, at which point they appear in the hierarchical playlist display. The playlist display includes a section for Internet radio stations. The music player itself has seen a fair amount of development attention. There is a small, xmms-like player window, a fancy frequency-amplitude display, and a built-in graphic equalizer. There is also a "queue manager" which can be used to program a sequence of tracks to be played; your editor is not entirely clear on how this feature differs from the regular playlist mechanism, however. There is a "dynamic playlist" feature which is poorly documented; it appears to try to find tracks (with help from AudioScrobbler) which are, in some way, similar to those which are already in the playlist. There is reasonable player support built into Amarok, but, of course, it only supports iPods. Unlike the other players, Amarok allows the user to configure a mount command to make the player available. Amarok is scriptable, and has a script manager built into it. Some of the available scripts can make the player stream out whatever is being played, perform transcoding of audio files, and more. There is also a "transfer to media device" script which can make Amarok move audio files to a USB-storage device. It knows nothing about the filesystem hierarchy on the destination device, however, not to speak of issues like encodings, so this script is not particularly useful. There are many other features to this tool: fancy "visualizations," CD burning, track metadata editing, cross-fading between tracks, downloadable themes for the "context" window, automatic track rating (who knows how it works), basic podcast support, and more. Hopefully the idea is clear by now.
ConclusionReaders who are mainly interested in iPod support may also want to have a look at gtkpod. Those of us with other devices will have to be content with advanced tools like rsync. Clearly a lot is happening in this particular "type manager" niche. That is a good thing: computers are increasingly at the center of the audio experience, and we are going to need good tools to keep our music collections from looking like those piles of CDs, DATs, cassettes, records, eight-tracks, and other media that many of us have been surrounded by for much of our lives. The tools which are available now are far beyond what was out there even one year ago; once again, the free software community is showing how well it can create great applications when it gets fired up. There is still some thinking which needs to be done in this area, however. The Rhythmbox and Amarok developers have realized that net-based audio is of increasing importance; their support for Internet radio streams is the result. Amarok's podcast support is also nice, if a little hard to get started with. Feed it an RSS file, however, and your playlist will always have a current listing of what's available from that podcast source. Now if we could just convince more podcasters to offer something other than the MP3 format, things would be even nicer. Most of us want to take our music with us, and, thanks to the availability of high-capacity digital players, we can. The music management application developers are still figuring out how to cope with a music "library" which comes and goes, and which may or may not be a mirror (perhaps in a different encoding) of a local library. And they all seem to have difficulty with the idea that some of us folks - the more unfashionable ones, certainly - might use something other than an iPod. Your editor is looking forward to improvements in this area. An especially nice thing would be a cooperation with the Rockbox project to ensure that Rockbox-equipped players are seamlessly integrated. Given that, soon, iPods will also be able to run Rockbox, it seems that there should be a large enough user community to motivate some effort in that direction. Your editor, if pressed to make a recommendation now, would have to go with Amarok. It has a feature set and visual appeal which is unmatched elsewhere. For those looking for a basic manager for music which lives only on the computer, Rhythmbox is also a stable and functional alternative. Banshee shows signs of developing into a highly capable application, but it is not there yet. Given some time, however, along with a broader willingness to install the whole Mono system, and Banshee may yet push its way toward the top of the list. Now, if you don't mind, your editor has some tunes to listen to.
GPLv3 draft coming in JanuaryThe Free Software Foundation has sent out a press release describing the process for the upcoming discussions on the new version of the General Public License. "After publishing the first discussion draft of the GPL in January, the FSF will begin a structured process of eliciting feedback from the community, with the goal of producing a final license that best defends freedom and serves community and business. The process will include public discussion, identification of issues, considerations of those issues, and publication of responses. Publication of the second discussion draft is expected by summer 2006 and a last call, or final discussion draft, will be produced in the fall of 2006. The final GPLv3 license is expected no later than spring 2007."
Security Brief items An introduction to GNUnetAnonymity and deniability in distributing information are two of the goals of the GNUnet project. Recently revamped to use a new content encoding called Encoding for Censorship-Resistant Sharing (ECRS), GNUnet has released version 0.7.0 with an eye towards a stable version sometime during the next year.At its heart, GNUnet is a mechanism to share content with others without revealing who generated the content or who accessed it. It also provides intermediate nodes in the network with the ability to deny knowledge of the contents of any traffic they forward because they are unable to decrypt it. Anonymity relies on there being a large number of nodes participating in the network, forwarding traffic for each other. The GNUnet protocol attempts to make all traffic look the same, whether it is satisfying a request for information that resides locally or forwarding a request or response from another peer in the network. When traffic is light, GNUnet will delay requests to accumulate enough traffic before sending to other peers making it difficult for external analysis to pin down which peers are communicating and what content is being transferred. Only the requester of content has the key necessary to decrypt the content which provides deniability for intermediate peers. In the default configuration, GNUnet peers automatically migrate content from the node where they were inserted to other peers. In the event that some hostile entity gets control of the node, breaks the encryption and determines the content stored by the node, node operators can plausibly claim that they had no knowledge of or control over the content stored on their node. Once content has been inserted into GNUnet, users can search by keywords to find content of interest. ECRS guarantees that intermediaries cannot see the keyword being searched without guessing the keyword, applying the query hash and comparing the result. Only peers that have content with that keyword (or have guessed it) can generate valid responses. GNUnet depends on content providers generating proper keywords for their content and nothing in the protocols stops malicious peers from generating valid query results for a multitude of keywords. Easy to guess keywords could easily be overwhelmed by bogus results. Namespaces provide resistance to the keyword spamming attack by generating keyword spaces that are cryptographically signed by some entity. That entity generates a public-private key pair (known as a pseudonym) and signs the content. Other users can form opinions about the trustworthiness of content in that namespace and can use that information to further restrict their search. GNUnet tries to eliminate freeloading peers by relying on a trust-based economic model. If a node gets busy and has more requests than it can satisfy based on the amount of CPU and bandwidth its operator has allocated to GNUnet, it will drop requests from peers that it trusts least. Peers gain trust by satisfying query requests and lose trust by requesting content. Because ECRS can determine that a query response is valid without being able to decrypt the content, it resists attempts to gain trust by providing bogus results. Much like other systems designed to promote anonymous speech, some of which were described in an LWN article two years ago, GNUnet suffers from a very slow user experience. Keyword searches can take many minutes to return results and downloading the content often takes a huge amount of time. In addition, the content available with some simple searches left a great deal to be desired. There appears to be very little of consequence available. On the other hand, GNUnet does seem to have some excellent approaches to handling censorship and spamming kinds of attacks that have hampered other approaches to this problem. It seems to provide a very reasonable framework for anonymous content sharing that would be of use to groups that wish to circumvent the policies of authoritarian regimes. Unfortunately, deniability is only likely to work in places that have relatively sane legal systems and there are probably many places in the world where just having GNUnet running on one's machine is enough to be branded as a criminal.
New vulnerabilities centericq: denial of service
eix: insecure temp file
horde: cross site scripting vulnerability
horde3: missing input sanitizing
ipmenu: insecure temp file
zope 2.7: design error
Updated vulnerabilities a2ps: input validation error
bzip2: race condition and infinite loop
chmlib: several vulnerabilities
cpio: directory traversal
cyrus-imapd: buffer overflows
dia: missing input sanitizing
egroupware: multiple vulnerabilities
emacs21: format string vulnerability in "movemail"
enigmail: information disclosure
enscript: arbitrary code execution
ethereal: multiple vulnerabilities
evolution: format string issues
firefox: multiple vulnerabilities
flash-plugin: buffer overflow
Foomatic: Arbitrary command execution in foomatic-rip
FUSE: mtab corruption through fusermount
gaim: buffer overflow
gdb: multiple vulnerabilities
gtk-pixbuf, gtk2: denial of service
gdk-pixbuf: multiple vulnerabilities
gedit: format string vulnerability
gettext: Insecure temporary file handling
grip: buffer overflow
groff: insecure temporary directory
gzip: arbitrary command execution
htdig: cross site scripting
imap: buffer overflow in c-client
inkscape: arbitrary code execution
kdebase: local root vulnerability
kdelibs: kate backup file permission leak
kernel: multiple vulnerabilities
kernel: multiple vulnerabilities
krb5: double-free flaw
libconvert-uulib-perl: arbitrary code execution
libdbi-perl: insecure temporary file
libgadu: memory alignment bug
libgd2: buffer overflows in PNG handling
libnet-ssleay-perl: weakened cryptographic operations
libpam-ldap: authentication bypass
libTIFF: buffer overflow
libungif: memory corruption
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
lynx: arbitrary command execution
Mantis: multiple vulnerabilities
mod_python: remote access vulnerability
mysql: buffer overflow
mysql: low-impact security fix
ncpfs: multiple vulnerabilities
netpbm-free: buffer overflows
nfs-utils: arbitrary code execution
ntp: uses wrong gid
openssh: GSSAPI credential disclosure
openssl: protocol rollback
openvpn: format string vulnerability
pcre3: arbitrary code execution
perl: setuid vulnerabilities
perl: symlink vulnerability
php: multiple vulnerabilities
phpsysinfo: programming errors
postgresql: database initialization errors
Pound: buffer overflow
pstotext: remote execution of arbitrary code
Py2Play: remote execution of arbitrary Python code
scorched3d: multiple vulnerabilities
smb4k: temporary file vulnerability
spamassassin: denial of service
squid: authentication handling
sudo: missing input sanitizing
sudo: race condition
sylpheed: buffer overflow
File overwrite vulnerability in tar and unzip
tcpdump: multiple DoS issues
texinfo: temporary file vulnerability
ucd-snmp: denial of service
uim: privilege escalation
unzip: race condition
up-imapproxy: format string vulnerabilities
util-linux: unintentional grant of privileges by umount
uw-imap: buffer overflow
vixie-cron: crontab allows any user to read another users crontabs
w3c-libwww: possible stack overflow
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xloadimage: buffer overflows
xmail: buffer overflow
xorg-x11: heap overflow
xpdf: buffer overflow
xpdf: denial of service
zlib: buffer overflow
Events The First International Conference on Availability, Reliability and SecurityThe First International Conference on Availability, Reliability and Security (ARES 2006) has issued a second Call For Papers and announced seven workshops that will be held during the conference.
