LWN.net Weekly Edition for August 1, 2002
Is it really The End?
Last week, we stated that, due to lack of anything even close to the amount of money needed to pay the LWN staff, the publication of the LWN.net Weekly Edition would end on August 1. Since then, quite a few things have happened, including:
- We had honestly thought that donations would drop to zero (they were
already close) once the announcement went out. Instead, they shot
through the ceiling; as of this writing, we have received over $25,000
in new donations and advertising! Many came with notes saying "back
payment for the last four years," or "use this to throw a big party."
It is still difficult to express our surprise and gratitude for this unbelievable show of generosity on the part of our readers. You people are the best.
- A number of companies, or people with contacts in companies, have approached us with the possibility of some sort of sponsorship for LWN. Many of these contacts, frankly, were self-serving and would turn LWN into something that would be rather less appealing to our readers. But a few seem serious. It will take some time, however, before we know if there is any funding to be had in that direction or not.
These developments have caused us to rethink our plans in a way we honestly had not expected. Here is a summary of where we are at.
$25,000 is a nice pile of cash for a little company to have in the bank, but it is important to keep in mind that it is not enough to keep us going for all that long. Running LWN currently involves five people (Jonathan Corbet: front and Kernel pages, site code, "executive editor"; Forrest Cook: Development and Press pages, system administration; Rebecca Sobol: Distributions and Commerce pages; Dennis Tenney: Security page and corporate bureaucracy; Dave Whitinger: business development, ad sales and delivery), all of whom are experienced software engineers. These people have children and mortgages, and most work full time producing LWN. They can not be expected to do it for free, even though that is exactly what they have been doing for some months now.
So the LWN staff needs things like salaries and health insurance. A minimal amount of money to provide these for the current staff is about $15,000 per month - and that level will still likely lead to loss of staff eventually. But it is a starting figure to aim for.
All of our estimates on possible subscription revenue fell far below that amount. The numbers came out of gnumeric, after all, they had to be true... and besides, none of our projected numbers have ever turned out to be too conservative in the past. It was on this basis that we decided it was time to pull the plug.
From the donations and feedback we have gotten, we have concluded that maybe our numbers were a little too conservative, that maybe subscriptions could bring in more than we thought. As a result, we are now thinking through plans for the implementation of a subscription-based LWN. Here, in bullet form, is the core of what we are thinking:
- Initially, the Weekly Edition would be the content that lives behind
the subscription gate. Subscribers would have immediate access to the
Weekly Edition when it comes out Wednesday evening; free access would
be opened up later, perhaps the following Monday. We would, however,
immediately start work on expanding the content available to
subscribers; we have a lot of fun ideas for things we could do.
- The rest of our current content, including the "daily updates" which
now make up the front page, would remain free.
- Certain other new features would be available to subscribers only. At
the top of the list is the long-requested email delivery option for
the Weekly Edition. Content in PDF format and perhaps even an option
for delivery of a print version, are on the list, though they would
have to come later. We are also considering setting aside a
percentage of our text ad exposures for subscribers who have something
to broadcast.
- We are still working on pricing. People who have donated to LWN would be able to use their donation to obtain a subscription.
The decision to go to subscriptions is hard; restricted content is a difficult fit in the world of free software. We will certainly lose a great many readers by imposing subscriptions. But...if we go off the air, we lose all of our readers. It is also still not clear to us that subscriptions are sufficient to cover our costs. The thinking at the moment is that some sort of stable base of (presumably corporate) sponsorship will be required, along with whatever advertising revenue we can come up with. Without that base, it will be hard for us to proceed.
The end result is that we are going to take next week away from the production of LWN to think long and hard about what we are going to do, to pursue sponsorship contacts, and to hack madly on the site code to actually implement a subscription scheme. The LWN Weekly Edition will not be published next week, though a subset may be available. At the end of the week, we hope to have a plan in place that will let us move forward, and which will stop trying the patience of our many loyal readers who have been waiting for us to get our act together.
Thank you all for your overwhelming support.
A 'Statement of Assurance' on SELinux patents
The June 13, 2002 LWN Weekly Edition looked at the "type enforcement" patents held by Secure Computing Corporation, and how those patents could threaten the distribution and use of the NSA SELinux distribution. Now SCC has issued a new statement with regard to those patents:
SCC has also posted on its website a "statement of assurance" (in PDF format) with the details of its policy toward SELinux. This statement is worth a close look; many users may find it rather less than assuring.
Here is the core of what SCC promises:
In case that isn't clear enough, consider this other paragraph from the Statement:
Other companies which have tried to make software patents work with free software (i.e. FSMLabs, Red Hat) have licensed the patent(s) for the uses they permit. SCC has done no such thing; they just say they won't come after you if you meet the requirements. You're still legally infringing the patent, SCC just agrees to look the other way.
If you were thinking about using SELinux in a product, or as part of a larger service offering, you should already be pretty nervous about a "statement of assurance" that does not actually grant the right to use the relevant patents. There is more, though. For example:
Translated into English, this phrase is telling us that the "statement of assurance" only applies if you're not actually doing anything related to security. Or anything else, for that matter: what Linux system doesn't handle "authorization for devices"?
There are a few other details that jump out when one reads this "statement of assurance":
- It only applies to SELinux; no other free software may use the
patents. Neither can "
software that merely interoperates with SELinux
". The obvious next question is: what, exactly, is SELinux, and what "merely interoperates" with SELinux? Just about any application could be excluded by this language. - SCC reserves the right to sell its patents to somebody else without
requiring them to uphold what few guarantees this statement provides. When
SCC gets tired of SELinux, it need only sell the patents to a
subsidiary and it's all over.
- SCC states that it may have "other patents," and that those patents are not covered by the statement.
And, of course, if you still feel that this statement is sufficiently assuring, bear in mind that it's not a contract, it's just another transient promise hosted on a web site. SCC's previous web-hosted statement, remember, was:
That promise vanished from SCC's site in June, though it can still be found via the web archive project; it has been replaced by something that, by any account, is not "without restriction." What reason is there for anybody to believe that this "statement of assurance" will be any less ephemeral?
It seems that SCC is trying to create the appearance of working with the free software community without actually giving anything away. Instead, the company has used U.S. taxpayer's money to embed its own proprietary technology into what was a free system. SELinux brought a lot of energy to the secure Linux development process; among other things, it was one of the driving forces behind the development of the Linux Security Module patches, which are currently being integrated into the 2.5 kernel. SELinux itself, however, will have a hard time recovering from its patent problems. The secure Linux that we use in the future may have to based on some other technology.
