Page 1 | Page 2 | |
Main | Security Roundup | |
In Other News | Tips of the Trade |
SCO opened an online store this week to peddle Linux licenses, and peace of mind, to the masses. The NSA released the latest version of SELinux, a set of security-hardening patches for the Linux kernel; and Linux lead Linus Torvalds expressed his displeasure with Intel. To schedule one-time jobs for a future time, we introduce, ‘at’ as our tip for the week.
Now and then we like to take a stroll through the aisles of the local computer megamart, accompanied by nothing but the soft sounds of muzak and the murmur of eager salespeople trying desperately to upgrade confused customers from a “perfectly good” laptop to one that won’t be “incompatible in a year.” Ah, the sweet sound of FUD. We also like to poke around for Linux software, which comes and goes from store shelves based on moon cycles or tidal patterns. We can always turn up a few distributions, StarOffice, and a discounted game or two, but not much more.
But the times are a-changing. Now, we no longer have to leave home to shop for Linux stuff because SCO has opened up its online Linux license store. The store is peddling licenses to Linux, licenses SCO says are necessary to remedy the IP infringements it claims are widespread throughout the operating system.
So what’s peace of mind going for these days? About $700 per CPU, according to SCO, with some discounts for those running 8-way systems (although there’s an inexplicable $49 gouge over the base price of a single CPU once you go over eight processors).
SCO’s also provided a handy FAQ to answer all of your questions, including some pressing ones raised by Free Software Foundation counsel Eben Moglen that we dutifully
passed along a few weeks ago.
Perhaps the most alarming part of the FAQ is question number 17, which we’re tempted to begin calling the “Teen Slasher Movie Clause.” Here, SCO asserts its right to continue suing people even if IBM manages to deflect every one of its charges in the suit in which the two companies are embroiled. With Zen-like calm (or Jason-like implacability), SCO asserts that the IBM suit will not settle the issue of whether SCO’s code is really in Linux or not. So that question, and thus the theory on which SCO is trying to sell licenses, seems like it might well involve another suit or two when SCO finally gets around to trying to enforce its license in the courts. That enforcement, by the way, is due “real soon now.”
As one-stop handy as the SCO store is, though, we doubt many outfits will be biting. Between numerous indemnification programs
being launched and the OSDL’s $10 million defense fund, there’s a certain sense that time is simply against the company, regardless of the merits of its case. Not to mention an industry largely unimpressed with the SCO’s claims to this point.
» The National Security Agency released the latest version of SELinux, a set of security-hardening patches for the Linux kernel. The big bonus for Linux in SELinux is the presence of “mandatory access control,” (MAC) which creates a more fine-grained approach to who can run what applications on a system than the traditional Unix user/group paradigm. It so happens that a
Roundup staffer wrote a rundown of what MAC is all about when the NSA first announced the project in 2001. The other bit of news about this particular release is that more Linux distributors are looking at it for use in their products: Expect to see Red Hat, SUSE, and Gentoo incorporating SELinux enhancements in their offerings.
» Last week we quoted an analyst who said HP might be getting a little itchy under the collar about all the attention attention Opteron and its x86-64 architecture are getting at the expense of Intel’s Itanium, which HP is heavily invested in. This week, HP revealed it is introducing Opteron to its Proliant line. Don’t look for HP/UX on Opteron, though: The company indicated that it’s going to let Windows and Linux do the work on that platform. HP is keeping things friendly with Intel, and noted that it’s also moving to support Intel’s x86-64 extensions to the Xeon processor family in its product line.
» Linux lead Linus Torvalds was less than happy with Intel’s unwillingness to acknowledge rival AMD, whose taillights it is largely perceived to be chasing on the issue of getting x86-64 extensions to market. Never one to mince words, Torvalds noted that “hours after the Intel announcement, people were still confused about whether the new intel [sic] chip was actually compatible with AMD’s chips. Why the f— not just come out and say so, and talk about it? It took people actually reading the manuals (which didn’t mention it either) to convince some people on the architecture newsgroups that yes, ‘ia32e’ was really the same as ‘amd64’.”
Internally, Intel is said to be rallying the troops, claiming any signs of taillight-chasing are just the work of a tech media
hype cycle run amok. It claims it’s been looking into adding 64-bit extensions to its IA-32 line for years. From our hype-mongering perch, we don’t mean to impugn Intel’s obvious technical mastery, but we’re pretty sure this is a clear-cut case of a giant missing a trend in anticipation of a peppier IT economy than exists at present.
» Canada-based Linuxant announced
its DriverLoader software will now allow Linux systems to use standard Windows NDIS drivers to drive Centrino-powered systems,
making the issue of native Linux drivers for the architecture much less pressing.
» The latest server revenue numbers from Gartner pin IBM in third-place in the Unix server market with revenue that grew 13 percent in 2003. Sun, in first place, saw its revenue drop 16 percent. HP remains in the middle of the pack, and its revenue shrank 4 percent. According to the research firm, the overall Unix server market shrank 4 percent, while the Linux server market grew 90 percent. Linux server revenue (which shouldn’t be confused with overall deployment numbers), totalled slightly more than 10 percent of the Unix market’s.
» The FreeBSD project announced the release of FreeBSD 5.2.1. The release notes have all the details.
» Microsoft’s implementation of “e-mail caller i.d.” might not seem like such a big deal to Unix admins, but Sendmail’s agreement to include a plugin to implement the proposed technique in its own Unix MTA might be cause for a closer look. Sendmail might not be the final word in Unix MTAs, but it’s prevalent enough to leave us curious about whether it will have an impact on other MTAs, such as postfix and exim.
» For an in-depth look at the new features in Linux 2.6, as well as a discussion on how to prepare to test the newest Linux release, check out Carla Schroeder’s latest article on Crossnodes.
To Security Roundup
To Tips of the Trade