The Linux Colonel

I have been perusing the various documents released by Novell as part of their recent 10-K filing, and one thing that everyone has to notice when looking at the technical cooperation agreement, or especially the patent cooperation agreement is ***.

So, I have decided to whip up a new Wordpress plugin called, "The Redacter". It will allow site visitors to, at the click of a button, randomly replace text in your blog with those famous ***.

Actually, there is no actual Redacter plugin, it is just the excellent Text Replace plugin with some really common text fragments in the match list, but fun nonetheless.

I will leave the site "redacted" for the remainder of May…

Here is a great site (www.getgnulinux.org) as an introduction to Free Software concepts, and this page does a pretty lucid job of clearing up some common misconceptions, including the infamous allusions to the dreaded "C" word.

5. Free software is like communism.

Supporters of this idea argue that there can be no private ownership with free (or “open source”) software. Let’s answer this with an example.

Let’s suppose you use one application that is free software, at home and within your company. You find a great way to improve it, so now with your modified version, your computer works better and your factories run twice as fast!

This modified version is your own version. You are not required to tell anyone about it, nor must you share any of the profits you made using it. You are simply exerting your freedom to use and modify free software.

What the free software license requires is that if you redistribute this software, then you must keep it free. Namely, if you sell CDs with your software on them, or start letting people outside your home or company use it, then you must:

* Either give everyone the same rights you had when you obtained the original software, that is, the freedom to inspect, modify and redistribute your modified version;
* Or, make the original software and your secret addition to it clearly separate (that is, your addition should contain none of the original work).

So in fact, you have more “ownership” over free software than over proprietary software –where the programmer decides everything you can and can’t do with the software.

Free software has nothing to do with a political system. You can run free software on top of proprietary software, just as well as the opposite. The free software license is simply an ethical contract between the programmer and the end-user.

Oh, you thought I meant the infamous allusions to this dreaded "C" word?

If you want to learn about security and hacking, here is a fantastic place to start. Damn Vulnerable Linux (DVL) is a modified Damn Small Linux designed for IT-Security & IT-Anti-Security and Attack & Defense study.

Actually, it is a perverted Linux distribution made to be as insecure as possible. It is collection of IT-Security and IT-Anti-Security tools. Additional it includes a fullscaled lesson based environment for Attack & Defense on/for IT systems for self-study or teaching activities during university lectures. It’s a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. As well it can be run within virtual machine environments, such as qemu or vmware. There is no need to install a virtual machine if you use the embedded option. Its sole purpose in life is to put as many security tools at your disposal with as much training options as it can. It contains a huge ammount of lessons including lesson description - and solutions if the level has been solved by a community member at crackmes.de.

DVL operates as a Live CD, or you can install it on a test system such as a virtual machine. Visit their site for an informative video on how to begin using DVL.

Recently, it was declared that Novell is a mixed-source company, which really shouldn’t have been a surprise to anyone familiar with their product line. At the CITI forum, Novell South Africa Country Manager Stafford Masie shared his insight in contrasting the philosophies of Red Hat and Novell, or as he put it, “end to end open source” versus a “hybrid stack”:

We believe today alot of the open source technology has not caught up yet to enterprise customers’ needs in the security domain, management domain. Where Linux is open source, specifically Linux is completely applicable is the platform, the desktop, office productivity suite, the database, etc so there’s kinda 5 major areas where its good enough if not better than whats out there, ok? where its not there yet, Novell has proprietary technology and partners that provide 3rd party technologies to that proprietary technologies where we wrap our technologies around this Linux technology. so, like zenworks management, our zenworks management suite is a proprietary piece of technology.

During the question and answer session at the CITI forum, Masie also spoke regarding the differing “streams” of open source that Novell has as well, differentiating between Novell’s OSS and FOSS product lines, in his mind.

but yeah- that interoperability is absolutely crucial, and one of the things that we do get slapped over the wrist with continuously is that… its the OSS debate vs the FOSS debate… Y’know, we’ve got two streams of our technology as Novell, we’ve got the FOSS stream and then we’ve got the OSS stream.

OpenSUSE is really the FOSS stream, we’ve got derivatives of every one of our Linux technologies that you can download for free, gain the source code to, participate in the community, etc but then we do certain things with those derivatives and that innovation that locks it down, makes it more interoperable, that goes through testing, quality assurance, regression testing, backwards compatibility, all that ’stuff’ with the hardware partners and then we split out a version of it that is ‘enterprise ready’,

now what we mean by enterprise ready is the following: that its backwards compatible so you can deploy it in a hybrid environment so different versions will work with each other, its going to work well with other operating systems, so theres some interoperability, its going to work well on that hardware, but most importantly we put things in that distribution that you as enterprise customers want.

You know what we do, we license fonts. Y’know, you can go to… there’s several font sites, I could actually go to the sites now, where you license fonts, those true-type fonts, etc. you need to license those fonts because Microsoft does the exact same thing with Office, we license that into OpenOffice - our distribution of it, our derivative of it. So, that’s something proprietary.

Graphic rendering engines, there are certain ways things get rendered in Powerpoint documents, we take some of those graphic rendering engines and embed it into ours, because if a little animation does something silly in Powerpoint, we want it.to do that something silly in OpenOffice in exactly the same way.

Then there’s third party tools like Adobe- Adobe Reader, Real Player, Macromedia’s media little player, those things are proprietary, but you want them in your distribution, why? because when that user wants to open that Powerpoint file, play that animation, click on the link let the realplayer file play, go to a website and watch that flash show properly… you want all of those little pieces in there.

Now, for some customers that feel that’s not important, well y’know, we’ve got the OpenSUSE derivatives of it, but that’s what we do with Linux. We don’t just embed things, we do add things that we believe give it more robustness but it doesnt infringe on the GPL, doesn’t infringe on any patents, etc So yeah, I think the interoperability issue from that perspective is key for enterprise customers.

As reported on OpenSourceGovernment.com, ten major Dutch cities, including Amsterdam will be experimenting with open source alternatives to Microsoft Windows desktops and Office applications.

The City of Amsterdam will be testing out open source software in two administrative districts, the housing department and one of its borough offices. Amsterdam is one of ten Dutch cities to sign the “manifesto for open software in government“

This LXer entry has a much more detailed explanation of what the Manifest is, as well as the OSSOS program in general.

In February 2003, the program “Open Standards and Open Source Software (OSSOS) for the Dutch government” started, funded by the Dutch government. One of the main tasks was to make the government independent from single software suppliers, among which are Microsoft and SAP. After three years, the effort starts bearing fruit. Ten big municipalities - together 2,7 million inhabitants and including Amsterdam and The Hague - signed a manifest. I’ll try to explain what’s in the manifest, what that might mean for the future, and for the monopoly of Microsoft in the Dutch government.

Perhaps the most interesting aspect of the OSSOS is that, rather than just require ‘open source’ software (a term which can be abused) it instead specifies the goals of the program to better assess adherence.

Nonetheless, open source software isn’t mentioned in the manifest. This is done deliberately. Instead of asking for open source, the manifest explains what the goals of that ‘open source’ should be; making it harder for suppliers to abuse the term ‘open software’, and label their closed software ‘open’. There are four terms of ‘openness’ in the manifest:

1. Supplier independence
2. Interoperability
3. Transparency and verifiability and
4. Digital durability

A new Knoppix release is now available, featuring KDE 3.5.5, OpenOffice.org 2.1, NTFS-3G and Beryl, among the numerous improvements and updates.

Finally, it’s done. Just in the past couple of months, there has been quite a lot of new and exciting development in the GNU/Linux world, which of course should also be present in the current Knoppix version. Even that some of the new and optional features (like the 3d-desktop beryl) are still in experimental stage. Repeatedly, new Kernel-/KDE-/OpenOffice releases have spoilt our planned release dates, but on the other hand, now all these are available in the new release as well (2GB of software on CD, 10GB on DVD)

Head on over to the download page and grab your copy, be sure to use BitTorrent or your local mirror.

Earlier, it was reported that Mary Jo Foley had spoken to Samba developer, and recent Google hiree, Jeremy Allison. Allison has also taken the time to speak to BoycottNovell.com since his official departure from Novell on the 29th.

BoycottNovell.com: Do you think that Novell will ‘fix’ the covenant with Microsoft and indeed be GPLv3 compliant, as Stafford Masie has promised?

Allison: I think Novell has very little power to alter the terms of the deal. If they had, I think they would already have done so. Remember the patent part of the deal wasn’t Novell’s idea, essentially it was forced upon them at the last minute. Novell is a victim, but they were a willing victim and that I can’t forgive.

I’m guessing the effect of the GPLv3 is designed to make Microsoft want to cancel this deal, as that’s where the real decisions lie.

Allison also discusses his take on the deal, its true meaning and impact, as well as the long term stigma that will remain with Novell even after GPL3 renders the Microsoft deal useless:

Allison: …Hopefully the GPLv3 will make this deal irrelevent, but the problem for Novell is that people will not forget why the GPLv3 had to be changed to exclude their sleazy deal. No one will blame Microsoft, people expect sleaze from Microsoft :-) . It’s the previously clean and upstanding competitor who has been damaged by this, and I feel really bad for the excellent engineers at Novell who have had their reputations tarnished over this.