Search results matching tag 'Linux'

This consumer operating systems stuff is harder than 1st thought – Red Hat and Novell no longer targeting consumers with desktop Linux

doverton — Fri, 18 Apr 2008 07:58:49 GMT

I saw this and it made me smile – looks like building a desktop OS for consumers is harder than people thought :-) And I thought consumers were more willing to put in time to fiddle too, so that makes the enterprise play even less likely for me!!

Red Hat skips consumer Linux desktop

Red Hat has no plans to create a traditional desktop product for the consumer market, but will continue to place its bets on a desktop for commercial markets.
"We are focused on infrastructure software for the enterprise market, and to that market we are offering the Red Hat Enterprise Linux Desktop," said Michael Chen, vice president of corporate marketing at Red Hat.
"You need a different support ecosystem and applications for the consumer desktop," Chen added.
Among the company's desktop goals for 2008 and 2009 is to ensure that its desktop products complement its server and middleware products, Red Hat said in a company blog post Wednesday.
Red Hat's strategy is similar to that of Novell , which is currently focusing on Linux for enterprise desktops. The market for Suse Linux on the consumer desktop is taking time to develop, and the market for the desktop for the next three to five years is mainly enterprise-related, Novell President and CEO Ronald Hovsepian said Wednesday.

Red Hat skips consumer Linux desktop | InfoWorld | News | 2008-04-17 | By John Ribeiro, IDG News Service

ttfn

David

Technorati Tags: Windows Client, Windows, Windows Vista, Vista, Linux, Red Hat, Novell, Microsoft

Dissent in the Open Source world between GPL 2 & GPL 3 - Linus Torvalds will be sticking with GPL 2

doverton — Wed, 09 Jan 2008 00:52:00 GMT

I personally don't mind which license type someone chooses to deliver their product with, but I think it should never be used as a shotgun against the developers, contributors or organisations that have been using / developing the software to force them into agreements that were unrecognised prior to that use. GPL 3 was hijacked (in my very personal opinion) by a small group to change the meaning of "free" and change the ethos of the GPL.

Today I read that I am not the only person who feels that way. In the interview at InfoWorld, Linus Torvalds, the inventor of Linux explains why he believes GPL 2 is for him. After all, just because someone releases an alternative version of a license, you don't have to use it!!

Linux creator Linus Torvalds, in an interview being made public by the Linux Foundation Tuesday, stressed that version 2 of the GPL (GNU General Public License) still makes the most sense for the Linux kernel over the newer GPL version 3.
GPL 3, which was released last year by the Free Software Foundation (FSF), reflects the FSF''s goals while GPL 2 closely matches what Torvalds thinks a license should do, Torvalds said.
"I want to pick the license that makes the most sense for what I want to do. And at this point in time, Version 2 matches what I think we want to do much, much better than Version 3," said Torvalds, who is now a fellow at the foundation. He was interviewed in late-October by Linux Foundation Executive Director Jim Zemlin.
Among GPL 3 highlights are protections against patent infringement lawsuits and provisions for license compatibility. Torvalds acknowledged he had spoken out against GPL 3 before it was released. He had opposed digital rights management provisions in early-2006, calling them burdensome.

Linus Torvalds still sticking with GPL 2 | InfoWorld | News | 2008-01-07 | By Paul Krill

ttfn

David

Technorati Tags: GPL, Linux, Linus Torvalds, Open Source

Microsoft switching SharePoint to claims-based authentication - The Password is changing

doverton — Thu, 25 Oct 2007 00:59:33 GMT

You've heard it before, well this seems to suggest that the password or AD based auth is just too wrong! So SharePoint is going as open as possible!!

Microsoft switching SharePoint to claims-based authentication

By John Fontana, Network World, 10/16/07
Microsoft is replacing the authentication system for SharePoint Server and plans to make the collaboration platform one of the first of the company’s marquee applications to rely on a new claims-based identity model.
The goal is to have SharePoint incorporate an authentication model that works with any corporate identity system, including Active Directory, LDAPv3-based directories, application-specific databases and new user-centric identity models, such as LiveID, OpenID and InfoCard systems, including Microsoft’s CardSpace and Novell’s Digital Me.

