•   Distro Watch
•   Linux Today News Service
•   News for nerds, stuff that matters
•   The O'Reilly Network ONLamp Articles and Weblogs

Source: LinuxTracker.org

Category: Debian Size: 3.59 GB Status: 3 seeders and 7 leechers Added: 2006-09-26 19:41:49

Source: LinuxTracker.org

Category: Debian Size: 4.36 GB Status: 3 seeders and 7 leechers Added: 2006-09-26 19:40:53

Source: LinuxTracker.org

Category: Debian Size: 4.30 GB Status: 3 seeders and 15 leechers Added: 2006-09-26 19:37:20

Source: LinuxTracker.org

Category: MyahOS Size: 693.50 MB Status: 2 seeders and 10 leechers Added: 2006-09-26 17:35:08

Source: LinuxTracker.org

Category: Sabayon Linux Size: 699.07 MB Status: 8 seeders and 12 leechers Added: 2006-09-26 16:47:07

Source: LinuxTracker.org

Category: Sabayon Linux Size: 693.70 MB Status: 21 seeders and 79 leechers Added: 2006-09-26 16:45:46

Source: LinuxTracker.org

Category: SAM Size: 692.12 MB Status: 1 seeders and 2 leechers Added: 2006-09-26 13:06:23

Source: LinuxTracker.org

Category: SAM Size: 692.17 MB Status: 13 seeders and 8 leechers Added: 2006-09-26 06:31:54

Source: redwall

A major new version of redWall Firewall has been released. Unlike the 0.x and 1.x series, which were based on Red Hat Linux, the new version is now built from Gentoo. From the release announcement: "redWall Firewall version 2.2.1 has been released and is available for download. Major .

Source: lfs

Jeremy Utley has announced the release of Cross Linux From Scratch (CLFS) 1.0.0, a book that teaches how to make a cross-compiler and the necessary tools to build a basic system on a different architecture: "The CLFS Development team is pleased to announce the final release of CLFS .

Source: rockscluster

Rocks Cluster Distribution has been updated to version 4.2.1: "Rocks v4.2.1 is released for i386 and x86_64 CPU architectures. This is a maintenance release to Rocks v4.2 which contains bug fixes and usability enhancements." New features in this version include the following: "During Roll selection, the disk ID .

Source: Linux Today

With the recent public release of Red Hat Enterprise Linux 5 beta 1, system administrators like myself (and their IT managers) may face major system upgrades in the near future

Source: Linux Today

Breach Security acquired Thinking Stone, the leading provider of services and enhancements for the ModSecurity web application firewall

Source: Linux Today

Speaking to about 20 open source-minded attendees of the Microsoft Web Developer Summit, Microsoft exec Brad Wilson introduced Codeplex, essentially Microsoft's take on the code repository

Source: Linux Today

Mandriva today is proud to introduce its brand new product: Mandriva Linux 2007

Source: Linux Today

While the release of the new open source Scalix 11 Community Edition messaging server is still a few months away, the binaries have been brought out in a preview package

Source: Linux Today

"Virtualization capabilities shore up Novell's already solid SUSE Linux Enterprise Server "

Source: Linux Today

The price and flexibility of an open source router is sometimes enough to lure in users, despite the router's reputation for having support and usability issues

Source: Linux Today

Richard Stallman doesn't think it's okay to use proprietary software to make free software popular

Source: Linux Today

Red Hat Inc., a distributor of open-source Linux software, expects its sales in the greater China region to double in fiscal 2007 and grow by 85 percent in fiscal 2008, an executive said on Tuesday

Source: Linux Today

The New York Times reports this morning that IBM will announce a new patent policy later today

Source: Linux Today

Marking what could have been a summer-long hiatus in its 'Get the Facts' campaign, Microsoft is re-igniting the flames on the argument over whether enterprises spend less to manage Windows systems than Linux systems

Source: Linux Today

In other words, it is asking the court to throw out SCO's entire case, and to grant it judgment on two counterclaims without even going to trial on those two

Source: Linux Today

Scalix recently announced that its enterprise email platform will be going open source. Right now preparations are being made, the bugtracking system and code repository are being set into place, and code is being cleaned

Source: Linux Today

Democracy Player (also known as DTV) was hatched from the firm belief that television ought to be as free and open as open source software

Source: Linux Today

How many times has someone verbally explained how to do something on a computer to you? How many times do you end up asking them to just show you ?

Source: Linux Today

The Family Guide to Digital Freedom is a website and an accompanying book created by Marco Fioretti, a part-time journalist who writes about free and open source software

Source: Linux Today

Unix text utilities were designed primarily for programmers and admins, but here's a little secret: the utilities also work well for writers

Source: Linux Today

A couple of years back, the computers were connected to each other by what is known as a bus network where all the computers were connected using a single coaxial networking cable hooked to each computer using a T connector

Source: Linux Today

Today's security advisories: kernel-source-2.4.27 and kernel-source-2.6.8 (Debian GNU/Linux); gzip (Gentoo Linux); and mozilla-thunderbird (Ubuntu).

Source: Linux Today

Presenting Bluetooth in 2006 is hard. By all accounts, it should have emerged much sooner to be omnipresent by now

Source: Linux Today

Humor: "This guide is pretty straightforward. No introductions, lectures or philosophing about love. Follow it from beginning to end, and you might get a woman today !"

Source: Linux Today

Unfortunately, part two of this story is not filled with such joy. The Ubuntu box is dying

Source: Linux Today

"The Free Software Foundation wishes to clarify a few factual points about the Second Discussion Draft of GNU GPL version 3 " Press release within.

Source: Slashdot: Linux

lisah writes "Linus Torvalds has a lot of reasons for not wanting to participate in drafting the third version of the GNU General Public License (GPL): He doesn't like meetings, says committees don't make sense, has philosophical differences with the Free Software Foundation, and seems to be generally distrustful of the whole drafting process. Though Torvalds prefers the GPLv2, he says if others prefer the GPLv3, they ought to support it because 'it's not like it kills and eats small children for breakfast, and must never be allowed.'" Linux.com and Slashdot are both owned by OSTG.

Source: Slashdot: Linux

Lost+Found writes "After three and a half years of case proceedings, summary judgement motions have been submitted in the highly controversial SCO v. IBM case. SCOX shares took a loss of 18.75%, or $0.39, to close at $1.69. IBM shares rose 0.97%, a gain of $0.79, to close at $82.00. From the article: 'Both sides in SCO v. IBM have filed motions for summary judgment. To be precise, SCO has filed one for partial summary judgment and IBM has filed several motions for summary judgment, one for each of SCO's claims and two more for good measure on two of IBM's counterclaims. In other words, it is asking the court to throw out SCO's entire case, and to grant it judgment on two counterclaims without even going to trial on those two.' More motions for summary judgement from SCO against IBM counterclaims are currently being uncovered at Groklaw."

Source: Slashdot: Linux

sankyuu writes "After years of rumor and vacillation over fear of patents, the city of Munich has decided to trickle in its first 100 linux terminals. The floodgates are scheduled to fling open by 2008, when 80% of government PCs should be running Linux."

Source: ONLamp.com

Twice now I’ve been hit by cars. The first time it was no big deal. My vehicle wasn’t damaged and neither was I. The second time, a guy wasn’t paying attention and ran a stop sign and totalled the car I just bought. Both times I knew people who urged me to sue. I thought that was pretty ridiculous. For the second incident, I called the guy’s insurance company and asked that they pay replacement value for my car, my hospital bills, and time lost from work. They paid in full and even gave me a $5,000 “bonus” for not suing, even though I didn’t ask for that.

I received no money for the first and a fair amount of money for the second. What’s the difference? In the first case, though there was negligence (the lady who hit me was driving on a learner’s permit and slammed on the brakes in the rain), there was no damage. In the second case, there was negligence and considerable damage. It was only reasonable that the guy pay up. Once I even had a hospital bill wiped out because a doctor stitched up my lip but forgot to remove some splinters that were still in it. The doctor was negligent and the hospital assumed responsibility.

