Slashdot Mirror

FreeBSD:
FreeBSD, Stealth-Growth Open Source Project (Jun 2004)
"FreeBSD has dramatically increased its market penetration over the last year."
Nearly 2.5 Million Active Sites running FreeBSD (Jun 2004)
"[FreeBSD] has a secured a strong foothold with the hosting community and continues to grow, gaining over a million hostnames and half a million active sites since July 2003."
What's New in the FreeBSD Network Stack (Sep 2004)
"FreeBSD can now route 1Mpps on a 2.8GHz Xeon whilst Linux can't do much more than 100kpps."

NetBSD:
NetBSD sets Internet2 Land Speed World Record (May 2004)
NetBSD again sets Internet2 Land Speed World Record (30 Sep 2004)

OpenBSD:
OpenBSD Widens Its Scope (Nov 2004)
Review: OpenBSD 3.6 shows steady improvement (Nov 2004)

*BSD in general:
Deep study: The world's safest computing environment
"The world's safest and most secure 24/7 online computing environment - operating system plus applications - is proving to be the Open Source platform of BSD (Berkeley Software Distribution) and the Mac OS X based on Darwin."
..and last but not least, we have the cutest mascot as well - undisputedly. ;)

--
Being able to read *other people's* source code is a nice thing, not a 'fundamental freedom'.

KDE had better be implementing OpenTalk instead of Rendezvous(tm).

Very, very good rant.
No mod points so just accolades.

Cheers.

I think in order to survive the onslaught, it will be necessary to garner support elsewhere.

To quote Linus: They are smoking crack.

Interesting read from eWeek, talking about CPU power consumption and California energy woes (which server farms helped contribute to).

My bet, though, is that Microsoft are going to take back the lead. They are used to being laughed at, and when they have a product that lags sufficiently behind in public opinion, they usually make it a priority to take back the lead.

What people *should* be thinking of is what Microsoft will do to lock in customers and how this threat can be met.

in a wider perspective; is Miguel the piper leading all the children of the open source into the river? will Microsoft unleash IP-litigation on a scale never seen before? will it be at all possible to tell the users that Microsoft's wet dreat is to forever in the darkness bind them...to their products.

This makes it a very strange license indeed. Microsoft doesn't own the rights to many of the things they are licensing and nobody has to actually accept or reject the license. Basically, that makes it Microsoft saying "Here is a list of stuff".

So why is Microsoft doing this? It could be as benign as clearing up any potential uncertainty to legal usage of Microsoft products. On the other hand, it could be a more subtle attempt at legal "squatting" as suggested by the original article. If say, in five years Microsoft points out they've been asserting their rights over something since 2004 it might hold more legal weight than if they just let it go. (For example, SCO asserting rights over something it does not appear to own, and the fact they haven't asserted these rights in the past is just another argument against them.)

Who knows? It's certainly a bizarre tale. Something drove them to do this, probably something in their legal department. It'd be nice to know.

Hello,

Copyright is an agreement between a content creator (author, musician, artist, etc) and society, to grant them a temporary monopoly on their work, allowing them to profit from their efforts. There is no inherent right of a person to control his works indefinitely. Furthermore, there is no such thing as an original thought, as all thoughts are the results of building upon previous ideas. Once they have earned their profit, other people must have the right to build upon these works. This is progress, and should be nurtured.

The WIPO's plan to extend copyright terms is contrary to this goal. The term "Intellectual Property" itself is a sick attempt at treating ideas like real estate. WIPO's proponents are interested only in controlling people, controlling what they read, what they hear, and what they think, for the purposes of extracting maximum profits from stale ideas. Extending copyrights can serve only one purpose: to funnel more money directly into the pockets of record executives, publishers (not authors), and the like. For society to truly progress, the old works that these companies hold hostage need to be released into the public domain, so new artists can build on those ideas, creating NEW copyrighted work to profit from.

The fact is, each time copyright terms are extended, creativity grinds to a halt as artists are restricted from using those works. We must fight to *shorten* copyright terms, so that old works that have become a part of our culture can be built upon, creating new works for the future of our culture. If we keep extending copyright terms as we are, we wage a war on creative thought. The result of this can only be stagnation, and death. You're probably thinking "but how can we reward artists for their hard work?" and the answer is that copyright already does that just fine, it doesn't need to be extended or strengthened. Anybody in favour of strengthening copyright is simply looking to keep profits flowing without having to bother creating anything new or interesting.

Unfortunately, in our society, copyright has been extended to the point of bastardizing it's original purpose. It no longer rewards creative artists; it merely supports aging cartels resisting changes to their business model that will be necessary for them to survive in the Information Age.

I am a concerned citizen, thank you for your time.

References:

Lessig on WIPO
WIWO

According to this eWeek article, they will be including Evolution, but Evolution 2 still needs some work to integrate it with GroupWise.

eWeek also has more information and you can look at Novell's Linux Desktop documentation and OSNews had some screen shots.

I personally saw the NLD running at a seminar last week and what I would call an Alpha release of Open Enterprise Server. I'm fairly optimistic about the product. I manage Novell and Linux servers at a north texas university and am greatly looking forward to consolidating the two into OES.

I was really interested to see that Novell has Linux kernel modules (a few of them that work together, actually) to manage their own NSS filesystem -- really an object database. This is very impressive since the NSS filesystem's access is granted to objects in eDirectory (LDAP server) and file permissions are quite different than posix file permissions. Yet, it mounted on Linux and showed posix permissions just as you'd expect. I've heard the open beta starts in December, with a final release in February.

According to this eWeek article, they will be including Evolution, but Evolution 2 still needs some work to integrate it with GroupWise.

eWeek also has more information and you can look at Novell's Linux Desktop documentation and OSNews had some screen shots.

I personally saw the NLD running at a seminar last week and what I would call an Alpha release of Open Enterprise Server. I'm fairly optimistic about the product. I manage Novell and Linux servers at a north texas university and am greatly looking forward to consolidating the two into OES.

I was really interested to see that Novell has Linux kernel modules (a few of them that work together, actually) to manage their own NSS filesystem -- really an object database. This is very impressive since the NSS filesystem's access is granted to objects in eDirectory (LDAP server) and file permissions are quite different than posix file permissions. Yet, it mounted on Linux and showed posix permissions just as you'd expect. I've heard the open beta starts in December, with a final release in February.

Check the supported Apps on the CrossOver Office site. I have had no problems with it. In fact, Walt Disney's animation department was one of several that funded Codeweavers to get Photoshop working (Penguin Moves to Disney)

Seriously, this is just the marketroids doing their thing. When the accountants start warning about threats from Linux, we know there's a real threat. Linux is getting mention in the latest annual filing, too.

Itanium outsells SPARC

No, it doesn't. A Google search reveals that Intel sold only 100,000 Itaniums this year...a small fraction of Sun's business. SPARC outsells Itanium by 10x. At the low to mid range, Opteron and Intel's own AMD64 clones step in, as well as Mac G5. At the high end, there is POWER 5, also.

The fact that two sites suffered outages simultaneously suggests such a coordinated attack. But analysts with AlertSite and Keynote say other evidence suggests a technical problem.

Sorry to burst your bubbles Bush Haters:

http://www.eweek.com/article2/0,1759,1681230,00.as p
NEW YORK (AP)--Web sites for President Bush's campaign and the Republican National Committee suffered outages for several hours on Wednesday.

It was not immediately clear whether a systems failure or a hacking attack was to blame. Campaign and committee officials would only say they were investigating.

Or you might find that OOo is faster, better, cheaper and, though it goes without saying, is supported on more platforms and uses an open file format.

$50 per license is more than fair.

Is it fair to the teacher in a developing country who gets less than US$50 a month in salary?

Larger customers get special treatment. Ballmer recently told a group of current MS customers / resellers to contact him personally if StarOffice gains ground. I'm sure the same goes for OpenOffice.org (OOo).

Or you might find that OOo is faster, better, cheaper and, though it goes without saying, is supported on more platforms and uses an open file format.

Right now, you'd be a fool not to use that leverage to get a discount from MS. That's your worst option, a discount.

Of course it is possible to keep a Windows machine naked on the net without it getting cracked.

1. You can't connect an unpatched MS-Windows machine to the 'Net. Even Redmond admits that in their blame-the-admin campaign. See also articles like, "Unpatched {Windows} PC "Survival Time" Just 16 Minutes".

2. Even if you download the patch and install it before exposing the MS-Windows machine to the 'Net, the patch may not work. MS Patches are infamous for being incomplete, breaking 3rd party applications, failing to patch what they claim to patch, or even resurrecting old security problems. e.g. Attack pierces fully patched Windows XP

3. Even if the patch does work, there are many widely known problems left unaddressed by the patch, such as this problem that MS still hasn't acknowledged.

4. Even if the points above are magically resolved, you still have reality bite you: You can't patch fast enough.

A lot of folks are heavily in denial about just how bad shape MS really is in. It's been a great ride, but it's time to get off. If you weren't early in and at the top of the pyramid scheme, then don't even think about it. Either way it's time to look away from Redmond and back to software that works and is actually designed to work.

Presumably the industry would follow the lead of Microsoft in this matter.

Particularly for Oracle since Microsoft has indicated its SQL server licensing will be "licensed per processor, not per core"

Wrapping a tag in aluminum foil blocks the radio waves and prevents a tag from being identified. -
RFID Hack Could Allow Retail Fraud

Most of the concern seems to be around unauthorized person reading the RFID chip. According to this article blocking RFID chips is very easy to do if you have physical posession of the chip. Just wrap it in tinfoil. It would seem that someone would make a bag/box/pouch that would store your passport and protect it from being read w/o authorization. When you were in an area that required that you show your passport, the airport for example, you would just take the passport out of the bag. Sounds like a $19.95 solution to me.

I guess if you took your passport out at the hotel or some other place like that you could be "vulnerable". Maybe this solution from RSA woul help?

It does seem like the solution here is not to say "no RFIDs in the passports", but actually to ensure that there is a way to easily control when the tag is read. And there seem to be several solutions available.

"We're more secure than the other guys," he said. "There are more vulnerabilities in Linux; it takes longer for Linux developers to fix security problems. It's a good decision to go with Windows."

From this story.

Sounds like Steve has been hitting the crack pipe again.

Microsoft reports that half of all computer crashes reported by its customers are caused by spyware and its equivalents. Dell reports that spyware is responsible for more than 12 percent of all technical support calls.

The main reason there are any "anti-virus" companies is that one large company with a lot of market share peddles software with fundamental design flaws, not just production flaws, which make it easy to spread malware. Look, just because you downloaded the latest service pack (or in the case of XP SP2, OS upgrade) out of band and installed it before plugging your cherry XP box to the 'net doesn't mean it won't get hit. Plenty of exploits, both public and yet to be announced, can hit fully patched XP boxes

There's enough question of how much the service packs really fix.

Go see a shrink about your Stockholm Syndrome there so you can move on and heave those defective products.

The number of accepted formats isn't the only difference: Spotlight is fairly integrated into MacOS X's user interface (searching in help files or system preferences panel).
You can also save your searches (i.e bookmarks), and order them by virtually anything. Incremental searches can also be handy sometimes.
See some screenshots (http://www.eweek.com/slideshow/0,2394,l=&s=25986& a=130460,00.asp)
and Apple's own description: http://www.apple.com/macosx/tiger/spotlighttech.ht ml

...like I'm going to listen to eWeek.

I've got "MyYahoo" set as my homepage and their tech news stories are particularly disgusting. There was an exploit tool that was to be released under the GPL so the headline was " Open-Source Exploit Tool: 'Point, Click, Root' ". Mind you the tool attacks Windows and OSX machines, not Linux. But since it was released under the GPL, Open Source==Bad!

FUD! Just like when IDG reported the "double-free" CVS flaw in a story titled: "Search finds new holes in open source tool" (Notice, they reported this in July of 2004). After a little looking around I noticed that CERT released an advisory Feb. 2003!

Quote: Tom Hayes, who will retire as director in October, said Wednesday that in his three-year tenure the department has replaced or is starting work on replacing six of the seven major computer systems running agency programs.

God. This AOL thing will probably spread like a virus.

http://www.eweek.com/article2/0,1759,1668477,00.as p

As the hubbub of alternative Web browsers keeps growing--from speculation over a so-called "Gbrowser" from search-engine leader Google Inc. to the many advances in the open-source Mozilla project--in the background, America Online Inc. has been quietly testing its own Web browser, dubbed "AOL Browser," for more than a month.

Departing from its past embedded strategy, the company has made the forthcoming AOL Browser a standalone piece of software and it will not need the America Online client software to be running to be used, sources familiar with the software said. In what could be considered a surprising move, AOL Browser is based on Microsoft Corp.'s Internet Explorer and not on AOL's Netscape browser engine.

Sources said the AOL Browser contains many features missing from the current IE software, such as tabbed browsing and "tear-off tabs," where a tabbed window can be torn off into a new window. For privacy-conscious users, a "clear my footprints" feature allows for fast clearing of browser history, cookies, cache and recent searches. A pop-up blocker is also included.

Another useful interface element in the beta software is the "preview" of pages represented by buttons or tabs, sources said. The AOL Browser can display thumbnail images of pages as users hover over the back and forward buttons or over another browser tab.

Meanwhile, AOL's trademark "Running Man" graphic will be used to indicate page-load progress.

Hey Timesprout, you've been quoted... heheh: eWeek Article

(Down near the bottom somewhere)

I was going to say, if it were based solely on OVERTURE'S results then the only competition it would have would be Gator/Claria's horrid Searchscout/GAIN system, which is the only "major search engine" I know of that is powered purely by Overture results. Though to be fair when Overture runs out of ads it just dips into the Yahoo/Inktomi pool and runs those listings instead. So I guess its not TOTALLY worthless - try for yourself at http://www.overture.com

By the way, the Gator/Overture partnership has gotten Overture's owner Yahoo in trouble and continues to miff Overture advertisers since Overture does not allow advertisers to "opt out" of their scheme.

The second link used to work, but here it is again - http://www.eweek.com/article2/0,1759,1652391,00.as p

"The upgrades for free users have hit some snags. Richardson confirmed that MSN is slightly behind schedule in completing the upgrade.

MSN has begun converting based on seniority, but it now expects to complete the upgrade by the end of the year rather than in the fall, Richardson said.

"We are seeing customers consuming more storage than we anticipated, and we're bringing more storage online," she said. "

Actual link to article - http://www.eweek.com/article2/0,1759,1652391,00.as p

Not to be a grammar/spelling nazi, but wtf is -

"Microsoft not anticipating the storage that user of the free email accounts..."

More like (FTA)-

"We are seeing customers consuming more storage than we anticipated, and we're bringing more storage online," she said.

I would think this wouldn't have gotten past the eds...But in any case, hope this clears things up.

-thewldisntenuff

A few iptable rules to limit who can login via SSH and you can forget about rebooting....

until somebody discovers a vuln in qmail, or mime-defang, or qmail-scanner, or whatever, that can be used to provide a low-priv remote shell. And, it's not like you'll always be able to predict it.

Good security is like an onion - you layer it. You start with a good, stiff firewall. You use secure software, run with the least priveledge possible. File permissions are carefully attended to. You remove un-needed software, maybe de-install the compiler. You make sure your kernel is up to date and PATCHED. You have numerous backups going back in time at least a few weeks, off-site if it's important.

When you run a kernel with known vulnerabilities, you effectively remove one layer of the onion, making it that much easier to be compromised.

True, if there are NO kernel updates, you don't need to reboot. But, there has been at least one kernel issue within the last 400 days...

It's a tough job if you want the absolute highest currently available level of security.

The Linux problems that get found (and usually fixed within a very short time indeed) are mostly theoretical vulnerabilities that nobody would even bother to report on Windows. For example, last month there was a vulnerability (now fixed) that could, theoretically, enable an ordinary user to get root access.

Nobody would ever report a flaw like this in Windows, because everybody knows it is trivial to do on Windows. (E.g. the shatter attacks.)

For reasons like this, any reasonably recent Linux distro is more secure than the latest patched version of Windows.

Maybe this has to do with JPEG patent issues....

<Sigh>

Here we go again.

It seems that every time someone mentions SuSE on Slashdot, we hear the same 2 reasons why it's a Bad Distro (TM). The first is that it's not totally *free*. And, while I'm at this, I'll just head off the second: that there's no downloadable ISO image.

As to the first, Novell released YaST under the GPL almost as soon as they bought SuSE. You can read about that here. As to the second, you can download the personal edition here.

No, you're wrong. Linux was written by Santa Claus and the Easter Bunny.

Here's another eWeek article on the same subject. You'll note that some people interviewed want an update for Win2K while some people do not.

he would much rather see Microsoft spend resources supporting current and future product releases rather than older ones.

Um, no it doesn't.

I'll be convinced IBM contributes as much as Sun to OSS when I see that IBM has GPLed AIX like Sun will GPL Solaris...

Funny, the latest I've heard was that Sun still isn't saying what license they plan to use for Solaris. Do you have a link to an article where Sun claims they will use the GPL? All I've heard from them is that they want to "take the model with Java and bring it to Solaris."

Personally, as a Linux user, I'm much interested in IBM's real contributions to the Linux kernel. Their intent is to make Linux capable of replacing AIX eventually.

I'm not just talking about mainframe and POWER ports, as an anonymous coward above suggested, either. Of course, we all know about JFS, NUMA, SMP scalability, and EVMS (the last of which wasn't accepted, in the end). IBM has also contributed work on ext2/3, IA-64, PCI hotplug, udev, USB, and a number of other projects.

...or that IBM has given a huge office solution like OpenOffice...

How many office solutions do we need? How about a huge software development solution like Eclipse, instead?

...or that IBM supports Gnome with code contribution/HIG...

How about donating code to projects like Mozilla, Samba, and of course Apache (and more Apache)?

Finally, let's not forget that it's IBM that is paying the legal bills that will prove that Linux is free of whatever UNIX intellectual property may still exist, while Sun has been pumping funds into SCO's war chest.

Well, Schwartz gets paid handsomely by Microsoft to ruin that relationship; including Sun's support of SCO.

I think Sun's very intentional divide-and-conquer aproach of creating non-GPL-compatable shared source licenses is a very transparent way of attacking the cocmmunity directly.

If sun were actually jealous, they could easily be the biggest heros in the community.

Sun, if you care: open source Java, open source Solaris, make good hardware, and we'd all love you.

But sorry, Jonathan, even if we collectively _do_ have two billion dollars (see IBM's Linux related revenue), we won't just give it to you like Microsoft did. You need to earn our respect.

One other thing that's come up more over the last 12 months is this notion of indemnification [against patent and copyright claims].

Yes I wonder who is making it an issue.

More and more customers are asking us, "Help me understand what you do from an indemnification perspective versus HP or IBM or Red Hat or Novell." That's weighing into decisions more and more. ...

Yes because again Microsoft are trying to tie people down with fear that what they will touch they will loose again because the big Microsoft guys will spoil thier fun.

Customers began introducing it and asking me about it more than I was introducing it to them. And I began to say, "Wow. We really stand behind our technology in a pretty aggressive way.

Hahahah yes you are plenty aggressive, like a cornered animal, even the Ministry of Truth could learn from you guys.

We should make sure that we get credit for that compared to Linux in many ways." And it's actually been something that tips the scales sometimes when people are on the fence.

Is that the barbed wire elecrified fence of 10 year supply deal, licensing terms, special backhanders, propriatary formats et al.

Lets all hug this guy. Anyone notice how Microsoft are finding security holes in its own software right when it wants you to upgrade?

Can you feel the ground swelling? IE is slipping, it's official...
http://www.eweek.com/article2/0,1759,1646584,00.as p

So what are the predictions for how Microsoft will try and protect it's market share?

A woman trying to grab smoke. :-) Sort of like trying to get solid details about the filesystem when everything was handled by the marketing droids.

Hmmm...as late as June 1 it was being referred to as DFS, the Dynamic File System. Not good enough for marketing, as it was too generic a term. Now it is ZFS -- the LAST WORD in filesystems. Ugh!

What happens when IBM decideds to let Sun's marketing droids know that ZFS is IBM's zSeries File System for OS/390 machines? How about that it also was a "dfs" in the way of "Distributed File System"?

Sun now want to take on Veritas, whose existance came into being pretty much to deal with the crappy Sun volume management.

All in all, Solaris 10 looks promising. Even more so that a good chunk of it will be open sourced.

A critical aspect not mentioned in the summary that users should be aware of is mentioned in this article:

Not only is Microsoft allowed to sue any company.including Sun.for
alleged patent violations connected with OpenOffice, but Sun is required to
provide Microsoft with legal help in bringing such lawsuits against OpenOffice
users.

I.E.: When MS asks (and it will), Sun will be giving it their OpenOffice registration database. So unless you want to get sued later, beware of the answers you give when downloading (which you should do now while it's still available).

SCO is just digging, I wish they would either strike, or leave us the hell alone. Slander is what it's boiling down to.

Of course, that's assuming that Enderle is right in assuming that SCO will come off as sympathetic. And, even if SCO convinces a jury, that the case would continue to survive the inevitable appeal. SCO probably doesn't expect to win in the end, but even a fleeting victory would give them another spike in their stock price they could exploit for their own ends.

The summary should almost be modded flamebait for making such an obviously impossible statement like that.

So what's really up here? TFA says they demonstrated running a Linux Quake III on a OS X powerbook.
(And they quote Rob Enderle praising this technology.. this is the guy who thinks SCO will win, which speaks loads for his credibility.)

Now, I haven't seen the source for Quake III, but I'm pretty certain it uses OpenGL, which the Mac has. OS X is also POSIX-compliant. So, most of the API calls done by Quake can already be done natively on OS X.

So what I guess they're doing here is translating API calls (like Wine) while emulating the processor core (like a real emulator).

That isn't anything new. For instance, I've written similar code for an Atari emulator, which can emulate an Atari hard-disc filesystem as a local directory through translating OS calls.

(Note: And that was far from the first time it'd been done either.)

Here is the deal with Sender ID. Caller ID is patented (Sender ID = SPF + Caller ID), and thus everyone who uses in must get a patent from MS. If something is patented, you must license it to use it. It doesn't matter if you got the ideas from copying, white-room reverse engineering, or if you independently discovered the idea - the patent holder still has a monopoly on the use of the ideas and you must license them. As far as I know ASP and SMB are not patent encumbered. MS didn't have a policy of patenting their software until several years ago (about the same time as the Halloween papers were written, IIRC).

MS has licensed the Caller ID patent(s?) under what, on the surface, appears to be a very fair and open royalty free license. You don't have to pay any fees to MS to get a license to include Caller ID in your software. You can distribute the software to anyone you want, and your users are also free to redistribute this software. You can even distribute the source. For more information, read this article. However there is one issue that makes it incompatible with open source software - the patent license is non-transferable and non-sublicenseable.

What that means is that each developer who creates or modifies Caller ID code must sign and mail their own license from MS. The OSI definition of Open Source Software, and FSF definition of Free Software both state that the user must be free to modify and redistribute the software. This puts FLOSS licenses at odds with the Caller-ID license. If your software license meet the terms of the Caller-ID license then the software isn't FLOSS, and if you use a FLOSS license, then you are not meeting the terms of the Caller-ID license. The best lawyers on the subject agree that it is impossible to make these two agree. They also do a good job of explaining why redistribute of modified works is critical to FLOSS software, and why we should refuse to use a license that would be compatible.

So thats where things stand. It would be possible to write a non-FLOSS plugin for FLOSS software, but it is impossible to write a FLOSS implementation. Debian has a long history of not accepting non-free software into their main branch. But even among those that are more tolerant of combining proprietary software with FLOSS, there are many who disagree with proprietary standards and are thus opposed to the Caller ID license.

Indeed:

http://www.eweek.com/article2/0,1759,1639576,00.as p

qouth Allman: "...the legal folks made it further clear that they would rather see Sender ID die than back down"

It sure looks like Microsoft sold PC users the problem, and now they want to sell us the solution. Should we really encourage OS insecurity by paying for the fix to a problem that never should have been?