Tuesday, May 22nd, 2001 from the home of Wayne’s World, Aurora IL. Tonight LIVE on
www.thelinuxshow.com –
At 6pm pt, 7pm mt, 8pm ct, and 9pm et…. Kevin Hill, Jeff Gerhardt, PJ
Hyett, Doc Searls(Linux Journal), and Arne Flones have what looks to be a fun show lined up tonight on The Linux Show!! (and yes the Loki tribes server is up and running)
In Segment One – Hot News: We will be covering the hot Linux news of
the week. In particular, we will talk about the troubles at Eazel and Linux Mandrake.

In Segments Two- “Is there a Linux Glass Ceiling”- Revisited
On last weeks show we discussed the Linux Glass Ceiling, motivated by the announcement May 9th that GirlGeeks® would Partner with LinuxCertified to Provide Key Linux skills to Women IT Professionals. It occurred to us last week to ask “why is this gender specific program needed?”
We will be joined by Viktorie Navratilova, for a follow up of last weeks show and will discuss some of the posts at Linux Today and some of the email we got about the segment.

Viktorie Navratilova is a well known Linux advocate, lug member and author of a series of very well received articles on Linux for The Chicago Tribune.

In Segments Three- The TLS/Cylant Hack & Crack Challenge
we will be by John C. Munson, PhD and CEO of Cylant Technology, Inc. of Bend, Oregon. we will discuss the effectiveness of their technology and put it to the test by offering a TLS HACK & CRACK CHALLENGE to all member of the IT community. This is an opportunity for you would-be security experts out there on the internet to show us your stuff. Cylant has placed a challenge server (http://victim.cylant.com) at our disposal on the Internet running a very vulnerable (un-patched) version of RedHat 6.2. In spite of the fragile nature of this system, Cylant claims they are able to protect it from the most vigorous of attacks.

Cylant has had problems communicating the focus of their technology with folks in the security community, and how it is something very different from anything that they have seen before. Cylant has developed a measurement based engineering solution to monitor software/server misuse. It is Cylants position that if a piece software is suitably instrumented and you monitor its activity while it is running, you can identify when the software is doing something different. It is a very simple principle and it seems to work well enough. Well we will find out won’t we.

The TLS Hack Challenge starts at 6:00pm ct on Tuesday Night. That will give people a full 2 hours to try to break the server before show time starts. The prizes we are giving for breaking the server are pretty cool. There is only going to be one winner, with that winner taking all the prizes. The prizes include one of those very cool inflatable penguin chairs furnished by The Linux Journal, a 4 pack of Guinness (in cans), the actual “victim.cylant.com” machine, a very cool certificate stating you are the person who hacked the server, and the winner will get to be a guest on the following weeks show and get the opportunity to brag about their prowess as a system cracker.

The rules are simple, check out http://victim.cylant.com for details. The FIRST person who breaks or hacks the server, emails the Linux show (or Cylant)and shows us proof of the hack wins the contest.

Other opinions are welcome at GeekCast. If you would like to join
us on the show, check our IRC Chat
(irc.thelinuxshow.com #linuxshow).

Remember tune in at 6pm pt, 7pm mt, 8pm ct, and 9pm et.
Catch the Linux show at
www.thelinuxshow.com

Posted at Linux Weekly News: “The KDE Project today announced the release of KOffice 1.1beta2. KOffice is
an integrated office suite for KDE which utilizes open standards for
component communication and component embedding. The primary goals of this
release, which comes 4 weeks after the release of KOffice 1.1beta1, are to
provide a preview of KOffice 1.1 and to involve users who wish to request
missing features or report problems. Code development is currently focused on
stabilizing KOffice 1.1, scheduled for final release this summer.”

From an AP story at ABC News: “Staff shortages and vacancies in key
positions kept a government anti-computer crime unit from alerting the
public to dangerous computer viruses until the damage already was done,
according to a report released today.”

– by Robin “Roblimo” Miller
Here’s a NewsForge exclusive email interview with MandrakeSoft CEO Jacques Le Marois about what has been going on in the company recently, and where Mandrake hopes to go in the future. The
format is loose; Jacques wrote his own answers without help from
PR people. He is speaking straight from the heart here, with the passion
and honesty you’d expect from someone who once helped throw a nationwide “Linux Party” for thousands of people in 35 cities.

NF: Is Mandrake going to strictly focus on the desktop again?