No letters to the editor
We did not receive much in the way of letters to the editor this week, so there is no letters page. We did, however, get a great deal of reader feedback, much of which is well worth reading. It can be found in the comments to last week's "The End" announcement, and our first and second updates posted over the last week.
Security
Thanks for reading
As we journey into an unknown future for LWN, I wanted to take this opportunity to say "Thank You" to everyone who has read the security page in 2002. It has been my pleasure to assemble information for you each week that has, I sincerely hope, been of real value.
Safe Travels,
Dennis Tenney, LWN.net Security Page Editor
Brief items
Security warning draws DMCA threat (News.com)
Here's a News.com article about a new attempt to use the DMCA to suppress security vulnerability information. This time the DMCA is being wielded by HP. "In a letter sent on Monday, an HP vice president warned SnoSoft, a loosely organized research collective, that its members 'could be fined up to $500,000 and imprisoned for up to five years' for its role in publishing information on a bug that lets an intruder take over a Tru64 Unix system." (Thanks to Christof Damian).
Copyright as Cudgel (Chronicle)
The Chronicle of Higher Education takes a look at the DMCA. "Since 1998, the DMCA has revealed itself to be a failure. It has not been effective at preventing piracy in cyberspace, yet it has managed to stifle harmless and even beneficial uses of material for research and teaching."
Security reports
Firewall circumvention possible with Mozilla
This XWT Foundation Security Advisory warns that a security flaw in JavaScript's "Same Origin Policy" (SOP) allows any JavaScript-enabled web browser, including Mozilla, to be used by an attacker to retrieve content from any server behind a firewall. The exploit depends on getting a client browser behind the firewall to visit a maliciously crafted web page.Slackware security updates
We don't have advisories from Slackware, but the latest changelog notice shows updates to mod_ssl, libmm, the DNS resolver libraries, OpenSSL, and PHP.Fake Identd - remote root exploit vulnerability
Tomi Ollila's Fake Identd is reported to have a remote root exploit vulnerability."Fake Identd is a small standalone ident server with static replies. It is designed to be suitable for firewalls, IP masquerading hosts, etc."
sendform.cgi Form Mailer v1.45 fixes directory traversal vulnerability
Version 1.45 of Rod Clark's sendform.cgi Form Mailer fixes this directory transversal vulnerability reported by Steve Christey with credits to Brian Caswell and Erik Tayler.ezContents multiple vulnerabilities
Ulf Harnhammar reports multiple vulnerabilities in ezContents.
php dotProject by pass authentication vulnerability
dotProject Beta version 0.2.1.5 is reported to have a anthentication bypass vulnerability which allows anyone to login as Admin.
Uninets StatsPlus 1.25 script injection vulnerabilities
Brain Rawt reports script injection vulnerabilities in Uninets StatsPlus version 1.25. StatsPlus "provides a convient way to get indepth statistics about visitors to your site" which doesn't appear to have been updated since 1998.(Proprietary product) W3Mail remote access and download vulnerabilities
Tim Brown reports a "medium security hole" in W3Mail from CascadeSoft.
New vulnerabilities
HylaFAX 4.1.3 fixes multiple vulnerabilities
| Package(s): | hylafax | CVE #(s): | CAN-2001-1034 | ||||||||||||
| Created: | July 30, 2002 | Updated: | October 9, 2002 | ||||||||||||
| Description: | The HylaFAX team has
released version 4.1.3 fixing
denial of service, elevated system privilege and possible
remote code execution vulnerabilities.
HylaFAX is a mature (est. 1991) enterprise-class open-source software
package for sending and receiving facsimiles as well as for sending
alpha-numeric pages. It runs on a wide variety of UNIX-like platforms
including Linux, BSD (including Mac OS X), SunOS and Solaris, SCO, IRIX,
AIX, and HP-UX.
| ||||||||||||||
| Alerts: |
| ||||||||||||||
OpenSSL remotely-exploitable buffer overflow vulnerabilities
| Package(s): | OpenSSL | CVE #(s): | CAN-2002-0655 CAN-2002-0656 CAN-2002-0657 CAN-2002-0659 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | July 30, 2002 | Updated: | September 24, 2002 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | Four remotely-exploitable buffer overflows were found in OpenSSL versions 0.9.7 and 0.9.6d and earlier by a DARPA sponsored security audit.
Both client and server applications are affected.
The vulnerabilities are described in this security alert from the OpenSSL team.
A nasty exploit for one of the vulnerabilities is described in CERT Advisory CA-2002-27 Apache/mod_ssl Worm.
Compromise by the Apache/mod_ssl worm indicates that a remote attacker
can execute arbitrary code as the apache user on the victim system. It
may be possible for an attacker to subsequently leverage a local
privilege escalation exploit in order to gain root access to the
victim system. Furthermore, the DDoS capabilities included in the
Apache/mod_ssl worm allow victim systems to be used as platforms to
attack other systems.
If you haven't already, applying an update is a very good thing to do today. Mitel Networks has an update available which closes this vulnerabilty for their SME Server software. CERT Advisory CA-2002-23 Multiple Vulnerabilities In OpenSSL | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Local root vulnerability in chfn
| Package(s): | util-linux | CVE #(s): | CAN-2002-0638 | ||||||||||||||||||||||||||||
| Created: | July 30, 2002 | Updated: | October 31, 2002 | ||||||||||||||||||||||||||||
| Description: | chfn (change finger information) is one of the utilities in
the util-linux package.
The BindView RAZOR Team has discovered a local root vulnerability
in chfn which is described in the Bindview Advisory.
Under certain conditions, "a carefully crafted attack sequence can be performed to exploit a complex file locking and modification race present in this utility, and, as a result, alter /etc/passwd to escalate privileges in the system." The conditions include a password file, /etc/passwd, over 4 kilobytes and locating the attacker's account record in any but the last 4 kB chunk of the file. CERT/CC Vulnerability Note VU#405955 util-linux package vulnerable to privilege escalation when "ptmptmp" file is not removed properly when using "chfn" utility | ||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||
Temporary file vulnerability in mm library
| Package(s): | mm | CVE #(s): | CAN-2002-0658 | ||||||||||||||||||||||||||||||||
| Created: | July 30, 2002 | Updated: | August 14, 2002 | ||||||||||||||||||||||||||||||||
| Description: | The OSSP mm library (libmm) is frequently used in Apache
setups using mod_ssl and/or mod_php.
A temporary file vulnerabiity in OSSP mm library (libmm) before
version 1.2.0
permits a local Apache user to gain privileges.
It can be exploited to obtain root privilege in some circumstances.
Upgrading sooner, rather than later, is recommended. | ||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||
Resources
Linux Security Week and Advisory Watch
The July 29nd Linux Security Week and July 26th Linux Advisory Watch newsletters from LinuxSecurity.com are available.LinuxSecurity Magazine Online - First Edition
Readers fluent in Portuguese are encouraged to check out the first issue of Linux Security Magazine from the Brazilian free project LinuxSecurity Brasil.Testing Safety-Critical Software with AdaTEST (Linux Journal)
The Linux Journal looks at the AdaTEST utility. "But how does Ada mix with Linux? In fact, it mixes quite well. The GNU Ada tool chain (GNAT) is an Ada front-end to gcc, tying Ada closely with the operating system. With standard facilities to import C functions, Ada allows for metal-near programming by importing any C functions, including system calls if need be."
Events
Upcoming Security Events
| Date | Event | Location |
|---|---|---|
| August 1, 2002 | Black Hat Briefings 2002 | (Caesars Palace Hotel and Resort)Las Vegas, NV, USA |
| August 2 - 4, 2002 | Defcon | (Alexis Park Hotel and Resort)Las Vegas, Nevada |
| August 5 - 9, 2002 | 11th USENIX Security Symposium | San Francisco, CA, USA |
| August 6 - 9, 2002 | CERT Conference 2002 | Omaha, Nebraska, USA |
| August 19 - 21, 2002 | Canadian Security & Intelligence Conference(CSICON) | (Hyatt Regency)Calgary, Alberta Canada |
| August 28 - 30, 2002 | Workshop on Information Security Applications(WISA 2002) | Jeju Island, Korea |
| September 19 - 20, 2002 | SEcurity of Communications on the Internet 2002(SECI'02) | Tunis, Tunisia |
| September 23 - 26, 2002 | New Security Paradigms Workshop 2002 | (The Chamberlain Hotel)Hampton, Virginia, USA |
| September 23 - 25, 2002 | University of Idaho Workshop on Computer Forensics | (University of Idaho)Moscow, Idaho, USA |
| September 26 - 27, 2002 | HiverCon 2002 | (Hilton Hotel)Dublin, Ireland |
| September 27 - 29, 2002 | ToorCon 2002 | (San Diego Concourse)San Diego, CA, USA |
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.
Page editor: Dennis Tenney
Kernel development
Brief items
Current release status
The current development kernel is 2.5.29, which was released on July 26. It includes another set of IDE patches, a new LDM (Windows dynamic disks) driver, a number of driverfs changes, lots of fixups for the new serial driver, and, of course, lots of fixes for things that broke in the big 2.5.28 IRQ handling changes (see the July 25 LWN Kernel Page). The long format changelog is also available.
Linus's BitKeeper tree (for 2.5.30) contains quite a few patches at this
point. There is a change to the fork() code which allows things
to be done to the child process (i.e. migration to another CPU) before it
starts running. Also included is a big pile of IDE updates, more IRQ
fixes, some direct I/O changes from Andrew Morton ("This code is
wickedly quick
"), the "strict overcommit" patch which prevents
surprise "out of memory" conditions, some serial driver fixes, and an ARM
update. This patch also removes the "khttpd" in-kernel web server.
There is no current prepatch from Dave Jones; this posting explains why. In short: he has been busy, the current development kernels are too unstable to make patches against, and he has been getting going with BitKeeper.
The current 2.5 status summary from Guillaume Boissiere came out on July 31.
The current stable kernel is 2.4.18; Marcelo tried to catch us by releasing the fourth 2.4.19 release candidate just before this page went to "press," but we've learned to watch out for that kind of manouver. -rc4 contains a relatively small set of fixes for the few remaining problems that have come up; with luck, this one will turn into the real 2.4.19.
The latest prepatch from Alan Cox is 2.4.19-rc3-ac5.
Kernel development news
The asynchronous I/O core
When Andrea Arcangeli released his 2.4.19-rc3-aa4 tree, he included an old version of Ben LaHaise's asynchronous I/O code. This led to a discussion of some features of the AIO interface, and a note from Linus wondering what had happened to the AIO project:
Ben responded with a patch implementing the core part of the AIO subsystem. It is far from a full implementation - there are no device driver or filesystem changes in the patch. But it is enough to get a sense for where the AIO development is going.
This patch does not, at this time, make all I/O asynchonous within the kernel (as had been discussed at Kernel Summit). Instead, devices and filesystems must implement the new aio_read, aio_write, and aio_fsync operations in the file_operations structure to be able to support asynchronous operations. This patch can thus, at this point, go into the system without actually breaking anything.
That may change when the rest of the AIO code is posted. This patch provides the mechanism for submitting, tracking, and cancelling asynchronous I/O operations - actually executing those operations will come later. A new io_submit system call provides for the initiation of asynchronous I/O requests; it takes an array of structures describing what is to be done. Whenever an application wants to fire off an asynchronous read or write, it fills in a iocb structure with an "opcode," information on the buffer, etc. and passes it to io_submit. (Of course, the application will likely call a library function like aio_read which handles these details).
io_submit does some validation and bookkeeping, then passes the requests on to the new file_operations methods. For now, they disappear into a cloud of missing code for execution. When the operation has completed, successfully or not, the internal function aio_complete is called with the final status. That status (and associated information) is stored in a circular buffer; applications can extract this information from the buffer with the new io_getevents system call.
Interestingly, some of the structure is there to allow this circular buffer to be mapped into user space. Then applications could obtain their I/O completion information without the need for a system call. The implementation of this feature is not yet complete, however.
Much of the rest of the code posted at this point concerns itself with cancellation of asynchronous I/O requests - either by application request, or when the application exits.
What is missing is the implementation of the AIO operations themselves. Previous versions of this patch provided generic versions of the aio_read and aio_write operations that handled much of the low-level work. They would start by calling the standard read or write operations, but with a twist: those operations were changed to take an extra flags argument. If flags contains F_ATOMIC, the I/O operation must be completed without sleeping, or not at all. In the first case, the operation is done and the application can be notified.
Life is often not that easy, though - usually it is necessary to wait for I/O operations. The application does not want to wait, of course, or it would not be using asynchronous I/O. The older AIO patch would create a kvec structure describing the operation - it contains a pointer to the physical page holding the user buffer, a length, and an offset. Then one of the new kvec_read or kvec_write operations would be called to start the work. These operations also need to be atomic (no sleeping), and must arrange to call aio_complete when the job is done.
This is the part of the patch which breaks everything, of course - even devices and filesystems which have no intention of supporting asynchronous I/O must take the new flags argument on read and write. It will be interesting to see how this part of the AIO patch has changed over the last few months. If the kernel is really going to shift to asynchronous operations as the default way of doing things internally, there could be some fun surprises there.
Organizing the kernel binary interface
The interface between the kernel and user space is a complicated thing. There are over 200 system calls, many of which take task-specific structures or other types as arguments. And then there is ioctl, which can be different for every driver or filesystem, and which, according to many, should be seen as hundreds of independent system calls in its own right.In the good old days, before glibc, applications included kernel header files directly to get the definitions of the structures needed for system calls. The good old days were not all that good, though; keeping the kernel header files suitable for user space use was not easy, the kernel headers brought in a lot of stuff that applications did not need, and it was not uncommon to encounter mismatches between the headers used to compile an application and the actual kernel it was running under. As a result, the rule with glibc has been to never, ever include kernel header files into application programs.
The problem with this approach is that there is no longer a single definition of the interface between kernel and user space. People working on library interfaces must go hunting for structure definitions through the tangled mess of kernel header files; that is not an easy job.
H. Peter Anvin, as it turns out, is working on a library interface - a small C library for the initramfs mechanism. He has come up with a relatively simple suggestion: create a new include directory (linux/abi/) for include files which encapsulate the interface between the two worlds. These files would be written so that they could be included in either kernel or user space, and they would contain only the minimal declarations needed to define the kernel interface.
The idea makes a lot of sense. It would make life easier for library writers, but it would help on the kernel side as well. It is not always obvious, when editing kernel headers, that a particular structure forms part of the interface with user space. Putting the user space interface into special header files will make it harder to change that interface by mistake. Creating the abi/ directory seems like a logical part of the larger task of cleaning up the kernel's include files.
Patches and updates
Kernel trees
Architecture-specific
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Networking
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
Distribution news for August 1, 2002
This has been a relatively slow week for distribution news. Several of the major vendors have released new versions recently, and while development has started on several new branches, these are too new to have much to report. The new Debian installer that will be used in "sarge" is a worth a look. You'll find more information in the Debian Weekly News.The minor distributions have been more active. There are a number of new releases including ClarkConnect, DemoLinux and Lycoris. There should be something there for everyone, whether you want to run Linux from a CD while at the (non-Linux) office, or want an easy desktop system for Grandma, or you are power-user and want to install everything from source. If your dream Linux system isn't mentioned on this list, then it's in the LWN Distributions list. We have some plans to improve that as well, so stay tuned, and hopefully we'll be back in two weeks.
Distribution News
Debian Weekly News - July 30th, 2002
The Debian Weekly News #29 is now available. Topics this week include funding free software development and free software job opportunities in the UK.Mandrake Linux Community Newsletter
The Mandrake Linux Community Newsletter for July 25 is out. It looks at the first Mandrake Linux 9.0 beta, the latest financial results, and more.NetBSD
NetBSD has released v1.5.3 with minor security fixes.Red Hat Bug Fix advisory for GCC 2.96-RH
Red Hat has an updated version of GCC 2.96-RH available for RH 7.2 and 7.3, addressing various issues filed in bug reports.Yellow Dog Linux Bug fix Advisory for qt
Yellow Dog has updated qt packages are available. "The version of the Qt tookit that shipped with Yellow Dog Linux 2.3 contains a small bug which causes the startup time of KDE applications such as Konqueror to be quite slow. The bug also caused general UI slowness in applications such as KMail and broken preview functionality in the KDE Control Center's screensaver module. Installing the updated Qt packages resolves all of these above problems."
UnitedLinux Clan To Detail Unified ISV, Channel, Customer Programs At LinuxWorld (CRN)
Here's a CRN article about UnitedLinux. "At LinuxWorld from Aug. 12-15, UnitedLinux--a consortium formed in May by four leading Linux distributors--will demonstrate an alpha version of its uniform UnitedLinux distribution and detail new programs, said Ransom Love, the former president and CEO of Caldera, who became head of Caldera's UnitedLinux operation in June."
Minor distribution updates
2-Disk Xwindow System
The 2-Disk Xwindow System has released v1.4rc078 with some code cleanup.ClarkConnect
ClarkConnect has released verion 1.1. The software now comes in two versions:- The Standard version is free, no support included
- The Office version includes 30-day install support, along with VPN, wireless, antivirus trialware, content filtering and a few extra features.
DemoLinux 3.01pl5 available for download
DemoLinux has released version 3.01p15. "This is the latest (and probably last) version in the 3.0x series of DemoLinux, and surely the last using the old but stable 2.2.18 kernel."
KNOPPIX
KNOPPIX has released version 3.0 with major feature enhancements. The KNOPPIX website also announces the release of version 3.1, a Debian-based CD featuring Linux-Kernel 2.4.x, KDE V3.0.2, OpenOffice, and much moreLycoris Releases Much Anticipated Desktop/LX Update 2
Lycoris has released Desktop/LX Update 2, featuring a new Internet installer, Iris, to browse and install Desktop/LX programs from the Software Gallery.Lycoris Desktop/LX
PCLinuxOnline reports that the Lycoris release of Desktop/LX Update 2 Build 46 has gone gold.MicroBSD
MicroBSD has released v0.5 with major feature enhancements.Server optimized Linux
Server optimized Linux (SoL) has released v15.00 with major feature enhancements.VectorLinux
VectorLinux has an iso image of a new beta, named SOHO. See the announcement on TuxReports.Webfish Linux (firewall-1)
Webfish Linux has released version 1.1 of its new firewall-1 branch.
Page editor: Rebecca Sobol
Development
Thanks!
With the future of LWN being highly uncertain at this point, I'd like to take the opportunity to say thanks to all of the LWN readers, people who have submitted material to us, and those who were kind enough to shower us with praise and donations over the years. It certainly has been an interesting and educational journey. Hopefully our efforts have helped to move Linux and open-source software forward. This grand experiment is a long way from being over.Meanwhile, I will personally continue to ponder the discorporate similarities between open-source software, solar and wind energy, homebrew beer brewing, non-commercial music, concert tape trading, and micropower radio. Open-source software will no doubt play a big roll in my future endeavors.
So long and thanks for all of the fiche. (and other forms of media)
-- Forrest Cook
Valgrind memory debugger 1.0.0
Developer Julian Seward has released version 1.0.0 of the Valgrind memory debugger for x86-GNU/Linux with the following inspirational note:
By intercepting a number of memory related system calls, Valgrind can detect the following problems:
- The use of uninitialised memory.
- Reading and writing of freed memory after it has been free'd
- Reading and writing past the end of malloced memory.
- Reading and writing of inappropriate areas on the stack.
- Memory leaks involving lost pointers to malloced blocks.
- The passing of uninitialized and/or unaddressible memory to system calls.
- The mismatched use of malloc/new/new and free/delete/delete.
- Some possible misuses of the POSIX pthreads API.
Valgrind is supposed to be able to check any dynamically-linked ELF x86 executable, without modification or recompilation, and it can fire up GDB when errors are encountered. Valgrind also has built-in cache profiling, which can be useful for enhancing the performance of code.
The current 1.0.0 release has undergone a feature-freeze testing phase and it is considered to be stable code at this point. It has successfully been used to check a number of large applications such as KDE3, Mozilla, OpenOffice, and MySQL, to name a few applications. See the Valgrind user manual for the full documentation. Valgrind has been released under the GPL license.
System Applications
Electronics
Icarus Verilog snapshot 20020728
A new snapshot of the Icarus Verilog electronic simulation language compiler has been announced. The release notes are not yet available.
Web Site Development
Zope Members' News
The latest Zope Members' News items include announcements for ZWeatherApplet v1.0, the Zediscuss product, ZopeTestCase 0.5.0, SlideShow V0.1, My Zope 0.1, the new TriZPUG: North Carolina Zope/Python user group, and Interbase / Firebird Database Adapters.Improving mod_perl Sites' Performance: Part 4 (O'Reilly)
Stas Bekman gives some tips on the use of shared memory to improve the performance of mod_perl. "If your OS supports sharing of memory (and most sane systems do), you might save a lot of RAM by sharing it between child processes. This will allow you to run more processes and hopefully better satisfy the client, without investing extra money into buying more memory."
Miscellaneous
Koha 1.2.2 released
Version 1.2.2 of the Koha open-source book library management system has been released with lots of bug fixes. Click below for more information.
Desktop Applications
Desktop Environments
Kernel Cousin KDE #41
The July 24, 2002 Kernel Cousin KDE covers Konq/E Updates, KOrganizer and Exchange compatiblity, MMB opens in Konqueror tabs, Fractions In KDE 3.2, and the KSVG viewer.Sebastien Biot: KDE Usability - First Steps
KDE.News points to a study by Sebastian Biot on KDE Usability issues. "This test conducted in early July 2002 with four participants outlines of some of KDE 3.0's shortcomings including inconsistencies in KFileDialog and the difficulties of working with Konqueror's embedded viewers."
Interoperability
Kernel Cousin Wine #130
Issue #130 of Kernel Cousin Wine includes threads on Wine in China, Flow Control in Wine, Overlapped I/O, Coding Debug Breakpoints, and Imports in Winelib.
Office Applications
AbiWord Weekly News #102
Issue #102 of the AbiWord Weekly News is out, the bug fixing effort continues. Cheers to editor Jesper Skov for his last issue, and welcome to the new editors.
Miscellaneous
GnomeICU 0.98.3 Released (Gnotices)
Version 0.98.3 of the internet chat utility GnomeICU has been released. "This is the latest version of GnomeICU for the Gnome 1.4 desktop platform, and probably the last release for this desktop platform. You should only get this if you are still running Gnome 1.4 instead of Gnome 2, as we are gonna have a Gnome 2 preview release real soon from now ;)" Lots of bug fixes and improvements have been added, see the GnomeICU home page for more information.
Languages and Tools
C
GCC 3.1.1 released
Version 3.1.1 of GCC, the Gnu Compiler Collection, has been released. The changes include bug fixes, improved Java compile time, Java support for parallel make, and better floating point support for mips*-*-netbsd*. A number of other improvements have been added as well.
Caml
The Objective Caml distribution Version 3.05
Version 3.05 of Objective Caml is available. Pre-compiled Binaries are available for a number of Linux platforms.The Caml Hump
The latest Caml Hump entries include the OCaml'OLE OLE binding for OCaml, the MLGMP extended precision computation library, the caml_vrml VRML library for OCaml, the MLChat chat application, and Yaxpo, a nonvalidating XML 1.0 + XMLNS processing suite.
Java
New Blackdown Java-Linux releases
The Blackdown Java-Linux Team announced the availability the Java 2 Standard Edition v1.4.1-beta for Linux on ix86 and SPARC.Thread pools and work queues (IBM developerWorks)
Brian Goetz illustrates Java thread pool techniques on IBM's developerWorks. "One of the most common questions posted on our Multithreaded Java programming discussion forum is some version of "How do I create a thread pool?" In nearly every server application, the question of thread pools and work queues comes up. In this article, Brian Goetz explores the motivations for thread pools, some basic implementation and tuning techniques, and some common hazards to avoid."
XML Basics for Java Developers, Part 2 (O'Reilly)
Jonathan Knudsen and Pat Niemeyer show how to work with SAX on O'Reilly's OnJava.com site. "SAX is a low-level, event-style mechanism for parsing XML documents. SAX originated in Java but has been implemented in many languages."
Lisp
GNU CLISP 2.29 released
Version 2.29 of GNU CLISP has been announced. "This version mostly fixes a number of bugs and improves portability by making it possible to be built with gcc 3.1 out of the box. See the GNU CLISP home page for more information. Thanks to Paolo Amoroso.
Perl
This week on perl5-porters (use Perl)
The July 22-28, 2002 edition of This Week on Perl 5 Porters is available on Use Perl. Topics include New regexp metacharacters, A PerlIO / binmode() bug, a Trailing slash problem, Crypt::SSLeay build problems, the end of non-perlio smoke tests, Memory benchmarks on threads, and more.Perl 5.8.0 Press Release (The Perl Foundation)
The Perl Foundation has put out an official press release for the recently released Perl 5.8.0. "The Perl Foundation today announced the release of Perl 5.8, the latest version of the Perl programming language. It features better support for cutting-edge computing platforms, unrivaled ability to deal with international character sets and numerous new modules and performance enhancements."
New Pumpking is Crowned (use Perl)
Use Perl covers the selection of Michael Schwern as the new Perl Pumpking.
PHP
PHP Weekly Summary #96
Topics for the July 29, 2002 edition of the PHP Weekly Summary include 4.2.X Security issues, manual translations to Slovak/Czech,Swedish, and Dutch, the 4.3.0 release process, Bugpacks, www.php.net, OpenSSL functionality, an RPC extension, and the PECL distribution.Pear Weekly News
This week's Pear Weekly News is out. "Considering the summer holidays, PEAR has had another extremely busy week with 10 stable releases, 4 beta releases, and discussions ranging from PEAR in Gentoo, new categories, a new Manual, and a powered by PEAR icon."
Python
Daily Python-URL
This week, the Daily Python-URL takes a look at the Python-LZO data compression library, SimpleParse 2.0.0, the EuroZope Foundation, and Processing SOAP Headers, and more.
Ruby
The Ruby Weekly News
This week's Ruby Weekly News looks at a Vim compiler plugin for Ruby, YAML4R 0.26, OpenSSL for Ruby 0.1.2, and RADIUS for Ruby.
Tcl/Tk
Dr. Dobb's Tcl-URL!
The July 29, 2002 edition of Dr. Dobbs' TCL-URL is out with the latest TCL developments.
XML
Adventures in high-performance XML persistence, Part 1 (IBM developerWorks)
Cameron Laird addresses XML storage issues with part 1 in a series on IBM's developerWorks. "XML storage is too sprawling a topic to offer easy answers. There's no one fastest XML database, nor fastest XML processing language. Still, it's helpful to understand the basic concepts of XML persistence so you can apply them to your specific situation. This article begins a new developerWorks series on high-performance XML by offering an explanation of common industry practices in XML persistence -- that is, storage of data beyond the lifetime of a single process."
Look Ma, No Tags (O'Reilly)
Kendall Grant Clark explores YAML (YAML Ain't Markup Language) as an alternative to XML on O'Reilly. "In rummaging around for a plain, concise description of YAML, I kept stubbing my toe on a felt need to define it by referring to XML in some way. That was a mistake. YAML stands on its own very nicely, even if its most immediate point of contrast is XML."
Profilers
OProfile 0.3 has been released
Version 0.3 of the OProfile profiler has been released. "OProfile 0.3 has been released. OProfile is still in alpha, but has been proven stable for many users. Click below for more details.
Page editor: Forrest Cook
Linux in Business
Business News
News from the Linux Professional Institute
The LPI News for July 2002 is out; it covers free exams at LinuxWorld, reports from China and Japan, statistics, and more.Linux Stock Index for July 26 to July 31, 2002
LSI at closing on July 26, 2002 ... 19.40LSI at closing on July 31, 2002 ... 20.32
The high for the week was 20.91
The low for the week was 19.40
Press Releases
Open Source Announcements
- ICSA Labs (HERNDON, Va.): ICSA Labs Certifies Network Intrusion Detection Systems in Phase One of Testing in Multiple Network Environments.
- Jabber, Inc. (DENVER): Jabber Delivers Server-to-Server Interoperability for Instant Messaging; Open Protocol in Contrast to Recent AOL Filing.
- Saucon Technologies (BRIDGEWATER, N.J.): Saucon Technologies and Japple Featured On Alexander Haig's World Business Review.
- The Boston Consulting Group (SAN DIEGO): Phase Two of Hacker Survey Identifies Segments of Open Source Community.
Software for Linux
- 1CTI (PONTE VEDRA, Fla.): First Computer Telephony Innovators - 1CTI - Has Integrated Its Windows 2000 and Linux Voice Messaging With Microsoft Outlook.
- Covalent Technologies, Inc. (SAN DIEGO): Covalent Technologies Extends Apache 2.0 to Microsoft ASP.NET to Build Web Applications and Web Services; Covalent's Apache Solution Now Compatible With Microsoft ASP.NET.
- Cylant (MOSCOW, Idaho): Cylant offers Intrusion Detection System Free of Charge to Educational Institutions.
- DGI (ROCHESTER, N.Y.): DGI Flight Deck 1.30 Provides Breakthrough Visibility Into IBM DB2 UDB UNIX & Windows Databases.
- DMOD, Inc. (BOSTON): DMOD Delivers the DMOD WorkSpace Gateway 2.0, Client/Server Software for Secure Digital Media Workflow & Distribution.
- Ericom Software (CLOSTER, N.J.): LINUX Support Now Available From Leading Terminal Emulation Software -- Ericom Releases PowerTerm InterConnect Running on LINUX --.
- GMx Solutions (TAMPA, FL): GMx Solutions announces CM_SAFE 1.5 with Disaster Recovery functionality.
- LVL7 Systems, Inc. (CARY, N.C.): LVL7 Integrates FASTPATH Software With Intel Media Switch Devices.
- Opera Software (Oslo, Norway): Compose Your Own Opera for Linux and Earn Cash.
- STARBAK (COLUMBUS, Ohio): STARBAK Announces a Technology Breakthrough - Tsunami Streaming Middleware Supports Microsoft Windows Media 9 -- Corona --, RealNetworks Helix, and Apple QuickTime.
- SWsoft, Inc. (S. San Francisco, Calif.): Powerful New SW Automates Hosting Business, 5 People Can Manage 20K Customers.
- SlickEdit Inc. (MORRISVILLE, N.C.): SlickEdit Announces Visual SlickEdit v7 OEM Edition and Two New SlickEdit OEM Partners.
- Software AG (DARMSTADT, Germany and CAMBRIDGE, Mass.): Software AG and Basis Technology Collaborate On Powerful Solutions for Asian Customers.
- Sourcefire (COLUMBIA, Md.): Sourcefire Announces Intelligent Intrusion Detection System to Monitor Gigabit Networks; Enhanced IDS Product Suite Provides Real-Time Detection At True Gigabit Speeds.
- Sybase, Inc. (DUBLIN, Calif.): Sybase Ships Replication Server 12.5 for Linux With Support for Red Hat 7.2 And Linux Kernel 2.4.
- UniTrends Software (MYRTLE BEACH, S.C.): UniTrends Introduces Complete Crash Recovery for Linux-Based Computers.
- VariCAD: VariCAD 8.2.0.2 Update Released.
- VERITAS Software Corporation (NEW YORK): VERITAS Software to Deliver Enterprise Linux Solutions on IBM Intel-based Servers.
- VERITAS Software Corporation (NEW YORK): VERITAS Software Enables Enterprise Storage Management Solutions For Linux-based Dell Server Platforms.
- VERITAS Software Corporation (NEW YORK): VERITAS Software Unveils Storage Software Strategy for Linux.
Products and Services Using Linux
- Metro Link, Inc. (Fort Lauderdale, FL): Metro Link and Lineo Partner to Provide Residential Gateway and Digital TV Solutions.
Hardware with Linux support
- AMD (SUNNYVALE, Calif.): AMD Announces IBM DB2 Database Software Support for Linux-Based Enterprise Database Solution on x86-64 Architecture.
- Neoware Systems (KING OF PRUSSIA, Pa.): Neoware Expands Thin Client Product Line to Offer Next-Generation Products for IBM NetVista Thin Client Customers.
Linux at Work
- Envenergy, Inc. (SANTA BARBARA, Calif.): Envenergy and Trane Complete Development of Tracer Summit Web Server; Embedded Web Server Solution Brings Networking Advances to Building Automation System Customers.
- MSC.Software Corporation (SANTA ANA, Calif.): Fiat Group Signs New Worldwide Corporate Agreement With MSC.Software.
Java Products
- Borland Software Corporation (LONDON): BACS Limited Selects Borland Technology for Java to Enhance Electronics Payments Process.
Books and Documentation
- O'Reilly (Sebastopol, CA): "Perl & LWP" Released by O'Reilly.
Trade Shows and Conferences
- IDG World Expo (FRAMINGHAM, Mass.): LinuxWorld Rookery to Showcase Emerging Company Innovations; Special Area for First-Time Exhibitors Will be the Largest in the Show's History.
Partnerships
- DragonVenture (CARLSBAD, Calif.): Objectiva Software Solutions and DragonVenture Enter Into a Strategic Alliance.
- IBM (ARMONK, N.Y.): IBM announces new leading performance results and partnership with VMware.
- MontaVista Software Inc. (SUNNYVALE, Calif.): MontaVista Joins RapidIO Trade Association.
- OPTX International (CHICO, Calif.): OPTX International and UCOME Collaborate on the Creation of a Traditional Chinese Version of ScreenWatch Software; UCOME Resells ScreenWatch Software into Taiwan Market.
- Telia Connect and SuSE (Nuremberg and Copenhagen): "Telia Connect selects SuSE Linux Enterprise Server on IBM Mainframe".
- Trustix and Multisystem (TRONDHEIM/SANTIAGO): Trustix and Multisystem partner in South America.
Financial Results
- Borland (SCOTTS VALLEY, Calif.): Borland Revenues Increase 7% in 2002 Second Quarter; Pro Forma Operating Income Rises 14%.
- Resonate (SUNNYVALE, Calif.): Resonate Announces Second Quarter 2002 Results; Resonate Commander Solutions Drives Broad Improvement.
Miscellaneous
- Neoware Systems (KING OF PRUSSIA, Pa.): Neoware Moves into a Leadership Position in Thin Client Market; Neoware Number Two in U.S. Shipments in 2001, According to IDC.
- Netcraft: July 2002 Netcraft Web Server Survey.
Page editor: Rebecca Sobol
Linux in the news
Recommended Reading
DRM Is Theft: New Yorkers for Fair Use Go to Washington (Linux Journal)
Linux Joural has an article by Ruben I Safir, President of New York Linux Scene, as he and others took political action at the Department of Commerce, which was holding its second Digital Rights Management (DRM) Workshop. "Once the decision was made to go ahead with the plan, several goals were agreed upon by the NY for Fair Use management, including Seth, cofounder Brett Wynkoop, Jay Sulzberger, our general public relations manager, and myself. NYLXS also geared into action by providing network services and funding for the trip. NYLXS members, as usual, sprang into action in support of the NY Fair Use activity. In particular, Micheal Richardson, the NYLXS Membership Chairman and Journal Editor, designed buttons and helped drive everyone down to Washington. Kevin Mark contributed to the PR material, Vinnie alerted as much of the press as possible and Joe Maffia offered technical support. Even with large numbers of NYLXS on vacation, the organization worked admirably according to its charter, to support and educate the public about issues that affect Free Software in business, education and the home."
Analysis: Case of the [c]ompressed image- II (Newsalert)
The mainstream press looks at a number of intellectual property issues. "But the inane expansion of intellectual property rights may merely be a final spasm, threatened by the ubiquity of the Internet as they are. Free scholarly online publications nibble at the heels of their pricey and anticompetitive offline counterparts. Electronic publishing poses a threat -- however distant -- to print publishing. Napster-like peer-to-peer networks undermine the foundations of the music and film industries. Open source software is encroaching on the turf of proprietary applications. It is very easy and cheap to publish and distribute content on the Internet; the barriers to entry are virtually nil."
ACLU lawsuit targets copyright law (News.com)
News.com covers the new suit filed by the American Civil Liberties Union. "The suit asks a federal judge to rule that the Digital Millennium Copyright Act (DMCA) is so sweeping that it unconstitutionally interferes with researchers' ability to evaluate the effectiveness of Internet filtering software. By suing on behalf of a 22-year-old programmer who's researching the oft-buggy products, the civil liberties group hopes to prompt the first ruling that would curtail the DMCA's wide reach."
San Jose Mercury News, Calif., Dan Gillmor Column
The San Jose Mercury News features an editorial by Dan Gillmor on the Peer to Peer Privacy Prevention Act. "If you or I asked Congress for permission to legally hack other people's computers, we'd be laughed off Capitol Hill. Then we'd be investigated by the FBI and every other agency concerned with criminal violations of privacy and security."
"Then again, you and I aren't part of the movie and music business.
We aren't as powerful as an industry that knows no bounds in its paranoia and greed, a cartel that boasts enough money and public-relations talent to turn Congress into a marionette.
"
Microsoft's Big Stick in Peru (Wired)
Wired looks at the latest developments with Peru's proposed free software law. "Wired News has obtained a copy of a letter sent by U.S. Ambassador John Hamilton to the president of the Peruvian Congress, expressing his dismay at the proposed legislation."
Companies
Cisco's Linux project a marriage of gluttonous execs (Register)
The Register examines possible corporate trouble within router company Cisco. "According to employees, Grennan and Company (i.e., numerous other Borg engineers on leave) enjoyed office space, work space and phones at Cisco's expense during the project. Were their Cisco options still vested, people wonder? Couldn't the company have done this in the traditional in-house manner and saved a bundle? One employee remarked that the project could have been done by ten people in a year for $10 million. The whole thing stinks of favoritism, especially as, according to several Borg drones, the Linux angle was already being pursued in-house."
IBM to offer software for new AMD chip (News.com)
News.com looks at the latest news from IBM and AMD. "IBM will offer a new flavor of its DB2 version 8 for Linux operating systems that will allow companies to run the database software on multiprocessor Opteron servers in the future."
IBM to keep AIX releases rolling (Register)
The Register covers the next release of IBM's AIX operating system. "There has been some talk about IBM executives wringing their hands about what to do with AIX, and some have even been suggesting that IBM might be thinking about dropping AIX and focusing solely on Linux. This is hogwash. What IBM is working is a Power-based platform that uses a variant of OS/400 logical partitioning technology to create a line of servers that can support AIX, Linux, or OS/400 equally well within its partitions or as a standalone operating system on those Power machines."
