LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for December 11, 2003SCO Weekly NewsIt has been a busy week for those of us watching the SCO case. Here's a summary of all that has been going on...The fun started with an even more than usually bizarre open letter from Darl McBride (actually written by his brother Kevin, about whom we will hear more shortly, and a SCO technical writer) on the evils of the General Public License. The letter makes for difficult reading, but the core of its argument is this:
SCO argues that the authority of Congress under the
U.S. Constitution to "promote the Progress of Science and the
useful arts..." inherently includes a profit motive, and that
protection for this profit motive includes a Constitutional
dimension. We believe that the "progress of science" is best
advanced by vigorously protecting the right of authors and
inventors to earn a profit from their work.
By SCO's reasoning, the GPL, being a mechanism by which the owner of a copyrighted work can allow others to distribute that work without paying a license fee, interferes with the profit motive SCO has read into the constitution and, thus, is unconstitutional. Needless to say, this novel line of constitutional reasoning is finding few defenders outside of SCO. See, for example, responses by Lawrence Lessig, Linus Torvalds (who did some interesting research into copyright law himself), and on Groklaw. The real purpose of the open letter appears to have been to distract attention from some other events, the first of which being the hearing on IBM's motions to compel discovery on December 5. As most readers will have seen by now, IBM won a complete victory in that hearing. Both motions to compel were upheld, while SCO's motion was tabled and all further SCO discovery has been suspended until SCO has satisfied IBM's questions. SCO now has 30 days to specify exactly which code it claims IBM has stolen, and it will not be able to go fishing through AIX for its answers. The December 5 hearing was also interesting in that David Boies, SCO's brand-name lawyer, didn't see fit to show up. Instead, SCO was represented by Kevin McBride, Darl's brother. This was Kevin McBride's first public appearance in this case, and he appears to have impressed few people - certainly not the judge presiding over the hearing. He started by sitting at the defendants' table, and had to be told to move to the other side of the court. His arguments were generally described as incoherent and unconvincing; he talked a lot about what a complex case it was. And, of course, he lost. For those seeking further information, there are a few postings on Groklaw: transcripts of the hearing (scroll down to the second version, which is more complete), a list of what SCO must now provide to IBM, and a guest article on where things go from here (mostly downhill). SCO was supposed to announce its fourth quarter earnings on December 8, but that announcement has been delayed until the 22nd. The stated reason is that the company needs more time to finish accounting for the BayStar investment. Others have speculated that the quarter will look so bad that the company hopes that, by delaying the announcement to just before Christmas, it can escape notice. Some of the truth, perhaps, came out in a three-part SEC filing on December 9. This filing provides some interesting insights into how SCO deals with its investors and lawyers. It also, perhaps, gives the real reason for the earnings delay: SCO was still negotiating with BayStar and the Royal Bank of Canada (RBC). It would appear that these investors got a little nervous about SCO's agreement with its lawyers giving those lawyers 20% of any settlement, investment in, or sale of the company. As a result, SCO has filed a statement that it will not take any action which triggers the 20% fee unless 2/3 of the preferred stockholders (BayStar and RBC) agree. The investors, in other words, have established a veto power over the lawyers. The second part of the filing is a letter from Boies, Schiller & Flexner to SCO describing the arrangement between the two companies. This letter is dated February 26, 2003, but is only being released now. The letter states that Boies et al. will be paid on an hourly rate - not the pure contingency deal that SCO has claimed in the past. SCO was also required to put up a $1 million retainer, and to top it up whenever it gets spent down to $250,000. Also stated in this letter is:
It is hereby recognized and acknowledged that Kevin McBride, the
brother of SCO's Chief Executive Officer, Darl McBride, is
an attorney at Angelo, Barry & Boldt who will be working on this
matter. By signing below, Darl McBride acknowledges that full
disclosure of Kevin McBride's involvement in the matter and the
terms and conditions of the fee letter has been made to and
approved by the Board of Directors of Client.
In other words, Boies was not entirely comfortable with Kevin McBride's presence and required assurance that SCO's board of directors understood what was going on. The letter also notes that efforts to sell licenses to Microsoft and Sun were already underway last February. Finally, this letter from SCO to Boies confirms recent payments to the law firm: $2.6 million, plus the 400,000 shares of stock. SCO has until the beginning of March to deliver the stock (SEC formalities must be cleared first). The letter notes that Boies et al. will be taking on, in addition to the IBM suit, defense against the Red Hat suit and IBM's counterclaims. Boies will also be helping in "pursuing our potential claims against third parties arising out of the USL/BSDI settlement." Exactly what that means remains to be seen.
Interview: Dan Ravicher on derived worksWhat is a derivative work when it comes to software? Between SCO's attempts to define it as "anything that ever breathed the same air as Unix" and the recent discussions on linux-kernel about the status of closed-source modules (see this week's Kernel Page), it is only natural to wonder if there is any way, short of going before a judge, to know. Is there a standard rule a programmer can measure his work by and know whether he has produced a derived work or not?Dan Ravicher, Esq., Senior Counsel, Free Software Foundation, and Executive Director, Public Patent Foundation, was kind enough to grant me an interview and explain. Note that he is discussing the situation in the US, because that is where he practices. However, his ultimate advice applies to international copyright issues as well, namely: ask a lawyer who practices where you live for an opinion. Get it in writing. PJ: Is there one definition, The Definition, as it were, of derivative works that applies to everyone?
The definition of derivative work is an issue under copyright law,
which is exclusively a federal question (state courts are forbidden
from addressing the issue). Therefore, there could conceivably be
94 different "derivative work" definitions, as there are 94
different federal district courts (the trial level of the federal
court system). [Note: There could be even more, as there are
several judges within each district, who could each have different
opinions on the law.]
Although district court judges are supposed to give deference to one another's opinions, they often do not. As such, above those 94 district courts, there are 13 circuit courts of appeals, which each attempt to unify the law as between all the district courts within their jurisdiction. Here's a map showing which districts fall into which circuits. Again, like the district court judges, the circuit court judges are supposed to give deference to one another's opinions, but they often do not. So, above the 13 circuits, is the Supreme Court, which is supposed to unify law amongst the circuits. Every case has a right to appeal to the Circuit Court, but appeal to the Supreme Court is only by discretion. As of yet, despite the difference in opinions between the circuits regarding the question of what constitutes a derivative work of software, the Supreme Court has not taken any such case. One can speculate why this is so, including that many of the circuits, including two of the most influential to the conservative Supreme Court, the 7th and the 4th, have yet to take an opinion on the issue. Further, the 9th and 2nd Circuits, routinely the most important for copyright law (because NY and CA are home to media companies and Hollywood), are pretty much in agreement on the issue, and several circuits have followed their lead. If it is circuit by circuit, how does Utah's circuit, where the SCO v. IBM case will be decided, define it?
Utah's District Court is within the 10th Circuit, which has adopted
the Abstraction, Filtration, and Comparison test of the 2nd
Circuit. For a discussion of how that test defines derivative
work, you can read a paper I have written on that subject here [PDF
format].
[Editor's note: the above paper actually covers a few different tests used by the circuit courts to determine whether one program is a derived product of another. It is recommended reading for anyone who would like a better understanding of the different ways of approaching this problem.] Please bear with me. This is a long question, but I want to be sure you cover the complete question, and I know you are a programmer as well as an attorney: The Linux kernel is, of course, licensed under the GPL. There is a continuing controversy over the legal status of closed-source kernel modules. Nobody really likes them, but they have been tolerated so far. There are kernel hackers who have threatened to eventually take a binary module vendor to court for infringing their copyrights, however. Is a kernel module a derived product or not? Some people claim that there are precedents saying that anything which can be unplugged and replaced falls on the other side of the boundary and cannot be considered a derived product. Others point out the substantial amount of inline function code used by Linux modules, along with the deep knowledge of kernel internals required, and say that modules are necessarily derived products. One can point to a continuum of modules to see that the situation is not simple. LSM security modules can hook into almost every part of the kernel and fundamentally change its operation; almost everybody agrees that they are derived products. On the other hand, modules exist which allow the loading of Windows NDIS drivers into a Linux kernel; few people would claim that the Windows driver has become a derived product. Is there any way to figure out where the boundary really is short of asking a judge?
The intuition that there is no bright line answer regarding modules
is correct. The test of derivative work is a very fact-specific
one; meaning that minor differences can substantially impact the
result. In practice, highly factual issues are typically resolved
by both sides in litigation having representative experts testify
that the facts lead to one conclusion or the other.
However, this doesn't mean one needs to necessarily wait for a judge to decide the issue in order to have some guidance. In order to better manage and calculate legal uncertainty, clients often ask their attorneys for a legal opinion regarding a certain situation. In what are called "Opinion Letters", attorneys opine as to the conclusion they think would be reached if a judge addressed at the issue. For instance, a few years back the W3C sought the opinion of its attorneys regarding whether or not one of its standards infringed a patent, which you can read here. Although such letters are not a guarantee that the issue, if ever presented to a court, would be resolved in that way, they do allow the client or other recipient of the letter to rely on the attorney's opinion in making decisions. That reliance, if reasonable and based on a "competent opinion", may go a long way to help the client prove they did not act in bad faith, which is very important under the law because penalties for copyright infringement can be drastically increased if the infringer is found to have acted in bad faith. Coming soon: the second half of this interview, which covers free software and patents, especially Microsoft's claimed FAT filesystem patent.
A Look at the UserLinux ProposalAbout two months ago we reported that Bruce Perens was considering the formation of a community-driven "enterprise" Linux distribution. Perens has made up his mind, and has produced a manifesto which serves as a rough outline of what UserLinux would be, and a discussion list for those interested in participating. According to Perens, UserLinux would be "a system for both desktop and server use in businesses of all sizes."Why would we need another Linux system? It's not as if there's any lack of distributions. We spoke to Perens to get the details on UserLinux. According to him, there's a need for UserLinux because current Linux vendors are too focused on profits, and the needs of users are being neglected. In the last year or so, he noticed "the rise of proprietary open source. Software that is purportedly open source-licensed, but the user is still made to pay in the long run." This trend is causing problems for Linux. In his white paper, Perens writes:
The very aspects that make Linux desirable, its low cost, Open
Source nature, and the way it gives customers more control over
their software, are under attack by Linux vendors bent on
increasing shareholder value. Businesses are paying more as Linux
distributions demand a per-seat cost and service lock-in for
software that they didn't develop and that others support.
In creating a community-driven solution for business, UserLinux could provide an alternative for businesses that aren't looking to pay per-seat fees to companies like Red Hat. However, a community-driven project will face problems that Red Hat and other vendors have already (at least to some extent) overcome. One major obstacle that UserLinux will face is garnering the support of independent system vendors, such as Oracle. Any distribution aimed at the "enterprise" market will need that support. Theodore Ts'o noted that this can be an expensive undertaking for some of the highly desirable ISVs. Perens acknowledges this in the second draft of the UserLinux paper:
It will probably be necessary for us to arrange to have a porting
lab for the use of ISVs, where they could come to do their work
with the support of an expert in our system, and for them to have
free call-in support on issues related to supporting their products
on our platform. These things would be paid for by the service
provider organization.
The question, of course, is how the organization will pay to support a lab and other endeavors. Perens explained that he would like to see an organization for UserLinux service providers, which could certify providers and serve as a point of contact for the providers and customers. Providers would probably pay some fee for certification "on a sliding scale based on the size of the business" to allow for sole proprietorships. The organization might charge some percentage for business referred to the providers, but he doesn't want the organization to be a mandatory gatekeeper between customers and providers. He also noted that UserLinux could also have uncertified providers, they would simply not be allowed to use the trademark for certification. The service organization also answers another question that businesses are likely to have: "Who is going to support me?" Perens states in his paper that a organization built around UserLinux would actually be able to support more customers than Red Hat:
Red Hat boasts that it employs 300 engineers, but few of those
engineers are in customer-contact positions. Their support
organization is surprisingly small. Our multi-company effort has
the potential to be able to offer more service, even by simple
metrics like head-count, reasonably early in its existence. It can
provide better-localized service because of the potential for
involvement by service companies in many regions. And we can
provide better quality, and lower-cost service, due to the fact
that our service providers will compete with each other for
business.
This organization may work to provide technical support, though it bears a strong resemblance to Red Hat's early "Support Partner" program, which was never very successful. What may prove harder is convincing potential users that other sorts of support - such as security updates - will be available for several years into the future. Another obstacle faced by UserLinux is package support. Specifically, which packages to bundle into the distribution. At this point, Linux has several areas where there are a number of competing packages that perform the same general functions. Perens argues that an enterprise project should make choices between various packages and pick a single package rather than be bogged down trying to support a array of packages. This would not prevent users or vendors from adding packages, but the default system would include only one of a given type of package. This is likely to cause some heated and unpleasant debates as UserLinux moves forward. There are already some strong objections to Perens' preliminary choices on the UserLinux discuss list. Eventually, these choices have to be made, however. Perens proposes that these and other technical choices be made by a meritocracy, similar to projects like the Linux kernel, the Apache project or the Debian project itself. UserLinux is, at this point, only a concept. There is much work to be done, and much of it is in uncharted territory. Whether or not it succeeds depends on a number of factors, some of which are obvious now and others will only become apparent with time. But if the success of Linux has taught us anything thus far, it is that the open source community can succeed where many expect failure.
Security Brief items Lessons from the Debian compromiseIt's been said that what doesn't kill you makes you stronger: if so then Debian must be very strong these days. The recent attack on Debian's servers is well known. It has been well documented and explained in detail. What remains to do is to consider the aftermath; have lessons been learned?Recall the sequence of events. In the month of November, an unknown person developed a crack that exploited that now famous kernel flaw and found his way into a Debian developer's machine. Although it's not known if the attack was focused on the developer's machine in particular, it was quickly understood by the attacker that this PC presented a means to accessing the Debian servers. He installed the requisite tools that took over the machine and sniffed out the passwords. The attacker then obtained the password that enabled him to compromise a Debian project server. In quick succession, he penetrated a number of machines which spanned North-America and Europe. It must be understood that up to this point the attack had not been detected. The machines were penetrated and had been successfully subverted. The attacks were executed in such a manner that none of the installed security mechanisms caught the activity. So why didn't the archives get compromised? And how was it that the attack, was even discovered? The hand-crafted kernel exploit was not perfect. According to a group of Debian contributors who were interviewed at a recent Linux User's Group meeting (LUG), the exploit worked on all of the Intel machines but failed against one Sparc system, which is where the archives happen to reside. Another crack imperfection was that it generated strange messages in the log files which led to the attack's discovery. It turns out that one of the system administrators became uneasy as he was looking through the log files of one of his machines. He quickly understood that the messages were not normal and the other machines were checked out in short order. This is how the attack and its point of entry (the developer's compromised machine) were discovered. What are the lessons learned?
Has anything been learned from this event that can help us formulate a more proactive policy? That answer depends on how much we, the open source community, are willing to work to eliminate these violations. These kinds of people can exploit a hundred machines before they stumble over one that can really hurt us. And that's the irony, for every attack that is noticed there are ten more that are unseen. By increasing the diversity of our systems and the alertness of our administration, we improve our chances of detecting and shutting down this sort of attack before it does real damage.
Discontinued SuSE Linux DistributionsSuSE has announced an end of life for SuSE Linux 7.3. Vulnerabilities found after December 15, 2003 will not be fixed for SuSE Linux 7.3.
New vulnerabilities cvs: unauthorized file creation
FreeRADIUS: Denial of service vulnerability
rsync - remotely exploitable heap overflow
Updated vulnerabilities 2.4 kernel - several vulnerabilities
apache: buffer overflows in mod_alias, mod_rewrite
apache2: Denial of Service vulnerability
bind: cache poisoning
CUPS: denial of service
ethereal: multiple remote and local vulnerabilities
Filename disclosure vulnerability in fam
fetchmail may crash on specially crafted message
fileutils/wu-ftpd: denial of service
glibc: DNS stub resolvers contain buffer overflow vulnerability
GnuPG: ElGamal signing keys compromised
gtkhtml: malformed messages cause crash
iproute: local denial of service
KDE: Two issues in KDM
kernel: local root exploit in 2.4.22
kernel-utils: setuid vulnerability
libnids: remotely exploitable buffer overflow
libpng, libpng3: buffer overflow
mikmod: buffer overflow
mpg123: heap overflow
mplayer: remotely exploitable buffer overflow vulnerability
Nessus NASL scripting engine security issues
Net-SNMP: security bugs in versions before 5.0.9
nfs-utils xlog() off-by-one bug
openssh: timing attack leads to information disclosure
Pan: denial of service
postfix: denial of service vulnerabilities
proftpd: remote root shell
Multiple-use vulnerability in Safe.pm
sane-backends: several vulnerabilities
screen: privilege escalation
stunnel: file descriptor leak
File overwrite vulnerability in tar and unzip
Multiple vendor telnetd vulnerability
vim - modeline vulnerability
wget: buffer overflow
zebra: denial of service vulnerability
Resources Patchmanagement.orgPatchmanagement.org has been launched as a moderated mailing list where interested parties can talk about patch management.
A FAQ on the OpenSSL FIPS 140-2 validation effortThe Open Source Software Institute has posted a FAQ describing the current OpenSSL FIPS 140-2 validation effort. This work, which is sponsored by HP and the Defense Medical Logistics Standard Support program of the DoD Military Health System, seeks to have the OpenSSL cryptographic modules certified as complying with the FIPS 140-2 standard. At that point, it would be possible for vendors to create applications which carry the same validation. See the document for lots of details.
Events Black Hat Briefings Amsterdam Call for PapersThe 2004 version of the Black Hat Briefings will be held in Amsterdam on May 17 to 20. The call for papers is out now, with a submission deadline of March 25.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current development kernel remains 2.6.0-test11; Linus seems to be waiting for Andrew Morton to return from vacation and pick up the baton. Linus has, however, accepted a few dozen small bugfixes into his BitKeeper repository.The current stable kernel is 2.4.23; Marcelo has started off the 2.4.24 process with 2.4.24-pre1. This prepatch includes the XFS filesystem (see below) along with a fair number of networking and architecture patches.
Kernel development news 2.4, XFS, and DMAs reported last week, many users had requested that the XFS filesystem be added to the 2.4 kernel despite Marcelo's stated intent to go into a maintenance-only mode. Those users have prevailed: Marcelo has announced that, after a review by Christoph Hellwig, XFS has been merged into his 2.4 tree. It will thus show up in the first 2.4.24 prepatch, whenever that is released.What has gone into 2.4 is, in fact, not the full XFS patch. Two subsystems have been left out:
Users needing those features in XFS will have to run 2.6 to get them. Most users, however, will most likely be happy with the core XFS filesystem. Meanwhile, a new request has been heard: could the device mapper (LVM2) code be merged? Marcelo's answer was direct: "I believe 2.6 is the right place for the device mapper." That would seem to be the end of the matter, but arguments are now being marshalled to try to get Marcelo to change his mind. This posting by Kevin Corry covers the relevant points quite well:
The forward compatibility argument strikes a chord with many participants in the discussion, but Marcelo is, for now, adamant. One never knows, though; he previously has taken equally strong positions against ACPI and, of course, XFS, but been won over in the end.
