Slashdot Mirror

sootman writes "O'Reilly's ONLamp site has a neat two-part series on building a netboot server and diskless workstations with FreeBSD. Nothing too earthshaking but it's always an interesting topic and it's nice to see a new writeup on it every so often."

An anonymous reader writes "ONLamp.com Security section has published an interesting interview with Salvatore Sanfilippo, the author of hping. Among other things, it talks about nmap, idle-scan, and low level network analisys with simple Tcl scripts."

Alex Moskalyuk writes "'Open source is great, but where do we start?' This is probably one of the most frequently asked questions in the corporate world when CIOs are faced with the need to choose between open and proprietary solutions. How do you figure out when it's feasible to implement an open source solution? Are there any support or training options if the solution does get approved, or if the project chosen was an alpha version developed by some student, who's away for the summer? Bernard Golden from NavicaSoft has probably heard the same questions too often, and then decided to write the book." Read on for prostoalex's review. Succeeding with open source author Bernard Golden pages 272 publisher Addison-Wesley Professional rating 7 reviewer Alex Moskalyuk ISBN 0321268539 summary IT manager's guide into implementing an open-source solution

Implementing an open source solution requires a different approach from the buyer's point of view: There is no salesperson you'll get a call from, there are no license agreements to sign and no serial numbers to enter. Access to the software is simplified, but sometimes there are few pointers about what to do next.

Golden takes the reader through different aspects of dealing with open source technologies. As one can see from the table of contents, the information is presented from the business professional's point of view. This title is for an IT manager, not developers or IT personnel who might be using open source products already and feel strongly about them. The basic question that the book explores is this: When does it make sense for an organization to implement an open source product? How do you evaluate the product's maturity, functionality, ease of use, support infrastructure and documentation quality so that running open source within the organization starts making sense?

Golden's answer is the Open Source Maturity Model (OSMM), which the author developed himself. The model asks the IT manager to evaluate the software, support, training options, documentation, integration and professional services on 10-point scale. If the technology ranking reaches a certain score (which highly depends on the userbase), then it will make sense to implement it.

For example, on page 144, when the author discusses software support options, he suggests assigning 6 points for excellent community support, 3 points for available paid support and 1 point for availability of self-support (i.e., an employee who understands the product). So on the next page JBoss gets 6 points for community support (very helpful and respectful forums), 2 points for commercial support (since it was e-mail and phone only, and no on-site support) and 0 points for self-support (since no one within the organization stepped up to claim herself as JBoss expert).

JBoss is the prime example used by the author throughout the chapters, and turns out to be quite a convenient choice -- the company offers commercial support, training and documentation for an open-source product. Golden's model is supposed to help IT managers distinguish high-quality open source projects from 0.0.1 version, so widely available on SourceForge.

The book's primary market is business professionals and IT managers who would probably benefit from having a formal evaluation model instead of relying on pure gut feeling. Despite the book's ambiguous title, it's not a manual on how to create your own business with open-source products. Some chapters will be helpful for figuring that out (Chapter 2 talks about business models in the open source world), but it's mostly for people who are implementing rather than developing open source products. The language is somewhat dry, but if your weekly reading requires CIO Magazine, you're probably used to that.

Something I think the author would have done well to include is a collection of in-depth case studies on open source implementations. There's some data on Sabre and Charles Schwab running successful businesses on open-source infrastructure, but the details are not there. While certain companies publish hundreds of case studies to prove that their products will either save money or allow the customer to make more, the success stories are not that frequently publicized in the open source world. Having such material in the book would provide a confidence booster for an IT manager, I think.

The last chapter or the first appendix is where I would expect to find information on solid open-source products suitable for corporate deployment. I mean, if the evaluation model is introduced, why not list the most prominent projects out there for quick reference? The highest-ranked open-source operating system, office suite, corporate messaging system, accounting and tax package, etc.?

Overall the book is pretty good for a manager who has heard of open source, but has not read too much into it. Chapter 1 in PDF format is available from Addison Wesley site. Golden also wrote an article for OreillyNet that deals with bringing open source into the organization. There's also an interview with the author on TechTarget.

