Yes, I know there've been a bunch of posts about this lately, but it's been dominating the news. Here's a couple more tidbits.

OSDL has released a Q&A paper on the SCO Lawsuite:

In his paper, Rosen identifies some of the legal issues raised by the SCO Group's claims as they relate to Linux development and usage. He does not offer legal advice, but rather frames some of the key questions that companies should ask their own counsel about their use of Linux. He points out that SCO has a long way to go before it can assert broad intellectual property claims against an operating system that was written by thousands of open source programmers worldwide.

The press release can be found here, and the actuall paper can be found here.

Also, in the latest (and possibly strangest yet) turn of events, SCO is apparently arguing that U.S. copyright law invalidates the GPL. Supposedly, since the copyright law only permits one backup copy for "fair use," and the GPL is copyright, then the GPL cannot grant permission to make more than one backup copy because it is superceeded by copyright law. Umm... More information can be found in the Inquirer article.

CNet has an interesting story today about DARPA and its two recent high-profile, and highly criticized, projects; the Total Information Awareness (aka Terrorist Information Awareness) and FutureMAP projects.

Now, I'm personally against both of these (I believe the TIA goes to far and can easily be exploited, and FutureMAP is just asking for trouble from foreign nations), but I agree with the author that DARPA itself is a highly regarded and necessary agency.

Read the full story for more thoughts on this.

Lots of updates on this, so I'll just put them all in one post:

The big news of the day is that IBM has finally filed a countersuit against SCO. You can read about it on CNet News.com and in the Reuters story. The countersuit centers around two central points; that SCO's of IP infringement are basically null and void becuase SCO themselves distributed their IP under the GPL, and that SCO's nearly entire range of products violates 4 patents from IBM's extensive patent portfolio. You can also read a recent letter sent to IBM's sales force about the SCO suit.

As you can read about in a previous post, Red Hat has also filed suit against SCO, seeking an injuction on its spread of FUD. CNet News.com is now carrying an interview with Matthew Szulik, Red Hat CEO, about the suit, and about Red Hat's place in the market.

Also indirectly related is the transcript of Bruce Perens' Open Source "State of the Union" address, which touches heavily on SCO's claims and it's impact on the open source community.

Finally, Kuro5hin.org has an intersting on how to get your own free Linux "license" from SCO, without paying their extortion fees.

Most readers should hopefully be aware of the severe RPC vulnerability announced a couple weeks ago that affects all versions of Windows NT, 2000, XP, and 2003. The U.S. Department of Homeland Security just released a second advisory about the flaw, urging users to install the appropriate patch ASAP. More details can be found here, and the patch itself (along with technical details) can be found here.

A new vulnerability in IE has also been reported. According to this article, "Notepad popup windows can be displayed from an HTML email message or Web page regardless of browser security settings. In addition, Notepad popups can access files on a hard disk, possibilly causing stability problems in a Windows saystem." A followup post on Bugtraq points out that this IE flaw also affects many other mimetypes and protocols. For now, the only fix is to switch to another browser.

Yeah, baby! After over 1 year in the making, Gentoo Linux 1.4 has finally been released. Features include:

• Support for x86, PowerPC, UltraSparc and Alpha processors
• Latest stable KDE and GNOME
• Various optimized Linux kernels (2.4.20, 2.4.21_pre)
• Very modern GNU development environment (glibc 2.3, gcc 3.2.2)
• Excellent filesystem support: ReiserFS, XFS, ext3, EVMS, LVM
• Excellent hardware support: NVIDIA, Creative Labs Live! and Audigy
• New "hardened" Gentoo security initiative
• 4000+ packages of the latest and greatest software

This release also marks the first official release of the Gentoo Reference Platform. Unlike the traditional Gentoo installation method (compile everything you want from source), the GRP is a full, compiled distribution, optimized for various hardware architectures. As of this posting, it's currently available via tw disc sets for i686, Pentium 3, Pentium 4, and Athlon XP.

Please see the list of official mirrors to download. Additional, you'll want to refer to the Gentoo Installation Guide, and also perhaps my own unofficial installation and configuration guide. Enjoy!

More on the SCO drama:

The SCO Group ... today announced the availability of the SCO Intellectual Property License for Linux®. The run-time license permits the use of SCO's intellectual property, in binary form only, as contained in Linux distributions. By purchasing a SCO Intellectual Property License, customers avoid infringement of SCO's intellectual property rights in Linux 2.4 and Linux 2.5 kernels. Because the SCO license authorizes run-time use only, customers also comply with the General Public License, under which Linux is distributed.

The price? Introductory $699 per CPU through October 15. How gracious!

Press release

For the latest news on this continuing drama, check out these two press releases:

Red Hat Takes Aim at Infringement Claims

Statement Regarding Red Hat Lawsuit

The first is a press release by Red Hat in which they state that they have sued SCO to prove that their products (and Linux/OSS in general) do not infringe upon any of SCO's copyright claims. They also announced that they have setup a community fund to defend against these accusations, called the Open Source Now Fund.

The second is a press release by SCO in response to Red Hat's suite, which basically claims that they were specifically not trying to spread FUD, and instead just wanted to educate end-users.

Now hmm..., who should I believe....

A study on ease-of-use between Windows XP and Linux (with KDE 3.1.2) returned some interesting results:

The study findings suggest that it's almost as easy to perform most major office tasks using Linux as it is using Windows, which has a long history in the consumer market.

Linux users, for example, needed 44.5 minutes to perform a set of tasks, compared with 41.2 minutes required by the XP users. Furthermore, 80% of the Linux users believed that they needed only one week to become as competent with the new system as with their existing one, compared with 85% of the XP users.

This sounds about right to me. KDE has come a long way, but it's still easier to to do some stuff in Windows (GUI file management, desktop settings, etc.) than in Linux.

Full article

Sorry for the severe lack of updates over the last couple of months. Been busy with some work for LOULUG. Here's a fresh batch of news, though, beginning with...

The Opie (Open Palmtop Integrated Environment) Project has announced version 1.0. Opie originated as a fork of of Trolltech's Qtopia, but based on these screenshots, seems to already have surpassed it.

Opie is designed to run on all Linux PDA's, and already includes packages for Zaurus, iPAQ, and SimPad.

More information can be found on Opie's home page.

I recently came across a couple good security-related articles that's well worth reading.

The first is an introduction to firewalls and backdoors, describing each type, listing examples, and providing tips. Also contains links to some very useful external resources. http://securityfocus.com/infocus/1701

The second article disusses real-time alerting with snort, the most popular open-source IDS (Intrusion Detection System). http://newsforge.com/article.pl?sid=03/06/09/1939256. It does not cover installation or initial configuration, however; check out the snort documentation for details on this.