Date: Tue, 17 May 2005 10:37:50 -0400 (EDT)
From:"Linux Pipeline Newsletter" <>
Subject: [LXP] Linux Pipeline - 05-17-2005 - The Fix Is In For Firefox Linux Pipeline Newsletter | The Fix Is In For Firefox | 05.17.2005
Linux Pipeline Newsletter
Tuesday, May 17, 2005

In This Issue:
  • Editor's Note: The Fix Is In For Firefox
  • Top Linux News
        - Mozilla Swats Firefox Bugs With Fast Fix
        - Novell Boosts Linux Security Push With Immunix Purchase
        - IBM Will Promote Desktop Shift From IE To Firefox
        - More News...
  • Editor's Picks
        - Phone Wars: Mobile Vendors Fight For The Future
        - Sun Welcomes Open-Source Java Effort
        - Vulnerability Assessment: Hit Yourself Where It Hurts
        - More Picks...
  • Voting Booth: Your 64-Bit Future
  • Get More Out Of Linux Pipeline
  • Manage Your Newsletter Subscription

    ------- Advertisement -------------------
    Join Optimize for a FREE, on-demand TechWebCast on Business Productivity and IT Excellence: Experts in business management will delve into the drivers for understanding the IT productivity gap and lay out strategies for business technology executives. Register and View Today.


    Editor's Note: The Fix Is In For Firefox

    This week, the open-source world showed off the very best and very worst it had to offer. And not only did the good guys win this round, they came off looking awfully good in the process.

    Our story begins last weekend, when a group of Mozilla developers and security researchers got a quick, extremely unwanted lesson in how not to keep a secret. The result? A pair of absolutely hideous--and at the time unpatched--Firefox security exploits that left 50-plus million people with virtual "kick me" signs taped to their computers.

    Security bugs being what they are, the important thing to remember here is that it ain't what you got, it's how quick you fix it. In this case, Mozilla had a patch ready on May 11, just three days after news of the exploit leaked.

    Perhaps the best way to assess the impact of this whole affair is to weigh the fallout on Mozilla's image and Firefox's reputation. In this case, as far as I can tell, there isn't any; the patch was released without a single recorded case of bad guys taking advantage of the exploit. Eventually, that would have changed, and we'd all be up to our necks in "fallout." But as it turned out, the silence from the popular press is deafening and extremely welcome, since the alternative would have been an endless, pointless speculation about what "went wrong" with Firefox.

    Mozilla proved once again this week that the open-source development model, in the right hands and with the right talent at its disposal, can rise to any occasion. If these folks get any better at turning PR disasters into photo opportunities, they'll have conspiracy-nut types mumbling that maybe they're just a little too quick to get patches out the door. All things considered, I'll take that over the alternatives.

    Matthew McKenzie
    Editor, Linux Pipeline

    Keep Getting This Newsletter
    Don't let future editions of Linux Pipeline Newsletter go missing. Take a moment to add the newsletter's address to your anti-spam whitelist:

    If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. Thanks.

    Top Linux News

    Mozilla Swats Firefox Bugs With Fast Fix
    Mozilla releases an update for both Firefox and its Mozilla suite just a few days after a news leak reveals two potentially dangerous security bugs--and before attackers have a chance to take advantage of the exploits.

    Novell Boosts Linux Security Push With Immunix Purchase
    Novell continues to refine an already highly-regarded Linux security strategy, buying a firm that makes software designed to identify, unmask, and contain application-level security threats.

    IBM Will Promote Desktop Shift From IE To Firefox
    With a company-wide migration to Linux on the horizon anyway, Big Blue decides there's no time like the present for its 300,000 global employees to begin the move away from Internet Explorer and onto the Mozilla Foundation's open-source alternative.

    Novell Linux Suite Caters To Small Firms
    It's no surprise that Novell's first Linux offering for small businesses has a competing Microsoft Windows product squarely in its sights. But it may even lure customers away from the company's own NetWare products with the promise of a smooth Linux migration path.

    Is Star Wars Fever In Your Future?
    The Dark Side apparently takes a lot out of a person.: The Thursday premier of George Lucas' final Star Wars installment, "Episode III, Revenge Of The Sith," will cause a mini-epidemic of worker absenteeism, costing businesses $626 million in lost productivity, according to one firm's estimates.

    New Yahoo Music Service Wants To Play Developers' Tune
    Yahoo has unveiled a beta version of its new online music offering, which combines a low-priced marketing blitz with an open software architecture designed especially to encourage the creation of third-party plugins.

    Internet Explorer 7 Team's Tab Plans: Keep It Simple
    Microsoft employees working on the next version of Internet Explorer acknowledge that it was a mistake not to build tabs into IE earlier. And while the group may appear to be moving slowly, they promise an upcoming beta release won't put an end to their development plans.

