LWN.net Weekly Edition for September 12, 2002
Spam avoidance techniques
It is said that most free software comes about as the result of some developer scratching a personal itch. It's also said that very little innovative free software development is done; free software projects spend their time "chasing taillights" - catching up to the features offered by proprietary code. The field of spam filtering may well confirm one of those stereotypes while refuting the other. After all, if there is anything that truly itches, it's spam. But some of the free software being developed to combat spam is truly innovative.Most spam filtering work has involved two techniques: testing mail against patterns indicative of spam and blocking mail from known sources of spam (and other likely sources, such as ISP dialup lines). Source-based blocking can be effective, but it also tends to block a fair amount of legitimate mail along with the spam. For example, some blacklists cause the blocking of mail from kernel.org, despite the fact that no spam originates there. Source-based blocking is unreliable enough that quite a few sites are unwilling to use it, despite a strong desire to be rid of spam.
Pattern matching has shown more promise. Early spam filtering was done with complex procmail scripts, but the current champion of pattern-based spam filtering can only be SpamAssassin. Using a detailed set of rules, SpamAssassin cleans out the trash to great effect. LWN has been using it for some months, and it has made life much easier - lwn@lwn.net gets a lot of spam. SpamAssassin has returned much of our time back to us to work on LWN, as well as keeping us from accidentally deleting mail from readers that tended to get buried in the spam.
One thing that SpamAssassin users tend to notice, however, is that its effectiveness decreases over time. Each new update blocks more spam - a recent upgrade freed us from a whole unpleasant class of Nigeria spam, for example. But pattern-based matching only works as well as its patterns, and they tend to go stale as spammers move on to new tricks. Keeping SpamAssassin effective requires a number of highly dedicated people to actually read all that spam and come up with new rules. Most SpamAssassin users are unlikely to be able (or willing) to write new rules themselves.
Recently, a new approach to spam filtering has attracted a lot of attention, thanks mostly to Paul Graham's paper A Plan for Spam. Rather than try to come up with an endless stream of clever patterns to detect spam, why not just look at the words spammers use? Each word can be assigned a probability that any message that contains it is spam; the probabilities for the words in any specific message are then combined using a Bayesian filter, yielding an overall probability estimate. If that estimate is high enough, the message is classified as spam.
At a first glance, going up against a tool as good as SpamAssassin with such a simple technique seems like a losing battle, but this approach has a number of advantages:
- Development of the word-based rules can be automated - it is
just a matter of feeding the filter enough spam and "ham" (legitimate
mail) and letting it work out a probability factor for each word.
- The filter can be made to follow shifting patterns in spam by
passing it each message that it misclassifies. Users can not be
expected to master regular expressions and write patterns, but they
can be asked to hit a "this is spam" key in their mailer.
- Each user's spam filter comes to reflect the mail that the user
receives. Spam seems like the ultimate in indiscriminate marketing,
but the fact is that different people can receive very different spam.
An individually derived rule base should prove more effective than a
"one size fits all" set of patterns.
- Classification of mail with a Bayesian filter can be done relatively quickly.
All of the above is irrelevant, however, if the Bayesian approach does not succeed in actually filtering spam. To get a sense for the state of the art, we took 3000 messages received at lwn@lwn.net - a little under two weeks worth. 295 of those messages were real mail, and 2705 were spam. If one were to believe the bulk of our mail, one would conclude that about every part of our anatomy (even those we don't possess) is the wrong size, that we are so honest that people want to extract money from Africa via our bank account, that we're missing out on numerous hot stocks, that we have a strange attraction to domesticated animals, and that the purchase of something called the "TushyClean" would greatly improve our lives. Trust us, this exercise has not been fun, but no sacrifice is too great for our readers.
Once the messages were sorted, we fed them all to SpamAssassin and to bogofilter, a new Bayesian filter written by Eric Raymond. Bogofilter was tested twice: once after training with 15% of the 3000 messages, and once after being trained with the whole set. Then we ran both filters on 5000 recent postings from the linux-kernel list, twelve of which were spam (devfs flames were not counted). The results were:
| Filter | False positives |
False negatives |
Run time (seconds) |
|---|---|---|---|
| -- 3000 lwn@lwn.net messages -- | |||
| SpamAssassin | 2 | 250 | 11,900 |
| Bogofilter (15%) | 0 | 517 | 108 |
| Bogofilter (100%) | 0 | 94 | 134 |
| -- 5000 linux-kernel messages -- | |||
| SpamAssassin | 0 | 6 | 19,600 |
| Bogofilter | 0 | 4 | 251 |
False positives are legitimate mail classified as spam. These, of course, are bad news, since they can cause the loss of real mail. False negatives are spam that slip through - an annoyance. It is appropriate that spam filters tend to err toward false negatives, and both filters shown here do exactly that.
The results indicate that bogofilter requires a substantial amount of training before it reaches the level of effectiveness achieved by SpamAssassin. This training is best done with each individual user's mail, but most users are unlikely to have a few thousand nicely sorted messages sitting around to train their filters with. So bogofilter is likely to be frustrating for many users to adopt - it won't work well until the user has run "about one thousand" (according to Eric Raymond) messages through it.
That said, bogofilter is surprisingly effective for a tool that is so new and very much still in development. And the run time relative to SpamAssassin speaks for itself. Much of the difference there will be explained by the fact that bogofilter is coded in C, while SpamAssassin is in Perl. But bogofilter also owes its speed to a much faster algorithm.
The Bayesian filter idea is not new - see this 1998 paper on the Microsoft site, for example. But recently a great deal of effort has gone into expressing this approach in free software. Bogofilter is one example; another is the spambayes project, which has been set up as a testbed for variants on the Bayesian filter idea. It will be interesting to see where these projects go; they seem to be off to an interesting start. Taking on a tool as effective as SpamAssassin is a difficult challenge, but the free software world likes challenges.
Where free software should be required by law
RISKS 22.24 includes a detailed article by Rebecca Mercuri on the latest fun with the new voting systems in Florida. That state, of course, was the source of (ongoing) uncertainty in the 2000 U.S. presidential election, due, in part, to its ancient voting equipment. Since then, the voting machines have been upgraded to new, computer-based systems with touchscreen interfaces.These systems are based on closed source code. There is no external audit trail, no way of verifying that they are recording votes as they were actually cast. Trade secret law forbids the inspection of the code in the systems. One just has to trust the vendor that the results are correct.
A primary election held there recently turned up a whole set of problems, ranging from basic usability issues to outright failure.
There has been a lot of interest recently in laws requiring governments to use free software in many or all situations. It remains unclear, to some people anyway, that such laws are really in the best interest of government, the governed, or the free software community. But, in the case of voting systems, the case seems clear: no part of the system that elects people into positions of power should be opaque. The creation of a free, transparent, verifyable electronic voting system should not be that hard a task for governments or the free software community. There is no excuse for using anything else.
Security
Brief items
Multics security, thirty years later
Worth a read: Paul Karger and Roger Schell have released a new paper (available in PDF format) entitled "Thirty Years Later: Lessons from the Multics Security Evaluation." It includes an analysis of the security of the Multics operating system, written by the same two authors and published in 1974, along with a new forward describing how things have changed in the mean time. Their assessment of the current state of computer security is harsh:
That essential enhancement is the creation of verifiable "security kernel" around which the rest of the system could be built. In 2002, very few systems built around such kernels exist, and the authors are not very enthusiastic about those which do exist:
Or, to put things in more general terms:
So how do we make things better? The paper does not provide a whole lot of new suggestions. The authors talk some about the tools that are used; for example, Multics was mostly free of buffer overflow vulnerabilities, thanks to the use of PL/I as the implementation language. PL/I required an explicit declaration of the length of all strings.
Beyond that, one gets the sense that the authors feel they said what needed to be said thirty years ago, and they are still waiting for the message to get across. Their prediction:
The authors hope for the latter scenario; so do we.
Security reports
AFD 1.2.14 multiple local root compromises
AFD ("automatic file distributor") suffers from buffer overflow vulnerabilities which can lead to a local root compromise. Version 1.2.15 of AFD contains fixes for the problems.A couple of KDE security advisories
The KDE project has issued a couple of security advisories:- This one describes a cross-site
scripting vulnerability in Konqueror (and any other application which
uses the KHTML renderer). Javascript code running in one frame can
access other frames which should be inaccessible. This problem is
fixed in kdelibs 3.0.3a.
- The second is for a secure cookie problem in Konqueror. The "secure" flag in cookies is not recognized, with the result that "secure" cookes can be transmitted over unencrypted connections. KDE 3.0.3 fixes the problem.
We will, of course, pass on distributor updates as we receive them.
A security update to XFree86
The XFree86 project has released XFree86 4.2.1, which fixes a few security problems. The most urgent problem is a vulnerability in the internationalization code which can allow an attacker to cause a privileged X client to load and execute arbitrary code. This vulnerability only exists in XFree86 4.2.0; earlier releases are not vulnerable.No distributor updates have been received as of this writing, though Slackware has updated its XFree86 packages.
New vulnerabilities
Denial of service vulnerability in amavis
| Package(s): | amavis | CVE #(s): | |||||
| Created: | September 11, 2002 | Updated: | September 11, 2002 | ||||
| Description: | AMaViS is vulnerable to a denial of service attack via maliciously crafted input. Patches exist for AMaViS, but the recommended solution is to upgrade to the (actively developed) amavis-perl tool. See this advisory for details. | ||||||
| Alerts: |
| ||||||
Input validation vulnerability in cacti
| Package(s): | cacti | CVE #(s): | |||||
| Created: | September 11, 2002 | Updated: | September 11, 2002 | ||||
| Description: | Cacti is a PHP front end to rrdtool; it assists in the creation of plots from a MySQL database. This tool does not properly validate all input, leading to a remote code execution vulnerability in certain, limited conditions. See this Bugtraq posting for details. | ||||||
| Alerts: |
| ||||||
Cross-site scripting vulnerability in mhonarc
| Package(s): | mhonarc | CVE #(s): | CAN-2002-0738 CAN-2002-1307 CAN-2002-1388 | ||||||||||||
| Created: | September 11, 2002 | Updated: | January 3, 2003 | ||||||||||||
| Description: | Mhonarc is an HTML formatter for electronic mail; it can be vulnerable to cross-site scripting problems when presented with maliciously crafted messages. This problem is fixed in mhonarc version 2.5.3, but it is not clear that all possible vulnerabilities have been fixed. See the Debian advisory below for information on how to disable text/html attachment support in mhonarc, which may be a more secure solution. | ||||||||||||||
| Alerts: |
| ||||||||||||||
Multiple vulnerabilities in wordtrans
| Package(s): | wordtrans | CVE #(s): | CAN-2002-0837 | ||||
| Created: | September 11, 2002 | Updated: | February 4, 2003 | ||||
| Description: | The "wordtrans" interface to multilingual dictionaries suffers from input validation and cross-site scripting vulnerabilities; versions through 1.1pre8 are vulnerable. See this Guardent advisory for details. | ||||||
| Alerts: |
| ||||||
Resources
The IP Security Protocol (Linux Journal)
This Linux Journal article explains IPSec, different levels of security and how to be safe sending and receiving packets over the network. "Several different solutions exist that allow us to cope with this problem, each operating at a different level of abstraction. In this article, we will discuss the differences between and purposes of application-level security, socket-level security and network-level security."
This article continues with part 2 which moves on to encapsulating security payloads and key exchange mechanisms.
This week's Linux Advisory Watch and Security Week
The Linux Advisory Watch and Linux Security Week newsletters from LinuxSecurity.com are available."Know Your Enemy: Honeynets" paper updated
The Honeynet Project has announced an update to its "Know Your Enemy: Honeynets" paper. "This update includes far greater detail in explaining how to deploy 1st and 2nd generation Honeynets. Even more exciting, we have released a significant amount of new code, especially for GenII (2nd generation) Honeynets! This should make deploying these technologies much easier, with different options and different operating systems."
Events
Security events calendar
| September 19 - 20, 2002 | SEcurity of Communications on the Internet 2002(SECI'02) | Tunis, Tunisia |
| September 23 - 26, 2002 | New Security Paradigms Workshop 2002 | (The Chamberlain Hotel)Hampton, Virginia, USA |
| September 23 - 25, 2002 | University of Idaho Workshop on Computer Forensics | (University of Idaho)Moscow, Idaho, USA |
| September 26 - 27, 2002 | HiverCon 2002 | (Hilton Hotel)Dublin, Ireland |
| September 27 - 29, 2002 | ToorCon 2002 | (San Diego Concourse)San Diego, CA, USA |
| October 16 - 18, 2002 | Recent Advances in Intrusion Detection 2002(RAID 2002) | Zurich, Switzerland |
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current development kernel is 2.5.34, released by Linus on September 9. People who had trouble with 2.5.33 may want to give this one a try; it has some important per-CPU fixes, and the floppy driver is said to really work this time. Also included is a bunch of block I/O work from Al Viro, memory management work from Andrew Morton, a JFS update, and quite a few other fixes and updates. The long-format changelog is available, as usual. Note that this kernel has a bug which can cause IDE partitions to disappear.Linus's BitKeeper tree, which may be 2.5.35 by the time you read this, contains a large set of patches including a new sys_exit_group() system call (more thread work by Ingo Molnar), a major merge of IDE code from the 2.4-ac tree (which, according to Alan Cox, works "better than expected," but one should still be careful), yet more VM changes via Andrew Morton (see below), and a number of other fixes and updates.
The current 2.5 status summary from Guillaume Boissiere came out on September 10.
The current stable kernel is 2.4.19. Marcelo released 2.4.20-pre6 on September 10; it adds a number of updates and a couple of bugs which make it fail to compile or boot for a number of users.
Alan Cox's current prepatch is 2.4.20-pre5-ac5, which is given over mostly to
new IDE code. "You can now load ide pci drivers at boot time or as
modules. Don't try unloading the modules yet
"
Kernel development news
Linus gets spam filtering
People sending mail to Linus may want to cut back on their LINES OF YELLING, keep an eye on vulgar words in their code comments, and so on. It seems that Linus has started using SpamAssassin, and it is causing him to lose a few patches due to false positives. The number of false positives is small enough that he intends to continue using the filter. And, in the end, most developers probably agree that kernel development benefits if Linus spends less time wading through spam.Speeding up reverse mapping
Ever since Rik van Riel's reverse mapping VM implementation was merged into the kernel, people have wondered how it could be made to work more quickly. The rmap code accelerates many memory management operations, but slows down others. It would be nice to get to the point where the performance regressions have been mitigated (or eliminated) while keeping the benefits of the rmap code. Linus's current BitKeeper tree contains one patch from Andrew Morton which is a big step in that direction.As described here last January, the rmap code works by keeping track of which page tables reference every physical page on the system. This is done by adding a linked list of rmap entries to the page structure; each entry in the list points to one page table entry referencing the page. The maintenance of this list is the source of the bulk of the rmap code's overhead. The many thousands of these pte_chain structures require a lot of processing to keep current, are inefficient (the structure contains two pointers; the one which points to the next pte_chain entry is pure overhead), and put lots of pressure on the memory allocation subsystem.
Andrew's solution to this problem is simply to expand the pte_chain structures to hold multiple page table pointers. Anywhere between seven and 31 PTE pointers can be stored in a single pte_chain entry, depending on the architecture. The chain overhead is reduced accordingly, and the system's cache behavior is improved. This change, it is claimed, takes 10% off that all-important kernel compile time - at least on Andrew's wimpy little 16-processor NUMA system.
One other optimization, which has been in the kernel for a while, is to eliminate the PTE chain entirely for pages which are only mapped into a single process - of which there are many on a typical system. In that case, a flag is set in the page structure, and the pointer for the PTE chain points, instead, directly at the page table entry of interest.
The rmap code still has its performance costs, especially in the fork system call. But those costs are shrinking - as are inefficiencies throughout the kernel.
Other memory management work
Lest one think that tweaking rmap is all that is happening in the memory management world: a great deal of code is currently circulating which makes big changes, and it has been finding its way into Linus's kernel.For example, 2.5.34 includes Patricia Gaughen's discontiguous memory patch, which is aimed at the needs of large, NUMA systems. On such systems, you no longer just have a simple array of memory; instead, the system's RAM is broken up into zones, each of which is attached to a particular NUMA node. Memory accesses within a node are faster than cross-node references, so the kernel needs to know where any given page resides. Memory on these systems can also have address holes between each node's zone.
The discontiguous memory patch does away with the classic mem_map array, which contained one struct page structure for each page on the system. The memory map is now split into separate, per-node maps, and all references to mem_map in the kernel have been changed. Rather than dealing with simple indexes into mem_map, the kernel now works with page frame numbers; an old reference to mem_map+i is now pfn_to_page(i). For the most part, code which did not access mem_map directly will likely require no changes in response to the discontiguous memory patches. But there will be exceptions...
Andrew Morton's "-mm" patches have become the staging area for memory management changes. The current patch as of this writing (2.5.34-mm1) contains a long list of other changes, including:
- Directory indexes for the ext3 filesystem (by Daniel Phillips).
Calling this one "memory
management" is a bit of a stretch, of course, but it is a definite
performance improver when large directories are used.
- A patch by William Lee Irwin which lets the i386 architecture
maintain page tables in high memory.
- A change to the readv and writev system calls
(by Janet Morgan) which submits all segments for I/O in parallel; this
patch greatly speeds up direct disk I/O operations.
- Rohit Seth's large page patch for the i386 architecture (covered here
last month).
- A patch which allows copy_from_user and copy_to_user
to be called in atomic (non-blocking) situations. If the copy
operation encounters a page fault, it simply fails.
- ..and many other changes.
One interesting side result from work like the atomic copy_*_user functions and the preemptible kernel is a formalization of just when the kernel is performing an atomic operation. Code in the 2.4 (and prior) kernel could check for certain situations where atomic operation was required, such as when servicing an interrupt. In 2.5, other atomic situations (i.e. holding a spinlock) are tracked, and it is easy for code with a need to say "don't interrupt me or sleep now." The result should be more explicit code and fewer bugs.
Too much attention on large systems?
Paolo Ciarrocchi recently posted an article giving some benchmark results on his laptop; these results generally show that 2.5.33 performs a little more slowly than the 2.4 kernels. Given that much of the work in 2.5 has been oriented around performance, what is happening here? Daniel Phillips summarized things as follows:
The fear that large systems performance work would slow things down on the hardware that most of us actually use has been present for years. Could it be that the big iron is finally taking over the kernel?
The answer, for now, is probably "no." 2.5 development efforts have indeed emphasized large systems performance so far. The small-systems performance has not been impaired so much as simply passed over for now. As Andrew Morton put it:
Small-systems tuning, of course, is work that can mostly happen after next month's feature freeze. Expect some serious efforts in that direction - small and embedded systems, after all, are a huge part of the Linux user base. It wouldn't do to leave them out in the cold.
Patches and updates
Kernel trees
Architecture-specific
Build system
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Networking
Security-related
Miscellaneous
Page editor: Jonathan Corbet
Distributions
Distribution News
Debian Weekly News - September 10th, 2002
This week's Debian Weekly News tells us, "The most interesting news for this week probably is the removal of Qmail from Debian's [1]list server. Thanks to the admin and listmaster team, the [2]server now happily runs Postfix." Of course there are several other topics as well.
Libranet GNU/Linux 2.7
Libranet GNU/Linux 2.7 has been released. "Libranet is based on Debian's stable woody release with upgrades to major packages like KDE and the addition of Libranet's custom installer, Libranet Adminmenu, desktop configuration and the excellent OpenOffice suite."
Mandrake Linux
MandrakeSoft announced the second Release Candidate of the upcoming Mandrake Linux 9.0. This RC2 is the last chance to influence 9.0's development by contributing reports and suggestions.The Mandrake Linux Community Newsletter -- Issue #58 contains information about the 9.0 Release Candidate and much more.
Open for Business
interviews Mandrake co-founder Gaël Duval about the company's past,
present, and future. "...I think the commercial dynamics around
Mandrake Linux, and the creation of MandrakeSoft, have been key factors
for its development and long-term success. But as you know, Mandrake is
much like a Free Software project that is financed by a commercial
company. This approach makes great difference when compared to other
Linux distributions!
"
Last week's update to cdrecord had a few problems. In some situations, noteably with xcdroast, the mkisofs utility creates pseudo-empty filesystems. The filesystem is the proper size, but the contents of the filesystem are not available. New xcdroast packages are available that are compatible with this version of cdrecord.
Slackware Linux
Several changes were made to the Slackware current tree this week. There is a security fix, and numerous bug fixes in Xfree86. Other packages have bug fixes as well. Click on Full Story to see the changes for this week, or go to the changelog for complete details.
New Distributions
DebianEdu
The DebianEdu subproject is a new project aimed at making Debian the best distribution available for educational use. Still in its early stages, this subproject is actively looking for volunteers.OpenZaurus
The OpenZaurus project aims to build a kernel and filesystem for the Sharp SL-5000d and SL-5500 which will retain binary compatiblity with the existing Sharp system. OpenZaurus will not use proprietary packages, but instead will emphasize GPL licenced packages, such as replacing the Opera browser with Konqueror/Embedded. The ultimate goal is to have a Sharp PDA with enhanced usablility, particularly for developers and power users.Simply GNUstep
Simply GNUstep is a Linux/GNU distribution aimed at providing an OpenStep feeling from bootup on. This is a stripped down distribution for ease of use. (Think OS X for x86). Version 1 is now available. This release is the first version that installs to the hard disk. It is recommended for installation on a dedicated machine or a virtual machine. Configuration is not complete, the user must manually configure X11 and networking.
Minor distribution updates
herbix
herbix has released v1.0-36. This release has been rewritten from scratch and has major bug fixes.uClinux
uClinux has released v2.5.34-uc0 with major feature enhancements.
Page editor: Rebecca Sobol
Development
The Jabberwocky IDE for LISP
The first beta release of the new Jabberwocky integrated development environment for LISP has been announced. Jabberwocky supports CLISP versions 2.27 and 2.28 and CMUCL versions 18c and 18d. Support for SBCL and GCL is planned. Jabberwocky works under Linux 2.4 and Windows, and has been released under the GNU GPL.Jabberwocky's list of features include:
- A lisp-aware editor with syntax coloring and code completion.
- An interaction pane for display of the LISP process.
- A browser for viewing source code, functions, and macros.
- A source level debugger.
For more information on Jabberwocky, see the following documentation:
- User Guide
- Reference Manual Under Construction
- Extending Jabberwocky
- Installation Guide Scroll Down for Linux
- Downloads
Thanks to author Marc Mertens.
System Applications
Audio Projects
Ogg Traffic
The September 5, 2002 edition of Ogg Traffic covers the latest developments in the Ogg Vorbis audio compression project.
Education
Linux in Education Report
Issue #78 of the Linux in education report covers a K-12 educational panel at an upcoming conference, the open-sourcing of the e-education course management system by Jones Knowledge Inc., a Linux documentation CD from Belize, The Rapla resource management and scheduling system, and more.
Electronics
Icarus Verilog 20020907
A new version of the Icarus Verilog electronic simulation language compiler has been released. See the release notes for a list of new features and bugs that have been fixed.
Embedded Systems
Two-Axis, Real-Time Camera Control (Dr. Dobb's)
Cort Dougan shows how he used RTLinux/Pro to write an embedded Linux cat-watching camera panning device. "In this article, I'll present software for viewing live images and controlling a servo-motor-driven, dual-axis mounted camera via a web page. I built this system to watch Kepler, my sick cat, while I was at the office".
Networking Tools
Installing Nagios (O'Reilly)
Oktay Altunergil shows how to install Nagios, a network monitoring system. "'Nagios is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better' (from nagios.org). This is the same tool that used to be called NetSaint until recently. Although the NetSaint site is still up, all future development will be done on Nagios."
