Archive for the ‘Linux’ Category

By Matthew Broersma, Techworld
February 14, 2008

The three bugs, which allow unauthorized access to kernel memory, exist in all versions of the Linux kernel up to, including Ubuntu, Red Hat, and othersSecurity researchers have uncovered “critical” security flaws in a version of the Linux kernel used by a large number of popular distributions.

The three bugs allow unauthorized users to read or write to kernel memory locations or to access certain resources in certain servers, according to a SecurityFocus advisory.

They could be exploited by malicious, local users to cause denial of service attacks, disclose potentially sensitive information, or gain “root” privileges, according to security experts.

The bug affects all versions of the Linux kernel up to version, which contains a patch. Distributions such as Ubuntu, Turbolinux, SuSE, Red Hat, Mandriva, Debian and others are affected.

The problems are within three functions in the system call fs/splice.c, according to an advisory from Secunia.

“In the 2.6.23 kernel, the system call functionality has been further extended resulting in … critical vulnerabilities,” said iSEC Security Research in an advisory.

Secunia disagreed about the bugs’ seriousness, giving them a less critical ranking.

Exploit code for the vulnerabilities has been released publicly on the hacker site milw0rm.com, and Core Security Technologies has also developed a commercial exploit for the bugs, researchers said.

Researchers advised system administrators to update their kernels immediately.

Last month, a U.S. Department of Homeland Security bug-fixing scheme uncovered an average of one security glitch per 1,000 lines of code in 180 widely used open-source software projects.

Secunia also previously discovered that the number of security bugs in open-source Red Hat Linux operating system and Firefox browsers, far outstripped comparable products from Microsoft last year.


Read Full Post »

Chris Kanaracus, IDG News Service 

Ubuntu and Red Hat are the most used Linux distributions among the 35,000 members of content-management vendor Alfresco’s community, the company found in its second survey of trends in enterprise open-source software usage.

The surveys help inform Alfresco’s technology strategy, according to Ian Howells, Alfresco’s chief marketing officer. “It’s important for us to know which platforms to test against first,” he said, adding, “It’s in users’ interest to give us good data.”

Among Linux operating systems, usage of Ubuntu and Red Hat stood at 35 percent and 23 percent, respectively, according to the survey. Suse, OpenSuse and Suse Enterprise collectively garnered 13 percent; Debian, 15 percent; and “other” distributions usage of 14 percent.

Users also reported using a variety of proprietary enterprise software.

Among Windows users, Vista adoption was just 2 percent, compared to 63 percent for Windows XP and 28 percent for Windows Server 2003.

Microsoft’s Office suite remained strong, however, with 66 percent usage. Twenty-four percent of the respondents reported they used OpenOffice. However, German and French users were twice as likely to use the latter compared to those in the U.S. or U.K., Alfresco said.

Tomcat held a dominant position in the application server category, logging 72 percent. JBoss’ entry stood at 18 percent. Entries from Sun, BEA and IBM rounded out the field.

In the virtualization category, VMware perhaps predictably ranked highest, at 61 percent. Microsoft‘s Virtual Server took 16 percent, followed by Xen, Parallels, Virtual Iron and “other” offerings, according to the study.

MySQL took home the database prize, with a 60 percent tally, followed by Oracle with 14 percent and Microsoft SQL Server with 13 percent.

“It kind of validates that people want to have a mixed stack,” Howells said of the overall results.

Alfresco collected data between July and December of last year, with survey participants coming from 260 countries, according to the company. Fifty percent were from Europe, the Middle East and Asia, while 24 percent were in the U.S., and 26 percent from other nations, Alfresco said.

Read Full Post »

 Elizabeth Montalbano, IDG News Service 

When Matthew Szulik left Red Hat abruptly for family health reasons in December, many people were scratching their heads over the company’s new choice of CEO– a young executive from Delta Airlines, Jim Whitehurst. But Whitehurst’s chief operating officer title at Delta and position outside of the technology industry are misleading; a peek into his past reveals a computer science degree and a passion for open-source technology, not to mention a smooth operator who helped bring a struggling airline out of bankruptcy.

Still, Whitehurst, 40, has big shoes to fill in replacing Szulik, the man who took a small, unknown company and turned it into a savvy business competitor that made Linux a household name and struck fear in the hearts of much bigger rivals like Microsoft. Today, Red Hat is the leading Linux vendor and is financially sound, but the company is in a pivotal phase of reinventing itself as a broader open-source software provider and a multibillion-dollar technology leader that can compete long-term with much larger companies.