Page editor: Rebecca Sobol Kernel development Brief items Kernel release statusThe current stable 2.6 kernel is 2.6.14.3, released on November 24. This release contains a fair number of patches with important fixes.The current 2.6 prepatch is 2.6.15-rc3, released by Linus on November 28. It consists mostly of fixes, as is appropriate at this stage of the kernel process, but there is also the VM_UNPAGED work discussed on last week's Kernel Page (somewhat reworked by Linus since then). See the long-format changelog for the details. The current -mm tree is 2.6.15-rc3-mm1. Recent changes to -mm include some architecture updates, "trusted computing" BIOS measurement support, an MD update, the dynamic USB ID patch, some memory management tweaks, and a device mapper update.
Kernel development news Future Driver core changesNow that the 2.6.15 kernel is starting to stabilize, and the class device nesting code is looking pretty stable, it is time to start working on the future of the Linux driver core, with regards to the class and device structures. A month ago, I wrote a short summary of what I thought the future was going to look like . In this short article, I'm going to try to explain more about exactly what each of the steps that I described is going to entail.
The future of struct class_deviceEventually, the structure class_device is going to be merged into the device structure, and go away. But as this can not happen all at once, here are the different steps that I see happening to achieve this goal:
After all of these steps are complete, the last few holdouts of the class_device structure can be removed, and replaced with struct device, and then the class device structures and functions can finally be deleted. The main point of this process is that it is going to happen one subsystem at a time, hopefully in such a manner that no users ever notice the difference.
Trees of symlinksAfter the previously mentioned steps have been complete, the /sys/class/ directories will only contain subdirectories of symlinks back to the /sys/device tree. For example, for the 2.6.15 kernel release, the /sys/class/usb_host tree looks like:
/sys/class/usb_host/
|-- usb_host1
| |-- device -> ../../../devices/pci0000:00/0000:00:1d.0
| `-- uevent
|-- usb_host2
| |-- device -> ../../../devices/pci0000:00/0000:00:1d.1
| `-- uevent
|-- usb_host3
| |-- device -> ../../../devices/pci0000:00/0000:00:1d.2
| `-- uevent
`-- usb_host4
|-- device -> ../../../devices/pci0000:00/0000:00:1d.3
`-- uevent
Once the conversion process is done, it will look like this:
/sys/class/usb_host/ |-- usb_host1 -> ../../devices/pci0000:00/0000:00:1d.0/usb_host:usb_host1 |-- usb_host2 -> ../../devices/pci0000:00/0000:00:1d.1/usb_host:usb_host2 |-- usb_host3 -> ../../devices/pci0000:00/0000:00:1d.2/usb_host:usb_host3 `-- usb_host4 -> ../../devices/pci0000:00/0000:00:1d.3/usb_host:usb_host4With the usb_host1 class device moving to: /sys/devices/pci0000:00/0000:00:1d.0/usb_host:usb_host1 |-- device -> ../../0000:00:1d.0 `-- ueventNote how the existing symlink in the device directory that points back to the class device (usb_host:usbhost1 is for the first usb host class device) is now a subdirectory in the device tree. Hopefully this will prevent any userspace program that is relying on the current structure of sysfs from breaking.
kobject/kset/subsystem/attribute dietAs anyone who has tried to understand the tangled web of interlocking pointers and dependencies between the kobject, kset, and subsystem structures and helper functions knows, a lot of work could be done here to make it simpler and easier to use and understand. Along with this, the attribute system of how to create files for kobjects in sysfs is quite complex. Any rework that can be done in this area, while ensuring that all of the current users of these core structures still work properly, will be done. As of this writing, no concrete plans for exactly what needs to be done here have been finalized.
Easier and more APIsThe current driver model is very flexible and powerful. Unfortunately along with this power and flexibility comes the ability to use it in incorrect ways very easily. The driver core does try to warn if somethings are not set up properly (like the lack of a release function), but it is still quite easy to get around these limited checks. So, on the Rusty scale of good kernel api levels, the driver core is very low on the list. Again, like the kset maze, no concrete plans for exactly what will be done in this area have been finalized, but an example of what things might look like would be the current class_device_create() and class_device_destroy() functions. These functions push all of the nasty reference counting logic and class handling code into the driver core, and let the driver author worry about getting their driver specific logic correct. The driver author is no longer forced to become intimate with the driver core inner workings.
Better documentationDue to the complexity of the current driver model code, much better documentation is needed to help developers who do want to use the core functions figure out how things should be done. The documentation that is in the current kernel tree (in Documentation/driver-model/) is woefully out of date. Hopefully the majority of this documentation can be moved to sit next to the driver core code itself, in kerneldoc format, which will help prevent any future changes from going undocumented. Other subsystems have converted over to this format, with very great success, USB being one good example of this.
Out of tree subsystemsAll of these changes will hopefully be done without breaking any userspace utilities (although, there will probably be a few udev updates needed along the way.) Any in-kernel code will be fixed up along the way, preventing any build or usage breakage, and then the unused structures and functions will be removed from the kernel tree. For driver subsystems that live outside of the main kernel tree, this means that their individual authors will have to update them to handle the new changes that are happening, or they can just submit them for inclusion in the main kernel tree, so that their code will be converted for them.
Understanding the Linux Kernel, 3rd Edition![[UTLK cover]](/images/ns/kernel/utlk-cover.gif)
It's official: the third edition of
Understanding the Linux Kernel, by Daniel P. Bovet and Marco Cesati,
is out. Your editor was pleased to receive a copy of this 900-page
monster, delivered by a company which specializes in other sorts of heavy
loads, such as pianos. UTLK 3 was some time in coming, but it is a
welcome arrival.
As one would expect, this version of UTLK covers the 2.6 kernel. Your editor would like to point out to kernel-oriented publishers, however, that simply saying "2.6" is not particularly informative. A wide variety of kernels have come out under the 2.6 name. Readers will want to know which 2.6 kernel is covered by a given book, and they would rather not have to dig for that information. As it turns out, the reader who gets far enough into the introduction will discover that UTLK 3 was written for the 2.6.11 kernel.
Indeed, that is perhaps the key feature which differentiates this book. It is very much a "how it works" book, designed to help people understand the code. It is not, however, a "how to hack it" book like Linux Device Drivers or Linux Kernel Development. It presents kernel functions and data structures, steps the reader through them, but does not, for example, emphasize the rules for using them. UTLK is a study guide, not a programming manual. But it is an effective and useful study guide. It covers a wide range of topics, including memory management, process management, scheduling, signals, the virtual filesystem, timing, the I/O layers, and more. Even with its weight, this book cannot cover everything, however; omitted topics include networking, security (security modules, key management, etc.), specific device drivers, sound, video, the kernel build system, and all of the other architectures supported by Linux. (For what it's worth, O'Reilly is said to have an "understanding the Linux network stack" book in the works now). Certainly, there are things your editor would have done differently. There are some minor technical glitches; for example, the book claims that acquiring a semaphore always involves putting the acquiring process to sleep first, which is very much not the case. The discussion of sleeping starts with sleep_on(), and only later mentions that sleep_on() is not a recommended interface. The discussion of some interesting topics (direct I/O, for example) is overly short. But, as a whole, the book is excellent, and the kernel function index at the end helps to make it a useful reference. There is a space on your editor's "L1 bookshelf" (the one reachable without moving the chair) for UTLK 3.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Architecture-specific
Page editor: Forrest Cook Distributions News and Editorials A New Round of Asian Linux ReleasesIt would appear that, after several years of downturn during which Turbolinux and Hancom Linux nearly went out of business, the Asian Linux distribution scene is once again alive and well. The coordinated effort of Asianux has certainly given it some momentum, but even companies outside the Asianux consortium, such as Turbolinux, have reported profits in recent years. There is also much excitement about popular open source software and Firefox is now about as widespread in Asia as anywhere else - despite the fact that many Asian web sites have historically been coded for Internet Explorer only. And the arrival of SCIM, a universal input method editor for (not only) Asian languages and its convenient way of mixing characters and languages in documents, has meant that Linux is now considered a viable operating system for many companies and individuals across the Asian continent. Red Flag Software, Turbolinux and Haansoft are working hard to exploit this market.China's Red Flag was the first company to release a new distribution based on Asianux 2.0. Its Red Flag Linux 5.0 Workstation was completed last month and made available as a free download from a number of mirrors. The product comes on four CDs of which only the first two are needed for installation, while the remaining discs contain extra software, documentation and development tools. Red Flag Linux 5 supports Chinese (both simplified and traditional), Japanese and Korean, as well as English. The installer, a slightly simplified and re-themed Anaconda, is identical to the one that ships with Asianux. The distribution is largely based on Red Hat Enterprise Linux 4 with a few enhancements and some additional software, but most applications are now fairly outdated for a desktop system. Red Flag 5 boots straight into a KDE 3.3.1 desktop with root as the only user (no provision for creating users is available during installation). Like all recent Red Flag releases, the new version continues in the tradition of tweaking the desktop to resemble Windows 98 as much as possible. It includes a few custom utilities, such as the "Display" dialog, that are amazingly good clones of their Windows counterparts and, as in Windows, they are launched from Konqueror's "CtrlPanel" folder rather than the KDE Control Center. The K-menu