|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Contents: |
Submitters, send your News Bytes items in PLAIN TEXT format. Other formats may be rejected without reading. You have been warned! A one- or two-paragraph summary plus URL gets you a better announcement than an entire press release.
February 2002 Linux Journal
![[issue 94 cover image]](misc/bytes/lj-cover94.png)
The February issue of Linux
Journal is on newsstands now.
This issue focuses on Small Office/Home Office (SOHO). Click
here
to view the table of contents, or
here
to subscribe.
All articles through October 2001 are available for
public reading at
http://www.linuxjournal.com/magazine.php.
Recent articles are available on-line for subscribers only at
http://interactive.linuxjournal.com/.
Legislation and More Legislation
Jon Johansen Indicted by Norwegian Authorities
Regarding DeCSS
Unhappy news this month, as it emerged that Jon Johansen has been
indicted
by Norwegian authorities for his part in creating and distributing the
DeCSS code. This comes two years after he and his father were
first taken from their home in connection with the same software.
The initial report is available
in Norwegian, and a
translation was posted in the Slashdot
discussion of the story.
It appears that the case against Jon is unusual in that he is being charged under laws which are generally applied in cases involving breaking into computers and theft of electronic records or company files. Pressure from the MPAA and the US entertainment industry appears to have encouraged the Norwegian authorities to try this experimental attempt to secure a conviction.
The Electronic Frontier Foundation have extensive resources on this case. Particularly interesting are some legal arguments as to why no offence has been committed under Norwegian law and transcripts including Jon Johansen's testimony at the 2600 Magazine trial in New York under the DMCA (July 20, 2000).
A mailing list has also been set up to discuss issues concerning the case, including how to support Jon and how to protest against the indictment.
The sorry truth is that cases like this are likely to become more common in the future. Governments internationally are harmonising their intellectual property laws through measures such as the WIPO copyright treaty which will come into force in March (having recently secured its 30th signatory). The result will be that all countries might eventually enact legislation akin to the DMCA to protect the media multinationals' intellectual property and access-control technologies. Countries attempting to resist this trend will not be well received. Slashdot reported recently that Ukraine is subject to US trade sanctions for not using an "optical media licensing regime" for blank CDs and CD recorders. The best way to resist at an individual level is to make your voice heard and start lobbying and writing letters. Your local LUG could form a focus for this activity.
Support From Washington
Congressman Rick Boucher
has been receiving a lot of press lately for the
position he has taken with regard to issues such as digital rights
management and the DMCA.
Dotcom Scoop
recently
reported
that Congressman Boucher has
written
to the RIAA expressing his
concern at the introduction of copy-protected compact discs. He feels that
such developments "...may prevent or inhibit consumer home recording using
recorders and media covered by the Audio Home Recording Act of 1992". A
report
on the same story in The Register, however, indicated that the copy
protection measures probably are legal. It seems that though the record
label cannot sue you for making a legitimate personal copy of your new CD,
they are not obliged to make it easy for you!
ZDNet has
reported [Reuters]
that Boucher is planning to introduce a bill that would eliminate the
"anti-circumvention" clause of the DMCA. It is certainly encouraging to
see an elected representative taking an overtly pro-consumer line on these
issues.
Another elected representative who seems to understand a thing or two is Rep. Darrell Issa, a member of the US House of Representatives' Judiciary Committee. Speaking to Linux Journal's Don Marti, he indicated that the SSSCA was "dead on arrival". Though this is encouraging, it might be foolish to get too relaxed until the grave is actually occupied. Don comments that Issa also seemed well informed on other issues in this area (DMCA, etc.,).
Perhaps when campaigning on issues of concern, it would be wise to be alert to good as well as bad news. Elected representatives careers are based on achieving public support and they can be very sensitive to public opinion. It could not hurt to mail guys like Boucher and Issa to tell them if you like what they are doing.
UCITA
LWN reported that UCITA is back again. The main issue for the free software community would be that the UCITA, if it came into US law in its current form, would prohibit the distribution of software to consumers without warranty. This would mean that by distributing a free software utility, you could be held responsible by consumers for any flaws in the product (even though you have disclaimed all warranties, etc.,). This story was also reported by TheRegister, who linked to this article by Richard Stallman on "Why We Must Fight UCITA".
Legislative Links
Indianapolis' attempt to keep minors from playing violent video games in public arcades was ruled unconstitutional, at a cost of $318,000 to taxpayers.
NY Times review of the year in tech law, which makes a nice lead in to their preview of what might be to come. Both articles feature the input of various experts from the field, and both require registration.
Essay on cryptome.org by Mike Godwin on digital rights management and the battle between computer companies and entertainment companies. (Courtesy Crypto-Gram)
Linux Links
Jun Jungho mailed to announce a LG Korean translation site at http://www.whiterabbitpress.com/lg/. He and fellow volunteers have tested this site for 5 months, and would now like to inform others. "I wish that this site gives more fun & infomation to Korean Linuxers."
ASCII: American Standard Code for Information Infiltration by Tom Jennings. A very interesting, and in-depth article. Covers history of ASCII, and its various developments over almost half a century.
Courtesy crypto-gram is a link to a review [pdf] of the year in vulnerabilities. This contains a list of all the operating systems and applications with vulnerabilities.
Newsforge has a story on one person's experiences with Gentoo Linux , a distribution that requires the user to start the installation by compiling new compilers. In a similar vein, DistroWatch have a review of Sorcerer GNU Linux, which again compiles much of the system from source during install.
ZDnet asks `is Linux ready for the desktop?' While Cio.com tell us how to run a Microsoft-free shop.
Linux Journal have looked back over the problems exposed in SSH during the past year, and the solutions which have resulted.
Some links and stories that appeared on SlashDot over the past month:
- Kerneltrap interview with Alan Cox about the kernel, DMCA and more. Linux Today reported Alan's recent release of 2.4.18PRE3-AC1 and 2.4.18PRE3-AC2 (due to popular demand!).
- Interview with Rick van Riel, kernel developer. Talks about virtual memory controversies (among other things).
- Kernel 2.5.2
- The Linux Cookbook book review.
- Story about flashing a mini Linux OS onto 802.11b firmware with screenshots.
Linux Today have featured the following links which you may be interested to follow:
- LinuxSecurity.com article on a vulnerability in the Linux encrypted loop device.
- Also from LinuxSecurity.com is an article on using statistical tools with the Snort IDS.
- Caliban.org article on getting more from Bash.
- Bram Moolenaar writes about Vim, an open-source text editor, dealing both with technical issues and the background to his selection of the Charityware licence.
- LinuxLookup have reviewed VMWare 3.0 Workstation for Linux.
- The BBC is trialing Ogg Vorbis streams for online listeners.
- The Guardian reports on free software's fortunes during the downturn.
TheRegister's Thomas Greene reported on getting superior benchmarks for Quake-3 FPS on Linux as opposed to Windows. Hardly a scientific test, but nice to see none the less.
From the O'Reilly stable of websites, the following may interest you:
- An article covering some of the issues in integrating WinXP into your existing heterogeneous network.
- An introduction to CVS.
- Automating Network Administration, Part One and Part Two.
- A discussion on the question of whether publicly funded research should result in open source code? Related to this issue is a recent Salon article on intellectual property and universities. The current head of the Berkeley department responsible for intellectual property reckons they should have licensed the TCP/IP stack and collected royalties all the way to the bank.
Scientific American article on really bad patents. If you find those interesting, you might like to look at IBM's new patent for a toilet reservation system highlighted by Hartmut Pilch on the patents mailing list at aful.org.
What to do after a computer break-in.
Some Linux Weekly News highlights:
- LWN has analysed the controversy surrounding Eric S Raymond's kernel auto-configuration software. Eric has been defending the project using stories detailing the plight of Aunt Tillie as she tries to reconfigure her kernel. LWN has further amusing links.
- Final version of LWN 2001 timetable
- Taking a look at the phenomenon of people setting up multiple alternative kernel trees, as a demonstration and staging area for their patches. Could other projects benefit from this approach?
- LWN's Jonathan Corbet comments on the processes at work behind `large' Linux kernel changes, and how these processes differ from practice in proprietary software development.
Two IBM whitepapers (here and here) on security issues relating to "Linux in Enterprise Systems" (and we are not talking about Klingons off the starboard bow). Both pdf's, and quite large. IBM appears to be strengthening their support for Linux. Slashdot reported that IBM's new $400,000 Z-series mainframe will not be sold with z/OS, but rather with Linux.
Upcoming conferences and events
Listings courtesy Linux Journal. See LJ's Events page for the latest goings-on.
|
LinuxWorld Conference & Expo (IDG) | January 30 - February 1, 2002 New York, NY http://www.linuxworldexpo.com/ |
|
The Tenth Annual Python Conference ("Python10") | February 4-7, 2002 Alexandria, Virginia http://www.python10.com/ |
|
Australian Linux Conference | February 6-9, 2002 Brisbane, Australia http://www.linux.org.au/conf/ |
|
Internet Appliance Workshop | February 19-21, 2002 San Jose, CA http://www.netapplianceconf.com/ |
|
Internet World Wireless East (Penton) | February 20-22, 2002 New York, NY http://www.internetworld.com/events/weast2002/ |
|
Intel Developer Forum (Key3Media) | February 25-28, 2002 San Francisco, CA http://www.intel94.com/idf/index2.asp |
|
COMDEX (Key3Media) | March 5-7, 2002 Chicago, IL http://www.key3media.com/comdex/chicago2002/ |
|
BioIT World Conference & Expo (IDG) | March 12-14, 2002 Boston, MA http://www.bioitworld.com/ |
|
Embedded Systems Conference (CMP) | March 12-16, 2002 San Francisco, CA http://www.esconline.com/sf/ |
|
CeBIT (Hannover Fairs) | March 14-22, 2002 Hannover, Germany http://www.cebit.de/ |
|
COMDEX (Key3Media) | March 19-21, 2002 Vancouver, BC http://www.key3media.com/comdex/vancouver2002/ |
|
FOSE | March 19-21, 2002 Washington, DC http://www.fose.com/ |
|
Game Developers Conference (CMP) | March 19-23, 2002 San Jose, CA http://www.gdconf.com/ |
|
LinuxWorld Conference & Expo Singapore (IDG) | March 20-22, 2002 Singapore http://www.idgexpoasia.com/ |
|
Software Solutions / eBusiness World | March 26-27, 2002 Toronto, Canada http://www.softmatch.com/soln20.htm#ssebw |
|
SANS 2002 (SANS Institute) | April 7-9, 2002 Orlando, FL http://www.sans.org/newlook/home.htm |
|
LinuxWorld Conference & Expo Malaysia (IDG) | April 9-11, 2002 Malaysia http://www.idgexpoasia.com/ |
|
LinuxWorld Conference & Expo Dublin (IDG) | April 9-11, 2002 Dublin, Ireland |
|
Internet World Spring (Penton) | April 22-24, 2002 Los Angeles, CA http://www.internetworld.com/events/spring2002/ |
|
O'Reilly Emerging Technology Conference (O'Reilly) | April 22-25, 2002 Santa Clara, CA http://conferences.oreillynet.com/etcon2002/ |
|
Software Development Conference & Expo, West (CMP) | April 22-26, 2002 San Jose, CA http://www.sdexpo.com/ |
|
Networld + Interop (Key3Media) | May 7-9, 2002 Las Vegas, NV http://www.key3media.com/ |
|
Strictly e-Business Solutions Expo (Cygnus Expositions) | May 8-9, 2002 Minneapolis, MN http://www.strictlyebusiness.net/strictlyebusiness/index.po? |
|
Embedded Systems Conference (CMP) | June 3-6, 2002 Chicago, IL http://www.esconline.com/chicago/ |
|
USENIX Annual (USENIX) | June 9-14, 2002 Monterey, CA http://www.usenix.org/events/usenix02/ |
|
PC Expo (CMP) | June 25-27, 2002 New York, NY http://www.techxny.com/ |
|
O'Reilly Open Source Convention (O'Reilly) | July 22-26, 2002 San Diego, CA http://conferences.oreilly.com/ |
|
USENIX Securty Symposium (USENIX) | August 5-9, 2002 San Francisco, CA http://www.usenix.org/events/sec02/ |
|
LinuxWorld Conference & Expo (IDG) | August 12-15, 2002 San Francisco, CA http://www.linuxworldexpo.com |
|
LinuxWorld Conference & Expo Australia (IDG) | August 14 - 16, 2002 Australia http://www.idgexpoasia.com/ |
|
Communications Design Conference (CMP) | September 23-26, 2002 San Jose, California http://www.commdesignconference.com/ |
|
Software Development Conference & Expo, East (CMP) | November 18-22, 2002 Boston, MA http://www.sdexpo.com/ |
News in General
Euro Support
As many of you have surely noticed, the euro became a real paper and coins
currency on the first of January 2002. Being able to type the euro symbol
is now something which will be necessary for very many computer users.
The Debian Project
have released the
Debian Euro HOWTO
by Javier Fernández-Sanguino Peña which details how to enable support for
the symbol in your Linux system. Much of the advice will be of use to
users of distributions other than Debian.
Long-term, the best solution may be a move towards Unicode. This is particularly the case when interoperability with Windows systems is required.
Athlon/Duron and Linux Bug
A bug in AMD's Athlon family of processors has been
reported
on TheRegister, following an earlier
revelation by
Gentoo Linux. The issue relates to
extended memory paging sizes and is a bug in the processor, not the kernel.
Those using Linux 2.4 kernels, and AGP may experience problems with memory
corruption. The fix is to pass the option "mem=nopentium" to the kernel at
boot-time (via GRUB or LILO). Gentoo have a good description of the
situation on their main webpage at the moment, and an analysis of how this
was neglected for so long (since September 2000!).
Linux Adoption
TheRegister.co.uk recently reported that Korea is to convert 120K civil servants to Linux desktop use. This appears to be as much a fightback by local favourite Haansoft (producers of Hancom Linux, and HancomOffice) as a victory for Linux, but it is still good news.
In a separate development, NewsForge reports that Red Hat India is helping to introduce GNU/Linux as part of a scheme to meet the software needs of the Indian education system. The program will include not only software, but also free training to help get the scheme off the ground.
Spinning the globe again, this time to China, we see more penguins on the march. Linux Today have a report that Linux is making an impression on many in China. Apparently the Chinese Academy of Sciences have published a report highlighting the savings which could be achieved by using Linux as an alternative to Microsoft solutions. This follows a Gartner report that Microsoft recently lost out on a major IT investment in China, while indigenous firms including Red Flag Linux were favoured.
Penguin Art
A new issue of TUX (Terminator Unit X) online comic is now available at: http://www.thelinuxreview.com/TUX/. the reports of TUX's death have been greatly exaggerated.
Also in the artistic vein, IBM have updated their Linux Cartoons page. Flash or Real Player required.
Linux Trojan Found
qualys.com
have
announced
that they have discovered a Linux Trojan, in the wild.
This follows qualys's discovery of a very similar linux trojan
last year. This story was also
picked up by Newsbytes.com, and from there Slashdot
got in on the act. To be infected, you must execute the trojan
as root, so there is likely to be a need for some sort of social
engineering in getting this one to propagate. Main risk would be if a
binary in a Linux distribution became infected, since most people trust the
binaries on their install media. At the very least, this is another very
good reason to be very very careful what you do as root.
DOSSIER, Documentation Source
DOSSIER is a convenient new way to get printed documentation for Free and Open Source software. Current topics include "Email", "File Systems", "Kernel", PostgreSQL", "Python", and "Text". The demand-printed volumes may be ordered from BSDMall. The motivation and rationale for DOSSIER are covered in " DOSSIER and the Meta Project (Part 1)", in Daemon News.
Distro News
BrlSpeak
BrlSpeak is a new mini-distribution of Linux that comes with support for
braille and speech built-in. The objective
is to offer an easy-to-install solution for blind persons who wish to install a
Linux distribution on their computer without any assistance from a sighted
pereson. BrlSpeak provides a built-in preconfigurer so that you should be able
to preconfigure the BrlTty Makefile before starting Linux. Compilation and
automated activation of the braille device is the next step, and will be
performed when booting the distrib. BrlSpeak was based on Matthew campbell's
ZipSpeak mini-distribution, that's why it contains the SpeakUp screen reader
for supporting speech synthesizers. The BrlSpeak is available in many
languages. To download it, visit the
BrlSpeak Projet Home Page.
Author: Osvaldo La Rosa, freely distributable, UMSDOS mini-distribution, size: 36MB, available as: zip or iso, website: en, fr, nl. Any contributions welcome!
Debian
Debian GNU/Linux
2.2r5 has been released. This fifth revision adds security updates and
some bug fixes to the stable `potato' release. A list of FTP and HTTP
mirrors is available at
http://www.debian.org/distrib/ftplist.
Point apt (see the sources.list(5) manual page) at an up to date mirror and
then run apt-get update; apt-get upgrade
The complete list of all accepted and rejected packages together with
rationale is on the
preparation page
for this revision
It is a good idea to keep an eye on http://security.debian.org/ or to subscribe to the debian security announce mailing list. There have been quite a few security announcements in the past month.
Debian Weekly News reported that new "Debian on CD" Web Pages have been launched. These replace the old pages on cdimage.debian.org, which "were often criticised by visitors of the website". The new pages feature improved documentation, direct download links for images, a CD vendor list Apart from an extended FAQ, the new pages offer direct download links for CD images, a list of CD vendors, artwork, and info on jigdo, the new distribution scheme for downloading CD images from any normal Debian mirror.
Linux Today highlighted a report on the size of Debian 2.2, which includes more than 55,000,000 physical SLOC: The COCOMO model estimates that its cost would be close to $1.9 billion USD to develop Debian 2.2.
Also highlighted by Linux Today was this bugreport, which comments on vulnerability notification and the Debian Social Contract. "Over the past few months, the GNU/Linux community has slowly adopted a way of dealing with security issues which closely resembles the approach suggested by Microsoft last year: more-or-less systematic hiding of security problems from end users, at least for some time. Some Debian maintainers seem to participate in this process, and hold back security fixes, waiting for events to happen which are external and not related to the Debian project (for example, other distributors being ready to publish fixes)."
Mandrake
Linux Planet have started a 'Month Later' addition to their Distribution Watch section. The first distro to receive this second look is Mandrake 8.1. The review discusses the process of getting settled in and smoothing out the routine bumps and curves of this distribution.
Red Hat
The Washington Post Washtech.com site has
reported
that AOL Time Warner is in talks to buy Red Hat. Everything is very vague
("fluid" appears to be the official term), so it is difficult to know what
the chances are such a deal actually coming off. Andrew Orlowski of
TheRegister is somewhat
sceptical
about the rumours. He also makes some good comments about what the
wider implications of such a deal could be.
Software and Product News
GUI Based DSSSL/XSLT DocBook Tool Released
Command Prompt is pleased to announce the release of DocPro 0.2.0. DocPro is a tool for professional technical authors whom maintain a large amount of SGML/XML based documentation. DocPro will take any DocBook document and transform it into a user defined format (Postscript, HTML etc...).
DocPro will correctly transform multiple documents, to multiple output formats. It includes the capability to arbitrarily set font sizes, margins, callout definitions etc... via a GUI interface.
DocPro currently runs on x86 Linux only, though there will be a release for YellowDog Linux (PPC) and MacOS X shortly. The Deluxe version of DocPro comes with the popular DocParse tools for converting HTML to DocBook.
Adobe GoLive 6 Integrates Zend PHP Debugger
Adobe Systems will include Zend's PHP Debugger in its new release of GoLive 6, its flagship product for Web site development. This will give GoLive developers integrated access to advanced PHP debugging for their toughest applications and dynamic Web sites using scripting languages.
CxProtect
CxProtect is an AntiVirus Solution for Linux Mail Servers. It is a binary based solution that using the Command AntiVirus API. The software offers detection and disinfection of attachments being transported via the Linux Mail Server. The only change required to the existing Sendmail.cf is to register CxProject as the MDA. Post-install configuration is done via a web browser interface.
Download available at http://www.calibretechnologies.com/downloads/CxProtect.tar.gz
Mahogany 0.64 Released
A new release of Mahogany, has been made. Mahogany is an OpenSource cross-platform mail and news client, available for X11/Unix and MS Windows platforms. It supports many of the internet protocols and standards, including POP3, IMAP4, SMTP and NNTP. Mahogany also supports MIME and many common Unix mailbox formats.
Source and binaries for a of Linux and Unix systems as well as binaries for Win32 are now available.
Copyright © 2002, Michael Conry and
the Editors of Linux Gazette.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 75 of Linux Gazette, February 2002
![[ Prev ]](../gx/navbar/prev.jpg){kind=small}
![[ Table of Contents ]](../gx/navbar/toc.jpg){kind=small}
![[ Front Page ]](../gx/navbar/frontpage.jpg){kind=small}
![[ Talkback ]](../gx/navbar/talkback.jpg){kind=small}
![[ FAQ ]](./../gx/navbar/faq.jpg){kind=small}
![[ Next ]](../gx/navbar/next.jpg){kind=small}
