Posted at LinuxSecurity.com: “This week, perhaps the most interesting articles include “OpenSSH key management, Part 2,” “An
Introduction to OpenSSL, Part Two: Cryptographic Functions Continued,” and “Remote Monitoring.”
Also this week, if you have not read about Echelon, there are two good articles in the general section
of this newsletter.”

“Many developers use the excellent OpenSSH as a secure, encrypted replacement for the venerable
telnet and rsh commands. One of OpenSSH’s more intriguing features is its ability to authenticate users using
the RSA and DSA authentication protocols, which are based upon a pair of complementary numerical “keys”.
One of the main appeals of RSA and DSA authentication is the promise of being able to establish connections
to remote systems without supplying a password. In this second article, Daniel [Robbins] introduces ssh-agent (a
private key cache) and keychain, a special bash script designed to make key-based authentication
incredibly convenient and flexible.” Read the article at IBM developerWorks.

– By Grant Gross –

One of the lingering questions since Hewlett-Packard announced a week ago that it plans to buy rival Compaq for $25 billion has been: What happens to Open Source projects that Compaq has participated in? HP’s answer so far: It’s too early to say.

Although you have to dig for it, Compaq lists several Open Source projects it supports on its Linux@Compaq Web pages. Among the Open Source projects Compaq lists as supporting are a handful of driver projects, the Open Source Database Benchmark project, Single System Image Clusters for Linux, and Solaris-compatible Thread Library. Most of those projects, hosted at SourceForge.net, have about a half dozen developers working on each of them.

HP has its own list of Open Source projects supported, including SAMBA, Apache, and Squid. In December, HP hired prominent Open Source advocate Bruce Perens as a strategic advisor of the company’s Open Source initiatives. Perens was unavailable to comment on this story.

But Dave Berman, manager of corporate/HP Labs media relations, hints that the merging companies have more to worry about right now. “It’s really premature to discuss what happens with Compaq open source projects once the merger is complete,” he writes, in response to a question from NewsForge. “The merger has just been announced and we expect it to close in the first half of next year.”

Avatar writes: “E3D has a little teaser up for a project we have been watching. The.Vertex.Project has preliminary web page
up, but no details. So what is it? Well, that wouldn’t be any fun now
would it? Instead, we are holding a contest to see who can guess just what it is all about. The
winner will be awarded a copy of Tribes 2, Soldier of Fortune, and Shogo:MAD,
all which are for Linux. So, take a look at the page and make you guess
here. A drawing from all the winning entries will be done on 21st of this month.”

Anonymous Reader writes: “It has only been about a month. That’s when a bipartisan bill introduced in the House of Representatives by Chris Cannon and Rick Boucher was introduced to free up the air surrounding Online music. Now a new bill has been introduced in the Senate by Senator Fritz Hollings that does the opposite, looking to further restrict “Fair Use” rights of consumers by forcing all electronic devices and PCs to include embedded copyright restriction technology.

http://www.mp3newswire.net/stories/2001/sssca.html“

Wired: “Microsoft’s Xbox gaming console will be released just in time for the holidays. But it will probably be impossible to get one unless it is pre-ordered. Retailers are taking advance orders, but Microsoft is forcing customers to also pay hundreds of dollars for extra games and hardware.”

CNET: “Known as DivX, the technology has until now has been most closely associated with growing piracy of Hollywood
movies on the Internet. But DivXNetworks, the company behind the format, is determined to put its bootleg past
behind it and become a viable purveyor of legal downloads and full-blown video-on-demand services.

That ambitious goal inched a step closer to reality last week when alternative film distributor Strand Releasing said it
had licensed the DivX Open Video System, becoming the first commercial partner to use its video-compression format
for secure DivX downloads.”

The Register: “In an email circulated to Bluetooth SIG members, Maloney now explains: “Unfortunately, the reporter
did not grasp that I was addressing a common mis-perception [sic] that the Bluetooth specification
competes with 802.11b as a wireless networking technology (Bluetooth wireless is not a WLAN). Intel
believes the Bluetooth specification and 802.11b are complementary technologies that address
different wireless needs and will coexist in many environments).”

Computer News Daily: “For more than 60 years, the revered ideology of HP’s late founders, William Hewlett and David
Packard, was the management mantra that helped define Silicon Valley. But like the Bible, the
philosophy that stresses treating employees like one happy family has been subject to conflicting
interpretations.”

Michael Robinson writes: “On September 7, Lutris pulled their support for Enterprise Enhydra, citing Sun Microsystems’
refusal to accomodate an Open Source license for J2EE. An announcement at the site states: ‘We attempted for
more than a year to get an Open Source compatible license for
J2EE but have not been successful in this regard. While others
in the Open Source community may find violating the J2EE license
an acceptable risk, as a company Lutris has a responsibility to
protect its assets. We hope you understand the difficulty we
had in coming to this conclusion.’ This is unfortunate, but should not come as much of a surprise in
light of Sun’s historical ambivalence toward the Open Source
community.”