...making Linux just a little more fun!

<-- prev | next -->

News Bytes

By Howard Dyckoff


Please submit your News Bytes items in plain text; other formats may be rejected without reading. [You have been warned!] A one- or two-paragraph summary plus a URL has a much higher chance of being published than an entire press release. Submit items to bytes@linuxgazette.net.

News in General

LinuxWorld OpenSolutions Summit to Debut in February 2007

IDG World Expo, the producer of tradeshows, conferences and events for technology markets, has announced a new OSSw event - LinuxWorld OpenSolutions Summit - a regional and more vertically focused conference tailored specifically to the needs and interests of IT professionals involved in the deployment of Linux and open source solutions. The inaugural event is scheduled to take place February 14-15, 2007, at the Marriott Marquis in New York City.

The new OSSw summit evolved after recognizing a need for a targeted, high-level conference that concentrates on vertical markets. Attendees can access multiple tracks addressing best practices, including presentations by leading Linux and open source experts, case studies presented by IT executives, and a Solution Showcase for the latest Linux and OSSw products and technologies.

As a result of launching the New York LinuxWorld OpenSolutions Summit, the Boston LinuxWorld Conference & Expo will no longer take place.

LinuxWorld Conference & Expo San Francisco, the original, largest and most comprehensive event focusing exclusively on Linux and Open Source, will continue on an annual basis at the Moscone Center. Considered the de facto event by attendees and exhibitors alike, LinuxWorld San Francisco features across-the-board sessions and a full trade show floor embracing the entire Linux and open source continuum, and topics ranging from system administration to the desktop to mobile Linux. At a new conference track for the Linux Channel, the findings of the first major, objective study focusing on how solution providers are selling Linux solutions to mid-market customers will be released.

Sun Frees Java a little bit more

Sun will now allow the Java Standard Edition (Java SE) 5.0 to be distributed by GNU/Linux and OpenSolaris developers under a new license, the Operating System Distributor's License for Java, or "Distro License for Java" (or "DLJ"). The announcement came during the kick off keynote speech at May's JavaOne conference in front of 14 to 15 thousand developers in San Francisco. In a kind of rapproachement with the OSSw community, Sun's new CEO Jonathan Schwartz called Ubuntu founder Mark Shuttleworth to the stage to talk about the announcement.

Sun had hinted earlier in May that it will loosen distribution restrictions on its Java licensing, to encourage developers to use Java on Linux systems. Many Linux distributions previously required users to manual download, install and configure Java.

Sun developed this license in conjunction with numerous GNU/Linux communities. It allows distributors to ship Sun's Java SE 5.0 Java Development Kit (JDK) and Java Runtime Environment (JRE) as installable packages for their operating systems.

The company also announced that Sun's Java Studio Creator, Java System Portal Server, Java Message System-based message queue and Web Services Interoperability Technology would be released as open source code.

Sun has opened a new community project on Java.net (http://jdk-distros.dev.java.net ) to serve as a clearinghouse for best practices for delivering compatibly packaged JDK bundles on GNU/Linux and OpenSolaris.

[Meanwhile, CEO Schwartz continues to talk about Open Sourcing Java after JavaOne. Click here for SysCon's take.]

Several project teams have [or should soon] announce plans to redistribute the JDK for use with their operating systems including the Ubuntu, Gentoo and Debian distributions of GNU/Linux, NexentaOS, a hybrid operating system with an OpenSolaris kernel and GNU applications and both the Schillix and BeleniX versions of OpenSolaris. One well-known effort to repackage Sun's JDK for Linux, the Blackdown Project (http://www.blackdown.org), has agreed to join the new jdk-distros project on java.net and contribute their Debian packaging code to this initiative.

"We are really pleased to see Sun's increasing involvement in the free software community, from the opening of the Solaris Operating System source and now the re-licensing of Java technology to be compatible with

GNU/Linux distributions, and are looking forward to building stronger ties with the Sun community in the future", said Anthony Towns, Debian Project Leader.

"This new license shows that Sun and the Java technology world care about GNU/Linux and open source platforms and are willing to put aside philosophical differences and get down to business," said Mark Shuttleworth, founder and sponsor of the Ubuntu GNU/Linux distribution. "This eliminates one of the biggest roadblocks to wider use of the Java platform on free and open source operating system platforms and makes Java technology a more attractive foundation on which to build new projects and innovations."

[In email correspondence, Mark wrote, "I see it as a positive step by SUN towards having a genuinely free software license for Java." And "...the new license does allow us to carry SUN's Java implementation in the Ubuntu repositories alongside other non-free software."]

Quoting from Mark Shuttleworth's Blog [May 23rd] at http://www.markshuttleworth.com:

"Even though this was not the announcement we were all hoping for (a complete shift to free software Java), I was pleased to be part of the "Distro Licence for Java" announcement. As best I can tell, the new leadership at SUN clearly recognizes the importance of the free software model AND the role of the community. That's a big step forward and important to the progress of free software...."

"The new license does not mean that we can include Java in Ubuntu by default. It does not yet meet our criteria for free software in order to get into "main". But it DOES mean we can put it in the Multiverse or Commercial repositories, and people who want it can trivially get it after they have installed Ubuntu on a desktop or a server."

Mark's blog entry also has some interesting musings about Sun switching to the copyleft and TradeMark enforcement and also how the world might be different if Java had been free OSSw 1, 2, 3, 4, and 5 years ago [it would have been Java-on-Rails, not Ruby].

The DLJ allows the different distributions to define the packaging, installation and support for the JDK within their distribution. Distributions exercising the DLJ and shipping JDK bundles are ultimately responsible for maintaining compatibility.

http://jdk-distros.dev.java.net/ [to see what Debian and Ubuntu are doing]

IBM invests in Linux -- in Brazil

IBM announced in late May it will invest $2.2 million in 2006 to expand its Linux Technology Center (LTC) in Brazil. Developers at IBM's Linux Technology Center in Brazil will work to improve Linux as part of the open source community.

The investment will be used to complete construction of a Linux development laboratory in Hortolandia and expand a second lab in Campinas, on Brazil's Unicamp campus. It will assist with upgrading lab construction and equipment, furthering software development projects with Linux, and expanding student internships and job opportunities for recent graduates as a result of a collaboration between IBM and Brazil's Unicamp campus.

The investment will enable engineers and developers at the Linux Technology Center in Brazil to work on the following new projects:

- Linux development for IBM's Cell processor.
- Linux development for IBM's Power processor.
- Ease of use improvements for Linux on IBM Systems.
- Improved virtualization for Intel-based processors.
- Common Criteria Security certification for Red Hat Enterprise Linux version 5.

Researchers Find Linux Security Vulnerabilities

Safend announced in May that Zvi Gutterman, its CTO and co-founder, has discovered several security vulnerabilities in Linux, the most common open source project. As Safend's CTO, Gutterman designs key technologies such as the algorithms and theory behind Safend Auditor and Safend Protector implementation and is a Ph.D. candidate at the Hebrew University of Jerusalem. Recently, he has been conducting analysis of the Linux Random Number Generator (LRNG) along with Benny Pinkas from the University of Haifa and Tzachy Reinman from the Hebrew University of Jerusalem.

The team's research includes an attack on the Linux Random Number Generator. The LRNG is the key element behind most security protocols and tools which are part of Linux. Among them are PGP, SSL, Disk and email encryption. Using the attack presented by the research team, an adversary attempting to break into a Linux machine may compute backward outputs of the LRNG and use them to access previous confidential communications.

Gutterman, along with Pinkas and Reinman, used dynamic and static reverse engineering to learn the operation of the LRNG. The team was then able to illustrate flaws in the design of the generator as well as measurements of the actual entropy collected by it.

"Our result shows that open source is not a synonym for secure design; once the LRNG is broken, we can break any future or previous password on that PC," stated Gutterman. "However, open source benefits security by enabling security audits. As we state in our research paper, we feel that the open source community should have a better policy for security sensitive software components. They shouldn't be treated as other source elements."

Gutterman, Pinkas, and Reinman presented their research paper entitled "Analysis of the Linux Random Number Generator" at the IEEE Security and Privacy Symposium held in Oakland, California, May 21-24.

X.ORG finds Bad Bug with Coverity Code Audit

We have another major security issue with Linux and other Unix OSes, if you use XWindows. In conjunction with the DHS, Coverity has been performing static analysis of OSSw projects. This link describes the project: http://www.internetnews.com/dev-news/article.php/3589361

This link shows the current results: http://scan.coverity.com/

During analysis of results from the Coverity code review of X.Org, a major flaw in the server was discovered that allows local users to execute arbitrary code with root privileges. The eWeek article below, which has been copied in many blogs and OSSw sites [sometimes without attribution], is reproduced here for your education and pleasure....

Homeland Security Audit Flags 'Critical' Linux Bug
By Ryan Naraine / eWeek / May 2, 2006

An open-source security audit program funded by the U.S. Department of Homeland Security has flagged a critical vulnerability in the X Window System which is used in Unix and Linux systems. Coverity, the San Franciso-based company managing the project under a $1.25 million grant, described the flaw as the "biggest security vulnerability" found in the X Window System code since 2000.

The flaw was pinpointed during automated code scanning that formed part of the "Vulnerability Discovery and Remediation Open Source Hardening Project," a broad federal initiative to perform daily security audits of approximately 40 open-source software packages.

The purpose of the audit is to pinpoint buffer overflows, memory allocation bugs and other vulnerabilities that are a constant target for malicious hacking attacks. In addition to Linux, Apache, MySQL and Sendmail, the project will also pore over the code bases for FreeBSD, Mozilla, PostgreSQL and the GTK (GIMP Tool Kit) library.

The X Window System, also called X11 or X, provides the toolkit and protocol to build GUIs for Unix and Unix-like operating systems. It is used to provide windowing for bit-map displays. The X Window System also ships as an optional GUI with Macintosh computers from Apple.

Coverity Chief Technical Officer Ben Chelf said the flaw resulted from a missing parenthesis on a small piece of the program that checked the ID of the user. It could be exploited to allow local users to execute code with root privileges, giving them the ability to overwrite system files or initiate denial-of-service attacks.

Coverity hailed the discovery as proof that its automated code scanning tool can discover serious flaws that the human eye might miss. "This was caused by something as seemingly harmless as a missing closing parenthesis," Chelf said, describing the severity of the bug as a "worst-case scenario" for the X.Org Foundation that manages the X Windows System project.

Daniel Stone, release manager at X.Org, agreed that the vulnerability was "one of the most significant" discovered in recent memory. "[This is] something that we find once every three to six years and is very close to X's worst-case scenarios in terms of security," Stone said. "[Coverity's tool exposed] vulnerabilities in our code that likely wouldn't have been spotted with human eyes. Its attention to subtle detail throughout the entire code base - even parts you wouldn't normally examine manually - makes it a very valuable tool in checking your code base," he added.

The flaw, which affects X11R6.9.0 and X11R7.0.0, was fixed within a week of its discovery, and Chelf said Coverity has implemented a system to analyze the X Window System on a continuous basis to help prevent new defects from entering the project. [so pls check for the updates on your systems - your Editor]

Open Source OWASP Project Addresses Web Security

The Open Web Application Security Project announced availability of a process guide that will help a broad range of developers incorporate security into the software application development lifecycle (SDLC). OWASP is dedicated to helping organizations understand and improve the security of their applications and services.

CLASP (Comprehensive Lightweight Application Security Process) will be accessible through OWASP to developers globally. Developers will be able to leverage a best practices methodology that provides a well organized and structured approach for integrating security requirements and activities into each stage of the software development lifecycle.

"Many organizations are realizing that discovery and remediation of vulnerabilities in later stages of development is far too costly," said Jeff Williams, CEO of Aspect Security and Chair of the OWASP organization. "The OWASP project makes sure that developers have the knowledge and the tools to build secure software from the beginning."

OWASP's mission is to enable organizations to develop, maintain and purchase secure applications through the development of free,open and unbiased application security documentation, tools, chapters and conferences.

OWASP documentation projects include a guide to web application security, metrics, a test guide, documents for performing ISO 17799 reviews, and an AppSec FAQ . OWASP projects also include WebGoat - an interactive training and benchmarking tool so users can learn about web application security - and WebScarab - a web application vulnerability assessment suite.

More News from JavaOne:

JBoss Effort to Standardize Web Beans, Link Java Frameworks

-JBoss announced plans to submit a proposal to standardize Web Beans in Java. The Web Beans standard initiative will aim to bridge the gap between Enterprise JavaBeans 3.0 and Java Server Faces (JSF) . The result would be a simpler, more elegant, unified programming model for web development.

Borland, Google, Oracle and Sun Microsystems will bring their support and expertise with web frameworks to the standardization effort. The proposed standard will draw upon principles found today in JBoss Seam, Oracle application Development Framework (ADF) and Apache StrutsShale. JBoss Seam introduced a uniform component model for building web applications through declarative, contextual, application state management. Oracle ADF promotes the use of a metadata-driven architecture that enables developers to cleanly separate business service implementation details from the user interface. Apache StrutsShale offers a set of fine-grained services that can be combined as needed, rather than a monolithic request processor.

Gavin King, architect at JBoss, plans to lead the standardization effort. King, who founded the popular Hibernate project and is currently leading the development of JBoss Seam, commented: "The overwhelmingly positive response to Seam from the developer community convinced us that this is an idea whose time has come and one that should be brought back into the standards process for the benefit of the entire Java community. JBoss' end goal is the same as these companies supporting this initiative: To create a highly productive, accelerated development environment and enable richer web applications."

Borland Announces Three-Year JBuilder Product Roadmap; Builds on Eclipse

The Developer Tools Group of Borland Software Corporation announced details around a three-year product roadmap for JBuilder, its award-winning Java Integrated Development Environment (IDE). The roadmap includes an update to JBuilder 2006, a new underlying framework based on Eclipse in JBuilder 2007 ("Peloton"), and provides insight into the functionality being developed in future JBuilder versions. Future capabilities for the product line include new team collaboration and developer productivity features, support for new Java standards and emerging open source tools and frameworks, enhanced support for Service Oriented Architecture (SOA), and more.

The JBuilder roadmap was presented at May's JavaOne conference in San Francisco, Calif. and to customer dates throughout the world during Borland's 2006 Global Developer Road Show. US dates are June 1 through June 14. Borland's Developer Tools Group is already working to deliver on this three-year roadmap with a free JBuilder 2006 Foundation edition available for download (http://www.borland.com/downloads/download_jbuilder.html )

Two new JBuilder 2006 updates planned for release this year, with the next major release of JBuilder, codenamed "Peloton," expected to be available in Q4. JBuilder 2006, already shipping, began the transition of JBuilder to a more collaborative team development environment with features such as shared code editor views and joint debugging capabilities. These features allow local and remote developers to jointly design, edit and debug applications in real time.

JBuilder will continue to support the latest JCP standards as they become available and Developer Tools Group expects to release an update to JBuilder 2006 in June to support Java SE 6 ("Mustang") and an additional service pack in the Fall once Mustang is formally released by Sun Microsystems.

Terracotta Has Free Downloads of Terracotta Sessions for Apache Tomcat and BEA WebLogic Server

Changing the Java landscape, Terracotta, Inc., a leader in enterprise Java scalability, announced at JavaOne that it has begun giving away free copies of its session clustering solutions -- Terracotta Sessions for Tomcat and Terracotta Sessions for WebLogic Server. By injecting clustering and caching into the Java runtime, Terracotta furnishes applications with linear scalability, total fault tolerance, and high availability without making any changes to the application code.

Apache Tomcat users can spend weeks or months writing clustering code by hand to make Java applications in production cluster and scale efficiently. Terracotta Sessions for Tomcat gives developers a free, clustering solution that meets their need for load-balanced Tomcat application servers. It also removes performance tuning from the development lifecycle.

Meanwhile, enterprises running WebLogic Server sessions from BEA Systems, Inc. can realize significant cost benefits with Terracotta Sessions for WebLogic Server, which eliminates performance tuning and provides linear scalability and total fault tolerance. Terracotta Sessions feature fine-grained updates of session data to reduce overhead and improve scalability and performance. Real-time monitoring of session contents simplifies debugging and provisioning.

Terracotta Sessions can plug-in to an "off-the-shelf" JVM and clusters at the JVM level to provide a simple runtime solution. With Terracotta Sessions, developers can now purchase inexpensive, non-clustered application servers or use open source application servers. Terracotta was named "Cool Vendor" by Gartner in April.

The Terracotta solutions are both standards-compliant and, as drop-in clustering solutions, they drive faster time-to-market for Java applications. Terracotta Sessions licenses are free for all platforms for four JVMs and under. Production licenses are available directly from Terracotta. For more information, see these links :

Terracotta Ships "Clustered" JVM (http://www.terracottatech.com/press_5_16_06_2.0.shtml )
Terracotta Clusters BEA WebLogic Server for Free (http://www.terracottatech.com/press_5_10_06_WLS.shtml )
Terracotta Clusters Apache Tomcat for Free (http://www.terracottatech.com/press_5_8_06_Tomcat.shtml)
Download Terracotta Sessions for Tomcat and/or Terracotta for WebLogic Server at : (http://www.terracottatech.com/downloads.jsp)

Conferences and Events

==> All LinuxWorld Expos < ==
Real-World AJAX
June 5-6, 2006, New York City, N.Y
June 15-16, 2006, Antwerp, Belgium
SOA Web Services Edge Conference & Expo and Enterprise Open Source Conference [co-located]
5-6 June, New York, New York
21st Int'l Supercomputer Conference
June 27 - 30 2006,Dresden, Germany
June 26-28 2006, Chicago, IL
Dr. Dobb's Architecture & Design World 2006
July 17-20, Hyatt Regency McCormick Place Conference Center, Chicago, IL
O'Reilly Open Source Convention 2006 July 24-28, Portland, OR
August -- 01 September, Birmingham, U.K
8/01 - 8/03, Moscone Center, Boston, MA
Entertainment Media Expo 2006
8/07 - 8/09, Universal City, CA
LinuxWorld Conference & Expo -- SF
August 14-17, 2006 -- in foggy San Francisco, dress warmly!!
SD Best Practices 2006
September 11-14, Hynes Convention Center, Boston, MA
GridWorld 2006
September 11-14, Convention Center, Washington, DC.
Digital ID World Conference
September 11-13, 2006, Santa Clara Marriott, Santa Clara, CA.
[The Dig-ID Conference sessions are on areas such as: enterprise identity management, provisioning, strong authentication, federated identity, virtual directories, smart cards, web services security, identity-based network access control, enterprise rights management, and trusted computing. I found the 2005 conference to be most excellent. Further information on Digital ID World 2006, is here: http://conference.digitalidworld.com/2006/]

Distro news

The latest stable version of the Linux kernel is: [ http://www.kernel.org/pub/linux/kernel/v2.6/patch- ]

Red Hat -- "important" Kernel Security Patches

The company is distributing updated kernel packages meant to fix 16 individual flaws present in the version 4.0 releases of its Red Hat Desktop and Red Hat Enterprise Linux OS software.

The company advised that all Enterprise Linux 4 users should upgrade their kernels to protect themselves from the security issues, 10 of which the Red Hat Security Response Team rated as "important," and six of which it tabbed as "moderate."

SimplyMEPIS 6.0-beta4 Release Incorporates Ubuntu RC Components and Fixes

MEPIS has released beta 4 of SimplyMEPIS 6.0. The ISO image is available for download and test in the mepis 'testing' subdirectory at the MEPIS Subscriber's Site and public mirrors.

Beta 4 includes some new and/or updated applications including amarok 1.4, xaralx 0.5, and ksudoku. Digikam plugins were added to make Digikam and showFoto much more powerful and fun to use. To make room for xaralx, it was necessary to remove tvtime and the GIMP from the bootable CD but, for those who need them, they are available for download and install via the Synaptic download manager or apt-get.

Warren Woodford explains why this was done: "The SimplyMEPIS bootable CD is a starting point, and not always a complete solution. There are many applications we would like to include on the CD, but they won't fit. The OpenSource edition of Xaralx, formerly Corel Xara, is a well known Windows app for vector graphics drawing that is an exciting addition to Linux and MEPIS. Likewise, the new plugins make image manipulation in Digikam and showFoto a piece of cake. We want the new Linux user coming to MEPIS from XP to see right away that Linux has apps that are fun and easy. For the experienced user who wants or needs a powerful image manipulation program like the GIMP or any of the other apps we don't bundle on the CD, we ask for their understanding."

For this release, cpu speed management and suspend-to-ram have been improved. KDE configuration have been fixed for time format and other localization elements. The fontconfig configuration has been improved, so some web site fonts look better in both Firefox and Konqueror. Floppy support has been changed to be more reliable. Spamassassin has been tweaked to give very good results out-of-the-box, and then excellent results as soon as it has learned from a sample of user emails.

SimplyMEPIS 6.0 Beta 4 runs a reconfigured version of the Release Candidate update of the kernel from Ubuntu. The kernel source has been verified to give the best possible compatibility with new Intel hardware. The MEPIS configuration maintains compatibility with the extra "restricted" drivers provided by the Ubuntu team in the Ubuntu pools. MEPIS builds extra drivers for the 386, 686, and K7 flavors of i386 including bcm4400, bcm5700, Intel536, quickcam, spca5xx, usbvision, and, new in this release, ivtv. These drivers are available in the MEPIS pool and they are compatible with the matching Ubuntu kernels.

BSD Release: FreeBSD 5.5

Ken Smith has announced a new stable release of the FreeBSD 5.x series: "It is my great pleasure and privilege to announce the availability of FreeBSD 5.5-RELEASE. Work done between the 5.4-RELEASE and this release has mostly been bug fixes. Some 'vendor supplied' software has also been updated, mostly due to security concerns (specifically BIND and sendmail). This is the last planned release on the 5-STABLE branch.

The FreeBSD development community is currently focusing its efforts on the 6-STABLE and CURRENT codelines. No new major features are planned for the 5-STABLE branch, although minor updates and bug fixes may be merged at the discretion of individual developers."

Ubuntu 6.06 Release adds Server Support

The Dapper Drake Release for Ubuntu, version 6.06, is now available for download. Use this link: http://www.ubuntu.com/download

The new release, Ubuntu 6.06 LTS (Long Term Support), has specific emphasis on the needs of large organisations with both desktop and server versions. Security updates will be available for five years on servers.

The Server Edition of Ubuntu will include a mechanism to set up a standardised, certified and supported LAMP server with a single command. The feature reduces the setup time for companies providing hosted LAMP services as well as making it easier for organisations to set up and maintain their own LAMP standardised servers. Also announced on June 1st was support for Sun's "Niagara" UltraSparc CPU for T1000 and T2000 Enterprise-class servers, in addition to x86 servers.

A special added bonus of Ubuntu 6.06 LTS is the inclusion of several chapters from "The Official Ubuntu Book", which Prentice Hall Professional will publish in July 2006, under an Open Content license. The book represents the collaborative effort of more than a dozen Ubuntu community members from around the world.

Ubuntu 6.06 LTS also has a new mechanism to make commercial software available via download from select software from Independent Software Vendors (ISVs). A group of solutions available this way already, including data management software from Arkeia, cross-platform development tools from Raining Data, PC sharing from Userful and virtualisation from VMware. Additional software for Ubuntu from ISVs will be added.

"This new functionality is a first step towards the simplification of common server deployment scenarios using Ubuntu" said Fabio Massimo Di Nitto, product manager of Ubuntu Server Edition.

Release parties for Dapper Drake are listed here: https://wiki.ubuntu.com/DapperReleaseParties

OpenSolaris Release: BeleniX 0.4.3a

The developers of BeleniX, a full-featured live CD based on OpenSolaris, have announced an updated release - version 0.4.3a: "BeleniX 0.4.3a with JDK 1.5 released! Another release of the live CD this month. The significant feature of this release is the inclusion of JDK 1.5 under the new Distributors License for Java (DLJ) as announced by Sun Microsystems on May 16th in JavaOne. However due to a licensing issue with a required SUN Studio C++ runtime library it is currently an installable bundle and does not execute off the live CD. This is expected to be resolved soon."

Mandriva Linux to include OpenVZ project

Mandriva, the publisher of the Mandriva Linux operating system, and the OpenVZ project have announced that the OpenVZ operating system virtualization software will be included as part of the Mandriva Corporate Server 4.0.

OpenVZ is operating system level server virtualization software technology, built on Linux, which creates isolated, secure virtual environments on a single physical server - enabling greater server utilization and superior availability with fewer performance penalties. The virtual servers ensure that applications do not conflict and can be re-booted independently.

"The OpenVZ technology is a perfect match for our next Mandriva Corporate Server release 4.0. It provides our customers with a proven virtualization layer to deliver flexible and efficient solutions. We are pleased to offer OpenVZ as a standard complug insin the Mandriva Corporate Server 4.0 toolbox to simplify production management and maximize hardware usage," said David Barth, CTO at Mandriva.

"Embedding the OpenVZ technology directly into the Mandriva kernel will give Mandriva customers unparalleled virtualization functionality," said Kir Kolyshkin, manager of the OpenVZ project. "We're very pleased to work with Mandriva and make our technology widely available via the popular Linux distribution."

Trolltech's Qt Development Framework Used for Remotely Managed Xandros Server

Xandros, a leading provider of easy-to-use Linux alternatives to Windows, and Trolltech, a leading provider of technologies that make advanced software faster to build and easier to use, announced that Trolltech's Qt development framework was used to create the new Xandros Server, which recently won the Product Excellence Award at LinuxWorld Boston. Utilizing the robust and efficient Qt framework, Xandros developers created the all-graphical user interface called Xandros Management Console (xMC).

Similar in concept to the Microsoft Management Console that ships with Windows 2000 and Windows 2003 servers, xMC presents a simplified, centralized approach to remotely administering users and services, unlike any other on the Linux server market today. Qt was also used to create a unique plug-in architecture that enables third party services, such as Scalix groupware and RealNetworks media delivery, to be integrated and managed within xMC just like other services running on a Xandros Server.

"Through the use of the robust Qt development framework we were able to save countless hours of development time, while producing superior code and documentation," said Ming Poon, Xandros VP of Product Development. "Qt's cross-platform framework, in conjunction with the platform-neutral design we built into xMC, will allow us to seamleplug insrt a Windows version of xMC so that administrators can manage Xandros Server from their Windows workstations as well."

Xandros Server, built on top of Debian Linux, offers Managed Community model with consolidated system monitoring and workflow automation to address the issues normally encountered when administering SMB systems. It presents a simplified, centralized approach to remotely administering users and services through the all-graphical Xandros Management Console (xMC). It is compatible with any existing Windows domain and networking infrastructure, offering a plug-and-play replacement to costly Windows servers.

For more information about the Xandros Server, visit: www.xandros.com .

Software and Product News

Lexar USB, Phoenix Technologies Latest BIOS Supports BitLocker Drive Encryption

Phoenix Technologies Ltd.has announced a new version of TrustedCore, its innovative firmware that creates a more tamper-resistant platform by proactively protecting X86-based computing devices and their data before the operating system and applications even load. The new version of TrustedCore, through its support of BitLocker Drive Encryption, will provide Windows Vista users with better data protection, pre-boot security and authentication and support for other security specifications, including biometrics and smart tokens. TrustedCore is a secure firmware foundation that will increase client and enterprise security by providing endpoints with strong authentication and a secure execution environment.

BitLocker Drive Encryption provides for full volume encryption and support for pre-boot multi-factor authentication. BitLocker will protect data from being used by unauthorized users or even downloaded inappropriately to thumb drives. Linux and other *IX platforms should also be able to leverage these BIOS enhancements.

TrustedCore architecture enables device designers and manufacturers to create trusted and self-authenticating networked devices. The software delivers a "root of trust" that allows customers to deploy devices that are inherently secure from the start and that support the latest in digital device authentication advancements. Phoenix TrustedCore supports strong, multifactor pre-boot user authentication and validates a user's identity before the system starts.

The new version of TrustedCore advanced firmware includes capabilities that legacy BIOS solutions cannot offer. TrustedCore SP3B enhances endpoint security by providing secure CRTM (core root of trust measurement, also known as BIOS Bootblock) update through its Secure Flash update process. In addition, TrustedCore SP3B supports Unified Extensible Firmware Interface (UEFI) 2.0 and provides developer tools, including a device driver kit for silicon and hardware vendors, and a software developer kit for application developers that want to build UEFI shell applications.

A beta version of TrustedCore SP3B is available immediately and the release version is expected in Q3 2006. For more information, visit www.phoenix.com/TrustedCore.

Lexar Media, announced the development of advanced, secure USB storage-based technologies. Lexar plans to work together with Phoenix Technologies, Ltd. to develop support for locking USB personal storage devices (PSDs) that can be used with the BitLocker Drive Encryption feature. The technology developed by Lexar for BitLocker, will coordinate the PSD-Lock technology protection of Lexar's new enterprise-class SAFE PSD products with the pre-boot authentication capability of Phoenix Technologies' TrustedCore.

This technology will provide protection against unauthorized use of the USB Flash Drive (UFD) that enables the boot of a BitLocker-protected computer and also protect the BitLocker Drive Encryption keys held in the UFD when the UFD is not connected to the protected computer.

Sapient Teams with Watchfire to Expand Web Security and Compliance Testing Services

Sapient, and Watchfire, announced the two companies are working together to help ensure the security and compliance of clients' web assets. Sapient is building on its track record for helping clients stay ahead of tomorrow's most challenging issues by expanding its security and compliance services with Watchfire's AppScan Enterprise and WebXM software.

A recent wave of online security and privacy breaches over the last few years has resulted in more rigid control regulations and industry guidelines. AppScan Enterprise is the industry's first web application vulnerability scanning and reporting solution for the enterprise to deliver centralized control, remediation capabilities, executive security metrics and dashboards, and key regulatory compliance reporting. WebXM is the only automated Online Risk Management solution that audits quality, privacy, and compliance issues across corporate web properties.

PostPath Announces the Drop-In Alternative to Microsoft Exchange

May marked the official debut of PostPath, perhaps the only Linux-based email server to offer drop-in plug-compatibility with Microsoft Exchange. Formerly Apptran Software, the company was founded in 2003 to address the growing frustrations of organizations locked into Microsoft's expensive and inflexible email server.

PostPath has created an alternative by combining publicly available documentation with packet-level protocol decoding to implement the Exchange network protocols on the PostPath Linux email server. As a result, the PostPath Server is the first Exchange alternative to be able to drop into an existing Exchange farm without disruption. It is the first to interoperate with the server-to-server functions of already-deployed Exchange servers and the first to provide full-featured Outlook interoperability without the need for plug-ins, special connectors, or reconfiguration.

The PostPath Server also movies the information store to a Linux file system, simplifying storage, replication, backup and recovery.

"Enabling a five-times performance increase over Exchange and a six-fold reduction in storage costs, granular backup and restore, standards-based virus-filtering, archiving, clustering, replication and disaster-recovery, AJAX web-client support, and drop-in compatibility, the PostPath Server is the first truly enterprise-class Exchange alternative," said PostPath's CEO, Duncan Greatwood.

Visit them at www.postpath.com .

Crescendo Delivers Multi-Tier Application Acceleration for Web Based Applications

At Interop 2006, Crescendo Networks announced the availability of its Application Layer Processing (ALP) technology - the first solution capable of intelligently accelerating application flows across all logical application tiers. It will be available as a software module for Crescendo's Maestro family of products beginning in Q3 of 2006.

Web applications commonly contain multiple logical processing tiers that reside on one or more physical server tiers. As application requests move between the tiers they must often wait for processing attention from upstream or downstream partners. Crescendo reduces this inherent latency by intelligently managing and optimizing the application flow between all logical tiers.

Using definitions created using the Crescendo Rule Engine (CRE), ALP is capable of recognizing for which tier each application request is destined. ALP also understands that different requests impose different processing "weights" on the application with "heavier" requests taking longer to process than "lighter" ones. Request weights can either be manually configured or adaptively learned by ALP. In addition ALP recognizes that each tier in the application has an upper processing limit in terms of simultaneous requests. When a tier reaches maximum capacity, ALP's Admission Control mechanism queues requests within Maestro sending them only to the application when processing capacity is available.

"Crescendo's unique ALP technology represents the first time an AFE [application front end] is addressing our application and database performance bottlenecks behind the web server," said Ian Rae, president and CEO of Syntenic Inc. "This revolutionary end-to-end acceleration approach will enable applications to reach new levels of performance and scalability unattainable by existing acceleration technologies."

Crescendo Network's Maestro product line delivers application acceleration, a faster end user experience, increased security and application assurance. ALP offers patent-pending application layer processing algorithms modeled on bio-medical engineering research techniques. ALP's unique functionality eliminates application overload, intelligently schedules and prioritizes delivery requests, and monitors and reports on application performance across all tiers. Collectively ALP and SLT technologies deliver a level of application acceleration several times greater than the performance capabilities of any other AFE vendor.

ALP will be available for the Maestro product line as a software module. Pricing for the integrated Maestro-ALP solution package will start at $52,000. ALP will be available to existing Crescendo clients as an upgrade.

GroundWork Integrates Powerful Open Source Network Monitoring Technologies at Interop

GroundWork, a leader in open source-based IT operations management, today debuted the integration of additional open source monitoring technologies with its flagship GroundWork Monitor Professional product. With the responsibility of monitoring large mission critical infrastructures as well as InteropNet's extreme interoperability requirements, Interop serves as the ultimate proof-of-concept venue for GroundWork's open source network management system.

GroundWork Monitor Professional is a fully-integrated IT infrastructure and network monitoring solution that is built on top of best-of-breed, open source systems and network monitoring and management tools.

As the official "Open Source Network Monitoring" provider for this year's InteropNet, GroundWork showcased their network management system with additional open source networking tools including Network Weathermap, NTOP (Network Top), MRTG (Multi Router Traffic Grapher), RRDtool (Round Robin Database), Cacti, and NeDi (Network Discovery).

"Open source is disrupting the economics of IT operations management tools," said Ranga Rangachari, CEO of GroundWork. "With GroundWork Monitor Professional, companies can access these open source technologies in a plug-and-play architecture that makes the installation and configuration easier than it is for most off-the-shelf proprietary monitoring solutions. You no longer have to be a technical whiz in open source to enjoy the innovation that's being driven by the community. And the cost savings are tremendous."

-- Network Weathermap (http://netmon.grnet.gr/weathermap/) is an open source technology that provides outstanding visual representations of the network and where usage patterns are occurring.
-- NTOP (http://www.ntop.org/) is an open source protocol analyzer that watches packets go by on the network, describes what individual users are running, and makes it easy for network professionals to display this information on a web browser.
-- MRTG (http://oss.oetiker.ch/mrtg/index.en.html) is an open source network SNMP collector.
-- RRDtool (http://oss.oetiker.ch/rrdtool/index.en.html) is an open source report generation tool.
-- Cacti (http://www.cacti.net/) is an open source discovery tool that excels at extracting values out of RRD databases with SNMP, and allows organizations to present information in their own defined way, leveraging a very user-friendly GUI.
-- NeDI (http://nedi.sourceforge.net/about.html) is an open source network discovery and configuration tool which provides network topology discovery and backup/restore of network node configurations.

San Francisco-based GroundWork Open Source, Inc. (www.groundworkopensource.com) is the leader in the market for open source IT operations management software. More than 125 customers today use GroundWork as their IT operations management platform, taking advantage of the latest open source innovations in a framework architected specifically for mid-market and enterprise line-of-business customers.

Inivis' release of AC3D 6 celebrates ten years of popular 3D graphics software

Inivis Limited announced the release of AC3D 6, its affordable and intuitive 3D modeler; one of the longest established 3D software programs available. Widely used in both educational and commercial environments, AC3D 6 is available for Windows, Mac OS X and also Linux.

AC3D 6 is now a fully integrated subdivision-surface modeler with its powerful polygon control now functioning seamlessly within a subdivision environment. Further new features and additions include a new faster real-time 3D editing engine, intuitive new-look controls, and a catalogue of changes that make selection, handling and 3D shape creation faster and easier than ever before.

AC3D 6 is immediately available for download as a 14-day full free trial from the AC3D website www.ac3d.org. The software is priced at $69.95 for a full version, with upgrades starting at $29.95.

Free CRM now has Google Gmail Support

Free CRM, the world's only free, multi-user CRM software provider has announced Google Gmail support now directly integrated in the Free CRM product. Google Gmail users can now send out mass email campaigns, newsletters and template email merges directly in the Free CRM system. Mail items in your Gmail account can now be copied to contacts in the CRM, capturing important communications via email and providing a seamless and secure integration with Gmail.

Businesses can now sign up for a free Gmail account at Google (http://www.Gmail.com) and a free CRM account at http://www.FreeCRM.com to take advantage of powerful business automation and integrated email functionality.

Google Gmail users can view their POP mail boxes using SSL encrypted security and also send out emails using secure TLS SMTP with FreeCRM.com, thus giving all Google Gmail users the power to utilize advanced security offered by Google Gmail. The combination of FreeCRM.com business services with Google's Gmail provides an inexpensive vehicle for powering small businesses using the latest in online communications technology.

With over 30,000 companies and 53,000 subscribers, FreeCRM.com is the world's leading on-demand CRM provider for businesses worldwide. With unlimited data storage and XML data integration, Microsoft Outlook integration, Palm Pilot, RIM / BlackBerry and Pocket PC support, FreeCRM.com is a major alternative to SalesForce.com and other CRM products.

Visit FreeCRM.com for more info.

LogicBlaze Enables SOA for LAMP Through Partnership with MySQL

LogicBlaze, Inc., a leading provider of open source solutions for Service Oriented Architecture (SOA) and business integration, has entered into an agreement with MySQL AB, under which LogicBlaze will distribute LogicBlaze FUSE for MySQL, a configuration developed exclusively for the MySQL database. Under the agreement, LogicBlaze will resell support for MySQL through the MySQL Network and offer product delivery and coordinated support through subscriptions to its Community-oriented Real-time Engineering (CoRE) Network, which delivers a suite of services for open source SOA, including consulting, training, developer assistance and enterprise production support.

LogicBlaze FUSE is the first SOA and Web 2.0 platform available as an Apache License 2.0 open source distribution, combining enterprise-class messaging scalability, performance and reliability with connectivity for a broad range of interfaces and transports, including native support for Perl, Python, Ruby and PHP.

LogicBlaze FUSE incorporates the Apache Incubator's ActiveMQ, the leading open source messaging platform based on the Java Messaging Service (JMS) specification. ActiveMQ is an open source, easily deployed and extremely robust messaging system that provides a foundation for reliability and scalability in distributed computing environments, including the LAMP and Ajax application stacks. The heart of the LogicBlaze FUSE platform is the Apache Incubator's ServiceMix enterprise service bus (ESB), the leading open source integration solution based on the Java Business Integration (JBI) specification. ServiceMix provides the foundation for an open, standards-based SOA environment. Additionally, LogicBlaze FUSE enables high availability for Ajax applications through Jetty, its HTTP server.

LogicBlaze FUSE for MySQL will be available through the LogicBlaze Web site at www.logicblaze.com.

Intel's Core Microarchitecture Sets New Records in Performance and Energy Efficiency

Intel now has record breaking results on 20 key dual-processor (DP) server and workstation benchmarks. The first processor due to launch based on the new Intel Core microarchitecture -- the Dual-Core Intel Xeon processor 5100 series, previously codenamed "Woodcrest" -- delivers up to 125 percent performance improvement over previous generation dual-core Intel Xeon processors and up to 60 percent performance improvement over competing x86 based architectures.

Fully-buffered dual in-line memory (FB-DIMM) technology allows for better memory capacity, throughput and overall reliability. This is critical for creating balanced platforms using multiple cores and the latest technologies, such as virtualization, to meet the expanding demand for compute headroom.

Intel's new server and workstation platforms, codenamed "Bensley" and "Glidewell" respectively, will support dual- and quad-core processors built using Intel's 65-nanometer (nm) and future process technologies.

The first processors for Bensley and Glidewell are in the Dual-Core Intel Xeon processor 5000 series, previously codenamed "Dempsey." Shipping since March at a new lower price point, they bring higher performance and lower power consumption to the value server and workstation segment. Complementing the 5000 series, Intel will ship the next processor for Bensley and Glidewell in June -- the Dual-Core Intel Xeon processor 5100 series. Based on the Intel Core Microarchitecture, most of these processors will only consume a maximum of 65 watts.

Using the SPECint_rate_base2000 benchmark, which measures integer throughput, a Dell PowerEdge 2950 server based on the Dual-Core Xeon 5100 series scored 123.0, setting a new world record. Using the SPECjbb2005 benchmark, the Fujitsu-Siemens PRIMERGY RX200 S3 server based on the Dual-Core Xeon processor 5100 series broke previous records with a score of 96,404 business operations per second.

An HP Proliant ML 370 G5(a) server based on the Dual-Core Xeon 5100, and using the TPC-C benchmark, which measures database performance, smashed another world record by scoring 169,360 tpmC at $2.93/tpmC. IBM is also in the record books with the IBM System x3650 server based on the Dual-Core Xeon 5100, which scored 9,182 simultaneous connections in the SPECWeb2005 benchmark, which measures web server performance.

These benchmarks, along with additional records set by the Dual-Core Xeon 5000 and Dual-Core Xeon 5100 processors, can be accessed by visiting www.intelstartyourengines.com .

Intel's current price list for 1,000 units includes the Dual-Core Xeon processor 5050 [3GHz, 2x2MB L2, 667 MHz FSB] at $177 on the low end and runs up to the highend Dual-Core Xeon processor 5080 [3.73GHz, 2x2MB L2, 1066MHz FSB] at $851. Intel's Dual-Core Xeon processor 5100 was not quoted.

Magical Realism... (non-Linux news of general interest)

Intel's Otellini Demonstrates Education Notebook -- for the next billion users

Speaking in Austin, Intel Corporation President and Chief Executive Officer Paul Otellini gave the first public demonstration of a low-cost notebook PC for students in developing nations [small pic] and announced a plan with the Mexican government to provide PCs to 300,000 teachers.

"We're close to achieving Andy Grove's vision of a billion connected PCs -- and the economic, social and personal gains that come with them," said Otellini, referring to the Intel co-founder and former CEO. "Our job now is to harness the combined potential of full-featured technology, high-speed connectivity and effective education to speed the gains for the next billion people -- and the next billion after that."

In his speech, Otellini said that the predictions by Grove and of another co-founder of Intel, Gordon Moore, form a backdrop for the new World Ahead Program from Intel. The program's 5-year goals are to extend wireless broadband PC access to the world's next billion users while training 10 million more teachers on the effective use of technology in education, with the possibility of reaching another 1 billion students.

Otellini demonstrated one of the PCs developed from Intel's extensive ethnographic research in developing countries, a small notebook PC for students codenamed "Eduwise." Eduwise is designed to provide affordable, collaborative learning environments for teachers and young students and integrate with other non-computing learning tasks such as note taking and handwriting with wireless pen attachments. Because it is a fully featured PC, the Eduwise design can accommodate other standard software and tools [and operating systems].

Otellini also announced that Intel and the Mexican government have reached an agreement to make Intel's new low-cost, fully featured PC available to 300,000 teachers by year's end. The systems, unveiled last month in Mexico by Otellini as part of Intel's Discover the PC initiative, provide an easy-to-use, fully functional PC for first-time users. Intel also plans to extend teacher training to 400,000 teachers in Mexico through the Intel Teach to the Future program by 2010.

Animated Star Wars CLONE WARS Debuts on iTunes

The adventure of the Star Wars galaxy comes to the iTunes Music Store (www.itunes.com) as Cartoon Network's Emmy Award-winning animated series STAR WARS: CLONE WARS becomes available for purchase and download. The 20 chapters of STAR WARS: CLONE WARS Volume 1 is be available on iTunes, with STAR WARS: CLONE WARS Volume 2 following later in late June. Each chapter, or episode, will be available for $1.99 with the full season of Volume 1 available for $10.99 and can be viewed, after download, on a computer or on an iPod.

The original animated series produced by Cartoon Network Studios, Lucasfilm Ltd. and renowned director Genndy Tartakovsky (Samurai Jack, Dexter's Laboratory) follows the exploits of heroic Anakin Skywalker, Obi-Wan Kenobi, Mace Windu and a legion of Jedi Knights as they fight against the forces of the Dark Side. In 2004 and 2005, Clone Wars was honored with Emmy Awards for Outstanding Animated Program (For Programming One Hour or More).

Hailed for its "fast and furious action" (USA Today) and described as "a thrill ride through the world of Star Wars" (San Jose Mercury News), CLONE WARS Volume 1 picks up where Attack of the Clones left off, while Volume 2 leads directly into Revenge of the Sith. The series originally aired on Cartoon Network and became the No. 1-rated show on basic cable among boys 9 to 17 years old and 12- to 17-year-old teens.

Selected Security NEWS from SANS Institute

--Survey Finds Americans Want Strong Data Security Legislation

A survey from the Cyber Security Industry Alliance (CSIA) of 1,150 US adults found 71 percent want the federal government to enact legislation to protect personal data similar to California's data security law. Of that 71 percent, 46 percent said they would consider a political candidate's position on data security legislation and "have serious or very serious doubts about political candidates who do not support quick action to improve existing laws." In addition, half of those surveyed avoid making online purchases due to security concerns.

--Millions of Blogs Inaccessible Due to DDoS Attack

A "massive" distributed denial-of-service (DDoS) attack on Six Apart's blogging services and corporate web site left about 10 million LiveJournal and TypePad blogs unreachable for hours on Tuesday, May 2. Six Apart plans to report the attack to authorities.

--Soon-to-be-Proposed Digital Copyright Legislation Would Tighten Restrictions

Despite efforts of computer programmers, tech companies and academics to get Congress to loosen restrictions imposed by the Digital Millennium Copyright Act (DMCA), an even more stringent copyright law is expected to be introduced soon. The Intellectual Property Protection Act of 2006 would make simply trying to commit copyright infringement a federal crime punishable by up to 10 years in prison. The bill also proposes changes to the DMCA that would prohibit people from "making, importing, exporting, obtaining control of or possessing" software or hardware that can be used to circumvent copyright protection.

Webinar Explores India's Unique Culture, Business "Do's and Don'ts"

GMAC Global Relocation Services will conduct a complimentary online webinar to help companies that do business in India better understand that nation's unique culture. Titled "Exploring Indian Culture," the one-hour Webinar will begin at 11 a.m. (EDT) Monday, June 5.

"India has what can only be described as one of the world's most complex, fascinating and least understood cultures, with roots dating back thousands of years," said Rick Schwartz, president and chief executive officer of GMAC Global Relocation Services. "For growing numbers of businesses throughout America and the rest of the world, India is evolving into an increasingly important market."

The webinar explores the cultural attributes of India and Indians in the work environment. It also includes an overview of cultural values and recent events that could effect business and expatriate activities in India.

Specifically, the webinar will:
-- Introduce life in India, and detail stereotypes and perceptions of Indian nationals
-- Introduce basic business and social "do's and don'ts" for interacting and working in India
-- Provide a framework for comparing and contrasting cultural differences in India with Webinar participants' cultures along 10 research-validated dimensions
-- Suggest strategies for bridging cultural differences between personal and national cultures

Participation is free and limited to the first 100 registrants. To register, go to: http://www.gmacglobalrelocation.com/insight_support/cc_india_reg.asp

Talkback: Discuss this article with The Answer Gang

[BIO] Howard Dyckoff is a long term IT professional with primary experience at Fortune 100 and 200 firms. Before his IT career, he worked for Aviation Week and Space Technology magazine and before that used to edit SkyCom, a newsletter for astronomers and rocketeers. He hails from the Republic of Brooklyn [and Polytechnic Institute] and now, after several trips to Himalayan mountain tops, resides in the SF Bay Area with a large book collection and several pet rocks.

Copyright © 2006, Howard Dyckoff. Released under the Open Publication license unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 127 of Linux Gazette, June 2006

<-- prev | next -->