IBM and Linux our biggest threats - Microsoft (Register)
The Register reports on comments made by Microsoft executives regarding the threat of Linux and IBM. "Paul Flessner, senior vice president .NET enterprise servers, called IBM and Linux a "formidable" challenge. "It's not just IBM alone, it's not just Linux alone," he said.This interesting point was also mentioned: "
We need to build a vibrant and healthy developer community. That's the lesson Linux has taught us. Having people to help. Knowing where to get questions answered," Rudder said.Opera releases new browser (Composer) for Linux (News.com)
Here's an article from News.com on Opera's new browser composer application for Linux. "Norwegian Software maker Opera Software released the second edition of its Composer browser-customization application for the Linux operating system and expanded its sales referral program to include Linux."Real embraces open-source Ogg Vorbis (ZDNet)
ZDNet writes about RealNetworks' incorporation of the Ogg Vorbis audio compression CODEC in the Helix DNA client software. ""The fact that the user will almost automatically get Ogg on their desktop means that there is a patent-free and royalty-free audio format that everyone can play on every computer," said Bruce Perens, co-founder of the Open Source Initiative. "This means that MP3 may become a little less popular over the long term because there are patent issues on MP3.""Red Hat waxes optimistic (News-Observer)
The (Raleigh) News & Observer reports from the Red Hat shareholders' meeting. "But at the company's third annual gathering, held Thursday at the Linux company's headquarters in Raleigh, corporate officials were finally able to talk about a stock price that finished the past 12 months above where it started, customers with real name recognition, and mainstream software and hardware partners."Veritas expands Linux software line (News.com)
News.com covers announcements from Veritas as the company expands its Linux software line. ""We view Linux as a strategic platform with immense growth opportunity," Veritas Chief Executive Gary Bloom said in a statement. The support comes through Red Hat's Advanced Server version of Linux running on Intel-based servers from HP, IBM and Dell. Partnerships with high-end software companies is a central part of Red Hat's Advanced Server plan."
Business
Will Real feast where Apple failed? (News.com)
News.com compares RealNetworks to Apple in open source offerings. "The track record of open source in reviving flagging corporate software products is not encouraging. Mozilla in four years has failed to stem the tide away from Netscape, and Sun Microsystems hasn't dented Microsoft's dominance with its open-source version of StarOffice."
Chinese developers place confidence in open source (ZDNet)
ZDNet reports on the shift of Chinese software developers toward open-source. "One of the world's first surveys of Chinese application developers has provided data supporting indications that the country's infant software industry is turning to open source solutions."
Interviews
An Interview with Joshua Drake: Coauthor of Practical PostgreSQL (O'Reilly)
O'Reilly has an interview with Joshua Drake on the future of PostgreSQL. "Recently, Jonathan Gennick sat down with the coauthor of Practical PostgreSQL to talk about the future of this open source database. In this in-depth interview, Joshua Drake, who is also the cofounder of Command Prompt, and a project leader for Mammoth PostgreSQL, touches on everything from a Mac OS X distribution of PostgreSQL to LXP, the XML application server that runs as an Apache module to XML support in PostgreSQL."
Resources
LinuxDevices.com Embedded Linux Newsletter for July 25, 2002
LinuxDevices.com has published its weekly Embedded Linux Newsletter, with all the latest news and info from the world of Embedded Linux and Linux-based gadgets.OfB Open Choice Awards 2002
Open for Business has announced the winners for the 2002 Open Choice Awards. KMail 1.4.1 won best email client; Mandrake Linux 8.2 won Best Linux Distribution; and much more.
Reviews
Linux takes the game to Microsoft (ZDNet)
ZDNet covers ongoing efforts to get Linux running on the Microsoft Xbox gaming console. "The Xbox Linux Project, drawing on the skills of programmers in the UK, Germany and the United States, released a pre-alpha version of the new BIOS on Sunday. When complete, the BIOS will give programmers control over the Xbox's components and peripherals and allow the rest of the Linux operating system to boot."
Device profile: i3 micro Mood Box (LinuxDevices)
The latest LinuxDevices.com device profile looks at the i3 micro "Mood Box." "Based on a Linux-based operating system and open multimedia standards, the Mood Box can be used as part of an i3-provided total 'Mood solution' which includes the set-top box along with streaming servers (for IP TV and video-on-demand) plus systems management servers. Alternatively, the device is available as a standalone component for use with various 3rd-party products and services."
Miscellaneous
Pirate this, go to jail (News.com)
News.com reports on the latest anti-copying bill from Senator Joseph Biden. ""The world is moving toward closed digital rights management systems where you may need approval to run programs," says David Wagner, an assistant professor of computer science at the University of California at Berkeley. "Both Palladium and TCPA incorporate features that would restrict what applications you could run.""
Page editor: Forrest Cook
Announcements
Upcoming Events
Singapore Linux Conference Call For Papers
The Singapore Linux Conference will be held October 14 to 16; the call for papers is active now. Submissions should be in by August 16. The theme of the conference this time around is "Linux means business."Links From the 2002 Boston Gnome Summit
Ben FrantzDale has published a list of links from the Boston GNOME Summit, check it out for presentations, notes, reflections, and pictures.O'Reilly Open Source Convention Coverage
O'Reilly has posted coverage of this year's Open Source Convention.2002 OSCON Java Wrap-Up (O'Reilly)
O'Reilly's OnJava site has a report from the unofficial 2002 O'Reilly Open Source Convention Java conference.Events: August 1 - September 26, 2002
| August 1 - 2, 2002 | 3rd annual Bioinformatics Open Source Conference(BOSC 2002) | Edmonton, Canada |
| August 2 - 4, 2002 | International Conference on Open Source 2002, Taipei | (Academic Sinica)Taipei, Taiwan |
| August 12 - 15, 2002 | Linux World Conference & Expo | (Moscone Center)San Francisco, California |
| August 24 - 31, 2002 | Linux Beer Hike | (Russell Community Centre)Doolin, Co. Clare |
| August 27, 2002 | Seattle Ruby Brigade Meeting | Seattle, Washington |
| September 11 - 13, 2002 | Open source GIS - GRASS users conference 2002(GRASS) | (Centro Servizi Culturali S. Chiara)Trento, Italy |
| September 18 - 20, 2002 | Yet Another Perl Conference Europe 2002(YAPC::Europe 2002) | Munich, Germany |
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Miscellaneous
LUG Support Program Off To A Great Start
Linux Orbit has set up a LUG Support Program, lots of LUGs are joining in. Click below for the full story.2002 XML Application Award -- Final Call for Submissions
A call for submissions has been posted for the 2002 XML Application award. "The award is designed to publicise the best custom applications using XML in the enterprise, and to recognise the professionals implementing the technology." The award will be given at XML Day in Munich on September 18, 2002.
Active Award Winners Announced (use Perl)
Use Perl congratulates the winners of the ActiveState Active Awards for Perl.The Perl Academy Launches in September (use Perl)
The Perl Academy will open on September 1 with Perl training in the Netherlands.Open Source Education Foundation announces tax-exempt status
The Open Source Education Foundation (OSEF) announced approval of its application for non-profit tax-exempt status under section 501(c)(3), allowing the organization to begin actively pursuing tax-deductible contributions to assist in project development.
Page editor: Forrest Cook