Progeny Releases Linux Platform Manager

IanMurdock writes "Given your previous interest in Progeny, I thought you would be interested in our new Platform Services product direction and the release or our Linux Platform Manager tool. Briefly, Platform Services provides componentized versions of Red Hat and Debian, and Linux Platform Manager allows people to easily assemble these components into custom distributions. You can read more at http://www.progeny.com. More information on our new direction can be found in the Platform Services whitepaper."

Pick A Product

[technomancerX]

Ok, could Progeny maybe pick a product, finish it, release it, and market and support it?

What is this, version 3 or 4 of 'This is what Progeny does'?

Re:Pick A Product

[grub]

What is this, version 3 or 4 of 'This is what Progeny does'?

They're quite adept at putting out white papers! :)

Re:Pick A Product

[faster]

Obviously, their product is a slick brochureware web site. Without prices, of course.

Re:Pick A Product

A serious question from me: Why are they called "white papers"?

Re:Pick A Product

[ndogg]

Progeny's main purpose is to render services and support to its customers, first and foremost, not to release yet another Linux distribution like all the other Linux companies out there.

Re:Pick A Product

[Doctor+Memory]

God(TM)'s lawyers just sent me a cease-and-desist letter regarding the unlawful proliferation of my genes.

Isn't this otherwise known as a death certificate?

Re:Pick A Product

[Sri+Lumpa]

"God(TM)'s lawyers just sent me a cease-and-desist letter regarding the unlawful proliferation of my genes."

"Isn't this otherwise known as a death certificate?"

Nah, it's otherwise known as prostate cancer (or ovarian cancer for women); no need to kill you to prevent you to reproduce, just neuter you or make you a geek ;)

SlashAds

[Dr.+Mojura]

Is this important news to all of us, or just a way for Progeny to get some free advertising PR?
It's hard to keep the bias to a minimum when the story is submitted by the company.

Re:SlashAds

[Randolpho]

Why is it a problem when new technologies or versions of products are listed on Slasdot? It's news, regardless of who submits the article, and what's more, it benefits all. It gives Slashdot content (which it *technically* needs, dispite having content coming out the ears ;)), it gives us, the readers, info on a new product/technology, and it gives the owner of the technology some product awareness ("free advertising").

When you read, say, Computer Shopper, do you complain when they run an article about the latest technology, explaining what it is, who the company is, etc? Why would you complain about Slashdot doing the same? Do you honestly think that the editors of Computer Shopper aren't approached by the owners of this new technology in the hopes that they can get some product awareness? Hell, when we launched our big website a couple of months ago, we approached the local newspaper and got them to do a big story about it!

'taint nothin' wrong wit' dat. :)

Re:SlashAds

[chrisseaton]

But Slashdot thinks it's better than that - so it should at least try to live up to the standards it sets for the rest of the world.

A little disclaimer, "submitted by Ian Whatshisface, founder of Progeny", wouldn't have hurt either.

Re:SlashAds

[Randolpho]

I'm sorry, did you just claim that Slashdot tries to stay neutral? Slashdot, with the Borg-Gates and Broken-Windows idcons?

heh. Yeah, Slashdot is neutral all right. :)

Re:SlashAds

[chrisseaton]

"I'm sorry, did you just claim that Slashdot tries to stay neutral?"

A quick look at my comment would suggest "no". But it does complain like an old lady when anyone else is not up to the required standard (of which Slashdot itself does not meet)

Re:SlashAds

This isn't "news"; see: http://www.linuxplanet.com/linuxplanet/reports/450 0/1/

But Ian Murdock loves to delute his clout in the Linux community with every half-baked rev of Progeny.

Murdock (aka Progeny) comes off as a spiritual linux hippy; doing a whole lot of hand waving. How many mirrors and smoke machines are there in the progeny office?

Platform Services is a cool idea, I suppose, but his business speak makes me cringe. I guess maybe he's just trying really hard to _seem_ different? In the end the description of "How Platform Services Will Work" is very incoherent.. Maybe I need to upgrade my bullshit filter?

It's almost like he's saying that the commercial Linux distros are proprietary and/or diverging to the point of complete incompatibility; yet both RedHat and United Linux are both LSB compliant (whatever that means).

Ian Murdock: "Man if I could only see where I was stabbing!"

Shameless Plug

[FortKnox]

Slashdot needs a "Shameless Plug" tag to put on articles like this. Look at the submitters address. Slashdot is for news, not PR (unless they are getting paid for this story, in which case, I hope slashdot subscribers don't even get this story displayed to them).

BTW - What's up with all the Error 500's? Can't the Slashcode guys test the code before pushing it to the 'production' server (btw - these ARE the guys that complain about crashes in windows, then produce slashcode)?

Re:Shameless Plug

[jptechnical]

I think the point was to build awareness

from the building-the-interest dept.

and aid in making linux distributions more commonplace and easy to configure. I have installed and configured just about all every distro out there and still find something lacking. If I can get it modularized or configged as the post describes it may put me over the hurdles I have been facing. And as new features and ease of setup issues are resolved the platform becomes more powerful and usable by all. Isn't this the point of Open Source projects?

Re:Shameless Plug

How about the sucking-advertisers-dicks department?

Re:Shameless Plug

[RevAaron]

I agree- I think this product has a good potential to provide some thing fairly important than Linux has been missing.

At first, I thought that perhaps it shouldn't have been posted to Slashdot, at least not until the product is ready to ship/buy/download/use. But then again, Slashdot posts stories about interesting OSS/FS projects when they're in a larval stage, provided they're interesting. I see this as about the same thing, except it looks like this LPM software already exists to an extent- you just can't get it yet.

Re:Shameless Plug

[Drakonian]

Well, it isn't like they tried to hide it. The wording of the blurb makes that pretty clear.

Slashdot is more like 2nd hand news (and sometimes 3rd and 4th depending on how many dupes)

Re:Shameless Plug

[The+Bungi]

Well, it isn't like they tried to hide it.

I think sometimes they do.

The wording of the blurb makes that pretty clear.

But more often than not, it doesn't.

Re:Shameless Plug

[arvindn]

Slashdot needs a "Shameless Plug" tag to put on articles like this. Look at the submitters address.

Hey, the submitter is not claiming to be a third party.

I thought you would be interested in our new Platform Services product direction (emphasis mine)

Besides, this is Ian Murdock of Debian. Since he's a big name in the free software community, I have no problem with a shameless plug from him. If I guy who's gained a reputation by doing a lot of work uses his status to get some hits and some revenue, well its a nice way of rewarding him.

Re:Shameless Plug

[IanMurdock]

Actually, you can get it. This is a web application you subscribe to, not a product you can download. But it is available today.

Re:Shameless Plug

[Cyno]

This is just like my last comment on the media industry. I hate it when subscribers and customers are treated like some resource that companies get to exploit for profit whenever they see fit. It is unethical. Its not fair..

Oh well... best to just ignore it until it goes away.

Re:Shameless Plug

[m_evanchik]

How much does it cost to subscribe and is there anyway for hobbyists like myself to tkae it for a test-drive without paying money?

They're not

Actually, they're not. "White papers" are something that the government publishes (http://www.wikipedia.org/wiki/Act_of_Parliament)

Security

[Florian+Weimer]

They claim to use APT. APT (as used in Debian) does not offer any security (neither package signatures are verified, nor can you use HTTPS for download).

Does anybody know if Progeny has resolved this problem, or just doesn't care?

Re:Security

[Jellybob]

I get the package sigs verification, but do you really need to download your *software packages* from a secure server?

Are you scared someone is gonna snoop in on you downloading the latest version of KDE or something?

Re:Security

[MORTAR_COMBAT!]

APT (as used in Debian) does not offer any security (neither package signatures are verified, nor can you use HTTPS for download).

You are free to write and submit patches for that :)

Re:Security

What are you kidding me??? All debain .debs are signed and checked. As far as going over https what is the point? https is only needed to protect sensitive information going over the wire. Since all debian packages are Open Source and no information about the recipient is given https is not needed. There is no restrictions for a repository not being https, it is just that there is no need for the overhead of SSL so debian repositories don't use it.

Re:Security

If they'd just use Curl's libraries, they'd support HTTPS and a dozen other protocols.

Re:Security

[Klaruz]

Downloading the .debs over non-ssl is fine, but the sigs should be downloaded over ssl, not really for the encryption, but so that you know they really did come from debian.

Re:Security

[Carewolf]

????

Ehmm... That's what signatures are for. You use a signature to detect whether it really comes from Debian.You dont need to encrypt the signature for this to work, all you need is a public/private key-system.

Re:Security

I think he is merely suggesting the use of SSL to provide a sort of public/private key system. Otherwise, somebody could modify the signatures en route to match those of compromised/trojaned packages, which his system would then download unquestionably because they matched to modified sigs. By using SSL to create a certificate/public-private key system, this problem is avoided.

Re:Security

[jdaily]

Our (Progeny's) implementation of APT is reasonably secure.

• We have SSL support, derived from a patch by Tomas Pospisek.
• We have added authentication and authorization.
• Debian's APT currently supports the signing of repositories.

Regarding package signatures: that's more relevant to the package installation tools than to APT itself, but long ago, Progeny wrote and contributed to Debian debsigs, a tool for allowing GPG signatures to be embedded in packages.

Re:Security

[mbanck]

They claim to use APT. APT (as used in Debian) does not offer any security (neither package signatures are verified, nor can you use HTTPS for download).

Checking the integrity of the distribution by using the signatures on the Release file is being taken care of(from IRC):

(walters) azeem: my friend and I are almost done with our apt patch. it works now, we just have to clean it up.

(walters) azeem: individual package signatures is another thing though.

Re:Security

[Florian+Weimer]

What are you kidding me??? All debain .debs are signed and checked.

Only the initial upload by the Debian developer is checked. Subsequent downloads from the mirror cascade by the users are not checked, and users have to trust the integrity of the cascade (and DNS, and their network connection, and so on).

Re:Security

[Florian+Weimer]

I get the package sigs verification, but do you really need to download your *software packages* from a secure server?

You mean using HTTPS? I see this mainly as a cheap option to get secure access to a central, trusted package repository. It's not as good as a whole package-signing infrastructure, but it's easier to implement.

Re:Security

[Florian+Weimer]

Checking the integrity of the distribution by using the signatures on the Release file is being taken care of(from IRC):

Great news. This solves the "have to trust IP/DNS/mirror cascade" problem. Thanks.

(Meaningful package signatures are a tough problem because of autobuilders.)

Re:Security

[swillden]

Meaningful package signatures are a tough problem because of autobuilders.

Not too tough, I don't think. You do have to trust the autobuilder boxes, but as long as you can allow that, it's no trouble. The autobuilder should check the signature on the source package (from the maintainer) and then sign the binary package itself, including the signature from the source package.

The users' installation software, of course, just ends up checking the autobuilder's signature, but trusting a small set of build systems is reasonable. The build systems can, and should, take very restrictive security measures.

Re:Security

[ceejayoz]

But why do you need it to be HTTPS? That merely means no one can intercept your data between you and the server - hardly an issue when you're downloading freely available, open source code.

Re:Security

[Carewolf]

No because someone else can't create a new signature. To create a correct signature you need the private key. Since SSL is very weak encryption it wont add anything to even an ordinary private-key/public-key system.

Re:Security

[Klaruz]

Oops, I meant to say checksums. I was thinking about the md5 sums in rpms, I should have reread that before I posted.

Is This News Or A Press Release?

[DoctorMabuse]

I realize that there are some press releases that qualify as news, but this one doesn't. Progeny isn't advertising anything that is innovative, cutting edge, free or otherwise newsworthy. All they are announcing is a new way to separate you from your money.

Please, Slashdot, apply some form of editorial standard to this type of tripe.

Re:Is This News Or A Press Release?

[IanMurdock]

As to whether or not this qualifies as news, our "downs" in late 2001 qualified as news, so I think it's only fair to qualify the "ups" as news too, don't you? The fact of the matter is that we have quietly done quite well for ourselves over the past year and a half. Given all that's gone on around us, I'm rather proud of what we've accomplished, and I'm ready to let the world in on it.

As to whether or not what we're doing is innovative or cutting edge: Have you looked at what we are doing? What we are doing is nothing short of offering a fundamentally different way of looking at "Linux distributions": as platforms for building precisely tuned solutions as opposed to the one-size-fits-all products that traditional distributions give us. Sounds pretty innovative to me, but I will admit a bit of bias. :-)

Re:Is This News Or A Press Release?

[RestiffBard]

heh, no one ever expects Ian Murdock to be reading their posts :) Personally, it sounded like news to me.

oh and uh thanks for Debian. :)

Re:Is This News Or A Press Release?

[Elbereth]

As to whether or not what we're doing is innovative or cutting edge: Have you looked at what we are doing? What we are doing is nothing short of offering a fundamentally different way of looking at "Linux distributions": as platforms for building precisely tuned solutions as opposed to the one-size-fits-all products that traditional distributions give us. Sounds pretty innovative to me, but I will admit a bit of bias. :-)

So, basically, you're changing the Linux paradigm by leveraging your knowledge of blah blah blah.

Sounds like a bunch of marketing speak to me.

Come back when you're really selling something.

Re:Is This News Or A Press Release?

[KodaK]

Ian,

Granted, I've just given it a cursory glance at your site, and the answer may be there, but how fine grained is it?

For example, right now I'm needing ACL support for some Samba servers. I can either use MDK and get support out of the box, use SGI's RedHat installer or roll my own. Since I have to maintain several of these boxes I don't want to have to roll my own, and Mandrake is still just a little iffy for me. Can I, using LPM, apply kernel patches & change build options for packages? Other than the slideshow, is there a demo I can check out?

Oh, and, uh, hi again.

Deb-Ian

[bstadil]

Let's cut Ian some slack, after all he is the Ian in Debian

Re:Deb-Ian

[LINM]

Not only should we listen to what he has to say because of who Ian is, people should take a look at the article and these threads should be spending more time discussing the content of what Progeny is proposing.

If you go through and take a look at what it offers, Progeny's platform management not only makes life much easier for development houses (hopefully attracting more apps), but it also makes Linux (using their componentizatio) a much more bullet-proof solution.

If this catches on, it could become a very widespread product. Regardless of who posted it, it's not just news, it's important news!

It's finally happened...

[Dynastar454]

"Given your previous interest in Progeny, I thought you would..."

It was just a matter of time... Slashdot has finally merged into one collective conscious. Maybe now we can take on Microsoft! :-)

Re:It's finally happened...

So *we* are the borg now?

Excellent! Can someone tell me where Jerri Ryan is hanging out? ;-)

ACK!!

WAtch out! That cnet link is a redirect to TUBGIRL!! I clicked the link and walked away, and people were looking at it disapprovingly when I got back!

God, I think I'm going to be fired...

Not stable enough?

[Jellybob]

Hmmm, anyone else find it kind of ironic that the "Linux Platform Company" shows their software demo being run on IE under Windows XP? /me thinks they need to do a little work on their desktops :P

Re:Not stable enough?

[LINM]

I very much hope that they actually use a 'real' distribution for much of their work. However, the fact that it works under IE could be important for many of their customers (we certainly assume it functions under Mozilla).

I'd rather someone run Word on CrossOver Xandros than on XP. One step atta time one step atta time...

Re:Not stable enough?

[#undefined]

well, no surprise considering the pdf file was created with "Acrobat Distiller 5.0.5 (Windows)" and titled "Microsoft Word - PlatformServicesWP_031703". call me cheap, but even under windows i use win32 ghostscript to convert ps (generated by adobe's free-beer postscript driver using "print to file") to pdf. sure, using my poor man's method i don't get hyperlinks, but notice that none of the urls in the pdf are hyperlinks either, though i'm sure distiller is capable of such.

sure progeny's head is ian murdock of debian fame, but the doc seems to be authored by robin drake (rdrake), who seems to be a writer/editor (http://hackers.progeny.com/pgi/usermanual.html, http://changelogs.credativ.org/debian/pool/main/x/ xfree86/xfree86_4.1.0-16/changelog), not a hacker, so it's understandable.

but yeah, it does look odd for a "linux" company to be using windows, but i won't go so far as to call it hypocritical.

every school should have one

[timothy]

A nice ultra-localized distro would be a good project for a high school (or college, or middle school).

Similar to the way C. Knopper includes slides from his talks and some (interesting) Free Software-oriented music on Knoppix, such a distro might include ...

- a "yearbook" with photos of all students who want a photo in there and some fun snapshots

- a selection or two (as oggs) from the school jazz band, choral groups, orchestra, student-formed rock bands, whatever

- a school directory. When I switched schools from one with a directory (the students lived across a much larger geographic area at that one) to one which did not, I frequently missed having a directory. Even if it's just "long term contact info to the best of your ability, as much as you care to volunteer" rather than a list of current local numbers.

- browser bookmarks which are useful to students (good research sites, etc.)

- history of the school to the degree that students are willing to research and prepare one

- archive of all the last year's school newspaper stories

- sports statistics and other (notable to someone) figures and noteworthy events. Maybe the physics club built a hovercraft out of vacuum cleaner parts -- include some photos, diagrams, and a HOWTO.

The exact things are going to vary by school, but this sort of thing would be much harder with Windows -- you might be able to make a big disc full of "multimedia stuff" but it would not be able to boot / run by itself.

timothy

Re:every school should have one

[Clockwurk]

Or they could just set up a school website... This is a good example of needlessly including linux, when there are better, easier tools that would make the same result. I know linux is cool, but for each and every use you cited, its an overkill and frankly a dumb idea.

How is this not a distribution?

[philipborlin]

Statements such as (Emphasis added):

• Our componentized base system
• Our componentized kernel
• Installation technologies, based on Progeny's PGI installer-creation toolkit.
• Integrated hardware-detection support, based on Progeny's Discover 2.0
• Note that the custom platform built and delivered using Linux Platform Manager contains only Progeny-managed platform components

make it sound like you are trading vendor lock in by an "evil distribution" with selling your soul to Progeny.

I'm sure this is important...

But this is really boring. I can't wait for Troll Tuesday/April fools day tomorrow.

Until then, I'm going to do some work.

Can already be done...

[La+Camiseta]

A distro where you can select what gets installed. I'm not sure about other distros, but in SuSE, during the installation, just deslect everything, and select only those things which you need. Then everything that those programs depends on is also automatically installed. Easy as that. Plus, with SuSE, there's an automatic network installer, just as RedHat has one. So it sounds to me as if they're doing nothing but repackaging ideas that already exist and claiming them as their own. And as to the custom kernel stuff. That's what modules are for, so only the stuff that you need gets loaded.

Re:Can already be done...

[Robert+The+Coward]

This is for people who install 200 Workstation with the same setting for a Call Center or Register system in 50 Locations. Yes most of this can be done with RedHat using kicker but that is all done with a text config file that you have to change for you site. Then you have to do something about keeping it updated. They have developed a simple webbased system for that. The Real Question is cost and mantaince for the system.

Re:Bah

[Thud457]

And Real Admins dissassemble the generated machine code looking for backdoors!

What a fantastic Idea :)

With the creation of Knoppix like distros, I too have
been looking into the useful possibilities for these.

At present my main desire is for a cd based linux
system that's designed for troubleshooting and fixing
Microsoft machines. Linux happens to be the fastest
and most flexible tool around for pc's and lets face it; Many of us may not like M$ but we get paid to fix it.

I for one like to work as smart and efficiently as
possible.

: "HA HA!"

Your misfortune has brightened my day!
Kudos to you, Anonymous Idiot!

Progeny image vs Ximian logo.

[Pretor]

Is it just me, or is this picture pretty similar to Ximians logo?
Just mirrored.

It actually thought that I saw a code monkey :)

Progeny Linux

This was the first Linux distro that I really liked. It was a nice Debian at a time that the real Debian was too much of a bear to install and configure for a newbie. I loved it, then they decided not to continue it. They had some half-arsed plan and method to 'update' the lovely Progeny to standard Debian that was coming soon forever. It was supposed to be elegant, it was not. Whatever, I loved Progeny Debian and was very disappointed that they did not find it worthwhile to continue development. I have invested my last bit of time and effort on anything that Progeny comes up with.

What's with this logo?

It looks like a man walking in front of a burning oil well.

http://ptk.progeny.com

[j0el]

I find the ptk.progeny.com website useful. This sounds like a similiar type of deal but for Linux instead of development tools.

Slashvertisements

[ctar]

read my sig...

Last Post!

[alpg]

Fellow programmer, greetings! You are reading a letter which will bring
you luck and good fortune. Just mail (or UUCP) ten copies of this letter
to ten of your friends. Before you make the copies, send a chip or
other bit of hardware, and 100 lines of 'C' code to the first person on the
list given at the bottom of this letter. Then delete their name and add
yours to the bottom of the list.

Don't break the chain! Make the copy within 48 hours. Gerald R. of San
Diego failed to send out his ten copies and woke the next morning to find
his job description changed to "COBOL programmer." Fred A. of New York sent
out his ten copies and within a month had enough hardware and software to
build a Cray dedicated to playing Zork. Martha H. of Chicago laughed at
this letter and broke the chain. Shortly thereafter, a fire broke out in
her terminal and she now spends her days writing documentation for IBM PC's.

Don't break the chain! Send out your ten copies today!
For example, if \thinmskip = 3mu, this makes \thickmskip = 6mu. But if
you also want to use \skip12 for horizontal glue, whether in math mode or
not, the amount of skipping will be in points (e.g., 6pt). The rule is
that glue in math mode varies with the size only when it is an \mskip;
when moving between an mskip and ordinary skip, the conversion factor
1mu=1pt is always used. The meaning of '\mskip\skip12' and
'\baselineskip=\the\thickmskip' should be clear.
-- Donald Knuth, TeX 82 -- Comparison with TeX80

- this post brought to you by the Automated Last Post Generator...