Home Blog Page 10707

The Evolution continues

Author: JT Smith

Joe Barr writes us about this story: http://www.linuxworld.com/site-stories/2002/0311.e volution.html. “A couple of weeks ago I wrote about moving from Sylpheed (a wonderful e-mail client) to Evolution. I promised then that I would follow up after I had had a chance to put a few more miles on Evo. This week’s column keeps that promise.”


  • Open Source

The penguin on your desktop

Author: JT Smith

CanadaComputes.com has an article on how the price of Windows may drive more users to Linux, with a Windows XP-loaded system $450 more than a system without it. “The changing circumstances of Linux for personal computers has as much to do with the goings on at 1 Microsoft Way as it has with the continued maturation of Linux. Note that while overall PC hardware costs are falling, Microsoft has been raising its prices, such that a Windows OS has become a significant part of the total cost of a desktop PC.”


  • Linux

Linux kernel, Netscape affected by major zlib security vulnerability

Author: JT Smith

By Grant Gross

A buffer overflow vulnerability affecting the PPP code in the Linux kernel, Netscape and up to 20 packages in some Linux distributions has been found in the popular compression library zlib. The potential is for crackers to gain remote access to computer systems using zlib, but a fix is available.

Dave Wreski, corporate manager for Open Source security company Guardian Digital and publisher of LinuxSecurity.com, says there’s no known exploit for the vulnerability, but it’s a serious issue because of the sheer number of programs relying on zlib or a variant of it statically linked into their binaries.

“That means that you can’t just rebuild or fix zlib and then reboot the system and have it re-dynamically link against the library,” Wreski says. “You have to actually recompile the binary.”

LinuxSecurity.com has posted an article with links to security advisories and other information and an an advisory to Guardian Digital’s EnGarde Linux, including a fix for the six affected packages in EnGarde. Quoting that advisory: “The zlib shared library may attempt to free() a memory region more than
once, potentially yielding a system exploitable by certain programs that
use it for decompression. Because certain packages include their own
zlib implementation or statically link against the system zlib, several
packages need to be updated to properly fix this bug.”

Packages affected also include X11, rsync and programs that do network compression, Wreski says. Netscape includes network compression in its Navigator package.

“The potential is certainly for root compromise,” Wreski says. “Because it’s network compression, it’s conceivable that it could be a remote root exploit as well.” For example, if you were using Netscape and connected to a Web site with malicious code, you could be vulnerable, he adds.

Linux vendors and the CERT Coordination Center are working together get the word out about the vulnerability.


  • Security

Will Linux find a home in handhelds?

Author: JT Smith

PCWorld.com reports that despite its advantages, Linux still lags behind Palm and Microsoft when it comes to powering PDAs.

Microtronix announces integration of Embedded Linux with Altera SOPC Builder

Author: JT Smith

It’s on PRNewswire: Microtronix
(http://www.microtronix.com), a leading integrator of embedded hardware and
software, announced today that they will support the creation of customized
embedded Linux(R) kernels in the Altera(R) SOPC Builder automated system
development tool. Customers will be able to combine the Nios(TM) soft-core
processor development flow with embedded Linux development, providing great
flexibility and speed to the design process.

People of KDE: Neil Stevens

Author: JT Smith

KDE.org features Stevens, who works on “Kit, Kaboodle, Megami, and a bunch of hard-to-translate Noatun plugins.”


  • Migration

2001 LinuxQuestions.org Members Choice Awards

Author: JT Smith

jeremy writes: The 2001 LinuxQuestions.org Members Choice Awards have come to a close. You can view the results here. Thank you to everyone that voted. Here are the winners:

Browser of the year – Konqueror AND Mozilla
This was one of the closest awards. We have a dead tie between Konqueror and Mozilla, both had 21.98%. Netscape and Opera were right behind them with 19.23% and 18.68% respectivly.

Distribution of the Year – Red Hat
Red Hat was a pretty stong winner here with 35.29%. Mandrake was not too far behind.

Database of the Year – MySQL
No surprise here. MySQL was the clear winner with 64.65%. The one surprise was that Oracle tied PostgreSQL for second.

FTP Server of the Year – ProFTPD
ProFTPD was a solid winner in this category with 40.48%. But WU-FTPD came in second. Have a taught you nothing?

Web Server of the Year – Apache
This was by far the most lop-sided battle. Apache came in with a whopping 96.90% of the votes. wow!

Desktop Environment of the Year – KDE
KDE came out much stronger then I thought it would with 68.90% of the votes. Gnome was second, with my personal favorite Ximian a quite distant third.

Window Manager of the Year – Enlightenment
Another very close race. Enlightenment came out just ahead with 25.56%. Coming in a close second and third were Sawfish (21.05%) and Window Maker (20.30%).

Editor of the Year – Vim
Vim came out ahead with 34.11%. The surprise here to me was that pico got almost as many votes as Emacs.

Office Suite of the Year – Star Office
Star Office ran away with this one with 66.67%. Koffice was a distant second with 22.50%.

Mail Client of the Year – Kmail
I think KDE (31.13%) being so popular skewed this one a little. Trusty old pine came in second (18.54%) while the very slick Evolution came in third (14.57%).

Game of the Year – Quake III
Quake III came out ahead here with 39.37%. Return to Castle Wolfenstein (26.77) was a respectable second.

Thanks again to all that voted. Time to start thinking about your nominee’s for next year.



Game over for Loki

Author: JT Smith

“This is the week that Loki Software, Inc., the once-promising Linux games company that came to resemble Enron writ small, disappears beneath
the waves forever. As with Enron, the company heads appear to have come out okay, leaving unpaid employees holding the short end of the

The final official blow was set to be delivered Monday when the trustee overseeing the company’s liquidation was to declare Loki devoid of assets
and close the case.” More at Linuxandmain.com.


  • Games

Microsoft: Apple’s enemy or savior?

Author: JT Smith

NewsFactor Network writes: “Five years ago, Microsoft and Apple signed a controversial pact that brought the two firms together in a software development and innovation-sharing relationship. Since then, the relationship has blossomed. By delivering two of the most critical applications for Mac OS X, Internet Explorer 5 and Office v.X, Microsoft’s Mac business unit has become more of a savior than an enemy to Apple. NewsFactor spoke with Kevin Browne, general manager of Microsoft’s Macintosh business unit, about his firm’s evolving relationship with Apple, the current array of Microsoft Mac applications, and prospects for another five years of partnership.”

Cgisecurity.com releases fingerprinting Port 80 attacks

Author: JT Smith

Anonymous Reader writes: “They have released a followup to Part one which talked about the attack signatures attackers leave when attacking
your web applications. Good paper that explains what you may find in your logs and what they may mean. Fingerprinting Port 80 Attacks part two.


  • Security