Printing
AFPL Ghostscript 7.30 developer release
A new developer release of AFPL Ghostscript has been announced. "The major new code here is the DeviceN implementation, recently mearged in to the main development tree. People interested in DeviceN should take a look and help us iron out the remaining issues."
Web Site Development
Zope Members News
The latest Zope Members News items include Persistent Translation Service 0.1, a Forms4ZPT preview, ReplaceSupport 1.0.0, ZopeTestCase 0.5.2, MonZope 1.0, the first public alpha of Z Message Queue, ZShell v1.50, and more.mnoGoSearch-php-3.2.0.beta6 released
mnoGoSearch-php-3.2.0.beta6, the PHP frontend to the mnoGoSearch web site search engine has been released. MnoGoSearch-php-extension-1.65 is also available.Connecting middleware to Apache 2.0 (IBM developerWorks)
Uche Ogbuji introduces Apache 2.0 filter modules on IBM's developerWorks. "Apache became the most popular Web server in part because of the rich availability of third-party extensions for the server, and because its open architecture made it quite easy to roll your own extensions. Of course, nothing is ever just easy enough, so in developing Apache 2.0, one of the main goals was to improve the Apache API to make it even easier to develop extensions."
Miscellaneous
Conexant HSF softmodem driver
A new experimental version of the Conexant HSF (softmodem) driver for Linux has been released. The internal HP Omnibook xe4500 series laptop modems are now supported.Open source satellite control (IBM developerWorks)
Cameron Laird writes about a multi-language satellite control system at JPL. "How do you harness a satellite control system written in three languages, on four development platforms, and deployed to multiple client environments? With open source, naturally. When one wrong move can cost millions, rely on teamwork, smart design, and open standards to keep the project -- if not the satellite -- from going down in flames."
Desktop Applications
Audio Applications
WaveSurfer 1.4.4 released.
Version 1.4.4 of the WaveSurfer sound visualization and manipulation tool has been released. Changes include a new video plugin, bug fixes, and minor improvements.Ardour development continues
Progress continues on the Ardour multi-track audio system. New features include plugin parameter automation, GUI usability tweaks, drag-n-drop redirect re-ordering, on the fly computation of peakfiles, and a "verbose" mouse cursor.
Desktop Environments
FootNotes
The latest additions to the FootNotes site include Sodipodi 0.25, libGDA, libGnomeDB, Mergeant 0.8.193, the GNOME 2.0.2 Desktop Release Candidate 1, GNOME System Tools, Beast/BSE 0.4.1, GEP, and more.
Games
The Chopping Block
The August-September 2002 edition of the Chopping Block is out with the latest WorldForge game development news. Topics include Lagrangian Mechanics, Debian packaging, Kai's pirate tale, the Cronos Project, and more.Pygame-1.5.3 released
Version 1.5.3 of the Pygame game modules for Python has been released. The WhatsNew document lists new CD utilities, movie rendering capabilities, and bug fixes.
Interoperability
Wine Weekly News
Issue #134 of the Wine Weekly News is out. Topics include the new Wine-20020904, the Quartz multimedia DLL, Native vs. Builtin DLL's, Windows Printer Drivers, Character Sets, Splitting Up Unit Tests, Mono / Winforms + Winelib, and more.
Multimedia
Blender Foundation Newsletter
The Blender Foundation Newsletter for September 10, 2002 is out. News includes the successful purchase of the Blender code from the previous owner, which will allow Blender to be released under the GPL, and the project plan for Open Blender.
Office Applications
Open Office 1.0.1 Alpha Software Development Kit released.
The OpenOffice.org 1.0.1 Alpha Software Development Kit (SDK), has been released.AbiWord Weekly News
Issue #107 and Issue #108 of the AbiWord Weekly News are out, with the latest developments on the AbiWord word processor project.KDE Ships KOffice 1.2
KDE.News has an announcement for version 1.2 of KOffice. "What with a truly great new (English-only) thesaurus, enhanced scriptability of suite components, WYSIWYG on-screen display, bi-di text, KWord mail-merge and footnotes, KSpread database connectivity, enhanced printing and new sorting functionality, who's to argue?"
Web Browsers
Mozilla 1.0.1 released
Version 1.0.1 of the Mozilla web browser has been released. The release notes state: "Mozilla 1.0.1 contains over 650 bugfixes including approximately 25 security fixes, and over 130 stability and dataloss fixes. In addition to these important security and crash fixes, 1.0.1 has many more fixes for standards support, UI correctness and polish, performance, and site compatibility."
Mozilla Independent Status Reports
The Mozilla Independent Status Reports for September 6, 2002 are out. Updated packages include XULmine, CaScadeS, Securita, and Beonex.
Miscellaneous
Xft/Fontconfig release 2.0
Version 2.0 of Fontconfig, a library for configuring and customizing font access, has been released.Quanta 3 Picks Up Steam, 3.0 PR2 Released
KDE.News covers the release of version 3.0 PR2 of the Quanta Plus web site development tool for KDE, and other Quanta developments. "So what's new with Quanta? Well, we've released 3.0 PR2, so you're encouraged to check it out for yourself! You'll find auto-completion for HTML and tag attributes, PHP built-in function auto-completion, a revised document structure tree that recurses PHP structures and embedded HTML, and more. One exciting bit of work in progress is the ability to set different DTDs as well as offer tagging functionality in the form of pseudo DTDs to script languages."
Languages and Tools
Caml
The Caml Hump
Check out The Caml Hump for this week's Caml-based software developments. New additions include the O'Caml X Game library, Syndex, the Zen toolkit,the Baire data structure library, and enhanced Ocaml documentation.
Java
Kaffe Weekly News
The September 7 edition of the Kaffe Weekly News is out with news from the Kaffe open-source Java community.Introducing Nonblocking Sockets (O'Reilly)
Giuseppe Naccarato illustrates the use of nonblocking sockets in Java 2 Standard Edition 1.4. "As of Java 1.4, a programmer can use a brand-new set of APIs for I/O operations. This is the result of JSR 51, which started in January 2000 and has been available to programmers since Java 1.4 beta. Some of the most important new features in Java 1.4 deal with subjects such as high performance read/write operations on both files and sockets, regular expressions, decoding/encoding character sets, in-memory mapping, and locking files. In this article, I will discuss one particular new concept -- the new I/O API: nonblocking sockets."
EJB Inheritance, Part 1 (O'Reilly)
Emmanuel Proulx discusses EJB inheritance in part 1 of a series on O'Reilly. "Entity beans are objects that represent data coming from a persistent store, such as a database. The key word here is objects. Entity beans encapsulate the data and business logic. But what about the two other principles, inheritance and polymorphism? The bad news is that entity beans do not easily enable the use of these principles. The good news is that if you follow certain restrictions and tricks, it can be done. This series of articles describes some techniques to put inheritance and polymorphism back into entity beans."
Lisp
CLISP Oracle Interface Beta
The first Beta version of the CLISP Oracle Interface, a GNU CLISP module for accessing Oracle databases, has been released.LambdaTensor 1.0.0 released
The first public version of LambdaTensor, a Common Lisp library for symbolic and numeric Lie algebra and Lie group calculations, has been released under the LGPL.
Perl
This Week on perl5-porters (use Perl)
The September 2-8, 2002 Perl5 Porters Digest covers the CLONE method, v-strings, pseudo-hashes, and more Perl topics.This week on Perl 6 (O'Reilly)
The September 1-8, 2002 edition of This Week on Perl 6 looks at Parrot 0.0.8, approximate string matching in regexes, regex stack manipulations, ARGDIR, making Parrot non-Perl centric, implementing Scheme pairs, class aliasing, and much more.Going Up? (O'Reilly)
Sam Tregar covers thread programming with Perl on O'Reilly. "Perl 5.8.0 is the first version of Perl with a stable threading implementation. Threading has the potential to change the way we program in Perl, and even the way we think about programming. This article explores Perl's new threading support through a simple toy application - an elevator simulator."
PHP
PHP 4.2.3 Released
PHP 4.2.3 has been released. This version is a bug-fixing maintenance release, see the ChangeLog for all of the details.PHP Weekly Summary
Issue #102 of the PHP Weekly Summary is out. Here's the quick summary of topics: "PHP 4.2.3 is out, Win32 ZE2 preview, PHP.net e-mail, ext/sysvmsg, Ext/audio?, User-agent: built-in, Not one, but two conferences, Ext/pcre, ./configure enable-all, Internals zend_stack, Ext/overload, Mysql_db_query() (continued)."
Introducing Smarty: A PHP Template Engine (O'Reilly)
Joao Prado Maia introduces Smarty on O'Reilly's OnLamp site. "Smarty is a somewhat new development in the PHP world, and it brings several new and unique features. One of these unique features is that Smarty 'compiles' the parsed templates into PHP scripts, and then reuses the compiled template when appropriate. Obviously, this brings a huge performance improvement over other template solutions, as the main PHP script doesn't need to parse and output the same template on every request."
Python
Python-dev summary
After a long absence, the Python-dev summary has returned with Brett Cannon as the author. This issue looks at type categories, lessons from the tempfile.py rewrite, and a number of other topics.Dr. Dobb's Python-URL! - weekly Python news and links (Sep 9)
Here is this week's Python-URL, with news and links for the Python communtity.Daily Python-URL (Pythonware)
This week, the Pythonware Daily Python-URL looks at SemanText 0.72.1, Building an RSS Newsreader, Straw 0.8, SiPy: a small discrete event simulation package for Python, secure protocols and data encryption, shell utilities, and more.
Ruby
The Ruby Garden
This week's Ruby Garden shows how to allow *array expansion anywhere in a list.Ruby Weekly News
Topics on this week's Ruby Weekly News include RJudy-0.1: Judy Arrays for Ruby, a new home for the Ruby/Tk demos, GridFlow 0.6.1: a multi-dimensional dataflow processing library, Ruby-GNOME and Ruby-GTK 0.30, the YAML.rb 0.40 structured data format, ZenWeb 2.13.1, RDE 0.9.7.0, RubyCocoa 0.2.7, the FreeRIDE IDE, and more.
Scheme
Scheme Weekly News
The September 9, 2002 edition of the Scheme Weekly News covers a number of new versions of several Scheme-based projects.
Tcl/Tk
Dr. Dobb's TCL-URL!
The September 9, 2002 edition of Dr. Dobb's Tcl-URL! is out with the latest Tcl news.
XML
Get ready for XForms (IBM developerWorks)
Joel Rivera and Len Taing introduce XForms on IBM's developerWorks. "Traditional HTML forms violate many of the tenets of good markup language design, frequently mixing presentation and data. In this article, Joel Rivera and Len Taing introduce you to XForms, an extension of XHTML that represents the next generation of Web forms. Though XForms is still in an embryonic state, it holds great promise: For instance, a form written with XForms can be written once and displayed in optimal ways on several different platforms."
Controlling the DOCTYPE and XML Declaration (O'Reilly)
Bob DuCharme explains XML declarations on O'Reilly. "The XML declaration at the beginning of an XML document is not necessary, but it's the best way to say "this is definitely an XML document and here's the release of XML it conforms to."
Debuggers
GNUstep Weekly Editorial
The GNUstep Weekly Editorial for September 8, 2002 is out with the latest GNUstep development news.GDB 5.3 branch created
A new 5.3 branch has been created for the GDB debugger.
Miscellaneous
Taking Kylix 3 for a test drive (LinuxWorld)
Joe Barr writes a small application using Kylix 3 Open Edition (K3OE). "This week, I'll be describing my experiences actually using K3OE, particularly its brand-spanking-new C++ IDE. Previous versions of Kylix have been for Delphi only. I know, I know true Linux geeks never use RAD tools, or even IDEs. Not unless you consider Emacs to be an IDE, that is. For the rest of the world, RADs and IDEs are very handy tools that provide real productivity gains. Management likes that."
Page editor: Forrest Cook
Linux in Business
Business News
Winners of the Australian Open Source Awards Announced
The Australian UNIX and Open Systems User Group (AUUG, Inc.) announced the winners of the inaugural Australian Open Source Awards. The awards encourage and recognise the excellence and dedication of Australians contributing in the Open Source arena.Sun to Offer Alternative to Microsoft Desktop
This newspaper article mentions Sun's plans for using StarOffice and Linux to challenge Microsoft's desktop dominance. "Sun intends to combine its own software such as StarOffice with the free open-source operating system Linux to offer business-users a cost-effective alternative to Microsoft Office, which recently became more expensive. It is also likely that Sun will expand its Linux server offering to compete with Microsoft." More detailed announcements will come out during Sun's annual network event on September 18-20, 2002.
Trustix Newsletter September 2002
The Trustix Newsletter for September 2002 looks at what the company has been doing in the past month.
Press Releases
Open Source Announcements
- The Khronos Group (AMSTERDAM, Netherlands): Digital Media Industry Leaders Join Khronos; Khronos Group Gains Significant Momentum in Creating OpenML and OpenGL ES Graphics and Dynamic Media API Standards.
- Trolltech (Oslo): Trolltech Releases Qt 3.1 Beta 1.
Distributions and Bundled Products
- MontaVista Software (SAN JOSE, Calif.): MontaVista Software Announces Support for Intel IOP321 I/O Processor.
- Terra Soft Solutions, Inc. (Loveland, Colorado): Terra Soft Ships Black Lab v2.1 with Advanced Cluster Management Technologies.
Software for Linux
- Avaki Corporation (CAMBRIDGE, Mass.): Avaki Inks Worldwide Systems Integration Deal with HP; Alliance to Drive Industry-Leading Data Grid Software Solution Deeper into Commercial Market.
- Cadence Design Systems, Inc. (SAN JOSE, Calif.): Cadence Extends Synchronicity Partnership With Design Management Software Outsourcing Agreement.
- Cohesion Systems, Inc. (WOODSIDE, Calif.): Cohesion Announces New Design and Debug Environment for Custom IC, Analog and Mixed Signal SoC.
- Cohesion Systems, Inc. (WOODSIDE, Calif.): Cohesion Announces New Design and Debug Environment for the Allegro Design Flow.
- Cohesion Systems, Inc. (WOODSIDE, Calif.): Cohesion Announces Subscription Licensing for Design and Debug Workflows for Complex Designs.
- Epoch Integration (TORONTO): Epoch Integration Announces U.S. Availability of NeedTEXT Shell Wireless System Administration Tool for BlackBerry.
- Evans & Sutherland Computer Corporation (SALT LAKE CITY): E&S Launches World's Highest-Performance PC-IG; E&S simFUSION 5000 Uses Latest Generation of COTS Chips.
- IBM: IBM Linux resources.
- Intel (SAN JOSE, Calif.): Intel Brings MMX Technology to Intel Personal Internet Client Architecture-Based Wireless Devices.
- Intoto Inc. (SAN JOSE, Calif.): Intoto Inc. Announces the Availability of Secured Broadband Solution for Digital Homes.
- NetManage, Inc. (CUPERTINO, Calif.): NetManage Extends OnWeb Platform Support to Java Environments; Enables Companies to Deploy Legacy-based Applications on Their Platform of Choice.
- NetMon2, Inc. (ATLANTA, GA): NetMon2 Announces Availability of Event Management and Anti-Viral Productivity Tools.
- Nuesoft Technologies (ATLANTA, GA): Nuesoft Announces HIPAA Readiness.
- Scali (SAN JOSE, Calif.): Scali Plans to Make the ScaMPI Library Available for the InfiniBand Architecture.
- ScanSoft, Inc. (PEABODY, Mass.): Centrinity Selects ScanSoft RealSpeak Text-To-Speech for its FirstClass Communications Platform.
- Seapine Software, Inc (MASON, Ohio): Seapine Software Ships Surround SCM -- Complete Change Management for Cross-Platform Development Teams.
- Webwasher.com (PADERBORN, Germany): WebWasher Now Washes E-Mails As Well - At The Internet Gateway: Integrated Web And E-Mail Filtering For More Security and Better Performance.
Products and Services Using Linux
- Avnet Enterprise Solutions (TEMPE, Ariz.): Avnet Enterprise Solutions Opens Hands-On State-of-the-Art SAN Center.
- Opera Software (Oslo, Norway): Opera Selected to Star in Kaii PDA.
Hardware with Linux support
Linux at Work
- Alternative Technology (DENVER, CO): Alternative Technology Enables Wireless Enterprise Solutions In Canada With Products From Alvarion, Inc. .
Java Products
- Rococo and ARS Software (Dublin Ireland): Rococo and ARS Software Partner to Distribute Java & Bluetooth Solutions.
- Tower Technology (ATLANTA, GA): New TowerJ 3.9 Release Available for Solaris and Linux Platforms.
Books and Documentation
- O'Reilly (Sebastopol, CA): "HTML & XHTML: The Definitive Guide, 5th Edition" Released by O'Reilly.
- O'Reilly (Sebastopol, CA): Information Architecture More Important Then Ever; New Edition of the Classic "Information Architecture for the World Wide Web" Released.
- O'Reilly (Sebastopol, CA): New Edition of "Essential System Administration".
Trade Shows and Conferences
- OpenHSF Initiative (Oakland, CA): OpenHSF Initiative to Present at VR World Congress; Industry-Wide Effort Invited to Debate Standards at Virtual Reality Forum in Paris.
- Red Hat, Inc. (RALEIGH, N.C.): Red Hat Chairman Matthew Szulik Slated for Keynote at North Carolina's B2T Conference.
Partnerships
- Lindows.com and HP (San Diego, CA): Addition of Hewlett-Packard Brings Comprehensive Printer Support to Lindows.com Users.
- Linux Game Publishnig and Pyrogon (Nottingham): Linux Game Publishing and Pyrogon Inc. Announce Strategic Partnership.
- PlanetLogix and Jabber, Inc. (DENVER, CO): PlanetLogix Incorporates Jabber Communications Platform into its Sales Force Automation Software.
- Terra Soft and Parasoft (MONROVIA, CA): Terra Soft signs on as Parasoft Channel Partner to offer Insure++ for Yellow Dog Linux on PowerPC.
Financial Results
- Neoware Systems, Inc. (KING OF PRUSSIA, PA): Neoware Announces Execution of Rule 10b5-1 Plan.
Miscellaneous
- Sistina Software (MINNEAPOLIS): Linux Journal Names Sistina Software's Logical Volume Manager Best Storage Solution; Leading Linux Experts Nominate Sistina for the Prestigious Editor's Choice Award.
- Ximian (BOSTON): Linux Journal Names Ximian Evolution Best Linux Communications Tool; Groupware Suite Earns Publication's Editors' Choice Award.
- eTForecasts (BUFFALO GROVE, Ill.): eTForecasts: Pocket PC PDAs to Surpass Palm OS PDAs in 2004.
Page editor: Rebecca Sobol
Linux in the news
Recommended Reading
Corporate Paws Grab for Desktop (Wired)
Wired takes a look at how bills like the Digital Millennium Copyright Act have caused some PC manufacturers to build PCs with hardwired copyright protection. "Today, manufacturers seem more likely to produce computers that operate more like VCRs or DVD players than the PCs people are accustomed to. These machines have copy-protection embedded in the hardware, much like home recorders that keep people from making copies of videos they have purchased."
Red Hat's founder joins the circus (News.com)
News.com covers Red Hat founder Bob Young's latest venture, the Lulu Tech Circus. ""Attendees that go to trade shows feel somewhat used...like so much cattle fodder for the vendors," Young said. The Circus is about "empowering consumers. It's about knowledge and understanding." Unlike other trade shows, which focus on a common--and often times narrow--theme, Lulu Tech Circus will be a menagerie of all things technology, Young said. The conference is structured around five tracks, called "experiences," which will each have a specific focus."
Yahoo, ISPs enter Net privacy fray (News.com)
News.com examines subtle details of the DMCA that allows a copyright owner to subpoena subscriber information from an ISP when a copyright violation is suspected. ""What the RIAA is really seeking, at the end of the day, is to shift the burden of copyright enforcement from its own members--who apparently would prefer not to alienate potential customers by suing them outright--to an ISP that does nothing more than provide an Internet connection to the customer," the brief says."
University to challenge copyright laws (News.com)
News.com reports that the law school at Duke University has received a $1 Million grant, to be used for challenging recent expansions of the U.S. copyright laws. "The school, which plans to announce the gift at a conference in Washington on Thursday, is using the money to fund a center focused on finding "the correct balance" between intellectual property rights and material that should be in the public domain. James Boyle, a Duke law professor and co-director of the school's Center for the Study of the Public Domain, says that the center is likely to look skeptically at recent laws like the Digital Millennium Copyright Act (DMCA) and a measure that extended duration of copyrights by 20 years."
Companies
BEA Pushes Java VM Advantage On Windows, Linux (TechWeb)
TechWeb reports on the release of the JRockit 7.0 Java VM from BEA Systems, which is targeted at Linux and Windows. "The problem, said Stahl, is that those three vendors have bigger priorities than optimizing Intel platforms for Java. Microsoft is pushing it's own .NET framework, Sun focuses on Solaris, and IBM has a slew of legacy platforms to support (though it arguably has done much to advance Java on Linux and Windows)."
There's more to Dell's cluster success than meets the eye (ZDNet)
ZDNet looks at bigger issues behind Dell's sale of a Linux-based cluster to SUNY. "This is yet another episode in the continuing saga of the fall from grace of proprietary technologies, the commoditization of processing power, and the difference between the must-haves and the nice-to-haves in budget-constrained times. It's also a signal that the high-end technical computing space is no longer a sanctuary for vendors of premium-priced boutique systems."
Open-source stalwart leaves HP (News.com)
News.com covers Bruce Perens' departure from HP. "He has worked with HP to broaden its Linux and open-source efforts, but has also occasionally come into conflict with the company. Perens had planned to show attendees at a midsummer open-source convention how to circumvent controls on DVD players, but backed off under pressure from HP."
Balancing Linux and Microsoft (NY Times)
The NY Times covers Bruce Perens' departure from HP. "After the merger with Compaq, Hewlett also became the largest vendor of Linux-based server computers, ahead of Dell Computer and I.B.M. Yet Hewlett's bet on Linux still pales compared with its reliance on Microsoft. And after the merger, it was mainly former Compaq executives who took senior positions overseeing the Linux business." (Registration required) Thanks to Jim Turley
Philips sees new life for Linux (ZDNet)
ZDNet looks at a new project by Intel and Philips: The Pronto++ reference platform. "The platform runs on Intel's PXA250 processor, which uses ARM-based XScale technology. A representative said that the platform will initially use a third-party embedded Linux distribution, although the vendor has not been named."
Is that a Mac in a penguin suit? (News.com)
News.com covers dual boot computers from QliTech Linux Computers. "The company is offering Macs, with standard Apple warranties, pre-loaded with Linux software from SuSE, Mandrake, Debian or Gentoo, with Mac OS X installed on a separate partition. The machines are sold at Apple's typical retail prices."
SGI raises the Itanic (Register)
This article from the Register covers the recent use of Linux by SGI. "Earlier this summer, SGI launched a tour to reassure customers that its heart and soul remained with MIPS and Irix. Today it touted impressive memory benchmarks for its Itanium2 hardware, due to be launched next year, and it's running Linux."
Business
An Alternative to Microsoft Gains Support in High Places (NY Times)
Several readers have pointed out this NY Times article which introduces open source software, and Linux, as an alternative to Microsoft. "As open source software, especially Linux, has spread, countries in other regions have also come to regard it as both a model of software development and perhaps an engine of economic growth. The government proposals and projects are efforts to position their nations to exploit a promising trend in technology." [The NY Times is a registration required site]
Lindows.com and Microtel to Offer $199 PCs (San Diego Union-Tribune)
The San Diego Union-Tribune reports on a partnership between Lindows.com and Microtel Computer Systems, the companies will be assembling ultra-inexpensive PCs that will be sold at Wall-Mart stores. "How can a new computer be so inexpensive? For one thing, it doesn't come with the Microsoft Windows operating system, which sells for about $199 itself. Instead, the computers are based on the Linux computing platform and use the Lindows operating system. They are being sold on Walmart.com, the Web site of the Wal-Mart discount store chain. They also don't come with monitors, which sell separately for as little as $75."
What baseball--and you--could learn from the Web (ZDNet)
ZDNet has a baseball analogy for the open source model, involving a recent issue with Major League Baseball (MLB) logos on the web. "MLB may not understand the Web model. But if it wants to recruit new followers (as well as win back those it has already lost), it needs to think of its intellectual property in the same way as the W3C. Unlike Disney, for which visuals are its main selling proposition, logos are not MLB's main product."
IT managers cite security and competition when choosing a Linux system (International Herald Tribune)
The International Herald Tribune examines why businesses are choosing Linux. "Where governments deal with issues of open-source culture and monopoly-busting, small companies indicate three main reasons for taking the plunge: reliability, security and cost." Thanks to Martijn Dekkers
Interviews
Larry Wall On Perl, Religion, and... (Slashdot)
Shashdot answers Perl questions on Slashdot. "Not only did Larry Wall answer your questions, but he said they were excellent questions. You've got to love Larry Wall, not just because he's a nice guy and created Perl, but also because he is the first Slashdot interview guest ever to send his answers preformatted in squeaky-clean HTML."
Looking Back, Looking Forward: Gaël Duval on Mandrake (Open for Business)
OfB interviews Mandrake co-founder Gaël Duval about the company's past, present, and future. "...I think the commercial dynamics around Mandrake Linux, and the creation of MandrakeSoft, have been key factors for its development and long-term success. But as you know, Mandrake is much like a Free Software project that is financed by a commercial company. This approach makes great difference when compared to other Linux distributions!"
Resources
Embedded Linux Newsletter
The September 5, 2002 edition of the LinuxDevices Embedded Linux Newsletter is out with the latest embedded Linux news.In-Memory Database Systems (Linux Journal)
Here's a Linux Journal article on the use of in-memory database systems (IMDS) in embedded products. "In-memory databases have emerged specifically to meet the performance needs and resource availability in embedded systems. As the name implies, IMDSes reside entirely in memory--they never go to disk."
Xbox Linux project releases SuSE 8.0 howto (Register)
For those not scared off by the preceding article, the Register provides a tutorial on installing SuSE 8.0 on an Xbox. "First you need a mod chip, the XBE bootloader and patched SuSE kernel downloaded from the Project, a SuSE nforce driver from the nVidia site, the correct USB adapter for the Xbox and (easy-peasy this bit) a USB keyboard. Oh, and a SuSE 8.0 compatible PC."
Xbox Live to target hackers? (News.com)
News.com reports that Microsoft may backtrack on an earlier pledge not to use its Xbox Live online gaming service to crack down on "mod chips". "The 14-page user agreement and privacy notice included with the first Xbox Live kits sent to beta testers specifies that Microsoft reserves the right to revoke Xbox Live privileges for anyone with a hacked Xbox and to scan consoles on the network to enforce its rights."
Open source satellite control (IBM developerWorks)
IBM developerWorks shows how the open source model helps satellite engineers with the Jet Propulsion Laboratory (JPL). "How do you harness a satellite control system written in three languages, on four development platforms, and deployed to multiple client environments? With open source, naturally. When one wrong move can cost millions, rely on teamwork, smart design, and open standards to keep the project -- if not the satellite -- from going down in flames."
Reviews
Intel embeds Linux in home digital media adapter (LinuxDevices)
LinuxDevices.com looks at Intel's new "Digital Media Adaptor". "The device, which is based on an XScale microarchitecture PCA210 'applications processor' and runs an embedded Linux operating system, receives digital media from the PC via 802.11 wireless networking and UpnP technologies, and connects to TVs and stereos using standard audio/video cables -- much like a DVD player."
Book Review: Linux Administration Handbook (Linux Journal)
Linux Journal reviews the Linux Administration Handbook by Evi Nemeth, Garth Snyder and Trent R. Hein. "So many of the available books about Linux are either too generic to be of much use for doing serious systems administration or so specific that they are useful only for one version of one Linux distribution. This book is an exception. First, it is heavy on concept, so you actually learn how things work instead of learning how to be a technician. The specifics are then addressed by showing what you do on Red Hat 7.2, SuSE 7.3 and Debian 3.0."
Book Review: Linux Routers - A Primer for Network Administrators, 2nd Ed. (Linux Journal)
Linux Journal reviews Linux Routers - A Primer for Network Administrators, 2nd Edition. "Each chapter on router configuration begins with an introduction of what tasks the router needs to accomplish, followed by the specific kernel options or software packages required for that task. Any hardware needed for the router also is introduced. Next come step-by-step instructions for configuring the Linux kernel and discussions of troubleshooting procedures. Illustrations and tables are provided to clarify the material presented. There is also information on utilities or diagnostic applications useful in specific situations."
Sony gadget picks TV shows for you (News.com)
News.com reviews Sony's new Cocoon, a hard disk video recording device that runs Linux. "Sony on Wednesday gave a fresh peek into its strategy for linking consumer electronics to the Web, unveiling a Net-connected video recorder that can seek out and record TV programs it thinks its owner would like. The device, which uses a hard-disk drive to record, instead of optical discs or magnetic tapes, will be the first of Sony's "Cocoon" line of products that aim to become an alternative to the PC for accessing Internet content."
Miscellaneous
True Freedom of Choice (Linux Journal)
Linux Journal has an article that describes a Windows user's experience with the switch to Linux. "Did I want to switch because I longed for the good old days when you knew, or at least could have a good idea about, what making a change to your computer would cause that computer to do? Was it because I suspected some better operating system was out there? Was I concerned, after reading my End User License Agreement, that use of the operating system implied a right for the vendor to gain access to my machine and apply unnecessary or unwanted updates? In a nutshell, the answer to all these questions was yes."
Library invests in Free Software (GNU-Friends)
GNU-Friends reports on the use of the Koha library system by a library in Ohio. "Nelsonville Public Library, in Athens County, Ohio has recently decided to migrate to Koha, a free software integrated library system. While reviewing it, they decided that they felt that it needed three additional features to meet their needs. Instead of dropping it from consideration, they decided to take the money that they would otherwise spend on licensing fees and pay someone to implement these features."
Page editor: Forrest Cook
Announcements
Resources
GNU manuals available in printed form.
Several GNU manuals are now available in printed form. Available titles include the GNU Scientific Library Reference Manual, the GNU Octave Manual, and An Introduction to R.archLSB for Itanium Architecture
The Linux Standards Base has announced the public review of the Itanium Architecture "archLSB-IA64" ABI specification. The public review begins Friday Sept. 6th, 2002 and will end Friday Sept. 27, 2002. Your reviews, opinions, and contributions are welcome.
Upcoming Events
Singapore Linux Conference needs sponsors
The Singapore Linux Conference, currently scheduled for October 14 - 16, 2002, is looking for sponsors to help pay speakers.PHPCon 2002
PHPCon 2002, a conference on the PHP web scripting language, will be held in Millbrae, California on October 24 and 25, 2002.The Python UK Conference 2003
Early planning is in the works for the Python UK Conference, 2003, to be held on April 2 and 3, 2003 in England.Registration is open for the Ruby Conference 2002
Registration is now open for the Ruby Conference 2002, to be held in Seattle, WA on September 1-3, 2002.Penguin Breeding at Gnomedex (Linux Journal)
Doc Searls has written a review of the Gnomedex conference.Perl 'Meetup' (use Perl)
Use Perl has an announcement for the first Perl Meetup, to be held in London, England on September 19, 2002.Events: September 12 - November 7, 2002
| September 12 - 13, 2002 | Open source GIS - GRASS users conference 2002(GRASS) | (Centro Servizi Culturali S. Chiara)Trento, Italy |
| September 12 - 13, 2002 | Perl 6 Mini::Conference | (ETF, E1, ETH Zurich)Zurich, Switzerland |
| September 16 - 20, 2002 | 9th Annual Tcl/Tk Conference | Vancouver, BC, Canada |
| September 18 - 20, 2002 | Yet Another Perl Conference Europe 2002(YAPC::Europe 2002) | Munich, Germany |
| September 25 - 27, 2002 | The Second Open Source Content Management Conference(OSCOM) | (Lawrence Hall of Science, University of California)Berkeley, CA |
| September 27 - 29, 2002 | Lulu Tech Circus | (State Fairgrounds Complex)Raleigh, North Carolina, USA |
| October 11 - 13, 2002 | V Congreso Hispalinux | San Sebastian-Donostia, Spain |
| October 14 - 16, 2002 | The Singapore Linux Conference 2002 | (Le Meridien Singapore)Singapore |
| October 14 - 15, 2002 | The Open Group Conference | (Hotel Martinez Palace)Cannes, France |
| October 17 - 18, 2002 | Open Source for E-Government | Washington, DC |
| October 24 - 25, 2002 | PHPCon 2002 | (The Clarion Hotel SFO)Millbrae, California |
| October 28 - 31, 2002 | International Lisp Conference 2002 - The Art of Lisp | San Francisco, CA |
| October 30 - 31, 2002 | Think-Linux, The Solutions Show | (The Pinnacle)Toledo OH |
| November 1 - 3, 2002 | 2nd Annual Ruby Conference(RubyConf 2002) | (Washington State Trade and Convention Center)Seattle, Washington |
| November 3 - 6, 2002 | International PHP 2002 conference | Frankfurt, Germany |
| November 3 - 8, 2002 | 16th System Administration Conference(Lisa '02) | Philadelphia, PA |
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Page editor: Forrest Cook
Letters to the editor
Releasing old software into public domain.
| From: | Pavel Roskin <proski@gnu.org> | |
| To: | gnu@gnu.org | |
| Subject: | Releasing old software into public domain. | |
| Date: | Thu, 5 Sep 2002 18:42:56 -0400 (EDT) | |
| Cc: | letters@lwn.net |
Hello!
Reading recent discussions in the online media, it is clear that many
people have an issue with the copyright laws that make copyrights remain
in force for many decades.
I believe that the Free Software Foundation should release into the public
domain all the software currently under GPL, that is at least 15 years
old, and for which FSF is the sole copyright holder.
GPL is a great license because it uses the copyright law to make software
free. However, 15 years should be enough for software to enjoy copyright
protection. Even when our goals are noble, we should not be using the
copyright law beyond the fair limit that we would like it to have.
In my opinion, FSF could make a good point by releasing its old software
into the public domain. That would be an example for other copyright
holders, even those who produce non-free software.
Possible damage to the free software would be negligible. I cannot
imagine software companies craving for Emacs or gcc sources from 1987.
In fact, I could not even find gcc that old on the GNU FTP site - the
oldest version is dated 1988.
You see, 15 years is like eternity for software. One cannot make money
from 15 years old software without twisting the law and doing immoral
things. I cannot imagine the Free Software Foundation suing somebody for
embedding 15 years old software into proprietary applications. Then let's
make it clear to everyone that we won't ever do it.
I really hope that FSF will use this opportunity to influence copyright
law and set a good precedent for other software copyright holders.
--
Best regards,
Pavel Roskin,
free software developer
[new] Koha for libraries and ??? for ABA and ??? for HMOs
| From: | Tres Melton <class5@pacbell.net> | |
| To: | letters@lwn.net | |
| Subject: | [new] Koha for libraries and ??? for ABA and ??? for HMOs | |
| Date: | Fri, 06 Sep 2002 03:59:45 -0700 |
Dear LWN readers,
I recently posted this to gnu-friend.org in response to a <a
href="http://lwn.net/Articles/9255/">link</a> that I followed from LWN
and thought that a wider audience might be more appropriate. The
following is my comment:
----------------------------------------------------------------------
This is an awesome thing to do. I'm glad that a single library took the
plunge but it might have been easier and cheaper for a number of them to
invest together.
What would be cool is if the American Bar Association, a hugh consumer
of office software, were to spearhead the development of a free software
word processor. They could start with Abiword or one of the many other
packages available. they could then fund the addition of features like
citing legal information, legal templates, a spell checker that
understood the latin terms that are used in legal briefs, etc.. If this
took off then most legal firms (not that they are my favorite entities
in the world) could save millions of dollars on office packages. Further
all of the legal papers that get filed are in the public domain (unless
a judge seals them) so why not use a public format for the documents so
that the public can truly access them. This would certainly make it
easier for non-laywers to get information that they may need.
This idea could also be used for the entire health care industry. If
congress wanted to cut costs in the health care industry imagine how far
they could go by making the forms standardized for all parts of the
industry. Insurance should like this as well. If the entire industry
used the same software then all of the documents would be in the same
format - both from the disk storage point of view and from the page
layout point of view. This would make it easier for anyone in the
industry to process information since common fields would always be in
the same place in the document. Everyone in the industry would have
access to the software for free and could thus save millions. The
documents could be exchanged between pharmacies, hospitals, doctors,
patients, insurance companies, Social Security, Medicare, Medicaid, etc.
without the need to reformat or re-enter the information. There are
literally thousands of different forms that are required by different
insurance carriers and all but one could be eliminated.
These are just two examples where free software could benefit entire
industries. Both of these projects are too big to be taken on by a
single lawyer or doctor but the Bar Association is big enough to handle
the leagl word processor and any of the government agencies that I
mentioned could take care of the medical one. Further the government is
large enough that if they mandated that all reports that are submitted
to them be in the new format that everyone else would just kinda fall in
line.
The real place that Free Software would be of value is if it simply
eliminated the need for proprietary software in most of the industries
that don't really need it. Obviously I'm not advocating running a
radiation machine on Free Software but the reports that it generates
could certainly be in a common format. Almost all industries could start
to develope their own software: Banking, Investment Houses, Accountants,
etc.. Some software could be used across many industries. Take
scheduling for example: you make appointments at the doctor's office
just like you do to get your hair cut. I think that there would be a
business model in a software development company getting a bunch of
companies from the same industry together and say "Software is an
expense to you. For some upfront money now we can eliminate a large
portion of you software spending in the future." Companies that do not
write software to sell but to run their business on do not compete with
their software (for the most part) so why not level that part of their
playing field so that they can focus their energies in areas where they
do compete.
Construction companies and architects are another one that comes to
mind. Let them compete on the price and style of the homes that they
build and eliminate the cost of software. There are many programming
libraries that will run equally well on Winblows as they will on Linux.
We can't expect them to ditch what they are familiar with until we can
prove that everything that they need to run their business will run on a
free OS: GNU/Linux
Best Regards,
Tres Melton
class5 (at) pacbell.net
Make BAD Patents costly
| From: | "Anand Srivastava" <Anand.Srivastava@ascom.ch> | |
| To: | letters@lwn.net | |
| Subject: | Make BAD Patents costly | |
| Date: | Thu, 5 Sep 2002 14:13:45 +0200 |
Hi,
Today, I realized what is wrong with the Patent system. There are not
enough balances. It doesn't penalize people who create bad patent. We
can't expect Patent Office to know whether a given Patent is about a real
breakthrough. So we should modify the Patent Law in such a way that
creating bad patents would be costly. Basically make it so expensive to
create non-defendable patents that it becomes profitable to challenge bad
patents in court.
If a holder loses in court not only does he/she/it loses the ability to use
it but also has to pay for the expenditure of the court case. Since Patents
are used for making money, it must be deemed that the Patent holder was
benefitting illegally, so must be told to pay an amount which depends on
the income of the holder for the duration the patent was in effect. This
must be reduced by the no. of patents the holder has. This fine must be
increased if the patent was done in bad faith. Also the patent should be
made invalid if any point in the patent is found to be invalid. This will
force applicants to make their patents as narrow as necessary.
Ofcourse there will need to be some balances to this as well. If a holder
loses on the basis of prior art then the holder should be required to only
pay the case fees, not the fines, if the holder can prove that he/she/it
had no idea that the solution already existed. Also if the holder wins then
the loser must pay the holder the case fees. This will act as a deterrent
to suing without much reason.
Also Patent lifetime must be short for software, something like 5yrs should
be fine.
-anandsr
Page editor: Jonathan Corbet