LWN.net Weekly Edition for July 25
RealNetworks goes open source - sort of
With a fair amount of hype, RealNetworks announced, on July 22, its new "Helix" platform. Helix, it is said, is an open platform for the management, delivery and playback of streaming media in multiple formats. As a way of showing how open the platform is, RealNetworks pulled in Eric Raymond to endorse the new scheme:
"It's great to see RealNetworks recognizing the power of open
source," said Eric S. Raymond, president of the Open Source
Initiative. "They'll get the reliability and security benefits of
peer review, and they are contributing an important capability to
the Internet infrastructure."
This all sounds good. A closer look turns up a lower degree of openness than one might wish for, though there is an open source component to this release.
There are three components to the Helix system, being the "Helix DNA Encoder," "Helix DNA Server," and the "Helix DNA Client." The client, of course, is the code that sits on a desktop (or within a web browser, or elsewhere) and receives and plays back a media stream. This code will be released (in 90 days) under the RealNetworks Public Source License (RPSL). The RPSL is GPLish, in that it includes the usual copyleft provisions: if you distribute a modified version of the code, you must distribute source under the same license. The RPSL does have a couple of features not found in the GPL, however:
- The license explicitly excludes "runtime libraries," which are
dynamicly linked into the client, from the copyleft provisions. This
exclusion is there, of course, to allow the distribution of
proprietary codecs.
- When you release modifications under the RPSL, RealNetworks gets the right to use your code in any way it wants, including incorporation into proprietary products.
This license will eventually be submitted to the Open Source Initiative for certification as "open source." It may require some modification first: there are claims, for example, that the jurisdiction and export provisions in section 13.7 make the software non-free. Users are, among other things, unable to distribute the software to the "Taliban controlled areas of Afghanistan."
The client code has not actually been released yet, so it is difficult to say for sure what will be in it. One thing that will not be there, however, is a codec for the proprietary RealAudio and RealVideo formats. So there will still be no completely free player for these formats for Linux. It will be possible, however, to use the client to make a (nice, presumably) 100% free player for Ogg Vorbis streams. In fact, RealNetworks is working with Xiph.Org to do exactly that.
The Encoder product (which creates media streams) and the Server (which manages the whole thing) will not be open source; instead, they will be available under the RealNetworks Community Source License (RCSL). This license provides access to the source, but does not allow redistribution without the payment of royalties. It is a "shared source" license which will be useful to those building products with RealNetworks code, but it is not particularly exciting for the free software community. Free software hackers working on streaming media projects may, in fact, want to stay away from RCSL-licensed code entirely to avoid any risk of "contaminating" their code with RealNetworks' intellectual property.
The end result is that the free software community will have more code than it did, and that is a good thing. With luck, RealNetworks will be successful with its new strategy, and will open more code in the future. (For more information, see the "Helix Community" web site).
Here come the copyright vigilantes
For a view into just how weird our world is becoming, have a look at this News.com article by Declan McCullagh. Mr. McCullagh got a chance to read a draft law by U.S. Representatives Howard Berman and Howard Coble that would legalize attacks against P2P networks:
The legislation would immunize groups such as the Motion Picture
Association of America and the Recording Industry Association of
America from all state and federal laws if they disable, block or
otherwise impair a "publicly accessible peer-to-peer network."
Anyone whose computer was damaged in the process must receive the
permission of the U.S. attorney general before filing a lawsuit,
and a suit could be filed only if the actual monetary loss was more
than $250.
This is worth stating again: somebody who claims that you might be violating their copyright will be legally allowed to attack your systems. You can not challenge the attacker in court without getting permission from a federal bureaucrat - who, one assumes, may not be particularly sympathetic to your cause.
For added fun, any "copyright holder" will be authorized to act in this fashion. As soon as, say, a copyrighted article is posted to Usenet, the owner of that article will have the right to take the whole thing down. If one makes the reasonable assumption that some people might just feel the need to retaliate against an attack of this nature, whether or not they are protected by federal law, it is not hard to foresee a time when the net is a rather more violent and unpleasant place than it is now.
It is hard to imagine this law actually passing - though it is dangerous to assume reasonable behavior in Washington these days. But the proposal is a clear sign of the sort of power grab that is underway. Not only do they want control over every bit that passes through your computer; they also want the ability to take justice into their own hands if they don't like your behavior. Stallman's The Right To Read looks more prophetic all the time.
The end of the road
Over the last several months we at LWN have looked at numerous ways of funding this operation. It takes people to write LWN, and it takes a lot of their time; it is not something that is easily handled on "off hours." Those people really would like to be paid for their time, and that is something which has not happened here for quite a while. Various approaches to bringing in money have been tried; the most successful of all was simply asking LWN readers for donations to keep the operation going. But we have not succeeded in raising even a fraction of the required funds.Other options (such as subscriptions) have been considered in depth, but there is little promise (and much aggravation) to be found in that direction.
So the time has come to face the reality of the situation: what LWN is offering is not what the market is willing to pay for at this time. It's time to find something else to do.
The end result is that next week's LWN Weekly Edition (August 1) will be the last. This has not been an easy decision to make, to say the least. But, barring some sort of last minute miracle (do contact us if you have one, please!), we do not see any alternative.
We'll have more information next week on things like content tarballs and releasing the site source. Some parts of LWN may yet go on in a different form as well. But this particular journey is coming to an end. It has been a great ride.
Security
Brief items
Using Linux to secure Microsoft Windows
NAH6 of Amsterdam plans to develop and sell laptops running Microsoft Windows on top of Debian GNU/Linux to encrypt all Windows files. The software will be "free for noncommercial use." See the articles in ZDNet and News.com for more informaiton.Feds set to enforce PC security (ZDNet)
Four US Government agencies are putting together some security benchmark tests for various operating systems. "The benchmark is a program that checks the target operating system for unpatched flaws and system settings that could make PCs vulnerable to intrusions or bugs. While the first such benchmark focuses on Windows 2000 workstations, versions of the program for Windows 2000 and NT servers, Sun Microsystems' Solaris operating system, Cisco's IOS router operating system, Linux and HP-UX are in the works."
Online Security Incidents Jump in 2002 (PCWorld.com)
PCWorld.com considers the implications of the 1988-2002 CERT/CC Statistics since the recent addition of the numbers for the second quarter of 2002.
Internet security incidents for the first half of 2002 are up sharply over 2001 and are on pace to substantially exceed last year's figures, according to new statistics released Thursday by the Computer Emergency Response Team Coordination Center (CERT/CC).
This increase, however, may be due to better reporting and awareness, and not due to substantially increased attack activity, according to a CERT/CC representative.
Scripting flaw threatens Web servers (News.com)
News.com looks into recent PHP security vulnerabilities. "A flaw found in newer versions of the PHP Web server scripting language could allow attackers to crash, and in some cases control, computers over the Internet, an open-source developer group announced Monday. The vulnerability affects versions 4.2.0 and 4.2.1 of PHP, according to the PHP Group."
Please also see the LWN.net vulnerability report. In particular, almost every Linux distributor appears to ship older (and thus not vulnerable) versions of PHP.
Security reports
SSH Protocol Trick
Sebastian Krahmer has written a paper which describes (PDF format) "how SSH clients can be tricked into thinking they are missing the hostkey 2 even though they already have it in their list of known keys." A shorter version of the paper appears in PHRACK 59. The paper and exploit program will be "uploaded to 7350.org as soon as the issue has been 'solved' by SSH vendors and some corrections made it into the text."Mozilla Javascript cookie stealing vulnerabilty
Andreas Sandblad reports that Mozilla allows script written in javascript to steal cookies from other domains. He reports the problem as fixed in Mozilla 1.1 Beta released 02-07-22. A Bugzilla entry describing the problem is also available.Mailman cross-site scripting vulnerability
Mailman versions 2.0.11 and prior have what appears to be an Internet Explorer client specific cross-site scripting vulnerabilty. The problem is fixed in Mailman 2.0.12 which is available from here.Geeklog XSS and CRLF Injection Vulnerabilities
Ulf Harnhammar reports that Geeklog 1.3.5sr1, and possibly earlier versions, has a cross site scripting vulnerability and a CRLF Injection hole. The problems are fixed in Geeklog 1.3.5sr2.
