LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for June 26, 2003The age of the Linux desktopNot that long ago the Giga Group - not one of the more friendly analysts-for-hire out there - warned businesses to stay away from desktop Linux until 2005. More to the point, desktop Linux has long been regarded as a distant dream, even by many strong Linux supporters. It is commonly assumed that Linux is still far from where it needs to be to move out of the server and onto the desks of "ordinary people."The Giga Group may be right that it will take another year or two before Linux is a common and safe choice for desktop deployments. For everybody who does not seek permission from analysts, however, desktop Linux is becoming a viable option rather sooner. Consider, for example, the deployment of 80,000 desktop Linux systems in Extremadura, Spain. Linux and the GNOME desktop were considered to be more than good enough for students across the region; Linux systems were also used to set up 33 centers for general use.
For the clincher, consider this Business Week article about Apple, which happens to mention the following:
Long maligned as a desktop nonstarter, Linux should pass Apple in
market share for desktop operating systems on computers sold in the
coming year. That means from 7% to 10% of all PCs shipped won't
bear the Windows icon.
Apple's MacOS is generally considered to be the most advanced desktop operating system out there. That perception may not change, but the fact is that users are voting with their keyboards. Linux will displace MacOS as the second most popular desktop operating system within the year. Once, not all that long ago, Linux was considered to be a toy system suitable only for hobbyists. Over time, Linux has proved its worth in many contexts, from personal video recorders to supercomputers - a Linux cluster is now the third fastest computer on the planet. Success on the desktop has taken longer, but it is now within reach. Nobody can say that a system which has surpassed Apple in the marketplace is not suitable for the desktop.
Legislative notesAs mentioned here last week, there has been a renewed push for the adoption of software patents in Europe. It now appears that the final scenes will be played out even more quickly than expected: according to the European Parliament Observatory, the full plenary vote on software patents could happen as soon as June 30. That does not leave a whole lot of time for concerned Europeans to contact their MEPs and get their feelings across. According to some sources (see, for example, this writeup by Xavi Drudis Ferran), it should not be assumed that the plenary session will simply rubber-stamp the software patent directive. Efforts to educate parliament members over the next few days could have a significant effect.On the other side of the pond, representatives Zoe Lofgren and John Dolittle have announced their intent to introduce the Public Domain Enhancement Act into Congress. The PDEA was covered here in the June 5 Weekly Edition; it would require that copyrights be renewed after fifty years. Any material for which the copyrights are not explicitly renewed would pass into the public domain. This law would not reduce the copyright protection available to anybody; it would just ensure that works which are no longer being commercially exploited become part of the intellectual commons. The idea should not be particularly controversial, but the media industry is likely to lobby against it just the same. So it could be a long path between the introduction of the PDEA into Congress and its becoming law. That introduction is a necessary step in the right direction, however.
Making money with free software[This article was contributed by Joe 'Zonker' Brockmeier] The Linux Router Project is dead. So says Dave Cinege, the creator of the project. Though the project has been stagnant for some time, it still came as a surprise to see it officially pronounced dead, particularly given the bitterness of Cinege's eulogy for the project:
The operating system that helped to create the embedded Linux
marketplace, the Linux Router Project (LRP), is dead.
As of January of this year I have finally accepted the fact I will likely never be able to develop LRP into the operating system it could have been. A full 6 months later I'm forcing myself to update this page to reflect this. It is not an easy thing to give up on your life's work. Apparently the cause of death was Cinege's inability to translate his work with LRP into a source of income.
My many contributions to the computing community has reaped very little
personal benefit for myself. As I now struggle to pay the bills I can
not help but feel quite pissed off at the state of affairs, for myself
and the other authors who contributed massive amounts of time and
quality work, only to have it whored by companies not willing to give
back dime one to the people that actually created what it is they sell.
Acknowledgement and referral would have at least been acceptable. Few
companies do even that.
While it's unfortunate that Cinege didn't benefit financially from his work on LRP, it's also an illustration that developers shouldn't depend on their contributions to free and open source software to land them a job or otherwise put money in their pockets. While a number of developers have, indeed, landed jobs as a result of their work with open source, it's hardly a guarantee of gainful employment. And it's true that companies may not even choose to publicly acknowledge the projects they've used to build their products. Vortech Consulting, for example, based Coyote Linux on LRP, but there's nary a mention of the Linux Routing Project on the Coyote Linux site. The relationship between free software developers and companies is often uneasy. A recent bit of company bashing on the linux-kernel list led to this outburst:
These discussions always make me wonder if the open source crowd is
ever going to realize it's reasonable to be friendly with
commercial companies....
The world is not going to end up with all software working perfectly and being free. Software is hard work, software tends to rot if you don't take care of it, there has to be an business plan better than
While Cinege and many others see commercial companies as parasites using their work for profit without any kickback for the original contributors, others see open source as a parasite on proprietary software. There is a fair amount of mistrust and misunderstanding going in both directions. Many unknowns remain in the equation of how free software and money-making enterprises will work together; this situation is likely to persist for some time. It's very clear right now, however, that if a developer hopes to earn a living off of their contributions to open source, he or she will need to come up with a workable plan beyond releasing software and hoping for job offers, contract work or grants to fund further development efforts. Even then, as with any entrepreneurial enterprise, it's no guarantee that they'll be able to pull it off. And, it's possible that someone else will come along and do a better job of capitalizing on your work. Part of releasing software under an open source license is giving up full control of the work. Writing software is just one aspect of what makes a software company, open source or otherwise, successful. Brilliant software isn't enough to ensure a steady flow of clients. Developers who want to make a living off of their open source project will also need to wear the marketing hat, the sales hat, and so forth to turn a freely-available project into money. Some developers aren't interested or adept at doing those things, which is fine. In that case, they need to align themselves with partners or a company that will do that work for them if they hope to turn open source development into a money-maker. That, or resign themselves to the idea that someone else may do it without them.
Security Brief items Spam blocking with greylistingA certain amount of attention has recently been given to a spam-blocking method called greylisting. A look at the description of the technique shows that it does not, actually, have much in the new way of ideas. Greylisting might, however, become a useful part of the antispam arsenal at some sites.The core idea of the greylisting technique has been around for a while. It relies on the fact most spammers do not bother to track and retry deliveries which are declined by the receiving system with a temporary failure status. Real mail systems will retry the message later on, until they run out of patience. Spammers just forget about it and move on. So an effective way of blocking a large percentage of incoming spam is to simply refuse mail from new sources with a temporary failure on the first delivery attempt. Real mail will eventually show up again, and be delivered with a small delay. Most spam will never return. The greylisting technique uses a slightly finer-grained approach. It creates a three-entry tuple out of the originating address, the sender, and the recipient of the message. If the tuple is new, the mail is refused for a configurable period of time. The use of the three-way tuple helps prevent spam from slipping in by using false sender addresses. The obvious workaround, from a spammer's point of view, is to add retrying for temporary failures to their code. Given the desire of the spam industry to pollute our mailboxes regardless of how hard we try to prevent that, the implementation of temporary failure retrying is only a matter of time. Of course, mail sent through open relays is generally retried anyway, so widespread use of greylisting could result in more use of open relays, and, perhaps, more attempts to compromise systems to turn them into unwilling relays. As the author describes it, greylisting is meant to be used in conjunction with other spam-blocking techniques, especially blackhole lists. The hope is that, by the time the temporary failure interval has ended for a particular spam source, that source will have found its way into the blacklists and the message can be blocked permanently. This combination could, indeed, prove hard for the spammers to get around.
New vulnerabilities eldav: insecure temporary file
ethereal: security problems in Ethereal 0.9.12
orville-write: buffer overflows
osh: buffer overflows
webfs: buffer overflow
xbl: buffer overflows
xterm: command execution and denial of service
ypserv: denial of service
Updated vulnerabilities bind buffer overflow vulnerability in DNS resolver libraries
BitchX: Denial of service vulnerability
Canna server: exploitable buffer overrun
CUPS: vulnerability in the CUPS IPP implementation
ethereal: buffer and integer overflows
Filename disclosure vulnerability in fam
fetchmail: buffer overflow
Potential remote root exploit in glibc
glibc: DNS stub resolvers contain buffer overflow vulnerability
gnocatan: buffer overflows, denial of service
gnupg: key validation
gtkhtml: malformed messages cause crash
IMP - SQL injection vulnerability
kde: arbitrary code execution
kernel - ptrace-related vulnerability
kernel 2.4 - two new vulnerabilities
kernel-utils: setuid vulnerability
kopete: vulnerabiliy in GnuPG plugin
libpng, libpng3: buffer overflow
lynx: CRLF injection vulnerability
lyskom-server: denial of service
perl-MailTools: remote command execution
man: format string exploit
mikmod: buffer overflow
Nessus NASL scripting engine security issues
nethack: buffer overflow
netscape-flash: buffer overflow
net-snmp: denial of service vulnerability
noweb: insecure temporary files
openssh: timing attack leads to information disclosure
pam_xauth: root exploit
PHP: vulnerability in mail function
PostgreSQL - more buffer overflows
Local arbitrary code execution vulnerability in Python
radiusd-cistron: possible remote system compromise
Multiple-use vulnerability in Safe.pm
File overwrite vulnerability in tar and unzip
Multiple vendor telnetd vulnerability
typespeed: buffer overflow
vim - modeline vulnerability
vixie-cron: Local vulnerability
webmin: session ID spoofing
wget:directory traversal bug
Wwwoffle remote privilege escalation vulnerability
xinetd: Memory leak in xinetd 2.3.10
Xpdf - command execution vulnerability
Resources Report: International Research on Privacy for Electronic GovernmentJoichi Ito has, with many helpers, compiled a report on privacy and privacy-enhancing technologies which is intended to help with the planning of electronic government initiatives in Japan. It's a large thing, being several hundred pages available in PDF format. It is well worth a look, though, as a comprehensive summary of the privacy situation in several parts of the world.
Linux Advisory WatchThe June 20 issue of the Linux Advisory Watch newsletter from LinuxSecurity.com is available.
Events Security Symposium, Aug 4-8, Washington DCThe 12th Usenix Security Symposium is scheduled for August 4 through 8 in Washington, DC. Participants include Steve Bellovin, Bill Cheswick, Niels Provos, Kevin Fu, Peter Gutmann, Dan Boneh, David Farber and Mark Seiden. Registration is open now for interested participants.
Industrial Experience in Security at ACM CCSThe Tenth ACM Conference on Computer and Communications Security is happening in Washington, DC, on October 28 and 29. This year there will be a special session on "industrial experience in security." "This special session in an otherwise academic conference is an opportunity for security practitioners in industry to tell academics how it's really done: what works, and what doesn't. Submissions are only 3 pages long, and so should impose minimal burden on those submitting a paper." Papers are due June 27 (soon!).
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current development kernel is 2.5.73, which was released by Linus on June 22. Changes this time around include some big ext3 and journaling changes (see last week's LWN Kernel Page), an ACPI update, a big ia64 merge, some networking fixes, a new PCI device locking scheme, the new request_firmware() interface (see the May 21 LWN Kernel Page), an NFS server update, more driver model work, an ARM update, and various other fixes and tweaks. The long-format changelog has all the details.Linus's BitKeeper tree, as of this writing, contains an MTD driver cleanup, the beginning of work on the loop driver (see below), and some patches to make the network block device driver work again. The current stable kernel is 2.4.21. Marcelo has started the 2.4.22 process (supposed to only last a couple months) with the release of 2.4.22-pre1; it is a large patch with a lot of USB work, the long-awaited ACPI update, some network fixes, and quite a few other repairs and updates.
Kernel development news Supporting multiple module initialization functionsOne longstanding goal in kernel development has been to eliminate the differences between loadable modules and monolithic (linked-in) code. The fewer differences there are, the easier it is to write code which works in either mode - and to maintain that code. In 2.5, this process is almost complete; there is very little code which is unique to either modules or monolithic code.One remaining difference, however, has to do with initialization and exit code. It is possible to use the module_init() macro to designate an initialization function, and that function will be called properly at module load time or at boot time if the module is built directly into the kernel. (Exit functions for monolithic code are, of course, simply discarded.) One important difference remains, however: monolithic code can have multiple initialization calls, while modules can only have one. Monolithic code initialization calls can even be given priorities (via macros like core_initcall() or late_initcall()) which control when each function is called. One would think this wouldn't matter a whole lot for loadable modules, since every initialization function would be called at the same time (when the module is loaded) anyway. But this difference forces module and monolithic code to be different. It also prevents the creation of nice, initialization-time macros which ease the process of setting up /proc files or sysfs entries. With a new patch (since revised) from Rusty Russell, things will change. Rusty notes the real reason why modules can only have a single set of initialization and exit functions: the kernel simply does not know what to do if one of a series of initialization functions fails. In that case, the module load process must fail, and some sort of cleanup must be performed. The problem is knowing what that cleanup is. The solution is to associate pairs of initialization and exit functions. That is done with a new macro:
module_init_exit(priority, init_fn, exit_fn);
This call designates a new initialization and exit function pair, and associates a priority with that pair. Each exit function cleans up (only) the work done by its associated initialization function. At module load time, the initialization functions are called in increasing priority order. Should one fail, the exit functions corresponding to the initialization functions that succeeded will be called, in reverse priority order. Thus, a properly-written module should be able to clean up after itself correctly after a failure in any part of the initialization process. An early version of this patch broke modules using the long-deprecated technique of calling their initialization and exit functions init_module() and cleanup_module(), respectively. That has since been patched up - this stage of the kernel development process is not the time to be making such changes. But the writing is on the wall, and that particular technique is not likely to survive past 2.7.
Fixing the cryptoloop driverThe Linux loop driver is a virtual disk driver which loops block I/O requests back to a file or partition on a local drive. It has a number of uses, such as mounting ISO images contained within a file on another filesystem. The loop driver is also well positioned to apply transformations to block data as it passes through, however. It is thus a logical place for the implementation of encrypted filesystems. By adding a cryptographic transformation to the loop driver, encryption can be added to any standard Linux filesystem without having to worry about the filesystem code itself. An actual encrypted loop driver has never been packaged with the Linux kernel, but implementation have long been available through sites like kerneli.org.In 2.5 the mainline kernel was opened up to cryptographic code. Numerous ciphers and other algorithms have been added as part of the new crypto API, but, so far, encryption has not been hooked into the loop driver. Connecting up the components is not that hard at this point, but there is one slightly thorny issue which still needs to be resolved. Many ciphers can take an "initial vector" argument, along with the encryption key and the data to encrypt (or decrypt). The initial vector influences the encryption of the data; the same initial vector must be supplied when that data is decrypted. For filesystems, the initial vector is often derived from the position of the data block within the filesystem, with the result that how data is encrypted depends on its position on the (virtual) disk. The Linux loop driver, while not performing encryption itself, has long had a number of hooks to make it easier for others to plug in encryption algorithms. One of the things the loop driver does is calculate and provide an initial vector value for data transformations. This seems like a useful service for the loop driver to provide, except that nobody likes how that initial vector is calculated. The problem is that the initial vector is derived from the logical block number of the data in the filesystem holding the loopback image. This method works until the block size of that filesystem changes; at that point the initial vectors change and the filesystem becomes unreadable. The loopback driver does, by behaving this way, achieve the objective of protecting the data from prying eyes. But users can be hard to satisfy, and they complain anyway. The fix, as posted by Fruhwirth Clemens (or, as part of a bigger loop patch by Andries Brouwer), is simple. Rather than using block numbers to generate the initial vector, the loop driver should simply use 512-byte sector offsets. With that change, initial vectors are independent of the blocksize of the underlying filesystem and all is well. Except, of course, for those users who created filesystems using the older initial vector calculation. A change in the initial vector will lock all of those users out of their data, an act which is seen as being in poor taste. As a result, some developers have argued that this change cannot be merged as it is. The real question, however, is whether anybody actually has filesystems encrypted with block-based initial vectors. The kernel itself has not ever had support for a cryptographic loop driver, so there is no compatibility with older mainline kernels to break. The external projects which have provided this support - loop-AES and kerneli - also noticed the initial vector problem a long time ago and fixed it in their code. So it would seem that, in fact, there are no users dependent on the older algorithm. In that case, it makes a great deal of sense to fix it now, before somebody does start using it in 2.6. If, on the other hand, somebody, somewhere really has used the old initial vector calculation to encrypt data, they may want to speak up fairly soon.
