Forgot your password?
typodupeerror

Comment: Re:Wat? (Score 1) 582

by dag (#46786573) Attached to: How Does Heartbleed Alter the 'Open Source Is Safer' Discussion?

Indeed, "Given enough eyeballs, all bugs are shallow.".

In this specific case there are rumors that there we probably only 4 eyeballs involved, which apparently was not enough ;-)

Whatever said and done, there is big responsibility with the various Enterprise distributions and various hardware/software vendors that relied on OpenSSL for their business without doing their due diligence. Whether it was because they all expected the other to have covered that space, or because the particular source code is not easy to audit is less relevant. And I am sure that many companies are looking what can be done to improve their processes in this space.

I expect in the coming months to see more fixes for new vulnerabilities because of new audits and security testing.

Comment: Re:Merge Already! Libre/Open (Score 1) 238

by dag (#44373871) Attached to: Apache OpenOffice 4.0 Released With Major New Features

So if project A can handpick improvements from project B.
But project A creates 10x as many new improvements on its own.
And it has 10x as many contributors to its own project.
And project B is not allowed to merge back improvements (license-wise).

It simply means project A is going to win out in the long-run as long as the project stays as healthy as it is, no matter how healthy project B is. What project B can do in this case is make sufficient changes to the code-base so that improvements can not be easily merged into project A. Or make so many changes that project A runs out of resources to merge everything back into project A.

In this case specifically, it seems that AOO has the mindshare of the users and LO has the mindshare of the developers. It's more likely that a contributor knows what the difference is and where to contribute to. If ohloh.net does make something clear it is the divide between developers and users.

PS The 10x as many is taken for the sake of the argument, whether it is indeed 10x or 5x is irrelevant given enough time.

Comment: What about the holidays ? (Score 1) 290

by dag (#33121330) Attached to: Firefox May Soon Overtake IE In Europe

How about taking into account the holiday season ? I'd be interested to compare this with the trends for June, July, August and September the previous years, as I expect that browser-usage depends on sunny weather conditions, holiday-trips and people in the office browsing more with less work on their hands ? Maybe ?

On a global level this may mean not that much, but a 1% to 2% fluctuation could be addressed by this. So maybe we should wait until September or October before making any conclusions...

Comment: Re:Forced Browser Choice (Score 3, Informative) 290

by dag (#33121254) Attached to: Firefox May Soon Overtake IE In Europe

Nope, the Firefox usage numbers have always been higher in Europe than elsewhere. This has been a tendency for years. And Germany also has a historical aversion for Microsoft software and was in the past a big Linux proponent (think SuSE) and StarOffice (now OpenOffice) was bigger than Microsoft Office for years IIRC. I wouldn't be surprised if also OS/2 had a larger following to elsewhere (or at least US).

All this predates any anti-trust settlement, but I am sure that change will make a difference too, but the trend was always present.

Comment: Re:Ironic ... (Score 1) 175

by dag (#33102720) Attached to: First GNOME Census Results

Red Hat did not exit the desktop market, it always offered an Enterprise desktop Linux product and heavily invested in desktop development (which is what this article is about as well) and Fedora.

Red Hat also never said there was no future in Linux desktops, it basically said there is no money to be made in a consumer desktop offering at that moment, regardless of the investments they do.

Canonical is the living proof that you cannot survive on a consumer desktop Linux offering, that's why they are trying to leverage Ubuntu's installation base to get into the Enterprise server market, and are looking at different possibilities to sell you services on top of Ubuntu (think cloud).

So the Gnome census report shouldn't come as a surprise, regardless of how outspoken Mark Shuttleworth and Ubuntu's userbase is. Red Hat is the biggest contributor to Open Source and Linux, and they also have the most to gain from it too.

I am confident Canonical would like to trade places with Red Hat anytime, and until that happens they prefer to pretend they are leading Linux, rather than leading Linux development.