Geeklog is a 'blog', otherwise known as a Weblog. It allows you to create your own virtual community area, complete with user administration, story posting, messaging, comments, polls, calendar, weblinks, and more! It can run on many different operating systems, and uses PHP4 and MySQL.
Pyramid BenHur Firewall leak
The BenHur Firewall from Pyramid Solutions has a bug in the active FTP portfilter ruleset that results in a firewall leak. The problem is fixed in experimental update 067 (19 Jul 2002).
BenHur is a firewall appliance based on Debian Linux using Linux
kernel 2.2.x built-in ipchains firewalling capabilites.
New vulnerabilities
PHP Remote Compromise/DOS Vulnerability
| Package(s): | mod_php4 | CVE #(s): | |||||
| Created: | July 22, 2002 | Updated: | February 18, 2003 | ||||
| Description: | PHP 4.2.0 and 4.2.1 have an error in the handling of POST requests which
can lead to the corruption of memory, and the usual bad consequences. According to this alert, the vulnerability can only be used for denial of service on x86 systems - there is no way to get it to run exploit code. SPARC/Solaris systems are apparently vulnerable to full remote compromise.
According to the CERT Advisory, almost every Linux distributor, it seems, ships older (and thus not vulnerable) versions of PHP. Note that, sometimes, systems thought to be safe from remote compromise turn out to be vulnerable to a modified attack, so x86 users should not relax too much. The solution, for those systems with PHP 4.2.0 or 4.2.1 installed, is to upgrade to PHP 4.2.2. For more information see the alert from the discover of the vulnerability, Stefan Esser of e-matters GmbH, or the security advisory from the php team. CERT Advisory: CA-2002-21 Vulnerability in PHP | ||||||
| Alerts: |
| ||||||
Resources
Wireless Security Blackpaper (Ars Technica)
Trey "Azariah" Dismukes has written a black paper on security and wireless networks.
Fast forward to today. While wireless networks have seen widespread adoption in the home user markets, widely reported and easily exploited holes in the standard security system have stunted wireless' deployment rate in enterprise environments. While many people don't know exactly what the weaknesses are, most have accepted the prevailing wisdom that wireless networks are inherently insecure and nothing can be done about it. Can wireless networks be deployed securely today? What exactly are the security holes in the current standard, and how do they work? Where is wireless security headed in the future? This article attempts to shed light on these questions and others about wireless networking security in an enterprise environment.
TASK 1.50 & Autopsy 1.60 release
Brian Carrier announced the release of The @stake Sleuth Kit (TASK) 1.50 (with NTFS Support) and Autopsy 1.60.
The @stake Sleuth Kit (TASK) and Autopsy Forensic Browser are an open
source alternative to the common Windows-based digital forensic tools.
Autopsy provides an investigator with an HTML-based graphical interface
that allows one to browse images from compromised systems in a "File
Manager"-like interface. Windows and UNIX file systems can be analyzed
to view deleted files, create time lines of file activity, and perform
key word searches.
Web based portscan database
Ryan Fox announced the initial release of the Portscan web based portscan database tool. "I have developed a web based portscan database tool, aptly named Portscan. Currently, it accepts portscans in nmap's xml format and stores them in it's database (MySQL). Searches can be performed on the database by hostname/os. "Linux Security Week and Advisory Watch
The July 22nd Linux Security Week and July 19th Linux Advisory Watch newsletters from LinuxSecurity.com are available.
Events
University of Idaho Workshop on Computer Forensics
The workshop will be held September 23rd, 24th and 25th, 2002, in Moscow, Idaho, USA.
Due to the generosity of our sponsors, I'm able to offer several
scholarships to academics (faculty and students) to assist with the
costs of travel and lodging. We're primarily allocating them to
faculty considering teaching a computer forensics course,
students/faculty beginning research in the area who would benefit from
a broad overview, and speakers who are presenting their research at
our workshop (speaker slots still open).
Upcoming Security Events
| Date | Event | Location |
|---|---|---|
| July 31 - August 1, 2002 | Black Hat Briefings 2002 | (Caesars Palace Hotel and Resort)Las Vegas, NV, USA |
| August 2 - 4, 2002 | Defcon | (Alexis Park Hotel and Resort)Las Vegas, Nevada |
| August 5 - 9, 2002 | 11th USENIX Security Symposium | San Francisco, CA, USA |
| August 6 - 9, 2002 | CERT Conference 2002 | Omaha, Nebraska, USA |
| August 19 - 21, 2002 | Canadian Security & Intelligence Conference(CSICON) | (Hyatt Regency)Calgary, Alberta Canada |
| August 28 - 30, 2002 | Workshop on Information Security Applications(WISA 2002) | Jeju Island, Korea |
| September 19 - 20, 2002 | SEcurity of Communications on the Internet 2002(SECI'02) | Tunis, Tunisia |
| September 23 - 26, 2002 | New Security Paradigms Workshop 2002 | (The Chamberlain Hotel)Hampton, Virginia, USA |
| September 23 - 25, 2002 | University of Idaho Workshop on Computer Forensics | (University of Idaho)Moscow, Idaho, USA |
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.
Page editor: Dennis Tenney
Kernel development
Brief items
Current kernel release status
The current development kernel is 2.5.28, released on July 24. It contains major changes to the interrupt handling subsystem (see below), large m68k and PPC64 updates, Russell King's long-awaited new serial driver, numerous filesystem and block device changes from Alexander Viro, and more. Those wanting the details can see the long format changelog.2.5.27 was announced by Linus on July 20 (the long format changelog is also available). The truly significant changes in this release included Rik van Riel's reverse-mapping VM and the beginning of the Linux Security Module merge. The LSM patch includes hooks mostly relating to process control; the rest should find their way in with later releases. This kernel also contains a lot of USB and RAID changes, some NFS tweaks, and various other fixes and updates.
2.5.27 also included Martin Dalecki's IDE 99 and IDE 100 patches which, for some reason, were not posted to the public list. Unfortunately, IDE 99 contains a bug which can lead to system lockups and file corruption; thus 2.5.27 gave some users more than they had bargained for. The discussion of the 2.5 IDE problems continues on linux-kernel; the latest development is that IDE hacker Bartlomiej Zolnierkiewicz, who, until recently, has been one of Martin Dalecki's defenders, has stated his intention to create his own IDE subsystem, based on the 2.4 implementation.
The current prepatch from Dave Jones is 2.5.27-dj1. "Mostly resyncing with the
various trees that have sprouted in the last week, and applying obvious
stuff that didn't take much thinking.
"
Guillaume Boissiere's latest 2.5 status summary is dated July 23. Guillaume has also posted a 2.5 TODO list with the best available guesses as to what will happen between now and the Halloween feature freeze.
The current stable kernel is 2.4.18. Marcelo posted the third 2.4.19 release candidate on July 19. It is, he says, the last release candidate unless something really serious comes up.
Alan Cox's current prepatch is 2.4.19-rc3-ac2; in addition to numerous fixes it includes the new disk quota code from 2.5.
Kernel development news
Thrashing the interrupt code
Dig into the source of an old Unix system, and you will almost certainly find calls to cli() and sti(), which disable and enable interrupts, respectively. The Linux kernel, too, has these calls. In the Good Old Days, when Linux did not run on SMP systems, a call to cli() was sufficient to guarantee exclusive access to any resource of interest. Kernel code was not preemptable, so, in the absence of interrupts, no other kernel code had any possibility of running.SMP changed all that, of course. The cli() call remained, however, for the few places that really needed it - and to avoid having to change a great deal of code which relied on cli() for mutual exclusion. The cli() call became global, in that it disabled the handling of interrupts on all processors in the system. Note that it did not disable the interrupts themselves, just the processing of those interrupts. This was accomplished by way of the "big IRQ lock" (global_irq_lock); once cli() was called, any processor attempting to handle an interrupt would spin on that lock until things were released with sti(). Needless to say, spending a lot of time with interrupts globally disabled in this way is not good for performance; thus the use of cli() and sti() has been discouraged for a long time.
