User: Password:
Subscribe / Log in / New account Weekly Edition for January 24, 2008

Ten-year timeline part 3: The Tucows years

By Jonathan Corbet
January 23, 2008
This is the third installment in a ten-year retrospective inspired by LWN's tenth anniversary; those who have not yet seen them may want to have a look at Part 1 and Part 2. At the end of the second part, LWN had just emerged from the peak of the dotcom bubble having made a deal with Tucows. For almost two years we operated as a part of that company; here's some highlights from that time.

  • April 13, 2000: Linuxcare postpones its IPO indefinitely and rearranges its management. Minix is released as free software.

  • April 20, 2000: Linux Business Expo in Chicago. Microsoft's FrontPage back door is exposed. Devfs flame wars continue. Red Hat fired by its ad agency. Shares of Caldera, VA Linux Systems and Andover.Net all fall below their IPO prices.

  • April 27, 2000: Oracle creates Miracle Linux in Japan. Red Hat launches its embedded developer's kit.

  • May 4, 2000: Linuxcare lays off 35% of its staff and officially cancels its IPO.

Needless to say, by this time we were happy to have found a relatively stable place to be - times were starting to look a little tough. Between the end of the Linuxcare IPO - once supposed to be the biggest and best of them all - and the fact that other Linux companies had fallen below their initial prices, it seemed that the honeymoon was pretty well over. By this time, LWN's revenue stream from advertising had pretty well dried up too.

Red Hat's embedded business is a classic case of a lost opportunity. The acquisition of Cygnus should have placed Red Hat in a strong position in this sector, but, somehow, it all slipped away.

  • May 11, 2000: Red Hat changes direction, dumps its news site, and jumps into the venture capital business. The first public BitKeeper release happens. The Free Standards Group is formed.

  • May 18, 2000: Rumors of Wine 1.0. IBM releases the S/390 port. Memory management problems plague the pre-2.4 development kernels.

One might think it cynical and mean-spirited to point out that we're still waiting for Wine 1.0. But we'll do it anyway. The memory management issues with 2.4 were to be with us for some time, as it turned out.

  • May 25, 2000: The Linux Mall and EBIZ merge. Lineo files for an IPO. Eric Raymond decides to rewrite the kernel configuration system.

  • June 8, 2000: A fight over whether Reiserfs should go into the 2.4 kernel.

  • June 22, 2000: British telecom claims to own a patent on linking and starts suing ISPs for being part of the world wide web. 2.4.0 test kernels come out in two flavors with different memory managers. More Reiserfs flames.

Given that the 2.4.0 release was far overdue, one would think that arguments over whether a completely new filesystem should be added would be considered out of place. But they did happen, with Hans Reiser showing a level of anger and paranoia that put much of the community off of dealing with him for years. It is rare that kernel developers are accused of putting corporate interests above those of the kernel as a whole, but that happened here.

It is actually worth reflecting on this a bit: kernel developers work for roughly 200 companies, many of which are direct competitors. But that competition has remained almost entirely absent from the development process. We are very good at developing common resources in a highly collaborative way while competing at different levels.

  • June 29, 2000: MySQL switches to the GPL, moves to SourceForge. 2.4.0-test2 is officially blessed with penguin pee.

  • July 20, 2000: Miguel de Icaza proclaims that "Unix sucks" at OLS. Sun releases StarOffice under the GPL. Rumors circulate that Caldera might acquire SCO; if only we'd known where that would go. Larry Wall announces that Perl 6 will be a complete rewrite of the language. If only we'd known where that would go - or not go. A set of locking changes goes into the 2.4.0-test kernel - which is allegedly stabilizing for release.

  • August 3, 2000: Copyleft is sued by the DVDCCA for putting the DeCSS code on T-shirts. Caldera's acquisition of SCO's Unix business (and name) becomes official.

  • August 17, 2000: The GNOME Foundation is formed. Debian 2.2 ("potato") is released.

  • August 24, 2000 KDE/GNOME flame wars break out anew. Eric Raymond strongly criticizes Linus's management practices. VA Linux claims that SourceForge hosts "over 76%" of the world's free software. Caldera/SCO announces the "Linux and Unix marriage" - something it will wish to annul later on.

Something which was widely understood, but little talked about, during this time was the great amount of effort VA Linux put into recruiting projects to SourceForge. It was a clear effort to become the home for as much software as possible. Quite a few prominent projects moved over with great fanfare, only to drift away more quietly later on. SourceForge still hosts a great many projects, but it is seen by many now as a home of last resort.

  • August 31, 2000: The Open Source Development Lab announces its existence.

  • September 7, 2000: Trolltech releases Qt under the GPL. The CueCat saga begins. The RSA patent is released into the public domain - two weeks before it expires.

Lest anybody think that the dotcom silliness was truly over by this point, the CueCat story should convince them otherwise. Digital Convergence spent many millions of dollars sending around free barcode scanners on the idea that people would want to swipe codes from advertisements and be taken to the associated web site. This company considered using the scanner for any other purpose to be a violation of the DMCA, and made loud threats at people distributing drivers which enabled such uses. The company's threats came to nothing, but they foreshadowed the DMCA follies to come.

  • September 14, 2000: Linus decrees that the kernel is licensed under version 2 (only) of the GPL.

  • September 21, 2000: Sun acquires Cobalt Networks. Caldera dumps $3 million into EBIZ. Linus proclaims the kernel to be in "final freeze," with only critical fixes being accepted.

  • September 28, 2000: the Red Hat Network launches. Red Hat 7 is released, featuring "gcc-2.96," a release which the GCC project never made.

The Red Hat Network was the core of what was to become the subscription services which support the company so nicely now. Back then, though, that outcome still was not clear, and Red Hat continued to experiment with a number of business ideas.

  • October 26, 2000: KDE 2.0 is released. LynuxWorks files for an IPO.

  • November 2, 2000: Turbolinux files for an IPO. Linuxcare shuts down its European operation. Linus describes the 2.4.0-test10 kernel as having "no known bugs."

  • December 7, 2000: The 2.4.0-test12 prepatches include the new PA-RISC architecture and rework of the task queue API - both of which, apparently, were fixes for critical problems. EBIZ tells its shareholders that things will get better soon, honest.

  • December 21, 2000: Corel sells its Linux business to (what becomes) Xandros.

  • January 11, 2001: the 2.4.0 kernel is released at last. Linus warns that it's not yet open season for new patches. The first SELinux prototype is released.

Many people had begun to worry that 2.4.0 would never come. The story of the development of this kernel, though, was not done yet.

  • January 18, 2001: The Ramen worm attacks Red Hat Linux systems. Turbolinux and Linuxcare agree to merge. Lineo withdraws its IPO application. VA Linux warns that earnings will not be up to expectations. Helix Code gets $15 million in venture investments. The InterBase backdoor is discovered. Reiserfs gets merged for the 2.4.1 kernel. The first happens.

  • February 8, 2001: SUSE (still SuSE then) lays off most of its US staff.

  • February 22, 2001: VA Linux lays off 25% of its staff, gets a new CEO. Turbolinux cancels its IPO. Microsoft's Jim Allchin calls Linux "un-American".

  • March 15, 2001: Eazel releases Nautilus 1.0, lays off half its staff.

  • March 22, 2001: The Stanford Checker surfaces with a long list of potential kernel bugs. EBIZ announces a plan to acquire Linux NetworX.

By this point, things were looking downright scary. During the bubble days, almost anybody who wanted to work in free software development could get a job somewhere. By this point, though, quite a few people were without jobs and some of them were leaving the community altogether.

The Stanford Checker was a GCC derivative which could do static analysis; for many, it was the first real demonstration of what that kind of tool could do. Despite some early reassurances, this code was never released; instead, it was used to found Coverity. The community has benefited strongly from Coverity's work, but imagine what we could have done with the source to the Checker. It is a little sad that we have been unable to develop similar capabilities in free software.

  • April 5, 2001: Wind River Systems buys BSDi. The first kernel summit is held. Alan Cox states that the 2.4 kernel is not yet stable. Larry Wall begins to post the design of Perl 6.

  • April 19, 2001: Wind River Systems lays off the Slackware staff. MandrakeSoft starts asking for donations from users.

  • April 26, 2001: Ed Felten receives DMCA threats over his breaking of the Secure Digital Music Initiative watermarking scheme. Eric Raymond proclaims his intent to hack the kernel's social systems.

The threats against Ed Felten - who had participated on a contest put on by SDMI proponents - were a strong signal that, in the U.S., the DMCA could bite developers hard. Worse was to come, though. Meanwhile, Eric Raymond's attempts to "hack" a rather unimpressed kernel community provided a steady stream of comic relief.

  • May 3, 2001: Turbolinux and Linuxcare cancel their merger. VA Linux posts horrific quarterly earnings. Sony releases Linux for the Playstation 2 console.

  • May 10, 2001: EBIZ cancels its acquisition of Linux NetworX. The Bergen Linux Users Group implements RFC 1149.

  • May 17, 2001: Eazel shuts down. Enhanced Software Technologies - owned by Atipa - shuts down.

  • May 24, 2001: MandrakeSoft lays off 20% of its employees, including its CEO.

Your editor has said previously that Eazel's plan never seemed (to him) to make sense; the investors finally came to the same conclusion and pulled the plug. Another plan which did not make sense was what had happened to MandrakeSoft: outside managers placed in the company by its venture capitalists had decide that Mandrake should be an e-learning company - not exactly its area of core expertise. That strategy just about destroyed MandrakeSoft before the decision to go back to its distributor roots was made. The company has taken many years to recover from that mistake.

  • June 21, 2001: Red Hat turns a profit. GCC 3.0 is released.

  • June 28, 2001: Caldera announces plans to move its distribution to per-seat licensing. Linus announces that the 2.5 development series will open "in a week or two." Meanwhile memory management problems continue to plague the 2.4 kernel (now at 2.4.5). VA Linux leaves the hardware business. MandrakeSoft announces plans for an IPO. LynuxWorks withdraws its IPO application.

In these difficult days, the fact that Red Hat could produce a profit - even a tiny one - offered a ray of hope. The failure of VA Linux to make it in the hardware business was a sobering counterexample, though, given that VA was once the most prominent company selling Linux-installed systems.

  • July 4, 2001: Version 1.0 of the Linux Standard Base is released.

  • July 12, 2001: The Mono project is launched. Atipa shuts down.

  • July 19, 2001: MySQL and NuSphere end up alleging GPL violations (and more) in court. Dmitry Sklyarov is arrested on DMCA charges in Las Vegas. EBIZ warns stockholders that more money must be found or the company will not be viable.

More than anything else, the arrest of Dmitry was a wakeup call for the community. It seemed that, in the U.S., any developer could be arrested for interfering with the business plans of large companies. As a result of this action, some developers still refuse to travel to the U.S.

We still miss Liz - but she remains a good friend.

  • August 30, 2001: Dmitry Sklyarov is charged with conspiracy and faces 25 years in prison. VA Linux takes the SourceForge software proprietary.

  • September 6, 2001: IBM and others put millions of dollars into SUSE to keep it from bankruptcy. Sistina takes its Global Filesystem (GFS) proprietary.

  • September 13, 2001: Caldera turns in horrific quarterly earnings; layoffs and a reverse stock split follow. Lineo lays off a large portion of its staff. Great Bridge, a company seeking to commercialize PostgreSQL, shuts down entirely. EBIZ goes into chapter 11 bankruptcy.

  • September 27, 2001: The 2.4.10 kernel is released.

Few people remember September, 2001, as one of their favorite months. Beyond the terrible events occurring in the wider world, the problems in the commercial Linux sector just seemed to get steadily worse.

The 2.4.10 kernel release is an important point as well. Here is where the longstanding memory-management problems came to a crux; Linus responded by ripping out the 2.4.9 VM code and replacing it with a completely different implementation. What followed may be the closest we ever came to a fork in the Linux development process. Some distributors stayed with 2.4.9 for a long time - RHEL 2 systems (still supported by Red Hat) are still running a kernel which, at least, claims to be 2.4.9. The worst passed, however, and this is the point at which 2.4 started toward something resembling stability.

  • October 4, 2001: The World Wide Web Consortium proposes allowing patented technology with proprietary licensing into web standards. SUSE brings in another round of funding and announces the layoff of 120 people.

  • October 11, 2001: Michael Hammel leaves LWN.

