LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for November 26, 2003Examining an attack on the GPLOn November 21, a law firm called Wolf, Greenfield & Sacks, P.C saw fit to issue a press release on the evils of the GPL. By the reckoning of Steve Henry, a "senior intellectual property lawyer" with the firm, the GPL is indeed scary:
This "time bomb" lurks because a popular license for open source,
the GNU General Public License, (GPL) is "viral." The license
attaches to any product with GPL-licensed code, including a
derivative work, he said. The entire software package becomes open
source and the company thus must distribute it freely and let
anyone copy it. A widely used open-source utility, for instance,
could "infect" hundreds of software products and destroy their
commercial value.
We found this reading of the GPL to be interesting, so we asked Mr. Henry to explain his reasoning a bit. We thank him for getting back to us; for the curious, we have put his full response on a separate page. We'll just look at the core of his claims here. What Mr. Henry tells us is:
Those who portray the GPL as an entirely innocent and voluntary
instrument take a simplistic view of the GPL itself as well as of
both copyright law and contract law. They often project onto
others the benevolent behaviors and actions they attribute to
themselves. The problem is that others are not always so benevolent
and if the GPL is an enforceable contract, then it may not only be
enforceable by the licensor, but also by third-party beneficiaries
(under at least some conditions).
So, if you see the GPL as a contract, those who have received GPL-licensed software can enforce that contract's provisions against you. How could that be a problem? According to Mr. Henry:
So, if a company downloads a GPL product, and incorporates it into
the company's product in such a way that the company's product is
considered a "derived" work or a work "containing" the downloaded
code, not only is the company obligated to use the GPL to
distribute its product, but also it is obligated not to charge. And
its licensees automatically receive a license under GPL terms for
the original code. If the company uses a different license (a) it
could be liable for copyright infringement, (b) it could be liable
for breach of contract, and (c) it could be subject to a court
order for "specific enforcement" of the GPL obligation to
distribute the derivative work under the GPL. The licensor of the
downloaded code could enforce the GPL, as might a licensee of the
company (as a third-party beneficiary).
Mr. Henry's point (a) is not controversial; if you use copyrighted work in violation of the license that applies to that work, you are infringing the copyright. There is nothing unique to the GPL there. Point (c) is the crux of the matter: Mr. Henry claims that, if you distribute a product containing GPL-licensed code, anybody receiving that code could sue to have your proprietary code relicensed. The fact that nobody has ever attempted to do this is irrelevant by this analysis; in the future somebody could make a try at it. One could argue that, even if this reasoning holds, there is no real problem here. If a company does not wish to abide by the terms of the GPL, it should simply avoid incorporating GPL-licensed code into its products. Once again, the GPL does not differ from any other software license in this regard: if you do not like the license, nobody forces you to use the code. But the fact is that, by this argument, GPL-licensed code is more actively dangerous than other code. If you get caught using somebody's proprietary code, all you have to do is settle the copyright infringement claims and get on with life. With GPL-licensed code, you still have the infringement issue, but you could also be forced to give your proprietary products away. That would be a heavy price for a company to pay just because one of its employees slips some GPL-licensed code into its product. But does this reasoning hold water? We dropped a note to FSF counsel Eben Moglen to get his opinion on Mr. Henry's argument. His response was:
So far as "specific performance" is concerned, there is *no* legal
support for the claim. "Specific performance" is the name of a
contract remedy; the GPL is not a contract. In the event of
copyright infringement the relevant possible remedies are: (1)
damages, actual or statutory; and (2) an injunction to prohibit
infringing distribution.
If the GPL is not a contract, what is it? If you look at §106 of the U.S. copyright code, it states:
Subject to sections 107 through 121, the owner of copyright under
this title has the exclusive rights to do and to authorize any of
the following: (1) to reproduce the copyrighted work in copies or
phonorecords; (2) to prepare derivative works based upon the
copyrighted work; ...
One of the rights given to copyright holders is to authorize others to create copies and derivative works. The GPL is that authorization: you have the right to create certain kinds of copies and derived products from GPL-licensed code. You have not signed a contract with the copyright holder, and you have not paid any sort of consideration, which is a required part of any legal contract. So you, as the recipient of GPL-licensed code, do not have any contract rights against those who distributed that code to you. Even the copyright holder lacks such rights, though the holder does have the right to claim infringement if the provisions of the GPL are not followed. Mr. Moglen concluded with: "This talk about 'incorporating' GPL'd code in a product leading to forcing the rest of the product open is scare-mongering." We are inclined to agree. Anybody who is truly concerned about such issues, however, should discuss it with their own lawyer rather than taking our word for it.
Lawyers in chargeAnybody following the SCO Group story is aware that, in the last couple of weeks, the company has issued a new set of threats. Among other things, SCO claims that it will, soon, file suit against at least one Linux user. It is tempting to disregard these threats as just more bluster coming out of the company. Threats against other Unix vendors have failed to come to pass, the deadline for the company's "half-price Linux License" promotion continues to recede, the flood of invoices they promised us never appeared, etc. Why should things be different this time? When the weakness of SCO's case and the fact that a copyright suit would require a rather more straightforward unveiling of the company's evidence is considered, more lawsuits may seem unlikely.There is, however, a recent Gartner Group pronouncement which is relevant here:
SCO has declared in filings with the U.S. Securities and Exchange
Commission that its competitive position could decline if the
company can't obtain additional financing. The latest share issue
will dilute shareholders' investments about 3.5 percent. It comes
on top of a previously announced arrangement giving Boies, Schiller
& Flexner a 20-percent share in SCO if the company were sold. SCO
also received an investment of $50 million from BayStar Capital in
return for 17.5 percent of outstanding shares. We believe that
these moves compromise SCO's mission as a software
company. Increasingly, the legal and financial aspects of the
intellectual property infringement cases will absorb the company's
attention, and a law firm will be in an increasingly powerful
position to set the overall agenda for its compensation. Therefore,
SCO will likely pursue claims against Linux users quickly.
Of course, one could rephrase the above more succinctly: the company has no revenue stream and the lawyers are running the show. SCO has no real alternatives to income from litigation at this point, and its lawyers have nothing to lose from filing more lawsuits. Gartner could be right: SCO might indeed try to open up more legal fronts in the near future. If the company chooses its targets carefully, it might just succeed in finding one that will decide to settle rather than get involved in a long intellectual property case. Or so SCO management must hope. At this point, however, there is enough information about the company's claims out there that any SCO target which takes the time to research the situation may well turn out to be less of a pushover than SCO might wish. In fact, as SCO carries out its search for the softest targets, chances are good it will pass over any company which makes it clear that it will fight back. Potential recipients of SCO licensing claims would do well to bear that in mind.