As of 2.5.28, these functions are no longer discouraged - they are gone. Ingo Molnar sent out a patch (since revised an unbelievable number of times) which removes the global_irq_lock, the cli() and sti() primitives, and more. The result is the removal of a bunch of old legacy code, a faster IRQ handling subsystem, and a great many broken drivers. Said drivers are being fixed, but building Linux kernels for SMP systems could be a bit challenging for the next release or two.
This patch also merges three different counters that the kernel used to maintain:
- The hard IRQ counter (__local_irq_count), which tracked the number of hardware interrupts currently being serviced by each processor;
- The soft IRQ counter (__local_bh_count), which tracked software interrupts (bottom halves, tasklets, etc.); and
- The preemption counter (preempt_count, in the task structure) which noted whether the process had been preempted in kernel space.
The soft IRQ and preemption counters could also be used to disable software IRQs and kernel preemption by setting them to a nonzero value. The two IRQ counters, taken together, indicate whether the processor is currently responding to an interrupt. In other words, all of these counters are related to each other - they describe what kind of code is running at the moment and what sorts of diversions the processor is allowed to take. So, with Ingo's patch, all three have been merged into the per-process preemption counter. This change results in some simplified code; it should be mostly transparent to the rest of the kernel.
The cli() change is not transparent, though. People maintaining or writing drivers will now need to bear in mind that there is no longer any way to globally disable interrupts. You can still disable interrupts for the current processor (with local_irq_save() and friends), but other processors will still accept and handle interrupts. The only really safe way of protecting resources is most situations is with spin_lock_irq(); a number of drivers will need to be (finally) converted over to real locking before they will work again. Ingo has included a document (cli-sti-removal.txt) in the kernel source to help driver maintainers who are wondering how to handle this change.
On the initialization of structures
The kernel source contains a great many structures which are initialized at compile time. Back in the 2.3 development series, substantial effort went into converting all of those initializations into the gcc designated initialization format:
struct something my_struct = {
field_1: value,
field_2: value,
...
};
The advantage of this format, of course, is that it is possible to clearly initialize a subset of the structure's fields and not have things break if the declaration of the structure changes. It was a good change which cleaned up a lot of code.
There's only one problem: the C99 standard chose a different format. Standard-compliant C should instead contain initializations that look like:
struct something my_struct = {
.field_1 = value,
.field_2 = value,
...
};
After a bit of discussion, the kernel hackers have decided to, you guessed it, convert all of the structure initializations in the kernel to the new format. Those changes are starting to find their way into the mainline; all new code should certainly be done the standard way.
Implementing SMP clusters
Larry McVoy's cache-coherent cluster (or SMP cluster) idea was discussed (briefly) on this page two weeks ago. Now Karim Yaghmour has posted a white paper describing how such clusters might be implemented. The design uses a modified version of Adeos to run multiple Linux kernels, each of which has control over a subset of the whole system. The result is a path toward SMP clusters that requires only minimal changes to the Linux code itself. There is still the little matter of actually doing the work, of course, but this design is a promising start.Those interested in Adeos may also want to look at the milestone 2 release which, among other things, adds SMP support.
Patches and updates
Kernel trees
J.A. Magallon
Linux 2.4.19-rc1-jam1 "<q>BEWARE: this kernel probably will eat your disk and your dog, but anyways...</q>"
?
Architecture-specific
Build system
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Christoph Hellwig
vmap_pages() "<q>The vmap_pages() functions allows to map an array of virtually
non-continguos pages into the kernel virtual memory.</q>"
?
Networking
Security-related
Miscellaneous
Page editor: Jonathan Corbet
Distributions
Distribution News
Debian GNU/Linux 3.0 released
Here it is at last: the announcement for Debian GNU/Linux 3.0, also known as "Woody." There's no end of improvements over 2.2 in this release; click below for the full scoop.[2002-07-20] Debian Release Status Update
This release status update covers the new testing distribution, codenamed "sarge". Now that "woody" has been released as stable, "sarge" is the new unstable.Debian Weekly News - July 23rd, 2002
Here's the Debian Weekly News for July 23, 2002. Topics this week include free software and the European Commission; Debian swirl images for the Ericsson T65 cellular phone; and a Debian release party in Berlin.2 tera flops Debian Cluster
Here is a little story from Denmark, about a 2 tera flops Debian Cluster. (Thanks to Hans Schou)Mandrake Linux 9.0 Beta 1
The first beta of Mandrake Linux 9.0 has been released. "As with any Beta, this one is probably loaded with nasty bugs which may cause serious problems on production systems."
Mandrake Linux Community Newsletter - Issue #51
The Mandrake Linux Community Newsletter for July 18, 2002 is available. The top story looks at Mandrake/Microtel systems at WalMart.com and contains more Mandrake news.
New Distributions
Debian-Ham
Debian-Ham is a floppy distribution specifically for contesting and logging. It is based on uClibc, busybox, and tlf. The current scheme uses a LILO boot floppy with a minix root floppy. Network support is included to connect to a DX cluster. The initial Freshmeat announcment was for version 0.3, released July 21, 2002.
Minor distribution updates
Alindis 0.1.0 released
Alindis has released version 0.1.0 with major feature enhancements.ClumpOS
ClumpOS has released R6.0 with major feature enhancements.DeMuDi
The DeMuDi project has been silent for some time, but the website now declares, "DeMuDi is in fact more than alive, and in very good shape....:-)". DeMuDi has received funding from AGNULA, a project funded by the European Community. The first official release, DeMuDi Agnula 0.9, is due out in November 2002.e-smith
Mitel Networks announced the immediate availability of version 5.5 of the SME Server. This new version includes new internationalization support (including a localization into French Canadian), improved remote access support, new interfaces for developers and much more. (Thanks to Brock Frazier)Gentoo Linux
Here are some announcements from Gentoo Linux.
- There is a new install
guide for Sparc systems. Both 32-bit and 64-bit Sparc systems are
covered.
- Gentoo is in the final testing stages prior to launching the
release of a full installation with gcc3.1 as the default compiler.
- QliTech Linux Computers is now offering laptops with Gentoo pre-installed.
If you are going to be at LinuxWorld next month, look for Gentoo folks at the PenguinPPC booth.
Lunar-Linux
The Lunar-Linux project announced that the cvs module formerly known as theedge had achieved enough stability to become the first Lunar.MSC.Linux
MSC.Linux has released Itanium 2-based MSC.Linux V2002. MSC.Linux IA-64 2002 (July) for the HP zx1 chipset is also available.Netule
Netule.org is headed for an overhaul, as development moves to a SourceForge based system. The overhaul is timed to coincide with the introduction of a branch of newly Open Sourced development projects.OpenNA
OpenNA Linux has released beta4 of its distribution. Bugs have been fixed, new packages added, and lots code cleaned up since beta3.PXES Linux Thin Client
PXES Linux Thin Client has released version 0.5-RC3 with minor feature enhancements.RxLinux
RxLinux has released version 1.0.6 with major feature enhancements.ttylinux
ttylinux has released version 2.3 with minor bugfixes.
Distribution reviews
Lycoris: A Linux OS Good for Grandma (OnLamp)
O'Reilly's OnLamp.com reviews Lycoris' Desktop/LX. "Technically, there's more to Desktop/LX than just pretty icons (which have an obvious Windows XP style to them) added to the KDE interface. Lycoris created over 1,000 code patches for KDE in order to tightly integrate the GUI with the underlying Linux kernel and other operating system functions. For one, it revamped the KDE Control Center--the Desktop/LX configuration menu where software and hardware is added and removed from the system."
