To:"Mike Swier" <mswier@YAHOO.COM>
Date: Tue, 13 Apr 2004 20:53:37 -0400 (EDT)
From:"Linux Pipeline Newsletter" <>
Subject: [LPN] Linux Pipeline Newsletter - 4.13.2004 - Security
Tuesday, April 13, 2004

In This Issue
1. Editor's Note
  - Wotta Maroon
  - Who Said "Enemy Of My Enemy Is My Friend"?
2. Only The Best Linux And Open-Source News
3. Trends: Google Challenges Microsoft Monopoly
4. Trends: Microsoft Trying Soft Sell To Beat Open Source
5. Trends: Special Report: Sun-Microsoft Alliance 
6. How-To: One Server Nearly Does It All
7. New! Voting Booth: Cast Your Vote On The Sun-Microsoft
8. Voting Booth Results: The European Union's Anti-Microsoft
Decision Irrelevant To Linux
9. Shameless Self-Promotion
10. To Unsubscribe And Subscribe

------- Advertisement -------------------

This issue sponsored by HP. HP technology,
services and solutions help the world's great
companies face, manage and love change.




Dan O'Dowd, CEO of Green Hills, a real-time operating system
vendor, is not content to simply be ignorant about open source.
He had to make a speech and put out a press release to make his
ignorance known to the entire world. 

O'Dowd made a speech Thursday, April 8, at an industry
conference, charging that if we use Linux to control our most
advanced defense systems, foreign intelligence agents and
terrorists will be able to use that knowledge to subvert national

Linux Called "Insecure" For Defense Systems

Like many businesspeople who work in the world of proprietary
software, O'Dowd is terrified of open source because it's
entirely transparent. Anyone can contribute to the source code.
O'Dowd's fear is that hostile agents will be able to slip Trojan
horse code into the Linux development process. 

What O'Dowd and other critics of the open source process simply
don't get is that the same transparency that allows anyone to
contribute to open source allows anyone to review it. 

Sure, if you don't install metal detectors at the entrance to
your building, anybody can sneak a gun into the building by just
slipping it into their pocket. But if you're running a nudist
colony, there are other factors at work enhancing security. 

In other open source and Linux security news this week:

Four Linux distributors, including Red Hat and SuSE, took issue
with a recent report by Forrester Research comparing the security
of Linux and Windows. 

Linux Vendors Challenge Forrester Security Report

A volunteer-run, open source database of vulnerabilities in both
open source and proprietary software went live.

Free Internet Security Database Goes Live

And Progeny said it plans to provide security updates for Red Hat
9 on May 1, the day after Red Hat itself plans to discontinue
support for the operating system. 

Progeny To Provide Security Patches For Discontinued Red Hat

The Progeny program is an example of where open source security
can be more secure than proprietary software. If a company
decides to stop supporting its own open source product, another
company can gracefully pick up the slack, because the source code
is available to all. Whereas if a proprietary vendor, such as
Microsoft, decides to stop supporting old versions of its
software, you are, in the words of Marshall, the stammering nerd
from TV's "Alias," "fuh-fuh-fuh-- screwed."


Several people wrote in to respond after I said last week that
I'd been unable to track down the source of the saying, "The
enemy of my enemy is my friend." Responses broke down like this:

- Nine people said it's an old Arab proverb, including one who
said it was also used in the Godfather movies, another who said
it might be Bedouin, and another who said it was either Arab or

- Four people attributed it to "The Art of War," by Sun Tzu. 

- One person attributed it to something called the "Arthasastra,"
which appears to be a reference to the Kautilyas Arthasastra, an
ancient Indian manual of statecraft. 

- One person said the quote came from the "Stargate SG-1" TV

--Mitch Wagner, Editor
Linux Pipeline

For more commentary and links from Mitch Wagner, see Wagner's


Free Internet Security Database Goes Live
The Open Source Vulnerability Database is monitored by volunteers
who list vulnerabilities culled from security mailing lists.
It'll cover all platforms, not just open source software.

Sun Says Microsoft Alliance No Paper Truce
Linux Called "Insecure" For Defense Systems

Linux Vendors Challenge Forrester Security Report

Sun Rolls Out Free Java Application Server 8
Microsoft's Ballmer Has (Some) Nice Words For Open Source

Itanium-Based NEC Server Test Screams For Oracle, Linux
Electronic Voting Machine Software Open For Examination

Sun Ships Solaris 9 Update, Unveils Solaris 10 Linux Project
Sun: Microsoft Deal Isn't Anti-Linux
Legal Pressure Pushes Lindows To Change Name

Progeny To Provide Security Patches For Discontinued Red Hat
Oracle And Dell Take Aim At Midsize Businesses

Gumstix Ships Mini Linux Computers
Microsoft Posts First Source Code Under Open Source License

PolyServe Introduces Storage Clusters For Linux Datacenters -
EU Backs Up Its Microsoft Ruling

3. TRENDS: Google Challenges Microsoft Monopoly
Google's vast array of Linux servers is becoming a huge computer
with a custom operating system that everyone on Earth can have an
account on. The company could threaten Microsoft's monopoly -- if
it can overcome privacy concerns.

4. TRENDS: Microsoft Trying Soft Sell To Beat Open Source
Microsoft CEO Steve Ballmer actually praised open source this
week, and the company released software under an open source
license. That's a long-way from recent fire-breathing attacks.

5. TRENDS: Special Report: Sun-Microsoft Alliance
Sun Microsystems' and Microsoft's $2 billion alliance will likely
have a big affect on the Linux community, as it allies one of
Linux's biggest enemies with a company that has been both a big
enemy and a big friend. Here's a wrap-up of our coverage to date,
including a Q&A with Microsoft CEO Steve Ballmer and Sun chairman
and CEO Scot McNealy.

6. HOW-TO: One Server Nearly Does It All
Review: The Axentra OfficeSeries Server S-200 provides small-
business security and network connectivity in a single, Linux-
based appliance.

7. NEW! VOTING BOOTH: Cast Your Vote On The Sun-Microsoft
Is the Sun-Microsoft alliance anti-Linux?

8. VOTING BOOTH RESULTS: The European Union's Anti-Microsoft
Decision Irrelevant To Linux
Most respondents to our Voting Booth reader poll said the
European Union's anti-Microsoft decision will be irrelevant to
Linux adoption.


Learn About Systems Management And Utilities Products In Product 

For other Product Finder product categories, browse or search the
database from its home page:

Check Out The Linux Pipeline Topic Centers

Core Linux:


Enterprise Open Source:


Tell A Colleague
If you know a colleague or co-worker who might be interested in
signing up for this newsletter, please forward it to him or her
and point out the subscription page:

Have You Discovered The Other Pipelines?
Linux Pipeline is one is a series of specialized IT sites you
might like. Here are the others, and you can expect more in the

Enterprise Apps Pipeline
Biz Intelligence Pipeline
Compliance Pipeline
Desktop Pipeline
Developer Pipeline
IT Utility Pipeline
Mobile Pipeline
Networking Pipeline
Security Pipeline
Server Pipeline
Small Business Pipeline
Storage Pipeline
Web Services Pipeline

Every Pipeline site has its own newsletter and RSS feed. Give 
them a try.

------- Advertisement -------------------

This issue sponsored by HP. HP technology,
services and solutions help the world's great
companies face, manage and love change.


Subscribe To The Linux Pipeline RSS Feed
Linux Pipeline is now available as an RSS feed

You'll need specialized software, called a news aggregator, to 
view the preceding link. To find out more about RSS and news 
see here

Privacy policy:

The Linux Pipeline Newsletter
Copyright (c) 2003-2004 CMP Media LLC
600 Community Drive
Manhasset, NY 11030