LWN.net Weekly Edition for June 27, 2002
The 2002 Kernel Developers' Summit
![[Kernel hackers]](http://old.lwn.net/images/ks/group2-sm.jpg)
The 2002 Linux Kernel Developers' Summit was held June 24 and 25
in Ottawa, Ontario. At this event, a number of issues relevant to the
latter part of the 2.5 development series were worked out. LWN's Jonathan
Corbet was there, and has written up the experience.
- Day One covered the Hammer port, kernel
parameters, rationalizing the loadable module mechanism, virtual
memory, and the block I/O subsystem.
- Day Two was dedicated to what database systems need from Linux, HP's kernel wishlist, the Loadable Security Module, asynchronous I/O, SCSI, and the kernel release process. Among other things, a firm date has been set for the 2.6 feature freeze.
Look inside the individual days' coverage for the details.
Trusting free software projects with security information
Internet Security Systems, which has been feeling quite a bit of heat for its premature revelation of the Apache "chunk handling" vulnerability, posted an "advisory response" to defend itself on June 21. It is an interesting bit of excuse-making, with references to available patches and "Presidential Decision Directive 63." Buried deep within, however, is an interesting claim:
Due to the general nature of open-source and its openness, the
virtual organizations behind the projects do not have an ability to
enforce strict confidentiality. By notifying the open source
project, its nature is that the information is quickly spread in
the wild disregarding any type of quiet period. ISS X-Force
minimizes the quiet period and delay of protecting customers by
providing a security patch.
This is quite a claim: ISS is telling us that free software projects can not be trusted with information on vulnerabilities in their own code.
It would be most interesting to see the evidence from ISS to back up this claim. Most free software developers (though there are always exceptions) are greatly concerned about potential vulnerabilities in their code. They care about their users, and will do their best to get a real, tested fix out before spreading the word of the vulnerability. It is not in the nature or interests of free software developers to put their users at risk.
That said, there are things that free software projects could do to help people who discover vulnerabilities. The most important thing would be to make it clear who should be contacted when a vulnerability is found. After all, sending the notification to a general project mailing list is not usually what one wants to do. But many or most project web pages offer little help to somebody wondering how to report a security hole.
Any development project which would prefer not to learn about its own security problems on Bugtraq must make an effort to do better. The project documentation and web site should offer clear contact instructions for the reporting of security problems. The security contacts should know how to respond quickly to reports, and have the ability to get a patch out to users. The procedures for responding to a security problem need to be worked out before the next vulnerability turns up.
There is no reason why free software project development teams can not be at least as trustworthy as proprietary vendors when it comes to vulnerability information. Claims that free software developers have overly loose lips are not justifyable. But developers who want to be given a chance to fix their holes before they become public need to take steps to show that they are serious about security, and they should make it easy for people to report the problems that are found.
Letters to the editor
When LWN switched over to the new site a few weeks ago, some of our readers worried that the comment posting facility would bring about the end of the Letters to the Editor page. After all, why bother writing a letter when it is easy to attach comments directly to articles? That was not a consequence that we had feared, but now we are beginning to wonder - no letters to the editor have been received this week. Thus, there is no letters page in this Weekly Edition.For the most part, we have been pleased with how the comments feature has worked out so far. There have not been huge numbers of comments, but most of those we have seen have been of high quality. Our trust in our readers has proved itself justified - most of the time.
We did not want to drop the Letters to the Editor page, however. The Letters page has, over the years, been a valuable source of feedback and a place for LWN readers to express their opinions. So we hope that this week's lull proves to be a temporary thing; perhaps all of our letter writers are at OLS this week. If you have an opinion on something that you would like to see published, please do not hesitate to send it our way; letters should be sent to letters@lwn.net
Security
Brief items
OpenSSH 3.4
OpenSSH 3.4 was released just five days after the release of version 3.3. The release closes "at least one major security vulnerability"; upgrading to 3.4 is recommended. Please see the vulnerability report for a list of security alerts from distributors as they become available.OpenSSH provides a critical entry point to many systems on the net; this could be nasty. If you plan to wait for an update from your distributor, please consider setting UsePrivilegeSeparation yes or ChallengeResponseAuthentication no in sshd_config to avoid the vulenrability. UsePrivilegeSeparation is only available in OpenSSH versions 3.2 or 3.3. Setting ChallengeResponseAuthentication may impeed customary access for some or all of your users.
Version 3.3 firmed up "privilege separation" support, and made it the default. Essentially, privilege separation works by splitting the ssh server into two cooperating processes. One process is charged with talking to the network; it runs without privilege. The other process sits back, makes decisions, and hands out privileges when it's convinced that is the right thing to do.
The end result is that there is little to be achieved by compromising the "front line" process. Even if somebody does discover a vulnerability in that code, it can not be used to gain access to the system. The privileged process, by virtue of its simplicity and its separation from the network, is far easier to verify as being truly secure.
The 3.4 release closes the serious vulnerability described in advisories from OpenSSH and ISS. The vulnerability prompted a week long code audit by the OpenSSH team which resulted in "many other fixes. We believe that some of those fixes are likely to be important security fixes."
Updated Apache advisory and response from ISS
The Apache Software Foundation has issued an updated advisory on the "chunk handling" vulnerability. Now that a 32-bit remote exploit is circulating, an Apache upgrade is suggested even more urgently than before.
Meanwhile, ISS has sent out a response to the
extensive criticism it has taken for having announced the vulnerability
without allowing the ASF (or anybody else) any time to prepare patches.
"Due to the general nature of open-source and its openness, the
virtual organizations behind the projects do not have an ability to enforce
strict confidentiality. By notifying the open source project, its nature
is that the information is quickly spread in the wild disregarding any type
of quiet period. ISS X-Force minimizes the quiet period and delay of
protecting customers by providing a security patch.
"
If you haven't already, see this week's Leading Items for our opinion.
See the vulnerability report for current information on this problem and distributor alerts.
Papers from "Open Source Software: Economics, Law and Policy"
Two interesting papers considering the relationship between security and open source were presented at the recent conference on Open Source Software: Economics, Law and Policy in Toulouse (France).-
Ross Anderson: "Security in Open versus Closed Systems - The Dance of Boltzmann, Coase and Moore" (PDF format)
However, there are more pressing security problems for the open source community. The interaction between security and openness is entangled with attempts to use security mechanisms for commercial advantage - to entrench monopolies, to control copyright, and above all to control interoperability. As an example, I will discuss TCPA, a recent initiative by Intel and others to build DRM technology into the PC platform.
This paper was also the subject of articles in the New York Times and News.com. For more information and links to related articles, see Ross Anderson's home page.
-
Roger Needham: "Security and Open Source" (PDF format)
Security problems in software are of course an extremely bad thing, regardless of the business model under which the software was written. I want to consider why anybody thinks that the business model matters, and whether there is evidence that it does. I shall also look somewhat to the future.
Security reports
Acrobat reader 4.05 temporary files
Jarno Huuskonen reports a low risk possible local file overwrite (symlink attack) in Acrobat Reader 4.05. Acrobat Reader 5.05 for Linux is available from Adobe (registration required). Some Linux distributions include version 4.05.Duma Photo Gallery System (DPGS) file overwrite vulnerability
The Duma Photo Gallery System has been officially unmaintained since July 30, 2000. This week, a vulnerability was reported that may allow an attacker to use DPGS to overwrite files on the web server.(Proprietary product) YaBB Cross-Site Scripting vulnerability
A cross-site scripting vulnerability in YaBB 1 Gold SP1 and earlier versions is fixed in YaBB 1 Gold - SP 1.1.
New vulnerabilities
Privilege escalation vulnerability in OpenSSH 2.9.9 through 3.3
| Package(s): | openssh | CVE #(s): | |||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | June 26, 2002 | Updated: | July 3, 2002 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | OpenSSH versions 2.9.9 through 3.3 have a
bug in input validation which can lead to
an integer overflow and privilege escalation.
According to the OpenSSH developers:
Systems running with UsePrivilegeSeparation yes or ChallengeResponseAuthentication no are not affected.
The 3.4 release contain many other fixes done over a week long audit started when this issue came to light. We believe that some of those fixes are likely to be important security fixes. Therefore, we urge an upgrade to 3.4. Upgrading to OpenSSH 3.4 is recommended. See the CERT Advisory and OpenSSH Security Advisory for more information including patches for the "pre-authentication problem." OpenSSH 3.3 users are encouranced to also read the previous vulnerability report. OpenSSH 3.2 and later have the bug in input validation but prevent the privilege escalation if privilege separation is enabled by setting UsePrivilegeSeparation in sshd_config. Version 3.3 was the first release to turn on "privilege separation" by default Essentially, privilege separation works by splitting the ssh server into two cooperating processes. One process is charged with talking to the network; it runs without privilege. The other process sits back, makes decisions, and hands out privileges when it's convinced that is the right thing to do. CERT Advisory: CA-2002-18 OpenSSH Vulnerabilities in Challenge Response Handling | ||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
Privilege Separated OpenSSH 3.3
| Package(s): | openssh | CVE #(s): | |||||||||||||||||||||||||||||
| Created: | June 24, 2002 | Updated: | June 26, 2002 | ||||||||||||||||||||||||||||
| Description: | The release of OpenSSH
3.3 includes greatly improved support for privilege separation,
which is now enabled by default.
The process charged with talking to the network; now runs without privilege.
Upgrading is strongly recommended (see below).
Previously any corruption in the sshd could lead to an immediate remote root compromise if it happened before authentication, and to local root compromise if it happend after authentication. Privilege Separation will make such compromise very difficult if not impossible.
Or to put it into the words of Theo de Raadt: "Privilege Separation will one day save our asses." So, turn it on now. When upgrading with a 2.2.x kernel, disabling compression is recommended to avoid this bug which causes sshd to log a fatal mmap argument error then crash. Update: According to this OpenSSH Security Advisory OpenSSH 3.3 has a serious privilege escalation vulnerable. Please see the new vulnerability report for more information and a list of available alerts. | ||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||
Resources
Paper on SSH insecurity
A group has put together a paper showing how to "provably fix the SSH protocol." Thanks to "deneb" for forwarding this along to us.
MOPS, a code auditing tool
jose nazario has pointed us to the announcement of MOPS, a code auditing tool. "I wanted to announce a first prototype release of MOPS, a tool designed to help find security bugs in C programs and verify their absence. MOPS lets you statically (at compile time) verify facts about the ordering of security-critical operations in the program."
Linux Security Week and Advisory Watch
The June 24th Linux Security Week and June 21st Linux Advisory Watch newsletters from LinuxSecurity.com are available.
Events
Upcoming Security Events
| Date | Event | Location |
|---|---|---|
| June 27 - 28, 2002 | 14th Annual Computer Security Incident Handling Conference | (Hilton Waikoloa Village)Hawaii |
| June 28 - 29, 2002 | Edinburgh Financial Cryptography Engineering 2002 | Edinburgh, Scotland |
| July 31 - August 1, 2002 | Black Hat Briefings 2002 | (Caesars Palace Hotel and Resort)Las Vegas, NV, USA |
| August 2 - 4, 2002 | Defcon | (Alexis Park Hotel and Resort)Las Vegas, Nevada |
| August 5 - 9, 2002 | 11th USENIX Security Symposium | San Francisco, CA, USA |
| August 6 - 9, 2002 | CERT Conference 2002 | Omaha, Nebraska, USA |
| August 19 - 21, 2002 | Canadian Security & Intelligence Conference(CSICON) | (Hyatt Regency)Calgary, Alberta Canada |
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.
Page editor: Dennis Tenney
Kernel development
Brief items
Current release status
Linus has announced the 2.5.24 development kernel. Changes this time include a lot of janitorial fixes, an NTFS update, a bunch of JFS fixes, an ALSA update, more kbuild changes, Martin Dalecki's IDE 93 patch which "should undo the damage of IDE 92", and various other fixes and updates. This will be the last kernel release from Linus before he heads off to the Kernel Summit and OLS. The long-format changelog is also available.From the Kernel Summit meeting room Dave Jones has released 2.5.24-dj1. The list of new changes is short; it includes fixes from the 2.4.19 release candidate, more cpufreq work, and a few other tweaks.
Development kernel prepatch 2.5.24-dj2 released
From the Kernel Summit meeting room Dave Jones has released 2.5.24-dj2. The list of new changes is short; it includes fixes from the 2.4.19 release candidate, more cpufreq work, and a few other tweaks.The first 2.4.19 release candidate
While most of the kernel hackers at the Ottawa Kernel Summit have been busy talking about 2.5 changes, Marcelo has put out the first release candidate for the long-awaited 2.4.19 kernel. Click below for the details; it contains a fairly long list of (mostly small) fixes.2.5 Kernel Status Summary
Guillaume Boissiere has posted his 2.5 kernel status summary for June 26. "With the kernel summit and OLS this week, expect some changes to the feature list in the near future."
Kernel development news
Kernel Traffic #172
Kernel Traffic #172 is available. Topics include a new Fast Mutex implementation For 2.5, Per-Socket Statistics Proposed And Rejected Coding Style, Binary Files Found In The Kernel Sources, Status Of FAT CVF, and Developer Disconnects.
Patches and updates
Kernel trees
Architecture-specific
Build system
Core kernel code
Device drivers
Documentation
Filesystems and block I/O
Memory management
Craig Kulesa
Updated rmap VM for 2.5.23 (SMP, preempt fixes) Fixes "significant bugs" in the first version.
?
Networking
Werner Almesberger
policing for sch_prio (2.4,2.5) Add policing support for the "prio" queueing discipline.
?
Miscellaneous
Page editor: Forrest Cook
Distributions
Distribution News
Debian Weekly News - June 25th, 2002
The latest news for the Debian community is now available. Click below for the full story.Updated Debian developers-reference available
A new version of the developers-reference has been installed and is now available. The number of changes is so impressive that you may well want to read it completely.debconf2 keysigning
On July 5th, at debconf2, there will be a formal keysigning. The deadline to participate is July 2, 2002.GNU FDL 1.2 draft comment summary posted, and RFD
G. Branden Robinson comments on the GNU FDL 1.2 draft from Debian's perspective.Mandrake Linux Community Newsletter - Issue #47
The latest newsletter from Mandrake is out. Table of contents:- 8.2 DVD-only Edition Available
- Mandrake Linux Servers Invade the Internet
- Financial Corner
- Business Case of the Week
- MandrakeClub
- Spotlight on the Linux Weekly News
- What's New at MandrakeUser.org?
- This Week's Survey
- Headlines from MandrakeForum
Mandrake Linux Community Newsletter - Issue #48
The latest edition, issue #48, of the Mandrake Linux Community Newsletter is available at the link below. "This Week's Summary: MandrakeSoft Wins Contract with French Gov't; Mandrake in the News; Financial Corner; Important Updates for Apache and OpenSSH; Business Case of the Week; Website News; Headlines from MandrakeForum."
Red Hat Linux Alpha 7.2 Now Available
Red Hat Linux version 7.2 is now available for the Alpha processor. "Red Hat Linux Alpha 7.2 delivers reliability, stability, and performance and now it's available from HP!" (Thanks to David 'Addy' Addison.)
Red Hat fixes kernel bugs
Red Hat has an updated kernel with bugfixes available for Red Hat Linux 7.3 - athlon, i386, i586, i686.Red Hat releases new rpm-update
Red Hat has released a new version of rpm-update.Yellow Dog Linux version 2.3 released
Scott Dowdle has pointed out to us that Yellow Dog Linux version 2.3 has been quietly released. "YDL 2.3 surpasses YDL 2.2 with an array of timely updates, improvements: kernel 2.4.19, the 'Liquid' theme, CUPS print system, apt-get, OpenOffice 1.0, Mozilla 0.9.9, Galeon 1.2, Evolution 1.0.5, AbiWord 1.0.2, netatalk 1.5.3.1, and support for the Radeon 7500 (excluding 'Mobility') video card."
New Distributions
IDMS Linux
IDMS Linux is NOT a home user distribution. It is intended solely as the base for high end server software. It contains no GUIs, X, or fancy stuff. The initial Freshmeat announcement for version 2.0.25 is dated June 22, 2002.Webfish Linux
Webfish Linux is a small, stripped down Linux distribution based on GNU source packages. Webfish is built with the more expereinced user in mind and is aimed at small, fast, secure server and workstation systems with a minimum of installed packages. The initial release of Webfish Linux, version 0.9b, occured on June 20, 2002. Version 0.9fb was released soon after, with minor bug fixes.
Minor distribution updates
Astaro Security Linux
Astaro Security Linux has released stable version 3.201 with major security fixes.GENDIST
GENDIST released version 1.4.3 with major bugfixes. That release was closely followed by version 1.4.4 with minor feature enhancements.Immunix 7+ beta available
WireX has announced the availability of the beta version of Immunix 7+, a "gentle upgrade" from the 7.0 release. "This release also constitutes an omnibus security update package, so current Immunix 7.0 users should consider applying these updates. We are not proud of this omnibus approach, and hope not to have to repeat it." Among other things, it includes a fix for the Apache vulnerability.
OEone Releases HomeBase 1.5
Open For Business reports that OEone, the developer of the internet appliance-like HomeBase Linux distribution, has announced that HomeBase 1.5 has been released.
Page editor: Rebecca Sobol
Development
GNOME 2.0 Desktop and Developer Platform Released
From the Ottawa Linux Symposium, the GNOME Foundation has put out a press release announcing the release of the 2.0 GNOME Desktop and Developer Platform.
"
GNOME Foundation board chair Havoc Pennington promoted the GTK+ 2.0 toolkit:
"
GNOME2 will be included with major Linux distributions, HP-UX from
Hewlett Packard, and Solaris from Sun.
With the inclusion of GNOME 2.0 by leading Linux and Unix vendors later this year, users of GNOME can look forward to an improved user environment for existing GNOME applications, including a faster and more powerful Nautilus file manager, features that are better organized and usability-tested, dozens of useful utilities, applications and even games. Users and administrators will also see a new, simplified configuration system. Developers can look forward to more efficient application development with stronger integration of GNOME APIs and the advantages of GNOME's component-based architecture.
The industrial-strength GTK+ 2.0 toolkit, combined with add-on tools such as Glade, Python and our CORBA implementation make GNOME the natural choice for developers on a variety of platforms. GNOME's component-based architecture makes it possible for developers to use already existing tools, libraries and features, cutting development time significantly.
"
System Applications
Audio Projects
Alsa development release 0.9.0rc2 available
For those of you who like to stay on the forefront of development, version 0.9.0rc2 of the developmnet tree for the Alsa sound driver is available. Try it out and report any bugs to the developers.
Education
Linux in education report #73
Issue #73 of the SEUL/Edu Linux in Education Report is out. Topics include Karel the Robot, refurbishing computers, Linux in India, K12LTSP CDROMs, the Mandrake Mosix Terminal Server Project, and more.
Electronics
Icarus Verilog Snapshot 20020623
A new snapshot of the Icarus Verilog electronic simulation language compiler is available. See the changes file for information on this release.Xcircuit 2.3.1 (beta) available
A new beta version of the xcircuit schematic drawing program is available. "The netlist code has been extensively tested on a major chip design project and successfully netlisted an entire chip of 40,000 devices (transistors, resistors, and capacitors) for LVS with the extracted VLSI layout. The time to generate the netlist has been substantially reduced, and netlisting errors have been expunged."
Printing
GNU Ghostscript 7.05 released
Version 7.05 of GNU Ghostscript has been announced. "New in this release is a port of the gs-cjk team's asian language improvements from the 6.5x branch, a major improvement over 7.04. PDF handling in general is much better than in the previous GNU release (6.53) and the portability of the autoconf build system is much improved. Of course there are the usual minor bugfixes as well."
LPRng-3.8.12 is available
Version 3.8.12 of the LPRng printing system has been released. This version adds bug fixes, support for TCP wrappers, a LSB style startup script, and more.
Science
Mumps version 5
Version 5 of the Mumps compiler, also known as M, has been announced. The Mumps source code location describes the language as follows: "Mumps is a general purpose programming language that supports a native hierarchical data base facility. It is supported by a large user community (mainly biomedical), and a diversified installed application software base."
Web Site Development
Analog version 5.24 released
Version 5.24 of the Analog web log analyzer program is available. The changes include Netscape 7 recognition, a new version of the IIS How-To, multibyte character set support for SEARCHCHARCONVERT, and several new internationalization improvements.mnoGoSearch version 3.2.6 released
Version 3.2.6 of the mnoGoSearch web site search engine is available. This release features a number of bug fixes, see the Change Log for more details.Zope Members News
This week's Zope Members News looks at External Editor 0.4, DocumentLibrary 1.0rc1, ZSyncer 0.4.5, ZXMail 0.1, and CMFMailIn.Skimpy Forum: An Application of Perl and XML (O'Reilly)
Erik T. Ray writes about the development of Skimpy Forum, a simple Perl based web forum system, on O'Reilly's OnLamp site.Improving mod_perl Sites' Performance: Part 2 (O'Reilly)
Stas Bekman continues his series on mod_perl performance optimization and benchmarking on O'Reilly's perl.com site. "In the next series of articles, we are going to talk about mod_perl performance issues. We will try to look at as many aspects of the mod_perl driven service as possible: hardware, software, Perl coding and finally the mod_perl specific aspects." You may want to start with Part One in the series.
MidCOM 0.2.0 public Beta Version
Version 0.2.0 of the MidCOM Midgard application development framework RFC has been released. "This document represents a draft about a component architecture for the Midgard Content Management System. Its intent is to provide an easily extensible Application Framework based on Midgard. It should -- in its ultimate extent -- enable end users to 'click their sites together' using common Components for news tickers, discussion boards or similar things."
Web Services
Enhancing Web Services Infrastructures with JMS (O'Reilly)
Gunnison Carbone writes about JMS (Java Message Service) on O'Reilly's OnJava site. "Web services are revolutionizing the Internet by enabling applications to speak a common language: XML. Under the Web services paradigm, a single application can tap into the services of millions of applications scattered throughout the Internet. The potential of this is enormous. Web services allow cooperation, communication, and integration on a global scale."
Miscellaneous
New hcfpcimodem-0.96mbsibeta02062500 release
A new, experimental version of the Conexant HCF software modem driver has been released.GNU Bayonne 1.0 (Linux Journal)
Linux Journal reports on the preliminary release and call for help for the GNU Bayonne open-source telephony server project. "After two years of development, a 1.0 preliminary release candidate for GNU Bayonne has emerged from the GNU Project, under sponsorship of the Free Software Foundation and OST. GNU Bayonne is a freely licensed telephony server allowing small businesses, large enterprises and commercial telephone carriers to create, deploy and manage embedded, standalone and web-integrated telephony voice-response solutions."
Desktop Applications
Audio Applications
AlsaPlayer 0.99.71 released
Version 0.99.71 of the AlsaPlayer sound playing utility is available. This version adds bug fixes, support for ftp and http streams, keyboard shortcuts, API additions, and more. See the Change Log for the full story.WaveSurfer 1.4.2 released
Version 1.4.2 of the WaveSurfer sound visualization and manipulation tool has been released. "The new version of WaveSurfer uses Snack v2.2, which incorporates code from the ESPS speech analysis library. ESPS was recently licensed to the Centre for Speech Technology by Microsoft and AT&T, with the aim to make it available to speech researchers again." See the Change History File for more information.
Desktop Environments
GNOME Summary for 2002-06-02 - 2002-06-22
The GNOME summary for June 2nd through June 22nd is available at the link below. Table of Contents:- GNOME 2 Release Candidate 2 out
- GNOME 2 Screenshots from the master
- Gnomedesktop.org list of ported applications
- Official Sun Solaris beta of GNOME 2
- Agnubis to the people
- IBM GNOMEnclature series continues
- GNOME South American Tour
- SashXB 1.0 is out!
- Translated GNOME Summaries
- Hacker Activity
- Gnome Bug Hunting Activity
- New and Updated Software
GNOME Clarified (pclinuxonline)
"Yama" has written an article on pclinuxonline.com that aims to "clear up many misconceptions that many people seem to hold about GNOME. Hopefully it will lead to a greater understanding of The GNOME Project and what it's about."
GNOME 2.0 Desktop Release Candidate 2: 'Glad Midsommar'
The GNOME 2.0 Desktop Release Candidate 2, "Glad Midsommar", is now available. "A number of release critical issues were resolved after Release Candidate 1, so to ensure adequate testing and review before GNOME 2.0 Desktop Final, we've made a second release candidate for wider testing. RC2 should reflect the contents of the final release."
KDE Dot News: Community FAQ
KDE.News has posted an announcement for a new KDE Community FAQ for the site. "By popular demand, we are answering some of the most frequently asked questions at the dot. Read the following FAQ if you are interested in understanding how the dot operates, how best to contribute articles, and how to help improve the dot in general. Nothing is really set in stone here. The FAQ will be updated as required and as per your comments, and may eventually be moved to a different final location. With your help, KDE Dot News can hopefully improve and serve your needs better in the future."
Kernel Cousin KDE #39
Issue #39 of Kernel Cousin KDE is out. Topics include Kicker Xinerama Support, KDE/GNOME Interoperability, KDE 3.1 Release Schedule 4. 1, and KDE on HP/UX.
Interoperability
Samba 2.2.5 has been released
This is the latest stable release of Samba. The full details are found within this story.Kernel Cousin Wine #127
Issue #127 of Kernel Cousin Wine is out. Topics include wIndependence Day, Lindows at Wal-Mart, Kohan from TransGaming, Documentation Links, Creating Stubs, MS Write Support, Adding FriBiDi Support, and Multiple Wine Configurations.
Office Applications
AbiWord Weekly News #97 (2002, week 25) released
AbiWord Weekly News for June 24th is available. Topics include tables spanning multiple pages, the BugZilla update, and the usual sections: CVS states, bug updates, latest releases, and "on the mailing list".KOrganizer: Embedded Release 1.0 + Groupware Workshop
KDE.News mentions several new KOrganizer resources including a new workshop series and a stable release of KOrganizer/Embedded for Qtopia.Kernel Cousin GNUe #33
Issue #33 of the Kernel Cousin GNUe is out with coverage of the latest developments in the GNU enterprise project.
Miscellaneous
PDF Presentations Using AxPoint (O'Reilly)
Kip Hampton examines the use of AxPoint for making PDF-based presentations. "All kidding aside, if you've ever attended The Perl Conference or one of the YAPC gatherings, you've probably experienced the vague sense of disappointment that comes from watching someone who's otherwise staunchly committed to Open Source software boot up proprietary OS to use a presentation application to deliver the slides for their talk. It doesn't have to be that way; there are alternatives."
gphoto2 2.1.0 released!
Version 2.1.0 of the gphoto2 digital camera utility has been released. This version includes a new manual, support for additional cameras, and bug fixes.Kernel Cousin GNUe #34
Issue #34 of Kernel Cousin GNUe is out. Topics include: Normalisation for Contact Management in GNUe/DCL, Quoting table names in SQL queries, Foreign Key support in Forms, Scrollboxes and other queries, Container widgets in Forms, and more.
Languages and Tools
C
Scheduling threads (IBM developerWorks)
Dr. Edward G. Bradford compares thread performance between Red Hat 7.2 and various Windows varients on IBM's developerWorks. "This month's column will go into more depth with threads. I've written a program that performs measurable work in each thread and then demonstrate the overhead of performing the same computation in multiple threads."
Caml
Caml Weekly News
The June 25, 2002 edition of the Caml Weekly News features the following topics: French interactive fiction, Ocaml tracing (with Camlp4), Cameleon 0.4, and DBForge 0.4.
Java
An Introduction to the Java Logging API (O'Reilly)
Brian R. Gilstrap writes about the Java logging API on O'Reilly's OnJava site. "Unless you've been living under a rock, you already know that the official release of JDK 1.4 came out in the first quarter of this year, and included with it is a new logging API. This API was first described in JSR 47. Essentially the same description is also available in the documentation of logging for JDK 1.4."
Lisp
SBCL 0.7.5 released
Steel Bank Common Lisp (SBCL), version 0.7.5 has been announced. "This version has been ported to a new platform (Tru64--a.k.a. OSF/1--on Alpha), can be cross compiled with OpenMCL, changes a command line option and the behavior of the LOAD form, and fixes a few bugs."
Perl
Perl 5.8.0 RC 2 Released (use Perl)
Perl 5.8.0 Release Candidate 2 is now available. This is a release candidate, and is not recommended for use in a production environment, but downloading and testing is strongly encouraged.Ghostscript.pm - A perl module for the Ghostscript API
Forrest Cahoon has announced Ghostscript.pm, a perl module that connects to the Ghostscript API.
PHP
PHP Weekly Summary #91
The June 24, 2002 edition of the PHP Weekly Summary topics include: GD not detecting built-in features, Overload extension on Win2K, PHP 4.2.2, Manual in Turkish, PHP on Windows CE, exit(), and Java and PHP.Multiple File PHP Scripts (O'Reilly)
John Coggeshall discusses breaking PHP code into multiple files on O'Reilly's OnLamp site. "Although it's not ever truly necessary, many times it becomes very important to have the ability to separate PHP code into multiple files to ease organization and promote the idea of reusing common functions within your PHP scripts."
Python
Dr. Dobb's Python-URL!
The June 24, 2002 edition of the Dr. Dobb's Python-URL! is now available.Daily Python-URL
This week's entries on the Daily Python-URL include translating Perl to Python, an interview with Alex Martelli, Python on the space shuttle, game scripting in Python, and more.
Ruby
The Ruby Weekly News
The June 24, 2002 edition of the Ruby Weekly News has announcements for Ruby Password 0.1.0, FXRuby-1.0.11, a new Ruby.vim maintainer, and Rpkg-0.3.4pre4. Discussion threads include an Rpkg repository, REXML in C, and inside Ruby I/O.The Ruby Garden
This week, The Ruby Garden topcis include kernel conversion methods for using to_flt, to_int, to_ary, to_str, local variables and blocks, and more.
