[Fri Feb 20 20:12:42 CST 2004]

As a part of their gamble in Linux, Sun is betting on a 3D desktop interface that, if everything goes according to plan, should revolutionize the desktop world. The San Jose Mercury News publishes a short article about the Project Looking Glass that puts a nice positive spin on the idea. As its main developer states,

"I didn't just want to follow Windows and do a better job chasing them... It's not as interesting to follow. We should dream some new world."

It is, after all, a complaint that we have heard all too often about the two main Linux desktop projects, KDE and GNOME: instead of coming up with some new innovative breakthrough, all they are doing is copying the Windows interface. I just don't know what to think about this argument. There are times when I pretty much share the view, especially when I see those spiffy reviews of new Linux distros where the author stresses (of all things) that such and such desktop looks "just like Windows" and even the Control Panel is starting to mimic the one we are used to when running the operating systems from Microsoft. On the other hand, I realize that the current desktop metaphor as we know it was not invented by Microsoft, but rather by Xerox, and then improved upon by Apple and Microsoft, among others, and perhaps the reason why we have stuck to it for so long is because it just makes sense. After all, shouldn't we say that the design of today's cars has changed little compared to the ones we saw a century ago? They all have four wheels, an engine in the front or the back, the steering wheel, the trunk, the doors and seats. I'm just not so sure a 3D desktop, in spite of all its shock and awe, is what we need in order to revolutionize the computer market. We'll see. {link to this story}

[Fri Feb 20 19:59:14 CST 2004]

Microsoft made public last week that some of the source code of Windows NT and Windows 2000 has been leaked on the Internet. For the time being, it appears to represent around 15% of the total code, but since nobody quite knows how the code was leaked there is always the chance that the real amount may be much higher. In any case, this incident, which I have not seen widely publicized in the non-technical mainstream media, comes to prove the weaknesses of the security through obscurity approach to computer security. After the onslaught of Microsoft viruses threatening our networks in the past few months, incidents such as these do nothing but to emphasize the dangers of an infrastructure that relies on a single vendor who, on top of that, is well known for glueing together improvised features and patches in order to plug holes in a piece of software that was never supposed to scale this much in size. Now, with those lines of code out in the wild, we can only expect a new wave of even more vicious viruses to show up sooner or later. Sure, any software is bound to have bugs and security holes. However, I would ask a simple question to all those who have invested their future (and millions after millions) in Microsoft's software: do you even know if those 13.5 million lines contain key components of the operating system? Since you do not have access to the code, what guarantee do you have that you are not just purchasing .Net applications (or anything else) that are based precisely on that code that was leaked? The incident should definitely makes us all pause and reflect a little bit about the status of our computing infrastructure. {link to this story}

[Tue Feb 10 20:28:09 CST 2004]

Reading an article about how Sun has taken the Linux plunge I came across the words of an independent software vendor in Toronto that rang a bell:

When I last used Solaris, I had to load about 100 free or open-source packages onto it just to make it useful. The GNU C Compiler and other GNU programming tools are far easier, at least for me, to work with than Sun's proprietary C compilers, and other tools, and the same goes for the GNU shell and every other GNU piece of software I could find. By the time you load all that stuff onto Solaris, it's Solaris that looks like the poor cousin.

If anybody needed to be explained why Linux is eating the commercial Unices for lunch, this gentleman just did. It goes well beyond the price of the product, its feature set, not to talk about issues such as scalability or stability. It is way easier than that: it all boils down to applications and, above all, standardization. While the commercial Unices are still fragmented in a myriad different flavors, the GNU tools offer a common, well known, standardized environment that anybody can work on. What is the first thing I did when I went to work for SGI? I installed bash and as many GNU tools as I could to make my old Indy running IRIX as easy to work with as possible. Sure, you could argue I came from the Linux/opensource camp already, but how about the rest of co-workers? Well, they did just the same, and added GCC, WindowMaker, Pine, mutt, emacs, fetchmail, Gaim and as many opensource tools as they could find in SGI's freeware website. Let's face it. The battle is over, and everybody knows who the winner is. {link to this story}

[Sun Feb 1 14:43:38 CST 2004]

Although Red Hat recently announced it was discontinuing support for Red Hat Linux 7.x and 8, users of those versions do not necessarily have to left out in the dark. Fedora Legacy offers an option. Their download section contains updates for each one of these versions that has been discontinued so far, and according to their documentation it is perfectly possible to automate the process by using tools such as apt or yum. So, needless to say, the Fedora Legacy project is a godsend to all those who were worrying about Red Hat's latest strategic move to get out of the low-end market. Yet, I consider there are still quite a few questions that remain unanswered in this saga, chiefly the one about support plans and policies. Unlike in the case of Debian or Gentoo, Fedora Legacy does not appear to clarify how long will they maintain older releases. Yes, I understand this could also mean that versions of the distribution that reached an end of life status a long time ago may still be around and kicking, and that definitely benefits you and me, the end users. However, taking into account that this is a community based project (and therefore no different than the other ones I just mentioned) with limited resources, one has to wonder how many different releases will they be able to support at any given time, as well as how and when do they plan to announce that they will stop maintaining backports. This is especially important in the case of security fixes, of course. I suppose what I am trying to say is that there is a serious risk here for the Fedora community to overreach and attempt to grasp far more than they can, and it may still make sense for system administrators to consider other choices such as Debian, Slackware, Gentoo or the BSDs. As newer and newer versions of the applications are released it is just common sense to assume that it will become harder and harder to backport the security pacthes, and sooner or later Fedora Legacy will run into this very human limitation. {link to this story}