JACQUES: In fact we are currently increasing our presence in the server side with
MandrakeSecurity (firewall product) and [a] couple of other new
projects. We are doing the same stuff to improve the ease of use of Linux that we did for the desktop, but for the server side, and we are working with major players like IBM, HP and Compaq on certification and OEM deals.

NF: It looks like MandrakeCampus and MandrakeExpert have disappeared from
the main Linux-Mandrake Web site. Are you going to keep these services as MandrakeSoft moves back to its original Linux distribution focus?

JACQUES: MandrakeCampus and MandrakeExpert have not disappeared at all: All the
links are still there, both on linux-mandrake.com and mandrakesoft.com.

[Recently departed CEO] Henri Poole’s vision was to focus the company towards the development
of e-services (e-learning, e-support). In Henri’s vision, the idea
was to build e-services with no specificity about Linux. Founders and
shareholders disagreed with this strategy and prefer to refocus the
company around the original vision, which consists of building a solid
business around Linux-Mandrake.

We continue to develop MandrakeCampus as a training service for our
users, not as a business target for the company. Concerning
MandrakeExpert: It continues to be developed as a support platform for
the Linux-Mandrake users, not as a general e-support platform. An
optional tipping and paying subscription system will shortly be
introduced to enable users to get high-quality support very quickly.

We are going back to what has made us successful: providing easy-to-use
Linux systems and many services around them which include e-learning and
e-support. The new thing on that side is that now we also strongly
target server users, not only home users. A solid heart with a sexy
face. That’s what Mandrake OS is about.

NF: Do you believe MandrakeSoft — or anyone else — can turn a profit
purely from selling and supporting a Linux distribution?

JACQUES: Few people are aware of the following fact: that the first Mandrakesoft
exercise was profitable. At the time, we were reproached [for] that fact!

The truth is that Mandrakesoft is currently profitable on the Linux
distribution business itself. Our revenues pay the team that does the
Linux distribution. The rest of the company is not yet profitable but
it’s the future of our revenues.

Also, we haven’t even started monetizing our growing community of users,
and will shortly be doing so with Expert/Campus. So there is plenty of room for growth.

NF: We’ve heard the “Mandrake has 33.8% of the retail U.S. Linux market”
line repeated all over the place. Can we get a little more specific? How many actual boxed sets and CDs has Mandrake sold so far in 2001? How many 8.0 packages do you expect to sell by the end of the year? Does Mandrake
make money from the retail packages?

JACQUES: This is the PC DATA number for the first quarter 2001. PC DATA provides trusted numbers from the U.S. retail sales. This was before the launch of our new release 8.0. So the number should be much higher now 🙂

Concerning our sales, we expect to sell 400,000 boxes/year. The U.S. retail
is less than it was in the past. In compensation we are currently
increasing our sales in various European countries a lot.

Also, we’ve already presold more 8.0 to business partners in Europe than any release ever before at this stage of the product cycle.

NF: Who’s in charge of the company these days?

JACQUES: I’ve taken back the CEO position instead of Henri and I work closely with a team of managers. Most of them were here before Henri’s arrival.

NF: We heard that CTO Jean-Loup Gailly left Mandrake, unannounced, over a
month ago? Why did he leave? Was it his choice or the company’s?

JACQUES: It was Jean-Loup’s choice because of a disagreement with the past
management of the company.

NF: Have you cut the number of developers working on Mandrake?

JACQUES: We did not cut any people working on Linux-Mandrake. In our refocus, the Linux-Mandrake distribution is the heart of all our business.

NF: Have you cut support staff?

JACQUES: We increased the support staff.

The staff cut was mostly among people working on the e-services strategy. There are currently 125 employees working at Mandrakesoft, which is the
same number as at the begining of the year.

NF: Who made the decisions about the recent changes?

JACQUES: They were made by the board of MandrakeSoft in agreement with Henri Poole.

NF: We hear rumors that Mandrake is desperate for a cash infusion and may
go out of business if you can’t find millions of Francs by the end of the year. Is this true?

JACQUES: Please speak in USD :-).

The truth is that we have cash in the bank, that first 8.0 sales are
looking fantastic, and we are backed by our investors.

Mandrakesoft is close to profitability. Unlike many other Linux
companies we did not do a big lay-off of employees that would have made
us profitable now.
We decided that our refocus in strategy has to bring a high
growth, which needs all the employees in place.

Mandrakesoft has built in only three years with small expenses an
incredible position in the Linux arena. We are now the most sold Linux
distro on the retail market. Mandrake has a good image. We have a huge
users base and a strong position on the desktop side. More and more
companies are using Mandrake on the server side. According to Netcraft
stats, Mandrake’s Apache
version, called Advanced Extranet Server, is the #15 most used Web server on the Net, just after Lotus Domino!

The challenge now is to transform this position into a strong business. We
are currently launching several new products for business use, like
MandrakeSecurity which is a easy to setup easy to use a Firewall/Gateway.
Our service offers (training, support and consulting) are starting to deliver deals in the U.S. and Europe. Direct sales via our e-commerce platform have just been launched successfully — last week — and we will soon open a Web site that includes all our new offerings.

Also, in addition to all the good news, we are currently working on an
IPO process. I can’t tell you more at this time but will tell you more in due course.

The latest edition of Debian Weekly News is now available at Linux Weekly News. In this issue, find out how to get your hands on Hurd F2 ISO images, information on accessing secure sites with Mozilla, and a few words on this week’s most notable new and updated Debian packages.

From LinuxSecurity.com: “David Wheeler, author of the Secure Programming HOWTO and the RATS development team from Secure
Software Solutions today announced open source source code security flaw scanners. “RATS scans through
code, finding potentially dangerous function calls. The goal of this tool is not to definitively find bugs. Instead, this
tool aims to provide a reasonable starting point for performing manual security audits.” “Flawfinder” states it will
“scan source code and identify out potential security flaws, ranking them by likely severity.””

PR Newswire: “nc., a leading innovator in
embedded systems, real-time and high availability solutions, today announced
the availability of Lineo Availix(TM) Horizontal Clustering 1.3, a new
clustering solution providing customers with performance for non-stop access
services. Availix Clustering is based on the Linux operating system and
provides the CompactPCI hardware architecture with an immediate,
cost-effective solution for high availability, redundancy, reliability and
scalability.”

It’s at ftp://ftp.kernel.org/pub/linux/kernel/people/alan/2.4/. Intermediate diffs are available from http://www.bzimage.org.
Cox writes,
Rather than starting to propogate these fixes to other drivers I’d be
greatful if they would audit the changes (especially the sound one)
carefully. That way we can ripple correct changes to the other drivers
rather than duplicating several rounds of fixes into each driver we
touch.”

2.4.4-ac13
o Fix binfmt_misc compile bug (me)
o Add missing locking to pms driver (me)
o Fix planb locking/rt deadlock (me)
o Add missing locking to saa5249 driver (me)
o Add missing locking to stradis driver (me)
o Add missing locking to zr36067 driver (me)
o Fix locking on trident sound driver (me)
| Probably all the other PCI sound drivers need doing too…
o Fix wrong ioctl return on trident sound driver (me)
o Clean up NCR53c406 compile warnings (me)
o Fix dmx3191 compile warnings, printk levels (me)
o Fix coda cache compile warnings (me)
o Fix a warning in jffs2 (me)
o Fix nautilus SRM poweroff (Richard Henderson)
o Fix Alpha build bug (Richard Henderson)
o Fix a hang in the maestro dock support (Ben Pfaff)
o Fix memory leak in ACPI drivers (Philip Wang)
o Eliminate popping in cs46xx, fix powerdown (Tom Woller)
o Fix ps2esdi SMP build (Rasmus Andersen)
o Fix a hang on NFS write (Trond Myklebust)
o Cleaned up assorted random warnings (me)

2.4.4-ac12
o Just tracking Linus 2.4.5pre4

– A chunk more merged with Linus
– dropped out some oddments that are now
obsolete

“Rather than starting to propogate these fixes to other drivers I’d be
greatful if they would audit the changes (especially the sound one)
carefully. That way we can ripple correct changes to the other drivers
rather than duplicating several rounds of fixes into each driver we touch.”

