UpFRONT

Strictly On-Line, LJ Index and more.
Install Fest Tips
  1. Find a location that is well-known in your area and has plenty of parking. Be sure it has plenty of space and sufficient power sources. An added plus is having carts available to help people bring in their machines.

  2. Host a DemoFest at a meeting about a month ahead of time to generate interest and recruit help.

  3. Publicize in the education community (universities and secondary schools) and computer stores, libraries and major corporations (flyers and brochures in the cafeteria or break room). Ask about advertising on local cable access television and community calendars in newspapers.

  4. Study the Linux Hardware Compatibility FAQ and the Linux Hardware Incompatibility FAQ and bring copies for your workers.

  5. Practice installing Linux on a low-end PC to measure the amount of time it will take to complete. Do the same on a notebook computer and over a network (if you plan to offer this option).

  6. Ask companies in the industry for CDs, literature and other items to use as giveaways.

  7. Ask attendees to make a reservation in advance, stating the type of PC they will be bringing. Prepare for some to turn up without reservations.

  8. Have an area at the front door for signing in and giving away promotional material.

  9. Plan on giving all users a Linux CD, so they can distribute Linux to others.

  10. Have random giveaways of books, T-shirts, etc.

  11. Include Linux training seminars presented in a separate room.

  12. Be kind to your workers. Have water and drinks handy. Order in lunch. Make sure they take breaks.

  13. Bring a box of extra parts that people no longer need—you may need them to complete an installation.

  14. Bring a camera.

—Michael Roberts, Cincinnati GNU/Linux Users Group

WILL YOU BE CRACKED NEXT?

Melissa—Explore.zip—Back Orifice. If you think there has been a bad rash of viruses and crack attacks lately, you're right. And security experts say it's going to get worse, not better; the frequency of crack attacks is rising exponentially. So are the money losses from the problem. Computer Economics, a research firm in Carlsbad, NM, reports that American businesses lost $7.6 billion US due to software viruses during the first half of 1999—more than in all of 1998.

Curiously, the massive mainstream media coverage of these incidents completely fails to mention the one thing they all have in common: Microsoft Windows. Non-Microsoft operating systems such as Linux are invulnerable to macro attacks, immune to viruses, and can laugh at Back Orifice.

This simple fact explains why your Internet service provider never suffers from viruses; essentially all ISPs run their services off UNIX boxes, and about 40% of them run Linux. Evidently, businesses are finding this an increasingly attractive option; a recent Computer Associates survey reports that 49% of information technology managers describe Linux as “important or essential” in their enterprise plans.

One of the reasons for this trend is definitely security. Anyone running a Microsoft operating system on a machine visible from the Internet is just begging to be cracked. If you're concerned with computer security, you need to understand why—and why Microsoft will not and cannot fix the problem.

Linux and other operating systems like it were designed from the ground up to be used by several people on the same machine, and to protect those people from each other. The user interface of Linux is separated from the kernel, the privileged operating system core. And the kernel is carefully protected from being modified by ordinary programs. This is why Linux doesn't get viruses.

Microsoft Windows, on the other hand, has a one-person-per-machine assumption built deeply into it. There is no internal security, and the Windows kernel is not protected against being modified by user programs. In fact, the user interface of Windows is wired right into the kernel. This is why hostile programs coming in over an Internet connection (such as Back Orifice) can reach right through the user interface, deep into the operating system core, and infect it.

If you value your data and your privacy, you need to understand that Microsoft cannot fix this security hole. Too many applications (including Microsoft Office and the IIS web server) actually depend on the lack of security in the system. Furthermore, the fact that the source code for Windows is closed means it never gets properly audited for security problems.

How does Microsoft deal with this? Not well. Mainly, they tell lies and try to confuse the issue.

On August 3, 1999, Microsoft put a machine running a beta of its new Windows 2000 operating system on the 'net and challenged crackers the world over to break into it. A few hours after the announcement, the machine crashed. Microsoft spokespeople subsequently claimed that it had been brought down by electrical storms.

But the machine's own error logs showed there had been nine crashes due to errors in Microsoft's own software, not the weather. Furthermore, crackers did indeed get in and alter a guest book application during the short time the machine was actually up—a fact Microsoft tried to dismiss as irrelevant.

A few hours after Microsoft's challenge was announced, a Linux company in Wisconsin matched it. During the following three days, their Linux machine withstood 6,755 attacks without crashing once.

Which system would you rather trust your critical data to?

—Eric S. Raymond

______________________

Doc Searls is Senior Editor of Linux Journal

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState