Slashdot readers discuss a Newsbytes.com story saying Netscape 6 collects information about what searches users do on sites like Google.com.

NWfusion.com reprots that Sun Microsystems has filed a private antitrust lawsuit against Microsoft “over what it says are past and continuing efforts by the software giant to undermine Java. Sun claims that Microsoft engaged in a campaign of anticompetitive conduct.”

Posted at LWN.net: “Updated mod_ssl packages for Red Hat Linux 7, 7.1, and
7.2 are available which close a buffer overflow in mod_ssl.
“

Boston.internet.com reports on the ongoing saga. “Unable to complete a merger, Mission Critical Linux Inc. has cut nearly all its 55 workers and sold to a group of investors led by its former chairman Rick Angell.”

Mike Potter writes: “OEone Corporation, a leading developer of Internet device software, announced today the first release of its HomeBase product as a software-only distribution that can be installed on a wide range of PC hardware.

OEone has also introduced to its supported hardware line the ASUS Terminator Internet Computer, a small footprint micro-tower and a significant price cut on the existing all-in-one system from Future Power. Both systems ship fully configured with HomeBase 1.2.

New improvements include expanded multimedia and optimized PALM Synchronization. Existing customers running those versions can auto update to HomeBase 1.2, now deployed on OEone’s production servers.

“Thanks to our continuing aggressive schedule, the release of OEone HomeBase 1.2 represents a significant milestone for the company. This software was specifically designed for advanced users wishing to configure their own Internet Computer. HomeBase 1.2 will make it fun and easy for those users to select and buy a compatible machine from our extensive list of supported hardware and install the software on their own.” said Eid EID, President and CEO, OEone Corp. “Less technically inclined customers still have the flexibility of buying a fully configured system directly from OEone.”

“Since the initial release of HomeBase, software developers and Open Source enthusiasts have been asking for a software-only version they can experiment with. Our latest release significantly broadens the landscape of hardware that HomeBase supports, lowering the barrier for early adopters,” said Peter Bojanic, Vice-president of Software, OEone Corp. “The latest version of HomeBase improves greatly upon our earlier release, delivering several feature enhancements and usability improvements.”

OEone’s HomeBase Operating Environment

OEone HomeBase software is the industry’s first operating environment to fully integrate Linux, an XML based Webtop, and applications with targeted system hardware. OEone’s distinctive platform sets a new benchmark in software integration, performance, and ease-of-use for the Internet Entertainment Computing market. OEone HomeBase comprises the Linux Operating System, a Mozilla browser-based Webtop, and a variety of applications including personal productivity, entertainment, communications, personal portal, and TV viewer. OEone HomeBase also includes backup services, free software upgrades for one year, and 100MB of server-side storage.

The FuturePower AIO ® Internet Computer
This all-in-one computer has a sleek and compact design that integrates the main processing unit and a 17″ CRT monitor. It also integrates a cable-ready TV tuner, 10/100-Ethernet, and a 56Kbps modem, allowing out-of-the box connection to most broadband or dial-up ISPs. It’s simple to setup just plug in power, keyboard, mouse, and Internet connection.

The ASUS ® Terminator Internet Computer

This micro-tower computer incorporates high-quality components and flexible options in a stylish, and compact housing. Its internal swivel design allows easy access to major components, even by novice users. Its fully integrated design provides 3D Video, Audio, LAN, Modem, and USB right out of the box.

Both the AIO and the Terminator have a customized User Interface to match their design and the drivers were tuned to run their particular hardware. Just plug it in and a few minutes later you’re ready to surf the web, check your email, listen to music, play games, and watch TV.

Pricing and Availability
The OEone HomeBase 1.2 software comes with free software upgrades for one year and 100MB of server-side storage. The package sells for a suggested retail price (SRP) of US $29.

The FuturePower AIO price with integrated 17″ CRT display and built-in TV tuner now has a list price of US $649, down from US $799. The new pricing gives OEone’s Internet computer more than a 20% price advantage compared to similarly equipped Windows PCs.

The ASUS Terminator Internet Computer starts at an SRP of US $399. This is a fully upgradeable micro-tower. Standard options are TV tuner card, which lists at US $49, and a Philips 15″ Active LCD panel at US $379.

All products are available now from OEone’s webstore at shop.oeone.com.

About OEone Corporation
OEone is a leading software developer creating a fully integrated Operating Environment for the emerging Internet computer market. The company was founded by Eid Eid, former VP of Technology of Corel Corporation, and President of Corel Computer. The company is leveraging the open-source software movement including the Linux Operating System and Mozilla to deliver a software platform for manufacturers and OEMs to power the next generation of Internet computers. The platform will deliver entertainment and personal productivity applications, personalized content aggregation, ISP and ASP services. For more information, please visit our Web site at www.oeone.com.

ComputerWire (on The Register) reports that Amazon.com has settled a two-year-old patent infringement lawsuit with Barnesandnoble.com, though it declined to disclose the terms.

PCWorld.com reports that Pretty Good Privacy inventor Phil Zimmermann says the encryption protocol will go on, despite a move by Network Associates to shelve the encryption product after it couldn’t find a buyer.

LWN.net has the Mandrake notice: “A problem was found in versions of improved mod_frontpage prior to
1.6.1 regarding a lack of boundary checks in fpexec.c. This means that
the suid root binary is exploitable for buffer overflows. This could
be exploited by remote attackers to execute arbitrary code on the
server with superuser privileges. Although there are no known exploits
available, if you use mod_frontpage you are strongly encouraged to
upgrade.”

LWN.net has the list.

One of the really beautiful features of Open Source software is the
ability to customize the software for very particular purposes. One such
special-purpose customization is Devil-Linux, a Linux
distribution built for lightweight firewalls.

Now, there are several Linux firewall products available, including the
Mitel SME Server (formerly E-Smith Firewall and Gateway reviewed
on NewsForge last year), but Devil-Linux approaches the problem a bit
differently. Where the Mitel product is focused on ease of installation
and administration, the Devil-Linux offering is much more techie in its
configuration.

But the main feature of Devil-Linux is intriguing: It is designed to
install without the use of a hard drive. The operating system requires
the use of a CDROM and a write-protected floppy. The CDROM provides the
operating system, and the floppy provides the configuration information,
via a tarball that is unpacked into the /etc directory. In this way, the
system is fully configurable, yet the running system has no writeable
device.

Why is this helpful? If the system is compromised, it is impossible to
install a stealth root kit. This means that a simple reboot will ensure
that any compromising software has been removed.

But that’s only half the equation. Any sysadmin worth his salt will point
out that reloading the same software that was cracked is just re-arming a
time bomb. If it was cracked once, it will be cracked again.

If it was a matter of a poor choice of security settings, you will need to
edit the selections you made and recreate the floppy. If a software kit
is at fault and Devil-Linux has already upgraded it, you will need to
download a new CDROM ISO image from the Web site. If no patch is available
yet, you will need to unpack the ISO image onto another machine, install a
corrected executables from another source, and then rebuild and reburn the
ISO image. The last option is not exactly kid stuff, but security doesn’t
always come with a candy coating.

Project background

The project’s Web page points out that the naming of Devil-Linux does not
have any religious significance. In a move reminiscent of the naming of
Linux (where the person maintaining the FTP download site named the
project after Linus Torvalds), a friend of the project leader suggested
naming the project after a picture on the leader’s T-shirt: a BSD-like
Daemon.

Devil-Linux is a working firewall, but it is still at version 0.5b5, so it
is still very much a work in progress. According to the Web page,
additional capabilities are still on the drawing board, such as HTTP and
FTP servers and an intrusion detection system. But for now, it is a
functional firewall based on the Linux-from-Scratch project using a 2.4
kernel with a number of usable components.

Configuring the system

Setup is not for the total novice, but it does not require extensive
expertise, either. You will need to be acquainted with basic sysadmin
skills for a Linux system. If you can create tarballs and edit
the configuration files normally kept in /etc, you should be ok.

The Web page at http://www.devil-linux.org/ does include reasonable
documentation. It does not talk you through every edit of the config
files, but it certainly gives you a good outline of the process of setting
up this system. Having a copy of the short but informative documentation
handy is advisable. It is included in the download kit.

First, you will need to download and burn a copy of the Devil-Linux ISO
image. It’s a straightforward operation if you have burned your own ISO
images onto CDs before.

Once you have burned the CD, untar the file etc.tar.gz into a directory on
your system. Yes, you will need to perform this action on a system other
than that to be used as the firewall, because the configuration
takes place before you ever boot the firewall.

The documentation suggests editing at least these files:

etc/resolv.conf
etc/sysconfig/config
etc/sysconfig/software
etc/sysconfig/nic/ifcfg-*

The information you will need to supply is precisely what you would
expect. You will need to specify the drivers to use for each of the
network cards as well as the normal network parameters. (IP address,
netmasks, DNS server addresses, etc.)

You will also choose which services to start on the firewall. These
services include such things as PPP, IPsec, SSH, Bind, PPPoE, DHCP, PPTP,
LDAP, and SNMP. Configuration of most of these services is
straightforward for a moderately experienced administrator.

Some normal configuration options are notable by their absence. There
is no need to configure sound cards or define X Windows parameters. As a
dedicated server, Devil-Linux has no need for such things. And that
simplifies the setup process greatly.

Once you have set up the configuration files, you will need to recreate
the /etc tarball and place it on a DOS-formatted floppy disk. Once you
have copied the file onto the floppy, set the write-protect tab on the
diskette. This will prevent any crackers from potentially modifying the
configuration information.

Execution

This is the one point where the beta-ness of the code showed up. I had
two first-generation Pentium boxes that absolutely refused to boot the
Devil-Linux kernel. Normally, you can boot straight from the CD, but you
have the option of booting from a DOS floppy if your machine is old enough
not to support booting from CDs. Unfortunately, neither technique worked.
An error was reported from the ISOLINUX module. However, several other
machines I own booted just fine, including a 486 and an Athlon box.

Once the system begins booting, it will check to see if the needed floppy
disk has been inserted into the machine. If not, it will noisily remind
you to insert the disk. Once the disk is inserted, the machine finishes
booting.

That’s it. Pretty simple.

Because my normal firewall box was one of the Pentium boxes that refused
to boot up, I could not test the firewall quite as extensively as I
normally would have. However, the test box seemed to perform its
function well, keeping to a lean-and-mean firewall concept. It started
the daemons it required, and not much else. Just what the doctor ordered.

Modifications

If you need to patch or enhance the system for your needs, there is a
short but helpful document that describes how you can easily recompile
and rebuild the distribution. This could be quite helpful for creating
highly tailored firewalls, if needed.

As I mentioned earlier, Devil-Linux is still in development. This means
that there is still room for improvements and enhancements. If you find
that this project fits your needs, or at least comes close, you might want
to contribute to the development process. I’m sure that the development
team would welcome the help.

Summary

Devil-Linux is a nice little firewall that could have a bright future. It
is not suitable for every occasion (especially in places without a
sysadmin handy), but I don’t doubt that many technical people will find
places to employ this project. If you want a tight little firewall that
only does what you want it to, check out Devil-Linux.