Caldera: “Researchers at the university of Oulo, Finnland, discovered several remotely exploitable vulnerabilities in ucd-snmp. This security update fixes these vulnerabilities. This update also contains a patch from the SuSE security team that cleans up a number of unchecked memory operations.”

______________________________________________________________________________
                   Caldera International, Inc.  Security Advisory

Subject:                Linux - Various security problems in ucd-snmp
Advisory number:        CSSA-2002-004.0
Issue date:             2002, January 22
Cross reference:
______________________________________________________________________________


1. Problem Description

   Researchers at the university of Oulo, Finnland, discovered several
   remotely exploitable vulnerabilities in ucd-snmp. This security update
   fixes these vulnerabilities. This update also contains a patch from
   the SuSE security team that cleans up a number of unchecked memory
   operations.


2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux 2.3                 not vulnerable

   OpenLinux eServer 2.3.1       All packages previous to
   and OpenLinux eBuilder        ucd-snmp-4.2.1-17

   OpenLinux eDesktop 2.4        not vulnerable

   OpenLinux Server 3.1          All packages previous to
                                 ucd-snmp-4.2.1-17

   OpenLinux Workstation 3.1     All packages previous to
                                 ucd-snmp-4.2.1-17

   OpenLinux 3.1 IA64            not vulnerable

   OpenLinux Server 3.1.1        All packages previous to
                                 ucd-snmp-4.2.1-17

   OpenLinux Workstation         All packages previous to
   3.1.1                         ucd-snmp-4.2.1-17



3. Solution

   Workaround

     none

   The proper solution is to upgrade to the latest packages.

4. OpenLinux 2.3

    not vulnerable

5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0

    5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

        ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS

The corresponding source code package can be found at:

        ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/SRPMS

5.2 Verification

       39455abae12c26af0767e73ce5fa21ba  RPMS/ucd-snmp-4.2.1-17.i386.rpm
       2a13a2370c9da23d09a9fdfb94242cb0  RPMS/ucd-snmp-devel-4.2.1-17.i386.rpm
       552a1f07b57743ea2f83a77878f8b307  RPMS/ucd-snmp-tkmib-4.2.1-17.i386.rpm
       02914263b92c14023b6a8a986739975a  RPMS/ucd-snmp-utils-4.2.1-17.i386.rpm
       6f3b52721566b814f3937f135a82c6f5  SRPMS/ucd-snmp-4.2.1-17.src.rpm


   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh ucd-snmp-4.2.1-17.i386.rpm 
              ucd-snmp-devel-4.2.1-17.i386.rpm 
              ucd-snmp-tkmib-4.2.1-17.i386.rpm 
              ucd-snmp-utils-4.2.1-17.i386.rpm


6. OpenLinux eDesktop 2.4

    not vulnerable

7. OpenLinux 3.1 Server

    7.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS

The corresponding source code package can be found at:

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

7.2 Verification

       e1f2eab37121fd66aefab49da3f6173b  RPMS/ucd-snmp-4.2.1-17.i386.rpm
       ad7405f4578ca3f25a56d8e5d96020bb  RPMS/ucd-snmp-devel-4.2.1-17.i386.rpm
       980115ed7580c8a772e8111ad1494067  RPMS/ucd-snmp-tkmib-4.2.1-17.i386.rpm
       48f82f6ee0561fc0961cf99e471a14de  RPMS/ucd-snmp-utils-4.2.1-17.i386.rpm
       6f3b52721566b814f3937f135a82c6f5  SRPMS/ucd-snmp-4.2.1-17.src.rpm


   7.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh ucd-snmp-4.2.1-17.i386.rpm 
              ucd-snmp-devel-4.2.1-17.i386.rpm 
              ucd-snmp-tkmib-4.2.1-17.i386.rpm 
              ucd-snmp-utils-4.2.1-17.i386.rpm


8. OpenLinux 3.1 Workstation

    8.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS

The corresponding source code package can be found at:

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS

8.2 Verification

       e1f2eab37121fd66aefab49da3f6173b  RPMS/ucd-snmp-4.2.1-17.i386.rpm
       ad7405f4578ca3f25a56d8e5d96020bb  RPMS/ucd-snmp-devel-4.2.1-17.i386.rpm
       980115ed7580c8a772e8111ad1494067  RPMS/ucd-snmp-tkmib-4.2.1-17.i386.rpm
       48f82f6ee0561fc0961cf99e471a14de  RPMS/ucd-snmp-utils-4.2.1-17.i386.rpm
       6f3b52721566b814f3937f135a82c6f5  SRPMS/ucd-snmp-4.2.1-17.src.rpm


   8.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh ucd-snmp-4.2.1-17.i386.rpm 
              ucd-snmp-devel-4.2.1-17.i386.rpm 
              ucd-snmp-tkmib-4.2.1-17.i386.rpm 
              ucd-snmp-utils-4.2.1-17.i386.rpm


9. OpenLinux 3.1 IA64

    not vulnerable

10. OpenLinux 3.1.1 Server

    10.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS

The corresponding source code package can be found at:

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS

10.2 Verification

       0bf1e8d5ec70518f2b548871fb1d00b7  RPMS/ucd-snmp-4.2.1-17.i386.rpm
       7b8f7fd19b3a0dd61a1113e3d12bd00d  RPMS/ucd-snmp-devel-4.2.1-17.i386.rpm
       b0bf4250ba668660b0c9d859d164e918  RPMS/ucd-snmp-tkmib-4.2.1-17.i386.rpm
       df84f06b86e973ee8d38f5f995fa7905  RPMS/ucd-snmp-utils-4.2.1-17.i386.rpm
       6f3b52721566b814f3937f135a82c6f5  SRPMS/ucd-snmp-4.2.1-17.src.rpm


   10.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh ucd-snmp-4.2.1-17.i386.rpm 
              ucd-snmp-devel-4.2.1-17.i386.rpm 
              ucd-snmp-tkmib-4.2.1-17.i386.rpm 
              ucd-snmp-utils-4.2.1-17.i386.rpm


11. OpenLinux 3.1.1 Workstation

    11.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS

The corresponding source code package can be found at:

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS

11.2 Verification

       0bf1e8d5ec70518f2b548871fb1d00b7  RPMS/ucd-snmp-4.2.1-17.i386.rpm
       7b8f7fd19b3a0dd61a1113e3d12bd00d  RPMS/ucd-snmp-devel-4.2.1-17.i386.rpm
       b0bf4250ba668660b0c9d859d164e918  RPMS/ucd-snmp-tkmib-4.2.1-17.i386.rpm
       df84f06b86e973ee8d38f5f995fa7905  RPMS/ucd-snmp-utils-4.2.1-17.i386.rpm
       6f3b52721566b814f3937f135a82c6f5  SRPMS/ucd-snmp-4.2.1-17.src.rpm


   11.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh ucd-snmp-4.2.1-17.i386.rpm 
              ucd-snmp-devel-4.2.1-17.i386.rpm 
              ucd-snmp-tkmib-4.2.1-17.i386.rpm 
              ucd-snmp-utils-4.2.1-17.i386.rpm



12. References

   This and other Caldera security resources are located at:

    http://www.caldera.com/support/security/index.html

This security fix closes Caldera's internal Problem Report 10987.


13. Disclaimer

   Caldera International, Inc. is not responsible for the misuse of
   any of the information we provide on this website and/or through our
   security advisories. Our advisories are a service to our customers
   intended to promote secure installation and use of Caldera OpenLinux.

14. Acknowledgements

   Caldera International wishes to thank the Secure Programming Research
   Group at Oulu University for their work, and for sharing their research
   results in this fashion. We also wish to thank Thomas Biege at SuSE for
   his additional patches.
______________________________________________________________________________

Since the advent of computers, do-it-yourself
documentation has been a foundation of grassroots technology
development. FreeBSD, Linux, Perl, Apache, MySQL, and other core
Internet technologies have flourished with the help of documentation
created by dedicated members of their technical communities. The
O’Reilly Community Press, a new series from technical publisher
O’Reilly & Associates, publishes essential community-generated
documentation. Thanks to that classic user interface, the book, hackers
can now access the wisdom of their community on the bus, at the beach,
or in the bathroom.

“We learned long ago that good, accessible documentation spurs the
development of interesting technologies,” said Tim O’Reilly, founder
and president of O’Reilly & Associates. “And our customers tell us that
they want to wrap their hands around a hard copy of the documentation
they use, even if it’s also available online. Through the O’Reilly
Community Press, we’ll publish the best of the documentation that
emerges from the technical communities we serve.”

Unlike classic O’Reilly animal books, which are created to fill an
information void, the Community Press titles simply provide convenient
printed copies of documentation that is already available online.
Although the books must meet O’Reilly’s standards for containing clear,
useful information, our role is limited to providing manufacturing and
distribution services rather than editorial development. Each book
reflects the editorial voice and organization of the community that has
created it.

As a result, the covers of O’Reilly Community Press titles are distinct
from O’Reilly’s classic animal books. “The series look is a direct
descendent of early O’Reilly Nutshell handbook covers, which featured
simple, classic line drawings printed with black ink on nubbly brown
paper,” said Edie Freedman, O’Reilly’s creative director and original
cover designer. “The oak tree on the cover of the books in the series
represents the organic way the O’Reilly Community Press titles develop.
The covers also evoke the books’ importance to their communities, for
oak trees grace the ‘town common’ in most New England towns, anchoring
the town’s gathering place.”

The first O’Reilly Community Press title, available in April 2002,
is the “MySQL Reference Manual.” Other books in the pipeline include a
new edition of Greg Lehey’s “The Complete FreeBSD” and “DocBook, 2nd
Edition” by Norm Walsh and Lenny Muellner.

About O’Reilly
O’Reilly & Associates is the premier information source for
leading-edge computer technologies. We communicate the knowledge of
experts through our books, conferences, and web sites. Our books, known
for their animals on the covers, occupy a treasured place on the
shelves of the developers building the next generation of software. Our
conferences and summits bring innovators together to shape the
revolutionary ideas that spark new industries. From the Internet to the
Web, Linux, open source, and now peer-to-peer networking, we put
technologies on the map. For more information: http://www.oreilly.com.

O’Reilly is a registered trademark of O’Reilly & Associates, Inc. All
other trademarks are property of their respective owners.

Matthew Rothenberg writes, “Baseline has a scoop story from Mary Jo Foley about Microsoft’s plans to push into the growing enterprise market for customer relationship management. Sources say Microsoft will unveil MSCRM at the Great Plains Convergence conference in March and pitch it to companies with 100 to 1,000 employees.”

Wired.com reports that the Grid, an Open Source, connected-computing project, is “moving out into the real world and has Microsoft’s .Net in its sights.”

sales@qlilinux.com writes:
QliTech Linux Computers is proud to announce their latest addition, the Gen2 to their line of Linux Laptops.

The Gen2, QliTech’s fastest, second generation Linux laptop features a 14.1 LCD Display,
an Intel Pentium 4 processor (up to 2.0Ghz) and is available with up to 1GB of system RAM.

The Gen2 also features a 16MB ATI Mobile Radeon video chipset, onboard 10/100 Mbps lan port,
and optional CDRW / CDRW-DVD Combo Drives.
More information on QliTech’s entire laptop line can be found at:
http://www.qlilinux.com/products/laptops/index.htm l

QliTech Linux Computers are available with the customers choice of Linux distribution pre-installed,
as well as Sun Microsystems’ Star Office.
Laptops feature a 1 year parts and labor warranty
(extended warranties available) and free technical support.

About QliTech:

QliTech, founded in 1998, and based in Moline, Illinois is one of the midwest’s leaders in Linux systems.
Along with their line of Linux Laptops, QliTech also offers Clustering/HPC solutions,
Linux servers and their acclaimed Advanced Multimedia Workstation high-performance graphics workstation,
as well as Small Office / Home Office Linux systems.

For more information contact:

QliTech Linux Computers
1-877-24-LINUX
(1-877-245-4689)
Toll Free U.S.A and Canada
http://www.qlilinux.com

Steve Mallett writes, “After giving authors and maintainers over nine months to make their own product-listing on Open Source Directory we have opened listing up to volunteers who would like to make a directory listing of their favourite or complimentary application. We continue to give preference to the original authors. Details can be found at OSD.”

From NWfusion.com: “Microsoft is benefiting from the proposed settlement with the Department of Justice and nine U.S. states by using it to impose onerous licensing terms that squeeze PC makers out of their patent rights, several nonsettling states charged Tuesday.

In a filing with the U.S. District Court for the District of Columbia, seeking rejection of the proposed settlement, the states cited testimony from a Microsoft executive to prove their claim that the settlement ‘has fostered new monopolistic practices and fettered the market with new anticompetitive practices.'”

From EuroLinux Alliance: The European Commission is
likely to approve this wednesday a proposal of directive on software
patents. EuroLinux has managed to obtain a draft version of the
proposed directive. The same document was sent to a few official
representatives in European national governments.

Incidentally, the author of this document, according to the Microsoft
Word file (http://petition.eurolinux.org/pr/proposal.doc), is Francisco
Mingorance (franciscom@bsa.org), patent expert and director of public
policy at BSA (Business Software Alliance), an association which
represents the interests of large US software publishers in Europe.

Software patents are a major legal issue in the information society.

Copyright is currently the right way to protect software publishers
against piracy. “Copyright provides a simple and very efficient
protection to the software economy” says Matthias Schlegel, CEO of
Phaidros. “Copyright is the prefered protection of SMEs and
independent software developers [1]. EuroLinux strongly supports
copyright.” adds Harmut Pilch, speaking for the EuroLinux Alliance.

On the other hand, software patents allow one company to monopolize an
idea of software (ex. patent EP0800142 on the conversion of file names
between DOS and Windows) or an idea of business on the Internet (ex.
EP0756731 on generating buying incentives from the distribution of
cooking recipes), thus prohibiting other companies to use the same
idea, even when implemented differently. Because software is always
based on a creative arrangement of a few innovative ideas and many
common ideas, all European software publishers are infringing on
hundred patents among the 50.000 software patents owned by IBM,
Microsoft, Sun or Sony, etc. “Thus, instead of protecting software
publishers, software patents create a tremendous juridical uncertainty
and allow large IT companies to completely control the software
economy, block innovation and block competition by prohibiting one
software to be compatible with another” says Stéfane Fermigier, CEO of
Nuxeo. “Software patents allow large IT companies to steal the
intellectual property of smaller players, both by taking control of
their copyrighted creations and by forcing them to disclose and trade
their most competitive ideas in return for being allowed to live.”
adds Jean-Paul Smets, CEO of Nexedi.

The content of the proposed directive draft legalises the illegal
practice [5] of the European Patent Office of granting patents on
software and on business methods [2]. The proposed directive draft
requires inventions to be “technical” but fails to define what is
technical, thus creating an undefined limit to patentability in
Europe. The proposed directive draft does not contain any provisions
to prohibit patents on Internet standards, to garantee
interoperability and fair competition, to protect SMEs against
juridical terrorism or to to ensure that shareware and open source /
free software are not put at a disadvantage. It paves the way to a
global control of the information society by multinational — mostly US
— IT corporations.

Patents are supposed to promote innovation. However, all economic
studies show that the introduction of patents in the software economy
stiffles innovation. [3,4,6,7,8]

Patents are supposed to protect independent innovators. However, all
official studies show that most if not all European software creators
will just face more juridical risk without better protection.

According to the Rome Treaty, EC directives are supposed to raise the
level of protection for consumers and to promote the development of
technologies. However, this directive discourages competition and
innovation, and by allowing large corporations to tax – through the
use of IT – all economic activities, this directive goes against the
Rome Treaty. It is thus constitutionally illegal.

Eurolinux hopes that, by making public this draft document, the
European Commission will be encouraged to publish without delay the
final version of the proposed directive, at the same time as the
expected press release and to provide the same level of information to
European Citizens as to the BSA.

Draft Directive

Please download the draft directive at
http://petition.eurolinux.org/pr/proposal.doc

In order to understand the technical language of the directive and its
juridical implications, EuroLinux has prepared a commented version at
http://swpat.ffii.org/vreji/papri/eubsa-swpat0202/. Please do not
hesitate to call for more explanations on this technical material.

References

[1] Acceptable protection of software intellectual property: a survey
of software developers and lawyers. Effy Oz. Information & Management
34. Elsevier 1998.

[2] European Software Patent Horror Gallery –
http://swpat.ffii.org/vreji/pikta/mupli/index.en.html

[3] What is behind the recent surge in patenting? Samuel Kortum, Josh
Lerner. Research Policy 28. 1999. Elesevier

[4] Abstraction oriented property of software and its relation to
patentability. Tetsuo Tamai. Information and Software Technology.
1998. Elsevier.

[5] Juridical Coup at the European Patent Office –
http://petition.eurolinux.org/pr/pr14.html

[6] Software Patentability with Compensatory Regulation: a Cost
Evaluation. Jean Paul Smets and Hartmut Pilch. Upgrade February 2002
http://swpat.ffii.org/stidi/pleji/
http://www.upgrade-cepis.org/issues/2001/6/up2-6Smets.pdf

[7] Fraunhofer Study about the Economic Effects of Software Patents.
Micro and Macroeconomic Implications of the Patentability of Software
Innovations. German Federal Ministry Economics and Technology.
November 2001.

http://www.bmwi.de/Homepage/Politikfelder/Technologiepolitik/Technologiepolitik.jsp#softwarepatentstudie

http://www.bmwi.de/Homepage/download/technologie/Softwarepatentstudie_E.pdf

[8] Stimulating competition and innovation in the information society.
Conseil Général des Mines. September 2000. –
http://www.pro-innovation.org

About EuroLinux – www.EuroLinux.org

The EuroLinux Alliance for a Free Information Infrastructure is an
open coalition of commercial companies and non-profit associations
united to promote and protect a vigourous European Software Culture
based on Open Standards, Open Competition, Linux and Open Source
Software. Companies, members or supporters of EuroLinux develop or
sell software under free, semi-free and non-free licenses for
operating systems such as Linux, MacOS or Windows.

The EuroLinux Alliance launched on 2000-06-15 an electronic petition
to protect software innovation in Europe. The EuroLinux petition has
received so far massive support from more than 100.000 European
citizens, 2000 corporate managers and 300 companies.

Permanent URL for this press release

http://petition.EuroLinux.org/pr/pr17.html

Legalese

Linux is a registered trademark of Linus Torvalds.
All other trademarks and copyrights are owned by their respective
companies.

– By Jack Bryar –

Is it really possible that when Microsoft set out to market a “Linux killer” last November it began to get itself into more legal difficulty than ever before? And could it blow up into a political scandal as well?

Perhaps the weeping Canadian figure skaters kept you distracted this week, but if you were sifting through the public comments in the Microsoft antitrust case, you’d notice that the New York Times, among others, is hinting that the sweetheart settlement proposed between Microsoft and Assistant Attorney General Charles A. James is about to blow up, big time.

The proposed antitrust settlement between Microsoft and the U.S. Department
of Justice drew about 30,000 comments, more than any business case in
recent memory. The DOJ and the court released 47 of the most substantial of
these comments. They
are worth reading.

Most of them lay out the technical and legal flaws in the
settlement. A couple of comments, notably the detailed
suggestions of connectivity maven Dan Kegel, lay out the wording needed to make the settlement
an effective document.

However, several other comments focused on whether or not the
Microsoft and the DOJ have violated the Tunney Act in its first
big test since the Act was passed in 1974. At issue: the legal obligation of Microsoft and the DOJ to document exactly what was said to justice officials by Microsoft during negotiations. Was there an covert deal, generated by secret Microsoft lobbying and tons of soft money contributions?

Among the curious is none other than former U.S. Senator John V. Tunney,
the author of the sunshine legislation bearing his name. The Tunney Act
is supposed to prevent government litigators from entering into
sweetheart deals with their adversaries. One of the mechanisms of the act is supposed to be full disclosure of all contacts and all
representations made during negotiations between parties. Tunney filed
a comment with Judge Colleen Kollar-Kotelly insisting that,
in order to comply with the Tunney Act, Microsoft must specify all
contacts between it and the government and what was said. In his
statement, Tunney said, “In my opinion, it is essential that all discussions
between the defendant corporation and the government … that might have led to
a proposal settlement decree be disclosed.”

The Senate Judiciary Committee made much the same point, stating
that “Microsoft has made no secret of the political influence it has sought
to create during this trial.” The committee suggested that is was
concerned that Microsoft had engaged in precisely the sort of secret
lobbying of Justice Department officials that the Tunney Act was designed to
expose.

The New York Times has also weighed in
with an opinion that, contrary to the Tunney Act, Microsoft has
not disclosed who attended this and other meetings. “Nor has Microsoft
described in even the most cursory fashion the substance of any
of these communications,” the Times stated.

Two sets of dates are of particular interest to outside observers.
These are October 5 and October 30-31.

I earlier wrote a column about the Halloween negotiations between
Microsoft and Assistant Attorney General Charles A. James, when James
effectively left the
Justice experts advising him outside the room. Litigators for the
states that have refused to accept the settlement are understandably curious about just what was said in those negotiations.

They are even more curious because of the possibility that James and
his staff may have been misled by Microsoft officials at an earlier
meeting, and the effect it may have had on any discussions of unbundling.

Unbundling was an idea in circulation during most of the antitrust
litigation. Part of what brought Microsoft into court was the company’s bundling of
Internet Explorer (and since then, its video package) into the core of
the Windows operating system. Microsoft vehemently insisted throughout the last
several years that unbundling Explorer, in particular, couldn’t be accomplished
without wrecking the integrity of the platform.

The state attorneys general could not help but notice when last
November Microsoft announced … an unbundled Windows! Marketed as a Linux killer, Microsoft newest iteration of its codebase was
called Windows
XP Embedded. To the holdout states’ way of looking at it, here were all the components that Microsoft asserted couldn’t be separated,
available at a price for developers who wanted to Windows enable their CD players
or cell phones.

It would be hard to imagine that in October, Microsoft senior management would not know about XP Embedded’s pending release in November. This why observers are curious about what was said at a “technical” meeting held October 5 between Microsoft and Justice officials.

Microsoft has failed to disclose the purpose of the meeting, but its representatives there were a who’s who of senior Microsoft managers most likely to be affected by any
unbundling and most likely to make a technical case for why the Microsoft code
elements couldn’t be separated. Accompanied by a person listed in Microsoft
documents as “Chad Knowlton,” were Linda Averett, the product unit manager for
the Windows Digital Media Platform division. Joining them was Michael
Wallent, the product unit manager for Internet Explorer, and Robert Short, vice
president for Windows Core Technology.

What they discussed has not been made public. Whatever they said
made an impression, as unbundling was taken off the table as a possible
remedy, even though it was the remedy that plaintiffs had asked for at the
beginning of litigation all these years ago. Litigators for the states are
understandably curious about just what exactly was said by these individuals. While
Microsoft is claiming that the issue is irrelevant to the plaintiffs’ original
complaints, others are curious about what is being covered up, and whether
Microsoft is about enmesh itself into further legal trouble.

NYLUG will meet Wednesday 20 February 2002 in the IBM building at 57th Street
and Madison Avenue. You must register in advance to attend, or have registered for an earlier NYLUG meeting in the IBM building. Particulars below in official
announcement.

Eating and drinking after the formal meeting is now at The Old Stand
at 914 Third Avenue, near 55th Street, on the Island of the Manahattoes.

Official NYLUG announcement below.

Jay Sulzberger, secretary@lxny.org
Corresponding Secretary LXNY
LXNY is New York’s Free Computing Organization
http://www.lxny.org

Speaker:

Terry Schmidt
of NYCwireless on
Wireless Public Networking

2/20/2002
Wednesday
6:30pm-8:00pm
IBM Headquarters Building
590 Madison Avenue at 57th Street

** RSVP Instructions**
Unless you have already rsvp’ed for a prior meeting, everyone needs to
rsvp to attend the meeting.
mailto: jgleason@nylug.org Subject: RSVP – NYLUG – FEB – your name
Check in with photo ID at the lobby for badge and room number.

Wireless Public Networking

Please join us for a presentation on wireless public networking.
Terry Schmidt, of NYCwireless will be speaking to us, to explain
the why of public networks, and how it’s done. We will also hear
about the current state of affairs of the NYCwireless network.

Currently using 802.11b, “Wi-Fi”, NYCwireless has 39 access points,
including parks, and has grown beyond the confines of the city limits
to include nodes on Long Island, Westchester, and New Jersey. Terry
Schmidt will discussing the technology and processes of creating and
using free public wireless networks. NYCwireless has done everything
from professional antennas to Pringles can antennas, from street
corners to public parks, Linux to NetBSD.

NYCwireless, which has a mailing list, provides resources and
assistance with creating public Internet space. Following the
September 11 attack, NYCwireless helped provide Internet access
to businesses whose normal access was down.

Whether you’re interested in the technical aspects, social aspects,
or both, you won’t want to miss this meeting!

http://nycwireless.net
http://lists.nycwireless.net/mailman/listinfo/nycwireless
http://www.nycwireless.net/resources.html
http://www.nycwireless.net/press/nytimes20011004.html
http://www.nycwireless.net/sponsors.html

About the speaker:

Terry Schmidt is co-founder of NYCwireless, which provides free
public wireless Internet access to the New York City community and
beyond. It seeks to build on the philosophies of Open Source and
Free Software and create a philosophy and application of Open
Networks.

NYCwireless is a volunteer group constructing a community owned
network of computers that share Internet access over radio
connections. Each access point is run independently by volunteers
with their own equipment. IEEE 802.11b wireless Ethernet provides
Internet access to mobile computers, PDAs and desktops without
connection cables.

Did you know?

Anthony Townsend and Terry Schmidt were featured in a CNN Moneyline
report about public WiFi networks? (MPEG and Real Media)
http://www.nycwireless.net/press/wireless.mpg
http://www.nycwireless.net/press/cnn.ram

NYLUG’s own Aaron Grogan is the NYCWireless Wireless Cloud SIG
leader. “CloudSIG’s mission is to build a wireless network backbone,
oftentimes called a wireless network cloud. A wireless cloud is like
an Internet backbone in many respects. Unlike conventional
backbones, however, the nodes in our backbone will connect through
user-owned and user-managed wireless links.” (NYC Wireless MAN
Cloud)
http://lists.nycwireless.net/mailman/listinfo/nycw-cloud

Why is this woman smiling?
http://nylug.madworx.com/images/monjayexpo.jpg

Another successful LinuxWorld Expo in New York, of course!

The NYLUG booth at LinuxWorld Expo was a resounding success thanks
to the hard work of all the volunteers. See expo photos:
http://nylug.org/pictures/index.shtml
http://unilug.org/expo0102.html
http://mycouponmagic.com/nylxs/Linuxworld_photos/linuxworldphotos.html
http://linuxart.com/photoview.phtml?sid=02jan30-lwce_day1&maxthumb=30

Thanks to everyone who participated!
http://www.linuxworldexpo.com

Stammtisch plug:
Have you been to stammtisch lately?

Free Stuff!
Swag of undetermined value and quantity will be distributed on a
first-come, first-served basis. Arrive early for the best pickins!

Keysignings
Immediately after the presentation and continuing at the Old Stand
pub, we will be gathering for a keysigning. So for those who have
keys already, please remember to bring hard-copy printouts of your
40-character key fingerprint. If you haven’t created a key yet, our
howto docs are posted here: http://www.nylug.org/keys

Stammtisch
And then after the meeting… Join us around 8:15pm or so at the
Old Stand, 914 3rd Ave. on the corner of 55th Street.
http://www.Irishpubguide.com/mid11.htm

Please see our home page at http://www.nylug.org for the HTMLized
version of this announcement, our archives, and a lot of other
good stuff.

Monthly Reminder!
Please read the NYLUG-Talk Posting Guidelines at:
http://www.nylug.org/mlistguide/

Special thanks to Ron Guerin for preparing this email announcement, the
web site meeting content, and for his tremendous efforts to organize the
volunteer army at LinuxWorld!

February 2002 – The New York Linux Users Group, NYLUG.org