Slashdot readers discuss a press release saying Yellow Dog Linux for the Power PPC has a new version out.

eWeek reports on Free Software guru Richard Stallman’s talk at New York University today. “They [Microsoft] don’t want people to think about freedom as an issue. They want people to think as consumers … not as citizens or statesmen.”

– By Grant Gross –

A shell server for popular Open Source project hosting site SourceForge is back on line after a security breach a week ago, caused by a staff member logging in from a compromised Internet service provider.

SourceForge.net, which estimates it hosts about a third of all Open Source projects, fell victim to a cracker who gained root access to the site’s shell server May 22, says Patrick McGovern, site director. But the site’s staff noticed the breach that same day, and the only damage was the time and effort needed to fix the problem, which left the shell server off line for nearly a week, McGovern says.

SourceForge staff emailed about 2,200 users who accessed the shell server for several hours surrounding the time of the security hole and asked them to change their passwords. Slashdot posted a copy of the letter SourceForge sent to those users.

McGovern says he’s confident the problem has been corrected, but if users are concerned their accounts have been compromised, or have other security questions, they should email support@sourceforge.net.

“We’ve checked everything out, made sure things were OK, and cleaned up the system,” McGovern says. “On SourceForge, security is a very high priority for us. We wanted to make sure we were active and letting our users know what was going on.”

The site itself wasn’t off line during the repairs of the shell server, and users were still able to get to their project information through Web browsers. While there was potential for damage while the cracker had root access, the SourceForge team didn’t find damage beyond the initial security compromise, McGovern says.

“We just wanted to be extra careful and do the right thing to make sure there was no chance that any additional compromise would happen,” he adds. “We were able to shut [the cracker] down pretty quickly.”

The breach happened when one of the members of SourceForge’s staff used an Internet service provider that had been compromised and logged into the shell server from that machine, using the same password. “There was no inherent problem with the infrastructure of the site, other than a password issue that was hacked,” McGovern says.

SourceForge, which like NewsForge is part of the Open Source Development Network, has more than 180,000 registered users and hosts more than 21,000 Open Source projects.

Anonymous Reader writes, “This story at
linuxdevices.com reports on Linux at the recent Battlebots competition
in San Francisco (this past weekend). Well, actually, Linux didn’t
quite make it into battle. 🙁 According to the article, ‘Dallas based ‘Team TuxBot’ went to the recent BattleBots competiton in San Francisco with high hopes of being one of the first — if not the first — competitor in the popular rough-and-tough gladiator-style robotic event to boast Linux-based embedded intelligence. While the rolling trapezoidal ‘bot fought well — and carried its Linux colors into battle — it did so without the benefit of its MZ104-based embedded Linux computer, due to safety regulations that the design doesn’t currently meet …’ The article includes a couple of cool pictures of TuxBot.”

Joe Barr writes “If you’re ever confused by, or mixed up the terms, “open source” and “free sofware,” this is for you. It’s a primer on the topic of what they are, how they are alike, and how they are different. So if you’ve heard of the GPL, but are not exactly sure what it is or what it does, this is for you. Armed with what you learn here, you will be much less vulnerable to the veritable barrage of FUD that the Redmondian Empire is hurling at the whole open source/free software world.” Story at ITworld.com.

SecurityFocus: “A single misconfigured server exposed broadband provider Excite@Home’s internal corporate network
to hackers for at least three months, making its customer list of 2.95 million cable modem subscribers
accessible to anyone with a web browser and a modicum of cyber smarts, SecurityFocus has learned.”

PR Newswire: “Borland Software Corporation (Nasdaq: BORL), a leader in e-business
implementation platforms, today announced a 90-day limited time offer to
purchase the Desktop edition of Borland(R) Kylix(TM), its award-winning
Linux(R) application development product, for US$199. Timed with the launch
of “Kylix-Compatible” Borland(R) Delphi(TM) 6, the promotion is designed to
address the demand for Windows(R)/Linux cross-platform application development
and deployment. The promotion is also expected to rapidly generate a
significant increase in the availability of Linux desktop applications. This
offer expires August 23, 2001, unless extended by Borland in its sole
discretion.”

Wall Street Journal (via ZDNet): “The Gnutella file-sharing system is growing faster than was believed technically
possible, thanks to work by programmers, suggesting the software may become a
permanent part of the Internet landscape as well as a continuing headache for
copyright holders.”

Wall Street Journal (via ZDNet): “The Gnutella file-sharing system is growing faster than was believed technically
possible, thanks to work by programmers, suggesting the software may become a
permanent part of the Internet landscape as well as a continuing headache for
copyright holders.”

The Register reports: “Sun Microsystems has told it employees NOT to use the Internet in an effort to
shave a few dollars off its phone bill and thereby make its annual results look a bit
better.”