Here are OSDL CEO Stuart Cohen's answers to your questions, many of which were spurred by the recent release of an OSDL co-sponsored Linux TCO study (that anti-open source commentator Rob Enderle has already/inevitably questioned).

tachijuan asks: "My job allows me too meet many technically inclined people. Invariably we get to talking about our home setups. I've run across some very sophisticated setups. Some people I've met have enough computing and storage resources to have themselves classified as large data centers. They run this at home, and usually just for the hell of it. How do the setups of Slashdot readers measure up?" How many pieces of networked digital equipment do you have at home?

bubba451 writes "MacRumors reports on what may be the first virus to affect Mac OS X, disguised as screenshots for the upcoming Mac OS X 10.5 Leopard. From the report: 'The resultant file decompresses into what appears to be a standard JPEG icon in Mac OS X but was actually a compiled Unix executable in disguise. An initial disassembly reveals evidence that the application is a virus or was designed to give that impression.' The virus is said to also spread via Bonjour instant messaging." Update: 02/17 00:09 GMT by P : This is not a virus, it is a simple Trojan Horse: it requires manual user interaction to launch the executable. See Andrew Welch's dissection.

OSNews has an interesting editorial about security on UNIX-like systems. "One of the biggest reasons for many people to switch to a UNIX desktop, away from Windows, is security. It is fairly common knowledge that UNIX-like systems are more secure than Windows. Whether this is true or not will not be up for debate in this short editorial; I will simply assume UNIX-like systems are more secure, for the sake of argument. However, how much is that increased security really worth for an average home user, when you break it down? According to me, fairly little"

An anonymous reader writes "IBM is about to announce a major update its pSeries Unix servers, according to a story on IT Week's site. The story quotes an IBM source, who said the new servers will use IBM's Power5+ chip."

You posted a lot of great questions for Mike Nash last week, and he put a lot of time into answering them. As promised, his answers were not laundered by PR people, which is all too common with "executive" interviews with people from any company. Still, he boosts Microsoft, as you'd expect, since he's a VP there. And obviously, going along with that, he says he likes Microsoft products better than he likes competing ones. But this is still a great look into the way Microsoft views security problems with their products, and what the company is trying to do about them.

Anonymous Coward writes "Xming has been released with latest Xorg X11R6.9. Xming is a Free Software port of the X Window Server to Microsoft Windows. It shares the same source code base as Cygwin/X but does not depend on the Cygwin environment or cygwin1.dll. Xming is a fully featured X Window Server that is very simple to install and use interactively. Xming X Server for Windows, is made from Xorg (X11R6.9), and a patch bundle, cross-compiled with MinGW and Pthreads-Win32 For MS Windows users who have never tried Linux this could prove to be the easiest way when used with Microsoft Services for Unix (SFU) or coLinux."

Slashback tonight brings some corrections, clarifications, and updates to previous Slashdot stories, including Stallman's comments on GPLv3, Firefly fans clinging to hope, sentence handed down in student felony webpage refresh case, GP2X GPL issues resolved, Korean cloning scientist may get to keep his patents, Apple changes their tune for iTunes ministore, and much more -- Read on for details.

mikeballer asks: "We currently run our website from a shared hosting environment, with ASP and MS SQL Server. We will be moving to a dedicated host, and to save money, we are considering transitioning to MySQL while remaining in a Windows environment. I had read the Windows-vs-Unix section of the MYSQL documentation, but what is Slashdot's perspective on the performance of MySQL in a Windows environment?"

An anonymous reader writes "If you are a security developer and need to interface a Java application with the local operating system user registry, what do you do? IBMDeveloperWorks gives you the answer: 'UNIX/Linux PAM (Pluggable Authentication Module)-compatible systems that use authentication based on the GNU MD5 extensions to the crypt() system call. It will describe these extensions and show you a Java implementation of MD5 crypt (using FreeBSD as my UNIX).'"

B Man asks: "I have been working in IT related jobs since 1994, and in that time, I have held the following positions: Security Administrator, Systems (Linux) Administrator, Network Engineer, Computer Consultant, and Project Manager. Almost all of my experience has been in medium sized businesses, but mow I have come to be in the situation of having two job offers that would be in totally different environments, and I am at a crossroads. My choices are: a position which allows me to work with cutting edge technologies, being the main technical contact to a Fortune 10 company; or a position in a higher education facility, in the Unix Administrator role. Both jobs have their good and bad points, but I would like to hear which one Slashdot readers recommend, and why."

Slashback tonight brings some corrections, clarifications, and updates to previous Slashdot stories, including a possible release date for the long awaited Optimus keyboard, yet another extension in the Blackberry court case, lakebed theory on Mars possibly all wet, US-CERT statistics perhaps not all they are cracked up to be, stem cell investigation reveals papers were faked, the FTC objects to the Netflix settlement, and a new Crossover Office fixes the WMF exploit among other things. Read on for details.

Will Wilkinson writes "Jaron Lanier's recent essay, The Gory Antigora: Illusions of Capitalism and Computers, kicks off a discussion of 'Internet Liberation: Alive or Dead?' at the Cato Institute's new blogazine, Cato Unbound. In Lanier's essay today, find out how the 'brittleness' of software has kept the Internet from realizing its potential as 'a cross between Adam Smith and Albert Einstein; the Invisible Hand accelerating toward the speed of light.' Also, find out why, upon meeting Richard Stallman, Lanier's reaction was: 'An open version of UNIX! Yuk!'"

ooglek asks: "FM radio seems to be falling out of favor, with many stations putting their streams online. Unfortunately, many choose bad codecs and low bandwidth feeds, which make them practically unappealing. There seem to be a fair number of PCI-based TV Tuner cards that come with a built in FM receiver, and I'm interested in what it might take to stream my local FM stations to the Windows, Unix and Mac boxes in my house over my LAN, as well as my TiVo and Slim Devices SqueezeBox. Is this merely a pipe-dream?"

Joe Barr writes "Joe Brockmeier and I have teamed up in a story on NewsForge to point out how the mainstream and trade press misrepresent the annual summary of vulnerabilities from US-CERT. They're doing it again this year to make it appear as if it is more secure than UNIX/Linux. Pamela Jones did a similar report at Groklaw over the weekend." From the article: "One figure represents the vulnerabilities found in Windows operating systems: XP, NT, 98, and so on. The other represents a total figure not just for Solaris, AIX, HP-UX, the BSDs, and Linux, but for a hundred different versions of Linux. The sum of all the unique vulnerabilities from all the Linux distros does not equate to the sum of vulnerabilities in any single Linux distro, and one could say the same about the various versions of Windows. That's why it is a completely meaningless exercise to discuss those totals as if they present an accurate picture of the relative security of Windows and Linux. " We've reported on the US-CERT list already this year. NewsForge is a sister site to Slashdot.org, both of whom are owned by OSTG.

rm69990 writes "According to Groklaw, SCO now seeks to amend their complaint against Novell. SCO says it 'seeks leave to file a Second Amended Complaint in significant part in consideration of the counterclaims that Novell asserted in its Answer and Counterclaims.' SCO now accuses Novell of infringing SCO's copyrights by distributing SUSE Linux, of breaching a non-compete clause between the two companies, and SCO is also asking for specific performance forcing Novell to turn over the Unix copyrights to SCO. So SCO is essentially admitting that Novell owns the copyrights at this point, but is saying that Novell breached the contract (that specifically excluded copyrights) by failing to transfer them to Santa Cruz."

BeanBunny writes "I realize that this topic is almost as volatile around here as Intelligent Design, but I think this is interesting nonetheless. US-CERT has released their year-end vulnerability summary. According to InformationWeek.com, Linux/Unix (including Mac OS) had almost three times the number of OS-specific vulnerabilities reported last year compared to Microsoft Windows. Obviously, statistics are meaningless without the proper conjecture, speculation, and opinionation, so let the debate begin again over which OS is really more secure."

An anonymous reader writes "Security researchers uncovered nearly 5,200 software vulnerabilities in 2005, almost 40 percent more than the number discovered in 2004, according to Washingtonpost.com. From the article: 'According to US-CERT...researchers found 812 flaws in the Windows operating system, 2,328 problems in various versions of the Unix/Linux operating systems (Mac included). An additional 2,058 flaws affected multiple operating systems.'"

greenBeard asks: "I work for a government contractor, and have recently convinced them to purchase a Beowulf cluster, and start moving their numeric modelers from Sun to Linux. Like most historically UNIX shops, they don't allow users even low-level SUDO access, to do silly things like change file permissions or ownerships, in a tracked environment. I am an ex-*NIX admin myself ,so I understand their perspective and wish to keep control over the environment, but as a user, I'm frustrated by having to frequently call the help-desk just to get a file ownership changed or a specific package installed. If you're an admin, do you allow your users basic SUDO rights like chmod, cp, mv, etc (assuming all SUDO commands are logged to a remote system)? If no, why don't you? If you allow root access to your knowledgeable users (ie developers with Linux experience), what do you do to keep them 'in line'?"

pgsqlDao writes "CRN is reporting that Oracle is joining IBM's AIX Collaboration Center. 'IBM announced the center Dec. 16 as a $200 million investment where it will centralize AIX development, customer relations and advanced features for independent software vendors. While the figure represents existing salaries and equipment drawn together under one roof, it also represents some shift in emphasis by IBM from Linux back to its mature Unix operating system.' In November Oracle announced that it has chosen Solaris 10 as it's preferred development and deployment platform for X64 computing."