Submitters, send your News Bytes items in PLAIN TEXT format. Other formats may be rejected without reading. You have been warned! A one- or two-paragraph summary plus URL gets you a better announcement than an entire press release.
The November issue of Linux Journal is on newsstands now. This issue focuses on Linux Enterprise and presents the results from the annual Readers' Choice Awards. Click here to view the table of contents, or here to subscribe.
All articles through December 1999 are available for
public reading at
Recent articles are available on-line for subscribers only at
Issue #6 of Embedded Linux Journal has articles about choosing an embedded distribution, building a minimal glibc, Linux single-board computers, and more. Plus a cool chicks-on-a-motherboard cover.
Click here for the table of contents.
Embedded Linux Journal is available free to qualified subscribers in the
USA, Canada and Mexico.
Click here to subscribe.
In Linux 2.2.20-pre10's changelog, Alan Cox refuses to list the details for some "security fixes", writing, "Details censored in accordance with the US DMCA". Apparently file ownership and permissions might be used to protect a copyright, and highlighting the fixes in a changelog could thus be seen as publishing information on copyright circumvention. There was a thread of discussion leading from this decision on linux-kernel, with some list-members feeling that Alan was overreacting. Others made the very fair point that it was up to Alan whether or not he wanted to take the risk of potentially violating the DMCA. Alan's position is that he has taken legal advice, and that this is the most prudent course of action.
LWN's coverage of this story highlighted the fact that although the changelog is censored, the actual code and patches are not. This was also noted on linux-kernel. Rik van Riel posted a link (on Slashdot and linux-kernel) to http://thefreeworld.net/ where you can get the changelog, along with other information/tools not allowed in the US (this is for non-US visitors). Further comments can be found on Slashdot, where the story popped up, and here on The Register.
"...the Act provides for a court order to be issued requiring a person to disclose the encrypted evidence in a plain-text form. However, section 27 of the Act specifically provides that nothing in the Act shall have the effect of requiring the disclosure of unique data such as codes, passwords, algorithms, private cryptographic keys..."There is also a rejection of the concept of key escrow, which is reiterated in the Government Policy on Cryptography and Electronic Signatures, which also asserts the right to free choice of cryptographic method. Partly, these policies were adopted because they were seen as pro-business: technology companies are more important to the Irish economy than media companies. Another factor that may have influenced this decision is the fact that Ireland's communications are vulnerable to monitoring by other states for conventional or industrial espionage. Such allegations were made against the UK regarding Capenhurst Tower. On a European wide level, similar concerns have been raised regarding UK and USA involvement in Echelon.
The UK has taken a less liberal approach, in particular in the Regulation of Investigatory Powers Act. The Irish Government was keen to follow a different route, in the hope that this would encourage inward investment in the electronic commerce and software sectors. The electronic signing by Bill Clinton and Bertie Ahern of a communique on electronic commerce in September 1998 was a high profile publicity stunt to reinforce this image. This, and other pro-business policies, were successful, moving Ireland to the position of second largest exporter of software in the world.
Another significant influence on Irish policy is the European Union. This is not necessarily a bad thing, as some good policies have come from the EU. The Echelon document mentioned earlier states "...e-mails can and should be encrypted by everyone", and is a valuable wake-up call to the importance of security. Bruce Schneier has lauded the EU for taking on board security professionals concerns regarding the new EU Cybercrime Treaty. Additionally, the European Patent office does not grant software patents. A much more disturbing development is the The EU Copyright Directive. Like the DMCA, this is inspired by the World Intellectual Property Organization, and it has some similar provisions. However, European directives are guidelines for national laws, and certainly do not override national constitutions, so there should be a longer road before the EU is fully subject to DMCA style rigour.
On the broader theme of civil liberties and misuse of power, there are valuable lessons to be learned from Ireland's experiences. Ireland's troubled political history has in the past led to some very harsh laws such as the anti-terrorist Offences Against the State Act, repeatedly condemned by Amnesty International. Also, there was significant abuse of 'phone tapping, with both journalists and politicians the victims. Phone tapping has valid security uses, as might some of the measures which has just been enacted enacted in the United States, but it is very easy to misuse. Although the current Taoiseach (Prime Minister) has apologised for the abuse, much harm has already been done. Indeed this controversy has flared up again, as one of the ex-ministers responsible for the wiretaps (and opposed to apologies) is now chairing a government telecoms enquiry.
The American Civil Liberties Union (ACLU) have prepared a chart showing the differences wiretapping/surveillance provisions between current law and various Anti Terrorism bills: The originally proposed Bush Anti-Terrorism Act (ATA), the House Judiciary compromise Patriot Act, the Senat-Passed USA Act, and the House Passed USA Act. There are also ACLU comments on each.
At Security Focus, Richard Forno has written on these issues, and on the danger of too-readily sacrificing freedoms. Richard Stallman has also commented on the dangers of erosion of civil liberties, in particular under the USA Act.
On Wednesday 24th October, the USA Patriot Act (HR 3162) was passed by the house of representatives 357-66, and the following day by the Senate, 98-1, with Russ Feingold the only dissenter.
Slashdot had a recent interview with consumer advocate James Love. He has some ideas on getting decision makers' attention which may be of special interest to Linux advocates. In particular, he recommends writing to congressional staffers that are working on the specific issue, rather than just to congress members. Also, he mentions that it is worth writing letters to well-read newspapers (or local newspapers of a Congress member you want to reach).
This tactic could be surprisingly effective. I know for a fact that in government departments in my own country, Ireland, that civil servants are assigned to read the major newspapers and cut out articles that are relevant to their department. Particular attention is given to the letters page, and these clippings are seen by the head civil servants and ministers (i.e. decision/policy makers) in each department.
One other issue, raised by Love, which might be of particular relevance here, is the Hague Convention on Jurisdiction and Foreign Judgements. This is a subject on which James has commented extensively. The convention in question is a treaty that would implement, among other things, cross-border patent enforcement. "Everyone would be liable for infringement of foreign patents, and the Hague Convention would give exclusive jurisdiction for both validity and infringement in the county of registration." There is an an online introduction to this subject, by James Love. The official website is at: http://www.hcch.net/.
Slashdot quotes Wired's allegation that the Recording Industry Association of America (RIAA) tried (and failed) to get inserted into the Anti-Terrorism bill a provision that would allow it to hack into your computer to see if you had any unauthorized MP3s and delete them. It seems they think they had this right all along (!) but are afraid they might get branded as Cyber-Terrorists if they tried it under the new USA-Act! Of course, the biggest concern is collateral damage to your computer, which RIAA wants to shirk responsibility for. This story was also picked up by ArsTechnica. The RIAA later published a rebuttal, which doesn't really contradict much of what was written, but spins differently.
In a similar vein, though perhaps inaccurately, The Register reported on a secret meeting between Senators Fritz Hollings, Ted Stevens, and representatives of RIAA and the big media companies. Interesting reading, but now comes the caveat: "Our source may not be all he or she claimed to be, and serious doubts have been cast on the veracity of the comments attributed to the RIAA's Rosen and co."
The following articles are in the November-December issue of the E-zine LinuxFocus:
The Duke of URL have
CNET have reported that Amazon.com significantly reduced its IT budget by migrating to Linux.
Details, at Cryptome.org, on the "Beale Screamer" anti-DMCA MS Digital Rights Management circumvention. Further information.
Linux Weekly News reported that the W3C is eager to adopt patented technology in standards. More details on LWN and summary here.
Opera (among others) had a bit of a tussle with Microsoft over MSN not allowing connections from non MS browsers. MS backed down.
What good is a Linux client? IBM's Mark Chapman give you the benefit of his own experience as a Linux newbie changing over from Windows.
Virus writers are industrial terrorists says Microsoft, as reported by The Register.
Linux.com have an introduction to using the Snort Intrusion Detection System. Further reading here, courtesy ILUG.