Page editor: Rebecca Sobol
Development
System Applications
Audio Projects
Ogg Vorbis 1.0 Released
Version 1.0 of the Ogg Vorbis audio codec software has been released. Downloads are available here. "This is a full release of a 1.0 encoder, decoder and tool set. The encoder, decoder and tools now implement all Vorbis 1.0 specification features including low-bitrate, cascading and channel coupling."
Ogg Vorbis News
The latest Ogg Vorbis News looks at Ogg Vorbis 1.0.
Education
Linux in Education Report #75
Issue #75 of the SEUL/Edu Linux in Education Report includes talk of educational software forums at several conferences, a successful school conversion to Linux, the Virtual Rainforest Project, the Linux Access Project in Dehli, and a bunch of new educational applications.
Libraries
Matrix libraries for C and C++ (IBM developerWorks)
IBM's developerWorks is running an article that compares three open-source matrix manipulation libraries that work with C and C++.
Networking Tools
gFTP: 2.0.13 has been released
Version 2.0.13 of gFTP, the GNU FTP client, has been released. A few new features and a long list of bug fixes are included.
Printing
LinuxPrinting.org news
LinuxPrinting.org lists version 2.0.0 of the Foomatic print filter system and version 1.2 of the HPIJS inkjet printer driver, which features new support for monochrome laser printers and more.LPRng 3.8.13 available
Version 3.8.13 of the LPRng print spooler system is available. The change logs are available within the source code.
Web Site Development
Server clinic: Lightweight Web techniques (IBM developerWorks)
Cameron Laird shows some tricks on using Expect for web server CGI scripting. "Was the first 'Server clinic' column serious in advertising Expect as the one language you most need? Several readers have written in since its publication with questions about how far to trust the claim. The short answer: yes. As the April 2002 column explained, Expect comes closer than any other language to being universal for the sorts of needs system programmers are likely to have with their servers. That does not mean, though, that you should spurn other languages."
Midgard Weekly Summary
The Midgard Weekly Summary for July 23, 2002 is out. Topics include the release of Midgard 1.4.3, the Midgard 1.4.4 roadmap, Midgardians in Europe, the Midgard Bugtracker Usage Guide, a Midgard CVS Move, a MidCOM 0.2.0 public Beta Version, and Midgard at OSCOM in September.Zope Members News
The latest entries on the Zope Members News include Zope training in Switzerland, ZFloatMenu cross-platform support, RenderPM 0.1, ZWeather v0.2, a new Silva mailing list, ZPhotoSlides 0.2, and more.ASPseek v.1.2.10 released
A new version of the ASPseek search engine has been released. The changes include a number of bug fixes.
Desktop Applications
Desktop Environments
Knoda 0.5.3 released
Version 0.5.3 of the Knoda relational database GUI for KDE 3 has been released, click below for a list of changes.
Games
GUI Packages
FLTK 1.1.0rc5 released
Version 1.1.0rc5 of FLTK, the Fast, Light ToolKit has been released, progress marches toward the 1.1.0 release.
Interoperability
Wine Weekly News
The July 19, 2002 edition of the Wine Weekly News looks at Wine-20020710, Using NT Pathnames, 1000 entries on AppDB, a recently discovered memory handling problem, and more.Samba News
The latest Samba News includes a new Samba team member, the annual CIFS Conference, and more.
Office Applications
Gnumeric 1.0.9 released
Version 1.0.9 of the stable version of the Gnumeris spreadsheet is available with a number of minor bug fixes to the file importers.Gnumeric 1.1.6 released
Version 1.1.6 of the development version of the Gnumeric spreadsheet has been released with lots of changes. Click below for the details.AbiWord Weekly News #101
The July 22, 2002 edition of the AbiWord Weekly News has been published. Topics include two new news editors, better tables, improved font support, automatic download of spell checker dictionaries, and bug fixes.KC GNUe #38
Kernel Cousin GNUe #38 is available with all of the latest GNU enterprise news. The following threads are included:- Triggers and Methods in Application Server
- Work-around for Open Form trigger
- Debian packages for DCL
- Security issues in DCL and NOLA
- Designer branched in CVS
- Scrollbars and their events
- Date masks in GNUe Common
- XML style guide for object mark-up
- International date formats in Forms
- PHP Forms Client
- Including data in GNUe Application Server schema definitions
- Automatically generating IDL files
- German and U.S. Accounting
- DCL security holes on bugtraq
- Font size and ISO encoding issues in Forms
- XML DTD for GNUe
- Manufacturing inventory products from other inventory products
- NOLA for print shop accounting
Web Browsers
Mozilla 1.1 Beta released
Version 1.1 Beta of the Mozilla browser has been released. Most of the changes are to the JavaScript Debugger, see the release notes for more information.mozillaZine
mozillaZine looks at Mozilla 1.1 Beta, fully scriptable plug-ins for Mozilla, and more.Creating Konqueror Service Menus
Aaron J. Seigo explains how to work with Konqueror's context menus. "Creating new servicemenus is very simple, requiring nothing more than an idea and a text editor. You don't have to be a programmer or a KDE wizard to make them. In this tutorial we will be creating a set of actions that allows us to set an image as our desktop wallpaper just by right clicking on it and selecting "Use As Wallpaper". By the end of this tutorial you should be able to create your own servicemenus with ease."
Languages and Tools
C
GCC gets a new register allocator
The GNU Compiler Collection, GCC, has a new register allocator. "Michael Matz of SuSE, Daniel Berlin, and Denis Chertykov have contributed a new register allocator. IBM and Rice University have allowed use of their register allocator software patents for graph coloring and register coalescing."
Caml
The Caml Weekly News
The Caml Weekly News for July 23, 2002 is available. Topics include ocamlnet-0.93, Epeire 0.8, and gpattern 1.0.This week on the Caml Hump
This week's entries on The Caml Hump include binding for the Fuse library with Mlfuse, the Epeire graphical interface for the OCaml debugger, and OCamlnet, a collection of IP protocol modules for the Objective Caml language.
Java
GCJ moves toward the x86-64 architecture
The GCJ Compiler is getting new support for the x86-64 architecture. "Bo Thorsen, SuSE Labs, has implemented the necessary support in FFI, boehm-gc and libjava to get libgcj running on x86-64. This is a big step towards getting libgcj fully supported on x86-64."
NetBeans: Open IDE, Open Platform, Open Source (O'Reilly)
Tim Boudreau writes about NetBeans on O'Reilly's OnJava site. "You may already be familiar with the NetBeans Integrated Development Environment (IDE), the product of the NetBeans open source project -- it's a world-class multi-language IDE in its own right, and forms the the basis for development tools from Sun Microsystems (SunONE Studio), Compuware (OptimalJ), and a number of other companies. But you may not know about some of the fascinating uses to which the IDE's architecture has already been put within the industry -- outside of the realm of development tools."
Lisp
LISA 1.3 released
Version 1.3 of LISA, the Lisp-based Intelligent Software Agents, has been released. According to Paolo Amoroso, "This version features several significant changes including a different fact representation model, different interfaces for DEFTEMPLATE and DEFINPORT, new code documentation, removal of synchronization from multiprocessing support, and more." See the release notes for more information.
New HTML version of CLX manual
A new, online version of the CLX manual is now available. "CLX is the standard Common Lisp interface to the X Window system developed by Texas Instruments and MIT in the late eighties. It is an Xlib level interface."
Perl
Perl 5.8.0 released
The release announcement for Perl 5.8.0 has gone out. Stuff in the new release includes improved Unicode support, a new threads implementation, 64-bit support, a big pile of new modules, and more; see the announcement for the full list.This week on perl5-porters (15-21 July 2002) (use Perl)
The Perl 5 Porters digest for July 15-21 is out. Topics include module upgrades, unused Perl features, the new bug database, finding memory leaks with Insure, Perl I/O issues, maintenance releases, hashes and memory uses, the sort pragma, and more.This week on Perl 6 (O'Reilly)
This Week on Perl 6 for July 23, 2002 is out. Topics include Parrot 0.0.7, Retro Perl, Parrot docs, MANIFESTations, Hyper operators, and more.Parrot 0.0.7 Released (use Perl)
Use Perl is carrying an announcement for version 0.0.7 of the Perl 6 Parrot compiler. This release features support for Perl 6 grammar and has a functional compiler. The following features are also new:- Functional subroutine, coroutine, and continuation PMCs.