The CAN-SPAM bill examinedThe U.S. House of Representatives passed a version of the "Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003," on Saturday. Commonly referred to as the "CAN-SPAM" bill, the House agreed on a version of the bill very similar to the bill passed by the Senate in October. This makes it likely (but not certain) that the U.S. will soon have a national law governing unsolicited commercial e-mail (UCE) -- better known as "spam" (or any number of less polite terms) by the rest of us.Very few outside of the Washington beltway or the Direct Marketing Association (DMA) seem convinced that the CAN-SPAM bill is going to put a halt to spam. A number of people, including several state Attorneys General have argued that CAN-SPAM will make matters worse, rather than better. There is a fair amount of evidence to support this opinion. The CAN-SPAM bill actually has the effect of legitimizing spam so long as it is non-fraudulent and provides the recipient with a means to "opt-out" of future e-mails. This is a big win for the DMA, and a major loss for the rest of us. Having to opt-out of receiving spam from each and every "legitimate" source of spam is a burden that should not be placed on the user. Given that there are thousands of legitimate businesses that will seek to make use of e-mail marketing, users are going to be doing a lot of opting out. What about a "do-not-spam" list? The CAN-SPAM Act does contain a provision to create a national "do-not-spam" list. This can only be seen as a tactical error of gargantuan proportions. While a "do-not-call" list may succeed in reducing or eliminating unwanted telemarketing calls, spammers operating beyond U.S. borders are unlikely to be deterred by the CAN-SPAM provisions. Indeed, getting a copy of the the "do-not-spam" list will likely be a high priority for offshore spammers looking for a roster of known-good e-mail addresses. Users who place their e-mail addresses on a "do-not-spam" list may avoid spam from legitimate businesses, but will still find themselves subjected to unwanted e-mail from offshore spammers. Happily, the CAN-SPAM bill does not require the Federal Trade Commission to create a "do-not-spam" list, it only permits the creation of such a list. Given that the FTC has objected to this provision, implementation seems unlikely. Even worse, the bill overrides state legislation that may be more stringent than the CAN-SPAM bill. This is presented as a solution to the difficulty for "law-abiding businesses" to comply with anti-spam laws, but complying with multiple state laws is a cost of doing business. This should not be an excuse to shift the burden to users and organizations rather than businesses seeking to advertise their goods or services. By overriding state laws that require "opt-in" rather than "opt-out," the CAN-SPAM Act is giving merchants free reign to send unwanted spam, at least until the user asks to be left alone. While one may argue that any laws against spam are unlikely to be effective, at least laws like those passed in California are stacked in favor of the user rather than the spammers. Some have claimed that the CAN-SPAM Act may make anonymous e-mails illegal altogether. John Gilmore argues that the bill would make it a crime "to use any false or misleading information in a domain name or email account application, and then send an email." However, this is a somewhat liberal interpretation of the bill, which actually says:
Whoever, in or affecting interstate or foreign commerce, knowingly...
(3) materially falsifies header information in multiple commercial electronic messages and intentionally initiates the transmission of such messages, (4) registers, using information that materially falsifies the identity of the actual registrant, for 5 or more electronic mail accounts or online user accounts or 2 or more domain names, and intentionally initiates the transmission of multiple commercial electronic mail messages... A close reading of this language indicates that merely sending an anonymous e-mail or e-mail with a falsified header would not automatically be a crime. The provisions only apply to those "in or affecting" commerce, which would seem to exclude a user who sends an anonymous e-mail for non-commercial purposes. It might be that the language could be abused to include someone who has sent an anonymous e-mail that may have some impact on a business, perhaps a whistleblower or disgruntled customer sending out negative commentary about a company, but then the user would have to send a relatively large number of e-mails. Further on, the bill classifies "multiple" as "more than 100 electronic mail messages during a 24-hour period," up to 10,000 during a 1-year period. Unlike some of the state laws, which allow users to sue spammers directly, the CAN-SPAM Act seems to put users at the mercy of others to take action against spammers who do not comply. The Act explicitly addresses the ability of state and federal agencies to prosecute spammers under the provisions of the Act, and provides authorization for ISPs to bring action against spammers. There are a few good things about the CAN-SPAM Act. The bill specifically states that nothing in the bill requires an ISP to carry or deliver spam. This prevents spammers from claiming that an ISP is in any way required to deliver spam, even if it is explicitly legal. The bill also contains a provision that allows the court to force a spammer to pay legal fees for the party that initiates proceedings. This may make it more likely that prosecutors will take on spammers who violate provisions of the bill. CAN-SPAM also makes it illegal to for spammers to use open relays or other methods of hijacking computers to send spam, and requires a working method to opt-out of e-mail. Again, these provisions are unlikely to deter offshore spammers, but the provisions are welcome nonetheless. Finally, the bill provides for vendor liability. This means that if a vendor contracts with a third party to send e-mail on their behalf, the vendor can be held liable for failure to comply with the CAN-SPAM provisions. This prevents companies from contracting with offshore spammers to escape legal liability. In all, however, the CAN-SPAM Act is disappointing legislation. It fails to affirm users' rights to consent to e-mail marketing, and instead burdens them with the responsibility of opting out of unwanted marketing. The bill will negate tougher state laws against spam that have the backing of the general populace in favor of weakened provisions that are backed by lobbyists. After more than six years of Congressional foot-dragging, we will likely be stuck with a law that does little good, and may even serve to exacerbate the problem. It may well be that the spam problem is not solvable by legislation, but, even if it is, the CAN-SPAM act is not the law we need. (For those who are interested, the full text of the proposed law is available in PDF format.)
Security Brief items Infrastructural attacks on free softwareThe recent compromise of several Debian servers has been well publicized. It appears that the Debian archive was unaffected, and Debian users need not be worried about malware entering their systems by that path. Certainly this event, like the recent kernel backdoor attempt, has raised awareness of the vulnerability of our software repositories. An attacker who is able to slip a bit of evil code into the wrong place could compromise many thousands of systems.Less attention has been paid to the cost of having the Debian servers be unavailable for the better part of a week. Your editor, waiting for a working version of psycopg to be uploaded to unstable, was merely inconvenienced. Other users, who may have planned significant installations or upgrades, or who were trying to discuss problems with Debian developers will have been rather more inconvenienced. Debian developers, trying to get 3.0r2 out the door, were stopped dead for a while. These consequences are costly enough by themselves, but consider what could happen. Had a major security incident broken out while the Debian servers were unavailable, it would have been difficult or impossible for the project to respond quickly. Linux systems are living things; even the most stable systems need occasional updates to stay secure. Linux users depend on the availability of their distributions' supporting infrastructure to keep their systems up to date. This sort of attack, by making that infrastructure unavailable, hurts users worldwide, and could leave them unable to respond quickly to serious security problems. Once again, we have been warned that our infrastructure is too fragile and insufficiently secure.
New vulnerabilities iproute: local denial of service
opera buffer overflows
Pan: denial of service
phpSysInfo directory traversal
Updated vulnerabilities 2.4 kernel - several vulnerabilities
apache: buffer overflows in mod_alias, mod_rewrite
apache2: Denial of Service vulnerability
CUPS: denial of service
epic4: buffer overflow
ethereal: multiple remote and local vulnerabilities
Filename disclosure vulnerability in fam
fetchmail may crash on specially crafted message
fileutils/wu-ftpd: denial of service
glibc - buffer overflow
glibc: local DoS vulnerability
glibc: DNS stub resolvers contain buffer overflow vulnerability
gnupg: key validation
gtkhtml: malformed messages cause crash
hylafax: remote code execution
KDE: Two issues in KDM
kernel-utils: setuid vulnerability
libnids: remotely exploitable buffer overflow
libpng, libpng3: buffer overflow
mikmod: buffer overflow
minimalist: unsanitized input
mpg123: heap overflow
mplayer: remotely exploitable buffer overflow vulnerability
Nessus NASL scripting engine security issues
nfs-utils xlog() off-by-one bug
openssh: timing attack leads to information disclosure
postfix: denial of service vulnerabilities
proftpd: remote root shell
pstack: Buffer overflow
Multiple-use vulnerability in Safe.pm
sane-backends: several vulnerabilities
sendmail: remotely exploitable buffer overflow
stunnel: signal handler reentrancy DoS
File overwrite vulnerability in tar and unzip
Multiple vendor telnetd vulnerability
vim - modeline vulnerability
webmin: session ID spoofing
wget: buffer overflow
XFree86 4.3.0 integer overflows in font libraries
zebra: denial of service vulnerability
Resources Quarterly CERT SummaryThe quarterly CERT Summary - which describes the security issues being most actively exploited - is out. Of the nine vulnerabilities, six affect only Windows systems. The summary does, however, point out ongoing problems with OpenSSL, OpenSSH, and sendmail.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current development kernel is 2.6.0-test10, finally released by Linus on November 23. This patch contains a month's worth of accumulated fixes for serious bugs, and not a whole lot else. Linus notes that there is still a problem associated with preemption out there; the kernel preemption code itself is likely not at fault, but some subsystem or driver out there somewhere is not being entirely preempt-safe. That problem had not been tracked down as of this writing.The long-format changelog contains the details for the patches incorporated in this release. Incidentally, -test10 has been dubbed the "stoned beaver" release. Linus also laid out his thinking for the future:
I'm planning/hoping on basically turning this over to Andrew, and
let him decide to make the final 2.6.0 or not. Timing-wise Andrew
is apparently going to be off for a few weeks, so regardless of
whether this turns out to be rock solid or not, we'll have a few
weeks of final testing before that were to happen. Which means that
I might still end up making a test11 if Andrew hasn't come back and
we find something that warrants it.
