Tag Archives: open source

What is Linux? and software confusion …

A recent posting on the Blog of Helios prompted me to write a short and simple definition of Linux that might be useful for current non-users of this operating system. It is however a difficult definition in the context of what people already know. And the fact of the matter is that what the general computer-using population knows about operating system platforms, is limited.

I often get calls from Windows desktop users about something not working. What is not working? “Well it’s something in Microsoft” they might say. Microsoft? Is that Microsoft Office, Windows, something else? Well they’re not sure, but it’s when they are trying to type a document. Ok, so that’s Microsoft Office Word then. What browser are you using? It’s the one with the blue e on the icon. Internet Explorer. What email client do you make use of? Microsoft. Is that Outlook or Outlook Express? Note I’m just using the Windows platform as an example, however this problem is not limited to that platform.

If general Windows users have difficulties on that platform, what chance do they have with Linux? And why the confusion in the first place?

Let’s try to answer these 2 questions …

What is Linux

Linux is a software platform that includes a kernel which controls and manages the computer itself, utilities which allow you to perform general tasks like file management and application launching, and applications themselves which allow you to get actual work done ( eg. word processor, email client, web browser ).

The original operating system ( to be exact the kernel ) itself was started by Linux Torvalds, a Finish student in 1990 who was frustrated with the licensing of another OS called Minix. Together with the GNU toolset ( a bunch of OS-independent user tools ) and development tools, GNU/Linux as a complete operating system platform was born.

Unlike Microsoft Windows, which comes in only 2 forms ( desktop and server ), Linux is packaged in the form of  distributions, which put the Linux kernel, GNU utilities and other useful applications together. There are many distributions, some which cater for general use, some orientated towards audio-video use and others for supercomputing purposes. There are about 10 to 20 distributions which are used in mainstream desktop and server environments, the most popular of these being Ubuntu, Mandriva and Fedora ( for desktop use ), and Red Hat Enterprise Server/RHEL, Centos and Suse Linux Enterprise Server/SLES ( for server use ). An important difference vs commercial OS platforms is that Linux distributions typically provide all the day to day applications that you would use, therefore it’s fundamentally different to something like Microsoft Windows, where you only get the operating system and some utilities.

The Linux kernel itself and the GNU toolset are FOSS – free and open source software. This means that although they have a license and are copyrighted, the style of the license means anyone is fee to copy, use and alter this software, as long as one keeps to the terms of the license. Typically this includes something as simple as making sure the license is transferred with each copy, and that original and subsequent authors are acknowledged.

But how can you give something away for free if it’s copyrighted? I’ve been paying for my Windows and Office software all along …

Copyright fundamentally means that someone can assert the right to be acknowledged as the author of a particular creation. It does not infer that something can’t be given away for free, as much of the bumpf from music, movie and publishing concerns would have us believe. So yes you can have copyrighted software that is free.

There’s also the misconception that Linux is difficult to use. From a server perspective, this may have some validity ( although not much ), however, from a desktop point of view, Linux is as easy to use as competing platforms like Microsoft Windows and MacOS X. It’s just different – and it’s this difference that many confuse with difficult. There’s also the matter of change – human beings are comfortable with what they know; change is never easy because of this.

One important point to remember though is that because Linux is a different platform to Microsoft Windows, it will not run Windows applications natively. Most Windows applications have an equivalent in Linux so this is not a big problem. There is also the possibility of running Windows applications under emulation.

Some examples of FOSS application equivalents:

  • Microsoft Office = OpenOffice
  • Internet Explorer = Firefox
  • Outlook = Thunderbird
  • Photoshop = Gimp

Linux has some distinct advantages over other platforms:

  • very secure and low attack surface for viruses and other malicious code
  • good stability and reliability
  • OS-integrated application installation/management system
  • good performance on old equipment / low resource requirements
  • free / low cost

How do I get support for something that is free? FOSS support is provided by the same community that develops the software as well as the user community around it, through forums, newsgroups, mailing lists and other methods. If that is not suitable, then many of the larger FOSS projects have commercial support options available.

FOSS in general

The Helios project is a group of volunteer Linux users in Texas, USA who refurbish old donated computers, install Linux and other FOSS applications on these machines, and deliver them to needy, impoverished and foster kids in that state. The financial cost to these volunteers is low because FOSS allows them to have an almost zero product cost. This is something that’s not possible with commercial software. And there are many other groups around the world that do work similar to the Helios group.

FOSS lowers the entry barriers to less fortunate people and communities, removing what is arguably the biggest cost of owning a computer – commercial software. This helps with social development, upliftment and education, by giving less fortunate people access tools they would not have had before, allowing them to create, communicate and distribute.

While FOSS and Linux are typically ‘free’, this does not mean that the quality of this software is compromised in any way. In fact it’s well acknowledged that FOSS software is generally of a higher standard than commercial software, due to the nature of the Open Source development process. A study by Coverity ( a commercial software vendor of code analysis tools ) in 2009, found that the Linux kernel and some other notable FOSS projects, had 10x less code errors than competing commercial equivalents.

Why the confusion?

At the start of this article, I asked why users were confused about what OS or applications they were using. An analogy: to drive a car on a public road, one needs to do a drivers test. This involves theoretical and practical training, after which one has a reasonable grasp of the concepts involved as well as some baseline experience to use in the act of driving itself. Using a computer is an altogether different proposition – one goes to the computer store, buys the computer and starts using it. This does not mean however that one is proficient in the use of that computer, and therefore the lack of general knowledge amongst casual computer users.

This issue is platform-independent, yet the stigma remains that FOSS and Linux are more difficult to use. Difficulty is not necessarily determined by what platform you use, but rather the training you receive in the use of that platform.

So take the time to learn something new today, about whatever platform you are using …

Novell wins copyright case against SCO

It seems that SCO’s litigation engine has been running for ever ( 7 years now ) and they exist only to litigate. But it appears that a jury-led decision agreeing with Novell being the rightful copyright holders of Unix, has finally put paid to any serious action by SCO. Perhaps we can all get on with our business now …

DNSSEC finally on the move

It looks like DNSSEC is breing implemented at the root level world-wide. Almost 2 years after the first country level signing ( .se for Sweden ), the K-, D- and E-root servers operated by RIPE, University of Maryland and NASA respectively, started root signing this week past. 7 of the 13 root servers now supply DNS record signing.

The DNS Security Extensions protocol, called DNSSEC in short, is designed to provide improved DNS security. DNSSEC uses cryptographic signatures to authenticate the responses to DNS queries, which will prevent attackers from forging responses via security holes in the DNS protocol, such as those described by Dan Kaminski (cache poisoning). With this protocol, responses to DNS queries are only accepted as authentic if a public key can be matched with a private key. However, signatures can’t be validated during the introductory phase. As a result, initially it will be unlikely that users notice the introduction of DNSSEC on the RIPE root server. While the response packets containing the signatures will be significantly larger, experts say that this doesn’t present a problem if the respective resolvers are implemented correctly. For the time being, users will also still be able to access one of the remaining 6 root servers without DNSSEC. ICANN, VeriSign and the NTIA decided on this gradual transition as a precautionary measure.

Personally I think this has been a long time coming. I had an excellent 2-day training course on DNSSEC with BIND a year ago ( courtesy of coza/Uniforum ) and it’s good to see the hard work of many engineers coming to fruition. Considering the amount of negativity as recently as a year ago, especially from the commercial root server operators ( read Verisign and co. ), it’s great to see DNSSEC in action.

Slackware current issues

I’ve been running Slackware-current ( the development version of Slackware ) for probably close to 5 years now. For the most part, it’s a pretty uneventful stream of upgrades however, every once in a while things get interesting.

The March 1 update is massive, has taken a month to release and includes around 465 updated packages. There are 2 main reasons for this:

  • Xorg has been upgraded to 1.7.5
  • a new version libpng is included which required the rebuild of a large number of dependant packages ( 13? )

I had some issues as follows …

On reboot I got ‘undefined symbols’ and ‘unknown module format’ when loading some modules. My NVidia binary driver would not load with a message the same as above. I had not upgraded the kernel so this was all a bit strange.

First step was to get a new NVidia driver ( 195.36.08 ) which installed fine but the driver still refused to load. Then I thought that a kernel package may have been installed erroneously so I upgraded all of them. Still no go.

To the LinuxQuestions forum where I gathered that there may have been an issue with a kernel config option ( CONFIG_PREEMPT ) in this particular kernel. The fix was straightforward – rebuild and install the kernel with the existing config file:

cp /boot/config-huge-2.6.33 /usr/src/linux-2.6.33/.config && cd /usr/src/linux-2.6.33 && make && make modules_install && cp arch/x86_64/boot/bzImage /boot/vmlinuz && lilo && echo “blacklist nouveau” >> /etc/modprobe.d/blacklist.conf && telinit 6

There was also an issue with the libgmp library which was updated today and fixed those issues.

Some other upgrades/changes:

  • device-mapper is now included in the lvm2 package
  • gzip security issue
  • kernel 2.6.33
  • kde 4.3.5
  • openssl security fixes in 0.9.8m
  • bash 4.1

I’m running AlienBob’s kde 4.4.x packages and hopefully he’ll have an updated ( to 4.4.1 ) set soon. All in all an interesting time however this is dev so it’s to be expected. Th problem is current is generally so stable that this is actually unexpected. No problems either way.

Thanks to Pat, Eric, Robby and all the rest.

Privacy and freedom: World Gone Mad Part 2

The US Copyright Lobby has indicated that using FOSS equates to the undermining of intellectual property rights. Yes you read that correctly. They want the US Trade Representative to place countries like Brazil, India, and Indonesia on the Special 301 list, which is a list of countries that do not, according to mostly the Pharmaceutical Research and Manufacturers of America and the IIPA, do enough to protect intellectual property rights.

The governments of the countries the IIPA wants to add have one thing in common: they’ve used or are encouraging the adoption of Free and open source software, which, according to the IIPA, “weakens the software industry” and “fails to build respect for intellectual property rights”. Huh? No I’m not making this up – take a look for yourself.

“The Indonesian government’s policy […] simply weakens the software industry and undermines its long-term competitiveness by creating an artificial preference for companies offering open source software and related services, even as it denies many legitimate companies access to the government market,” the IIPA states, “Rather than fostering a system that will allow users to benefit from the best solution available in the market, irrespective of the development model, it encourages a mindset that does not give due consideration to the value to intellectual creations.”

Since when has FOSS denied anyone anything, let alone legitimate companies’ access to the government market? And how is FOSS not an intellectual creation? Besides giving no proof of their statements, these murmurings are just plain fiction. Perhaps the US Copyright Lobby should stop spouting trash in the name of big business and do something for the man in the street for a change.

Adventures in Linux distro land

The number of articles lately concerning the overwhelming amount of Linux distributions available is quite interesting; why now? Perhaps because Linux on the desktop is becoming a little more mainstream. Or perhaps because of the miriad number of embedded devices that use Linux ( think home automation, signage boards, NAS storage, netbooks, phones, radios, media players, industrial devices, etc. ) and that are more visible. Whatever the reason, I think it’s always been a positive thing, with the competitive nature of open source driving improvement and maturation. And open source does not need proprietary offerings as competition ( as another journalist has recently inferred ). FOSS in itself is its own competition.

Just because there are numerous distros available ( distrowatch.com keeps track of the Top100 ) doesn’t mean Joe Blogs needs to become a guru on all or most of these. Many are specialist distros catering for recovery, security, audio, media or other areas and for the most part, one can keep your eye on the top 20 for something to use within mainstream server or desktop areas.

For desktop use, Ubuntu, Mandrake, Mint, Fedora, Puppy and openSuse come to mind. On the server side Centos, RedHat, SLES, Debian and Slackware are the main choices. For Business server use ( ala Windows Server SBS ) you can look at ebox and ClearOS.

So overall, that is not an overwhelming set of choices – just enough to give you something you are comfortable with. Read reviews on each, do a test run in a virtual machine ( care of VirtualBox ) and make the switch.

Here follows a quick matrix showing the main distros in each area.

Desktop Ubuntu, Mandriva, Mint, Fedora, Puppy, openSuse
Server Red Hat Enterprise, Centos, SLES, Debian, Slackware, Scientific
SBS ebox, ClearOS
Security Backtrack, Nexenta,
Recovery Knoppix, SystemRescueCD, CloneZilla,
AV Mythbuntu, 64Studio , Musix
Storage FreeNAS, OpenFiler

Open Source in 2009

2009 has been a very big year for FOSS with a number of high-profile occurrences and products being released this year. Let’s  take a short look at some of these:

  • the release of Canonical’s Ubuntu 9.10 as well as Red Hat’s KVM-orientated RHEL 5.4
  • the submission of code twice by Microsoft into the open source domain ( both times due to breaches of the GPL license ) – one was for the Microsoft Virtual Server Linux virtualisation drivers and one for the USB Boot tool for Windows 7
  • the back-end of Whitehouse.gov was switched to Drupal CMS
  • the Apache Foundation celebrated 10 years and 300 members working on 65 projects
  • Red Hat was added to Standard and Poor’s 500 stock index
  • cloud computing as a business model was born
  • Linux showed up in Samsung TV’s, Sony cameras, Motorola cellphones and many other products

Microsoft hijacks Firefox Part 2

So there was a call for Mozilla to blacklist the MS plugins. And that is exactly what they have done! The Microsoft .NET Framework Assistant and Windows Presentation Foundation were added, for reasons of their vulnerability to remote code execution. All versions for all applications have been blocked. Apparently the Framework Assistant has now been deemed safe and removed from the blocklist. I still maintain that vendors installing software without user notification is malware and should be treated as such.

Microsoft hijacks Firefox

Microsoft was quite upset with Google recently with the latter’s attempt to install a plugin ( Google Frame ) for IE; it seems though that it’s fine for Microsoft to install a plugin for Firefox – and it’s come back to haunt them with a security hole in the plugin that they silently installed!

Earlier this year, Microsoft was installing the Microsoft .NET Framework assistant into Firefox. The recommendation was to remove this but Microsoft had originally not given an option to do this. They capitulated and released an update to do so, however the update broke other extensions.

Now they’ve been silently installing a Windows Presentation Foundation plugin ( part of .NET Framework 3.5SP1 ) that allows the embedding of XAML applications in web pages ( thought they would have learnt with the Eolas patent lawsuit ). It seems that anything Microsoft touches turns to insecure; and I think this can easily be classed as malware.

It’s therefore a good thing that Mozilla have just released their Plugin Check system which could indicate security issues with plugins like the one above.

Tweetdeck on Slackware64 13.0

I recently came across this application ( thanks Nic ) so only natural that I try it out ( especially as I have an issue with the plasma twitter widget in KDE 4.2.4 ). Couple of issues though:

  • requires Adobe AIR
  • only 32-bit
  • packaged only for deb and rpm

I did some searching and with a couple of articles, managed to piece together an installation routine for Slackware64 13.0:

  • make sure your Slackware64 is multi-lib enabled
  • download the 32-bit packages of gnome-keyring and nss packages from the GSB project ( one is in l/ and the other in a/ )
  • convert to Slack64 compat packages using /usr/sbin/convertpkg-compat32 -i <package_file_name>
  • install converted packages above ( found in /tmp )
  • download AIR SDK ( not runtime )
  • mkdir /opt/AIR
  • extract archive into this directory
  • mkdir /opt/AIR-APPS/<app-name>
  • download the application ( for Tweetdeck I had to use Windows/FF as the manual download link did not show up in my Slack/FF )
  • extract ( using unzip ) to the APPS/<app-name> dirrectory
  • run using: /opt/AIR/bin/adl -nodebug /opt/AIR-APPS/tweetdeck/META-INF/AIR/application.xml /opt/AIR-APPS/tweetdeck

No too bad an install but it would be nice for Adobe to support non-rpm/deb users with a .tar.gz package and 64-bit Linux. Maybe to come?