is opened by clicking on a button labeled "Start". The system's encoding defaults to UTF-8 and the SCIM input method editor is pre-configured for typing Chinese, Japanese and Korean characters using a number of popular input methods. I was unable to locate any way to update the distribution. There is no apt, yum, up2date or any other mechanism to keep up with security and bug-fix updates and there is no icon in the system tray periodically checking for new software. Also, there seems to be no update directory on any of the Red Flag mirrors. This, together with the distribution defaulting to logging in as root, looks like a serious security omission and I would be reluctant to use a product that makes no effort to ensure that all newly discovered security vulnerabilities are dealt with. Surprisingly, Red Flag 5 comes with no office suite - a rather unusual decision for an operating system designed for workstations. Maybe Red Flag's boxed edition is better populated with useful software, while the free edition is meant as an evaluation product, with several vital components clearly missing. Besides Red Flag, Japan's Turbolinux also announced a new release in late November. Turbolinux 11 "Fuji" is the company's first major release in over two years and, like Red Flag Linux 5, it is also designed for workstations. The company continues in its effort to develop a very user-friendly operating system to entice Windows users, but instead of focusing on cosmetic interface changes, the developers of Turbolinux have included components that many desktop Linux users will appreciate. As an example, the product ships with a licensed Linux edition of PowerDVD. It also includes a third-party emulator for Windows applications from the Philippines-based SpecOps Labs, ATOK Japanese input method editor and a Windows anti-virus tool from Kaspersky Lab. Turbolinux 11 is only available as a retail package in Japan for an equivalent of $145 (a basic edition excluding the proprietary components sells for about a third of that price), but an international edition is planned for release early next year. Another Asian workstation product, currently in early development, is Haansoft Linux 2006. Scheduled for final release in March 2006, the first beta of the product was made available to beta testers earlier this week. Although Haansoft is a member of the Asianux consortium and its installer is just a re-themed Anaconda from Asianux 2.0, its application set is much more up-to-date than the one in Red Flag Linux 5. The first beta of version 2006 includes Linux kernel 2.6.14, KDE 3.5.0, GNOME 2.12.1, Firefox 1.5, and GCC 4.0.2. It also comes with "Haansoft Updater" in the form of a flashing system tray icon. Although the first beta is still somewhat buggy, this is an promising product that will further solidify Haansoft's position as the most prominent Linux company in Korea. Based on the three new product releases, it is clear that the Asian Linux scene is alive and kicking. Recent reports from China indicate that adoption of Linux in business and awareness of open source software among the country's population are on the increase. In a country whose government maintains strict censorship over the Internet and prevents its citizens from viewing web sites that it deems objectionable, it is refreshing to see a growing number of technology web sites, such as the Slashdot-like Solidot.org, informing about open source software and allowing readers to exchange information freely. While Linux adoption levels in Asia might still be low, interest in open source software is very much on the rise.
New Releases Announcing Fedora Core 5 Test1Red Hat has announced the release of Fedora Core 5 Test1. Some of the new features include a modular version of X.org, better Asian language support, a 2.6.15-rc1-git3 kernel, recent versions of GCC, GNOME, and KDE, Java improvements, 1600 "Extras" packages, and installer changes.
Distribution News Fedora Core 3 Status UpdateThe Fedora Steering Committee will be shifting the support of Fedora Core 3 to the Fedora Legacy project at the release of Fedora Core 5 test 2. This is currently scheduled for December 23, 2005.
Debian bug squashing can be rewardingOpen Source Press is offering a reward to the top bug squashers. "We are announcing a bug squashing period, starting now, and ending 14 Dec 2005, 11:59 CET. Squashing a bug gets you a certain number of points (depending mostly on triviality and severity). At the end of the three weeks, the 25 bug squashers with the highest score shall receive a copy of [Martin Krafft's] book, The Debian System, donated by the publisher. If this turns out to be a success, we'll lather-rinse-repeat sometime soon." Click below for the rules and procedures.
A Graphical Installer for DebianFrans Pop has sent out a status report for the Debian graphical installer. Volunteer help is needed. "As you may have noticed in Joey Hess' release announcement for D-I Etch-beta1, Debian at last has a graphical installer (currently in alpha release) based on gtk+-directfb. The graphical installer is currently available for Intel x86, AMD64 and PowerPC architectures; others are expected to follow. A huge amount of work has been done over the past 3 months or so to get it to its present state and we are very happy with its current stability and usability."
Debian unstable: possible freetype transitionSteve Langasek reports that libfreetype is likely to undergo a library transition in the near future, as part of the improved library handling needed for all C/C++ packages. "There are currently 583 packages in unstable which depend on the libfreetype6 package. That means that if this transition happens today, it will be bigger than the KDE transition was; it will be bigger than the OpenSSL 0.9.8 transition was (469 binary packages in unstable depend on either libssl0.9.8 or libssl0.9.7 today)."
Debian xlibs-dev TransitionThe switch to a modular Xorg is nearly done now. During that transition the old xlibs-dev package became a metapackage that depended on all the libraries that it used to contain. "The xlibs-dev package will be going away soon though. It makes no sense to keep this package around now that sarge is out. Furthermore, this package really won't make any sense to keep around when we move to the fully modular tree, which is a major goal for the X Strike Force for the etch release."
Ubuntu libstdc++ allocator changeThe Ubuntu archive (main and universe) has been unavailable for some part of this week due to the libstdc++ allocator change. "The change will remove the *mt_alloc* symbols defined in some libraries, just by recompiling with a new compiler package. Therefore the package names of these libraries have to be changed again. The list of libraries is attached below."
Ubuntu meeting minutesThe first Desktop Team Meeting was held on November 25, 2005. "We soon agreed, that the team needed more organisation, more publicity and more information on what we do and how it is done. 'seb128 does GNOME all alone' is the public observation we want to change. Oliver stated, that one problem is that people tend to think that main packages are "out of their reach"." Also the next meeting has been scheduled for December 16, 2005.Matt Zimmerman has provided a summary of the November 29 meeting of the Ubuntu Technical Board. "There was a brief discussion about how to deal with candidates who had proposed themselves in Launchpad but not yet attended a meeting. Many of these candidates had not been seen in the MOTU community at all. Daniel Holbach volunteered to contact them and explain the process of joining the team."
Debconf6 Call for Papers reminderDebconf6 may not be until May 2006, but the deadline for submitting a proposal is December 6, 2006. "If you have a good idea for a talk but think you're not the best person to give it, please let us know and we'll try to find a qualified, able speaker for your topic. Alternatively, if you have an idea for both a topic and who'll present it for you, try to get them to register."
Call for volunteers, Debian-Edu in FranceRaphaël Hertzog has a report from the Educ@tice show in Paris. "The good news is that almost all education-specific distributions are now based on Debian. The sad news is that most of their work is not reintegrated in Debian and as such there's a bit of duplication of effort. That's why we need several (french-speaking) Debian Developers..."
Unofficial FAQ Update: 2005-11-29The great big Unofficial Fedora FAQ has been updated with new translations, new questions, better Java instructions, and more.
OpenPKG Registry launchedOpenPKG has announced a shift in focus from the requirements of a single predominant sponsor towards the needs of a highly distributed and diverse community. "Everything available from the OpenPKG project is a free and open offering and remains this way, of course. Additionally, since years it was also possible to grab all of the OpenPKG offerings anonymously. In order to receive information about the community this anonymous access now is no longer provided for accessing the full range of OpenPKG offerings. From now on only the latest OpenPKG-RELEASE (without updates) is accessible anonymously."
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for November 29, 2005 covers Debconf6 CFP, bug squashing, the possible Freetype Library transition, improved binary NMU handling, configuration file handling, versioned dependencies, virtual Sarge servers, and several other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of November 28, 2005 covers a call for comments on deprecating xsupplicant, FOSS.IN in Bangalore, Bonenkai in Yokohama and more.
DistroWatch WeeklyThe DistroWatch Weekly for November 28, 2005 is out. "The first test release of Fedora Core 5 and a final release of PCLinuxOS 0.92 were responsible for much excitement during the past week; we'll take a brief look at both these new products. Is Libranet GNU/Linux history? It would appear so, based on an informal announcement by Libranet's Tal Danzig. Also in this issue: a new "ideologically-pure" Ubuntu derivative, KNOPPIX seeks graphics artists, and a quick look at the new KDE 3.5 expected later this week. Our featured distribution of the week is DesktopBSD, a surprisingly intuitive and user-friendly FreeBSD derivative."
Package updates Fedora updatesFedora Core 4 updates: file (upgrade to file-4.16), mysql (update to MySQL 4.1.15), selinux-policy-strict (bug fixes), selinux-policy-targeted (bug fixes), rsh (bug fixes), cpio (write_out_header rewritten), system-config-bind (bug fix), gcc (update from SVN), libtool (rebuilt with GCC 4.0.2), apr (rebuild for new gcc), mc (update from CVS).Fedora Core 3 updates: logwatch (fix a bug that causes data loss), selinux-policy-targeted (bug fixes), mc (update from CVS).
Trustix Secure Linux updatesTSL has a bug fix advisory out for samba, tftp-hpa and iptables.
Newsletters and articles of interest New Book Explains Debian Structure And Philosophy (News.com)News.com reviews The Debian System: Concepts and Techniques by Martin F. Krafft. "Krafft introduces the system's concepts and analyzes the techniques that comprise the Debian Way of system administration and explains why Debian developers have chosen certain approaches to development that differ from other Linux distributions."
Mandriva Linux Free now available for download (DesktopLinux)DesktopLinux takes a quick look at the freely available ISOs for Mandriva Linux 2006 Free. "Mandriva Linux 2006 Free is a complete and comprehensive Linux distribution consisting entirely of free and open source software. It is freely downloadable and redistributable by anyone. The newest version of the company's flagship product merges "pioneer technologies" from Conectiva and Lycoris, as well as spanning for the first time a one-year release cycle, the company said."
Desktop Linux for small business (ZDNet UK)ZDNet UK compares five leading desktop Linux distributions to determine which will better serve small businesses. "We emerged from our Linux experience with a strong preference for Ubuntu Linux 5.10, with SUSE Linux 10 a close second. Both did everything we required of them, and both have very low setup costs. Ubuntu, in particular, costs absolutely nothing to purchase."
Libranet's long goodbye (NewsForge)NewsForge covers the probable end of Libranet. " "Basically the operation is shutting down." With these words, Tal Danzig, the owner and technical lead for the Libranet distribution, quietly announced in his blog on November 25 the news that users had been dreading ever since his announcement two months ago that the distribution was "restructuring." Danzig did not rule out the possibility of reviving the distribution after his return in February 2006 from a three-month trip to Israel. Yet, for now, the announcement seems to mark the end of one of the oldest and best-loved Debian-based distributions."
'Deb-A-Day' is back at a new location! (DebianPlanet)DebianPlanet introduces the new and improved Debian Package A Day site.
Distribution reviews Test drive: EnGarde Secure Linux (Linux.com)Linux.com reviews EnGarde Secure Linux. "EnGarde Secure Linux is a server-based distribution developed with security in mind. It comes with a minimal set of services so that the server is not unnecessarily exposed, and no superfluous software -- including no X Window-based window manager. Even compilers, such as GCC, are not included. Yet EnGarde enables you to run any sort of Web presence, from a simple mail server to a complete e-commerce site. EnGarde's hardware requirements are modest. The developers recommend a system with at least a Pentium class processor, with 32MB of RAM or greater, a hard drive of 2GB, and one PCI network interface card."
PCLOS .92 - It just works (TuxMachines)TuxMachines reviews PCLinuxOS 0.92. "As PCLOS evolved, it's appearance has too. This release has a significantly different look than previously. This time we have a minimal background on the two major desktops, a pretty but understated windec and a new quad-colored logo. The cute penguins and cuddly polar bears are gone. We are now presented with a more mature, grown-up PCLOS. The new logo/theme creates an esoteric atmosphere of faint familiarity easing the transition to Linux from Windows."
A first look at Debian's GUI installer (Linux.com)Linux.com reviews Debian's new GUI installer. "Debian's GUI installer is a front-end for the Debian installer itself, and right now it is not available for all of Debian's platforms. Sarge, for example, is available for x86, PowerPC, Alpha, Itanium, MIPS, S/390, SPARC, and other platforms. Etch may support fewer, or different, platforms, but it's still likely to be available for more than just x86, PowerPC, and AMD64, which are the platforms that receive the most attention from other distributions, and the ones for which test images of the GUI installer are available. I tested the x86 installer."
Linspire Review: Part two (News.com)News.com continues a review of Linspire. "As most of you already know, Linspire uses a tool called CNR to install and uninstall software. CNR offers Linspire users the ability for ease of installation and more importantly, ease of discovery. Yes, the one thing that CNR has going for it is that it is like having Downloads.com built into your OS. For a newer computer user, this is a wonderful thing indeed. Unfortunately, uninstalling software is not nearly as intuitive as the installation."
Page editor: Rebecca Sobol Development The status of the GNU Fortran projectFortran is one of the oldest programming languages. With its roots back to the 1950s at the scientific community, the language has evolved heavily over half a century. The evolution of Fortran reflects the changes in the computing industry. In the 1950s computers were programmed in machine language, and translating mathematical formulas into machine language was indeed difficult. The system for FORmula TRANslation was developed.Today, Fortran is primarily used by scientists and engineers. There is a wide variety of free and non-free scientific software written in Fortran. A lot of the free Fortran software comes from University professors. Just as important, a number of small software companies develop and sell software for limited or specialized market segments. Examples of such software is the quantum chemistry package Gaussian 03 and Adina, the Finite Element System for Structures, Heat Transfer, and CFD. In the UNIXes of the 1980s, the most common variant of Fortran was Fortran-77. At AT&T Bell Laboratories the free translator f2c was developed. Translation from Fortran-77 to ISO C required a large runtime library in order to compile the resulting C code. Later, a front-end for GCC, the GNU C compiler (now GNU Compiler Collection) was developed using the same runtime library. The GNU Fortran 77 (g77) team, lead by James Craig Burley, stopped development after it was determined that g77 was sufficient to meet the requirements of its users. The front-end is still included in the GNU Compiler Collection prior to version 4. It is available at the g77 Legacy Site. In year 2000, a new Fortran project entered the GNU scene - GNU Fortran 95 (G95). The goal of the G95 project is to implement the Fortran variant or standard from 1995 (ISO/IEC 1539:1997). Currently, no bugs are known! With the release of version 4 of GCC in April, 2005, Fortran 95 was included as one of the new languages. In GCC 4, the Fortran 95 language is fully implemented. A valid Fortran 95 program should compile, while an invalid Fortran 95 will be rejected. GFortran uses the Tree-SSA middle of GCC, and therefore the same back-end (or code generators) and by that, GFortran is supported on a large number of architectures. But there exists a number of issues with the front-end including a need for better error messages. Fortran has a large number of intrinsic functions. These functions are defined in the specification of the language, they are not implemented as a library subroutine as you might see in languages like C and C++. Examples of Intrinsic functions include the performing of averages of elements in an array and calculating dot products between two vectors/arrays. The set of I/O intrinsic functions is still limited. Most programs do not use the advanced I/O intrinsics, and these programs will work perfectly. Software that uses advanced I/O intrinsics might prove to be challenging to implement. As of this writing, a large number of free software packages can be compiled using GFortran. Of course, most of the available packages are related to the scientific and engineering fields. One of the nice things about GFortran programs is that you can suspend them during runtime. When the program receives a QUIT signal, a core dump will be generated. Later, you can restart the program from this core dump. This is a useful feature when your software reaches the CPU limit, this tends to be something that is tightly enforced in supercomputing centers around the world. Even though the documentation is extensive, it might not be up to date with the latest releases of GFortran. Most of the development in the GFortran project is focused on implementing new intrinsics and optimizing the implementation of the existing intrinsics. The web pages related to GFortran are not well maintained. If you're looking for a non-technical role in a free software project, here's your chance to make a contribution.
System Applications Database Software Firebird Future DevelopmentFirebird database project coordinator Dmitry Yemanov presents a project roadmap for upcoming Firebird development. ""What then?", - you ask. I'd describe Firebird 2.0 as "the version which removes the annoying limits". Sounds not so modest, I know. Let me explain better. No doubt that Firebird has a nice multi-generational architecture and a rich SQL language, an embedded usage and a good performance. But I'm sure almost everyone stepped on some internal limitations that worried or even shocked you."
PostgreSQL Weekly NewsThe November 27, 2005 edition of the PostgreSQL Weekly News is online with new PostgreSQL database articles and resources.
phpPgAdmin 4.0.1 ReleasedVersion 4.0.1 of phpPgAdmin, a web-based administration tool for PostgreSQL, has been announced. "A new point release of phpPgAdmin is now available that fixes some significant issues in phpPgAdmin 4.0. In particular, all issues related to non-English languages have been fixed."
Embedded Systems Optimizing Embedded or small Linux systemsMichael Opdenacker has announced a free presentation on optimizing the speed, memory, power consumption, and cost of embedded Linux systems. "At last! You completed the implementation of your embedded Linux system. It functions as specified. Your boss cheers up and you start to taste champagne in your month. However, it turns out that it doesn't boot fast enough, its interface or its response time are too slow, its files are too big and do not leave enough space for user files, or it consumes too much power. You could fix these issues by using a faster processor, more storage or a bigger battery, but this would make your system heat too much or exceed its cost requirements."
Interoperability Multiple Network Interfaces with SambaSamba Team member Tim Potter illustrates the use of Samba with multiple network interfaces. "Server and workstation machines that are running Samba often have multiple network interfaces. Sometimes it may not be prudent to allow Samba to be accessed over all network interfaces. This article describes the smb.conf parameters used to restrict Samba to only use particular network interfaces, and how to test this is actually working using some Unix command line tools."
Libraries LTI-Lib 1.9.15 available (SourceForge)Version 1.9.15 of LTI-Lib, an object oriented computer vision library, is available, it features an important bug fix.
Networking Tools BitTorrent 4.2.0 ReleasedVersion 4.2.0 of BitTorrent, a system for distributing uploads and downloads, is out with bug fixes. See the change log for details.
Web Site Development Mod_python 3.2.5b releasedVersion 3.2.5b of Mod_python, the Apache web server module for the Python language, is out. See the online manual for the latest change information.
Wiki 0.5.0 released (SourceForge)Version 0.5.0 of Wiki for phpWebSite is available. "The new 0.5.0 release adds many new features: Option to format wiki page names before displaying, Ability to switch off certain menu items, Added discussion feature (Comments module required), and Template changes to give theme developers greater flexibility."
Document Modeling with Bricolage (O'Reilly)David Wheeler applies Bricolage to the task of document modeling on O'Reilly. "Previous Perl.com articles have reviewed where Bricolage fits into the universe of content management systems and worked through Bricolage installation and Bricolage configuration. Now it's time to go through the steps required to model the structure of an existing web page in Bricolage. Part of the motivation for the redesign of the Bricolage website last summer was to create good examples of document types and templates for use in Bricolage itself. You can take advantage of that work by analyzing a page on the current Bricolage site to determine how to break it down into its basic elements."
Desktop Applications Audio Applications Audacity 1.2.4 and 1.3.0 ReleasedVersions 1.2.4 and 1.3.0 of Audacity, an easy to use multi-tracking sound recorder/editor with VU meters, is out. "Audacity 1.2.4 is a new stable version of Audacity. It includes a couple of bug fixes and minor improvements and is recommended for all users. Audacity 1.3.0 is a beta release that contains hundreds of new features, but this version is unfinished and unstable, and is recommended primarily for advanced users. You can install both Audacity 1.2 and 1.3 simultaneously."
jack_capture v0.0.1The initial release of jack_capture is available for use with the Jack Audio Connection Kit. "jack_capture is a small simple program to capture whatever sound is going out to your speakers into a file. This is the program I always wanted to have for jack, but no one made. So here it is."
QjackCtl 0.2.19a fix releasedRelease 0.2.19a of QjackCtl, a GUI controller for the Jack Audio Connection Kit, is out. "Just to let you know about this small-fix release on QjackCtl, that only affects the MIDI connections (re)nomenclature: - ALSA sequencer client/port name aliases are functional again; all actual MIDI sequencer client/port numerical identifier prefixes are also back in business. Apparentely, this has been missed for quite a while, almost since 0.2.16. Only noticed this late week, thanks to Domenico Culturato."
Rivendell v0.9.61 announcedVersion 0.9.61 of Rivendell, a radio automation system, is out with bug fixes and usability improvements.
Business Applications phpBMS v0.61 Released (SourceForge)Version 0.61 of phpBMS has been announced. "phpBMS is a PHP, MySQL based billing, scheduling, and client management system. Features include PDF generation for printing, mass e-mailing to clients, repeatable task and event handling, and quote/order/invoice tracking. The package has undergone many bug fixes and several enchancements including the ability to attach external files to product, client or invoice records."
Data Visualization Grace 5.1.19 releasedVersion 5.1.19 of Grace, a WYSIWYG 2D plotting tool for the X Window System, has been announced. "This is a maintenance release of the 5.1 series; an upgrade is recommended."
Desktop Environments GARNOME 2.13.2 announcedVersion 2.13.2 of GARNOME, the bleeding edge GNOME distribution is out. "A lot has changed since the last unstable release. This release includes all of GNOME 2.13.2 plus a few updates that were released after the freeze date for GNOME 2.13.2. As of this release, the GARNOME project will be hosted on the GNOME servers, being more tightly integrated with the GNOME infrastructure."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
K Desktop Environment 3.5 ReleasedThe KDE Project has announced a new release of the K Desktop Environment. "Stephan Kulow, KDE Release Coordinator, said: "The improvements made in the past year show how mature the KDE Project is. KDE is the most powerful desktop environment and development platform in the market. With huge changes expected in KDE 4, our next release, KDE 3.5 should provide users with the perfect productivity platform for the next couple of years."" Click below for the full announcement.
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Electronics New OpenCollector ReleasesThe latest new electronics software on OpenCollector.org includes asco 0.3.10, a SPICE circuit optimizer with an emphasis on mobile communications devices, and Icarus Verilog 20051127, a Verilog simulation and synthesis tool.
Games new WorldForge releasesThe latest releases from the WorldForge game project include Sear 0.6.0, Cyphesis 0.5.4, internationalization of the WorldForge Update Tool, and more.
GUI Packages Imendio AB announces the GTK+ on Mac OS X port project (GnomeDesktop)GnomeDesktop covers the release of GTK+ on the Mac OS X platform. "The GIMP toolkit (GTK+) matures to include yet another platform. This project aims to bring native GTK+ support to the Apple Mac OS X platform. The basic implementation is sponsored by Imendio AB and the work so far has been done by Anders Carlsson (of Imendio). This project means that another critical step is taken in the effort to spread this very successful library collection to all commonly used platforms."
Imaging Applications Comix 2.1 released (SourceForge)Version 2.1 of Comix, an image viewer for comic books, is out. "Version 2.1 contains a lot of changes. No big stuff really, but it's all about the details isn't it?"
Tux Paint 0.9.15 releasedVersion 0.9.15 of Tux Paint, a drawing program for children, is out. "The new release introduces new "Magic" drawing tools, including a smudge tool, brushes that draw grass and bricks, and a brush that turns realistic images into cartoons. Tux Paint 0.9.15 also offers a number of improvements on previous versions, including updates to the "Text" and "Stamp" tool interfaces, improvements to the color palette, and support for a wider range of display sizes -- from 640x480 to 1600x1200."
Interoperability Wine Weekly NewsletterIssue #299 of the Wine Weekly Newsletter is out with the latest Wine project news. Read about the release of Wine 0.9.2 and other topics.
Medical Applications MirrorMed Announcement (LinuxMedNews)The MirrorMed medical record system has been launched. "MirrorMed is a friendly fork of the ClearHealth project. MirrorMed will use essentially the same codebase but will have a totally separate support structure, available from SynSeer."
RSS Software Hacking eBay: Turning Email Alerts into Atom (O'Reilly)Bob DuCharme uses Atom to process eBay email in an O'Reilly article. "From our geeky perspective, Atom and RSS seem to be sweeping through the internet, changing the way people and systems get notified about events. From a broader perspective, though, they've got a long way to go we all have plenty of computer-literate friends who've never heard of either. This means that plenty of opportunities remain to improve systems and applications using RSS or Atom. (Because Atom is the latest and greatest in the history of RSS formats, with endorsements from key representatives of the earlier formats, I'm going to focus on using Atom, but the basic ideas here would work for any flavor of RSS.)"
Science Open Babel 2.0.0 Released (SourceForge)Version 2.0.0 of Open Babel, a chemistry file translation program and chemistry software library, is out. "Highlights of the 2.0 release include a new conversion framework making it easier to develop new translators, dramatically improved support for merging, splitting, and batch conversion, a framework for molecular fingerprints, similarity searching, a fast molecular database format, support for Perl and Python scripting "wrappers," automatic support for reading .gz (gzip) compressed files, support for the new IUPAC/NIST InChI identifiers and more."
Web Browsers Mozilla Firefox 1.5 Released (MozillaZine)MozillaZine reports that the final release of Mozilla Firefox 1.5 is now available for download from GetFirefox.com (or a mirror site) for most major operating systems. See the release notes for additional details.
Galeon 2.0.0 Released (GnomeDesktop)GnomeDesktop.org covers the release of version 2.0.0 of Galeon, a small web browser. "A Security Device Manager button was added in the security preferences. The delete key works in the Personal Data Manager. Support was added for multimedia keyboard keys like Back and Forward. Other bugs were fixed."
mplayerplug-in version 3.16 releasedVersion 3.16 of mplayerplug-in, a browser plugin that uses mplayer to play digital media from websites, is out. "Version 3.16 fixes some translations and improves stability".
Languages and Tools Caml Caml Weekly NewsThe November 29, 2005 edition of the Caml Weekly News is online with the weekly collection of Caml language articles.
Haskell Haskell Weekly NewsThe November 22, 2005 edition of the Haskell Weekly News is online with the latest Haskell news. Topics covered this week include new records, a first-person shooter written in Haskell, new release of Haskell Server Pages, and future directions for GHC.
Haskell Weekly NewsThe November 29, 2005 edition of the Haskell Weekly News is online with the latest Haskell news. Topics covered this week include monads in other languages, GHC 6.6 progress, and darcs repositories over P2P networks.
Haskell Communities and Activities ReportThe ninth edition of the Haskell Communities and Activities Report has been released. Take a look for the latest from the Haskell community.
Java Escaping the Java TrapMark Wielaard has published his Java Roadmap, A practical road map to the Free Software and Open Source alternatives. "For the last couple of years the community has been working to ensure that developers can create applications using the java programming language without having to depend on proprietary software. Today, the free (as in libre) implementations are already very capable and support a vast amount of functionality that developers expect from a java-like environment. Important large applications like JOnAS, OpenOffice.org 2, Eclipse 3 and Tomcat 5 are known to work. This document provides a road map of the various projects; how they work together, where they are, where they're going, and how we make sure that they work well and are compatible." Thanks to David A. Wheeler.
Lisp SBCL 0.9.7 releasedVersion 0.9.7 of SBCL (Steel Bank Common Lisp) has been released. "This version provides better disassembly of SSE instructions for x86-64, optimizations and bug fixes."
PHP Code Generation with Elisp (O'ReillyNet)Zachary Kessin works with PHP from Elisp. "There's plenty of near-repetition in software development; writing very similar code over and over again. Stop copying, pasting, and modifying, and start automating the process! Zachary Kessin shows how to use Emacs Lisp to generate useful and reusable database-access code for PHP."
Perl YAPC::NA::2005 Conference Proceedings are now availableThe conference proceedings from the YAPC::NA::2005 Perl conference are available as ISO files for CD and DVD media. "You can now re-live the excitement from YAPC::NA::2005 because the Toronto Perl Mongers, YAPC, and me, are happy to finally announce the availability of the proceedings from YAPC::NA::2005 held in Toronto. It contains HTML navigation pages, biographies, presentation slides, audio and video recordings of the presentations and candid photos from the daytime and nighttime activities."
PHP PHP 5.1.1 ReleasedVersion 5.1.1 of PHP has been announced. "This is a regression correction release aimed at addressing several issues introduced by PHP 5.1.0". See the change log file for more information.
Python Urwid 0.8.10 curses-based UI library for PythonVersion 0.8.10 of Urwid, a curses-based UI library for Python, is out. "This release includes three new tutorial chapters as well as a big pile of bug fixes."
Dr. Dobb's Python-URL!The November 26, 2005 edition of Dr. Dobb's Python-URL! is online with the latest Python articles and resources.
python-dev SummaryThe November 1-15, 2005 edition of the python-dev Summary is online with coverage of activity on the python-dev mailing list.
Ruby Ruby Weekly NewsThe November 27, 2005 edition of the Ruby Weekly News looks at the latest discussions from the ruby-talk mailing list.
IDEs Eclipse Checkstyle Plugin 4.0.0 final released (SourceForge)Version 4.0.0 of the Eclipse Checkstyle Plug-in has been announced. "The Eclipse Checkstyle Plug-in integrates the famous Checkstyle into Eclipse. With the plug-in your code is constantly inspected, supporting the developer with immediate feedback. Never before was it this easy for developers to obey coding guidelines. The Eclipse Checkstyle Plug-in provides a mighty but easy to use editor to create Checkstyle configuration files and gives great control how to deploy your corporate coding guidelines. This release contains some huge improvements over its predecessor - in usability, compatibility and feature wise."
Profilers Valgrind 3.1.0 is availableVersion 3.1.0 of Valgrind, a suite of simulation based debugging and profiling tools, is out. "3.1.0 improves on 3.0.0 in three major areas. AMD64 support is much improved, with transparent interworking of 32- and 64-bit executables. 32-bit PowerPC is now officially supported and is eminently usable. Finally, memory management for all platforms has been overhauled, allowing larger programs to run successfully. There have been many other improvements and bug-fixes relative to the 3.0.X line."
Version Control monotone 0.24 releasedVersion 0.24 of monotone, a distributed version control system, is out. "The highlight of this release is the movement of keys to ~/.monotone/keys (on Unix, OS X) or %APPDATA%\monotone\keys (on Win32). A number of other changes have been made; in particular, when upgrading, beware that "monotone serve" has had a change to its command line syntax, and that on Win32 monotone now expects its configuration file to be named %APPDATA%\monotone\monotonerc."
Subversion 1.3.0 Release Candidate 4 releasedSubversion 1.3.0 Release Candidate 4 is available, it features many new features and bug fixes. "This is the first public Release Candidate for Subversion 1.3.0, as problems were found with the previous three release candidates before they were made publicly available."
Miscellaneous Modern Memory Management, Part 2 (O'ReillyNet)Howard Feldman discusses memory management issues in part two of an O'Reilly series. "Modern Unix-like operating systems have their own characteristics for allocating and using memory. Howard Feldman explains how modern programming languages use memory, why this matters, and how to avoid memory and resource leaks."
Page editor: Forrest Cook Linux in the news Recommended Reading Microsoft, the "Vienna Conclusions," and the UN World Summit (Heise Online)Heise Online covers the "Vienna Conclusions" drawn up for the UN's World Summit on the Information Society (WSIS). "The Vienna Conclusions drawn up for the UN's World Summit on the Information Society WSIS) were presented in an edited version in Tunis: Digital Rights Management was inserted where "free software" used to be. It turned out that these changes were made at the request of Thomas Lutz, a member of the management board at Microsoft Austria, and ÖVP representative Carina Felzmann, who also heads a PR and lobbying firm. The Chancellor of Austria published the text presented in Tunis. His office has yet to react to a query in this matter that heise online placed last Sunday." FSFE representation Georg Greve has written about his experience at WSIS in posts dated November 16, November 22 and another on DRM promotion also from November 22.
Oregon city builds a reputation as a hub for software revolution (Christian Science Monitor)The Christian Science Monitor notes that Oregon has become an open source hub. "Too many cooks may spoil the broth, but too many programmers just makes software better. For a multibillion-dollar company that's spent decades protecting its code with the rigor of Fort Knox, that's a radical notion. But open source is fast gaining converts, shattering traditional business models, and, in the process, transforming Portland into one of the world's open source hubs." (Thanks to Duncan)
Overhaul of Linux License Could Have Broad Impact (New York Times)The New York Times looks at the GPL v3. "The process will also be closely watched for how the new G.P.L. will take account of software patents, which have exploded among proprietary software developers since 1991, the last time the license was revised."
Trade Shows and Conferences Italian Linux Day 2005: A smashing success (NewsForge)Marco Fioretti covers the 2005 Italian Linux Day event. "If you're ever put in charge of organizing a Linux Day, you might also want to copy the following trick: Don't burn and give away just CDs of GNU/Linux distributions or GPL software for Windows. Make available on CD all the free documentation and copyleft music you can find. The volunteers at the CD stand told me that such collections went even faster than the software discs."
Help judge the Codie Awards (NewsForge)NewsForge covers the Software & Information Industry Association Codie Awards. "This year, as every year, the Best Open Source Solution category is woefully under-represented, for procedural reasons that the organization could and should fix. But you can help pick the winner. One problem SIIA has with its Best Open Source Solution category is that it costs developers a minimum of $275 to register their product for the judging. While this may be a drop in the bucket for large corporations, it can be significant for single-developer shops that rely on voluntary individual contributions."
XML 2005: Tipping Sacred Cows (O'Reilly)Micah Dubinko covers the XML 2005 conference on O'Reilly. "Overall, the conference was less about fireworks and controversy and more about thoughtful contemplation of a maturing technology. Perusing the schedule-at-a-glance, one thing that jumps out is the sheer breadth of topics. XML is everywhere: thesauri and higher education, calendaring, health care and pharma, applications and modeling, hazardous waste management and emergency alerting protocols, financial services, and even artificial intelligence."
Companies Microsoft ECMA/ISO move could give Office formats new lease on life (ZDNet)ZDNet's David Berlind looks at Microsoft's move toward establishing its Office XML Reference Schema as an ISO standard. "The announcement is very significant With so many companies behind ODF, things could eventually swing in ODF's favor. to any discourse taking place in any organization over the merits of Microsoft's file format versus that OASIS-stewarded OpenDocument Format (ODF) which, until yesterday's announcement, was the more freely deployable of the two by third party developers (particularly open source developers)."Groklaw also looks at the issue, comparing the Microsoft covenant to Sun's ODF covenant. "Andy Updegrove has already posted a comparison with Sun's recent covenant, and as you will see, Microsoft's comes up short in the comparison."
Format Comparison Between ODF and MS XML (Groklaw)Groklaw is running a technical comparison of ODF and MS XML. "Alex Hudson, J. David Eisenberg, Bruce D'Arcus and Daniel Carrera of the OpenDocument Fellowship have provide this article for us, comparing OpenDocument Format and Microsoft's new MS XML format technically, not legally. Groklaw will be doing that separately, but this article addresses interoperability. That is the point of XML, after all, is it not?"
MySQL AB to counter Oracle buy of Innobase (InfoWorld)InfoWorld reports that MySQL is looking for alternatives to the InnoDB engine, now that Innobase is owned by Oracle. "The first question asked of MySQL AB co-founder David Axmark was about how the Oracle deal would affect MySQL's database software. Axmark said the storage engine is 'pluggable,' meaning other storage engines can be substituted instead. He said the code for InnoDB is under the GPL (General Public License), so 'the code is always out there. It will always be out there.'" The article completely misses the effect on MySQL's business model, though.
Red Hat designates its top priority projects (NewsForge)NewsForge looks at Red Hat's corporate plans. "Red Hat's plans for the next two years call for the company to fund and develop several projects of interest to the Linux community. They company set out its top priorities for 2006 and 2007 in a press release detailing its plans to further fund and support free software projects, including SystemTap and OProfile, as well as develop virtualization and stateless Linux technologies for Red Hat Enterprise Linux (RHEL)."
Business Linux servers post strong growth in Q3 (TG Daily)TG Daily reports that the growth of Linux server sales outpaced Windows growth during the third quarter of 2005. "According to IDC, Linux systems posted a year-over-year revenue growth of 34.3 percent and a gain in unit shipments of 20.5 percent. Windows servers increased their revenues by 17.7 percent and unit numbers by 15.3 percent. However, quarterly factory revenue of $4.6 billion for Windows servers represented the largest single segment - 36.8 percent - of the server market for the first time, IDC said."
Linux Adoption Desktop Linux Aims for the Big Time (eWeek)eWeek looks at the latest moves in Linux desktop adoption. "Linux desktops have always faced an uphill battle against Windows desktops. Now, OSDL is calling together architects from over two dozen key desktop-oriented Linux projects to a Dec. 1-2 meeting at its headquarters to set strategic directions and standards, and find synergy amongst Desktop Linux organizations."
Linux at Work Open source gives South African farmers a leg-up (Tektonic)Tektonic examines the South African Digital Doorways project. The project provides network access terminals to rural areas using open-source software. "Soobramani comments: "People's perception of Linux and open source is that everything is command-based, text-based. Our pilot projects are meant to address that perception. Our core function as the department of agriculture is to deliver agricultural services to the community. So we use these Digital Doorways in the rural areas to assist farmers. If they want share prices, market information, agricultural information, they can use the kiosks to find it. And it's working.""
Legal GPLv3 Guidelines Released (Groklaw)Groklaw looks at the guidelines for revising the GPL v3. "The guidelines for revising the GPL have been released. This isn't the first draft; it's the explanation of how the process is going to work. You can get a copy by registering at their site. The benefit of doing it that way is that you then will receive future information as it becomes available. But I'm making it available here [PDF] also, to spread the information widely."
Resources The Daemon, the GNU and the Penguin - Ch. 22 (Groklaw)Groklaw presents chapter 22 of the online book The Daemon, the GNU and the Penguin by Dr. Peter Salus. This chapter is titled: "Yet More Penguins".
Building an Open-Source House (Linux Journal)Doc Searls talks about his dream home on Linux Journal. "A ventilated utility room will be our (Linux, of course) server room. I will also have computers in my wife's office, my office and probably elsewhere. I'll also want multiple Wi-Fi access points. The Cat5e running everywhere will help with that."
Nine principles of security architecture (NewsForge)NewsForge gives an overview of some recommended security procedures that every systems administrator should use. "Security architecture is a new concept to many computer users. Users are aware of security threats such as viruses, worms, spyware, and other malware. They have heard of, and most use, anti-virus programs and firewalls. Many use intrusion detection. Architectural security, though, remains a mystery to most computer users."
Build a Home Terabyte Backup System Using Linux (Linux Journal)Linux Journal builds a terabyte-sized backup server. "High-capacity disk drives are now widely available at prices that are incredibly cheap compared to those of only a few years ago. In addition, with so many Linux users now ripping CDs to disk, saving images from their digital cameras and recording video using digital camcorders and DVRs, such as MythTV, the need for backing up and archiving large amounts of data is becoming critical. Losing pictures and videos of your kids--or your audio music library--because of a disk crash would be a catastrophe. Fortunately, a high-capacity, Linux-based backup server can be built easily and cheaply using inexpensive disk drives and free software."
Linux-Vserver on Debian Sarge (HowtoForge)HowtoForge shows how to set up a Debian-based virtual server system. "Linux-VServer allows you to create virtual private servers and security contexts which operate like a normal Linux server, but allow many independent servers to be run simultaneously in one box at full speed. All services, such as ssh, mail, Web, and databases, can be started on such a VPS, without modification, just like on any real server. Each virtual server has its own user account database and root password and doesn't interfere with other virtual servers."
Reviews Linux Desktop Keeps Getting Better with KDE 3.5 (eWeek)eWeek reviews KDE 3.5. "KDE 3.5's many improvements start with the interface itself. The Kicker, KDE's desktop application-launcher menu bar, has been greatly improved. It now allows users to add applets to the bar. Users also can set the Kicker and pager, which enable users to switch from one virtual desktop to another, to display in one of three modes: elegant, classic and transparency."
Review: Firefox 1.5 and Thunderbird 1.5 (NewsForge)NewsForge has a review of Firefox 1.5 and the soon to be released Thunderbird 1.5. "There are some new features in Firefox and Thunderbird 1.5 that are supposed to make it easier to develop extensions. The first is a simplified way of registering Chrome user interface elements. Firefox and Thunderbird title bars, menu bars, and other UI elements outside the content area (i.e., everything but the Web page) are examples of Chrome. There are also improvements in dealing with extensions, which is good for developers and users. The new releases do better at dealing with incompatible extensions."
Simplifying backups (Linux.com)Nathan Willis reviews sbackup, a Google Summer of Code project that aims to simplify the backup procedure. Currently, sbackup copies backup information to local or remote filesystems, support for removable media is being worked on. "Most computer users don't make use of a system backup tool until after they suffer the misfortunes of a hard drive crash without one. But even then, many find backup software too complicated to configure, and there seems to be little in between creating CD or DVD archives by hand and overpowered network backup systems designed for the enterprise. The Simple Backup Suite (sbackup) is a tool for configuring regular backups of system data and simplifying full and partial recoveries."
Higher Order Perl: A Book Review (Linux Journal)Linux Journal has a review of Higher Order Perl by Mark Jason Dominus. "A significant number of Perl programmers have their origins in system administration. They began their careers writing code in C, awk and other languages. As a result, many continue to write their Perl programs as if they are writing the code in C. The goal of HOP is to teach experienced Perl programmers the features that separate Perl from other programming languages and how to put them to good use. As Dominus states, "Perl is much better at being Perl than it is at being a slow version of C.""
Miscellaneous Free60 Project Aims for Linux on Xbox 360 (Slashdot)Slashdot mentions the new Free60 Project. "BlueMoon writes "The Free60 Project wiki and developers mailinglist has been launched. The project aims to port open source operating systems like GNU/Linux and Darwin to the Microsoft Xbox 360 gaming console."
XBox 360: A harbinger of the PC lockdown to come? (ZDNet)ZDNet's David Berlind examines some of the obstacles put into Microsoft's XBox 360 game platform to thwart reverse engineering efforts. "According to Engadget, the Free60 project has developed a list of barriers to hacking Linux onto Microsoft's XBox 360s that reads like an art thief's list of obstacles to stealing the Mona Lisa. At first glance, a story about how the XBox could be hackproof may appear to you to be irrelevant if you're reading this blog (Between the Lines, "The blog for discriminating IT buyers"). But when I read the list, I noticed how reminiscent the architecture is of the PC of the future".
Felten: Fun with Sony MediaMaxJ. Alex Halderman has posted another look at Sony's MediaMax DRM, which is still being shipped on Sony CDs. "MediaMax phones home whenever you play a protected CD, automatically installs over 12 MB of software before even displaying an End User License Agreement, and fails to include an uninstaller." Even more fun is its tendency to install itself even when the user declines the EULA, though that has the look of a bug rather than malice.
Page editor: Forrest Cook Announcements Non-Commercial announcements FFII a force for the future, says new presidentThe FFII General Assembly has unanimously elected a new president, Pieter Hintjens, to lead the organization into 2006. "Pieter Hintjens is the 43-year old founder and MD of iMatix Corporation, a Belgian software firm. He has been active in the debate against software patents, explaining to the European Patent Office and the European Parliament why software and business process patents are so deadly for small innovative firms that are the life-blood of Europe's innovation. He brings to the FFII his considerable experience both in the business domain and the technical domain."
FSFE files application for leave to intervene in Microsoft antitrust suitThe FSFE has announced the filing of an application for leave to intervene. "The Free Software Foundation Europe (FSFE) today filed an application for leave to intervene in the antitrust suit against Microsoft. Georg Greve, President of FSFE said: "The more Microsoft is able to purchase its opponents' solidarity, the more important FSFE's commitment to freedom and interoperability is.""
A genuine open-standard formatThe OpenOffice.org project has sent out a press release that concerns the adoption of the Open Document Format. "OpenOffice.org believes that the demand for a genuine open-standard format for office documents is overwhelming. Users of office software are coming to realise that their real investment lies not in the software itself, but in the spreadsheets, databases, and wordprocessing documents which they have created: their own intellectual property. The only way to guarantee access to this investment long term is for the data to be stored in a vendor- neutral, open-standard format. Microsoft's announcement on Monday, 21 Nov., that it recognises the market pressure for open-standard data formats is a welcome development. But why opt for a new standard?"
Experts dispute effectiveness of open-source patent poolsNosoftwarepatents.com has put together a round-up of comments on the effectiveness of open-source patent pools. "Analysts, community leaders and campaigners comment skeptically on the Open Invention Network and the OSDL Patent Commons -- "Those announcements don't put us closer to a real solution, but even further away""
WorldForge Celebrates its 7th AnniversaryThe WorldForge game project has announced its seventh anniversary. "Seven years down the line the hard working members of the project have persevered through trolls, skeptics, changes of leadership, slashdotting and worse to create over one million lines of code and nearly four gigabytes of media." A demo of the development game Mason is now available.
Commercial announcements Adaptec Announces Enhanced GuardianOSAdaptec has announced an enhanced version of its GuardianOS. "Adaptec, Inc. a global leader in storage solutions, today announced version 4.0 of its award-winning, Linux-based GuardianOST operating system that comes standard on its Snap Server network attached storage (NAS) solutions. GuardianOS is a unified software platform that combines cross-platform file sharing with block-level data access on a single network storage device to provide a simple and flexible data storage solution ideal for departments, remote offices, and small/medium distributed enterprises worldwide."
Autodesk Open-Sources Web Mapping SoftwareAutodesk, Inc. has announced the release of its MapServer Enterprise under the GNU Lesser General Public License (LGPL). "As a sign of its support for the growing momentum behind open source web mapping technologies, Autodesk, Inc. (Nasdaq: ADSK) today announced the company is releasing the code for MapServer Enterprise, the company's new web mapping platform, as open source."
Bizgres MPP - Public Beta 2Greenplum has announced a new version of Bizgres MPP Beta, a parallel DBMS application. Free downloads are available. "If you are currently using a database larger than 100GB for data mining/decision support or business intelligence and are having performance challenges, Bizgres MPP can help you get your work done faster with less effort. MPP is not a solution for speeding OLTP throughput, but excels at processing queries that use large amounts of data."
LaCie and Mandriva Introduce GlobeTrotter 2.0Mandriva and LaCie have introduced a mobile USB hard drive pre-loaded with a specially tuned version of the Mandriva Linux operating system: the GlobeTrotter2.0 in 40GB or 80GB. "GlobeTrotter is perfect for those with serious capacity and power needs. Unlike CD-R's and USB keys that only store data, or laptops that are heavy and expensive, the GlobeTrotter offers a complete work environment in one cost-effective, lightweight package. Simply plug the GlobeTrotter into the USB port of a host PC and turn it on. Hardware on the host computer is automatically detected but is not modified in any way. When the job is done, GlobeTrotter can be taken to a different workstation with up to 80GB a user's data including applications and personal settings."
LinuxForce Wins Aker Philadelphia Shipyard ContractLinuxForce has announced a new contract with Aker Philadelphia Shipyard. "Aker Philadelphia Shipyard, formerly known as Kvaerner Philadelphia Shipyard, and LinuxForce, a leading technology services provider specializing in the development, implementation, management and support of Linux-based systems, have signed a long-term services agreement wherein LinuxForce will monitor and maintain a number of GNU/Linux systems for Aker."
LPI appoints new President and CEOThe Linux Professional Institute (LPI) has announced that LPI Board member, Jim Lacey, has been appointed President and Chief Executive Officer of the organization.
Sleepycat Software Releases New Version of Berkeley DBSleepycat Software, Inc. has announced the release of Berkeley DB version 4.4. "A number of new replication features and efficiency improvements have been added in response to customer demand. Berkeley DB now supports in-memory replication, client-to-client replication, controls for throttling and delaying synchronization and master election speed-ups. Additional feature additions include online Btree compaction and disk reclamation, abandoned lock removal, automated recovery serialization and a hot backup utility."
SSH Tectia Introduces Seamless OpenSSH CompatibilitySSH Communications Security Corp. has announced improved interoperability between the commercial SSH Tectia and OpenSSH. "Both SSH Tectia and OpenSSH are based on the Secure Shell version 2 (SSH2) protocol specifications, originally developed by SSH Communications Security and standardized by the IETF. However, OpenSSH deviates from the standards in its SCP (Secure Copy Protocol) implementation. SSH Tectia Client and Server now incorporate a compatibility mode for OpenSSH SCP, which still uses the old Secure Shell version 1 (SSH1). In addition, the new SSH Tectia product versions will support the OpenSSH public-key file format, eliminating the need for manual key conversions."
Terra Soft Assists Colsa to Gain 15 of Top500.orgTerra Soft Solutions worked with COLSA to improve the performance of an Apple Xserve G5 cluster. The system reached the 15th highest rating in the Top500.org benchmark. "Terra Soft's David Smith worked on-site with COLSA engineers for three days in order to prepare a multi-tier system first for rapid node replication and secondly to maximize system performance. Significant gains were recognized with their combined efforts: the Top500.org benchmark, Linpack, achieved 16.18 Tflops on the Xserve, vaulting it to the 15th fastest computer in the world."
TimeSys Introduces LinuxLink Subscriptions for new Freescale ProcessorsTimeSys has announced the availability of LinuxLink Subscriptions for the Freescale's ColdFire(R) MCF547x and MCF548x Processor Families. "LinuxLink Subscriptions Include Hundreds of Cross-Compiled Applications, Latest Linux from Freescale, Continuous Updates, Developer Exchange Community Access and Tools for Customizing Linux".
VMware announces VMware Workstation 5.5VMware, Inc. has announced the availability of its VMware Workstation 5.5 desktop virtualization software. "With VMware Workstation, enterprises are able to create a library of virtual machines for 32-bit and 64-bit x86 operating systems, including Linux, NetWare, Solaris x86 and Windows, that replicate production environments. These virtual machines can then be rapidly provisioned and used, making it possible for developers and testers to spend more time developing and testing software and less time configuring and managing their required environments."
New Books C++ Cookbook - O'Reilly's Latest ReleaseO'Reilly has published the book C++ Cookbook by D. Ryan Stephens, Christopher Diggins, Jonathan Turkanis, and Jeff Cogswell.
O'Reilly publishes Digital Asset Management for PhotographersO'Reilly has published The DAM Book: Digital Asset Management for Photographers by Peter Krogh.
Practical Perforce - O'Reilly's Latest ReleaseO'Reilly has published the book Practical Perforce by Laura Wingerd.
Understanding the Linux Kernel, Third Edition - O'Reilly's Newest ReleaseO'Reilly has published the book Understanding the Linux Kernel, Third Edition by Daniel P. Bovet and Marco Cesati.
Virtualization with VMware ESX Server - latest from SyngressSyngress has published the book Virtualization with VMware ESX Server by Al Muller and Seburn Wilson.
Upcoming Events Call for Location of aKademy 2006 (KDE.News)A Call for Location has been posted for the aKademy 2006 conference. "The next annual central meeting of the KDE community, aKademy 2006, is looking for a location. The event consists of the general assembly of the KDE e.V., a KDE developer conference and a multi-day hacking session. The main goal of the event will be to shape the upcoming new major step of the K Desktop Environment, KDE 4. If you are interested in hosting this large and exciting free software event, please consider to submit a proposal to the board of the KDE e.V. which will act as a co-host."
Audio, Video and Arts Miniconf at linux.conf.auAn Audio, Video & Arts Miniconf will be held at the 2006 linux.conf.au event in Dunedin, New Zealand. Abstracts are being accepted until December 19.
CFP: IEEE Web Services (ICWS 2006)A call for papers has gone out for the 2006 IEEE International Conference on Web Services. The event will take place in Chicago, IL on September 18-22, 2006. Submissions are due by January 16.
International Free Software Forum call for papersThe submission deadline for the International Free Software Forum (fisl7.0) is approaching. Lecture proposals are due on December 4th. fisl7.0 will take place from April 19th to 22nd, 2006, in Porto Alegre/RS/Brazil.
Linux Installfest workshops in DavisThe Linux Users' Group of Davis will hold another free Linux Installfest in Davis, CA on December 3.
LinuxWorld On Tour 2006, CanadaLinuxWorld On Tour 2006 will be held in Montreal, Ottawa, Calgary, and Vancouver through the month of May, 2006. "LinuxWorld on Tour Conference & Expo 2006 is Canada's first Open source Road Show, providing an excellent mix of technical and business decision makers in four (4) leading technology cities in Canada."
List of PyCon 2006 Talks are onlineA list of talks to be presented at PyCon 2006 has been published.
Umeet Virtual Meeting - DecemberThe next Umeet Virtual Meeting will be held from December 9-20, 2005 online.
Events: December 1, 2005 - January 26, 2006
Page editor: Forrest Cook Letters to the editor The end of USENET
On the grand scale, I'm a relative newcomer to the wonder of USENET. When I first started looking for a news feed, I heard the popular misconception that USENET is just a repository for spammers, useless for anything beyond binaries, and a breeding ground for trolls. That didn't stop me from checking it out just the same, and what I found was rather pleasant. To begin with, USENET has its share of spam. No place online is free of it these days. However, the presence of spam on USENET tells me one thing for certain: "People use USENET". Spammers are by no means incompetent; they do not waste their time sending their messages places they aren't going to find many people. Thus when you see spam on USENET, it is almost always in large binary newsgroups which may be visited by thousands if not millions of people each day. Text- only newsgroups are remarkably devoid of spam. I see perhaps one spam message in the half dozen newsgroups I regularly read every two or three weeks at worst. As a medium for intelligent discussion, USENET still ranks head and shoulders above other popular discussion venues such as IRC and web forums, and is on par with mailing lists. Unlike web forums and IRC channels, USENET discussions tend to be in greater depth on difficult issues. A day spent on USENET typically reveals something you might not have considered before. Besides the perpetual vi vs. emacs holy wars (go vi!), one can find discussions about setting up udev rules for specific hotplug USB devices, techniques for cross-compiling OSS for another architecture, or the minimum size of an LED (all discussions I've seen this week). The depth and breadth of knowledge found on USENET simply can't be found anywhere else. Many ISPs are dropping support for USENET because it's too expensive to maintain the push delivery system for so few people that use it, but that hardly equates to the death of USENET. If a smaller market means death, IBM should have been dead years ago, Apple has one foot in the grave, Slackware is a zombie, and BSD is a ghost. Of course all of these are successful with a smaller piece of their respective "markets" and USENET is really no different. What you've seen is not the death of USENET, but the marginalization of it. USENET is not a place the hoi poloi go to discuss the latest pop star's love affair with the latest movie star, and thank God it isn't! USENET is moving away from a technology used by the masses to a technology used for the discussion of technical topics. As a relative newcomer to USENET, I cannot say with any personal experience that early USENET was predominately dominated by technical discussion. However, I do believe that is the direction it is moving. This means the future for USENET is bright as a discussion medium for all sorts of intellectual pursuits. Those people who want USENET can easily get it whether their ISP delivers it as a free service or not. The success of paid NNTP offerings like news.individual.net (which only offers access text newsgroups) are proof positive that USENET will continue to flourish. Additionally, USENET has become a medium for anonymous exchange of binaries due to the recent attacks on P2P software. Most of these binaries are of course, copyrighted material that is being distributed illegally. While I do not condone such actions, I also realize that enough people out there use them to keep USENET alive for a long time to come, even if only as a paid service. Feel free to publish this in the "Letters to the Editor" page if you wish. I felt like my thoughts were too large to put as a comment attached to the story. -- It is better to hear the rebuke of the wise, Than for a man to hear the song of fools. Ecclesiastes 7:5
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Alan Cox]](/images/ns/people/AlanCox-FOSS.in2005-sm.jpg)
Alan Cox's opening talk on participation focused on nuts and bolts - how
people can participate in the community. There are plenty of reasons for
wanting to be a part of the process, according to Alan. Helping a free
software project can be a way to learn skills, explore ideas and their
implementations, have fun, create employment opportunities, and work for
social good. Writing code is the first and foremost way of participating,
and Alan dispensed a fair amount of advice on how that is best done. But
he also took time to point out the many other ways to help, most of which
do not require programming skills. These range from reporting bugs
through writing documentation, translations and localization, creating
artwork, and helping to maintain the infrastructure needed by free software
projects. Localization was pointed out as an area in constant need of
work. India has a long list of languages to translate into, and the
Indians are the only ones who are well positioned to get that work done.
![[Danese Cooper]](/images/ns/people/DaneseCooper-FOSS.IN2005-sm.jpg)
Danese Cooper continued the participation theme with a talk on "gorilla
tactics." A gorilla, in her terminology, is somebody who stands up for
what is right and helps to push free software forward. Being a gorilla can
hurt sometimes, but it is worth it.
![[Screenshot]](/images/ns/grumpy/rhythmbox-sm.png)
![[Screenshot]](/images/ns/grumpy/banshee-sm.png)
![[Screenshot]](/images/ns/grumpy/quodlibet-sm.png)
![[Screenshot]](/images/ns/grumpy/amarok2-sm.png)
![[UTLK figure]](/images/ns/kernel/utlk-figure-sm.png)