From: Alan Cox 
Date: Tue, 22 May 2001 15:45:20 +0100 (BST)


ftp://ftp.kernel.org/pub/linux/kernel/people/alan/2.4/

                 Intermediate diffs are available from
                         http://www.bzimage.org


Rather than starting to propogate these fixes to other drivers I'd be
greatful if they would audit the changes (especially the sound one)
carefully. That way we can ripple correct changes to the other drivers
rather than duplicating several rounds of fixes into each driver we touch

2.4.4-ac13
o        Fix binfmt_misc compile bug                     (me)
o        Add missing locking to pms driver               (me)
o        Fix planb locking/rt deadlock                   (me)
o        Add missing locking to saa5249 driver           (me)
o        Add missing locking to stradis driver           (me)
o        Add missing locking to zr36067 driver           (me)
o        Fix locking on trident sound driver             (me)
         | Probably all the other PCI sound drivers need doing too...

o        Fix wrong ioctl return on trident sound driver  (me)
o        Clean up NCR53c406 compile warnings             (me)
o        Fix dmx3191 compile warnings, printk levels     (me)
o        Fix coda cache compile warnings                         (me)
o        Fix a warning in jffs2                          (me)
o        Fix nautilus SRM poweroff                       (Richard Henderson)
o        Fix Alpha build bug                             (Richard Henderson)
o        Fix a hang in the maestro dock support          (Ben Pfaff)
o        Fix memory leak in ACPI drivers                         (Philip Wang)
o        Eliminate popping in cs46xx, fix powerdown      (Tom Woller)
o        Fix ps2esdi SMP build                           (Rasmus Andersen)
o        Fix a hang on NFS write                                 (Trond Myklebust)
o        Cleaned up assorted random warnings             (me)

2.4.4-ac12
o        Just tracking Linus 2.4.5pre4                   
         - A chunk more merged with Linus
         - dropped out some oddments that are now
          obsolete

2.4.4-ac11
o        Fix hang after "Freeing unused.." on S/390      (Dick Hitt)
o        Fix ramfs accounting bug                        (Christoph Rohland)
o        Raw HID access interface for USB                (Brad Hards)
o        Fix missing release_region on QlogicFAS                 (Marcus Meissner)
o        Fix missing release region in NCR53c406 code    (Marcus Meissner)
o        Make trident use the new pm callbacks           (Pavel Roskin)
o        Fix dmi ident handling                          (Arjan van de Ven)
o        dc2xx locking fixes                             (Greg Kroah-Hartmann)
o        Fix overrun on the acm driver                   (Greg Kroah-Hartmann)
o        Sitecom workarounds for mct-u232                (Stelian Pop)
o        Makefile fixes                                  (Al Viro)
o        Make hgafb show logo if non modular only like   (me)
         the rest
o        Merge back the invalidate_device changes into   (me)
         the new cciss/cpqarray
o        Rio and sx serial driver updates                (Rogier Wolff)
o        Add another SB AWE 32 variant to the tables     (Jeremy Manson)
o        Fix serial.c warning                            (Jesper Juhl)
o        Basic maestro dock support                      (Ben Pfaff)
o        Add defines for testing prefetch                (Arjan van de Ven)
o        Protect nls.h from repeat include               (Anton Altaparmakov)
o        Clean up resource handling in esssolo1          (Marcus Meissner)
o        Fix mysnc on /dev/fb                            (Andrea Arcangeli)
o        Further IBM token ring updates                  (Mike Phillips)
o        Fix usermode Linux makefile problem             (Andrew Morton)
o        Merge first block of LVM changes                (Heinz & others)
o        Forward port 2.2 syncppp flags features                 (Paul Fulghum)
o        Merge lp486e driver for 2.4                     (Andries Brouwer)
         | Experimental...

o        Merge new cmpci driver                                  (ChenLi Tien)
o        & remove 2.2 back compat gunge, modem gunge     (me)
o        Update frame buffer project/mailing list data   (Geert Uytterhoeven)
o        Fix m68k bitops                                         (Roman Zippel)
o        Add w83877f watchdog driver                     (Scott Jennings)
o        Merge A2232 serial driver                       (Enver Haase)
o        Fix wrong memory free in isdn_ppp               (Christopher Kanaan)

2.4.4-ac10
o        Move cs46xx docs into the right spot            (Arjan van de Ven)
o        Merge Linus 2.4.5pre3
         - switch to Linus page fault race fixes
         - switch to Linus arch/ppc
         - merged serial driver cli fixes but also
          added an extra missing moxa check
         - used -ac better version of comx fix
         - used -ac better version of scsi fix
         - now 2.4.5pre vm seems sane dump other vmscan
          experiments
         [not merged; rage-xl code]

“As seen on rec.games.int-fiction, Unix Frotz version 2.41 (screenshots) is now available for interpreting your z files.” More, plus discussion, at LinuxGames.com.