Tucows, which had not been helped by having launched a major new offering on September 11, laid off a number of people, including Michael. His desktop columns had been a welcome addition to LWN, and his departure was a big loss.

  • October 18, 2001: Progeny stops development of its Debian-based distribution.

  • October 25, 2001: Lindows announces its existence.

  • November 8, 2001: Linus announces that 2.5 will start soon. Marcelo Tosatti is named as the 2.4 maintainer. IBM open-sources Eclipse. The European software patent directive picks up steam.

  • November 29, 2001: The 2.5 kernel development series starts - with a filesystem corruption bug.

  • December 6, 2001: The Mandrake Club is launched as a fund-raising initiative.

Initially the Mandrake Club was meant to function as a sort of tip jar. As financial problems at MandrakeSoft got worse, though, it became the storefront through which the Mandrake distribution was sold. Not everybody liked how the Club was run, but it doubtless helped MandrakeSoft to survive into the present.

  • December 20, 2001: Charges against Dmitry Sklyarov are "deferred" and he returns home to Russia.

  • January 17, 2002: DeCSS creator Jon Johansen is indicted in Norway.

  • January 31, 2002: LWN is unacquired. 2.5 kernel patches get dropped, leading to another "Linus does not scale" discussion.

The indictment of Mr. Johansen made it clear that DMCA-like problems were not limited to the USA.

Meanwhile, by this time, Tucows had come to terms with the fact that its acquisition (and ongoing operation) of LWN was not helping it, given the directions its business was taking. So, after some discussion, LWN was unacquired - it was given back to its creators, with Tucows holding on to a small piece just in case. The parting was on the best of terms; it revalidated our decision to go with Tucows in the first place. But, after almost two years, it was time for LWN to venture back out into a scary world as an independent business. That was the beginning of a new phase, with its own ups and downs, which will be discussed in the next installment.

Comments (12 posted)

The Grumpy Editor's video journey part 2: Video editors

By Jonathan Corbet
January 23, 2008
Part of the LWN Grumpy Editor series
In the first installment in this series, your editor took on the task of getting video data onto his system in digital form. Part 3 talked about authoring DVDs with the nicely edited versions of those video clips. Now it's time to fill in the missing second part, wherein your editor turns raw captured video into something suitable for DVD creation.

The task to be accomplished is relatively simple: for each video clip, trim off the extra junk at the beginning and the end. Some of them also require internal editing; there were signs of operator error in the form of, say, extended sequences where the sole subject matter was the floor and, perhaps, the cinematographer's shoe. Nice transitions between the clips were desired - a basic fade to black at the end, if nothing else. The addition of titles is useful. And, as an added bonus, the video clips needed to be deinterlaced before being written in a form suitable for passing to the dvdauthor utility.

In the process, your editor encountered several tools in varying states of readiness. He has become better acquainted than ever with the notion of "build hell." A rather more than passing acquaintance with the behavior of the out-of-memory killer in 2.6.24-rc kernels has also been achieved. And, at the end, your editor believes he has a reasonable sense of the state of the art in Linux video editing.


[Avidemux] Avidemux is a GTK-based editor which, according to its web page, is "designed for simple cutting, filtering and encoding tasks." It is an interesting combination of simplicity in some areas combined with great power and complexity in others. It has a lot of potential, but it also has a few rough edges.

For example, Avidemux handles DVD-style MPEG2 files without trouble. But a reader who digs far enough into the documentation (which is extensive and useful, incidentally) finds a warning that one must exercise the "build VBR time map" option, or audio and video will become unsynchronized in the final product. This operation is nearly instantaneous on a five-minute clip; given the problems which can result from not doing it, why does Avidemux not just build this "time map" when the file is loaded? Why set a trap like that for your users?

The actual video editing operations are quite simple. Avidemux can only handle a single video clip, and that clip has a single set of begin/end points. It is possible to delete from the middle of a clip using those endpoints; deletion is instantaneous and leaves no sign on the timeline. There is no "undo" operation, but there is an option to dump all changes made to the file. There is a scrollbar which enables quick movement through the clip; the arrow keys move by single frames. In general, the interface is responsive on your editor's machine.

One place where Avidemux excels is in its selection of video filters. For example, your editor went looking for a filter to deinterlace the video; he found 21 different deinterlacing filters. Many of these filters have an extensive set of configuration options. Actually choosing the right filter and options for the task at hand is an intimidating task, and the documentation does not provide a whole lot of guidance. In the end, Your editor got reasonable results with the "yadif" filter, as can be seen in the "before" and "after" images on the left.

A fade-to-black ending was achieved with another filter. It works beautifully, if one does not mind that (1) there is no choice of what to fade to beyond a "fade to black" toggle, (2) the portion of the clip to be affected must be identified by typing in frame numbers, and (3) those frame numbers are not adjusted should somebody, say, delete some video from an earlier part in the clip. The capability is there, but the interface needs some work.

Other filters allow cropping, mirroring, color modifications, noise removal, sharpening, blurring, addition of subtitles, the addition of logos from image files, the creation of animated DVD menus, etc. Should all of those be inadequate, the "swiss army knife" filter is there for more general low-level processing. There is also a scripting interface for Avidemux, though your editor did not attempt to make use of it.

The interface allows the user to view the video either before or after the filters have been applied - or both together. The latter mode, though, tends to run slowly, though the post-filter output, by itself, worked just fine.

In the end, saving the file out as a DVD "video object" does the job - though one has to assume that the rather spartan "save" dialog will do that. Like most (but not all) video editors, Avidemux does not actually change the video data until told to render a new file. The list of edits, filters, etc. can be saved as a "project" file (an Avidemux script, really) so an editing session can be resumed at a future point using the original material.

The bottom line is that Avidemux is a capable and reasonably solid tool - your editor was not able to make it crash. Its long list of filters will be appealing to some users. Its inability to work with more than one clip at a time will rule it out for many others, though. Like so many other tools in this category, it's almost there.


[Cinelerra] The Cinelerra tool has an interesting history. It was once known as "Broadcast 2000," before being withdrawn because somebody was worried about legal liability. Now it is available as "Cinelerra," but in two versions. The "official" version is published by a company named Heroine Warrior, which has no real interest in the hassles of dealing with a community or making regular releases. Heroine Warrior is, however, generous enough to make the code available under the GPL; a group of developers has taken the code and made Cinelerra CV - the "community version." This version is supposed to be under active development and move more quickly, but it still doesn't seem to be moving all that fast, unfortunately.

There are some good documents for Cinelerra, but, reading them, one starts to encounter certain themes. For example:

Cinelerra is not perfect. Before long you will be familiar with the tendency it has to crash

Or this one:

Quicktime is not the standard for UNIX but we use it because it's well documented. All of the Quicktime movies on the internet are compressed. Cinelerra doesn't support most compressed Quicktime movies but does support some. If it crashes when loading a Quicktime movie, that means the format probably wasn't supported.

Cinelerra is by far the most complex - and capable - of the tools available for Linux. If you are looking for an editor designed for the creation of complicated video with lots of effects, Cinelerra is the tool for you. Unfortunately, Cinelerra does not appear to have a development community which is up to the maintenance of a tool of this size. So it is difficult to work with and not particularly robust.

At startup, Cinelerra puts up four individual windows. The "timeline" shows all of the tracks being edited, and is the place where much work actually gets done. There are two video windows; one displays the current state of the timeline, while the other can be used to look at individual clips outside of the timeline. Then the "resources" window holds everything else.

The timeline display is quite nice. Video thumbnails along the line give a rough sense of what is happening in each clip. The display of audio levels is also highly useful when one is trying to find specific events; it would be nice if other tools picked up this idea. A number of editing operations can be performed directly on the timeline; each track, for example, has a horizontal line which can be manipulated to adjust the (audio or video) levels at any given point. So a fade-to-black, for example, is a simple matter of ramping the video level down at the right place.

For more complex operations, there is a large list of effects which can be applied. These effects show up on the timeline next to the tracks they operate on; their end points can easily be dragged around. Cinelerra will attempt to render effects when the timeline is being played, but that tends to slow the program (not the fastest tool to begin with) to a point where it cannot keep up with normal video rates.

Cinelerra does not modify any data until told to render the project. It cannot create DVD video objects directly; one must render audio and video separately, then multiplex them outside of the program. The edit list can be saved separately.

There is a whole host of features in Cinelerra not found anywhere else. For example, it can be used to drive a rendering farm for those big production jobs. There is a motion tracking subsystem built into it ("The intricacies of motion tracking are enough to sustain entire companies and build careers around"). There's a set of options for audio and video capture. And so on.

But your editor could never get all that far with Cinelerra before it ran the system out of memory. One does, indeed, become familiar with its tendency to crash, but it's especially annoying when it takes the rest of the system down with it. Cinelerra should really be one of the star applications in the free software world. It has a great deal of power and can do amazing things; it could be a professional-quality tool. What it needs is for the community to truly take charge of the "community version" and turn it into a system which is fast, robust, and easier to use. To that end, it would help if the two people on the planet who can succeed in actually building this system would clean up that process and, in general, make Cinelerra more welcoming to new developers. The foundation for a great video editor is here, but there is a lot of finishing work to be done.


[Kdenlive] Kdenlive is a KDE-based editor under active development; version 0.5 was released in August, 2007. Having not found a version for Rawhide, your editor set out to build this tool, only to give up in despair. So, as an aside, your editor would like to offer a helpful suggestion to developers who want people to actually use their code: if you absolutely must use your own build tool instead of make, and there is just no alternative to using a tool which nobody has heard of or packages and which does not have a web site or working download location, please consider just packaging said tool with your code. Your editor is sure that "unsermake" is vastly superior to the alternatives which we all have on our systems already, but it doesn't help if you can't find it.

Of course, even after solving that problem, your editor was not able to build this tool. Fortunately, Ubuntu ships it, so that is the version which was used here.

The initial Kdenlive experience is a little rough; it asks for a set of default parameters. How is one to choose between, say, "CIF NTSC" or "DV NTSC" or "DV NTSC Widescreen"? There is no help on offer to guide the user toward the right choice. Once past that, the user sees a window with three major panes which offer functionality similar to that available from Cinelerra.

The first step is to bring one or more video clips into the "project tree," which is (usually) visible in the upper left pane. These clips can be viewed in the "clip monitor" on the right. A clip of interest can then be dragged down to the timeline area, where it can be easily positioned relative to any others which are already there.

Kdenlive uses the "divide and conquer" editing method. To remove a section of a clip, the user positions to one end of that section, then selects "razor" to split the clip in two at that point. Another split at the other end isolates the section to be removed, which can then be deleted with a separate operation. There is (with the exception of transitions) no way to apply an operation to a part of a clip - the area of interest must always be razored out first.

As a result, the fade-to-black effect is not quite as easily achieved in Kdenlive as with some other tools. There is a "brightness" effect, but it changes the brightness to a constant value through the entire clip. The way to fade out a scene is to add a new clip with a solid color (easily done in Kdenlive), then use a crossfade transition to join the two clips together.

Transitions are added by selecting the first track and, via the right-button menu, selecting the desired transition. Various parameters (such as the time required for the transition) can then be tweaked. It all works easily; Kdenlive is a fun tool for quickly piecing together different bits of video into a coherent whole.

There are separate video windows for displaying individual clips and the timeline as a whole; by default, they cannot both be viewed at the same time. Playback is responsive. It's a little more awkward than with some tools, though: the position cursor is small and hard to grab, and there is a shortage of keyboard shortcuts for moving around. The timeline is less informative and less functional than Cinelerra's, but the information one really needs is there.

When the project is done, there is a nice "export to DVD" option there to do the rest of the work. Kdenlive can create the video object files and fire up Qdvdauthor to do the rest, or it can create a basic, single-title DVD internally and (using k3b) burn it to a disc. Your editor, thus, should have mentioned Kdenlive in the DVD authoring article, but he was unaware of this feature at that time. It all works easily; your editor was able to make a playable DVD with minimal trouble.

It was not the most beautiful DVD, though, because Kdenlive has no deinterlacing capability. Those of us unlucky enough to be starting with interlaced video must handle that operation separately, before or after the editing process.

While any of the editors discussed here could conceivably work with high-definition video, Kdenlive is the only one which appears to have been written with that in mind. Projects can be set up in HD formats without undue tweaking. Your editor was not in a position to test this capability, though.