Whitehurst spoke with IDG News Service this week about the key findings of his first month on the job and where he thinks Red Hat should focus its attention to evolve at a sustainable pace. This is an edited version of that interview.

IDGNS: I was surprised to find out that you have a computer science background when I heard you came to Red Hat as COO from Delta Airlines. I didn’t expect you to be such a techie.

Whitehurst: I do have geek cred. For some reason, your reputation is always based on your prior experience. When I was at the airline, people said, “Who is this strategy consultant running an airline?” Now I’m an airline guy running a technology company. I wish I was called an airline guy when I was at the airline!

IDGNS: Was this a personal interest in open source that led you to Red Hat? Was Delta a big user of Linux?

Whitehurst: Delta certainly uses some REL (Red Hat Enterprise Linux) and JBoss, but it’s more of a personal interest. I was hacking around with Slackware, one of the early Linuxes that was out there in the ’90s, and an early adopter and user of Fedora all the way through when I got the call for joining Red Hat. It’s always been a passion of mine, so the opportunity to get out there to lead is an extraordinary privilege and honor for me.

IDGNS: Red Hat is currently in a great position as leader of the Linux market and has been doing well financially, but the company has been called upon by Wall Street to grow and possibly diversify the business. When you look at the company, what are its biggest challenges right now?

Whitehurst: Let me start off by saying I’ve only been here a few weeks. The first month [has basically been] going out on the road with customers, employees, with investors, with analysts, with our partners-slash-competitors and really trying to get a sense of the business, what’s working well and what’s not. The good news is, most things are working well– from the standpoint of being a very healthy business growing rapidly with healthy financials.

I think you’re right there are certainly areas where we can do a better job. First off, I would just say the general organizational focus. We actually do a lot of different things, support a lot of different projects. We have to be careful that we’re focusing on the right things and putting our investment dollars where they’ll have the most impact. I’m still going through the details of what we do and what we don’t do, so stay tuned on that.

A second area where there’s still a lot of opportunity for Red Hat would be basically [in] processes and systems, including IT systems and governance, especially for a company that’s grown so rapidly. A lot of those processes and systems and ways of doing business are different for a company like Red Hat that’s [US]$500 million on its way to a multibillion-dollar company than they are for a small company. Some time and attention on basic execution to make sure we have the processes and systems in place to grow, and grow healthily, are another area where I plan to spend a fair amount of time.

IDGNS: And what about your experience makes you well-suited to help meet those challenges and diversify Red Hat’s products beyond Linux into more of a full open-source software provider?

Whitehurst: For starters, I am an operator. I am pretty good at getting a company to focus, and focus on a few things. We certainly did that at Delta and did that well in the turnaround. Obviously, having come from a larger company and having run a larger company, I have a good sense of the processes and systems we need to make sure governance [and] processes work well.

About whether we need to diversify or not: People are asking, “Well, should we have bought [open-source database company] MySQL?” [Editor’s note: Sun Microsystems said last month it is buying MySQL for about $1 billion.] We are still a very small-share player in the server OS market and a small-share player in middleware [with JBoss]. If you look at the quality of our technology, it’s the best. We feel very good about that. We still have basic execution to do to reach our full potential in the markets we’re in. So I don’t feel the need to diversify until we nail the product and are fully [satisfied] with our existing products. I’m not sure we want to divert our time and attention to other things.

IDGNS: A lot of people have been critical of Red Hat for what it’s done so far with JBoss, and think success with this is key to proving Red Hat can evolve beyond Linux. How are you going to make that business more successful?

Whitehurst: Obviously execution and commercial execution will be big focuses going forward [for JBoss]. We fundamentally changed the JBoss business model from a big consulting/support [business] to our enterprise/.org models that we had with REL [on the enterprise side] and Fedora [on the.org side]. It has, without a doubt, proven to be a very successful model, and one could argue it’s about the only demonstrated successful model of any size with open source. In the same way we have Fedora and REL, we have the.org version of JBoss and the enterprise edition. JBoss had a different business model before, but we think our business model has proven the most successful and the most durable. It’s the right decision. It just takes a while.

The good news of that also shows that it’s not easy to develop a good business model around open source, so it’s a relatively defensible model going forward. We feel very good about where JBoss is…. We think we can grow twice as fast as the core REL business.

Red Hat’s never been involved in any material way in the application components of the stack. We do provide a full open-source stack with the LAMP stack. We will continue to do that, so we’re playing there to some extent. In terms of our focus and where we’ll invest our team and attention and dollars, the [market for the] infrastructure component of software worldwide is close to $100 billion. We’re a $500 million software company. I would argue we’ve barely scratched the surface. I’d much rather we make sure we make progress there than get into the CRM business. Once we’ve achieved our full potential in our core businesses, we can open the aperture. But I want to make sure the company is focused on the potential of our businesses in that core market.

