Microsoft patch opens users to attack

August 24, 2006 Leave a comment

Microsoft has spent a lot of time and effort trying to improve their security image. Part of that was gaining mindshare among admins, so that patches would be trusted and deployed in an expeditious manor. It seemed that the Microsoft vision went as far as to wish everyone simply enable automatic updates. Obviously, for a variety of reasons, that simply hasn't been the case. Recently, Microsoft has been taking some heat for machines rebooting despite automatic updates being off. Yes, someone actually sent Bill Gates an invoice because of it, and the media and blogosphere have been having a field day with it. In the midst of it though, Microsoft released a patch that fix about eight issues, but also actually opened a completely new vulnerability. It also causes IE to crash for a variety of business critical apps, such as PeopleSoft, Siebel, and Sage CRM and any site that uses HTTP 1.1 compression. What's exacerbating an already bad situation is that the proposed fix has now missed it's target release and is currently delayed indefinitely. When you have someone at a large security firm saying things like “They basically butchered that patch.”, it doesn't inspire a lot of confidence. These incidents will almost certainly undo much of the work that Microsoft has done on the “improving its security image” front, and they make you wonder just how much they'll be able to deliver on the promises made for Vista. The fact that part of the issue still seems procedural and not technical doesn't bode well.
–jeremy
, , , ,

Filed under Main Page, Microsoft, Open Source

Fresh Rumors Erupt over Red Hat-Oracle Buy

August 24, 2006 Leave a comment

After multiple rumors that Oracle would offer Red Hat support, the new rumor seems to be that Oracle will simply acquire Red Hat. While Oracle certainly has the cash to do this, I can't see the logic from either side. The rumor includes numbers as high as $6b and even the low side appears to be about $5b. It would really complicate things on the Oracle side of the house and would likely cause irreparable damage to the “Open Source” image that Red Hat currently has. While you never know, and Oracle has pulled off the acquisitions of multiple OSS companies such as Sleepycat and Innobase, none of them were the size of Red Hat. I think Red Hat has a vision; one that could not be achieved as a vestige of Oracle. Novell on the other hand seems like a more likely acquisition target, if I had to pick one. They are a bit more closed source friendly due to their history and are struggling right now, so they'd be a bargain. Oracle could also assemble their own support team, or scoop up a smaller distro…not for the distro itself but to get a small talented team. In the end, it seems certain that Oracle will eventually do something in the Linux distro space, it's just not clear what. I'm guessing that when it finally does happen, it will begin a new chapter in the way Linux is looked at by a lot of non-OSS people.
–jeremy
, , ,

Filed under Linux, Main Page, Open Source

Open source guru advocates ideological shift

August 20, 2006 Leave a comment

I have to admit I was a bit surprised after reading this article, which include the following:
Eric Raymond has told the community that painful compromises are needed to the way it deals with closed source platforms and formats to avoid losing ground on desktops and new media players.
Raymond said the community is not moving fast enough to engage with non-technical users whose first-choice platform is either an iPod, MP3 player or Microsoft desktop running Windows Media Player.
Binary drivers are considered an evil for open source because of their proprietary nature, however Raymond called support for them in Linux “a necessary compromise.”
Raymond, a champion of all things open, said it is vital to the future uptake of Linux that the community compromise to win the new generation of non-technical users aged younger than 30. This group is more interested in having Linux “just work” on their iPod or MP3 player and “don't care about our notions of doctrinal purity”
Take a moment to process that. Now, while I completely agree that Linux too often does not engage with non-technical users, that's sort of by design and ingrained into the hierarchy of things. To be fair though, that's changing. Since Linux historically was a “by programmers, for programmers” kind of project, the non-technical users really didn't have a voice. With the entrance of companies like Novell and Linspire, that's no longer really the case. What I disagree with is the assertion that “The end of the 64-bit transition happens at the end of 2008. After that the operating system gets locked in for the next 30 years.” I honestly don't see how a move to 64-bit is going to lock any OS in. There's just no logical progression there. People (especially on the desktop) just aren't clamoring for the 32->64 conversion right now. It makes sense on the server, but the real benefits just aren't applicable to the average desktop PC. What I'd guess we'll see is a slow transition where by people will get 64-bit by default as the upgrade their PC – and they won't even know it happened. Because they won't know it happened, I'd hesitate to call it a “major architectural shift”. At least not when compared to the painful 16->32 change. That's why Linux OEM deals are so important… the average user simply doesn't care about their OS.
This brings us back to a topic I've discussed before. What are we, as a community, willing to give up to get mainstream adoption. I completely agree with ESR that “painful compromises” will be needed to gain more desktop penetration. Probably very painful compromises. I still question if the Linux we'd end up with is a Linux we'd all still be so passionate about. In the past I've indicated that I was unsure. Unfortunately, I'm still not. It's a very precarious thing, and I don't think people appreciate that there's a very real chance that Linux could end up being a victim of its own success in many ways. Luckily our communities are varied and resilient. While we're divided on many topics, in the end I hope we have the fortitude to persevere.
This article brings up a couple other topics that I'd like to break out into other posts (and will soon), including binary driver, Linux with an iPod and working with commercial and proprietary software vendors.
–jeremy
, , , ,