You can purchase Succeeding With Open Source from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jpkunst writes "John Viega (coauthor of a.o. Building Secure Software) argues in Open Source Securitey: Still A Myth at O'Reilly's onlamp.com that "open source software may currently be less secure than its commercial counterparts.". According to him, there may be "more eyeballs" looking at open source software, but he does not believe those eyeballs are looking for security problems in a structured way."

lowks writes "A nice little interview from the ONLamp BSD advocacy page where we get to peer a little into the goings ons and updates as well as plans for DragonFlyBSD. Highlights include the rationale behind DragonFlyBSD and peeks into the current engine as well as goodies planned to be implemented in the future versions. DragonFlyBSD is another flavour of BSD which forked from the FreeBSD 4.x branch not too long ago. It's headed by Matt Dillon, who forged out on his own and started DragonFlyBSD due to technical differences with the FreeBSD team ."

lowks writes "A nice little interview from the ONLamp BSD advocacy page where we get to peer a little into the goings ons and updates as well as plans for DragonFlyBSD. Highlights include the rationale behind DragonFlyBSD and peeks into the current engine as well as goodies planned to be implemented in the future versions. DragonFlyBSD is another flavour of BSD which forked from the FreeBSD 4.x branch not too long ago. It's headed by Matt Dillon, who forged out on his own and started DragonFlyBSD due to technical differences with the FreeBSD team ."

SonOfGates writes "Well, the Aussies have invaded Boston but at least they're not throwing tea into the harbor. AU-based nonprofit CAcert Inc has spent the last few days at USENIX '04 registering new users by the truckload. They bill themselves as a 'Community-Based CA.' Could this be the begining of a true 'open' certificate authority? See the O'Reilly story and press release."

jpkunst writes "An interesting interview at the O'Reilly Network with Andy Hunt and Dave Thomas, authors of The Pragmatic Programmer, who recently started their own publishing company. Many topics are covered. Dave has this to say about outsourcing: 'To get job security, developers need to position themselves as highly effective business-value generators, working with the rest of the company to solve common goals. If you sit in your cube waiting for a spec to be thrown over the wall, then you may be in for a wait -- that spec might be in an envelope on its way to Bangalore'"

Tarantolato writes "The Eclipse Foundation has released version 3.0 of its open-source Java-based IDE. Eclipse backers like IBM say the program offers not only increased productivity and ease of use, but also a plugin-based architecture for creating 'rich client' applications with the networking capabilities of web-based apps and the persistence and native widgets of desktop applications. The Lotus Workplace platform is already Eclipse-based. Some in the Java community, however, are concerned with Eclipse's use of SWT rather than the standard Swing widget set, and some analysts think that project is part of a 'broader challenge to Microsoft's entire .Net development framework' from IBM. Meanwhile, Eclipse executives are attempting to woo Microsoft into joining the foundation."

nickirelan writes "Why Learning Assembly Language Is Still a Good Idea by Randall Hyde -- Randall Hyde makes his case for why learning assembly language is still relevant today. The key, says Randall, is to learn how to efficiently implement an application, and the best implementations are written by those who've mastered assembly language. Randall is the author of Write Great Code (from No Starch Press)."

An anonymous reader writes "ONLamp.com has published a very long interview with 6 OpenBSD's PF developers: Cedric Berger (cedric@), Can Erkin Acar (canacar@), Daniel Hartmeier (dharmei@), Henning Brauer (henning@), Mike Frantzen (frantzen@) and Ryan McBride (mcbride@). Start reading from the first half and continue with the second part."

An anonymous reader writes "ONLamp.com has published a very long interview with 6 OpenBSD's PF developers: Cedric Berger (cedric@), Can Erkin Acar (canacar@), Daniel Hartmeier (dharmei@), Henning Brauer (henning@), Mike Frantzen (frantzen@) and Ryan McBride (mcbride@). Start reading from the first half and continue with the second part."

An anonymous reader writes "ONLamp.com has published a very long interview with 6 OpenBSD's PF developers: Cedric Berger (cedric@), Can Erkin Acar (canacar@), Daniel Hartmeier (dharmei@), Henning Brauer (henning@), Mike Frantzen (frantzen@) and Ryan McBride (mcbride@). Start reading from the first half and continue with the second part."

Some anonymous readers wrote in to let us know about a couple of different interviews in the OpenBSD and NetBSD communities. O'Reilly's ONLamp has an interview with OpenBSD's Marc Espie, who maintains a good share of OpenBSD's build tools, as well as having made numerous contributions to the project. OSDN's own NewsForge also has a interview with NetBSD's Luke Mewburn of the NetBSD Core Group.

Edd Dumbill writes "Miguel de Icaza and the Mono team recently hosted a two day open meeting in Boston. O'Reilly have just published my report of the meeting. Highlights include Miguel's view that 'C is dead!' and the Mono approach to dealing with Microsoft patents on .NET."

honestpuck writes "After many years bashing my head against sendmail in all it's gory details I had amassed a fair amount of knowledge and documentation on handling the Mail Transfer Agent (MTA) in Linux and Mac OS X. This caused a fair amount of teeth gnashing when I discovered it had gone the way of all flesh in OS X Panther to be replaced with Postfix." To un-gnash his teeth, honestpuck used Kyle D. Dent's Postfix: The Definitive Guide (published by O'Reilly); read on for his review of the book. Postfix: The Definitive Guide author Kyle D. Dent pages 260 publisher O'Reilly and Associates rating 8/10 - Excellent book, a little thin on details in a few places reviewer Tony Williams ISBN 0596002122 summary An excellent guide to installing, configuring and running Postfix

Fortunately, my first needs were simple and I came to realise that Postfix was a much easier system to install and maintain. Now that my needs are more complex, I was glad when this book hit my desk at exactly the same time as I started upgrading the corporate servers from Mac OS 9 to OS X Server.

Postfix: The Definitive Guide seems to fit the bill. It is a well-written and well-constructed guide to mail systems in general and Postfix in particular. (Oh, and speaking of definitive, could someone at O'Reilly provide a definitive answer to both reviewers and their own editors as to that colon? This is the second 'Definitive Guide' I've reviewed in as many months, and they are sprinkled with instances of each book's title, sometimes including that colon, sometimes leaving it out.)

The book starts with a good overview of the underlying technology in Chapters 1 and 2. I can't blame Dent for my slight confusion in the section on addresses and headers - having RFC822 superseded by RFC2822 was just a little too much coincidence for this particular "bear of little brain." He then follows it with a chapter discussing Postfix's architecture, important since Postfix uses a much more modular approach than the sendmail monolith, with each part of the mail handling process a different executable and the single queue turned into five.

Once the background is well covered, Dent then gets onto the nitty-gritty of configuring and administering Postfix. He has certainly covered everything I needed, including spam handling, multiple domains, relaying, SASL authentication and using LDAP. Once I'd finished grokking all that, and getting it integrated into my servers, I had a corporate email system up in three sites that replaced and improved upon a couple of thousand dollars worth of proprietary dreck. Happy is an understatement.

Dent's writing is sometimes a little patchy, though never bad. The technical detail does seem overpowering in places, though, and I occasionally found myself reading a section through more than once with a configuration file open in front of me. There are certainly spots where a little more hand holding and care with the writing would have been appreciated. (If you are a little more cognizant of the interstices of mail systems then you may not have the same problem.)

I did, however, appreciate the appendices enormously. The four appendices cover configuration parameters, Postfix commands, installation, and an FAQ. My system came with Postfix compiled and installed just as I required it so I didn't get a chance to thoroughly test out Dent's installation procedure (though it looks good); the other three continue to be useful.

If you want to have a look for yourself, then the usual O'Reilly page is complete with a table of contents and index, but this time no example chapter is provided (how come, O'Reilly?). You can also get an expanded version of the FAQ in Appendix 4 from Dent's website. A better example of Dent's writing style is an excellent article on troubleshooting with Postfix logs at O'Reilly's Onlamp.com.

This is an excellent book, Dent has explained the underlying methodology and use of Postfix well, taken the reader through all aspects of this MTA system and explained both the why and the how. I would recommend this book (and, as a result Postfix) to anyone looking for an MTA and a guide to configuring and running it.

You can purchase Postfix: The Definitive Guide from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jpkunst writes "A thought-provoking article by chromatic on oreillynet, listing eight "myths" that Open Source developers tell themselves. For example: Myth: Publicly releasing open source code will attract flurries of patches and new contributors. Reality: You'll be lucky to hear from people merely using your code, much less those interested in modifying it."

BSD Forums writes "Bad guys in the movies all keep their wall safes hidden behind paintings. Is there a metaphor in there for your sensitive files? OnLamp's Dru Lavigne explores steganography, or hiding secret messages in images or sounds, with the outguess and steghide utilities on FreeBSD."

Alexander Limi writes: "The winners of the O'Reilly "Open Source Goes to COMDEX" Contest have been announced. The lucky ones are: GNOME, KDE, OpenOffice, Zope, GIMP and our own project, Plone. Congratulations to all the deserving projects! Check out the announcement here."

BSD Forums writes "Kernel programming sometimes feels like a dark art where application programmers should never venture, but sometimes it's the right way to solve a problem. (Oh, and it's also very interesting.) One of the easiest places to start is by adding a new system call to a kernel. Kevin Lo explains how and why, with the OpenBSD kernel in this OnLamp article."

BSD Forums writes "This OnLamp article by Miod Vallat describes how the m88k-specific backend of the GNU C compiler, gcc, was fixed, from the discovery and analysis of the problems to the real fixing work. Since it started with almost zero gcc internals knowledge, it should be understandable by anyone able to read C code, and proves that diving into gcc is not as hard as one could imagine."

BSD Forums writes "Anyone who has worked with any BSD knows that the base operating system doesn't include many programs that most people use in day-to-day work. Unless you only need vi and ssh, you must install additional software to make your palmtop useful and comfortable. OnLamp's Michael Lucas says that if you're running a palmtop -- or, indeed, any sort of small hardware with NetBSD installed -- you'll probably want to expand the system."

chromatic writes "The O'Reilly Network has just published an interview with Paul Vixie, chairman of the board of the Internet Software Consortium and a primary author of BIND. Topics include the recent VeriSign controversy, ISC's BIND patch in response, and other potential issues that might come to light in the near future." On a related note, dmehus writes with a link to the letter sent by David Maher, chairman of the Public Interest Registry -- the .org registrar, to ICANN President and CEO Paul Twomey. "The letter says that it supports ICANN's call for VeriSign to voluntarily suspend SiteFinder and the Internet Architecture Board preliminary position paper. It goes on to say that PIR will not be implementing any DNS wildcard to the .ORG zone. It urges ICANN to stand its ground, but also to implement a policy preventing registries from taking this kind of unilateral action in the future." The letter is in .doc format, but AbiWord and OpenOffice.org both open it fine.

BSD Forums writes "One of FreeBSD's biggest benefits is its ports collection. It seems like magic, but a little maintenance can make it work even better for your system. Dru Lavigne explains how to keep your ports collection clean and how to customize individual ports."

chromatic writes "ONLamp has just published an interview with Andrew "Bunnie" Huang, author of Hacking the Xbox. Bunnie discusses the effect of the DMCA on his work and the state of Xbox hacking as he sees it."

BSD Forums writes "A common security breach involves exploiting one application to gain access to another. Keeping separate applications separate can limit the potential damage. OnLamp's Mike DeGraw-Bertsch explains how FreeBSD's jails can help secure necessary applications."

BSD Forums writes "A common security breach involves exploiting one application to gain access to another. Keeping separate applications separate can limit the potential damage. OnLamp's Mike DeGraw-Bertsch explains how FreeBSD's jails can help secure necessary applications."

BSD Forums writes "In her previous article, OnLamp's Dru Lavigne took a look at the built-in utilities that can be used to manage the FreeBSD ports collection. In this article, she'd like to continue in that vein. She takes a look at portupgrade, a feature-rich port designed to help you get the most out of the ports collection."

BSD Forums writes "On March 3rd, 2003, Internet Security Systems, in cooperation with the Department of Homeland Security, issued a warning regarding a hole found in Sendmail. The warning, echoed by CERT, warned system admins that any version lower than 8.12.8 was vulnerable to a serious root exploit. Sendmail has a long history of security holes, most of which have been thoroughly documented on security sites. While Sendmail runs half the mail servers in the world, there are smaller and easier-to-use mail transfer agents (MTAs). Network administrator Glenn Graham demonstrates how Postfix gives you most of the power with a fraction of the pain."

BSD Forums writes "The Unix permissions model has worked for decades due to its flexible simplicity. It's not the only approach, though. FreeBSD 5.0 supports Access Control Lists, which allow for more flexible permissions. Daniel Harris explains what ACLs can make easier."

Qa1 writes "Guido von Rossum, creator of Python, was recently interviewed by the folks at O'Reilly Network. In this interview he discusses his view of the future of Python and the Open Source community and programming languages in general. Some more personal stuff is also mentioned, like his recent job change (including the Slashdot story about it) and a little about how he manages to fit developing Python into his busy schedule."

Qa1 writes "Guido von Rossum, creator of Python, was recently interviewed by the folks at O'Reilly Network. In this interview he discusses his view of the future of Python and the Open Source community and programming languages in general. Some more personal stuff is also mentioned, like his recent job change (including the Slashdot story about it) and a little about how he manages to fit developing Python into his busy schedule."

BSD Forums writes "One of FreeBSD's biggest benefits is its ports collection. You can go years without learning more than just make install clean, but there are dozens of features built into the ports tools. OnLamp's Dru Lavigne demonstrates several of these tricks to simplify your life."

BSD Forums writes "One of FreeBSD's biggest benefits is its ports collection. You can go years without learning more than just make install clean, but there are dozens of features built into the ports tools. OnLamp's Dru Lavigne demonstrates several of these tricks to simplify your life."

theodp writes "After exchanging e-mail with mainframe software pioneer Mario Morino, Tim O'Reilly writes 'It's important for the open source community to look more at the software heritage of the mainframe era.' O'Reilly might want to take a look at how Marino's own MICS software has been used since the 80's to automatically charge IBM mainframe users for printed material that could be ordered from PC clients with a single action by using billing and shipping information that was previously stored on a Mainframe server. The whole process might seem oddly familiar."

BSD Forums writes "Dustin Puryear attended the USENIX Annual Technical Conference (ATC) this year in San Antonio, Texas and presents this report. USENIX offers attendees an interesting mix of papers and talks by academia, well-known industry professionals, and researchers working for companies across the world. What exactly did he really learn from this conference? He says research is as strong as ever within USENIX and open source communities. Samba is making significant progress with the ever emerging Active Directory networks. FreeBSD is emerging as one of the few key OSes of choice for web hosting. Finally, he says that Microsoft is competing for server business with their Microsoft Windows Services for UNIX products."

BSD Forums writes "'Of course it runs NetBSD.' NetBSD is fantastically portable, but that doesn't make it supremely easy to install on oddball hardware like a Dreamcast or a palmtop computer. Michael Lucas demonstrates cross-installation with the HP Jornada."

chromatic writes "Perl programmers like punctuation. Python programmers like indentation. Every programming language has its own syntax, stemming from its philosophy. What I Hate About Your Programming Language examines the issues that shape languages as they grow. It's not advocacy, I promise."

BSDForums writes "On all but the smallest TCP/IP network, it's handy to configure network information for computers automatically. That's what DHCP does. It's easy to act as a DHCP client, but configuring a server is a little trickier. Dru Lavigne introduces DHCP and explains what you need to know to setup a simple DHCP server."

BSDForums writes "Open source never stands still. Even the flexible and mature BSDs are continuing to evolve. In this article, Michael Lucas looks at the NetBSD upgrade process, demonstrating the most common steps to stay abreast of the current source code. This article isn't a comprehensive tutorial that covers every possible situation; rather, it covers the most common situation: updating your source with CVS, building that source code, and installing it on the build machine."

Anonymous Coward writes "Onlamp.com publishes the sixth paper of Emmanuel Dreyfus's series on NetBSD's IRIX binary compatibility implementation. This time, this is about reverse engineering IRIX multithreading and the odd virtual memory features involved with it. It's an adventure at kernel and userland boundaries, with a debugger as the sole weapon. A must read!"

Anonymous Coward writes "Onlamp.com publishes the sixth paper of Emmanuel Dreyfus's series on NetBSD's IRIX binary compatibility implementation. This time, this is about reverse engineering IRIX multithreading and the odd virtual memory features involved with it. It's an adventure at kernel and userland boundaries, with a debugger as the sole weapon. A must read!"

Anonymous Coward writes "Onlamp.com publishes the sixth paper of Emmanuel Dreyfus's series on NetBSD's IRIX binary compatibility implementation. This time, this is about reverse engineering IRIX multithreading and the odd virtual memory features involved with it. It's an adventure at kernel and userland boundaries, with a debugger as the sole weapon. A must read!"

BSDForums writes "OpenBSD has a well-deserved reputation for fanatical security. Why is the U.S. military funding it? What do you get out of it? Cameron Laird and George Peter Staplin investigate and talk to Theo de Raadt, the creator, overseer, and taskmaster of the OpenBSD project!"

Slashback tonight brings a few followups to recent Slashdot postings on the fate of model rocketry in the new, hypercautious America; a few Python gatherings for those who prefer that language to Perl; and a response from Los Alamos to recent claims of lax security. Enjoy!

Besides which, it's the hidden cameras that matter. An anonymous reader adds this followup to the story posted last month about Wired reporter Noah Shachtman's account of sneaking into classified areas at Los Alamos national Laboratory.

"In an email message to all Los Alamos National Laboratory employees, Pete Nanos, the current Director of LANL, responded with information suggesting that the Wired reporter who thought he had broken in to a 'top secret area' had in fact just crossed a cattle fence:

'The Wired reporter clearly did not enter a Laboratory security area. The Laboratory encompasses more than 40 square miles. The security force protects important assets within those boundaries but cannot -- and does not -- protect every square foot of property. Based on the article, it appears the reporter crossed a barbed-wire cattle fence, not a fence that protects a Los Alamos security area.
There is a small security area with several buildings (roughly 400 feet by 400 feet) near the driveway entrance to TA-33. That area is surrounded by a seven-foot-high chain-link fence topped with three strands of barbed wire. A security guard is stationed inside that area seven days a week and 24 hours a day. Clearly, the reporter did not climb that fence.
There are several other buildings outside the security area that are locked for property protection interests. They have no security interests. There are several gates and fenced areas on the TA-33 site, which are there for safety access control, not security.
It's unlikely the reporter would be prosecuted for trespassing; the Laboratory does not have law enforcement authority to prosecute, and none of the proper authorities witnessed the trespass.'"

Perhaps we can have a celebrity deathmatch. hfastedge writes "Ok, now that 2 perl conferences have been mentioned, I've been brought over the edge. Python is a language that is just as old, and arguably better from: most importantly a uniform standard of readability (enforced by using whitespace to delimit blocks (instead of {}), by avoiding overuse of cryptic symbols, and by a culture that strives to keep innovations as "pythonic"), and a rich development community. Anyway, normally, there are Python events in Europe, and a trail at O'Reilly's OSCON. But now, there is a far cheaper event taking place on March 24-28 in Washington DC: http://python.org/pycon/.

Examples of Python in action: 0, 1, 2, 3, 4, 5, 6, 7"

Fly up go phhhhhwwwtttpffffff .... MyNameIsFred writes "Slashdot recently discussed whether anti-terrorism laws would destroy model rocketry. The government has ruled, and the message is clear, "When it comes to the hobby of model rocketry, size does matter. And in this case, the magic number is 62.5 grams. That's the largest amount of propellant a single model rocket engine can have in it and still be exempt from a new set of federal rules that will go into effect May 24." What does this mean for the the big guys in model rocketry, who use engines larger than this?"

lisam writes "Rob Flickenger shows how to become your own Certificate Authority, and sign your own, or others', SSL certificates in this onlamp.com article. (He also manages to mention fnords and deny responsiblity for the Microsoft Corporation cert snafu.)"

chromatic writes "Howard Wen has written two pieces on Falcon's Eye (an alternate interface for Nethack). The first is a description of Falcon's Eye and its features. The second is an interview with Jaakko Peltonen, the project's creator."

chromatic writes "Following up on an earlier story on NetBSD's fledgling Mach and Darwin binary compatibility layer, I've interviewed Emmanuel Dreyfus, who leads the project. The key questions are "what is it?", "what is it not?", and "what does it mean?""

chromatic writes "Several of the trends that make open source development possible are affecting other programming worlds. I've written an article about independent game development. Perhaps the gaming industry is ready for the craftsman-team approach."

chromatic writes "Rafael Garcia-Suarez has just penned an article about adopting Subversion for multi-user projects. (He also has a previous article on Single-User Subversion). With the recent release of Subversion 0.16 (see the File sharing link), the successor to CVS looks very good."