[LWN Logo]
[LWN.net]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests


Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

Other LWN stuff:
 Daily Updates
 Calendar
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Archives/search
 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- GaŽl Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials


'Ramen Worm' attacks Red Hat-based systems. A new worm, dubbed the "Ramen Worm", was spotted on the Internet this week. For those of you unfamiliar with the term, a "worm" is a self-propagating attack, e.g., a script is written to attack a system, copy itself to that system and then automatically go out to find new vulnerable systems and attack them. This differs from the term "virus" in that viruses are attached to or embedded in otherwise innocuous files or programs. Linux is generally (though not theoretically) immune to viruses; it is not immune to a worm, since a worm is simply a specialized case of a successful, usually network-based, attack.

Nonetheless, a worm is self-propagating, like a virus, so there are similarities. This particular worm was not an impressive example, at least to security experts. It was cobbled together from pre-existing components and exploits vulnerabilities that are four to seven months old. As such, it is a good example of why we warned back in November, 2000 that the Linux community should not become too cocky about its security record, based on its relative immunity to viruses. Given how easily this one was developed, we can expect to see more of them in the future.

The biggest lesson from the worm this week is apply your security updates. The only systems vulnerable to this attack were those with vulnerabilities that had been reported months ago and for which fixes had long since been available. Obviously enough systems fit this criteria to fuel a significant attack.

The actual impact of the worm is minimal, restricted to disabling anonymous ftp access and defacing websites. Unfortunately, it could easily be modified to be much more damaging. Confirming the lack of actual malicious intent, the worm has been reported to only attack systems with anonymous ftp enabled and then to close politely close anonymous ftp behind it, essentially preventing the system from being infected again via the same mechanism, unless the local administrator re-enables anonymous ftp without patching the system. (It is worth noting that the scanning traffic created by the worm is causing problems for some networks, especially those which use multicast).

The worm found this week specifically targets Red Hat 6.2 and Red Hat 7.0 systems that have not applied security updates for wu-ftpd, nfs-utils and LPRng. Here are the advisories for the applicable security updates, though, of course, it is recommended that all security updates be applied:

Red Hat 6.2:

Red Hat 7.0:

In addition, although the worm was written to attack Red Hat Linux systems, the vulnerabilities themselves are not specific to Red Hat and therefore the worm could also easily be rewritten to attack other Linux systems. Below are links to our coverage of the involved vulnerabilities, including links to updates from other Linux/BSD vendors:

This ZDNet article provides some interesting information on the worm. For more technical detail, several analyses of the worm have been published, including this one by Daniel Martin. The majority of first-hand information about the worm comes from the SecurityFocus Incidents mailing list, on which the worm was first reported on January 15th.

Signs of the times. Should anybody still doubt that the Linux business climate has changed dramatically over the last year, a couple of events from the last week should help to clarify things:

  • Linuxcare and Turbolinux have an agreement to merge. There is no official announcement at this point, but we have received confirmation from Linuxcare that a deal has been made.

  • Lineo has withdrawn its intended initial public offering (IPO) of stock, which was filed last May.

The current business climate is clearly no fun, especially if your business depends on obtaining funds from investors. Linuxcare, Turbolinux, and Lineo have all attempted to go public; none have yet succeeded. In a world where private investment has dried up, and the IPO market is closed, it is difficult for a startup business to get large enough to firmly establish itself.

In such an environment, about the only "get big fast" route that remains open is consolidation. It would not be surprising to see a number of other Linux companies look to mergers as a path to growth. A year from now, there may be a much smaller community of Linux companies doing business.

Turbolinux, meanwhile, has long taken the approach that it is a software vendor, and that it is not interested in the services-based plans adopted by distributors like Red Hat. The merger with Linuxcare is obviously the end of that strategy. It is also likely to be the end of Turbolinux's IPO bid, at least for now. Merging with Linuxcare is such a fundamental change that Turbolinux would essentially have to throw out its IPO filing and start over. In a time when the markets are openly hostile to initial offerings, the company is unlikely to bother with a new filing.

An interesting question will be whether the merger is the end of Linuxcare's distribution-independent policy. A credible, neutral stance will certainly be harder to maintain when Linuxcare is part of a major Linux distributor. Those interested in speculation might wonder if, instead, Turbolinux is preparing to deemphasize, if not exit, the distribution business in favor of its clustering and other value-added offerings. According to its IPO filing, Turbolinux only derived 37% of its revenue from operating system sales in the first half of 2000. Might Turbolinux have decided that its future lies elsewhere?

What the future holds for Lineo is unclear. Failed IPO bids are often followed by reductions in staff; Lineo has grown rapidly through its series of acquisitions and may now find itself needing to slim down a bit. It is also worth noting that the embedded Linux world is highly fragmented, with several companies all competing with each other. Some consolidation in that sector is to be expected.

VA Linux Systems puts out another warning. In another sign of the times, VA Linux Systems has put out another warning that earnings will not be up to expectations. Revenue for the second quarter (which ends on January 27) is expected to be $50 million at best, for a loss of $0.24-0.28 per share. Among other things, VA says that the usual January sales upturn has not happened this year, and blames the state of the economy in general.

VA has also been facing price pressure:

Additionally, the current economic conditions are creating a difficult pricing environment resulting in lower gross margins. Going forward in this economic environment, we intend to focus on higher margin business and to manage expense levels such that we can achieve profitability given our revised revenue expectations.

Of course, "manage expense levels" is PR-speak for "lay people off." The "current economic conditions" aren't getting any better. (VA has legal problems as well; see this week's Linux in Business page for discussion of the class-action lawsuits against the company).

Through all of this it's worth remembering that Linux and the businesses that have sprung up around it are two different things. It may not be the easiest of times to run a Linux business (though it's certainly far better than it was even five years ago), but Linux itself is doing great. Adoption and mindshare continue to increase, and the software is just getting better. And many businesses are doing well. For example...

There is still money for Linux businesses, at least occasionally. Consider these examples:

  • Conectiva has announced an equity investment from ABN AMRO bank, Intel Capital, and LatinTech Capital. The amount of the investment has not been disclosed; it will be used to expand Conectiva's service network and to "stimulate open source application software products" in specific areas.

  • A company called RLX Technologies has announced its existence. RLX will be building rackmount server boxes for hosting centers; they will be based on Transmeta chips and Linux. RLX expects to beat the competition in low pricing, high server density, and low power consumption. The company, which includes a number of Compaq founders, was launched with $19 million in angel investments, and is working on concluding another financing round now.

  • The company formerly known as Helix Code (now "Ximian") has announced the receipt of $15 million in funding from Charles River Ventures and Battery Ventures.

Clearly some investors still believe in the future of Linux, even if the stock market is not currently favorable. As Linux and free software in general continue to grow, investors will figure out that their future is still bright. We will, with luck, never see a repeat of the frenzy of a year ago; but we should, at some point, leave the current depression behind as well.

Interview: Larry Wall. [Larry] ChangeLog.net editor Maya Tamiya has sent us another interview. This time, Maya has interviewed Larry Wall at the Perl/Ruby conference, which was held in Kyoto, Japan at the end of last year. In this interview, Larry discusses a wide range of topics, including his job at O'Reilly, Perl certification, the commercialization of Perl, competition between open source projects, the power of laziness, Perl 6, post-modernism, software patents, documentation, and more. (This interview contains a number of pictures; there is also a smaller version available for those with limited bandwidth).

Hardware sales are getting, well, hard. Earlier this week Tuxtops announced that it would be dropping its Linux laptop line in favor of a software product to be announced at a later date. The LWN.net staff immediately began to ponder if there was some real problem with getting Linux to run on laptops, or if making a business out of that was really all that hard. After all, LinuxLaptops and VA have both exited that market. ASL still sells them though the list of small laptop vendors with a Linux focus is dwindling. So, what about the big players?

IBM lists 3 ThinkPad models (A20m, T20, and T21) that they ship preloaded with Linux. All are loaded with Caldera OpenLinux eDesktop. While they point out that IBM hardware has been Red Hat certified, a search through Red Hat's certified hardware database, searching for "IBM" and "Notebooks" (any architecture, any Red Hat release), comes up empty.

Gateway doesn't make it easy to determine if it sells notebooks preinstalled with Linux from its site. Compaq's support of Linux is well known, but its Linux site has no information on laptops. Dell at least has a Linux specific section on its site, but it only mentions servers and desktop system as preinstalled. No obvious information on laptops is provided.

So what's the deal with laptops and Linux? Of course Linux works well on laptops (most of the LWN.net staff uses Linux laptops of one kind or another). The lack of preinstalled support can be the result of a number of issues. First, many of the features that are used to add value to laptops by hardware makers are only now, with the release of the 2.4 kernel, becoming commonly supported: USB, Firewire, DVD, S-Video output, WinModems, and so forth. Since smaller hardware vendors like LinuxLaptops or Tuxtops (though not necessarily Dell, IBM or Compaq) are generally not also Linux distributors, they rely on well-known distributions to support these features. That will happen later this year. For now, these smaller vendors are on their own. So that would leave the larger companies, those with resources to produce drivers for the more modern hardware features commonly found on laptops, to write their own drivers. They can do that, so why the lack of preinstallation?

The next issue may be margins. While Linux is inexpensive, laptops are not. Larger companies have to push these machines in volume, though probably not to the levels required for desktop systems. Laptops with Linux preinstalled may not be the high volume market needed to sustain smaller, Linux-focused companies. Of course, all hardware vendors have been hit fairly hard by a slowing economy and weak sales in general. The disappearance of a few smaller vendors is a normal shakeout under these circumstances. But that still doesn't explain why preinstalled laptops from the big three aren't well publicized.

While hardware support used to be a viable reason for lack of support, it's hardly the status quo these days. Too many people are writing drivers for new hardware - IBM expects to put $1 billion US dollars into development this year alone. Preinstalled Linux, especially on laptops shouldn't be that hard. So what is the biggest reason Linux isn't preinstalled?

Laptops aren't servers. And Linux is still trying to establish itself on the desktop. Hardware makers have everything to gain with preinstalled Linux servers. The value in preinstalled desktops - and laptops - has yet to be measured.

Update: A number of readers pointed out that Dell's web site does indeed list preinstalled Linux systems. You just need to look at the sidebar to find the link to the right page. Additionally, David Sifry, CTO of Linuxcare, pointed out that IBM's certifications come through Linuxcare, not Red Hat, despite the way it appears on IBM's site. Looks like the IBM web designers were just told the systems were "Red Hat Certified", and not who did that certification.

Inside this week's Linux Weekly News:

  • Security: Borland InterBase back door, cgi-bin file extension issues, glibc, PHP, dhcp, rctab, flash, jaZip, splitvt and other vulnerabilities.
  • Kernel: 2.4.0 and disk corruption; ReiserFS gets into 2.4.1; which is really the fastest web server?
  • Distributions: Niche Linux Distributions rub elbows with Mac enthusiasts, yet more new Linux distributions, Debian runs on the Itanium.
  • Development: Kannel SMS/WAP gateway, Gnucash 2.0, Ximian, XML tools.
  • Commerce: Troubles at VA Linux Systems, IBM and NCSA Create Worlds Fastest Linux Supercomputers in Academia, NuSphere MySQL, new version, training offerings.
  • History: Turbolinux/Pacific HiTech through the years.
  • Letters: LaTeX pronunciation, VA lawsuit and the Linux trademark.
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:


January 18, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Security page.

