News from the Rookery
Vocalizations! "Unfortunately, these interfaces come with a common problem in the high tech world. Quoting Dr. McCoy as he returned to the Enterprise in Star Trek I: 'I know engineers; they looooove to change things.' And in their current states, GNOME and KDE are constantly changing. The reason for this is that engineers are building what they basically don't want to use for those who don't want to use it. It's hard to find something that satisfies both ends of the equation ..." Michael J. Hammel, Linux Evangelist and Author, from his article, "The 30-Year Cycle of Acceptance, and Why Linux Is Immune" posted at Linsider.
Clever M$ Hackers Open Door for Crackers: Sometimes even the smartest among us can out-think themselves. Microsoft confirmed yesterday that engineers added a secret password--allegedly a phrase close to "Netscape engineers are weenies"--that could be used to gain surreptitious access to thousands of Internet sites. Manager of Microsoft's security-response center (no part time job this one), Steve Lipner, reportedly noted that such a password would be "absolutely against our policy" and called the inclusion of the password a "firing offense." And the company has encouraged its customers to delete the file "dvwssr.dll" in which the witty "you suck/we rule" style quip was hidden. According to the CBS MarketWatch story, the security flaw is limited to Microsoft's Front Page 98 extensions, and is not a part of W2K. The password allows crackers potentially to gain access to web site management files, through which crackers could access such personal information as credit card numbers. Moral for Microsoft: smackdowns make poor software.
Pulling Standards Out of a Hat: Yesterday, the Rookery brought you news from the Linux Standard Base announcing the release of the File Hierarchy Standard, Version 2.1. The goal of the Linux Standard Base is, among other things, to help prevent the sort of fragmentation that plagued UNIX by encouraging compatibility among Linux distributions. According to much of the buzz on the Internet, FHS 2.1 is an excellent example of the sort of compatibility worth encouraging. FHS 2.1 will standardize the placement of files in Linux distributions, to avoid what OSOpinion writer, Nikato Muirhead called "the problem of files being in different locations on different implementations of Linux." Nikato notes that many of the most popular Linux distributions--Corel, Stormlinux, Debian "and the other Debian based distributions"--will adopt the LSB and, by default, FHS 2.1. Notably absent from this list, is Red Hat. Nikato continues by saying that when he queried Red Hat co-founder, Bob Young, about Red Hat's adoption of the LSB, Bob answered that Red Hat was the market leader. Multiple mental question marks ensued. But for anybody who is wondering just what Bob might have meant, the answer is fairly obvious: Red Hat is, for mass consumption purposes, Linux. And when Red Hat says that it isn't competing with other Linux distributions (and is, instead, only competing with Microsoft), it isn't necessarily because they're being nice. The reason is that Red Hat isn't wasting time looking over its shoulder at what it considers also-ran Linux distros. To be sure, Red Hat has endorsed the LSB before (read what Donnie Barnes had to say to Linux Journal in our Standards issue last June). But that was a far different Red Hat in the pre-IPO, summer of 1999 from the Red Hat we have now--sitting astride the Linux distribution market as the most recognizable version of the operating system outside of the Linux community proper. Certainly Red Hat has become a Linux "market leader". The question is whether this will encourage Red Hat to lead Linux distributions toward non-Red Hat-centered standards, or deliver them to the doorstep of fragmentation.
VA Linux Left Out? Earlier this week, the Rookery mentioned a report from IDG announcing dramatic increases in server shipments from the close of 1998 to the close of 1999 (a 166% jump, to be specific). On IDG's list, Compaq led the field with 25% market share for Linux servers, with IBM coming in second at 10%. Others mentioned with smaller market penetration included Hewlett-Packard, Dell and Fujitsu Siemens. But the omission of Linux hardware companies like Penguin Computing and VA Linux Systems caused at least some observers of the Linux server boom to cry foul. A story on the subject appeared at The Register on Friday, which pointed out both that VA Linux was likely included in the report's sizeable "Other" category (which represented 43% of the Linux server market) and the time frame examined in the report, which may have excluded January 2000 sales that would have vaulted VA Linux, at least, over Fujitsu Siemens. Of course, what the study also points out are the significant challenges some of the smaller hardware companies like VA Linux Systems face in going mano a mano with hardware heavyweights like Compaq and IBM, both of whom have made their Linux commitments very clear.
Clued-in/Clued-out "(Sun) still wants to control the Java brand at all costs (because) they value the Java brand over the industry's technology. At this point, they're burning trust--they have to admit that it's proprietary or make it a standard." Simon Phipps, chief e-business "visionary", IBM, as quoted in Tech Web.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- The Humble Hacker?
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide