- LJ Index—March 2004
- Open eGov
- They Said It
- diff -u: What's New in Kernel Development
LJ Index—March 2004
1. Estimated thousands of US municipalities that are ripe for open-source applications: 88
2. Minimum estimated dollar savings by the US Navy on one open-source interoperability project: 300,000
3. Thousands of Linux client installations planned for deployment by Sherwin-Williams Co.: 10
4. Thousands of projected Linux-based Sun Java Desktops in a rollout in the UK: 800
5. Minimum millions of Linux-based Sun Java Desktops projected for deployment per year in China: 1
6. Millions of Linux-based Sun Java Desktops for which Sun is “aiming” in China: 500
7. Percentage range of municipal IT budgets “eaten up by productivity suites and tools”: 60–70
8. Projected dollar costs to municipal budgets of Linux-based open productivity suites and tools: 0
9. Percentage of CIOs and IT managers reporting Linux server use in Australia and New Zealand: 32.4
10. Year-over-year Linux server shipment share percentage growth: 51.4
11. Income generated in millions of dollars by Linux servers in the last quarter (before November 2003): 743
12. Percentage of the server market share for Linux by 2007 at the latest: 45
13. Percentage of small companies currently testing Linux: 25
14. Percentage of small companies that hope Linux will replace Windows as their core OS: 50
15. Percentage of the increase in spending on Linux server shipments between July and September 2003: 16
16. Percentage unit increase in Linux server shipments between July and September 2003: 32
17. Number of persons supportable by one technical person at Hill House Hammond, before Linux: 50
18. Number of persons supportable by one technical person at Hill House Hammond, after Linux: 500
19. Minimum percentage of spam relayed off home computers whose owners are unaware: 33
1, 2, 7, 8: Open Source Software Institute
4: The Register
5: CNET Asia
6: vnunet, Sun executives
10, 11: Ask Web Hosting, IDC
12: The Inquirer, Meta Group
13–18: ZDnet/UK, sourcing IBM and IDC studies and reports
19: New York Times, sourcing Sophos
In democracies, the most interesting politics are the kind you can describe with sports metaphors. That's even true when the big story is about technology. This is what we see in Molly Ivins' line, “the Internet is to politics what television was in the 1960 Kennedy-Nixon race”.
Yet democracy isn't only about elections. It's also about governance. And that's where Linux and open source quietly have been making huge changes over the last year or so. Here's a list of four related initiatives that radically are changing the rules and methods of technology procurement and implementation in government:
The Open Source Software Institute (OSSI, oss-institute.org) is on a mission “to promote the development and implementation of open-source software solutions within US federal and state government agencies and academic entities”.
OSSI is working on a US National Institute of Standards and Technology (NIST) validation for OpenSSL, the robust, commercial-grade, full-featured and open-source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols (oss-institute.org/fips-faq.html).
Project Leopard (leopard.sourceforge.net) is an “eGovernment Web services platform based on LAMP (Linux, Apache, MySQL, PHP/Perl/Python)”. Project founder and Linux Journal contributor Tom Adelstein says Leopard is a huge time and hassle saver. “All you have to do is write to this module installer that we have. So, you basically can do the Web pages and database schema and you're done.”
The Open Government Interoperability Project (ogip.org) produced Project Leopard and is working on the Open Government Interoperability Standard (OGIS), “an initiative to develop an open specification for ensuring that governments and administrative software applications work together more effectively”.
“These efforts are still new”, says Tom, “but already there is a rewarding sense that their implementation is inevitable. The cost is so low, and the rewards so high.”
If you don't remember all the DNS RFCs, or if parts you should know slip your mind, use ZoneCheck to look over your name server zone files to see whether you've maintained your zone as the RFCs suggest. I had forgotten, for example, that the expire time must be seven times greater than the refresh. I had only four times on my zone when I checked. Some 105 different checks are applied. It can be run from the Web or the command line. Requires: Ruby, Ruby extensions yaml, exml and a Web server that supports CGI (optional).
Many years ago in college I had a completely programmable calculator. Last time I saw it, the calculator was covered with dust and I couldn't find a battery for it, so I started using spreadsheets. Now, it looks like I can have a calculator again whenever I want it, at least on the computer screen. Archimede has functions for nearly everything including financial calculations, trigonometric and math functions as well as calendar functions. Requires: libX11, libpthread, libdl and glibc.
They Said It
We're going to immediately roll out the Java Desktop System to between a half million and a million desktops in 2004....It makes us instantaneously the No. 1 Linux desktop player on the planet.
—Scott McNealy, Business Standard (www.business-standard.com/ice/story.asp?Menu=119&story=29323)
Linux servers have demonstrated six consecutive quarters of year-on-year revenue growth, proving that they are not a flash-in-the-pan technology and that they are meeting real-world computing requirements in HPC and commercial deployments.
Future wide-scale implementations of Linux-based, mission-critical business applications may get less press, but they will continue to happen at all of the largest global financial institutions....Critical to this migration will be the ongoing support of the large hardware vendors, especially their ability to provide support tools and services for porting and new development. We believe that within the next 18–24 months, installing a Linux-based software package will become as normal as installing a Windows or Sun Solaris system.
—Damon Kovelsky, IDC (www.internetnews.com/ent-news/article.php/1559661)
There are no good excuses for binary modules. Some of them may be technically legal (by virtue of not being derived works) and allowed, but even when they are legal they are a major pain in the ass, and always horribly buggy.
I occasionally get a few complaints from vendors over my non-interest in even trying to help binary modules. Tough. It's a two-way street: if you don't help me, I don't help you. Binary-only modules do not help Linux, quite the reverse. As such, we should have no incentives to help make them any more common than they already are.
—Linus Torvalds, on the linux-kernel mailing list
Agata is a PHP application that runs directly in PHP, not in a Web server. Why? I have no idea, but it works. And, if you need something that resembles (so I'm told) Crystal Reports in Windows, take a look at Agata. It can be used against most SQL databases, although I tested it only against PostgreSQL. Agata is easy to install and run and is extremely flexible. It is also pretty and does graphs. Requires: PHP and php-gtk.
diff -u: What's New in Kernel Development
For several 2.6 test releases, Linus Torvalds had been hinting that a handoff to Andrew Morton was imminent. In fact, as of 2.6.0-test11, it's official. Andrew is now the 2.6 maintainer, even before the official 2.6.0 kernel is released. An interesting facet of this is that the 2.6.0 release is a major event, and Linus is giving Andrew the spotlight. This fits neatly with Linus' response to statements that he is indispensable. Linus always has maintained that he is “just another developer” and not the absolute focal point folks have made him out to be in the past. By stepping aside, Linus may be trying to minimize his public role.
In theory, the purpose of the stable kernel series is to approach true stability gradually. In practice, features from the ongoing development series are often back-ported to the stable series, after some testing. In some cases, the development work is done directly in the stable series, if the changes are isolated clearly and unlikely to cause problems outside of their own small realm. But in general, the ultimate aim of pure stability tends to grow stronger and stronger. And now, with the handoff of the 2.6 tree to Andrew Morton, Marcelo Tossatti has decided to clamp down on new features going into the 2.4 tree, and aside from a few possible exceptions like XFS support, 2.4 quickly is becoming a “bug-fix and security-fix only” tree.
Pontus Fuchs is working on what to some might seem a radical concept. He is attempting to get certain Microsoft Windows drivers to work with the Linux kernel. Considering that the drivers were written for a completely different operating system, he's actually had a surprising amount of success with this project. Specifically, certain wireless LAN cards have no published specifications or Linux drivers, either free software or binary-only. So far, he's been able to use his Broadcom 4301 successfully, and Pavel Machek has gotten a Broadcom 94306 working as well.
Carl-Daniel Hailfinger, Manfred Spraul and Andrew de Quincey have reverse engineered the nvnet driver for the NVIDIA nForce MCP Ethernet adapter and written their own GPLed driver. Actually, to preserve a clean-room development environment that would preclude the possibility that any part of NVIDIA's driver would be copied into their GPLed version, Carl-Daniel and Andrew did the reverse engineering and documented the hardware, while Manfred wrote the new driver from their specifications. In this way, Manfred was guaranteed to have no direct knowledge of the internals of the original driver. Reverse engineering is a time-honored computer-science technique to achieve interoperability, although there is a strong movement to make certain kinds of reverse engineering illegal in many countries. The DMCA (Digital Millennium Copyright Act) is an example of legislation that attempts to control reverse engineering, but what its true impact will be is still being hashed out in the courts.
Some signal handling behavior has changed between kernel 2.4 and 2.6. Typically, there are some signals (called thread-synchronous signals) that threads are unable to block. In the 2.4 kernel, a thread attempting to block one of these signals would fail, and the signal would come through anyway. This is not necessarily the most desirable behavior, because there is no legitimate reason for a thread to try to block one of these unblockable signals. In the 2.6 kernel, therefore, when a thread tries to block a thread-synchronous signal, it dies. So the programmer sees right away that something was done that shouldn't have been done. Linus says the new way is the best way, but of course, many past “best ways” have led to even better ways. The same may happen here.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- The US Government and Open-Source Software
- New Container Image Standard Promises More Portable Apps
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide