Week in review: Open source changing course
week in reviewWith new releases and new partnerships, software such as LAMP and Solaris took the spotlight this week.
The LAMP stack of open-source software--which includes the Linux operating system, Apache Web server, MySQL database and scripting languages PHP, Perl or Python--is pushing its way into mainstream corporate computing.
Start-up ActiveGrid, one of several smaller companies betting on the LAMP stack, on Monday announced partnerships that could help expand LAMP's appeal among big companies. Partners include MySQL, Apache management provider Covalent, Linux company Novell and PHP tool maker Zend Technologies.
The efforts of companies such as these to make LAMP more of an industrial-strength package--combined with growing interest among corporate customers in open source--are making LAMP a more cohesive and competitive offering to Java and Microsoft's .Net products, analysts say.
That's got Microsoft, after toiling for years to make the company's software robust and worthy of large corporations' dollars, now facing a different challenge: fending off open-source alternatives that are good enough for most jobs.
In particular, the company is focused on improving its alternatives to the LAMP stack. To combat LAMP--and open source in general--Microsoft is focusing both on improving individual products and on designing a comprehensive Windows server suite to be cheaper to own in the long run.
This story got News.com readers talking--the article has drawn more than 40 comments so far, including one from Matt Lavallee, who said Microsoft needs to put "the rapid back in RAD" (rapid application development).
"Until they can get back to 'Edit a text file and hit refresh' responsiveness, LAMP will continue to gain momentum," he wrote.
In other open-source news, Sun Microsystems released Solaris as open-source software, a move that's central to the company's plan to regain lost relevance and fend off rivals Red Hat, IBM and Microsoft.
The company on Tuesday posted more than 5 million lines of source code for the heart of the operating system--its kernel and networking code--at the OpenSolaris Web site. However, some source code components, such as installation and some administration tools, will arrive later.
All the while, Sun has been guiding the spotlight away from a once-prominent feature of Solaris 10. The feature, code-named Janus and not yet released, lets Linux applications run on its Solaris operating system. Sun instead is emphasizing a related open-source alternative called Xen, which lets multiple operating systems run on the same computer.
Sun had touted Janus as a useful tool to help customers drop Linux in favor of Solaris, Sun's version of Unix. Sun offers the software to interested customers, but now expects customers that run Linux applications to be more interested in an ordinary version of Linux.
Xen will become significantly more powerful with an upcoming version that introduces multiprocessor support. The improvement should help Xen become useful for higher-end servers and measure up better against rival technology such as EMC's VMware.
Red Hat on Monday released Fedora Core 4, a free version of Linux the company is using to advance virtualization, programming tools and other software at the frontier of open-source development. Among other features, Fedora Core 4 comes with the Xen virtualization software. Additionally, the new Fedora was built using the new version 4 of GCC, the GNU Compiler Collection--tools that translate human-written source code into computer-readable binary instructions. GCC 4 brings a new framework that its advocates hope will lead to better performance.
Meanwhile, Microsoft has hired one of the key figures behind a popular distribution of Linux in order to educate its in-house developers about open source.
Daniel Robbins, the founder and former chief architect of the Gentoo project, began working for Microsoft in late May, according to a posting this week on the Gentoo Web site. According to Gentoo, Robbins is "helping Microsoft to understand open source and community-based projects."
Gentoo is a distribution of Linux that its developers say is fully customizable for any application or need. According to a recent Netcraft survey, the number of Web sites running Gentoo increased by almost 50 percent during the previous six months.
In a fix
Microsoft on Tuesday issued three "critical" patches for flaws that could allow a malicious attacker to take remote control of a computer.
One fix deals with vulnerabilities in Internet Explorer, while the others tackle problems with HTML Help and Server Message Block in the Windows operating system. The security bulletins were three of 10 released by the software giant as part of its monthly patch cycle.