Looking forward to 2.7The bulk of the development effort on the kernel is currently aimed at stabilizing things for the 2.6 release. Chances are that things will stay that way for the better part of a year - remember that a fair amount of stabilization work has to happen after 2.6.0 is released. Even so, we're starting to see hints (and even code) showing where some things might go in 2.7.A number of people maintain their own special-purpose kernel trees. Most of them are aimed at adding features to the 2.4 or 2.5 kernels; many serve as staging areas for patches which, it is hoped, will be merged into the mainline soon. Those of you who find 2.5.x to be overly stable and boring, though, may want to have a look at William Lee Irwin's -wli patch series, which is full of stuff that no rational person would consider putting into 2.5 at this point. Some of the work to be found there includes:
As a result of these (and numerous other) patches, William claims a five-fold increase in the number of processes which can be supported by a massive system. This work certainly improves scalability, and may well make it into the mainline - but not in 2.5. (The -wli patches do not currently include his page clustering work, which is even more bleeding-edge. Page clustering, too, may well become a 2.7 feature.) More in the realm of vaporware currently is Daniel Phillips's 2.7 agenda. Daniel has been the source of numerous interesting ideas in the past (though somewhat fewer completed implementations). Among other things, the shared page table patch (which could also be a 2.7 candidate) was originally written by Daniel. Looking forward to 2.7, Daniel has a few topics of interest:
It is far too soon to say with any kind of certainty where the 2.7 development series will go. Linus explicitly resists creating any sort of explicit plan, preferring to see what sorts of developments prove interesting enough to actually get implemented and used. Still, one can read from these early hints that the developers expect to remain interested in virtual memory topics for a while yet.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Networking
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Lindows.com - Friend or Foe?[This article was contributed by Ladislav Bodnar] Lindows.com has been regarded with suspicion by the Linux community ever since the company and its LindowsOS distribution were announced in October 2001. Perhaps it's time that we extended an olive branch to Lindows.com and took its product for what it is - a Linux-based operating system for the general public.Let's state one thing loud and clear: up until now, Lindows.com has made very little money out of its Linux venture. Depictions of the company's founder Michael Robertson being a ruthless vulture ready to pilfer other people's work for his own benefit are far too common on Linux forums. But if we take a look at some numbers, the picture is vastly different. Sales figures are hard to come by, nevertheless web sites where LindowsOS users congregate can give us some indication about its installed base. The unofficial Lindows forum at openlindows.com has fewer than 300 registered members. The official user forum does not provide numbers, but judging by the activity there, a few thousands of users might be a good estimate. Contrast this to the Gentoo forum, which has nearly 22,000 registered members! Judging by other similar examples, it is unlikely that LindowsOS has a market share of more than 1% of all desktop Linux installations. It is also unlikely at this point that Lindows.com is a profitable company. Another important point to note is that there is nothing inherently wrong with LindowsOS. It is a Linux distribution like any other, it has a solid base in Debian GNU/Linux and all the power one would expect from a Debian-based system. Some readers will argue that running the operating system as root by default is a major security risk, but remember that the market segment the product is aimed at simply does not want to deal with any passwords. Yes, it would be more desirable to educate the population about the dangers of using the system as root. In an ideal world, this would work. Unfortunately, a picture of a Debian developer joyously conversing about file access permissions with Aunt Tillie is an unlikely sight. It goes without saying that LindowsOS does not prevent security conscious users from setting up user accounts and passwords. What has Lindows.com achieved? If you take some time to visit the official forums of LindowsOS users and read through some of the posts, you will find examples of ecstatic users who are genuinely happy to have been able to switch to Linux. These simple stories of joy are perhaps the most liberating examples of success of Linux - not in noisy server rooms full of skilled system administrators with years of UNIX education and experience, but by ordinary folk. Many of these users don't know how to check the kernel version of their operating system and don't care about the name of the desktop environment they use daily. But the software enables them to get on the Internet, scan their precious photographs and write up important documents - and that's all that matters. Yes, the open source software programmers and Debian developers deserve most of the credit for this achievement. But if it wasn't for folks like those at Lindows.com (and numerous other distributors), we would probably never see a software installation program that can be operated with a mouse. LindowsOS 4.0 was released earlier this week. The product appears to be a bug-fix and consolidation release, rather than a version full of exciting new features and cutting edge software. The versions of XFree86 and KDE, as well as most of the server software were left unchanged from LindowsOS 3.0. But a lot of work has gone into making the Click-N-Run software warehouse and installation infrastructure reliable, lack of which used to be a sore point with many reviewers in the past. The company is also shipping a Knoppix-like live evaluation CD called "LindowsCD", which should be available for free download within the next few weeks. The prices start at $49.95 for LindowsOS 4.0 digital delivery and this includes a 15-day free trial access to the Click-N-Run warehouse. A full one-year Click-N-Run membership retails at $49.95, but this excludes commercial applications, such as StarOffice or Bitstream Deluxe Fonts, which have to be purchased separately. First reviews of LindowsOS 4.0 have been written and both TuxReports and ExtremeTech were highly impressed by the product. In short, we need each other. We need talented developers willing to spend most of their time in cryptic programming code, but at the same time, we also need people who are experts at doing usability studies, user interface design and market research. If we can work together without hostility and disrespect and if we can give credit where it is due, we can accelerate the success of Linux and get it accepted by a growing number of users, irrespective of how technically skilled they are. If Lindows.com becomes profitable and successful in the process, we will all benefit. Many Lindows.com critics find it hard to admit it, but the company has channeled some of their income back to open source software projects and will no doubt continue to do so. Hungry and greedy vultures with little integrity have indeed been spotted in the free software world. Lindows.com is most certainly not one of them. No, the company is not perfect, and yes, it has made mistakes (who hasn't?). But it has a solid product and many happy users to prove that it deserves our respect.
Distribution News Lindows 4.0 releasedLindows.com has announced the release of Lindows 4.0. New features this time around include a bayesian spam filter, popup ad blocking (their "AdSafe" technology - why didn't anybody else think of that?), and a trial subscription for their censorware offering.
Debootstrap/LVM with LNX-BBC 2.1Here's an article about using LNX-BBC 2.1 (the latest version of this bootable business card distribution), to install Debian. "It's not the easiest way to install Debian; and I'm not even sure if the regular installer supports LVM these days. However, all of the tools you need are right on the BBC (except for the debootstrap package, which we fetch with wget; and the rest of Debian/Woody which debootstrap and apt-get fetch is for."
Debian GNU/LinuxThe June 24 issue of the Debian Weekly News is out; it looks at handling of security issues, KnoppiXMAME, the "condorcet/Clone proof SSD voting method general resolution" (passed 9:1), the upcoming European software patent vote, and several other topics.Martin Michlmayr has posted some Bits from the DPL. This edition is mostly about traveling and the various conferences where Martin will be found over the next month, giving speeches about Debian. LinuxQuestions.org has added a sub-forum for Debian. This marks the fourth Distribution specific sub-forum at LinuxQuestions.org. (Debian joins Slackware, LFS and Conectiva). For more information you can read the announcement or go right to the Debian forum.
Gentoo LinuxThe Gentoo Weekly Newsletter for the week of June 23, 2003 is out. Topics this week include: Where is Gentoo Linux 1.4?, The Meta Package project, Two additional new source mirrors for North America, GWN looking for additional translators, and more.Several people have pointed out that Gentoo Linux should be moved to a more prominent place in the LWN Distributions List. In fact it was slated to move to the 'Also Well-Known' category, but after seeing this press release from UltraDNS, we decided to move Gentoo up to 'Leading Distributions'. (The press release ranks Gentoo as "the fourth largest open source Linux distribution", though the source for that statement is not given.)
Mandrake LinuxMandrakeSoft has released updated initscripts packages fixing a boot loader detection bug, available for Mandrake Linux 9.1.
Red Hat LinuxRed Hat has fixed a number of bugs in the foomatic package used in Red Hat Linux 9.Red Hat also has updated bash packages that fix several bugs, now available for RHL 8.0 and 9.
Slackware LinuxSlackware Linux has a few items to the slackware-current changelog this week. Patches were added to bash, the /lib/modules/2.4.21/build was fixed, /usr/sbin/shadowconfig now chowns /etc/shadow and /etc/gshadow to the shadow group as it should, zsh has been upgraded, the new "slacktrack" utility is available in extras, and more. As usual look at the changelog for complete details.
Yellow Dog LinuxTerra Soft is now accepting pre-orders for Apple G5 Power Macs, which will soon be supported by Yellow Dog Linux.Terra Soft has fixed several bugs in foomatic and the httpd package has been updated to include new powered_by.gif and index.html files.
New Distributions KnoppiXMAMEKnoppiXMAME is a bootable arcade machine emulator with hardware detection and autoconfiguration. It works automatically on all modern and not-so-modern hardware, including gameports and joysticks. It is powered by Knoppix Debian GNU/Linux, X-MAME, and gxmame. Stable version 1.0 was released June 18, 2003.
Minor distribution updates Bonzai LinuxDebian Planet covers the release of Bonzai Linux 2.0. "The current boot-floppies have been rebuilt to use Kernel 2.4.21 instead. This kernel has been compiled with gcc-3.2 due to space restrictions." Apparently that kernel didn't work very well for them, so version 2.1 was released a couple of days later, reverting to 2.4.20.
Coyote LinuxCoyote Linux has released development version 2.00-pre5 with minor bugfixes. "Changes: Changes to the firewall scripts and a switch from dhcpcd to udhcpc have been made to fix DHCP client timing problems for connections that have slow responding DHCP servers."
floppyfwfloppyfw has released stable version 2.0.5 with minor security fixes. "Changes: Kernel version 2.4.21 was included, along with support for the pcnet32 NIC (which is used by VMware) and iptables 1.2.8."
Rock LinuxRock Linux has released 2.0.0-beta6 with minor feature enhancements. "Changes: Several updates and bugfixes were made to packages and the build scripts. ISOs were created for the PowerPC (Desktop target) and x86 (Minimal and Desktop targets)."Desktop Rock Linux 2.0.0-beta6 is also available. "Changes: This release adds many package security fixes and updates (many package and core script bugs have been fixed) and better Linux 2.5 support and ROCK Plug integration. This is the last planned -beta release."
SME ServerMitel Networks has announced the release of the second public beta of the unsupported developer release of version 6.0 of the SME Server. (Thanks to Brock A. Frazier)
Trustix Secure LinuxTrustix has announced the release of Trustix Secure Linux 2.0 release candidate 1 (Thunder). "We firmly believe this to be a suitable release candidate, but expect that some issues may discovered when more users commence testing, and testing grows in intensity. We have gotten very valuable response from the beta testing, and expect the response on this release to be equally esteemed."
Page editor: Rebecca Sobol Development Contracts for PythonContracts for Python is a Python implementation of a concept that comes from the Eiffel language, Design by Contract. Programming by Contract allows a programmer to document a function/class with statements describing behavior." Along with the regular code, contracts for functions and methods add pre and post condition checking, and code for testing correct operation of the code.A draft Python language PEP (Python Enhancement Proposal) for Design by Contract has been submitted. The status of PEP 316 is currently Deferred.
Programming contracts extends the language to include invariant expressions for classes and modules, and pre- and post-condition expressions for functions and methods.
These expressions (contracts) are similar to assertions: they must be true or the program is stopped, and run-time checking of the contracts is typically only enabled while debugging. Contracts are higher-level than straight assertions and are typically included in documentation.
The PEP states that compared to Assertions, Contracts produce better documentation, and make for easier testing. The Eiffel Design by Contract document goes into greater detail on the subject:
To be sure that our object-oriented software will perform properly, we need a systematic approach to specifying and implementing object-oriented software elements and their relations in a software system. This article introduces such a method, known as Design by Contract. Under the Design by Contract theory, a software system is viewed as a set of communicating components whose interaction is based on precisely defined specifications of the mutual obligations -- contracts.
Version 1.0 beta 3 of Design by Contract just came out. The CHANGELOG file details the recent changes, which include support for Python 2.2 and Jython among other things.
System Applications Audio Projects Ogg TrafficThe June 24, 2003 edition of Ogg Traffic is out. Topics include: development on Positron, Speex, Theora, libshout2, the Speex ACDM codec, integer speex, OggHelp.com, and a new ogg stream from Virgin Radio.
Planet CCRMA ChangesThe Planet CCRMA audio software packaging project has made new images available for Red Hat 9.0, see the ChangeLog file for details.
Database Software PostgreSQL Weekly NewsThe June 18th 2003 PostgreSQL Weekly News is out. "After last week's mention of running PostgreSQL on an Opteron with Debian Linux in 64-bit node, I received a couple of emails about other people using PostgreSQL on 64-bit hardware. One in particular was a note that SuSE Linux Enterprise Server 8 for AMD64 has been shipping with support for PostgreSQL 7.2.4 since April, and is actively being maintained. With that said, we are now less than two weeks away from feature freeze (July 1st). Bruce Momjian has gone through a number of patches, if you plan to add something new for the next release it needs to be submitted as soon as possible."
SAP DB Version 7.4.03 releasedVersion 7.4.03 of SAP DB is available. Change information is available in the release info document.
Medical Software FreeMED Stable Release! (LinuxMedNews)LinuxMedNews has an announcenent for version 0.6 of the FreeMED Medical Practice Management System. "After two years of development, the FreeMED Software Foundation has released a stable version of FreeMED! The new .6 Version has lots of new features including a totally new modular architecture, HL7 support, medical billing functionality, scheduling system, and integrated security system. The new version is also compliant with both the HIPAA privacy and security rules."
Printing LinuxPrinting.org newsThe latest changes on the LinuxPrinting.org site include a patch for printing with just black ink on HP DeskJet 6xx, 8xx, and 9xx printers.
Web Site Development CMFLinkChecker 0.1 released (ZopeMembers)Version 0.1 of CMFLinkChecker has been announced. "CMFLinkChecker is an addon (Portal Tool) for CMF and Plone that gives you instantly an overview about the status of the links that exist within your content."
Epoz 0.4.0 released (ZopeMembers)Version 0.4 of Epoz, a wysiwyg-editor for Zope and Plone, has been announced. The changes include: "Epoz-Buttons are now customizable via CSS. Epoz will now integrate much more seamlessly into your own applications, esp. Plone."
Exodus - a web application review toolRogan Dawes has put together a web application review tool called Exodus. "Exodus acts as a web proxy, and can observe and display HTTP and HTTPS conversations, as well as extracting links from observed HTML responses, and HTML comments, scripts and forms. Exodus also offers functionality to fetch unseen links, submit requests manually, sample cookies, and submit "bad input" to URL's, in the hope that something will break."
Formulator 1.4.2 released (ZopeMembers)Version 1.4.2 of Formulator, an extensible framework that eases the creation and validation of web forms, has been released. "It contains a single bugfix compared to 1.4.1. Sticky forms should now work properly with unicode fields."
Gallery v1.3.4 and Gallery Remote v1.0.1 Released (SourceForge)SourceForge has an announcement for new versions of Gallery and Gallery Remote. Gallery is a web-based photo gallery package. "New features for v1.3.4 include: the ability to download your gallery to burn to CD or browse offline, additional photo print services, auto-rotation of JPEGs when possible, and the ability to add new customized description fields to photos."
mnoGoSearch 3.2.11 ReleasedVersion 3.2.11 of the mnoGoSearch web site search engine software is available. See the change history for a list of changes and bug fixes.
My Media Manager 1.2 final released ! (ZopeMembers)Version 1.2 final of My Media Manager, a set of online management and publishing tools for administering streaming media servers, has been announced. "There haven't been made many changes from the release candidate, but some minor bux fixes (mainly to the GUI) has been fixed."
Dynamically Creating PDFs in a Web ApplicationSean C. Sullivan shows how to work with the iText Java Class Library to generate PDF documents on the fly.
Plone 1.0.3 released! (ZopeMembers)Version 1.0.3 of Plone, an information management system, has been released. "Release 1.0.3 fixes some bugs, and adds a reserved IDs feature. It is a recommended upgrade for users of the 1.0.x versions."
Web Services IBM Releases WebSphere SDK 5.0.1 for Web ServicesIBM has released version 5.0.1 of its WebSphere SDK for Web Services. "The free download includes: An embedded version of IBM WebSphere Application Server - Express, V5.0 with additional support for ORB and EJBs. WSDK supports SOAP 1.1, WSDL 1.1, UDDI 2.0, JAX-RPC 1.0, EJB 2.0, Enterprise Web Services 1.0 (JSR 109), WSDL4J, UDDI4J, and WS-Security."
Desktop Applications Audio Applications BEAST/BSE v0.5.2 releasedVersion 0.5.2 of BEAST/BSE, the Bedevilled Audio SysTem and the Bedevilled Sound Engine, has been released. The pair form a GUI package that can be used for music composition, audio synthesis, and sample manipulation. "This new development series of BEAST comes with a lot of the internals redone, many new GUI features and a sound generation back-end separated from any GUI activities." A new track editor has been added.
CheeseTracker 0.8.0 is outVersion 0.8.0 of CheeseTracker, an electronic music application with synthesis, sampling, and sequencing, is available.
Three new releases of HorgandThree new releases of Horgand, an electronic organ simulator, have been released this week. Version 1.0 adds Auto-accompaniement, chord recognition, drum loops, bass samples, and bug fixes. Version 1.0.1 includes some additional refinements and bug fixes. Version 1.0.2 includes a Bass file pattern editor, adds load-save for rhythm patterns, fixes one bug, and more.
WaveSurfer 1.5.2 releasedVersion 1.5.2 of WaveSurfer, an audio visualization and editing program, has been released. Changes include support for a default configuration, storable preferences, a spectrogram analysis bandwidth slider, bug fixes, and more.
Desktop Environments KDE Traffic #55Issue #55 of KDE Traffic has been published. Topics include: dropping kmidi?, IR controller project, UI Abstraction Proposal, A happy user, KDE enterprise gets attention, Not enough time for KDE, and The promised treat.
KDE-CVS-Digest for June 20, 2003The June 21, 2003 edition of the KDE-CVS-Digest is out. KDE.News has this summary: "This week in KDE-CVS-Digest: CD burning application K3b begins to gain DVD writing functionality, continued fixes and improvements to KWin, more on the binary compatibility debate, bug fixes, and more."
Financial Applications GNUe Traffic #85Issue #85 of GNUe Traffic is out with the latest GNU Enterprise development news.
Games BZFlag 1.7g2 'steely eyed banana' released (SourceForge)SourceForge has an announcement for a new version of the game BZFlag. "Now with twice as mojo! New features include a nifty server administration system, autoconf, cheating protection, expanded platform support and much more. BZFlag is an OpenSource OpenGL Multiplayer Multiplatform battlezone capture the flag game."
Graphics Sodipodi 0.32 Released (GnomeDesktop)GnomeDesktop.org has an announcement for version 0.32 of Sodipodi, a vector-based drawing program. This is the second bugfix release after the switch to Gtk+ 2.0.
GUI Packages SPTK 2.0a2 releasedVersion 2.0a2 of SPTK, the Simply Powerful ToolKit, has been released. "I've made a lot of changes since version 1.3b, so it doesn't look like it relates to 1.3 anymore. As a matter of fact, I'm starting a version 2.0. So, here we go."
Interoperability Netatalk 1.6.3 released (SourceForge)Version 1.6.3 of Netatalk, an open-source set of Apple compatible file sharing utilities, has been released. "Netatalk 1.6.3 is a maintenance release for the 1.6 series that fixes various small bugs and glitches in Netatalk."
wine20030618 releasedVersion 20030618 of Wine, the Windows Emulator, has been released. Changes include Direct3D and DirectSound improvements, merged fixes from Crossover Office 2.0, a new iphlpapi dll, and bug fixes.
Wine Traffic #175Issue #175 of Wine Traffic has been published. Topics include: Wine-20030618, TransGaming Update, WineHQ Interview, DMusic Interfaces, Displaying Icons for Executables, Wintab Status, Workaround for Xvidmode Graphic Corruption, and Missing Bugzilla Descriptions.
Office Applications AbiWord-2.0 Beta 1 Released (GnomeDesktop)GnomeDesktop.org reports on the release of AbiWord 1.99.1. "This release contains bugs some of which have already been found and fixed. We invite interested users to test AbiWord-1.99.1 and report bugs to http://bugzilla.abisource.com/." The code is available for download here.
AbiWord Weekly NewsIssue #149 of the AbiWord Weekly News is out. "Abiword rakes in some more beau coups, while several developers attend GUADEC (which just reel them in!) Martin is the most powerful bait you can get in C++. Meantime, Frank's got an almost functional static plugin thing going on; another limited functionality Windows binary is created, but this one gets to SourceForge; another dialogue means another screenshot, and Windows users might see the next release having fixed their printing capabilities (though, note, not all are covered). Joaquin is cool that way. And, don't forget to get caught up on our GUADEC/Dublin fun!"
KOffice 1.3 Beta 1 ReleasedKDE.News has an announcement for KOffice 1.3 beta 2. "On June 18th 2003, the KDE Project released the second beta version of KOffice 1.3. It comes with a lot of bugfixes and a couple of new features such as a PDF import filter, new OpenOffice.org filters and more stencils for Kivio."
