generationxyu writes "D. J. Bernstein, better known as DJB, has announced the discovery of 44 security holes that were found by students in his course MCS 494: Unix Security Holes this fall at the University of Illinois at Chicago. Vulnerable programs of note include: CUPS, NASM, mpg123, MPlayer, xine-lib, and numerous others. Copies of the notification emails are here. The homework for the course was to find and exploit 10 previously undiscovered security holes in currently deployed Unix software. In a class of 25, 44 security holes seems a bit low. Most of the class failed. I was credited with bsb2ppm (actually libbsb) and jpegtoavi. After 300 hours of work and an A average on the exams, I expect to fail the course."

A not-so anonymous Anonymous Coward puts this tough issue up for discussion: "There seem some more determined efforts underway currently in some corners of the KDE project to port substantial parts of the software stack to the MS Windows platform. These efforts are now met by fierce resistance on the part of some of their core developers. Aaron J. Seigo summarizes his reasoning in his blog: 'If the applications people want are available on Windows, they will tend to stick with Windows...by porting software to Windows, we eliminate the majority of the competitive advantage of Free Software desktops in the eyes of the overwhelming majority of consumers while Microsoft has all the rope they need to shut the door once again on us ... Free Software desktop applications on Windows represent a no-win situation for Open Source, but Open Source desktops on Free Software operating systems do.'" (Read more below.)

SilentChris writes "Good article over at CNet regarding Microsoft's internal IT practices. Some intriguing statements from the CIO, from the obvious ('It's an easy choice for me--to run Microsoft technology. We don't run Unix. We don't run Linux. We don't run Oracle.') to the not-so-obvious ('Our users are the admins of their machines. They can load whatever software they want on their machines, but we do audit the network continuously.') I wonder how much time is spent combatting spyware?"

twener writes "Version 3.7 of the bootable GNU/Linux Live CD Knoppix has been released and is available via Bittorrent or on the Knoppix Mirrors. Some of the new features are lots and lots of package updates including KDE 3.3.1, Kernel 2.4.27 + 2.6.9 (w/ ACPI), Java security update (1.4.2_06) and more supported graphics cards."

Uberhacker.Com writes "HP has given up on trying to bring key parts of Compaq/DEC's Tru64 operating system into HP-UX. They had once planned for the Tru64 goodies to arrive this year and made a big deal of this quick turnaround when it first acquired Compaq. Ironically, HP also announced today that it is expanding its Alpha RetainTrust program for Tru64 UNIX customers." The linked article also notes that HP has decided that it will proceed forward with purchasing some of the technology from Veritas.

slipandfall asks: "I just started work at a 100% Windows shop (no chance of changing this) and would love to implement Bugzilla for issue tracking but statements like this - 'Making Bugzilla work on Windows is still a painful processes.' in the OS-Specific installation notes don't make it seem reasonable. Since there is no chance of using Linux/UNIX here, can I get people's experiences using Bugzilla on Windows or experience with a tool (open source or not) on Windows with similar notification, discussion and issue tracking features?"

Fahrenheit 450 (William D. Neumann) writes "Developing Applications With Objective Caml was originally published in French by O'Reilly, and later translated into English by a group of volunteers (note that the reviewer was a volunteer proofreader during the translation effort), and graciously made available online as HTML or PDF at the Caml website. For those not familiar with Objective Caml (or OCaml, as it is commonly called), it is a strongly, statically typed (but don't be thinking about Pascal-style typing), eagerly evaluated language with a functional core that also offers many imperative programming features. OCaml also has full support for object-oriented programming that fits in completely with OCaml's strong type system. On top of that, OCaml code can be interpreted for simple scripting, compiled to bytecode for portability, or compiled to native code for speed and resource utilization that rival even that of Intel's C++ compiler. Intrigued?" If so, read on for the rest of Neumann's review.

davidwr writes "Groklaw has the newly-released-previously-secret 1994 Berkeley/UNIX Systems Laboratories settlement which gave rise to BSD4.4(Lite) (as pdf and text with commentary). This may have an impact on the SCO vs. Linux war."

sympleko (Matthew Leingang) writes with his review of Running Mac OS X Panther, by James Duncan Davidson. "The Macintosh has come a long way in twenty-plus years. Much has been said of Mac OS X being the perfect union of a rock-solid operating system with a beautiful and functional user interface. Since the iMac, Apple's market share has been steadily increasing, and since OS X, Unix users have been making the switch. My last computer was a dual-boot box that I kept finding excuses to keep from booting to Windows. My PowerBook is literally the best of both worlds. I can run the older unix-based apps I need to for work, and use Microsoft programs and play fancy games when I want. It's also essentially two different computers. This book is about using that second computer, the workhorse behind the scenes." Read on for the rest.

