RealTime IT News

Blog Archives

IPv6 mandate hits U.S. government today

By Sean Kerner   |    June 30, 2008


By end of day today all U.S. government agencies are supposed to be IPv6 compliant to meet an OMB mandate that was announced back in 2005.

This doesn't mean that the government will be running IPv6 throughout its infrastructure -- but it does imply a degree of IPv6 readiness. That is the government's networking infrastructure will be proven capable of supporting and transmitting IPv6 across its entire backbone.

It's a big day for the U.S. government but as I wrote over on the main site in a commentary piece -- IPv6 for mainstream U.S. enterprises is still not a reality, not by a long shot.

Still today is a milestone date and one that moves the U.S in the right direction. How much more the government will do to accelerate IPv6 adoption both for itself and American enterprises will be very interesting to see in the weeks and months ahead.

Is ICANN insane? (or brilliant)

By Sean Kerner   |    June 27, 2008


It used to be that .com, .net and .org was all we had (and really needed) for Top Level Domains (Tlds). The plan now being floated at ICANN is to open up the TLD system - WIDE OPEN - such that anything could be a a TLD.

Under the proposed plan we could see TLDs like  .internetnews  for example (no .com required).  It won't quite be a full wild west where any schmo will have a TLD, ICANN will charge $ and need to approve the TLD, but it does change the basic dynamic that the Internet TLD system has operated under since the creation of the Internet itself.

"The potential here is huge. It represents a whole new way for people to express themselves on the Net," said Dr Paul Twomey, President and CEO of ICANN in a statement. "It's a massive increase in the 'real estate' of the Internet."

In some ways it's maddness, in my opinion.

Having an unlimited number of TLDs could lead to massive and widespread consumer confusion - after all most people are still stuck on adding .com to everything.  By moving from the relatively simple and controlled nature of having a relatively finite number of TLDs to an unlimited one may also make the process of figuring what to own and buy for domain owners insanely confusing and expensive.

Then again, breaking free of the current TLD shackles could be a stroke of pure genius.  Why do we need to always have to rely on .com anyways? Wouldn't it make sense just to go to  food.McDonalds instead?

BUT let's be real here. Though there are other TLDs beyond .com, .com remains dominant in terms of domains registered and mindshare. Shifting to a wide open TLD system might challenge that over time but it certainly won't happen instantly.

LiPS kisses LiMO's tailpipe for mobile Linux

By Sean Kerner   |    June 26, 2008


From the 'oooooooh what a surprise snicker ' files:

Two of the leading mobile Linux mobile standardization efforts are merging with LiPS (Linux Phone Standards) joining LiMO (Linux Mobile).

Well maybe merging is the wrong word since that might imply a union of equals. The wording used by LiPS in their press release is; "To support and to unify the growing momentum of Linux platforms in the global
mobile market, the Linux Phone Standards (LiPS) Forum announced that its
activities and membership will be folded into LiMo Foundation as of July, 2008.

So LiPS folds. Frankly I'm not surprised, they've had trouble since the start IMHO.

"We welcome the LiPS member community into LiMo
Foundation, augmenting the momentum, resources and expertise of our group," said Morgan Gillis, executive director, LiMo Foundation said in a statement. "The international and cross-industry scope of LiPS
Forum helps LiMo greatly in the global rollout of our platform, devices
deploying that platform, and creation of applications for it."

The collapse of LiPS is obviously related to the new pressure from Symbian going open source. With Nokia's new open source mobile OS. play having a fragmented Linux mobile community is not a good idea. The LiPS LiMO mobile divide had split the Linux community in some ways. Not that long ago I wrote about one vendor in particular - Trolltech (now coincidentally owned by Nokia...) that had moved from LiPS to LiMO. Though there will still be a split with the new LiMO and Google's Open Handset Alliance (Android).

Why the Linux Foundation itself can't get off its own tail and organize groups into one super mobile Linux standard group is beyond my simple comprehension. Then again, greed and individual vendor interests always tend to be front and center.

Still I think it makes a lot of sense to bring LiPS/LiMO together - though their respective standards were both different it makes sense to bring as many of the mobile Linux players together as possible to help promote the common goal of mobile Linux.

Cisco's SecondLife takes blogs offline

By Sean Kerner   |    June 25, 2008

From the 'conference calls sometimes are good enough' files:

Cisco CEO John Chambers held a press conference in SecondLife yesterday - I wasn't there.

I had intended on being there. I tried to be there. But SecondLife isn't nearly as easy to use as a simple conference call. Worse yet, Cisco had planned on offering the event up as feed on their blog, but during the course of their SecondLife conference,  their blog system was down.


First I tried to connect to the conference by way of a SLurl
(SecondLife URL) but though I have used SecondLife before something had
mysteriously corrupted my install so the SLurl did not launch me to the
SecondLife world.

So an re-install of SecondLIfe became necessary (and that's a time consuming process...try it you'll see).


So with SecondLife installing on one machine I attempted to watch the feed
on the Cisco blog on a second machine (i've always got a spare machine ready to go..)...but the blog was down for what I counted as 44
minutes between 2 PM ET and 2:45 PM ET.

I got different error screens over the 45 minutes period - ranging from site not available to the database error screen (captured left).

By the time I finally made it, 'in-world' the conference was over.

So what's the lesson here?

Well if you want to get into a SecondLife conference make sure your installation is up to date before you try and teleport in.

That said though I'm not a Luddite - webcasts and teleconferences (usually) are just plain easier for everyone.

Ubuntu delivers on Linux MID netbook promise

By Sean Kerner   |    June 24, 2008

From the 'netbooks are a real platform' files:

Netbook or Mobile Internet Device (MID) makers like Asus and Acer use various flavors of Linux as the underpinning of their devices. The idea is that you can tweak Linux to get a minimalist JeOS (just enough operating system) to provide users with what they need.

Now Ubuntu is jumping with both feet into the fray with Ubuntu MID Edition which is specifically built for the MID category of sub notebooks.

"We believe that Ubuntu MID will be used by a range of people and
companies," David Mandala - Project Manager of the Ubuntu Mobile and Embedded Group wrote in a blog posting. "The most typical case will be purchasers of a MID device
who use it as the installed OS with the shipped applications. Users
might install additional applications which will be created within the
Ubuntu Mobile and Embedded community and in"

Mandala also noted that the MID version will now become part of the regular release cycle for Ubuntu - meaning that Ubuntu is treating MID as a serious category.

Frankly on the small (and older low power) devices I've used Ubuntu on - I've generally used Xubuntu which provides the Xfce GUI which is a whole lot smaller and less memory/CPU intensive than GNOME which is what Ubuntu generally uses. Still the Ubuntu MID effort is a great idea as it will leverage the great resources available in the Ubuntu community for MID devices.
Of course Ubuntu is not alone in supporting MID, Novell also is very active in this area - though to date I haven't seen Red Hat focus on it specifically (yet).

Nokia's big open source Symbian play

By Sean Kerner   |    June 24, 2008


From the 'wow! I didn't see that one coming' files:

Symbian has always been the big fish in the mobile operating systems pond. It has always been the 'big scary proprietary vendor' that Linux has been targeted against. That all changes today though as Nokia has bought out Symbian and announced that it is making Symbian into an open source effort.


Talk about a completely game changing monumental turn of events. The Symbian ecosystem will now have little to no incentive to move over to Linux (and even less to Windows CE). Linux will continue to be championed by Motorola and it's personal fiefdom at that LiMO foundation, and the mobile market is now a battle between TWO open source mobile operating systems.

Strategically this move makes a tonne of sense.

Nokia owns Trolltech (developers of Qt and Qtopia) and with Symbian open source there may an opportunity to mix and match Qt with Symbian code to end up with some massive superset of mobile open source capabilities. For strategic reasons, Nokia was not likely to ever fully embrace Linux due to the undue influence of Motorola in mobile Linux.

In a larger context Nokia's move is perhaps a realization that the proprietary vs open source debate is one that proprietary vendors can no longer win.

Why open source drivers and modules are important

By Sean Kerner   |    June 23, 2008

From the "10 years too late" files:

A group of 135 Linux developers have issued a joint statement on the Linux Foundation site calling for open source drivers and modules for Linux. Though there are plenty of open source Linux kernel drivers and modules, there are also plenty of closed source ones. That's where the problem lies.

According to the statement:

Vendors that provide closed-source kernel modules force their customers
to give up key Linux advantages or choose new vendors. Therefore, to take full advantage of the cost savings and shared support
benefits open source has to offer, we urge vendors to adopt a policy of
supporting their customers on Linux with open source kernel code.

I think the call for open source drivers is a GREAT idea -- but it's an idea that's not new. Drivers and specifically open source drivers for LInux have been an issue since the creation of Linux.  In a Q&A on how the Linux Foundation is helping this renewed call for open source drivers now, they write:

Nothing has changed, we have just been receiving a constant stream of
questions from companies asking how the Linux kernel developers feel
about closed source modules over the past year or so. This statement
should be the definite answer for how a large majority of them feel with
regards to this topic.

Kernel developer Greg Kroah-Hartman (literally a giant in kernel development) has had an open driver effort ongoing since January 2007 and has been active ever since.

Considering that proprietary driver have been available for Linux for years, this is an issue that will be difficult (though not impossible) to resolve. I strongly believe that Kroah-Hartman's effort to build an open source driver IS the answer.

A call from the broader community for open drivers is all fine and nice, but it is the Kroah-Hartman effort that is actually helping to build the drivers that will fix the problem.

Now to be fair the Linux Foundation statement is broader than just drivers. They address kernel modules in general.

A module is a chunk of code that can be loaded into the Linux kernel
while it is running. It is often the same thing as a driver, but they
can provide other things. Examples of non-driver Linux kernel modules
are filesystems and security frameworks.

Again this is a great idea -- taking leadership here is certainly necessary, and on the broad issue of modules it's one that has not been front and center. Hopefully this renewed effort from the Linux Foundation will get some action on the module issue overall. It's been a long time coming.

Is the first Firefox 3 vulnerability a 'low blow'?

By Sean Kerner   |    June 20, 2008

Looks like Firefox 3 already has a reported vulnerability - though it's a vulnerability that has been disclosed responsibly.

Mozilla's chief security person Window Snyder wrote on the Mozilla security blog that:

TippingPoint ZDI notified Mozilla of a vulnerability in Firefox that
impacts versions 2.x and 3.0.  This issue is currently under
investigation.  To protect our users, the details of the issue will
remain closed until a patch is made available.  There is no public
exploit, the details are private, and so the current risk to users is

Some might argue that there is some kind of conspiracy afoot here - after all why bring up a flaw now when Firefox 3 has been in development for the last 18 months - perhaps there is an attempt to embarrass Mozilla here.

Personally, I don't see it that way. I've spoken with Tipping Point on many occasions about bugs they discover (though not about this one in particular) especially some of the Apple Mac and QuickTime ones - Tipping Point tends to take heat for those too with Mac heads thinking there is a targeted campaign to discredit Mac security.  That's just not the case so far as I can tell and has no basis in fact.

The timing of the Firefox 3 issue is unfortunate - but Mozilla already had a plan to patch Firefox 3 in its first six week as part of its regular stability and security sweep that it has always done. Frankly I'm glad people like Tipping Point (and the people they pay) find bugs - ultimately it makes software safer for all of us since it's better that the good guys find the issues isn't it?

8.3 million downloads in 24 hours for Firefox 3

By Sean Kerner   |    June 18, 2008

So how many downloads did Firefox 3 have in its first 24 hours?

According to John Lilly CEO of Mozilla it was a little more than 8.3 million downloads.

In total Lilly noted that Mozilla served up 83 terabytes of data. That after Mozilla's servers had a minor overload in the a.m. yesterday, but Mozilla quickly recovered.

  • At the peak, we were serving 17,000 downloads a minute (283 per
    second!), and saw sustained download rates in excess of 4,000/minute
  • Our peak mirror throughput during the period was 20 gigabits/sec

That's a whole lot of data for one day. It'll be interesting to see how/if this shows up as a world record (I don't see why it wouldn't) and whether or not any other vendor will challenge the record in the future.

Verizon President & COO doesn't know about open source

By Sean Kerner   |    June 18, 2008

From the 'not everyone knows about open source yet' files:

LAS VEGAS -- I just got out of a Q&A session with Verizon Communications President and COO Denny Strigl and being an open source guy I asked Strigl about open source. Specifically I asked what role does open source play at Verizon now, especially in light of the recent SFLC lawsuit against Verizon on GPL infringement.

Strigl looked at me with a blank face and asked me to repeat my question. He was completely clueless.

He then asked one of his PR people to answer, and they too were clueless.

In December of 2007 the Software Freedom Law Center (SFLC) filed its GPL lawsuit, whichwas settled in March of this year. The win was hailed as a victory for open source by the SFLC and others.

Apparently though open source types (like myself) thought the Verizon thing was a big deal, it apparently never reached the radar screen of Verizon's top exec. Go figure.

Wine 1.0 finally here after 15 years

By Sean Kerner   |    June 18, 2008


When I first started using Linux years ago one of the first projects that I had an interest in was WINE (Wine Is Not a Windows Emulator). The basic idea of WINE is that you could run Win32 (call it Windows) applications in Linux. It kinda sorta but didn't really work at first it was always a hit/miss based on the specific application you were trying to run.

But now WINE developers are calling their project stable with the 1.0 release that came out this week. WINE developer  Alexandre Julliard wrote in a mailing list announcement:

This is the first stable release of Wine after 15 years of development
and beta testing...
While compatibility is not perfect yet, thousands of applications have
been reported to work very well.

The irony i suppose is that now there are more Linux application than ever, and through the magic of virtualization a user can run a full Windows install if they wanted too (though you still legally need a licenced version of Windows).

Still a tremendous achievement after a very long period - so congratulation to all WINE developers and users, vintage is a good thing.

What does 100GbE look like?

By Sean Kerner   |    June 17, 2008


LAS VEGAS. The 'funny' thing about networking is it all really looks the same on the outside for the most part - no matter how awesome the underlying technology.

Case in point is a demo I saw here at NXTcomm for 100GbE - that's 100 gigabits per second of Ethernet traffic on a single port. That's the fastest connection on Earth and it's not yet a standard or publicly available though it will be soon.

I've got a full story up on the main site about the 100GbE demonstration here - but what does it actually look like?

It's a set of boxes with the usual confluence of wires and then there is an LCD screen on which Ixia is showing the traffic speed with some dials. That's it.

I suppose seeing the fastest Ethernet connection in the known universe should have struck more SHOCK AND AWE, but how can you show something that fast any other way? In Science Fiction when a ship jumps to light speed there is some kind of fancy special effect for the jump and then star trails for the speed while in hyperspace. It doesn't quite work that way in networking.

But it's still cool to me - a 100GbE connection is a major milestone for Ethernet and for the Internet..

NXTcomm belongs in the Windy City not Vegas

By Sean Kerner   |    June 17, 2008

LAS VEGAS. Man it's hot outside. I'm at the NXTcomm show in Las Vegas and this morning's keynote didn't get off on a great start.  It started over 10 minutes late (and after I rushed over to get here for 8 AM too). 
At 7:55 AM an announcement came over the PA system stating the keynote would start in 5 minutes. They made the same announcement at 8:05 am too.

The problem was that the keynote session at 8 AM was less than half full and in a room that is massive that certainly doesn't look too impressive.

Typically, a keynote hall is usually the most prominent location at
any conference. At NXTcomm it is hidden at the end of a long corridor behind the exhibit area. In
order to get there attendess had to run the gauntlet of cables and in my case, a lift truck too that was in coming from the

Transportation is also likely an issue why people weren't here at 8AM.
Supposedly there are shuttles coming from all the conference hotels. Personally  I
couldn't find the one for my hotel so I ended up taking the monorail - Considering how many badges and people wearing suits I saw on the monorail,  I wasn't
alone in making the monorail trek to the Las Vegas Convention Center.

Overall the layout from what
I can see on this first official day isn't nearly as clean as it normally is
when the NXTcomm /SuperComm event is in Chicago.

But we already know
that NXTcomm will not be returning to Vegas next year.Organizers have already planned on moving NXTcomm back to Chicago (where it belongs) next year.

Red Hat moves JBoss into the cloud

By Sean Kerner   |    June 17, 2008

Thumbnail image for JBoss.gif

From the 'everyone wants to float in the cloud' files:

Red Hat is now making its JBoss Enterprise Application Platform available 'in the cloud' over Amazon's EC2.

The JBoss move follows Red Hat Enterprise Linux (RHEL)which became available on EC2 in November of 2007.

"The availability of JBoss Enterprise
Application Platform on Amazon EC2 helps lower technology entry barriers
to open source middleware while giving developers familiar solutions to
use within the cloud," said Aaron Darcy,
director, product marketing at Red Hat in statement.