OpenOffice.org Scripting FrameworkAn early developer release (0.3) of the Scripting Framework for OpenOffice.org is available. New features include JavaScript support, support for filesystem scripts, improved edit and debug facilities, and more.
Web Browsers Mozilla 1.4 Release Candidate 3 Ships (MozillaZine)Mozilla 1.4 RC 3 has been announced. "The third, and probably final, release candidate of Mozilla 1.4 is now available. Get your copy from the mozilla1.4rc3 directory on ftp.mozilla.org and check out the Mozilla 1.4 RC3 Release Notes for more information."
Mozilla Thunderbird Gets Extension Support (MozillaZine)According to MozillaZine, extension support has been added to the Thunderbird browser.
Mozilla Status ReportThe Mozilla Status Report for June 20, 2003 is out. Topics include: Mozilla 1.4 Release Candidate 2, Mozilla Thunderbird, Technology Evangelism, Mozilla Start Page, Mozilla Calendar Alarms, and more.
NewsMonster 1.0RC1 Released (MozillaZine)MozillaZine reports on the release of NewsMonster 1.0RC1, a weblog manager. "This is the first 1.0-quality aggregator available for Mozilla. The major change in this release is the addition of a reputation system which I think will make this the killer Mozilla app!"
Miscellaneous FreeDOS kernel 2030 released (SourceForge)Kernel 2030 of FreeDOS has been announced. "FreeDOS kernel build 2030 is out with quite a few important bugs fixed. FreeDOS aims to be a complete, free, 100% MS-DOS compatible operating system. FreeDOS is free because it is released under the GNU General Public License."
GnomeMeeting 0.98 is available! (GnomeDesktop)Version 0.98 of GnomeMeeting, an H.323 compatible videoconferencing and VOIP/IP-Telephony application, has been released. "This is a major release with many changes and enhancements, and it should be the last release before the 1.0 cycle is reached."
Languages and Tools C++ C++ Memory Management: Principles (O'ReillyNet)O'Reilly has published an article on C++ memory management. "Half of wisdom is knowing what doesn't work. George Belotsky eloquently explained Common C++ Memory Management Errors in a previous article. This article explains design principles that will help you use C++ effectively and efficiently."
Caml Caml Weekly NewsThe June 17-24, 2003 edition of the Caml Weekly News has been published. Take a look for current Caml developments.
Lisp OpenMCL 0.13.6 releasedVersion 0.13.6 of OpenMCL is out. "This maintenance release features changes to Gray Streams and fixes a few bugs."
Perl This Week on perl5-porters (use Perl)The June 16-22, 2003 edition of This Week on perl5-porters is online. Topics include: Algorimic Complexity Attack, Clearing $1, siginfo, and Selected bugs.
This week on Perl 6The June 15, 2003 edition of This week on Perl 6 is out with the latest Perl 6 language news.
Hidden Treasures of the Perl Core, part II (O'Reilly)Casey West covers more internal modules in the Perl Core on O'Reilly. "In this article, we dig deeper to uncover some of the truly precious and unique gems in the Perl Core."
PHP PHP 4.3.3RC1 ReleasedPHP version 4.3.3RC1 has been released. The changes include support for the latest GD library, better POSIX socket ID support, an improved IMAP extension, bug fixes, and lots more. See the NEWS file for details.
PHP Weekly Summary for June 23, 2003The PHP Weekly Summary for June 23, 2003 is out. Topics include: PHP 5 beta TODO list, PHP 4.3.3 RC 1, GD, GIF, Animated GIF, International PHP Conference 2003, Binary PECL packages, MySQL extension.
Transforming XML with PHP (O'Reilly)Bruno Pedro explains transforming XML from PHP on O'Reilly. "This article compares two methods of transforming XML in PHP: PEAR's XML_Transformer package and the W3C XML transformation language XSLT. I will first describe the PEAR project and its philosophy, with a focus on its XML transformation techniques. I will then give a brief introduction to XSLT and the way to use it from PHP."
Python Dr. Dobb's Python-URL!The Dr. Dobb's Python-URL for June 23, 2003 is out, with weekly news and links for the Python community. This week's issue contains discussions on the low-down on range() and xrange(), and what might happen to them in the future; security problem with naïve SQL quoting; and much more.
Daily Python-URL Daily Python-URLThe Daily Python-URL has several new interviews and the usual assortment of Python-related articles.
wxPython 2.4.1.2 releasedVersion 2.4.1.2 of wxPython, a Python interface to the wxWindows GUI library, is available. See the CHANGES file for details on what's new.
Scheme Scheme Weekly NewsThe June 23, 2003 Scheme Weekly News is out with the week's Scheme language development news.
Shells Zsh 4.0.7 and 4.1.1 released (SourceForge)Two new versions of zsh, an alternative Unix shell program, has been released. "4.1.1 introduces many new features both in the main shell and as library add-ons. It has been in development for some time and is believed to be fairly stable. 4.0.7 is a bug-fix release for the stable branch of zsh."
Tcl/Tk Dr. Dobb's Tcl-URL!The June 23, 2003 edition of Dr. Dobb's Tcl-URL! is out with the week's assortment of Tcl/Tk development tips and news articles.
XML Bring Scalable Vector Graphics to life with built-in animation elements (IBM developerWorks)Brian John Venn writes about SVG on IBM's developerWorks. "Scalable Vector Graphics (SVG) is an XML-based language for drawing two-dimensional graphics. Sound dull? Far from it. SVG has many exciting features available to it such as transformations, alpha masks, filter effects, and animation. This tip provides working examples to show you how to apply the five flavours of SVG animations to your SVG documents."
CSS 3 Selectors (O'Reilly)Russell Dyer writes about CSS 3 Selectors on O'Reilly. "Although the promise of Cascading Style Sheets (CSS) has been wondrous, the progress has been wanting. As with all W3C standards, there is the lengthy discussion process conducted by the related working group, then the problem of implementation by web browser vendors, and finally the unpredictable period of time for people to update to new versions of their browser. These steps can take a year or two each."
Debuggers GDB 6.0 branch createdA new version 6.0 branch of GDB, the GNU Project Debugger, has been created. The code is available via CVS.
Page editor: Forrest Cook Linux in the news Recommended Reading Linux Is Not Ready For the Enterprise (Opinion) (TechWeb)Ready for your daily FUD? Try this piece by Rob Enderle in Internet Week. "Clearly any 'alternative' platform that has backers who can't control their language, or worse, use methods which now are classified by several governments as terrorist acts, should be on the list of things you would like your competitors to use but would avoid yourself like the plague." If you respond to this guy, please try to show him that Linux users can use polite and well-reasoned arguments - even if he does not. (Thanks to Joe 'Zonker' Brockmeier).
My Visit to SCO (Linux Journal)The Linux Journal is running a lengthy article by a developer who signed SCO's NDA and looked at some of their evidence. "If this is SCO's only example of Unix code appearing in Linux, I very much doubt there is any real legal liability for Linux users. If the code is indeed derived from Unix, which is unproven, it is roughly equivalent to typing in some code from a basic computer programming text without permission. While I hesitate to predict the actions of the legal system, it is very difficult for me to believe that any judge actually would award damages on the basis of this code."
SCO smear campaign can't defeat GNU community (ZDNet)Richard Stallman sounds off on the SCO lawsuit in this ZDNet column. "In a community of over half a million developers, we can hardly expect that there will never be plagiarism. But it is no disaster; we discard that material and move on. If there is material in Linux that was contributed without legal authorization, the Linux developers will learn what it is and replace it. SCO cannot use its copyrights, or its contracts with specific parties, to suppress the lawful contributions of thousands of others. Linux itself is no longer essential: the GNU system became popular in conjunction with Linux, but today it also runs with two BSD kernels and the GNU kernel. Our community cannot be defeated by this."