Scheme
Scheme Weekly News for June 17, 2002
The June 17, 2002 edition of the Scheme Weekly News topics include: the Web-It! XML framework, mod_scheme for Apache 2, GNU Kawa 1.6.99, Systas 1.0pre3, SISC b1.5.2, and more.
Tcl/Tk
Dr. Dobb's Tcl-URL! - weekly Tcl news and links (Jun 20)
The June 20, 2002 edition of the Dr. Dobb's TCL-URL! is available with all of the latest Tcl news.Dr. Dobb's Tcl-URL! - weekly Tcl news and links (Jun 24)
The June 24, 2002 edition of Dr. Dobb's TCL-URL! covers Korean text, tips and tricks for widgets, helpful information for building applications, and more.
Page editor: Forrest Cook
Linux in Business
Business News
IBM Delivers Total Linux Solutions to Wall Street
Here's a press release from IBM about its new Manhattan based Linux center.AMD Athlon MP Processors Drive Most Powerful x86 Cluster Supercomputers in Europe and Asia
Here is a press release from AMD, describing the Linux cluster at the University of Heidelberg, Germany. It recently made its way onto the TOP500 supercomputer list. "The University's Heidelberg Linux Cluster System (HELICS) supercomputer performs scientific research at its Interdisciplinary Center for Scientific Computing (ICSC)."
SnapGear Announces new uClinux Distribution
SnapGear has sent in a press release about a "new update of the uClinux kernel which completes enhancements for the Motorola MCF5249 architecture and consolidates updates and applications for one free and easy download for embedded Linux developers worldwide."
MontaVista Software Powers New Advanced Thin-Client Terminal
This press release states that two Japanese firms, Nexterm Inc. and ELT Inc., have jointly developed a thin-client terminal based on MontaVista Linux. "The Nexterm SE is a highly efficient and lightweight micro-client that executes all terminal applications in a server-based computing environment."
MandrakeSoft to provide Linux server software to all levels of French government
As the result of an Open Bid process initiated by the French "Union des Groupements d'Achats Publics" (UGAP), MandrakeSoft has been awarded a contract to equip Linux server software to French government agencies and ministries. Hit the link for the press release.Kodak Turns to IBM and Linux for Digital Cinema
Eastman Kodak Company announced that it has selected IBM as the key supplier of computer servers, storage units and other peripherals for the new Kodak Digital Cinema Operating System (COS). Click below for the full press release.Zumiez Completes Companywide Deployment of Ximian Desktop
Here is a press release from Ximian. A retail chain, Zumiez, is now using the Ximian Desktop at its retail locations. "The 1,200 employee, Seattle-based company completed the nationwide rollout in just six months and installed Ximian Desktop at each of its 91 retail locations to enable every point-of-sale computer to easily and efficiently perform spreadsheet calculations, manage email and browse the corporate intranet. Zumiez demonstrates how companies can cost-effectively capitalize on the desktop and productivity solutions from Ximian."
Antelope Technologies and Transmeta Announce Collaboration on Innovative Mobile Computer
Here is a press release, jointly issued by Transmeta and Antelope Technologies, announcing "that Antelope's Mobile Computer Core (MCC) will incorporate Transmeta's Crusoe TM5800 processor."
Open source flow solver
Gerris 0.1.0, the first "official" release, is an "open-source, free-software library and code for the resolution of the three-dimensional partial differential equations describing incompressible fluid flow. Gerris can deal with arbitrarily complex solid boundaries in an automatic manner and uses dynamic adaptive mesh refinement to optimise the discretisation according to the flow solution."
A pile of Java books from O'Reilly
O'Reilly has sent us announcements for a number of new Java books, including:- Ant, The Little Build Tool That Could by
Eric M. Burke and Jesse E. Tilly.
"
Ant is a reliable, cross-platform build tool that takes full advantage of the Java environment
". - Java & XML Data Binding, by
Brett McLaughlin.
- Java and SOAP by Robert Englander.
Press Releases
Open Source Announcements
- GNOME (BOSTON): GNOME Foundation Leader to Visit Three Latin American Countries; Miguel de Icaza Goes On GNOME Foundation's First Latin American Roadshow.
- On2 Technologies (NEW YORK): VP3 Combines With Vorbis to Create First Open-Source Multimedia Platform.
- QNX Software Systems (OTTAWA): QNX Donates Source Code to Eclipse.org to Create Industry-Standard Platform for C/C++ Development.
Distributions and Bundled Products
- MontaVista Software, Inc. (PARIS): MontaVista Software Wins Prestigious European Award; MontaVista Linux 2.1 Named ''Best Embedded Tool and Development Solution'' by Leading French Publication ''Electronique''.
- NEC Corporation (DUSSELDORF, Germany): NEC Announces MontaVista Linux for Its Network Controller Devices; Powerful Development Environment From Montavista Software Drives Successful Deployment.
- Premier Programming Solutions (DEWITT, Mich.): Premier Programming Solutions to Become World's First Assistive Technology Company to Embrace Lindows.
Software for Linux
- Accelerated Technology (TOKYO): Accelerated Technology Welcomes Simulation and Testing Technology from Innoveda.
- Faximum Software Inc. (West Vancouver, BC): Faximum Announces New Fax Software for Linux and Windows.
- GoAmerica, Inc. (HACKENSACK, N.J.): GoAmerica Announces Security Enhancements for Key Products; Immediate Availability of Go.Web OnPrem 2.0 and Document Manager OnPrem.
- High Tower Software (WASHINGTON): High Tower Software Introduces Homeland Security Intelligence Application at E-Gov 2002.
- iMimic Networking (HOUSTON): iMimic Caching Solution Features Trend Micro's InterScan VirusWall Scanning Software; Single-Appliance Solution Accelerates Content While Securing Users.
- Network Engines, Inc. (CANTON, Mass.): Network Engines Introduces Software Developers' Toolkit; Software Package Aimed at Helping Developers Rapidly Deploy Applications on a Server.
- OmniCluster Technologies (Boca Raton, FL): Secured by Check Point VPN/Security Product.
- Reliaty (AMHERST, N.H.): Reliaty Introduces First Data Protection Software Founded on NDMP.
- UniTrends Software (MYRTLE BEACH, S.C.): UniTrends Announces Backup Professional for FreeBSD; Provides Complete Backup and Crash Recovery.
- V Communications (NEW YORK): V Communications Introduces Copy Commander; Automatically Move Data to a New Hard Drive.
- Vericept Corporation (DENVER): Vericept Unveils First All Inclusive Network Abuse Management Solution With New Version of Its View Technology Platform.
Products and Services Using Linux
- Applied Microsystems Corp. (REDMOND, Wash.): Applied Microsystems Enters Embedded Linux Market; CodeTEST Software Test & Analysis Tools to Support MontaVista Linux and other Embedded Linux.
- Command Prompt, Inc. (Portland, OR): New PostgreSQL Managed Hosting Service Available.
- Linux Motor Corp. (New York, NY): Linux Motor launches a new competitively priced support service for Linux.
Hardware with Linux support
- ADI Engineering Inc. (CHARLOTTESVILLE, Va.): ADI Engineering Announces Universal CompactPCI Hot Swap CPU Module Based on the Intel XScale Microarchitecture.
- AMD (NEW YORK): AMD Announces 64-Bit Web Server Support From Zeus Technology Ltd..
- Cambex Corporation (WALTHAM, Mass.): Cambex Announces Memory for IBM eServer pSeries and RS/6000 Servers; Cambex is the Only Independent Company to Deliver Fully Compatible Memory for High-End IBM Servers.
- Equinox Systems Inc. (SUNRISE, Fla.): Equinox Announces New Low Profile Universal Serial Adapter; New SST-4P/LP Serial Adapter Keeps Retail Applications Running Smoothly.
- Fujitsu Transaction Solutions Inc. (CHICAGO): Fujitsu Launches Industry's Most Reliable POS Terminal.
- IBM (Armonk, NY): IBM unveils new eServer.
- Network Appliance (SUNNYVALE, Calif.): Network Appliance Announces Support for Oracle9i Real Application Clusters Running On Linux.
- Wincor Nixdorf Inc. (AUSTIN, Texas): Wincor Nixdorf Announces Availability of the BEETLE /iPOS for Hospitality and Food Service at HITEC 2002 Exposition.
Cross Platform/Porting Product
- CodeWeavers, Inc. (ST. PAUL, Minn.): CodeWeavers' CrossOver Office(TM) Version 1.1 Supports Microsoft Outlook(R) and Internet Explorer on Linux Desktop PCs.
Linux at Work
- Wincor Nixdorf Inc. (AUSTIN, Texas): Wincor Nixdorf to Install 1,400 Additional POS Systems at Burlington Coat Factory This Year.
Java Products
- Borland Software Corporation (NEW YORK): Borland Speeds Deployment of Web Services.
- Borland Software Corporation (SCOTTS VALLEY, Calif.): Borland Enterprise Server Gets Highest Rating in New Report on J2EE Application Servers; Borland Ranked Ahead of IBM, BEA and Silverstream in CSIRO Report.
- Borland Software Corporation (SCOTTS VALLEY, Calif.): Borland Strengthens Support for BEA WebLogic Server; Borland JBuilder Deploys to More J2EE Servers than Any Other Java Development Environment.
- Rococo Software (DUBLIN, IRELAND): Rococo Software Wins Commendation at Bluetooth Congress.
Books and Documentation
- O'Reilly (Sebastopol, CA): O'Reilly Releases "Perl & XML".
- O'Reilly (Sebastopol, CA): "Perl in a Nutshell, Second Edition" Released by O'Reilly.
- O'Reilly (Sebastopol, CA): "Learning the Korn Shell, Second Edition" Released by O'Reilly.
- O'Reilly (Washington, DC): "Network Security with OpenSSL" (+DC area SSL talk).
Training and Certification
Partnerships
- MontaVista (Sunnyvale, CA): MontaVista Becomes IBM Partner in "Ready for IBM Technology" Progam.
- Object Management Group and The Open Group (NEEDHAM, Mass. and SAN FRANCISCO): OMG and The Open Group Form Architecture-Related Partnership.
- TimeSys (SAN RAMON, Calif. & PITTSBURGH): TimeSys Selected by SBE for Embedded Linux; Partnership Will Result in ''Out-of-the-Box'' Linux Solution for the HighWire Product Family.
Investments and Acquisitions
- IBM Software (NEW YORK): IBM Acquires Metamerge, Adds Directory Integration Software to IBM's Infrastructure Portfolio.
- Sourcefire, Inc. (COLUMBIA, Md.): Sourcefire Closes Series A Funding Round With $7.55 Million to Expand Leadership in Security Market.
Financial Results
- Red Hat (Raleigh, NC): CEO of Linux Firm Red Hat Gets Compensation of $4.3 Million.
Personnel and New Offices
- Borland Software Corporation (SCOTTS VALLEY, Calif.): Borland Promotes Frank Slootman to Senior Vice President of Software Products.
- Linux NetworX (Salt Lake City, UT): Linux NetworX Hires Former Lineo/Novell Exec.
- Lund Performance Solutions (PORTLAND, Ore.): Lund Chooses LeBlanc; Industry Veteran Paul LeBlanc to Head Lund Performance Solutions East Coast Sales.
Miscellaneous
- IDG World Expo (San Francisco): 'Penelope Copyleft' Debuts on the LinuxWorld Conference & Expo Web Site.
Page editor: Rebecca Sobol
Linux in the news
Recommended Reading
Study: Open, closed source equally secure (News.com)
A Cambridge University researcher presented a paper Thursday to a conference in Toulouse, France, where he argued that proprietary software should be as secure as free software. "In his paper, computer scientist Ross Anderson used an analysis that equates finding software bugs to testing programs for the mean time before failure, a measure of quality frequently used by manufacturers. Under the analysis, Anderson found that his ideal open-source programs were as secure as the closed-source programs."
Supercomputers getting super-duper (News.com)
According to CNET, it's getting hard to keep a place on the list of the world's fastest supercomputers. They summarize various super computer offerings, including everyone's favorite: Beowulf clusters. "A total of 49 of the Top500 systems are such clusters, with 31 of them built by IBM."
UnitedLinux: Standardizing Linux (ZDNet)
Larry Seltzer at ZDNet Tech Update gives us his take on UnitedLinux. "One day, if Red Hat and other major distributions join UnitedLinux--or even if they were to simply pledge to support the LSB--things will be different. That would be a big deal. But Red Hat hasn't signed on, and from a pure self-interest perspective I can't see why it would jeopardize its enterprise dominance by giving numerous competitors an equal opportunity for application certification."
Peru bids to break Microsoft stranglehold (vnunet)
Vnunet investigates the rise of open-source software in Peru. "A Peruvian congressman is planning to have Microsoft products banned from government departments and replaced with open-source software. Edgar Villanueva's measure would apply to all software, from server operating systems to databases, word processors and email. If passed, the legislation could be the first of its kind in the world and would be the first legal restriction aimed at Microsoft's dominant operating systems."
Companies
HP/Red Hat deal offers Linux servers (vnunet)
Vnunet covers the announcement of new HP/Redhat Itanium 2 based servers. "An existing partnership between HP and Linux expert Red Hat will see the pair become the first to market with Linux-compatible Itanium 2-based platforms. As part of the deal, all HP ProLiant servers, blade servers and Itanium 2-based servers and workstations will be available with the certified Red Hat Linux Advanced Server, the companies said."
HP jump-starts Red Hat's Itanium agenda (News.com)
Red Hat's original plans were to move the Advanced Server to Itanium in late 2003, but the recent partnership with HP has accelerated those plans a year. CNET's Stephen Shankland has a fairly comprehensive article about the whole partnership and the history of the same.IBM opens Linux technology center (ZDNet)
Today IBM will announce the opening of a technology center in Mathattan, to lure financial services companies over to Linux. "IBM initially will fund the center in Manhattan with $1 million, helping financial services companies move their software to Linux computers, the company said."
IBM aims Linux at financial companies (News.com)
News.com reports on IBM's Linux Technology Center. "IBM on Thursday will announce the opening of a technology center geared to lure financial services companies to servers using the Linux operating system. IBM initially will fund the New York center located in the Manhattan area with $1 million, helping financial services companies move their software to Linux computers, the company said."
Power 4 the People (Register)
The Register examines IBM's Linux strategy. "IBM's attempt to re-capture the Unix server market continues apace. Having fallen well behind Sun and HP during the late 1990s, largely thanks to a complicated customer-confusing product line, parts of the business competing with other parts of the business and Sun's aggressive pursuit of the Internet server market, Big Blue modified its approach in October 2000. It rebranded, consolidated and streamlined its product line, and more closely allied itself to the Linux movement."
