Slashdot Mirror

From a wide-ranging interview of Linus Torvalds with Linux Journal on the magazine's 25th anniversary: Linux Journal: If you had to fix one thing about the networked world, what would it be?
Linus: Nothing technical. But, I absolutely detest modern "social media" -- Twitter, Facebook, Instagram. It's a disease. It seems to encourage bad behavior. I think part of it is something that email shares too, and that I've said before: "On the internet, nobody can hear you being subtle". When you're not talking to somebody face to face, and you miss all the normal social cues, it's easy to miss humor and sarcasm, but it's also very easy to overlook the reaction of the recipient, so you get things like flame wars, etc., that might not happen as easily with face-to-face interaction. But email still works. You still have to put in the effort to write it, and there's generally some actual content (technical or otherwise). The whole "liking" and "sharing" model is just garbage. There is no effort and no quality control. In fact, it's all geared to the reverse of quality control, with lowest common denominator targets, and click-bait, and things designed to generate an emotional response, often one of moral outrage.

Add in anonymity, and it's just disgusting. When you don't even put your real name on your garbage (or the garbage you share or like), it really doesn't help. I'm actually one of those people who thinks that anonymity is overrated. Some people confuse privacy and anonymity and think they go hand in hand, and that protecting privacy means that you need to protect anonymity. I think that's wrong. Anonymity is important if you're a whistle-blower, but if you cannot prove your identity, your crazy rant on some social-media platform shouldn't be visible, and you shouldn't be able to share it or like it.

Linux Journal: Is there any advice you'd like to give to young programmers/computer science students?
Linus: I'm actually the worst person to ask. I knew I was interested in math and computers since an early age, and I was largely self-taught until university. And everything I did was fairly self-driven. So I don't understand the problems people face when they say "what should I do?" It's not where I came from at all.

Writing at Linux Journal, Glyn Moody reports that dozens of government IT systems are switching to open source software.

"The fact that this approach is not already the norm is something of a failure on the part of the Free Software community..." One factor driving this uptake by innovative government departments is the potential to cut costs by avoiding constant upgrade fees. But it's important not to overstate the "free as in beer" element here. All major software projects have associated costs of implementation and support. Departments choosing free software simply because they believe it will save lots of money in obvious ways are likely to be disappointed, and that will be bad for open source's reputation and future projects.

Arguably as important as any cost savings is the use of open standards. This ensures that there is no lock-in to a proprietary solution, and it makes the long-term access and preservation of files much easier. For governments with a broader responsibility to society than simply saving money, that should be a key consideration, even if it hasn't been in the past.... Another is transparency. Recently it emerged that Microsoft has been gathering personal information from 300,000 government users of Microsoft Office ProPlus in the Netherlands, without permission and without documentation.
He includes an inspiring quote from the Free Software Foundation Europe about code produced by the government: "If it is public money, it should be public code as well. But when it comes to the larger issue about the general usage of proprietary vs. non-proprietary software -- what do Slashdot's readers think?

Should all government IT systems be using open source software?

The systems and database administrator for a Fortune 500 company notes that while NFS is "decades old and predating Linux...the most obvious feature missing from NFSv4 is native, standalone encryption." emil (Slashdot reader #695) summarizes this article from Linux Journal: NFS is the most popular remote file system in the Linux, UNIX, and greater POSIX community. The NFS protocol pushes file traffic over cleartext connections in the default configuration, which is poison to sensitive information.

TLS can wrap this traffic, finally bringing wire security to files vulnerable to compromise in transit. Before using a cloud provider's toolset, review NFS usage and encrypt where necessary.
The article's author complains that Google Cloud "makes no mention of data security in its documented procedures," though "the performance penalty for tunneling NFS over stunnel is surprisingly small...."

"While the crusade against telnet may have been largely won, Linux and the greater UNIX community still have areas of willful blindness. NFS should have been secured long ago, and it is objectionable that a workaround with stunnel is even necessary."

"Despite its low profile, OpenStreetMap is arguably one of the most important projects for the future of free software," argues Glyn Moody, author of Rebel Code: Linux And The Open Source Revolution, in a new Linux Journal article shared by long-time Slashdot reader carlie: The rise of mobile phones as the primary computing device for billions of people, especially in developing economies, lends a new importance to location and movement. Many internet services now offer additional features based on where users are, where they are going and their relative position to other members of social networks. Self-driving cars and drones are two rapidly evolving hardware areas where accurate geographical information is crucial. All of those things depend upon a map in critical ways, and they require large, detailed datasets. OpenStreetMap is the only truly global open alternative to better-known, and much better-funded geodata holdings, such as Google Maps.

The current dominance of the latter is a serious problem for free software -- and freedom itself. The data that lies behind Google Maps is proprietary. Thus, any open-source program that uses Google Maps or other commercial mapping services is effectively including proprietary elements in its code. For purists, that is unacceptable in itself. But even for those with a more pragmatic viewpoint, it means that open source is dependent on a company for data that can be restricted or withdrawn at any moment....

Although undoubtedly difficult, creating high-quality map-based services is a challenge that must be tackled by the Open Source community if it wants to remain relevant in a world dominated by mobile computing. The bad news is that at the moment, millions of people are happily sending crucial geodata to proprietary services like Waze, as well as providing free bug-fixes for Google Maps. Far better if they could be working with equal enthusiasm and enjoyment on open projects, since the resulting datasets would be freely available to all, not turned into corporate property. The good news is that OpenStreetMap provides exactly the right foundation for creating those open map-based services, which is why supporting it must become a priority for the Open Source world.

Reader rootmon writes: Our thoughts/prayers are with the family and friends of long time open source writer/journalist Robin "Roblimo" Miller who passed away this morning. Robin "Roblimo" Miller (born October 30, 1952) served as the Editor-in-Chief of Open Source Technology Group, the company which owned Slashdot, SourceForge.net, Freshmeat, Linux.com, NewsForge, and ThinkGeek between 2000 to 2008. Miller formerly owned Robin's Limousine, a small limo company based in Elkridge, Maryland, the origin of his online nickname. Miller is best known for his involvement with Slashdot, where he was not only the corporate editorial overseer but also Interview Editor.

As a freelancer, Miller wrote for a number of print and online publications including Time.com, Baltimore City Paper, American Medical News, Innkeeping World, Machine Design, The Baltimore Sun, and Rewired.com. Miller is the author of three books: The Online Rules of Successful Companies, Point -- Click Linux!, and Point -- Click OpenOffice.org, all published by Prentice Hall. His most recent ventures revolved around Internet-delivered video, including video software "tours" and tutorials on Linux.com and his recent "side" venture, Internet Video Promotion, Inc. Miller has been a judge for the Lulu Blooker Prize and is on the online advisory board of the Online Journalism Review of the Annenberg Center for Communication at the University of Southern California. (Biographical Info Quoted in Part from Wikipedia) Further reading: Linux Journal: RIP Robin "Roblimo" Miller.

Remembering Miller, ZDNet journalist S. Vaughan-Nichols wrote, "He was funny, bright, quick with a quip, caring, and wise. I, and many others who had the pleasure of knowing him, will miss him enormously." Paul Jones, Clinical Professor at the School of Information & Library Science, and Director of ibiblio.org, wrote, "Robin taught me many things, besides the immense gift of his friendship, including 'the way to make money on the internet is to take on more than you spend.' Both funny and accurate in context and very much true to roblimo." Writer and engineer Emmett Initiative said, "He was my editor, which means he was my best friend and worst enemy. He was a kind and thoughtful man that made every writer around him at least 300% better. I already miss him."

An anonymous reader writes: Should the Linux operating system be called "Linux" or "GNU/Linux"? These days, asking that question might get as many blank stares returned as asking, "Is it live or is it Memorex?" Some may remember that the Linux naming convention was a controversy that raged from the late 1990s until about the end of the first decade of the 21st century. Back then, if you called it "Linux", the GNU/Linux crowd was sure to start a flame war with accusations that the GNU Project wasn't being given due credit for its contribution to the OS. And if you called it "GNU/Linux", accusations were made about political correctness, although operating systems are pretty much apolitical by nature as far as I can tell.

The brouhaha got started in the mid-1990s when Richard Stallman, among other things the founder of the Free Software Movement who penned the General Public License, began insisting on using the term "GNU/Linux" in recognition of the importance of the GNU Project to the OS. GNU was started by Stallman as an effort to build a free-in-every-way operating system based on the still-not-ready-for-prime-time Hurd microkernel. According to this take, Linux was merely the kernel, and GNU software was the sauce that made Linux work. Noting that the issue seems to have died down in recent years, and mindful of Shakespeare's observation on roses, names and smells, I wondered if anyone really cares anymore what Linux is called. For once and all, I wanted to ask Slashdot crowd what they think.

The newly-relaunched Linux Journal just interviewed the Open Source Initiative's president, Simon Phipps. An anonymous reader summarizes the highlights: Phipps collects no salary -- unlike the executive director of the Linux Foundation, who reportedly received over $300,000 in 2010. "We're a very small organization actually", Phipps said. "We have a board of directors of 11 people and we have one paid employee..." But he explains their importance by citing the controversy over Facebook's original licensing for React. "I think prior to that, people felt it was okay for there just to be a license and then for there to be arbitrary additional terms applied. I think that the consensus of the community has moved on from that."

Phipps is proud of the OSI's independence from corporate sponsors. "If you want to join a trade association, that's what the Linux Foundation is there for. You can go pay your membership fees and buy a vote there, but OSI is a 501(c)(3). That's means it's a charity that's serving the public's interest and the public benefit. It would be wrong for us to allow OSI to be captured by corporate interests." The article notes that most issues are resolved publicly, adding that one big concern is "freeware" -- proprietary software offered at no cost but erroenously marketed as open source. "In those cases, OSI definitely will reach out and contact the offending companies, and as Phipps says, 'We do that quite often, and we have a good track record of helping people understand why it's to their business disadvantage to behave in that way.'"

And he's also seeking warmer relations with the Free Software community. "As I've been giving keynotes about the first 20 years and the next ten years of open source, I've wanted to make very clear to people that open source is a progression of the pre-existing idea of free software, that there is no conflict between the idea of free software and the way it can be adopted for commercial or for more structured use under the term open source."
He cites the OSI's collaboration with the Free Software Foundation Europe on amicus briefs in important lawsuits, which he says address "significant issues, including privacy and including software patents...

"I hope in the future that we'll be able to continue cooperating and collaborating."

The newly-relaunched Linux Journal is conducting its annual "Reader's Choice Awards," and this month announced the winners for Best Text Editor, Best Laptop, and Best Domain Registrar. Vim was chosen as the best editor by 35% of respondents, handily beating GNU Emacs (19%) Sublime Text (10%) and Atom (8%). Readers' Choice winner Vim is an extremely powerful editor with a user interface based on Bill Joy's 40-plus-year-old vi, but with many improved-upon features including extensive customization with key mappings and plugins. Linux Journal reader David Harrison points out another great thing about Vim "is that it's basically everywhere. It's available on every major platform."
For best laptop their readers picked Lenovo (32%), followed by Dell (25%) and System76 (11%). The ThinkPad began life at IBM, but in 2005, it was purchased by Lenovo along with the rest of IBM's PC business. Lenovo evolved the line, and today the company is well known as a geek favorite. Lenovo's ThinkPads are quiet, fast and arguably have one of the best keyboards (fighting words!). Linux Journal readers say Lenovo's Linux support is excellent, leaving many to ponder why the company doesn't ship laptops with Linux installed.
In February readers also voted on the best web browser, choosing Firefox (57%) over Chrome (17%) and Chromium (7%). And they also voted on the best Linux distribution, ultimately selecting Debian (33%), open SUSE (12%), and Fedora (11%).

The newly-relaunched Linux Journal is conducting its annual "Reader's Choice Awards," and this month announced the winners for Best Text Editor, Best Laptop, and Best Domain Registrar. Vim was chosen as the best editor by 35% of respondents, handily beating GNU Emacs (19%) Sublime Text (10%) and Atom (8%). Readers' Choice winner Vim is an extremely powerful editor with a user interface based on Bill Joy's 40-plus-year-old vi, but with many improved-upon features including extensive customization with key mappings and plugins. Linux Journal reader David Harrison points out another great thing about Vim "is that it's basically everywhere. It's available on every major platform."
For best laptop their readers picked Lenovo (32%), followed by Dell (25%) and System76 (11%). The ThinkPad began life at IBM, but in 2005, it was purchased by Lenovo along with the rest of IBM's PC business. Lenovo evolved the line, and today the company is well known as a geek favorite. Lenovo's ThinkPads are quiet, fast and arguably have one of the best keyboards (fighting words!). Linux Journal readers say Lenovo's Linux support is excellent, leaving many to ponder why the company doesn't ship laptops with Linux installed.
In February readers also voted on the best web browser, choosing Firefox (57%) over Chrome (17%) and Chromium (7%). And they also voted on the best Linux distribution, ultimately selecting Debian (33%), open SUSE (12%), and Fedora (11%).

The newly-relaunched Linux Journal is conducting its annual "Reader's Choice Awards," and this month announced the winners for Best Text Editor, Best Laptop, and Best Domain Registrar. Vim was chosen as the best editor by 35% of respondents, handily beating GNU Emacs (19%) Sublime Text (10%) and Atom (8%). Readers' Choice winner Vim is an extremely powerful editor with a user interface based on Bill Joy's 40-plus-year-old vi, but with many improved-upon features including extensive customization with key mappings and plugins. Linux Journal reader David Harrison points out another great thing about Vim "is that it's basically everywhere. It's available on every major platform."
For best laptop their readers picked Lenovo (32%), followed by Dell (25%) and System76 (11%). The ThinkPad began life at IBM, but in 2005, it was purchased by Lenovo along with the rest of IBM's PC business. Lenovo evolved the line, and today the company is well known as a geek favorite. Lenovo's ThinkPads are quiet, fast and arguably have one of the best keyboards (fighting words!). Linux Journal readers say Lenovo's Linux support is excellent, leaving many to ponder why the company doesn't ship laptops with Linux installed.
In February readers also voted on the best web browser, choosing Firefox (57%) over Chrome (17%) and Chromium (7%). And they also voted on the best Linux distribution, ultimately selecting Debian (33%), open SUSE (12%), and Fedora (11%).

The newly-relaunched Linux Journal is conducting its annual "Reader's Choice Awards," and this month announced the winners for Best Text Editor, Best Laptop, and Best Domain Registrar. Vim was chosen as the best editor by 35% of respondents, handily beating GNU Emacs (19%) Sublime Text (10%) and Atom (8%). Readers' Choice winner Vim is an extremely powerful editor with a user interface based on Bill Joy's 40-plus-year-old vi, but with many improved-upon features including extensive customization with key mappings and plugins. Linux Journal reader David Harrison points out another great thing about Vim "is that it's basically everywhere. It's available on every major platform."
For best laptop their readers picked Lenovo (32%), followed by Dell (25%) and System76 (11%). The ThinkPad began life at IBM, but in 2005, it was purchased by Lenovo along with the rest of IBM's PC business. Lenovo evolved the line, and today the company is well known as a geek favorite. Lenovo's ThinkPads are quiet, fast and arguably have one of the best keyboards (fighting words!). Linux Journal readers say Lenovo's Linux support is excellent, leaving many to ponder why the company doesn't ship laptops with Linux installed.
In February readers also voted on the best web browser, choosing Firefox (57%) over Chrome (17%) and Chromium (7%). And they also voted on the best Linux distribution, ultimately selecting Debian (33%), open SUSE (12%), and Fedora (11%).

The newly-relaunched Linux Journal is conducting its annual "Reader's Choice Awards," and this month announced the winners for Best Text Editor, Best Laptop, and Best Domain Registrar. Vim was chosen as the best editor by 35% of respondents, handily beating GNU Emacs (19%) Sublime Text (10%) and Atom (8%). Readers' Choice winner Vim is an extremely powerful editor with a user interface based on Bill Joy's 40-plus-year-old vi, but with many improved-upon features including extensive customization with key mappings and plugins. Linux Journal reader David Harrison points out another great thing about Vim "is that it's basically everywhere. It's available on every major platform."
For best laptop their readers picked Lenovo (32%), followed by Dell (25%) and System76 (11%). The ThinkPad began life at IBM, but in 2005, it was purchased by Lenovo along with the rest of IBM's PC business. Lenovo evolved the line, and today the company is well known as a geek favorite. Lenovo's ThinkPads are quiet, fast and arguably have one of the best keyboards (fighting words!). Linux Journal readers say Lenovo's Linux support is excellent, leaving many to ponder why the company doesn't ship laptops with Linux installed.
In February readers also voted on the best web browser, choosing Firefox (57%) over Chrome (17%) and Chromium (7%). And they also voted on the best Linux distribution, ultimately selecting Debian (33%), open SUSE (12%), and Fedora (11%).

The newly-relaunched Linux Journal is conducting its annual "Reader's Choice Awards," and this month announced the winners for Best Text Editor, Best Laptop, and Best Domain Registrar. Vim was chosen as the best editor by 35% of respondents, handily beating GNU Emacs (19%) Sublime Text (10%) and Atom (8%). Readers' Choice winner Vim is an extremely powerful editor with a user interface based on Bill Joy's 40-plus-year-old vi, but with many improved-upon features including extensive customization with key mappings and plugins. Linux Journal reader David Harrison points out another great thing about Vim "is that it's basically everywhere. It's available on every major platform."
For best laptop their readers picked Lenovo (32%), followed by Dell (25%) and System76 (11%). The ThinkPad began life at IBM, but in 2005, it was purchased by Lenovo along with the rest of IBM's PC business. Lenovo evolved the line, and today the company is well known as a geek favorite. Lenovo's ThinkPads are quiet, fast and arguably have one of the best keyboards (fighting words!). Linux Journal readers say Lenovo's Linux support is excellent, leaving many to ponder why the company doesn't ship laptops with Linux installed.
In February readers also voted on the best web browser, choosing Firefox (57%) over Chrome (17%) and Chromium (7%). And they also voted on the best Linux distribution, ultimately selecting Debian (33%), open SUSE (12%), and Fedora (11%).

New submitter stikves writes: The Raspberry foundation has launched an incremental update to the Raspberry Pi 3 model B: Raspberry Pi 3 Model B+ . In addition to slight increase (200MHz) in CPU speed, and upgraded networking (802.11ac and Gigabit, albeit over USB2), one big advantage is the better thermal management which allows sustained performance over longer load periods. Further reading: TechRepublic, and Linux Journal.

Linux Journal: We started things off with Best Linux Distribution, and nearly 10,000 readers voted. The winner was Debian, with many commenting "As for servers, Debian is still the best" or similar. One to watch that is rising in the polls is Manjaro (7 percent), which is independently based on the Arch Linux. Manjaro is a favorite for Linux newcomers and is known for its user-friendliness and accessibility. And, now for the top three LJ winners: Debian (33 percent), openSUSE (12 percent), and Fedora (11 percent).

New submitter dataknife2 writes: LinuxJournal announced in Nov 2017 that they were going to cease publication; With some timely intervention by Private Internet Access they are going to be able to continue operation and are currently soliciting feedback for improving the magazine in the future. In a blog post, team at LinuxJournal wrote: Talk about a Happy New Year. The reason: it turns out we're not dead. In fact, we're more alive than ever, thanks to a rescue by readers -- specifically, by the hackers who run Private Internet Access (PIA) VPN, a London Trust Media company. PIA are avid supporters of freenode and the larger FOSS community. They're also all about Linux and the rest of the modern portfolio of allied concerns: privacy, crypto, freedom, personal agency, rewriting the rules of business and government around all of those, and having fun with constructive hacking of all kinds. We couldn't have asked for a better rescue ship to come along for us. In addition, they aren't merely rescuing this ship we were ready to scuttle; they're making it seaworthy again and are committed to making it bigger and better than we were ever in a position to think about during our entirely self-funded past.

Not too long after Linus Torvalds wrote his own Unix kernel, which he called Linux, in the summer of 1991, a magazine was founded by enthusiasts to focus on the operating system. For more than two decades Linux Journal has been an authority magazine on all things Linux, often cited by mainstream outlets, but it is now shuttering doors. In a blog post, Linux Journal's Carlie Fairchild writes: It looks like we're at the end, folks. If all goes according to a plan we'd rather not have, the November issue of Linux Journal was our last. The simple fact is that we've run out of money, and options along with it. We never had a wealthy corporate parent or deep pockets of our own, and that made us an anomaly among publishers, from start to finish. While we got to be good at flying close to the ground for a long time, we lost what little elevation we had in November, when the scale finally tipped irrevocably to the negative. Thanks for all the fish.

Jim Hall is celebrating the 23rd birthday of the FreeDOS Project, calling it "a major milestone for any free software or open-source software project," and remembering how it all started. An anonymous reader quotes Linux Journal: If you remember Windows 3.1 at the time, it was a pretty rough environment. I didn't like that you could interact with Windows only via a mouse; there was no command line. I preferred working at the command line. So I was understandably distressed in 1994 when I read via various tech magazines that Microsoft planned to eliminate MS-DOS with the next version of Windows. I decided that if the next evolution of Windows was going to be anything like Windows 3.1, I wanted nothing to do with it... I decided to create my own version of DOS. And on June 29, 1994, I posted an announcement to a discussion group... Our "PD-DOS" project (for "Public Domain DOS") quickly grew into FreeDOS. And 23 years later, FreeDOS is still going strong! Today, many people around the world install FreeDOS to play classic DOS games, run legacy business software or develop embedded systems...

FreeDOS has become a modern DOS, due to the large number of developers that continue to work on it. You can download the FreeDOS 1.2 distribution and immediately start coding in C, Assembly, Pascal, BASIC or a number of other software development languages. The standard FreeDOS editor is quite nice, or you can select from more than 15 different editors, all included in the distribution. You can browse websites with the Dillo graphical web browser, or do it "old school" via the Lynx text-mode web browser. And for those who just want to play some great DOS games, you can try adventure games like Nethack or Beyond the Titanic, arcade games like Wing and Paku Paku, flight simulators, card games and a bunch of other genres of DOS games.
On his "Open Source Software and Usability" blog, Jim says he's been involved with open source software "since before anyone coined the term 'open source'," and first installed Linux on his home PC in 1993. Over on the project's blog, he's also sharing appreciative stories from FreeDOS users and from people involved with maintaining it (including memories of early 1980s computers like the Sinclair ZX80, the Atari 800XL and the Coleco Adam). Any Slashdot readers have their own fond memories to share?

Long-time Slashdot reader emil writes about how ADUPS, an Android "firmware provisioning" company specializing in both big data collection of Android usage and hostile app installation and/or firmware control, has been found pre-loaded on Barnes and Noble's new $50 tablet: ADUPS was recently responsible for data theft on BLU phones and an unsafe version of the ADUPS agent is pre-loaded on the Barnes and Noble BNTV450. ADUPS' press releases claim that Version 5.5 of their agent is safe, but the BNTV450 is running 5.2. The agent is capable of extracting contacts, listing installed apps, and installing new apps with elevated privilege. Azzedine Benameur, director of research at Kryptowire, claims that "owners can expect zero privacy or control while using it."

An anonymous reader writes: "I didn't even know they gave out prizes," said a Brooklyn College CS professor, remembering how he'd learned that a demo of the Picat programming language won a $10,000 grand prize last month at the NYC Media Lab Summit. Professor Neng-Fa Zhou created Picat with programmer Jonathan Fruhman, and along with graduate student Jie Mei they'd created a demo titled "The Picat Language and its Application to Games and AI Problems" to showcase the language's ability to solve combinatorial search problems, "including a common interface with CP, SAT, and MIP solvers."

Mie tells the Brooklyn College newspaper that Picat "is a multi-paradigm programming language aimed for general-purpose applications, which means theoretically it can be used for everything in life," and Zhou says he wants to continue making the language more useful in a variety of settings. "I want this to be successful, but not only academically... When you build something, you want people to use it. And this language has become a sensation in our community; other people have started using it."

jrepin writes: Today, a child without access to a computer (and the Internet) at home is at a disadvantage before he or she ever sets foot in a classroom. The unfortunate reality is that in an age where computer skills are no longer optional, far too many families don't possess the resources to have a computer at home. Linux Journal recently had the opportunity to talk with Ken Starks about his organization, Reglue (Recycled Electronics and Gnu/Linux Used for Education) and its efforts to bridge this digital divide.

New submitter marxmarv writes If you search the web for communications security information, or read online tech publications like Linux Journal or BoingBoing, you might be a terrorist. The German publication Das Erste disclosed a crumb of alleged XKeyScore configuration, with the vague suggestion of more source code to come, showing that Tor directory servers and their users, and as usual the interested and their neighbor's dogs due to overcapture, were flagged for closer monitoring. Linux Journal, whose domain is part of a listed selector, has a few choice words on their coveted award. Would it be irresponsible not to speculate further?

Hugh Pickens DOT Com writes: "When Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. Now Klint Finley reports that Snowden also used The Amnesic Incognito Live System (Tails) to keep his communications out of the NSA's prying eyes. Tails is a kind of computer-in-a-box using a version of the Linux operating system optimized for anonymity that you install on a DVD or USB drive, boot your computer from and you're pretty close to anonymous on the internet. 'Snowden, Greenwald and their collaborator, documentary film maker Laura Poitras, used it because, by design, Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

The developers of Tails are, appropriately, anonymous. They're protecting their identities, in part, to help protect the code from government interference. 'The NSA has been pressuring free software projects and developers in various ways,' the group says. But since we don't know who wrote Tails, how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it's bad for the NSA, it's safe to say it's good for privacy. And all of the Tails code is open source, so it can be inspected by anyone worried about foul play. 'With Tails,' say the distro developers, 'we provide a tongue and a pen protected by state-of-the-art cryptography to guarantee basic human rights and allow journalists worldwide to work and communicate freely and without fear of reprisal.'"

theodp writes "You wouldn't select Linus Torvalds to be the public face for the 'Year of Basketball.' So, why tap someone who doesn't code to be the face of 'The Year of Code'? Slate's Lily Hay Newman reports on the UK's Year of Code initiative to promote interest in programming and train teachers, which launched last week with a Director who freely admits that she doesn't know how to code. "I'm going to put my cards on the table," Lottie Dexter told Newsnight host Jeremy Paxman on national TV. I've committed this year to learning to code...so over this year I'm going to see exactly what I can achieve. So who knows, I might be the next Zuckerberg." "You can always dream," quipped the curmudgeonly Paxman, who was also unimpressed with Dexter's argument that the national initiative could teach people to make virtual birthday cards, an example straight out of Mark Zuckerberg's Hour of Code playbook (coming soon to the UK). Back in the States, YouTube chief and Hour of Code headliner Susan Wojcicki — one of many non-coder Code.org spokespersons — can be seen on YouTube fumbling for words to answer a little girl's straightforward question, "What is one way you apply Computer Science to your job at Google?". While it's understandable that companies and tech leaders probably couldn't make CS education "an issue like climate change" (for better or worse) without embracing politicians and celebrities, it'd be nice if they'd at least showcase a few more real-life coders in their campaigns."

msevior writes "Although Linus Torvalds and some Slashdot commentators may disagree, GNOME 3 has many admirers. GNOME 3 was awarded the Linux Journal Readers' Choice award for 2011." Though I'm one of the complainers, I hope to be converted with the help of Gnome Shell extensions.

chrb writes "Linux Journal points out PLAYterm, an interesting project that offers up recordings of Linux command line sessions, with the aim of helping viewers to improve their skills by watching gurus at work." And there's no bad excuse to link to Neal Stephenson's excellent (and free-to-download in delicious zipped-text form) In the Beginning was the Command Line.

Mr_Perl writes "Linux Journal sent out an email to subscribers today announcing that they are going 100% digital. Subscribers signed on for a paper version of the journal, and now have been switched to an electronic version, apparently at the exact same subscription rate. No news yet on why they did it, and no sign of any offers to reimburse unused subscriptions for subscribers who are disappointed."

theodp writes "Doc Searls is worried about the way Google makes money. 'Nearly all of it comes from advertising,' he frets. 'That's what pays for all the infrastructure Google is giving to the rest of us. As our dependency on Google verges on the absolute, this should be a concern.' Have we reched Peak Advertising? Blogger Dave Winer says amen, asking if Google is already 'too big to fail.'"

Glyn Moody writes "Today is the birthday of Linus. Just under 19 years ago, on the first day the shops in Helsinki were open after the holidays, Linus rushed out and spent all his Christmas and birthday money on his first PC: a DX33 80386, with 4 Megs of RAM, no co-processor, and a 40 Megabyte hard disc. Today, the kernel he wrote on that system powers 90% of the fastest supercomputers, and is starting to find its way into more and more smartphones — not to mention everything in between. What would the world look like had he spent his money on something else?"

Glyn Moody writes "Two years after its launch, Google's Linux-based Android platform is finally making its presence felt in the world of smartphones. Around 20,000 apps have been written for it. Although well behind the iPhone's tally, that's significantly more than just a few months ago. But there's a problem: few of these Android apps are free software. Instead, we seem to be witnessing the birth of a new hybrid stack — open source underneath, and proprietary on top. If, as many believe, mobile phones will become the main computing platform for most of the world, that could be a big problem for the health of the free software ecosystem. So what, if anything, should the community be doing about it?"

Glyn Moody writes "The response to Google's Chromium OS has been rather lukewarm. But suppose it's just part of something much bigger: a netbook computer from Google that would cost absolutely nothing. Because all the apps and data are stored in the cloud, storage requirements would be minimal; screens are getting cheaper, and the emphasis on lean code means that a low-cost processor could be used. Those relatively small hardware costs could then be covered by advertising in the apps — after all, they are just Web pages. Interestingly, Google has not only rolled out advertising to more of its services recently, it has also started running AdSense ads in the desktop application Google Earth. Would you accept a free Google netbook — or is the price you would pay in terms of the company knowing even more about what you do on an hour-by-hour basis just too high?"

johanneswilm writes "Nicaragua is the second-poorest country of the Americas. It is now also the Latin American country with the most capable web-based information system for agriculture, thanks to open source software. ALBAstryde itself is open source, and it is based on Django and jQuery. It allows the user to play with the data, and its reach is further extended by a net of radio stations which are broadcasting the numbers to remote peasants, who thereby, for the first time ever, get up to date data on prices and general production levels in the country. The implementation for the ministry of agriculture of Nicaragua already contains live data."

Slashdot regular Bennett Haselton writes with his take on the news we discussed early this morning about the UK government's prosecution of two people who refused to disclose their encryption keys: "Is it possible to write a program that enables you to encrypt files without drawing suspicion upon yourself if anyone ever seizes your computer? No; a program by itself, no matter how perfectly written, couldn't do this because you'd still attract suspicion just for possessing the software. You'd need a social element driving the program's popularity until it gets to the point where people no longer look suspicious just for having the program installed. Here are some theories on how that could happen — but it would be a high bar to clear." Hit the link below for the rest of Bennett's thoughts.

Police in Britain have announced that two people have successfully been prosecuted under a UK law that forces defendants to give up their encryption keys and penalizes those who don't comply. Another UK woman's case had attracted attention two years ago, when the government demanded she give up her encryption keys after the police found encryption software on her computer, but the police say she was not one of the two defendant's charged. Is there a software solution to this problem — a way that people can encrypt files on their computers, without arousing the suspicion of law enforcement if the computers are seized?

File encryption, if properly implemented, is generally considered mathematically unbreakable. But to prevent suspicion falling on people just for encrypting files in the first place, requires a human solution as well as an engineering one. One way or another, some file encryption software would have to be in widespread use that has these two properties: (1) it's deployed on a large number of people's machines — not just a large absolute number, but a significant proportion of the total population, so that suspicion does not fall on people just for possessing the software — and (2) it should not be possible to tell the difference between machines where the users use the software regularly, and machines where the software has never been run. Then, and only then, would it be possible to use the encryption software on your machine, without anyone who seizes the machine having reason to think that you had ever encrypted anything at all.

(Of course, in a relatively free society, if law enforcement has probable cause to seize your machine in the first place, then they would presumably already have some evidence against you. But this would at least prevent police officers and judges from becoming more suspicious as a result of encryption software being present on your machine.)

Note that this is similar to the kind of problem that is normally solved with steganography, but by my reasoning, I don't think that using stego would actually gain anything in this situation. Whether you're talking about encryption software or stego software, if it's a program that not a lot of people have installed, then just by virtue of having it on your machine, you'll attract suspicion if your machine is seized. On the other hand, suppose you've cleared that hurdle and the software is installed on a lot of people's computers, so that just having installed it is not by itself grounds for suspicion. If it's stego, then you can embed the hidden data inside other images or videos, so that an intruder can't tell whether you've been using the software to hide anything (assuming the stego software is good enough that the intruder can't tell the images have been tampered with). But you could achieve the same thing with straight encryption software: just have every installation of the program create a "storage volume" file, where encrypted files will be stored. As long as a storage volume file with files embedded in it, is indistinguishable from a storage volume file that has never been touched, the presence of the storage volume file won't give you away.

I'm not actually aware of any encryption program that has that property: that for a given machine with the software installed, it's impossible to tell whether the software has ever been used to encrypt data. This is probably because this would normally not be a useful feature of an encryption program. The whole point of making it impossible to tell whether someone has used the program or not, is that people who have used the program would not attract undue attention to themselves as a result. But if the encryption program is only used by one thousandth of one percent of total Internet users anyway, then just the fact that a user has the program installed, would be enough to draw suspicion to the user if their computer is seized, so there's no benefit to concealing the fact that the program has been used. On the other hand, if the encryption program is installed on a significant proportion of users' machines anyway, then simply having the program installed is no longer grounds for suspicion. And that's when it would become a valuable feature for it to be difficult to tell whether the owner of the machine actually uses the encryption program or not.

This may be hard to implement correctly, and there are some tradeoffs that will have to be decided. For example, if the program creates a default "storage volume" file when it's installed, how big should that initial volume be? The problem with creating a small storage file initially and then letting it grow as encrypted files are added, is that this now makes it easy to tell who is using the program and who isn't — anyone whose storage file has grown beyond the default size, is using it to encrypt files (and is therefore a terrorist movie-downloading child pornographer, etc.). In order to avoid suspicion falling on people who use the program, the storage file would have to be the same size on everyone's computer. If you make it 1 GB, that wastes a lot of space on people's machines who aren't using it. On the other hand, if it's only 1 GB, it also means that users will only be able to store up to 1 GB of encrypted data — any more than that, and they'll have to expand the size of the storage file, thus calling attention to themselves if the machine is ever seized. And then, what about the fact that a large file which is created all at once, is normally not fragmented very much, but if the storage file is frequently modified, it is likely to become more and more fragmented — thus giving people a way to tell if the encryption program is being used frequently. (So you'd either have to deliberately create a very fragmented storage file by default on the first install, or create an unfragmented file on first install but then make sure to read and write from the file in a way that doesn't fragment it further.) I don't want to get too bogged down in implementation details. The point is just that you'd have to block all the possible ways that an intruder would be able to tell whether the software is used frequently — forget one thing, and you've given an intruder a way to identify people who are actually using the software to encrypt files.

A program called TrueCrypt achieves something close to this — TrueCrypt allows you to encrypt a storage volume with two different passwords, so that one password provides access to "innocent-looking" data, while the other password provides access to the data that you really want to keep secure. If someone is compelled to give up their password, they could provide only the password that unlocks the "innocent-looking" data — and there's no way, from examining the encrypted file, to tell that there is a second password guarding even-more secret data. (Of course, the "innocent-looking" data can't be truly innocent-looking, because it has to look like the kind of thing that someone would believe you might want to encrypt — so it should look suspicious enough that you would genuinely want to hide it, but not bad enough to get you in real trouble if you're forced to reveal it!) The Achilles heel of this scheme is that just having TrueCrypt on your computer in the first place, would at least signal to an intruder that you're encrypting files. And even if they can't prove that you might have another "super-secret password" guarding more private data on your encrypted volume, they would certainly suspect it, if they already had grounds to be investigating you and if they knew anything about how TrueCrypt works. To provide true plausible deniability of any encryption at all, you need a program that already exists on lots of people's machines, so that an intruder doesn't suspect anything when they find it on your computer.

(The same objection also applies to many other non-solutions to the problem, like using a Linux distro that encrypts your entire file system. Even assuming this would be within the technical means of the average person who wanted to do encryption, it's still going to look suspicious as long as the vast majority of people are not doing it.)

Which leads to the other half of the problem, which is getting the software widely deployed enough that it would not look suspicious for someone to have the program installed in the first place. Best of all for the purpose of avoiding suspicion, of course, would be for the program to come installed by default with a popular operating system. Windows XP and Vista have the built-in ability to encrypt folders, but anyone who seizes the machine can still see that you encrypted a folder, so this don't have the undetectability factor. Built-in deniable encryption of the kind that I'm describing, doesn't instinctively feel like the sort of thing that Microsoft would start bundling with its operating system. (Among other things, they might say that while companies often have business reasons for encrypting files, it's harder to think of a business case where employees would need to encrypt files and hide the fact that they were encrypting anything.)

Perhaps instead it could be bundled with a popular free software program beholden to no for-profit corporate masters. (My first thought was Firefox, but I was quickly told that Firefox was created specifically to strip out many of the features that had caused bloat in the original Mozilla project, and that any bundling of unnecessary tools would go against the whole ethos of the project.) Maybe a good place to include something like this would be the Google Pack — it's installed by lots of people, and currently doesn't have a file-encryption tool in the bundle. Beholden to for-profit corporate masters, yes, but ones that frequently declare "Don't Be Evil" and often seem to do cool stuff just to see what would happen.

Another possibility would be for a next-generation P2P program to bundle this capability with their software. This provides a nice dovetailing of interests — P2P users might want a way to hide the files that they've downloaded, while at the same time, intruders who seize the computer and found the P2P application installed, wouldn't necessarily suspect the owner of anything more than a little copyrighted file trading. "Well, he's got this NiftyP2P program installed, which comes with 'plausibly deniable' encryption, but most people use just NiftyP2P to download mp3 files and movies anyway. And I can't tell if he was actually using the encrypted file storage volume, because that's how 'plausibly deniable' encryption works. Is this the same guy who uploaded those subversive anti-government documents? I dunno."

Anyway, if you actually want to give people a way to run encryption software on their PCs, while ensuring that anyone who seizes their machine cannot tell that any encryption has been going on, these are the hurdles that you'd have to clear. I'm not sure whether this is better viewed as a blueprint for how to achieve this goal, or an argument for why it will probably never happen. There are lots of almost-solutions, like TrueCrypt with its ability to encrypt different sets of data into the same storage volume. But you still can't actually hide the fact that you're doing encryption in the first place.

(If you're willing to store your encryption software away from your computer, you could keep a steganography program on a CD or USB drive hidden in your house, and then whenever you need access to the encrypted data, plug in the program and use it to extract data that has been hidden in a large number of image or video files. That would achieve the goals I've outlined in the article: the ability to encrypt files, while still ensuring that anyone who seizes your computer won't be able to tell that you've encrypted anything. The problem is that it would require enough self-discipline to always return the CD or USB stick to its hiding place when you were done with it — and still, you'd have to hope that whatever authorities seize your computer, don't also search your house and find the CD or USB stick where you keep your stego software.)

Finally, risking the wrath of my civil-libertarian allies, I'll admit it may not actually be a positive thing for every citizen to be able to hide the fact from their local law enforcement that they're encrypting files on their computer. Many times if the police in a mostly-free country like the US or the UK seize a person's computer, they're trying to prevent real harm, and not every person with an encrypted file volume is a good guy. For some of the people who have left enough of an evidence trail that their computers get seized, it would be perfectly rational to view them with suspicion because of an encrypted volume found on their computer. But if you assume it's a worthwhile goal for people to be able to encrypt files without attracting suspicion, my argument is that the prerequisites in this article are necessary for that to work. At the moment it seems a long way off. But if someone created an encryption program with "deniability" — so that it was impossible to tell whether the program had ever been used after it was installed — and someone at Google thought "Hey, that's cool" and added it to the Google Pack, everything would change very suddenly.

pavithran writes "Does SAP, one of the largest business companies offering software solutions, support FOSS as a movement? Why is SAP looking at closed and open source in a similar way? This shows lot of ambiguity in SAP's attitude towards open source software. I found an interesting article in Linux Journal on whether SAP is an open source friend or foe, by Glyn Moody. Here's a quote from the article: 'For an outfit that calls itself "the world's largest business software company," the German software giant SAP is relatively little-known in the open source world. With 51,500 employees, a turnover of 11.5 billion euros ($16 billion) last year, and operating profits of 2.7 billion euros ($3.8 billion), SAP is clearly one of the heavyweights in the computer world. Given that huge clout, SAP's attitude to open source is important; and yet it is hard to tell whether it is really free software's friend or its foe. ... A company that wished open source well would back these ideas. One that really supported free software would also fight against software patents. So, while SAP's involvement in Eclipse and investment in open source companies is welcome — and pretty self-interested, it has to be said, given that it presumably hopes to make a profit on them — it's not really enough cancel out its unhelpful attitude and statements elsewhere. If it wants to be a serious, respected player in the world of open source, as befits its size, it must do better.'"

Glyn Moody writes "They might be, if a new European Commission consumer protection proposal, which suggests 'licensing should guarantee consumers the same basic rights as when they purchase a good: the right to get a product that works with fair commercial conditions,' becomes law. The idea of making Microsoft pay for the billions of dollars of damage caused by flaws in its products is certainly attractive, but where would this idea leave free software coders?"

viktor.91 writes "Sun Microsystems announced three new MySQL products: MySQL 5.4, MySQL Cluster 7.0 and MySQL Enterprise Partner Program for 'Remote DBA' service providers." which showed up in the firehose today next to Glyn Moody's submission where he writes "Michael Widenius, founder and original developer of MySQL, says that most of the leading coders for that project have either left Sun or will be leaving in the wake of Oracle's takeover. To ensure MySQL's survival, he wants to fork from the official version — using his company Monty Program Ab to create what he calls a MySQL "Fedora" project. This raises the larger question of who really owns a commercial open software application: the corporate copyright holders, or the community?"

Glyn Moody writes "Are there ever circumstances when software patents that require payment might be permitted by an open source license? That's the question posed by a new license that is being submitted to the Open Source Initiative (OSI) for review. The MPEG Working Group wants to release a reference implementation of the new MPEG eXtensible Middleware (MXM) standard as open source, but it also wants to be able to sell patent licenses. If it can't, it might not make the implementation open source; but if it does, it might undermine the fight against software patent proliferation."

Glyn Moody writes "There's been a spate of celebrations of Linux's 15th birthday recently. What they're really marking is the 15th anniversary of version 1.0. But do version numbers matter for free software? The 'release early, release often' approach means there's generally little difference between version 0.99.14z, say, and version 1.0. In fact, drawing attention to such anniversaries is misguided, because it gives the impression that free software is created in the same way as traditional proprietary code, working towards a predetermined end-point according to a top-down plan. So how should we be choosing and celebrating free software's past achievements?"

Glyn Moody writes "Thanks to the indispensable Wikileaks, we have the opportunity to see how an organization close to Microsoft is attempting to re-write — and hijack — an important European Union open source strategy paper, currently being drawn up. Analyzing before and after versions visible in the document demonstrates how the Association for Competitive Technology, a lobbying group partially funded by Microsoft, is trying to widen the scope of open source to include 'mixed solutions blending open and proprietary code.'" And reader Elektroschock adds some detail on EU processes: "The European Commission lets ACT and CompTIA participate in all working groups of the European Open Source Strategy, which defines Europe's future open source approach. A blue editor questions the objectives: 'Regarding the "Europe Digital Independence" our [working] group thinks it is, in general, not an issue.' 'European digital independence' is a phrase coined by EU Commissioner V. Reding, that is what her European Software Strategy was supposed to be about. She didn't reveal that lobbyists or vendors with vested interests would write the strategy for the Commission."

Thaidog submits word of a high-performance Linux kernel project called "LinuxDNA," writing "I am heading up a project to get a current kernel version to compile with the Intel ICC compiler and we have finally had success in creating a kernel! All the instructions to compile the kernel are there (geared towards Gentoo, but obviously it can work on any Linux) and it is relatively easy for anyone with the skills to compile a kernel to get it working. We see this as a great project for high performance clusters, gaming and scientific computing. The hopes are to maintain a kernel source along side the current kernel ... the mirror has 2.6.22 on it currently, because there are a few changes after .22 that make compiling a little harder for the average Joe (but not impossible). Here is our first story in Linux Journal."

vm writes "According to Mozilla and other sources, Firefox 2 and Gecko 1.8 will soon be left behind some time in mid-December. The end result: no future security or stability updates. This will affect Thunderbird 2, SeaMonkey 1.1, Camino 1.5, and any other projects based on Gecko 1.8. So, if you haven't already upgraded, there's no time like the present."

Meshach writes "Over at the Linux Journal, Doc Searles is noting that today marks 17 years since Linus posted to Usenet, starting Linux (post). As a Linux user at work and at home I say, thanks Linus!" The anniversary is also featured on the top page of the Encyclopedia Britannica.

PCWMike writes to tell us about the growing concern over the failure of OLPC to deliver laptops to some of its customers. PC World editor-in-chief Harry McCracken notes that record-keeping was poor for some of the people who paid via PayPal. A report on LinuxJournal also suggests that customer information was lost due to errors in the database software used by OLPC. Quoting PC World: "OLPC spokesperson Jackie Lustig acknowledges problems with the ordering and the fulfillment process, but says the biggest challenges are a short supply of XO laptops and the organization's ability to meet consumer demand for the XO laptop. Some also wonder whether chronic delivery problems for Give One, Get One donors may bode poorly for the 15 countries slated to receive nearly 500,000 XO notebooks. Lustig says delivering in bulk to just over a dozen countries is infinitely simpler than processing and delivering 80,000 individual laptops."

Virgil Tibbs writes "With the Launch of the BBC's iPlayer imminent, the BBC trust has agreed to hear the Open Source Consortium's concerns regarding the BBC iPlayer's tie in with Microsoft's software. The move by the BBC to use Windows Media DRM & their apparent lack of commitment towards other platforms has caused outrage in many circles and prompted several online petitions."

Nicholas Petreley writes, "Wake up little SUSE, wake up. No, that's not good enough. Wake up SUSE customers, wake up. Novell is jeopardizing the future of Linux for its own short-term rewards. If you want to see Linux flourish, let alone survive, after Novell's five year deal with Microsoft expires, I suggest we make an alternative five-year deal with Microsoft. In this case, our part of the deal is to spend the next five minutes, months, or years migrating away from every shred of Novell/SUSE software in our home, office, or enterprise."

walterbyrd writes "Linux Journal has published an article by Glyn Moody, about the Microsoft sponsored study: The Economic Impact of Microsoft Windows Vista (pdf). Apparently Moody feels that the economic effects of MS-Vista being delayed in Europe would not be as dire as Microsoft would have the world believe." From the article: "The implication is that the European Commission would be crazy to jeopardize these wonderful benefits by clipping the wings of this digital golden goose, or even grounding it completely. The white paper looks tremendously professional, and is filled with tables, bar and pie charts; it has suitably serious discussions of methodology, and even introduces a few measured caveats: who could doubt its conclusions? What makes this FUD so impressive is that this attention to detail obscures the sleight of hand that is going on here. The white paper may predict sales by the "Microsoft ecosystem" of over $40 billion in six of Europe's biggest economies, but what this figure hides is the fact that income for Microsoft and its chums is a cost for the rest of Europe."

jar writes "First came Fibre Channel, then iSCSI. Now, for the increasingly popular idea of using a network to connect storage to servers, there's a third option called ATA over Ethernet (AoE). Upstart Linux developer and kernel contributor Coraid could use AoE shake up networked storage with a significantly less expensive way to do storage -- under $1 per Gigabyte. Linux Journal also has a full description of how AoE works." Note that the LJ article is from last year; the news story is more recent.

David writes "Stephen Shipman delivers a very articulate and concise view of how Linux fits in server and end user environments. He expresses his view in response to Nicolas Petreley's 'rant' in Linux Journal. He points out the subtle implications of efficiency versus consistency." From the article: "[...] efficiency (as measured by keystrokes) isn't the only metric for ease of use. Consistency must also be taken into account. Microsoft has made a lot of hay (and green) by flogging consistency".

netcetra writes "From a post by on CircleID by Phillip J. Windley: 'Doc Searls has written a brilliant piece framing the battle for the Net at Linux Journal. ... if you take the time to read just one essay on the Net and the politics surround it this year, read this one.' Quote from Doc himself: 'This is a long essay. There is, however, no limit to how long I could have made it. The subjects covered here are no less enormous than the Net and its future. Even optimists agree that the Net's future as a free and open environment for business and culture is facing many threats. We can't begin to cover them all or cover all the ways we can fight them. I believe, however, that there is one sure way to fight all of these threats at once, and without doing it the bad guys will win. That's what this essay is about.' Also see additional background on the piece on Doc Searls blog."

Bubblehead asks: "A few years ago, everybody was talking about returning their copy of Windows to receive a refund. I plan on buying a Laptop shortly, and most manufacturers still insist on shipping it with some version of Windows. I was wondering what the state of the affairs is - there isn't that much information on the net. The most prominent piece of information is this 2003 Linux Journal Report outlining how the author had to go to small claims court to receive a refund. Any experiences - especially with vendors that do not offer an alternative?"