All told, Kdenlive comes across as one of the most finished of the free editing tools. It is relatively straightforward to use and it has all of the features that most people are likely to need. For many applications, this could well be the first tool to reach for.


[Kino] Despite its "K" name, Kino is a GTK-based video editor. It is quick and easy to use, but also lacking somewhat in power.

Kino only works with a single video format - the digital video (DV) format associated with contemporary camcorders. When started with something else (say, your editor's MPEG files from the capture card), it will offer to convert the file into DV. This process works, but the result is a significant (5-10x) increase in the size of the file.

There is no timeline in Kino; instead, it has a "storyboard" in the leftmost pane. Each video clip becomes a separate scene in the storyboard, with each being played strictly before the one after it. Like Kdenlive, Kino works by dividing clips and applying operations to the pieces. So trimming video is done by "splitting" the scene into wanted and unwanted parts, then deleting the latter. The documents make much of the "powerful" three-point trim feature, but your editor doesn't get it; it just seems like a way to set the beginning and ending split points on the same screen, but the amount of work remains the same.

Moving within clips is quick and easy in Kino. There is also a scrollbar-based "jog wheel" for variable-speed motion in either direction. What your editor really likes, though, are the keyboard shortcuts, including vi-style bindings for moving, frame-by-frame, through the material. It makes finding the exact spot to make a cut a quick affair.

Kino offers a reasonable set of effects, though the interface and implementation are awkward. Most effects apply to a full scene, so the normal mode of operation is to split scenes where an effect is to be placed. There is an option to "limit" an effect to a period of time at the beginning or end of a scene, though, so something like fade-to-black or a crossfade can be done without making new scenes.

Or so one would think. Unlike most other editors, Kino does not apply effects at playback time; instead, an effect must be rendered when it is applied to the scene. The result is a new scene (even if the limit option described above is used) which contains the result of a new DV file created by the effect renderer. For good measure, the rendering code places the rendered file (with a name like 001.kinofx.dv) in the user's home directory, which can quickly become cluttered with them. This approach lets Kino display effects without performance problems, but it is a bit messy and inelegant.

While Kino only works with DV files, it has one of the nicest export dialogs around. There is a long list of options, one of which is DVD-style MPEG. There's even a "deinterlace" pulldown with a few options. The internal deinterlacer is, as advertised in the menu, very fast, but the results are not all that great. If one, instead, has Kino use the external YUV deinterlacer, things will be exceedingly slow, but the results are worth it. Examples from both deinterlacers can be seen on the left.

By default, the DVD exporter creates the necessary video object file and a simple dvdauthor script for a minimal DVD. There are options, though, to burn the DVD immediately or to go into Qdvdauthor for further work.

One might mention here that, like most of the other tools discussed here, Kino does not play nicely with others when it comes to the audio subsystem. Each tool has its own way of responding to contention, though. In this case, if Kino is unable to get exclusive access to the audio device, it shows its displeasure by playing video (silently, of course) at ten times the normal speed. After a while one learns to recognize this particular tantrum, but it still would be nicer if the application would say something like "I'm not willing to share the audio device, can you please stop your music player if you want to play back your video?"

Bottom line: Kino is a reasonably capable editor which, after a very short learning period, is quick and fun to use. It may well be the best option for people with relatively simple needs. Those wanting more sophisticated capabilities, though, are likely to see it as an underpowered toy.


[LiVES] The Linux Video Editing System (LiVES) is a relatively simple editor with some interesting capabilities. The web page claims:

LiVES is good enough to be used as a VJ tool for professional performances, and as a video editor is capable of creating dazzling clips in a wide variety of formats.

Your editor, however, is not a VJ. So his experience with this tool was not the best.

The process of importing a video clip into LiVES is slow and disk-intensive. After some investigation, your editor figured out why: LiVES works by converting every video frame into a separate JPEG image file. The end result is a directory containing tens of thousands of images and a massive expansion in the size of the clip. It also cannot be good for system performance in general; your editor can only suggest that using a filesystem with indexed directories would be a good idea.

LiVES is one of those applications with such a sense of its own importance that it comes up maximized from the outset. The interface reconfigures itself on the fly depending on what operations are selected - in particular, video display windows come and go in a frequent and distracting manner. The default directory for video files in /usr/local. Cross-fading one clip into another works, but it loses the synchronization with the audio. Many tasks are done by running external programs; should that program fail, LiVES will tell the user, but it does not pass on the information provided by that program. So figuring out why things fail is a matter of digging through debug and strace output.

Somewhere in this process, your editor decided that, while LiVES may indeed make VJs happy, it is not a serious editing tool for the rest of us. There is the potential for some nice features there, but this application needs a lot of work before it will be ready for general use.


[PiTiVi] One gets used to thinking of video editors as being huge programs written in relatively fast languages. PiTiVi, however, is an exception to the rule: it's a smallish application written in Python. Of course, it's only small when one overlooks some of the external pieces - like gstreamer.

This application, too, was a bit of a challenge to get going. It has various dependencies not accounted for in its configure script, including some strange ones: why does a video editor need to import Zope modules? Still, your editor had better luck here than with some of the alternatives.

The good news is that, despite its Python implementation, PiTiVi is responsive when moving around in video clips. On the other hand, moving around in clips is really about all that PiTiVi can do at this point. There is a rudimentary timeline display which does not do anything, and no editing options are available. So PiTiVi, while being a promising start, is not really an editor at this time.


Worth mentioning in passing: the Open Movie Editor looks like a tool with some promise. It disliked your editor's video files, though, claiming that it only supports files with a 25 frames/second rate. Your editor, deep in NTSC country, has no such files. Hopefully, as this project matures, it will achieve the generality this kind of tool must have.

The free software community can be aggravating sometimes. We clearly have the ability and the desire to create top-quality tools for tasks like video editing. But what we get is a half dozen tools, none of which is a complete solution to the problem. Your editor would be the first to say that competition between projects can be a good thing, inspiring everybody involved to push harder and achieve more. But, still, maybe having fewer competing tools might just help people to work together and make tools which are truly great.

That said, the state of the art in Linux video editing is not as bad as one might think. The tools are there to put together a decent video without a great deal of trouble. As mentioned above, Kdenlive is arguably the most polished of these tools, with Kino also being a good candidate for simpler applications. And Cinelerra remains in its position as the application that is going to be truly spectacular, once all of those loose ends finally get tied up.

Your editor once heard Lawrence Lessig say that text is like Latin for younger people today, and that video is the preferred way to communicate. If that is true, then we want to make it possible to communicate as richly as possible while using free tools. We have a good base to build on, and many smart people have solved many of the hardest problems. Finishing the job is well within our capabilities.

Comments (27 posted) starts January 28

LWN editor Jonathan Corbet is pleased to be heading back to Australia for his fourth visit to Beyond the pleasure of attending one of the best free software events on the planet and meeting LWN readers, there will be the simple joy of going somewhere where the temperature is above freezing. But most pleasing is the opportunity to speak at on January 30 - they day we have designated as the tenth anniversary of LWN. It will be a celebration for sure.

Stay tuned to LWN for reports from the event as it unfolds.

Comments (none posted)

Page editor: Jonathan Corbet


Web security vulnerabilities and Javascript

By Jake Edge
January 23, 2008

Various recent, unrelated security issues seem to have a common thread: Javascript. It is not the fault of the language, exactly, nor of any particular implementation. It is the fundamental nature of how the language is used that often causes it to be "front and center" when security problems are found on the web.

Imagine that your computer reaches out across the net, to an unverified site, over an unencrypted link and grabs code that it executes with little in the way of further inspection. When put that way, it sounds rather dangerous, but that is exactly what browsers do with Javascript code. There are limits to what Javascript is allowed to do—meant to thwart malicious uses—but it has to have some privileges on the local machine in order to be useful.

One of the recent outbreaks is the "random js" attack, which propagates through Javascript served by legitimate websites. It generates a random .js filename for each visitor—which is where the name comes from—inserting a reference to it in a page on the site. It also stores the IP address of the visitor so that it does not repeat the infection multiple times. The payload then tries to exploit a dozen or more Windows vulnerabilities to install malware of various sorts.

The payload is not a problem for Linux users, but the websites hosting the attack are running Apache, many on Linux. The big unresolved question is how the servers were infected. It could be as simple as getting root access via insecure or intercepted root passwords. Or there could be some, as yet unknown, exploit. That certainly bears watching.

Because of the privileges that Javascript has on a local host, it can be used to spread malware, by exploiting the trust that users—those that even concern themselves with such things—have in the website they are visiting. It can also play a role in redirecting traffic away from a trusted site, even though the site itself has not been compromised.

A post by Nat Torkington at O'Reilly illustrates a common problem that content providers need to worry about. O'Reilly's site carried advertising that required them to load Javascript from the advertiser's site. All was well until the domain expired. A porn site bought it and started providing the required Javascript file with new contents redirecting the users to their site.

A man-in-the-middle or DNS cache poisoning attack could be used for similar results on a smaller scale basis. One can certainly see how it might be used by phishers as well. It is a difficult problem, as website owners need to be able to call out to advertisers' Javascript, but users typically do not expect to run code from a site they did not directly access.

A theoretical attack on home routers has started to show up in the wild. It uses Javascript to exploit a vulnerability in home routers to change the DNS entries for a popular Mexican bank. After that, accesses to the bank would instead go to the malicious website which would collect usernames and passwords, allowing the attacker to access the accounts. Once again, users probably do not expect that surfing to a random site could suddenly expose them to bank account compromise.

There are some things that can be done. For users, if Javascript cannot be disabled entirely—something increasingly difficult in the "Web 2.0" world—it can at least be leashed using NoScript for Firefox.

For website owners, Google's Caja project, seeks to define a subset of Javascript which implements an object-capability language, which would make it easier to sandbox remote code. If this effort succeeds, one can imagine that users could restrict their browsers to only use the Caja subset some day as well.

Comments (2 posted)

New vulnerabilities

apt-listchanges: arbitrary code execution

Package(s):apt-listchanges CVE #(s):CVE-2008-0302
Created:January 17, 2008 Updated:January 23, 2008
Description: From the Debian alert: Felipe Sateler discovered that apt-listchanges, a package change history notification tool, used unsafe paths when importing its python libraries. This could allow the execution of arbitrary shell commands if the root user executed the command in a directory which other local users may write to.
Ubuntu USN-572-1 apt-listchanges 2008-01-18
Debian DSA-1465-2 apt-listchanges 2008-01-17
Debian DSA-1465-1 apt-listchanges 2008-01-17

Comments (none posted)

bind: off-by-one error

Package(s):bind CVE #(s):CVE-2008-0122
Created:January 22, 2008 Updated:July 10, 2008
Description: Off-by-one error in the inet_network function in libc in FreeBSD 6.2, 6.3, and 7.0-PRERELEASE and earlier allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
Fedora FEDORA-2008-6281 bind 2008-07-09
Red Hat RHSA-2008:0300-02 bind 2008-05-21
SuSE SUSE-SR:2008:006 sarg, phpMyAdmin, xine, bind, dbus-1, silc-toolkit, boost 2008-03-14
rPath rPSA-2008-0029-1 bind 2008-01-24
Fedora FEDORA-2008-0904 bind 2008-01-22
Fedora FEDORA-2008-0903 bind 2008-01-22

Comments (none posted)

boost: denial of service

Package(s):boost CVE #(s):CVE-2008-0171 CVE-2008-0172
Created:January 17, 2008 Updated:March 22, 2012
Description: From the Ubuntu alert: Will Drewry and Tavis Ormandy discovered that the boost library did not properly perform input validation on regular expressions. An attacker could send a specially crafted regular expression to an application linked against boost and cause a denial of service via application crash.
Scientific Linux SL-boos-20120321 boost 2012-03-21
Oracle ELSA-2012-0305 boost 2012-03-07
Red Hat RHSA-2012:0305-03 boost 2012-02-21
Gentoo 200802-08 boost 2008-02-14
SuSE SUSE-SR:2008:006 sarg, phpMyAdmin, xine, bind, dbus-1, silc-toolkit, boost 2008-03-14
Fedora FEDORA-2008-0754 boost 2008-03-13
rPath rPSA-2008-0063-1 boost 2008-02-13
Mandriva MDVSA-2008:032 boost 2007-02-01
Fedora FEDORA-2008-0880 boost 2008-01-22
Ubuntu USN-570-1 boost 2008-01-16

Comments (none posted)

flac: arbitrary code execution

Package(s):flac CVE #(s):CVE-2007-6277
Created:January 21, 2008 Updated:January 23, 2008

From the NVD entry:

Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height values in a .FLAC file, which result in a heap-based overflow; and large (8) VORBIS Comment String Size Length, (9) Picture MIME-Type, (10) Picture MIME-Type URL, and (11) Picture Description Length values in a .FLAC file, which result in a stack-based overflow. NOTE: some of these issues may overlap CVE-2007-4619.

