The Register: “The infamous Unicode IIS Web server exploit can also be used as a denial of
service attack tool.

Gray hat hacker Big Poop has published a site on the Internet explaining how the
Unicode bug, which permits the execution of commands on a Web server, can be
used to tie up system resources so that legitimate users can’t access a site – a
classic DoS attack technique.”

The downloadable version of SuSE Linux 7.2 for i386 will soon be available on mirrors everywhere, if it isn’t there already. On ftp.suse.com, it can be found in /pub/suse/i386/7.2. Read on for a list of mirror sites.In a message posted to Linux Today, Daniel Bischof confirmed that the following mirror sites have the 7.2 distribution:

Europe:
                 ftp://ftp.gwdg.de/pub/linux/suse/7.2/
                 http://gd.tuwien.ac.at/linux/suse/suse.com/i386/7.2/
                 ftp://ftp.funet.fi/pub/Linux/mirrors/suse/ftp.suse.com/suse/i386/7.2/
                 ftp://sunsite.cnlab-switch.ch/mirror/SuSE/suse/i386/7.2/
                 ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/suse/i386/7.2/

                 America:
                 ftp://download.sourceforge.net/pub/mirrors/suse/suse/i386/7.2/ (soon)
                 ftp://herbie.ucs.indiana.edu/linux/suse/suse/i386/7.2/

                 Asia:
                 ftp://openbazaar.net/SuSE/i386/7.2/

“This new generation of the Qt application development framework
contains many new features, improvements and extensions. It also
includes a significantly improved Qt Designer, and introduces Qt
Linguist, Qt Assistant and a new multi-platform build tool, qmake.

The Qt API is very unlikely to undergo any significant changes before
the final release is made, so we encourage you to begin enjoying Qt
3.0 right now.” Check out Trolltech’s announcement for more information.

In an “unofficial but validated” message posted at Linux Today, Caldera’s OpenLinux Workstation product manager Dean Zimmerman writes: “You might be interested to learn that we are planning to have the ISO
images (That’s the CD-ROM images) of the OpenLinux Workstation and
OpenLinux Server products available for free download. The images
will be available off the Caldera Web Store, and will be freely
available as a free download on a single user, non-commercial
license.” Look for the downloads sometime next week.

(Editor’s note: The following is an email message from Eric S. Raymond, sent to several news organizations today.)

A Microsoft drone writes: “We are sincerely concerned about the GPL,
and its impacts upon the ecology of the developer community.” The gravamen of Microsoft’s argument against the GPL is that it is
“viral”; that it can somewhow infect other peoples’ software,
effectively nullifying their intellectual-property rights and removing
their ability to profit from their work.

This charge is full of logical and factual errors.  It confuses three
different issues: mere use of software, aggregation of software, and
derivation of software.  The best possible ilustration of its falsity
and fundamental hypocrisy is that Microsoft has been shipping GPLed
software aggregated with its Interix (aka OpenNT) product for years.
Because the Interix software is not a derivative work of the GPLed
code they ship with it, not a single line of Microsoft code has ever
been "infected" by the allegedly "viral" GPL.

But the most interesting irony here comes from considering the terms
of Microsoft's so-called "shared source" program.  Microsoft assures
us that its shared-source program will be deliberately constructed so
that Microsoft retains all intellectual-property rights in the code it
allows developers to see.

What does this mean?  Well...suppose you are a developer.  You
register with Microsoft to get access to "shared source", or you work
at a development shop that registers (giving you presumptive access
to Microsoft's source code).  

Congratulations.  Your brain is now infected with the "I have seen 
shared source" virus.  Are you prepared to bet your career, or your
company's existence, that Microsoft will never sue if you write
code that (a) behaviorally resembles a Microsoft product, (b) competes
with a Microsoft product, or (c) clashes with the color of Bill
Gates's underwear this week?

Bear in mind that Microsoft doesn't have to win such a lawsuit.  It
doesn't even have to overtly threaten one.  The mere threat of the
threat of being sued by a multibillion-dollar company is enough to
scare the bejezus out of any entrepreneur or corporate legal
department, and more than enough to exert a massive chilling effect
on software-industry competition.  How convenient for Microsoft!

`Shared source' is the ultimate virus.  The GPL, which leaves your
brain alone and can't "infect" your code unless you deliberately
shoose to incorporate GPLed code or link to it, is an innocent
symbiote by comparison.  It actually protects you, because it
guarantees your right to redistribute and re-use the code you see.

So...who is "viral" now?

An informative (and very in-depth) article from Bill Ball at 8wire.com explains how to setup DSL on your local Linux box.

The teaser on this article at Silicon.com asks: “Are the penguins coming home to roost for Bill?” It seems that the Ford Motor Company’s European operation is planning to flush Microsoft from its desktops in favor of an Open Source model. Richard Thwaite, Ford Europe’s head IT guy, told the reporter than an Open Source operating system was the goal for his 33,000 desktops.

– By Grant Gross –

Paul Nelson has a message for cash-strapped schools: Why pay $20,000-plus for a Windows computer lab when you can have a super-fast Linux terminal-powered network for a third of the cost?

K12LTSP, or the K-12 Linux Terminal Server Project in longhand, is releasing the 1.0 version of its school network package on July 4, U.S. Independence Day, and the date is no coincidence, says Nelson, technology coordinator at the Riverdale School District in Portland, Ore.

K12LTSP, an offshoot of the Linux Terminal Server Project is an auto-install Red Hat-based terminal server package. The terminal server can run dozens of outdated PCs, Internet appliances, or cheap, diskless workstations that are “immune to viruses and mischievous student tampering,” according to the project’s recent press release. The controlling terminal runs a variety of software, including Sun’s StarOffice suite, the Netscape browser, the AbiWord word processor, and the Gimp graphics and photo editing package.

“[K12LTSP] frees us up from maintaining the machines,” says Nelson, explaining why the 1.0 version will be released on U.S. Independence Day. “It frees us from the hassle of installing and updating software … The teachers are then freed up to be doing the things they’re supposed to be doing.”

To celebrate the July 4 release, the project is giving away more than 1,000 Xeon and Celeron processors to schools needing help building servers and workstations. The processors are donated by Intel through the Students Recycling Used Technology program. Go to www.k12ltsp.org/application.htm for information on the free CPUs . For those of you in the Portland area, there’s also an open house July 4, from 9 to 11 a.m. Here’s the directions to the Riverdale School.

Nelson recently priced the cost of setting up a 20-machine computer lab, comparing the cost running Windows 98 and running K12LTSP. The terminal server, running a speedy Intel Xeon processor, cost about $2,000, and the stripped-down, no memory, no-CPU workstations each cost about $200, for a total of $6,000 for the whole lab, not counting monitors. Or if they want, schools can use their old PCs with tiny hard drives and pokey processors to connect to the terminal.

Windows 98 computers running at a comparable speed would cost $800 each, and another $200-plus for software such as Photoshop and Office 2000, Nelson says, for a total of $20,000. A file server would be extra.

Nelson has an answer for those critics who’ll say students are missing out by not using the industry standard Microsoft Windows. Students don’t often use computers to play the little educational games available on Windows; they use computers the same way adults do –to send email, to research with a browser, to create presentations. All those functions are available in Linux, and running a Linux machine isn’t a lot different than running a Windows machine these days, he says.

“It might be four or five years until the students get out into the real world, and by then, who knows what they’ll see,” he responds to Windows advocates. “We’re starting to see Linux on more and more university desktops. More realistically, most of the applications they’re running are generic. They’re running Netscape, they’re running StarOffice, and the interface is similar to what they’d find in any other software package. You point and click, and run the application.”

Nelson does admit his school still uses Windows for desktop publishing.