IDGNS: Microsoft is coming out with Windows Server 2008 pretty soon. Do you see this as a good opportunity to snag Windows customers who may be thinking of upgrading and instead moving them over to Linux? Is there still competition in this space, or will it always be the Linux camp sticks with Linux, and the Windows camp sticks with Windows?

Whitehurst: We’re seeing a lot of migrations from Microsoft to Linux, from Unix to Linux or even Unix to Microsoft. There’s a big battleground out there. Anytime there is a significant upgrade or change, there is an opportunity for us. Anytime a customer stands back and says, “Let me reassess this” and “Do we want to upgrade?” that’s great for us because our value proposition is much more compelling for our competitors. Whenever there is a reason for customers to reassess, that gives us an opportunity to show our value, so we’ll be out there aggressively this year.

IDGNS: Much was made of Microsoft’s interoperability deal with Novell in November 2006. Has that deal hurt Red Hat in any way? Do you even view Novell as a major competitor anymore?

Whitehurst: There may be a deal or two out there, but it hasn’t come up to my level. We really don’t see them that much in the market. They’re not really a factor. Given our market share and certified ecosystems of partners– [those] really drive our position.

IDGNS: Are you worried about Microsoft’s patent claims against Linux, which were recently dismissed again by Linus Torvalds?

Whitehurst: We’ve spent a lot of time looking at that and we have an assurance program for our customers, so they don’t need to worry. Microsoft for years now has talked about 235 patents [that they own that Linux violates], but they’ve yet to tell us any of them and we continue to ask, “Show us what they are.” How many times can you keep saying it before you pass on the opportunity to do anything? At first people got concerned, but after years and years and years, you recognize it’s a lot of bark and no bite. We never want to take any claims of intellectual property violations lightly, but those have been around so long with absolutely nothing behind them. After a while it becomes harder and harder to take those seriously.

IDGNS: Where would you like to see Red Hat be in five years?

Whitehurst: Again, this company is currently the open-source leader. Open source is still really a nascent part of the IT infrastructure in corporate America. As the leader of open source, one of the things we need to do, and should do, is foster and further open-source awareness and adoption in worldwide IT. My view of success includes how well Red Hat does that in the future as a multibillion-dollar company.

We want to see the continued adoption of open source as key technology across corporate IT. [We’ll] continue to foster communities of use in the developing world where we operate, and communities of use where we remain sure that information and software remains free and unencumbered by proprietary formats. When we do well, we do good. We certainly have aspirations for size and growth and profitability, but we do recognize we have a role in fostering adoption and the benefits that go along with that. The great news is, this is a company in wonderful shape with a fantastic brand and market position and extraordinary, high-quality people. It’s up to us not to squander that opportunity.

Read Full Post »

Paul Krill 

San Francisco – In a candid discussion of his classified ads site and its business model, Craigslist founder Craig Newmark said Tuesday he has considered open-sourcing some Craiglist technology, frowns upon banner ads, and believes the site’s impact on newspaper ad sales is exaggerated.

Speaking at the WebGuild Web 2.0 Conference & Expo in Santa Clara, Calif., on Tuesday morning, Newmark detailed how the site began as a simple events list in 1995 and evolved into a real company in 1999. Now, the site has grown to one that experienced 9 billion hits per month prior to the recent holiday season. Craigslist is run on Suse Linux, Apache, and MySQL, Newmark said.

Pondering Craigslist’s open source plans, Newmark said the company has considered open-sourcing some of its caching technology but said staffing issues have prevented this from happening; the company has 25 employees.

Asked the benefit of such a contribution, Newmark cited benevolence. “I don’t know [the specific benefits], but it feels in the right neighborly spirit,” he said.

Craigslist, he said, has been successful because it has built a culture of trust working with people. The company makes money by charging for job postings in 11 cities and for apartment listings in one city. But the company has declined to do banner ads, said Newmark. He added he already makes enough money.

“Banner ads are often kind of dumb, and they slow the site down. I’m not interested,” he said.

Newmark recognized that the site has affected newspaper classified advertising, but he stressed that the impact has been greatly exaggerated. “I figure the biggest problems newspapers have these days have to do with fact-checking,” said Newmark.

Craigslist is growing, he said. “We are helping out lots of people, probably in the tens of millions. We need to be prepared for that growth,” Newmark said. The company must improve its software and get new servers, he said.

Newmark’s own role has evolved from being the founder writing code to doing customer service, he said. “I haven’t written code since the end of 1999. It makes me sad,” said Newmark.

Also at the conference, Gil Penchina, CEO of Wikia.com, which is community site supporting development of wikis, cited the company’s open source search efforts with its Wikia Search project. The project currently is in an alpha stage of development.

Read Full Post »

by Christina Mackenzie

French police at work in Paris in 2006. The French paramilitary ...

PARIS (AFP) – The French paramilitary police force said Wednesday it is ditching Microsoft for the free Linux operating system, becoming one of the biggest administrations in the world to make the break.

The move completes the gendarmerie’s severance from Microsoft which began in 2005 when it moved to open sourcing for office applications such as word processing. It switched to open source Internet browsers in 2006.

Linux is an open-source operating system, which used to be the reserve of computer geeks but is now an easy-to-use system aimed at average users.

The gendarmerie’s 70,000 desktops currently use Microsoft’s Windows XP operating system. But these will progressively change over to the Linux system distributed by Ubuntu, explained Colonel Nicolas Geraud, deputy director of the gendarmerie’s IT department.

“We will introduce Linux every time we have to replace a desktop computer,” he said, “so this year we expect to change 5,000-8,000 to Ubuntu and then 12,000-15,000 over the next four years so that every desktop uses the Linux operating system by 2013-2014.”

There are three reasons behind the move, Geraud said at the Solution Linux 2008 conference here. The first is to diversify suppliers and reduce the force’s reliance on one company, the second is to give the gendarmerie mastery of the operating system and the third is cost, he said.

He also added that “the Linux interface is ahead of other operating systems currently on the market for professional use.”

Vista, for example, Microsoft’s latest operating system, is being spurned by consumers who cite “concerns about its cost, resource requirements, and incompatibility with their existing applications,” according to InformationWeek.com.

Geraud explained that the move to an open source operating system was logical after the police switched in 2005 to open sourcing for its office applications and in 2006 for its Internet browsers and its email.

The move away from licenced products is saving the gendarmerie about seven million euros (10.3 million dollars) a year for all its PCs.

“In 2004 we had to buy 13,000 licences for office suites for our PCs,” he said, “but in the three years since then we’ve only had to buy a total of 27 licences.”

In 2005 the gendarmerie switched from Microsoft Office to OpenOffice — a collection of applications such as a word processor, spreadsheet, and presentation programme similar to Microsoft Powerpoint, all of which can be downloaded free.

A year later it abandoned Mircosoft’s Internet Explorer for the Mozilla Foundation’s browser Firefox and its email client Thunderbird.

“When we made that choice Firefox represented about 3.0 percent of Internet browsers and it’s about 20 to 25 percent now which confirms our choice,” Geraud said.

The gendarmerie with its 100,000 employees is the biggest administration to shift to open sourcing for its operating system, but it is not the first in France. That honour belongs to the National Assembly which adopted Ubuntu for its 1,200 PCs in 2007.

Although the gendarmerie is ahead of the market the market is catching up.

Dell, for example, this week started offering Ubuntu Linux 7.10 on its XPS 1330 laptops in France, Germany, Spain and Britain, while US customers will be able to order the machines within the next week or so, according to the company’s website.

Read Full Post »


Do you really like OpenOffice.org as your office suite? Would you like to be able to use it on any computer with an Internet connection? If you answered yes to both those questions, you’ll be interested in Ulteo’s beta of Ulteo Online Desktop, which allows the use of OpenOffice.org over the Internet as SAAS (software as a service).

Ulteo is a new company that’s working towards developing an online desktop that combines office functionality, courtesy of the open-source OpenOffice.org 2.3 office suite, and common Internet services such as e-mail and Web browsing.

The French company was founded by Gael Duval. Duval is well known in Linux circles as the founder of Mandrake, now Mandriva, Linux. Duval was fired from Mandriva in 2006 after disagreeing with its management over the company’s direction. He immediately started work on his next project, Ulteo.

Ulteo, the software, began life as a Debian/Ubuntu-based Linux distribution. Duval and his partners then decided to transform the project into a Web-based office suite that incorporates elements of both SAAS and a thin-client offering.

In an interview, Duval explained, “Our ultimate goal is to provide any existing application, including open-source apps, Windows, AJAX [Asynchronous JavaScript and XML] apps, [and] Flash apps, through the Ulteo service, without any installation or maintenance headache. Just click and use.”

In this beta version, users can use OpenOffice.org 2.3 with a browser. According to the company, the user does not need to download or install OpenOffice.org. So long as a user has a Web browser with JavaScript support and has a Sun JRE (Java Runtime Environment) 1.4 or higher plug-in enabled, the program should work. Ulteo stated that the beta has been successfully tested with the Firefox 1.5+, Internet Explorer 6/IE7 and Safari browsers and on Windows, Mac OS and Linux desktops. The one caveat, the company said, is that Ubuntu Linux can not substitute any JRE for the Sun Java plug-in.

OpenOffice.org executives were enthusiastic about Ulteo’s offerings. John McCreesh, OpenOffice.org’s marketing project lead, said in a statement, “This is an interesting development for people who want to try out OpenOffice.org without having to download and install the software. If you’re wondering how OpenOffice.org compares to your current office software, this is a convenient way to see OpenOffice.org in action in a browser on your desktop.”

The Ulteo version includes all of OpenOffice.org 2.3’s functionality. For example, it can read and write older, non-Open XML, Microsoft Office file formats, defaults to using the ODF (Open Document Format) standard and can be used to create Adobe PDF documents.

Ulteo also claimed that it adds collaboration service to OpenOffice.org. Specifically, Ulteo enables multiple users to work on a shared document. Florian Effenberger, OpenOffice.org’s marketing project co-lead, said in a statement, “You even can work together on documents online and collaborate with others. This especially is an interesting option for trainers and workgroups.”

Of course, there are other companies, notably Google with Google Apps, which already offer this kind of functionality. Duval said in an interview, “Our goal is not to compete against Google Apps or others such as Zoho.” Instead, he said, Ulteo recognizes, “We are all Google users, and so we will continue to use some Google apps and others under Ulteo.”

The company is now inviting 15,000 new beta testers to give its online version of OpenOffice.org a try. This offer is only open to users from Europe and North America at this time. Later, the company will extend its beta test to users in Asia. Would-be beta testers can register to test Ulteo Online Desktop at the The 451 Group, said in an interview that he thinks Ulteo is “interesting simply because it’s coming from Gael Duval and that should lend some credibility and buzz to it. It could also be good for OpenOffice to be offered [and] shared in another way.”

Lyman continued, “However, it will be challenging for Ulteo’s effort to succeed, for a few reasons. First, stability and features are among the biggest hurdles for OpenOffice. This offering does not speed things up that much and points out how desktop use doesn’t always map well to SAAS functionality. There is really not much, if any, performance or stability increase in this case.

“It’s a highly competitive space with MS Office, StarOffice, Google, IBM’s Symphony and others both established and entering. OpenOffice, as well as others, is already free to download, so that represents additional competition as well,” Lyman said. “Obviously, there are benefits such as lack of necessity to install and memory use. We’ll see if those outweigh the challenges listed above,” he concluded.

Steven J. Vaughan-Nichols

Read Full Post »

Dell has announced that it’s to start selling PCs pre-installed with Linux in the UK. The company will sell one laptop and one desktop line with Ubuntu Linux pre-installed. The move follows the highly successful launch of Ubuntu systems in the US, earlier this year.

Dell is continuing to deliver on our commitment to give customers what they’re asking for – the option of choosing Linux as their operating system,” says Charlie Tebbs, marketing director, Consumer, Dell EMEA. “As we hear from customers throughout Europe and around the world, we will continue to explore the opportunities to expand our offerings globally, so stay tuned.”


The systems on offer will be the the Inspiron 6400n laptop and the Inspiron 530n desktop. Dell claims the cost savings made by not having to pay for the Windows licence means they can offer the systems for sale from £329 and £399 respectively, including delivery and VAT.

Dell says it’s not paying a penny to pre-load Ubuntu on to the PCs – and it’s going to make that very clear to its customers. “Customers won’t be charged for the operating system. It will come across on the invoice as a zero-charged item,” Adam Griffin, transaction product manager at Dell, told PC Pro.

However, Dell’s support for the Linux systems is limited. “We’ll offer full hardware support on the products,” says Griffin. “We’ll also offer a basic software support as well, which includes install and uninstall, network connectivity and configuration. For any advanced software related questions, we have a great relationship with Canonical [Ubuntu founder Mark Shuttleworth’s Ubuntu support company], and we basically will direct customers to Canonical… and that’s a costed support.”

What constitutes an advanced software question that falls outside of Dell’s remit? “They’ll have a set number of questions they can answer,” Griffin claims, all relating to the three topics highlighted above.

Griffin also hinted that the company may consider selling dual boot Windows/Linux systems in the future. “There are no plans at present, but again it’s all about customer feedback. If we hear it’s a customer requirement we’ll look at that. Watch this space,” says Griffin.

Add to Technorati Favorites

Read Full Post »

Older Posts »