Filed under Linux, LinuxWorld, Main Page, Open Source

Real to plug Windows media support into Linux

August 18, 2006 Leave a comment

RealNetworks will release open-source software this year that will let Linux computers play Windows Media files. No word on if Real will ever open its own codec unfortunately. This deal is “a result of a licensing deal RealNetworks signed with Microsoft and its settlement of an antitrust suit against the software giant”. It good to see companies actually starting to focus on the codec problems we currently have on desktop Linux, but I'm not sure what this gets us that ffmpeg/libavcodec doesn't already offer. On a related not, Novell is going to ship this in SLED, which is really looking like it may be a popular product at this point.
–jeremy
, , , , ,

Filed under Linux, Main Page, Open Source

IBM takes potshots at OpenSolaris

August 18, 2006 Leave a comment

In a trend that seems to be increasing, IBM recently took the time to deride Sun on OpenSolaris. While I'd agree that Sun has been a bit skiddish at times and has certainly waffled more than any of us would have liked, saying that “OpenSolaris isn't a true open-source project is a bit disingenuous. It falls under an OSI approved license and it 100% forkable. It really is Open Source. Whether Sun is doing all it can to foster an active community is a whole other issue, but the wording in the article really seems like headline grabbing, which is IMHO not how companies should act. A couple quotes from the article:
“Sun holds it all behind the firewall. The community sees nothing,” Dan Frye, the IBM vice president who runs the company's Linux Technology Center, said Tuesday in an interview at the LinuxWorld Conference and Expo. “It's a facade. There's lots of marketing, but no community to speak of.”
IBM was concerned that OpenSolaris could become a “competitive threat,” and Frye assigned a programmer to monitor OpenSolaris goings-on. The company concluded there is no threat.
I guess if it's no threat, why are you taking the time to talk about it. The reality is that IBM and Sun have both done a ton to help Open Source. They have both contributed massive amounts of code, countless man hours and much more. This seems like a cheap shot with not a lot of upside. Come on guys, you're better than this. One can only hope that sensationalist journalism spun this into more than it was meant to be. These days, the odds on that are unfortunately quite high.
–jeremy
, , , ,

Filed under Linux, Main Page, Open Source

OSL Rackathon 2006

August 16, 2006 Leave a comment

If you're looking for a place to donate money that will benefit Open Source related projects, the OSL Rackathon 2006 may be just what you've been seeking. From the OSL description:
Greetings! We are looking for individuals to help sponsor the OSL in our new fundraising campaign. However, this is a campaign like no other. When you make a donation to the OSL, we will stick your name on one of our racks as our own way of saying “Thanks!”. These racks host some of the top names in open source software.
For those of you unfamiliar with OSL, they help host and maintain servers for Open Source projects. Who, you ask? The likes of Mozilla, Slackware, KDE, Gnome, Debian, Drupal, kernel.org and so many more that you should really go check it out yourself. The team there is great, and at a recent LinuxWorld they made it clear that if LQ ever needed help it would be there. A great project and one that LQ was proud to be able to donate to.
–jeremy
, , ,

Filed under Linux, Main Page, Open Source

Firefox crop circles

August 16, 2006 Leave a comment

You have to hand it to Firefox enthusiasts, they're a dedicated bunch that continue to show incredible ingenuity. They've funded a full page NYT ad, launched a Firefox weather balloon and now we have a Firefox crop circle. Yes, an actual crop circle. In fact, a 220 foot wide crop circle. There are loads of pictures available and it really is quite an impressive feat.
On the topic of Firefox, I recently noted that the 1.5.x branch had been unstable and slow compared to earlier versions (and the post got a lot of corroborating feedback). I've updated to the latest 1.5.0.6 recently, so I'll give an update. Performance has definitely been improved. The odd delays on tab switching is completely gone and interactivity in general feels better. Stability is improved, but not quite to the original level. I still get the occasion crash and I still get the issue where the window pops out of the frame (for lack of a better quick description). All in all though, a very good release that has made significant progress. I suspect by 1.5.0.8 I'll be extremely happy.
–jeremy
, , , ,

Filed under Linux, Main Page, Open Source

The Real Lenovo Laptop Deal

August 16, 2006 1 Comment

Contrary to the details in the original story, Lenovo will not be preloading Linux on a new Thinkpad. From the article:
The new “Linux-enabled” Lenovo laptop launched this week at LinuxWorld will not actually come “pre-loaded” with Novell SUSE Linux, a high-ranking Lenovo official said today, contradicting some industry reports stating otherwise.
Aggarwal maintained that Lenovo will be the first mobile PC maker to provide full phone support for a Linux laptop. Moreover, all Linux drivers needed for the T60p will be downloadable directly from Lenovo's Web site.
But he told LinuxPlanet that the T60p–an inch-thin, 4.7-pound laptop based on Intel's Centrino Duo processing technology–will be sold with a “blank hard disk.”
Not quite as exciting as the original speculation and certainly not the breakthrough deal for OEM Linux. That being said, it is a step in the right direction and it's good to see proper phone support and Linux drivers available directly from Lenovo. At over $3,000USD for a 14 inch screen though, I don't see this being a big seller in the end. This is another small iterative step in the evolution that will probably realistically take another couple years.
–jeremy
, , , , ,

Filed under Linux, Main Page, Open Source

First open source Java code promised for October

August 16, 2006 Leave a comment

Following up on an earlier promise, Sun will be publish the first parts of Open Source Java in October. More code will follow soon after, with the process being completed by 2007. The first bits to open will be Java C and the Hotspot VM, which isn't surprising since decent Open implementation already exist here. A license hasn't been decided yet, which was a bone of contention after the original Sun announcement. With the missing license info and details on exactly what Sun will be Open Sourcing extremely light (will it include the mobile stuff or the class libraries), the article doesn't give us much more than we knew on the direction of this initiative, but we do finally have a firm date. It's good to see Sun quickly following through on their promise and we're all anxiously anticipating watching this unfold. In the end, this could have far reaching implications, not only for OSS (especially projects like OOo), but mobile computing and really computing in general.
–jeremy
, ,

Filed under Linux, Main Page, Open Source

HP offers Debian Linux support

August 14, 2006 1 Comment

Hewlett-Packard is throwing its support behind Debian, and is the first tier one hardware maker to align itself with the noncommercial community-based Linux offering. From the article:
“We've had a number of customers continuing to ask us to have broader support for Debian,” and HP decided to oblige, said Jeffrey Wade, worldwide marketing manager at HP's Open Source and Linux Organization. Red Hat and Novell will remain HP's main Linux partners globally, however.
According to the article, HP will offer technical support for installation and configuration during a server's warranty period and later this year, it will begin selling “care packs” to help customers with Debian problems (although no details on what a care pack constitutes was in the article). HP has had a long history with Debian, and many will likely find it surprising that there is no mention of Ubuntu. I think this is an interesting move, but you should take note of the following:
Debian won't be on the same level as Red Hat or Novell, though, Wade said. HP won't market it, and customers will have to download the software on their own. Software combinations with partners such as BEA Systems or Oracle won't be available with Debian. And HP won't formally certify Debian for its servers.
Despite those caveats, this should serve to further solidify Linux in the server market and it will be interesting to see how other OEM's react. I think HP could be a possibility as an OEM that jumps into the Linux on the desktop game. They're looking for any way they can to get a leg up on Dell at this point, and a good Linux strategy on both the server and the desktop may give them an extra boost.
–jeremy
, , , ,

Filed under Linux, LinuxWorld, Main Page, Open Source

Older posts

Newer posts