- LJ Index, April 2007
- The Market Aperture Opens
- They Said It
- diff -u: What's New in Kernel Development
- Widening the Analog Hole
- More of Less
- Just Say No to OpenXML
- Governments Vote for Linux Security
LJ Index, April 2007
1. Millions of Second Life Residents as of January 1, 2007: 2.287
2. Thousands of US dollars spent per day in Second Life as of January 1, 2007: 803.79
3. Days into 2007 when Linden Lab opened the source code for the Second Life Viewer: 8
4. Billions of US dollars of consumer electronics sales in 2006: 145.7
5. Percentage of surveyed German residents who read blogs: 15
6. Percentage of surveyed German “influencers” who read blogs: 27
7. Percentage of surveyed US residents who read blogs: 27
8. Percentage of surveyed US “influencers” who read blogs: 34
9. Percentage of surveyed Japanese residents who read blogs: 74
10. Percentage of surveyed Japanese “influencers” who read blogs: 91
11. Percentage of all blogs that are in English: 39
12. Percentage of all blogs that are in Japanese: 33
13. Percentage of US women living without a spouse in 1950: 35
14. Percentage of US women living without a spouse in 2000: 49
15. Percentage of US women living without a spouse in 2005: 51
16. Years since Jabber source code was first released: 8
17. Range in millions of users of open-source XMPP (Jabber) technologies: 40–50
18. Number of dual-processor PCs running Linux at Tradebit AG: 10
19. Terabytes of data served by Tradebit AG: 20
20. Millions of number of downloads per day from Tradebit: 1
1, 2: Tristan Louis
3: Linden Lab
11, 12: Technorati
13–15: New York Times
16, 17: XMPP.org
18–20: Tradebit AG
The Market Aperture Opens
Cinema-grade 35mm film cameras always have been brutally expensive, and the same goes for their digital counterparts. One reason is just that they're complex and expensive to produce. Another is that the manufacturers always have maintained a distance between castes of customers. Professional gear not only has features and abilities far beyond those of “consumer” gear, but it is far more expensive as well.
This is starting to change with video gear. The RED digital camera (red.com) is the first professional video camera that makes 35mm-grade cinematography available in digital form at prices independent producers can afford. It shoots with a 4,520 x 2,540 resolution (2,540 progressive) at 60 frames per second RAW, using a 12-megapixel Mysterium CMOS sensor. It's flexible, format-agnostic and costs $17,500. For something this good, that's cheap.
Linux has become the platform of choice for much of Hollywood's cinema production. Does the availability of cameras like RED's beg for more Linux in the rest of the cine production world? We'll see.
They Said It
Make no little plans; they have no magic to stir men's blood and probably will themselves not be realized. Make big plans; aim high in hope and work, remembering that a noble, logical diagram once recorded will not die.
The best way to get money isn't to find some VCs to beg, borrow, or steal from; the best way to get money is to make something people will pay for.
—Giles Bowkett, gilesbowkett.blogspot.com/2006/12/tale-of-two-startups.html
Most embedded device vendors don't release any source. Then someone from the community nags the vendor's legal department for six months and eventually gets a partial source tree that doesn't compile.
My impression is that companies treat legal compliance not as a hard requirement but as a risk management exercise; if (cost of GPL lawsuit) * (probability of GPL lawsuit) < (cost of VxWorks license) * (number of units), use Linux.
—Wes Felter, www.linuxjournal.com/node/1000164#comment-209612
Rosenberg's Law: “Software is easy to make, except when you want it to do something new.”
Rosenberg's Corollary: “The only software that's worth making is software that does something new.”
—Scott Rosenberg, from Dreaming in Code, Crown Publishing, 2007
Open sourcing is the most important decision we've made in seven years of Second Life development. While it is clearly a bold step for us to proactively decide to open source our code, it is entirely in keeping with the community-creation approach of Second Life.
—Cory Ondrejka, CTO of Linden Lab
If there isn't enough food in the fridge, do you say “the store must be down?”
—Greg Elin, at a conference
diff -u: What's New in Kernel Development
The kernel may soon support a larger compiled binary size, if a few remaining problems can be sorted out. Eric Biederman has had some patches to accomplish this floating around for a while, and Vivek Goyal at IBM has been testing them out. According to Vivek, the time is now ripe to give Eric's patches (with modifications and Vivek's own fixes) to a wider audience and include them in Andrew Morton's -mm tree. A lot of folks seem happy to see these patches, and much additional work is going into them from various kernel people. Some of that work is in the form of cleanups, but some folks also are working on the tricky interactions between this code and the swsusp software suspend code. It does seem as though these patches, sooner or later, will be complete and accepted into the official tree.
The open-source ar5k wireless driver has been cleared of any copyright problems, at least according to the Software Freedom Law Center (SFLC). The driver, developed for OpenBSD, primarily by Reyk Floeter, had lived under a cloud of suspicion by Atheros, the maker of the wireless chipsets it supported. And, although nothing was ever proven against the ar5k developers, the “scandal” was enough to prevent Linux folks from incorporating the driver into the Linux kernel. With the SFLC opinion, the worst objections have been set aside, if not entirely eliminated, and now the biggest complaint from kernel folks is that the ar5k driver may just be badly written or take the wrong approach. Currently, some folks support incorporating ar5k into the kernel in its current form or with slight modifications, and some think the whole driver should be scrapped and just used as a hardware reference for an entirely new driver. Whichever way that debate falls, it's clear that Atheros wireless chipsets will soon have a free alternative to Atheros' own freely available though proprietary MadWifi driver.
A lot of patches have come along to remove broken or unmaintained parts of the kernel or to schedule their removal after a period of depreciation. Andrew Morton has scheduled FUTEX_FD for removal in June 2007, saying the code has “unfixable races”—exactly the charge leveled against DevFS in the old days. Rusty Russell, who originally wrote the patch, has no interest in fighting to keep the code. Moreover, he says that once it's removed, the futex code could be made a lot simpler. With friends like these, FUTEX_FD needs no enemies, and it is doubtful the code will last even as long as Andrew has given it.
At the same time, Adrian Bunk has posted patches to remove a bunch of old drivers that have been marked as broken for several years. These include the VIDEO_ZR36120 and SKMC drivers; and the MAC89x0, ATARI_BIONET and ATARI_PAMSNET drivers. Of these latter, Geert Uytterhoeven may have a patch, by Matthias Urlichs, to fix the MAC89x0 driver. But the patch still needs to be tested and signed off on. Meanwhile, Adrian has posted more patches to remove the FB_CYBER FB_VIRGE, FB_RETINAZ3, FB_ATARI, FB_SUN3 and FB_PM3 drivers, but it looks as though James Simmons might take over maintainership of those, and Geert may already have a patch to fix the FB_ATARI driver. So, those framebuffer drivers may not be taken out after all.
At the same time, the sysctl code, which to all appearances was on the chopping block for real, seems to have found a reprieve. Eric Biederman, who had scheduled the code for removal, found some legitimate sysctl users. As a result, not only is the code no longer marked as depreciated, but it also will be compiled into all kernels by default for the near future. Eric will work with the various distributions to eliminate the sysctl uses gradually and, in perhaps a year or two, will once again consider removing the code.
The Sparse C code parser never had an official release under its original maintainer, so it becomes one of a very small group of projects to have an initial release only after changing hands. Linus Torvalds originally created the tool in 2003 for his own use to help spot bugs in kernel patches. And, he made the tool available for download without ever giving it a version number or doing any kind of organized release. When users started asking for features that Linus didn't himself desire, he suggested that someone else might take over the project. Josh Triplett stepped up, officially releasing Sparse version 0.1 with several feature enhancements. A version 0.2 followed closely after that, this time mainly adding bug fixes. Is the project old, having begun in 2003, or new, having just put out its first release? You decide.
Widening the Analog Hole
The entertainment industry embraced the digital revolution by making digital goods behave like analog ones—that is, scarce and hard to reproduce. It narrowed reproducibility of its “content” until all that remained was what it ironically called “the analog hole”. Only through the analog hole could scarcified digital goods still be moved with relative ease, and without being stopped by the DRM police. The moved goods would not be of identical digital quality, but they risked looking and sounding good enough to please the user.
Naturally, user demand has turned the analog hole into a marketplace. Front and center are the products by Chicago-based Neuros, which loves Linux and works to bring the free and open Linux value system to the world of media production and reproduction.