So what’s wrong with software manufacturers? Why the heck can’t we sue them when they do something wrong? When your business suffers millions of dollars of losses because some software malfunctions, why can’t we hold software companies liable? According to one survey, bad software annually costs companies $59.5 billion in losses (and that’s only in the US economy!). At least half of those losses are born by end users. I think it’s time that malpractice be extended to software producers, but doing it wrong will make things much, much worse. It could also destroy the open-source movement.

Malpractice is essentially the condition in which someone suffers harm due to a provider (software, legal, medical and so on) not following accepted standard practices. There are three broad categories of malpractice.


Willful
When the provider knowingly follows substandard practices.
Negligent
There is no intent to follow substandard practices, but the provider is rushed or sloppy in their delivery of services.
Ignorant
Where the provider is unaware of standard practices


The first big problem comes in defining “standard practices”. Any Perl code which doesn’t run under taint mode is immediately suspect. Buffer overflows using untrusted data should not be tolerated. Home brewed encryption? Out. Any licensing scheme or software design which prevents users from fixing security holes on their own should be null and void. But there are problems there. Any of the aforementioned “issues” could potentially be defended. Someone has to be the first person to try a new encryption method. Also, there are too many other areas where standard practices is a terribly ephemeral thing. It’s not a problem easily solved.

Getting back to the categories of malpractice, to my mind, willful malpractice is the worst and it should result in substantial punitive damages in addition compensatory damages. Any provider who knowingly does things which could harm the consumer should be punished severely. I’ve no sympathy for them (I’m lookin’ at you, Sony). However, proving this could be very difficult and, as a result, may make cases harder to win.

Negligent malpratice happens all the time. How many times have developers been rushed to push products out by a deadline and not had time to do a full security audit of their software (have you ever done a security audit of your software?)

Ignorant malpractice, however, is probably the most common. phpBB is one of the most widely used bulletin boards available, yet from the number of security holes which keep pouring in, it likely shouldn’t be used. Oh, I know how it goes: “yeah, just upgrade to the latest version!” But they’ve had such an awful track record that I can only ask: would you trust a car company whose cars keep exploding but say “yeah, but this one’s safe!” No, you probably wouldn’t.

phpBB security holes abound and the developers are probably guilty of negligent or ignorant malpractice. I seriously doubt they’re guilty of willful malpractice. But how would you sue them? Who would you sue? The developers aren’t making money and suing them will merely ruin the lives of inviduals who just wan to help others. I’m not sure this is going to do anyone any good. And once the security hole is fixed, can you sue your ISP for not upgrading?

So this is the crux of the problem. Suing people for software negligence would be a chilling effect on the open source movement. I’ve released a large amount of open source code, including security patches for Perl and code designed to make CGI scripting safer. I have never knowingly released open source code with a security hole and cannot recall a single security-related bug in any of my software. However, that doesn’t mean my software doesn’t have security holes. Knowing that I could be sued if I screw up might well give me pause about releasing software. However, more than once I’ve knowingly released code with security holes. I’ve been ordered to at past jobs. It’s easy enough to say “just quit!”, but that’s a simplistic answer for people who may have little choice in the matter. Developers in depressed ecomies who have a spouse and children may very well have their back against the wall.

Ultimately, large software companies are in the best position to fight lawsuits, but by the very nature of their code and their bank accounts, they’re likely to be inundated with them. Any laws designed to shield people who give code away for free is something they’d lobby vigorously to prevent (and Microsoft doesn’t charge for IE. Should that be exempt from liability for one of the most dangerous software products of all time?) We really need to update the laws to make companies liable for the harm they cause, but any such laws have a good chance of destroying much of the open source movement. I don’t know how to get around this.

Also, any such law should have both grandfather clauses (don’t sue Microsoft for security holes written before the law comes into effect) and a long lead time (for the law to come into effect now would destroy many companies).

With identify theft via software bugs being rampant, with companies seeing millions of dollars of data destroyed or corrupted, with people sitting idle while their computers are being fixed again, it’s high time we start making people liable for all of the damage they cause. Right now, we can’t even force companies to digest or encrypt people’s passwords, for cryin’ out loud! Software manufacturers are laughing all the way to the bank and their deposits are made with the money you and I lose.