That’s the take, anyway, from a San Francisco Chronicle columnist. The future of Linux panel proved “democracy has no place in the business world.”

Network World Fusion has a story saying a
security consultant warns that a growing number of
servers running Microsoft’s Internet
Information Services are “afflicted with a back
door program making them vulnerable to
unauthorized control.

Some 27% of IIS sites tested in August have a
back door shell installed by worms such as
Code Red, Code Red II or sadmind/IIS.”

Commentary at ZDNet: “The proposed merger between Hewlett-Packard and Compaq takes two giant computer
companies and makes them into one even more giant computer company with a mathematical
market capitalization of $67 billion, and mathematical sales of $91 billion. But what sort of
company is it after the merger is done, and what sort of future does it have?”

eWeek’s Rumor Central site says LinuxWorld attendees were disappointed no company would fork out the “small fortune” IBM spent on its party at the last LinuxWorld in New York.

From PRNewswire: VMware, Inc., the global leader
in virtualization software for Intel computers, today announced the
availability of a Beta release of VMware Workstation 3.0, the latest
generation of its award-winning desktop software for technical professionals.
Workstation 3.0 delivers significant performance and usability improvements
over previous releases, dramatically expanding the utility and value of
virtualization software for desktop computers.

– by Tina Gasperson –
Some applicants are weary from waiting up to a year or more for action from the Open Source Initiative, which reviews and either approves or rejects submitted software licenses as officially Open Source. Critics say that OSI may make itself irrelevant if it doesn’t start making decisions faster.The Eiffel Forum License has been under consideration for certification for “well over a year,” according to Roger Browne, a project leader for the Eiffel Forum, a community of programmers who use the Eiffel language to create software.

The Eiffel Forum Archive is hosted at SourceForge, (a site that is owned by NewsForge’s corporate parent, VA Linux) which accepts projects that are released either with an OSI-certified license, or a license that would comply with the terms for OSI certification in the event that it has not yet made it through the review process.

Eiffel’s OpenGL SDK, also hosted on SourceForge, is released under the Eiffel Forum License, but shows up as Public Domain. There is no specific, browseable categorization of projects on SourceForge that are released under a license that has not yet been approved or rejected by OSI. The OSI-approved licenses listed on Sourceforge, and the OSI-approved licenses listed by the OSI itself, are identical.

But Browne says that if the OSI doesn’t clear its backlog, “OSI certification will become irrelevant, and SourceForge acceptance will become the preferred test for whether a license is Open Source.”

Browne was joined in his sentiments, posted on the license-discuss mailing list, by other complainants. “I’ve found three ways to get someone from the OSI to respond: provide specific suggestions on the website, and the webmaster will respond; make specific legal claims, and Larry [Rosen, OSI’s attorney] will respond; or get in a huff and Russ [Nelson, an OSI board member] will flame you. General discussion, pointedly asking the OSI for a response, etc. is insufficient,” said one list member.

In response to speculation that Rosen was making all the decisions for OSI behind the scenes, the OSI lawyer wrote, “I don’t make ANY of the decisions about approvals. I’m not on the OSI
board. I do advise the board, however.”

“Like other OSI volunteers, I have limited free time. I try my best as do
the board members. I’m sorry we’re not doing a very effective job yet
of approving licenses. For what its worth, my frustration level is also
high about that.”

Board member Russ Nelson says that people who are complaining should put forth more effort to help the board by fulfilling the purpose of the license-discuss list: to discuss the merits of submissions and offer suggestions to the board. “I submitted three licenses on 8/31 for
review to the license-discuss mailing list. Has anybody reviewed
them?” says Nelson in an email to NewsForge. “No. Not a word. Not one. Maybe I’m not being patient enough,
but still, you’d think that people who were bitching about our backlog
would be willing to stop bitching and put some effort into helping us
reduce it.

“So okay, my feeling is to write these folks off as whingers. My
opinion is subject to change, but first I want to see some discussion
about the submitted licenses.”

Members briefly bandied about a suggestion to form volunteer focus groups for each pending license; but there was no official public response from the OSI to the license-discuss list, and it seemed that was what the list was waiting for. “It always astounds me how many of the real world bureaucratic processes end up having equivalents in electronic/virtual world,” said Daniel MD, who submitted his license last month for review. “I think that an open license review system should be implemented. My guess is that with the implementation of volunteer focus groups, the backlog would be reduced to ZERO by the end of the year.

“I have two products that I wish to license under [the proposed ‘Daniel MD’ license],” he told NewsForge. “One is GIFF (Game Foundation Framework) and the other is an exokernel for possible use as a fast services/web server. I find myself in need of help, so I decided that, instead of hiring developers, I’d make the project open source and get some help from the community.”

The unofficial response to the license was along the lines of “put it away until you figure out what you really want to do” — but there was no official response from anyone on the board. Others mentioned that, with so many Open Source licenses approved already, new projects should make every effort to select an existing license instead of swamping the OSI with new requests.

The World Wide Web Consortium (W3C), the group founded by Tim Berners-Lee that develops standard protocols and design standards for the Web, submitted its W3C license to the OSI for approval back on January 4, 2000, and there has been no response to the request. Joseph Reagle of W3C resubmitted the license on August 31. List member David Johnson, who says he uses W3C-licensed software, thinks the OSI should “approve this license forthwith.”

“I would call
attention to the fact that this license is already approved by the Free
Software Foundation as being GPL compatible,” continues Johnson, “and suitable for the use in Free
Software projects. The text of the license itself is remarkably similar to
existing Open Source licenses. I have not found any phrase, clause or section
in this license that is contrary to the Open Source Definition.”

Another post in support of certification of the W3C license asked the board why it had not been listed. “Actions the W3C would apparently like to take — including hosting Amaya
on sourceforge.net — depend upon this approval, which has been pending
for over a year.

“Although I have no stake in this license, it seems it should be a
higher priority and easier decision than some of the other licenses
recently approved, since they actually need the approval to continue
with some of their plans,” wrote Matthew Weigel.

Nelson fired off this response:

“Why isn’t it listed? Because it’s not approved.
Why isn’t it approved? Because we got hideously backlogged.
Why did we get backlogged? Because approving licenses is a lot of
work, and we’re all working on open source with just as much on
our TODO lists as anybody else in the field, if not more.
So now what? We changed the license submittal procedure to take some
of the work off of our shoulders and put it on those of the people
submitting licenses. This has the beneficial effect of making it
harder to create Yet Another open source license.”

M. Drew Streib, who says he was part of the “original decision to require projects to be licenses under an OSI-approved license” for SourceForge, provided some perspective from the other side to the list:

“Of course, we ran into projects that wanted to use licenses that met the
definition but weren’t yet approved, and ones that ‘almost’ met the
definition, but didn’t or couldn’t for one reason for another. We
began the practice of looking at these on a case-by-case basis for
good faith, sticking to the OSI definition for about all of these cases.

“I’d like to note that there are sort of three categories of licenses that
we care about:
* Ones that are OSI approved
* Ones that meet the OSI definition (and DFSG/FSG for that matter)
* Ones that don’t, and won’t

“The first two are acceptable. One doesn’t have to be ‘OSI-approved’ to
meet the definition, and I personally believe that the approval isn’t
a completely necessary step to feel good about a license under which
you have released software, although it is great validation.

“We do _not_ intend to be a validation for ‘Open Source’, but are rather
trying to apply strict guidelines for projects hosted on SourceForge.net.”

Recently there had been some questions on the list about the infrequency of updates to the OSI Web site, which lists the currently approved Open Source licenses. Members pointed out that a few licenses which had been approved for several weeks had not shown up on the site yet, such as the IBM Common Public License. Since then, OSI has brought the Web site current.

Newsbytes reports on the development of two new worms that have been designed to stop the headache-inducing Code Red in its tracks. First is CodeGreen, which scans the Internet for afflicted servers and attempts to download and apply patches and close back doors left by Code Red. Next is CRclean, a “passively spreading worm” according to its creator, which only targets systems that first attack a machine running CRclean.

From humor site Segfault: “Hewlett-Packard announced today, in the shadow of its recent $25B purchase of Compaq, that it will purchase Atari for $2M in
stock in a bold move to increase employee morale. Bruce Perens, HP Senior Strategist and open source advocate, points out that “This acquisition also opens the door for HP to
become a leader in the growing home console market. For the first time, HP has a viable competitor to the closed source X-Box
platform.””

From Newsbytes: “India’s first police station working exclusively on cyber crimes such as computer hacking, data damage and Internet fraud will
officially start functioning on Sep.15.

The police station, based in India’s Silicon Valley, Bangalore, is already operational and covers the entire southern Indian state of
Karnataka.”

The bird is coming of age. It’s long awaited flying abilities are
lurking within trembling and not fully feathered wings. It had been
maturing and growing with steady pace and it’s parents feel that the day
when it will take the plunge is drawing nearer………enough fiction –
let’s get down to the real stuff:

The bird lives at:

ftp://ftp.gnome.org/pub/GNOME/stable/betas/gnome-1.4.1beta2/ftp://ftp.gnome.org/pub/GNOME/stable/betas/gnome-fifth-toe-1.4.1beta2/

New in this release:

Core components:

GConf-1.0.4:

- fixes to installation / build
- make less noise in the logs

bug-buddy-2.0.8

- display stack traces for all running threads in a threaded application
like nautilus or evolution

audiofile-0.2.2

- added support for the IRCAM file format.
- added support for floating-point audio data in AIFF-C and WAVE files.
- improved support for compressed audio data in AIFF-C, WAVE, and
NeXT/Sun .snd/.au files.

bonobo-1.0.8

- robustness fixes
- profiling and acceleration work resulting in a faster monkey
- fixes to build and portability

gdm-2.2.4.1

- security fixes
- usability improvements
- flexible servers - letting people log in to several sessions at once
- new unix socket protocol for controlling the daemon from the outside
- lots of stability / robustness work

gnome-applets-1.4.0.4

- fix corruption of stock symbols in the stock ticker
- bugfixes in mini-commander
- fall back to PCM if there's no master volume in the mixer
- removed non-working timezone selection in asclock

gnome-libs-1.4.1.1

- portability fixes
- fix stuck grabs with dnd on the canvas
- fix bad memory corrupting bugs that should fix most theme related
crashes reported earlier
- i18n fixes
- memory leak fixes
- gnome-calculator can expand buttons vertically
- build fixes
- developer documentation for libart_lgpl
- fix crashes and memory problems in libart_lgpl

libxml-1.8.15

- fix a bug in the parser which caused problems with escaped values

oaf-0.6.6

- fixes to avoid multiple oafd's running
- error reporting fixes
- build fixes
- robustness improvements

xalf-0.12

- include the latest version not some ancient relic


Fifth toe (extra apps)

abiword-0.9.2

- WordPerfect importer
- XHTML export fixes
- lots of build fixes
- better .doc importer
- styles for win32
- lots of bugfixes

anjuta-0.1.7

- lots of bugfixes
- i18n fixes
- context sensitive help (needs devhelp package)
- class browser and file browser added in the project manager

balsa-1.2.pre3

- too many improvements to mention all here, IMAP, ESMTP, SSL, LDIF,
LDAP are just a few hints

gal-0.11.2

- lots of i18n fixes
- many other improvements to all widgets

gtkhtml-0.12

- lots of bugfixes

galeon-0.12

- lots of bugfixes
- java console
- compatible with mozilla-0.9.3
- can save images, stylesheets, javascript
- robustness improvements
- improved protocol handling

gnomoku-1.2

- small improvements

gnucash-1.6.2

- SQL backend performance improvements
- bug fixes

gnome-db-0.2.90, libgda-0.2.90, gASQL-0.2.90

- libgda is now based in Bonobo
- fixes in the MySQL provider
- improved Oracle provider
- support for viewing more objects in the database browser
- perl bindings
- export databases

mc-4.5.55

- portability fixes
- general improvements and bugfixes

pan-0.10

- lots of i18n fixes
- don't crash on empty .newsrc files
- more robustness issues fixed
- threading improvements
- new rules tool
- improved charset support when posting messages


This is by no means a complete list. All packages have had translations
updated and the same goes for many of the docs included. Please refer to
the packages' web pages, NEWS files of ChangeLog's for more detail

Give this one a real bashing and report all bugs in the right places.
The core components should all have corresponding products in
http://bugzilla.gnome.org/ - but many of these packages have their homes
elsewhere. Some in http://bugzilla.ximian.com/ some on sourceforge.net
and so on. Please don't file bugreports in the wrong bugsystem because
this creates more work for the people handling these and last but not
least it's entirely possible that your bugreport will be ignored when it
doesn't reach the right channel. All packages should have documents
explaining how to get in touch with the developers.

Thanks in advance
Kjartan Maraas