Archive | November, 2006

Novell turns to the dark side

OSNews links to a Register story: Perens: 'Novell Is the New SCO'. “Often cast as the peacemaker in free software disputes, Bruce Perens is on the warpath. When we caught up with him, he wasn't in a mood to be charitable to Novell.”

“Novell is violating the GPL,” he tells us. “It's up to the Free Software Foundation, which owns the copyright, to pursue this. But the FSF owns the C library and the compiler outright. There isn't much Novell can do without either.”

Subversion 1.4.2 released

From the Project RSS Feed for Project subversion“>subversion project comes the news Subversion 1.4.2 released.. “I'm happy to announce Subversion 1.4.2… You can find list of changes between 1.4.2 and earlier versions at: http://svn.collab.net/repos/svn/tags/1.4.2/CHANGES ” Sounds cool! Read the notes carefully for some cautions on working with differing versions of the clients and servers. The svnsync feature opens up some interesting opportunities to publish and subscribe, perhaps into a QA or backup repository.

Red Hat responds to Microsoft-Novell "protection" deal

InfoWorld reports “ Update: Red Hat spins Novell-Microsoft deal in its favor” with the killer quote “Linux has won.” Linux Watch reports “Red Hat spits on Microsoft/Novell patent assurances” where the Red Hat spokesman points to the several levels of “protection” and “assurance” Red Hat already provides. Over at TechTarget, Jack Loftus is reporting “ Red Hat: We will be here in one year, Novell will not” Haven't we been here before: Fear, Uncertainty and Doubt vs. The Facts? It'll be fun watching this play out.

Novell-Microsoft tumult begins

Anticipate every press outlet will have a lot to say about this:

GrokLaw: “I've collected for you a representative sampling of reactions to the unfortunate Novell-MS alliance. First, my own: this is apparently some kind of a covenant not to sue, not a true cross licensing deal. I think that's how they plan to step over and around the GPL.”

Novell FAQ: “Because open source software is developed in a cooperative environment, some have expressed concerns that intellectual property protections could be compromised more easily in open source. Today's agreement between Novell and Microsoft provides confidence on intellectual property for Novell and Microsoft customers.”

InfoWorld

MaryJo Foley: “Reality check: Microsoft isn't waving the white flag”

Bruce Perens: “The timing of this agreement is significant. Microsoft and Novell are said to have been working on this agreement for some time, and sped up its announcement to take attention away from Oracle's recent announcement and to further depress Red Hat in the stock market… This entire agreement hinges around software patenting – monopolies on ideas that are burying the software industry in litigation – rather than innovation. If we've learned one thing from the rapid rise of Open Source, it's that intellectual property protection – the thing that Open Source dispenses with – actually impedes innovation. And the Novell-Microsoft agremeent stands as an additional impediment.”

Microsoft becomes a SuSE reseller?

Wow. There'll be lots more to say about this: Microsoft and Novell made announcements this morning that seem to be a mutual exchange of licenses and patents that means that Novell will pay Microsoft to keep Microsoft from suing them for patent infringment. Microsoft will pay one-millionth of one percent of a loose change account for some support licenses to resell to its customers. Novell can use the money they're owed by SCO that SCO got from Sun and… Microsoft. Novell is playing a very dangerous game. And Oracle's threatening RedHat. Next players to make a move? Watch Sun and IBM.

IE7 Breaks Older QuickBooks

Over at Shedding Some Light, Rick Schummer blogs IE7 Breaks Older QuickBooks: “I use FireFox as my primary Web browser and really like it… A couple of weeks ago at Southwest Fox I learned a bunch of things about IE7 from Rick Borup. His session got me excited about some of the changes and new features. So I have been looking forward to the automatic update about to hit my machine. Then I accidentally ran across a blog from one of my technical partners about how IE7 breaks QuickBooks Pro. No email from Intuit (they hit me up with lots of offers to upgrade, but I guess this little detail was not that important, or I seriously overlooked it)… I use QuickBooks Pro to manage the accounting books here at White Light Computing. I have used this product for years to keep track of the hours I bill, invoicing, tracking accounts receivables, printing checks to my vendors and subcontractors, and reporting the financials to my wife and our accountant. I use this program all the time. It is almost as important to me on the administrative side of the business as Visual FoxPro is to the technical side of the business.”

Rick goes on to point out some work-arounds to prevent IE from “upgrading” itself and making your accounting system inoperable. Thanks for the tip, Rick!!!

Browser vulnerabilities get stealthy

Over at DDJ.com, they're reporting that “New Hacker Toolkit Cloaks Browser Exploits” No real surprise there – polymorphic browser exploits can avoid primitive signature detection techniques that just look for “DO BadCode()” in the payload. Code that runs in a browser has to run in a safer environment, like the “security sandbox” design of Java. ActiveX controls are just Windows executables that run with the permissions of the user. That won't work, no matter how many “digital signatures” or “Are you sure” dialogs MS layers on top of their insecure design. JavaScript isn't much better with the potential for downloadable JavaScript network scanners implying that every device on the network must be firewalled from every other.

There are no easy solutions in sight. Run with the least privileges practical. Firewall off unneeded services. Scan for unacceptable activity in memory and on disk. Turn off runtime capability in the browser except when needed – Flash, ActiveX, JavaScript and Java should only run with permission of the user.

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.