Linux News for Nov 30, 2000

• CNET News.com: Dell invests in Linux-for-the-masses company Eazel (Nov 30, 2000, 23:41)
  "Dell, once a staunch ally of Microsoft, has been moving gradually toward embracing open-source Linux as one of its three "strategic" operating systems, along with Windows and Novell NetWare."


• Enterprise Linux Today: Netscape 6: At Long-Awaited Last (Nov 30, 2000, 23:24)
  "So what's the score? Is Netscape 6 a revolution in the making, or is it too little too late? Is it any good for users, and will it make developers' lives easier?"


• LinuxPR: Red Hat Market Share Grows in Japan (Nov 30, 2000, 23:03)
  "Red Hat Linux 7 Represents 40 Percent of Linux Sales."


• The Register: Buying a Linux ThinkPad: IBM's mission impossible (Nov 30, 2000, 22:08)
  "Shop IBM UK uses a similar comparison chart to that used by the US online store, but there's no mention of machines with Linux preinstalled."


• LinuxPR: openCOLA Refreshes You Best (Nov 30, 2000, 21:57)
  "The "open" part of the moniker represents "open source", and the COLA part is an acronym for Collaborative Object Look-up Architecture."


• LinuxPlanet: Adobe Says No to Free Beer (Nov 30, 2000, 21:43)
  When Adobe pulled the plug on FrameMaker earlier this week, it was clear Adobe figured out that it couldn't make any money selling expensive, high-end commercial software to a community that lives for Free Beer. The distressing thing, Kevin Reichard argues, is that the community doesn't realize that the constant clamoring for Free Beer and the disdain for commercial vendors could lead to the eventual demise of Linux.


• eWeek: Dell gives Linux a bigger hug; invests in Eazel (Nov 30, 2000, 21:40)
  "The deal extends the "holy war" between GNOME and KDE (K Desktop Environment). Dell is clearly favoring the GNOME project, with Michael Massetti, Dell's software marketing director, admitting he hoped this deal would make Dell's Linux desktop offering more competitive with KDE."


• Sun Security Bulletin: Potential security issue in [Java] class loading (Nov 30, 2000, 21:37)
  Under certain circumstances, the Java Runtime Environment may allow an untrusted Java class to call into a disallowed class. This is a potential security issue.


• CNET News.com: Red Hat drops Sparc support with new Linux version (Nov 30, 2000, 21:28)
  "The move whittles down Red Hat's product line to Linux software for Intel and Compaq Computer's Alpha chips, though the company plans support for several IBM servers with different CPUs."


• LinuxPR: Trustix Secure Linux version 1.2 released (Nov 30, 2000, 21:22)
  "Trustix AS releases an improved and updated version of the high performing Linux Operating System, Trustix Secure Linux."


• CNET News.com: Did Netscape jump the gun with new browser? (Nov 30, 2000, 20:57)
  "Long heckled for being late to market with its new browser, Netscape Communications is now the target of critics who say the company jumped the gun in releasing the browser this month."


• Red Hat Security Advisory: Ethereal vulnerable to buffer overflows (Nov 30, 2000, 20:34)
  "Versions of Ethereal prior to 0.8.14 are vulnerable to buffer overflows. The ethereal-0.8.14 packages correct this problem."


• Security Focus: An Introduction to Incident Handling (Nov 30, 2000, 20:00)
  "In order to minimize the potential damage from an attack, some level of preparation is needed. These practices include backup copies of all key data on a regular basis, monitoring and updating software on a regular basis, and creating and implementing a documented security policy."


• LinuxWorld: Linux education: A lesson to be learned (Nov 30, 2000, 19:49)
  "The curriculum was ambitious. It also provided the major bone of contention that arose among the LUG volunteers during the class. Should a CLI environment, including some shell programming, be included, or should the whole class be taught from within the training-wheel-like security of a (almost) familiar GUI?"


• ZDNet: Should I stay or should I go? Would anyone miss Corel if it left the Linux market? (Nov 30, 2000, 19:36)
  "Corel has never seemed to grasp where the Linux market was, is, or is going. When the company first came out with a distribution, it concentrated on a desktop play and ignored Linux's strengths in the server and Internet space."


• CNET News.com: Caldera names open-source ambassador (Nov 30, 2000, 19:28)
  "Caldera Systems on Thursday hired open-source guru John Terpstra to be its technology vice president in a push to link the company with outside open-source efforts."


• AllLinuxDevices: Korean Firm Develops First Linux-Based Mobile Phone (Nov 30, 2000, 19:21)
  "A Korean venture firm has developed the world's first Linux-based mobile phone, which includes several multimedia functions. The phone runs on Palm Palm's Linux-based operating system called Tynux, which it developed in June."


• SuSE Security Announcement: netscape (Nov 30, 2000, 19:20)
  "It is recommended to upgrade to the latest version found on our ftp server as described below. The update package introduces Netscape version 4.76."


• eWeek: Transmeta's Crusoe: Who loves ya, baby? (Nov 30, 2000, 19:05)
  "It remains to be seen how Transmeta's processors perform in the LongRun. If nothing else, however, these early numbers offer reason to believe that Transmeta's chip has something to offer beyond just the niche and appliance spaces."