In my view this is a case of catch-up. First Red Hat had to make sure RHEL worked as it should in the cloud. Making JBoss available is the next logical step. I have not seen any real tangible revenue numbers or financial indications about the RHEL EC2 effort to date - but it will be interesting to see how it will grow now that there is an app server to go with it.

Open Source 'Census' is a joke. Isn't it?

By Sean Kerner   |    June 16, 2008


From the 'just cause you say it's true doesn't make it true' files:

I see a lot of so called 'journalists' that write about Open Source with stories up today about The Open Source Census and Microsoft now becoming a sponsor. No joke - but I laughed out loud reading most of them.

How long has this 'census' been out for?  It's at least five months at this point and from where I sit it's not exactly a rousing success. This so called 'census' is an opt-in (not necessarily a bad thing) effort for identifying open source components on a users machine. But where opt-in can sometimes be a good thing with this Census after five months of life it's got ..(drum roll please) just over 228,000 open source installations counted.  ...ooh but it gets better my friends...

When you dig into the census with the Census summary information it actually reports that only - get this -1,332 machines have been scanned!


Firefox claims to have 170 million active users. How can this 'census' have any legitimacy whatsoever in the validity of its numbers with such a low tally after months of operation?

And now - Microsoft is a sponsor. Does that mean Microsoft will influence the results? Does it means they'll use the census to prove their point that open source isn't a factor?

I don't know - but considering the very limited participation this small effort has had to date - I really think it's a non-issue unless Microsoft plans on integrating the Census with every Windows installation (which would be a cool idea).

The Mozilla people likely have a far better handle on how much open source is being used - as do Fedora (and soon OpenSuse) with Smolt which is an opt-in effort for measuring active installations. For the Fedora 8 release there were over 2 million users that Smolt reported.

The Open Source Census unless I'm completely mistaken (and the current low level of participation is some kind of typo) is a more advanced recreation of the Linux Counter which today still only stands at 137,000 Linux users.

It's not a bad idea - the open source census is a profoundly great idea - it's just that it hasn't taken off yet. So perhaps the tables will turn with Microsoft as a sponsor and the joke will be on me, but today at least I'm the one laughing.

Judging open source innovation with Red Hat

By Sean Kerner   |    June 16, 2008

From the 'just cause you vote for someone doesn't mean they'll win' files:

Red Hat has announced its Red Hat Innovation Award winners this a.m. It's a process that I was invited to participate in as a judge this year. I got to see all of the raw applications from companies and groups hoping to win recognition for their innovative use of open source technologies. While some of the final winners are the same as what I voted highly, some were not the ones I personally had rated the highest.

I guess I have a slightly different view of innovation than some of the other judges -- though not much since I ranked all of the winners highly. But first let's talk about the winners that I do agree with.

Nortel won in the Delivered Value category. Nortel, which I personally did not know as a Linux user, actually manages some 2,000 machines with Red Hat Network Satellite server. The application that I saw from Nortel wasn't just a 'oh we needed a solution then chose Red Hat' -- it was more a case of Nortel had a need and Red Hat created a solution for them.

In a real sense Nortel was among the first users of RHN satellite, which is a solution that thousands of enterprises around the globe rely on. I saw it as a case of a company working with a vendor to solve a problem and the resulting solution truly delivering value. While there were other really good entries in this category, Nortel really stood apart from the rest.

In the creativity category IBM and Raytheon Integrated Defense Systems won for a system they built for the U.S. Navy. Yup Linux is on U.S Naval Warships defending the free world and American interests. The system that Red Hat fits into there (again something that required all kinds of interesting work) is the Zumwalt Total Ship Computing Environment (TSCE).

Now while I voted for IBM/Raytheon, if I recall correctly I had them higher in a different category for awards. The innovative use of open source in a U.S. Navy ship is certainly creative, but it's also a case in my opinion in which Linux won out against other alternatives. Certainly the U.S. Navy and its subcontractors have built shipwide systems before -- in this case they had a real challenge, which Linux was able to solve better than any other solution.

For creativity I was totally blown away by a different submission that didn't make the final awards.

So wanna know who I had tops in the creativity category? Unfortunately, I don't think I can name names (right Red Hat? Confidentiality and all that), but I will hint at what the project was doing.

Robots playing soccer.

Cool, eh? Sure a full U.S. Navy ship system is a cool tool, though that's a more functional sense in my opinion. When I think of creativity I think of creativity in terms of using Linux (or any open source) in a completely different way than anyone has ever thought off before.

So congratulations to the winners -- both those who were recognized as winner this year and to those who had awesome submissions this year that I suspect could be winners in the years to come.

It's always incredibly enlightening to me to see how groups and companies use open source technologies in areas and situations you wouldn't think off. It's always interesting to see how problems turn into solutions (and not just the marketing double-talk that we all hear so often -- but real-life situation without any b.s.). So thanks Red Hat for inviting me to participate in the process.

(Oh and hey if any other group/vendor/org needs a judge, I'm usually happy to help out!)

Mozilla Weave gears up for new release

By Sean Kerner   |    June 13, 2008


While Firefox 3 is the big thing coming from Mozilla next week - it's likely not the only thing. Mozilla Weave which is a Mozilla Labs effort for data synchronization and collaboration should have its 0.2 version out very near the Firefox 3 release on Tuesday.

The general idea behind Weave is that by utilizing a Mozilla online services
backend, users can store data such as bookmarks and history. That data
can be synchronized with their local browser or even multiple browsers. The last major Weave release came out in April while the platform only got started in December of 2007.

The 0.2 platform will add new data types, according to a recent post by Mozilla developer Chris Beard. When I was at the Mozilla Toronto office, Mike Beltzner gave me the run down on the promise and the potential that is Mozilla Weave. Like many, I incorrectly suspected in the beginning that Weave was some kind of killer, but Weave really is much more.

Check out the full discussion with Beltzner in the video below:

Yahoo's open source exodus

By Sean Kerner   |    June 13, 2008


One of the best known open source developers at Yahoo! is on his way out. Jeremy Zawodny has publicly announced that he is leaving Yahoo!

But don't think that the Microsoft nonsense has anything to do with it. According to Zawodny it doesn't. On his blog he wrote:

"I won't at all be surprised if some people think this is related to Microsoft or Carl Ichan and the uncertainty surrounding Yahoo's future. The reality is that there's nothing pushing me out the door at Yahoo.The reason I'm leaving is that something very compelling has come along
to lure me away. Despite what the current press sentiment might be,Jerry and David have built a remarkable company.

I've spoken with Zawodny at a few points over the years. The reality is though that as long as he remains an open source contributer Yahoo! can still benefit from his efforts - that's the nature of open source. It's just that they lose a valuable direct influencer and contributor.

Red Hat Exchange (RHX) is critical

By Sean Kerner   |    June 12, 2008

From the 'free advice from the cheap seats' files:

Last year at this time Red Hat launched its Red Hat Exchange (RHX) initiative. The idea in the beginning was to offer a marketplace for third party open source solutions that Red Hat would sell directly from the RHX site. At the time of its launch I thought it was a good idea and I still do. In fact I strongly believe that for Red Hat to evolve to the next stage of great companies it is essential that RHX succeed.

However Red Hat has had some difficulty with RHX over the past year. This week, Matt Mattox wrote on the Red Hat blog:

Rumors of its death have been greatly exaggerated. RHX is different
now. The team is smaller and the target market is different; but,
fundamentally, RHX is smarter.

RHX is now focused on helping the open source ecosystem grow
sustainable businesses by implementing a truly community-leveraged
model. We want to help our ecosystem partners transform communities of
users and developers into their own source of competitive advantage.

Fundamentally RHX is all about growing the Red Hat channel. It's about transforming Red Hat from just a vendor that does solid support and technical service to being a preferred value added solution vendor for Open Source as a whole.

A Linux distribution by its very nature - distributes software- as such Red Hat has always been a distributor of other people's software. The promise of RHX was more - providing an outlet for support and commercial viability. If the new reality of RHX has wavered from that initial promise that would be a very bad thing for Red Hat.

If RHX is to succeed and transform Red Hat from just being about Linux and JBoss - to being The Open Source Vendor for all things Open Source - that surely would be a vehicle towards increased revenue and profit.

Think about it. Instead of a user cobbling together stuff from multiple sources - or going to IBM or HP they'd just go to Red Hat. How much of Red Hat's business is a result of the upstream channel it participates in with IBM and HP?

Flip that model around and extend that to the broader open source community with Red Hat at the head. Red Hat is successful because of its leadership role. If it fails to take a leadership role in expanding the profitability of the open source revenue pie for all - someone else will take the lead (Novell has MarketStart and hey Shuttleworth is an aggressive guy with Ubuntu).

Red Hat without the leadership position would not survive in the same way it does today. It just wouldn't have the influence. In open source, influence is critical to survival.

So whatever RHX evolves into, for Red Hat's sake I hope that it's still at least part of the original promise that RHX offered. Building a channel is no easy task and takes years of effort and dedication. It would be a shame if the journey that Red Hat started on last year did not reach its full potential.

Mozilla releases Firefox 3 RC3 - FINAL ON June 17

By Sean Kerner   |    June 11, 2008

**UPDATED* Final Firefox 3 will be out on June 17th **

From the 'how much farther' files:

Well here it is Firefox 3 Release Candidate 3 - is now out - for Windows, Linux and Mac. Just last week when RC 2 came out , most people (myself included) figured that would be the final release candidate.

Though there are Windows, Linux and Mac versions of RC3, only the Mac version is different (the other ones are just a renamed RC2).

The reason for the RC3 spin on the Mac stems from an Apple issue detailed in bugzilla entry 436575. The issue is related to stability issues with the VerifiedDownloadPlugin.plugin (introduced by OSX 10.5.3).

The 'funny' yet somewhat ironic thing is that Apple's Safari browser is still under a cloud of doubt itself for allowing 'carpet bombing' downloads (so Mozilla is patching its browser for Mac faster that Apple is patching its own browser for Mac -- though yeaaah I know this is a different issue but still it's interesting to note).

No word yet on the official date for the final final Firefox 3 release - but if I was a betting man , I'd bet even money on next week.

**UPDATED** And thnx Asa for the comment and to Mr. Mike Beltzner for announcing the date of June 17th (next Tuesday) as the official release date.

Red Hat settles 2 patent lawsuits - 1 more to go

By Sean Kerner   |    June 11, 2008


From the 'aaaaaah that's why they hired those guys' file:

In March of this year Red Hat expanded its legal firepower by hiring lawyers Rob Tiller and Richard Fontana.  Three months later it's evident that these two have been busy as today Red Hat announced that it has settled two of three outstanding patent lawsuits.

"We're putting the patent issue to rest with the settlement of patent litigation involving Firestar Software, Inc. and DataTern Inc. that provides broad protections not only for Red Hat customers, but for the larger open source community, " Red Hat spokesperson Kerrin Catallozzi wrote in an email to

The Firestar and DataTern patent lawsuits date back to 2006 and alleged violation of U.S. Patent No.
6,101,502 which details a method for interfacing an object oriented application with a relational database. The suit pertained specifically to the JBoss Hibernate technology.

According to a Red Hat FAQ on the settlement:

Under the settlement, customers receive a license that grants a
perpetual, fully paid-up, royalty-free, irrevocable worldwide license
to the patents in suit to engage in any and all activities with respect
to Red Hat products. Customers also receive a perpetual covenant not to
sue with regard to all of DataTern's and Amphion's other patents on
claims related to Red Hat products. The settlement will therefore
provide a defense that should prevent DataTern and Amphion from
bringing similar suits against any Red Hat customer based on use of a
Red Hat product.

Red Hat has not yet publicly disclosed any financial terms of the patent settlement or even if there is any money changing hands as a result of this settlement. All we know for sure is that this issue is settled for Red Hat and for anyone (commercial or community user) that uses the technology in question.

Though Red Hat has now lifted some of the cloud of patent doubt for users, issues still remain. For one, the October 2007 patent lawsuit filed by IP Innovation LLC is still outstanding. That claim alleges that the Linux vendors are infringing on its
U.S. Patent No. 5,072,412. The patent, originally issued Dec. 10, 1991,
describes a "User Interface with Multiple Workspaces for Sharing
Display System Objects.

Then of course there is Microsoft.

To date Microsoft has never formally filed a patent lawsuit against Red Hat, though Microsoft CEO Steve Ballmer has implied that Red Hat users should 'pay up'.

Mozilla's Mac Mini array is making Firefox better

By Sean Kerner   |    June 10, 2008


What does it take to build an open source browser used by over 170 million people? Apparently it's not quite as gargantuan as you might have guessed.

I would have thought that from a build framework point of view it would take some massive super cluster array with ridiculous amounts of processing power and RAM- but it turns out that's not the case.

Mozilla's Mike Beltzner explained to me that Mozilla is using 'regular' Windows, Mac and Linux machines as part of their build environment, with Linux (CentOS/Red Hat Enterprise Linux) serving up their Tinderbox build reporting environment.

From a testing framework point of view (since Mozilla is constantly building and testing) they are using an array of about 80 Apple Mac Minis. According to Beltzner the reason why they're using Macs is easy -  they handle  virtualization easily.

If you want to see for yourself - check out the little video below - shot at Mozilla's Toronto office - where staffers dispel my illusions of Mozilla super cluster grandeur(though 80 Mac Minis that are virtualizing another umpteen machines is quite impressive..).

SFLC files new GPL lawsuits

By Sean Kerner   |    June 10, 2008


From the 'when will they learn' files:

The Software Freedom Law Center (SFLC) has filed a pair of new lawsuits on behalf of its client BusyBox for alleged violations of the GPL open source license.

The defendants in this new round of lawsuits are Bell Microproducts, Inc. and Super Micro Computer, Inc.

"Before filing these lawsuits, we contacted both companies and gave them the opportunity to remedy their violations privately, but they were continually unresponsive," said Aaron Williamson, SFLC Counsel in a statement. "When companies are contacted by SFLC or anyone else about a GPL violation, they need to respond by taking good faith steps toward compliance. If they do not, lawsuits like these are the predictable consequences."

The GPL is a reciprocal license requiring license users to make the software available to end-users. While BusyBox is a collection of Unix utilities that have been
optimized for size and are most commonly used in embedded environments.

The complaints filed by the SFLC allege that Bell Microproducts, Inc. and Super Micro Computer, Inc have not adhered to the terms of the GPL.

10. Plaintiffs have at no time granted any permission to any party to copy, modify or distribute BusyBox under any terms other than those of the License.

The SFLC has been extremely successful to date in coming to settlements
with alleged GPL  violators. They are 4 for 4 in cases, with the most recent settlement coming from Verizon in March in of this year.

Considering their successful track record to date, I would think that it is safe to assume that it's only a matter of time till an out of court settlement is reached in these two new cases as well.

Mozilla's open source phone system

By Sean Kerner   |    June 09, 2008


What does Mozilla - arguably the most popular open source project in the world - use for its telephony solution?

It shouldn't surprise you that they use a solution built in open source should it?

When I was at Mozilla's Toronto office - I made sure to check out all the 'flashing lights' and being an admitted geek I like to see what kind of phone systems people use (no I know nothing about phone phreaking....).

It looks like Mozilla uses an Asterisk phone system to connect their various locations. I've been following the Asterisk project for years and am always amazed to see it in use (yes I know it's 'boring' to some but I still find it interesting).

Mozilla developer Mike Beltzner answered my questions (or tried too..thnx Mike!) about Mozilla's use of Asterisk...check out the little vid below of the exchange.


Microsoft's Open Source Sandcastle collapses

By Sean Kerner   |    June 09, 2008

From the 'you gotta play by the rules' files:

The basic premise of all Open Source software (Open Source being software licensed under an OSI approved license and adhering to the Open Source Definition) is that the code is and available to all.  Someone at Microsoft didn't think that applied to them when they loaded up the Sandcastle project on Microsoft's Codeplex site and listed in under the OSI approved Ms-PL (Microsoft Permissive License).

Simply labeling a piece of software as Open Source isn't enough - you actually have to adhere to the terms of the license - which requires that the code be open and available to all. Sandcastle which is a documentation compiler for managed class libraries did not have source code open and available for download.

To Microsoft's credit, when Sam Ramji who runs their Open Source Lab found out about the violation he took action rather quickly as he notes in his blog.

This is unacceptable and represents a violation of Microsoft's Open Source policy.  I take it extremely seriously.

I have directed the project to be unpublished from
Codeplex immediately, including removal of the project's use of the
Ms-PL.  If the team chooses to publish the source code and follow
Microsoft policy, then the project may be re-published in the future. 
If not, we will remove all references to Sandcastle from Codeplex.

I apologize to the OSI on behalf of Microsoft for this mistake.

While I applaud Ramji's quick actions - just to argue Devil's Advocate - I've seen plenty of projects on SourceForge, Google Code and other places that were set to be licensed under an OSI approved Open Source license that did not have code available. Typically those are startup/early phase projects where they are  soliciting interest and don't actually have code available. That wasn't quite the case here though and Microsoft does have  to prove itself to an overly suspicious Open Source community.

Mozilla is not tech's worst workspace

By Sean Kerner   |    June 06, 2008


I spent the better part of today at Mozilla's offices in Toronto - the workspace that my friend Nicholas Carlson at Valleywag labeled as 'the worst in tech'.

Mozilla's Toronto office is far from the worst tech workspace I've ever seen - in fact I'd rank it among the best small office spaces in tech I've visited.
Here are a few reasons why:


1) They're located on top of a Beer Store (in Ontario you can't go buy beer just anywhere, you have to go to The Beer Store). Here's a pic of their physical building at 720 Spadina in Toronto (left) with shots of their building and door name plate below. And a shot of the view from the front of their office looking south (with the CN Tower in the background).



2) Instead of a 'task board' listing all of the different things that Mozilla staffers need to do, the Mozilla Toronto whiteboard is a listing of all the places near the office that they want to go to lunch (with a checkmark besides the places they visited)

3) The office itself is a nice open concept setup (no cubicles here).

4) Air Conditioning works really well. It was near 40 degrees Celsius (with the Humidex) in Toronto today, but you wouldn't know it from the Mozilla Toronto offices which were as cool as a cucumber.

5) The people. It's people that make a workspace. Check out the little vid I shot today giving a little tour of the Mozilla Toronto office...clearly not the worst in tech....(and thanks again to Mike Beltzner and the rest of the Mozilla team in Toronto for opening their doors to me today)

Pentaho open source BI moves from Mozilla to GPL

By Sean Kerner   |    June 05, 2008


The move away from Mozilla open source licenses continues today with open source Business Intelligence (BI) vendor Pentaho moving to the GPL. It's a sign of the times that professional open source vendors are embracing the GPL and leaving behind licenses that don't demand reciprocity.

Pentaho had been available under an MPL (Mozilla Public License) and as of the upcoming release they'll be on the GPL --- but get this - they're moving to GPLv2 and not GPLv3. According to a FAQ on the transition:

GPLv2 is more compatible with more of our partners' licenses and community open source distributions than GPLv3 is today.. Pentaho could move the platform components mentioned above to GPLv3 at a later date, based on partner and community feedback.

In their FAQ, Pentaho notes the reason for the move is due to the widespread adoption and understanding of the GPL. Frankly I think that reason is a little lame - considering that the GPL was widely adopted and understood when Pentaho adopted the MPL in the first place.

Pentaho also cites, what I think is the 'real' driver:

Because the
GPL is what's known as a "reciprocal license" it ensures that the
software is open and remains open.

With an MPL license  a developer could take the code, make modification and not contribute those changes back to the community. With the GPL that's not possible. If you modify GPL code you must contribute those changes back. Reciprocity protects users and it protects the vendor as well ensuring that the code remains free.

The other driver IMHO could well be to help itself against the 'other' open source BI player - namely JasperSoft. The JasperSoft Community Edition is already licensed under the GPL.

Pentaho is the latest in a string of vendors that have moved from MPL (or MPL plus attribution) to the GPL in recent years. In February of 2007, Alfresco moved to the GPL, SugarCRM also moved to GPL in 2007 (though they chose GPLv3).

Skype at risk from security vulnerability

By Sean Kerner   |    June 05, 2008

Skype users may be a risk from a moderately critical code execution vulnerability that could potentially allow an attacker to execute arbitrary code.

The vulnerability stems from how Skype handles URIs.According to an advisory from VeriSign's iDefense security research team:

The "file:" URI handler in Skype performs checks upon the URL to verify
that the link does not contain certain file extensions related to
executable file formats...
Due to improper logic when performing these checks, it is possible to
bypass the security warning and execute the program.

Skype in its own advisory on the issue elaborates on how the vulnerability could be triggered by an attacker.

An attacker would need to construct a
malicious file: URI and send it to the intended victim. Upon clicking
the link execution of arbitrary code on the victim's machine will be

All Skype for Windows releases releases prior to and including 3.8.*.115 are at risk. The vulnerability has been fixed in the newly released version

If you're a Skype user don't rely on getting an update notification before you update. In my case. I was running, I hit the 'check for updates' button and got a window stating that I had the most recent version of Skype (which isn't actually the case). In my limited experience with this issue, you actually need to physcially visit the Skype download page and download the latest version to make certain you're not at risk from this URI vulnerability.


By Sean Kerner   |    June 04, 2008


Firefox 3 Release Candidate 2 hits the Web

By Sean Kerner   |    June 04, 2008


It's almost done.

Mozilla has released Firefox 3 Release Candidate 2 for early adopter consumption. Officially the release candidate is still for 'testing' purposes but this is a browser that has been in the oven for some time. Linux vendors like Red Hat and Ubuntu  are already providing Firefox 3 as a supported product (and they started that with the Beta 5 release).

I've been following (and using) the Firefox 3 browser since its alpha days and watched carefully as it has improved each step of the way. The RC 2 release is just a little earlier than expected.

Officially according to Mozilla's release notes the Gecko 1.9 platform (which is the basis of Firefox 3) has more than 14,000 updates over its predecessor. That's a lot of change and innovation in terms of security, usability and performance.

I have seen no indication that there will a need for a RC 3 for Firefox 3 - I would expect that there will be some outstanding issues (non-blocker) in bugzilla that get addressed between RC 2 and the final release just for what I would call "fit and finish." As of the time of this blog posting the official date for the release of the final Firefox 3 build has not been announced, but that's likely to come very soon (and it'll be a record-breaking event).

As opposed to the Firefox 2 release which was close to the Internet Explorer 7 release, Mozilla will not being sharing the "next generation browser release" stage with Microsoft this time around. IE 8 is only in beta 1 with a wider beta not expected for months.

Apple iPhone set to get open source collaboration

By Sean Kerner   |    June 04, 2008

I've just learned that open source collaboration vendor Open-Xchange is set to announce on Thursday AM that it will be available to iPhone users.

Open-Xchange offers an open source alternative to Microsoft Exchange and competes against other open source collaboration plays including Scalix and Zimbra. Zimbra has offered iPhone integration for nearly a year at this point, it's not clear at this early stage whether or not the Open-Xchange iPhone offering will offer the same (or greater/better) degree of integration with the iPhone.

Overall though - good news for both iPhone and Open-Xchange users indeed as this further expands choice for both camps.

EnterpriseDB nabs former Red Hat exec as CEO

By Sean Kerner   |    June 04, 2008


From the 'where are they now' files:

EnterpriseDB which is a leading backer of the open source PostgreSQL database effort, today named a new CEO. Ed Boyajian, former vice president and general manager,
North American sales, Red Hat (NYSE: RHT) will take over from Andy Astor (the current CEO) effective June 9th.

I've written about EnterpriseDB numerous times over the years, met Andy Astor (briefly in Toronto at the PostgreSQL anniversary event) and spoken to him for interviews. He is (and was) a fine spokesperson and an exemplary open source CEO, it's a pity in my view that he is stepping aside - he's staying on as executive vice president
of business development (which might play to his speaking/sales strengths).

The 'funny' thing is that Astor is being replaced in the CEO job by a man that ran sales for Red Hat. In all honesty in all the years i've been using and writing about Red Hat I've never actually spoken with or heard of Ed Boyajian. That is neither a good thing or a bad thing - it's just a personal observation.

CPAL is not an Open Source poison pill for Facebook

By Sean Kerner   |    June 03, 2008


From the 'holier than thou' files:

A pair of my colleagues forwarded me a pitch today titled, " Disappointing: Facebook Does Open Source like Microsoft." It's an 'interesting' email pitch  -- it's a pity I wasn't contacted directly.

Essentially what the pitch (which came from Bob Bickel Founder, Ringside
by way of PR firm
) alleges is that the CPAL is a poison pill for open source code.

"The poison pill in this license agreement is that anyone using the Facebook code
as part of something else, and puts that up on a website, would need to make all
of the code open source," Bickel wrote in his email pitch.

First off the CPAL is a bona fide Open Source license approved by the OSI. It fulfills the requirements of the Open Source Definition as determined by the OSI and it is the Real Deal.

The ideal of contributions is pivotal to the success and long term survival of the Open Source community, and that shouldn't be thought of as a poison pill in my view. That said not everything that Open Source touches should in turn become Open Source itself. The risk of infection from GPL licensed code (and the GPL is significantly more reciprocal in nature than the CPAL) is significantly higher.

I'm not a lawyer - and I don't pretend to be one - but just because I use Linux doesn't mean that anything I use Linux with (and the Linux kernel itself is GPL) automatically becomes Open Source -- It just doesn't work that way.

Yes the LGPL (Lesser GPL) that companies like Ringside use has additional protections and it doesn't necessarily require attribution (which is the issue that some have trouble with). The CPAL attribution basically means that users need to attribute where the code came from (I've heard this referred to as 'badgeware' sometimes).

The holier than thou - My License is More Open Than Your License - debate is one that doesn't serve Open Source in my opinion, it's one that only serves to fuel the commercial closed source vendor FUD fire. (Though I do think there is a need and a use case for both reciprocal and BSD-type licenses as well as CPAL -- where usage depends on circumstances and one size does not fit all).

Frankly and practically, I think it's a marvelous thing that the Facebook Platform is under a real Open Source license - arguing about the semantics of reciprocity and attribution - diminish the fact that it is an open platform that anyone (without the need for special agreements or licenses) can use/extend and deploy. That's the promise of Open Source and it's one that Facebook is now embracing.

Irreconcilable conflict between $ and Open Source ?!

By Sean Kerner   |    June 03, 2008


From the 'FUD watch' files:

I'm always on the lookout for open source FUD. Today I came across an interesting piece today titled, "Legal Climate for Open-Source Users Changes With Litigation and License
Revisions, Wolf Greenfield Lawyer Writes in IP Law & Business
"  No that's not the FUD part as there is little doubt that the GPL 3 and the recent activities of the Software Freedom Law Center in defense of GPL have raised the profile of GPL enforcement.

The SFLC lawsuits have also had the unfortunate side effect of providing some FUD fodder too, if the Wolf Greenfield lawyer comments are an indication.

"The {SFLC} lawsuits represent 'muscle-flexing' by the free-software community and,
taken together with changes in open source license terms, may foreshadow new
risks in the irreconcilable conflict between open-source software and its
widespread use by for-profit companies," Edmund J. Walsh of the Boston IP law firm Wolf, Greenfield & Sacks, P.C.,
writes in the April issue of IP Law & Business


Let's repeat the salient point here - "..the irreconcilable conflict between open source software and its widespread use by for-profit companies."

I guess this particular attorney has never heard of Red Hat (aiming for $1 billion in revenue), Oracle (runs its own infrastructure on open source software), Cisco (world's largest networking vendor that is now backing Linux) and many other for profit vendors that all have somehow RECONCILED open source and profit.

The notion that open source somehow is an inhibitor to making a profit hearkens back to the earliest days of open source when it was a concept that was poorly understood and not well adopted by enterprises. It's 2008 now and open source is a vehicle for innovation and profit.

The actions of the SFLC in my honest opinion are the necessary actions of a legal group to defend the rights of developers, pure and simple. If you use code licensed under terms of a license (any license) than you're bound by the terms of the license. It's not about open or closed source. It's about the legal license and it's a shame that some just don't get it.