The status of dynamic devices in 2.6Some of the new users who are just now beginning to test out the 2.6 kernel are encountering a bit of a surprise: devfs is now marked as being deprecated, and users are being pointed to the user-space "udev" solution instead. The deprecation of devfs is no surprise to those who have been following the discussions; despite significant fixups over the 2.5 development cycle, the devfs code continues to have problems which are seen as not being fixable. Some of these problems can lead to kernel deadlocks and worse. These issues are compounded by the fact that the devfs maintainer, Richard Gooch, has not been heard from in some time.The loss of devfs bothers a relatively small number of people; of the large distributions, only Gentoo uses devfs. But those users have tended to be a little unhappy with the alternatives - many people who have looked at udev (which was first examined here back in April) have concluded that it is not yet ready. Many of the features of devfs are still missing, udev does not yet handle all types of devices, and support for the devfs naming scheme has been slow in coming. As a result, devfs users feel left out in the cold. What some observers may have missed is that udev development has taken off in the last couple of months. udev 003, released on October 16, was mostly the work of its original author, Greg Kroah-Hartman. Since then udev has picked up its own development community and evolved considerably. The current release as of this writing (udev 008) is a much stronger offering, and several new features are queued up for the 009 release as well. Among other things, udev now offers:
...and quite a bit more. At this point, udev contains something close to the full set of features needed to enable it to replace devfs. The problem is not yet entirely solved, however. udev depends on sysfs for the information needed to configure device nodes, and not all devices have complete sysfs support at this point. Thus, for example, udev will not yet work with input devices, misc devices, and some others. Certain kinds of subtleties (distinguishing CDROM drives from regular disks, for example) are not yet there. The fault is not with udev itself, but with the information (or lack thereof) that it gets from the kernel. In many cases, patches to add the relevant devices to sysfs are in circulation, but have not yet been merged into 2.6. Once that support has been added, the picture will be nearly complete. There is one remaining question from devfs users, however, which has earned its own place in the FAQ: dynamic loading of drivers. devfs has the capability to create a device node while deferring loading of the appropriate driver module until a user program actually opens that device node. udev cannot do that, and there is no plan to add that support. In the 2.6 world, driver modules are loaded by the hotplug mechanism when the device is detected, so there is no need to load them at open time. This approach bothers some users who prefer not to load drivers for rarely-used devices, but most users will be able to live with it. (See also: the udev 008 man page for information on how udev works, and Robert Love's HOWTO on using udev with the development version of Fedora).
Binary modules and derived worksThis week's Front Page contains an interview with a lawyer on the issue of what makes one program a derived work of another. That topic has also been prominent on the linux-kernel mailing list recently as part of the never-ending debate over the status of closed-source kernel modules. Unusually, Linus Torvalds has taken an active part in the discussion this time around. Linus does not have the last word on this issue - his copyrights only cover a small part of the kernel code base - but his thoughts are influential in this regard and can be taken as a sort of guidance for anybody who is considering distributing a binary module.It is reasonably widely accepted that a program which simply uses a well-documented API does not become a derived work of the code implementing that API. The obvious application of this principle is the kernel's system call interface. That interface is an API (and ABI as well) which, to a great extent, conforms to a well-documented standard, and which is meant to be stable over time. The COPYING file supplied with the kernel explicitly states that programs using the system call interface are not considered to be derived works, but, according to Linus, that statement is not strictly necessary:
In other words: even without that disclaimer of derivation, user
space would almost certainly (with a very high probability indeed)
be safe from a copyright infringement suit. Such a suit would most
likely be thrown out very early, exactly because the UNIX system
call interface is clearly extensively documented, and the Linux
implementation of it has strived to be a stable ABI for a long
time.
Of course, there are differences of opinion. Thus, as Ted Ts'o points out, the FSF claims that users of the readline library must be licensed under the GPL, even though there are two BSD-licensed implementations of the same stable, well-documented API. But let us accept, for the moment, that this sort of API does, in fact, create a boundary for derived works. A fundamental question that some developers have raised is: what is different about the interface used by kernel modules? Several developers have argued that the module interface is a boundary in just the same way as the system call interface. Linus's response is that the module interface is, indeed, different:
But when you have the GPL, and you have documented for years and
years that it is NOT a stable API, and that it is NOT a boundary
for the license and that you do NOT get an automatic waiver when
you compile against this boundary, then things are different.
He go on to explain, in fairly graphic and non-technical terms, that the stated intent of the interface matters, even if the technical steps involved in using it are the same. The module interface is not a boundary because the copyright holders never intended it to be one. One can go further and say that the module interface is truly not an API in the usual sense. It is, indeed, highly volatile, and has been known to change even in the middle of a stable kernel series. The module interface provides extensive access to low-level kernel functionality, often solely for the convenience of other in-tree kernel code. Code which makes use of many exported symbols is clearly Linux-specific. Some exported symbols are so low-level that the kernel developers have concluded that no code can use them without being a derived product; that is why EXPORT_SYMBOL_GPL() exists. But, as Linus notes, EXPORT_SYMBOL_GPL() should be seen as a form of documentation in specific cases; its existence does not imply that modules restricting themselves to non-GPL-only symbols are automatically not derived. The crucial test, as seen by Linus, is whether a particular module was implemented independently of Linux. Code ported from another system (such as the Andrew filesystem) is a fairly obvious example. Device drivers are generally seen as being independent as well. Before going any further, though, distributors of closed-source modules should consider one other thing that Linus said:
So in order for nVidia to be able to legally distribute a
binary-only kernel module, they have to be able to feel damn sure
that they can explain (in a court of law, if necessary) that the
module isn't a derived work. Enough to convince a judge. That's
really all that matters. Our blathering matters not at all.
Until a court makes a ruling, nobody really knows what the law really says. Even then, as Dan Ravicher told us, the ruling will only hold in the geographical area covered by that particular court. There are no clear answers to this question. The ambiguous legal state of closed-source modules may suit some developers who want to discourage them strongly without trying to ban them outright. But it is not beneficial for the Linux community as a whole. We really do not need more messy court cases; we have better things to do with our time and energy. As LWN has said before, it would be in the community's interest to clarify the situation and make the boundary clear. One possible step in that direction was suggested by Al Viro. He has pointed out in the past that the module interface is a mess which could do with some cleaning up. Now he suggests looking at who actually uses each exported symbol and thinking about whether that symbol should really be made available to modules or not. There are, as he points out, over 7500 EXPORT_SYMBOL() declarations in the 2.6 kernel; seemingly, only about half of them are used by in-tree modules. A lot of these symbols, Al suggests, could probably go away altogether. Others could be explicitly exported only to certain modules with a clear need to use them - though the mechanism to restrict exports in this manner does not yet exist. An effort to clean up the list of exported symbols could, eventually, lead to some clarity in the legal status of the users of those symbols. The export list could be trimmed down to a point where most observers could see it as a somewhat well-defined programming interface. At that point, maybe most developers might be able to agree on a subset that binary-only modules could safely use. The benefits of this agreement would be significant. There would be one minor disadvantage in that the kernel developers would have to find something else to argue about. One suspects that they are probably up to the task, however.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Around the World in 80 LinesOne of the interesting aspects of the Linux revolution is the amount of volunteer work in all corners of the world providing support for dozens of languages. Some minority languages would never make enough commercial sense for proprietary software companies to support them, but there are no such lowly materialistic considerations for thousands of volunteer translators. Let's take a virtual journey around the world to see how this effort translates into real products benefiting those whose command of English is far from perfect. (Be warned that most links in the article lead to non-English language web sites.)Starting in Europe, all Western European languages have been well supported for a long time. Germany and France have their own well-known distributions with global reach, while a lot of Spanish effort has been led by the government of Extremadura and its Debian-based LinEx distribution. Interestingly, the country's Catalan-speaking population has now its own distribution in Knoppix-based Biadix. Other Southern European efforts include Slackware-based Zeus Linux in Greece, Red Hat-based Caixa Magica in Portugal and also Red Hat-based Gelecek Linux in Turkey. Northern Europe's shining example of successful support for local languages is the Debian-based Skolelinux in Norway. Also worth mentioning is NordisKnoppix, which supports now 12 Northern European languages, including such minority ones as Faroese and Northern sami. While English is fairly widely understood in most parts of Western Europe, this is not always the case in the emerging economies of Central and Eastern Europe. Luckily, we have seen much activity in that area in the last year or two, with independently developed UHU Linux in Hungary and Red Hat-based Aurox Linux in Poland being the best-known distributions from the region. But developers in other countries are catching up fast - there are now ongoing localization efforts in Bulgaria with Tilix Linux, in Slovenia with SLIX (both based on Knoppix) and Latvia with LIIS Linux (based on Skolelinux). Further in the east, the Russian Linux market has been largely dominated by ALT Linux and ASP Linux, both of which provide excellent support for the Cyrillic alphabet. Most of these projects also contribute their translations back to KDE, GNOME, OpenOffice, Mozilla and other large open source software projects. Moving on to the Middle East, this is where things get slightly more complicated, with much of the region using one of the right-to-left writing systems of Hebrew, Arabic or Farsi. Possibly the best effort to-date in supporting Hebrew are GNU/Linux Kinneret, an excellent Knoppix-based live CD, and Boten GNU/Linux, based on Peanut Linux. Going further east we'll see a truly massive effort going into various Arabization projects, now mostly united under the Arabeyes umbrella. Arabeyes has contributed an impressive amount of work into KDE, GNOME and OpenOffice, developed support for Arabic console and created fonts, dictionary and spell-checking applications. A Knoppix-based distribution called Arabbix with near-complete Arabic support is another achievement. If any of these volunteer Linux projects is ever going to get a top award for the amount of contributed work, then Arabeyes has to be one of the top contenders! And while still in the Middle East, another project that deserves a mention is Shabdix, a Knoppix-based live CD with support for Farsi, by the increasingly active Iran Linux User Group. The product has not been publicly released, but if you understand Farsi, read this review or check out the included screenshots. On to the Indian subcontinent and its multitude of languages and complex writing scripts. The central localization effort in the region is currently taking place at IndLinux, an ambitious effort to deliver Linux to all main language groups of Bengali, Gujarati, Gurmukhi, Hindi, Kannada, Malayalam, Marathi, Oriya, Tamil and Telugu. Translating user interfaces and documentation is just one part of the work involved, with fonts and I/O modules equally important for the success of the project. Another regional effort is Ankur Bangla which has been working on support for Bengali, a language spoken in Bangladesh and parts of India. The GNOME-centric project has contributed a lot of work back to GNOME, as evidenced in these screenshots. Both IndLinux and Ankur Bangla have released experimental ISO images for download and testing. In South East Asia, if we have to single out one country with most contributions to the success of Linux, it has to be Thailand. Efforts range from community projects such as OpenTLE with a Red Hat-based distribution called LinuxTLE and Thai-enabled OpenOffice called OfficeTLE, through Slackware-based Burapha Linux, developed by a Thai university to firewall and security products by Phayoune. And that's just the tip of the iceberg. Other regional projects include a new Mandrake-based Vietnamese distribution named KDLC Linux and a couple of projects in the Philippines - Bayanihan Linux and Lorma Linux (both Red Hat-based). East Asian languages are characterized by complex writing systems, a fact that has contributed to very hesitant deployments of Linux on desktops throughout the region. Just consider the issue of fonts for use by Chinese, Japanese and Korean (CJK) languages, which ideally need to consist of several thousands of characters to be usable. Intelligent character input methods are essential for speed typing, yet the existing Linux implementations do not compare well with those available on commercial platforms. Even printing in CJK was not well supported until relatively recently. China seems to lead the effort in Linux adoption, but despite the country's name appearing frequently in the headlines, the reality is less rosy. Nevertheless, a good mixture of commercial and community distributions exists in the region; these include Red Flag, Cosix and Magic Linux in China, Thiz Linux in Hong Kong (with support for Cantonese), Linpus Linux (with focus on embedded Linux) in Taiwan and Hancom Linux in Korea (all Red Hat/Mandrake-based). Japan has a great variety of distributions ranging from well-known Turbolinux to Red Hat-based Vine Linux, Slackware-based Plamo Linux and Debian-based ARMA. The rest of the world does not have to deal with font complexities, which makes life easier. In Latin America, Conectiva Linux is a well-established powerhouse on the South American continent, while the increasingly popular Kurumin Linux is an excellent community project, also from Brazil. Elsewhere in the region, there are interesting efforts in Mexico - a Red Hat-based distribution with Ximian Desktop called LGIS Linux and Peru - a new Knoppix-based distribution called Condorux. On the African continent, South Africa is leading the way with a substantial translation effort to provide full support for the country's 11 official languages, while Africa's first desktop Linux distribution, the GNOPPIX-based Impi Linux, promises to incorporate this work into future releases. Even if most of us have no need to use any of the non-English Linux distributions mentioned above, it is still exciting to see all this selfless effort expended for the benefit of people, irrespective of their nationality, race, language or level of education. Is our bazaar-type development model superior to the old-style cathedral model? You bet! The internationalization and localization effort throughout the world is an excellent example of that.
Distribution News Red Hat Enterprise Linux 3 gains LSB certificationRed Hat has announced that Red Hat Enterprise Linux 3 has attained Linux Standard Base certification on all of the recognized architectures.
Debian Weekly NewsThe Debian Weekly News for December 9 is out; it looks at HP's expanded Debian support, a new draft web server policy, Sarge progress, Debian Enterprise and UserLinux, and several other topics.
GentooThe Gentoo Weekly Newsletter for the week of December 8, 2003 is available. This issue looks forward to 2004 and examines the rsync.gentoo.org server compromise, among other topics.Ned Ludd provides more information about the recent compromise, along with the steps that have been taken to prevent future incidents.
A new UserLinux draft manifestoBruce Perens has posted a new UserLinux white paper with significant additions regarding software choices (GNOME over KDE, MySQL, Apache2, Postfix, Python, ...), support options, and more. "These tasks take money, thus I propose a membership organization for the service providers (the 'service provider organization'), that would grant them 'official' status and referrals from our global service phone number in exchange for their meeting our technical standards and making a financial contribution. Financial contributions would be on a sliding scale based on the size of the company, and would be in two forms: a straight membership fee, and a percentage of new business referred by the service provider organization." The new text has been nicely highlighted for those wanting to get a quick idea of what has changed.
HP to expand Debian Linux support (TechWorld)TechWorld reports that Hewlett-Packard is planning to expand support offerings to customers who run Debian. ""HP Services is working on some projects right now to increase the number and quality of the support offerings that they can provide to customers who want to run Debian," Bdale Garbee, HP's Linux chief technology officer (CTO) told IDG News Service on the sidelines of a Linux conference in Bangalore, India, this week." (Found on Debian Planet)
Progeny's plans could make Linux distros interchangeable (NewsForge)NewsForge looks at a Progeny project called Discover, an XML-based utility that may revolutionize the way Linux detects hardware and loads kernel modules or other drivers. "We've all seen situations where one distribution easily configured our sound card but flubbed video setup, while another handled sound and video without problems but couldn't deal with our favorite mouse. If Progeny has its way, these inconsistencies will become things of the past; if one distribution can automatically detect and use a piece of hardware, why shouldn't all distributions be able to do it? Why should each distribution publisher be forced to keep a separate hardware database, which is not a cheap proposition? Why not have a central hardware information repository that all distribution publishers contribute to and use?"
Anaconda Port Ready For Download (DebianPlanet)Debian Planet reports that Progeny's port of Anaconda to Debian is ready for testing. Visit the sarge-based Anaconda website to find out more.
FedoraHere are this week's Fedora updates:
Mandrake LinuxMandrake has some 9.2 updates available:
Slackware LinuxThis week at Slackware, the slackware-current changelog shows an upgrade to xfce-4.0.1 and new alsa packages. There's an rsync security fix available for both the current and the stable branches. The slackware-stable changelog also shows an upgrade to lesstif-0.93.94, which should be a more stable version.
New Distributions ASLinux Desktop 1.0 releasedActiva Systemas has announced the release of ASLinux Desktop 1.0, a desktop-oriented distribution based on Debian Sarge. Unlike the Debian base, however, ASLinux restricts itself to one application for each task, simplifying the choices faced by users.
Buffalo LinuxBuffalo Linux is a derivative of Vector Linux (a Slackware-based distribution). It is targeted for the small business workstation market. The base version is free software, released under the GNU GPL. Enhanced versions with pre-installed database access (DB2 and Oracle) and Microsoft product execution using Codeweavers products are available. Buffalo joins the list at version 1.0.3, released December 7, 2003.
Minor distribution updates 2-Disk Xwindow embedded Linux2-Disk Xwindow embedded Linux has released v1.2.5 of 1-disk with code cleanup. "Changes: This release adds changes to font usage, UI policy updates, minor documentation changes, and general cleanups."
BLAG9001 ReleasedBLAG Linux and GNU has released BLAG9001. "The major changes are lots of RedHat errata fixes (new kernel, new XFree86, new glibc), some BLAG package updates, and a handful of new packages."
blueflopsblueflops has released v2.0.0 with major feature enhancements. "Changes: This release adds ethernet card probing, auto-detection of video chipsets, keymap selection, a rebuild of the development system (now "optimized" for i386), uClibc-0.9.20, gcc-2.95.3, linux-2.4.23 compiled for i386 with floating point emulation (it is bigger, but it will run on old boxes), busybox-1.00-pre3, links-2.1pre14, and epic4-1.1.12 (replaces "BitchX", which is too big). It removes support for "msdos" (just use "vfat") and "umsdos" filesystems, updates the monitors database (it now has 3,452 monitors), and adds miscellaneous fixes and changes."
Damn Small LinuxDamn Small Linux has released v0.5.1. "Changes: This release adds .bash_profile for user control of startup programs. Both LiveCD (with restore option) and hard drive installed users will benefit. Improved system architecture and hard-drive install scripts to allow for a more traditional multi-user installation. Each added user's environment is like the LiveCD's damnsmall user. There is an updated Fluxbox,scite in place of nedit (size issue), mformat (needed to take advantage of the restore script use with floppy), a modified install script to work with low RAM systems, lprng/gs/apsfilter for broad printer support, and fixed NTFS read support."
Feather LinuxFeather Linux has released v0.2.1 with minor feature enhancements. "Changes: Antiword, rdesktop, sqlite, and links-hacked were added. The Opera download script was fixed, and a hard drive install script was added."
LRs-LinuxLRs-Linux has released v2003-12-01. "Changes: This release is based on LFS-5.0 and contains KDE-3.1.4, xfree-430, and kernel 2.4.22. There are new configuration scripts for Grub and BootScripts and all packages have been updated."
MoviXMoviX has released v0.8.1rc1 with minor feature enhancements. "Changes: Besides a few bugfixes, this version contains a few nice slideshow improvements. Most noticeably, pictures are now correctly rescaled for fullscreen, and a musical background can be set."
MulimidixMulimidix has released v0.6 with major feature enhancements. "Changes: There is a new VDR version and many new features. This release is completely restructured and more stable. Many VDR plugins have been added."
NSA Security Enhanced LinuxNSA Security Enhanced Linux has released v2003120509 with major feature enhancements. "Changes: The base kernel versions have been updated to 2.4.23 and 2.6.0-test11. In 2.6.0-test11, controls have been added for inheritance of signal-related state and resource limits, and the network interface and node controls have been reimplemented. SysVinit has been patched to eliminate the need for a modified initrd. Login now uses a pam_selinux module. Many other updates have been made to the tools, utilities, and userland patches."
New Quantian release 0.4.9.2 availableQuantian has released v0.4.9.2. Click below to see the release notes.
RUNTRUNT (ResNet USB Network Tester) has released v3.1 with minor feature enhancements. "Changes: The kernel has been updated to 2.4.23."
ThePacketMasterThePacketMaster has released v1.1.0 with major security fixes. "Changes: This release includes kernel 2.4.23 to address security issues discovered in earlier kernels, as well as wlan-ng wireless drivers for prism2 support, and partimage for ghosting capabilities."
PhlakPhlak has released v0.2 with major feature enhancements. "Changes: Wireless works better. fluxbox now works from the bootprompt. The "toram" option was added to load the entire disk to RAM (if you have that much). The base packages were updated from the Debian tree. Another 40 security tools added by hand. Zshell was added as the default shell. Firewall scripts were added. A great new documentation system was added."
Sentry FirewallSentry Firewall has released v1.5.0-rc8 with major bugfixes. "Changes: The Linux kernel has been updated to version 2.4.23-ow1. There have also been minor updates and bugfixes to the documentation and configuration scripts."
wrt54g-linuxwrt54g-linux has released v0.3 with minor feature enhancements. "Changes: This version adds dproxy-nextgen, a caching nameserver. This allows users to use wrt54g as the DNS and also allows them to have private name resolution. By adding entries to /var/etc/hosts, they can refer to machines on a home LAN by name. "Blacklist" names can be added to the file to prevent proper name resolution, i.e. "127.0.0.1 doubleclick.com"."
Distribution reviews Gentoo Linux (Linux Journal)Linux Journal has a review of Gentoo Linux. "After the several hours that the compilation took, I had to modify the /etc/fstab manually to indicate where my partitions were. I also had to download the source for my kernel and compile it. After this, I downloaded and compiled a system logger, a cron daemon, set my root password and configured a boot loader. I then cleaned up by unmounting the various file systems I had mounted for the installation process, ejected the CD and restarted my machine. At this point, my machine was a clean shell, awaiting my command to install software using the Portage system. When all was said and done, it took me approximately 24 hours from start to finish to have a fully functional, fully customized desktop system."
Page editor: Rebecca Sobol Development The Anjuta 1.2.0 IDE for C/C++Version 1.2.0 (stable) of Anjuta, a GTK/GNOME-based Integrated Development Environment (IDE) for C and C++, has been announced on SourceForge, and also on GnomeDesktop.org."Like all .0 releases, it is at about 99% stability (with some minority bugs accounting to the missing 1% :))."
Unlike many projects of this size and complexity, Anjuta installed (on a Red Hat 9.0 system) with minimal effort. Just one rpm command was required, and amazingly, there were none of the typical dependency problems to deal with. Anjuta fired up and worked as advertised in the documentation. Your editor was able to create, compile, and run a simple C "hello world" program with only a few minutes of poking around in the documentation. Anjuta appears to be loaded with all kinds of productivity enhancing capabilities. On the project level, it works with CVS, supports Makefiles, and performs software installation. Additional resources are available for building RPMs, working with databases, and much more. With a bit of work on the learning side, Anjuta should have a fairly rapid payback in time saved when working with medium and large size projects.
System Applications Audio Projects ALSA 1.0.0rc2 releasedVersion 1.0.0rc2 of ALSA, the Advanced Linux Sound Architecture driver, is out. The notes say: "bt87x driver added, more OSS PCM emulation fixes".
Jack-0.91.1 releaseRelease 0.91.1 of JACK, the Jack Audio Connection Kit, is available. Here are some of the changes: "New iec61883 driver. Very experimental; this is just to get it out there. 61883 is the standard for audio+midi over firewire."
Planet CCRMA ChangesThe latest changes from the Planet CCRMA audio utility packaging project include new versions of JACK, JackEQ, Ecasound, Ardour, and more.
Speex 1.1.3 ReleasedVersion 1.1.3 of the Speex audio codec for speech, is available. "This unstable release brings more improvements to the fixed-point port. Many new functions have been converted and most modes now work in real-time."
CORBA omniEvents 2.4.0 releasedVersion 2.4.0 of omniEvents, a cross-platform server that enables CORBA applications to communicate through asynchronous broadcast channels, has been announced. "This is a port of omniEvents 2.1.2 to an autoconf build environment. It preserve the exact functionality of 2.1.2, in order to keep changes in the build system separate from functional changes. There have been some minor changes to the text of error messages, in order to enhace usability."
Database Software MySQL 4.1.1 has been releasedVersion 4.1.1 of the MySQL database has been released. "This is the second Alpha development release of the 4.1 tree, adding many new features (see below) and fixing recently discovered bugs."
phpPgAdmin 3.2 Released (SourceForge)Version 3.2 of phpPgAdmin is available. "Major new features in phpPgAdmin 3.2 include: Ability to dump table structure as well as data; Table icons in the tree now browse the table; Editing and sorting select and report results is now possible; Afrikaans and Hungarian translations. phpPgAdmin is a fully functional web-based administration utility for a PostgreSQL database server."
PostgreSQL 7.3.5 Now AvailablePostgreSQL 7.3.5 has been announced. "After several fixes were backpatches to the 7_3_STABLE branch, we have now released a 7.3.5."
PostgreSQL Weekly NewsThe PostgreSQL Weekly News for December 8, 2003 has been published. "As mentioned in last weeks news, 7.3.5 was released last week, with the official announcement going out on Thursday. This should be the last of the 7.3.x series and is generally intended as a hold over for folks who can not upgrade to 7.4.x right way."
Networking Tools TFTP and Error Correction (O'Reilly)Heath Johns explains TFTP, the Trivial File Transfer Protocol on O'Reilly. "TFTP's design is revealing the same way that a car's airbags are. As an airbag testifies to the probability and violent nature of a crash, so TFTP's design speaks to frequent and catastrophic data misadventure. It's trivialness of purpose (to move one file from one computer to another--nothing more, nothing less) makes it something like a 1950's truck engine: crack open the hood and it's still simple enough to understand in an afternoon."
Web Site Development mnoGoSearch-php-extension-1.85 and mnoGoSearch-php-3.2.3The mnoGoSearch-php-extension-1.85 and mnoGoSearch-php-3.2.3 PHP utilities for the mnoGoSearch web site search utility are available.
Quixote 0.7a3 releasedDevelopment version 0.7a3 of the Quixote web development platform is out. See the CHANGES document for more information.
UnCommon Web 0.1 releasedVersion 0.1 of UnCommon Web, a Common Lisp-based web development framework, is available. "This version adds an administration application with a REP loop, new components, template inclusion for TAL, and more."
A Day in the Life of #Apache (O'Reilly)Rich Bowen explains the .htaccess file on O'Reilly. "The AllowOverride directive controls the use of .htaccess files. These are files that permit users who don't have access to the main server-configuration file to override the configuration settings on the server for particular directories."
Desktop Applications Audio Applications Ecasound 2.3.2 releasedVersion 2.3.2 of Ecasound, a multi-track audio processing utility, is out, many changes are included.
jackEQ -0.3.8Version 0.3.8 of JackEQ, an audio equalizer for the JACK Audio Connection Kit, is out, here are some of the changes: "Added io-menu.c for internally assigning jack ports. Uses the latest swh-plugins 0.4.3."
Tkeca 3.2.0 Released!Version 3.2.0 of Tkeca, a GUI front-end for the Ecasound audio utility, is available.
Wavdumper 0.5 availableVersion 0.5 of Wavdumper, a Python-based utility that shows all kinds of information about .wav files, is available. (Found on the Daily Python-URL.)
Desktop Environments GNOME Installation Guide 2.4.1 online (GnomeDesktop)GnomeDesktop.org has an announcement for a new GNOME Installation Guide, this version has been updated for GNOME 2.4.1.
GNOME System Tools 0.30.0 have been released (GnomeDesktop)Version 0.30.0 of the GNOME System Tools has been announced. "The GNOME System Tools are set of tools aimed to make easy the job that means the computer administration on an UNIX or Linux system. The 0.30.0 release has been mostly for frontends polishing, aimed to make easier the distro porting that will happen in the next releases"
MIME behavior in GNOME (GnomeDesktop)GnomeDesktop.org has an announcement for a new proposal that deals with the handling of MIME types and files in GNOME.
GNOME Platform Bindings release set (GnomeDesktop)GnomeDesktop.org mentions the availability of new GNOME Platform Bindings. "Murray Cumming wrote: We now have a GNOME Platform Bindings release set. This means that we can give some bindings a schedule and rules to work within, and we can endor[se] those bindings."
New GTK+, Glib, Pango development releases (GnomeDesktop)New development releases of GTK+, Glib, and Pango are available. "On the road to GTK+ 2.4, new development releases of GTK+, Glib, Pango are now available. The main new features of the GTK+ 2.4 toolkit will be a new fileselector UI/API, an easier menu API, and and other various new widgets."
GNOME Summary for December 6, 2003The November 30 - December 6, 2003 edition of the GNOME summary is out. "Just a couple of notes on whats going on with GNOME summary. First off, I've added a couple of people who were willing to help out with the summaries. I'd love to have more. The larger the group the grander the possibilities! I've also decided that we will also help cover some of the Freedesktop news as they are starting to bind more tightly with the GNOME desktop. Integration between operating system and desktop by the use of standards will be one of the key advancements in the Free Software Desktop. So look for increased coverage of freedesktop components like HAL and xserver."
KDE 3.2 Beta 2 'Dobra Voda' is Waiting For YouKDE 3.2 Beta 2 was announced this week. "Our first KDE 3.2 Beta "Rudi" was a huge success and resulted in over 2000 resolved bugs. As the code has still got some rough edges, we decided to go for another beta. So here it is: Dobra Voda. Please continue reporting problems you see with it, your testing is much appreciated."
KDE TrafficIssue #70 of KDE Traffic is out with the latest summary of KDE news.
KDE-CVS-DigestThe KDE.News summary for the December 5, 2003 KDE-CVS-Digest says: "In this week's KDE-CVS-Digest: Kate gets highlighting optimizations and bug fixes. KolourPaint adds a curve tool and zooming. kabc, the addressbook library adds eGroupWare and phpGroupWare resources. A new icon theme for kids is included for 3.2. Plus many bugfixes in KHTML, KMail and Umbrello."
XFree86 4.4.0 release candidateA new version 4.4.0 release candidate has been announced for XFree86. "We have a Release Candidate for the 4.4.0 release and we are slightly off-track for making the original Release Target, as we still have allot of checking, poking, probing and testing to make sure that this Candidate is stable and secure enough to be marked with the highest accolade that this Project can bestow Release. To help in that quarter, we have available some binaries available."
Electronics XCircuit 3.1.31 releasedVersion 3.1.31 of XCircuit, an electronic schematic drawing package, is available. Change information is in the source code.
Games BZFlag 1.10.0 'Break the world' released! (SourceForge)Version 1.10.0 of BZFlag, a a multiplayer battle zone capture the flag game, is available. "Selected new features include: vote based kicking, tunable game parameters like gravity and world size, smarter bots, world weapons, bzadmin text client, autopilot, rabbit game style, single port networking."
Soya 0.6 availableVersion 0.6 of Soya, a Python-based 3D engine that is designed for games, is available. New features include shadows, cell-shading, and water-cube.
Release: StepMania 3.9 alpha 9 (SourceForge)Version 3.9 alpha 9 of StepMania has been released. "StepMania is a music/rhythm game. The player presses different buttons in time to the music and to note patterns that scroll across the screen. Features 3D graphics, visualizations, support for gamepads/dance pads, a step recording mode, and more!"
Graphics Gwenview 1.0.0 ReleasedVersion 1.0.0 of Gwenview, an image viewer for KDE, is available. "It features a folder tree window and a file list and thumbnail window to provide easy navigation of your file hierarchy, and uses docked windows that allows you to alter the layout in any way you want."
Interoperability First Release Candidate of Samba 3.0.1 availableSamba 3.0.1 RC 1 is available. "This is a release candidate snapshot of the Samba 3.0.1 code base and is provided for testing only."
Wine TrafficIssue #199 of Wine Traffic is available with lots of interesting threads on Wine.
Mail Clients Mozilla Thunderbird 0.4 Released (MozillaZine)Release 0.4 of Mozilla Thunderbird, an email and news client, has been announced. "Thunderbird 0.4 features an updated look to Thunderbird's default theme, including a variety of new icons; better OS integration, cut and paste of images on Windows, and a number of bug fixes and other new features."
Office Applications Evolution 1.5 (unstable) released (GnomeDesktop)Version 1.5 (unstable) of Evolution has been released. "Evolution 1.5 has fixed some major architectural issues and sees the splitting out of the addressbook, calendar and task data access into a separate library for other projects to use. Shell components are now much more simplified. We have also untangled the GUI quite a bit making the components (mail, tasks, etc) more individual and improving the usage experience for the user."
Gnumeric 1.2.2 available (GnomeDesktop)Version 1.2.2 of the Gnumeric spreadsheet has been announced, "featuring numerous bug fixes, polish, polish, and more polish".
Science GRAMPS 0.98.0, the ''Round me off'' release (GnomeDesktop)Version 0.98.0 of GRAMPS, the Genealogical Research and Analysis Management System, has been announced. "GRAMPS allows you to store, manage, import and export your genealogical data, perform research through a variety of tools, and build a variety of human-readable reports."
Video Applications xawdecode 1.8.2 released (SourceForge)A new version of xawdecode, an xdTV video monitor application, has been released. "Version 1.8.2 of xawdecode has been released, featuring: alsa native support, all french and english handbooks are updated, plenty of bug fixes."
Web Browsers Epiphany 1.1.1 released (GnomeDesktop)Version 1.1.1 of Epiphany has been announced. "Epiphany is the default GNOME web browser based on the mozilla rendering engine. It aims to be simple and easy to use." A long list of changes are included in this release.
Mozilla 1.6 Beta Released (MozillaZine)Version 1.6 Beta of the Mozilla browser has been released. "The Mozilla Foundation today released Mozilla 1.6 Beta. This latest milestone adds support for NTLM authentication on all platforms and improves the implementation on Windows. The automatic page translation feature has been restored (now powered by Google Language Tools) and a new version of ChatZilla, 0.9.48, is now included. In addition, several security and crash bugs have been fixed during the beta release cycle."
Mozilla Links NewsletterThe December 9, 2003 Edition of the Mozilla Links Newsletter is available with news of many Mozilla projects. "Mozilla Backup is a helpful utility that allows to pack bookmarks, history, sidebars, saved passwords, downloaded files list, cookies, e-mails, address books and general settings; all in a single file and restore it in a new or reinstalled PC."
Minutes of the mozdev Admin Meeting (MozillaZine)The minutes from the December 5, 2003 Mozdev admin meeting have been announced. "Issues discussed include meeting logs and notes, meeting times, incorporation of mozdev as a non-profit organisation, donations, the use of 'Zilla' in project names, the site redesign, upgrading Bugzilla and email addresses on the site."
Independent Status Reports (MozillaZine)A new set of Mozilla Independent Status Reports are available. "The latest set of status reports include updates from MSDbar, wmlbrowser, Optimoz Mouse Gestures, MozWho, MozManual, URLFix, ConQuery, Xprint, Moji, StumbleUpon, esayGestures, DictionarySearch and ReloadEvery."
Word Processors AbiWord Weekly NewsIssue #173 of the AbiWord Weekly News is available with the latest AbiWord word processor news. "Enchant, OTS and Gnumeric have made new releases, AbiWord to make its releases literally, Any Day Now. More information about tabiword, abiword-related TabletPC project. And, we have some funny Open Books update-age."
Miscellaneous HylaFAX 4.1.8 availableVersion 4.1.8 of HylaFAX, a Fax modem control utility, was released a few weeks ago. "The HylaFAX development team is pleased to announce our 4.1.8 patch-level release! This is a security release that fixes a remotely exploitable format string vulnerability in hfaxd that could be present in certain non-default configurations. As always, our sincerest thanks goes to all who participate and provide feedback."
Languages and Tools Caml Caml Weekly NewsThe December 2-9, 2003 Caml Weekly News has been published.
Java JSP 2.0: The New Deal, Part 2 (O'Reilly)Hans Bergsten continues his series on JSP 2.0. "This installment discusses the improvements made in the area of error handling and the new deployment descriptor features. I have assumed that you're familiar with JSP 1.2 and have at least heard about the JSP Standard Tag Library (JSTL)."
Lisp New projects at Common-Lisp.netPaolo Amoroso has sent in a summary of the November, 2003 additions to the common-lisp.net site.
Perl This Week on perl5-porters (use Perl)The December 1-7, 2003 edition of This Week on perl5-porters is available. This week's main topic is tied hashes and scalar context.
This fortnight on Perl 6 (Perl.com)This fortnight on Perl 6 for November 23, 2003 is available. "Right, hopefully things are back to normal(ish) after the disk crashes that rather spoilt the last summary. I've managed to fill in my mail archive too so this summary will cover the events of the last fortnight (that's two weeks for those whose version of English lacks this vital unit of time)."Also, the November 30, 2003 edition of This week on Perl 6 is out.
PHP PHP Weekly Summary for December 9, 2003The PHP Weekly Summary for December 9, 2003 is out. Topics include: PHP 5 Compatibility (continued), Bug #25916, browscap, Extensions moved to PECL, Name scheme for PHP 5, Build system for Windows.
Python RELEASED Python 2.3.3 (release candidate 1)Python 2.3.3 release candidate 1 is out. "Python 2.3.3 is a bug-fix release of Python 2.3. A couple of serious bugs related to weakrefs and the cyclic garbage collector have been fixed, along with a number of bugs in the standard library."
Dr. Dobb's Python-URL!The Dr. Dobb's Python-URL for December 8, 2003 is now available, with all the latest Python related news and links.
Tcl/Tk Dr. Dobb's Tcl-URL!The Dr. Dobb's Tcl-URL for December 8, 2003 is now available, with all the latest Tcl-related news and links.
XML Learning Objects Metadata (IBM developerWorks)Uche Ogbuji explains LOM on IBM's developerWorks. "The education technology field is leading the way with some very interesting uses of XML metadata in practice. A wide range of specifications, standards, and developments exist in the area, but at the center of things is the IEEE Learning Objects Metadata (LOM) specification. In this article, Uche Ogbuji introduces LOM and shows how it can be of interest even to those who have no direct connections with education techology."
Parsing XML documents partially with StAX (IBM developerWorks)Berthold Daum introduces StAX on IBM's developerWorks. "The Streaming API for XML (StAX), introduced in the previous tip, provides not only an XML parser that is fast, easy to use, and has a low memory footprint, but one that also provides a filter interface that allows programmers to hide unnecessary document detail from the application's business logic. This tip shows how to apply event filters and stream filters to StAX parsers."
Debuggers Kodos 2.1 releasedVersion 2.1 of Kodos, the Python language regular expression debugger, is available. New features include a library of common regular expressions, better handling of window positions and sizes, prompting for unsaved work on exit, and more.
Miscellaneous Debugging configure (IBM developerWorks)Peter Seebach illustrates software configuration debugging techniques on IBM's developerWorks. "All too often, checking the README of a package yields only the none-too-specific "Build Instructions: Run configure, then run make." But what about when that doesn't work? In this article, Peter Seebach discusses what to do when an automatic configuration script doesn't work -- and what you can do as a developer to keep failures to a minimum. After all, if your build process doesn't work, users are just as badly off as if your program doesn't work once it's built."
Page editor: Forrest Cook Linux in the news Recommended Reading Linus Digs Into Copyright Law and Notices Something Useful (Groklaw)Linus has been diverting his attention to legal definitions, according to this Groklaw article:"I ended up looking up the exact wording of the US copyright law for the definition of 'derivative', and guess what I find a few lines below it: 'The term "financial gain" includes receipt, or expectation of receipt, of anything of value, including the receipt of other copyrighted works.'" No Linus posting would be complete without a bit of humor: "So . . . when he attacks the GPL as being somehow against 'financial gain', that notion that the GPL has of 'exchange of receipt of copyrighted works' is actually EXPLICITLY ENCODED in the US copyright law. It's not just a crazy idea that some lefty commie hippie dreamed up in a drug-induced stupor. So if Darl calls that notion unconstitutional, he is actually attacking the US code as it stands today."
Microsoft aiming IBM-scale patent program at Linux? (Register)The Register speculates on Microsoft's plans for patent enforcement. "Microsoft's actions so far don't constitute a full frontal attack on free software. It's often been rumored that Microsoft has a number of patents - the number varies - on the Linux kernel itself. But it has chosen not to pursue such an inflammatory tactic, just yet, and may not even need to at all in order to succeed."
Trade Shows and Conferences Intelligent Documents Headline XML 2003 (O'Reilly)Edd Dumbill covers the XML 2003 conference on O'Reilly. "At the opening of this year's XML USA conference in Philadephia, PA, smart XML documents were the star. Keynotes from Jon Udell of InfoWorld and Shantanu Narayen of Adobe focused on XML documents that conveyed the nuance of real world communication."
The SCO Problem Judge Tells SCO: No, *You* Have to Show the Code First (Groklaw)For those who are curious, Groklaw has posted a transcript of the hearing on IBM's motions to compel in the SCO case. Scroll down past the first version; there is a more complete transcript appended to the article. There is a second article giving details on what SCO has been ordered to provide to IBM, and yet another article by a guest author on where things go from here. "SCO must now turn their reluctant eyes to The Code. Everything they now disclose, if they do, has likely been copyrighted and distributed under the General Public License --distributed BY THEM. They will then have to try to convince the Court to disregard their nine years of distributing Linux under the GPL, pleading incompetence, I imagine."
The Mouse That Roared (Motley Fool)The Motley Fool sounds off on the latest developments in the SCO case. "More and more, SCO Group is like the mouse that roared. PR only goes so far. You have to back up with substance. The SCO Group has 30 days."
Companies IBM says wins National Weather Service deal (Reuters)Here's a Reuters article (via Forbes) on IBM's large Linux sale to the U.S. National Weather Service. "Refresh times for the weather service, which runs data-intensive applications, have been cut by four times to 62 seconds from 247 seconds, IBM said, speeding up data delivery and analysis.... Armonk, New York-based IBM also said that it cut maintenance costs for the weather service by 40 percent."
Lindows.com Defends Netherlands Resellers against Microsoft (OSViews)OSViews covers a Lindows.com initiative aimed at providing computer users in the Netherlands a choice of OS. "Lindows.com today launched ChoicePC, a rallying point for citizens of the Netherlands who object to the Microsoft Corporation's threats of legal action against Dutch resellers who are offering Lindows.com products."
Linux Adoption Open source's local heroes (Economist)The Economist has posted a story (subscribers only for now, that will change eventually) on another advantage of free software: translations. "The programmers who produce open-source software operate by different rules, however. The leading desktop interfaces for the open-source Linux operating system--KDE and GNOME--are, between them, available in more than twice as many languages as Windows. KDE has already been localised for 42 languages, with a further 46 in the pipeline. Similarly, Mozilla, an open-source web browser, now speaks 65 languages, with 34 more to follow. OpenOffice, the leading open-source office suite, is available in 31 languages, including Slovenian, Basque and Galician, and Indian languages such as Gujarati, Devanagari, Kannada and Malayalam."
SMBs turn to the Penguin (vnunet)According to this Vnunet article one in four small and medium business in the UK have switched to Linux. "Major reasons cited for moving to Linux from proprietary operating systems were lower costs (38 per cent), followed by performance, security and reliability (all at 23 per cent)."
Interviews Followup Interview with Jeremy Hogan of Red Hat (LinuxQuestions.org)LinuxQuestions.org has posted a followup interview with Red Hat's Jeremy Hogan."LQ) Do you feel that in the long run the lack of a freely downloadable RHL will hurt the "Red Hat brand"?" "JH) No, I think Fedora will develop it's own distinct brand attributes, and people will gravitate, or opt-in to the solution that suits them. Again, with RHL you had both worlds under one name, so now it's easy to tell in a lot of respects what you should use if you want a freely downloadable (and I'd add installable, ISO'd etc) since Red Hat Enterprise Linux is available for download as well."
McBride letter continues SCO's Linux attack (InfoWorld)We can't resist: InfoWorld talked with Linus about the latest SCO open letter. "If Darl McBride was in charge, he'd probably make marriage unconstitutional too, since clearly it de-emphasizes the commercial nature of normal human interaction, and probably is a major impediment to the commercial growth of prostitution."
Reviews Mozilla Thunderbird Features Summary (MozillaZine)MozillaZine mentions the availability of a new Mozilla Thunderbird review: "David Tenser writes: "What's so good about Mozilla Thunderbird anyway? I've written a document covering the most important reasons to use Thunderbird as your default mail and news client. As always, I appreciate feedback and I'm sure there are many features I've missed.""
Review: StarOffice 7 -- innovation in action (NewsForge)NewsForge reviews StarOffice 7. "Although it is possible to crash StarOffice, the breaking point is higher than with most office suites. When a document exceeds 30 megabytes in Microsoft Office, a crash and, often, file corruption, is imminent. By contrast, in my experience, StarOffice remains stable to the limits of a computer's virtual memory and RAM -- and then rarely corrupts files. On the rare occasions when files are corrupted, the fact that the native format for documents is zipped XML files means that the content, at least, can often be retrieved."
Ximian XD2: The Way Things Ought to Be (OfB.biz)Open for Business reviews Ximian XD2. "Ximian Desktop is fairly non-invasive. While it offers to replace the distribution's login manager with its own variant of GNOME's display manager, it does not force it on you, should you wish to continue using another one. Once I logged into my account on the test box, Ximian offered the choice to preserve my old GNOME settings or replace them with Ximian defaults. My KDE desktop files were also found and placed in a folder on the new Ximian desktop - a nice added touch."
Yopy 3700 Product Review (Linux Journal)The Linux Journal reviews the Linux-based Yopy 3700 PDA. "Overall, there are far fewer free and non-free applications available for the Yopy than there are for the Zaurus, mainly due to the distribution choice. It also is not easy to connect the Yopy to a Linux machine, and there is no Java environment. I would have preferred a Qtopia/OPIE-based distribution, if only for the amount of software available."
Miscellaneous Developers take Linux attacks to heart (News.com)News.com looks at the recent attacks on free software infrastructure sites. "'Personally, I worry a lot more about just plain bugs,' Torvalds said. 'Whatever kernel weakness people find is much more likely to be just a silly bug--like the one Debian got bit by--than some clever cracker doing bad things.'"
Page editor: Forrest Cook Announcements Non-Commercial announcements Announcements from the Linux Professional InstituteThe Linux Professional Institute will be attending the World Summit on the Information Society (WSIS) in Geneva, Switzerland. "LPI will present an interactive roundtable entitled "Creating Free and Open Source Software (FOSS) Infrastructures", designed to increase understanding and give delegates a roadmap on how to develop an Open Source foundation within their organizations or areas of influence."LPI has also announced an affiliation with Open Source communities in Brazil, Bulgaria, the Caribbean and Middle-East "to increase professionalism, exposure and participation of Linux by corporate, government and academic environments in each country."
Commercial announcements Progeny gives new life to Red Hat Linux productsProgeny has announced that it is extending its software updates and transition services to Red Hat Linux 8.0 and 9 users. Security patches will be available via http retrieval from a software repository or through Novell's Ximian Red Carpet Enterprise version 2.0.
Trolltech Introduces Qt SolutionsTrolltech has announced the Qt Solutions group. "This group provides new add-on components and tools to extend and enhance the Qt application framework."
SCO press release on DDOS attackIt is a rare business which sends out press releases when its computers come under attack. The SCO Group, however, has done so, noting that its web site has been off the net for most of the day due to a distributed denial of service attack. The company is, for now, refraining from blaming the Linux community.
SmoothWall Releases SmoothWall Express Version 2.0SmoothWall Limited has released version 2.0 of SmoothWall Express, an open-source firewall product. "This new product builds on the SmoothWall tradition that has seen hundreds of thousands of SmoothWall firewalls installed worldwide. Like all SmoothWall products, Express is designed for ease of use and requires absolutely no knowledge of Linux to install or configure."
SUSE LINUX and IBM Launch Software Integration CenterSUSE Linux and IBM have announced the launching of a new software integration center. "SUSE LINUX and IBM today announced the foundation of a joint Software Integration Center located at the IBM Toronto Lab - providing enterprise customers optimized interaction of the SUSE LINUX Enterprise Server operating system with IBM software offerings. The collaboration will initially focus on IBM DB2 Universal Database offerings and will subsequently be extended to other IBM software products."
ActiveState releases Tcl Dev Kit 3.0ActiveState has released version 3.0 of the Tcl Dev Kit. "The solution includes new features for the rapid development and delivery of professional quality Tcl applications, and sets a new bar for developer productivity and performance for in-depth code analysis, management, debugging, and deployment."
Network Appliance joins OSDLThe Open Source Development Labs is becoming a popular club; OSDL has announced that Network Appliance has just joined up. Network Appliance is especially interested in OSDL's "Data Center Linux" program.
Novell joins OSDLNovell has taken the next step and joined the Open Source Development Labs. The company will also have a representative on OSDL's board of directors.
New SCO 8-K filingThe SCO Group has filed a new 8-K form with the SEC. It seems that BayStar and the Royal Bank of Canada (the investors which have pumped $50 million into the company) got a little nervous and have demanded a new clause in their agreement: the investors now have veto power over any SCO action which could trigger the 20% contingency payment to SCO's lawyers.Also filed is a letter from Boies, Schiller & Flexner describing the arrangement between the companies. It reveals some discomfort with the involvement of Kevin McBride, Darl's brother, and requires an explicit confirmation that SCO's board has agreed to this involvement. A separate letter from SCO describes what Boies et al. will be doing, including "pursuing our potential claims against third parties arising out of the USL/BSDI settlement."
Resources LDP Weekly NewsThe Linux Documentation Project Weekly News for December 3, 2003 is available with news of the latest documentation changes.
LPI-News November 2003The November, 2003 edition of the Linux Professional Institute Newsletter has been published.
"How Python is Developed": an introductory essayIf you are interested in how the Python language is developed, an essay entitled "Guido, Some Guys, and a Mailing List: How Python is Developed", has been published. "The essay covers the development process of Python without going into extreme nitty-gritty details. The purpose of this essay is to provide an easy introduction to how Python is developed culminated in a single document."
Fast start with Samba (NewsForge)NewsForge has published an article that details Samba configuration. "When we first asked for suggestions for inclusion in the Samba HOWTO documentation, someone wrote asking for example configurations -- and lots of them. This article offers extensive descriptions of Samba configuration possibilities."
Two new releases from the world of SVG (GnomeDesktop)GnomeDesktop.org covers the latest SVG flag collection from the Sodiproject and a new release of the GNOME themes extras package.
Contests and Awards The SCOX Loss PoolNow that the company has delayed its earnings release, we are all left wondering just how much the SCO Group will have managed to lose in its fourth quarter. As a way of filling in the gap, Don Marti has created the SCOX Loss Pool, where you can put in your guess as to how bad the red ink will be. The tie breaker question is to name which company SCO will sue to draw attention away from its results. The prize has not been decided yet, but it will certainly be worth winning.
Upcoming Events SDForum Open Source Summit and ExpoThe SDForum Open Source Summit and Expo will be held on December 11, 2003 at the SFO Marriot Hotel in Burlingame, CA. The event starts at 2:00 PM.
Penguincon 2.0Penguicon 2.0, a combined Linux expo and SciFi convention, will be held in Novi, Michigan on April 16-18, 2004.
LinuxWorld Conference & Expo's Taste of Linux SeriesIDG World Expo has announced that this year's LinuxWorld New York Taste of Linux Series will begin with a panel of executives from leading Linux companies who will share their secrets for making money from open source.
LCI's Call for Papers, Tutorials, and PresentationsA call for papers, tutorials, and presentations has gone out for the 5th International Conference on Linux Clusters, to be held in Austin, TX on May 17-20, 2004.
Call for Papers: USENIX Beowulf/NUMA/GRID/Extreme Linux TrackA call for papers has been made for the USENIX Beowulf/NUMA/GRID/Extreme Linux Track at the Extreme Linux conference. The event will take place in Boston, MA on June 27 through July 2, 2004.
Call for Papers: Cluster2004The Cluster2004 conference Call for Papers has been posted. The event will take place in San Diego, California on September 20-23, 2004.
Events: December 11, 2003 - February 5, 2004
Mailing Lists The DDLinux Speech Recognition Mailing ListThe DDLinux Speech Recognition Mailing List is available for the discussion of Linux-based continuous speech recognition software development. The registration page also contains a list of links to various speech-related projects.
Patchmanagement.org mailing listA new mailing list is available for the discussion of patch management issues. "The PatchManagement mailing list discusses the how-to's and why's of security patch management across a broad spectrum of Operating Systems, Applications, and Network Devices. This list is meant as an aid to network and systems administrators and security professionals who are responsible for maintaining the security posture of their hosts and applications."
Web sites A new look and a new foundation for IBM developerWorksThe IBM developerWorks site has gone through a major change. This article explains the changes. "Today developerWorks unveils its new look -- a series of enhancements to the design and navigation of the site based largely on input from readers like you. But it's not just our look that's changed. Under the surface, our infrastructure has changed to integrate and take advantage of WebSphere Portal. With one DNS change, developerWorks has moved from using WebSphere Application Server 4.0.6 in a single Web site model to using WebSphere Portal 4.1.4 in an aggregated Web site model."
Announcement for opensourcexperts.comOpenSourceExperts.com is a site for the micro and macro payment of support and for the collaborative funding of Open Source software. A tour is available here.
KDE::Enterprise wants your KDE Success StoryThe KDE::Enterprise site needs some new content. "After gathering a bit of dust due to some server changes KDE::Enterprise has recently received a face lift and is now fully operational again. To freshen up the contents we would like to invite you to share your KDE Success Stories with us. Has your company made a succesful switch to KDE? Tell us about it!"
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook Letters to the editor A holiday present for developers
Good day, all, If you've looked for some way to contribute to the Open Source development movement, but are short of time, money or programming skills, might I suggest something a little simpler? How about a "Thank you"? Pick a project * that's been helpful to you and send a note to the developers mailing list, or the developer him/herself if there is none, and say "Thank you, Gleem-o-tron has been really helpful because...". A short, sincere thank you note can do wonders to developer morale. It doesn't even have to be a particular piece of software; an organization like the Linux Standards Base, a meta-project like the KDE team, a news site like LWN, or a particular developer that's done a lot of work you admire are all fair game. You might want to put "Thanks" somewhere in the subject to make it easy for overloaded developers to organize their own mail. I'll start right now with a "Thank you" to Jon and the LWN team for condensing the Linux News down to relevant bits and pieces for me. The subscription was more than worth it. Cheers, - Bill * I'm specifically excluding mine from this request so it isn't self-serving. -------------------------------------------------------------------------- William Stearns (wstearns@pobox.com). Mason, Buildkernel, freedups, p0f, rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org --------------------------------------------------------------------------
There still *is* proprietary scientific knowledge
Proprietary scientific knowhow still exists. It is protected by patents and the examples have included transistors, IC manufacturing techniques, MRI scanners and optical amplification of signals in optical fibers. Indeed this knowhow is arguably *more* proprietary than software: even if you independently develop the same technique, using it still requires a license. The fact that most research is not proprietary is primary because the people involved want it to be free. Publishing something, to establish priority, is regarded as good thing---and this makes it no longer patentable almost everywhere except the US. IBM et al publish things that they think are not worth patenting, so nobody else can patent them. Mathematics, including process calculi[*] and graph theory, can not be patented and copyright suits for copying techniques are unlikely to succeed. Mathematics was free in medieval times too... [*] Process calculi are theoretical computer science. Almost everybody without a CS degree has never seen one, and even fewer people have used process calculus in anger. Process calculus is used in anger in my PhD thesis and there are definitely other examples.
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Anjuta]](/images/ns/anjuta.jpg)
A short list of Anjuta