– by Tina Gasperson –
IBM is announcing an Open Source project called SBLIM (Standards Based Linux Instrumentation for Manageability). This is a new thing for Big Blue — although the company participates in more than 40 Open Source software projects including Mozilla, PHP, and Apache, this is the first open, collaborative effort that it has ever initiated, says Sheila Harnett, the technical lead for IBM’s Linux Technology Center.
SBLIM, pronounced “sublime,” is an outgrowth and adjunct to WBEM, or Web-Based Enterprise Management, which is “a set of management and Internet standard technologies developed to unify the management of enterprise computing environments.”

“WBEM is a common way to access information that needs to be managed” in an enterprise setting, explains Harnett. “It’s a Web-based model to access standardized systems information.”

SBLIM contributors are working on “providers,” applications which will make a way, via the Linux operating system, for the information from various platforms that may reside in an enterprise, to be gathered, standardized, and placed in a data repository that can then be accessed by WBEM. SBLIM “providers” operate in conjunction with WBEM. “It doesn’t stand by itself,” says Harnett of the code that will come out of the project.

So far, contributors to the just-announced project have completed two “providers,” says Harnett, one for RPMs installed on a given system, and one to interpret filesystem/volume information. The project is self-hosted by IBM, using a modified SourceForge collaboration system, and is licensed under the Open Source Initiative-approved Common Public License. SBLIM’s project leader is Viktor Mihajlovski. IBM is hoping to build an active community around SBLIM, a project it calls “extensive.”

C developers interested in getting involved should visit the project site and subscribe to the developer list to find out how to get started.

Australian IT reports that an organisation led by former US president hopeful Ralph Nader is bringing accusations of deceptive advertising against a number of search engines for selling off its top matches to sponsors without disclosing the practice.

Kelly McNeill writes, “The arrest of the Russian computer security expert Dmitry Sklyarov, after he allegedly released a program to crack encrypted PDF files, has set a grim precedent in the field of independent security research. The publication of the security methods, and exposing the allegedly secure PDF files as easy to crack, have lead to a counterstrike by Adobe and a raid by the FBI. Sklyarov did not crack secret documents with his program; he only exposed the fact that Adobe’s PDF format is a flaky product. It is a sad fact that independent researchers who expose the flaws in digital products face the same treatment as infamous KGB spies.”

LinuxDevices.com takes a look at Isamu, a Humanoid robot. From the article: “Isamu stands 53 inches tall, weighs 121 pounds, and walks at over one mile per hour. Not only that, Isamu climbs up and down stairs, carries 4-pound objects in its hand-like grippers, and even recognises human faces via its dual-camera stero vision system. Oh, and Isamu has a “brain” that consists of a dual-Pentium computer running RTLinux.”

Debian Planet reports on the addition of another distribution of Linux. The Debian Multimedia Distribution is a variation of Debian intended for multimedia applications.

ZDNet reports on a nasty worm that has been attacking Windows 2000 English IIS servers. The Code Red Worm has hit an estimated 12,000 servers across the Internet and that number continues to climb.

– By Grant Gross –

Since we first reported on a couple of high-profile alternatives to parts of Microsoft’s .Net initiative, more Open Source/Free Software projects have come out of the woodwork.

This week’s LWN Weekly Edition details three other projects, including Piper, a peer-to-peer distributed workflow system.

One quiet project that has big goals is the Nareau project, which the site describes as “an Internet wide, peer-peer platform aimed at facilitating conversations and writing, automating and streamlining tasks, and at gaining control of one’s computing experience.”

The project’s front page eloquently describes the high-level vision for Nareau. “We play out our lives in different ‘Spaces’, doing different projects, enjoying different hobbies and
interests. We collaborate with others at work and at home. We spend time with friends and family. We move in different circles.

“We spend a large fraction of our time on computers, store and search for information on them, virtually converse with people we know (and don’t know). We email each other, we schedule meetings, we chat, we flirt. When we are not at a computer, we still want to access our stocks, update our calendars, and stay in touch, no matter where we are …

“But we still have to deal with clunky computers, applications that don’t interoperate, operating systems that crash and expect us to adapt to them. Our applications force us to do busywork repeatedly, are not customizable in meaningful ways, and have no ability to understand meaning from our interactions with them. We still need programmers to write applications and implement processes for us; software has not developed to the stage where we can put Lego blocks together as we need. And so, instead of working
smarter, we are working harder, leaving us with less time to talk, and play, and think, both online and offline.”

Project founder Rahul Dave uses words like the “Cloudserver,” an Apache and Jabber server with an authentication and authorization component, and the “Nareau Spacestation,” a Cloudserver with a Mozilla-based user interface, to describe the central pieces of the project. Checking out the project specs is a good place to get started.

Last year, Dave and friends started a company called Touva to create a Kerberos and authentication-based identity management system. “We folded with some trials, as there is no funding
for three unknown developers from Philly,” Dave says. “But we are going to use that
experience in this project.”

The crew created a group of Web services called Sunshine, which includes a one-size-doesn’t-fit-all identity management system. “Its
crux is also identity management, with Kerberos, and strong authentication
where required,” Dave says. “We are also implementing proxy authentication, consider
the situation where you want your Spacestation or Cloudserver to talk
to a calendar Web service on behalf of your instant messenger.
You need to give then a temporary or permanent proxy capability …

“The big difference with [Microsoft’s] Passport is that in this scenario, each user
will have an identity server on their desktop. This is a peer-peer system.
This means that users can control access to their objects, their
publishing, their spaces amongst a workgroup with no central intervention, as long
as they are willing to accept proof of identity from their co-workers.
The point here is, identity is not one size fits all, if you are
collaborating outside your company or transacting commerce you might want a more
verisign like PKI identity, or company credential, but in a small workgroup you
don’t care. So this is a way more realistic system in terms of being
used in a ubiquitous way.”

Nareau’s identity management system will also allow users to manage multiple identities, Dave says. “It should be patently clear that any one person is likely to want more than one,” he adds. “One at home, one with ISP, one with bank, one at work, one for porn. 🙂 Some users may even want an identity per device. The bank identity would need to be strongly authenticated, the porn one pseudonymous. Now, if you don’t give a user a tool to seamlessly manage these identities, forget it. So that’s the next unique part …”

Also unique to Nareau, compared to Microsoft’s .Net, Dave says, is Nareau’s “rules” and “glue,” the way different Web services provided by more companies than just Microsoft talk and work together.

“Consider a calendar interface, defined using an XML schema,” Dave says. “Different methods in this interface may actually be Web services at different providers, or even
local Java classes, or local apps communicating as nodes with the Spacestation …”

The Nareau project is still in early development, but Dave hopes to demo a prototype, with a calendar interface and a calendar Web service, and release the first version of the Cloudserver, with no Spacestation, in mid-October, and he plans to demonstrate part of the project at JabberCon in August. There’s a project development page, where developers are invited to join the project.

The project will be Open Source, with parts of it GPL, parts LGPL, and parts Mozilla Public License, Dave says. With a private, cross-platform model, Nareau will be superior to Microsoft’s Hailstorm/Passport initiatives, he adds.

“Hailstorm services are well thought out, and they have good mechanisms
for performance,” he says. “But Microsoft has a poor track record on security, and monopolistic practices, and I don’t trust them hosting anything. It’s better that multiple people host.”

kernel.org and your favorite mirror site should have it soon. Read on for the changelog:

Diff between 2.4.7pre6aa1 and 2.4.7pre8aa1 (besides moving on top
                 of 2.4.7pre8).

                 Only in 2.4.7pre8aa1/: 00_do_swap_page-fix-1

                         Account major faults for swapins. (from -ac)

                 Only in 2.4.7pre6aa1: 00_drop_async-io-get_bh-1
                 Only in 2.4.7pre8aa1/: 00_drop_async-io-get_bh-2

                         Rediffed for trivial reiserfs reject (reiserfs updates are included in
                         pre8).

                 Only in 2.4.7pre8aa1/: 00_ircomm-t39m-1

                         Fix for irda so that it works with my GPRS phone.

                 Only in 2.4.7pre6aa1: 00_lvm-0.9.1_beta7-4.bz2
                 Only in 2.4.7pre8aa1/: 00_lvm-0.9.1_beta7-5.bz2

                         Rediffed for trivial rejects about updates that
                         were just included into this patch.

                 Only in 2.4.7pre6aa1: 00_lvm-0.9.1_beta7-4_rwsem-fast-path-1
                 Only in 2.4.7pre8aa1/: 00_lvm-0.9.1_beta7-5_rwsem-fast-path-2

                         Rediffed so we solve snapshot hash lookups with the
                         read lock as well (low prio optimization). Also
                         #if 0 around the _pe_lock instead of any other fix,
                         since the pv_move with live writes going on the lv
                         is racy anyways in lvm beta7.

                 Only in 2.4.7pre6aa1: 00_rwsem-15
                 Only in 2.4.7pre8aa1/: 00_rwsem-16

                         Found a race in asm xchgadd algorithm, possibly mainline
                         could be affected too, will fix it and inspect mainline
                         ASAP.

                 Only in 2.4.7pre6aa1: 00_sched-yield-1

                         Merged in mainline.

                 Only in 2.4.7pre8aa1/: 00_via-quirks-1

                         VIA fixups from -ac.

                 Only in 2.4.7pre6aa1: 10_prefetch-1
                 Only in 2.4.7pre8aa1/: 10_prefetch-2

                         Rediffed for trivial rejects.

                 Only in 2.4.7pre6aa1/30_tux: 30_atomic-alloc-2
                 Only in 2.4.7pre8aa1/30_tux: 30_atomic-alloc-3

                         Rediffed for trivial rejects.

                 Only in 2.4.7pre8aa1/30_tux: 32_tux-uml-1

                         Moved the uml part of the -aa updates in the tux directory
                         since they are not needed when the tux patches are not applied.

                 Only in 2.4.7pre6aa1: 40_blkdev-pagecache-5
                 Only in 2.4.7pre8aa1/: 40_blkdev-pagecache-6

                         Default opens to O_LARGEFILE in blkdev_open so that mkreiserfs
                         doesn't need to be recompiled and we don't break
                         backwards compatibility (can be dropped in 2.5 if we want to).

                 Only in 2.4.7pre8aa1/: 41_blkdev-pagecache-5_drop_get_bh_async-1

                         When blkdev patch is applied in combination with the
                         00_drop_async-io-get_bh patch we must remeber to drop
                         the get_bh from the blkdev async_io too.

                 Only in 2.4.7pre6aa1: 51_uml-ac-to-aa-2.bz2
                 Only in 2.4.7pre8aa1/: 51_uml-ac-to-aa-3.bz2

                         Moved part of it in the tux directory so it can compile
                         without tux (in reality I got errno compilation error
                         but it's low prio and I'll sort it out later, Jeff Dike any
                         hint is welcome ;).

                 URL:

                         ftp://ftp.us.kernel.org/pub/linux/kernel/people/andrea/kernels/v2.4/2.4.7pre8aa1/ftp://ftp.us.kernel.org/pub/linux/kernel/people/andrea/kernels/v2.4/2.4.7pre8aa1.bz2

In a message posted at the Slackware Forum, David Cantrell delivers the news: “Here’s the last status update for the SPARC port of Slackware.

It’s officially off now. I want to thank everyone who helped, sent
in feedback, got some use out of it, and talked to me at the shows.
I enjoyed working on the port and wish I could continue it, but it’s
a fulltime job and I simply don’t have the time anymore.”

That fire sparked by a train derailment in a downtown Baltimore, MD tunnel on Wednesday forced the evacuation of a nearby baseball stadium, prompted authorities to urge local residents to avoid going outdoors, and is slowing down Internet traffic around the world. The fire brought down portions of MCI WorldCom’s UUNet backbone, creating sluggish access to Web and other Internet services hosted in the eastern United States. Brief at CNET’s News.com.