LWN.net Weekly Edition for November 5, 2009
Courgette meets a dangerous (Red) Bend
Back in July, your editor stumbled across Google's Courgette announcement and promptly added it to the LWN topic slush pile. He then promptly let it sit for three months or so. The news that this software is now the subject of a patent suit brought Courgette back to the foreground; here we'll look at what Courgette is for, how it works, and how it relates to the patent being asserted.As most LWN readers will know, Google is working on its own web browser, called Chrome. The Chrome developers seem to be focusing on speed, but they are also clearly putting significant thought into the security of the browser. That is a good thing: web browsers are a large, complex body of code which are directly exposed to whatever a web server might choose to throw at them. The complexity makes security-related bugs inevitable; the exposure makes them highly exploitable. Chrome's developers have come to the conclusion that, when security problems are found, they must be fixed as quickly as possible.
Prompt patching of bugs requires that they be identified and repaired as quickly as possible. But the repairs are not useful unless they get to the browser's users - all of them, or as close to that as possible. The Chrome developers worried that the sheer size of browser updates would make that goal harder to achieve. Massive updates take longer to download and install, are more likely to be interrupted in the middle, and greatly increase the strain on server bandwidth. Pushing out a fix for a severe zero-day problem might even tax the bandwidth resources of a company like Google, leaving users exposed for longer than they should be.
If the size of browser updates could be reduced significantly, it should become possible to update far more systems in less time. After looking at various ways to compress patches, the Chrome developers decided to create their own algorithm; the result was Courgette. This algorithm is based on the key observation that small changes at the source level tend to cascade into big changes in binary code; by taking a small step back toward the source, many of those changes can be abstracted back out.
In particular, Courgette tries to eliminate irrelevant changes to static pointers. Consider a simple example:
if (some_condition)
goto error_exit;
/* ... */
error_exit:
return -EYOULOSE;
As the program is built, error_exit turns into a specific location in the code. An irrelevant change elsewhere in the file can cause the location of error_exit to change; that, in turn, will change the final compiled form of the goto line even though that line has not changed. That changed address looks like a difference in the binary file; when this happens thousands of times over, the binary patch will become severely bloated.
Courgette works by finding static pointers in the code and turning them back into something that looks like a symbolic identifier. The new identifiers are generated in a way that ensures that they do not change if the underlying code has not changed. New versions of the binary (both before and after patching) are built using the replaced pointers; these reworked binaries can then be compared with a utility like bsdiff. Since addresses with unimportant changes have been replaced with consistent identifiers, the two binaries should be a lot closer to each other and the resulting diff should be much smaller.
How much smaller? In an example cited on chromium.org, a full update weighed in at some 10MB. Using bsdiff (which already shrinks binary diffs considerably) yielded a 700KB change, already a significant improvement. With Courgette, though, the diff is 78,848 bytes. In other words, the size of the update has been dropped to less than that of the unpleasant flash ad which probably decorates this article. That seems like an improvement worth having. It also seems like a technology that projects like deltarpm (which is bsdiff-based at its core) might want to take a look at.
Enter Red Bend Software and patent #6,546,552. For the curious, here is the first independent claim from that patent:
(a) scanning the old program and for substantially each reference entry perform steps that include:
(i) replacing the reference of said entry by a distinct label mark, whereby a modified old program is generated;
(b) scanning the new program and for substantially each reference entry perform steps that include:
(i) replacing the reference of said entry by a distinct label mark, whereby a modified new program is generated;
(c) generating said difference result utilizing directly or indirectly at least said modified old program and modified new program.
Even for patentese, this language tends toward the impenetrable. But once one realizes that "reference entries that contain reference that refer to other entries" means "addresses," it starts to become a little clearer. To your editor's overtly non-lawyerly, not-legal-advice reading, this claim does appear to describe what Courgette is doing.
Google is not dealing with a typical patent troll here; Red Bend is a company which manages over-the-air firmware updates for mobile carriers. The patent was applied for in 1999, and granted in 2003. This company may well be in a position to tell a sob story where its bread-and-butter patent is being stepped on by Google - a company which is now getting into the business of supplying firmware for mobile phones. On its face, this could certainly be made to look like just the sort of situation the patent system was created to deal with.
Of course, there may be prior art which invalidates this patent. But Google may well find that it's cheaper and easier to just settle with Red Bend, especially if, as Richard Cauley argues, the amount of the settlement could be quite small. Defeating a patent in court is a lengthy, expensive, and risky enterprise; it would not be surprising if Google decided that it had better things to do. The real question, in that case, is what sort of terms Google would negotiate. If Google takes a page from the Red Hat playbook, it will seek to get this patent licensed for all free software implementations. That outcome would remove this patent from consideration in the free software community and keep Courgette free software. A back-room deal with undisclosed terms, instead, could leave this useful technique unavailable for the next ten years.
AbiWord 2.8 features expanded collaboration
The multi-platform, open source word processor AbiWord was updated to version 2.8 last week, debuting several new editing features, most notably expanded real-time collaboration support. AbiWord's collaboration capabilities are designed to work on top of a variety of underlying transport mechanisms, but the project is highlighting its AbiCollab.net web service, which not only allows peer-to-peer collaboration, but group membership and other social networking features.
AbiWord is a standalone word processor, and thus has significantly lower disk and memory footprints than OpenOffice.org, which bundles word processor, spreadsheet, presenter, and several other office applications together. In fact, it is the word processor shipped by the One Laptop Per Child project on its modestly-powered XO laptops. It is built using GTK, but like most modern applications runs on all Linux desktop environments. The new release was made on October 27, for Linux, Windows and Mac OS X. Linux users are encouraged to get binaries through their distribution's package manager, or consult the wiki for finding third-party packages.
What's new: vector graphics, annotations, and punctuation education
![[Multi-page view]](https://static.lwn.net/images/abiword-multipage-sm.png)
Version 2.8 introduces annotation support, with which users can attach comments to portions of document text. The annotations are visible as pop-ups when the cursor moves over the annotated text, and can also be optionally displayed in the footer of each page. It also adds a flexible multi-page view, allowing the user to see as much of his or her document as fits on screen — not as a preview image, but as an open, editable session.
AbiWord also supports the use of SVG and WMF graphics inside a document, and now uses the Cairo rendering engine for greatly increased quality — on screen as well as printed. Previous releases converted SVG images on import, resulting in quality degradation. Similarly, according to the release notes, previous versions of AbiWord had a broken implementation of "educating quotes" — the process to automatically convert basic, straight "dumb quotes" into aesthetically curved "smart quotes" — but the feature has finally been fixed for 2.8.
Import and export of other file formats has also improved, including TeX, ODT, the S5 presentation format, and Microsoft DOCX — a project which the AbiWord team mentored a student during this year's Google Summer of Code. The code clean-up that included the aforementioned Cairo support also replaced the now deprecated gnome-print printing library with the preferred GTK Print.
In spite of its goal to remain a lean word processor, AbiWord does support some cross-application features common to full office suites. AbiWord documents can be embedded into other applications with the GTK AbiWidget, and AbiWord can now embed Gnumeric spreadsheets within its own documents. Both features received updates in this release.
![[Collaboration]](https://static.lwn.net/images/abiword-collaboration-sm.png)
Finally, the most talked-about change in 2.8 is the substantial update to AbiWord's collaborative editing feature. Collaborative editing was introduced in the 2.6.x code base, with the ability for two AbiWord instances to directly connect to each other over TCP for a shared editing session, or to connect through an XMPP server. 2.8 marks the debut of a free web service called AbiCollab.net, which functions as a connecting point for AbiWord sessions, and as an online document storage service.
Collaborating with AbiCollab.net
![[AbiCollab.net]](https://static.lwn.net/images/abicollab-tagging-sm.png)
AbiCollab.net provides free user accounts that come with 25M of document storage. In addition to storing the contents, the site retains a full version history that can roll back the document to a previous state. It also supports export to the AbiWord, ODT, RTF, PDF, HTML, plain text, and DOC formats, has a tagging system intended to help users more easily find their documents, and password-protected RSS feeds for monitoring changed files. Users can create a blank document on the site, upload an existing document, or activate AbiCollab.net sharing on an open document from AbiWord's Collaborate menu.
Those features amount to an online storage service, though; AbiCollab.net's real advantage is that it allows real-time collaborative editing without the hassle of directly connecting two applications by IP address. Site users can share documents with other users or make them globally-accessible. Sharing includes a read-only option as well as full read-write permission, on a document-by-document basis.
There are two ways to connect to other users on the site — adding them individually as friends in traditional social networking style, and by group. Users can set up their own groups at will, and group owners can manage group membership and set administration privileges for members. The site is still structured around the documents, however — there are no status updates, profile pages, or other social elements. Preserving privacy is also important; potential friends can only be found through searching as a logged-in user, and every user can mark their account as invisible to searches. Friend requests must be approved by both parties.
The AbiCollab.net server relays changes between two users of a shared document using its own synchronization protocol, not the HTTP connection. Developer Martin Sevior described the protocol as very bandwidth-friendly, and said it was akin to a distributed version control system. As useful as it is, though, there are some limitations. AbiWord cannot simultaneously share a document via AbiCollab.net and over a peer-to-peer (TCP or XMPP) connection.
Competition
Sevior has said that online office suites like Google Office and Zoho are AbiCollab.net's main competition, but he believes that integrating sharing into the local desktop application offers a far superior work experience than that provided by an in-browser editor. AbiWord offers advanced editing features not found in any web application, such as control over margins, tabs, table positioning, footnotes, outlines, and math, he said.
Also, its standard menus and dialogs offer a better user experience than the JavaScript-created menus and dialogs implemented in a web editor — which are often modal, block user input, and can be difficult to activate with the mouse. Finally, he added, AbiWord can handle significantly larger documents without suffering from performance problems, while web browsers begin to struggle with 20 pages or more.
Some free software advocates criticized the AbiCollab.net site launch last week because the source code to the site is not free. Sevior and fellow developer Marc Maurer acknowledged the concern, but pointed out that the service was new. The team would like to find a way to make the site code free, but they also want to investigate ways to use it to raise funds to help support further development. Ideas include offering larger storage space for a fee and building a custom server for business use, but all of the ideas are just brainstorming at present.
In the meantime, it is still possible to use AbiWord to collaboratively edit documents with a peer-to-peer TCP or XMPP connection. The application does not know or care what network transport mechanism is being used; in fact work is well underway to use Telepathy as yet another editing session transport in a future release.
AbiWord has long been a solid word processing choice on the desktop, while Google Docs and other web suites get away with offering fewer editing and formatting features by making document sharing simple. AbiWord 2.8 with built-in real-time editing through AbiCollab.net is an attempt to do both. Whether it will catch on to the degree that in-browser editors have is anybody's guess, but one must not forget that AbiWord has the advantage of being completely cross-platform, which makes it an option for every computer, just like the web browser.
Gerrit: Google-style code review meets git
Gerrit, a Git-based system for managing code review, is helping to spread the popular distributed revision control system into Android-using companies, many of which have heavy quality assurance, management, and legal processes around software. HTC, Qualcomm, TI, Sony Ericsson, and Android originator Google are all running Gerrit, project leader Shawn Pearce said in a talk at the October 2009 GitTogether event, hosted at Google in Mountain View.
The Gerrit story starts with the progressive escape of an in-house Google process and tool. Google requires code review for any change to company code or configuration files; there are a few exceptions, but those are subject to review after deployment. The code review process started out using lots of email, but for the past several years it has been automated. When Guido van Rossum, creator of the Python language, began working at Google in 2005, he started developing a tool, in Python naturally, to coordinate code reviews. The result, called Mondrian, lets users view the proposed change as a side-by-side comparison, and participate in comment threads attached anywhere in the code under review. An overview page shows a to-do list of incoming changes to review and reviewers' comments. Van Rossum presented Mondrian at a public talk in 2006. (video).
Mondrian has been a huge success inside
Google, Pearce said. "Almost every engineer
uses this as their daily thing
". But
Mondrian is heavily dependent on Google's
internal infrastructure, including the in-house Bigtable
non-relational table store and the proprietary Perforce revision
control system. Google is a huge Perforce shop, and
has built its own highly-customized IT infrastructure,
including Perforce-dependent tools.
The first step in making a Mondrian-style tool available to a wider audience was van Rossum's 2008 release of Rietveld, which uses Subversion instead of Perforce, and the public interfaces of Google App Engine instead of Google internals. It's named for modern architect Gerrit Rietveld. As Google began the Android project, though, developers demanded a Mondrian-like tool for their codebase, tracked with Git. Google App Engine was a deal-breaker, because mobile hardware vendors working on Android-based products maintain internal repositories, and won't rely on an outside service.
Shawn Pearce, who previously reimplemented git in Java as JGit, and is now at Google, took on the project; the result is Gerrit Code Review, now used to track public proposed changes to Android. Android's applications are written in Java, so writing the new tool in that language should make it more accessible to would-be contributors among Android developers.
Gerrit runs a copy of the Mina
SSH daemon, along with JGit, which
is now maintained as part of the Eclipse EGit project.
Although the combination is slower than original
git over OpenSSH, it's fast enough for the Android
developers. "The entire Android team uses this as
their interface to Git
", Pearce said. The server-side
dependencies are Tomcat and an SQL database, which
so far can be either MySQL, PostgreSQL, or H2. Gerrit
uses OpenID for authentication by default, but can
be configured to use HTTP basic (or digest)
authentication, or Siteminder, a single-sign-on system
from Computer Associates.
On the UI side, Gerrit uses Google
Web Toolkit, an Apache-licensed project that
compiles Java to JavaScript with AJAX functionality.
The UI has a few tiny Flash widgets for convenience,
- to copy Git command lines to the clipboard, for example - but Flash
is not required. A user who prefers not to use the
web interface can also ssh to the Gerrit server to
execute commands. Gerrit doesn't enforce any particular processes
to make git look more like the centralized revision
control systems that spawned Mondrian and Rietveld. A
Gerrit-using developer has a full git install and
can still do distributed revision control tricks,
such as cherry-picking from a newer upstream release.
![[Android workflow]](https://static.lwn.net/images/ns/android-workflow-sm.png)
Gerrit just guards access to its own repository.
A developer can set up a git repository with "origin"
pointing back to an ssh:// URL on the Gerrit server,
and do something like centralized development, or do
"drive-by" interactions with a Gerrit server like
any other Git repository.
To propose a change for approval through Gerrit,
a developer must start a branch in git for that
change. Each change, and each iteration of a
reworked change, becomes a new branch. In order to
preserve information among successive versions of
the same work, Gerrit includes a git hook to apply a
"Change-Id" line to commit messages. After doing
a git push to the Gerrit server, the
developer can come back to the web dashboard and
see the status of the pending change, then request
a code review. Alternatively, a wrapper called Repo
lets the developer specify a reviewer on the command
line when doing the push.
Once a reviewer is lined up, Gerrit starts sending email, giving both the URL for the Gerrit page and a git command line for the reviewer to pull the change. On the change page, a reviewer can see the change side-by-side with the original or as a diff, and add review comments anywhere in the code along with a "cover sheet" message. Approval has multiple levels, with configurable access to the range that a reviewer can apply. Typically, an individual developer would be able to apply -1 or +1, which are "prefer you don't submit this" and "I like it," and some would have access to the -2 "do not submit" and +2 "Approved" levels. The web interface is not required--a reviewer can ssh to the Gerrit server to approve or reject a change.
A rejected and reworked change with a proper "Change-Id" line preserves Gerrit metadata, and the reviewer can see his or her original comments and the submitter's replies, join an existing comment thread on the previous, rejected version, or start new comment threads anywhere in the new version. If the change is not accepted, the new version has to be a new branch.
Kernel developer David Brown, at the
Qualcomm Innovation Center, uses Git and Gerrit with
his team. "The biggest complaint people have so far
about Gerrit is people have to be constantly rebasing
their changes
", he said. However, the company has an
extensive review process in order to make anything
available under a free software license, and Gerrit
streamlines the process of approving changes for the
people who are authorized to check outgoing code.
"
The biggest thing that's changed since last year
is Gerrit. The second biggest thing that's changed
since last year is Gerrit
", Brown said. But,
he added, doing things the Gerrit way does work.
"
Most people learn a really small subset of git,
I mean a really really small subset of git
", he said.
Gerrit can be set up to automatically enforce
some policies. "There's a lot of different work
models people want
", Pearce said. For example,
Gerrit can be set up to enforce a check for a signed
contributor agreement. The public Gerrit instance for
Android enforces the contributor agreement requirement for all modules
except the kernel, where only a "Signed-off-by"
line is required. Gerrit can be integrated with a bug
tracking system (BTS), but the integration is still based on
site-specific tricks, since everyone is on a different
bug tracker and nobody seems to like theirs very much.
Besides better BTS integration, Pearce is looking at
ways to store Gerrit metadata in git. "
We'd like to
do all the things that Gerrit does, offline
", he said.
"
The fact that it doesn't work offline is a bug.
"
The Android developers are still figuring out how to
connect with upstream. Staging maintainer Greg
Kroah-Hartman plans to drop Android drivers
from drivers/staging as of 2.6.33, as "no one wants
to maintain them and help get them merged into the
kernel
", he said in email. Behind the apparent driver
slowness are substantial corporate culture changes,
though, with both Qualcomm and TI starting programs to
manage outgoing code. Qualcomm is the lead sponsor of
Code
Aurora Forum, and TI is behind OmapZoom.org. In the
potential minefield that is the mobile industry, with
considerations such as not offending carrier partners,
securely supporting third-party applications,
deploying codecs and GUI code without patent troubles,
and complying with radio regulations, Gerrit seems
to be a needed focus for gatekeeping efforts.
Security
Chrome reflective XSS protection
Cross-site scripting (XSS) is one of the biggest problems on the web today. There are daily reports of XSS problems in various web sites and web applications (including LWN, see below). So, it is not surprising that browser makers are looking at ways to combat the problem. Previously, we looked at Mozilla's Content Security Policy (CSP), which is one approach, but the Chrome browser team has come up with something different: reflective XSS protection.
There are two basic types of XSS, persistent and reflected (or non-persistent). Persistent XSS is an attack that gets stored at the site, in a comment or some other user-generated content, that can then attack any user viewing that content. Reflected attacks, instead, have the payload stored in the HTTP request itself (as GET parameters or FORM submission values). These attacks are generally disguised and the victim is tricked into submitting them. Reflected XSS flaws well outnumber persistent flaws, so it makes some sense to concentrate on those.
The basic idea behind Chrome's reflective protection is to examine each script before it is run to see if it also exists in the request that was sent. If the page contents contain scripts that were sent in the request, it is likely that it is a reflected XSS attack. For example, if a link or form submission contains a parameter foo with the value:
<script>alert("XSS!")</script>
then the browser can recognize it in the response and refuse to run the script.
It isn't quite as simple as a direct string comparison, of course, as there are any number of tricks used by XSS attacks to obfuscate their intent. By using HTML entity encodings, XSS attacks can often slip by naïve tests. Things like:
javascript
may elude simple tests that are meant to prevent XSS, so the browser must
convert the request into a canonical form before doing the comparison.
In fact, a thread on sla.ckers.org shows various types of obfuscation that eludes the Chrome XSS filter. The participants, eventually including Chrome developer Adam Barth, keep attempting—mostly succeeding—to find ways around the filter. Those were then added to a WebKit bugzilla entry and many were fixed. Some of the more complicated cases are not yet handled.
Several comparisons to the Internet Explorer 8 XSS filter were made in the thread, generally unfavorably to Chrome's, but the Chrome filter is still relatively new. Certainly, the Chrome developers can learn from IE8's filter. Barth looked at the IE8 algorithm (by extracting it from the binary) and compared the two:
The whole thread is worth a read for anyone interested in XSS and the various tricks used by those attacks.
While the Chrome reflective protection is fairly recent, with bugs to squash and features to add, it will provide some added protection for users against XSS. It is a much simpler solutions than CSP—and doesn't require web developers to change the way they use Javascript—but it also only handles a subset of the full XSS problem. Both techniques likely have their place, but filtering reflected attacks is something that can be done more quickly than fundamentally changing the Javascript landscape as CSP requires. It seems likely that Mozilla could pick up this technique to add to its XSS protection, while still pushing CSP in the longer term. Given the "popularity" of XSS attacks, it is great to see the browser makers looking at multiple ways to reduce the risk.
Cross-site scripting here at LWN
We would like to thank Marti Raudsepp for letting us know about a security hole in the comment submission code for the site. We believe it is now fixed and, in general, that we have tightened up our HTML handling for comments. As part of that, we removed support for many attributes on HTML tags by whitelisting a small set of attributes. We might very well have been over-zealous and removed support for legitimate attributes. Please let us know at lwn@lwn.net if that is the case.
We would also like to remind folks that we encourage anyone who finds a security problem with the site to contact us (lwn@lwn.net works for that too). We give prompt attention to such things and thank anyone reporting them—rather than, say, turning them over to law enforcement.
Brief items
Strandboge: AppArmor sVirt security driver for libvirt
Jamie Strandboge writes about work he has done to add AppArmor support to sVirt on his blog. "Since virtualization is becoming more and more prevalent, improving the security stance for libvirt users is of primary concern. It was very natural to look at adding an AppArmor security driver to libvirt, and as of libvirt 0.7.2 and Ubuntu 9.10, users have just that. In terms of supported features, the AppArmor driver should be on par with the SELinux driver, where the vast majority of libvirt functionality is supported by both drivers out of the box."
Wheeler: Fully Countering Trusting Trust through Diverse Double-Compiling
David Wheeler announces the defense of his PhD dissertation on countering the classic "Reflections on Trusting Trust" attack, which Ken Thompson spoke about in 1984. That attack subverts compilers to continuously re-infect binaries produced by that compiler (including the compiler binary itself) with some kind of malicious payload (a login back door was Thompson's example). The attack is impossible to detect, except by using Wheeler's technique, which was originally described in a 2005 Annual Computer Security Applications Conference (ACSAC) paper [PDF]. His dissertation expands on that work, and the defense of it is open to the public on November 23 at George Mason University in Fairfax, Virginia. "This 2009 dissertation significantly extends my previous 2005 ACSAC paper. For example, I now have a formal proof that DDC is effective (the ACSAC paper only had an informal justification). I also have additional demonstrations, including one with GCC (to show that it scales up) and one with a maliciously corrupted compiler (to show that it really does detect them in the real world). The dissertation is also more general; the ACSAC paper only considered the special case of a 'self-parenting' compiler, while the dissertation eliminates that assumption."
New vulnerabilities
expat: buffer overflow
| Package(s): | expat PyXML | CVE #(s): | CVE-2009-3720 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | November 4, 2009 | Updated: | May 6, 2011 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | Incorrect UTF-8 sequences can cause expat (and tools using it, like PyXML) to read beyond its input buffer, leading to a crash. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
firefox, xulrunner: multiple vulnerabilities
| Package(s): | firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1 | CVE #(s): | CVE-2009-3371 CVE-2009-3377 CVE-2009-3381 CVE-2009-3383 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | November 2, 2009 | Updated: | June 11, 2010 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | From the Ubuntu advisory: Orlando Berrera discovered that Firefox did not properly free memory when using web-workers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 9.10. (CVE-2009-3371) Several flaws were discovered in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 9.10. (CVE-2009-3377) Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, David Keeler, Boris Zbarsky, Thomas Frederiksen, Marcia Knous, Carsten Book, Kevin Brosnan, David Anderson and Jeff Walden discovered various flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3380, CVE-2009-3381, CVE-2009-3382, CVE-2009-3383) | ||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
kernel: null pointer dereference
| Package(s): | kernel | CVE #(s): | CVE-2009-3547 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | November 4, 2009 | Updated: | February 15, 2010 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | The kernel contains a null pointer dereference vulnerability in the pipe code; see this article for details. Kernels from 2.6.21 (possibly even older) through 2.6.31 are affected. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
kernel: null pointer dereference
| Package(s): | kernel-rt | CVE #(s): | CVE-2009-3620 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | November 4, 2009 | Updated: | November 12, 2010 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | The r128 driver in the kernel contains a null pointer dereference vulnerability. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
kernel: denial of service
| Package(s): | kernel | CVE #(s): | CVE-2009-3621 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | November 4, 2009 | Updated: | February 19, 2010 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | There is a possible denial of service (via deadlock) vulnerability in the kernel Unix-domain socket code. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
libhtml-parser-perl: denial of service
| Package(s): | libhtml-parser-perl | CVE #(s): | CVE-2009-3627 | ||||||||||||
| Created: | October 30, 2009 | Updated: | January 12, 2010 | ||||||||||||
| Description: | From the Debian advisory: Mark Martinec discovered that the decode_entities() function will get stuck in an infinite loop when parsing certain HTML entities with invalid UTF-8 characters. An attacker can use this to perform denial of service attacks by submitting crafted HTML to an application using this functionality. | ||||||||||||||
| Alerts: |
| ||||||||||||||
mahara: multiple vulnerabilities
| Package(s): | mahara | CVE #(s): | CVE-2009-3298 CVE-2009-3299 | ||||
| Created: | November 2, 2009 | Updated: | November 4, 2009 | ||||
| Description: | From the Debian advisory: CVE-2009-3298: Ruslan Kabalin discovered a issue with resetting passwords, which could lead to a privilege escalation of an institutional administrator account. CVE-2009-3299: Sven Vetsch discovered a cross-site scripting vulnerability via the resume fields. | ||||||
| Alerts: |
| ||||||
proftpd-dfsg: certificate spoofing
| Package(s): | proftpd-dfsg | CVE #(s): | CVE-2009-3639 | ||||||||||||
| Created: | November 2, 2009 | Updated: | December 28, 2009 | ||||||||||||
| Description: | From the Debian advisory: It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, when the dNSNameRequired TLS option is enabled. | ||||||||||||||
| Alerts: |
| ||||||||||||||
rt3: JavaScript injection
| Package(s): | rt3 | CVE #(s): | |||||||||
| Created: | November 4, 2009 | Updated: | November 4, 2009 | ||||||||
| Description: | From the rt 3.8.5 release announcement: During a routine internal audit, it was determined that all versions of RT from 3.4.6 to 3.8.4 are vulnerable to an escaping bug in the display of Custom Fields that could allow injection of javascript into the RT UI. | ||||||||||
| Alerts: |
| ||||||||||
squidGuard: buffer overflows
| Package(s): | squidGuard | CVE #(s): | CVE-2009-3700 CVE-2009-3826 | ||||||||||||||||||||||||||||||||
| Created: | November 4, 2009 | Updated: | August 17, 2010 | ||||||||||||||||||||||||||||||||
| Description: | Several buffer overflows have been found in versions 1.3 and 1.4 of squidGuard. These vulnerabilities can be exploited to cause a denial of service situation or to bypass URL blocking. | ||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||
wireshark: multiple vulnerabilities
| Package(s): | wireshark | CVE #(s): | CVE-2009-3550 CVE-2009-3829 | ||||||||||||||||||||||||||||||||||||
| Created: | November 3, 2009 | Updated: | May 28, 2010 | ||||||||||||||||||||||||||||||||||||
| Description: | From the Mandriva alert:
Vulnerabilities have been discovered and corrected in wireshark, affecting DCERPC/NT dissector, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace (CVE-2009-3550); and in wiretap/erf.c which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file (CVE-2009-3829). | ||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||
wireshark: denial of service
| Package(s): | wireshark | CVE #(s): | CVE-2009-3242 | ||||||||
| Created: | November 4, 2009 | Updated: | November 25, 2009 | ||||||||
| Description: | Wireshark's GSM layer 3 radio resource protocol dissector can be made to crash with the wrong input, leading to (at least) a denial of service problem. | ||||||||||
| Alerts: |
| ||||||||||
Page editor: Jake Edge
Kernel development
Brief items
Kernel release status
The current development kernel is 2.6.32-rc6, released on November 3. Linus says:
The short-form changelog is in the announcement, or see the full changelog for all the details.
There have been no stable kernel updates in the last week.
Quotes of the week
If you don't understand that, you shouldn't be a maintainer.
I didn't really expect to be walking into the buzzsaw that I did. I imagined people would discuss the merits and flaws of the idea and we'd work towards an agreeable solution that improves Linux for everyone. It sure seemed to be going that way at first. Ultimately, I got hit over the head with package management, the bane of third-party development, as a panacea for everything.
Another null pointer exploit
Back in mid-October, Earl Chew reported a null pointer crash in the kernel pipe code. Initial response to his report was somewhat slow, partly because the kernel he was running was based on 2.6.21. Earl took the time to dig through the code and identify the problem, though; it turns out to be an old vulnerability which is still present in current kernels.What it comes down to is that there is a race condition in the pipe code. Prior to 2.6.32-rc6, the code which opens a pipe (for write-only access, in this case) looks like:
static int
pipe_write_open(struct inode *inode, struct file *filp)
{
mutex_lock(&inode->i_mutex);
inode->i_pipe->writers++;
mutex_unlock(&inode->i_mutex);
return 0;
}
The problem is that if the final close of this pipe slips in at the wrong time, inode->i_pipe may have been set to null. So this is yet another null pointer vulnerability; the rest is just a matter of writing the exploit. That exploit must face the challenge that the window of opportunity is quite short, but computers are very good at continually trying things until something works.
The fix makes the code much more careful about checking the current status of the pipe and refusing new opens if the final close has already happened. Distributors are shipping updates.
This particular bug is attracting attention because it is in the core kernel and (relatively) straightforward to trigger. But it is far from unique. A quick look at commits since 2.6.31 turns up no fewer than 34 which explicitly fix null pointer dereference bugs. Quite a few more fix things that could be null pointer bugs, and there's no telling how many more were fixed without an explicit mention in the commit title. Null pointer bugs are common, and are likely to remain so for quite some time.
What is surprising about this bug is that some distributions are still vulnerable to it. We have had the ability to keep null pointer bugs from being exploitable for some time, but certain distributions - generally of the "enterprise" variety - disable that protection by default. Sites running such distributions might want to be sure that they have the vm.mmap_min_addr knob set to a reasonable value; either that or expect to be vulnerable to more null pointer exploits in the future.
Deprecating IDE?
The IDE drivers have been a relative backwater for a while now; most distributions have made the transition to the newer libata-based PATA driver set. But IDE remains in the kernel with no indication that it's no longer the preferred way of doing things. This can be a problem because, among other things, it encourages developers to submit new IDE-based drivers, only to be told that such drivers are no longer being accepted.To help head off such problems, Robert Hancock has submitted a patch to mark IDE as deprecated. David Miller has accepted the patch for 2.6.33, but it might not yet actually get there. David sees a couple of things which need to be fixed first:
- He would like to see libata create IDE-style device names
(/dev/hdX) so that systems using those names in their
fstab files will continue to work. One might argue that any
such change is a few years late - most systems have been through the
pain of that change already. At this point, mounting by label or UUID
is common, so few users should be affected by the loss of old-style
device names. And, as Alan Cox pointed
out, udev rules can always be written to create those names if
need be. So this requirement may not stick.
- There are some IDE devices which are not yet supported in libata; the "pmac" driver (for PowerMac on-board IDE devices) is the most-cited example. Until these devices have support in libata, the IDE layer clearly cannot be deprecated or removed.
Alan has also suggested that IDE will die of its own accord, and that there is no need for additional pressure for users to move from it. The warning may go in anyway, though, just for those who don't get the message in other ways. If it prevents one developer from spending time on a new IDE driver, it's probably worthwhile.
Kernel development news
JLS: Increasing VFS scalability
It can be tempting to dismiss scalability work as being of interest mainly to companies running massive server systems; most "ordinary" Linux users are not running into the kind of problems that scalability-oriented developers are trying to fix. But, of course, the truth of the matter is that those users haven't encountered those problems yet. The past work of scalability-oriented developers is what makes our current desktop and laptop systems work as well as they do; their current work will enable next year's consumer-level systems. So Nick Piggin's Japan Linux Symposium talk on virtual filesystem scalability will be of interest to anybody who anticipates using Linux in the future.That said, one of the key constraints on scalability work is that it must not worsen performance on current systems. So Nick is taking care that his VFS work will improve scalability with no impact on single-threaded performance. Beyond that, he is aiming to improve scalability within a single filesystem - forcing system administrators to split their filesystems to get better performance would be cheating. To get there, he has identified five specific bottlenecks which must be addressed.
The first of those is files_lock; it is, he says, the easiest to fix. This global lock protects a per-superblock list of open files; it is needed by the file open and close paths. As the number of threads grows, this lock limits the scalability of filesystem-oriented workloads. The lock itself is only part of the problem; the real issue is that a single list_head is never going to be scalable in multiprocessor situations. In this case, it turns out that the kernel almost never needs to read the full list of open files; that only happens at unmount time. So turning the single list into a per-CPU list is a viable option; it eliminates the locking altogether and makes the management of the list scalable. The only tricky part is when files are removed; that requires cross-CPU access to the list.
Next on the list is vfsmount_lock, which is used when finding mounts from directory entry ("dentry") structures. This lock is taken when crossing mount points in the path lookup process; it is also used at mount and unmount time. Pathname lookup is clearly a performance-critical path in the kernel, so getting rid of a global lock can only be a good thing. Nick considered using read-copy-update (RCU) for pathname lookup, but he found it to still be too slow. Part of the problem is the need to block all readers at unmount time, something that RCU cannot do on its own.
The solution is to go to per-CPU locks. Nick has introduced a variant on per-CPU locks called brlocks, or "big reader locks." These locks share the name and goal of the 2.4.x brlocks which were removed in the 2.5 development cycle, but the implementation is different. Essentially, a brlock is per-CPU for read access, but write access excludes all other users on all CPUs. Since pathname lookup is a read-only operation, brlocks will be fast where the kernel needs them to be; unmounts will be slow, but those are relatively rare operations.
mnt_count is a per-filesystem reference count, incremented
for each open and decremented for each close. Like the global list
described above, this
global counter limits the scalability of opens and closes. Once again,
going per-CPU is the obvious solution here, with the minor problem that a
![[Nick Piggin]](https://static.lwn.net/images/conf/ks-jls-09/nick-piggin-sm.jpg)
put() operation must check whether the (global) count is zero.
But, as it happens, that case only comes about when the filesystem is not
actually mounted, so this check need not be performed most of the time.
The hardest one to fix is dcache_lock. Most VFS operations need it, with the sole exception of name lookup, which has used RCU for a while now. Some operations - LRU scanning and reclaim in the dentry cache in particular - can hold the lock for a long time. And the lock covers a whole bunch of different - and sometimes unknown - things. The exporting of dcache_lock to filesystems has not helped here; individual filesystems are using it for their own, not always clear, ends. So a developer trying to bring dcache_lock under control must start by trying to figure out what it is being used to protect.
Nick has done his best to split apart the various locking cases; these include the dentry cache hash, the dentry LRU list, the inode dentry alias list, various statistics, etc. Some of this stuff is moved under the protection of the per-dentry spinlock (d_lock); other things, like the dentry hash and LRU, get new locks. There are a lot of problems still, starting with lock-ordering challenges. Nick is working around some of these using non-blocking "trylock" operations, but that kind of code tends to be hard to merge. The various locking cases are still not truly independent from each other; among other things, that imposes more ordering requirements. And walking up the directory tree (trying to determine a path name from a dentry, usually) becomes much harder in the absence of a global lock.
In summary, cleaning up dcache_lock looks like a long and messy project. This is just the lock which is showing up as the worst bottleneck in some situations, though, so the work needs to be done.
Finally, there is the matter of inode_lock, which is needed by most inode operations (lookup, creation, destruction, writeback, sync, etc). As with dcache_lock, Nick has split the locking into a number of independent classes - the inode itself, the inode hash, the LRU list, and so on. Some of these classes are moved under the per-inode lock, while specific locks have been added for some cases. The per-superblock inode list has been made into a per-CPU variable, as have the counters used to generate statistics. Nick has also made the allocation of inode numbers into a per-CPU operation by assigning a range of numbers to each processor. This means that inode numbers are no longer allocated sequentially; it's not clear whether that will be a problem or not.
So what comes of all this work? Nick claims "great" open/close scalability, and "good" create/unlink scalability. He showed the results of running a microbenchmark which just did close(open(path)) repeatedly; with current mainline, he was able to get 450 operations/second on each of 64 CPUs. With the scalability patches added, that rate went up to over 300,000 operations/second - a significant improvement. Running unlink(creat(path)) shows better scalability even with two CPUs - but it does, for some reason, impose a cost on single-threaded workloads on the ia-64 architecture.
The VFS scalability work is clearly worth doing; we'll all be glad that these problems have been ironed out someday. But there's still some messy things to clean up, so this patch set (or the gnarlier parts of it, anyway) may take a while on their way into the mainline.
Relicensing tracepoints and markers
Sharing code where it is possible is normally considered a good thing, but there are some limits to what can be shared. One of the limiting factors is often license compatibility; GPL code, in particular, often cannot be combined with code under other licenses and then distributed. The kernel is licensed under the GPL, but, since it's rare that anyone wants to combine its code with user-space applications, license incompatibilities have not been much of a problem.
There is, however, some kernel tracing infrastructure that could be shared with user-space tracing applications—likely benefiting both—if those parts of the kernel were available under more permissive licenses. Mathieu Desnoyers, who has developed much of that infrastructure, has set out to try to relicense some fairly small portions of the kernel under dual licenses, so that the code can be shared.
Essentially, Desnoyers would like to be able to use the kernel tracing infrastructure in the Linux Trace Toolkit Next Generation (LTTng) user-space tracer (UST). He describes the need as follows:
All of the files are currently licensed under the GPLv2, but Desnoyers would like to see the C files available under a dual GPLv2/LGPLv2.1 license, and the header files under a dual GPLv2/BSD license. In order to do that—at least under the most inclusive interpretation of copyright—he must get permission for the relicensing from each contributor to those files. His message to linux-kernel listed the few remaining contributors that he had not yet heard from.
The files of interest are kernel/marker.c and kernel/tracepoint.c, along with the corresponding header files in include/linux. For 2.6.32, kernel markers have been removed, with all users converted over to use trace events, but marker.[ch] are still used by UST. The idea is that the C files could be turned into a user-space library that could be dynamically linked to applications that required it, while the header files (with an even more permissive license) could be used to add static tracepoints to any application, proprietary or free.
For the most part, the relicensing has been met with approval from the developers who responded, with several saying that they didn't think their contributions warranted requiring their approval, but they gave it anyway. Steven Rostedt ran the C file relicensing by Red Hat's legal department and was granted permission for all of the Red Hat contributions to be dual licensed under the GPLv2/LGPLv2.1. The header file GPLv2/BSD dual licensing is still pending with Red Hat, according to Desnoyers.
There are still a few developers who have not responded, but their
contributions are quite small, and could be rewritten rather easily if
necessary. A bigger stumbling block may be opposition from Ingo Molnar, who seems to
consider the relicensing process to be legally dubious: "the
legality of such relicensing is questionable as that code was never
developed outside of the kernel but as part of the kernel
". In
addition, he has technical concerns:
So for those two grounds i cannot give my permission for this relicensing, sorry.
Whether Molnar's permission is actually required is something of an open question as his employer (Red Hat) has already given permission for his work to be relicensed. But, if there are serious concerns that lead to a "nack" from him on the relicensing patch, things get rather murky. It may be that there is a disconnect between Desnoyers and Molnar such that Desnoyers's intent is not clear. As Pierre-Marc Fournier points out, not relicensing the code leads to code duplication as well:
Essentially, Desnoyers wants user-space applications to be able to contain tracepoints that are based on the same code that is used now in the kernel. Those applications may be under a variety of free or proprietary licenses, but the tracepoints are just a static instrumentation technique that could be shared. As Rostedt puts it:
Molnar has gone quiet on the topic, as has the thread, but the idea, overall, seems reasonable. While it does expose a kernel interface to user space, it doesn't tie the kernel to any ABI/API for the future. If the kernel needs to change, either the user-space libraries will change right along with it, or there will be a fork. Given that the players involved work on both the kernel and user-space sides of the problem, that seems somewhat unlikely to happen, but it certainly doesn't seem like that split need happen now.
Toward a smarter OOM killer
The Linux memory management code does its best to ensure that memory will always be available when some part of the system needs it. That effort notwithstanding, it is still possible for a system to reach a point where no memory is available. At that point, things can grind to a painful halt, with the only possible solution (other than rebooting the system) being to kill off processes until a sufficient amount of memory is freed up. That grim task falls to the out-of-memory (OOM) killer. Anybody who has ever had the OOM killer unleashed on a system knows that it does not always pick the best processes to kill, so it is not surprising that making the OOM killer smarter is a recurring theme in Linux virtual memory development.Before looking at the latest attempt to improve the OOM killer, it is worth mentioning that it is possible to configure a Linux system in a way which all but guarantees that the OOM killer will never make an appearance. OOM situations are caused by the kernel's willingness to overcommit memory. As a general rule, processes only use a portion of the address space they have allocated, so limiting allocations to the total amount of RAM and swap space on the system would lead to underutilization of system memory. But that limitation can be imposed on systems which can never be allowed to go into an OOM state; simply set the vm.overcommit_memory sysctl knob to 2. Individual processes are much more likely to see allocation failures in this mode, but the system as a whole will not overcommit its resources.
Most systems will allow overcommitted memory, though, because the alternative is too limiting. Overcommit works almost always, but the threat of a day when the Firefox developers add one memory leak too many always looms. When that sad occasion comes to be, it would be nice if the OOM killer would target that leaky Firefox process instead of, say, the X server and PostgreSQL. Many attempts have been made to add smarts to the OOM killer over the years; there's also a means by which the system administrator can steer the OOM killer toward or away from specific processes. But manual configuration is only suitable for certain, relatively static workloads; for the rest, the OOM killer often proves less discriminating than one would like.
The latest attempt to fix the OOM killer comes from Hiroyuki Kamezawa. This patch makes a number of fundamental changes to the selection of OOM victims. The result is an OOM killer which is smarter in some ways, but which takes a somewhat different approach to the selection of its victims.
One of the factors that the current OOM killer takes into account, naturally, is the amount of memory being used by each process. But the measure used (mm->total_vm) is somewhat crude: it penalizes processes using a lot of shared memory and says little about how much physical memory the process is using. Hiroyuki's patch tries to move away from total_vm in most situations, looking at the actual resident set size (RSS) and possibly taking into account the amount of swap space used as well.
Figuring in swap usage is controversial. A program which is using a lot of swap is clearly putting pressure on memory, but, if that program has been mostly swapped out, killing it will not immediately free much RAM. Eventually other processes can be shifted into the newly-freed swap space, but it might make more sense to just do away with those other processes at the outset. Even so, Hiroyuki's patch, for now, will figure in swap space if specific constraints do not force the use of other criteria.
One constraint which can change the calculation is when the memory shortage is specific to low memory - the region of memory which can be directly addressed by the kernel. When a low-memory allocation is required, nothing else will do, so there is little value in killing processes which are not hogging low-memory pages. With Hiroyuki's patch, the VM subsystem tracks how much low memory each process is using as a separate statistic. If the OOM situation is caused by an attempt to allocate low memory, the OOM killer's "badness" function will focus on processes holding large amounts of low memory.
[PULL QUOTE: Killing gnome-session is likely to free substantial amounts of memory, but the user's gratitude may be surprisingly limited. END QUOTE] The current OOM killer makes an attempt to target "fork bomb" processes by adding half of each child's "badness" value to its parent. A process with a lot of children will thus have a high badness and will thus come under the OOM killer's baleful gaze sooner. The problem here, of course, is that some processes legitimately have lots of children - the session manager for the user's desktop environment is a good example. Killing gnome-session is likely to free substantial amounts of memory, but the user's gratitude may be surprisingly limited.
The patch changes the fork bomb detector significantly. The new code counts only the child processes which have been running for less than a specific amount of time (five minutes in the posted patch). If one process has newborn children which make up at least 1/8 of the processes on the system, that process is deemed to be a fork bomb; it is duly rewarded with a spot at the top of the OOM killer's short list.
Finally, the current OOM killer tries to kill newly-created processes, while allowing long-running processes to continue. Hiroyuki feels that this approach creates a loophole for long-running processes which slowly leak memory. That web browser may have been running for a long time and is thus a high-value process, but it has been dropping memory on the floor for that long time and is also the cause of the problem. So the new code changes the calculation to look at how long it has been since the process has expanded its virtual memory size. A process which has been running for a long time, but which has not grown in that time, will look better than one which has been expanding.
There seems to be little disagreement with the idea that the OOM killer needs a rework, but not everybody is sold on this approach yet. It looks like a very large change, which makes some people nervous. It also shifts the focus of the OOM killer's attention in a significant way: the current heuristics were designed to be as unsurprising to the user as possible, while the new ones are focused more strongly on freeing RAM quickly. But, given that the existing heuristics are still clearly producing plenty of surprises, perhaps a more goal-oriented approach makes sense.
(Naturally, no article on the OOM killer is complete without a link to this 2004 comment from Andries Brouwer).
Patches and updates
Kernel trees
Architecture-specific
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Security-related
Virtualization and containers
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
Monitoring Fedora's halls
Like many development projects, Fedora would like for its mailing lists to be a nicer place. Hostile and flame-filled lists can only drive away potential contributors who do not have the stomach (or the email-reading bandwidth) for that kind of discussion. Fedora's approach to this problem is the "hall monitor policy," which empowers certain community members to act to suppress conversations which are deemed to be counterproductive. The monitors (Josh Boyer, Tom "Spot" Callaway, and Seth Vidal) recently made use of their power on fedora-devel-list; as a result, we can see what kind of discussion the project would rather do without.The policy tasks the hall monitors this way:
Should they encounter this kind of stuff, they can send warnings to specific participants in the discussion, force their email to go through moderators for a day or two, and issue "thread closure" notices to try to halt out-of-control conversations.
The thread which brought on the monitors seemed to start innocently enough - though many observers could have predicted what was going to happen. Ankur Sinha posted a help request noting that wodim was failing to burn DVDs correctly. Your editor can hear the forehead-slapping from here: any such post is well known, by now, to be an open invitation for Jörg Schilling to show up and complain about the existence of wodim (and its parent package cdrkit) when distributions should, of course, be shipping his cdrtools package. Show up he did, with predictable results.
This particular issue has been covered here before; there is really nothing
new to report about it. But that did not stop Jörg from repeating his
arguments on the list - lots of times. After a while, Tom
served notice that the thread was
"now covered under the hall-monitor policy
" and that future
posts would elicit formal warnings. It took a few of those warnings, but
the intervention had the desired effect: the thread has pretty well died
out.
One could see this action as a victory for those trying to improve the mailing list environment. Cdrtools-related threads, wherever they appear, tend to go on for a very long time and to accomplish very little. Doubtless there are plenty of fedora-devel-list subscribers who do not regret this thread's truncation.
But one should always question the suppression of conversation, and there are things to question here. The thread seemed to be profanity-free, and there were no threats of violence. Some messages could, perhaps, be seen as a "personal attack" or "disrespectful" against Jörg, but they were on the mild side; fedora-devel-list has seen far worse. Serious flames were all but lacking here. The discussion, while treading on the edge of what policy allows, did not clearly go beyond it. So one might speculate that the real reason this thread was shut down was (1) the monitors had good reason to believe that it was about to escalate into clearly policy-infringing territory, or (2) they just didn't want to endure yet another interminable cdrtools argument.
Either way, the shutdown could be seen as a little troubling. Distributors should think twice before silencing developers who are unhappy about how their software is being distributed (in all fairness, Red Hat and Fedora have given Jörg several opportunities to express his view on this matter). Some participants were trying to talk about the poor state of cdrkit, which is an increasingly serious problem. Many of us burn fewer disks than we used to, but there is still a need for a good program for the writing of optical media. Cdrkit works for a lot of people, but it has clear problems and does not seem to be under any sort of active development. Suppressing discussions will not make that problem go away.
This intervention may well have been justified; certainly it's unlikely that anything useful was going to come from that particular discussion. But the use of repressive power should always be reviewed. It would be a shame if, someday, an important development project came to have very polite "halls" where people were afraid or unable to talk about important issues.
New Releases
ALT Linux releases Platform Five products
ALT Linux has announced the release of new Platform Five products. "ALT Linux announces public availability of two products based on Platform Five: ALT Linux 5.0 Ark, a suite designed for making integrated solutions, and ALT Linux 5.0 School, a suite that is [targeted] at secondary and high schools."
Mandriva 2010.0 available
The Mandriva 2010.0 release is available. New features include KDE 4.3, GNOME 2.28, a 2.6.31 kernel, a full Moblin environment, and more. See the release notes and the release tour for details.openSUSE 11.2 final release candidate announced
The final release candidate for openSUSE 11.2 is available. "This is it folks! We're almost there for openSUSE 11.2. Time to grab the final 11.2 release candidate and shake out any remaining bugs to get the lizard ready for release. This release includes an updated kernel, Samba, Firefox, and more. This release should be almost ready for the gold master stamp, but there's still time to shake out remaining bugs."
Toorox 10.2009 released
Version 10.2009 of Toorox has been announced. "The content: - The Kernel 2.6.31-gentoo - The KDE 4.3.2 as desktopenvironment - Xorg-Server version 1.6.5 - OpenOffice 3.1.1 - Amarok 2.2 as the KDE Mulimediaplayer - The mediaplayer VLC 1.0.2 - IceCat 3.5.3 - and much more ..."
Ubuntu 9.10 ("Karmic Koala") released
The Ubuntu 9.10 release is out. Actually, several releases are out: the desktop edition, the server edition, a UEC (cloud) image, Kubuntu, Xubuntu, Edubuntu, Mythbuntu, Ubuntu Studio, and an ARM version. See the overview for a summary of what's new in this release.
Distribution News
Debian GNU/Linux
New Debian on NSLU2 documentation available
Martin Michlmayr has announced some new Debian documentation. "I wrote several new guides about Debian on the Linksys NSLU2 this weekend. The new guides cover the following topics: - Troubleshooting: common problems and their solutions - Internals about the boot process of Debian on the NSLU2 - Modifying a NSLU2 firmware image - Cloning a NSLU2 - Migration guide: how to move your Debian installation from your NSLU2 to a SheevaPlug."
Bits from the ftp-team
The Debian ftp-team has released a short status report. "Just a quick update on goings on in ftpmaster after the meeting last week. We'll be sending out a full report as soon as we've finished writing it, but we wanted to make people aware of a few things."
Fedora
Reminder: Fedora Board IRC meeting November 5
The next Fedora Board IRC meeting has been announced. "The Board is holding its monthly public meeting on Thursday, November 5, 2009, at 1700 UTC on IRC Freenode. For this meeting, the public is invited to do the following:..."
Announcing Fedora-Medical SIG
The Fedora-Medical SIG has been launched. "Simply put, the goal of the SIG is going to be: 1. Working on identifying the various workflows / needs of the medical or healthcare community in terms of software. 2. Bring together and package the software those fitting in the workflow. 3. Composing a spin to get a out-of-the-box solution. 4. At a later stage, developing any crucial app that may be lacking. To make it a success, we need volunteers. So please join, if you feel that it is a worthy cause. Once a few more people are there, we can discuss and take it forward."
Gentoo Linux
Gentoo Optimizations Benchmarked (Linux Magazine)
Linux Magazine looks at benchmarks for Gentoo using different levels of GCC optimization. Testing -O2, -O3, and -Os (the latter being "optimize for size") for Gentoo, as well as adding Ubuntu 9.04 into the mix, they run the Phoronix test suite and graph the results. As one might guess, the results are mixed: "These tests show that when it comes to optimizing with GCC, there is not a huge amount of difference between them. If there had to be a winner, it would probably be -O2. It was often on par with -O3 while sometimes leading and sometimes trailing by a small margin. The fact that -O2 will also result in lower memory usage probably helps to tip the scales in its favour."
Ubuntu family
Ubuntu Lucid Lynx is open for development
Development on the next release of Ubuntu, Lucid Lynx, is underway. "We do not recommend that users upgrade to Lucid at this time; it is likely to be in very considerable flux until the initial round of merges is complete. As ever, any developers wishing to take the plunge at this early stage should ensure that they are comfortable with recovering from anything up to complete system failure. Automatic syncs from Debian will begin shortly. Because Lucid is an LTS, autosyncing will track the Debian testing series for this cycle, rather than Debian unstable as we normally do."
Other distributions
TurnKey Linux release 40 virtual appliances into the cloud (LinuxPR)
TurnKey Linux has announced the addition of 40 cloud-based virtual appliances. "TurnKey Linux has announced its largest release to date, which includes 25 new additions to its free virtual appliance library featuring some of the world's best open source software. Support has been added for Amazon EC2 cloud and the OVF virtual appliance format. The project which already supported many popular open source applications including WordPress, Joomla, Drupal, Ruby on Rails, LAMP and Django has expanded its virtual appliance library..."
Distribution Newsletters
Fedora Weekly News
Issue #200 of the Fedora Weekly News has been published. "Welcome to FWN issue 200, an impressive milestone! This week's issue starts off with news and views from the Fedora community, including further work on libguestfs, examination of several new features in Fedora 12, and work on a new tool for ICC color management in Gnome. In Quality Assurance, details from last week's Test Day on internationalization support in Fedora, and great updates on the various QA weekly meetings as we get closer to Fedora 12. In Translation news, several updates pertinent to Fedora 12 GA release, as well as details on Publican 1.0, which the Docs and Transaltion teams use for publishing books, articles, papers and multi-volume sets with DocBook XML."
OpenSUSE weekly News #95
Issue #95 of the OpenSUSE weekly News is online. "In this week's issue: * openSUSE News: Announcing the Second openSUSE Board Election * Sneak Peeks (Preview 11.2) * nixCraft/Vivek Gite: 20 Linux Server Hardening Security Tips * Joe Brockmeier: openSUSE 11.2 final release candidate ready! * openSUSE Forums: openSUSE 11.2 the Perfect KDE Distribution".
Ubuntu Weekly Newsletter #166
Issue #166 of the Ubuntu Weekly Newsletter is out. "In this issue we cover: Ubuntu 9.10 released, Ubuntu Open Week, Ubuntu One Blog: File sync status update, Canonical Blog: Landscape 1.4 Adds UEC Support, Asia Oceania Membership Board - 27 Oct 09, New MOTU, Ubuntu LoCo News, Meet Francis Lacoste, Accessing Git, Subversion and Mercurial from Bazaar, Commenting on questions, The Planet, Full Circle Magazine #30, Ubuntu Rescue Remix, and much, much more!"
Newsletters and articles of interest
Welte: Android Mythbusters (Matt Porter)
Harald Welte has issued a scathing opinion of Android on his blog. He bases it on Matt Porter's presentation at the Embedded Linux Conference Europe, called "Android Mythbusters" [PDF]. Porter outlined what he learned while porting Android to PowerPC and MIPS architectures. Welte characterizes Android as Google having "thrown 5-10 years of Linux userspace evolution into the trashcan and re-implemented it partially for no reason. [...] Executive summary: Android is a screwed, hard-coded, non-portable abomination."
Distribution reviews
Review: Ubuntu 9.10 first look (The Globe and Mail)
Canada's Globe and Mail reviews Ubuntu 9.10. "The Ubuntu Linux menagerie has birthed a new creature, the Karmic Koala, with the release last week of Ubuntu Linux 9.10. The successor to the release code named Jaunty Jackalope (aka version 9.04) boasts a herd of changes and enhancements that are so far making testers smile." (Thanks to Philip Webb).
Review: 3 free Linux alternatives for your netbook (ComputerWorld)
ComputerWorld presents a review of three netbook distributions. "In this round-up, I take a look at three alternative netbook operating systems: Ubuntu Netbook Remix (from Canonical Ltd.), Moblin (from The Linux Foundation) and Jolicloud (an upcoming spin-off of UNR which, as of this writing, has yet to be officially released). I evaluate their ease of installation, usefulness, and whether they might breathe new life into your netbook."
Page editor: Rebecca Sobol
Development
NLUUG: The Open Web
At the end of October, NLUUG held its Fall Conference with the theme The Open Web. Steven Pemberton, researcher at the Centre for Mathematics and Computer Science in Amsterdam and involved with the web since the beginning, set the stage with his keynote about the different dimensions of openness.
![[Steven Pemberton]](https://static.lwn.net/images/conf/nluug-fall-09/nluug-pemberton-sm.jpg)
On a conference that focuses on an open web, it's natural to sit back first and think about what we mean by "open". Pemberton gave some obvious examples of technologies that are bad for openness on the web, such as proprietary media formats, Flash, and so-called "Web 2.0" sites, which lock your own data in silos. On the other side, there are technologies such as XML, CSS, and RDFa that promote openness.
Device-independence
The discussion is not so much about technology as it is about how people are (ab)using it. Pemberton showed an example of the web site of the Dutch national airline KLM, which blocks browsers they don't "support". Other web sites block users if their screen size is "too small", or they redirect the user to a mobile version of the web site, even if the user wants to browse the full site on his smartphone with a high-resolution screen. So these web developers decide how, or if, a certain class of users sees the web site, just because they are too lazy to implement their web site in a device-independent way.
According to Pemberton, we have all the technology to design device-independent web sites at our disposal. For example, with XForms the designer can describe what a form control is meant to do instead of implementing it, e.g. as a radio button. The form description can then be mapped to specific controls dependent on the device, such as different controls for a desktop browser or a cell phone, or even a voice menu on a phone call.
Web 2.0 walled gardens
Another challenge for the open web are the myriad of Web 2.0 sites that have entered our lives during the last five years or so. Since the monetary value of a Web 2.0 site comes from advertising sales targeting its user-generated content, these web sites tend to lock-in their users. This places an immediate burden on the user: does he choose LinkedIn, Xing, or Plaxo for his professional social network? Or does he have to use them all because some of his contact use LinkedIn and other ones Xing?
According to Metcalfe's law, the value (or utility) of a network is proportional to the square of the number of nodes. This means that when you split a network (social network, instant messaging network, e-mail distribution system, etc.) in half, each part only has one quarter the value of the combined network and the total value is halved. Looking at the case of LinkedIn and Xing, this makes sense: fragmentation is not good for the users.
Moreover, without standards for migrating data between services, users that value their freedom of choice face a nightmare. What if the social network goes out of business? What if the web site crashes and has no backup? Without data portability, you lose your data in both situations. The web site's owners can impose terms of use that cause other significant problems for users: Pemberton told the story of someone's Facebook account that was deleted because he used screen scraping to download all the email addresses of his friends.
A web site for every home
The solution to these walled gardens sounds simple: "Publish your
data yourself and let others aggregate it.
" According to Pemberton,
we already have all the technology at our disposal to achieve data
portability. Mark your site up with RDFa, an extensible way
to embed rich metadata within web documents, and a W3C recommendation since
October 2008. "RDFa is CSS for meaning
", Pemberton
summarized. "This is also why you should have your own web site. APIs
and XML feeds are just poor substitutes for having your data right on your
own web site.
" Drupal, a leading
open source content management system, already has RDFa support.
As an example of what is possible with RDFa, take Flickr. It hosts a lot of photos for its users, and it is a convenient web site. If everyone starts publishing their photos on their own web site, a lot of this convenience gets lost. However, if these web sites use RDFa, someone can write an aggregator that can be a "Flickr killer" yet remains open.
Pemberton concluded his talk by admitting that there is still a lot to be done before the open web is user-friendly enough that users can take control from locked-in social networks. Creating your own web site is still not an easy task for John Doe, let alone creating a Facebook-like web site on your own server. Moreover, there are still some technical challenges. For example, how do we control who can see which information from our web site? A possible solution is a distributed social network using OpenID for authentication, which is a work in progress.
![[Beer
mug]](https://static.lwn.net/images/conf/nluug-fall-09/nluug-mugs-sm.jpg)
Another case of lock-in in social networks are the countless "social applications", widgets on a social network that give the user some information or are just for fun. A MySpace application will not work on LinkedIn. However, Google is working on a solution. Chris Chabot, Developer Advocate at the search giant, talked about OpenSocial, a set of open APIs to create applications for social networks. Applications implementing the OpenSocial APIs are interoperable with any social network that supports them. Among the supported social networks are MySpace, Plaxo, and LinkedIn.
Today's technology for the future open web
Apart from this "holistic" topic of openness, the conference also had a fair number of strong technical talks. For example, Henri Bergius talked about location-aware applications with GeoClue. Now that computing is becoming more and more mobile, location is becoming an important parameter for applications. The GeoClue project is a D-Bus service that applications can use to become geo-aware. GeoClue supports a lot of flavors of location: GPS, GSM, Wi-Fi, IP addresses, and so on.
On the KDE front, Sebastian Kügler talked about freeing the web from the browser and gave a demo of Project Silk, while Frank Karlitschek talked about the Social Desktop integration of web communities into desktop applications. Both KDE developers talked about their respective projects to LWN in mid-October.
A nice real world example of the advantages of open APIs came from Karl Vollmer, the developer of Ampache, a web-based audio and video streaming solution. In 2002, the previous developer of the project added an XML-RPC API, but never documented it. Moreover, it was an "ad hoc" format with custom date encoding. The result: for over four years there were no other implementations of the API.
Vollmer replaced the old XML-RPC API in November 2007 by a documented and simple-to-use REST (representational state transfer) API. After two years, nine successful implementations of the API have appeared: Amarok 2 has it, there is an Android implementation, a Python GTK interface (Quickplay), a plug-in for SqueezeCenter, a Rhythmbox plug-in, a WebOS plug-in, support in the UPnP media center Coherence, and even an iPhone application (Amphone). The example of Ampache is a good reminder that we don't get an open web by using undocumented and ad hoc formats.
From Flash to HTML 5
Gnash developer Bastiaan Jacques
talked about the role of Flash in the open web. But why do free software
proponents have to care about Flash? "Because it has nearly 100
percent market penetration,
" Jacques says. Indeed, over the last few
years, Adobe Flash has become so ubiquitous that it is difficult to imagine
the web without it.
However, with the proprietary Flash technology in its current state, the web will never be a truly open web. The Gnash developers reverse engineered parts of the Flash technology to create a free software Flash player, and this works relatively well. Gnash has even some better security and privacy features than Adobe Flash. For example, it blocks Flash cookies by default.
In the meantime, the Gnash project is facing some challenges. The Open Media Now! foundation was started in 2008 to fund Gnash development, but, because of the economic crisis, the four full-time developers were cut back to zero. Another challenge is that proprietary codecs cannot be distributed with Gnash, which may affect the end-user's experience.
To conclude his talk, Jacques stressed that Flash is not a part of the
open web, but that we are stuck with it. Moreover, "Gnash is a
relevant project because existing content must remain accessible and people
are notoriously slow to transition to new (read: open)
technologies.
" For new content, Jacques recommends HTML 5.
This brings us neatly to the last speaker, Paul Rouget, who is Technology Evangelist at Mozilla. He gave a bunch of demos of new technologies in Firefox 3.5 and HTML 5. His take-home message:
Conclusion
What the NLUUG conference showed clearly is that we already have almost all building blocks for the open web. XML, CSS, SVG, RDFa, XForms, OpenID, OpenSocial, and HTML 5 are all existing or emerging standards in the open web toolbox, although it still is a technical challenge to build a user-friendly open web upon them. An equally interesting evolution can be seen in KDE projects like Project Silk or the Social Desktop, that are doing their best to bring the web to the desktop. However, ultimately the openness of the web depends on the people that are creating the content. Pemberton made it clear that this not only means the web masters, but also the users: the ubiquity of user-generated content on the current web brings power to the users, who can choose to remain locked in a comfortable walled garden or to be free and boldly go where no one has gone before.
System Applications
Cloud Computing
PiCloud Beta released
A beta release of PiCloud has been announced. "PiCloud is a cloud-computing platform that integrates into the Python Programming Language. It enables you to leverage the compute power of Amazon Web Services without having to manage, maintain, or configure virtual servers."
Database Software
An Introduction to CouchDB (Linux Magazine)
Here's an overview of CouchDB in Linux Magazine. "Youll often see the word 'relax' associated with CouchDB. Thats because CouchDB tries to solve a lot of the 'hard problems' associated with building a scalable distributed document-oriented database. It does a lot of heavy lifting for you so that you can focus on building your application without worrying too much about administration or weird corner cases."
PostgreSQL Weekly News
The November 1, 2009 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
Embedded Systems
CE Linux Forum Newsletter
The October, 2009 edition of the CE Linux Forum Newsletter is out with the latest news from the embedded Linux software development community. Topics include: * ELC Europe 2009 Report: The Butterfly Effect of CELF * CELF Project BoF and Plenary Meeting * Kernel Summit In Tokyo * 30th Japan Technical Jamboree * 5th Korea Technical Jamboree.
Interoperability
Samba 3.4.3 is available
Version 3.4.3 of Samba has been announced. "This is the latest stable release of the Samba 3.4 series."
LDAP Software
python-ldap 2.3.10 released
Version 2.3.10 of python-ldap has been announced. "python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. It mainly wraps the OpenLDAP 2.x libs for that purpose. Additionally it contains modules for other LDAP-related stuff (e.g. processing LDIF, LDAPURLs and LDAPv3 schema)."
Mail Software
Exim 4.70 RC2 released
Version 4.70 RC2 of Exim, a mail transfer agent, has been announced. "Before releasing 4.70, we'd like interested parties to test another Release Candidate (RC2)." (Thanks to Neil Youngman).
Networking Tools
New release of PacketFence
Version 1.8.5 of PacketFence has been announced. "PacketFence is a fully supported, Free and Open Source network access control (NAC) system that runs on Linux. It can be used to effectively secure networks - from small to very large heterogeneous networks. PacketFence has been deployed in production environments where thousands of users are involved - on wired and wireless networks."
Package Management
stdeb 0.4.2 released
Version 0.4.2 of stdeb has been announced, it includes bug fixes. "stdeb produces Debian source packages from Python packages via a new distutils command, sdist_dsc. Automatic defaults are provided for the Debian package, but many aspects of the resulting package can be customized via a configuration file. An additional command, bdist_deb, creates a Debian binary package, a .deb file."
Telecom
Open source Skype client under development
Skype has announced that an open source Linux client is under development. Skype is a popular voice over IP (VoIP) application. "Yes, there's an open source version of Linux client being developed. This will be a part of larger offering, but we can't tell you much more about that right now. Having an open source UI will help us get adopted in the 'multicultural' land of Linux distributions, as well as on other platforms and will speed up further development. We will update you once more details are available." (Thanks to Nicola Soranzo)
Virtualization Software
Red Hat Rolls Out Virtualization Platform for Heterogeneous Servers and Clouds
Red Hat has announced a new virtualization platform. "Red Hat, Inc., the world's leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Virtualization for Servers, the newest product set in the Red Hat Enterprise Virtualization portfolio. Red Hat Enterprise Virtualization for Servers is designed to enable pervasive adoption of virtualization, with a comprehensive end-to-end solution combining a standalone hypervisor and powerful virtualization management." (Thanks to Scott Dowdle).
Desktop Applications
Audio Applications
Sonic Visualiser 1.7.1 is available
Version 1.7.1 of Sonic Visualiser has been announced. "This release contains a small number of enhancements and bug fixes."
Data Visualization
RRDtool 1.4 released
Version 1.4 of RRDtool, a data logging and graphing system, has been announced. "RRDtool 1.4 comes with a much anticipated RRDcache Daemon, elevating the system to new performance levels it also contains a host of new and improved features."
Desktop Environments
GNOME 2.29.1 released
Version 2.29.1 of GNOME has been announced, this version is a development snapshot release. "We're only a few days after 2.28.1, and 2.29.1 is already there! We have some brave people who did some amazing work for this release, with new features in various modules. And of course, the numerous bug fixes that we're all used to. It's really exciting to already be able to play with some nifty new features: it announces some great fun during the next few months."
Requests for comment about GNOME 3.0 release date
A request for comments has been sent regarding the GNOME 3.0 release date. "The release team is gathering comments from various teams to get a proper idea of which of March or September 2010 is more appropriate for the release of GNOME 3.0. The decision for the release date is following what we set in the 3.0 planning document: we want 3.0 to be out in 2010, but we also want to make sure that 3.0 is rock-solid; your input will help us take an informed decision."
GNOME Software Announcements
The following new GNOME software has been announced this week:- F-Spot 0.6.1.4 (bug fixes and translation work)
- GNOME Commander 1.2.8.3 (bug fixes)
- GParted 0.4.8 (bug fixes and translation work)
- GTK+ 2.19.0 (new features, bug fixes and translation work)
- krb5-auth-dialog 0.14 (new features, bug fixes and translation work)
- seahorse 2.29.1 (no changes)
- Tegaki 0.3 (new features)
- tracker 0.7.5 (new features and bug fixes)
Kubuntu 9.10 release adds Plasma Netbook Preview (KDE.News)
KDE.News takes a brief look at Kubuntu 9.10. "KDE-based distribution Kubuntu has released version 9.10 which adds a new variant showcasing the up and coming Plasma Netbook setup. The release also adds OpenOffice KDE 4 integration and extra installer beauty thanks to artwork from KDE's Oxygen team."
KDE 4.3.3 released
Version 4.3.3 of KDE has been announced. "Like the ticking of a Swiss watch, every month the KDE team brings you a new release. November's edition of KDE is a bugfix and translation update to KDE 4.3. With the KDE 4 series picking up in popularity, we're happy to encourage even more people to give KDE 4 another spin -- or just upgrade your existing KDE to KDE 4.3.3."
KDE Software Announcements
The following new KDE software has been announced this week:- kcm tablet 1.0 (initial release)
- Kipi-plugins 0.8.0 (new features and bug fixes)
- Mplayerthumbs-Strips 1.0 (new feature)
Xorg Software Announcements
The following new Xorg software has been announced this week:- lbxproxy 1.0.2 (bug fixes and new macro requirement)
- xcompmgr 1.1.5 (bug fixes and documentation work)
- xf86-input-joystick-1.5.0 (new feature and bug fix)
- xf86-input-wacom 0.10.0 (bug fixes, code cleanup and documentation work)
Fonts and Images
Web Open Font Format backed by Mozilla, type foundries (ars technica)
ars technica looks at Web Open Font Format (WOFF), which has come about from a collaboration of two separate web font efforts. Mozilla's Jonathan Kew and two type designers, Tal Leming and Erik van Blokland, had both been working on font formats for the web. They have now joined forces on WOFF. "WOFF combines the work of Leming and Blokland had done on embedding a variety of useful font metadata with the font resource compression that Kew had developed. The end result is a format that includes optimized compression that reduces the download time needed to load font resources while incorporating information about the font's origin and licensing. The format doesn't include any encryption or DRM, so it should be universally accepted by browser vendorsthis should also qualify it for adoption by the W3C."
Imaging Applications
IMGCrush 0.4.0 and IMGCrush_GUI 0.4.0 released
Version 0.4.0 of IMGCrush and IMGCrush_GUI have been announced. "Announcing IMGCrush 0.4.0 and IMGCrush_GUI 0.4.0, a new release bringing new features and bugfixes, as well as considerable speedup (even though it's still quite slow). IMGCrush is an image compressor capable of compressing files to user specified size or quality using common web image formats particularly well suited to optimize images for web sites."
Mail Clients
Sylpheed 3.0beta1 released
Development version 3.0beta1 of the Sylpheed mail client has been announced. "Multi-threading was introduced. This will reduce the situation where user actions are blocked. (can be disabled by --disable-threads configure option)..."
Music Applications
probability sequencing language 1.04 released
Version 1.04 of probability sequencing language has been announced. "probability sequencing language is a text based piano roll type programming language for csound. some may refer to it as a pre processor for csound. For version 1.04 a bug has been fixed al[l]owing floating point numbers for the step number macros are now available loaded from external files. frequencies can now have drift where they change on every pass."
Office Applications
SyncEvolution 0.9.1 released
Version 0.9.1 of SyncEvolution, a personal information management sychronizer, has been announced. "Mobical and Memotoo are now officially supported. Memotoo uses vCard 2.1 with several Evolution specific extensions. It uses iCalendar 2.0, however, without actually supporting the advanced features of it. Times are converted to UTC and meeting information are lost."
Office Suites
KOffice 2.1 release candidate (KDE.News)
KDE.News has announced a release candidate for KOffice 2.1. "As usual, the team worked diligently to remove all release blocker bugs leading up to this candidate. See the full changelog for the details. This is the last chance to test before the final release of KOffice 2.1. We ask that all of our users who wish to help us make KOffice 2.1 the best it can be try out this pre-release and report any remaining bugs."
Digital Photography
F-Spot and photo metadata
F-Spot users may want to have a look at this strongly-worded post from Daniel Bartholomew; it seems that F-Spot has a habit of silently changing timestamps in EXIF metadata. "As can be seen, F-Spot has decided that the users are idiots and to update the fields with the values it thinks are best without telling anyone. It decided to set the DateTime field to the time when the photo was imported into F-Spot (as if that date is so important it needs to be saved for posterity). For DateTimeOriginal F-Spot decided that the appropriate time is the UTC time when the picture was taken (conveniently deciding that since my computer is currently in U.S Eastern Daylight Time, I must have been in the same timezone when I took the picture and that my camera was set to the correct time for my timezone at the time I took the picture)." The problem has been in F-Spot's bug tracker for some three years now.
Video Applications
Blizzard: bringing theora to youtube (the hard way)
On his blog, Christopher Blizzard writes about using Greasemonkey to turn YouTube's Flash videos into Ogg Theora before playing them. The result is Theoratube. "Anyway, I decided to try and make it so that I could easily play Youtube videos without having to use Flash. (Flash — in many ways — is the weak link in the chain. In this case its because I cant fix/hack it, although Im happy to not have it because my browser is a lot more reliable.)"
Web Browsers
Google Chrome Beta 4.0 Sports Bookmark Sync (eWeek)
eWeek reports on the new capabilities of Google Chrome Beta 4.0. "Google has a lot riding on its Google Chrome Web browser. The search engine Nov. 2 added bookmark sync for its latest build of Chrome to let the browser's 30 million users to keep their favorite Web pages up to date across multiple computing devices. The Chrome 4.0 beta is also 30 percent faster from the current stable release. Speed is a big deal for Chrome and Google's forthcoming Chrome Operating System, which will be the Linux-based launching platform for the Chrome browser and Web applications. Google Co-founders Larry Page and Sergey Brin recently gave the Chrome team a multi-million-dollar stock bonus for creating the browser."
Firefox 3.6 Beta 1 available for download
Version 3.6 Beta 1 of Firefox has been announced. "This beta version of the next version of Firefox is built on the Gecko 1.9.2 web rendering engine, containing many improvements for web developers, Add-on developers, and users. The Mozilla community appreciates your feedback and assistance in testing this preview of the next version of Firefox. Your beta software will update itself periodically, and eventually will be updated to the final release itself."
Languages and Tools
Caml
Caml Weekly News
The November 3, 2009 edition of the Caml Weekly News is out with new articles about the Caml language.
Python
blist 1.0.2 released
Version 1.0.2 of blist has been announced, it adds some bug fixes. "The blist is a type that looks, acts, and quacks like a Python list, but has better asymptotic performance when inserting or deleting elements (O(log n)). For small lists, blists and the built-in list have very similar performance. The blist also features copy-on-write behavior, so copying or taking large slices from a list is inexpensive."
CodeInvestigator 0.18.0 released
Version 0.18.0 of CodeInvestigator, a tracing tool for Python programs, has been announced. "It mainly deals with bug fixes: - Simple statements all on the one line separated by a semicolon. - Generators and yield. It has one enhancement: - An Entry Point filter was added. It allows you the leave out the entry points you're not interested in."
Distribute 0.6.7 released
Version 0.6.7 of Distribute has been announced, it adds some new capabilities. "Distribute is a fork of the Setuptools project, and the 0.6.x series a drop-in replacement for Setuptools. Distribute is intended to replace Setuptools as the standard method for working with Python module distributions, on the top of Distutils."
Python-URL! - weekly Python news and links
The November 3, 2009 edition of the Python-URL! is online with a new collection of Python article links.The Python: Rag
The November, 2009 edition of the The Python: Rag has been published. The Python: Rag is: "A magazine in pdf format, meant to be printed and left lying around where it can be picked up by the unwary, and stun them into becoming devotees of the Python programming language. Aimed at beginners and veterans alike; if you are a newcomer to Python; please contribute, other newcomers will be interested in your discoveries!"
Tcl/Tk
Tcl-URL! - weekly Tcl news and links
The October 28, 2009 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
Profilers
Sysprof 1.1.4 released
Version 1.1.4 of Sysprof, a CPU profiler, has been announced. "This is a development release leading up to a stable 1.2.0 release. Sysprof is a sampling system-wide CPU profiler for Linux. This version is based on the perf counter interface in 2.6.31 kernels and will not work with earlier kernels."
Version Control
Bazaar 2.0.1 and 2.1.0b1 released
Versions 2.0.1 and 2.1.0b1 of the Bazaar version control system have been announced. "Our first post-2.0 releases of Bazaar have finally become official. Now that we are at 2.0, we decided to split a stable releases series and a development series. As such, 2.0.1 has only bugfixes relative to the 2.0 release, while new features and potential compatibility changes are contained only within 2.1.0b1. All of the changes in 2.0.1 are available in 2.1.0b1."
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
GNOME Q3 2009 Quarterly report
The GNOME Q3 2009 Quarterly report [PDF] has been published. "Q3 is always a big quarter for the GNOME Foundation and this one was bigger and better than usual. During Q3 we had our annual GUADEC, and GNOME 2.28 was released with lots of preparation work for GNOME 3.0. OSiM Mobile was well attended by GNOME Mobile member companies and products that use GNOME Mobile technologies like Moblin 2.0 and the Nokia N900 were released. We've raised $23,415 through Friends of GNOME so far this year! Our Advisory Board members have been very generous as well and we have many hackfests planned for Q4!"
One hundred million downloads of OOo 3
The OpenOffice.org project has announced reaching 100M downloads of its version 3 office suite. "Yesterday, Wednesday 28th., the one hundred millionth person clicked on the "Download OpenOffice.org" button since version 3 of the software was announced just over one year ago. What makes the statistics impressive is that we only record downloads via the OpenOffice.org website, and exclude for example large numbers of Linux users who generally download software from their own distributor. In addition, many users obtain OpenOffice.org via other mirrors, peer-to-peer networks, CDs, or other media."
Commercial announcements
MIPS Technologies submits code for Tamarin Project
MIPS Technologies has announced a release of their ActionScript virtual machine. "With this announcement, MIPS has released an optimized version of the ActionScript virtual machine (accessible via the Tamarin open source project)- a key component in optimizing Adobe's Flash Player for running on the MIPS architecture. In addition, MIPS' optimized VM executes twice as fast on the 74K CPU core relative to the optimized VM for ARM running on an ARM Cortex A8 CPU."
Premier Farnell acquires CadSoft
CadSoft, maker of the Eagle printed circuit CAD application, has announced its acquisition by Premier Farnell. "You may have heard that CadSoft Computer GmbH and our business in the USA has been bought by Premier Farnell plc, one of the world's leading high-service distributors of electronic components and industrial products. We are delighted to confirm this exciting opportunity for the business and the EAGLE software. Becoming part of the Premier Farnell Group provides CadSoft with a great opportunity to improve on what we can offer going forward."
Symantec releases Linux version of Backup Exec System Recovery (SearchDataBackup.com)
SearchDataBackup.com reports that Symantec has released a Linux version of its BESR utility. "Symantec Corp. released a new version of its bare-metal restore software that adds support for Linux servers and tightens integration for centralized management of server backups. Backup Exec System Recovery (BESR) 2010 will ship this week, but new support for backing up and restoring entire server images including operating system or individual files from Red Hat or SUSE Linux servers won't be generally available until December. Once that happens, it will be the first non-Windows operating system support to be available for BESR, said senior product marketing manager Susie Spencer."
TI announces low power IP camera
Texas Instruments has announced a new low power IP camera that includes a complete Linux application software reference design package. "Texas Instruments Incorporated (TI) today announced a new Internet Protocol (IP) camera reference design that provides low power, high definition (HD) video processing for the video surveillance market. The DM368IPNC-MT5 IP camera reference design with H.264 main profile 1080p at 30 frames per second (fps) offers industry-leading compression in a full HD solution, with the complete camera utilizing only three Watts."
Zend and Oracle partner on Linux/PHP web applications
Zend has announced a collaboration with Oracle. "Zend Technologies, the PHP Company, today announced that it is working with Oracle to deliver an integrated and optimized enterprise-class Linux and PHP solution for deploying and managing business-critical Web applications. To extend access to Zend Server -- Zend's complete, enterprise-ready Web application server - it is now available through the Oracle Unbreakable Linux Network (ULN). Building on a history of integration between Zend solutions and the Oracle Database, Zend Server also includes out-of-the-box enterprise-grade connectivity to Oracle® Database."
Articles of interest
Stories Swirling About Skype's Source (Linux Journal)
A Linux-compatible open-source Skype VOIP client is in the works, according to this article on Linux Journal. "Some have questioned why the move should be of particular import, given the variety of Linux-compatible VOIP options already available. The most obvious is, fittingly enough, the news itself: Skype will have an Open Source client. Regardless of the market, number of users, or general usefulness, any time the makers of a proprietary product choose to embrace Open Source, that in itself is an important event. Adding allies to our community is as important as adding products to our systems."
New Books
Beautiful Testing--New from O'Reilly
O'Reilly has published the book Beautiful Testing by Tim Riley and Adam Goucher.
Resources
Second draft of Free Music Player Specifications ready
The second draft of the Free Music Player Specifications have been released. "It was suggested that instead of both integer and float values, one or the other should be picked. It made sense to have floats in all but one instance (user playcounts), so floats is what I went with. Overall this decreases the spec's complexity a good amount."
Linux Gazette #168 is out
Linux Gazette #168 has been released. This issue contains articles on GNU Screen "revisited", setting up a MySQL cluster, handing 404 errors off to another server, and more. The usual columns and multiple comics are also in the mix. "Linux Gazette is a volunteer-run monthly web magazine dedicated to two simple ideas: making Linux a little more fun, and sharing ideas and discoveries."
Reduce Linux power consumption (IBM developerWorks)
IBM developerWorks presents a three part series by Jenifer Hopper on reducing Linux power consumption, see part 1, part 2 and part 3. "This three-part series is your starting point for tuning your system for power efficiency. In Part 1, get up to speed on the components and concepts you need to fine-tune a Linux-based System x server for power efficiency. Learn how to enable the Linux CPUfreq subsystem, get instruction on C and P states, and determine which of the five in-kernel governors you need to boost power efficiency on your system."
Three For O (Linux Journal)
Dave Phillips looks at the Smasher and Linuxsampler 1.0 applications and reviews The Loadbang Book in a Linux Journal article. "The O is for October, harvest time here in NW Ohio USA. A beat-slicer, a book review, and a milestone release compose this trio of reviews for the Fall season in Linux audio fashion."
Interviews
Negroponte: XO-1.75 goes ARM, XO-2 is canceled (OLPC News)
OLPC News has a report about plans for the next revisions of the XO hardware from an interview with Nicholas Negroponte at Xconomy. One of the changes is that the XO-2 has been canceled, with an ARM-based XO-1.75 planned, and an XO-3 scheduled for 2012. "I've been following the ongoing x86 vs. ARM race quite closely and it's my understanding that they're now closely matched when it comes to the all-important price / performance / power-consumption metrics. What I however cannot estimate is how much engineering by OLPC, Sugar Labs and Fedora it takes to make the current software run, and run well, on an ARM platform. It also remains to be seen when OLPC plans to release the XO-1.75 but I'd be very surprised if it happened within the next 12 months."
Education and Certification
Herrera: GNOME and KDE development course
On his blog, Fernando Herrera announced an online course in GNOME and KDE development that is ready to be reviewed by the community. "Recently we have finished creating the materials for the Application development for GNOME and KDE course we have been working on for CENATIC. It is a modular course, so for example you can take only the modules for GNOME programming or KDE programming. It has been designed for on-line training (using e-learning systems that support SCORM format, as moodle), presential learning or mixed combination of both."
Calls for Presentations
NLUUG spring conference 2010 - Call for Abstracts
A call for abstracts has gone out for NLUUG spring conference 2010, submissions are due by January 5. "This NLUUG spring conference will be held May 6, 2010 in De Reehorst in Ede (Netherlands). Although the main language at the conference will be Dutch, we welcome English lectures and tutorials. There is room for lectures and a limited number of tutorials or demonstrations. During a lecture, the speaker will present their topic to the audience in about 40 minutes. A tutorial will be given for a select public and lasts about 90 minutes."
QuahogCon Call for Papers
A call for papers has gone out for QuahogCon, the event takes place on April 23-25 in Providence, RI and submissions are due by December 15. "QuahogCon is a new regional conference for the hacker culture in all forms. Hardware, Software, Security, Social, Eco Hacking, Zero Impact Living. Like most hacker cons, it will run Friday to Sunday. We'll have two tracks: one for InfoSec topics and the other track will be a mix of all the other topics with a bit of an emphasis on hardware hacking and DIY electronics. Besides our perennial InfoSec favorites, we want to hear from some new voices on a wider range of topics."
UKUUG - Spring 2010 - Call For Papers
A call for papers has gone out for the UKUUG Spring 2010 conference, submissions are due by November 15. "UKUUG's annual Large Installation Systems Administration (LISA) conference will take place in Manchester from 23-25 March 2010."
Upcoming Events
DebConf10 to take place in New York City, USA in August 2010
Debian has announced the location and dates for DebConf10. It will be held August 1-7, 2010 at Columbia University in New York City. This is the first time DebConf has been held in the US. "Every year, DebConf allows new and existing Debian project participants from around the world to assemble, share knowledge, make collaborative contributions to Debian, and build tighter community bonds. Conference costs are largely funded by corporate sponsors who find significant value in enabling Debian's success."
GOSCON to analyze new DoD Open Source Guidance document
GOSCON, which takes place on November 5 in Washington D.C., will feature discussions of recently released government documents regarding open-source software. "Late Breaking News: Two significant newly released documents providing federal agencies guidance and common questions will be discussed in depth at GOSCON DC this week. David M. Wennergren, Deputy Assistant Secretary of Defense for Information Management and Technology / Deputy Chief Information Officer US Department of Defense is expected to used his conference Key Note address to discuss that agency's "Clarifying Guidance Regarding Open Source Software (OSS)" released one week ago.This much-anticipated document is said to have the potential to change the IT landscape with the federal government."
Events: November 12, 2009 to January 11, 2010
The following event listing is taken from the LWN.net Calendar.
| Date(s) | Event | Location |
|---|---|---|
| November 9 November 13 |
ACM CCS 2009 | Chicago, IL, USA |
| November 12 November 13 |
European Conference on Computer Network Defence | Milan, Italy |
| November 13 November 15 |
Free Society Conference and Nordic Summit | Göteborg, Sweden |
| November 14 | pyArkansas | Conway, AR, USA |
| November 16 November 19 |
Web 2.0 Expo | New York, NY, USA |
| November 16 November 20 |
INTEROP | New York, NY, USA |
| November 16 November 20 |
Ubuntu Developer Summit for Lucid Lynx | Dallas, TX, USA |
| November 17 November 20 |
DeepSec IDSC | Vienna, Austria |
| November 19 November 22 |
Piksel 09 | Bergen, Norway |
| November 19 November 21 |
Firebird Conference 2009 | Munich, Germany |
| November 19 November 20 |
CONFIdence 2009 | Warsaw, Poland |
| November 20 November 21 |
PostgreSQL Conference 2009 Japan | Tokyo, Japan |
| November 21 | Baltic Perl Workshop 2009 | Riga, Latvia |
| November 25 November 27 |
Open Source Developers Conference 2009 | Brisbane, Australia |
| November 27 November 29 |
Ninux Day 2009 | Rome, Italy |
| December 1 December 5 |
FOSS.IN/2009 | Bangalore, India |
| December 4 | Italian PostgreSQL Day 2009 | Pisa, Tuscany, Italy |
| December 5 December 7 |
Fedora Users and Developers Conference | Toronto, Canada |
| December 7 December 11 |
Annual Computer Security Applications Conference | Honolulu, HI, USA |
| December 7 December 13 |
Make Art 2009 | Poitiers, France |
| December 12 December 13 |
Django Development Sprint | Dallas, TX, USA |
| December 12 December 17 |
SciPy India 2009 | Kerala, India |
| December 12 | BSD community day | Utrecht, The Netherlands |
| December 19 | New Mexico Linux Fest | Albuquerque, NM, USA |
| December 27 December 30 |
26th Chaos Communication Congress | Berlin, Germany |
If your event does not appear here, please tell us about it.
Event Reports
NLUUG Conference on Open Web (KDE.News)
KDE.News covers the October 29 NLUUG Conference and has also conducted an interview with the NLUUG keynote speaker Steven Pemberton. "The Open Web and started with a keynote about 'Walled Gardens' by Steven Pemberton. Steven, a researcher at CWI in Amsterdam (Center for Mathematics and Information Technology), has been involved with the web since the 80's. He spoke about the dangers the web faces. One of the major problems he sees is what he calls 'Walled Gardens' - the lack of connections between various (social) networking sites."
Web sites
Announcing Pyfora, a Python forum
A new Python forum has been launched. "I am proud to announce the release of Pyfora (http://pyfora.org), an online Python forum to supplement comp.lang.python and #python. Please feel free to register and post any questions or tips you may have!"
Audio and Video programs
ApacheCon 2009 Free Live Stream (Linux Pro Magazine)
Live streaming video from ApacheCon 2009 will be available starting at 9am US Pacific time (UTC -8) on November 4th. "Linux Pro Magazine Online in partnership with Collabnet and The Apache Foundation will live stream from ApacheCon US 2009 November 4-6. The ASF selected the Hadoop track on Wednesday, November 4 for the first live transmission. Among the speakers on the Hadoop open source Java framework is Apache co-founder Brian Behlendorf and developers Owen O'Malley and Tom White. Alan Gates will speak on 'Becoming a Pig Developer.'" The full schedule of video streams is also available.
Miscellaneous
Hudson: Corporate lobbying against free software
On his blog, Alex Hudson looks at a FUD-filled brochure from SirsiDynix, which is a company that sells software for libraries. In addition to saying nice things about LWN, Hudson points out some of the "highlights" in this brochure that is meant to warn libraries away from free software. The brochure first showed up at WikiLeaks. "As well as the relatively malicious falsehoods being perpetrated against those specific library projects, there are also vague allegations about open source in general – from accusations of Red Hat being 'proprietary' to the highly entertaining argument that the US Department of Defense 'restrict the use of open source software for fear that it could pose a terrorist opportunity'". (Thanks to Colin Campbell for pointing us at the WikiLeaks page).
Page editor: Forrest Cook