LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for January 16, 2003Mickey Mouse 1, intellectual commons 0The U.S. Supreme Court has ruled, 7-2, that the Sonny Bono copyright extension act is not unconstitutional. All challenges to that law have been rejected, and the law is allowed to stand. Mickey Mouse need not fear being pushed into the public domain anytime soon.The majority opinion (available in PDF format) was written by Justice Ginsberg. The majority found that the phrase "limited time" in the U.S. Constitution doesn't mean that the time has to be reasonable; the vision of "forever minus one day" copyright terms is just fine with these people. The interpretation of "limited time" is left entirely to the discretion of Congress; the courts have nothing to add.
In sum, we find that the CTEA is a rational enactment; we are not
at liberty to second-guess congressinoal determinations and policy
judgement of this order, however debatable or arguably unwise they
may be.
There was also, according to the majority, no restraint to free expression to be concerned about. End of case. Justice Stevens wrote a dissent arguing that the extension of existing copyrights can not be constitutional. He pointedly does not look at the more general issue of copyright extension, arguing that is not the case that the plaintiffs brought forward. He also points out that, in the last eighty years, the only work to enter the public domain is that which was copyrighted in 1923. He concludes:
By failing to protect the public interest in free access to the
products of inventive and artistic genius - indeed, by virtually
ignoring the central purpose of the Copyright/Patent Clause - the
Court has quitclaimed to Congress its principal responsibility in
this area of the law. Fairly read, the Court has stated that
Congress' actions under the Copyright/Patent Clause are, for all
intents and purposes, judicially unreviewable. That result cannot
be squared with the basic tenets of our constitutional structure.
A separate dissent was written by Justice Breyer, who took a much greater interest in the issue of whether copyright extension actually serves to "promote the progress of science" as specified in the Constitution. He doesn't believe that copyright extension will cause more works to be created:
The extension will not act as an economic spur encouraging authors
to create new works.... No potential author can reasonably believe
that he has more than a tiny chance of writing a classic that will
survive commercially long enough for the copyright extension to
matter....What monitarily motivated Melville would not realize that
he could do better for his grandchildren by putting a few dollars
into an interest-bearing bank account?
Justice Breyer also takes a look at the first amendment (freedom of expression) arguments, and finds them worthy of rather more consideration than they got from the Court majority. His conclusion is clear and straightforward:
This statute will cause serious expression-related harm. It will
likely restrict traditional dissemination of copyrighted works. It
will likely inhibit new forms of dissemination through the use of
new technology.... It is easy to understand how the statute might
benefit the private financial interests of corporations or heirs
who own existing copyrights. But I cannot find any
constitutionally legitimate, copyright-related way in which the
statute will benefit the public. Indeed, with respect to existing
works, the serious public harm and the virtually nonexistent public
benefit could not be more clear.
Unfortunately, two voices of relative reason were not sufficient to sway the Supreme Court, and copyright extension remains the law of the land. There can be no doubt that those behind this law (and various other expansions of intellectual property rights) will push for more in the future. It also seems clear that there will be no help from the courts in fighting this push. As far as the courts are concerned, Congress can do what it wants in this area. That leaves only one option open for those who would fight for the intellectual commons - trying to talk some sense into the legislative branch. There are signs that the general awareness of the problematic side of copyright expansion is growing. This case, even in defeat, has been a step in the right direction. Lawrence Lessig did an outstanding job in arguing the case before the Supreme Court; as a result, far more people know (and care) about copyright issues now than before. With a redoubled effort, it should yet be possible to put an end to the unending expansion of copyright power. It will not be easy, though, to say the least.
The RIAA and BSA make a dealThe word is out: the music industry and "technology companies" have come to an agreement on anti-piracy legislation. Could it be that the determination of the technology industry to serve the needs of its customers has brought the copyright fights to a reasonable conclusion? We know better than that.The "technology companies" in this case are made up of the Business Software Alliance (best known for its software licensing raids on companies) and the Computer Systems Policy Project, a lobbying group made up of IBM, Intel, HP, and others. The agreement between these groups and the RIAA says, essentially:
In other words, the RIAA has come to the conclusion that the status quo is good enough, that whatever DRM schemes it has in mind will work, and the best thing to do is to get the government out of the picture before any pesky ideas about fair use, first sale, and other longstanding aspects of copyright law make any more headway. The technology companies, with luck, are freed from having to be the industry's policeman, and are thus happy to sign on. It's a nice, smoke-filled-room deal; nobody felt any real need to consult with the people who actually buy and use copyrighted materials. This, of course, is how copyright law has been made in the U.S. for a long time. This deal is not entirely bad; it isolates the motion picture industry and makes unpleasant legislation like the CBDTPA more unlikely to pass. But it also makes things harder for DMCA reform and other useful measures. The truly interesting thing with this agreement, though, is that it seems that the RIAA has concluded that it has more to lose than to gain from increased legislative attention to copyright issues. The increasing copyright backlash, perhaps, has given them a bit of a scare. What we should really conclude from this "historic" agreement is that, Supreme Court disappointments notwithstanding, the copyright message is beginning to get through.
The DMCA and interoperabilityA couple of new Digital Millennium Copyright Act cases have come up over the last week. Neither one involves Linux or free software, but both show the broad reach of this law, and how the DMCA could be used against Linux in the future.The first case is a lawsuit by Lexmark against Static Control Components. Lexmark printers talk to installed toner cartridges via a proprietary protocol; the printer will refuse to use cartridges which do not speak this protocol. According to Lexmarks's complaint (PDF format), this mechanism "protects consumers to ensure that they are using genuine Lexmark toner cartridges." It also, of course, protects Lexmark's revenue stream by ensuring that consumers are "protected" from buying cheaper toner cartridges from another manufacturer. A company called SMARTEK sells chips which can successfully perform the handshake with Lexmark printers, and thus allow "unauthorized" toner cartridges to be used. Lexmark has two distinct gripes with this product. First, they claim, the SMARTEK chip contains a copy of code from Lexmark's own chip; this, if true, would be a straightforward copyright violation. But Lexmark also claims that, regardless of the provenance of the code, the SMARTEK chip circumvents Lexmark's technical measures which control access to the software running in the printer itself. And that, of course, is a DMCA violation. This claim may seem like a bit of a stretch, but Ed Felten's remarks on the case are worth a read:
Clearly, Lexmark is being creative in their interpretation of the
DMCA. But their arguments are not ridiculous. The purpose of the
DMCA was to ban certain types of interoperation. And the DMCA
intentionally did more than just to strengthen the traditional
rights of copyright holders -- it created new categories of
rights. Lexmark will not be laughed out of court.
A similar case has been brought forward (late last year) by the Chamberlain Group, a manufacturer of automatic garage door openers. Chamberlain's remote openers use a sort of one-time password scheme to defend against playback attacks, which is certainly a worthwhile goal. Of course, this scheme also makes it difficult for competitors to make and sell remotes which will work with Chamberlain's openers. Unfortunately for Chamberlain, a company called Skylink figured out how to do it. Chamberlain's complaint (PDF format), "the Skylink transmitter circumvents the protective measure of Chamberlain's copyrighted rolling code computer program in the receiver wherein the homeowner can gain unauthorized access to such computer program." The owner, in other words, is gaining unauthorized access to his garage door opener, which he thought he had bought, to (without authorization) open his own door, which he thought was part of his house. This case, too, will probably not be laughed out of court. One of the nice features of Linux, of course, is interoperability. Developers of the Linux kernel and applications have, over the years, put a great deal of effort into making Linux work with just about any other system - hardware or software - that they could. Interoperability is one of the big selling points of the Linux system. It is increasingly clear, however, that the DMCA allows vendors to make interoperability a crime simply by saying so. There can be no doubt that this "feature" of the DMCA will see increasing use in the future, and that Linux users will feel its bite.
MandrakeSoft enters bankruptcy[This article was contributed by LWN reader Joe 'Zonker' Brockmeier MandrakeSoft announced on Wednesday that it had filed for bankruptcy protection on Monday, January 13. The company filed for protection in France, a "declaration de cessation des paiements," which is similar to filing Chapter 11 bankruptcy in the United States.MandrakeSoft currently has a debt load of about €2 million, or about $2.1 million U.S. The company will be able to continue operations, albeit under the direction of a court-appointed administrator. According to Gaël Duval, the co-founder of MandrakeSoft, the Mandrake development team is still on the job and will continue to release new products. "We're nearly at break-even and the business is growing every month. We do everything possible to ensure the best future for Mandrake. Users shouldn't be concerned. There will be future releases!" The company is not the first Linux distributor to file for bankruptcy protection. Stormix Technologies debuted its Debian-based Storm Linux distribution in late 1999 and had filed for bankruptcy by January of 2001. The Vancouver-based company never recovered, and users of Storm Linux were left high and dry. Since Storm Linux contained a good deal of proprietary software, there was no way for users to continue development of the distribution on their own. Mandrake Linux users, at least, need not fear that problem. The signs of monetary difficulties have been there for some time now. The company went public at the end of July, 2001 and raised a total of €4.3 million. Since that time, MandrakeSoft has issued several calls for user contributions, in the form of subscriptions to its Mandrake Users Club, to keep the company afloat on its way to profitability. The Mandrake Users Club offers a few perks, like the ability to vote on new packages, but hasn't been enough to lure the majority of Mandrake users into contributing. Whether users should pour in cash now or wait and see whether MandrakeSoft pulls through is up to them, according to Duval. "If they want to boost our development, they should sign up." Duval says that it is unlikely that MandrakeSoft won't emerge from bankruptcy, but even if the company distributing Mandrake fails the distribution can go on. "Mandrake Linux is 100% Free Software so there are good chances that the project could continue." The news of MandrakeSoft's bankruptcy filing is sure to reignite the debate over whether a company can make a profit on a product that is purely Free Software. There's no question that the number of people who buy Mandrake products or contribute money through the Mandrake Users' Club are far surpassed by the number of users who download and use Mandrake Linux without contributing money to the project. Consolidation in the Linux distribution market seems inevitable. Still, it is unfortunate that MandrakeSoft, with its strong commitment to free software, has found itself in this situation. We can only hope that the bankruptcy process goes well, and MandrakeSoft is able to keep on serving its users for many years to come.
Security Brief items Closing off cross-site scripting holesWhen writing web applications, it is easy to lose track of the fact that HTML is not quite the same as plain text. As a result, erroneous characters (such as an unescaped "&") can easily slip into a web page. They can result in poorly rendered pages, RSS files that fail to load, and lots of email suggesting that the author buy and read a copy of "HTML for drooling morons." Trust us, we know.As annoying as that sort of problem can be, it fades into insignificance when compared to the other issue that arises when text is treated as if it were HTML: cross-site scripting. If an outside attacker can get your web application to present arbitrary HTML to another user, that attacker can often get the victim to disclose information or carry out an unwanted action. Cross-site scripting problems have afflicted many applications, and they are unlikely to go away anytime soon. It is just too easy for a web application programmer to slip up and let untreated text slip through. Version 0.6 of the Quixote web application framework, which saw its first beta release last week, includes an interesting approach to the cross-site scripting problem. Quixote (which is the framework used by LWN) includes a nice "template" feature which allows an easy and natural mixing of HTML text and Python code. Text generated by a template is passed back to the web browser as an HTML document. In the current Quixote release, as in most web frameworks, text is sent directly back without processing or quoting. After all, web templates need to be able to include HTML tags in their output, and things would not work very well if those tags were quoted. Quixote provides a function for the safe quoting of untrusted text, but the programmer must remember to use it in all the relevant places. Sooner or later, most programmers forget. Version 0.6, instead, has two kinds of text. Anything which appears in a literal, quoted string is of type "htmltext," and it is assumed to be exactly as the programmer wanted it to be (since he or she wrote it that way). Anything which takes the form of an ordinary Python string, however, is assumed to need quoting on its way to the browser; this quoting happens automatically as the template is executed. The result is that text that comes from a database or other external source is automatically quoted, and thus can not be used for a cross-site scripting attack. The programmer no longer needs to worry about quoting every bit of text that passes through the application. This is, of course, the way things should be done from a security standpoint. Assume that everything is suspect in the absence of an explicit statement to the contrary. This approach, too, can create bugs - HTML tags may end up being quoted when they should be passed through directly. But that kind of bug is immediately evident, while a failure to quote is usually invisible - until it bites you. The new Quixote HTML template mechanism errs on the side of security and makes failures happen in the right way.
New vulnerabilities ethereal - Various security issues in Ethereal
IMP - SQL injection vulnerability
mod_php - buffer overflow
Updated vulnerabilities Heap corruption vulnerability in at
BIND8: Multiple vulnerabilities
bind buffer overflow vulnerability in DNS resolver libraries
Canna server: exploitable buffer overrun
cups - multiple vulnerabilities
dhcpcd: Character expansion vulnerability
dvips: command execution vulnerability
Filename disclosure vulnerability in fam
fetchmail: buffer overflow
GNU fileutils race condition
geneweb - information exposure
Potential remote root exploit in glibc
glibc: DNS stub resolvers contain buffer overflow vulnerability
http-fetcher - buffer overflow
IM: creates temporary files insecurely
KDE - command parameter quoting problems
kdelibs: Vulnerabilities in KIO subsystem support
kernel: local denial of service vulnerability
krb5: Buffer Overflow in Kerberos Administration Daemon
lcdproc - buffer overflows
leafnode: denial of service
libmcrypt: buffer overflows and memory exhaustion
libpng, libpng3: buffer overflow
lynx: CRLF injection vulnerability
perl-MailTools: remote command execution
micq: Denial of service
PHP Remote Compromise/DOS Vulnerability
monopd - buffer overflow
Mozilla: Privacy leak and other vulnerabilities
MySQL: multiple vulnerabilities
net-snmp: denial of service vulnerability
OpenLDAP2: remote command execution
PHP: vulnerability in mail function
Buffer overflow vulnerabilities in PostgreSQL
Local arbitrary code execution vulnerability in Python
Multiple-use vulnerability in Safe.pm
File overwrite vulnerability in tar and unzip
Multiple vendor telnetd vulnerability
Tomcat 4.x JSP source code exposure vulnerability
traceroute-nanog: buffer overflow and root exploit
typespeed: buffer overflow
webalizer: reverse DNS buffer overflow vulnerability
Webmin/Usermin vulnerabilities
wget:directory traversal bug
wmaker: buffer overflow in Window Maker image handling code
Multiple vulnerabilities in wordtrans
Problems with libgtop_daemon
Wwwoffle remote privilege escalation vulnerability
xpdf: integer overflow
Resources OWASP Identifies Ten Most Critical Web Application Security VulnerabilitiesThe Open Web Application Security Project has announced the release of its report on the top ten security vulnerabilities to be found in web applications. Worthwhile reading for anybody involved in the creation of these applications.