In LWN, Michael Hammel, who used to write LG's _The Graphics Muse_ column, surveys Linux's repitoire of games, both old and new, free and commercial. This is a very quick overview of the kinds of games Linux has, and its support for gaming technology.
IBM is working with Citizen Watch to develop a Linux watch. There's a photo of a prototype showing Tux on the screen.
Listings courtesy Linux Journal. See LJ's Events page for the latest goings-on.
5th Annual Linux Showcase & Conference
|November 6-10, 2001
Strictly e-Business Solutions Expo
|November 7-8, 2001
LINUX Business Expo
Co-located with COMDEX
|November 12-16, 2001
Las Vegas, NV
15th Systems Administration Conference/LISA 2001
|December 2-7, 2001
San Diego, CA
Linux Weekly News recently reported that W3C has a draft policy which would allow patented technology to be included in web standards. LWN has a good commentary on the issues, which could ultimately endanger the future of free software on the internet. The "Scalable Vector Graphics" (SVG) standard, already adopted by the W3C, includes patented technology from Apple. The W3C is already behaving as if the new policy were in force.
What most disturbed many observers was the under hand way in which the change was apparently being sneaked through. The "consultation period" came to most peoples attention thanks largely to LWN's Adam Warner who posted this message. Following this comments in W3C's comment thread turned sharply against the idea once it became generally known. Included are comments by Linux bigwigs. Many of the most important posts are linked from LWN. Some predict that this could lead to a situation similar to the one following the patent rows surrounding GIF's, and the subsequent development of PNG's. LWN suggests the possibility that in the future, the free software community may have to form another web standards committee to compete with W3C if W3C starts destroying the web with non-open technology that threatens the web's universal viewability.
Unhappy news, Linux Weekly News is facing the budget shortfalls common to free web news sites. In particular, Tucows is no longer able to continue providing support. As a result, Michael Hammel, LWN "On the Desktop" columnist (and former LG "The Graphics Muse" columnist) is leaving LWN. We wish Michael well.
More disturbing is LWN's prediction that, "Unless we can come up with a way of paying salaries soon, LWN risks dropping off the net entirely." There is a mailing list to discuss LWN's future at http://vena.lwn.net/mailman/listinfo/discussion (now needs registration). This news was also discussed on Slashdot.
Also in Europe, IDG.net have reported that Germany's lower parliament (the Bundestag) is considering switching from Windows to Linux for its 5000 computers. The main reasons are for security, stability and (again) to save money in the face of MS's new upgrade terms. The parliamentary committee will decide late this year or early next year which OS will replace its current version of Windows NT.
Finally, Technews.com have run a Thai story: that Thailand's government will back the idea of using free, Thai-language 'open source' software as a way of reducing spending and software piracy. An official is quoted: "To be independent from foreign software, the country needs to build a knowledge base along with developing human resources and work based on open source software."
Linux NetworX, have announced that BioCryst Pharmaceuticals, is now using a Linux NetworX Evolocity cluster to aid in creating pharmaceuticals for the treatment of human disease and illness such as influenza and hepatitis C. Implementing an innovative drug discovery approach, scientists at BioCryst create synthetic small-molecule inhibitors, atom by atom, to bind with specific disease-causing proteins or targets.
BioCryst's new Evolocity cluster includes 32 Pentium III 933 MHz processors, with 16 GB of memory and a 10/100 Ethernet network. Linux NetworX configured the cluster to handle complex computer modelling applications, such as X-ray crystallography and combinatorial chemistry. BioCryst utilizes the Linux NetworX ClusterWorX management software and signed an on-going service agreement as well.
In response to an uncertain political climate and the recent economic downturn, the USENIX Association and the Atlanta Linux Showcase, Inc. jointly announced today that they will offer free registration to everyone wishing to attend technical sessions at next month's Annual Linux Showcase & Conference in Oakland, California. USENIX and ALS are making this unprecedented offer because they believe the networking opportunities and high-calibre technical content at this conference provide an important service to their membership and the general open source community.