The Neuros Recorder 2 is an MPEG-4 recorder that “works like a mini-digital VCR”. It connects to sources over RCA cables and records in real time on standard removable Flash memory cards. Content can be transferred to other devices manually or over a USB 2.0 connection.
The company's latest product is the Neuros OSD, “the first open-source Linux-based embedded media center”. It lets you record from cable, satellite TV, DVD, TiVo/DVR, camcorder or VCR over RCA or S-Video cables, and to distribute or play back recordings over LAN (Ethernet), memory card, USB or RCA cables. The architecture is wide open, and it's constantly improved by Neuros and a growing community of developers and users. The price is $229 US.
Check them out at neurostechnology.com.
More of Less
If you're looking to put together combinations of small low-cost computing systems, it's hard to overlook the goods coming from e-Way, an American-run Taipei-based company. e-Way specializes in hardware that sells—in single units or in quantities—at prices you could cover with the average ATM withdrawal. They have a variety of tiny CPU boards and boxes ranging from $90–$189 US, plus screens and other components at prices as low as $8 US. At the Consumer Electronics Show, e-Way President Steve Freiberger even ran a slideshow off an extremely compact desktop Linux. The distro and 50 apps—including the slideshow software—all fit inside a 128Mb CompactFlash memory card. Check them out at ewayco.com.
Just Say No to OpenXML
A couple of months ago, Microsoft and another software company, Novell, signed a technical cooperation agreement. A part of this agreement may turn out as highly dangerous for almost all citizens, but it is not the one that the majority of critics addressed.
With this agreement, Microsoft commits not to sue, for patent infringement and other “intellectual property” violations, the users of the specific version of Linux packaged and distributed by Novell. One second after the announcement, Linux and Free Software supporters worldwide started to explain to each other how absurd and laughable it would be to believe, even for a single moment, that such violations actually exist or that any court could ever sentence Linux end users for them. This week, a handful of public statements (not even from Microsoft) quickly showed how little such arguments matter in the real, nongeek world. Wal-Mart's Chief Technology Officer announced that the company finally will be able to use Linux to expand its global Web presence, because “questions over intellectual property are a 'huge problem'”, but “the intellectual property protections in the Novell deal give Wal-Mart more confidence in using Linux more broadly”. After such a confirmation from Wal-Mart, which business owner (or Wal-Mart supplier) is going to listen to geeks swearing that Linux has no hidden legal bombs?
Regardless of Wal-Mart, the worst, most dangerous part of this deal may not be the patent suits part, but something else with an even bigger impact on the culture, economy and ownership of public documents.
Interoperability is enormously important in the computer world. If the documents produced with a computer program are not completely and surely readable with any other program of the same category, those documents cannot be exchanged, become unusable after only a few years or remain available only by paying much more than would be fair to the producer of the original software.
In order to avoid this, it is necessary to store and exchange documents in a nonproprietary file format. As explained in “Everybody's Guide to OpenDocument”, “if computer programs are pens, then think of file formats as alphabets. There is nothing wrong in selling overpriced pens, as long as cheap models also exist. But the whole thing is contingent on everybody using the same alphabet, without needing to pay fees or learn special secrets.”
Today, two file formats are competing for all our office files. One is the nonproprietary, completely open by design, internationally ratified standard called OpenDocument. The other is OpenXML, the format used in the next version of Microsoft Office, which aims to reach the same status but already has been defined by several experts as something explicitly created to be usable only in Microsoft Office.
In spite of all this, the file format part of the agreement explicitly says that it is “designed to ensure that customers using OpenOffice.org will continue to be able to read and write documents using future Microsoft Office file formats...[Novell will] ensure that file formats used by future versions of Microsoft Office are well specified and available to all to implement.”
Can you see the problem now? First, the agreement lasts five years—it cannot ensure anything after 2011. Next, it is officially not meant to make OpenDocument usable in Microsoft Office. Instead, it is going to make sure that OpenOffice.org users can continue to be slaves to a proprietary format that is very hard to support completely in other software programs.
99% of existing office files are Microsoft-locked, and almost all current desktops are Microsoft. The agreement will actively work to preserve this situation, practically making OpenDocument (and the very concept of nonproprietary formats) irrelevant and unused in any large organization, no matter what its technical and openness merits and certifications are.
Think of all the large companies and public administrations where most of the existing partners, customers or suppliers use Microsoft Office formats. Laziness and the wish to ignore what software is are very powerful. In such a scenario, the first time a manager sends an OpenDocument file from an employee or supplier back with an “I can't open this” note, the sender will set the default file format of OpenOffice.org to OpenXML and never go back. Why compromise a career or a sale annoying people in this way, especially if “I can still use this cool free software, can't I?” Sure—until the agreement expires and the next version of OpenXML breaks compatibility.
This is the real danger; there won't be any need to sue anybody for using Linux, because millions of business and public files will remain in a one-way format, made to order for Microsoft Office.
This is not interoperability. OpenDocument is interoperability. Working on OpenXML support in OpenOffice.org also makes it look like multiple applications are going to support this format. It is a prerequisite to ISO standardization—that is, for government acceptance. Government pressure to require/migrate to OpenDocument also would be much easier to fight or ignore: “Why spend public money on training, software migration and so on, now that our (current) format is an ISO standard and even Linux can open the formats of 99.999% of the existing office files successfully? See how good we were to encourage competition and give you choice?” All this could sensibly delay the adoption of OpenDocument (not forever, don't worry: just four or five years). It wouldn't be the first time that something goes into limbo because Microsoft says that it will support it in some way and then drops it because “there is no market demand”.
Even if you don't care at all about computers, OpenDocument is an occasion too important to miss—to save tax money if for nothing else. Please refuse to distribute or accept office files in OpenXML formats. It's too risky. Use whatever software you like best, but just say no to OpenXML, and ask your friends, coworkers and government to do the same. This is going to be immensely easier to do than in the past. A plugin to read and save OpenDocument files in Microsoft Office and a cross-platform viewer (similar to an Acrobat Reader for OpenDocument) are being actively developed. Very soon, there won't be any valid excuse not to use OpenDocument. Don't miss this opportunity.
Statement from Wal-Mart CTO: news.com.com/Wal-Mart+eyes+Microsoft+for+Web+build-out/2100-1017_3-6152247.html
Why Redmond feels so threatened by ODF: computerworld.co.nz/news.nsf/tech/CBE417F838EAB4A0CC25717A001A0EC9
“Everybody's Guide to OpenDocument”: www.linuxjournal.com/article/8616
Introduction to OpenDocument: opendocumentfellowship.org/introduction
How to hire Guillaume Portes: www.robweir.com/blog/2006/01/how-to-hire-guillaume-portes.html
Novell statement on file formats for office applications: www.novell.com/products/desktop/fileformats.html
Is Office OpenXML A One-Way Standard? Ask Microsoft: blogs.adobe.com/shebanation/2006/12/open_xml_one-way.html
Is OpenXML a one-way specification for most people? www.sutor.com/newsite/blog-open/?p=1145
A game of Zendo: www.robweir.com/blog/2006/07/game-of-zendo.html
Microsoft Office to get a dose of OpenDocument: news.com.com/Microsoft+Office+to+get+a+dose+of+OpenDocument/2100-1013_3-6069188.html?tag=nefd.top
OpenDocument Viewer: opendocumentfellowship.org/odfviewer
Governments Vote for Linux Security
Linux is the fastest growing operating system in the world, in large part because customers in every industry are demanding highly secure information technology environments, particularly those customers in the public sector.
Worldwide, more than 225 IBM government customers are embracing Linux to lower the total cost of computing, consolidate workloads, increase efficiency and enact e-government transformation. But, it's the inherent higher level of security that is providing government agencies the confidence to expand Linux beyond edge-of-network applications into the heart of the enterprise to run mission-critical applications.
Today, thousands of developers and members of the open community worldwide work on Linux, constantly making it better and more secure. IBM, for instance, supports the growth of Linux through the work of IBM's Linux Technology Center, made up of more than 600 engineers in 40 locations worldwide, of whom more than 300 work full-time on Linux as part of the Open Source community.
The inherent Linux security advantage is the added layer of community approval, which closed systems are unable to provide as they rely completely on internal teams to avert security breaches. Only after close examination and approval by a body of peers does a Linux solution reach a customer. This same talent pool quickly addresses emerging security concerns, plugging holes and releasing patches before a company's infrastructure is ever compromised. With other operating systems, bug fixes and security patches are more likely to be lumped together and released based on specific timelines that accommodate the vendor, not the users.
