Brian W. Carver -- Share Alike

FSF's Savannah Servers Compromised

Slashdot readers learned recently that Debian's servers were compromised. More info. And then learned that a kernel exploit was apparently the means of attack. It appears that the Free Software Foundation's servers have been compromised using the same exploit. The servers are back up in part. You may recall, Savannah is a central point for development, distribution and maintenance of GNU Software. With two extremely similar attacks on the two Free-est of Free Software projects, the question has to be asked: Does someone hold a grudge against Free Software? Who stands to gain from these sites having security vulnerabilities based within the Linux kernel? Or is it just a coincidence? The acts of a random cracker? Either way, what can the community do to catch this/these criminal(s)? (This was a rejected Slashdot submission of mine.)

Brazil's GNU/Linux Free Cybercafes

BBC News has an article describing Brazil's GNU/Linux Free Cybercafes. Two and one-half years ago there were about three million people in Sao Paulo without any access to computers. Now, about 250,000 people are using the nearly 100 net cafes.

Since last year, all the centres have been using the free operating system GNU/Linux.

"The government is the biggest software buyer," said Ms Tibirica. "We can save a lot of public money using the free software solution."

She pointed out that the free software has many advantages: no need to pay for licences and it is possible to use a simpler version of the computer, with one server and several thin clients - computers without hard disks.

These computers, according to Ms Tibirica, cost a quarter of the price of a machine and have reduced maintenance costs.

The government has plans within the next few months to buy 10,000 more computers for schools. Let's hope this doesn't turn out like the metric system. When the rest of the world is running Free Software, hopefully the U.S. will get on board too.

CAGW Press Release Misunderstands Open Source

This press release from the Consumer's Against Government Waste lambasts the state of Mass. for adopting open source software. Here's the letter I wrote them trying to steer them away from their misunderstandings:

Hi,

Your press release at: http://www.cagw.org/site/PageServer?pagename=news_NewsRelease_09302003b

seems to exhibit a couple of misunderstandings that, if corrected, would likely lead to a change in the position of the CAGW.

The CAGW says in another current press release that "Competition leads to improved production and higher customer satisfaction." I could not agree more. Competition is a good thing. That's also why Massachusett's proposed move to open source software will also be a good thing, because it will increase competition. A simple example can illustrate:

If Massachusetts uses a proprietary vendor, like say PeopleSoft, for its numerous human resources software needs, then when they need upgrades, changes, improvements, services, technical support, etc for that software then there is a single vendor they can turn to for those services, namely PeopleSoft. The proprietary vendor of a closed-source program has a monopoly on the servicing of that software, which you rightly recognize as a major component cost of software used by the state.

On the contrary, if an open-source program were used instead to meet those same state needs, then when the state needs upgrades, changes, improvements, services, technical support, etc for that software then there are an unlimited number of potential vendors from which the state might choose. The reason for this is obvious: with an open source program any competent IT vendor can familiarize themselves with the source code and offer services for that software. Indeed, widespread government use of open source software would almost certainly spur the formation of new businesses whose sole aim would be to service such software. This situation is impossible with proprietary software because a single vendor holds monopoly control over its source code.

Also, nothing about the adoption of open source software excludes traditionally proprietary companies from joining the competition. Open source software creates a level playing field where even Microsoft themselves could decide to support such software with service contracts. Indeed, traditionally proprietary vendors could also still sell their software if they simple opened the source for inspection. And as you point out, the "Free" in "Free Software" does not necessarily refer to the price. Traditionally proprietary vendors can still make profits on selling open sourced software if they choose to. There are numerous NASDAQ-listed companies whose whole business model is selling open-sourced software for a price.

I agree that "the best policy on the use of software is to place all products on equal footing" but your release fails to recognize that choosing a proprietary program puts a monopolist in a position of total control, whereas choosing an open-sourced program places all software service vendors on the equal footing we both would like to see.

I could elaborate more, but I trust you are fully capable of reflecting on these issues yourself and I believe if you look at all the information carefully you will see that the way towards greater competition on an equal footing is through open source.

Brian W. Carver
Oakland, CA

Matrox G550 on Debian Woody

For posterity: If you want to install Debian Woody on a machine using a Matrox G550 graphics card, then realize that the version of XFree86 that comes standard with Woody won't work. After the basic install you will be stuck at a command line and must do this:

1. brush off your vi editing skills and edit /etc/apt/sources.list to include only the unstable sources.
2.. apt-get update
3. apt-get install xserver-xfree86
4. edit /etc/apt/sources.list back to stable sources only.
5. apt-get update
6. edit /etc/X11/XF86Config-4 to delete the line setting UseFBDev to true.

Now it will work.

SCO's Code Revelation Smashed by Slashdotters

Check this out. The Slashdot Discussion of SCO's peek at the allegedly offending code is an amazing illustration of the power of the internet. SCO claims some of their copyrighted code has been stolen and put into Linux. When they finally offer up a public view of the allegedly offending code, it takes only a matter of hours before thousands of geeks worldwide have shown that the code is actually over 30 years old and either in the public domain or already licensed under a free software license. In fact, the prior incarnations of SCO even gave away this code for free on their own website! All the links are in the discussion, but it is a strong first glimpse at how pathetic the chances are that SCO can sustain their case against IBM, et al. This army of Linux defenders will dissect every piece of evidence they can get their hands on, and IF their is found to be some truly stolen code, the predictions that it will be mere hours or weeks before kernel developers write suitable replacements also seems extraordinarily certain. The power of a motivated internet-organized community to do distributed research projects is greater than most people (and apparently SCO) realize... Update: 8/19 Bruce Perens has a great summary of the history of this code.

Wireless Debian Works!

I'm overjoyed. I've got my LinkSys WPC11 Ver 3 Wireless PCMCIA card working with Debian. It's the first time I've gotten this card to work with any distribution. The weird thing was that the wireless card has a little green light indicating a connection when solid and none when blinking. Well, I couldn't get it to stop blinking, even though it is one foot from the access point. What made it work, strangely, was plugging in my wired card (it then went solid). Nothing else seemed to help. I was then able to do: pump -i wlan0 and it got an IP address via DHCP. I then unplugged the wired card (because I was suspicious the wireless card wasn't really doing the work!) and the green light stayed solid and I got the net! Whew. It shouldn't be as hard as it was.

Fun at LinuxWorld 2003 Expo

So,

First a tip: when the expo floor opens at 10 AM, walk straight ahead and to the left a little bit towards the gigantic Red Hat display to get your free red hat. They only give away these good-looking caps at certain times of the day. I missed it at first because I went directly to the Free Software Foundation booth. Without them, there would never have been any such thing as a LinuxWorld conference, so I began at the beginning.

EFF was there selling good bumper stickers. I bought "Fair Use Has a Posse". The guys from React OS were interesting. They have their own operating system (not based on Linux) that is attempting to be compatible with Windows NT/2000. I got to see the whole OS install in about 2 minutes and then it booted up and ran Minesweeper in a window. Windows was not running. React OS was running. This was cool.

There were a lot of other cool things that I may go into later, but let me sum up the main part of the day. The Debian folks were supposed to have a booth. Somehow the bureaucratic necessities didn't get taken care of and so there was no Debian booth. Instead, a number of Debian developers, users, and other interested parties sat down in the floor in a spot where some exhibitor had failed to show. There were several open WiFi networks available from this location and electricity outlets. So, in an impromptu fashion, Debian people spent the whole day in the floor burning Debian CDs for passersby and hacking around on their laptops. I had some guys help me try to get my wireless card working in my laptop. (Unfortunately still a work in progress.) Efforts were also made to acquire a legitimate booth, but nearly $300 is/was needed, and so a real Debian booth may materialize tomorrow or the next day, or perhaps they'll be back in the floor. I had a lot of fun. Pictures soon.

Also, someone put a poster on the Microsoft booth. Not just any poster. It was a raging picture of Tux trampling the Redmond HQ that reads, "Good Evening, Mr. Gates, I'll be your server today!" (Popular from the '99 San Jose Expo.) This stayed there for the last half of the day without the Microsofties noticing. Pictures of this too very soon!

LinuxWorld Expo Tomorrow!

I've been sort of out of the news loop lately with all this moving and unpacking, and I just realized that I can go to the LinuxWorld Expo tomorrow (and Wednesday and Thursday if I like!) It's in San Francisco, so it's a simple BART ride for me! Woohoo! (Ok. I realize it's geeky to be excited about going to a geeky conference, but from what I understand the exhibitors at these things have lots of free stuff to give away, so that's ... well, no, that's still geeky. Ahh well, I'll tell you about it tomorrow.)

Debian 3.0r1 on Laptop

Some may recall that I recently installed SuSE 8.2 on my laptop. I finally decided that I had wireless networking so screwed up on there that I would have to do a fresh install of SuSE 8.2 to get it working. But before doing that, I've been wanting to try the latest official Debian release, code-named Woody.

Well, actually that's not accurate. I wanted to try the more bleeding edge version called Sarge, and so at first I downloaded 10 CD-Roms worth of Sarge only to learn that the Sarge installer is seriously broken. Don't bother with that just yet.

But boy was I amazed at the installer on Disc 1 of Debian 3.0r1! It worked perfectly, and before I knew it I had booted into KDE. Granted, I had to know a little bit about partitioning hard drives and find out that my laptop's graphics card is by Neomagic, but all-in-all, WOW. A year ago I tried to install 2.2r5 Potato and it was nightmarish. The Debian folks have made major improvements.

The coolest thing was that when I got into KDE it still had not configured my PCMCIA ethernet card, but I read that I could user etherconf to configure it, and just did: apt-get install etherconf and in no time the card had received an IP address via DHCP. Wow.

The apt package system is working wonders for me elsewhere too. I've managed to apt-get gaim, openoffice.org 1.0.3, and did all the security upgrades seamlessly. I am now working on the java and flash plugins for mozilla. This thing will be a free-software running blaze of glory shortly! There's still the wireless card issue to tackle, but I want to get everything else working first.

If you have no idea what Debian is, then you are missing out. Go to debian.org and start learning. It may actually not be the best GNU/Linux distriubtion for first-timers, but once you take back control of your computer, I get the feeling that Debian might be one's last, because so far, it is sweet.

Univ. Wisconsin not Renewing Microsoft License

The University of Wisconsin will not sign a new campus or enterprise agreement with Microsoft to replace the one that expires on July 31, 2003. None of the options presented by Microsoft were acceptable, as UW's only options were to give up license ownership by entering into an open-ended lease or to continue license ownership at an over 100% price increase. Budget shortfalls made the latter option impossible. UW says they will now support Sun's StarOffice suite as they expect many of their current users will not wish to pay for continuing use of the previously licensed MS software. Sun offers educational institutions a no-cost site license of Star Office. Seems to me someone else needs to jump on this opportunity. Red Hat or SuSE should strike a deal with this campus of over 40,000 students to offer them an alternative to the monopoly taxes they are facing. Anyone listening?

SuSE 8.2 Pro Review

I've been using SuSE 8.0 on my Sony PCG-F370 laptop (dual boot with Win98SE) and on my ancient cobbled together desktop for over a year now. I skipped the upgrade to 8.1 because everything was working and I didn't hear any rave reviews of 8.1. On the contrary, many upgraders to 8.1 seemed to end up breaking things, so I've waited until now to make this move. I was also scared of the switch from LILO to GRUB. I'd like to see three things from SuSE 8.2 Professional:

I hope my Linksys Wireless card in the laptop just works.

I'd like for my linux-based Zaurus to finally be able to synch with SuSE. and

I hope GTK+ 2.0 or greater is automatically or an optional install, because I've been trying to compile all the dependent packages for it on 8.0 forever and cannot get it working. This is necessary to make the latest versions of the all-in-one Instant Messenger, GAIM, work.

I'm going to start on the Pentium III 450MHz laptop first, mainly because I care less if it happens to trash everything on that computer. Also, since it has a DVD drive, I'm hoping to swap discs just once during the whole install.

I picked up SuSE 8.2 Pro at my local Fry's Electronics for $79.99 + tax. The first thing I noticed was that the seal on the bottom of my box was broken. Doh! I hope no one stole my SuSE sticker! (8.0 offered no stickers at all!) Aha, once you open the bizarre CD holder, a puzzling SuSE sticker reveals itself. It's not the familiar chameleon/lizard, so far as I can tell, but looks to me more like a green radioactive symbol. Ok, in goes DVD 1.

I choose "Installation" (while wondering what "manual installation" means) and it starts loading the Linux kernel. I'm surprised at the blue screens, since SuSE has always been green in the past. Looks nice. After five minutes the laptop's touchpad is working to allow me to select English as my language. (My USB mouse is not yet working). SuSE has recognized that I already have linux on this laptop and so I select "Update an existing system". I am automatically prompted to create a backup of config files and I comply. I can choose an update mode, and go with the default system, allowing it to "clean up the system" by deleting unmaintained packages. It realizes that I have SuSE 8.0 and is going to update 340 packages and check 14 packages manually.

There is a button called "Detailed selection..." and, perhaps foolishly, I click it. SuSE finds a dependency conflict between cups and lprng and between libdvdnav for xine versus the one for MPlayer. I choose to delete lpdfilter and lprng and to "not set libdvdnav to Protected" (whatever that means) to resolve the conflicts. It looks like that resolves the cups/lprng issue, but now my only option is to remove MPlayer and xine-dvdnav, as that conflict remains. It is happy now.

Apparently SuSE would like me to delete GAIM, IBMJava2-JRE, several dvd libraries, ogle, RealPlayer, StarOffice 5.2, and xine. I'd like to make the latest version of GAIM work anyway, and don't much care about the rest, so I'll delete 'em all to make the installer happy. Wait, there's an option to "update if newer version available" which apparently works for RealPlayer and some of the dvdlibraries.

Under Package selections I see that none of the Games will be installed. What!? This is a laptop I'll be taking to classes and to the library. How am I supposed to procrastinate without games!? I check the box to install all of them!

Under Multimedia packages it looks like gtk 2.2.1-29 is already scheduled for installation. Woohoo! This should hopefully mean I can manually install the latest GAIM without incident.

Under Package Groups, Applications, Internet, it looks like I can tell SuSE to update GAIM. I'm gonna try it.

One last Dependency Check and bindutil conflicts with bind9-utils and postfix conflicts with sendmail. (I don't recall messing with any of that!) Telling it to remove bindutil and sendmail fixes things. I click Accept and realize it does its own final dependency check. A screen comes up whose "Next" button barely appears on the screen due to the lousy 640x480 resolution we're working in.

One last warning comes up indicating I'm about to do some installing and I say, "Go for it!" The clock indicates I've got around two hours of installation time ahead of me, so I go to the other computer to play.

Clock is moving much faster than estimated. After just 20 minutes, I've only got 42 minutes of installation left (supposedly). While waiting I think about the fact that my wireless access point uses 128-bit encryption. I wonder how I'll configure that... A quick glance at page 80 of the included User Guide suggests that SuSE's setup tool, Yast, has a way to handle this. We'll see!

After just 50 minutes I'm on a screen that says "Finishing Basic Installation". I never had to put in DVD #2. It claims it's going to install the boot manager and prepare for initial boot. [Tremble!]

The initial boot is in process, and if that is GRUB, it looks just like LILO but is blue. Perhaps 8.2 merely updated my boot manager?

Ooh. The USB mouse works now! (But the touchpad seems not to work anymore.) We're back in Yast and the resolution is more like 1024x768 or something much more bearable than before. It's writing the system configuration which Yast used to always do when you made system changes. Now I'm back to the blue startup screen apparently bringing down and back up PCMCIA among other things.

Wow. I'm at a login screen and it remembers my users. KDE 3.1 is booting up and looking sleek! My old desktop is back with different icons and the blue background. It thinks that my USB connected Sharp Zaurus is a modem, perhaps because the Zaurus has its own wireless card. I'm gonna let it try to detect it to see what happens. It knows to call it a Sharp SL Series (It's the SL-5500 PDA), but I have a feeling it shouldn't be set up as a modem! What the heck I'll let it do this since it wants to.

A quick Konsole check of 'ifconfig' shows eth0 without an IP address, so I'm gonna start up Yast2 and hope to configure the wireless card. Hmm. I don't know what I'm doing, but iwconfig says, "no wireless extensions". Can't check GAIM out until I'm online, and I'd like to do it with the wireless card. If necessary, I'll try the regular ethernet card. More on this later...

Posted by Brian at 11:31 PM | Comments (0) | TrackBack

Pre-Installed Linux Laptops

Regular Slashdot readers know from a previous story that they can get a cheap desktop with Mandrake, Lycoris, or Lindows pre-installed from Wal-Mart.com, and the more savvy readers might know about Linux desktops from Pogo Linux or Penguin Computing. But, if you wanted a laptop with Linux pre-installed I only knew of Emperor Linux and their cheapest laptops are about $2000.00, not what your average fiscally-minded geek has in mind. Now, PC Club, who operates retail stores primarily in the Western United States, is offering Red-Hat pre-installed on a laptop that starts at $899. It is rare to hear of a physical retailer where you could walk in and play with a laptop with Red Hat on it and then take it home. In doing research for this, I also found Los Alamos Computers, who will pre-install Debian, Slackware, Mandrake, SuSE, or Red Hat on a Laptop that starts under $1000! They also will deliver your computer running the file-system of your choice, and pre-install Apache and Samba if you request it. Wow! I also found Qli Linux willing to install all of the above, plus Gentoo or Xandros on their laptops. Things seem to be getting better for those who'd like to buy mobile hardware with Linux on it already ready-to-go. I'd be pleased to hear of other low-cost laptops with Linux pre-installed like those from Los Alamos Computers and Qli. While PC Club offers me a local retailer, I get the impression that these other guys are Linux experts and so the service down the road will be much more enjoyable. (This was a Slashdot submission, but they rarely post my stories. They have selected each of these in the past though.)

SuSE 8.2 available April 12th

I've been happily using SuSE 8.0 on both my desktop and laptop for about a year now. I think I will upgrade to 8.2 merely to support SuSE.

Sometimes I feel like I should give Red Hat a whirl since it is so widely used. I feel like I may be missing things that thousands of other Linux users take for granted since they use Red Hat every day.

Or I'd like try to get Debian running. I tried 2.2 (potato) a year ago and never really got a functioning desktop running. I was online and even had Samba sharing the internet, but I could never get the Gnome panel to run and so it was wacky. I'd like to use Debian because I could more carefully ensure that everything I installed was truly free software. Problem is no modern graphics cards have GPL'd drivers. No BIOS that actually works is free software, etc. So, trying to be a purist about free software right now is doomed to failure. Nonetheless, I did enjoy Debian's apt-get until I messed it up.

Right now I can't figure out how to compile a new GTK and so can't use the latest GAIM messenger. I've tried and tried. Hopefully 8.2 will just come with the latest version.