Craig Maloney writes "I'm skeptical whenever a publisher uses the words 'Definitive,' or 'Complete,' or (especially) 'Ultimate' in the title of a computer book. Sadly, the typical book so labeled is a jumble of incomplete ideas crammed together with very little depth. Worse, some books do little more than re-print the various command-line switches for the application. Michael Kofler's The Definitive Guide to MySQL (2nd ed.) is just the opposite. There're still lots of ideas crammed inside of the book, but they're carefully explained and expanded. The book weighs in at a hefty 802 pages, with very little fluff. " Read on for the rest of Maloney's review.

pariahdecss asks: "I have just been hired as the webmaster for local college. The website for which I am responsible is hosted 'in-house' and controlled by the college. The server box does not have any other production systems on it besides my website. The website that I have inherited is driven by an amalgam of Embedded Perl and PostgreSQL. Now to the politics...the UNIX Administrator does not want to give me root access to this box. What have others done when faced with this type of systems politics? Is it even possible to function as a full scale webmaster without root access to the box you serve from?"

Daniel Shefer writes "Joel on Software is a collection of essays from the Joel Spolsky's Joel on Software web log. Spolsky is also the author of User Interface Design for Programmers (previously reviewed on Slashdot) and is the principal of Fog Creek Software. In this book, Spolsky distills his technical knowledge, wit, and years of experience into an engaging collection of essays on programmers, programming and the software world. Spolsky covers everything from the technical aspects of writing code to software project management, and even offers insights into software marketing." Read on for the rest of Shefer's review.

rocketjam writes "CNET is running a long question-and-answer format article which takes an in-depth look at the relationship between Microsoft and SCO and the financial support SCO has received both directly and indirectly from Microsoft in their ongoing litigation alleging that Linux violates the intellectual property rights they claim to hold on UNIX. The article details the money Microsoft has paid to SCO to "license" UNIX as well as the role they played in BayStar's $50 million investment in SCO in late 2003. Microsoft paid SCO $16.6 million for a UNIX license. The only other company that has come close to paying SCO that much money for a license is Sun, who paid $9.3 million to license UNIX for their Solaris operating system."

sympleko (Matthew Leingang) writes "In Neal Stephenson's manifesto In the Beginning was the Command Line , he writes about his favorite command-line utility: wc. As simple as can be, wc counts characters, words, and lines in a file. There's no GUI analogue, perhaps because anybody tempted to make one would add too many "features" that cluttered its ease of use. Think: do you know how to count the words in a Word file? BBEdit is a little easier, if you know the button to click." Read on for Leingang's review of Learning Unix for Mac OS X Panther, which seeks to reconcile the conception of user friendliness in OS X's Aqua with the sometimes-denigrated command line.

ajs writes "In November 2002 everyone who wasn't Red Hat was gathering behind a banner that many thought would spell the beginning of a new chapter in the Unix Wars. That banner was called United Linux. Much has changed in the Linux world since then, and some Founding Partners in the United Linux camp have decided that there are other ways to change the market. Thankfully there are more level headed members of that group. Today, we're not so focused on the differences between Linux distributions, Sun's rants, the aforementioned lawsuits and ever-present, market-gobbling Microsoft keep everyone focused and united enough as it is, and United Linux has begun to fade into memory. So what has United Linux done? Well, it unified three distributions at least, focused attention on Linux standards and made hardware vendors feel a bit less lost when writing drivers for Linux, so it wasn't all a loss. Alas, according the the United Linux site, "There are no plans for a version 2.0 at this time.""

mattOzan writes "Groklaw is reporting that Novell has just filed a reply with an exhibit in support of their motion to dismiss SCO's complaint. The exhibit consists of "1995 minutes from the corporate kit of a meeting of the Board of Directors, which clearly and unequivocably say that Novell was to retain the UNIX copyrights in the sale to Santa Cruz that year."

An anonymous reader writes "The German iX magazine is probably the one targeting the most knowledgable audience of system administrators and 'IT professionals.' They focus on Linux, UNIX and Windows NT. For all those who are interested in the magazine but don't understand German, there's now a free English pilot issue available online."

KingDaveRa writes "Novell have just released Novell Linux Desktop. Its based on SuSE Linux, but is cut down quite a bit to just include essential apps - perfect for a corporate environment. Novell claim to not be going directly after Windows, but rather pushing this as legacy Unix users. The Register has a take on this too."

I spent several hours this week poring through Gordon Laing's beautiful book Digital Retro , and it's one I'm sure to return to at odd moments, the same way I like to flip through old copies of The Whole Earth Catalog. Digital Retro represents years of research into a 14-year stretch of personal computing history, distilling that effort into a work that is graphically appealing, but also an informative, informal historical look at the machines it celebrates (all 40 of them). Depending in part on what year you were born (and at what age computers entered the picture) you may recognize most of these machines, or only a few -- it's an equally fun read either way. Read on for the rest of my review.

Dr. Smeegee asks: "I recently set up an .ogg stream for beta testing, on a website chronicling my hometown's music scene in the 80's. I stream nothing but independent bands from the Evansville area. I chose IceCast using Ogg Vorbis for obvious reasons. The only problem is, I've been using ogg123 on BSD for so long, I didn't realize that streaming Ogg support is sketchy at best on the Windows and Mac platforms. Can anyone suggest good players? Or am I going to have to downgrade my sound and stream in .mp3?"