Microsoft switching SharePoint to claims-based authentication - Network World

ttfn

David

Technorati Tags: SharePoint, Claims-Based Authentication, Security

Microsoft gets official open-source blessing from OSI for two of its licenses

doverton — Tue, 23 Oct 2007 00:34:43 GMT

Many times Microsoft has been barracked for its "anti-open source" stance, which quite frankly has never existed. However, since we have always made software available under various licenses, it was decided that it was time to get these officially recognise by the people behind the dreaded GPL (that is my humour btw). Not everyone is happy about it as can be read at http://robertogaloppini.net/2007/10/18/open-source-at-microsoft-microsofts-licenses-get-approved-by-osi/. Microsoft's desire to protect what it considers to be its intellectual property is seen as a threat by some in the open source world. However if you look at MSDN, it has, I suspect, millions of lines of code for people to borrow, use and then sell. I would call that open source of one type as well as codezone for another. In fact, as I have always understood it, Microsoft does not care how you develop or release you code, providing you do it legally! I think Microsoft gets official open-source blessing from OSI for two of its licenses covers most points

Microsoft gets official open-source blessing from OSI for two of its licenses

By Ryan Paul | Published: October 16, 2007 - 01:41PM CT
The Open Source Initiative (OSI), the organization responsible for maintaining the definition of open source and evaluating open source licenses, has officially approved the Microsoft Community (Ms-CL) and Permissive (Ms-PL) licenses.

Microsoft submitted its Shared Source licenses shortly after announcing plans to do so at the O'Reilly Open Source Convention earlier this year. OSI president Michael Tiemann responded by pointing out that three of Microsoft's five Shared Source licenses impose restrictions that are clearly inconsistent with the Open Source definition, but acknowledged that the two licenses submitted by Microsoft had merit and would be evaluated.
"The decision to approve was informed by the overwhelming (though not unanimous) consensus from the open-source community that these licenses satisfied the 10 criteria of the Open Source definition, and should therefore be approved," said OSI in a statement. "Microsoft came to the OSI and submitted their licenses according to the published policies and procedures that dozens of other parties have followed over the years. Microsoft didn't ask for special treatment, and didn't receive any. In spite of recent negative interactions between Microsoft and the open-source community, the spirit of the dialog was constructive and we hope that carries forward to a constructive outcome as well."

ttfn

David

Technorati Tags: Open Source, Microsoft, Licensing

Windows is now getting too difficult to hack, so the hackers sights are moving elsewhere, but that does not mean security is now easier.

doverton — Wed, 17 Oct 2007 22:33:33 GMT

I have heard many times how Windows is the big target for virus and phishing nasty people in general, but more and more people are showing that Windows is just too hard to hack when applications and other platforms offer so much more opportunity.

From the article at eBay: Phishers getting better organized, attacking Linux Dave Cullinane, eBay's chief information and security officer said that in his previous job protecting a bank from phishers

"The vast majority of the threats we saw were rootkitted Linux boxes, which was rather startling. We expected Microsoft boxes. Rootkit software covers the tracks of the attackers and can be extremely difficult to detect. According to Cullinane, none of the Linux operators whose machines had been compromised were even aware they'd been infected. Although Linux has long been considered more secure than Windows, many of the programs that run on top of Linux have known security vulnerabilities, and if an attacker were to exploit an unpatched bug on a misconfigured system, he could seize control of the machine. "

In the same article it also mentions:

"We see a lot of Linux machines used in phishing," said Alfred Huger, vice president for Symantec Security Response. "We see them as part of the command and control networks for botnets, but we rarely see them be the actual bots. Botnets are almost uniformly Windows-based."
Since Linux machines can be used to more easily create specially crafted networking packets, they can be used in highly sophisticated online attacks, said Iftach Amit, director of security research with Finjan Inc.'s malicious code research center.

Now this might sound like a load of old "mine is better than yours", but there is much more to this. Oracle, who on the whole don't make that many products, released their latest set of patches, just 51 this month - http://techworld.com/applications/news/index.cfm?newsID=10369&pagtype=all, compared to a much smaller set from Microsoft. What is worth noting is the fact that the attack vector is moving from the OS to the applications sat on top of it.