"We recognize this may only be a temporary readjustment until the 'brick and mortar' companies start using open source products to a greater degree. Therefore, we feel that it is crucial to provide current technical information to the community at this time," said Jon "maddog" Hall, USENIX Director and ALS Invited Talks Program Chair. "There are also several political issues facing the open source community right now such as DMCA, SSSCA, copyrights, and software patents. The ALS invited talks track reflects this and we felt that we could not put off these important discussions to a later time."
"For the third consecutive show, SAIR Linux and GNU's partnership with IDG was a huge success. As the leading developer of vendor neutral training curriculum and certification materials for open source software, SAIR Linux and GNU offered free Linux review sessions and free certification testing at the LinuxWorld Conference and Expo event which took place at San Francisco's Moscone Center. SAIR Linux and GNU served as the official Certification Sponsor for the August 27 thru August 30 event which welcomed more than 18,000 attendees and 180 exhibitors."
For more information on the success of the LinuxWorld Expo, visit http://www.linuxcertification.com/linuxworld/ or http://www.linuxworldexpo.com . You can also access additional information about SAIR Linux and GNU Certification or locate a training center, by visiting www.linuxcertification.com. Additional information about testing can be found at www.2test.com or www.vue.com.
The Debian HURD iso images are now available from your local ftp.gnu.org mirror. There are 3 iso's available, but you only need the first one to get a system going, so get downloading now!"
The position of Debian Security Secretary has been filled, with the appointment of Matt Zimmerman and Noah Meyerhans to the role.
Details of an updated webalizer package were posted on Debian Changes. It fixes a bug whereby Webalizer stopped working on Oct 5th, 2001.
SuSE Linux, have announced SuSE Linux 7.3, in both Professional and Personal editions. Recognising security concerns SuSE Linux 7.3 offers Features include KDE 2.2.1, Linux Kernel 2.4.10 with glibc 2.2.4, an extended range of drivers and improved USB support, with better automatic hardware detection.
SuSE Linux presented the third generation of its e-mail solution at the IT expo SYSTEMS, held in October in Munich. SuSE Linux eMail Server III is a solution for small and medium-size enterprises, dedicated workgroups and government administrations. A new feature is Skyrix which provides calendar and scheduling functionalities for booking appointments, rooms, or other resources.
Gnect is a theme-able "four in a row" game for GNOME. Similar to Tetris, but the object is to get four marbles/tiles in a row in any direction within a 7x7 grid. The tiles do not automatically descend, so there's no time limit. You choose the column and the tile drops from the top. License GPL, including the Velena strategy engine.
Courtesy of Slashdot, comes the news of Loki's upcoming game: Postal Plus. Loki have a press release with more information.
MOSIXVIEW is free for download and is based on the GPL-licence model. For more information, consult http://www.mosixview.com or http://www.waplocater.de/mosixview/. Also, Linux Focus have taken a look at this package.
Wolfram Research, maker of Mathematica technical computing software, have announced the release of webMathematica. webMathematica is built on Java servlets, making it compatible with any web server, servlet engine, or application server that supports the Servlet 2.0 API or higher. webMathematica is initially available for Windows 95/98/Me/NT/2000 and Intel-based Linux platforms. webMathematica enables users to:
Micro Sharp Technology have announced an agreement with Astaro to market their Firewall software product as part of the Netule line of products. Netule is a robust, thin server appliance solution. The OEM version will allow hardware systems builders to supply a low cost, robust server appliance solution for small and medium sized business.
International Messaging Associates has just released the latest in its top Messaging Solution - Internet Exchange Messaging Server (IEMS) 5.1. Among other features, IEMS 5.1 has enhanced virus and spam detection control and adds an Attachment Removal Filter Module. In an introductory offer, IMA is giving away 15-user licenses for free. IEMS5.1 is interoperable in Linux and Windows and will add support for Solaris and HP-UX by late-October. Government and enterprises planning to shift their messaging platform from Windows to Linux will be able to simply auto-migrate their MS Exchange mailboxes to IEMS. IEMS 5.1 can be downloaded from http://www.ima.com/download/v5eval.html.