Linus's BitKeeper tree holds a small number of additional fixes. The current stable kernel is 2.4.22, but its time is coming to an end. Marcelo released 2.4.23-rc3 on November 21, with the idea that it would become the final release. Reality dictated otherwise, with the result that 2.4.23-rc4 came out on the 24th, and 2.4.23-rc5 on the 25th. The idea, of course, is that this one will become the final release; stay tuned.
Kernel development news BSD security levels for LinuxThe Linux Security Module (LSM) patch was intended to enable the creation of a wide variety of security regimes for Linux systems. So far, the main user of the LSM functionality has been the NSA SELinux module. But there are signs that other security-oriented developers are beginning to make use of LSM to implement different approaches.The latest such is the BSD Secure Levels patch posted by Michael Halcrow. This patch is intended to create something resembling BSD's secure level capability for Linux. Thus it implements an integer security level, which has useful values of zero to two. At level zero, the system functions as always - as if the module were not present at all. Zero is the default level, but the level can be raised (but not lowered) by writing the new value to /proc/seclvl. At level one, a number of actions become disallowed, including:
At security level two, a few additional actions are prohibited:
The "secure level" patch is thus a way of raising the bar for any potential attacker. At the higher levels, even a process with root privileges cannot make certain kinds of changes to the system. Normally, higher levels are forever; the only way to lower the secure level is to reboot the system. Note, however, that this module allows the administrator to include a small back door by specifying an executable that, when run, causes the secure level to be reset to zero. This feature may be useful for administrators who are converting a system over to secure level operation. Leaving the "emergency reset" option enabled permanently would be dangerously counterproductive, however.
Review: Linux Kernel DevelopmentWriting books about the Linux kernel is hard. The subject matter is vast, complex, and highly technical. It also is very much a moving target;![[Book cover]](/images/ns/linux-kernel-development.jpg)
today's kernel book becomes obsolete in a short period of time. So kernel
authors have to pick their subject matter carefully, time things well, and
enjoy their fifteen minutes of fame before somebody merges a patch and
their words begin the inevitable slide into obsolescence.
The latest kernel book to hit the shelves is Linux Kernel Development by Robert Love. The goal of this book is perhaps best expressed by Andrew Morton in the foreword. He notes that kernel development has become increasingly complex as the kernel grows and scales to larger systems. That complexity increases the functionality and performance of the kernel, but it comes with a cost: the kernel is harder to understand than it once was.
I believe that this declining accessibility of the Linux source
base is already a problem for the quality of the kernel, and it
will become more serious over time. Those who care for Linux
clearly have an interest in increasing the number of developers who
can contribute to the kernel.
The purpose of this book is to help developers get to where they can make a contribution. Linux Kernel Development covers a lot of ground. There are chapters on process management and scheduling, how system calls work, interrupt handling (but not device drivers in general), delayed work mechanisms, locking and mutual exclusion, timers, memory management, filesystems and the block layer, the page cache, kernel debugging, and more. This book, however, is just over 300 pages long, so it necessarily does not cover any of these topics in any great depth. Thus, for example, you will see what each of the inode_operations methods is, but there is little information on how to write one. Linux Kernel Development is a starting point which will prove useful to any developer trying to get up to speed with one or more kernel subsystems. Completing that process, however, will still require setting down the book and diving into the source. That said, this book is truly a good starting point. After having perused the text on a particular subsystem, the reader will have enough background to be able to make sense of the source much more quickly than before. The presentation is clear, the writing is enjoyable to read*, and the information is accurate and useful. Linux Kernel Development belongs on the shelf of any developer who is interested in kernel work. One small complaint that one might make is that it is hard to figure out just which version of the kernel this book covers. The fine print on the back notes that it covers 2.6. Of course, the book was published in September, and now, at the end of November, the 2.6 kernel has not yet been released, so that statement is not entirely accurate. A suitably attentive reader can find places where the current kernel diverges from the text of this book - the listing of struct inode lacks the i_cdev field, for example. Kernel books will always tend to be like that, however; they are only completely accurate when they are out of date. Mr. Love appears to have timed things pretty well with this one; the differences between the text and the current development kernel are minimal - so far. For the time being, Linux Kernel Development is the best description of the structure and API of the 2.6 kernel available. [Disclaimer: your reviewer is the co-author of a Linux Kernel book which could be seen as competing with Linux Kernel Development, though he sees the two as being entirely complementary. Buy Both.]
*Though sprinkled with rather more footnotes that your reviewer might have preferred...
A last-chance kernel message dumperIf you have spent enough time working with development kernels, you may well have experienced the joy of a system panic which brings the system to a complete halt. Depending on the nature of the problem, you may find that the only information on what has happened is to be found on the system console. At that point, you may be reduced to trying to transcribe an oops listing by hand - if you are lucky. It may be that the information you really need has scrolled off the screen and is no longer available.A useful tool for situations like this is kmsgdump; a version for 2.6.0-test9 has just been announced. This patch, which includes a scary amount of assembly code, does nothing until the system panics. At that point it jumps in and dumps the kernel message buffer to a diskette or parallel port. Later, when your system is running again, you can look over the output at leisure - or forward it on to somebody who knows how to interpret it. No more pen and paper required.
Driver porting Driver porting series update completeThe promised update of the LWN.net Driver Porting Series is now complete; all of the articles should be current with the 2.6.0-test10 kernel. This series now consists of 37 articles covering changes in almost every kernel interface of interest to driver programmers. More content may be added in the future, but, with luck, another massive updating (for 2.6, anyway) won't be necessary.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Memory management
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Interview with Andreas Typaldos, Xandros CEOTwo weeks ago, Xandros Corporation announced the release of Xandros Desktop OS 2.0, which will be available for purchase beginning December 9. We have taken this opportunity to ask the recently appointed CEO of Xandros Corporation Andreas Typaldos about the product features, plans for the future and other topics of interest.Mr. Typaldos, thank you very much for your time. You have been with Xandros Corporation for less than a month. What are your first impressions? What motivated you to take up the challenge?
It's really quite simple. The Linux desktop market is
about to explode and Xandros has a clear vision, a great product and the best
engineering team in the business. My challenge is to parlay engineering
leadership into market leadership.
Let's talk about your upcoming 2.0 release. Your announcement has given us a preview of what to expect, such as your new drag and drop CD burning ability integrated into the Xandros File Manager and improved compatibility with Windows. Anything else we can look forward to?
Our engineers are continually refining usability
features to keep up with user needs. In version 2 you can create zip and tar
archives of selected files with a single click and easily hook up to hundreds
of digital cameras. There's even a Boot Manager control panel that lets you
set the default operating system and time-out for dual-boot machines. Stay
tuned for further Windows compatibility announcements from Xandros.