One researcher event went as far as to say (http://www.infoworld.com/article/07/10/02/Security-researchers-look-beyond-Vista_1.html)

One well-known researcher who goes by the name Halvar Flake called Vista "arguably the most secure closed-source OS available on the market," in a blog post about BlueHat. "As a result I think that most of the security researchers will move on to greener pastures for a while. Why try to chase a difficult overflow out of Vista when you have Acrobat Reader installed, some antivirus software with shoddy file parsing, and the latest iTunes?"

Using social engineering and targeting other applications is now much more common place, for example Skype is dogged (http://www.infoworld.com/article/07/10/17/Trojan-imitates-Skype-steals-logins_1.html):

The program sends the victim's Skype credentials, as well as any other logins or passwords stored in Internet Explorer, to another server, wrote Villu Arak, a Skype spokesman based in Tallinn, Estonia, on a Skype blog.
Skype, the VoIP program owned by eBay, is frequently targeted by malware writers because it is widely used. Other attacks have focused on sending links to malware via Skype's chat function as well as worms.
This Trojan horse appears as an installer with Skype's logo and the name "65404-SkypeDefenderSetup.exe." Once the program is executed, users see a convincing Skype login interface, although the graphic for the "sign in" button is different from that of the genuine Skype application.

Hopefully through all of this you can see that Security was and is not about the OS, but everything on the computer, including the user. People often ask why UAC is so vital in Vista - the answer is simple, because the user needs to learn to be aware that an application elevation is a risky business and should only be allowed when desired, expected and trustworthy.

Finally, good old Gartner has recently suggested that "broad" attacks need commoditized solutions to enable focus on more specific attacks and "inside out" rather than simply throwing barriers at the problems (http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9042699&intsrc=hm_list).

So, what does this mean? Well, it means that applications and architectures still need to be designed with the thought that even if a compromise happens, it should not be able to weaken the overall system. Less running as administrator or root is required, more partitioning and awareness.

That is it, I hope it was a bit enlightening. There are no "answers" to security, just more learnings.

ttfn

David

Technorati Tags: Security, Windows Vista, Trojan

Things they said would never happen - Sun becoming a Windows OEM and Microsoft and Novell open Windows and Linux interop Labs

doverton — Fri, 14 Sep 2007 14:50:00 GMT

I saw this and thought I would publish this to show that businesses will always put differences behind them if they think there is a buck to be made:

Sun to Install Windows Server on Its Hardware

Sun Microsystems will start selling its lineup of 64-bit, x86-based servers preinstalled with the Windows Server operating system within 90 days.

and

Microsoft/Novell Open Windows/Linux Interop Lab

The initial focus will be around three projects involving virtualization, management, and identity federation.

This just proves that all firms are commercial! Don't believe the religious hype! Of course, competition will still be just as fierce.

ttfn

David

Technorati Tags: Sun, Windows, Novell

Security is a journey, never a destination

doverton — Sun, 26 Aug 2007 23:02:05 GMT

I was watching the Bourne Identity the other night and Marie asked "how did they find us", to which Bourne replied "we let our guard down, we got lazy". This is so very true for computer security - you can't stop updating your systems, updating your anti-malware tools, updating the firmware in your firewall and more. To highlight this I saw the article below. There was an operating system that claimed it did not suffer from the issues of needing constant TLC. Then 5 of the 8 community servers were compromised. Nice.

Ubuntu Servers Hijacked, Used to Launch Attack
Members of the Ubuntu colocation team suggest the attack could have begun with a Chinese IP address.
The Ubuntu community had to yank five of the eight Ubuntu-hosted community servers sponsored by Canonical offline Aug. 6 after discovering that the servers had been hijacked and were attacking other machines.
It was suggested during an IRC (Internet relay chat) meeting of the Ubuntu colocation team Aug. 14 that the source of the troubles might have been a Chinese IP address trying to log onto the servers by brute force "for a long time now it seems," said a participant.
On Aug. 14, the community began to bring the machines back up in a safe state so that they could recover data from them. Unfortunately, according to Ubuntu Community Manager Jono Bacon, the servers were all found to be out of date, stuffed with Web software, and missing security patches—at least in the instances where it was easy to determine what version they're running.
"An attacker could have gotten a shell through almost any of these sites," Bono wrote in a posting, regarding a change to location server policy that resulted from the incident.