Open source's moment of truth (News.com)Here's a lawyer's perspective on the open source movement in the wake of SCO vs. IBM. "Even if IBM prevails in this case, lingering doubts about future licensing problems could hinder further adoption of open-source software. Corporate IT spending is just beginning to stir after two years of deep sleep, but corporations will be wary of any risky IT investments, especially those that could also bring new legal risks. The open-source community must face these fears directly if it wishes to continue building their relationship with corporate America."
Trade Shows and Conferences Hall: Protect open source from 'looters' (ZDNet)ZDNet covers Jon "maddog" Hall's keynote speech at the Linux User and Developer Expo 2003. "Hall compared the ongoing legal battle between The SCO Group and the open-source community to the looting of Iraq's national treasures following the recent war in the Gulf."
Companies Start-up launches low-cost Linux PCs (News.com)News.com covers Linare, a small company that has launched a new line of inexpensive Linux PCs. "Analysts don't foresee an easy time for Linare in mature markets such as the United States but give the company better odds in India. "What they're doing is bottom fishing for consumers who haven't yet bought a PC only because of price point," said IDC analyst Roger Kay. "My sense is that most people who are culturally attuned to the PC market have bought PCs, one way or the other. Of those who have not bought, there are not that many who haven't bought them purely for price reasons.""
Linux Adoption Linux Access in State and Local Government, Part II (Linux Journal)Linux Journal examines Open Source Software use in the state of Texas. "Key Texans believe state and local governments should embrace Linux and open-source software (OSS) to reduce taxes. The local media decided differently and did not inform the general public about OSS initiatives in the legislature. This is especially odd, as the Houston Chronicle runs Linux on an IBM mainframe and the city administrators made the front page of USA Today for bucking Microsoft. In addition to the Chronicle, the parent of the Dallas Morning News, Belo Corporation, uses Linux to host web sites and invested heavily in :CueCat, a product driven by the Linux operating system. So, advocates of the OSS bill feel baffled."
The Penguin on the Desktop (IT-Director)IT Director takes a look at the Penguin on the Desktop. "Interest in Linux is also exploding elsewhere in the third world from Brazil to the Philippines, so the possibility arises that the Linux desktop will proliferate from the ground up, storming the North American and European markets after establishing economies of scale in the third world."
FLOSS Gives India a Boost in Many Markets and Endeavors (Linux Journal)Linux Journal finds free/libre and open source software (FLOSS) flourishing in India. "A recent conference in India offered examples of how FLOSS affects everything from education and health services to internal software markets. From banks and hospitals to software houses and prestigious technological institutions, the charm of free/libre and open-source software (FLOSS) is casting a spell in India that is pushing many here to venture into uncharted fields."
Linux and Microsoft (Yet Again) (IT-Director)Time for our daily analyst pronouncement: Robin Bloor has a column on IT-Director which looks at several topics, including total cost of ownership, the SCO lawsuit, and the future of Linux. "The current battle being played out is for the desktop. Linux has all the momentum it needs in the server market and it appears to be gaining ground in the third world at a rate that has got major manufacturers creating Linux PC offerings. The next few years will be interesting to watch."
Airlines starting to fly with Linux (NewsForge)NewsForge looks at Linux adoption in the airline industry. "Don't expect Linux to take over the aviation industry in the next few weeks or months. It's a conservative, highly-regulated business that does extensive evaluations before making even small changes. Interest and test installations today may not mean full-scale Linux use for at least another year or two by even the most receptive airlines and military aviation administrators. And, according to Berghammer, most of the early "Linux in aviation" adoptors are likely to be in Europe, the Middle East, and Asia, not the United States."
Getting the Desktop Ready for Linux: A Historical Analysis (Linux Journal)The Linux Journal examines the progress of desktop Linux, along with the challenges that remain. "Wal-Mart can cut a deal to get a few hundred PCs with SuSE on them, store them in a warehouse somewhere and ship them onesie-twosie to the oddball cust, err, enlightened individuals who want them. They're not going to ship ten PCs to every Wal-Mart in the country, sacrifice the shelf space, endure the customer confusion when somebody picks one up and takes it home expecting the latest offering from Microsoft to be pre-loaded--you see where I'm going."
Interviews Torvalds Speaks Out on SCO, Linux (eWeek)eWeek interviews Linus Torvalds. "Linus Torvalds, the founder and lead developer of the Linux open-source operating system, has some strong views about the legal dispute between The SCO Group and IBM, which he shared with eWEEK Senior Editor Peter Galli in an e-mail exchange last week. Torvalds also last week announced he was taking a leave of absence from Transmeta Corp. and becoming the first full-time fellow at the Open Source Development Lab, where he will continue to drive the next version of the Linux kernel, 2.6, due later this summer." (Thanks to Ravi Parimi)
EuroPython InterviewsEuroPython2003 begins June 25, 2003, and the EuroPython organizers are wrapping the interviews-with-speakers series with this interview with Martijn Faassen and this interview with Tim Couper.
More EuroPython interviewsHere are two more interviews with EuroPython speakers, but first, to EuroPython attendees: "We try to keep the conference as low-budget as possible. One of the results is that we don't print/handout the brochure. Therefore this small reminder." Find the brochure here and print out the parts you want. Now, meet Nicolas Chauvat and Paul Everitt.If you haven't been following the comments, then you probably missed the interviews with Phil Thompson and Duncan Grisby.
The Zen of Python - Part II (artima.com)Artima.com has published Part II of an interview with Bruce Eckel. "In this second installment, Bruce Eckel explains why he prefers Python's valuing programmer productivity over program performance, Python's you-want-it-you-can-have-it attitude, and Python's zen-like learning curve."
Resources Secure Cooking with Linux, Part 1 (O'ReillyNet)This O'ReillyNet article presents selected recipes from Linux Security Cookbook. "Public-key authentication lets you prove your identity to a remote host using a cryptographic key instead of a login password. SSH keys are more secure than passwords because keys are never transmitted over the network, whereas passwords are (albeit encrypted). Also, keys are stored encrypted, so if someone steals yours, it's useless without the passphrase for decrypting it. A stolen password, on the other hand, is immediately usable."
Reviews Linux supercomputer now world's No. 3 (vnunet)Vnunet covers the TOP500 supercomputing list, and finds a Linux cluster is the third fastest supercomputer in the world. "According to the 21st TOP500 supercomputing list, the Linux Networx Evolocity system, known as MCR, can process 7.6 trillion calculations per second (teraflops) running the Linpack benchmark, and is the fastest Linux cluster in the world."
Miscellaneous WorldWatch Week in Review (Linux Journal)Linux Journal looks at OSS news from around the world. "This week in WorldWatch, we've seen more government entities making the decision to embrace Linux and Free Software, mainly in Europe but also in South Africa."
Industry group urges government to think twice on open source (ZDNet)More FUD for the day, this time from the UK. Intellect is introduced in the article as a group which represents about 1,000 UK IT companies. "Intellect said it has no objection to the use of open-source licences as such, but is strongly opposed to the use of the GPL. The group argued that the GPL's conditions would prevent the government from profiting from its software, and could estrange proprietary software companies. "When the Government decides to develop software using a restrictive licensing base, such as the GNU GPL, (it) should be aware that this would prevent it from deriving commercial gain from any subsequent derivative programs and prevent or severely limit the opportunities to work with commercial companies on such projects," Intellect said in the response paper." (Thanks to Alastair Stevens)
Page editor: Forrest Cook Announcements Commercial announcements Convea adopts open-source paradigmConvea has released its Enterprise Pro 5.1 software under the GPL. "Convea version 5.1 offers over 19 web based applications, tools and business utilities including: Email, Group Calendaring, Group Scheduling, Group Discussion, Instant Messaging, Instant Conferencing, Knowledge Management, File Management, And Much More."
