Linux Today: Linux News On Internet Time.

November 2009 Archives

Here a couple of stories that caught my attention today:

FSF works with PayPal to the benefit of the free software community

"However, FSF recently discovered that PayPal had added a proprietary software license to its User Agreement. FSF license compliance engineer Brett Smith explained, "Of course, the FSF couldn't agree to those terms, so as soon as we learned about them, we contacted PayPal to see if we could make other arrangements. The company listened to our concerns, and specifically excepted us from these conditions. But not only that: next year, PayPal is also updating its user agreement to ensure that the free software community can continue to receive and make payments without having to accept a proprietary software license.""

A pretty good deal all around, I think. Good for PayPal and its customers, good for the FSF for one more gain towards freedoms that benefit real people.

On the other side of the pond, Britain seems to be caught in the thralls of an insane tyranny:

Britain's new Internet law -- as bad as everyone's been saying, and worse. Much, much worse.

"So it's bad. £50,000 fines if someone in your house is accused of filesharing. A duty on ISPs to spy on all their customers in case they find something that would help the record or film industry sue them (ISPs who refuse to cooperate can be fined £250,000).

"But that's just for starters. The real meat is in the story we broke yesterday: Peter Mandelson, the unelected Business Secretary, would have to power to make up as many new penalties and enforcement systems as he likes. "

Setting up proper wireless encryption is easier than ever on Linux. WEP is broken and has been for a long time, but WPA and WPA2 are still going strong. Eric Geier shows how to configure your Linux client to connect to a proper wireless encryption and authentication server to set up a secure wireless connection.

In this tutorial series, we'll first see how 802.1X authentication fits into the big picture of wireless LAN security. Then we'll configure the authentication settings in Ubuntu. Lastly, we'll review the manual configuration of 802.1X supplicants. Lets get started!

The transition from WEP to WPA to WPA2

Back when the vulnerabilities of WEP encryption for Wi-Fi networks were uncovered, the IEEE and wireless industry started developing new protocols and standards. They came up with the 802.11i, a standard to finally implement a fully secure encryption mechanism for wireless LANs. Before it was completed, the Wi-Fi Alliance released the Wi-Fi Protected Access (WPA) encryption standard, loosely based on 802.11i using TKIP for the underlying encryption. Later they released WPA2, which includes full support for 802.11i using AES/CCMP encryption.

As many news outlets have discussed lately, there have been more flaws found in the first version of WPA. However, unlike some reports say, it hasn't been cracked; full encryption keys or passphrases haven't been recovered. The flaws apply to the underlying TKIP encryption and affects both the Enterprise and PSK modes of the first version of WPA. This does not have anything to do with WPA2, which uses a fully secure AES/CCMP encryption. Though WPA currently provides adequate security, especially with long and mixed character passphrases, you should try to migrate to WPA2--and make sure you don't use WEP at all...

Read the rest of the story at LinuxPlanet

Yes Users Matter

If you want other people using your software, that is. There is never perfect harmony between devs and users, but it's much better to respond to questions with a pointer to a FAQ or a manual than to ignore them, or to crab at them for asking, or worst of all, tell them to Google or trawl mailing lists. Web, forum, and mail list searches are for edge cases and troubleshooting, not for basic howtos.

"Documentation" covers a lot of ground, from basic man pages to glossy four-color books. Let's take a look at the different categories of documentation, and what is reasonable to expect.

man Pages

Man pages are awesome. I love man pages. They don't require a graphical interface, which is nice when Xorg or video drivers are broken, they don't require Internet (assuming you don't have some weirdo distro that doesn't install them), and you always know how to find them-- type man commandname. Nice and easy. (We'll talk more about these, and other ways to find and use documentation, in Part 3.)

Command Documentation

Whether this is in a man page or some other form, documenting all the commands and command options in an application is essential. I shouldn't even have to say this. How else is anyone going to know them, telepathy? ...

Read the rest at LinuxPlanet.com

The Internet and Google enable laziness in FOSS development because they make it too easy to abdicate the job of proper documentation to "The community." Telling users and potential contributors to use Google, mailing lists, and forums is not documentation. It's a way to guarantee having fewer users, unhappy users, and fewer contributors.

cool linux swag

| | Comments (0)

zareason, system76

Another week, another round of tinkering and messing around with Linux doodads. The Ubuntu Koala text installer has a years-old bug, and Fedora 11 LiveCD has a showstopping installer bug. Never a dull moment in computer-land!

I have a Hewlett-Packard Laserjet 3050, their budget all-in-one printer, copier, fax, and scanner. According to the device matrix in the open source HPLIP project this machine is completely supported in Linux. However, I have a different definition of "support" than HP-- theirs seems to be "A determined and stubborn Linux guru can make the darned thing work if they try really hard."