Comment: Re:More honest than Redhat (Score 1) 96

by dag (#32366700) Attached to: Novell Changes Enterprise Linux Kernel Mid-Stream

Not true, there is a whitelist kABI for interfaces that are guaranteed to not change. If I recall correctly, even the nvidia driver worked fine going from a RHEL5.4 kernel to a RHEL5.5 kernel. So it's not guaranteed that all drivers keep on working on any 2.6.18 kernel, but the large majority simply do.

Visit the ELRepo project page (http://elrepo.org/) or read the following document to learn how it works:

http://dup.et.redhat.com/presentations/DriverUpdateProgramTechnical.pdf

Comment: Re:More honest than Redhat (Score 1) 96

by dag (#32366606) Attached to: Novell Changes Enterprise Linux Kernel Mid-Stream

You could have saved yourself the embarrassment if you would have visited the ELRepo website (http://elrepo.org/) and tested it for yourself, or you could have googled for kABI or kABI-tracking modules. (Welcome in 2010 !)

The large majority of the drivers compiled against one kernel do indeed work for *all* 2.6.18 kernels. Only a few of them (those that do not use what's inside the kABI whitelist) have to be recompiled against a new major release kernel if an interface did change.

http://dup.et.redhat.com/presentations/DriverUpdateProgramTechnical.pdf

The kABI whitelist is an evolving list based on feedback from vendors, customers and the community.

Comment: Re:More honest than Redhat (Score 1) 96

by dag (#32290588) Attached to: Novell Changes Enterprise Linux Kernel Mid-Stream

As one of the members of the ELRepo project (http://elrepo.org/), I would like you to take a look at the collection of drivers (kernel modules) that the project has backported to the RHEL5 2.6.18 kernel. In total more than 400 drivers have been ported and a large majority of these drivers work for every 2.6.18 kernel that was released (from 2.6.18-8.el5 until 2.6.18-199.el5), thanks to the kABI whitelist. Including exotic stuff like nvidia or video4linux.

So I fail to see the worse of both worlds. But then again, I may be biased of actually using, deploying and working with those kernels.

Comment: Re:Backporting? (Score 1) 96

by dag (#32285908) Attached to: Novell Changes Enterprise Linux Kernel Mid-Stream

Tell that to the Ubuntu guy that had filesystem problems and required Red Hat's assistance to get it fixed. Ubuntu was impacted, Fedora was impacted, Red Hat's kernel was not. Why ? Because they were not running the latest and greatest. But a kernel that has been selectively patched and improved, by kernel developers that know exactly what they are doing. It can't get better than that...

There are more systems running RHEL and CentOS kernels than there are systems running the latest. Not only because the total number of systems running RHEL/CentOS is much larger than any given distribution, but also because that kernel is the same kernel, while every Ubuntu or Fedora user is using their own kernel (9.10, 10.04, F11, F12) and not updating it at the same time. Whereas RHEL5 has had the same 2.6.18 kernel with the same track-record for the past 3 years.

So if you want to run what everyone else is running, you're better off with a patched and improved CentOS/RHEL 2.6.18 kernel.

Sorry the burst your bubble there...

Comment: Re:More honest than Redhat (Score 2, Insightful) 96

by dag (#32285760) Attached to: Novell Changes Enterprise Linux Kernel Mid-Stream

What does this have to do with honesty ?

Red Hat is backporting the stuff their customers are demanding _and_ what they feel confident to support in a production environment _without_ breaking existing setups. That's the goal.

You don't do that by updating your complete kernel for one or two features you like to have. That would be insane.

Red Hat never promised you that 2.6.18-192.el5 has any resemblance or compatibility with the original vanilla 2.6.18. That would make your kernel ancient and not fit for newer hardware.

The whole "backporting is ugly/dishonest" comes from people that have no clue about Enterprise computing or have hidden agendas. A bit of common sense goes a long way...

Image

Jetman Attempts Intercontinental Flight 140

Posted by samzenpus
from the a-jetwing-and-a-prayer dept.
Last year we ran the story of Yves Rossy and his DIY jetwings. Yves spent $190,000 and countless hours building a set of jet-powered wings which he used to cross the English Channel. Rossy's next goal is to cross the Strait of Gibraltar, from Tangier in Morocco and Tarifa on the southwestern tip of Spain. From the article: "Using a four-cylinder jet pack and carbon fibre wings spanning over 8ft, he will jump out of a plane at 6,500 ft and cruise at 130 mph until he reaches the Spanish coast, when he will parachute to earth." Update 18:57 GMT: mytrip writes: "Yves Rossy took off from Tangiers but five minutes into an expected 15-minute flight he was obliged to ditch into the wind-swept waters."
Books

+ - Book review: Drupal 6 Social Networking->

Submitted by dag
dag (2586) writes "An interesting book about how to build social networks and why Drupal is a good choice as a platform for building communities. Even when you don't have any Drupal experience yet, this book explains what is needed when you start from scratch and looks at the different facets of a social network.

title: Drupal 6 Social Networking
author: Michael Peacock
pages: 290
publisher: Packt Publishing
reviewer: Dag Wieers
ISBN: 978-1-847196-10-1
summary: Building community websites using Drupal as a content management framework

The book starts off with a short introduction about social networks and a list of compelling reasons why one wants to set up her own social network rather than using an existing social network like Facebook or MySpace. It all comes down to what your particular goals are. The first chapter looks into why Drupal is a good fit for building a community website. Its modular design, use of known technologies and ease of installation, as well as the ample availability of modules help in that respect, and also clearly marks where the book is going next. The other half of the first chapter explains in great detail what is needed during the installation of Drupal to have a working setup. If you are already experienced with setting up Drupal you can skim through this chapter to verify that you did not miss anything with earlier installations.

The second chapter prepares the reader for using Drupal specifically targeted for building a community website. To do this the author comes up with his own example (Dino Space) which is used throughout the book. And while the subject may be far-fetched and very different from what you plan to do, it serves its purpose well. Throughout this chapter the author explains many Drupal related concepts and terminology like Nodes, Content Types or Blocks and how to use these to your advantage when designing your site.

So while the first and second chapters explains and prepares the reader, chapter three helps with important decisions regarding user contributed content and all aspects related to it. User Roles, Comments, Polls, Forums and Blogs. One thing that surprised me was how it is possible to write blog entries from Microsoft Word using a standardized API. And while it is not applicable to me (as a Linux user) I can see some benefit for others within the targeted community. Another topic from the book that I had little experience with is collaborating on a Book within your community. I was always amazed by the annotated PHP manual in the past and this possibility reflects that effort a great deal. The chapter also includes attention to how to automatically generate feeds or include feeds from others, something that helps growing the community.

The next chapter goes into how users can maintain their profiles, how profiles can be extended and themed and how profiles can be shared between websites. It also looks into specific modules to help you eg. integrate OpenID or avatars from other websites. Chapter five explains how users can interact and how the User Relationships and User Activity modules allow users to promote their own content and actions on their site. Much like how Facebook becomes a time log of individual actions of our friends. It also looks at Guestbooks, Contact forms and Groups covering more than I was looking for myself.

One thing I recently had to look into myself was how to communicate with your users. Some users register and then loose touch so there is a clear need to regularly update them about what is happening and what new content is available and that's where chapter six explains how to set up Newsletters or connect your social network to online services like Google Groups.

Drupal is mostly respected for its modular design and Drupal's author often states "If it cannot be done from a module, then that's a design bug which needs to be fixed". That said, almost everything is possible from a module, which offers great flexibility to anyone deploying Drupal to customize it to its own needs. Chapter seven explains in some detail how to write your own Drupal modules from accessing the database, interacting with other services as well as making it installable and customizable. The example shows how to interact with Google Maps from a Drupal module. But also points to similar modules for connecting to Facebook.

Another important aspect of any website is its design, chapter eight shows how to install and configure additional themes, but also explains how to modify existing templates and tweak CSS files. It does not go into great detail though, but it sufficiently points out where to look and how to experiment.