Old hard drives yield data bonanza (News.com)Here's a News.com article reminding us of the security risks of old disk drives. "You pick up 10 drives on the used market and the chances are that three or four of them are going to have confidential information."
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current development kernel is 2.5.58. Linus seemingly made a New Year's resolution to release kernels more often, with the result that four separate releases came out over the last week:
Linus's BitKeeper tree, which will likely become 2.5.59 fairly soon, contains some uClinux patches, an XFS update, and some new algorithms for the crypto API. Note that new development kernel releases will come to a halt by Friday, when Linus takes off for a two-week vacation. The current stable kernel is still 2.4.20; Marcelo has released no 2.4.21 prepatches over the last week. The latest patch from Alan Cox is 2.4.21-pre3-ac4, which resumes work on the IDE layer.
Kernel development news 2.6.0-test coming soon?William Lee Irwin asked the question: will there be a 2.6.0-test release soon? All is working well for him, and it seems maybe time to look toward getting the kernel out to a wider testing audience.Unfortunately, it does not look like things will happen anywhere near that quickly. From Alan Cox's response:
IDE is all broken still and will take at least another three months
to fix - before we get to 'improve'. The entire tty layer locking
is terminally broken and nobody has even started fixing it.... Most
of the drivers still don't build either.
There are other little issues to deal with as well. For example, the process of feeding 2.4 fixes into 2.5 stalled some time ago, and is only now getting restarted again. Some developments - the driver model work and asynchronous I/O come to mind - are still very much in progress. Al Viro had all kinds of plans for the VFS and initramfs, but seems to have disappeared from the kernel list for now. The loadable module problems are mostly taken care of, but things are still changing there too. And so on. So the truth of the matter is that the 2.5 kernel is still not stable in a number of ways. The feature freeze is holding reasonably well, but it was always understood that features that had been merged would finish their development - and that has not yet happened. Trying to widen the test community at this point is likely to just turn a lot of people off to 2.5 altogether. Truly stabilizing a kernel takes a long time.
The latest loadable module changesMost of the problems with the new module loader have long since been ironed out. A few issues, remain, however. For example, module versions have not yet been implemented; kernel developers tend to dislike (and not use) that feature, so it has been relatively low on the list of priorities. There still is no modversions patch up for review, but a related issue has been resolved.The modversions facility allows a binary kernel module to be loaded into multiple kernel versions, as long as the relevant data structures and function prototypes have not changed. It works by attaching a simple checksum to function and variable names, and refusing to load a module if the checksums no longer match. See Linux Device Drivers, Chapter 11 for details. But modversions has never been able to catch all of the things that could make a module incompatible with a given kernel. The most common problem (a module compiled for SMP loaded into a uniprocessor kernel, or vice versa) was handled by hacking "smp" into the checksum. But other potential incompatibilities - compiler versions, memory model (for systems with high memory), whether preemption is configured in, etc. - are not detected until something goes badly wrong. A patch from Rusty Russell fixes that problem, whether or not modversions is in use. Compilation and configuration options which can break module compatibility are stored in a special section in the kernel and in each loadable module; the information is stored as a simple string like "SMP,preempt,gcc-2.95." If the strings don't match when a module is loaded, the kernel puts out a warning. One other loadable module issue still hasn't gone away: how to deal with modules which fail at initialization time. The new module loader, when first merged, took great pains to hide a module from the rest of the kernel until it had completed initialization. That way, the kernel could be sure that no other kernel code was already trying to use the module if its initialization fails and it is removed from the kernel. Unfortunately, that feature broke the disk subsystem, which wants to read partition tables from disks when the disks are registered. That read would fail, because the module which actually implemented disk reads was not yet available, and the partitions would fail to show up in the system. To get around this problem, the module code was changed to make modules visible during the initialization process. That change fixed the disk problems, but it also brought back the old race condition: a module can be removed while the kernel is trying to use it. It is clearly an uncommon situation, but Rusty worries about things like this. So he has posted a new patch to address the problem. With this patch, modules are again invisible until they are properly initialized. Should there be a need to provide access to a particular module while initialization is still in progress, a call to the new module_make_live() function will make that possible. The add_disk() function calls module_make_live() itself, so there is no need to change any drivers to keep disks working. There is also a new notifier chain for any part of the kernel that wants to know when modules come online. Some developers will likely see the new approach as another unnecessary fix for a problem which never happens in the real world. It is, however, a small change which closes off a set of possible failures, and is thus worth consideration.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Memory management
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials New distributions: Ark Linux, LinuxInstall.org, Yoper and ZoolIt's a new year, and obviously the time to introduce new Linux distributions. This week we have added four distributions to our list. Linux for the desktop is a hot topic, and three of these four are ready to provide you with an easy to use desktop system.Ark Linux and LinuxInstall.org are based on recent Red Hat releases, pared down for desktop users without all the server software. You'll find them in the Non-technical desktop section of the list. Yoper brings us a Ydesktop release, but they have other uses for their base system, so we've added Yoper to the General Purpose section. Zool Linux is aimed at the mini-distribution/rescue-disk market and has been added to the Floppy-based section although it is possible to burn a CD-ROM version as well. You can find more information on these new releases in the 'New Distributions' section of this page.
Distribution News Debian Weekly NewsThe Debian Weekly News for January 14, 2003 is available. This week looks at what has been happening with Debian sponsor Software in the Public Interest; and much more.
Red Hat Linux 8.1 To Ship in April (CRN)CRN reports that Red Hat plans to release Red Hat Linux 8.1 in April, a 32-bit technical workstation this quarter and a full-fledged corporate desktop in the next six to 12 months. "Red Hat 8.1 was released to the Web in beta form late last month. The update offers an enhanced BlueCurve GUI that made its debut in version 8.0 in September and an updated Linux 2.4.20-2.2. kernel. It also offers new features such as font viewing, the ability to burn files to CDs, a new themes applet, an updated Mozilla 1.2 browser and KDE 3.1 and GNOME 2.2 graphical desktops." Thanks to B. Kosnik
Gentoo Weekly Newsletter -- Volume 2, Issue 2The Gentoo Weekly Newsletter for the week of January 13th, 2003 is now available. This week's news looks at the portage tree freeze for Gentoo Linux 1.4_rc3/final; gcc changes to Gentoo Linux; and much more.
Slackware LinuxSlackware Linux has updated Apache/mod_ssl/PHP packages, out for both Slackware 8.1 and -current (fixing some security issues). KDE in slackware-current has been upgraded to KDE 3.0.5a. If you're interested in KDE 3.0.5a, now's the time to grab these packages as they will likely be replaced with KDE 3.1 packages soon.
Vivitar and Lycoris Announce Desktop/LX Certification of Vivicam Digital CamerasVivitar and Lycoris announced that many of Vivitar's USB Vivicams have attained full hardware certification on the Desktop/LX Operating System platform.
New Distributions Ark LinuxArk Linux is a Linux distribution designed especially for desktop use, primarily for people without prior Linux experience. Its main goal is ease of use, and the inclusion of many tools end users will need.A brief look at Ark Linux can be found in this Open for Business article and eWeek has a brief interview with Ark Linux founder, Bernhard Rosenkraenzer.
LinuxInstall.orgLinuxInstall.org 1.0 is an easy to use, easy to install, desktop system based on Red Hat Linux 8.0.
YoperYoper is a high performance distribution hailing from New Zealand. "yOPeR" stands for your operating system, and it strives to be fast and compact. The binaries are compiled on Intel 686 PCs and the system is optimised for these or higher processors. Once the base system has been installed, you can add packages from RPM, .deb or .tgz formats.One of the primary purposes of Yoper is to support commercial conversions of office software from Windows to Yoper. These conversions will be done by trained and certified professionals within the Yoper franchise. That said, Ydesktop-3.2.1 Release Candidate 3, Yoper for the desktop, is available for download. We found Yoper through this DesktopLinux.com interview with Andreas Girardet, founder of Yoper. Thanks to B. E. Irwin
Zool LinuxZool Linux is a project whose goal is to assist in making Linux mini-distributions. It is useful for floppy-based rescue systems, or to check hardware and network connections. It supports many different filesystems and utilities. Zool 1 is a Linux rescue disk based on the 2.2.23 kernel. Zool 2, released January 9, 2003, is based on the 2.4.18 kernel.
Minor distribution updates Eagle LinuxEagle Linux has announced the release of Eagle Linux 2.0. This is a set of instructions which will allow you to create your own educational, Debian-based distributution on a bootable CD-ROM.
Familiar LinuxThe Familiar Project has released v0.6.1 with minor bugfixes. "Changes: Fixes for missing OPIE files."
Gibraltar FirewallGibraltar has released v0.99.6 with minor feature enhancements. "Changes: This is mainly a bugfix release, making config handling more fault tolerant, but also containing a few new features like the long-awaited H.323 connection tracking support. It is generally recommended to update to this version."
Mindi LinuxMindi Linux has released v0.81 with minor bugfixes. "Changes: Mindi now functions more reliably than before for Debian, Gentoo, SuSE, and LFS users."
OpenNA LinuxOpenNA Linux has released RC1 with major feature enhancements. "Changes: Many features have been added and a lot of bugs have been fixed. The most important changes are the addition of a working GUI based on GNOME 2.0.3, a new Text User interface to install the operating system from scratch, protection of all files from possible buffer overflow attacks, a complete Grsecurity patch implemented into the kernel, and better optimization flags used to compile all binaries."
RxLinuxRxLinux has released v1.2.6. "Changes: This release features many new software packages like vixie cron, ntp, and logrotate. Many bugs have been fixed. PPP access to the Internet is now supported as a main connection or as a backup link. The Windows interface has also been updated."
SME ServerMitel Networks announced the SME Server version 5.6 developer release. "This release is based on the Linux 2.4 kernel, uses the "ext3" journalling filesystem, has enhanced Windows and Macintosh client support and the packet filtering code has been upgraded to include stateful packet inspection."
uClinuxuClinux has released v2.5.57-uc0 with major feature enhancements. "Changes: The latest kernel updates, exception tables, and other code cleanups."
WarewulfWarewulf has released v1.8. "Changes: The "Node Shell" button has been renamed to "Virtual Node" and "Remote Shell" added to avoid confusion in nodes. 'nodeupdate' no longer writes an /etc/hosts that did not work with SGE (which is very touchy about the format of the /etc/hosts). The Warewulf.pm library has been created and the Warewulf tools rewritten to utilize it. Warewulfd has been changed to use gethostbyname() for node name resolution, thus no requirement to restart warewulfd when changing node configuration. The "Update Nodes" button has been added to 'nodes'. Another tab has been added to 'wwmon', and the data moved to make it more logical."
Distribution reviews Interview with a Grandmother (Linux Journal)In this Linux Journal article, a non-techie grandmother gets a new computer with OEone Homebase Linux installed. "Over the last decade Linux has been gaining in a number of markets, most notably in the server arena. Recently, the march onto the desktop has begun and the PDA market has opened up as well. There are also clusters and supercomputers. However, there is one more market where Linux could make more inroads: the home user. A few articles are around regarding techies who have helped their non-techie friends and family members get running with Linux. But what about the non-techie home user doing it all by themselves? Could a home user, say a grandmother of three, use Linux with no help from anyone but the vendor's normal support system? This is the story of one such grandmother and her entrance into the wonderful world of Tux."
Page editor: Rebecca Sobol Development PowerDNS 2.9.4 releasedVersion 2.9.4 of PowerDNS, a name server alternative to the poplular Berkeley Internet Name Domain (BIND named) server, has been released. "Big news is the addition of a recursing nameserver which has sprung into existence over the past week. It is in use on several computers already but it is not ready for prime time. Complete integration with PowerDNS is expected around 2.9.5, for now the recursor is a separate program."The recursor is claimed to offer a fairly big performance improvement over BIND 9, but a few bugs are still being worked out. According to the online manual: "PDNS is an authoritative only nameserver. It will answer questions about domains it knows about, but will not go out on the net to resolve queries about other domains. However, it can use a recursing backend to provide that functionality. When PDNS answers a question, it comes out of the database, and can be trusted as being authoritative. There is no way to pollute the cache or to confuse the daemon. PDNS has been designed to serve both the needs of small installations by being easy to setup, as well as for serving very large query volumes on large numbers of domains." Other new features in this release include:
For more information on PowerDNS, see the Documentation and Release Notes and the fact sheet documents. PowerDNS downloads are available here, source code and packages for Red Hat and Debian are available. The software is also available for a number of other platforms. PowerDNS is licensed under the GPL, commercial support is available.
System Applications Education Linux in Education ReportIssue #87 of the Linux in Education Report is out. Topics include: an Introduction to the Solar System course, open-source software in the educational press, the National File Format (NFF) for a non-proprietary way to access learning materials, a new TUX&GNU@school column from FSF, a paper titled Alternative Computing in Education, open-source software in UK schools, the GNULinuxIndia newsletter, Linux from Kindergarten to High School, and more.