    Microsoft, Sun Partner On Identity Specs
    Microsoft and Sun Microsystems on Friday unveiled a spec for Web-based single sign-on, creating a shared identity standard for Sun's open-source Solaris 10 and Java Enterprise System platforms, as well as for Microsoft's Windows Server product line.

    Project Extends Open-Source To Enterprise Portals
    Metadot, a commercial venture based on a GPL-licensed, open-source code base, is emerging as a powerful, low-cost alternative for small and medium-sized firms that need a portal server for their Web applications or intranet tools.

    Linspire, Micro Center To Offer Pre-Installed Linux PCs
    The retail chain will offer Linspire's Five-0 Linux distribution as a pre-installed option for some new PCs and laptops, along with its usual retail Linspire packages.

    Sun Snatches Thin-Client Software Maker Tarantella
    Sun gives its utility-computing strategy a boost, purchasing Tarantella, a prominent but increasingly troubled developer of software for accessing server-based applications.

    Firm Wants Web To Forget Its Unsavory Past
    A company called Spam Arrest complains that it's having trouble escaping its past association with junk-email marketing. Now that Spam Arrest cleaned up its act, it wants several other sites to follow suit and remove references to its unsavory past.

    Editor's Picks

    Phone Wars: Mobile Vendors Fight For The Future
    The battle over converged devices such as smartphones will decide the future direction of the entire mobile market. It's a high-stakes fight--and any of the contenders, including a thriving mobile Linux market, could still come out on top

    Sun Welcomes Open-Source Java Effort
    A group of developers proposes an Apache Foundation-sponsored project to create an open-source version of Sun's J2SE desktop Java platform. Not only have Sun executives endorsed the project, but say the company might even lend a hand.

    Vulnerability Assessment: Hit Yourself Where It Hurts
    A vulnerability assessment allows you to find network weaknesses before attackers do--and a variety of quality, open-source tools are available to help you do the job.

    Job One for IT: Figuring Out What Job One Is
    Why, asks Dave DeJean, does it surprise us that just when we think we're beginning to get a handle on what needs to be done, it changes?

    Maureen O'Gara's Recipe For Disaster: Big Mouth, Empty Hands
    Sure, Maureen O'Gara's "expose" of Groklaw author Pamela Jones was sleazy and mean. But when Maureen failed to deliver even a shred of credible evidence to support her attack, Mitch Wagner asserts, she finally crossed the line for good.

    Vivisimo Velocity 4.2--Your Search Is Over
    This Linux-based search engine has all the right answers--and helps you lose your worries over multiple platforms, expensive taxonomies, or time-wasting dead-end search results.

    Voting Booth: Your 64-Bit Future Vote

    Cast Your Vote Now!
    This week, we're continuing our poll on your experience so far using 64-bit systems, either in production or on test systems. We pay good money to rig our elections, so get over there, and make it look good!

    Poll Results:
    The results so far: If our deceptively scientific-looking poll is any indication, companies pushing 64-bit technology as the wave of the future better start pushing harder: A majority of you aren't even experimenting yet with 64-bit hardware or Linux distros.

    Get More Out Of Linux Pipeline

    Try Linux Pipeline's RSS Feed
    Linux Pipeline's content is available via RSS feed: Get RSS link. The feed is also auto-discoverable to many RSS readers from the Linux Pipeline home page. Note: RSS feeds are not viewable in most Web browsers. You need an RSS reader, Web-based service, or plug-in to view RSS. Find out which RSS readers the Pipeline editors recommend.

    Check Out Our Linux Product Finder
    Don't reinvent the wheel. Find the right off-the-shelf product to do the job. How do you find the right one? Two words ... Product Finder:
       - Desktop Applications
       - Application Servers
       - Commercial Linux Distributions
       - Network Management
       - Web Servers

    Discover All The Pipelines
    Linux Pipeline is part of a large series of specialized IT sites from the TechWeb Network. Find out more about the Pipelines on the TechWeb Network Pipeline Publications page. Every Pipeline site has its own newsletter. Give them a try!

    Recommend This Newsletter To A Friend
    Do you have a friend or colleague who might enjoy this newsletter? Please forward it to him or her and point out the subscription page.

    ------- Advertisement -------------------
    Join Optimize for a FREE, on-demand TechWebCast on Business Productivity and IT Excellence: Experts in business management will delve into the drivers for understanding the IT productivity gap and lay out strategies for business technology executives. Register and View Today.


    Manage Your Newsletter Subscription

    We take your privacy very seriously. Please review our Privacy Policy.

    Linux Pipeline Newsletter
    A free service of Linux Pipeline and the TechWeb Network.
    Copyright (c) 2004-2005 CMP Media LLC
    600 Community Drive
    Manhasset, NY 11030