The last two chapters are a bit dim, chapter nine explains how to secure your Drupal site from automated spam and lists a few maintenance tasks every admin should know about. Much like chapter nine, chapter ten does not go into a lot of detail about how to promote your website. It mostly lists important aspects and in some cases provides links to experienced websites.

All in all I was surprised by the many items this book covers, especially the chapters about writing modules and modifying themes is something most buyers will not expect in a Drupal book regarding Social Networking. And while I believe there are better books about those topics, in general this book is a good introduction to Drupal and a guide for those who are also interested in the more advanced parts of Drupal.

I was particularly interested in this book as I set up my own family website based on Drupal and I wanted to know what technologies I missed, and what additional modules I could use to make our own family website better. In that regard this book confirmed for a large part that what I did with Drupal was how it was supposed to be, but in addition even I did learn some new tricks and new modules I never investigated before. This knowledge undoubtedly will be useful for some future Drupal-based projects as well."

Link to Original Source
The Courts

Groklaw's PJ Says SCO's Demise Greatly Exaggerated 152

Posted by ScuttleMonkey
from the still-looking-for-a-fat-lady dept.
blackbearnh writes "Last week, the net was all abuzz with speculation that SCO was finally gone and done for. With the final judgment in SCO v. Novell in, and SCO millions of dollars in the hole to Novell, it seemed like the fat lady had finally sung. But like most things in the legal system, it isn't nearly that simple. O'Reilly Media sought out Groklaw's Pamela Jones, and got a rundown of what's still alive, and why a final end to the madness may be many years away. 'Summing up, it looks bleak for SCO at the moment, but let's enter the alternate realm of SCO's best-case scenario in its dreams: in that realm, SCO wins on appeal, which one of SCO's lawyers indicated might take a year and a half or five years, and the case is sent back to Utah for trial by jury, which is what SCO wanted (as opposed to trial by judge, which is what it got), then everything listed above (except for the IPO class action) comes alive again, presumably, depending on what the appellate court decides. Then SCO is in position once again to go after Linux end users, as well as IBM, et al.'"
Government

President Signs Law Creating Copyright Czar 555

Posted by kdawson
from the ip-con dept.
I Don't Believe in Imaginary Property writes "President Bush has signed the EIPRA (AKA the PRO-IP Act) and created a cabinet-level post of 'Copyright Czar,' on par with the current 'Drug Czar,' in spite of prior misgivings about the bill. They did at least get rid of provisions that would have had the DOJ take over the RIAA's unpopular litigation campaign. Still, the final legislation (PDF) creates new classes of felony criminal copyright infringement, adds civil forfeiture provisions that incorporate by reference parts of the Comprehensive Drug Abuse Prevention and Control Act of 1970, and directs the Copyright Czar to lobby foreign governments to adopt stronger IP laws. At this point, our best hope would appear to be to hope that someone sensible like Laurence Lessig or William Patry gets appointed."

Comment: Re:That's what you get. (Score 1) 234

by dag (#24802077) Attached to: Bitten By the Red Hat Perl Bug

Think about it. If your paid staff has to make a custom compilation of a vendor supplied application (and consequently keep it updated) then what are you paying Red Hat for? The days of paying Red Hat out of the goodness of our hearts are over. It's time for Red Hat to act like one of the big boys and earn their money.

So you buy Red Hat support only for perl ?
No you don't ! Please be honest.

Also, bugzilla is not a customer support tool. If you want Red Hat to fix a bug then first make sure you actually pay for support and secondly use the normal channels for customer support.

Red Hat seldom pushes bugfix releases until the next update release, because you do not want customers to be exposed to new bugs outside of update releases.

Besides, if this was a bug that was exposed by a lot of companies, it would have already been fixed much sooner and was available from the fastrack repository.

Also, as a paying customer, I would not want a support team to pay more attention to people that blog about bugs or Bugzilla, than tickets in the support tool. We are heading in the wrong direction if blogposts get a higher attention than paying customers.

"If I do not want others to quote me, I do not speak." -- Phil Wayne

Working...