Medical Software Programming in M Resources (LinuxMedNews)LinuxMedNews has put together some links to resources about the MUMPS language. "The MUMPS programming language, also known as M, was specifically designed for use in healthcare and has a long history. It is the basis for the Veterans Administration VistA software as well as many other commercial healthcare applications. Because of its unique properties, it is used in banking as well. Open source bindings to CORBA exist (see below) and a complete open source M compiler, GT.M, is available on Sourceforge."
Printing GIMP-Print Drivers for CUPS 4.2.5pre2The CUPS project has announced version 4.2.5pre2 of GIMP-Print, which now works with CUPS.
Web Site Development Analog version 5.31 releasedVersion 5.31 of the Analog web site log analyzer has been released. The changes in this version include recognition of the Phoenix and Chimera browsers, fixes for the Mac, OpenVMS and RISC OS ports, and a bug fixes.
Zope Members NewsThe most recent headlines on the Zope Members News include: AdaptableStorage Product Released, Zope-News Project Needs You!, NeoPortal Content Pak 0.9a3 released, NeoPortalLibrary 0.9a3 released, CMFCollectorNG 0.20 alpha 1 released, ZPhotoSlides 0.9 released!, ZWiki 0.14.0 released, SilvaNews 0.8 released!, and Squishdot 1.5.0 Released!.
Zope NewbiesNew articles on Zope Newbies include: Ed Dumbill on Plone, and The Making of Python, an interview with Guido Van Rossum.
Creating a Web Application with Ant and Tomcat 4 (O'Reilly)Paul Wood illustrates the use of Tomcat 4 and Ant on O'Reilly. "I have decided to use Tomcat 4 Servlet/JSP Container technologies to implement a Web application. This still leaves many options, and choosing between the various available technologies is not easy. For this article, I have chosen to keep it simple and use Java Server Pages (JSPs) in combination with Java classes."
Desktop Applications Audio Applications Ecasound 2.2.0 releasedVersion 2.2.0 of Ecasound, a general purpouse audio recording, playing, and editing package, is out. A summary of new features includes: "Support for JACK and LADSPA 1.1 added, more intelligent runtime parameter selection, ECI licence changed from GPL to LGPL, new NetECI client API, ecasound emacs mode added, largefile support, new resample, reverse and typeselect audio objects, new peak amplitude chain operator and new utilities ecalength, ecamonitor and ecasignalview."
JACK Rack 1.1.1 availableVersion 1.1.1 of JACK Rack, a virtual effects rack for the JACK audio system, is available. This release fixes a number of bugs.
Desktop Environments FootNotesHeadlines on the GNOME desktop FootNotes site include: Multi-rooted tree view sidebar for Nautilus, Sodipodi and Gimp tutorials, Mono 0.18 released, ACME 2.0 released, GARNOME 0.20.0: ''Back in the Pan'', GNOME 2.2 Desktop RC 1, Lumiere, Updates from the XML front, Couple of Galeon Mini tutorials, Fontilus-0.3 and Nautilus-rpm-0.1 released, GNOME News in Spanish, GStreamer 0.5.1 released, and more.
KDE-CVS-Digest for January 10, 2003The January 10, 2003 edition of the KDE-CVS-Digest is out. Topics this week include: "Apple Safari uses khtml, merge of Apple contributions, Krdc features and numerous bug fixes".
Games Pygame updatesNew Python-based game software on the Pygame site includes: Bub&bob 0.1, Pytaxx 047, and Imgv 2.3.
GUI Packages FLTK DevelopmentsThe latest new software for FLTK, the Fast, Light ToolKit include: fltdj - The Daily Journal 0.6.9, Fl_Contour 0.2, Fl_Extent widgets 1.0.2, and SPTK 0.99.
Interoperability Wine Weekly NewsIssue #151 of the Wine Weekly News is out. Topics include Visual-MinGW Under Winelib, Separating NTDLL and Kernel32, Best Win32 API Spy Tool?, File Locking in Wine, Winemaker Problems (and Solutions), and Special Characters in Resource Names.
Office Applications AbiWord Weekly NewsIssue #126 of the AbiWord Weekly News is out, with the latest AbiWord word processor development news.
Kernel Cousin GNUeIssue #63 of Kernel Cousin GNUe is out with the latest GNU Enterprise development news. Topics include: Project PAPO and GNUe, SKUs in GNUe Small Business, Converting forms to new .gfd format, Format Masks in GNUe, Triggers in GNUe Reports, Using Reports to produce customer invoices as PDFs, Bayonne, the GNU telephony project, Application Server API, and Application Server API.
LyX 1.2.3 releasedVersion 1.2.3 of LyX, a GUI interface to the TeX typesetting system, is out. "LyX 1.2.3 is a maintenance release. It mainly fixes a very bad bug where configuring LyX as root could lead to deleting the /dev/null special device (this does not impact users of prebuilt binaries). Also, a bug where LyX would create zombie processes has been fixed."
Web Browsers Mozilla 1.0.2 availableVersion 1.0.2 of Mozilla is available. "Mozilla 1.0.2 contains stability and security improvements. 1.0.2 also has fixes for standards support, UI correctness and polish, performance, and site compatibility. This is not a feature release. For new features, Mozilla 1.0 users are encouraged to upgrade to Mozilla 1.2." See the release notes for more information.
Miscellaneous PythonCAD release 2The second release of PythonCAD has been released. "As the name implies, PythonCAD is written entirely in Python. The goal of this project is to create a fully scriptable drafting program that will match and eventually exceed features found in commercial CAD software. PythonCAD is released under the GNU Public License"
Languages and Tools C GCC precompiled header implementationThis week, the GCC site says: "Geoffrey Keating of Apple Computer, Inc., with support from Red Hat, Inc., has contributed a precompiled header implementation that can dramatically speed up compilation of some projects."
Caml Caml Weekly NewsThe Caml Weekly News for January 7 to 14, 2003 is out. Topics include: Graph data structures in Baire, Memory management dominates running time, GlSurf 1.2 available, LablGL 0.99, Lambda Calculus, otags 3.06.6, and a New Introductory book on Functional programming, using OCaml (in Italian).
The Caml Light / OCaml HumpThis week, the new software on The Caml Hump includes the OUnit unit test framework for OCaml, OCamlExpat: an ocaml wrapper for the Expat XML parsing library, LablGL: an Objective Caml interface to OpenGL, LablGTK, an Objective Caml interface to gtk, An executable course on lambda-calculus, and GlSurf, a program (similar to Surf) to draw surfaces from their implicit equations.
Java Java theory and practice: Where's your point? (IBM developerWorks)Brian Goetz talks about Java and floating point calculations on IBM's developerWorks. "In this month's Java theory and practice, Brian Goetz looks at some of the traps and "gotchas" often encountered when using non-integral numeric types in Java programs."
Object-Relational Mapping with Apache Jakarta OJB (O'Reilly)Charles Chan covers some Java object mapping issues on O'Reilly. "Three of the most popular persistence frameworks in the open source community are Hibernate, Castor, and OJB. In this article, we will focus on OJB. OJB integrates smoothly into J2EE containers with full support of JTA and JCA, and is a viable alternative to EJB entity beans."
The JAXB API (O'Reilly)Kohsuke Kawaguchi introduces Sun's JAXB on O'Reilly. "Sun has recently released version 0.75 of the Java Architecture for XML Binding (JAXB), as well as its reference implementation."
Perl This Week on perl5-porters (use Perl)The January 6-12, 2003 edition of This Week on perl5-porters is out. "The porters were busy, and this week's report features a large number of different subjects, from portability and compilation to the proper semantics of method dispatch, not forgetting the usual amount of strange bugs. Read below about the latest potential evolutions of Perl 5."
This week on Perl 6 (O'Reilly)The January 6, 2003 edition of This week on Perl 6 is out, topics include: A Pile of Patches to the Perl 6 Compiler, Garbage Collection Headaches, Variable/value vtable split, Parrot Gets Another New Language, Returning new PMCs, Fun with PerlHash, GC/DOD feedback & runtime tuning, Object Semantics, Tree-Frobbing Facilities in Perl 6, PRE/POST in Loops, my int ( 1..31 ) $var ?, Variable Types vs. Value Types, and more.
DateTime modules moving again (use Perl)According to Use Perl, the Perl Date and Time modules will be moving again. "If you care about Date/Time modules, or if you are the author of one or more, you might want to watch this."
Maintaining CPAN modules of Ariel Brosh (SCHOP) (use Perl)Use Perl is calling for volunteers to take over the code of Ariel Brosh, who passed away recently.
PHP PHP Weekly SummaryTopics on this week's PHP Weekly Summary include: Extensions with Zend Engine 2, PEAR officially released, Non-thread safe Win32 builds, SAPI/servlet, JPEG2000 in 4.3.0, Sablotron 0.97, Ncurses CDK, and Oracle 8.1.
PHP Foundations Working with Files in PHP, Part 3 (O'Reilly)John Coggeshall continues his series on PHP. "This week, I'll introduce the concept of working with directories in PHP, including creating new directories, changing directories, and getting a file list for a given directory using PHP's pseudo directory object. We'll be starting from reading directories from a list, and then we'll discuss creating new directories or changing the current directory using PHP's directory manipulation functions."
PEAR Out of Beta!The PEAR framework and distribution system for reusable PHP components is out of Beta testing. "The PEAR development team is proud to announce that PEAR finally is out of its long beta period. As of PHP 4.3, the PEAR installer is installed by default. Unix support is considered stable, while Windows and Darwin are still of beta-quality."
Python Dr. Dobb's Python-URL!The Python-URL for January 13, 2003 is out, with this week's Python news and links.
The Daily Python-URLThis week's Daily Python-URL article topics include: Modeling Framework, an object-relational bridge for Python, The Making of Python: A Conversation with Guido van Rossum, Part I, Soya 3D, PythonCAD, Roundup 0.5.4, Book review: 'Python Cookbook', Text Processing in Python, Generating DOM Magic, Oak DNS server, Mailman 2.1, What is RSS?, SimPy simplifies complex models, and more.
Generating DOM Magic (O'Reilly)Uche Ogbuji writes about Python generators on O'Reilly. "Python 2.2 introduced generators, a special type of function which has more flexible flow-of-control than ordinary, procedural functions. Standard procedural functions start at the top and execute until returning to the caller, maintaining all along a local state for the subroutine (which comprises local variables and passed-in parameters). The function can have multiple return points, but for each invocation, it runs until a single return, and its local state then becomes unavailable. Generators, by contrast, can send control back to the caller and yet remain in a sort of suspended animation, maintaining local state."
The Making of Python (Part 1) (artima.com)Artima.com has the first in a series of interviews with Python creator Guido Van Rossum. "Python creator Guido van Rossum talks with Bill Venners about Python's history, the influence of the ABC language, and Python's original design goals." Thanks to Matt Gerrans.
Ruby The Ruby GardenThis week, the Ruby Garden looks at Require quirks.
The Ruby Weekly NewsTopics on this week's Ruby Weekly News include: Things Newcomers to Ruby Should Know, RubyConf 2002 slides have arrived, Portland Perl Mongers find new gems, and 'borrow' TCL's virtual file system.New Ruby software includes: FormatR 1.07, YAML.rb 0.49.1, Ruby 1.6.8 Windows Installer, GridFlow 0.6.5, xml-configfile 0.6.0, and Win32Serial 0.1.
Tcl/Tk This week's Tcl-URLDr. Dobb's Tcl-URL for January 14 is available with the usual collection of news from the Tcl/Tk development community.
XML Data binding, Part 1: Code generation approaches -- JAXB and more (IBM developerWorks)Dennis M. Sosnoski writes about data binding with XML and Java. "Data binding provides a simple and direct way to use XML in your Java Platform applications. With data binding your application can largely ignore the actual structure of XML documents, instead working directly with the data content of those documents. This isn't suitable for all applications, but it is ideal for the common case of applications that use XML for data exchange."
Miscellaneous New Intel Tools Help Developers Optimize Software ApplicationsIntel Corporation has released a new set of tools for helping to analyze and optimize code on the Pentium(R) 4 and Xeon(R) processors, known as the VTune Performance Analyzer.
The Year In Scripting Languages"The Year in Scripting Languages" is a lengthy report written by members of the Lua, Perl, Python, Ruby, and Tcl communities; it is a worthwhile read for anybody interested in a condensed view of how these languages are developing.
Final Alpha of KDevelop 3.0 (aka Gideon) is outKDE.News announces the release of the third and final alpha release of KDevelop 3.0. "Since the previous alpha release almost all known crashes have been eliminated, many bugs have been fixed, and an integrated valgrind part has been added. All users of earlier versions of Gideon are encouraged to upgrade, and KDevelop 2.1 users are also encouraged to try Gideon out."
KOffice 1.2.1 Supported by DRT Design Recovery Tool (KDE.News)KDE.News looks at the latest release (version 0.2.2) of DRT, the Design Recovery Tool. "DRT is a design recovery tool for interactive graphical applications running under X Windows. The tool automatically captures actions performed while using such an application. Functions particularly relevant to each action are highlighted. Moreover, the action itself is described visually from fragments of the application display. One can search and browse these actions to learn about the design of an application."
Page editor: Forrest Cook Linux in the news Recommended Reading Linux and politics at CES (Linux Journal)The Linux Journal looks at the political undercurrent and the Linux-based toys at the Consumer Electronics show. "While the big cheeses of the consumer electronics industry make obeisance to Big Hollywood over the issue of customer control of PCs and entertainment devices, the mood at the Consumer Electronics show seems to call out for a move the other way, toward badly-needed reform for the controversial Digital Millennium Copyright Act (DMCA)."
D-word dissection (InfoWorld)This InfoWorld article examines the disruptive nature of open source software. "AS THIS WEEK'S issue of InfoWorld considers disruptive technologies, now is a good time to consider the disruptive nature of open-source software. The subject is due for attention, given the recent comments I've received suggesting that open source is a form of "antibusiness communism."" Thanks to Don Waugaman
The Cathedral IN the Bazaar (Open)Open looks at changes in the open-source landscape. "Times have changed. Evidence shows that Red Hat is no longer 'The Open Source company.' We have seen how Open Source as a business is much more than Linux. We have learned that Open Source is a multidimensional thing. Right at this moment, lessons from collaborative development and free distribution are being adopted into mainstream software business models."
Trade Shows and Conferences Consumer Electronics Show Offers Picture of TV's Future (Las Vegas Review-Journal)The Las Vegas Review-Journal covers the Consumer Electronics Show in Las Vegas and Sony's Linux-based devices. "In his keynote address on the first full day of the Consumer Electronics Show, Ando described his company's efforts to create integrated systems that let devices interact seamlessly. He imagined a Linux-based platform that will let data pass from digital cameras, digital video disk recorders to televisions, ferried by broadband."
Cartel's copyright control loosening (SiliconValley)Dan Gillmor has posted an optimistic column from the Consumer Electronics Show. "A notable aspect of this year's consumer-electronics show was the attention these issues are drawing. In previous years, copyright has been a topic of discussion. Now it's in the forefront of people's attention -- and it's about time."
Companies Welcome to the browser jungle, Safari (News.com)News.com covers Safari, a new web browser from Apple based on KDE technology. "Porten, an engineer in Oslo, Norway, with Trolltech who wrote the original version of KDE's JavaScript interpreter (KJS), said Apple's choice would not only raise awareness and adoption of the software, but boost KDE's development efforts."
Apple's Open Source Ventures (Linux Journal)Here are two Linux Journal articles covering the latest open source ventures from Apple. This one about Safari, and this one about Apple's new version of X11 Windowing Environment.
SCO to seek fees from Linux users (ZDNet)Here's a ZDNet article with a plausible view on what SCO is really planning to do to extract money from some Linux users "Sources said SCO plans to charge for use of two software 'libraries,' essential packages of pre-written software that higher-level programs routinely call on to perform basic operations such as opening files. A source said SCO libraries that accompany the SVR4 and OSR5 versions of Unix may be used with UnixWare and OpenServer, respectively, but using them in conjunction with Linux is prohibited by the software's license."
SCO says it has made no decision on Unix "IP" (NewsForge)For those of you who have been wondering about the reports that SCO plans to attempt to enforce Unix patents against Linux users: this NewsForge article contains a statement from the company saying that no such action is planned - for now. "SCO has significant UNIX intellectual property dating back to the company's purchase of AT&T's Bell Labs UNIX technology. Our UNIX IP is a significant asset and for several months we have been holding internal discussions, exploring a wide range of possible strategies concerning this asset. We've reached no final decisions on any course of action."
Linux Adoption From the Editor: Bigger, Better, Faster (Linux Journal)Linux Journal looks at Linux in the Enterprise. "The diversity of success stories in this issue makes it clear that any company that tries to compete with Linux in a fair fight will lose. So it's going to be an unfair fight for a while, with the non-Linux vendors pulling shenanigans such as bogus software patents, FUD-based marketing, copy-restricted content, carefully placed ``donations'' and ``campaign contributions'', and who knows what else."
Microsoft should 'fear the Penguin' (vnunet)Vnunet looks at a report from Goldman Sachs that says Linux is moving into the heart of corporate IT infrastructures. "Goldman Sachs said that Linux will expand from running web or storage servers because of its reliability and the cheap hardware it can be deployed on. It also expects Linux to become the dominant operating system on the higher-end servers of the enterprise data centre, where mission-critical functions are run and most IT budget is spent."
Legal Lexmark invokes DMCA in toner suit (News.com)News.com covers the latest fun use of the DMCA - protecting the lucrative printer cartridge market. "In a 17-page complaint filed on Dec. 30, 2002, [Lexmark] claims the Smartek chip mimics the authentication sequence used by Lexmark chips and unlawfully tricks the printer into accepting an aftermarket cartridge. That 'circumvents the technological measure that controls access to the Toner Loading Program and the Printer Engine Program,' the complaint says."
Music, Tech Groups OK Copyright Plans (AP)Yahoo is carrying an Associated Press article claiming that the RIAA, the Business Software Alliance, and the Computer Systems Policy Project have reached a deal regarding lobbying of Congress on digital rights management. The RIAA will argue against requirements for copy protection in digital devices. In exchange, the BSA's and CSPP's member companies (i.e. Microsoft, Adobe, etc.) will fight legislation which would broaden fair use and copying rights. "The agreement politically isolates the powerful Motion Picture Association of America, which was noticeably absent from the deal's participants. The MPAA has aggressively supported new government requirements for built-in locking controls on new devices, such as DVD recorders."
Music and Computer Companies Agree on Antipiracy Plan (NY Times)The New York Times covers the agreement between the RIAA, the BSA, and the CSPP. "The recording industry's agreement with the computer trade groups marks a departure from its longtime alliance with the motion picture industry on the antipiracy front and underscores their divergent concerns. The music industry may already have taken the hardest hit from digital piracy that it will have to face, as it begins to experiment with technological copy-protection on compact discs." (The Times requires registration).
Copyright truce excludes key voices (News.com)News.com is running a column on the BSA/CSPP/RIAA deal. "Ideologically, the recording industry groups and the information technology groups have never been far apart. They've used similar tactics to combat piracy, ranging from sending cease-and-desist letters to Internet service providers to joining law enforcement in raids on CD and software reproduction facilities. With the rise of peer-to-peer networks, the piracy threats they face have never looked more similar."
Interviews The Creative Penguin: Tackat and Everaldo Talk on KDE Art (Ofb.biz)Here is an Open for Business interview with Torsten Rahn and Everaldo Coelho. "Every one sees them all the time and would probably miss them if they didn't exist. What are they? Icons! Torsten Rahn and Everaldo Coelho, the predominant icon duo in the KDE artist world, and creators of virtually all of the icons you see in KDE, spent some time with Open for Business' Timothy Butler discussing how the new Crystal icon theme came about, how it ended up replacing Mr. Rahn's HiColor theme, and the overall importance of icons to the enterprise desktop."
Lack Of A Viable Business Model Is Stifling Software Innovation (TechWeb)TechWeb interviews Dave Winer, and talks about the software industry. "But the open source community is not so good for creating good desktop software, for the simple reason that good desktop software requires hard work in user interface design and usability testing -- watching actual users interact with your product. That kind of work is painstaking and often humiliating for developers, Winer said. Developers doing usability testing will find that test users can't figure out how to work what the developer thought was brilliantly intuitive software. Developers demand to get paid for that kind of thing."
Resources LinuxDevices.com Newsletter for Jan. 9, 2003Here is the latest issue of the weekly LinuxDevices.com Newsletter. Get caught up with all that is happening in embedded Linux.
Reviews Scaling Linux to New Heights: the SGI Altix 3000 System (Linux Journal)The Linux Journal looks at SGI's new Linux-based supercomputer - from the point of view of one of the engineers involved in its creation. "We used the following patches from these projects: CPU scheduler, Big Kernel Lock usage reduction improvements, dcache_lock-usage reduction improvements based on the Read-Copy-Update spinlock paradigm and xtime_lock (gettimeofday) usage reduction improvements based on the FRlock locking paradigm.
Steal This Book? A Publisher Is Making It Easy (NY Times)The New York Times brings Prentice Hall's "Bruce Perens' Open Source Series" into the mainstream with this article. " Even though photocopying the entire book or making a printout of the electronic version would violate no copyright law, Prentice Hall is betting that most people will not bother, preferring to pay for the convenience of the book itself." (The NY Times is a registration required site.)
Kevin Mitnick's 'lost' bio (The Register)The Register takes a look at Kevin Mitnick's book, The Art of Deception, and also prints the auto-biographical chapter that the publisher's left out of the book. "After high school I studied computers at the Computer Learning Center in Los Angeles. Within a few months, the school's computer manager realized I had found a vulnerability in the operating system and gained full administrative privileges on their IBM minicomputer. The best computer experts on their teaching staff couldn't figure out how I had done this. In what may have been one of the earliest examples of "hire the hacker," I was given an offer I couldn't refuse: Do an honors project to enhance the school's computer security, or face suspension for hacking the system. Of course I chose to do the honors project, and ended up graduating Cum Laude with Honors." Thanks to Paul Sladen
Page editor: Forrest Cook Announcements Commercial announcements UnitedLinux Signs IBM and AMD as First Technology PartnersUnitedLinux has announced that IBM and AMD have joined UnitedLinux as Technology Partners. The role of Technology Partner includes, among other benefits, participation in the UnitedLinux Technical Advisory Board and its committees, pre-release access to UnitedLinux deliverables, the right to propose enhancements for consideration by the UnitedLinux Technical Steering Committee, and joint marketing activities.
MySQL Database Available on IBM eServer zSeriesThe MySQL open-source database is now available on the IBM zSeries computers. "MySQL AB, developer of the world's most popular open source database, today announced that the MySQL(tm) database is available on IBM eServer zSeries running Linux. With MySQL for Linux on zSeries, developers can create MySQL-based applications for the IBM mainframe, a family of powerful enterprise servers designed for secure, heavy-load e-business and enterprise applications."
MontaVista's press releasesFor those who want to look further, we've received copies of MontaVista's press releases from the Consumer Electronics Show. This one describes the company's new distribution aimed at consumer electronics applications (version 3.0, despite being "the first embedded Linux platform designed for consumer electronics"). There is also a partner program for consumer electronics, and a Panasonic "broadband terminal" using the MontaVista platform. The most fun of all might be the partnership with Macrovision to bring digital rights management support to Linux.
Nokia's J2ME Developer's Suite for LinuxHere is the press release from Nokia on the release of its J2ME Developer's Suite (useful for writing applications for cellular phones) for Linux. "The Nokia Developer's Suite for J2ME, Version 1.1 for Linux will now bring one of the most-popular available wireless developer technologies to one of the most dynamic segments of the global developer community."
SCO and Wincor Nixdorf To Offer Joint Retail SolutionsThe SCO Group has announced plans to work with Wincor Nixdorf to provide Linux-based retail point-of-sale (POS) solutions to retailers in North America. SCO and Wincor Nixdorf have already begun collaborating on retail solutions, providing more than 2000 Linux based devices for Budgens, a supermarket chain based in the United Kingdom.
Resources New Developer Mailing List for Optimizing KDE (KDE.News)KDE.News has an announcement for a new kde-optimize mailing list. "The list is for developers who are willing to actively work on optimizing KDE or KDE applications, those who have profiled KDE or those who have the knowledge to help others optimize KDE." Two related documents have already been developed for this list.
Free Online Version of Mason Book (use Perl)Use Perl has an announcement for an online version of the book Embedding Perl in HTML with Mason. The book is available here.
Open Source Digest Issue 1Issue #1 of the Open Source Digest is now available online.
Upcoming Events LinuxWorld is coming to New YorkLinuxWorld is still over a week away, but the press releases are already trickling in. These first ones are from IDG World Expo, producer of LinuxWorld. This one has a list of exhibitors, keynotes and other things to see at LinuxWorld. The major sponsors of LinuxWorld are listed in this press release.
O'Reilly Emerging Technology ConferenceRegistration has opened for the 2003 O'Reilly Emerging Technology Conference, which will be held in Santa Clara, CA from April 22-25, 2003. ""Hackers and other lead users are a great early warning system if you want to think about the future of technology," contends Tim O'Reilly, founder and president of O'Reilly & Associates. "They do things today that everyone else will be doing in a couple of years.""
UKUUG - Winter Conference and TutorialThe UKUUG will be holding its Winter Conference & Tutorial event in London, England on February 18 and 19, 2003.
Samba XP 2003 CFPA call for papers has been issued for the Samba eXPerience 2003. Submissions are due in by February 14th 2003.
ESC San FranciscoThe Embedded Systems Conference (ESC) San Francisco will take place April 22 to 26, 2003. Online pre-registration opens this week.
FOSDEM 2003 Support OperationFOSDEM (Free and Open Source Software Developers' European Meeting) is seeking financial support. See how you can help. The FOSDEM has also published 3 new interviews this week, with speakers coming for the "databases" track.
YAPC::NA::2003 CFP AnnouncedA Call for Papers is out for the YAPC::NA Perl conference, to be held in Boca Raton, Florida in June of 2003. Abstracts are due in by March 25, 2003.
Business at XML 2002 (O'Reilly)Alan Kotok covers the business aspects of the XML 2002 conference. "The XML 2002 conference and expo (8-13 December 2002), this year's IDEAlliance showcase, reflected the impact of the technology recession on XML business applications. With many business customers cutting back on new technology investments, XML vendors now take a greater interest in government clients and offer their tools to help organizations integrate current applications as well as build new ones. This focus on government and integration came through repeatedly during the conference."
Events: January 16 - March 13, 2003
Web sites XAP Web Site UpdatedThe XAP web site has been updated. "XAP is an audio plugin API for instruments and effects. It is currently in the process of being designed by members of the LAD (Linux Audio Developers) mailing list. XAP is based on many man-years of experience with audio programming, and also draws inspiration and knowledge from popular industry standards, such as Steinberg's VST. The XAP developers are focused on creating a powerful standardized interface, that will allow audio applications to host instruments and effects."
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook Letters to the editor Version numbers
In the commercial software arena, and linux distributions, version numbers are a matter of marketing. If you have foo 1.0 are you more likely to upgrade to foo 1.0.1, foo 1.5 or foo 2.0? The release numbers of my software depend on how heavily it has been tested. mpkern started at 1.0 because it was heavily tested by then (moudlo a couple a few minor bugs that somehow got into the distirbution). The changes from 1.0 to 1.0.2, soon to be the latest relase, are small everywhere exccept for the build system. Less heavily tested software starts at version numbers like 0.001alpha, which is hoped to tell clueful people to expect bugs, depsite my efforts to eliminate them prior to releasing the beast to the unsuspecting public. -- Duncan (-: "software industry, the: unique industry where selling substandard goods is legal and you can charge extra for fixing the problems."
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||