Ubuntu Servers Hijacked, Used to Launch Attack

ttfn

David

Technorati Tags: Security, Linux

Will Virtualisation really crush the server market and Virtualised Windows on Linux... not likely

doverton — Tue, 14 Aug 2007 08:18:44 GMT

From the register I saw the article "Virtualization Software to Crush Server Market" and it sort of made me laugh. Last year saw a dramatic drop in growth of Server shipments, both Microsoft and non-Microsoft. One explanation given is that virtualisation has increased so much that less servers are being bought, but the growth was still strong, just not in actual servers. I have seen the growth of virtual servers, but don't think it really accounts for the hundreds of thousands of servers that fill the gap that appeared in the research last year. VMWare's growth does not account for this, nor does the impact on Windows licensing that would be seen.

Analysts and executives came out this week and declared that x86 server shipments will likely decline as VMware, Microsoft, and a host of startups push their virtualization wares at speed.

In a rare feat, Schwartz and Sacconaghi also happen to agree about another trend that virtualization will drive. They're claiming that customers will buy larger, more memory- and component-packed servers moving forward to handle the demanding virtualization code. Why consolidate a couple of workloads on a two-socket box when you can consolidate more software on a four- or eight-socket system and deal with less hardware management overhead?
According to Sacconaghi, the trend toward larger systems will hurt Dell, since it has specialized in two-socket gear. It will, however, also hurt Sun, since x86 virtualization will only speed the move away from Unix systems.
<snip>
The mainframe arena - the place where VMware pinched its genius - has survived virtualization for a long while, as has the Unix market. Each segment, including the x86 market, has its unique attributes, making apples v. apples comparisons tough. Still, customer demand for more horsepower serves as constant across all three markets, and we suspect it will keep overall demand for servers high, despite virtualization code.

Moving this theory along, Microsoft has announced that the license for Vista and Windows XP does not allow for virtualisation on top of Linux - Microsoft Nixes Windows Virtualization on Linux

Virtual PC is still free as is Virtual Server, with the capabilities of these products growing and allowing more functionality. I expect to see some virtual software running on SBS for some customers in the near future where people want split functionality, but I don't expect it to be huge!!

ttfn

David

Technorati Tags: Virtualisation, Windows, x86, servers

The Linux is beginning to admit that Microsoft might have some good ideas, but shows that it is still important for you to code the kernel and there still is not a way to know an application will run on it!

doverton — Mon, 13 Aug 2007 06:49:22 GMT

You know me, I like talking about Linux and when I saw these three articles I thought I had to share them. They all came out last week. The 1st article discusses the need for a bit more respect between the Windows an Linux camp. Microsoft has tried to put fact behind the arguments against Linux adoption and while some people think the surveys were doctored (they were not), they did start the discussion as to why each OS was better. I have said before that this should not be a religious discussion, but an evaluation based upon needs. In some cases people will choose Linux, in others Windows. It is nice however to have this recognised by the Linux community. While the article only discusses Microsoft's PR, there is an underlying respect beginning to grow with statements like "has a good track record in fending off competition" have to mean more than just marketing otherwise it paints most users as pretty stupid.

One other thing discussed is the fact that the lack of release synchronisation causes users pain. Backwards compatibility does not seem to be high on the Linux charter of needs and therefore seems to always cause problems when running a complex system with something that does NOT come in the box, which is quite often. To this extent Novell CEO Ron Hovsepian called on the Linux community to develop a standard application-certification process for independent software vendors (ISVs). Ron and his company however are not flavour of the month with the Linux community for their "audacity" of signing a deal with Microsoft - something so "bad" that explicit changes were made to GPL v3 to stop it happening, which is about as silly as it gets. For the Linux community to tell you that you are bad for signing business deals is simply stupid.

Meanwhile, Andrew Morton, a co-maintainer of the Linux Kernel reminded people recently that they should get involved, help code Linux. For most of my partners this is an OMG moment - they don't want to code Linux, they want to sell solutions and not have to worry about the coding and more important know what is behind them in the product quality and support.

Anyway, enough of my rant, I just thought that I would share this. Finally, since I have referred to this so many times - I think that Hugh's card says it all:

and from a business point of view -

These can all be found at http://www.gapingvoid.com/Moveable_Type/archives/cat_microsoft_blue_monster_series.html

ttfn

David

Technorati Tags: Linux