Just as important as what Xandros is doing is what's happening with other open source projects: kernel development, Debian, KDE, Mozilla, OpenOffice.org and many others. Between their improvements and ours we now have one incredible desktop distribution. We've reached such a quality plateau that once a Windows user tries Xandros 2, I believe they'll never want to go back. A question about Xandros Networks. If I understand it correctly, this will be a repository of software, free or otherwise, available for a single-click installation, similar to Lindows.com's Click-N-Run. Do you mind revealing what applications can we expect to find there? Anything unique or worth paying for?
We've offered free single-click updates for bug fixes
and patches since the initial release of Xandros 1. That policy will not only
continue with Xandros 2, but Xandros Desktop users will also have access to
one of the world's largest inventories of free Linux software. Xandros
Networks is an important sales channel, so expect to hear some interesting
announcements about it in the near future. Rest assured that any
subscriptions or direct sales will be for real value add, such as version
enhancements or third-party software that's been QA'd by Xandros
engineers.
I should also point out that Xandros provides everything most users need right out of the box and we don't charge for updates to otherwise free software such as OpenOffice.org or the Mozilla communications suite. Besides the upcoming Xandros Desktop OS 2.0, will we see any other products in the near future? Just after your 1.0 release, there has been talk about Xandros Server, but this idea seems to have been dropped since. Or is it still on the cards?
No, it has not been dropped. We plan to be a complete
solutions company. In fact, as early as January, we'll be announcing some
exciting new Xandros Business Solutions that are designed to address critical
deployment, management, and thin-client needs. As with all Xandros solutions,
they'll be engineered to smoothly integrate with existing network
environments. They'll save organizations a bundle, but even more important,
they'll put control of critical systems and data back into customer hands.
It would appear that Xandros Desktop OS is a distribution designed predominantly for home users. Are there any plans to conquer the corporate desktop?
That's really a misperception since the Deluxe Edition
of Xandros Desktop OS already has superior enterprise capabilities, most
notably seamless integration with Windows applications and networks. Please
come to LinuxWorld in January to hear the full story of how we plan to
conquer the corporate desktop.
How is Xandros Corporation doing financially?
We have recently begun a new marketing strategy and we
are on track based on our plan. We are progressing very well with our
alliances and revenue generators. Our market presence continues to increase
in part due to great product reviews. We expect 2004 to be a breakout year
for Xandros and Desktop Linux.
Excellent as Xandros 1.x was, it hasn't reached its potential in terms of market penetration. We haven't seen much marketing and advertising from Xandros. Is this going to change or do you believe that the "word of mouth" strategy works well enough?
No, we are planning to go way beyond "word of mouth".
Following on its product quality from our Corel legacy, Xandros is already
well known for its engineering excellence, with a development team that's
second to none. Now we are building it as a premier software company
across-the-board; fully staffed with quality management, marketing, and
support. In July, the company launched a concerted marketing effort to raise
the profile of the great products we were turning out. We hired an
experienced industry veteran David Finkelstein to head up Sales & Marketing
and a quality PR firm. As a result, we are already working on a number of
strategic deals that will increase Xandros' profile dramatically.
The xandros.com website has some brief information about OEM deals and high-profile industry partnerships. Can you tell us more?
We are close to announcing a number of significant
partnerships. We have already signed up large distributors in Asia,
Australia, South America and Europe. As a matter of fact our Latin American
reseller sold over 7,000 units in only two months! Our Asia/Australia
distributor plans a major marketing and ad campaign in conjunction with the
version 2 release and has already signed up almost 100 resellers for Xandros.
This is a subject often brought up by users on public forums: does Xandros contribute back to the Linux community? After all, much of what constitutes Xandros Desktop OS is free software developed by enthusiasts and packaged by Debian developers, so it's only fair that some of Xandros' work go back to the community for the benefit of the rest of us. Does Xandros do that? Does your company sponsor any open source projects?
We have always contributed back to open source projects
that we use. We report any bugs we find and send all our patches back to the
maintainers. We are also working with the Debian project to ensure that the
next version of Debian GNU/Linux will be LSB compliant. We have sponsored
open source developers on various projects in the past and expect to do so
again in the near future.
Do you personally use Xandros Desktop as your primary operating system?
Of Course! Xandros Desktop gives me everything I need
right out of the box. The all-in-one Xandros File Manager makes transition to
Linux a breeze. Everything on my Xandros Desktop works just as expected,
including the Mozilla Internet suite and OpenOffice.org. I can read and edit
Word docs in my daily business, and the party on the other end is never aware
that I'm not using Microsoft Word.
How would you answer this question from a Windows user who has just walked up to you: "I use Windows on my computer. Why should I spend $40 or $90 to switch to Xandros Desktop?"
Stability, security, which is a big issue nowadays, and
a great experience! Any Windows user interested in exploring the Xandros
alternative will be able to go to our web site in December to download and
install a 30-day trial version of the Standard Edition of Xandros Desktop OS.
They can then create a dual boot machine with both Xandros and Windows and
decide which OS is best suited to their present and future needs.
Mr. Typaldos, thank you very much for your answers and all the best with your new job!
Distribution News Debian GNU/LinuxThe Debian Project has sent out an alert to the effect that several of its systems have been broken into. These include systems running the bug tracking system, mailing lists, web servers, CVS server, and some archives. The project claims that the Debian archive itself has not been affected, but some (in particular the security archive) are undergoing close inspection before being returned to the net. Everything should be back by the time you read this, however this page has been set up to provide status reports and other pertinent information. Wichert Akkerman has also provided this overview of the progress so far.The Debian Project has released the anticipated 'woody' upgrade, officially named Debian GNU/Linux 3.0r2. This release contains many security fixes and other revisions that maintainers of stable 'woody' systems should have. Debian Planet reports progress on the Debian GNU/NetBSD port, using the GNU C library as a base instead of NetBSD's libc.
Gentoo Weekly Newsletter - Volume 2, Issue 47The Gentoo Weekly Newsletter for the week of November 24, 2003 is available. Gentoo Managers' Meeting Summary - 17 November 2003 and the Gentoo Desktop update are among this week's topics.
Mandrake LinuxThe Mandrake Linux Community Newsletter for November 24 is out; it looks at the release of 9.2 ISO images, the LG drive problem, some new tutorials, and more.The Multi Network Firewall 8.2 had a version of freeswan bundled with the latest kernel update which did not match the installed freeswan package, making freeswan unusable. This update brings the freeswan package up to date with the kernel version.
Slackware LinuxThe latest changes to slackware-current include an upgrade to mysql-4.0.16 and some KDE fixes among other things.
SUSE LinuxSUSE has announced the availability of the download version of SUSE Linux 9.0. As usual, some non-free programs are missing, and it is not possible to download (or create) installation CD images.SUSE also announced the release of Service Pack 3 for SUSE LINUX Enterprise Server 8.
Using and Customizing Knoppix (O'ReillyNet)Here's an O'ReillyNet article celebrating the joys of using and configuring Knoppix. "Klaus Knopper created Knoppix. Though this distribution is rather young, it stands out for its hardware detection and autoconfiguration abilities. The packages and OS structure are based on the Debian distribution, but the hardware-discovery process uses kudzu, Redhat's hardware probing utility."
New Distributions Firenet mini linuxFirenet mini linux contains busybox and a Linux kernel. No other binary files are included. It supports inetd, telnetd, httpd, devfsd, networking, dhcpd, and more. The system uses busybox's init and implements a Debian-style SysV-init boot script, which is helpful when adding a new system service. The system is also a good example of using busybox in an embedded system. The initial public release of Firenet, version 0.1, was released November 23, 2003.
Minor distribution updates Devil-Linux v1.0.2b is availableVersion 1.0.2b of Devil-Linux is available, with a bunch of bug fixes and added support for older computers which require ISAPNP support. Click below for more information.
Fedora Core 1 UpdateThis update (redhat-config-packages-1.2.7-1) fixes problems with trying to use RedHat/RPMS instead of Fedora/RPMS on Fedora Core CDs with redhat-config-packages.
LEAF Bering-uClibc 2.0LEAF (Linux Embedded Appliance Firewall) has announced the release of Bering-uClibc 2.0. This version uses the Bering releases of LEAF, compiled with uClibc 0.9.20. Click below for more information.
MoviXMoviX has released v0.8.1pre5 with minor feature enhancements. "Changes: Supervesafb and NVidiaTV bugs have been fixed, remote support has been added to slideshows, GIF and PhotoCD are now displayable by slideshows, the switch to the MPlayer menu has been improved, and support for serial Hauppauge remotes has been added."
Puppy LinuxPuppy live-CD version 0.7.8 has been released. The ISO is now 41M, and has the "kitchen sink" in it, including Mozilla web browser and Scribus desktop publishing. Click below to see the release notes.
RxLinuxRxLinux has released v1.5.0 with major feature enhancements. "Changes: A package editor has been added to the rxmaster ("Edit packages"). Packages can now be copied from the site-wide repository to the group or host packages repository. Files inside packages can be modified using the rsmaster Web interface. A wait loop at boot time has been added to give time to auto negotiating switches. sz, rz, and rsync are included in the base system."
SENTINIXSentinix 0.70.5 (beta 2) has been released. Click below for more information.
SmoothWallSmoothWall has released v2.0RC1 with minor bugfixes. "Changes: This is the first release candidate for SmoothWall Express 2.0. ipac was replaced with RRDtool. Custom DynDNS was fixed. Some changes were made to the Web UI. The updates list location has changed. More bugs were corrected."
SnootixSnootix has released v0.5-pre1 with major bugfixes. "Changes: This release should build an LFS system without trouble. If it builds LFS on three systems other than the author's, it will be moved to the default (stable) branch."
Page editor: Rebecca Sobol Development The MlView XML editor for GNOMEThe MLView project is putting together an XML editor for the GNOME desktop environment.
The MlView project is an on going effort to develop an xml editor for GNOME environment. It is written in C and uses the gnome libraries.
Features on the to-be-added list include an Undo operation, network support, views other than the XML tree view, and better documentation. Volunteer help is being requested. To see MlView in action, take a look at the screenshots page. GnomeDesktop.org has a look at the recently released MlView version 0.6.1. "A lot of features have been added in the release as a new tree editor, or some beautification and a lot of bugfixes." See the release notes for more information on the new release.
System Applications Audio Projects Ogg Vorbis 1.0.1 has been releasedVersion 1.0.1 of the Ogg Vorbis audio compression software is out. "It took longer than expected, but Vorbis 1.0.1 has finally been released. This release also coincides with the first beta of Icecast 2 and a Speex 1.0.3 bugfix release. Read all about these new releases, Xiph.org's trip to California, and more in this new edition of Ogg Traffic."A new version of Icecast, an Ogg-Vorbis streaming audio system, is also available.
Speex 1.0.3 and 1.1.2 ReleasedNew stable and unstable versions of Speex, a voice codec application, are out. The changes note for the stable version says: "In this bugfix release: a fix for a multithreading bug and a correction for an underflow problem that could slow decoding dramatically on x86 processors."
CORBA omniORB 4.0.3 and omniORBpy 2.3 releasedNew releases of omniORB and omniORBpy are available. These are bug-fix releases.
Database Software PgManage now Open SourceThe PgManage project has been switched to the Open Software License. "PgManage, the graphical interface to the Mammoth PostgreSQL product line is now Open Source."
PostGIS 0.8.0 ReleasedVersion 0.8.0 of PostGIS, a package that adds geographic object support to PostgreSQL, is available. "Refractions Research is pleased to announce the release of PostGIS 0.8.0, the first version of PostGIS to support all the functions in the OpenGIS "Simple Features for SQL" specification."
PostgreSQL Weekly NewsThe PostgreSQL Weekly News for November 24, 2003 is online. "Most of the action (or reaction) last week centered around the release of PostgreSQL 7.4. This release had some international coordination and saw news articles in several different countries; I've supplied several links to articles below, and a few links to more links regarding the release."
Filesystem Utilities ntfsprogs 1.8.0 released (SourceForge)Version 1.8.0 of ntfsprogs, a set of NTFS utilities, is out. "Finally a stable release after a huge long wait. Lots of new utilities and the ntfs gnomevfs module."
Libraries Barbecue 1.0.6 Final released (SourceForge)SourceForge has an announcement for version 1.0.6 final of Barbecue. "All existing users of previous versions are strongly encouraged to upgrade. Barbecue is a Java barcode solution that provides Java GUI components for creating barcodes that can be printed and displayed on screen, and used in servlets."
QuantLib 0.3.4 released (SourceForge)Version 0.3.4 of QuantLib, a cross-platform C++ library for quantitative finance, has been announced. "To celebrate the third anniversary of the QuantLib project, version 0.3.4 of the library has been released. Monte Carlo valuation of barrier and binary options has been added. More option pricers have been ported to the new Pricing Engine framework."
Mail Software Working with Bayesian Categorizers (O'Reilly)Jon Udell explains Bayesian Categorizers on O'Reilly. "Months ago I wrote about how SpamBayes has solved my spam problem more effectively than I thought a pure content-based filter could. Time was the ultimate test, though. Would this razor lose its edge? It hasn't. Every day I sharpen it."
Networking Tools Net-SNMP 5.1 released (SourceForge)Version 5.1 of Net-SNMP, a set of tools and libraries for working with the Simple Network Management Protocol, has been released. "This release contains a bunch of new features and optimizations, most of which are outlined below."
Package Management Red Carpet 2.2 and Open Carpet 0.1 released (GnomeDesktop)New versions of the Red Carpet and Open Carpet package maintenance tools have been announced on GnomeDesktop.org. "These new versions of rcd, rug, and red-carpet allow you to now use any number of Red Carpet services, including ones set up by third-parties using the Open Carpet tools. This opens up the Red Carpet system to a very large body of software provided by the open source community that isn't shipped with Ximian products or your standard Linux distribution."
Printing CUPS 1.1.20 releasedAfter a series of beta releases, version 1.1.20 of CUPS, the Common Unix Print System, is out. The release notes detail the changes.
Foomatic 3.0.1rc1 releasedVersion 3.0.1rc1 of the Foomatic printer database has been released. "Compared to Foomatic 3.0.0 CUPS raster drivers can now be used with every spooler, many bug fixes were done, the multi-platform compatibility was improved, the compatibility of the PPDs with Windows clients is much better now, and several features were added."
Web Site Development Gallery v1.4.1 Release Candidate 4 Available (SourceForge)Release Candidate 4 of Gallery, a web-based photo gallery system, has been announced. "This release has several critical changes to RC3. New features for this 1.4.1 include voting/ranking of images, user self-registration, lost password reset, e-mail notifications, support for "skins" to customize Gallery's look and feel, a clearer and easier to follow Config. Wizard and tons of other small improvements and bugfixes."
Two Servlet Filters Every Web Application Should Have (O'Reilly)Jayson Falkner explains servlet filters on O'Reilly. "Almost every single web application you will ever make will seriously benefit from using servlet filters to both cache and compress content. A caching filter optimizes the time it takes to send back a response from your web server, and a compression filter optimizes the size of the content that you send from your web server to a user via the Internet. Since generating content and sending content over the World Wide Web are the bread and butter of web applications, it should be no surprise that simple components that aid in these processes are incredibly useful."
Tiki 1.8 -Polaris- RC2 released (SourceForge)Version 1.8 RC2 of Tiki, a CMS/Groupware package, has been released. "This second candidate is mostly a developers release with full adodb support, and many new features essentially for testing their ability to be stable in final 1.8. Many bugs have been fixed and some new features found their way into RC2. So we have a new search engine and the tiki-integrator and many more."
UnCommon Web 0.0 releasedThe initial release of UnCommon Web is available. "UnCommon Web is a web application development framework written in Common Lisp. Among its features are continuation-based page flow control, component-oriented user interface generation, programmer and designer-friendly HTML generation, backends for mod_lisp and Portable AllegroServe."
Desktop Applications Audio Applications ecasound 2.3.1 releasedVersion 2.3.1 of ecasound, an audio recording and playing utility, is available. "Ecasound's emacs mode, ecasound.el, has been updated to version 0.8.3. Due to severe bugs found in the native Python ECI implementation, the C implementation has been again set as the default. Minor interoperability problems with older JACK releases and Ecasound have been fixed. A bug that caused builds against an external libreadline to fail, has been fixed. Also recording problems with the WinTv 401Dbx and other bt878-based devices have been fixed. This release is compatible with the upcoming alsa-lib-1.0 releases."
Rhythmbox 0.6.1: ''Squish, Click, Squish, Squish, Click'' (GnomeDesktop)Version 0.6.1 of Rhythmbox, a music player, has been announced. "Maybe you'll like the MP4 support, or maybe various crasher fixes will tickle your fancy; but rest assured, there's something for everybody in this release."
Vstserver 0.2.8 and Ladspavst 0.1.5 releasedTwo Linux audio applications, Vstserver and Ladspavst, have had new releases. "These updates makes it possible to use windows vst plugins in linux applications getting very descent realtime performance."
Desktop Environments Expocity - efficient application switching (GnomeDesktop)GnomeDesktop.org looks at Expocity: "expocity is an effort to integrate an efficient means of switching between applications into the window manager metacity. After pressing a keystroke, your window manager will present you a complete overview of all open windows and you can select the window, you want to switch to, visually."
The GNOME Summary is backThe GNOME Summary traditionally comes out every week, but we've not seen an issue since last July. The Summary has restarted, however, with this issue, covering November 16 through 22. Topics covered include a patch to find out how much memory an application is using in the X server, various new application releases, the first "desktop integration bounty hunt," and more.
KDE-CVS-DigestThe November 21, 2003 edition of the KDE-CVS-Digest is available. "Read about KJSEmbed and what it is good for. Image handling speedups in Khtml. Start of Oo table import support in KWord. Plus a continued focus on bugfixes."
XFree86 4.4.0 Release ScheduleA release plan for the 4.4.0 version of the XFree86 window system has been published. The code is scheduled for freezing on November 28, and version 4.4.0 is scheduled for release on December 15.
Desktop Publishing Passepartout 0.3 is availableVersion 0.3 of Passepartout, a desktop publishing system, is available. See the release notes for a list of changes.
Electronics New gnucap development snapshotA new development snapshot of gnucap, an electronic circuit analysis application, has been announced.
XCircuit 3.1.28 releasedVersion 3.1.28 of XCircuit, an electronic schematic drawing package, is out. Change information is in the source code.
Financial Applications ASPL Fact & AF Architecture version ML4 released (GnomeDesktop)GnomeDesktop.org has an announcement for new versions of ASPL Fact and AF Architecture. "ASPL Fact is a new invoicing system for GNU/Linux (although it should compile and work on every platform where glib is available). It's based on AF Architecture, and it's licensed under the GNU/General Public License. The main new feature in this development milestone is the independent definition of the AF Architecture: a modular n-tier component architecture specifically designed for business-managing application design."
Graphics GIMP 1.3.23 Released (GnomeDesktop)Version 1.3.23 of the Gimp has been announced. "This release fixes numerous bugs. It also gives the libgimp APIs as well as the user interface some final polishing." Many other changes are included.
JSynoptic v0.4 released (SourceForge)Version 0.4 of JSynoptic, a Java-based graph plotter and complex run-time monitoring environment, is available. "Version 0.4 brings in more plot types and features, usability improvements, and a look and feel plugin."
GUI Packages New FLTK SoftwareNew software for FLTK, the Fast, Light ToolKit, includes version 1.2.2 of Gled, an automatic GUI generator, and version 181103 of Table, a table widget.
Instant Messaging French Language Version of ChatZilla 0.9.48 (MozillaZine)A French version of the Chatzilla IRC client has been announced.
Gaim v0.73 is out (GnomeDesktop)GnomeDesktop.org has the announcement for Gaim 0.73, an instant messaging client. "The latest version of the Gaim IM client is out featuring a new logging format, spell checker fixes, translation updates and more."
Interoperability Wine TrafficThe November 21, 2003 issue of Wine Traffic is online with the latest Wine project news.
Wine-20031118 releasedRelease 20031118 of Wine has been announced. Changes include printing improvements, run-time detection of NPTL threading code merges from Crossover Office 2.1, reorganization of the source tree, and bug fixes.
Multimedia Azureus 2.0.4.2 released (SourceForge)Version 2.0.4.2 of Azureus, a Java-based BitTorrent client, has been released. "Version 2.0.4.2 brings mostly bugfixes to the recently-released, and greatly-enhanced 2.0.4.0 core. The multiplatform Azureus client greatly extends the original python clients feature set, with: managing multiple downloads at once from a single GUI window, detailed real-time download statistics with export to XML, auto-seeding and download queuing rules, initial configuration and torrent creation wizards, embedded tracker for easy hosting of your own torrents, PeerGuardian IP address filtering, optional web browser and command line interfaces, 19 available languages, plugins, and much much more."
Music Applications RTMix 0.75 releasedVersion 0.75 of RTMix is available. "RTMix is an interactive multimedia art performance, composition, and coaching interface capable of triggering various DSP applications and/or processes concurrently, as well as offering a tight coordination between computer(s) and live performers."
Web Browsers Independent Status Reports (MozillaZine)The Mozilla Independent Status Reports for November 24, 2003 are online. "The latest set of status reports include updates from MozManual, Mozquery, Deepest Sender, Mycroft, Preferential, MessageID-Finder, ieview, Searchsidebar, ConQuery, HON and the Creating Applications with Mozilla book. These reports are presented in an improved format."
Minutes of the mozilla.org Staff Meeting (MozillaZine)The minutes from the November 17, 2003 Mozilla.org staff meeting are online. "Issues discussed include releases, localised builds, the new website, Mozilla Thunderbird tinderboxes and CVS over SSH."
Word Processors AbiWord Weekly NewsIssue #171 of the AbiWord Weekly News is out with this week's round-up of AbiWord word processor news.
Miscellaneous BloGTK 0.8-5 Released (GnomeDesktop)GnomeDesktop.org has the announcement for version 0.8-5 of BloGTK, a weblog client. "BloGTK 0.8-5 is now released for immediate download. The new release adds support for basic HTTP proxies for those using BloGTK behind a corporate or school firewall - making BloGTK the first Linux blog client to offer proxy support."
Languages and Tools Caml Caml Weekly NewsThe November 18-25, 2003 edition of the Caml Weekly News has been published. Take a look for the latest Caml news.
Java Best Practices for Exception Handling (O'ReillyNet)O'Reilly has published an article on Java exception handling. "Java's concept of exceptions and how they're used has led to controversy and, in some cases, bad programming practices. Gunjan Doshi seeks to lay down some best practices for using exceptions in Java."
Perl This Week on perl5-porters (use Perl)The November 17-23, 2003 edition of This Week on perl5-porters has been published. "Due to my laziness, or perhaps to the lack of traffic on perl5-porters this week, this summary will be rather short, but hopefully long enough to provide your weekly dose of perl core information."
Perl Slurp-Eaze (O'Reilly)Uri Guttman explains Perl file slurping techniques on O'Reilly. "Slurping files has advantages and limitations, and is not something you should just do when line by line processing is fine. It is best when you need the entire file in memory for processing all at once. Slurping with in memory processing can be faster and lead to simpler code than line by line if done properly."
PHP PHP Weekly Summary for November 24, 2003The PHP Weekly Summary for November 24, 2003 is out. Topics include: PHP Benchmarks (continued), SimpleXML XPath, Win32Std extension, Windows snapshots, E_STRICT, check_syntax and strip_whitespace.
Python Dr. Dobb's Python-URL!The November 24, 2003 edition of Dr. Dobb's Python-URL has been published. Take a look for a week's worth of new Python articles.
Ruby The Ruby GardenThe Ruby Garden features new discussions on resume after raise and Interface Checking.
Tcl/Tk Dr. Dobb's Tcl-URL!The November 24, 2003 edition of Dr. Dobb's Tcl-URL is out with the latest Tcl/Tk article links.
XML Introductory Tour of Mozilla's XULNigel McFarlane introduces Mozilla's XUL on Informit.com. "XUL is an XML-based technology for expressing the GUI part of a software application. It has been used to express GUIs for applications as diverse as web browsers, email clients, calendars, calculators, spreadsheet editors, HTML editors, debuggers, and whole desktop environments. The free Mozilla platformthat is, the executable engine and libraries that accompany every Mozilla-based productprovides a fully-featured implementation of XUL. This article is a quick look at the main tags that Mozilla's XUL provides."
Binary Killed the XML Star? (O'Reilly)Kendall Grant Clark covers the W3C's binary XML workshop on O'Reilly. "There are at least two kinds of topics of permanent conversation in the XML development community: formally settled, and formally unsettled. In other words, members of the XML development community are perpetually discussing, on the one hand, issues which have been, more or less, formally settled by the relevant standards body and, on the other, issues not yet formally settled by the relevant standards body. As the canonical example of the first kind of permathread I tend to think of XML namespaces, which really are just here to stay, plain and simple. As the canonical example of the second kind, I tend to think of binary XML, which may or may not be blessed by the W3C, but which certainly engages the XML developer community in deep and fundamental ways."
SVG and XForms: Rendering Custom ContentAntoine Quint introduces the SVG 1.2 XML-based extension mechanism on IBM's developerWorks. "The first Scalable Vector Graphics specification (SVG 1.0) laid the standard for XML-expressed two-dimensional interactive and animated graphics. Since then, the W3C SVG Working Group has made efforts to take SVG a step further with a strong focus on enhancing features that ease the work of using SVG for Web and desktop application development. One of the most promising features introduced in SVG 1.2 is Rendering Custom Content (RCC) -- it offers a clean XML-centric extension mechanism to mix and match different XML namespaces within an SVG document. This article takes you through the creation of a simple push-button widget while introducing the RCC mechanism."
Cross Assemblers gputils-0.11.8 ReleasedVersion 0.11.8 of gputils, the GNU PIC Utilities for working with Microchip's PIC processors, is out. Changes include: "Fixed bugs."
Editors Bluefish 0.12 releasedVersion 0.12 of Bluefish, an html editor, has been announced. "Bluefish 0.12 features project management, a better user interface (for example a reworked menu, and improved keyboard navigation), support for remote files using gnome-vfs, a nicer user interface (many new icons and buttons, and general user interface cleanups), many bug fixes and much more."See this article on GnomeDesktop.org for more information.
Leo 4.1 beta 3 released (SourceForge)Version 4.1 beta 3 of Leo, a programmer's editor and browser, has been released. "This is the third official release of the reorganized 4.1 code base. The code appears solid, and has not been widely tested. Please use caution when using this code."
Mozedit 0.1.1 Final Released (MozillaZine)Version 0.1.1 final of Mozedit, a text editor extension for Mozilla Firebird and the Mozilla suite, has been announced. "Significant features aimed at web development have been added. The extension is now compatible with both Mozilla and Firebird and an optional Emacs mode is available."
IDEs GtkADA 2.2.1, GNAT Programming System 1.4.0 Released (GnomeDesktop)Version 2.2.1 of GtkAda, an ADA GUI Toolkit for GTK+, and GPS 1.4.0, a multi-language IDE, have been announced.
Page editor: Forrest Cook Linux in the news Recommended Reading What Does 2004 Hold in Store for Linux? (LinuxWorld)LinuxWorld asks others to predict what 2004 holds for Linux and has responses from Eric Raymond and John Terpstra. "I predict that during 2004 at least one significant USA government body will adopt Linux on the desktop. This adoption will make head-lines and will radically change the face of the Linux battle. We will see a number of government bodies adopt Linux, and by September 2004 there will be a rush of announcements of software applications finally being ported to Linux. At least two major accounting packages will announce support for Linux. PS: I could name one, but that would spoil the fun!" (John Terpstra)
Major vendors to push Linux to the desktop (InfoWorld)InfoWorld says 2004 may be the year of the Linux desktop. "Sources said that once the acquisition [of SUSE] is finalized early next year, [Novell] will tightly stitch the Ximian Desktop with an enhanced version of SuSE 9.0, which would enable smooth connections to Novell's GroupWise collaboration server, ZENworks resource manager, and security and integration products. The company also claimed that it will more than double the number of engineers working on the Ximian Desktop and will focus on improving the Gnome desktop environment, the OpenOffice suite, and Mozilla browser."
Linus & the Lunatics, Part I (Linux Journal)Doc Searls and Linux Journal present the first of three transcriptions of talks by Linus and friends during the latest Linux Lunacy Geek Cruise. "I am firmly convinced that if your source control doesn't support random people making their own branches, and then being able to merge as they do development with anybody else's branch, the source control is not worth bothering with. And if BitKeeper ever goes away, I will not go to Subversion or something like that. I will go back to tarballs and patches. Because at least that one doesn't have merge problems that most other projects have. Which is kind of strange, but.... It has been very productive. It has helped enormously having something that is truly distributed. But I did want to mention that."
Trade Shows and Conferences Linux Lunacy 2003: Cruising the Big Picture, Part III (Linux Journal)Linux Journal has posted part 3 of Doc Searls' "Linux Lunacy" travelogue. "Several microseconds after Linux Journal announced the itinerary for this cruise, we heard from VLUG, the Victoria Linux Users Group. We harvested the fruits of their labors as soon as we got off the boat in Victoria, British Columbia. Our visit to Victoria was about the shortest of the trip, as we arrived not long before sundown. But it also was one of the most fun, both for VLUG and for the lunatics on the cruise."
Report: KDE at ComdexHere's a report from the KDE booth at Comdex. "Among the visitors to the KDE booth were CIOs, CEOs, VPs and Presidents of major companies and smaller businesses, students, hobbyists, journalists, and professionals. I was stunned to see executives from Fortune 500 companies coming by for a demo of KDE, saying that it was their favorite desktop and that they hope that we continue to do such a good job so they can adopt KDE for desktop deployments in the future. I was most, and least, surprised by one class of visitor though. We had regular visits from Microsoft employees! They wanted demos of KDE, to see how it works and what we have. What an interesting situation. I soon discovered that this was not the only place that Microsoft people were doing investigations."
The SCO Problem Did SCO Really Reveal the Code to IBM, as Darl Claims? (Groklaw)Groklaw has reverse engineered the process by which the SCO Group came up with its list of files for the IBM case. "Essentially, that SCO searched for any reference in the Linux kernel source for SMP, JFS, RCU, and NUMA, and claimed all of those files as possibly infringing. They included the entire JFS source code, but, perhaps realizing that it would look really bad to claim a file that implicated SCO or Caldera by showing the names of their employees, removed those files."
A Heads Up to the Media (Groklaw)Groklaw fills out recent reporting on a couple of SCO events. "Guess how many people went to hear Darl McBride's keynote address at CDXPO? No, really. Guess. According to Todd Weiss of ComputerWorld, there were only 80 people. Count them. 80." The article also looks at the "death threats" issue and comes to the same conclusion we had: just more SCO nonsense.
Interviews Linux veteran tries again (News.com)News.com talks with Ransom Love, former CEO of the company now called The SCO Group. "It's so ironic, the turn of events. (Caldera began discussing) what we can do through UnitedLinux to indemnify people who had used both Unix and Linux. Apparently Darl took that in a little different direction than we intended."
Interview with Sun Java Desktop Group (OSNews)OSNews has an interview with the Sun Java Desktop Group. "[T]he Java Desktop System is envisioned as a set of applications that reside above the OS layer. While the first version of JDS is built on top of SuSE Linux Desktop 1.0, that does not mean that in the future there will not be versions of JDS running on other OSes (for instance, Solaris, Red Hat, etc are all possibilities). Therefore JDS 2003 -is- a version of SuSE. However, what we have done is add a desktop layer to the SuSE distribution which is uniquely Sun's desktop. If ported to Solaris, for instance, these same application versions and UI would still be available."
Interview with GNUstep Developer Nicola Pero (GNU-Friends)GNU-Friends talks with Nicola Pero about the GNUstep project. "I still feel a big missing gap in the free software product set -- or in the available software in general -- which is that the "definitive" development environment is still missing. Producing such a definitive product is a great challenge. By "definitive" development environment I mean the "dream" development environment -- which would be based on some sort of simple and excellent compiled OO language with introspection and dynamical capabilities, and consist of a set of carefully designed libraries, build system and tools. All this available cross-platform." (Thanks to Ciaran O'Riordan)
Interview with freedesktop.org Members (OSNews)OSNews interviews the main members of freedesktop.org: founder Havoc Pennington, Keith Packard, Jim Gettys, Waldo Bastian and David Zeuthen. "David Zeuthen: First of all it might be good to give an overview of the direction HAL ("Hardware Abstraction Layer") is going post the 0.1 release since a few key things have changed. One major change is that HAL will not (initially at least, if ever) go into device configuration such as mounting a disk or loading a kernel driver."
Reviews Dropline GNOME review (Linux Universe)Linux Universe reviews Dropline GNOME 2.4.x, a desktop replacement for the standard Slackware environment. "Aside from these improvements, Dropline developers focus on desktop applications and their integration with Gnome 2.4. - currently at Gnome 2.4.1. The application suite added to the desktop is the real reason for deploying Dropline Gnome. Dropline supplies many packages that do not come with Slackware and these packages are well integrated with the desktop." (Found on Footnotes)
Introduction to Mozilla Firebird Series continues (Nidelven-IT)Kay Frode adds two more articles in the introductory series on the Mozilla Firebird browser. Part 8 covers Bookmarks and Part 9 looks at Flash player plug-ins.
Page editor: Forrest Cook Announcements Non-Commercial announcements FSF on Microsoft VouchersThe Free Software Foundation has sent out a notice concerning purchasers of Microsoft software. "Under the terms of a settlement, reached in California's antitrust and unfair competition class action lawsuit against Microsoft, the company is required to provide vouchers totaling up to $1.1 billion to eligible California users of its Windows, MS-DOS, Office, Excel, Word, Works Suite or Home Essentials 97 or 98 products. These vouchers can be redeemed for cash as reimbursement for the purchase of other qualifying computer hardware or software. They can also be donated to non-profit organizations (even those outside of California) for their use in purchasing software or hardware."
Commercial announcements Lindows.com announces a 30,000 system deploymentLindows.com has announced a large desktop Linux deployment in Canada. "Lindows.com, in conjunction with the South West Shore Development Authority (SWSDA), is moving throughout Nova Scotia and other provinces to bring LindowsOS to the greater Canada area. It is expected that more than 30,000 LindowsOS machines will be deployed within one year of the initial deployments."
PostgreSQL Replication ReleasedCommand Prompt, Inc. has announced the availability of their Mammoth PostgreSQL Replicator. "Mammoth PostgreSQL Replicator is an asynchronous replication system designed to be WAN and faulty connection tolerant. It uses a distributed TransactionLog system to keep track of updates produced by the Master database. The system allows for multiple Slaves to receive updates in either a continuous or batch mode."
New Books "Digital Photography Pocket Guide, Second Edition" Released by O'ReillyO'Reilly has published the second edition of their Digital Photography Pocket Guide.
"Apache Cookbook" Released by O'ReillyO'Reilly has published the Apache Cookbook.
"SQL Tuning" Released by O'ReillyO'Reilly has published the book "SQL Tuning", by Dan Tow. "There are two basic issues that most people focus on when tuning SQL: how to find and interpret the execution plan of an SQL statement and how to change SQL to get a specific alternate execution plan. Tow provides the answers to these questions in "SQL Tuning" and addresses a third, even more critical question: How do you decide which execution plan a query should use?"
Resources Intro slides from Brooklyn GNOME Summit (GnomeDesktop)GnomeDesktop.org has announced the availability of the slides from the 2003 Brooklyn GNOME Summit.
CE Linux Forum Publishes Baseline Source TreeThe Consumer Electronics Linux Forum (CELF) has announced the release of its baseline Linux source code, now available for download and review.
Introduction to Mozilla Manual Available in Draft Form (MozillaZine)MozillaZine has an announcement for a new Mozilla introductory document. "This document provides an introduction to the most useful features and capabilities of Mozilla (1.5) for people who have never used it before. The author is currently seeking review and comment with a goal of completing the document by year-end."
Contests and Awards Desktop Integration Bounty Hunt (GnomeDesktop)The GNOME Foundation has announced the first open source desktop integration bounty hunt. "The aim of the contest is to recruit new developers and to more tightly integrate the various projects that make up the desktop into a more coherent, and complete user experience. The contest consists of a number of small, concrete projects, each of which has a cash bounty associated with it. Complete the hack, enter the contest, and collect a prize."
KDevelop voted 'Best IDE' (KDE.News)KDE.News mentions that KDevelop won an award. "We're pleased to announce that KDevelop took first place in the fourth annual Linux New Media Awards with 29.4% of the votes in the category of best IDE development system; second and third places went to Eclipse and Anjuta respectively."
Upcoming Events Italian Linux Day 2003The 2003 Italian Linux Day will happen on November 29. Events aimed at the promotion of Linux and free software will be happening in 81 different cities; click below for the full announcement (in Italian).
Linux Financial Summit to Explore Real World Linux Solutions for Financial InstitutionsHere's a press release from IDG World Expo saying that the Linux Financial Summit, which debuted at LinuxWorld Expo last January, will return to the 2004 LinuxWorld Conference & Expo in New York City.
Open Source Working Group UK think-tank meeting (LinuxMedNews)LinuxMedNews has an announcement for the Open Steps meeting. "The Open Steps meeting, to be held near Winchester, UK, on 10-11 February 2004 is the first of a series of three meetings planned for 2004 as part of the activities of the IMIA Open Source and Open Source Nursing Informatics Working Groups. The purpose of the meeting is to identify key issues, opportunities, obstacles, areas of work and research that may be needed, and other relevant aspects, around the potential for using open source software, solutions and approaches within health care, and in particular within health informatics, in the UK and Europe."
Events: November 26, 2003 - January 22, 2004
Web sites Open XUL Alliance Launches Wiki Wiki (MozillaZine)The Open XUL Alliance has announced a new Wiki site. "The Open XUL Alliance is a site about XUL and related XML-based declarative user interface languages."
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[MlView]](/images/ns/mlview.jpg)
A typical set of editor features are included, some of these are
copy/paste, drag/drop, support for multiple document views,
and graphical error reporting.
Some XML specific features include an xml element/attributes search,
tree-based element addition, support for namespaces, input validation,
and auto-completion.
The editor works with, and without an XML DTD.