IBM's Intel Linux plans (Register)
The Register covers IBM's plans for Linux. "Rich Michos, IBM's v.p. of Linux servers, says, 'The Intel platform is the fastest growing platform, and Linux is the fastest growing server OS. Each year Linux is becoming more and more important to IBM and it gains a bigger share.' To be exact, Scott Handy, IBM's director of Linux solutions marketing, says that 27% of new servers requests are for Linux servers. 'And, those requests are increasing.'"
IBM puts partitioning at the front of UNIX battle (IT-Director)
The Register covers IBM's announcement for its new server line. "IBM this week has revealed plans for a new suite of low-end UNIX servers that, it hopes, will enable the firm to spread its influence across territory more used to HP and Sun Microsystems."
Lindows.com plans flat-fees for OEMs (Register)
The Register has some details about what lies ahead from Lindows.com. "Instead of the usual per-unit fees, systems builders will pay a $500 monthly membership fee, which will entitle them to install the LindowsOS operating system on an unlimited number of computer systems. Lindows.com is also stating that there will be no volume commitments for system builders that sign up to the program, and no software activation codes requiring tracking and auditing."
LindowsOS licenses herald cheaper PCs (ZDNet)
ZDNet writes about the Lindows.com licensing advantages for systems integrators. "On Monday Lindows.com, which claims its operating system will eventually be able to run popular Microsoft Windows applications, launched its Builder program, which offers system builders technical support, testing tools, LindowsOS Certification eligibility and a software library for $500 per month. The license allows the manufacturer to install the software on any number of systems, potentially allowing massive savings over traditional licensing plans."
Microsoft to reveal Palladium source code (News.com)
While some Microsoft executives are testifying in court that source code availability damages security, others in the company are actually releasing source code to improve the security. "Microsoft, long a proponent of keeping source code secret, plans to publish the source code to a critical part of its Palladium project to enhance security, a representative of the software giant said Monday."
MS to eradicate GPL, hence Linux (Register)
As a followup to the the recent CNET article about Microsoft revealing the source code to Palladium, The Register believes that it is a ploy to destroy the GPL and Linux. "It, or a companion chip, will interface with some manner of PKI, current or future, so that only 'authorized' applications may run with privileges."
Open-source seeks strength in numbers (News.com)
Video-compression provider On2 Technologies will announce today that it will blend its video codec with Ogg Vorbis. "That's the beauty of open source. You now have a huge number of people who if they're interested can work on advancing the code base."
See also the official press release.
Is Red Hat going to be the next Microsoft? (ZDNet)
Dan Farber over at ZDNet spent some time thinking about their recent interview with Red Hat CEO Matthew Szulik. Of particular interest to Dan is Red Hat's position against Microsoft, which he neatly summarizes point by point. Worth a read. "In fact, given that the Linux world is built on a collaborative approach based on the GNU GPL (General Public License), it's hard to imagine how any single open source distributor could totally dominate. Everyone has access to the bounty of source code generated by the huge community of developers evolving the Linux platform."
More Red Ink For Red Hat (TechWeb)
Information Week examinesRed Hat's continuing efforts to make money. "Linux is on the minds of many IT executives, but not enough to help Red Hat Inc. turn a profit."
Red Hat looks at a Linux desktop (ZDNet)
Will Red Hat go after the desktop market? Stephen Shankland investigates the question in this article. "Red Hat is warming to the use of the Linux operating system on desktop computers, a difficult market where customers are picky and Microsoft is the leader."
Red Hat: one of our Operating Systems is missing (Register)
The Register looks into Red Hat's dropping of its eCos embedded operating system.What's up with Red Hat's embedded strategy? (LinuxDevices.com)
LinuxDevices.com talks with Red Hat CTO Michael Tiemann about the company's embedded Linux strategy. "Tiemann also pointed out that Venture Development Corporation's recently completed embedded Linux market study determined that the most popular Linux distribution for embedded system development is Red Hat Linux, according to a survey of developers. ''Without even trying, we've won the 'roll-your-own' market,'' Tiemann asserted."
Sun To Give Away J2EE Server (TechWeb)
Tech Web reports that Sun Microsystems will be giving away a free (as in beer) version of its J2EE Server product for Solaris, Windows, Linux, IBM-AIX, and HP-UX. "But when it comes to enterprise software, "free" is always a relative term. Sun's Schwartz stressed that just because a basic edition of the Sun ONE app server is now free, that does not mean that Sun will decrease its investment in the platform. The app server remains a key cog in Sun's overall enterprise computing framework."
Sun, IBM add to Web services arsenal (ZDNet)
ZDNet covers the announcements yesterday from IBM and Sun. "IBM said it will offer a new starter kit that will allow programmers to use the Java language to build and run Web services. [...] Meanwhile, Sun announced [...] a bundle of the company's Solaris operating system and application server software that can be used as a guideline for building Web services."
Microsoft move triggers Linux promotion (News.com)
News.com looks at Ximian's efforts to woo customers away from the Microsoft platform. "Ximian, a small Boston company pushing use of the Linux operating system on ordinary desktop computers, is offering discounts to try to woo Microsoft customers dissatisfied with a more expensive licensing plan from the software titan. As of May, about two-thirds of Microsoft's customers haven't signed up for a program to offer a subscription-like product update service."
Business
Linux v. MS v. Unix - who's got the Big Mo? (Register)
The Register looks at exactly where Linux machines are, and are not showing up in businesses. "Wall Street's love affair with Linux companies may have ended a long time ago, but the open source operating system's march into the enterprise continues unabated, if slowly. Indeed, while Linux may have lost its lustre for investors, some banks, including CS First Boston and Merrill Lynch, have given it the thumbs-up and have begun replacing old trading systems and servers with Linux-based kit."
Interviews
Face to face with Red Hat CEO Matthew Szulik (News.com)
A group of CNET and ZDNet journalists have cornered Matthew Szulik for answers on a variety of interesting topics, including Red Hat's competition with Microsoft, Sun, and other Linux companies, strategic alliances, Mozilla, and future challenges. The content is available in Real or Windows Media.Behind the Slashdot phenomenon (News.com)
News.com interviews Rob Malda, A.K.A. Shashdot's CmdrTaco, on the Slashdot phenomenon. "To a lot of people, Slashdot is nothing but 12 links to new things every day. To half of our readers, in fact, that's all Slashdot is. But to some of our readers, it's a community that's here to discuss issues that are relevant to this community. There is a lot of value. The bulk of our content comes from other people. There are 6,000 or 7,000 comments on a busy day that other people write and just a dozen stories of just a paragraph or two that we actually generate, that are ours. It is a weird symbiosis of things that are given to us."
Resources
Playing Files with Vorbis
The third in a four part series of articles on Ogg Vorbis is out. Playing Files with Vorbis covers a number of different players that are available for dealing with Vorbis files.Quick! I Need a Book! (Linux Journal)
Linux Journal is running an article that covers the use of HTMLDOC for conversion of multiple HTML files into single HTML, Postscript or PDF files. "Linux offers many document conversion tools and a great many powerful document-generating tools and languages, from old standbys like TROFF and texinfo to tools like TeX and LaTeX, but these are well documented elsewhere. There's one lesser known tool, a bit narrower than TeX, that's perfect for your trifling problem: HTMLDOC."
Tinyminds.org for Everyone (Linux Journal)
Linux Journal covers the launch of Tinyminds.org. "A new kind of innovative Linux help site is developing, and it's happening quicker than the Mozilla nightly builds. Tinyminds.org is changing the way traditional Linux help sites have done business."