Debian DSA-1469-1 flac 2008-01-20

Comments (none posted)

horde3: remote email deletion

Package(s):horde3 CVE #(s):CVE-2007-6018
Created:January 21, 2008 Updated:March 24, 2009

From the Debian advisory:

Ulf Harnhammer discovered that the HTML filter of the Horde web application framework performed insufficient input sanitising, which may lead to the deletion of emails if a user is tricked into viewing a malformed email inside the Imp client.

SuSE SUSE-SR:2009:007 vim, gvim, apache2, opera, multipath tools, java-1_6_0-openjdk, imp, horde, lcms, moodle, ghostscript 2009-03-24
Fedora FEDORA-2008-2087 imp 2008-02-28
Fedora FEDORA-2008-2040 imp 2008-02-28
Fedora FEDORA-2008-2087 turba 2008-02-28
Fedora FEDORA-2008-2040 turba 2008-02-28
Fedora FEDORA-2008-2087 horde 2008-02-28
Fedora FEDORA-2008-2040 horde 2008-02-28
Gentoo 200802-03 horde-imp 2008-02-11
Debian DSA-1470-1 horde3 2008-01-20

Comments (none posted)

hsqldb: unspecified vulnerability

Package(s):hsqldb CVE #(s):CVE-2007-4576
Created:January 22, 2008 Updated:January 23, 2008
Description: HSQLDB contains an unspecified vulnerability which should be fixed in version
Fedora FEDORA-2007-4119 hsqldb 2008-01-22
Fedora FEDORA-2007-4171 hsqldb 2008-01-22

Comments (none posted)

kernel: local filesystem corruption

Package(s):kernel CVE #(s):CVE-2008-0001
Created:January 17, 2008 Updated:June 13, 2008
Description: From the CVE description: VFS in the Linux kernel before performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass file permissions.
Mandriva MDVSA-2008:112 kernel 2007-06-12
SuSE SUSE-SA:2008:013 kernel-rt 2008-03-06
Ubuntu USN-578-1 linux-source-2.6.15 2008-02-14
Mandriva MDVSA-2008:044 kernel 2008-02-12
Fedora FEDORA-2008-0984 kernel 2008-02-05
SuSE SUSE-SA:2008:006 kernel 2008-02-07
Ubuntu USN-574-1 linux-source-2.6.17/20/22 2008-02-04
Red Hat RHSA-2008:0055-01 kernel 2008-01-31
Debian DSA-1479 linux-2.6 2008-01-29
Fedora FEDORA-2008-0958 kernel 2008-01-29
Fedora FEDORA-2008-0748 kernel 2008-01-24
Red Hat RHSA-2008:0089-01 kernel 2008-01-23
rPath rPSA-2008-0021-1 kernel 2008-01-17

Comments (none posted)

libcdio: arbitrary code execution

Package(s):libcdio CVE #(s):CVE-2007-6613
Created:January 21, 2008 Updated:March 7, 2008

From the Gentoo advisory:

Devon Miller reported a boundary error in the "print_iso9660_recurse()" function in files cd-info.c and iso-info.c when processing long filenames within Joliet images.

A remote attacker could entice a user to open a specially crafted ISO image in the cd-info and iso-info applications, resulting in the execution of arbitrary code with the privileges of the user running the application. Applications linking against shared libraries of libcdio are not affected.

Ubuntu USN-580-1 libcdio 2008-02-20
SuSE SUSE-SR:2008:005 acroread, asterisk, cacti, compat-openssl097g, icu, libcdio, wireshark/ethereal, Jakarta, perl-tk 2008-03-06
Mandriva MDVSA-2008:037 libcdio 2007-02-07
Gentoo 200801-08 libcdio 2008-01-20

Comments (1 posted)

mantis: information disclosure

Package(s):mantis CVE #(s):CVE-2006-6574
Created:January 21, 2008 Updated:January 23, 2008

From the NVD entry:

Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote attackers to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field.

Debian DSA-1467-1 mantis 2008-01-19

Comments (none posted)

mantis: cross-site scripting

Package(s):mantis CVE #(s):
Created:January 23, 2008 Updated:January 23, 2008
Description: The Mantis 1.1.1 release contains a security fix for this bug.
Fedora FEDORA-2008-0856 mantis 2008-01-22
Fedora FEDORA-2008-0796 mantis 2008-01-22

Comments (none posted)

scponly: arbitrary command execution

Package(s):scponly CVE #(s):CVE-2007-6350 CVE-2007-6415
Created:January 22, 2008 Updated:February 18, 2008
Description: scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks. (CVE-2007-6350)

In addition, it was discovered that it was possible to invoke with scp with certain options that may lead to execution of arbitrary commands. (CVE-2007-6415).

Gentoo 200802-06 scponly 2008-02-12
Fedora FEDORA-2008-1743 scponly 2008-02-15
Fedora FEDORA-2008-1728 scponly 2008-02-15
Debian DSA-1473 scponly 2008-01-21

Comments (none posted)

tomcat: information disclosure

Package(s):tomcat5.5 CVE #(s):CVE-2008-0128
Created:January 21, 2008 Updated:March 7, 2008

From the Debian advisory:

Olaf Kock discovered that HTTPS encryption was insufficiently enforced for single-sign-on cookies, which could result in information disclosure.

SuSE SUSE-SR:2008:005 acroread, asterisk, cacti, compat-openssl097g, icu, libcdio, wireshark/ethereal, Jakarta, perl-tk 2008-03-06
Debian DSA-1468-1 tomcat5.5 2008-01-20

Comments (none posted)

wireshark: denial of service

Package(s):wireshark CVE #(s):CVE-2007-3389
Created:January 21, 2008 Updated:February 27, 2008

From the NVD entry:

Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.

SuSE SUSE-SR:2007:015 PHP, moodle, tomcat5, lighttpd, asterisk, libarchive, xpdf, evolution, kvirc, wireshark, gd, opera, clamav, gimp 2007-08-03
Red Hat RHSA-2008:0059-01 wireshark 2008-01-21

Comments (1 posted)

wireshark: denial of service

Package(s):wireshark CVE #(s):CVE-2007-3391
Created:January 21, 2008 Updated:February 27, 2008

From the NVD entry:

Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop.

SuSE SUSE-SR:2007:015 PHP, moodle, tomcat5, lighttpd, asterisk, libarchive, xpdf, evolution, kvirc, wireshark, gd, opera, clamav, gimp 2007-08-03
Red Hat RHSA-2008:0059-01 wireshark 2008-01-21

Comments (1 posted)

xine-lib: buffer overflows

Package(s):xine-lib CVE #(s):CVE-2008-0238
Created:January 23, 2008 Updated:August 7, 2008
Description: From the CVE entry: Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3) Copyright attribute, related to the rmff_dump_header function.
Ubuntu USN-635-1 xine-lib 2008-08-06
Mandriva MDVSA-2008:045 mplayer 2007-02-14
Fedora FEDORA-2008-1047 xine-lib 2008-01-29
Fedora FEDORA-2008-1043 xine-lib 2008-01-29
Gentoo 200801-12 xine-lib 2008-01-27
Mandriva MDVSA-2008:020 xine-lib 2007-01-22

Comments (none posted)

Xorg: multiple vulnerabilities

Package(s):Xorg CVE #(s):CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006
Created:January 17, 2008 Updated:April 4, 2008
Description: From the security advisory: Several vulnerabilities have been identified in server code of the X window system caused by lack of proper input validation on user controlled data in various parts of the software, causing various kinds of overflows.
SuSE SUSE-SR:2008:008 wireshark, otrs, xine, xgl, silc-toolkit, lighttpd, tk 2008-04-04
Gentoo GLSA 200801-09:03 xorg-server 2008-01-20
SuSE SUSE-SR:2008:003 java, nss_ldap, cairo, geronimo, moodle, SDL_image, python, mysql, nx, xemacs 2008-02-07
rPath rPSA-2008-0032-1 x11 2008-01-30
Mandriva MDVSA-2008:025 x11-server-xgl 2007-01-23
Mandriva MDVSA-2008:024 libxfont 2007-01-23
Mandriva MDVSA-2008:023 x11-server 2007-01-23
Mandriva MDVSA-2008:022 xorg-x11 2008-01-23
Mandriva MDVSA-2008:021 XFree86 2008-01-23
Fedora FEDORA-2008-0891 libXfont 2008-01-22
Fedora FEDORA-2008-0831 xorg-x11-server 2008-01-22
Fedora FEDORA-2008-0794 libXfont 2008-01-22
Fedora FEDORA-2008-0760 xorg-x11-server 2008-01-22
Debian DSA-1466-3 xfree86 2008-01-21
Ubuntu USN-571-2 xorg-server 2008-01-19
Gentoo 200801-09 xorg-server 2008-01-20
Debian DSA-1466-2 xorg-server 2008-01-19
Ubuntu USN-571-1 libxfont, xorg-server 2008-01-18
Red Hat RHSA-2008:0029-01 XFree86 2008-01-18
Red Hat RHSA-2008:0064-01 libXfont 2008-01-17
Red Hat RHSA-2008:0031-01 xorg-x11-server 2008-01-17
Red Hat RHSA-2008:0030-01 xorg-x11 2008-01-17
Debian DSA-1466-1 xorg-server 2008-01-17
SuSE SUSE-SA:2008:003 Xorg 2008-01-17

Comments (none posted)

Page editor: Jake Edge

Kernel development

Brief items

Kernel release status

The current 2.6 prepatch remains 2.6.24-rc8; no new prepatches have been released over the last week. Around 100 patches have gone into the mainline repository since -rc8 was released. Your editor expects the final 2.6.24 release just before everybody heads off to

The current -mm tree is 2.6.24-rc8-mm1. Andrew has been expressing some frustration with the process of bringing together -mm patches:

The volume of rejects and build errors which are caused by subsystem maintainers fiddling with other people's stuff is quite out of control. Something needs to happen here.

What has happened for the moment is that a lot of git trees have been dropped from this release. Other changes include asynchronous crypto support in the device mapper, a number of Chinese translations of core kernel documents, a lot of IDE updates, and a Sony memory stick driver.

For older kernels: was released with about a dozen fixes on January 19. (January 22) starts the next cycle with several more fixes.

Comments (none posted)

Kernel development news

Quotes of the week

As my daughter would say: that patch fell out of the ugly tree, and hit every branch on the way down. Very impressive.
-- Linus Torvalds (for the curious, here is the referenced patch)

These things are all _soo_ much simpler than all the issues you have to do in the kernel, so this is just a complete toy compared to all the things we do inside Linux to do the same thing with pluggable hashes on a per-path-component basis etc.

(User space developers are weenies. One of the most fun parts of git development for me has been how easy everything is ;)

-- Linus Torvalds (thanks to Nicholas Pitre)

One thing the kernel never faced was fifteen years of fundamental stagnation with a wealth of kludge-arounds piled on top.
-- Keith Packard

Are you saying that this linux can run on a computer without windows underneath it, at all ? As in, without a boot disk, without any drivers, and without any services ?

That sounds preposterous to me.

-- "jerryleecooper"

Comments (16 posted)

A better ext4

By Jonathan Corbet
January 23, 2008
Last week's Kernel Page may have been filesystem-heavy, but there was still a big omission, in the form of ext4. But ext4, being the successor to ext3, may well be the filesystem many of us are using a few years from now. Things have been relatively quiet on that front - at least, outside of the relevant mailing lists - but the ext4 developers have not been idle. Some of their work has now come to the surface with Ted Ts'o's posting of the ext4 merge plans for 2.6.25.

One of the changes going into ext4 is a lifting of the longstanding 4KB block size limit. That does not mean that just any block size works, though, and this feature will benefit fewer people than one might think, for one specific reason: the block size must still be no larger than the page size on the host system. So those of us running x86 systems with 4KB pages will be stuck with 4KB blocks still. And, on any system, the maximum block size is now 64KB.

One amusing effect of this change is that the size of a directory entry can now be as large as 64KB as well. But the field which holds the size of directory entries is only 16 bits wide. So a special hack has been employed to recognize 64KB directory entries and keep everything consistent.

Some internal variables have overflow problems as well. Block numbers are stored as a signed, 32-bit quantity, and so are block group numbers. That limits the maximum size of a filesystem to a mere 256PB. In 2.6.25, these values will become unsigned long variables, eliminating that intolerably low limit. Through some trickery, the inode field which stores the number of blocks associated with a file will be expanded to 48 bits, raising the maximum size of an individual file to just under 248 512-byte blocks.

The work does not stop there, though: another patch redefines that field to mean the number of filesystem blocks (instead of 512-byte sectors) used by the file. This is a change which has to be handled carefully, since it is an on-disk format change which could create trouble for people with existing ext4 filesystems. Everybody who is using ext4 should certainly be doing so with the knowledge that it's a development filesystem and is only suitable for storing files which are not valuable for more than about 30 minutes - Rawhide updates, say. But it still would be nice to not trash every existing ext4 filesystem out there. So the i_blocks field will continue, by default, to hold the number of 512-byte blocks. But, if that field exceeds 32 bits and forces the use of 48-bit numbers, it is thereafter interpreted as filesystem blocks. Since no existing filesystems are yet using 48-bit numbers, this approach successfully avoids breaking them.

Journal checksums are another feature arriving for 2.6.25. If the system crashes, the journal is used to recover any transactions which were committed, but which did not actually make it to disk. It sure would be nice to know that the journal, as stored in the filesystem, is intact before using it to make changes elsewhere. The checksum enables the filesystem to ensure that the journal is good and avoid (further) corrupting the filesystem if it is not. An interesting side benefit is that the checksum loosens the constraints on how the journal is written to disk, since an incompletely-written journal will now be detected; that should help to improve filesystem performance slightly.

Note that full data checksumming is still not on the agenda for ext4. But checksumming the journal is a good (if small) step in the right direction.

Another change is a VFS API change, in that it turns the i_version field of the inode structure into an unsigned, 64-bit value on all architectures. This version number is incremented when the file is changed, and it's stored (split into two fields) in the on-disk inode. 64-bit version numbers are required by NFSv4, which uses them to provide the dreaded "stale file handle" error when things change.

There is a new ioctl() (EXT4_IOC_MIGRATE) which can be used to explicitly request that the on-disk inode for a file be converted to the ext4 format.

The ext4 filesystem is extent-based, and has been for some time. "Extent-based" means that it tracks block allocations by extents (first block, number of blocks) rather than storing pointers to each individual block, as is done in ext3. There are a number of performance benefits to doing things this way, especially for larger files. Those benefits disappear, though, if a file's blocks cannot be grouped into the smallest number of extents possible.

One technique which greatly helps in optimizing block allocations for files is to allocate them in relatively large groups, rather than individually. In 2.6.25, ext4 will contain the multi-block allocator, which does exactly that. One might think that allocating a few blocks at a time would not be that big of a change, but the multi-block allocator is by far the most complex patch in the set. A lot of effort and heuristics go into deciding how many blocks to allocate, finding the optimal set of blocks, tracking the allocation, recovering blocks which end up never being used, ensuring that an application cannot read pre-allocated (but unwritten) blocks in search of leaked secrets, etc. It is quite a bit of code, but it is worth the trouble; multi-block allocation will be enabled by default in 2.6.25.

As noted above, a number of these patches force changes to the on-disk data structure. According to Ted, though, these should be the last on-disk changes for ext4. There are some features which still will not have been merged when 2.6.25 comes around - delayed allocation and online defragmentation among them - but they should not require format changes. So ext4 is getting closer to the point where it is considered ready for production use.

It is not at that point yet, though, and people who use it are still doing so at their own risk. To help drive that point home, Ted has proposed a new mount flag (called test_fs) which communicates to the kernel the user's understanding that they are about to mount a developmental filesystem and will not go filing lawsuits if things go wrong. In the absence of this mount option, an ext4 filesystem will refuse to mount. One might think that child-proofing the filesystem in this way would not be necessary, but some extra care in this area can only be a good thing. Filesystem-related surprises are rarely welcome.

Comments (14 posted)

Finding system latency with LatencyTOP

By Jake Edge
January 23, 2008

Stuttering audio or an unresponsive desktop – typically caused by operating system latency – are two things that annoy users. They can be difficult problems to diagnose, though, as they are transient and buried deep inside the kernel. A new tool, LatencyTOP, seeks to provide more information on where latency is occurring so that it can be fixed or avoided.

Latency is the measure of how much time elapses between when an action is initiated and when its effects become visible. If a user clicks the mouse button in an application, the latency is the amount of time between that click and when the associated action begins. There are lots of different reasons for latency, some of which are outside of Linux's control; being able to measure what latency the OS is contributing will be very useful. LatencyTOP is reporting on a specific subset of latency causes, as described in the announcement:

There are many types and causes of latency, and LatencyTOP [focuses on the] type that causes audio skipping and desktop stutters. Specifically, LatencyTOP focuses on the cases where the applications want to run and execute useful code, but there's some resource that's not currently available (and the kernel then blocks the process). This is done both on a system level and on a per process level, so that you can see what's happening to the system, and which process is suffering and/or causing the delays.

LatencyTOP measures the average and maximum amount of latency in various operations by inserting annotation calls in the kernel. An example from the announcement is instructive:

     asmlinkage long sys_sync(void)
    +       struct latency_entry reason;
    +       set_latency_reason("sync system call", &reason);
    +       restore_latency_reason(&reason);
            return 0;
The scheduler accumulates any time spent sleeping, between the set_latency_reason() and restore_latency_reason() calls, charging it to the "sync system call". Any lower level calls to set the latency reason will be ignored in this code path – they may be useful in other code paths – as it is the highest level active reason that gets charged.

The current interface for annotating is likely to change, though the semantics will stay the same. Comments on the original submission suggested using the kernel markers feature that was merged for 2.6.24. LatencyTOP developer Arjan van de Ven seems amenable to that; reusing a kernel interface, rather than adding a new one, is generally the right choice. There is other work to do as well, the patch was submitted for other kernel hackers to test and comment on, not to be merged into the mainline.


LatencyTOP comes with a userspace application, shown at right, that displays the information gathered. It reads from the /proc/latency_stats file that is created by the LatencyTOP infrastructure patch – so long as you enable CONFIG_LATENCYTOP in the kernel. It displays the nine – an off-by-one in the code as it would seem that ten were intended – largest latencies over the past 30 seconds in the upper pane.


A list of process names runs along the bottom of the display, which can be selected with the arrow keys. The latency sources for that process will then be shown in the lower pane. The example at left shows the tool with the firefox process selected. As can be seen, there are still lots of areas that need annotations – "Unknown reason" along with the wait channel are displayed when the reason has not been set. When narrowing a problem down, it should be straightforward for a kernel hacker to add annotations to the appropriate locations.

LatencyTOP, like its sibling PowerTOP – also developed by van de Ven at the Intel Open Source Technology Center – is a powerful tool for trying to track down system problems. It will probably undergo some changes along the way: the userspace application is still rather rudimentary and the kernel data collection needs finer-grained locking. But, before too long, a mainstream tool to measure system latency based on this work should appear.

Comments (5 posted)

Memory management notifiers

By Jonathan Corbet
January 23, 2008
Virtualized guests running under Linux like to think that they are doing their own memory management. The truth of the matter, though, is that the host system cannot allow guests to directly modify the page tables used by the hardware; allowing that sort of access would compromise the security of the host. So, somehow, the host must be involved in the guest's memory management. One common technique is through the use of shadow page tables. Guest systems maintain their own page tables, but they are not the tables used by the memory management unit. Instead, whenever the guest makes a change to its tables, the host system intercepts the operation, checks it for validity, then mirrors the change in the real page tables, which "shadow" those maintained by the guest.

One problem with this technique, as implemented in Linux currently, is that there is no easy way for the host to feed page table changes back to the guest. In particular, if the host system decides that it wants to push a given page out to swap, it can't tell the guest that the page is no longer resident. So virtualization mechanisms like KVM avoid the problem altogether by pinning pages in memory when they are mapped in shadow page tables. That solves the problem, but it makes it impossible to swap processes running KVM-based virtual machines out of main memory.

This seems like a good thing to fix. And a fix exists, in the form of the MMU notifiers patch posted by Andrea Arcangeli (from his shiny new Qumranet address). This patch allows an interested subsystem to be notified whenever specific memory management events take place. The process starts by setting up a set of callbacks:

    struct mmu_notifier_ops {
	void (*release)(struct mmu_notifier *mn,
			struct mm_struct *mm);
	int (*age_page)(struct mmu_notifier *mn,
			struct mm_struct *mm,
			unsigned long address);
	void (*invalidate_page)(struct mmu_notifier *mn,
				struct mm_struct *mm,
				unsigned long address);
	void (*invalidate_range)(struct mmu_notifier *mn,
				 struct mm_struct *mm,
				 unsigned long start, unsigned long end);

These callbacks are bundled into an mmu_notifier structure:

    struct mmu_notifier {
	struct hlist_node hlist;
	const struct mmu_notifier_ops *ops;

The interested code then registers its notifier with:

    void mmu_notifier_register(struct mmu_notifier *mn, 
                               struct mm_struct *mm);

Here, mm is the mm_struct structure associated with a given address space. It is not expected that anybody will be interested in all memory management events, so notifiers are associated with specific address spaces. Once the notifier is in place, the callbacks will be invoked when interesting things happen:

  • release() is called when the relevant mm_struct is about to go away. So it will be the last callback made to that notifier.

  • age_page() indicates that the memory management subsystem wants to clear the "referenced" flag on the page associated with the given address. This callback should return the previous value of the referenced bit, or the closest approximation available on the host architecture.

  • invalidate_page() and invalidate_range() are both ways of telling the guest that the given address(es) are no longer valid - the page has been reclaimed. Upon return from this callback, the affected address range should not be referenced by the guest.

For the curious, the KVM patches (showing how these notifiers are used there) have also been posted.

While this patch set is aimed at KVM, there has been some interest from other directions as well - virtual machines are not the only places where separate (but related) page tables are maintained. Graphical processing units on contemporary video cards are an example - they have their own memory management units and have some interesting management issues of their own. Remote DMA (RDMA) engines are another possible user. So these patches have attracted comments from a few potential users, and have changed significantly since their first posting. The discussion is still ongoing, so further changes may come about before the notifiers find their way into the mainline.

Comments (3 posted)

Patches and updates

Kernel trees


Core kernel code

Development tools

Device drivers


Filesystems and block I/O




Virtualization and containers

Benchmarks and bugs

Page editor: Jonathan Corbet


News and Editorials

A Code of Conduct

By Rebecca Sobol
January 23, 2008
The openSUSE project board has proposed a code conduct for mailing lists and IRC. This would be in addition to the existing Guiding Principles, mailing list netiquette guide and IRC rules.

There seems to be a trend among open source projects to adopt a code of conduct. As the number of people participating on mailing lists and IRC channels increases, so does the level of poorly stated questions, off-topic chatter and other annoyances. As levels of frustration increase so does the potential for rudeness. Whether a poster intends to be rude, or is only perceived to be rude makes little difference. The international nature of this communication almost ensures there will be some misunderstandings based on culture and language.

So do codes of conduct really work? They can, but often they do not. If the code is not enforced then there is no incentive for anyone to read the code, much less follow it. If the code is too actively enforced it will stifle communication. Somewhere in between there must be a happy medium. Finding it can be a challenge for even the most diplomatic of enforcers.

There are no quick fixes for the problems that come with active channels of communication. There are many documents throughout the web that urge people to be polite and helpful, how to ask better questions and how to provide better answers. LWN readers may be more aware of them than the average netizen. It is up to the aware to educate the unaware in as kind and gentle a manner as possible.

Comments (4 posted)

New Releases

FreeBSD 6.3-RELEASE Announcement

The FreeBSD Release Engineering Team has announced the availability of FreeBSD 6.3-RELEASE. This release continues the development of the 6-STABLE branch providing performance and stability improvements, many bug fixes and new features.

Comments (none posted)

Foresight 2.0 Alpha 3 Released

The third alpha of Foresight 2.0 has been released. "The Foresight 2.0 alpha series features a new tar-based installer, that should install in less than 10 minutes, including formatting a 200 GB hard drive. Foresight is also developing new editions including KDE and XFCE in addition to GNOME available for x86 and x86_64 processors."

Full Story (comments: none)

Ubuntu 6.06.2 LTS released

The second maintenance release of "Dapper Drake" is available. "Over 600 post-release updates have been integrated, so that fewer updates will need to be downloaded after installation, and a number of bugs in the installation system have been corrected. These include security updates and corrections for other high-impact bugs, with a focus on maintaining stability and compatibility with Ubuntu 6.06 LTS." Click below for more details.

Full Story (comments: none)

Distribution News

Debian GNU/Linux

Reordering the boot for fun and profit

Petter Reinholdtsen has announced an experimental dependency based boot sequencing project for Debian. "For a few years now, I have worked on a replacement for the trusty old way of organising the Debian boot. Did you ever make a package with an init.d script, and wonder which sequence number to pick for your script? I am talking about the numbers in the file names in /etc/rc[S0-6].d/. Or are you one of the lucky ones that could just ask for the defaults, and ignore the problem? Picking a good sequence number is very hard some times, for example when you want to run after program Z started at sequence number 20 and before program X also started sequence number 20."

Full Story (comments: 35)


Fedora blocking patent-encumbered games

The lawyers at Red Hat have become concerned about a set of game patents which, apparently, are being actively enforced. These patents cover "A game where 'targets' move across the screen to a predetermined point or line, where the player hits a button/key/mouse click as the target(s) crosses that point or line, and gets points." What that means is that games of the "Guitar Hero" or "Dance Dance Revolution" genre (pydance, for example) cannot be part of the Fedora distribution.

Full Story (comments: 20)

Fedora 8/ARM available

The Fedora 8 package repository has been built for ARMv5 EABI, soft-float, little endian. "The easiest way to start using Fedora 8/ARM is to download the prebuilt root filesystem, which can be booted in QEMU, or chroot'ed into or booted from on any ARMv5 or later processor running in little endian mode. Additional packages can be installed by using yum, which is provided in the filesystem."

Full Story (comments: none)

Fedora Board Recap 2008-JAN-13

John Poelstra provides a recap of the January 13th meeting of the Fedora board. Topics include a budget update, FUDCon F9 survey, FUDCon F10 Boston, customized spin requests, and several other topics.

Full Story (comments: none)

Gentoo Linux

Grant Goodyear on Gentoo

Grant Goodyear, a Gentoo trustee, has posted some information on Gentoo's status. "Many, many people have assumed, quite understandably, that with the Foundation's charter having been revoked, that the Foundation has thus ceased to exist. That's not really true. You can see this by looking at the NM statutes, but it's simplest to see by looking at what happens when NM receives the application for reinstatement. The New Mexico public regulation commission will determine if all of our paperwork is in order. If it isn't, they'll let us know what we need to do to complete it. Once it is, the commission will cancel the certificate of revocation and file a certificate of reinstatement that takes effect "as of the effective date of the administrative revocation and the corporation resumes carrying on its business as if the administrative revocation had never occurred"."

Comments (none posted)

SUSE Linux and openSUSE

Build Service Repositories Get New GPG Keys

The openSUSE build service repository has new GPG keys. Click below to find out more about this security feature.

Full Story (comments: 1)

Distribution Newsletters

Fedora Weekly News Issue 116

The Fedora Weekly News for January 14, 2008 looks at the vote for the Fedora 9 codename, Planet Fedora articles "Looking for a few good hackers!", "Fire in the Attic, Proof of the Prize", and "PackageKit Interview", and several other topics.

Full Story (comments: none)

First Gentoo Monthly Newsletter published

A new monthly publication, taking the place of the Gentoo Weekly Newsletter that went silent last October, has been announced. The January issue of Gentoo Monthly news carries a report of the Gentoo council meeting as well as information on the Gentoo Foundation status and reactions to Daniel Robbins offer (which was covered on last week's Distributions page), KDE 4 in Gentoo, Gentoo at and more. Click below for the issue.

Full Story (comments: 3)

Gentoo Weekly Newsletter: 19 January 2008

This is a special edition of the Gentoo Weekly Newsletter, covering statistics from October 15 to December 21, 2007.

Full Story (comments: none)

openSUSE Weekly News, Issue 6

This edition of the openSUSE Weekly News looks at openSUSE 11.0 Alpha 1, Federico unveils the latest community member, Qt 4.4 in Factory; FOSDEM draft online; more work on imaging support for the OBS, tips and tricks and much more.

Full Story (comments: none)

Ubuntu Weekly Newsletter #74

The Ubuntu Weekly Newsletter for January 19, 2008 covers layout contest for, Ubuntu case studies, mugs from Germany for your Loco Team, FOSS in Egypt, and much more.

Full Story (comments: none)

DistroWatch Weekly, Issue 236

The DistroWatch Weekly for January 21, 2008 is out. "Continued efforts to resolve the leadership issues in Gentoo Linux, a controversy following the Manbo Labs deal between Mandriva and Turbolinux, and the unexpected purchase of MySQL by Sun Microsystems were the main headlines of the past week. But much has happened behind all the high-profile announcements too: openSUSE released the first prototype of its new, Qt4-based installer, Ubuntu published a free, 400-page desktop course, KDE continued to defend its decision to release version 4.0.0 in a seemingly unfinished state, and Dreamlinux announced the upcoming version 3.0 of its Mac OS X-like desktop distribution. Finally, don't miss our feature story, a hands-on report about Linux in Vietnam."

Comments (none posted)

Newsletters and articles of interest

Spinning a Fedora Linux Live CD (InformIT)

Christopher Negus describes the use of livecd-creator to create your own Fedora spin. "The livecd-creator command is packaged in the livecd-tools package, along with more than a dozen sample kickstart files. These kickstart files can be used to build your own specialized live CD immediately, including a GNOME desktop, KDE desktop, developer workstation, electronic lab workstation, gaming desktop, or a minimal Fedora system."

Comments (none posted)


Fedora developers on PackageKit

Jonathan Roberts interviews Richard Hughes and Robin Norwood about the PackageKit project. "PackageKit aims to take the pain out of the package management on GNU/Linux systems and create a system that can compete with Windows and Mac. Development is proceeding at a rapid pace and it is set to be available in Fedora 9. To find out more, we talked to Richard Hughes, project creator, and Robin Norwood, the Fedora feature owner; as always, you can catch some screenshots at the end!"

Comments (57 posted)

Distribution reviews

Arch Linux - Is this really a geek's distro? (PlanetOSS)

PlanetOSS has a review of Arch Linux. "The best part of Arch is pacman (at least for me). Pacman is a package management system which maintains the compressed pkg files. If you know the basic options of pacman you do not need a GUI tool for package management. Pacman is a package management system which maintains the compressed pkg files."

Comments (none posted)

Page editor: Rebecca Sobol


The LV2 Audio Plugin Standard

By Forrest Cook
January 22, 2008

LADSPA, Richard Furse's Linux Audio Developer's Simple Plugin API, provides a plug-in framework for software audio effects. LADSPA applications are divided into two categories, host applications and plugins. From the LADSPA site:

LADSPA is a standard that allows software audio processors and effects to be plugged into a wide range of audio synthesis and recording packages. For instance, it allows a developer to write a reverb program and bundle it into a LADSPA "plugin library." Ordinary users can then use this reverb within any LADSPA-friendly audio application. Most major audio applications on Linux support LADSPA.

Recently, the LV2 Audio Plugin Standard was announced by Dave Robillard, the aim of LV2 is to replace LADSPA:

LV2 is a standard for plugins and matching host applications, mainly targeted at audio processing and generation. LV2 is a simple but extensible successor of LADSPA. intended to address the limitations of LADSPA which many applications have outgrown. While LADSPA has been quite successful with many plugins and hosts, it is quite limited and can't be extended without breaking existing implementations. LV2 in contrast is designed with extensibility in mind right from start.

One of the LADSPA limitations comes from the use of fixed data fields in the plugin binaries. LV2 defines its plugin data by using the Resource Description Framework (RDF) standard. This allows for a much wider variety of plugin data definitions. The RDF files also allow for the inclusion of multiple string definitions, which allows for plugin internationalization. The core LV2 code is intentionally designed to be small and generic, while allowing for support of independently designed extensions.

Plugin identification has been changed from an ID number to a URI, this allows for extended capabilities such as the reference or fetching of plugins across the network. While LADSPA only used floating point numbers for port connections, LV2 supports port type extensions. This can be used to handle MIDI, OSC (OpenSound Control), frequency domain and other types of data. LV2 bundles of all of the data for each plugin into a single directory for easy access. As with ALSA, the actual lv2 core specification is relatively simple, the lv2core-1.tar.gz source file consists of a C header file, some build files and documentation.

Several software packages were released at the same time as the LV2 standard announcement. SLV2 0.4.2 is a C library that is used to access the LV2 plugins: "Unlike LADSPA, LV2 is (more or less) designed with the assumption that hosts will use a library to discover/load/use plugins. SLV2 is one such library, which does the Right Thing with as little burden on host authors as possible." The lv2dynparam extension and helper was also announced: "The extension consists of a header describing the extension interface and libraries, one for plugins and one for hosts, to expose functionality in more usable, from programmer point of view, interface."

Three LV2 compatible plugins were also announced by author Nedko Arnaudov, these include the lv2vocoder version 1, Simple Sine Generator 20080109 and zynadd plugin version 1. Arnaudov also released zynjacku version 1, a JACK based GTK2 host for LV2 synthesizers. The success of LV2 will revolve around its adoption by one or more of the major LADSPA applications, as well as the conversion of more LADSPA plugins. Conceptually, LV2 seems like a step forward for the Linux audio plugin architecture.

Comments (1 posted)

System Applications

Database Software

Mogwai: New Release of Mogwai ERDesigner NG (SourceForge)

A new release of Mogwai ERDesigner NG has been announced. "The Mogwai project is proud to announce the redesigned version of the famous Mogwai ERDesigner entity relationship design tool! Mogwai ERDesigner NG is the redesigned version of the prior Mogwai ERDesigner. In its current development phase, it supports visual editing and reverse engineering of the following databases : MySQL, MSSQL, PostgreSQL , Oracle and generic JDBC. The database model is stored as a XML file, so it can be further processed by other tools. The new Release 1.0.1 includes some bugfixes, and is also the base for further development like SQL DDL generation and schema version tracking."

Comments (none posted)

PostgreSQL 8.3 RC2 released

Version 8.3 RC2 of the PostgreSQL DBMS has been announced. "The community testing of RC1 has yielded positive results. We avoided several serious bugs and are now releasing 8.3 RC2. We need the entire community to continue testing to help us get to the final release. Please report your bugs before the end of the month!"

Full Story (comments: none)

Postgres Weekly News

The January 20, 2008 edition of the Postgres Weekly News is online with the latest PostgreSQL DBMS articles and resources.

Full Story (comments: none)

Device Drivers

owfs 2.7p3 released

Version 2.7p3 of owfs is available, this release features performance improvements and C# support. "OWFS -- 1-Wire file system. Use the Dallas 1-Wire and iButton chips with standard linux commands. Create temperature loggers. Monitor everything. OWHTTPD -- same system, only used as a light weight web server. OWFS is also ported to WRT54G and Coldfire".

Comments (none posted)


Samba 4.0.0alpha2 announced

Version 4.0.0alpha2 of Samba has been announced. "Samba 4 is the ambitious next version of the Samba suite that is being developed in parallel to the stable 3.0 series. The main emphasis in this branch is support for the Active Directory logon protocols used by Windows 2000 and above. Samba 4 is currently not yet in a state where it is usable in production environments. Note the WARNINGS below, and the STATUS file, which aims to document what should and should not work."

Comments (none posted)


WifiZoo v1.3 released (minor release)

Version 1.3 of WifiZoo, a tool for passively gathering wifi information, has been announced. "WifiZoo v1.3 is out there. this is a minor release, it basically addresses some minor functionality issues and stuff".

Full Story (comments: none)


OpenBaseMovil J2ME app framework 3.0 released (SourceForge)

Stable version 3.0 of OpenBaseMovil has been announced. "OpenBaseMovil is an enterprise-class J2ME application framework, which includes many features being the most notable the J2ME Relational Database Engine openbasemovil-db, but also the user interface engine that allows you to create your views using XML, and lots of other useful things like local connectivity to Bluetooth devices like bar-code scanners, printers or GPS antennas."