- Support for global variables.
- An intermediate bytecode compiler.
- The assembler is now entirely implemented in Perl.
- A Working GC.
PHP
PHP Weekly Summary
The PHP Weekly Summary for July 22, 2002 is out. Topics include an Arabic manual translation, Autoconf 2.5.X and CVS, IMAP Quota support, PHP newsgroup started, cvs.php.net, Safe mode in file functions, mbstring extension, and Bug packs.Introduction to PHP Objects, Part 1 (O'Reilly)
John Coggeshall shows how to do object-oriented scripting with PHP on O'Reilly. "In today's column, I'll be introducing one of the more interesting and useful methods of writing PHP scripts -- the object-oriented method. Those of you who might have experience with an object-oriented programming language such as Java or even C++ will find themselves right at home with most of the concepts I'll begin outlining here. However, be warned -- PHP objects have a mixture of C++ and Java, making them a little different than what you might be used to. In any case, let's get started with the basics."
Pear weekly news
A publication known as the PEAR Weekly News is now being published, PEAR is a framework and distribution system for reusable PHP components. "This week includes 3 new releases both beta and development versions, ready to be tested, Along with news on the PEAR Package Installer, Smarty and Developers Birthdays."
Python
Daily Python-URL
New on the Daily Python-URL this week are articles on PyAmazon, PyMETAR, CyberChair, pyrepl, a Free Python and Zope Hosting Directory, an Introduction to Python programming, and what's new with regular expressions,Building GUI Applications with PythonCard and PyCrust
Patrick O'Brien introduces PythonCard and PyCrust on O'Reilly. "Developing the Graphical User Interface (GUI) for a Python application is often a tedious, time-consuming, and opaque process. This is the exact opposite of how Python programmers would describe most other aspects of software development using Python. So what is it about GUI applications that causes them to be so hard? Perhaps more importantly, can anything be done to improve the situation? This article attempts to answer that question and describe how the PythonCard project is addressing these issues."
Ruby
The Ruby Weekly News
This week's Ruby Weekly News looks at ruby-libxml, Amrita 0.8.1, and Ruby/MaxL 1.5.0, among other things.
Scheme
Scheme Weekly News
The July 15, 2002 edition of the Scheme Weekly News is available with the latest from the Scheme community.
Tcl/Tk
Dr. Dobb's Tcl-URL!
The July 22, 2002 edition of the Dr. Dobb's Tcl-URL! is available with the latest from the Tcl developer community. Click below to view this issue.
XML
Processing SOAP Headers (O'Reilly)
Rich Salz details SOAP header processing on O'Reilly. "In this month's column we'll look at how SOAP headers can be used to talk to an intermediate server that adds value to the basic search service. The value-add is actually pretty silly: we'll send the query, pick one of the results at random to return, and send it back as an HTML page in Pig Latin. Our goal, however, is to understand how to process SOAP headers, and why you'd want to do so. But first I want to thank Google for providing a wonderful Web API, which it is, module the concerns I addressed in my first column. SOAP structures a message into two main parts: the headers and the body. I'll go out on a limb and say that almost all SOAP messages so far use the body. Very few put anything in the SOAP headers."
Secrets of the XML developer elite: Derrick Bell (IBM developerWorks)
John Papageorge writes about the work of Derrick Bell on XML. "Software architect Derrick Bell advises XML developers to mind their XML vocabulary and syntax when designing XML solutions. In this second of a series of articles that share advice from experienced XML developers, Bell gives his opinion of XML Schema, XML patterns, and the importance of remembering the XML basics."
Debuggers
GDB 5.2.1 released
Version 5.2.1 of GDB, the GNU debugger, has been announced. New features include support for the Atmel AVR platform and several bug fixes.
Page editor: Forrest Cook
Linux in Business
Business News
Caldera Enters Partnership Agreement With Conectiva
Caldera and Conectiva have announced a partnership wherein Conectiva will resell Caldera's products in Brazil and, possibly, the rest of Latin America.Zope Corporation Launches EuroZope Foundation
Zope Corporation has announced the creation of the EuroZope Foundation, which will promote the use and development of Zope in Europe. Paul Everitt, co-founder and one-time president of Zope Corp. is leaving the company to go head the new Foundation.Web3D Consortium Releases X3D Final Working Draft
The Web3D Consortium announced the availability of the final working draft version of the X3D(TM) ("Extensible 3D") specification to bring state-of-the-art 3D graphics to the Web and broadcast environments for a wide variety of applications and devices.Linux Stock Index for July 19 to July 23, 2002
LSI at closing on July 19, 2002 ... 21.91LSI at closing on July 23, 2002 ... 20.66
The high for the week was 21.91
The low for the week was 20.66
Press Releases
Open Source Announcements
- Internet2(R) (ANN ARBOR, Mich.): Internet2 Releases Open Source Web Access Control Building Block; Reference implementation provides proof of concept for component of online identity services.
- Ionstream Ltd (Espoo, FINLAND): MimerDesk 1.5.3 for group collaboration released.
- Platform Computing (EDINBURGH, SCOTLAND): Sandia National Laboratories Selects Platform Globus in First Commerical Adoption of Globus Toolkit.
- RealNetworks, Inc. (SAN FRANCISCO): RealNetworks Announces Helix - The First Comprehensive, Open Standard For Digital Media Delivery.
Distributions and Bundled Products
- MontaVista Software Inc. (SUNNYVALE, Calif., PARIS and TOKYO): MontaVista Linux Carrier Grade Edition 2.1 Now Shipping.
- SuSE Linux (Oakland, CA): SuSE Linux Leads Linux Into the Enterprise with a Commitment to Open Standards.
Software for Linux
- AMI (ATLANTA, GA): American Megatrends Inc. Releases the Industry's First Low Cost, System Independent NAS Software Solution.
- Alias|Wavefront (NEW YORK): Alias|Wavefront Launches Maya 4.5 at Macworld New York; Latest Version of Maya Complete Makes World Debut On the Mac.
- Borland Software Corporation (SCOTTS VALLEY, Calif.): Borland Breaks New Ground with C++ Technology for Linux; Borland Kylix 3 Will Bring Rapid C++ Development to Linux Developers Worldwide.
- Green Hills Software Inc. (NEW ORLEANS): Green Hills Software Announces MULTI Integrated Development Environment And Optimizing Compiler For MSC8102 at Smart Networks Developer Forum.
- Interlink Networks (ANN ARBOR, Mich.): Interlink Networks Announces Latest RADIUS Server Software Release; Version 5.2 Release Provides Improved Browser-Based Interface.
- OPTX International (CHICO, Calif.): OPTX International and TMX Japan Ltd. Produce Japanese Version of ScreenWatch Software; TMX Resells ScreenWatch to Japanese Market.
- SGI (SAN ANTONIO): SGI Enhances Software Development Tools for High-Performance Visualization.
- Storix Software (San Diego, CA): Storix provides full-featured system backup and recovery software for Linux systems..
Products and Services Using Linux
- Lyrix, Inc. (BOSTON, MASS): Lyrix Unified Communication Solutions Now Powered By Red Hat Linux.
Hardware with Linux support
- ATI Technologies (MARKHAM, Ontario): ATI's New FIRE GL X1 Primed To Power DCC and CAD Workstations Into New Era of Content Creation.
- NetWinder Inc. (OTTAWA, Ontario): NetWinder targets Security and Storage providers with Turnkey Appliance Platform.
- Patriot Scientific Corp. (SAN DIEGO): Patriot Scientific Corp. Adds Linux for Ignite.
- Resilience Corporation (SUNNYVALE, Calif.): New Resilience VPN/Firewall Appliance Delivers Twice the Performance at Half the Price of Competing Solutions.