Usenix Tutorials Answer Deep Questions (Linux Journal)
Another Linux Journal article on Usenix has been published, this one summarizing Mr. Marti's experiences in 3 tutorials. Apparantly, he enjoyed himself and summarized it thus: "If you work in an environment where people consider you the Linux or UNIX expert, you can count on maximizing ROI on your training budget by attending the information-dense Usenix tutorials."
Reviews
Try a secure virtual Linux (ZDNet)
ZDNet is running a letter that compares the operation of VMware, Virtuozzo, and User Mode Linux.Linux: Feelin' Secure (TechWeb)
This TechWeb author is impressed with the security of Linux, and says so in this article. "IT pros navigating a minefield of insecure software and systems are finding safe ground in Linux. That's because the open-source operating systemin part due to its very opennesshas become a model of security."
ConsoleOne adds NetWare admin powers to Linux (ZDNet)
ZDNet reviewsConsoleOne, a Novell utility for administering NewWare nets. "But Novell is constantly adding to NetWare, incorporating the coolest, newest technologies. One example is ConsoleOne 1.3.3 For Linux, which incorporates Java and Linux with Novell's newest administration utility, ConsoleOne. With it, you can administer your NetWare servers from a Linux workstation as easily as you can from a Windows workstation."
Sharp unveils Linux-based handheld (News.com)
The successor to the Zaurus SL-5500 has been introduced, but only in Japan, and the bad news is that Sharp representatives say there are no plans to bring it to the United States. "The Zaurus SL-A300 measures 0.5 inches by 2.7 inches by 4.4 inches and weighs 4.2 ounces. It uses Intel's 200MHz XScale PXA210 processor, 64MB of memory and a 3.5-inch active matrix display with a resolution of 320 pixels by 240 pixels. It also has a Secure Digital slot for expansion."
Miscellaneous
Why Linux-loaded laptops have sold poorly (NewsForge)
NewsForge is running an analysis on the failure of companies to profitably serve the Linux-on-laptops market. "If Dell or IBM -- or someone else -- had been willing to sell me a low-cost laptop with Linux already on it, they would have had a sure sale. I had my credit card out, with plenty of available balance on it, ready to spring $1,500 but not $3,000. Too bad these biggies didn't want my money or my loyalty. Maybe someday they will, and maybe someone else will come along who doesn't sneer at my money-saving nature and wants to do business with me."
Apache quells scaling doubts (vnunet)
vnunet covers a recent PC Magazine test that reveals "that Apache's Web server running under Linux on four-way servers can scale to compete in performance with Microsoft's IIS Web server running under Windows 2000."
Sun's open source policy closes doors for Solaris (ZDNet)
ZDNet features an editorial by a Solaris developer that looks at how open-source packages may not easily port to non-Linux platforms. "Since Linux and Solaris are not identical, this means that a growing number of software packages will not work "out of the box" with Solaris. Solaris is becoming a third-class citizen in the free software world."
Mozilla nabs surfers from Microsoft
ZDNet reports that the Mozilla browser has garnered a small (0.4 percent), market share from the Microsoft's dominant Internet Explorer. "Microsoft's iron grip on the Web browser market has slipped ever so slightly since the release of new products from rivals Mozilla and Netscape Communications, Web researcher OneStat.com reported Monday."
Page editor: Forrest Cook
Announcements
Resources
European Digital Rights launches
European Digital Rights is a new, international civil rights organization formed by ten European organizations. "European Digital Rights (EDRi) is an association in which existing European privacy and freedoms organisations work together in raising awareness of policy makers and the public about the upcoming threats to our privacy and freedoms". Click below to see the full announcement.
August issue of IBM developerWorks journal: Linux Focus
Debra Cated has written in about the August issue of the printed publication, IBM developerWorks journal. "This issue of the IBM developerWorks journal covers everything from porting your MFC apps to Linux to mastering Linux debugging techniques. It offers new strategies for developing with technologies like wireless, XML, and Java technologies, as well as with products like WebSphere and DB2. It also includes popular, in-depth technical articles. Register today to have the August 2002 issue of the printed journal mailed to you for free."
Book Review: Web Database Applications with PHP and MySQL
Web application developers understand that in order to succeed in today's market, you need to keep up with the latest technologies. One of the more exciting technologies to come around in recent years is the powerful platform, LAMP (Linux, Apache, MySQL, and PHP). Hit the link for my review of this book from O'Reilly.New Python/XML book from Prentice-Hall
Prentice-Hall has written in with the announcement of their latest book. The book is "basically about how to write applications that use XML, focusing on general concepts, but using Python and Java as example languages."
Upcoming Events
The Fourth Australian Open Source Symposium
Registrations are now open for the fourth Australian Open Source Symposium (AOSS 4), to be held at UNSW, Sydney on Saturday July 20, 2002.SAGE-AU 2002 Conf, August 5 - 9, Melbourne Australia
The Systems Administrators Guild of Australia are having their 10th annual conference this year in Melbourne, Australia from August 5-9.Linux.conf.au 2003 Media Release
Here is the latest press release from Linux.conf.au, which will take place in Perth, Australia, January 22 - 25, 2003. The press release covers a Call For Papers, Sponsors, Accomodations, and Invited Speakers.Events: June 27 - August 22, 2002
| June 27 - 28, 2002 | Embedded Systems Expo & Conference in Tokyo(ESEC) | (International Exhibition Center)Tokyo, Japan |
| June 27 - 28, 2002 | Yet Another Perl Conference(YAPC 2002) | (Washington University)Saint Louis, Missouri |
| June 27 - 28, 2002 | European Python and Zope Conference(EuroPython 2002) | (Charleroi Espace Meeting Européen)Charleroi, Belgium |
| June 27 - 29, 2002 | Ottawa Linux Symposium(OLS) | Ottawa, Canada |
| June 27 - 28, 2002 | European Tcl/Tk User Meeting | (Siemens Trainings Center)Munich, Germany |
| July 4 - 7, 2002 | UKUUG Linux Developers' Conference | (University of Bristol)Bristol, UK |
| July 5 - 7, 2002 | Debconf 2 | (York University)Toronto, Ontario |
| July 11 - 14, 2002 | Uniforum NZ 2002 | Auckland, New Zealand |
| July 18 - 20, 2002 | Boston GNOME Summit | Boston, Mass. |
| July 20, 2002 | Fourth Australian Open Source Symposium(AOSS4) | (UNSW, Sydney)Sydney, Australia |
| July 22 - 26, 2002 | O'Reilly Open Source Convention | (Sheraton San Diego Hotel and Marina)San Diego, California |
| July 23, 2002 | Seattle Ruby Brigade Meeting | Seattle, Washington |
| August 1 - 2, 2002 | 3rd annual Bioinformatics Open Source Conference(BOSC 2002) | Edmonton, Canada |
| August 2 - 4, 2002 | Defcon | (Alexis Park Hotel and Resort)Las Vegas, Nevada |
| August 5 - 9, 2002 | 11th USENIX Security Symposium | San Francisco, CA, USA |
| August 6 - 9, 2002 | CERT Conference 2002 | Omaha, Nebraska, USA |
| August 12 - 15, 2002 | Linux World Conference & Expo | (Moscone Center)San Francisco, California |
Web sites
Python GTK+/GNOME Wiki
A new Web Wiki has been created for the discussion of Python GTK+/GNOME modules.
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted by section,
- Sorted by license.
Miscellaneous
YAPC Lightning Talks Nostalgia (use Perl)
Use Perl points to the YAPC 2001 lightning talks. "In particular, Sean Burke's seminal "How OOP is like Japanese food", which you can stream or download in MP3 format through the magic of Apache::MP3.""
Page editor: Forrest Cook