“We’re not selling it as 100 percent of the school’s needs, but I’m sure it’s a good 95 percent,” Nelson says. “The fact that it’s so reliable and so easy maintained … we have 23 workstations distributed out to classrooms, and we had 100 percent up time all year long. If the system is down, teachers sure aren’t going to base their lessons on it. [With Windows], people aren’t used to having 128 days of up time.

“One of the comments from the kids in the classroom has been, ‘At least the Linux computers are working.’ “

In addition to the advantage of Linux’s legendary uptime, the K12LTSP project has added to Jim McQuillan’s Linux Terminal Server Project by changing the menu system on a Red Hat 7.1 installation to include a terminal server option. It’s an enhanced Red Hat install, so users can take advantage of Red Hat services, if they wish.

The result is a simple install of the LTSP packages. “Our goal was to have it be a turn-key server appliance,” Nelson says. “The only thing you have to type in to make this thing work is your password. If you click ‘terminal server,’ and let it auto-format your hard drive, you type in a password, and you’re done 15 minutes later.”

People seeing a demonstration are surprised at the ease of install, even compared to the hours it takes to set up a Windows 2000 terminal server, Nelson says. “For someone in a school who maybe wants to try Linux out for the first time, this has got to be the easier install they could ever do.”

Nelson would still like to make the setup even easier — right now, it’s simple if you’re using identical hardware, but you have to “hand-roll” configurations if you’re using more than one brand of workstation. “What we’d like to see is have it probe the sound card and that kind of stuff, so the end user doesn’t have to mess with it,” he adds. “If you use identical hardware, it’s real easy to take the install and use the default, but I know schools; they don’t have money. If they can use their old stuff, they’ll do that.”

The project started in the Portland Linux Unix Group, which was hosting a regular Linux install fest at Nelson’s school. The group started writing how-tos for other schools to use Linux, and two years ago, the “software had come far enough along to use on a school desktop,” Nelson says.

Nelson’s school had been experimenting with regular Linux desktop machines, but found that the LTSP better fit their needs. “[LTSP] runs everything on the server, and we have these really fast servers with these Xeon processors, so the workstations ended up running two to three times faster than what we were able to do,” Nelson says.

A half dozen schools have been testing a working version of K12LTSP for the last year, and the package is getting good reviews. More than 80 schools are looking into K12LTSP, Nelson says.

Jeffrey Elkner, of Yorktown High School in Arlington, Va., tells the project that a 15-PC network cost less than $6,500 to set up, including a dual Xeon 733 Mhz server with 1.5 gigs of RAM. “We were using stand alone Linux machines already, so the only adjustment for the students was getting used to having things load so much faster!” he told the K12LTSP project.

One school in California is running 150 terminals with five servers, and other schools have experimented with low-cost mini servers running five computers in a classroom, for the cost of two regular computers.

Nelson says the project is even attracting attention beyond schools. At least one corporation he knows of is considering the K12LTSP set-up for its corporate network, and he thinks it would be a natural fit for networks at public agencies. “If you’re a public agency and you want to establish credibility with taxpayers, why are you spending money on software when you don’t need to? Because of Open Source software, we’re to the point where public agencies are going to be called to task to explain, ‘why did you spend millions of dollars for this product?’ “

The project leaders are hoping a larger company will pick up the project and offer support for it. “We all have jobs,” Nelson says. “Our goal is we don’t want to be the maintainers; now we are because we’re using it and having fun with it. If we’ve proven the concept, other people will come along and do it.”

From the O’Reilly Network Mac Devcenter: “In an in-depth Mac programming article, O’Reilly Network’s Cocoa columnist
Mike Beam takes a look at the two classes that make up the majority of
Cocoa’s string-handling ability, and includes a peek at various ways to
create strings.”

In this week’s edition of links and news of interest to the Tcl user/developer communities: “Compiling Tcl with the free Borland C++ 5.5 compiler”, “Iain B. Findleton offers a Tcl binding to the Fast Light Toolkit (fltk)”, and the announcement of a Web-based general purpose help desk application. Posted at Linux Weekly News.