• New Online Resource: PBone RPM Search (Nov 30, 2000, 18:44)
  


• NYTimes: Netscape 6 Browser: Mixed Bag (Nov 30, 2000, 18:29)
  "But if Web-page designers are mostly pleased with Netscape 6, ordinary mortals are in for a broad array of disappointments. The program is a memory glutton, hoarding 20 to 25 megabytes of RAM. (Abandon all hope, ye with 32-megabyte PC's.) Its speed is fine once you're online, but it takes nearly a minute to start up, even on fast Macs and Windows PC's - long enough for you to say, 'I wish this browser were built into the operating system' 20 times in a row."


• ZDNet UK: Codemorphing: Fresh as a DAISY (Nov 30, 2000, 16:45)
  "Transmeta's not the only chipmaker with codemorphing software. IBM Research is developing its own way to ensure VLIW chip compatability."


• LinuxWorld: Testing Netscape 6; Is it possible to be both big and efficient? (Nov 30, 2000, 16:30)
  "I performed three tests. They were in no way scientific, but represent to me a real-world situation from which a user may draw an opinion."


• SARC.com: PHP.Pirus; first virus written in PHP (Nov 30, 2000, 15:55)
  "The virus searches for .php and .htm files and inserts code to call itself. The virus executes only on servers with PHP interpreters."


• Journal of Open Source Medical Computing (JOSMC): First Call for Papers (Nov 30, 2000, 14:48)
  "The Journal of Open Source Medical Computing (JOSMC) is open and issuing its first call for papers. ... The Journal '...is an electronic forum for disseminating information on free and open source medical computing. Scholarly work on any aspect of free and open source medical computing will be considered for peer-reviewed publication...' "


• SourceForge.net: Announcing GNU-Darwin (Nov 30, 2000, 14:19)
  "GNU-Darwin aims to the most free Darwin distribution."


• GameSpy: Indrema: Developer Diary 2 [CEO John Gildred writes about Indrema development issues] (Nov 30, 2000, 13:09)
  "Still with the release of the IESDK, some questions have surfaced from the online discussions at IDN. I had a chance to respond to many of them on the IDN mailing lists, but I think this article is a great opportunity for me to go over some of the more popular questions."


• LinuxNews.pl: Polish Parliament deploys Linux [Updated with Link to story in English] (Nov 30, 2000, 12:56)
  "Its offices have started the migration from PCs to an x-terminal based computer infrastrucure. 100 Linux-based x-terminals with the Intel Celeron processor and Linux operating system installed in flash memory are almost ready to work."


• TechWeb/Reuters: Transmeta Confirms Recall Of Crusoe Chips (Nov 30, 2000, 08:49)
  "Transmeta Corp. confirmed Wednesday that it is working with Japanese computer maker NEC Corp. to recall notebook computers built with flawed versions of its power-saving Crusoe microprocessor."


• Penguins Get Tropical? A Sign From Above, Perhaps... (Nov 30, 2000, 08:19)
  "Like these lost little penguins, Linux finds itself popping up in the strangest places, and at the strangest times."


• European-Patent-Office.org: Decision on Software Patents (Nov 30, 2000, 07:55)
  "First, I should point out that the Conference agreed not to delete computer programs from the list of non-patentable inventions. For the meantime, the existing legal position therefore remains unchanged."


• Security Portal: ISC DHCPD (Nov 30, 2000, 07:46)
  "DHCP stands for Dynamic Host Control Protocol and does exactly what it claims. There is practically no information available online regarding DHCP security. This is odd, considering the ubiquity of DHCP servers on most networks."


• FreeOS.com: Securing Linux: Part 1 (Nov 30, 2000, 07:39)
  "This article aims at giving novice users an insight into conducting a security audit of their systems and helping them take corrective measures in order to avoid any future security lapses."


• Linux Weekly News for November 30, 2000 (Nov 30, 2000, 07:28)
  Leading items and editorials: Adobe pulls the plug on FrameMaker and Linux and viruses.


• Internet Week: Cobalt's Qube 3 isn't merely an appliance any more (Nov 30, 2000, 07:09)
  "It's not just a low-priced small-office server appliance anymore. With its latest Qube 3 server, Cobalt Networks Inc. has done the seemingly impossible: turned an appliance into a complete and viable platform."


• Kernel Cousin Debian Hurd #69 By Paul Emsley and Zack Brown (Nov 30, 2000, 03:55)
  Highlights from the Debian-Hurd development mailing lists for the previous week.


• Debian Security Advisory: fsh symlink attack (Nov 30, 2000, 00:06)
  "When fshd starts it creates a directory in /tmp to hold its sockets. It tries to do that securely by checking of it can chown that directory if it already exists to check if it is owner by the user invoking it. However an attacker can circumvent this check by inserting a symlink to a file that is owner by the user who runs fhsd and replacing that with a directory just before fshd creates the socket."


• Red Hat Security Advisory: Ethereal vulnerable to buffer overflows (Nov 29, 2000, 23:03)
  "Versions of Ethereal prior to 0.8.14 are vulnerable to buffer overflows. The ethereal-0.8.14 packages correct this problem."