Security


News and Editorials

InterBase backdoor. A special login account and password was found in the Borland InterBase database source code by German software developer Frank Schlottmann-Goedde and reported this past week. Borland's InterBase was released under an Open Source license last July. Non-Borland developers got access to the source code at that time and were the ones to find and report the login/password problem.

The backdoor was apparently introduced for programmatic reasons, in order to allow one portion of the database to communicate with another portion that was password-protected. The security hole that was subsequently introduced was either not anticipated or not expected to be a problem, since the source code had not been released.

Certainly Borland would not have released the source code in its current state if they had been aware of the backdoor. As a result, their decision to release the source code has done them, and their customers, a service.

Of course, media coverage of the discovery also questioned whether or not the release of the source code increased the risk to the customer. This is based on the premise that the source code was available for six months before the problem was found and presumably an attacker might have also found the backdoor without reporting it.

While possible, this risk is more than offset by the possibility that the backdoor was discovered without access to source, as many vulnerabilities are (check the list of Microsoft vulnerabilities sometime). The backdoor was apparently introduced in 1994, so there has been considerable time in which that discovery could have been made. If not via an examination of the binaries themselves, anyone who worked on the code during that six years may have had knowledge of the security problem. A disgruntled employee, or one bribed for purposes of corporate espionage, etc., could have used or passed on information about the vulnerability.

Now that Borland has issued a patch for the problem (which should be integrated into the next certified release of InterBase 5.X), the issue is moot because the problem is solved. It only took six odd years ... and the release of the source code ... to get it fixed.

See also:

Simple administrative issues open up cgi-bin vulnerabilities. This week, Tamer Sahin reported a vulnerability in the Basilix web-based mail system. The issue was the use of ".class" and ".inc" extensions for files that were actually PHP scripts. As a result, any server using the web mail system that did not also modify its web server configuration to properly interpret ".class" and ".inc" files as PHP exposed information inadvertently.

Obviously, an administrative fix for this problem is fairly simple. Alternately, the blame could be shifted to programmers who choose to use non-standard file extensions. However, since our goal is to build toward security by default, it might also be reasonable to consider this to actual be a vulnerability in the web server itself, which is shipped by default to display all files and all file extensions. If the default administrative option was the most secure, e.g., only display files with extensions that have been defined in the configuration files, then the addition of non-standard file names that aren't defined in the web server configuration files would not open any security holes. Of course, the new mail server wouldn't work until the extensions had been added, but that should be considered the preferable option when security is a priority.

CRYPTO-GRAM newsletter for January. Bruce Schneier's CRYPTO-GRAM newsletter for January is available. It covers a wide range of security-related issues, including the story of alleged mobster Nicodemo Scarfo, whose PGP encryption was defeated by the FBI, which installed a keyboard sniffer on his system.

Security Reports

Ramen worm. For coverage on this week's network-based Ramen word, please check our Front Page.

glibc RESOLV_HOST_CONF preload vulnerability. Charles Stevenson at Terrasoft (Yellow Dog Linux) posted notice of a glibc vulnerability in versions 2.1.9 and higher to BugTraq this past week. The issue is a missing comma in the code, which, as a result, allows the RESOLV_HOST_CONF environment variable to be passed to setuid/setgid programs. This can be exploited to gain local root access.

This week's updates:

glibc local write/ld.so.cache preload vulnerability. Red Hat issued another update to glibc this week to fix a preload-related vulnerability. In this vulnerability, the glibc preload check was not applied to libraries that had already been loaded into /etc/ld.so.cache. This can be exploited to create/overwrite files without authorization. Check BugTraq ID 2223 for more details.

This week's updates:

PHP Apache Module bug. Zend.com posted an advisory reporting a vulnerability in the PHP 4.X Apache Module. The per-directory configuration option to disable the PHP engine incorrectly impacts other directories and can be exploited to expose the source code for PHP scripts. An upgrade to PHP 4.0.4pl1 will fix the problem. Check BugTraq ID 2206 for more details.

dhcp buffer overflow. Caldera released an advisory this week reporting a format string vulnerability in the error logging code for dhcp. They have provided updated packages for OpenLinux. Presumably, this will impact other distributions as well.

SuSE rctab /tmp-related race condition. Paul Starzetz reported a flaw in SuSE's rctab script, provided with SuSE to edit init levels. This flaw can be exploited to overwrite arbitrary files, allowing a denial-of-service attack or, potentially, a local root compromise. Roman Drahtmueller from SuSE confirmed the problem and provided a workaround, along with some corrections to the original report. Updated packages should be forthcoming soon.

Oliver Debon's port of the Macromedia flash plug-in. We have previously reported on problems with the Macromedia flash plug-in and responses from Macromedia. This week, the originally-reported buffer overflow has been recreated in Olivier Debon's unofficial port of Macromedia's flash plug-in to to a variety operating systems, including Linux and FreeBSD. This could potentially be used to remotely execute code under the UID of the Netscape user.

Note that Macromedia also provides their own version of Flash for Linux. A method for determining which flash player you may have installed is provided in the report. If you are using Olivier's version, you will probably want to disable it or replace it with the version from Macromedia until a fix is provided.

jaZip buffer overflow. jaZip, a program for managing Iomega Jazz or Zip drives, has been reported to contain an exploitable buffer overflow. This program is sometimes installed setuid root, increasing the potential impact of the vulnerability, which was tested on TurboLinux systems. For more details, check BugTraq ID 2209.

Multiple vulnerabilities in splitvt. Multiple vulnerabilities were reported in splitvt this week, including several buffer overflows and a format string vulnerability. An upgrade to splitvt 1.6.5 should solve the problems. Check BugTraq ID 2210 for more details.

tinyproxy heap overflow attack. tinyproxy, a small, GPL'd HTTP proxy server, contains a vulnerability to a heap overflow attack. This can be exploited to cause a denial-of-service. tinyproxy 1.3.3a has been released to fix this problem.

exmh symlink vulnerability. A symlink vulnerability in exmh was reported this week. Note that exmh is not a setuid program, so this can only cause a root compromise if root runs exmh directly. However, it could be used by an attacker to cause any user to overwrite a file that they own. No fix for this has been made available so far.

ssh 1.2.30 secure RPC vulnerability. A vulnerability in ssh 1.2.30 was reported this week related to the use of secure-rpc to encrypt private keys. A patch to fix the problem has been made available. Check BugTraq ID 2222 for more details.

cgi-bin scripts. The following cgi-bin scripts were reported to contain vulnerabilities:

  • The Postaci webmail software, when combined with a PostgreSQL backend, fails to check for malicious SQL code in variables supplied by the user. This can allow the execution of arbitrary SQL queries. Check BugTraq ID 2230 for more details.

Commercial products. The following commercial products were reported to contain vulnerabilities:

  • WebMaster's Conference Room, Professional and Developer, a commercial IRC server, is vulnerable to a denial-of-service vulnerability in versions 1.8.1 and earlier. Version 1.8.2 is reported to fix the problem.

  • UltraBoard 2000, a commercial bulletin board system, is reported to contain a default permissions vulnerability that can be exploited to remotely install executable files on the server.

  • Trend Micro's InterScan VirusWall is reported to pass the administrator login and password information in clear-text during password changes, as well to use a weak encryption scheme to encode passwords when encrypted.

  • Trend Micro's InterScan VirusWall is also reported to contain a tmpfile symlink vulnerability that can be exploited to overwrite files with root privileges, possibly allowing a remote root compromise.

  • Veritas Backup is reported to contain a denial-of-service vulnerability via its linux agent. This was apparently previously reported in 1998 without receiving a response from the vendor. No response from Veritas has been posted for this latest alert either.

Updates

Multiple package tmp file race problems. Check last week's LWN Security Summary for the initial report. Immunix reported race conditions in twelve packages: apache, tcpdump, squid, linuxconf, mgetty, gpm, wu-ftpd, inn, diffutils, getty_ps, rdist, and shadow-utils.

The response, of course, has been for up to twelve security advisories to come out from each vendor. As a result, we've broken up the responses to this problem according to the package name, to make it easier to see what distributions still have updates pending.

apache:

diffutils/sdiff:

gpm:

getty_ps:

inn:

mgetty:

linuxconf:

rdist:

shadow-utils:

squid:

tcpdump/arpwatch:

wu-ftpd:

Note that this is not the same wu-ftpd vulnerability currently being exploited by the Ramen Worm. That is an older advisory, covered in more detail below.

Multiple stunnel vulnerabilities. Multiple vulnerabilities in stunnel were reported in December including a potential remote root exploit caused by insecurely-structured calls to syslog and another vulnerability involving the way in which the stunnel process id is logged.

This week's updates:

Previous updates:

Zope local role and DTML editing vulnerabilities. Check the December 21st, 2000 LWN Security Summary for the initial report of these two vulnerabilities.

This week's updates:

Previous updates:

bash tmpfile vulnerability. Check the November 30th, 2000 LWN Security Summary for the original report. This is similar to the tmpfile problems reported in /bin/sh and /bin/tcsh.

This week's updates:

Previous updates:

syslog-ng remote denial-of-service. Check the November 30th, 2000 LWN Security Summary for the original report. Syslog-ng is a syslog replacement with additional functionality. syslog-ng 1.4.9 and higher are no longer vulnerable.

This week's updates:

joe symlink vulnerability. Check the November 23rd, 2000 LWN Security Summary for the original report.

This week's updates:

Previous updates:
  • Linux-Mandrake (November 23rd, 2000)
  • Red Hat (November 23rd, 2000)
  • Immunix (November 23rd, 2000)
  • Debian (November 23rd, 2000)
  • Red Hat, Alpha packages added for RH7 (November 30th, 2000)
  • Debian, the original update didn't work (December 7th, 2000)
  • Conectiva (December 14th, 2000)

Hostile server vulnerability in OpenSSH. Check the November 16th, 2000 LWN Security Summary for details. Upgrading to 2.3.0 is recommended.

This week's updates:

Previous updates:

wu-ftp vulnerability. Check the June 15th, 2000 LWN Security Summary for the original report of this problem. An upgrade to wu-ftpd 2.6.1 should fix the problem.

Note that this is the vulnerability that is currently being exploiting by the Ramen Worm. The wu-ftpd updated listed above under "temp file races" is a new and different vulnerability.

This week's updates:

Previous updates:

Resources

Advanced Host Detection. Guido Bakker posted his white-paper on Advanced Host Detection to BugTraq this week. "Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts".

Passive System Fingerprinting using Network Client Applications. Along a similar vein, Jose Nazario has posted his white-paper on "Passive System Fingerprinting using Network Client Applications". "Passive target fingerprinting involves the utilization of network traffic between two hosts by a third system to identify the types of systems being used".

mobileBugs mailing list. Lukasz Luzar has started a new mailing list, mobileBugs, dedicated to discussion of security issues related to cellular phones and other forms of mobile computing.

Events

Call-for-Papers extended for the IEEE SMC IA Workshop. An extension to the Call-for-Papers for the IEEE SMC IA Workshop has been posted. The workshop will be held June 5th and 6th, 2001, at West Point, New York, USA and is sponsored by the United States Military Academy (USMA), the University of Virginia Systems and Information Engineering Department, and the IEEE Systems, Man and Cybernetics (SMC) Society. Dr. Gene Spafford from Purdue will be one of the keynote speakers.

Upcoming security events.
Date Event Location
February 7-8, 2001. Network and Distributed System Security Symposium San Diego, CA, USA.
February 13-15, 2001. PKC 2001 Cheju Island, Korea.
February 19-22, 2001. Financial Cryptography 2001 Grand Cayman, BWI.
February 24-March 1, 2001. InfoSec World 2001 Orlando, FL, USA.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Liz Coolbaugh


January 18, 2001

LWN Resources
Security alerts archive

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Security Projects
Bastille
Linux Security Audit Project
Linux Security Module
OpenSSH

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Turbolinux
Yellow Dog Errata

BSD-specific links
BSDi
FreeBSD
NetBSD
OpenBSD

Security mailing lists
Caldera
Cobalt
Conectiva
Debian
Esware
FreeBSD
Kondara
LASER5
Linux From Scratch
Linux-Mandrake
NetBSD
OpenBSD
Red Hat
Slackware
Stampede
SuSE
Trustix
turboLinux
Yellow Dog

Security Software Archives
munitions
ZedZ.net (formerly replay.com)

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
LinuxLock.org
LinuxSecurity.com
Security Focus
SecurityPortal
   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Kernel page.

Kernel development


The current kernel release remains 2.4.0. Linus continues to put out 2.4.1 prepatches; the 2.4.1 prepatch is in its eighth revision as of this writing. It contains a number of small fixes, Jens Axboe's block I/O scheduling improvements, and, as of pre4, the ReiserFS filesystem (see below). See Linus's "half-assed changelog" for a quick list of the contents of this patch.

Alan Cox continues to maintain his "ac" series, with the latest release being 2.4.0-ac9. This patch is rather more extensive than Linus's prepatch (7MB, as opposed to just over 1MB for 2.4.1-pre8). Much of what is there is the result of a late kernel code auditing frenzy by a number of people; many questionable things have been cleaned up.

Linus's conservative approach to 2.4 patches is creating a large backlog of stuff waiting to go in. There will be quite a job of merging to do once Linus opens things up again.

No 2.2 kernel prepatches have come out over the last week.

Disk corruption with 2.4.0 and VIA IDE chipsets has been reported by some users. Evidently some VIA chips don't do DMA all that well, leading to unhappy users who, hopefully, have good backups. The maintainer of the driver for VIA IDE is Vojtech Pavlik; his is currently looking for trouble reports in order to be able to pin down just what the problem is. If you have VIA IDE and (1) have seen problems, or (2) are willing to do some testing, consider helping so that this problem can be eliminated.

2.4.1-pre6 also had disk corruption problems due to a mistake in the ReiserFS merge. It was fixed quickly, but it's always good to have an occasional reminder that development kernels can be risky. Those who are interested can read Linus's description of the problem and why he didn't notice it right away:

With a gig of RAM, inodes tend to cache really well.

Now, I'm not saying your filesystem is toast. I'm just saying that if you booted up in pre6, I'd suggest a quick reboot into a better kernel might be a good idea (be a jock, and do a sync and just push the reset button to force a proper fsck when it comes up - just in case).

This problem was discussed as part of a thread on the virtual memory performance of the 2.4.1 prepatch series, which is generally considered to be inferior to 2.4.0.

ReiserFS is in. Last week, remember, Linus announced that he was going to be extremely conservative in accepting patches for 2.4:

In order for a patch to be accepted, it needs to be accompanied by some pretty strong arguments for the fact that not only is it really fixing bugs, but that those bugs are _serious_ and can cause real problems.

Some people were thus rather surprised to see a whole new filesystem show up in 2.4.1-pre4. It's hard to make the claim, after all, that the addition of ReiserFS is fixing a serious bug.

Linus's answer to this surprise is essentially (1) putting ReiserFS into 2.4.1 has been expected for some time; (2) people have been pounding on ReiserFS for quite some time - SuSE, for example, has included it for a while; (3) ReiserFS does not affect anything outside of the filesystem, and (4) no showstopper bugs have shown up, so there's no need for a pure bugfix release.

So what is ReiserFS, anyway? This filesystem, created by Hans Reiser, has attracted interest in recent times due to its journaling capability - it can recover from a crash without the need for a lengthy filesystem checking pass. But journaling was not the original purpose behind ReiserFS - Mr. Reiser has much more ambitious plans than that. For details, have a look at the ReiserFS writeup from the November 11, 1999 LWN Kernel Page. For many, many more details, set aside a block of time and visit the Namesys home page.

For those wanting to experiment with ReiserFS, bear in mind that NFS still can not serve files from a ReiserFS partition. There are patches in circulation to remove that limitation, but they have not yet made it into the kernel tree. (Yes, SuSE's 2.2 distribution features a working ReiserFS NFS, but those patches are not currently in the 2.4.1 prepatch).

Who's the fastest web server of all? One of the more controversial features of the 2.4 kernel is khttpd - the kernel HTTP (web) server. Not everybody believes that this sort of service belongs in the kernel. If it is there, however, it should produce good results. Christoph Lameter decided to run some tests, using the Zeus benchmark, to compare khttpd's performance with boa, a user-space web server. His results:

ServerRequests/second
khttpd197
boa591

Thus, at a first glance, it would seem there's little reason to keep khttpd in the kernel. Of course, the version of khttpd that is in the 2.4.0 kernel does not support persistent connections, which puts it at a disadvantage. But even when persistent connections were disabled for the test, boa came in with 227 requests per second - still more than khttpd.

The story does not end there, however. The author of khttpd - Arjan van de Ven - has a patch which enables support of persistent connections; it just has been kept out of the kernel by the persistent feature freeze. Mr. Lameter reran the tests with the patch applied and got a rather different set of results:

ServerRequests/second
khttpd1144
boa591

With persistent connections enabled, khttpd handles almost twice as many requests as boa; this would, one might think, end the discussion.

Except, of course, that there is another kernel web server out there. Ingo Molnar decided it would be fun to run the same benchmark with the (upcoming) TUX 2.0 patch, along with the zero-copy networking patch (discussed last week). His results: 12,658 requests per second. It's worth noting that Ingo's test ran on different hardware. Nonetheless, TUX is looking pretty good...

The quotes of Chairman Linux. Reading linux-kernel can be fun at times...

On device documentation:

Once you realize that documentation should be laughed at, peed upon, put on fire, and just ridiculed in general, THEN, and only then, have you reached the level where you can safely read it and try to use it to actually implement a driver.

and his poor fortune:

Oh, well. Not everybody can be as goodlooking as me. It's a curse.

Other patches and updates released this week include:

Section Editor: Jonathan Corbet


January 18, 2001

For other kernel news, see:

Other resources:

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Distributions page.

Lists of Distributions
distrowatch
ibiblio
Kernelnotes
Linux.com
LinuxLinks
Woven Goods

Embedded Distributions:
3ilinux
Bifrost
Blue Cat Linux
BluePoint Embedded
Compact Linux
Coollinux
DSPLinux
ELinOS
ELKS
Embedded Debian
Embedix
Etlinux
FlightLinux
Hard Hat Linux
Jailbait
Linux/Coldfire
LEM
Midori
NeoLinux
OnCore Systems
PeeWeeLinux
RedBlue Linux
RedIce-Linux
Royal Linux
RTLinux
Tynux
uClinux
White Dwarf Linux

Handhelds/PDAs
Agenda-VR
Familiar (iPAQ)
Intimate (iPAQ)
Linux DA
PocketLinux
PsiLinux

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux
SmoothWall

Floppy-based
Brutalware
BYLD
Coyote Linux
DLX
Fd Linux
Fli4l (Floppy ISDN/DSL)
floppyfw
Floppix
FREESCO
Linux in a Pillbox (LIAP)
Linux Router Project
LOAF
muLinux
Nuclinux
Proxyfloppy
ShareTheNet
Small Linux
Tomsrtbt
Viralinux_II

CD-based
BasicLinux
BBLCD Toolkit
CDLinux
Crash Recovery Kit
DemoLinux
Devil-Linux
Finnix
Gibraltar
innominate Bootable Business Card
Linuxcare Bootable Business Card
LNX-BBC
MkCDrec
RunOnCD
Sentry Firewall
SuperRescue
Timo's Rescue CD
Ututo
Virtual Linux

Zip disk-based
NBROK
ZipSlack

Small Disk
hal91
MicroLinux
--> Peanut Linux
PKLinux
Relax Linux
TA-Linux
Tomukas
ttylinux
VectorLinux

Wireless
Bambi Linux
Flying Linux

Hardware-specific
(ARM)
ARM Linux
(Beowulf)
Scyld Beowulf
(IBM)
Think Blue Linux
(Oracle's NIC)
NIC Linux
(PA-RISC)
PA-RISC Linux
(Playstation)
Runix
(PowerPC)
Black Lab Linux
LinuxPPC
MkLinux
Yellow Dog
(Sparc)
Splack
UltraLinux
(Older Intel)
ClarkConnect
Monkey Linux
TINY

DOS/Windows install
Armed Linux
DragonLinux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools
K12LTSP
LTSP
Pygmy
Xdenu

Distributions


Please note that security updates from the various distributions are covered in the security section.

News and Editorials

Niche Linux Distributions rub elbows with Mac enthusiasts. Linux Distributors LinuxPPC and TerraSoft (Yellow Dog Linux) were present in force at this year's MacWorld. Although the conference was timed to match the release of this InfoWorld review of SuSE 7.0 on the PowerPC, SuSE wasn't present at MacWorld. Though we haven't verified this, we expect that the other major Linux distributors weren't there either, even though some of them offer PowerPC versions of their distributions.

Why not? Given the number of conferences and expositions around the world demanding their attention, and the cost of attending them all, it isn't too surprising that they didn't find time to make it to MacWorld. For now, with the exception of LinuxPPC and TerraSoft, it was an Apple and Microsoft-dominated event.

In addition, the Mac community is as different from the Linux community as the Microsoft community is. They have their own history, language, and concerns, which may or may not overlap with the concerns of the Linux and Open Source community. We believe the future will overlap more, but for now, there is definitely a gap.

Companies like LinuxPPC and TerraSoft form bridges between communities. By choosing to focus solely on the PowerPC architecture, they also form a closer alliance with the Mac world. Not only can they justify the expenditure of funds to mingle at MacWorld, they couldn't possibly justify missing it.

Within that statement lies the potential future for these companies. They won't ever take over the entire Linux world but their success, presuming they do survive, will rest on their ability to become a known and understood part of both worlds. After all, if you are a Mac enthusiast looking at Linux for the first time, to whom would you rather talk? A large Linux company that sees the Mac world as just another piece of the pie? Or a small Linux company whose livelihood depends on understanding your unique needs and finding a way to support them?

See also:

In Mexico, Net Not a Priority (Wired). Wiring Mexico's schools won't happen at the behest of government - or Microsoft - according to the new President of that country. Instead, it will happen through the private sector, and with open source. "Open source software would solve [the piracy] problem," [Gary Chapman, director of the 21st Century Project] said. "You can get all the functionality without paying the software fees." In fact, Red Escolar, a project that aspires to wire every Mexican school to the Internet, uses free applications Linux and Gnome on its computers, he said.

Distribution Reviews

Windows Meets Linux (Duke of URL). The Duke of URL posted a review of WinLinux 2000. "The hardware support is pretty poor and it would be nice for this distribution to hack the kernel like Red Hat and Mandrake do to include terminology, and maybe even include something like the drivers for the Lucent Winmodem -- since people using Windows generally have devices like that. Before WinLinux can be a serious contender, they need to do some kernel hacking."

New Distributions

BYO Linux. BYO Linux, otherwise known as "Build Your Own Linux", appears to have borrowed the idea behind BYLD, Build Your Linux Disk. BYLD helps you build your own Linux distribution on a single floppy disk. BYO Linux helps you build your own full-size Linux distribution.

The site is nice and heavy on the documentation side. If you've been wanting to build your own distribution but were a bit daunted by how to get started, this will provide an excellent base. Computer science professors might want to take a look ... it would be a nice, though large, assignment to hand out to some truly enthusiastic students.

TA-Linux. A new entrant onto our list of small, disk-based distributions, TA-Linux was built by Kaj-Michael Lang. In size, it runs between 65MB and 250MB. "I had a couple of reasons for making TA-Linux. I was not happy with the distributions out there, except Slackware but Slackware had one problem, it's only for x86 (ok, sparc version is available now, but wasn't when I started to work on this) and I wanted to run an identical distribution on all of my linux capable machines."

For now, the x86 version is the only one available for download, but an alpha version is also promised.

FREESCO. Hoyt Duff dropped us a note to point out the FREESCO distribution, another single-floppy distribution primarily intended to function as a router (FREESCO == FREE ciSCO). They promise that it is "insanely" easy to use.

General-Purpose Distributions

Debian News. This week's Debian Weekly News reports the boot of the first Debian IA-64 system, ported by Bdale Garbee and Randolph Chung. Check the details in this post from Bdale.

Critical to Debian users and developers, 61 long-orphaned packages are scheduled to be officially removed from Debian unless a new maintainer steps up to shoulder the work. Critical orphaned packages include fnlib, a font-rendering library used by Enlightenment applications, tclx8.0.4 (Extended Tcl), the entire SIAG office suite and more. It would be a good idea to check the list carefully to see if there are any programs that you will miss.

For more Debian news, check out this week's Kernel Cousin Debian.

For news on the Debian GNU/Hurd project, check out this week's Kernel Cousin Debian Hurd

Linux-Mandrake and a fully anti-aliased KDE desktop. Information on how to get XFree 4.0.2, freetype2, libqt2 and more all working together to support fully anti-aliases fonts is the topic of this MandrakeForum article. Strictly for the very brave, but the results appear to be worth it: "You really won't believe how utterly beautiful this is, especially if you haven't spent years with those crappy Linux fonts in front of you".

With luck, we'll all be sitting where he is someday. It's nice to know that a more beautiful desktop is definitely getting closer. Note that only a few graphics boards are currently supported in this configuration. In addition, the configuration is apparently quite a CPU and disk hog.

Virtual Linux and CCLinux update. Last week, we mentioned the Virtual Linux project, working to provide a CD-based version of Linux-Mandrake. Since then, several of our readers pointed out that the link we provided for Virtual Linux on freshmeat.net was no longer functioning. We checked with Scoop; the project author was having problems getting his software uploaded. Once those problems are fixed, Virtual Linux should return.

Similarly, reports came in that our link to CCLinux was no longer functioning either. We checked with CCLinux author FBW who confirmed that there were known problems with the server on which CCLinux is hosted. So CCLinux will be back, but there is no estimate yet on when that will be.

Slackware News. Slackware-current has now been upgraded to the Linux 2.2.18 kernel. In addition, glibc 2.2.1 has been installed, replacing the version of glibc 2.2 patched last week due to security issues.

Embedded Distributions

iPAQ Handheld Linux. Linux on the iPAQ has been in the news quite a bit lately, but the announcement of the iPAQ Handheld Linux distribution just hit Freshmeat this week.

Prosa, EtLinux rise from the ashes (LinuxDevices.com). Former Linuxcare embedded Linux company Prosa may be resurrecting the EtLinux distribution it lost when Linuxcare's European facilities were closed. "At this time, a restart of Prosa and EtLinux is in process, under the direction of Davide Barbieri, who was formerly the General Manager of Prosa Labs and later served as General Manager of Linuxcare Italia following Linuxcare's acquisition of Prosa."

Installing Microwindows on the iPAQ (LinuxDevices.com). In part 3 of a series on the history and future of Linux PDAs, Jerry Epplin looks at using Microwindows on the Compaq iPAQ. "Microwindows supports two APIs: the Windows GDI and Nano-X, an X-like API intended for low-footprint applications. On top of Microwindows the toolkit provides FLNX, a version of the FLTK application development environment modified to target Nano-X rather than X."

Mini/Special Purpose Distributions

Minor distribution updates. Here are some minor distribution updates released this week:

  • floppyfw 1.0.9 has been released, fixing the "File system is full" bug.

Section Editor: Liz Coolbaugh


January 18, 2001

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.


Leading
Caldera OpenLinux
Debian GNU/Linux
Linux-Mandrake
Red Hat
Slackware
SuSE
TurboLinux

Also well-known
ASPLinux
Best Linux
Conectiva Linux
e-smith
Kondara MNU/Linux
Progeny
Rock Linux

Non-technical desktop
easyLinux
Icepack Linux
Independence
LibraNet
Redmond Linux
WinSlack

Education
Boston University
kmLinux
LinuxFromScratch
OpenClassroom
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
BearOps
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
cLIeNUX
Complete Linux
Console Linux
Corel Linux
CRUX
Darkstar Linux
DLite
easyLinux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
FTOSX
FullPliant
Gentoo
Go!Linux
HA Linux
Halloween Linux
HispaFuentes
IceLinux
Ivrix
ix86 Linux
J-LINUX
JBLinux
Jurix
KRUD
KSI-Linux
Lanthan Linux
Laonux
LASER5
Leetnux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
LinuxPPP
Linux Pro Plus
Linux-SIS
LNX System
LoopLinux
LSD
Lute Linux
MageNet
Mastodon
MaxOS
minilinux
MSC.Linux
nmrcOS
NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
PLD
Project Ballantain
PROSA
Rabid Squirrel
Repairlix
Root Linux
Scrudgeware
Serial Terminal
Sorcerer
spyLinux
Stampede
Stataboware
TechLinux
TimeSys Linux/RT
Tom Linux
Trinux
Turkuaz
Ute-Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WholeLinux
WinLinux 2000
XTeamLinux
ZipSpeak

Country-specific
Argentina
GNU/Linux Ututo
Britain
Definite Linux
Eridani
China
COSIX
Red Flag
France
Linux/MNIS
Italy
LinuxEspresso
Madeinlinux
Vedova
Spain
Linux Esware
Thailand
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
Dualix
Gentus
Giotto
MCC Interim Linux
OS2000
Storm Linux
Yggdrasil

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Development page.

Development projects


Browsers

Hermes mail access project announced. A new Mozdev project, Hermes, has been announced. "The Hermes project aims to create a means of access that is versatile enough to allow fast and simple access to various web-based e-mail accounts. Currently there is a 'Hermes Hotmail' sidebar tab.. but the aim is to have a better system."

Galeon 0.9 pre1 is out. Version 0.9 pre1 of the Galeon Web Browser has been announced. This version features Mozilla 0.7 compatibility, full screen configurability, and bugfixes.

Education

SEUL/edu Linux in Education Report. The SEUL/edu Linux in Education Report for January 15 is available. The ups and downs of getting Linux systems installed in a school system are discussed.

Ofset packages. The Ofset/Freeduc site has listed several new educational programs for learning chemistry.

Embedded Systems

The Linux-friendly Embedded SBCs Quick Reference Guide. LinuxDevices.com has posted The Linux-friendly Embedded SBCs Quick Reference Guide, a comprehensive overview of single-board computers that can run Linux. If you're contemplating a project that would use one of these products, you probably want to have a look at this page.

Games

Acorn 0.3 screenshots. Take a look at the latest screenshots from the upcoming Acorn 0.3 game for some eye candy. Incidentally, Acorn is being developed on the WorldForge Games site and the organization is currently looking for a new home on the web. If you can meet the necessary server requirements you are urged to contact the project leaders.

Interoperability

Wine Weekly News for January 15, 2001. The January 15, 2001 edition of the Wine Weekly News is out. News includes the January 12 release of Wine, DirectDraw reorganization, Web Browser DLLs, and more.

Network Management

Kannel SMS and WAP gateway v1.0 release, added to Debian. The Kannel project, designed to build an open source SMS (Short Message Service) and WAP (Wireless Application Protocol) gateway, announced the release of version 1.0 along with the news that it was being included in the Debian distribution. SMS and WAP are used for serving data to web-enabled cell phones.

Office Applications

LyX Developer News for January 17th, 2001. The January 17th issue of the LyX Developer News has been published. In this issue you'll find a brief look back at the history of the LyX GUI, news on the LyX 1.1.6 release and a look at mailing list traffic for the project. (Thanks to John Levon)

Gnucash 2.0 development roadmap. Bill Gribble has sent a notice to the gnucash developers list announcing plans for the upcoming Gnucash 2.0 release, which should be out in the second quarter of 2001. There is talk about forking gnucash into two products, one for personal finance and one for small business accounting.

On the Desktop

The People Behind KDE: Gregory (Grisha) Mokhin (KDE Dot News). Continuing with its series on "The People Behind KDE", KDE Dot News interviews Gregory (Grisha) Mokhin.

IBM and their involvement with GNOME. Linuxpower interviews Daniel Frye, Director of IBM Linux Technology Center about IBM's role in the GNOME Foundation. "DF: We're expecting that GNOME will accelerate Linux innovation and the use of Linux as a desktop. GNOME is one of the major efforts that, when successful, will legitimize Linux as a viable desktop."

Helix Code changes name to Ximian. Helix Code, the company headed by GNOME lead man Miguel de Icaza, is changing its name to Ximian, which rhymes with "simian".

Spanish translation of the GNOME User Guide. A Spanish Translation of the GNOME User Guide has been released by the Gnome-es Spanish translation group.

Science

Linux in Science Report #7. Pete St. Onge writes to tell us that issue number 7 of the Linux In Science Report is now online. This issue focuses on internationalization, and includes brief updates on the antiword, cactus, Matrix Math, LyX, and WeirdX projects.

OIO 0.9.6 released (LinuxMedNews). Version 0.9.6 of OIO, the Open Infrastructure for Outcomes has been released. OIO is a patient record keeping system for the medical industry that is built from Zope, PostgreSQL, Apache, and Linux

Web-site Development

Midgard Weekly Summary - January 12th, 2001. The Midgard Weekly Summary for the week of January 12, 2001 is out. Topics include news on the Midgard Web Site, updates on 1.4 and 1.4.1, a revised timetable for Midgard 2 and news on the Midgard IRC channel.

Zope 2.3.0 beta1 released. The 2.3.0 beta1 release of Zope is available. New features include a browser preference screen, a new Quick Start system with pointers to high level learning materials, and more.

PikiePikie Wiki clone. Steve Pike Has Released PikiePikie 0.1, a Wiki clone written in Python.

Section Editor: Forrest Cook


January 18, 2001


Application Links
GIMP
Mozilla
Galeon
High Availability
ht://Dig
mnoGoSearch
MagicPoint
Wine
Worldforge
Zope

Open Source Code Collections
Berlios
Freshmeat
OpenSourceDirectory
Savannah
Le Serveur Libre
SourceForge
Sweetcode

   

 

Programming Languages


Markup Languages

Improve your XSLT coding five ways (IBM developerWorks). IBM developerWorks has run an article by Benoît Marchal on XSLT coding. "Whether you're a beginner with XSLT or a seasoned programmer, you'll surely find that these five tips from Benoît Marchal will improve your coding and give you new ideas. The handful of tips cover using CSS with XSL style sheets (including HTML entities), incorporating client-side JavaScript, working with multiple input documents, and using XSLT to generate style sheets automatically. The article includes sample code to adapt and reuse." Also, on the topic of XSLT, use Perl notes that the Perl XML::XSLT module, version 0.3 is now available.

Creating Web Utilities Using XML::XPath (XML.com). Check out this article by Kip Hampton on using XML::XPath which goes into the process of converting HTML to XHTML with Perl.

4Suite 0.10.1 XML tools. The 4Suite 0.10.1 XML tools for Python have been announced. "4Suite is a collection of Python tools for XML processing and object database management. An integrated packaging of several formerly separately-distributed components: 4DOM, 4XPath and 4XSLT, 4RDF, 4ODS, 4XPointer, 4XLink and DbDOM. The matching 4Suite server is also available.

Perl

January 15 Perl 5 Porters. The January 15 edition of Perl 5 Porters is out. Topics include sigsetjump issues, benchmarks, UTF8 support, Linux large file support, and more.

Cultured Perl: Perl 5.6 for C and Java programmers (IBM developerWorks). Teodor Zlatanov has written an article for IBM's developerWorks that introduces Perl to C and Java programmers. "Perl often bewilders even experienced programmers, primarily because it allegedly makes it too easy to write obfuscated code. But the confusion regarding Perl's structure, features, and philosophy is inevitable given that it's such a rich and powerful language, and that it was designed from the start to allow for more than one way to do the same thing."

PHP

PHP Weekly Summary for January 16, 2001. The January 16, 2001 issue of the PHP Weekly Summary is available. News includes the first O'Reilly PHP Conference to be held July 23-27, 2001 in San Diego, CA, a fix for a PHP security issue, parallel LDAP searching, and more.

Python

Python 2.1 Release Schedule. The release of Python 2.1 is scheduled for 19 Jan, 2001 in alpha form, and the official 2.1 release is scheduled for April 1, 2001.

This week's Python-URL. Here is Dr. Dobb's Python-URL for January 15. Have a look for a list of recent Python software releases, numerous development tips, and a classified article on the future of the Python Secret Underground.

Python 9 Conference Updates. Updates for the 9th Annual Python Conference have been posted. The referred papers Track information has been placed online.

PyXML 0.6.3 available. PyXML 0.6.3, the XML toolkit for Python is now available.

Jython 2.0 release candidate 1 available. Version 2.0 rc 1 of Jython, the Java implementation of Python, has been announced and may be downloaded here.

ImageServer digital photo system. The ImageServer digital photo system has been announced. "Image Server is simple web based digital photo management system. It is used to display, store, annotate, and archive thousands of photos. There are many built-in features to make it easy to display your photos to the world."

FreeImage 2.0.0 is out. Version 2.0.0 of FreeImage, a Python based open-source image format converter, is now available for download.

Tcl/Tk

This week's Tcl-URL. Here is Dr. Dobb's Tcl-URL for January 15 with the latest news from the Tcl/Tk development community.

Tcl/Tk FAQ on the web. Charles Vidal has announced the creation of tcltk.free.fr, an online version of the Tcl/Tk FAQ.

Section Editor: Forrest Cook

 
Language Links
Caml
Caml Hump
Tiny COBOL
Erlang
g95 Fortran
Gnu Compiler Collection (GCC)
Gnu Compiler for the Java Language (GCJ)
Guile
Haskell
IBM Java Zone
Jython
Free the X3J Thirteen (Lisp)
Use Perl
O'Reilly's perl.com
Dr. Dobbs' Perl
PHP
PHP Weekly Summary
Daily Python-URL
Python.org
Python.faqts
Python Eggs
Ruby
Ruby Garden
MIT Scheme
Schemers
Squeak
Smalltalk
Why Smalltalk
Tcl Developer Xchange
Tcl-tk.net
O'Reilly's XML.com
Regular Expressions
   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Commerce page.

Linux and Business


Troubles at VA Linux Systems. On December 9, 1999 VA Linux Systems had a wildly successful IPO. The first day the stock skyrocketed to $320 before closing at $239/share. It was too good to be true for those who bought stock at the opening price of $30. Well, at least for those who sold while the stock was high. As of this writing VA Linux is at $7.12, reflecting the general trend of the Nasdaq since those halcyon days of late 1999 and the recent announcement that the company lowered its expectations for its second fiscal quarter revenue. (Covered on this week's Front Page.)

VA Linux has been named in a class action suit for alleged SEC violations along with Credit Suisse First Boston Corporation, and VA Linux execs Larry M. Augustin and Todd B. Schull. Several law firms have announced their participation. Oddly, a number of these law firms make the same mistake in their press releases: VA Linux Systems, Inc. is shortened to simply "Linux". In the worst case, this usage could be seen as a violation of the Linux trademark; at best references to "the Linux IPO" make these law firms seem clueless. Press releases from Milberg Weiss Bershad Hynes & Lerach LLP in New York, Cauley Geller Bowman & Coates, LLP in Boca Raton, Fla., Bernstein Liebhard & Lifshitz, LLP in New York and Seeger Weiss LLP also of New York, all shorten VA Linux Systems, Inc. to "Linux".

For the press release containing the most information and one that refers to "VA Linux" rather than "Linux" see this one from Wolf Haldenstein Adler Freeman & Herz LLP of New York.

Also involved are Schiffrin & Barroway, LLP of Bala Cynwyd, PA and Charles J. Piven, P.A. of Baltimore, MD. More law firms are sure to jump in as well. There are a number of firms that make their living from cases such as this. The sharks are circling.

It is not clear how much VA Linux Systems itself was involved in the alleged violations. VA is charged with filing a false and misleading prospectus, but the suit mostly revolves around the conduct of Credit Suisse with regard to the VA Linux IPO. It will likely be some time before this issue is resolved.

All of the law firms are looking for "lead plaintiffs" to help their cause. If you bought VA stock before December 6, 2000 and are inclined toward such things, you may be able to participate. See any of the above press releases for more information.

This suit could hurt VA Linux badly. Just how much remains to be seen. It's worth considering, just as a thought exercise, what could happen to VA's community resources (such as SourceForge) should all of those lawyers succeed in dragging the company down. This is ugly stuff.

2.4 Kernel Pre-Production Release Available from VA Linux. VA Linux Systems, Inc. announced the availability of its first pre-production release of the new Linux 2.4 kernel, offered via ftp at ftp://ftp.valinux.com/pub/kernel/, is available as an executable binary compiled and packaged by VA Linux in RPM and DEB formats.

IBM and NCSA Create Worlds Fastest Linux Supercomputers in Academia. IBM and The National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign announced that NCSA will install two IBM Linux clusters, containing more than 600 IBM eServer xSeries systems running Red Hat Linux. NCSA's clusters will have two teraflops of computing power and will be used by researchers to study some of the most fundamental questions of science, such as the nature of gravitational waves first predicted by Albert Einstein in his Theory of Relativity.

IBM Expands AIX Affinity With Linux. IBM today announced its Linux affinity initiative with the introduction of AIX Toolkit for Linux Applications. Available for download over the Web, the toolkit allows developers to build and package Linux applications for use on the IBM eServer(a) family running AIX.

NuSphere MySQL, new version, training offerings. NuSphere Corporation has released version 1.13.5 of its MySQL distribution.

NuSphere has also announced that it has been granted exclusive rights to the "official" MySQL training materials. The training program was developed by Polycon and Monty Widenius; courses will be offered in Massachusetts and California.

Open Source Infrastructure - A Manifesto for the Coming Big Bang. Deutsche Banc Alex. Brown equity research analyst Phil Rueppel today published an industry report, " Open Source Infrastructure -- A Manifesto for the Coming Big Bang." Additionally, yesterday he expanded his coverage of the Linux Market industry by initiating coverage of Red Hat, Inc. (Nasdaq : RHAT) with a BUY rating ($7.0). "Linux and other Open Source technologies continue to demonstrate the characteristics of strong growth, increased customer penetration, and disruptive change -- all factors that create investment opportunities in our view."

Linux Stock Index for January 11 to January 17, 2001.

LSI at closing on 11-Jan-01 38.32
LSI at closing on 17-Jan-01 38.71

The high for the week was 38.72
The low for the week was 38.32

Press Releases:

Open Source Products

Unless specified, license is unverified.
  • B2B ITS Corp. (STAMFORD, Conn.) has released .FIXantenna Engine under an Apache-style license.

  • Lineo, Inc. announced that VPN support, based upon the IPSec standard, has been added to NETtel devices. NETtel devices are released under the GNU General Public License.

  • North Fork Networks (Palo Alto, CA) announced the availability of its new SANiq solution for Linux-based companies. This alpha release of the software is available from NorthForkNet.com under the GNU General Public License.

  • Trustix has released a software updater called SWUP for its secure Linux distribution.

Proprietary Products for Linux

  • Caldera Systems, Inc. (OREM, Utah) announced the release of Caldera Volution, a comprehensive Linux management solution that reduces the cost of implementing and managing Linux systems.

  • Motorola Computer Group (TEMPE, Ariz.) announced that its Advanced High Availability Software for Linux (HA Linux) was awarded Product of the Year by both Internet Telephony Magazine and Communication Solutions Magazine.

  • Real-Time Innovations, Inc. (SUNNYVALE, Calif.) released StethoScope for Linux, the visualization tool for monitoring and analyzing embedded and real-time applications.

  • SteelEye Technology Inc. (MOUNTAIN VIEW, Calif.) announced an extension of its LifeKeeper Next Generation Enterprise Reliability platform to protect the uptime of Linux-based print servers.

  • SuSE announced the availability of a 2nd generation email server package called SuSE eMail Server II.

  • Tamino Software AG (SAN RAMON, Calif.) announced its native XML database, now runs on SuSE Linux AG's Linux Enterprise Server for S/390.

Products and Services Using Linux

  • Conversay (REDMOND, Wash.) announced its speech recognition technology will be licensed to a Linux PDA being developed by Language Bank and Shin Information Systems (SHINS), both of Seoul, South Korea.

  • Corridor Software, Inc. (GREENBELT, Md.) announced a February 28 release date for its Linux-based Connection Server software. The first beta versions are undergoing internal testing and Corridor will begin shipping the software to qualified testers and resellers around the country in the next two weeks.

  • Fujitsu-ICL Systems Inc. (NEW YORK) announced the Liberator, a new Linux-based point-of-sale software solution that supports and enhances existing IBM 4690 point-of-sale (POS) applications.

  • HELIOS Software GmbH (HANNOVER, Germany) announced the availability of remote Internet Printing, a major new feature of HELIOS PDF Handshake 2.0 now shipping on HELIOS distribution CD016.

  • LAND-5 Corporation (SAN DIEGO, CA) announced that it has certified ICP vortex Corporation's PCI RAID controllers with its Linux-based iceNAS software for network attached storage.

  • Sphera Corporation (NEW YORK) announced AutoHost, a dedicated Linux server line designed for premium Web hosting.

Products with Linux Versions

  • Access360 (IRVINE, Calif.) announced that its flagship software, enRole, now has the capacity to provision access rights to over 50 computing resources - from databases and operating systems to security systems and applications.

  • AMD and Virtutech (SUNNYVALE, Calif.) announced the two companies are working together to further enable the development of software supporting AMD's next-generation Hammer family of processors. They have jointly developed a high-performance tool, codenamed "VirtuHammer", that will allow software developers to write and test 64-bit programs in preparation for the planned commercial introduction of the next-generation AMD processors in the first half of 2002.

  • AVIDWireless (IRVING, Texas) announced the release of AVIDRapidTools 1.2, a wireless application server for the desktop.

  • BindView Corporation (HOUSTON) announced the bv-Control Security Management Suite, an enterprise-class security and policy enforcement solution.

  • Cyrusoft International, Inc. (PITTSBURGH) announced a February 2nd ship date for the Unix-based version of their Mulberry Email Client package. The software is currently available for public testing and download at the company's website. Versions of Unix currently supported by Mulberry include Red Hat Linux versions 5 and later and equivalents, Linux PPC 2000, Solaris 8 and later (x86 and Sparc).

  • FirstPeer (SAN DIEGO) announced the release of Personal Servant, an open unifying platform for bringing together applications, devices and people in the new peer-to-peer paradigm. Personal Servant can be downloaded for free.

  • iMimic Networking Inc. (HOUSTON) announced the new release of DataReactor Core Version 2.1 Web caching software.

  • Ipedo, Inc. (REDWOOD CITY, Calif.) introduced the Ipedo Directory Cache, a dynamic LDAP directory cache. It's available for Red Hat Linux, licensed on a per server basis starting at $25,000.

  • MAPICS, Inc. (ATLANTA) announced the immediate availability of Point.Man release 6.0, providing customers with expanded international and collaborative e-business capabilities.

  • MetiLinx, Inc. (SAN MATEO, Calif.) announced the general release of iSystem Enterprise, a solution for system optimization of networked server systems.

  • MicroVault Corp. (HUNTINGTON BEACH, Calif.) announced the release of NetCourier Secure Document Delivery System, Version 2.0, an e-mail-based solution that permits message recipients to receive and decode encrypted documents.

  • ParaSoft (Monrovia, CA) announced the release of WebKing 3.0, a development and testing tool that improves the reliability of dynamic n-tier Web sites.

  • Sanchez Computer Associates Inc. (MALVERN, Pa.) announced it has extended the logical dual site database replication feature of its GT.M database product to run on multiple operating platforms, including x86 GNU/Linux.

  • SSH Communications Security (HELSINKI, Finland) announced SSH Secure Shell 2.4, a new version of its encryption technology.

  • Sun Microsystems, Inc. (PALO ALTO, Calif.) introduced Sun StorEdge T3 array support for Windows NT, HP-UX, IBM AIX and Linux system platforms.

  • V Communications (SAN JOSE, Calif.) announced that DriveWorks, a wizard driven integrated solution for hard drive management including partitioning, copying, imaging and backing up hard drives, is shipping now.

  • YesSoftware (SAN FRANCISCO) announced the launch of the pre-release version of CodeCharge, a code generation application for database publishing on the web.

Books and Training

  • InfoCan Management is launching a world tour on Internet, Kylix and Palm cross platform development. This is a 2-day seminar that is designed for both Delphi and Linux users. Kylix is Borland's component-based rapid application development environment for Linux.

  • Kaivo (DENVER) announced that they will be partnering with Python developer Mark Lutz to deliver Python education and training with a three day course, "Python for Programmers".

  • Red Hat, Inc. (RESEARCH TRIANGLE PARK, N.C.) announced the expanded availability of its RHCE training and certification program, as well as other Red Hat training offerings.

Partnerships

  • BluePoint Linux Software Corp. (LOS ANGELES) announced that it has signed an agreement with Shenzhen Launch Computer Co., Ltd. According to the agreement, BluePoint will develop BLUEPOINT EMBEDDED based PDA Operating System for Launch Computer. BluePoint will also provide BLUEPOINT EMBEDDED Development Kit, training and technical support. Launch Computer intends to develop automobile diagnostic tools and other automobile service related applications on the PDA Operating System.

  • BSDi (COLORADO SPRINGS, Colo.) and Korea Telecom Internet Solutions (KTIS) announced a channel partnership through which KTIS will provide BSDi software and solutions to the Korean market and provide technical support for the FreeBSD open source operating system.

  • DecisionOne (FRAZER, Pa.) announced that it has been selected by Data Engines as the exclusive installation support provider for the company's iServiceOne product, a Linux-based Security Gateway Server.

  • Digital Creations (RICHMOND, Va.) announced a partnership with bayMountain, a provider of Linux-based managed hosting services. As part of this partnership, bayMountain will provide server clustering expertise and services in support of Zope.org, Digital Creation's high-traffic Open Source development site. In addition, bayMountain will provide the infrastructure foundation for Digital Creations' new content management solution, to be released later this year.

  • Merilus Inc. (VANCOUVER, British Columbia) signed a Memorandum of Understanding with Sun Wah Linux Ltd. The two companies will cooperate in the development, offering and promotion of network security, management and communications systems in the field of education and specifically to education institutions of the Hong Kong Education Department and to the Education Ministries of the provincial governments of the People's Republic of China.

  • Motorola (SCHAUMBURG, Ill. and BRISBANE, Calif.) announced an alliance with CollabNet to provide free web-based project hosting, a collaboration environment, and code storage as part of the Motorola iDEN Subscriber Group's comprehensive developers' support program.

  • WordWalla, Inc. (FREMONT, Calif.) has joined three key industry organizations to participate in the development and understanding of new, emerging technologies and markets -- the Embedded Linux Consortium, LISA and the Unicode Consortium.

  • Zend Technologies (BALTIMORE) announced that it will provide its expertise in PHP for use with the Intel Itanium architecture. As part of this working relationship, Zend will provide developers with a custom PHP solution for optimum performance on Intel's forthcoming Itanium processor.

  • ZF Linux Devices (PALO ALTO, Calif.) announced that the company will bundle Wind River's VxWorks real-time operating system with ZF Linux Devices' MachZ SOC.

Personnel

  • Digital Creations (FREDERICKSBURG, Va.) announced that it has hired industry executive Thomas Morling to expand its sales and marketing operations.

  • Mission Critical Linux, Inc. (LOWELL, Mass.) announced that former Senior EDS Executive Dennis Hickey has joined their team as Vice President of Sales.

  • Penguin Computing Inc. (San Francisco, Calif.) announced that it has appointed Martin D. (Marty) Seyer as its president and chief executive officer. Seyer will also join the Penguin Computing board of directors.

Linux At Work

  • 1mage Software Inc. (DENVER) announced that the Grandview Heights Public Library, Grandview, Ohio, has selected the document imaging and management system from 1mage. The library plans to have digitized images, maintained on a server using the Linux operating system, made available via the Internet worldwide and through the library's online catalog.

Other

  • CollabNet (BRISBANE, Calif.) announced that the online community, mozdev.org, is rapidly gaining developer support and is becoming the premier online community for Mozilla-based projects that are not hosted by mozilla.org.

  • eWEEK (MEDFORD, Mass.) announced OpenHack III, an open challenge to penetrate and corrupt a fictitious Internet service provider (ISP) and e-commerce site being established by Argus Systems Group.

  • LinuxPPC Inc. (WAUKEHSA, Wisconsin) gave away more than 1,000 LinuxPPC CD-ROMs at Macworld Expo in San Francisco.

  • The PHP Group (BALTIMORE) announced that PHP (PHP Hypertext Preprocessor), the open-source Web scripting language, is now found on more than five million Web domains, according to Netcraft.

Section Editor: Rebecca Sobol.


January 18, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Linux in the news page.

Linux in the news


What does "Press" mean? Here at Linux Weekly News we scour the planet each week looking for interesting articles that relate to Linux and the Open Source world. Not all of the articles that we find are meaningful, and unfortunately, many articles each week are simply retreads - older stories retitled and flung out under a different banner of some megamedia giant's slew of online papers. Filtering out the good articles is time consuming, but that's what we do for you, our loyal readers.

The stories that we point to in the Linux in the News page are judged by us to have some value to at least some of our readers, but don't necessarily fit into the categories covered by the other LWN pages.

Recommended Reading

Suit accuses VA Linux of deceiving investors (News.com). News.com covered the VA Linux investor lawsuit. "The suit, which also names the company's lead underwriter, Credit Suisse First Boston, says VA Linux failed to reveal in its prospectus that Credit Suisse promised shares in the stock offering to investors who pledged to buy more shares in the aftermarket at predetermined prices."

Later, Business Wire reported that the law suit was being filed by Cauley Geller Bowman & Coates, LLP on behalf of all individuals and institutional investors - i.e. as a class action law suit. Numerous other law firms posted press releases seeking to take part in the suit as the week progressed.

It should be noted that at least one of the suits wrongly refers to VA Linux as simply Linux, see this week's LWN Letters section for more on that.

Linux Plus Itanium Equals Whoosh (Wired News). Using Linux clusters for large scale computational science projects was the subject of this article from Wired. "'Because of Linux clusters -- which are cost-effective, scalable and integrate open source software with vendor solutions -- commodity-based supercomputing is now a reality. This allows us to explore nature's most exotic phenomena, such as black holes, with much more detail and at much lower cost than ever before,' Seidel said."

Modern Operating System, Interface Are Ripe for Change (Los Angeles Times). In this article from the LA Times, Jef Raskin, original project leader for the Macintosh, said that software developers in both the proprietary and open source worlds need to rethink PARC's 30 year old Altos-styled windowing interface. "People are finally beginning to realize that this interface that was developed back in the '70s and '80s isn't really hacking it," Raskin said, but there's "no revolutionary fervor anymore."

Companies

Turbolinux, Linuxcare heading toward a merger (News.com). News.com carried an article on the apparent merger plans between Linuxcare and Turbolinux. "The merger would be a dramatic change of direction for both companies." See the front page for more news on this issue.

Former Compaq execs in server start-up (ZDNet). Here's a ZDNet article on a startup called RLX Technologies, which will be building servers based on Transmeta chips and Linux. "RLX is one of several start-ups designing 'ultra-dense' servers to meet the economics of Web-site hosting. For companies that house and manage thousands of computers for Internet operations, such very small machines allow them to collect more fees per square foot of computer room."

Compaq rock stars reunite (Red Herring). The Red Herring reported on the founding of RLX Technologies. "Today, servers based on Crusoe and Linux may pose a similar threat to PC servers. Because Crusoe is smaller than the Pentium, it could eventually cost less to produce than Intel's chip, while providing comparable processing power. Linux is free and rivals the performance of Microsoft's Windows 2000 Server, which retails for as much as $640."

Lineo scraps IPO (ZDNet). ZDNet took a look at Lineo's IPO withdrawal. "The canceled IPO is because of drops on the Nasdaq market, not because of problems with Lineo's own business, [CEO Bryan] Sparks said."

Prosa, EtLinux rise from the ashes (LinuxDevices.com). The former Linuxcare embedded Linux company Prosa may be resurrecting the EtLinux distribution that it lost when Linuxcare's European facilities were closed. "At this time, a restart of Prosa and EtLinux is in process, under the direction of Davide Barbieri, who was formerly the General Manager of Prosa Labs and later served as General Manager of Linuxcare Italia following Linuxcare's acquisition of Prosa."

Business

IBM-TurboLinux Deal Pushes Windows Alternative (NewsFactor/Yahoo! News). Newsfactor examined the IBM-Turbolinux deal. "In September, IBM announced that it would spend $200 million over the next four years to build seven new Linux development centers. The role of the new Linux hubs, to be erected in Tokyo, Shanghai, Beijing, Taipei, Seoul, Sydney and Bangalore, India will be to work in conjunction with local developers on Linux application software."

CollabNet inks development deals with Motorola, Mozilla (News.com). News.com also examined CollabNet's deals with Motorola and the Mozilla project. "CollabNet will host a site to help programmers collaborate on writing software for Motorola's upcoming Java-enabled iDEN cell phones. The site uses CollabNet's SourceCast service, which enables features handy for collaborative work such as mailing lists, bug-tracking and control over programming project updates. SourceCast also is at the heart of a site called Mozdev run for the Mozilla group to house projects related to Mozilla, the open-source version of the Netscape Web browser."

Free MP3.com technology takes cue from open-source movement (News.com). MP3.com announced this past week that it plans to provide free access to its extensive online music database and streaming technology to developers. "Web developers who take advantage of the offer could create their own online music locker services without paying any licensing fees, said MP3.com's Oien. In addition, consumer electronics companies could create devices, such as portable MP3 players, that tap into MP3.com's online database."

Reviews

Instant Messaging on GNU/Linux, Part 2: ICQ (LinuxOrbit). In the second in a series on instant messaging solutions for Linux, LinuxOrbit reviewed three ICQ clients for Linux: GnomeICU, LICQ, and Kicq.

New Linux kernel arrives with little fanfare (Upside). Upside's look at the 2.4 release mentioned the new 2.6 pool, Microsoft's view of Linux as a threat, Corel's likely sale of its Linux division and the name change for Helix Code. "Microsoft president Steve Ballmer officially rated Linux "threat No. 1" among competitors trying to chip away at Microsoft Windows' market share."

Traffic analysis almost for free (ZDNet). ZDNet shows how to build a low cost network traffic analysis tool out of a Linux-based PC and the open sourced iptraf package. "Iptraf version 2.3.1 provides network managers with a console-based network statistics utility that is easy to install, a snap to use, and robust enough to win a permanent place in our network management toolkit."

Interviews

Free software pioneer hacked over sloppy use of computer terms (Dallas Morning News). The Dallas Morning News ran a profile on Richard Stallman this past week. "Many are irritated by Dr. Stallman's boundless determination to correct the errors of sloppy computer historians and espouse the glory of the Free Software Movement. But as longtime research associate Chris Hanson told Salon magazine last year: 'Richard is a genius, a man with a clear and unusual vision, and like others before him, he comes in a quirky and difficult package.'"

Red Hat CTO looks to make running Linux less of a chore (News.com). News.com interviewed Red Hat CTO Michael Tiemann. "I think Red Hat is extremely happy with the quality of people that we've been able to attract and retain at our company. The open-source community is in this relatively unique position compared to the proprietary community in that the open-source developer has complete freedom of choice about what they work on and who they work for. So I think we will continue to hire the people that we need to get our job done, but I don't think it's necessary or necessarily even proper to try to hire the entire open-source community. That's not our strategy, and that's not our plan."

Miscellaneous

Much ado about kernels (ZDNet). Evan Leibovitch still thinks there's too much hoopla over the 2.4 release, and that it is just another minor step forward from 2.3. "These facilities have been around for weeks, even months, in the 2.3 development kernels. Nobody who really follows Linux is being taken by surprise, which is another reason why you don't see much rejoicing among real developers and users. If you really want to follow what's happening with the Linux kernel, read the weekly recaps in Kernel Traffic."

Frigid but fun times in the open source world (ZDNet). Evan Leibovitch followed with another story stating that the Linux community, at least the commercial side of it, is moving in the right direction. "We have rebounding stock prices, new goodies from the developers, and even indirect help from our adversaries. What more could one ask for?"

Further Linux testing in store (ZDNet). eWeek said that more testing of the 2.4 kernel is expected in the near term from the Linux community, in some cases for major new features like journaling file systems. "IBM will be working with the community and contributing to further 2.4.x releases and the 2.5 kernel in the areas of Logical Volume Manager and clustering, including ongoing MOSIX projects such as scalable Web servers, cluster installations for quick configuration of a MOSIX cluster and Network RAM for large processes that span the main memory of several nodes."

Linux sails in New Zealand. The New Zealand Herald carried a couple of stories on Linux this week. The first covered one sailmaker who used a Linux cluster to help design a new sail using a new program to calculate air flow around the sail. "The entire cluster [of 8 PCs] cost $15,000. In contrast, the Linux clusters Weta Digital is using to render graphics for the Lord of the Rings films, which use SGI hardware, are costing about $15,000 a processor."

In another article, the paper reported on the merger of SCO and Caldera and the Linux marketplace in general. A shop assistant at the Auckland geek haven Dr Floppy noted, "What's hot was the German-made Suse Linux, whose $196 professional version came with six CDs of software. If you can't find what you need in there, you've really got a problem." (Thanks to Andrew Simpson for both pieces)

Microsoft Gets Some MacLove (Wired). Wired said that LinuxPPC's booth was empty at MacWorld, compared to the normally unloved Microsoft booth. "This year when Wired News visited, president Jeff Carr was sitting alone at the small booth in the Sci-Tech/Small Business section, tucked away at the back of the hall. His three-foot penguin, the famous Linux mascot, hadn't arrived, and neither had the booth's biggest attraction, a stack of free installer CDs."

But Kai Staats replied that Terra Soft Solutions was faring much better. "And now, nearly one third of the booth attendees are repeat customers, upgrading to our latest product or asking technical questions about Yellow Dog."

NT remains hackers' favourite (vnunet.com). According to this vnunet.com article, NT is the most attacked server platform on the Internet. "Last year saw Windows NT steaming ahead yet again as the most hacked web server operating system, with the majority of defaced pages sitting on compromised NT boxes." (Thanks to Karl Vogel)

Ex-Dell/NCR exec joins Penguin Computing. Penguin Computing announced that ex-Dell and NCR executive Marty Seyer joined the company as the new President and CEO. Founder Sam Ockman remains as Chairman and Chief Technology Officer.

Section Editor: Michael J. Hammel


January 18, 2001

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Announcements page.

Announcements


Resources

LinuxUser issue 6. The latest articles from LinuxUser are now available in PDF format. The cover feature is "Linux goes to Hollywood."

Linuxloopup.com Tip of the Week. Making really big files... without making really big files using dd.

Events

Jeff Waugh's Linux.conf.au diary. Linux.conf.au organizer Jeff Waugh has put up an event diary describing the preparations for the conference, which is happening this week.

London XML DevCon 2001 Conference to Focus on Global eBusiness and Enterprise XML. XML DevCon Europe Spring 2001, presented February 21-23, 2001 will offer workshops, panel discussions and classes about Web Services, programming XML applications, and global eBusiness initiatives (ebXML and UDDI).

German Perl Workshop. The 3rd non-profit German Perl Workshop is open for registration. The workshop runs February 28 - March 2, 2001 in Sankt Augustin, Germany. Early bird registration continues until January 31.

LinuxForum 2001. LinuxForum 2001 will be held on March 3, 2001, in Copenhagen, Denmark. This year's presentations include Matthias Ettrich (KDE+TrollTech): Components - Universal Interoperability; Dirk Hohndel (SuSE+XFree86): XFree86 - about People and Technology; Wichert Akkerman (Debian): Debian - what's this then?; as well as Danish speakers on many exciting topics.

Embedded Systems Conference San Francisco. CMP Media announced the conference program for the Embedded Systems Conference San Francisco. The twelfth annual Embedded Systems Conference, running from April 9 - 13, 2001 at San Francisco's Moscone Center, provides a total of 171 classes, and 15-full day tutorials, including 95 entirely new sessions.

The second Annual Symposium on Pliant Implementation and Concept. (ASPIC) will be held in Paris, France on April 20, 2001. Dedicated to the (GPL) Pliant programming language.

Libre Software Meeting. The second annual Libre Software Meeting will take place near Bordeaux, France from July 4 to July 9, 2001.

O'Reilly Open Source Software Convention. O'Reilly & Associates announced a call for papers for the 3rd annual Open Source Convention. The Open Source Convention is a five-day event designed for programmers, developers, and technical staff involved in Open Source technology and its applications. The convention will be held at the Sheraton San Diego Hotel and Marina, San Diego, California, July 23-27, 2001.

January/February events.
Date Event Location
January 17 - January 20, 2001. linux.conf.au University of New South Wales, Sydney, Australia.
January 21 - January 23, 2001. First Annual International Linux Plug Fest Embassy Suites Hotel, Burlingame, CA.
January 23 - January 24, 2001. Linux Expo - Amsterdam Amsterdam, Netherlands.
January 23 - January 24, 2001. EuroZopeCon Amsterdam at Linux Expo Amsterdam, Netherlands.
January 29, 2001. New York Mozilla Developer Meeting CollabNet office, New York, NY.
January 30 - February 2, 2001. LinuxWorld Conference & Expo Jacob Javits Convention Center, New York, NY.
January 31 - February 2, 2001. Linux Expo Paris Paris, France.
February 3 - February 4, 2001. Open Source and Free Software Developers' European Meeting Brussels.
February 6 - February 8, 2001. Real-time and Embedded Systems Forum Doubletree Hotel, San Jose, California.
February 14 - February 16, 2001. O'Reilly Peer-to-Peer Conference Westin St. Francis Hotel, San Francisco, California.
February 21 - February 23, 2001. XML DevCon Europe 2001 Novotel London West Hotel and Convention Centre, London, England.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.

User Group News

Lane Community College Open Source Computer Group. The LCC-OSCG recently announced its existance. They would like to create an open source community at LCC, help students integrate open source tools and philosophy into their education, and connect students with the larger open source community.

LUGOD Installfest. The Linux Users' Group of Davis and the UC Davis Computer Club will be holding a Linux Installfest on Sunday, January 21st, from 10:00am - 6:00pm.

LUG Events: January 18 - February 1, 2001.
Date Event Location
January 18, 2001. St. Louis Unix Users Group (SLUUG) - Linux SIG St. Louis County Library, Indian Trails Branch, St. Louis, Missouri.
January 18, 2001. Rice University Linux Users Group (RLUG) Rice University, Houston, TX.
January 20, 2000. North Texas Linux Users Group (NTLUG) Nokia Centre, Irving, Texas.
January 20, 2001. Eugene Unix and GNU/Linux User Group Eugene, Oregon.
January 20, 2001. Silicon Valley Linux Users Group Installfest Computer Literacy Bookshop, San Jose, CA.
January 21, 2001. Beachside Linux User Group Conway, South Carolina.
January 24, 2001. Linux User Group of Assen Assen, Netherlands.
January 27, 2001. Central Ohio Linux User Group Columbus, Ohio.
January 30, 2001. Hazelwood Linux User Group (HZLUG) Prairie Commons Branch Library, Hazelwood, Missouri.
February 1, 2001. Edinburgh Linux Users Group (EDLUG) Holyrood Tavern, Edinburgh, Scotland.

Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format.


January 18, 2001

   

 

Software Announcements


Here are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways:

Sorted by section and Sorted by license

 

Our software announcements are provided courtesy of FreshMeat

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Linux History page.

This week in Linux history


Five years ago: a company called, then, Pacific HiTech (they now call themselves Turbolinux) hawked its latest product: the January '96 Linux Monthly CDROM. It included, among other things, a Python.org snapshot, the 1.3.45 kernel, Postgres95, and the latest Debian boot and root disks.

Four years ago: Pacific HiTech release its new product: "Turbo Linux Red Hat 4.0". The "Turbo Linux" distribution has, of course, come a long way since then...

Two years ago (January 21, 1999 LWN): ZDNet looked at what Pacific HiTech had in mind:

Coming out in March will be Pacific HiTech's new TurboLinux Enterprise Server 3.0, bundled with numerous apps, including five licenses for the Oracle 8 database. [CEO Cliff] Miller, eyeing the higher-end corporate marketplace, is mulling over a starting price of several thousand dollars.

Well, it was a nice idea...

Samba 2.0 was released after a long development period. Such was the stability of that release that, two years later, the world is running happily with 2.0.7 (though a 2.2 alpha release is available).

The "Windows refund" movement got started after a couple of Linux users managed to get their money back for the (unused) Windows software that came with their new computers.

Corel sold its Netwinder division to a company called Hardware Canada Computing - since renamed Rebel.com.

The current development kernel was 2.2.0pre8 - one of the last steps in the path to the 2.2.0 release.

Debian 2.1 ("slink") went into "deep freeze" prior to its official release - which was, of course, longer in coming than expected.

TurboLinux 3.0.1 was released. It was the first version of TurboLinux to be sold as a boxed set.

One year ago (January 20, 2000 LWN): The first serious enforcement of the Linux trademark came about, in the form of a shutdown of an auction of 250 Linux domain names. These names included useful domains like "LinuxOnSteriods.com" and "ScreaminLinux.com." Alas, Linus shut down the auction and those names remain unused.

Linuxcare filed for its initial public offering of stock; interested folks can read our summary of that filing. This IPO never happened, of course, due to a combination of unfriendly markets and internal troubles at Linuxcare.

The development kernel release was 2.3.39. It became increasingly apparent that a 2.4.0 release was not going to happen anytime soon after Linus let in a number of major changes.

Debian 2.2 ("potato") went into code freeze:

"The code freeze for the next Debian release, code named "potato", has begun", says Richard Braakman, current Debian Release Manager. He expects the freeze process to take about two months.

2.2 was actually released in August... Linux-Mandrake 7.0 was released, as was Red Hat 6.1 for the Alpha architecture.

The world finally found out what Transmeta was up to.

Turbolinux announced the closing of a $57 million funding round.

   

Sections:
 Main page
 Security
 Kernel
 Distributions
 Development
 Commerce
 Linux in the news
 Announcements
 Linux History
 Letters

See also: last week's Letters page.

Letters to the editor


Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.

January 18, 2001

   
To: letters@lwn.net
Subject: Pronunciation of LaTeX
From: Alan Shutko <ats@acm.org>
Date: 11 Jan 2001 15:43:00 -0500

As I have a pet peeve about people declaring the way I pronounce words
invalid, I feel the need to point out 

http://www.tex.ac.uk/cgi-bin/texfaq2html?keyword=&question=9

In other works, it has been mentioned that Lamport would make an
effort in talks to pronounce LaTeX in as many ways as possible, so as
to avoid any connotation of an official spelling.

Why we geeks get in such pronunciation wars is beyond me (reference
the GIF saga and old Linux FAQs saying it was permissable either way)
but please, leave my Lay-Tek alone!

-- 
Alan Shutko <ats@acm.org> - In a variety of flavors!
It's always darkest just before it gets pitch black.

   
From: veitc <veitc@sovereign.org>
Date: Wed, 17 Jan 2001 16:04:44 -0700
To: lwn@lwn.net
Subject: Linux trademark concern - VA Linux lawsuit

I'm not a lawyer so the following opinion needs a little
research. I am just concerned with seeing more discussion on 
this topic.  This is also the best way I could come up with 
to contact people in the Linux community on this issue.

Your story on the VAlinux lawsuit a few days ago was
interesting. I looked at the law firms complaint and press
release and then sent them mail (which I have attached below).
I complained about their use of the trademark 'Linux' as
shorthand for VA Linux.

Just yesterday I noticed that three more law firms have
also initiated class action suits against VA.  Apparently
all the new lawsuits also use exactly the same abbreviation
for VA Linux in their complaints. (It could be cut and paste  
at its finest or perhaps a conspiracy?)

While it isn't my place to decide if these cases have merit,
I am very concerned about the way all of these firms have used
"linux" as shorthand in the legal docs for "VA linux".  Although
the use of shorthand is common in legal documents I believe that
the use of a trademark in this generic manner is bad for the holder
of the mark.  The fact that this error has also found its way
into the press releases from these firms is damaging to the 'Linux'
trademark (held by Linus Torvalds, who is not involved with VA).   
And perhaps is damaging to the business of other Linux vendors.

Whether this is a simple mistake or intentional misuse on the
part of these firms is unknown.  In any case this reflects badly
on the entire Linux community. If the Linux trademark is not
protected with legal action of an appropriate sort I suspect it
could be destroyed as a trademark and become a generic term.

I guess my interest is in seeing some follow-up info.

1. (From someone with real Legal knowledge) Is this really a  
potential problem?

2. If so, how bad is this situation?

3. Is Linus aware of this, what does he think?

4. Is anyone (perhaps Linus), pursuing action to have these documents
corrected and having the involved law firms issue press releases
correcting the usage?

Regards,
Curtis Veit
veitc@sovereign.org

------------ My email to Milberg Weiss ----------------------
 
Please forward to the VAlinux class action staff.

To whom it may concern:

Your complaint in the VAlinux case has a significant
flaw in that you have shortened the name VAlinux to
Linux in the document. In most cases a shorthand
reference such as this would be acceptable, however
in this case 'Linux' is a registered trademark which
is not held by VAlinux. (It is held by Linus Torvalds)
Its use in this case and in this manner reflects
badly on other Linux vendors not implicated in
this case.  I highly recommend that you review
this matter and correct it. This case may become
highly visible and could cause harm to these other
vendors. If this indeed happens your firm might find
itself involved in litigation for this incorrect use.

Personally I am not a lawyer but this is offensive to
me a a Linux user and as an employee of a firm using
Linux. I believe that your error was not intentional,
but instead reflects your lack of knowledge of the
Open Source software community and the Linux trademark.
(I suspect that using 'VA' as shorthand will be less
problematic.)  I write to you directly because I believe
that you may have time constraints on modifying court
documents. In case you do not understand the importance
of this issue I will be informing a number of these
firms that may be harmed so they can pursue legal  
action should that be appropriate and needed.

I am also informing Linus Torvalds as I believe allowing
use of a trademark in a public document in an incorrect
manner weakens its validity.

I hope you find this information useful. I find   
informal (early) solutions to problems such as these
far better than the alternative.

Regards,

Curtis Veit


   
To: letters@lwn.net
Subject: Palm Pilot Sync
From: MJ Ray <markj@luminas.co.uk>
Date: 12 Jan 2001 09:37:24 +0000

Just a quick note to say I'm amazed not to see ColdSync in the line up
of tools for syncing with Palm.  This command-line tool can handle
syncing with a single command and start off conduits etc.  I'm
surprised not to see it used more widely.

While I'm writing, I'd just like to praise the authors of GPL'd Palm
software (eg CSpotRun) and palmfreeware.com for being great tools!
-- 
MJ Ray                                       Email:  markj@luminas.co.uk
Director                                       Tel:  +44 (0)20 8553 6622
Luminas Internet Applications                  Fax:  +44 (0)870 28 47489
This is not an official statement or order.    Web:    www.luminas.co.uk

   
Date: Fri, 12 Jan 2001 08:47:14 -0800 (PST)
From: "Roderick A. Anderson" <raanders@altoplanos.net>
To: letters@lwn.net
Subject: Linux 2.4 - the Real Millenium Edition

I, at last, figured out what the true reason for the delay of the 2.4
kernel.  Linus wanted a true 'Millenium Edition'.  I'll also bet there
are far fewer bugs in this then the other ME.


Rod
--
Roderick A. Anderson
raanders@altoplanos.net               Altoplanos Information Systems, Inc.
Voice: 208.765.6149                            212 S. 11th Street, Suite 5
FAX: 208.664.5299                                  Coeur d'Alene, ID 83814


   
Eklektix, Inc. Linux powered! Copyright © 2001 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds