LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in Business
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for June 13, 2002SELinux and patentsSELinux is a distribution produced by the U.S. National Security Agency. It is based on the Linux Security Module architecture (which is not yet part of the 2.5 kernel). SELinux provides a whole set of mandatory access control features to protect parts of the system from each other. There is no "root" user in SELinux. Even if a server process is compromised, it is highly limited in the damage it can do to the rest of the system.According to the license page, SELinux is freely distributable under the terms of the GPL. It looks like a high-quality and useful contribution to the Linux community. There is a potential problem, however. Much of the actual work in the implementation of SELinux was done by Secure Computing Corporation (SCC). SCC, in its implementation of SELinux, used a technology that it calls type enforcement. As it turns out, SCC has a patent on this technology. Concerns over the type enforcement patent are not new - they were first raised back in 2000. At that time, SCC put up an SELinux FAQ stating:
Question 6: Will SCC use its patent on Type Enforcement TM to
restrict use, future development, derivative work, or release of the
source code of the system?
There will be no restrictions on the use of TE by the Linux open source community.... We will release source code for all the modifications to the existing kernel and for a general-purpose security policy engine under the GPL. Recently, this page has been removed from the SCC web site - a move which should be of concern to anybody who is relying on web-based promises about access to patented technology. For now, the cached copy on Google is still available, though. Grab a copy while you can - web-posted promises can be ephemeral things. More recently, in a conversation on the Linux Security Module list, an SCC employee made a rather different statement:
SELinux includes Type Enforcement technology developed and patented
by the Secure Computing Corporation, who still holds rights to all
commercial use of the technology. Before a colo company, or anyone
else uses the technology commercially, it will be necessary to
negotiate a license with Secure Computing. If anyone wants to do
so, I can help get the ball rolling with our Legal and BD folks.
This, of course, puts a damper on many possible uses of SELinux, as well as negating any claims of GPL licensing. Projects which have used some of the SELinux code, such as the Debian SE effort, are having to reconsider. It would appear that SCC has not really decided what its policy is going to be; a message has been posted stating:
We would like to set the record straight with a clear statement,
and we will do that soon. However, we want to avoid creating more
confusion, so we are going to take a little time to reflect before
we respond. My initial response was intended to let people know
that the licensing issues have not yet been resolved.
So, SCC may eventually do the right thing (from the free software community's point of view) and preserve the free licensing of SELinux. (This cause will probably not be helped by sending inflammatory mail, by the way). Either way, this situation shows, yet another time, the sort of threat that software patents pose to free software.
Deersoft announces its existenceA press release hit the wires on June 12: a new company called "Deersoft" was announcing existence as a spam-fighting company. Deersoft, as it turns out, is an attempt to commercialize SpamAssassin, a highly effective, free spam filtering system.SpamAssassin is certainly a good base to start with. We first started using it here at LWN some months ago; as one might imagine, LWN's public email addresses get substantial amounts of spam. SpamAssassin filters out the vast majority of that spam (though, we notice, its hit rate has fallen a little recently) with almost no false positives. The SpamAssassin developers have provided us a real service. Deersoft is following a reasonably common strategy for companies built around a free software package: offer a value-added, proprietary version of the program. In this case, Deersoft is selling "SpamAssassin Pro," which brings SpamAssassin's capabilities to Microsoft Outlook. A 30-day demo version can be downloaded from the company's web site. The idea of charging Outlook users as a way of supporting SpamAssassin development has a certain appeal. There is, however, a considerable list of contributors who were, it seems, not asked whether it was permissible to distribute their code under a proprietary license. SpamAssassin is licensed under the Artistic License, which is a little vague on just when this sort of distribution is allowed. LWN has talked with a couple of people who have contributed code to SpamAssassin; they recognize the significant role that Deersoft principal Craig Hughes has taken in SpamAssassin development and seem to not begrudge the use of their contributions in this manner. One hopes that development of the free version of SpamAssassin will continue. The press release makes encouraging noises in that regard:
Craig Hughes makes his ongoing dedication to the open software
community clear, "Deersoft is committed to supporting the open
source community, and is pleased to announce the release today of
SpamAssassin(TM) 2.3.0."
The lack of an actual 2.3.0 release on SpamAssassin.org as of this writing, one presumes, is just the result of some last-minute delays. Free software companies have had a hard time since the bubble burst; it really is harder to make money when the code is freely available. SpamAssassin is a great counterexample to the often-made claim that free software can only imitate, not innovate. Wouldn't it be nice if it also helped provide a good example of a successful business built around free software?
The Alexis de Tocqueville Institution reportThe report issued by the Alexis de Tocqueville Institution has been extensively covered elsewhere. For those who may have missed it, here are the core points:
There are persistent claims that this report was directly funded by Microsoft, though nothing has been demonstrated in any definitive way. For the curious, this PoliTech posting documents many of the (numerous) past ties between Microsoft and the Institution. (See also: this point-by-point rebuttal to the report by Leon Brooks).
Security Brief items Security through obsolescence (Register)Robin Miller considers the virtues of mature software.
Here's an interesting way to secure an Internet-connected computer against
intruders: Make sure the operating system and software it runs are so old
that current hacking tools won't work on it.
An interesting read.
The New Debian Security Build InfrastructureWoody release manager Anthony Towns shares some information about the new security infrastructure. This new infrastructure is a critical component of the woody release.
Super-Secure Linux, Inch by Inch (Wired)Wired News covers the National Security Agency's Security-Enhanced linux (SElinux). "NSA's Wagner says that SELinux's adoption rate "has exceeded our original expectations. This release has also caused developers of non-Linux systems to consider incorporating similar controls based upon our earlier prototypes.""If you haven't seem it already, this week's LWN.net leading item is about SELinux and patents.
Complex Linux virus warning (vnunet)Vnunet covers cross-platform viruses, which might be able to infect Linux systems. "Although the virus was not the first of its kind to infect both Windows and Linux machines, it apparently moved virus-writing techniques "yet another step up the scale of complexity"."
New viruses aim to cross multi platforms (ZDNet)Robert Lemos worries that although the Simile.D cross-platform virus isn't much of a threat,the techniques it uses may be bad news. Simile.D is one of the few, so far, viruses with the "ability to jump from Windows to Linux and back again."
Support discontinued for SuSE 6.4After Monday, June 17 2002, SuSE will will not provide security fixes for SuSE Linux 6.4 any more. With SuSE 8.0 in release, the announcement isn't a surprise.
Security reports Security Advisory For Versions of Bugzilla 2.14 Prior To 2.14.2, 2.16 Prior To 2.16rc2The Bugzilla team has issued a security advisory encouaging all Bugzilla installations to upgrade to the latest versions of Bugzilla released Jun 8th, 2002, 2.14.2 and 2.16rc2. " Various security issues of varying importance have been fixed in Bugzilla 2.14.2. Most of these were fixed already in 2.16rc1, a few were not."
Remote vulnerability in Mozilla 1.0Tom Vogt has reported a frustratring problem with Mozilla 1.0 and earlier. A maliciously crafted stylesheet can cause the X server to crash or consume memory until stopped with a kill -9. Either way, it takes the desktop with it when it goes.
CBMS: XSS and SQL Injection holesUlf Harnhammar reports that CBMS "is littered with XSS (Cross-site Scripting) and SQL Injection holes."
CBMS is a full featured client/billing system designed from the ground up to cater specifically to hosting providers. The softwares is a PHP script package which uses MySQL. Notable features include automated invoicing, client search, multiple customizable packages for clients and a client viewable real time invoice.
CGIscript.net - csNews.cgi has multiple vulnerabilitiesSteve Gustin has reported multiple vulnerabilities in the csNews.cgi script from CGIscript.net "Contact vendor for updated version, only allow completely trusted users to access the application, disable access to .style and *db files through Apache .htaccess files."
AlienForm2 CGI script arbitrary file read/write vulnerabilityNick Cleaton reports that the AlienForm2 form to email gateway has a flaw which, subject to file permissions, allows an attacker to read and modify "any file on the server." A suggested fix is included.
Format string vulnerabilities in mmmail and mmftpdGuillaume Pelat has reported format string vulnerabilities in mmmail 0.0.13 and mmftpd 0.0.7. Updated versions which fix both problems are available. Mmmail supplies SMTP and POP3 daemons using MySQ and other features. Mmftpd is a secure FTP server
New vulnerabilities Ethereal buffer overflow, infinite loop and memory management vulnerabilities
LPRng accepts jobs from any host.
Updated vulnerabilities Heap corruption vulnerability in at
Denial of service vulnerability in version 9 of BIND
DHCP remotely exploitable format string vulnerability
Ethereal packet handling vulnerabilities
Remotely-exploitable buffer overflow vulnerability in fetchmail
GNU fileutils race condition
Ghostscript arbitrary command execution vulnerability
Buffer overflow problem in glibc
Buffer overflow in groff
UW imapd remotely exploitable buffer overflow
Problem loading untrusted images in imlib
Cross-site scripting vulnerability in Horde/IMP 2.2.7 and 3.0
Mailman 2.0.11 fixes two cross-site scripting vulnerabilities
Mozilla XMLHttpRequest file disclosure vulnerability
String format bug in pam_ldap logging
OpenSSH 3.2.2 fixes multiple vulnerabilities
UTF8 interaction bug in the perl-Digest-MD5 module
Remotely exploitable vulnerability in pine
Sharutils potential privilege escalation using uudecode
Malformed NFS packet buffer overflow vulnerability in tcpdump
Multiple vulnerabilities in tcpdump
Multiple vendor telnetd vulnerability
Multiple vulnerabilities in SNMP implementations
Uucp authentication agent, in.uucdp, bad string termination
webalizer: reverse DNS buffer overflow vulnerability
Webmin/Usermin vulnerabilities
Problems with libgtop_daemon
xchat IC server based dns query vulnerability
zlib corrupts malloc data structures via double free
Resources Using tcpserver with Mandrake Linux (MandrakeSecure.net )Tcpserver is a secure replacement for inetd. This article is of interest to anyone who wants to use tcpserver on Linux allthough the it is, of course, specific to Mandrake Linux.
Linux Security Week and Advisory WatchThe June 10th Linux Security Week and June 7th Linux Advisory Watch Newsletters from LinuxSecurity.com are available.
Pine 4.44 privacy patchA patch is available for Pine 4.44 that closes user name and id leaks due to automatic header line insertion. The patch is intended for use by "help desks and other role accounts."
Next Generation Secure Remote Log Servers over TCP (LinuxSecurity.com)Eric "Loki" Hines has written a "Comprehensive Guide to Building Encrypted, Secure Remote Syslog-ng Servers with the Snort Intrusion Detection System."
Events HiverCon 2002 AnnouncementHiverCon 2002 is scheduled for 26 and 27 November, 2002 in Dublin Ireland. The call for papers closes 6 September 2002.
Black Hat 2002 Speakers AnnouncedThe event is being held 31 July through 1 August 2002 in Las Vegas, Nevada, USA. " Richard Clarke, Special Advisor to President Bush for Cyberspace Security, will be one of the keynotes headlining the event."
Upcoming Security Events
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.
Page editor: Dennis Tenney Kernel development Current kernel release statusThe current development kernel is 2.5.21, which was announced by Linus on June 8. Changes include a big S/390 patch, a number of networking fixups, more kernel build changes (see last week's LWN Kernel Page), more driver model work, an NTFS update, some USB updates, and more. The long format changelog is available for those wanting the details.Note that the IDE reworking process left a bug in 2.5.21 which can, apparently, send "format" commands to IDE drives. Said commands do not actually get run - nobody's drive has actually been formatted. But this is a good reminder that development kernels can always be a little hazardous, especially when fundamental layers (like IDE) are in a state of constant flux. Linus's in-progress 2.5.22 patch (in BitKeeper) includes a big X86-64 update, a fix for a potential X86 security bug, an ACPI update, a new set of VFS and block device cleanups from Alexander Viro, a number of fixes for problems found by the Stanford Checker (see below), more IDE reworking, another set of kbuild fixes (not from kbuild-2.5), and more. The latest prepatch from Dave Jones is 2.5.20-dj4; it brings in some fixes from the 2.4.19-pre series and the new CPU "frequency scaling" code ("Handle with care, still experimental"). The current 2.5 kernel status summary from Guillaume Boissiere was posted on June 12. The current stable kernel remains 2.4.18. There have been no 2.4.19 prepatches or -ac patches released in the last week. For followers of ancient kernels, David Weinehall has released 2.0.40-rc5, the fifth 2.0.40 release candidate.
The return of the Stanford CheckerWe first looked at the "Stanford Checker" back in March, 2001. The Checker is a system built on top of gcc which analyzes large amounts of source code and looks for obscure errors. In the past, it has been responsible for many kernel bug fixes. The Checker team has been quiet for a while; now, perhaps with the end of the academic year, the group has returned with a new set of error reports.So what has the checker group found this time?
The Checker code itself remains unreleased, unfortunately. The Checker group does the kernel a great service by performing this testing and passing on the problems for fixing. But there are no end of other development projects out there that could benefit from this code. One can only hope that, someday, the Checker code will be more widely available.
DMA, small buffers, and cache incoherenceRoland Dreier reported on an interesting class of bugs which can affect drivers on some architectures. This particular source of subtle bugs is worth a look as an example of how hard it can be to really make things work on modern hardware.All modern systems, of course, employ one or more levels of cache in the processor to cut down on slow accesses to main memory. One challenge with in-processor caching has always been to avoid doing the wrong thing when something other than the processor changes memory. On SMP systems, for example, any processor can write anywhere in memory, and the other processors have to adjust immediately. For that reason, SMP systems have elaborate schemes for moving "ownership" of cached data between processors. This "cache line bouncing" is effective but expensive; modern operating system kernels try to minimize the need for such bouncing. Another possible source of cache confusion is DMA I/O. Peripheral devices doing DMA can change memory directly and leave the processor cache in an incorrect state. Some processors (i.e. the x86) have a coherent cache which notices changes made by peripherals and automatically updates itself. Other processors have incoherent caches which can be fooled by DMA I/O operations. The Linux DMA support code has been very carefully written to hide cache coherence issues from driver code. If you use the primitives provided and follow the rules regarding processor access to DMA buffers, you will not be bitten by cache problems. The DMA code takes care of invalidating cache contents as needed so that caches never contain incorrect copies of main memory. That is the idea, anyway. Roland has found a situation where this protection does not quite work. Consider a driver which is using a structure like this:
struct iostruct {
...
int ifield;
char dma_buffer[SMALL_SIZE];
...
};
If this structure is allocated properly (with kmalloc, for example), then using the dma_buffer field in DMA operations is a legal thing to do. The problem is that other fields in the structure (such as ifield in the example above) may share a cache line with part of the buffer. Consider, then, a sequence of things that can happen:
At this point, the data in the processor cache does not match what is in memory. If the driver accesses the data in dma_buffer, it may well find old data that was in memory before the I/O operation took place. If the driver changes ifield, the processor could write back the (incorrect) cache data, corrupting the data in main memory. If the kernel simply invalidates the cache again at the end of the operation, it could lose changes made to ifield. There really is no correct thing to do at this point. The only way to deal with this problem is to not let it happen in the first place. A number of possibilities are being considered. One way, suggested by Roland, is to create a __dma_buffer attribute which can be used in the declaration of small buffers; on non-cache-coherent systems, this attribute would force the size and alignment of the buffer such that it would not share cache lines with any other data. Another approach is to require that all DMA buffers be allocated separately; the kernel memory allocation primitives already ensure that even the smallest buffers are properly aligned and padded. Yet another approach could be to simply disable caching for the page(s) in question while the operation is in progress; most architectures support this in their page tables. This approach could create performance problems, however (if the page in question has heavily-used data), and it could be complex. David Miller, who wrote much of the current DMA code, has a different approach. He thinks that this kind of subtle cache issue is a trap for driver writers that should be simply avoided altogether. Rather than come up with new ways of working around incoherent caches, it's better to just change the rules and tell driver writers to allocate their small DMA buffers using the "PCI pool" interface. This interface, which was added in 2.4.4, was designed for just this purpose: allocating small buffers for DMA. Rather than make driver writers deal with this sort of cache coherence issue - and watch some of them get it wrong, David would bury it in the PCI pool code. While no real resolution has been proclaimed, this last option appears to be the likely outcome.
A new way of ordering kernel initializationThe Linux kernel is made up of a very large number of mostly independent modules. In general, these modules can be linked together and initialized (at boot time) in any order. There are cases, however, where initialization order matters. The memory management system generally needs to be set up early in the process, filesystems generally need a functioning block system to be ready first, etc. Some years ago, initialization order was handled with a big set of explicit calls in a single source file. This big file inhibited modularization and created a clash point for patches, and it was (mostly) eliminated some time ago.The current scheme involves marking initialization functions with variants of the initcall attribute. At link time, these functions are marshalled together into a special section of the kernel executable; the kernel finds them there at boot time and calls them all. As an added bonus, the initialization calls can generally be flushed out of memory once initialization is complete. This scheme is far more modular and easy to maintain, but the initialization order problem remains. In recent times that problem has been handled through a combination of hardwired calls and variants on the initcall macro. So, subsystems whose initialization calls are marked with core_initcall are initialized before those using, say, fs_initcall. These macros give a coarse solution to the problem, but initialization order problems can still show up. Now Rusty Russell has posted a new mechanism which allows kernel hackers to make initialization dependencies explicit. If driver1 must be set up before driver2 can be initialized, driver2 can simply mark its initialization call as:
initcall (driver2_init, driver2, init_after(driver1));
There is also an init_before marker, of course, along with
init_as_part_of for complicated subsystems. A new
build_initcalls script has the job of sorting out the dependencies
and creating an ordered list at kernel build time. The patch looks simple
and straightforward; initialization order problems could soon be a thing of
the past.
Patches and updates The LWN.net kernel patch tickerSince it was easy to do with the new site: there is now a new page where you can see the latest kernel patches as they get fed into our system. It is currently just an unorganized stream. We would like to hear if this feature is useful to anybody; if so, we may develop it further.
Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Kernel building
Networking
Architecture-specific
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Something DifferentThis is difficult column for me. While it may not be my last, in some ways I hope that it is. You see, after just over 3 years with LWN.net, I find myself looking for gainful employment.Gainful? With all credit to the fine folks that have donated to LWN.net, it has not been enough to pay salaries. Now my financial situation demands that I find an income, even if it means leaving LWN. I may still be around in some capacity or another, after all, I'm a vice-president of Eklektix, but I need to focus more of my energy on securing an income. The ideal job of my future should make use of my writing and editing skills. I have grown very accustomed to working from home, so I would like to continue to do that, at least part time. The Linux box and the DSL line are already here. My next job could also draw on my experience as a software engineer, my knowledge of Linux, or something else entirely. I am an eclectic person with a little knowledge in many different fields. Please see my resume for additional details.
Thank you,
Distribution News Debian NewsWoody release manager Anthony Towns shares some information about the new security infrastructure. This new infrastructure is a critical component of the woody release.For more information about the release, see the [2002-06-11] Release Status Update. Unofficial woody MiniCD images updated. LordSutch.com MiniCD images are available for alpha, i386, m68k, and PowerPC; updated to the current state of woody. The main change is the upgrade of dpkg to 1.9.21. There is also ipppd added for the benefit of ISDN users.
Mandrake Linux Community Newsletter - Issue #45This week's Mandrake Linux Community Newsletter looks at MandrakeSoft OEM Offers; More Details on LinuxTag 2002; MandrakeClub Activities; Business Case of the Week; Mandrake in the News; Website of the Week; What's New at MandrakeSecure.net?; Security-related Software Updates; and Headlines from MandrakeForum.
Red Hat LinuxRed Hat reports that multiple kernel bugs were fixed, including generic kernel bugs, x86-specific bugs, and IA-64-specific bugs. Relevant releases/architectures include: Red Hat Linux 7.1, 7.1k, 7.2 - athlon, i386, i586, i686, ia64.Updated toolchain and glibc packages for s390 are now available which contain the latest recommended patches by IBM as well as several other bugfixes.
SuSE Linux - Supported DistributionsSuSE announced that support for the SuSE Linux 6.4 distribution will be discontinued with the release of the SuSE Linux 8.0 i386 FTP version.
Slackware LinuxProgress on Slackware 8.1 continues. The third release candidate became available for testing on June 10, 2002. Visit the change log for more details. We've also included a review of 8.1rc2 in the review section below.
Trustix Secure LinuxThe Trustix Newsletter for July 2002 is available. It includes information about Trustix Linux Solutions, the Trustix Mileage program, and much more.Trustix has released several bug fix advisories this week. There has been package cleanup in apache and in mutt; an updated samba package corrects a problem with winbind and the storing of the *.tdb files; there are minor security fixes for the GNU fileutils package and the bzip2 package; and a minor bug fix in the imap package.
New Distributions DMZS-Biatchux Bootable CDThe DMZS-Biatchux Bootable CD is a relatively new distribution, first making a public appearance on February 28 of this year. Biatchux is a portable, bootable CDROM distribution which aims to provide an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment. BiatchUX-Lite v.0.1.0.7a-45 was recently released, with major feature enhancements.
Minor distribution updates Astaro Security LinuxAstaro Security Linux has released stable version 3.200 with major feature enhancements.
GENDISTGENDIST has released v1.4.0 with major feature enhancements.
Gentoo LinuxGentoo Linux has released v1.2. Changes include installation fixes and countless updates to the Portage tree, including full KDE 3.0.1 (20020604) and GNOME 2 support.
Mindi LinuxMindi Linux has released version 0.63-7 with major bugfixes.
Netstation LinuxNetstation Linux has released development version 0.8 with major feature enhancements. Version 0.8.2 was released soon after, with more feature enhancements.
ShareTheNetShareTheNet, a distribution that allows just about any network software to use the Internet, is no longer being sold or supported. It is still available for download. ShareTheNet has moved to the Historical section of our distributions list.
TA-Linux sparc pre-0.2.0-testTA-Linux has released sparc pre-0.2.0-test for your testing pleasure.
ttylinuxttylinux has released version 2.2 with minor bugfixes.
Distribution reviews Taking Up the Slack(ware) (LinuxPlanet)LinuxPlanet reviews Slackware 8.1rc2. "Slackware devotees won't be disappointed with this release because most of what you have come to know and love about Slackware is still present in this release. The pending release of Slackware 8.1 might interest users of other Linux distributions, too."
Feature: Hardened Linux Puts Hackers EnGarde (Network Computing)Network Computing reviews several secure Linux distributions. "EnGarde walked away with our Editor's Choice award thanks to the depth of its security strategy, which covers nearly all the bases. Everything from the low-level mechanisms (binary integrity checking and stack protection) to high-level usability issues (including an excellent patching interface) demonstrate the serious effort the Guardian Digital crew has invested in EnGarde."
Engarde Secure Linux Pro 1.1 ReviewLinuxLookup reviews Engarde Secure Linux Pro 1.1. "Most people who know me often tell me that I am paranoid. I say that I have good reason to be. Hacker attacks and malicious code are just a few examples of why I am cautious with my computer systems. Guardian Digital's Engarde Secure Linux Professional offers a lightweight, robust, and secure Linux Distribution for small and large networks. "
ServerWatch Listing (With Download) for OpenLinux (internet.com)Here's a review on internet.com of Caldera's OpenLinux Server 3.1.1. "The price of this package would be justified for many administrators for the mere fact that it elimintes the need to collect all of the components. However, it also offers many other benefits, including one of the best installation programs we've seen for any type of server (not just Linux), a documentation server that allows access to the 380-page documentation set from any browser, a browser-based administration console that provides a secure GUI management console for the server from any browser, and a 60-day evaluation of the Volution systems management product."
Page editor: Rebecca Sobol Development Mozilla 1.1 alpha releasedFollowing last week's release of Mozilla 1.0, Mozilla 1.1 alpha is now available. This represents a new development branch for Mozilla, the 1.0 branch is now the stable branch.New features for version 1.1 alpha include:
System Applications Database Software Mini SQL 3.0 Pre 5Version 3.0 pre 5 of the Mini SQL database has been announced. See the release notes for all of the details.
Education SEUL/Edu report #72Issue #72 of the SEUL/Edu Linux in Education Report is available. Topics include troubles submitting software to the BECTa Educational Software Database, a K12LTSP party, Bob Young's Lulu Tech Circus project, and more.
Mail Software Mail::Box mailinglist (use Perl)Ideas and extensions are being requested for inclusion in the Perl Mail::Box e-mail handling module.
Printing CUPS v1.1.15 is Released!Version 1.1.15 (and Version 1.1.15-1) of the CUPS printing system has been released. Changes include MacOS license agreement mods, better defaults, and lots of bug fixes.
LPRng 3.8.12 availableVersion 3.18.12 of the LPRng print system has been released.
Web Site Development Midgard Weekly SummaryAfter a long absence, the Midgard Weekly Summary is back. This issue looks at changes in the Midgard team, the new Midgard Knowledgebase, the Midgard Component Framework, and more. (Midgard is an extensive, PHP-based content management framework).
ANNOUNCE: Quixote 0.5 releasedVersion 0.5 of the Quixote web application framework has been released. This is a relatively major release, with quite a few changes and improvements; click below for the details. (Quixote is the framework behind the new LWN site).
Zope News for June 6, 2002After a long hiatus, the Zope News is back, with a June 6, 2002 edition. Topics include EuroPython 2002, Balktalk support for Zope books, Casey Duncan's External Editor, Zope 3, planning for Zope 2.6, and more.
Zope Members NewsThis week's Zope Members News looks at MailBoxer 1.3, the first release of the MAP WebMail client, Artemis Article Management System 1.0, ext2Image 0.1, and more.
Miscellaneous The Linux Test Project test suite LTP-20020607 releasedThe Linux Test Project test suite LTP-20020607.tgz has been released. Among the highlights of this release is a white paper titled "Analysis of Linux Test Projects Kernel Code Coverage" and the LTP's Kernel code coverage web site.
Desktop Applications Audio Applications WaveSurfer 1.4.1 releasedVersion 1.4.1 of the WaveSurfer sound visualization and manipulation tool has been released. Minor enhancements and bug fixes have been added and some speech utilities have been fixed.
GLAME 0.6.3 releasedVersion 0.6.3 of the GLAME audio editing tool has been released. This is a bug fix release that features much faster wave drawing capabilities.
Audacity versions 1.0.0 and 1.1.0 releasedVersions 1.0.0 and 1.1.0 of the Audacity multi-platform audio editor has been released. Version 1.0.0 is the final stable version of the original Audacity. "Version 1.1.0 is the first beta release of the next version of Audacity, which includes support for higher-quality audio, more audio file formats, more effects, more editing functions, an improved user interface, and support for foreign languages."
Desktop Environments Quickies: Community Study, KSteak, Kde FranceKDE.News has three quickie articles on the Kde France Site, the KSteak English-German translation tool, and a sociological study of KDE.
KC KDE #38 is OutIssue #38 of Kernel Cousin KDE covers the Klingon invasion, CVS Kung-Fu, and Mime news.
GNOME 2.0 Desktop Snapshot 20020607The 20020607 snapshot of the GNOME 2.0 Desktop has been announced on Gnotices. The Official GNOME 2.0.0 Desktop should be released on June 21.
GNOME Summary for 2002-05-25 - 2002-06-01The May 25 - June 1, 2002 edition of the Gnome Summary covers the GNOME 2 hard freeze, hacking GTK+ apps in LOGO, GnomeMeeting for Gnome 2, gthumb, the Acessibility Framework explained, and more.
Rumours abounding about a new Gnome Media releaseGnotices looks at some of the changes that will be included in the next Gnome Media release.
GUI Packages FLTK 1.1.0rc3 releasedVersion 1.1.0rc3 of FLTK, the Fast, Light Toolkit is available. This version features a new file chooser, better documentation, and tons of bug fixes.
Interoperability Wine Weekly News for June 6, 2002The June 6, 2002 Wine Weekly News looks at Wine-20020605, Lindows OS SPX, testing Lotus Notes, directly executing Windows binaries, licensing issues, and the future of Wine debugging.
Office Applications Abiword Weekly NewsIssue #95 of the AbiWord Weekly News has been published. Topics include the continued squashing of bugs, and bi-directional language support for AbiWord.
Bluefish snapshot supports gtk2The May 29, 2002 snapshot of the Bluefish HTML editor features support for gtk2.
Web Browsers Galeon 1.2.5 availableVersion 1.2.5 of the small, efficient Galeon web browser is available This version adds Mozilla 1.0 compatibilty, proxy auto configuration and printing fixes, and a new Vietnamese translation.
Languages and Tools Caml The Caml HumpThis week's additions to The Caml Hump include the findlib library, PXP: the polymorphic XML parser, an OCaml implementation of the API of the Scheme Shell, the Recursive OCaml module, and more.
COBOL TinyCOBOL 0.58 releasedVersion 0.58 of TinyCOBOL has been released. A number of bugs have been fixed in this version.
Java Java optimization techniques (IBM developerWorks)A new guide on Java optimization is available on IBM's developerWorks. "Many useful techniques exist for optimizing a Java program. Instead of focusing on one particular technique, this article considers the optimization process as a whole. Authors Erwin Vervaet and Maarten De Cock walk readers through the performance tuning of a puzzle-solving program, applying an assortment of techniques ranging from simple technical tips to more advanced algorithm optimizations. The end result is a spectacular performance increase (more than a million fold) between the first working implementation and the fully optimized solution."
Perl Parrot 0.0.6 Leaves The Village (use Perl)Use Perl has an announcement for version 0.0.6 of the Perl 6 interpreter, Parrot.
Bricolage 1.3.2 Released (use Perl)Version 1.3.2 of the Bricolage content management system has been announced on Use Perl.
Axkit 1.6 Released (use Perl)A new version of the Axkit XML application server for Perl has been announced.
PHP PHP Weekly Summary for June 10, 2002The June 10, 2002 edition of the PHP Weekly Summary covers the discovery of a Zope Engine bug, discussion of Apache speed, a new RDF extension for PHP, overloaded operators, and a discussion on the future of PHP.
Python Dr. Dobb's Python-URL! - weekly Python news and links (Jun 10)The latest Dr. Dobb's Python-URL! looks into Programming Libraries; Python Development News; follows a discussion on the features of Python; and much more.
Daily Python-URLThis week, the Daily Python-URL covers Python at OSCON 2002, Python properties, the ActiveState Active Awards, Pygame and Tkinter, keyword import, weightless threads, Andrew Kuchling on What's New in Python 2.3, and more.
Ruby Ruby Weekly NewsThe June 9, 2002 edition of the Ruby Weekly News covers Interactive Learning Environment (ILE)/Ocelot, PageTemplate 0.3.2, Test::Mock 1.0, and REXML 2.3.5 and 2.2.3.
XML Comparing and Replacing Strings (XML.com)Bob DuCharme writes about string manipulation in XML. "This month we'll learn more ways to gain control over strings in your source document, as we see how to compare strings for equality and what kind of search-and-replace operations are possible in XSLT."
Miscellaneous CVSGnome provides an alternative to other build systems.This Article on Gnotices examines the CVSGnome build system. " CVSGnome is a new way for bleeding edge Hackers, Tweakers and Gurus to create a GNOME 2 system either from CVS or stable TARBALLS. "
Jext 3.1pre4 availableVersion 3.1pre4 of the Jext programmer's editor is available. This version includes bug fixes, and lots of new features, see the list of changes for the details.
Page editor: Forrest Cook Linux in Business Business News MITRE Report - A Business Case Study of Open Source SoftwareThe MITRE Corporation has published a report examining the business case for Open Source Software. This above link leads to an abstract of the report and a link to the 88 page report (PDF format). (Thanks to Rajesh Bhandari)
Press Releases Open Source Announcements
Distributions and Bundled Products
Software for Linux
Products and Services Using Linux
Hardware with Linux support
Linux at Work
Books and Documentation
Partnerships
Financial Results
Personnel and New Offices
Miscellaneous
Page editor: Rebecca Sobol Linux in the news Recommended Reading Anti-open source 'whitepaper' devastated (Register)The Register carrys a lengthy rebuttal to the Alexis de Tocqueville Institution white paper from Roaring Penguin's David Skoll. "The AdTI's very weak and poorly-researched paper opens no debate. It simply confirms that Microsoft paid AdTI to come up with something -- anything -- to stem the growing adoption of open-source (especially GPL'd) software by business and government. Let's take a look at the paper in detail."
Report Flays Open-Source Licenses (Wired)Wired joins in on bashing the ADTI white paper. "A spokesman for the ADTI said the report published last week was an old, unedited version that had been accidentally pushed on the Web. He said that a new version would be finished by late Monday, but he did not know if the report would be immediately posted on the Web. He promised to e-mail the final version to Wired News as soon as it was ready; by late Monday afternoon on the West Coast, no report had arrived."
The very real limitations of open source (ZDNet)ZDNet is carrying this opinion piece which claims there's a critical flaw in the Open Source philosphy. "The problem, however, is that open source must rely on the willingness of programmers to contribute code without financial compensation. The Free Software Foundation claims that in a world of free software, people will program because "programming is fun." In their opinion, the promise of high returns has corrupted the programming discipline, as people have been "trained" to expect that they will be paid well to program."
U.S. Gov't Still Penguin Shy (Wired)Wired looks at the use of Linux in the U.S. government - or the lack thereof. "'Linux is not on our list of approved operating systems,' said a senior State Department information technology official who spoke on condition of anonymity. 'That generally dictates whether it's used or not.'"
ANALYSIS: Microsoft vs. open source gets political (IDG.net)This IDG.net article looks at the use of open source software in governments outside of the U.S. "The perceived benefits of open-source software have moved government officials in countries including Germany, France, Finland, the Philippines, South Korea, and China to try out the technology. A decision to replace Microsoft's Windows at least in part with open-source alternatives is often the result. Officials within these countries have identified open source as a potential driver for cost savings. Some say security is enhanced by embracing open-source software. Others have said use of open-source software could stem software piracy, and lead to growth of local software alternatives."
Super-Secure Linux, Inch by Inch (Wired)Wired News covers the National Security Agency's Security-Enhanced linux (SElinux). "NSA's Wagner says that SELinux's adoption rate "has exceeded our original expectations. This release has also caused developers of non-Linux systems to consider incorporating similar controls based upon our earlier prototypes.""
Are ReplayTV users breaking the law? Are you sure? (Linux Journal)Linux Journal covers Electronic Frontier Foundation involvment in a suit against the major movie studios. "The plaintiffs in the suit are five ReplayTV customers, who von Lohmann said "have a very legitimate concern that their rights will be adjudicated without them being involved." The movie studios are currently suing ReplayTV manufacturer Sonicblue."
Complex Linux virus warning (vnunet)Vnunet covers cross-platform viruses, which might be able to infect Linux systems. "Although the virus was not the first of its kind to infect both Windows and Linux machines, it apparently moved virus-writing techniques "yet another step up the scale of complexity"."
Companies Dell makes a move to Linux (ZDNet)ZDNet reports on the latest collaboration between Dell, Oracle, and Red Hat. "The companies' announcement comes as large corporations look for ways to save money on technology. Running a nonproprietary Linux operating system is seen by some corporations as one way to do that."
Dell, Oracle join Red Hat for enterprise Linux (Register)The Register covers the recently announced collaboration between Red Hat, Oracle, and Dell. "Red Hat Inc, Oracle Corp and Dell Computer Corp have teamed up to provide packaged support and services for Red Hat's Advanced Server operating system and Oracle's 9i Release 2 database management system."
Linux Packages With Panache From Dell And HP (TechWeb)Information Week reports on the release of Linux-based clustering products by Dell and Hewlett Packard. "Linux continues to move upstream. Dell Computer and Hewlett-Packard last week unveiled packages that bring high-end clustering and database capabilities to Intel-based servers running the operating system."
Life Sciences Industry Turns to Linux and IBMIBM will provide Linux systems for the Institute for Systems Biology. "The Institute for Systems Biology (ISB), a world renowned non-profit research institute, has selected IBM to provide its infrastructure technology. ISB will use IBM servers, storage and data integration products to support its research on protein-protein interactions to better understand and predict diseases, and identify potential preventions and treatments."
Everything but the Hat Hair (Linux Journal)Linux Journal's Don Marti discusses the deal between Oracle, Red Hat, and Dell. "Oracle, Red Hat and Dell unveiled Unbreakable Linux today, cementing RH's place in the corporate world. Oracle CEO Larry Ellison ended the Linux distribution wars today, as far as corporate installations are concerned, with the flat-out statement that "We can't provide the same level of support" (for Oracle products on other distributions as they can on Red Hat). "We've elected to work very closely with Red Hat. We're recommending Red Hat." Ellison did everything for Red Hat except actually wear the red Red Hat hat handed to him by Red Hat CEO Matthew Szulik."
Linux: Red Hat should just stop whining (ZDNet)ZDNet is running an article about the Red Hat and Sun's non-free version of Open Office. "RED HAT IS UPSET because Sun has started charging both end-users and OEMs for StarOffice, the Microsoft Office competitor that Sun owns and had previously given away. Red Hat has been including StarOffice for free in the box with its own Linux operating system; now it'll have to pay Sun if it wants to do that."
Red Hat accuses Sun of Microsoft tactics (News.com)News.com covers Red Hat's Matthew Szulik in a rant against Sun. "Sun's Rogers said he'd still like to see Red Hat include StarOffice or the open-source project on which it's based, OpenOffice. Distributing OpenOffice furthers the use of StarOffice file formats and interfaces. Microsoft has successfully used file formats and interfaces to keep its Office suite dominant."
SuSE Linux to include StarOffice 6 (News.com)News.com reports that SuSE will bundle Sun's StarOffice 6 word processor with its Pro-Office CD. The CD will sell for $24.95.
Oracle develops 9i software for Linux (ZDNet)ZDNet reports on Oracle's release of its database software for Linux. "The software maker said that it has developed a version of its 9i database software that can run across multiple Linux servers in a configuration called clustering. Clustering allows businesses to harness multiple servers to run a very large database, so servers can share work or take over from each other if one fails."
Oracle 9i RAC to support Red Hat clustering (ZDNet)ZDNet is carrying a Gartner Group pronouncement on the availability of Oracle9i for Linux. "However, Oracle has not proven the need for a parallel DBMS on Linux, nor has it validated its claims for scalability with references and benchmarks. Thus, Oracle and Red Hat will likely concede substantial discounts as they seek to validate claims that Linux has a compelling total cost of ownership compared with Microsoft's SQL Server, DB2 Universal Database or Oracle on Unix."
IBM offers major boost to Linux (vnunet)IBM will extend its systems management software to Linux environments, according to this vnunet article. "Linux support will initially be offered on key components of the Tivoli range, according to Tivoli European vice president, Milko van Duijl."
Bringing the J2EE Cathedral to the BazaarO'Reilly is running an article by Satya Komatineni that examines some issues with Sun and J2EE. "While Sun is quite diligently planning, coordinating, and building infrastructure for building cathedrals around J2EE, Microsoft's .NET is poised to steal the marketplace and own the bazaar, as they did with VB and the component market in the client-server wars. We have some parallels to go by. While CORBA focused on rearing thoroughbreds, COM stole the market with a mule called VB. The only way out of this quandary is to wake up and invite the J2EE cathedral to the bazaar."
CodeWeavers Announces CrossOver Office 1.1 (OpenForBusiness)Open for Business reviews CodeWeavers' CrossOver Office. "On the new release, CodeWeavers CEO Jeremy White commented "With Outlook and Internet Explorer support, we feel that we have rounded out the most important features of the Microsoft Office Suite, and have made it simple and painless for an organization to adopt the Linux desktop." Based on our recent experience in OfB Labs, White very well could be correct."
Business UnitedLinux (Linux Journal)Linux Journal's Doc Searls analyzes several recent partnerships in the Linux world. " While Red Hat geared up to announce Unbreakable Linux, four smaller opponents joined to form UnitedLinux. The response so far has been divided. Today, June 5, 2002, Red Hat, Oracle and Dell are announcing "their collective commitments to Linux for the enterprise" (sounds almost Communist, doesn't it?) in a big launch event at Oracle's place in Silicon Valley. Invitations sent to the press said new products from all three companies would feature "Unbreakable Linux." "
UnitedLinux agrees to differ (Register)The Register examines the UnitedLinux effort. "UnitedLinux is a marriage of four distros - SuSE, Caldera, Conectiva and TurboLinux - but it isn't really a distro, as we were led to believe by the pre-launch rumor mill. Well, yes and no.""UnitedLinux is a server "distro" that at least shares common elements. The big four retain branding rights, so you'll still find "SuSE powered by OpenLinux". And each distro can add on its own features. But you'll find the same files in the same places, which is long overdue, and signals a win for the Linux Standards Base initiative. "
United Linux musters support (vnunet)Vnunet covers the United Linux collaboration. "Caldera, TurboLinux, SuSE and Connectiva will be the initial shareholders of the new organisation, and the first version of the software will be based on a release of SuSE Linux version 8."
Facing the open source firing squad (ZDNet)Here's another ZDNet column on the business of open source software - or the lack thereof. "In other words, proprietary software revenue wags the open source tail, not the other way around. The fact that IBM hires people to work full time on open source is less of an indication of open source's inherent profitability than a demonstration of the freedom available to companies with business models based on the revenue generating power of proprietary software."
Interviews Cyberspace's Legal Visionary (Reason)Reason interviews Lawrence Lessig. "In a world where civil disobedience was treated with toleration, that might be a good strategy. But we're in a world where disobedience is treated with felony convictions. The idea that you are going to get lots of civil disobedience against the Digital Millennium Copyright Act is just crazy. You're going to get lots of prosecutions and people going away to jail. The cost of disobedience has become too high, and I'm not sure it's a viable strategy anymore."
Three EuroPython InterviewsThe EuroPython site features three new interviews: Itamar Shtull-Trauring on the Twisted Framework, Stephan Richter and Steve Alexander on the next genration of Zope, and Paul Everitt, co-founder of Zope Corporation. Thanks to Martijn Faassen.
Resources Tips for New Linux Users, Part II (ExtremeTech)ExtremeTech has some tips for Linux newbies. "In Part I, we covered KDE's Konqueror, Gnome's Nautilus, Linux directory structure, tarballs, and mime types, among other things, and we'll now look at Linux Text Editors" (Thanks to Kyle Roberson)
Embedded Linux Newsletter for June 6, 2002The June 6, 2002 edition of the Linux Devices Embedded Linux Newsletter has been published. Topics include a review of Craig Hollabaugh's book "Embedded Linux", an introduction to the Dillo browser, Lynxos V4.0 Linux ABI compatibility, how the ADEOS project gets around real-time linux patents, malloc under uClinux, and more.
Constructing a Linux-powered IrDA printing device (LinuxDevices)Tired of filling out forms? Nobody can read your handwriting? or spell your last name? In this brief technical article at LinuxDevices.com, Entrepreneur and Linux hacker Gerd Rausch explains how (and why) he created a small device that could be installed at rental-car agencies, hotel/airline check-in desks, or health-care facilities to receive data beamed directly from your PDA. It runs on a Linux platform, of course.
Hack your TiVo! Here's how (ZDNet)For those who have Linux-based TiVo box, here's a ZDNet article on hacking them. "AS WITH ANY good hacking article (and this will only be a fair one), I should warn you up front that proceeding further could render your TiVo useless, void your warranty, violate all sorts of end-user licensing agreements, and, in extreme cases, kill you (if you happen to touch the unshielded power supply inside the box while having an especially unlucky day)."
Want to hack your TiVo? Here's YOUR advice (ZDNet)Previously LWN ran a ZDNet column about hacking a TiVo video recorder. Now ZDNet continues with more TiVo hacks from its readers. "The results of the QuickPoll were overwhelming. It asked: "Be honest: Would you consider hacking your TiVo (or other DVR), even if it risked damaging the machine or violating your user agreement?" Ninety percent of you answered: Duh--yes!"
Reviews Keep Track of Your Money (Linux Journal)The Linux Journal has put up an article comparing four different, free personal finance applications. "I felt at home immediately. Emma has the GNOME look and feel, with help windows and help functions where you expect them, e.g., each button has a little help bar that appears when you hold the mouse over it for a second. I like a program that doesn't scare me, so I appreciate an intuitive user interface."
Mozilla strides out (vnunet)Vnunet looks at the new Mozilla 1.0 release. "Hell froze over in the geek community yesterday as Mozilla 1.0 was finally released. After nearly five years of work by thousands of developers, there was much rejoicing among the expectant fans and pigs were seen cruising at well over 1,000ft. "
Mozilla 1.0 released after four long years (Register)The Register reviews Mozilla 1.0. "Mozilla is nothing if not a 'vision thing'. The organization sees that it has created not just a browser to rival Internet Explorer - its initial mandate - but a cross-OS platform on top of which a next generation of standards-compliant applications can be built. In many ways, the vision goes back to Netscape's early dreams of using the browser to kill Windows."
Introducing Linux into the Enterprise (Linux Journal)Linux Journal Reviews GSX Server, from VMware Inc. "Once installed, GSX runs on top of Linux, providing an environment that allows you to run multiple virtual server instances. In our case, we needed additional Windows NT 4.0 and Windows 2000 servers to provide development and test environments for new projects."
Linux Orbit Review Grab BagLinux Orbit has published the first of its Review Grab Bag features. This edition takes a look at a multi-gnome-terminal, the LimeWire gnutella client and the Metacity window manager for GNOME.
Hitachi unveils new model of Linux-enabled Internet appliance (LinuxDevices)LinuxDevices.com covers a new model of Hitachi's Linux-based FLORA-ie wireless web pad. The device has a 10.4-inch TFT LCD screen and is based on a 400 MHz Transmeta Crusoe processor running Midori Linux. It has built-in Ethernet and 802.11b wireless, and also provides two USB ports plus both CompactFlash Type II and PC Card (PCMCIA) expansion slots.
Comparative Jabber book reviewIBM's developerWorks features a review of three different books on Jabber.
Taking Up the Slack(ware) (LinuxPlanet)LinuxPlanet reviews Slackware 8.1rc2. "In short, you have a basic, highly functional Linux box that will just work without all the geegaws that thump performance. So, as far as I'm concerned. there's nothing wrong with this picture.--unless you are new to Linux or are addicted to graphical utilities and eye candy."
Miscellaneous Celebrating the 20th Anniversary of the Swiss Open Systems Group (Linux Journal)Linux Journal carries a post from Jon "maddog" Hall. maddog travels to Zurich to speak at the twentieth anniversary of the Swiss Open Systems Group. This is a story about clocks, friendly students, beer, a small Renaissance faire, and, of course, Linux/Open Source advocacy.
Programmers enroll in political training (News.com)News.com reports on an increase in political coursework for computer science students. "STANFORD, Calif.--It's not every computer science class that opens with a poem. But on a recent June day at Stanford University, khaki-clad senior Jeff Keltner stood before his classmates, cleared his throat, and recited verse about a Hollywood-led crackdown on technology that can transfer digital books to different devices. The final lines went something like this (to the beat of Dr. Seuss' "Green Eggs and Ham"):""'I want to read this book I bought, but people tell me I ought not. They say I will be locked away because of the D-M-C-A.' "
What's wrong with Nader's Microsoft plan (ZDNet)ZDNet's Dan Farber comments on Ralph Nader's suggestion that Microsoft should release the source code to Office. " Nader even goes so far as to suggest that the federal government buy the code for Microsoft Office outright, and release it into the public domain in order to save the public money and avoid the costly upgrades from Microsoft that are designed to overcome interoperability problems. I wonder what price Gates would put on that software, which has more than a 90 percent market share. "
MS-funded think tank propagates open-source lies (Register)The Register writes about the study by the Alexis de Tocqueville Institution, which claims that open-source software aids terrorism. " Much to our disappointment, the organization's press release, which last week promised that the study would explain in gory detail how open-source software will foster international terrorism, turns out to have been a tissue of headline-pimping lies. Indeed, the paper never mentions terrorism at all. "
Readers give high marks to security, Linux (News.com)News.com looks at the results of a recent survey. " The enthusiasm for Linux among News.com readers was consistent with similar surveys in recent months. According to responses in a recent poll from Giga Information Group, 59 percent of IT managers said they would increase their use of Linux operating systems next year; none said that Linux use would decrease."
Linux server consolidation shortcut (ZDNet)Here's an editorial on ZDNet, about Linux on mainframes. "If you're a columnist for ZDNet and you put the words Linux and mainframe in the same sentence (which I've done), all sorts of people will come out of the woodwork to give you their opinion. I've been saving one of those opinions for a rainy day and, based on news that Hewlett Packard will be integrating VMWare's ESX server into its ProLiant line of servers, that day is today."
The Heart of the Penguin (Linux Planet)Linux Planet is running a feature article about a beowulf cluster that Biomedical Engineer Dr. Andy Pollard has assembled for simulating the operation of the human heart. "The research itself is targeted towards three areas: observation of the effect of electrical fields on heart tissue to learn how and why defibrillation works (and, in so doing, track down why fibrillations occur in the first place); learning in a more direct manner why fibrillations start; and how a fibrillation event progresses from start to finish."
Page editor: Forrest Cook Announcements Non-Commercial announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Resources Binary Versions of LSB Test Suites lsb-runtime-test (1.1.9-1)Version 1.1.9-1 of the lsb-runtime-test binary package is available for download.
New MySQL resourcesTwo new resources are available for the MySQL database. The MySQL reference manual has been published, and an online MySQL Newsletter is being produced on a monthly schedule.
Encoding with VorbisEncoding files with Vorbis is the second in an ongoing series of four articles about the Ogg Vorbis audio compression system. "One of the unfortunate legacies of the mp3 era is the common assumption that bitrate directly affects quality. Though it is true that a higher bitrate results in a larger file, it does not necessarily sound better. There are better and easier ways to encode music. As an alternative to dealing with bitrates, Vorbis offers a streamlined "quality" setting control. The values range from zero to ten. The higher the value, the better the final quality."
Upcoming Events Perl Meeting in Tel Aviv (use Perl)Use Perl has an announcement for a Perl Mongers meeting in Tel Aviv, Israel on Thursday June 13, 2002.
YAPC Schedule Posted (use Perl)The YAPC::NA Perl conference will be held from June 26-28, 2002 in St. Louis, MO.
Parrot/Perl 6 talk and Fundraiser in Phoenix (use Perl)Use Perl has an announcement for a Perl/Parrot presentation in Phoenix, Arizona on June 20, 2002.
Libre Software Meeting : registrations are openThe third annual Libre Software Meeting will take place near Bordeaux, France, from July 9 - July 13, 2002. Registration is open, and you can check on accomodations too.
Events: June 13 - August 8, 2002
Web sites LinuxWiki.de - Collaboration WikiWikiWebLinuxWiki.de is a new collaboration and communication platform in the German language. It's based on the new WikiWikiWeb technology and it is there for the discussion of Linux, FreeSoftware and the OpenSource community.
Miscellaneous Software Livre! (Linux Journal)Linux Journal has an article by John maddog Hall in which he shares his experiences at the Software Livre conference held in Brazil in early May. "... cooperation, community and erva-mate. "Software Livre! Software Livre! Software Livre!"...the words got louder and louder like a chant. No, not like a chant, it was a chant--and I was leading it!"
Page editor: Forrest Cook Letters to the editor Re: Open-Source Fight Flares at Pentagon (Washington Post)
Keeping OSS out of the security arena
>From http://www.internetnews.com/dev-news/article.php/1276831
Re: [riptide-announce] New riptide-0.3mbsibeta02061100 linux driver available
Marc Boucher wrote to discuss@linmodems.org:
PostgreSQL not relational!
Re: http://lwn.net/Articles/809/
Your LWN articles
Re: Your LWN articles
In your letter, you summarized our reasons for the name GNU/Linux
Response to Mr. Brown's critique of Open Source Software.
[Note: this response was written on June 10th, from a paper that Mr. Brown
Page editor: Jonathan Corbet
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||