But as e-citizen applications become the norm, the users rule the roost. Citizens are becoming more accustomed to self-service applications, such as renewing a driving license on-line or paying a citation. As the number of citizens accessing information on-line grows, so does the incidence of cyber crimes. Crackers, phreakers and identity thieves keep abreast of technology advances, increasing their sophistication.
This now poses significant new threats to governments where the chief concern includes safeguarding national security and information privacy. As citizens share sensitive information, including names, date of birth, addresses and social security numbers with e-government systems, there needs to be a check in place to ensure this information is guarded by the highest levels of security.
As a result, advances in Linux security continue to improve, especially in the affordability of implementing higher-level security architectures. Open-source software provides more transparency and user control, allowing users to identify and fix security vulnerabilities as and when they happen, as compared to waiting for vendors to fix the security flaws.
Many government agencies worldwide require IT vendors to adhere to Common Criteria security certification standards. The Common Criteria is recognized internationally by IT professionals as the ISO standard (ISO/IEC 15408) used by the United States government and other organizations to assess security and assurance of technology products. The world's largest Linux enterprise server distribution vendors, Novell and Red Hat, for instance, have achieved high levels of security certification that enable Linux to be adopted by governments and government agencies running on multiple IBM software and hardware platforms.
Advances in security continue to improve, especially in the affordability of implementing higher-level security architectures. For use within governments, one resource has been the use of Security-Enhanced (SE) Linux. The Mandatory Access Control provides access to information on a need-to-know basis, protecting governments better from potential cracker and virus threats.
IBM has been a key enabler, consistently supporting the growth of SELinux while simultaneously ensuring that security within the platform is hardened, maintained and enhanced without compromising access and ease of use. IBM recently worked with the UK Cabinet Office and partners Tresys and Belmin Group on the first pilot for Mandatory Access Control through Security-Enhanced Linux in an e-procurement application at a National Health Service hospital trust in England. Through the use of this technology, any organization will have the ability to contain crackers, provide the necessary confinement for its applications and minimize damage to the enterprise.
For years, customers have demanded secure, open, interoperable platforms that are easier to manage and more flexible in running different workloads in a heterogeneous architecture that often comprises disparate products from multiple IT vendors. This trend is particularly pervasive in emerging markets.
India has been a shining star for open-source Linux software, with growth rates for sales doubling in the past year alone. The government and defense sectors have been one of the key drivers for Linux adoption in India, which combined accounted for 38% of the Linux market during 2005–2006 according to Dataquest. In India, customers are flocking to Linux because it provides a low-cost, highly secure and customizable alternative to closed systems and vendor lock-in.
Just this month (January 2007), it was reported that Tamil Nadu, one of the largest and most industrialized states in India with a population the size of the UK, is moving away from a closed system in favor of open source. They also are training 30,000 government officials on Linux, a key move because technical skills have been one of the barriers to further adoption of open-source software. Recently, the state of Kerala, which boasts a 100% literacy rate, announced it was migrating to Linux as well.
With the growth of on-line government services, citizens are benefiting from new open-source software security initiatives that are aimed at helping protect their personal information. IBM, Harvard Law School's Berkman Center for Internet and Society, Novell and Parity Communications are working on an open-source initiative, code-named Higgins, that will spawn a new generation of security software, giving people more control over personal on-line identity information.
The Higgins initiative is developing software for user-centric identity management, an emerging trend in security software. User-centric identity management enables individuals to manage and control their on-line personal information actively, such as bank account numbers, medical records, telephone numbers and credit-card numbers—rather than institutions managing that information as they do today. People will decide what information they want shared with trusted on-line Web sites that use the software.
The user will play a key role in the future in helping enterprises and institutions comply with various e-governance regulations. As users have more and more access to e-citizen services, user-centric management will help in identifying the information individuals want to share, for instance to their healthcare provider. A healthcare provider does not necessarily need to know the user's personal information and will have access to information relevant to the patient's medical history, thus limiting the exposure to data loss.
The Higgins initiative moves on-line security to the next stage by creating an open, highly secure and flexible software platform that essentially puts the user in the center of the identity management cosmos.
Linux is continuing to become an unstoppable force in the public sector, helping provide government agencies and the citizens they serve worldwide a computer operating system both can trust.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- The US Government and Open-Source Software
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide