LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in Business
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for September 12, 2002Spam avoidance techniquesIt is said that most free software comes about as the result of some developer scratching a personal itch. It's also said that very little innovative free software development is done; free software projects spend their time "chasing taillights" - catching up to the features offered by proprietary code. The field of spam filtering may well confirm one of those stereotypes while refuting the other. After all, if there is anything that truly itches, it's spam. But some of the free software being developed to combat spam is truly innovative.Most spam filtering work has involved two techniques: testing mail against patterns indicative of spam and blocking mail from known sources of spam (and other likely sources, such as ISP dialup lines). Source-based blocking can be effective, but it also tends to block a fair amount of legitimate mail along with the spam. For example, some blacklists cause the blocking of mail from kernel.org, despite the fact that no spam originates there. Source-based blocking is unreliable enough that quite a few sites are unwilling to use it, despite a strong desire to be rid of spam. Pattern matching has shown more promise. Early spam filtering was done with complex procmail scripts, but the current champion of pattern-based spam filtering can only be SpamAssassin. Using a detailed set of rules, SpamAssassin cleans out the trash to great effect. LWN has been using it for some months, and it has made life much easier - lwn@lwn.net gets a lot of spam. SpamAssassin has returned much of our time back to us to work on LWN, as well as keeping us from accidentally deleting mail from readers that tended to get buried in the spam. One thing that SpamAssassin users tend to notice, however, is that its effectiveness decreases over time. Each new update blocks more spam - a recent upgrade freed us from a whole unpleasant class of Nigeria spam, for example. But pattern-based matching only works as well as its patterns, and they tend to go stale as spammers move on to new tricks. Keeping SpamAssassin effective requires a number of highly dedicated people to actually read all that spam and come up with new rules. Most SpamAssassin users are unlikely to be able (or willing) to write new rules themselves. Recently, a new approach to spam filtering has attracted a lot of attention, thanks mostly to Paul Graham's paper A Plan for Spam. Rather than try to come up with an endless stream of clever patterns to detect spam, why not just look at the words spammers use? Each word can be assigned a probability that any message that contains it is spam; the probabilities for the words in any specific message are then combined using a Bayesian filter, yielding an overall probability estimate. If that estimate is high enough, the message is classified as spam. At a first glance, going up against a tool as good as SpamAssassin with such a simple technique seems like a losing battle, but this approach has a number of advantages:
All of the above is irrelevant, however, if the Bayesian approach does not succeed in actually filtering spam. To get a sense for the state of the art, we took 3000 messages received at lwn@lwn.net - a little under two weeks worth. 295 of those messages were real mail, and 2705 were spam. If one were to believe the bulk of our mail, one would conclude that about every part of our anatomy (even those we don't possess) is the wrong size, that we are so honest that people want to extract money from Africa via our bank account, that we're missing out on numerous hot stocks, that we have a strange attraction to domesticated animals, and that the purchase of something called the "TushyClean" would greatly improve our lives. Trust us, this exercise has not been fun, but no sacrifice is too great for our readers. Once the messages were sorted, we fed them all to SpamAssassin and to bogofilter, a new Bayesian filter written by Eric Raymond. Bogofilter was tested twice: once after training with 15% of the 3000 messages, and once after being trained with the whole set. Then we ran both filters on 5000 recent postings from the linux-kernel list, twelve of which were spam (devfs flames were not counted). The results were:
False positives are legitimate mail classified as spam. These, of course, are bad news, since they can cause the loss of real mail. False negatives are spam that slip through - an annoyance. It is appropriate that spam filters tend to err toward false negatives, and both filters shown here do exactly that. The results indicate that bogofilter requires a substantial amount of training before it reaches the level of effectiveness achieved by SpamAssassin. This training is best done with each individual user's mail, but most users are unlikely to have a few thousand nicely sorted messages sitting around to train their filters with. So bogofilter is likely to be frustrating for many users to adopt - it won't work well until the user has run "about one thousand" (according to Eric Raymond) messages through it. That said, bogofilter is surprisingly effective for a tool that is so new and very much still in development. And the run time relative to SpamAssassin speaks for itself. Much of the difference there will be explained by the fact that bogofilter is coded in C, while SpamAssassin is in Perl. But bogofilter also owes its speed to a much faster algorithm. The Bayesian filter idea is not new - see this 1998 paper on the Microsoft site, for example. But recently a great deal of effort has gone into expressing this approach in free software. Bogofilter is one example; another is the spambayes project, which has been set up as a testbed for variants on the Bayesian filter idea. It will be interesting to see where these projects go; they seem to be off to an interesting start. Taking on a tool as effective as SpamAssassin is a difficult challenge, but the free software world likes challenges.
Where free software should be required by lawRISKS 22.24 includes a detailed article by Rebecca Mercuri on the latest fun with the new voting systems in Florida. That state, of course, was the source of (ongoing) uncertainty in the 2000 U.S. presidential election, due, in part, to its ancient voting equipment. Since then, the voting machines have been upgraded to new, computer-based systems with touchscreen interfaces.These systems are based on closed source code. There is no external audit trail, no way of verifying that they are recording votes as they were actually cast. Trade secret law forbids the inspection of the code in the systems. One just has to trust the vendor that the results are correct. A primary election held there recently turned up a whole set of problems, ranging from basic usability issues to outright failure. There has been a lot of interest recently in laws requiring governments to use free software in many or all situations. It remains unclear, to some people anyway, that such laws are really in the best interest of government, the governed, or the free software community. But, in the case of voting systems, the case seems clear: no part of the system that elects people into positions of power should be opaque. The creation of a free, transparent, verifyable electronic voting system should not be that hard a task for governments or the free software community. There is no excuse for using anything else.
Security Brief items Multics security, thirty years laterWorth a read: Paul Karger and Roger Schell have released a new paper (available in PDF format) entitled "Thirty Years Later: Lessons from the Multics Security Evaluation." It includes an analysis of the security of the Multics operating system, written by the same two authors and published in 1974, along with a new forward describing how things have changed in the mean time. Their assessment of the current state of computer security is harsh:
The unpleasant conclusion is that although few, if any,
fundamentally new vulnerabilities are evident today, today's
products generally do not even include many of the Multics security
techniques, let alone the enhancement identified as essential.
That essential enhancement is the creation of verifiable "security kernel" around which the rest of the system could be built. In 2002, very few systems built around such kernels exist, and the authors are not very enthusiastic about those which do exist:
...the ring 0 supervisor of Multics of 1973 occupied about 628K
bytes of executable code and read-only data. This was considered
to be a very large system. By comparison, the size of the SELinux
module with the example policy code and read-only data has been
estimated to be 1767K bytes. This means that just the example
security policy of SELinux is more than 2.5 times bigger than the
entire 1973 Multics kernel and that doesn't count the size of the
Linux kernel itself. Given that complexity is the biggest single
enemy of security, this suggests that the complexity of SELinux
needs to be seriously examined.
Or, to put things in more general terms:
Given the understanding of system vulnerabilities that existed nearly
thirty years ago, today's "security enhanced" or "trusted" systems would
not be considered suitable for processing even in the benign closed
environment.
So how do we make things better? The paper does not provide a whole lot of new suggestions. The authors talk some about the tools that are used; for example, Multics was mostly free of buffer overflow vulnerabilities, thanks to the use of PL/I as the implementation language. PL/I required an explicit declaration of the length of all strings.
The net result is that a PL/I programmer would have to work very
hard to program a buffer overflow error, while a C programmer has
to work very hard to avoid programming a buffer overflow error.
Beyond that, one gets the sense that the authors feel they said what needed to be said thirty years ago, and they are still waiting for the message to get across. Their prediction:
It is unthinkable that another thirty years will go by without one
of two occurrences: either there will be horrific cyber disasters
that will deprive society of much of the value computers can
provide, or the available technology will be delivered, and
hopefully enhanced, in products that provide effective security.
The authors hope for the latter scenario; so do we.
Security reports AFD 1.2.14 multiple local root compromisesAFD ("automatic file distributor") suffers from buffer overflow vulnerabilities which can lead to a local root compromise. Version 1.2.15 of AFD contains fixes for the problems.
A couple of KDE security advisoriesThe KDE project has issued a couple of security advisories:
We will, of course, pass on distributor updates as we receive them.
A security update to XFree86The XFree86 project has released XFree86 4.2.1, which fixes a few security problems. The most urgent problem is a vulnerability in the internationalization code which can allow an attacker to cause a privileged X client to load and execute arbitrary code. This vulnerability only exists in XFree86 4.2.0; earlier releases are not vulnerable.No distributor updates have been received as of this writing, though Slackware has updated its XFree86 packages.
New vulnerabilities Denial of service vulnerability in amavis
Input validation vulnerability in cacti
Cross-site scripting vulnerability in mhonarc
Multiple vulnerabilities in wordtrans
Updated vulnerabilities Heap corruption vulnerability in at
bind buffer overflow vulnerability in DNS resolver libraries
Potential unauthorized root access vulnerability in dietlibc
Ethereal 0.9.6 fixes potential remote code execution vulnerability
Ethereal buffer overflow, infinite loop and memory management vulnerabilities
Filename disclosure vulnerability in fam
GNU fileutils race condition
Buffer overflow vulnerability in the Jabber plug-in module for gaim
Remote arbitrary code execution vulnerability in gaim
Potential remote root exploit in glibc
Buffer overflow in groff
HylaFAX 4.1.3 fixes multiple vulnerabilities
UW imapd remotely exploitable buffer overflow
KDE 3.0.3 fixes X.509 certificate check vulnerability
Kernel update for RedHat 7.3 i810 video
Kerberos 5 unauthorized root access to KDC host vulnerability
LPRng accepts jobs from any host.
Mailman 2.0.12 closes cross-site scripting vulnerability
Multiple vulnerabilities in mantis
PHP Remote Compromise/DOS Vulnerability
Mozilla XMLHttpRequest file disclosure vulnerability
String format bug in pam_ldap logging
OpenSSL remotely-exploitable buffer overflow vulnerabilities
Safemode vulnerability in PHP
Remotely exploitable vulnerability in pine
Buffer overflow vulnerabilities in PostgreSQL
PXE server denial of service vulnerability
Local arbitrary code execution vulnerability in Python
Scrollkeeper temporary file vulnerability
Sharutils potential privilege escalation using uudecode
Multiple vulnerabilities fixed in Squid-2.4.STABLE7
Tcl/Tk local root vulnerability
Malformed NFS packet buffer overflow vulnerability in tcpdump
Multiple vendor telnetd vulnerability
Multiple vulnerabilities in SNMP implementations
Local root vulnerability in chfn
webalizer: reverse DNS buffer overflow vulnerability
Webmin/Usermin vulnerabilities
Problems with libgtop_daemon
Wwwoffle remote privilege escalation vulnerability
xchat IC server based dns query vulnerability
Denial of service vulnerability in xinetd
Resources The IP Security Protocol (Linux Journal)This Linux Journal article explains IPSec, different levels of security and how to be safe sending and receiving packets over the network. "Several different solutions exist that allow us to cope with this problem, each operating at a different level of abstraction. In this article, we will discuss the differences between and purposes of application-level security, socket-level security and network-level security."This article continues with part 2 which moves on to encapsulating security payloads and key exchange mechanisms.
This week's Linux Advisory Watch and Security WeekThe Linux Advisory Watch and Linux Security Week newsletters from LinuxSecurity.com are available.
"Know Your Enemy: Honeynets" paper updatedThe Honeynet Project has announced an update to its "Know Your Enemy: Honeynets" paper. "This update includes far greater detail in explaining how to deploy 1st and 2nd generation Honeynets. Even more exciting, we have released a significant amount of new code, especially for GenII (2nd generation) Honeynets! This should make deploying these technologies much easier, with different options and different operating systems."
Events Security events calendar
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current development kernel is 2.5.34, released by Linus on September 9. People who had trouble with 2.5.33 may want to give this one a try; it has some important per-CPU fixes, and the floppy driver is said to really work this time. Also included is a bunch of block I/O work from Al Viro, memory management work from Andrew Morton, a JFS update, and quite a few other fixes and updates. The long-format changelog is available, as usual. Note that this kernel has a bug which can cause IDE partitions to disappear.Linus's BitKeeper tree, which may be 2.5.35 by the time you read this, contains a large set of patches including a new sys_exit_group() system call (more thread work by Ingo Molnar), a major merge of IDE code from the 2.4-ac tree (which, according to Alan Cox, works "better than expected," but one should still be careful), yet more VM changes via Andrew Morton (see below), and a number of other fixes and updates. The current 2.5 status summary from Guillaume Boissiere came out on September 10. The current stable kernel is 2.4.19. Marcelo released 2.4.20-pre6 on September 10; it adds a number of updates and a couple of bugs which make it fail to compile or boot for a number of users. Alan Cox's current prepatch is 2.4.20-pre5-ac5, which is given over mostly to new IDE code. "You can now load ide pci drivers at boot time or as modules. Don't try unloading the modules yet"
Kernel development news Linus gets spam filteringPeople sending mail to Linus may want to cut back on their LINES OF YELLING, keep an eye on vulgar words in their code comments, and so on. It seems that Linus has started using SpamAssassin, and it is causing him to lose a few patches due to false positives. The number of false positives is small enough that he intends to continue using the filter. And, in the end, most developers probably agree that kernel development benefits if Linus spends less time wading through spam.
Speeding up reverse mappingEver since Rik van Riel's reverse mapping VM implementation was merged into the kernel, people have wondered how it could be made to work more quickly. The rmap code accelerates many memory management operations, but slows down others. It would be nice to get to the point where the performance regressions have been mitigated (or eliminated) while keeping the benefits of the rmap code. Linus's current BitKeeper tree contains one patch from Andrew Morton which is a big step in that direction.As described here last January, the rmap code works by keeping track of which page tables reference every physical page on the system. This is done by adding a linked list of rmap entries to the page structure; each entry in the list points to one page table entry referencing the page. The maintenance of this list is the source of the bulk of the rmap code's overhead. The many thousands of these pte_chain structures require a lot of processing to keep current, are inefficient (the structure contains two pointers; the one which points to the next pte_chain entry is pure overhead), and put lots of pressure on the memory allocation subsystem. Andrew's solution to this problem is simply to expand the pte_chain structures to hold multiple page table pointers. Anywhere between seven and 31 PTE pointers can be stored in a single pte_chain entry, depending on the architecture. The chain overhead is reduced accordingly, and the system's cache behavior is improved. This change, it is claimed, takes 10% off that all-important kernel compile time - at least on Andrew's wimpy little 16-processor NUMA system. One other optimization, which has been in the kernel for a while, is to eliminate the PTE chain entirely for pages which are only mapped into a single process - of which there are many on a typical system. In that case, a flag is set in the page structure, and the pointer for the PTE chain points, instead, directly at the page table entry of interest. The rmap code still has its performance costs, especially in the fork system call. But those costs are shrinking - as are inefficiencies throughout the kernel.
Other memory management workLest one think that tweaking rmap is all that is happening in the memory management world: a great deal of code is currently circulating which makes big changes, and it has been finding its way into Linus's kernel.For example, 2.5.34 includes Patricia Gaughen's discontiguous memory patch, which is aimed at the needs of large, NUMA systems. On such systems, you no longer just have a simple array of memory; instead, the system's RAM is broken up into zones, each of which is attached to a particular NUMA node. Memory accesses within a node are faster than cross-node references, so the kernel needs to know where any given page resides. Memory on these systems can also have address holes between each node's zone. The discontiguous memory patch does away with the classic mem_map array, which contained one struct page structure for each page on the system. The memory map is now split into separate, per-node maps, and all references to mem_map in the kernel have been changed. Rather than dealing with simple indexes into mem_map, the kernel now works with page frame numbers; an old reference to mem_map+i is now pfn_to_page(i). For the most part, code which did not access mem_map directly will likely require no changes in response to the discontiguous memory patches. But there will be exceptions... Andrew Morton's "-mm" patches have become the staging area for memory management changes. The current patch as of this writing (2.5.34-mm1) contains a long list of other changes, including:
One interesting side result from work like the atomic copy_*_user functions and the preemptible kernel is a formalization of just when the kernel is performing an atomic operation. Code in the 2.4 (and prior) kernel could check for certain situations where atomic operation was required, such as when servicing an interrupt. In 2.5, other atomic situations (i.e. holding a spinlock) are tracked, and it is easy for code with a need to say "don't interrupt me or sleep now." The result should be more explicit code and fewer bugs.
Too much attention on large systems?Paolo Ciarrocchi recently posted an article giving some benchmark results on his laptop; these results generally show that 2.5.33 performs a little more slowly than the 2.4 kernels. Given that much of the work in 2.5 has been oriented around performance, what is happening here? Daniel Phillips summarized things as follows:
I suspect the overall performance loss on the laptop has more to do
with several months of focussing exclusively on the needs of 4-way
and higher smp machines.
The fear that large systems performance work would slow things down on the hardware that most of us actually use has been present for years. Could it be that the big iron is finally taking over the kernel? The answer, for now, is probably "no." 2.5 development efforts have indeed emphasized large systems performance so far. The small-systems performance has not been impaired so much as simply passed over for now. As Andrew Morton put it:
It's on the larger machines where 2.4 has problems. Fixing them up
makes the kernel broader, more general purpose. We're seeing
50-100% gains in some areas there. Giving away a few percent on
smaller machines at this stage is OK. But yup, we need to go and
get that back later
Small-systems tuning, of course, is work that can mostly happen after next month's feature freeze. Expect some serious efforts in that direction - small and embedded systems, after all, are a huge part of the Linux user base. It wouldn't do to leave them out in the cold.
Patches and updates Kernel trees
Build system
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions Distribution News Debian Weekly News - September 10th, 2002This week's Debian Weekly News tells us, "The most interesting news for this week probably is the removal of Qmail from Debian's [1]list server. Thanks to the admin and listmaster team, the [2]server now happily runs Postfix." Of course there are several other topics as well.
Libranet GNU/Linux 2.7Libranet GNU/Linux 2.7 has been released. "Libranet is based on Debian's stable woody release with upgrades to major packages like KDE and the addition of Libranet's custom installer, Libranet Adminmenu, desktop configuration and the excellent OpenOffice suite."
Mandrake LinuxMandrakeSoft announced the second Release Candidate of the upcoming Mandrake Linux 9.0. This RC2 is the last chance to influence 9.0's development by contributing reports and suggestions.The Mandrake Linux Community Newsletter -- Issue #58 contains information about the 9.0 Release Candidate and much more. Open for Business interviews Mandrake co-founder Gaël Duval about the company's past, present, and future. "...I think the commercial dynamics around Mandrake Linux, and the creation of MandrakeSoft, have been key factors for its development and long-term success. But as you know, Mandrake is much like a Free Software project that is financed by a commercial company. This approach makes great difference when compared to other Linux distributions!" Last week's update to cdrecord had a few problems. In some situations, noteably with xcdroast, the mkisofs utility creates pseudo-empty filesystems. The filesystem is the proper size, but the contents of the filesystem are not available. New xcdroast packages are available that are compatible with this version of cdrecord.
Slackware LinuxSeveral changes were made to the Slackware current tree this week. There is a security fix, and numerous bug fixes in Xfree86. Other packages have bug fixes as well. Click on Full Story to see the changes for this week, or go to the changelog for complete details.
New Distributions DebianEduThe DebianEdu subproject is a new project aimed at making Debian the best distribution available for educational use. Still in its early stages, this subproject is actively looking for volunteers.
OpenZaurusThe OpenZaurus project aims to build a kernel and filesystem for the Sharp SL-5000d and SL-5500 which will retain binary compatiblity with the existing Sharp system. OpenZaurus will not use proprietary packages, but instead will emphasize GPL licenced packages, such as replacing the Opera browser with Konqueror/Embedded. The ultimate goal is to have a Sharp PDA with enhanced usablility, particularly for developers and power users.
Simply GNUstepSimply GNUstep is a Linux/GNU distribution aimed at providing an OpenStep feeling from bootup on. This is a stripped down distribution for ease of use. (Think OS X for x86). Version 1 is now available. This release is the first version that installs to the hard disk. It is recommended for installation on a dedicated machine or a virtual machine. Configuration is not complete, the user must manually configure X11 and networking.
Minor distribution updates herbixherbix has released v1.0-36. This release has been rewritten from scratch and has major bug fixes.
uClinuxuClinux has released v2.5.34-uc0 with major feature enhancements.
Page editor: Rebecca Sobol Development The Jabberwocky IDE for LISPThe first beta release of the new Jabberwocky integrated development environment for LISP has been announced. Jabberwocky supports CLISP versions 2.27 and 2.28 and CMUCL versions 18c and 18d. Support for SBCL and GCL is planned. Jabberwocky works under Linux 2.4 and Windows, and has been released under the GNU GPL.Jabberwocky's list of features include:
For more information on Jabberwocky, see the following documentation:
Thanks to author Marc Mertens.
System Applications Audio Projects Ogg TrafficThe September 5, 2002 edition of Ogg Traffic covers the latest developments in the Ogg Vorbis audio compression project.
Education Linux in Education ReportIssue #78 of the Linux in education report covers a K-12 educational panel at an upcoming conference, the open-sourcing of the e-education course management system by Jones Knowledge Inc., a Linux documentation CD from Belize, The Rapla resource management and scheduling system, and more.
Electronics Icarus Verilog 20020907A new version of the Icarus Verilog electronic simulation language compiler has been released. See the release notes for a list of new features and bugs that have been fixed.
Embedded Systems Two-Axis, Real-Time Camera Control (Dr. Dobb's)Cort Dougan shows how he used RTLinux/Pro to write an embedded Linux cat-watching camera panning device. "In this article, I'll present software for viewing live images and controlling a servo-motor-driven, dual-axis mounted camera via a web page. I built this system to watch Kepler, my sick cat, while I was at the office".
Networking Tools Installing Nagios (O'Reilly)Oktay Altunergil shows how to install Nagios, a network monitoring system. "'Nagios is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better' (from nagios.org). This is the same tool that used to be called NetSaint until recently. Although the NetSaint site is still up, all future development will be done on Nagios."
Printing AFPL Ghostscript 7.30 developer releaseA new developer release of AFPL Ghostscript has been announced. "The major new code here is the DeviceN implementation, recently mearged in to the main development tree. People interested in DeviceN should take a look and help us iron out the remaining issues."
Web Site Development Zope Members NewsThe latest Zope Members News items include Persistent Translation Service 0.1, a Forms4ZPT preview, ReplaceSupport 1.0.0, ZopeTestCase 0.5.2, MonZope 1.0, the first public alpha of Z Message Queue, ZShell v1.50, and more.
mnoGoSearch-php-3.2.0.beta6 releasedmnoGoSearch-php-3.2.0.beta6, the PHP frontend to the mnoGoSearch web site search engine has been released. MnoGoSearch-php-extension-1.65 is also available.
Connecting middleware to Apache 2.0 (IBM developerWorks)Uche Ogbuji introduces Apache 2.0 filter modules on IBM's developerWorks. "Apache became the most popular Web server in part because of the rich availability of third-party extensions for the server, and because its open architecture made it quite easy to roll your own extensions. Of course, nothing is ever just easy enough, so in developing Apache 2.0, one of the main goals was to improve the Apache API to make it even easier to develop extensions."
Miscellaneous Conexant HSF softmodem driverA new experimental version of the Conexant HSF (softmodem) driver for Linux has been released. The internal HP Omnibook xe4500 series laptop modems are now supported.
Open source satellite control (IBM developerWorks)Cameron Laird writes about a multi-language satellite control system at JPL. "How do you harness a satellite control system written in three languages, on four development platforms, and deployed to multiple client environments? With open source, naturally. When one wrong move can cost millions, rely on teamwork, smart design, and open standards to keep the project -- if not the satellite -- from going down in flames."
Desktop Applications Audio Applications WaveSurfer 1.4.4 released.Version 1.4.4 of the WaveSurfer sound visualization and manipulation tool has been released. Changes include a new video plugin, bug fixes, and minor improvements.
Ardour development continuesProgress continues on the Ardour multi-track audio system. New features include plugin parameter automation, GUI usability tweaks, drag-n-drop redirect re-ordering, on the fly computation of peakfiles, and a "verbose" mouse cursor.
Desktop Environments FootNotesThe latest additions to the FootNotes site include Sodipodi 0.25, libGDA, libGnomeDB, Mergeant 0.8.193, the GNOME 2.0.2 Desktop Release Candidate 1, GNOME System Tools, Beast/BSE 0.4.1, GEP, and more.
Games The Chopping BlockThe August-September 2002 edition of the Chopping Block is out with the latest WorldForge game development news. Topics include Lagrangian Mechanics, Debian packaging, Kai's pirate tale, the Cronos Project, and more.
Pygame-1.5.3 releasedVersion 1.5.3 of the Pygame game modules for Python has been released. The WhatsNew document lists new CD utilities, movie rendering capabilities, and bug fixes.
Interoperability Wine Weekly NewsIssue #134 of the Wine Weekly News is out. Topics include the new Wine-20020904, the Quartz multimedia DLL, Native vs. Builtin DLL's, Windows Printer Drivers, Character Sets, Splitting Up Unit Tests, Mono / Winforms + Winelib, and more.
Multimedia Blender Foundation NewsletterThe Blender Foundation Newsletter for September 10, 2002 is out. News includes the successful purchase of the Blender code from the previous owner, which will allow Blender to be released under the GPL, and the project plan for Open Blender.
Office Applications Open Office 1.0.1 Alpha Software Development Kit released.The OpenOffice.org 1.0.1 Alpha Software Development Kit (SDK), has been released.
AbiWord Weekly NewsIssue #107 and Issue #108 of the AbiWord Weekly News are out, with the latest developments on the AbiWord word processor project.
KDE Ships KOffice 1.2KDE.News has an announcement for version 1.2 of KOffice. "What with a truly great new (English-only) thesaurus, enhanced scriptability of suite components, WYSIWYG on-screen display, bi-di text, KWord mail-merge and footnotes, KSpread database connectivity, enhanced printing and new sorting functionality, who's to argue?"
Web Browsers Mozilla 1.0.1 releasedVersion 1.0.1 of the Mozilla web browser has been released. The release notes state: "Mozilla 1.0.1 contains over 650 bugfixes including approximately 25 security fixes, and over 130 stability and dataloss fixes. In addition to these important security and crash fixes, 1.0.1 has many more fixes for standards support, UI correctness and polish, performance, and site compatibility."
Mozilla Independent Status ReportsThe Mozilla Independent Status Reports for September 6, 2002 are out. Updated packages include XULmine, CaScadeS, Securita, and Beonex.
Miscellaneous Xft/Fontconfig release 2.0Version 2.0 of Fontconfig, a library for configuring and customizing font access, has been released.
Quanta 3 Picks Up Steam, 3.0 PR2 ReleasedKDE.News covers the release of version 3.0 PR2 of the Quanta Plus web site development tool for KDE, and other Quanta developments. "So what's new with Quanta? Well, we've released 3.0 PR2, so you're encouraged to check it out for yourself! You'll find auto-completion for HTML and tag attributes, PHP built-in function auto-completion, a revised document structure tree that recurses PHP structures and embedded HTML, and more. One exciting bit of work in progress is the ability to set different DTDs as well as offer tagging functionality in the form of pseudo DTDs to script languages."
Languages and Tools Caml The Caml HumpCheck out The Caml Hump for this week's Caml-based software developments. New additions include the O'Caml X Game library, Syndex, the Zen toolkit,the Baire data structure library, and enhanced Ocaml documentation.
Java Kaffe Weekly NewsThe September 7 edition of the Kaffe Weekly News is out with news from the Kaffe open-source Java community.
Introducing Nonblocking Sockets (O'Reilly)Giuseppe Naccarato illustrates the use of nonblocking sockets in Java 2 Standard Edition 1.4. "As of Java 1.4, a programmer can use a brand-new set of APIs for I/O operations. This is the result of JSR 51, which started in January 2000 and has been available to programmers since Java 1.4 beta. Some of the most important new features in Java 1.4 deal with subjects such as high performance read/write operations on both files and sockets, regular expressions, decoding/encoding character sets, in-memory mapping, and locking files. In this article, I will discuss one particular new concept -- the new I/O API: nonblocking sockets."
EJB Inheritance, Part 1 (O'Reilly)Emmanuel Proulx discusses EJB inheritance in part 1 of a series on O'Reilly. "Entity beans are objects that represent data coming from a persistent store, such as a database. The key word here is objects. Entity beans encapsulate the data and business logic. But what about the two other principles, inheritance and polymorphism? The bad news is that entity beans do not easily enable the use of these principles. The good news is that if you follow certain restrictions and tricks, it can be done. This series of articles describes some techniques to put inheritance and polymorphism back into entity beans."
Lisp CLISP Oracle Interface BetaThe first Beta version of the CLISP Oracle Interface, a GNU CLISP module for accessing Oracle databases, has been released.
LambdaTensor 1.0.0 releasedThe first public version of LambdaTensor, a Common Lisp library for symbolic and numeric Lie algebra and Lie group calculations, has been released under the LGPL.
Perl This Week on perl5-porters (use Perl)The September 2-8, 2002 Perl5 Porters Digest covers the CLONE method, v-strings, pseudo-hashes, and more Perl topics.
This week on Perl 6 (O'Reilly)The September 1-8, 2002 edition of This Week on Perl 6 looks at Parrot 0.0.8, approximate string matching in regexes, regex stack manipulations, ARGDIR, making Parrot non-Perl centric, implementing Scheme pairs, class aliasing, and much more.
Going Up? (O'Reilly)Sam Tregar covers thread programming with Perl on O'Reilly. "Perl 5.8.0 is the first version of Perl with a stable threading implementation. Threading has the potential to change the way we program in Perl, and even the way we think about programming. This article explores Perl's new threading support through a simple toy application - an elevator simulator."
PHP PHP 4.2.3 ReleasedPHP 4.2.3 has been released. This version is a bug-fixing maintenance release, see the ChangeLog for all of the details.
PHP Weekly SummaryIssue #102 of the PHP Weekly Summary is out. Here's the quick summary of topics: "PHP 4.2.3 is out, Win32 ZE2 preview, PHP.net e-mail, ext/sysvmsg, Ext/audio?, User-agent: built-in, Not one, but two conferences, Ext/pcre, ./configure enable-all, Internals zend_stack, Ext/overload, Mysql_db_query() (continued)."
Introducing Smarty: A PHP Template Engine (O'Reilly)Joao Prado Maia introduces Smarty on O'Reilly's OnLamp site. "Smarty is a somewhat new development in the PHP world, and it brings several new and unique features. One of these unique features is that Smarty 'compiles' the parsed templates into PHP scripts, and then reuses the compiled template when appropriate. Obviously, this brings a huge performance improvement over other template solutions, as the main PHP script doesn't need to parse and output the same template on every request."
Python Python-dev summaryAfter a long absence, the Python-dev summary has returned with Brett Cannon as the author. This issue looks at type categories, lessons from the tempfile.py rewrite, and a number of other topics.
Dr. Dobb's Python-URL! - weekly Python news and links (Sep 9)Here is this week's Python-URL, with news and links for the Python communtity.
Daily Python-URL (Pythonware)This week, the Pythonware Daily Python-URL looks at SemanText 0.72.1, Building an RSS Newsreader, Straw 0.8, SiPy: a small discrete event simulation package for Python, secure protocols and data encryption, shell utilities, and more.
Ruby The Ruby GardenThis week's Ruby Garden shows how to allow *array expansion anywhere in a list.
Ruby Weekly NewsTopics on this week's Ruby Weekly News include RJudy-0.1: Judy Arrays for Ruby, a new home for the Ruby/Tk demos, GridFlow 0.6.1: a multi-dimensional dataflow processing library, Ruby-GNOME and Ruby-GTK 0.30, the YAML.rb 0.40 structured data format, ZenWeb 2.13.1, RDE 0.9.7.0, RubyCocoa 0.2.7, the FreeRIDE IDE, and more.
Scheme Scheme Weekly NewsThe September 9, 2002 edition of the Scheme Weekly News covers a number of new versions of several Scheme-based projects.
Tcl/Tk Dr. Dobb's TCL-URL!The September 9, 2002 edition of Dr. Dobb's Tcl-URL! is out with the latest Tcl news.
XML Get ready for XForms (IBM developerWorks)Joel Rivera and Len Taing introduce XForms on IBM's developerWorks. "Traditional HTML forms violate many of the tenets of good markup language design, frequently mixing presentation and data. In this article, Joel Rivera and Len Taing introduce you to XForms, an extension of XHTML that represents the next generation of Web forms. Though XForms is still in an embryonic state, it holds great promise: For instance, a form written with XForms can be written once and displayed in optimal ways on several different platforms."
Controlling the DOCTYPE and XML Declaration (O'Reilly)Bob DuCharme explains XML declarations on O'Reilly. "The XML declaration at the beginning of an XML document is not necessary, but it's the best way to say "this is definitely an XML document and here's the release of XML it conforms to."
Debuggers GNUstep Weekly EditorialThe GNUstep Weekly Editorial for September 8, 2002 is out with the latest GNUstep development news.
GDB 5.3 branch createdA new 5.3 branch has been created for the GDB debugger.
Miscellaneous Taking Kylix 3 for a test drive (LinuxWorld)Joe Barr writes a small application using Kylix 3 Open Edition (K3OE). "This week, I'll be describing my experiences actually using K3OE, particularly its brand-spanking-new C++ IDE. Previous versions of Kylix have been for Delphi only. I know, I know true Linux geeks never use RAD tools, or even IDEs. Not unless you consider Emacs to be an IDE, that is. For the rest of the world, RADs and IDEs are very handy tools that provide real productivity gains. Management likes that."
Page editor: Forrest Cook Linux in Business Business News Winners of the Australian Open Source Awards AnnouncedThe Australian UNIX and Open Systems User Group (AUUG, Inc.) announced the winners of the inaugural Australian Open Source Awards. The awards encourage and recognise the excellence and dedication of Australians contributing in the Open Source arena.
Sun to Offer Alternative to Microsoft DesktopThis newspaper article mentions Sun's plans for using StarOffice and Linux to challenge Microsoft's desktop dominance. "Sun intends to combine its own software such as StarOffice with the free open-source operating system Linux to offer business-users a cost-effective alternative to Microsoft Office, which recently became more expensive. It is also likely that Sun will expand its Linux server offering to compete with Microsoft." More detailed announcements will come out during Sun's annual network event on September 18-20, 2002.
Trustix Newsletter September 2002The Trustix Newsletter for September 2002 looks at what the company has been doing in the past month.
Press Releases Open Source Announcements
Distributions and Bundled Products
Software for Linux
Products and Services Using Linux
Hardware with Linux support
Linux at Work
Java Products
Books and Documentation
Trade Shows and Conferences
Partnerships
Financial Results
Miscellaneous
Page editor: Rebecca Sobol Linux in the news Recommended Reading Corporate Paws Grab for Desktop (Wired)Wired takes a look at how bills like the Digital Millennium Copyright Act have caused some PC manufacturers to build PCs with hardwired copyright protection. "Today, manufacturers seem more likely to produce computers that operate more like VCRs or DVD players than the PCs people are accustomed to. These machines have copy-protection embedded in the hardware, much like home recorders that keep people from making copies of videos they have purchased."
Red Hat's founder joins the circus (News.com)News.com covers Red Hat founder Bob Young's latest venture, the Lulu Tech Circus. ""Attendees that go to trade shows feel somewhat used...like so much cattle fodder for the vendors," Young said. The Circus is about "empowering consumers. It's about knowledge and understanding." Unlike other trade shows, which focus on a common--and often times narrow--theme, Lulu Tech Circus will be a menagerie of all things technology, Young said. The conference is structured around five tracks, called "experiences," which will each have a specific focus."
Yahoo, ISPs enter Net privacy fray (News.com)News.com examines subtle details of the DMCA that allows a copyright owner to subpoena subscriber information from an ISP when a copyright violation is suspected. ""What the RIAA is really seeking, at the end of the day, is to shift the burden of copyright enforcement from its own members--who apparently would prefer not to alienate potential customers by suing them outright--to an ISP that does nothing more than provide an Internet connection to the customer," the brief says."
University to challenge copyright laws (News.com)News.com reports that the law school at Duke University has received a $1 Million grant, to be used for challenging recent expansions of the U.S. copyright laws. "The school, which plans to announce the gift at a conference in Washington on Thursday, is using the money to fund a center focused on finding "the correct balance" between intellectual property rights and material that should be in the public domain. James Boyle, a Duke law professor and co-director of the school's Center for the Study of the Public Domain, says that the center is likely to look skeptically at recent laws like the Digital Millennium Copyright Act (DMCA) and a measure that extended duration of copyrights by 20 years."
Companies BEA Pushes Java VM Advantage On Windows, Linux (TechWeb)TechWeb reports on the release of the JRockit 7.0 Java VM from BEA Systems, which is targeted at Linux and Windows. " The problem, said Stahl, is that those three vendors have bigger priorities than optimizing Intel platforms for Java. Microsoft is pushing it's own .NET framework, Sun focuses on Solaris, and IBM has a slew of legacy platforms to support (though it arguably has done much to advance Java on Linux and Windows)."
There's more to Dell's cluster success than meets the eye (ZDNet)ZDNet looks at bigger issues behind Dell's sale of a Linux-based cluster to SUNY. "This is yet another episode in the continuing saga of the fall from grace of proprietary technologies, the commoditization of processing power, and the difference between the must-haves and the nice-to-haves in budget-constrained times. It's also a signal that the high-end technical computing space is no longer a sanctuary for vendors of premium-priced boutique systems."
Open-source stalwart leaves HP (News.com)News.com covers Bruce Perens' departure from HP. "He has worked with HP to broaden its Linux and open-source efforts, but has also occasionally come into conflict with the company. Perens had planned to show attendees at a midsummer open-source convention how to circumvent controls on DVD players, but backed off under pressure from HP."
Balancing Linux and Microsoft (NY Times)The NY Times covers Bruce Perens' departure from HP. "After the merger with Compaq, Hewlett also became the largest vendor of Linux-based server computers, ahead of Dell Computer and I.B.M. Yet Hewlett's bet on Linux still pales compared with its reliance on Microsoft. And after the merger, it was mainly former Compaq executives who took senior positions overseeing the Linux business." (Registration required) Thanks to Jim Turley
Philips sees new life for Linux (ZDNet)ZDNet looks at a new project by Intel and Philips: The Pronto++ reference platform. "The platform runs on Intel's PXA250 processor, which uses ARM-based XScale technology. A representative said that the platform will initially use a third-party embedded Linux distribution, although the vendor has not been named."
Is that a Mac in a penguin suit? (News.com)News.com covers dual boot computers from QliTech Linux Computers. "The company is offering Macs, with standard Apple warranties, pre-loaded with Linux software from SuSE, Mandrake, Debian or Gentoo, with Mac OS X installed on a separate partition. The machines are sold at Apple's typical retail prices."
SGI raises the Itanic (Register)This article from the Register covers the recent use of Linux by SGI. "Earlier this summer, SGI launched a tour to reassure customers that its heart and soul remained with MIPS and Irix. Today it touted impressive memory benchmarks for its Itanium2 hardware, due to be launched next year, and it's running Linux."
Business An Alternative to Microsoft Gains Support in High Places (NY Times)Several readers have pointed out this NY Times article which introduces open source software, and Linux, as an alternative to Microsoft. "As open source software, especially Linux, has spread, countries in other regions have also come to regard it as both a model of software development and perhaps an engine of economic growth. The government proposals and projects are efforts to position their nations to exploit a promising trend in technology." [The NY Times is a registration required site]
Lindows.com and Microtel to Offer $199 PCs (San Diego Union-Tribune)The San Diego Union-Tribune reports on a partnership between Lindows.com and Microtel Computer Systems, the companies will be assembling ultra-inexpensive PCs that will be sold at Wall-Mart stores. "How can a new computer be so inexpensive? For one thing, it doesn't come with the Microsoft Windows operating system, which sells for about $199 itself. Instead, the computers are based on the Linux computing platform and use the Lindows operating system. They are being sold on Walmart.com, the Web site of the Wal-Mart discount store chain. They also don't come with monitors, which sell separately for as little as $75."
What baseball--and you--could learn from the Web (ZDNet)ZDNet has a baseball analogy for the open source model, involving a recent issue with Major League Baseball (MLB) logos on the web. "MLB may not understand the Web model. But if it wants to recruit new followers (as well as win back those it has already lost), it needs to think of its intellectual property in the same way as the W3C. Unlike Disney, for which visuals are its main selling proposition, logos are not MLB's main product."
IT managers cite security and competition when choosing a Linux system (International Herald Tribune)The International Herald Tribune examines why businesses are choosing Linux. "Where governments deal with issues of open-source culture and monopoly-busting, small companies indicate three main reasons for taking the plunge: reliability, security and cost." Thanks to Martijn Dekkers
Interviews Larry Wall On Perl, Religion, and... (Slashdot)Shashdot answers Perl questions on Slashdot. "Not only did Larry Wall answer your questions, but he said they were excellent questions. You've got to love Larry Wall, not just because he's a nice guy and created Perl, but also because he is the first Slashdot interview guest ever to send his answers preformatted in squeaky-clean HTML."
Looking Back, Looking Forward: Gaël Duval on Mandrake (Open for Business)OfB interviews Mandrake co-founder Gaël Duval about the company's past, present, and future. "...I think the commercial dynamics around Mandrake Linux, and the creation of MandrakeSoft, have been key factors for its development and long-term success. But as you know, Mandrake is much like a Free Software project that is financed by a commercial company. This approach makes great difference when compared to other Linux distributions!"
Resources Embedded Linux NewsletterThe September 5, 2002 edition of the LinuxDevices Embedded Linux Newsletter is out with the latest embedded Linux news.
In-Memory Database Systems (Linux Journal)Here's a Linux Journal article on the use of in-memory database systems (IMDS) in embedded products. "In-memory databases have emerged specifically to meet the performance needs and resource availability in embedded systems. As the name implies, IMDSes reside entirely in memory--they never go to disk."
Xbox Linux project releases SuSE 8.0 howto (Register)For those not scared off by the preceding article, the Register provides a tutorial on installing SuSE 8.0 on an Xbox. "First you need a mod chip, the XBE bootloader and patched SuSE kernel downloaded from the Project, a SuSE nforce driver from the nVidia site, the correct USB adapter for the Xbox and (easy-peasy this bit) a USB keyboard. Oh, and a SuSE 8.0 compatible PC."
Xbox Live to target hackers? (News.com)News.com reports that Microsoft may backtrack on an earlier pledge not to use its Xbox Live online gaming service to crack down on "mod chips". "The 14-page user agreement and privacy notice included with the first Xbox Live kits sent to beta testers specifies that Microsoft reserves the right to revoke Xbox Live privileges for anyone with a hacked Xbox and to scan consoles on the network to enforce its rights."
Open source satellite control (IBM developerWorks)IBM developerWorks shows how the open source model helps satellite engineers with the Jet Propulsion Laboratory (JPL). "How do you harness a satellite control system written in three languages, on four development platforms, and deployed to multiple client environments? With open source, naturally. When one wrong move can cost millions, rely on teamwork, smart design, and open standards to keep the project -- if not the satellite -- from going down in flames."
Reviews Intel embeds Linux in home digital media adapter (LinuxDevices)LinuxDevices.com looks at Intel's new "Digital Media Adaptor". "The device, which is based on an XScale microarchitecture PCA210 'applications processor' and runs an embedded Linux operating system, receives digital media from the PC via 802.11 wireless networking and UpnP technologies, and connects to TVs and stereos using standard audio/video cables -- much like a DVD player."
Book Review: Linux Administration Handbook (Linux Journal)Linux Journal reviews the Linux Administration Handbook by Evi Nemeth, Garth Snyder and Trent R. Hein. "So many of the available books about Linux are either too generic to be of much use for doing serious systems administration or so specific that they are useful only for one version of one Linux distribution. This book is an exception. First, it is heavy on concept, so you actually learn how things work instead of learning how to be a technician. The specifics are then addressed by showing what you do on Red Hat 7.2, SuSE 7.3 and Debian 3.0."
Book Review: Linux Routers - A Primer for Network Administrators, 2nd Ed. (Linux Journal)Linux Journal reviews Linux Routers - A Primer for Network Administrators, 2nd Edition. "Each chapter on router configuration begins with an introduction of what tasks the router needs to accomplish, followed by the specific kernel options or software packages required for that task. Any hardware needed for the router also is introduced. Next come step-by-step instructions for configuring the Linux kernel and discussions of troubleshooting procedures. Illustrations and tables are provided to clarify the material presented. There is also information on utilities or diagnostic applications useful in specific situations."
Sony gadget picks TV shows for you (News.com)News.com reviews Sony's new Cocoon, a hard disk video recording device that runs Linux. "Sony on Wednesday gave a fresh peek into its strategy for linking consumer electronics to the Web, unveiling a Net-connected video recorder that can seek out and record TV programs it thinks its owner would like. The device, which uses a hard-disk drive to record, instead of optical discs or magnetic tapes, will be the first of Sony's "Cocoon" line of products that aim to become an alternative to the PC for accessing Internet content."
Miscellaneous True Freedom of Choice (Linux Journal)Linux Journal has an article that describes a Windows user's experience with the switch to Linux. "Did I want to switch because I longed for the good old days when you knew, or at least could have a good idea about, what making a change to your computer would cause that computer to do? Was it because I suspected some better operating system was out there? Was I concerned, after reading my End User License Agreement, that use of the operating system implied a right for the vendor to gain access to my machine and apply unnecessary or unwanted updates? In a nutshell, the answer to all these questions was yes."
Library invests in Free Software (GNU-Friends)GNU-Friends reports on the use of the Koha library system by a library in Ohio. "Nelsonville Public Library, in Athens County, Ohio has recently decided to migrate to Koha, a free software integrated library system. While reviewing it, they decided that they felt that it needed three additional features to meet their needs. Instead of dropping it from consideration, they decided to take the money that they would otherwise spend on licensing fees and pay someone to implement these features."
Page editor: Forrest Cook Announcements Resources GNU manuals available in printed form.Several GNU manuals are now available in printed form. Available titles include the GNU Scientific Library Reference Manual, the GNU Octave Manual, and An Introduction to R.
archLSB for Itanium ArchitectureThe Linux Standards Base has announced the public review of the Itanium Architecture "archLSB-IA64" ABI specification. The public review begins Friday Sept. 6th, 2002 and will end Friday Sept. 27, 2002. Your reviews, opinions, and contributions are welcome.
Upcoming Events Singapore Linux Conference needs sponsorsThe Singapore Linux Conference, currently scheduled for October 14 - 16, 2002, is looking for sponsors to help pay speakers.
PHPCon 2002PHPCon 2002, a conference on the PHP web scripting language, will be held in Millbrae, California on October 24 and 25, 2002.
The Python UK Conference 2003Early planning is in the works for the Python UK Conference, 2003, to be held on April 2 and 3, 2003 in England.
Registration is open for the Ruby Conference 2002Registration is now open for the Ruby Conference 2002, to be held in Seattle, WA on September 1-3, 2002.
Penguin Breeding at Gnomedex (Linux Journal)Doc Searls has written a review of the Gnomedex conference.
Perl 'Meetup' (use Perl)Use Perl has an announcement for the first Perl Meetup, to be held in London, England on September 19, 2002.
Events: September 12 - November 7, 2002
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook Letters to the editor Releasing old software into public domain.
Hello!
[new] Koha for libraries and ??? for ABA and ??? for HMOs
Dear LWN readers,
Make BAD Patents costly
Hi,
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||