Comments (none posted)

Web Site Development

Midgard 1.8.6 released

Version 1.8.6 of Midgard is out with major bug fixes and enhancements. "Midgard is a capable open source content management system for running mid-to-high-end websites. In addition to the built-in content management features, Midgard also provides a highly object-oriented component architecture for building interactive web applications that integrate seamlessly with the website."

Full Story (comments: 2)


Data Crow: 3.1 has been released (SourceForge)

Version 3.1 of Data Crow, a cross-platform movie, video, book, image, software and music cataloger/DBMS, has been announced. "This latest production version is a major overhaul of the internal system of Data Crow. The changes will not be immediately apparent to the average user however it has caused noticeable positive side effects: increased startup performance, lower memory usage, better performing views."

Comments (none posted)

Desktop Applications

Audio Applications

Amarok Insider on Technical Preview and More (KDE.News)

KDE.News has announced the publication of Issue 11 of the Amarok Insider. "Amarok Insider is the newsletter previously known as Amarok Weekly News (AWN), and is now hosted on the official Amarok website. The new issue covers the freshly released Amarok 2.0 Technical Preview, Amarok's Media Device architecture, the Context View, Playlist, Service Framework, the MS Windows version, recent happenings inside the Amarok team, and much more."

Comments (none posted)

Remote Control Of Ardour With Perl/OSC

Open Sound Control (OSC) support is being added to the Ardour multi-track audio editor. "Jonathan Stowe wrote a Perl module to allow remote control of Ardour with Perl via OSC. At present, OSC control is limited to transport and per-track solo/mute/rec-enable operations. Hopefully with this module there to make testing and development of a remote control application easier, OSC control can be expanded in interesting ways."

Comments (none posted)

wxCommunicator: 1.0.4 released (SourceForge)

Version 1.0.4 of wxCommunicator, a cross platform SIP application, has been announced. "wxCommunicator 1.0.3a has been released. It is compiled with wxWidgets 2.8.7 and sipxtapi SDK built on 21.1.2008. Easier dialing - just enter number, 2 new ringtones, faster call history deletion, audio energy meters."

Comments (none posted)

Desktop Environments

GNOME 2.21.5 released

Version 2.21.5 of GNOME has been announced. "This is the fifth release of the GNOME 2.21.x series, heading towards the stable GNOME 2.22.x release."

Full Story (comments: none)

GARNOME 2.21.5 released

Version 2.21.5 of GARNOME has been announced. "The "more change brings more change" release. We are pleased to announce the release of GARNOME 2.21.5 Desktop and Developer Platform. This is the fifth development release on our road towards GNOME 2.22.0, which will be released in March 2008. This release comes with more features, more fixes, and yet more madness."

Full Story (comments: none)

GNOME Software Announcements

The following new GNOME software has been announced this week: You can find more new GNOME software releases at

Comments (none posted)

The Second Day of the KDE 4.0 Release Event (KDE.News)

Day two of the KDE 4.0 release event is covered by There were presentations on KDE 4 history and roadmap, KOffice, the Qt GPLv3 licensing, Amarok, and more. "Then, Aaron explored what KDE is, and what our community is based on - freedom and openness. Freedom to do work, have fun, and connect with others. Further, Aaron moved on to KDE 4, and discussed the near-future plans and ideas. The vision of KDE 4 is based upon three principles: beauty, accessibility, and functionality."

Comments (none posted)

Qt goes GPLv3

Trolltech has announced that, effective immediately, the Qt libraries will be distributable under version 3 of the GPL. "Trolltech hopes that its move will inspire free software projects to use GPL v3 when programming with Qt." Qt will be dual-licensed, with GPLv2 remaining an option.

Comments (40 posted)

KDE release schedule changes

A new KDE release schedule has been announced: "KDE switches to time-based, 6 months release cycle, KDE 4.1 to be released in July"

Full Story (comments: none)

KDE Software Announcements

The following new KDE software has been announced this week: You can find more new KDE software releases at

Comments (none posted)

Financial Applications

Announcing LedgerSMB 1.2.12

Version1.2.12 of LedgerSMB, a web-based accounting system, has been announced. "The LedgerSMB team has released LedgerSMB 1.2.12 which includes a number of non-critical bug fixes. The major fixes in this release include fixes to warehouse transfer logic, some error handling corner cases, and some fixes to lastcost/avgcost updates."

Full Story (comments: none)

Music Applications

Jackbeat 0.6.2 released

Version 0.6.2 of Jackbeat, an audio sequencer, has been announced. This releases adds several new capabilities, bug fixes and new drum kits.

Full Story (comments: none)

miniloop 0.0 Released

Version 0.0 of miniloop has been announced. "miniloop is a simple live looping program. It can load a number of stereo audio loops of equal length from the disk and loop them in sync with each other, sending each loop to a different pair of JACK audio outputs. These outputs are intended to be subsequently fed into an external software mixer, such as Ardour. For live performance, you will want to control the mixer using a MIDI control surface."

Full Story (comments: none)

Video Applications

Dirac 0.9.0 released

Version 0.9.0 of the Dirac video CODEC has been announced: "Major release complying with the latest Dirac Bytestream Specification Dirac 2.0.0. The specification document can be downloaded from". This release includes numerous enhancements and bug fixes.

Full Story (comments: 2)

Languages and Tools


GCC 4.2.3 Status Report

The January 21, 2008 edition of the GCC 4.2.3 Status Report has been published. "The 4.2 branch is in regression-only mode. Since it has been more than two months since the last release, I propose to prepare 4.2.3-rc1 on Friday 25 January, with either rc2 or the final release on Friday 1 February. Therefore, the branch will go into slush (all changes must be approved by an RM) at 18:00 UTC on Friday, until the release is out."

Full Story (comments: none)

GCC 4.3.0 Status Report

The January 21, 2008 edition of the GCC 4.3.0 Status Report has been published. "We are in Stage 3. When we reach 100 open regressions, we will go to regression-only mode; one of the release managers will announce the exact time the mode is entered. When we approach the 4.3.0 release, we will create a branch, and open Stage 1 for 4.4.0."

Full Story (comments: 1)

Status of GCC 4.3 on HPPA (Debian)

Martin Michlmayr has sent in a report on the status of the GCC 4.3 compiler on the HPPA architecture. "I recently compiled the Debian archive (around 7000 packages that need to be compiled) on HPPA (PA RISC) using trunk to identify new issues before GCC 4.3 is released."

Full Story (comments: none)


Caml Weekly News

The January 23, 2008 edition of the Caml Weekly News is out with new articles about the Caml language.

Full Story (comments: none)


Parrot 0.5.2 released (use Perl)

Version 0.5.2 of the Parrot virtual machine has been announced. "Parrot 0.5.2 Highlights: "make perl6" uses the new pbc_to_exe tool to build a Perl 6 executable. It's still a ways from being a finished implementation of Perl 6, but we're working on that. Come join us! Parrot now has a LOLCODE implementation!"

Comments (none posted)

Perl 6 Design Minutes

The Perl 6 Design Minutes for the January 9, 2008 meeting have been posted. "The Perl 6 design team met by phone on 09 January 2008. Larry, Allison, Patrick, Jerry, Will, Jesse, Nicholas, and chromatic attended."

Comments (none posted)

This Week on perl5-porters (use Perl)

The January 6-12, 2008 edition of This Week on perl5-porters is out with the latest Perl 5 news.

Comments (none posted)


Zend Weekly Summary

The January 3, 2008 edition of the Zend Weekly Summary is out with new articles about PHP. Contents include: "Taint mode decision; late static binding; property type hinting; PECL/core relations; WDSL load error; how to disable the built-in POST handler; a cleanup and maintenance offer; optional scalar type hinting [continued]; string parser BC breakage; ternary shortcut reaches PHP_5_3".

Comments (none posted)


Python-URL! - weekly Python news and links

The January 21, 2008 edition of the Python-URL! is online with a new collection of Python article links.

Full Story (comments: none)


XML Copy Editor: Version introduces Aspell support (SourceForge)

Version of XML Copy Editor, a validating XML editor, has been announced. "Version introduces full Aspell support and XML Schema-based element inspection."

Comments (none posted)

Version Control

ODF-SVN: First odfsvn release: 1.0a1 (SourceForge)

Version 1.0a1 of ODF-SVN has been announced. "odfsvn is a toolset that allow you to manage ODF documents in a subversion repository: it allows simple methods to checkout documents from a repository, update documents to the latest version and commit changes."

Comments (none posted)


Bugzilla C# Proxy: 0.2.0 released (SourceForge)

Version 0.2.0 of Bugzilla C# Proxy has been announced. "Bugzproxy is a C# based assembly that provides access to a Bugzilla server, using the WebService interface of Bugzilla 3.0 or newer (at least 3.0.2 recommended). Works with both MS Windows and Linux/Mono. This release adds several minor changes, a more .net like API, and support for appending a comment to a bug."

Comments (none posted)

SP-Forth: 4.19 released (SourceForge)

Version 4.19 of SP-Forth has been announced. "ANS Forth for Win32 and Linux/x86 (used to compile the following SF projects: acWEB, acFTP, acFreeProxy, acSMTP, Forth-Script) This release features fixes and improvements in kernel, adds more documentation."

Comments (none posted)

Page editor: Forrest Cook

Linux in the news

Recommended Reading

Ars Technica reviews KDE 4.0 (ars technica)

ars technica has posted a detailed review of KDE 4.0. "The KDE development team controversially decided to release 4.0 in a premature state in order to stimulate user interest and promote accelerated development. The result is that KDE 4.0 is, in many ways, like a preview for developers and technical enthusiasts rather than a release for enterprise desktops and production environments. My extensive testing shows that KDE 4.0 can be used on a day-to-day basis, but there are many inconveniences posed by the software's current limitations. In this article, I will try to provide a balance of forward-looking analysis and detailed descriptions of the software's current state."

Comments (none posted)

LILO and GRUB: Boot Loaders Made Simple (O'ReillyNet)

O'ReillyNet compares LILO and GRUB. "LILO (Linux Loader) and GRUB (GRand Unified Bootloader) are both configured as a primary boot loader (installed on the MBR) or secondary boot loader (installed onto a bootable partition). Both work with supporting operating systems such as Linux, FreeBSD, Net BSD, and OpenBSD. They can work with unsupported operating system, such as Microsoft Windows XP, in the configuration file. Both allow users—root users—to boot into single-user-mode."

Comments (41 posted)

Trade Shows and Conferences

Closing Day at the Release Event (KDE.News) wraps up its coverage of the KDE 4.0 release event with a summary of the talks and demos from the final day. Some of the topics covered were KDE on Windows and Mac, KStars, KNetworkManager, Open Document Format, and more. "There were also big name visitors from the Linux community including Andrew Morton and developers with NVidia and AMD, as well as many from within our hosts, Google. This event has not only been a successful celebration of the start of our KDE 4 series, it has also been an excellent opportunity to meet and talk with a section of our community who have been unable to get to our European conferences."

Comments (8 posted)


Linux developer switches to Microsoft's Windows Security Team (Heise Security)

Heise Security reports that Crispin Cowan, creator of AppArmor, has joined the Windows Security Team. "In October of last year, Novell parted with Cowan and five other AppArmor developers, who had been brought on board in mid-2005 following the company's acquisition of Immunix, which included AppArmor."

Comments (none posted)

Red Hat at the crossroads (ITPro)

ITPro looks at Red Hat's history and current state. "As the biggest open source company in the world, Red Hat stands at a significant crossroads between its open source roots and significant growth in enterprise demand for its products, as underlined by changes made to its management, discontent within its user community and a sharp rise in profits."

Comments (1 posted)

Linux Adoption

Federal Employment Office switches to Linux (Heise Online)

Heise Online reports that the German Federal Employment Office (BA) has switched to Linux. "The BA is using the OpenSuse 10.1 Remastered distribution and the latest version of the Firefox web browser. The software was installed on the server as a repository and the clients can access it via PXE Boot. The BA told heise online that the switch, concluded at the end of last year, lasted some nine months including planning and did not involve any external service providers - it carried no additional costs."

Comments (1 posted)

Can Linux finally unite Korea? (Guardian Unlimited)

Guardian Unlimited examines a collaborative Linux effort between North and South Korea. "Under the banner of "Hana Linux" - literally "One" Linux - the two countries have agreed to work on a groundbreaking IT development project that might shatter the final Cold War boundary. South Korea is one of Linux's biggest converts. Since discovering the free operating system in 2003, officials have unveiled plans to switch all government-run offices to Linux. Now under the terms of the agreement signed between the two states, South Korea will set up Linux training centres in North Korea."

Comments (16 posted)


ODF Alliance refutes Burton Group report (Groklaw)

Groklaw analyzes an Open Document Format Alliance paper that finds a number of problems with the recent Burton Group Report on ODF and MSOOXML. "6. Burton calls ODF "somewhat simple" compared to OOXML. Smile. Being simpler than Microsoft's 6,000-page initial offering is probably not hard to accomplish. Nor is it a bad thing in a standard. Call it a feature, not a bug. You want people to be able to use the standard, after all. Many of the comments that the National Bodies' technical committees offered had to do with the sheer impossibility of even evaluating something so long and complicated in a short space of time."

Comments (none posted)


How To Roll Your Own Linux Distro (InformationWeek)

InformationWeek offers advice to those who would create their own distribution. "Remastering, or respinning, involves installing a given distribution, customizing it, and then recompiling the distribution, modifications and all, back into an image file (typically an .ISO). In the last couple of years this approach has become much easier thanks to collections of community-created tools and scripts to automate the process, so it's something that is rapidly becoming a native function for many distributions. If you're just getting your feet wet with Linux and want to try your hand at creating a modified distribution, this is the best place to start."

Comments (3 posted)

Page editor: Forrest Cook


Non-Commercial announcements

OpenSAF Foundation to Support High Availability Project

The OpenSAF Foundation has been formed by telecommunications and enterprise computing companies to promote the development and adoption of an open source implementation of a high availability base platform middleware based on Service Availability Forum(TM) (SA Forum) Specifications. This project uses the LGPLv2.1 license.

Comments (none posted)

Commercial announcements

Cluster Resources announces Moab Workload Manager 5.2

Cluster Resources, Inc. has announced the release of its Moab Workload Manager 5.2 HPC resource management and scheduling software. "Running one Linux cluster and one Windows cluster, each with different peak usage and idle times is expensive and inefficient; running Windows on a Linux cluster yields maximum hardware utilization and ROI. Moab 5.2 removes the barrier of a node's operating system by maximizing workload throughput with a single self-optimizing system that balances the number of nodes running a particular OS against user/group and workload service levels."

Full Story (comments: none)

Announcing the Indamixx Portable Studio

Indamixx Portable Studio is a bundle of open-source audio software on a portable tablet computer which was recently announced with a price tag of $999.99. "The hardware is the Samsung Q1 Ultra. It comes with a 90 day manufacturers warranty. Online technical support is provided by for 90 days and we have included 90 days of icecast2 server access for those who enjoy streaming audio with IDJC". Currently, the Indamixx site only contains a photo of the device.

Comments (none posted)

Linspire announces $199 Linux PC

Linspire, Inc. has announced that it is partnering with Mirus Innovations to sell a $199 PC through Sears. "Value-priced - after $100 mail-in rebate - Linux PC features an Intel Celeron 1.6GHz Intel Celeron processor, 1GB memory, 80GB hard drive, Freespire 2.0, free CNR software delivery service and more".

Comments (11 posted)

Openads Closes $15.5 Million Series B Funding

Openads has announced the receipt of 15.5 Million dollars in funding. "Openads, the developer of the free, open source ad server now used by more than 30,000 publishers worldwide, today announced the completion of its Series B financing. The $15.5 million investment was led by Accel Partners, with participation from existing investors Index Ventures, First Round Capital, Mangrove Capital Partners and O'Reilly AlphaTech Ventures. The company will use the funds to accelerate product development and expand its team to support its large publisher community, which is now using Openads to deliver billions of ads daily in over 100 countries around the world."

Comments (none posted)

Timesys announces Linux support for Xilinx Virtex devices

Timesys Corporation has announced that it will provide Linux support for the Xilinx high-performance Virtex FPGA platform. "Starting today, Timesys is offering LinuxLink subscriptions for the Xilinx Virtex-4 FX platform, which provides up to two PowerPC(R) 405, 32-bit RISC processor cores in a single device. Additional support for other Xilinx FPGAs will be available in the coming months."

Full Story (comments: none)


FSFE Newsletter

The January 16, 2008 edition of the FSFE Newsletter is online with the latest Free Software Foundation Europe news. Topics include: MS vs EU - Microsoft Releases Interoperability Information To SAMBA, FSFE Supports New Antitrust Case, Google Contributes To The FTF, Free Software Story In Berlin, FScons, Meeting On Privacy, STACS Session In Belgrade and Serbian Ministry For Information Society Undertakes Localisation Efforts.

Full Story (comments: none)

The state of Linux according to Google

Peter Alguacil takes a look at Google search trends. Comparisons include Ubuntu, Red Hat, SUSE, Fedora and Debian. KDE and GNOME, and more. "Though looking at search statistics can never give a complete picture, this gives an interesting perspective to how things are going for Linux, especially when viewed through the eyes of such a dominant and pervasive search engine as Google."

Comments (42 posted)

Event Reports

The First Day of the KDE 4.0 Release Event (KDE.News)

KDE.News has a report from the KDE 4.0 Release Event in Mountain View, California. "The Plasma gathering was probably the busiest, drawing a large crowd. Aaron Seigo, lead Plasma developer, initiated the session with an introduction of Plasma concepts, explanations of fundamental design decisions, and how Plasma enables new interaction possibilities over the KDE 4 cycle."

Comments (none posted)

Meeting Minutes

GNOME Foundation Meeting Minutes

The minutes from the January 2, 2008 GNOME Foundation Meeting have been published.

Full Story (comments: none)

LF Desktop Linux Workgroup Conference Call

The minutes from the January 16, 2008 Linux Foundation Desktop Linux Workgroup Conference Call have been published.

Full Story (comments: none)

Calls for Presentations

CFP: Operating Systems Review special issue on the Linux kernel

A call for papers has gone out for a Special Issue of the SIGOPS Operating Systems Review on the topic of Research and Developments in the Linux Kernel. "For this OSR special issue, we welcome technical papers covering the latest advances that have been or will soon be merged into the Linux kernel, as well as wild idea papers discussing promising experimental work. In recognition of the current chasm that we wish to bridge, we encourage papers from both the Linux kernel community and the research community." The submission deadline is March 14, 2008.

Full Story (comments: none)

Samba eXPerience 2008 - Call for Papers

A call for papers has gone out for the 2008 Samba eXPerience. "From April 17th to 18th 2008 developers and users will meet again in Goettingen, Germany at the seventh international Samba conference, the "samba eXPerience 2008"." The submission deadline is January 28.

Comments (none posted)

Troopers 08 Security Conference: Call for Papers

A call for papers has gone out for the Troopers 08 Security Conference. "Troopers 08 - get skilled or get owned" is a new two-day conference that brings together some of the brightest minds of the international infosec community. The event will be held on 23rd and 24th april 2008 in Munich/Germany. Keynotes will be given by Dan Bernstein and Christofer Hoff. There will be two tracks, a kind-of-classical one that we call the "Attack Track" (covering cutting-edge hacktechniques and security discussions) and another one we call the "Defend Track" which mainly addresses ISOs from large organizations and their specific needs and concerns." The submission deadline is February 15.

Full Story (comments: none)

Upcoming Events

Django at PyCon

David Cramer's blog notes the presence of the Django web platform team at PyCon in March. "Of course, Django will be very well represented at PyCon, with activities for Djangonauts of all skill levels: I'll be teaching a Beginning Django tutorial aimed at folks just getting started with Django. In past years this tutorial has filled up rapidly, so if you'd like to attend I recommend signing up soon. Also on the tutorial day will be a Django "Code Lab" designed for people with some Django projects already under their belts. We've got a great panel of experts lined up to critique and improve your code: Adrian Holovaty, James Bennett, and yours truly."

Comments (none posted)

Spring 08 Linux Foundation Collaboration Summit

The 2nd Linux Foundation Collaboration Summit will be held on April 8-10, 2008 at the UT Austin Supercomputing Center in Austin, TX. "This unique, invitation-only event brings together the brightest minds in the Linux ecosystem from the kernel, end user, desktop, legal and vendor communities to collaborate on the advancement of the Linux platform. Attendees can expect purposive discussion, examination and debate through engaging plenary session content and workgroup meetings. Breakout sessions contain all the domain expertise and key players necessary to make immediate contributions to the platform."

Full Story (comments: none)

UKUUG Spring 2008 Conference

The UKUUG Spring 2008 Conference has been announced. "UKUUG is the UK's open systems organisation, promoting the use of open systems, standards and software everywhere, UKUUG holds two annual conferences as well as seminars and tutorials throughout the year. UKUUG's Spring conference is aimed at people with responsibility for large systems; 2007's conference targetted virtual systems and this interest is being maintained for 2008."

Comments (none posted)

Events: January 31, 2008 to March 31, 2008

The following event listing is taken from the Calendar.

January 28
February 2 2008 Melbourne, Australia
January 28
February 1
Ruby on Rails Bootcamp with Charles B. Quinn Atlanta, Georgia, USA
January 29
January 31
Solution Linux 2008 Paris, France
February 1 Open Island Belfast, United Kingdom
February 6
February 10
O'Reilly Money:Tech Conference New York, NY, USA
February 7 Frozen Perl 2009 Minneapolis, United States
February 8
February 10
Southern California Linux Expo Los Angeles, USA
February 10
February 13
NDSS Symposium 2008 San Diego, CA, USA
February 11 Florida Linux Show 2008 Jacksonville, Florida, USA
February 11 Open Source Software (OSS) and the U.S. Department of Defense (DoD) Alexandria, VA, USA
February 13
February 15
German Perl-Workshop Regionales Rechenzentrum Erlangen, Germany
February 16 Frozen Perl 2008 Workshop Minneapolis, USA
February 19
February 20
Linux Developer Symposium Beijing, China
February 19
February 20
Files and Backup London, UK
February 22
February 24 Delhi, India
February 23
February 24
Free/Open Source Developers' European Meeting 2008 Brussels, Belgium
February 23
February 26
Linux World Mexico Mexico City, Mexico
February 25
February 26
2008 Linux Storage and Filesystem Workshop San Jose, CA, USA
February 25
February 29
NEW PHP 5 and PostgreSQL Bootcamp with Mark Fenoglio Atlanta, Georgia, USA
February 25
February 27
German Perl Workshop Frankfurt, Germany
February 28
March 1
Linux Audio Conference Cologne, Germany
March 1
March 2
Chemnitzer Linux-Tage 2008 Chemnitz, Germany
March 3
March 6
O'Reilly Emerging Technology Conference San Diego, CA, USA
March 3
March 6
Drupalcon Boston 2008 Boston, MA, USA
March 4
March 9
CeBIT Germany Hannover, Germany
March 8
March 14
Asia OSS Conference & Showcase 2008 Guangzhou, China
March 11
March 12
4th AustralAsian Cleantech Forum Melbourne, Australia
March 14
March 16
PyCon 2008 Chicago, IL, USA
March 15 FSF Associate Members Meeting Cambridge, MA, USA
March 16
March 19
BossaConference 2008 - International Conference on Open Source Software for Mobile Embedded Platforms Pernambuco, Brazil
March 16
March 21
Novell BrainShare 2008 Salt Lake City, UT, USA
March 16
March 20
Free Software and Open Source Foundation for Africa Dakar, Senegal
March 17
March 20
Eclipse Community Conference Santa Clara, CA, USA
March 17
March 20
Spring VON.x Conference San Jose, CA, USA
March 19
March 20
LinuxWorld Expo 2008 Brussels Brussels, Belgium
March 24 SDForum Global Open Source Conference San Francisco, CA, USA
March 26
March 28
CanSecWest 2008 Vancouver, BC, Canada
March 26 Document Freedom Day Everywhere, Worldwide
March 29
March 30
PostgreSQL Conference East 2008 College Park, MD, USA

If your event does not appear here, please tell us about it.

Audio and Video programs

Embedded Linux Conference Europe 2007 videos

Free Electrons has released free Ogg/Theora videos from the first edition of the European Edition of CELF's Embedded Linux Conference, which happened in Linz, Austria last November, together with the 9th Real-Time Linux Workshop organized by the Real-Time Linux Foundation.

Full Story (comments: none)

Page editor: Forrest Cook

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds