Slashback: NWLink, Vivendi, Gatherings

Slashback updates and clarifications regarding recent posts on CodeCon, the rumored takeover of Vivendi by Microsoft, SDF, DDoS and NWLink (and IRC and AUPs), and more. Read on for the details, I'm out of letters.

"Uhh ... isn't this the 'Slammer'?" An anonymous reader writes "According to the BBC, two people suspected of creating the Slammer worm have been arrested in a combined operation by the FBI and the UK's National Hi-Tech Crime Unit. The raids in the UK resulted in the seizure of two men, aged 19 and 21, accused of being members of a hacker group that calls itself THr34t-Krew."

Gather together, hoist a few drinks. We've made a few mentions of this year's CodeCon; Len Sassaman writes "The schedule for CodeCon 2.0 is now online. CodeCon is already starting to get some media attention. There's less than two weeks left to register at the reduced rate, and conference seats are filling up quickly.If this conference is anything like its predecessor, expect to see some of the most interesting new technology of the coming year discussed."

And a slightly different type of gathering: Tony Stanco writes: "The agenda is up for the March 17-19 Open Source in Government conference and the free registration is now open. Please see www.eGovOS.org.

It promises to be another educational and exciting event with over 120 sessions and the keynote from the White House. Even Microsoft is trying to directly engage the community at this conference."

On the count of three, everyone shrug at once. In January, I posted a link ("far from confirmed") about the possibility that Microsoft would buy Vivendi. Now, Yagdrasil writes "USA today is reporting that the Microsoft buyout of Vivendi's game division (which includes Blizzard) was a hoax. It looks like the hoax originated from a student at Purdue."

But the EOLs are nearly upon us! Flee! Wister285 writes "Mandrake announced that they are going to stop updating the packages of 'legacy products.' It seems as though they took their cue from Red Hat and their continuing financial problems. I was a little surprised though about how short the support periods will be. Mandrake 9.0 will be considered obsolete September 30, 2003 (for desktop) and March 31, 2004 (for the base). This brings up two questions. First of all, do distros release too often thus creating too many versions to maintain? Secondly, how much faith do you have in the upgrade feature of install?"

I hope it features a dunk tank and some perpetrators. The ongoing war on spam continues; here's your chance to influence its direction (or at least to hear about what's going on in that sphere), even if you missed the conference at MIT. wayne writes "The Federal Trade Commission (FTC) announced today that they will be holding a three day public SPAM workshop in the end of April. I wonder if they will get an overflow crowd they way the MIT SPAM conference did. I hope they also make streaming video available."

Bandwidth is expensive. ndogg writes "NWLink.com has posted a response to the events that have happened in regards to SDF. In short, they say that they support SDF and what it is doing, however, the DDoS attack over the last three weeks has been costing them a lot of money."

fonixmunkee puts it differently: "The message is an interesting read, to say the least. instead of working the issue, NWLink's apparent (unofficial) solution to combating DDoS'es is to simply terminate the subscriber's connection. with all the slammer worms & Code Reds nowadays, NWLink should have no more customers left in about 2 years."

Legal liability is expensive, too. Tom Allender writes "irc-chat.net has announced a more restrictive Acceptable Use Policy after being contacted by the MPAA. They also refer to DALnets AUP changes mentioned here recently."

Sorta like that with Debian

[dmaxwell]

I was running Woody on my desktops when it was testing and when testing became Sarge it really didn't matter as far as my machines were concerned. Like many people who use Debian on desktops, my machines are always somewhere between Sid and Testing with the odd non-official package here and there. For the most part it is the scenario you have in mind. I think you're right in that it would be nice for a paid support model as well.

I imagine its a similar experience on ports based BSD systems and Gentoo.

I can think of some things that would make a lot of the people here bitch though. Such a distribution would have to hang back 6 months or so from OSS/Free's bleeding edge. If say, an engine for vector graphics on the desktop comes out for XFree86, the distro won't be able to include it until it's solid. Contrast that with the people here who will spend 3 hours compiling tarballs so they'll be the first kid on the block to have it. Those same 'leet kiddies will whinge "Incremental distro will never succeed unless it's more current!" Solidity and up-to-last-week currentness are mutually exclusive.

There's also the question of how to handle major infrastructure transitions. I'm thinking of things like from XFree 3.x to 4.x, libc5 to libc6, KDE2.x to 3.x, kernel 2.4.x to 2.6.x, and last but not least GCC 2.9x to 3.x. Not to mention major changes in server daemons like Apache and Samba. The major libc and GCC increments are thankfully infrequent but they're also the worst. They both have severe consequences for backwards compatibility with older binaries and source trees. My point is that such transitions will force "Incremental Distro" to draw hard lines from time to time on what they'll support and what they won't. Shoot! Some people are still running heavily patched 2.0 kernels.

This brings up the other group of people Incremental Distro can't always make happy : The Ultraconservative Sysadmin. Sooner or later, support for say Apache 1.x will only be handled by boutique consultants. Most everyone but the Ultraconservative Sysadmin will have moved on. I think what will happen is that the distro will have to define brackets in time that start with those major transitions. During the bracket period (two years say) they'll have to maintain a branch of pre-transition compatible packages. The other thing they could do is be cold blooded about Ultraconservatives and just bump everybody up when these changes happen. Ultraconservative Admin is probably clued enough to manage his own upgrade schedule from patched source.

The REAL problem is that OSS/Free is developed and maintained on Internet Time. I suppose another outcome would be a spectrum of (differently organized) incremental distros with more and less aggressive attitudes toward upgrading.