Graphics Muse Tools CD Version 2.0 releasedVersion 2.0 of the Graphics Muse Tools CD is available. "Graphics Muse is pleased to announce the release of the latest version of The Graphics Muse Tools CD, a suite of plug-Ins, brushes, and patterns designed specifically for use with GIMP 1.2 on Linux systems."
"Hacking the Xbox" availableNo Starch Press has announced that Hacking the Xbox by Andrew "bunnie" Huang is now available. Quoting the author: "No Starch Press distinguished itself as the only publisher with the courage to accept the book without any suggestion of censorship or caveats."
MandrakeSoft introduces "MandrakeClustering"MandrakeSoft has introduced "MandrakeClustering". Designed to meet the high-demands of clustering solutions inside research laboratories and other compute-intensive industries, MandrakeClustering is an achievement of the CLIC research project. Supported architectures currently include AMD Opteron, Intel Pentium and compatible processors (IA-64 support to come later in September).
Novell launches 'Nterprise Linux Services'Novell has taken its next step into the Linux world with the announcement of its "Nterprise Linux Services" product which provides the Novell file and directory management, printing, and messaging services. It runs on the Red Hat and SuSE "enterprise" distributions (no word on whether it actually works on the cheaper Red Hat and SuSE versions). There are also deals with Dell, HP, and IBM to distribute Novell's new offerings.
O'Reilly releases "Essential CVS"O'Reilly has published the book "Essential CVS" by Jennifer Vesperman.
SuSE Linux Enterprise Server Selected by Cray Inc.SuSE Linux announced that it has been chosen by Cray Inc. to drive key aspects of the U.S. Department of Energy's new massively parallel processing (MPP) supercomputer called Red Storm at Sandia National Laboratories, California, which, when completed, will be the fastest supercomputer in the US.
Trustix Offers Small Office Server and Suite Through US ChannelTrustix is making its Small Office Server available. "Trustix, the IBM independent software vendor of security and network management solutions for Linux, announced today that its Small Office Server is now available through US channel partners. Trustix also announced that Texum Technology, Inc. and Interpretis, Inc. have joined its growing list of US-based resellers."
UnitedLinux Launches partner programDefying rumors of its death, UnitedLinux has announced a new partner program for independent systems vendors. The program allows vendors to get their products certified as "UnitedLinux Ready," use a special logo, and be listed on the UnitedLinux web site. It will be interesting to see what the level of uptake is.Here's a quote from the PR: "ISVs interested in self-certification will obtain a current version of UnitedLinux -- a free, downloadable developer's version of UnitedLinux for testing purposes is available from the UnitedLinux Website's Developer's Zone." It would seem that SCO, whose name appears several times in the release, has not completely stopped distributing Linux.
Resources The Linux vs. SCO Decision MatrixCon Zymaris has put together the Linux vs. SCO decision matrix, a concise exploration of various ways in which the SCO lawsuit could play out. The conclusions ("Linux is unaffected" in all scenarios) may be a bit optimistic, but it is a worthwhile exercise regardless.
Dasher paper and slides (GnomeDesktop)Some slides and a paper on Dasher, a character entry system that uses visual tracking instead of a keyboard, have been published.
JDO Persistence, Part 1 (O'ReillyNet)O'Reilly has published an excerpt from the book Java Database Best Practices. "In this first of three excerpts from Chapter 7 of Java Database Best Practices, author George Reese describes all the available persistence options for Java architects and developers, and provides data to help you choose the persistence option that best fits the requirements and scale of your application."
Checking Hotmail with KMail/GotmailKDE.News covers a new tutorial on using Hotmail email in KMail. "At our Belgian SuSE LUG, we have written a handy bilingual HOWTO about how you can check your Hotmail email in KMail with the help of Gotmail."
Introduction to ZGDChartNidelven-IT has published a tutorial on ZGDCharg. "In this article we'll be looking at ZGDChart, a chart-rendering product for Zope. I'll show you how to get it, install it, use it and talk a bit about Zope's 'unification' abilities as well."
Upcoming Events 4th Libre Software MeetingThe fourth Libre Software Meeting willl be held in Metz, France from July 9-12, 2003.
Linuxtag in Karlsruhe (GnomeDesktop)GnomeDesktop has posted the announcement for the GNOME participation in the Linuxtag conference, to be held in Karlsruhe, Germany on July 10-13, 2003.
A report from the first day at EuroPythonStéfane Fermigier (of Nuxeo) is attending the EuroPython Conference in Charleroi, Belgium. He has written up a report of happenings from the first day at that conference. Click below for information on Guido van Rossum's talk on Zope 3, along with other talks on through-the-web development, extreme programming, Zope in public administration, the Silva environment, PyPy, Python metaclasses, and more.
Embedded Systems Conference, BostonThe Embedded Systems Conference will be held in Boston, Mass. on September 15-18, 2003.
ILC 2003 Programming ContestA lisp programming contest will be held at the International Lisp Conference 2003 in New York City during October, 2003. "The contest will involve solving the Last Piece Puzzle, a "small but fiendish puzzle"."
LogOn Web Days Europe Call for SubmissionsA call for submissions has gone out for LogOn Web Days Europe, a series of events that will be held across Europe in September and October, 2003.
International PHP Conference 2003 CFPA Call for Papers has gone out for the International PHP Conference 2003, to be held in Frankfurt, Germany on November 4 and 5, 2003. Abstracts are due in by July 14, 2003.
First round of GU4DEC slides (GnomeDesktop)GNOMEDesktop.org presents some slides from the GU4DEC talks.
Second round of GU4DEC slides (GnomeDesktop)GnomeDesktop.org has put together a second roundup of articles and slides from the GU4DEC conference.
YAPC::NA::2004 Call for Venue (use Perl)A Call for Venue has gone out for the YAPC::NA::2004 conference. "With YAPC::NA::2003 over, it's time to get ready for YAPC::NA::2004, and that means it's time to throw open the call for venues for next year's YAPC."
Events: June 26 - August 21, 2003
Web sites Ogg Vorbis HelpA new web site called OggHelp is online, take a look for answers to common Ogg Vorbis audio compression software questions and related resources.
Provo Linux users protest at SCOOn Friday, June 20, the Provo Linux Users Group decided to head on over to SCO's offices and hold a protest; information on the event, including pictures and press coverage, can be found on the PLUG page. Among other things, the protesters claim that SCO employes came out and joined the event holding pre-prepared signs saying things like "I love software piracy" and "Try communism - use Linux." (Thanks to Phillip Warner).Update: in case you're not following the comments, photos of SCO's (insulting) anti-protest signs can be found on this page. Thanks to amaoui for posting the pointer.
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Miscellaneous Zend PHP Usage SurveyZend is conducting a PHP Usage Survey. Fifty randomly chosen participants will receive a PHP T-shirt.
Page editor: Forrest Cook Letters to the editor An open appeal to SCO
I'm making it easy--15 minutes and 150MB of RAM for them to find code shared
between Linux and Unix. This program uses the rolling hash technique
proposed by Egan at the Inquirer.
Searching for Linux code in SCO kernel (or vice versa)
Hello,
Page editor: Jonathan Corbet
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Corel Rescue]](/images/ns/corelrescue.jpg)