Cross Platform/Porting Product
- Meeting Maker, Inc. (WALTHAM, Mass.): Meetingmaker is Web Service 'Ready'; Intellisync for Meetingmaker Ships: Enables Broad Enterprise Integration and Web Service Extensibility.
Linux at Work
- PNNL (EDINBURGH, Scotland): HP, PNNL Supercomputer to Become Largest Computing Resource on the Grid.
- Sun Microsystems, Inc. (SAN ANTONIO, SIGGRAPH CONFERENCE): Side Effects Software and Sun(TM) Grid Engine Software Power Linux-Based Distributed Rendering at Axyz Animation.
- YKK USA: YKK replaces AS/400 with SuSE.
Books and Documentation
- O'Reilly (Sebastopol, CA): "Java Management Extensions" Released by O'Reilly.
Trade Shows and Conferences
- ATI Technologies Inc. (MARKHAM, Ontario): ATI and Massive Render The Lord of the Rings: The Fellowship of the Ring in Real Time in Linux.
- StarNet Communications Corp. (SAN FRANCISCO): StarNet Debuts X-Win32 PC X Server at SEMICON West.
Partnerships
- Alabanza (BALTIMORE and WELLESLEY, Mass.): Alabanza and GeoTrust Announce Strategic Partnership.
- Avnet Hall-Mark (TEMPE, Ariz.): Avnet Hall-Mark Announces Life Sciences Partnership Program; Distributor Joins IBM in Supporting Strategic Growth Initiative.
- Cyrusoft International, Inc. (PITTSBURGH, PA): Cyrusoft and Terra Soft Solutions Form Strategic Alliance to Co-Market Mulberry and YDL.
- IBM and Opera Software (San Francisco and Oslo): IBM and Opera Software Team to Develop Multimodal Browser.
- Jabber, Inc. (DENVER): Jabber Announces Licensing Agreement with Premier TechCorps.
- RealNetworks, Inc. (OSCON, SAN DIEGO): RealNetworks and Xiph.org Collaborate to Offer Helix Community Ogg Vorbis Open Source Format and Codec.
- Red Hat, Inc. (RESEARCH TRIANGLE PARK, NC): Red Hat to Provide Embedded Support and Enable Linux Development On Motorola's NEW PowerQUICC III Architecture.
- UXComm (SAN JOSE, Calif.): LynuxWorks and UXComm Team up to Provide Management Tools for Embedded Products; UXComm's XTend Management Available for BlueCat Linux and LynxOS.
- Zope Corporation (FREDERICKSBURG, Va.): AARP Launches Zope-powered Site; AARP Webplace Content Managed by Zope.
Financial Results
- MandrakeSoft: Mandrakesoft announces massive reduction in operating loss.
Personnel and New Offices
- Angstrom Microsystems (BOSTON): Angstrom Microsystems Appoints Rhythm & Hues Vice President of Technology Mark A. Brown to Its Board of Advisors.
- CodeWeavers, Inc. (ST. PAUL, Minn.): CodeWeavers Appoints Laurent Gharda To Board Of Directors.
- Jabber, Inc. (DENVER): Jabber Names High-Tech Sales Veteran as Vice President of Sales; Appointment of John Houtsma Reflects Projected Revenue Growth.
- MigraTEC (DALLAS): Former Compaq and Texas Instruments CIO John W. White Joins MigraTEC's Board of Directors; Vice President of Sales and Marketing Wes Blair Elected Officer of Company.
- Sourcefire, Inc. (COLUMBIA, Md.): Sourcefire Continues Expansion With Key Senior Management Team Appointments.
Page editor: Rebecca Sobol
Linux in the news
Recommended Reading
Tech activists protest anti-copying (News.com)
News.com covers the "Digital Rights Management Roundtable" held by the U.S. Department of Commerce. "The assembled band of free software devotees said later that they believed they had won a commitment from the Commerce Department to include a representative in a future roundtable."
Declan McCullagh has also posted a set of pictures from the event, including this one of Richard Stallman.
Ogg Vorbis official release is here (News.com)
News.com reports on the Ogg Vorbis 1.0 release. "The keepers of a patent on MPEG-4 just culminated months of hashing out a royalty plan for their technology that would encourage use of the technology, something Ogg Vorbis users don't have to deal with."
O'Reilly: Open-source .Net inches closer to fruition (InfoWorld)
This InfoWorld article talks about Ximian's Mono Project, and sessions with Miguel de Icaza at the O'Reilly Open Source Convention (OSCON) in San Diego. (Thanks to Jay R. Ashworth)Gartner's predictions for Linux and open source (ZDNet)
The Gartner Group reviews a 1999 pronouncement on Linux and looks forward in this ZDNet article. "Today, the Open Source Software (OSS) community has demonstrated that it can organize itself into selective peer groups with responsibility as the "maintainer" for the ongoing development and leadership of kernel and applications. How far up the "food chain" this process applies has still not been proven. We know it works well at the infrastructure (such as load balancing, caching, Domain Naming System, Secure Sockets Layer acceleration), with Web services (such as Apache) and at the plumbing level. We have seen some progress in databases (such as MySQL), but the process is still inconclusive with regard to high-availability clustering, system management and transaction middleware."
Companies
Is IBM Toast? (PC Magazine)
John Dvorak is glum about IBM's future in this PC Magazine column. "More recently, IBM jumped on another hot and trendy technology - Linux. IBM thought, 'Gee, let's consider Linux on a mainframe.' That makes a lot of sense for a company with genuinely powerful operating systems such as VM! Even more weird is Linux on a supercomputer, but up goes the stock anyway. If IBM is so high on Linux, then why doesn't the company port the Lotus software to Linux?"
IBM announces Opteron support but lacks business rationale (ZDNet)
ZDNet examines IBM's Opteron support. "According to IBM spokesperson Sean Tetpon, IBM will showcase at LinuxWorld its DB2 database running on an Opteron-based system provided by a Newisys, a newcomer to an already crowded server market. The system will be running a 64-bit distribution of Linux provided by SuSE."
Nvidia open-sources developer tools (News.com)
News.com covers Nvidia's decision to open-source some developer tools. "Nvidia hopes to fill that need with its free Cg set of tools. The Cg Compiler, a critical application for running code, will be available as open-source software starting in August, Nvidia said. "We're open-sourcing this compiler code to further accelerate the transition to an era of advanced real-time effects," Dan Vivoli, Nvidia's vice president of marketing, said in a statement."
Bruce Perens on Real's Open Source gambit (Register)
The Register writes about recent license changes recently made by streaming media company Real Networks. "Real Networks is announcing plans to release some, but not all of its technology under an Open Source-friendly license within 90 days. Under pressure from Microsoft, and completely open formats, it's decided to meet the open source community halfway. The first batch of technology to be released under a new "community license" is expected to include RTSP/RTP/RTCP/SDP network playback, UDP support, local file playback, data type interfaces, file format interfaces and some AV code support."
Real's WMP, Open Source moves risk Redmond ire (Register)
The Register takes a look at RealNetworks Inc's Helix Platform. "Glaser said that in tests conducted by KeyLabs Inc, commissioned by RealNetworks, the Helix Universal Server on Linux deliver 400% more concurrent 20Kbps Windows streams than Windows Media Server on Windows 2000, and 200% more streams when both servers were running on Windows 2000."
Investor woes plague TurboLinux (ZDNet)
ZDNet reports on the somewhat overstated TurboLinux financial troubles. "Last week, reports circulated that Turbolinux had been forced to close its doors following the last-minute withdrawal of a key investor from a round of financing. On Friday, in a statement issued to the industry newsletter Linux Today, the company confirmed the investor pullout, but said that the damage would be limited to its US operations. "The result is that we have had to take immediate action to restructure our US operations," said Turbolinux president and chief executive Ly-thong Pham in the statement. The company has already reduced its US staff as of 15 July. However, Pham said the company would continue operating, even in the US."
Business
U.K. government backs open source (ZDNet)
ZDNet reports on the UK government's increasingly friendly approach toward free software. "In the final draft of the U.K. government's policy on open-source software, published on Monday by the Office of Government Commerce (OGC), the government says that in all future IT developments where interoperability is an issue, it will only use products that support open standards and specifications. Furthermore, it will follow a recent European Commission policy document that suggested exploring the open-source route for all government-funded software research and development."
Linux in the land of z/OS (ZDNet)
ZDNet predicts a slow, but steady increase in the use of Linux on mainframes. "While Linux will have only minimal effect on short-term mainframe MIPS (2-4 years), its longer-term platform effects must quickly become part of data center planning. For IBM's top customers (the 20 percent of customers that consume 80 percent of mainframe MIPS), Linux will garner less than 5 percent of all MIPS during this transition period. For the "lesser" 80 percent of mainframe customers (consuming just 20 percent of mainframe MIPS and generally well below 1,000 MIPS), Linux on z/OS will play a slightly larger "transitional" role, pointing to low double-digit adoption rates."
'Star Wars' effects studio shifts to Intel (News.com)
News.com covers the switch from SGI to Dell/Linux boxes at Industrial Light and Magic. "The technical effects studio has switched from using RISC-Unix workstations from SGI to using Intel-based Dell systems running Linux for the bulk of its animation and special effects work, said Cliff Plumer, ILM's chief technology officer. As part of the conversion, ILM recently deployed 600 Pentium 4 workstations."
Retail Therapy (Forbes)
Forbes looks at Boscov's, a department store chain which is moving over to Linux. "Down the road, Boscov's is even looking to use Linux as a desktop OS that could replace its 2,500 Windows PCs. The company is already starting to tinker around with Sun's StarOffice productivity suite, which aims to compete with Microsoft Office."
Also in Forbes: a quick survey of
Linux web browsers. "
An interesting note: The browsers designed by programmers tinkering for
free outdid the Linux versions of the ones designed for the larger PC
market.
"
China looks to replace Windows (ZDNet)
ZDNet looks at China's efforts to replace pirated Microsoft software. ""The monopoly of foreign office software over the Chinese market will be broken," said Chinese officials announcing the move at a trade event in Beijing last week. Zymaris believes that an operating system based on Linux open source components and the Wine project would be the fastest and cheapest way for China to achieve its goal."
Interviews
Interview: Robert Love (KernelTrap)
KernelTrap interviews Robert Love. "Anyhow, I am interested in the various primitives we implement (spinlocks and semaphores) and how they are used. We have a really nice lightweight spinlock implementation. At the kernel summit, I discussed implementing a new lightweight mutex lock - basically a binary semaphore with none of the "special features" that our semaphores have and perhaps some spin-then-sleep behavior."
Nick Moffitt on Crackmonkey, GNU and Bill Gates (Gnuheter)
A Swedish GNU site known as Gnuheter has interviewed Nick Moffitt, creator of the CrackMonkey list. "Eventually the list dwarfed the BBS (since Web pages are still clumsy for holding conversations), and the phenomenon known as CrackMonkey was born. I think it was about 2000 when I implemented the "no Windows MUA" filters, making it so that you pretty much have to use Free Software to post to the list (or be clever enough to fake it)." Thanks to Mikael Pawlo.
The San Diego Union-Tribune interviews Tim O'Reilly
The San Diego Union-Tribune has interviewed Tim O'Reilly, CEO of O'Reilly and Associates on the topic of open-source software. "What open-source software is really about is an expression of the desire to keep power in the hands of the public, as opposed to the hands of private companies. We see in the news about Enron and one corporate scandal after another that there's a whole "me first" culture in corporate America. Open source represents the countervailing attitude. It's, "Let's do some things for the public good.""
Resources
Embedded Linux Newsletter for July 18, 2002
The July 18, 2002 edition of the LinuxDevices Embedded Linux Newsletter is out. Topics include the StarPilot Linux-based mobile communication platform, a discussion of priority inheritance, the IPm Remote Terminal Unit, and more.Selecting Wireless Networking (Linux Journal)
Linux Journal's Phil Hughes looks into the differences between the 802.11 a,b, and g wireless networking standards. "The most mature version of this technology is 802.11b. Yes, it seems strange that 802.11b would be more mature than 802.11a, but it is."
Quixote: a Python-Centric Web Application Framework (Linux Journal)
The Linux Journal has an introduction to the Quixote web application framework written by one of its authors. Quixote, of course, is the framework used here at LWN. "Thus, in creating Quixote, we shamelessly stole Zope's best idea (mapping URLs to Python objects) and geared the whole thing towards Python programmers. The most obvious example of this is that where Zope maps URLs to arbitrary objects in an object database, Quixote maps them to Python packages, modules and functions--objects that are easily created and manipulated by Python programmers using nothing more than a text editor. The result is a web application framework that makes the creation of dynamic web pages so easy it almost feels like cheating."
Reviews
Start-up has locks for Secure Notebook (ZDNet)
Here's a ZDNet article about the NAH6 "Secure Notebook" product. "Secure Notebook would be the first product to take the novel approach of running Microsoft Windows on top of Debian GNU/Linux, with the underlying Linux layer ensuring that all Windows files stored on a hard drive remain encrypted."
Device profile: NSC StarPilot mobile communication platform (LinuxDevices)
LinuxDevices.com profiles the NSC StarPilot, a mobile system with built-in GPS intended for automotive use. "Since it is a complete embedded Linux computer running in the car -- and a modular, expandable PC/104-based one at that -- new functions and applications can readily be added to adapt the device to unique requirements and future standards."
Linux Orbit Review Grab Bag #2
Here's another set of Linux Orbit software reviews. "This month, we'll take a look at the File Roller archive management tool for your GNOME desktop and its KDE counterpart Karchiver, the awesome ROX Filer file manager and the many faces of the Xine media player."
Borland speeds Kylix C++ for Linux development (Register)
This Register article examines Borland Software Corp's Kylix RAD environment for C++, version 3.0. "Kylix 3.0 brings RAD to an estimated three million C++ developers on Linux. Borland is playing in a highly fragmented Linux market, which provides programmers with an array of open source command-line tools that largely lack integrated features."
Miscellaneous
Tough talk on Web radio copying (News.com)
News.com reports on efforts by the RIAA to lock down digitally distributed audio. "Mitch Glazier, the association's top lobbyist, said the RIAA is contacting IT and consumer electronics groups to ask them to consider a "broadcast flag" for digital music sent through the Internet, satellite or cable. The RIAA's move seems likely to escalate a bitter war of words between the entertainment industry, some hardware makers and open-source aficionados."
Fair Use advocates silenced by Big Brother (Register)
The Register reports on a public workshop on digital rights management. "Brett Wynkoop of NY for Fair Use did get a comment on the record because he sat at the table with Big Hollywood and Big IT and commandeered the microphone at one point, which meeting moderator Phillip Bond, undersecretary for Technology in the U.S. Department of Commerce, later objected to. "We have a structure here," Bond said more than once when fair use advocates tried to take the floor."
Dutch Court Okays Bulk Mail by Ab.Fab (Linux Journal)
Linux Journal covers a Dutch court decision about spam. "A recent Dutch court decision lets spam continue as they begin to categorize privacy violations.In appeal, Dutch internet provider XS4ALL lost a case requesting an injunction against direct marketing company Ab.Fab to stop bothering the ISP's customers. The main discussion centered on opt-in (ISP) or opt-out (spammer or e-marketer) mail and the related issue of privacy. From the court's perspective, opt-out is good enough for ISP customers, and the disturbance from spammers is relatively low. Additionally, the court states that if the spam becomes too high in volume, you simply can obtain a new e-mail address."
Holes put Linux handheld at risk (ZDNet)
ZDNet reports on the recent security holes in the Zaurus PDA.
Page editor: Forrest Cook
Announcements
Resources
GNOME Installation Guide 07/2002 published (Gnotices)
The July edition of the GNOME Installation Guide has been announced. "The GNOME Installation Guide was written to help unfamiliar users install a stable GNOME system that includes more than the default applications. It teaches readers how to compile GNOME on their own instead of installing precompiled packages. It also covers installation of extra GNOME programs, both those hosted by the GNOME project and those which are not." The new Guide is available here.
Open Source Java Directory
O'Reilly has published an Open Source Java Directory that lists a large number of open-source Java projects. Additions are welcomed.
Upcoming Events
The Linux Beer Hike Hits Ireland
Here's an announcement for the 2002 Linux Beer Hike, which will be held August 24 to 31 in Doolin, Ireland. "The Russell Community Centre located near the Cliffs of Moher, has been confirmed as the base of operations for the event and where the weather is lacking, the fast connectivity and interplay of technological ideas (not to mention the "special recipe" brew being cooked up to commemorate the occasion) should more than compensate."
Linux.conf.au 2003 Paper Submission Extension
Linux.conf.au has announced that the deadline for submission of papers for the event (to be held in Perth, Australia next January) has been extended to August 1.Crystal Space Contest FTP Site is Open!
The Crystal Space game contest now has an FTP site for depositing your game contest entries. Click below for the whole announcement.Upcoming Ruby Language Events
The Ruby Garden lists two new Ruby events: Ruby Conference 2002 will be held in November in Seattle, WA, and a Ruby workshop will be held at the LinuxWorld Conference & Expo Frankfurt in October, 2002Events: July 25 - September 19, 2002
| July 25 - 26, 2002 | O'Reilly Open Source Convention | (Sheraton San Diego Hotel and Marina)San Diego, California |
| August 1 - 2, 2002 | 3rd annual Bioinformatics Open Source Conference(BOSC 2002) | Edmonton, Canada |
| August 2 - 4, 2002 | International Conference on Open Source 2002, Taipei | (Academic Sinica)Taipei, Taiwan |
| August 12 - 15, 2002 | Linux World Conference & Expo | (Moscone Center)San Francisco, California |
| August 27, 2002 | Seattle Ruby Brigade Meeting | Seattle, Washington |
| September 11 - 13, 2002 | Open source GIS - GRASS users conference 2002(GRASS) | (Centro Servizi Culturali S. Chiara)Trento, Italy |
| September 18 - 20, 2002 | Yet Another Perl Conference Europe 2002(YAPC::Europe 2002) | Munich, Germany |
Web sites
Gnome Users Get our forum (Gnotices)
Gnotices mentions the creation of a new forum for GNOME desktop users, the GNOME User's Board.Perl Apprenticeship Site (use Perl)
Use Perl has an announcement for a Perl Apprenticeship site which aims to match Perl hackers with projects and mentors.
Software announcements
Blender Foundation Accepting Donations
Blender is a 3D modeling and animation platform with a large user base, it is in need of development. The former developer, NaN Holding, will release the Blender source code under the GPL for 100,000 Euros. The Blender Foundation has been formed and is now accepting donations. Thanks to Felix Rabe.Australian Open Source Awards Announced
AUUG, the Australian UNIX and Open Systems User Group, announced the inaugural Australian Open Source Awards.This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Miscellaneous
2002 White Camel Awards (use Perl)
According to Use Perl, the 2002 White Camel Awards have been announced.Book Review: Web Development with Apache and Perl (use Perl)
UsePerl is carrying a review of Web Development with Apache and Perl and concludes that it is a good bood for novices, but not for Perl experts.
Page editor: Forrest Cook
Letters to the editor
scalable != big
| From: | bryanh@giraffe-data.com (Bryan Henderson) | |
| To: | letters@lwn.net | |
| Subject: | scalable != big | |
| Date: | Thu, 18 Jul 2002 18:14:26 +0000 |
There's been a lot of confusion lately due to people adopting the word "scalable" as a fancy way to say "big." When you design something so it works in a huge configuration, you sell it with the buzzword "scalability." The misnomer peaks in a recent letter in LWN that talks about the tradeoff between scalability and ability to work in a small configuration. There's no tradeoff. If Solaris works great in a 64 processor system, but isn't practical with 3 processors, it isn't scalable. It's just big. Scalable means it works as well big as it does small. So lets not talk about sacrificing performance on small Linux systems for scalability. Let's talk about sacrificing performance on small systems for performance on large systems. I.e. let's talk about making sure Linux is scalable. -- Bryan Henderson Phone 408-621-2000 San Jose, California
Free Blender
| From: | "Robert A. Knop Jr." <rknop@pobox.com> | |
| To: | letters@lwn.net | |
| Subject: | Free Blender | |
| Date: | Thu, 18 Jul 2002 16:19:34 -0700 |
To the readers of LWN.net: One thing that I've been wishing the Free Software world has had for some time is a full-featured 3d modelling/rendering/animation package. (Well, we sort of have rendering in the form of POV-Ray, which isn't really free software but is close.) Now there's a chance at getting a very good one: Blender. The thing is, to make Blender free, it won't be free. The Blender Foundation needs to raise $100k (euros) in order to liberate the Blender sources. They are now accepting donations and memberships (for $50) to the Blender Foundation to help finance this. If you're at all interested in 3d on Linux, you should go to www.blender3d.com and take a look around. And, ask yourself if having such a program as Free Software is worth $50 to you. Consider that proprietary programs of similar quality cost more than that anyway. (Indeed, compare, for instance, how much money you paid when you bought Quake 3 for Linux-- or for Windows for that matter, if you keep that around "for games" or for other purposes.) And, then, help buy the world a free Blender. Binaries of the current version of Blender are available for at least Linux, FreeBSD, IRIX, and Solaris (as well as for another, very popular, lesser operating system). Of course, once the Blender Foundation raises the money, the source code will be available; for now, only binaries are. -Rob rknop@pobox.com
Non-free software doesn't help the cause
| From: | Ben Finney <bignose@zip.com.au> | |
| To: | letters@lwn.net | |
| Subject: | Non-free software doesn't help the cause | |
| Date: | Thu, 18 Jul 2002 15:28:40 +1000 |
Howdy LWN, The weekly edition for 28-Jul-2002 says: > As long as those [proprietary] vendors comply with the licenses of the > free software they are using, they are only helping the Linux cause by > porting their products. If by this you mean "they are helping GNU/Linux become more popular", this is not the cause of free software. The cause of free software is to promote freedom for users and developers of software; the offering of a non-free product is not helpful to that cause. > It will be a long time before free packages rival the variety of > proprietary software out there. Where are the free business plan > writers, training systems, contact managers, math tutors, foreign > language instructors, genealogy assistants, home designers, tax > preparers, high-end games, etc.? It will be an even longer time before we see free software that performs these tasks, if we accept and use non-free programs with the same functionality. The more widely used such non-free tools become, the less impetus there will be for free replacements to be written and the harder it will be to get people to try them. Accepting and offering non-free software simply sends a confused message, and makes the task of discussing freedom that much harder for everyone. > Until we have filled in those gaps, we should be friendlier to > software vendors who make Linux systems more attractive to more > people. That means standards compliance, stable interfaces, and an end > to outright hostility toward software vendors. Any hostility toward software vendors is misplaced; it is the offerings of these vendors that are the issue. The offering of a program on terms that require the surrender of essential freedoms is itself an act hostile to the user's freedom, even if the vendor doesn't see it that way. Many people react strongly to threats to their freedom; software vendors accustomed to doing business on such terms may well regard such reactions as "hostile", but this is a result of the conditions they attach to their offerings. If an offer of a non-free program is made, this advances the cause of free software not at all, and those who value their freedom will not regard the non-free program as an option. If people go beyond that to "outright hostility", that is outside the philosophy of free software and becomes something more personal. "No thanks" is not hostility, it is the freedom of choice in action. -- \ "We spend the first twelve months of our children's lives | `\ teaching them to walk and talk and the next twelve years | _o__) telling them to sit down and shut up." -- Phyllis Diller | http://bignose.squidly.org/ 9CFE12B0 791A4267 887F520C B7AC2E51 BD41714B
Page editor: Jonathan Corbet