Sun Microsystems has fixed a pair of security bugs in Java that could be exploited by attackers to take over computers running Windows, Linux and Solaris. The flaws are "highly critical," security monitoring
company Secunia said in an advisory posted Tuesday. Flaws that get that ranking--one notch below Secunia's most severe "extremely critical" rating--are typically remotely exploitable and can lead to full system compromise.According to a technology trade organization, browser-based attacks are increasing.
The Computing Technology Industry Association, or CompTIA, on Tuesday released its third annual report on IT security and the work force. Of nearly 500 organizations surveyed, 56.6 percent had been the victim of a browser-based attack, up from 36.8 percent a year ago and 25 percent two years ago, CompTIA said.
Browser-based attacks often take advantage of security flaws in Web browsers and other components of the user's PC, such as the operating system. The attackers' objective can be to sabotage a computer or steal private data, and the attacks can be launched when a person visits a Web page that appears harmless but contains malicious code.
Another new report found that Internet "zombie" attacks that attempt to knock computer systems offline are more likely to come from users of America Online than any other source, according to Reuters.
AOL and other large Internet service providers serve as launching pads for most denial-of-service attacks, according to a report released Tuesday by Prolexic Technologies, which helps companies fend off such attacks.
Government auditors concluded this week that federal agencies are not prepared to deal with the triple Internet menaces of spam, phishing and spyware.
A survey of the largest federal agencies by the Government Accountability Office revealed that most agencies are suffering from junk e-mail and other online detritus--but not one has a plan in place to deal with the threat and all have received limited guidance on what to do.
News.com this week also took readers inside Microsoft's "Blue Hat" summit, in which outsiders were invited into the heart of the Windows empire for the express purpose of exploiting flaws in Microsoft computing systems. "Blue Hat" is a reference to the widely known "Black Hat" security conference, tweaked to reflect Microsoft's corporate color.
The unusual gathering, a summit of sorts between delegates of the hacking community and their primary corporate target, illustrates how important security has become to the world's most powerful software company.
A soft summer
Though the next version of Windows Server is not expected until 2007, Microsoft said Thursday that it's on track to deliver a beta version of the operating system this summer.
A company representative would not give a specific date for the release of the beta version, but a moderator on a Microsoft Web chat on Wednesday said the company plans another chat in August to talk about Beta 1.
Microsoft is also planning a summer beta of the desktop version of Longhorn, which is scheduled to arrive in final form in the second half of next year.
Use of Microsoft Windows XP has grown inside corporations, but a new study shows that nearly half of business PCs are still running the older Windows 2000.
The study, released Tuesday by AssetMetrix, underscores a recurring problem for Microsoft: While the company spends billions of dollars developing new versions of Windows and its Office desktop software, many customers are slow to give up older versions of software that's paid for and works just fine.
The story has generated more than 50 comments so far from readers, many of whom, like "Bob Bob" said XP and 2000 are "basically the same."
"I can't believe Microsoft expects their customers to believe they are different OSes!," Bob wrote.
The next version of Microsoft's much criticized Internet Explorer browser is being built to resist hijacking attempts by spyware and other malicious software, according to a Microsoft developer.
Rob Franco, lead program manager for IE Security at Microsoft, wrote in a blog entry on Thursday that Internet Explorer 7 for Longhorn will contain a feature called "low rights IE." The feature essentially removes administrator rights, so that the system will not allow unknown applications, such as spyware and other potentially dangerous code, to be installed without express permission from the user.
And four major PC makers have no plans to sell the media-player-free version of Windows, which Microsoft was ordered to offer by Europe's competition commissioner. The story has so far generated more than 60 reader comments.
Reader Trev Tins got the conversation rolling by saying that the European Union is simply in it "for the cash." "There was no reason in the first place to remove (Windows Media Player)...All that fighting Microsoft over this deal is just plain greed. Nothing more."
Reader Randall Lewis explained the news as "what happens when lawyers design products" and adds "it should be called 'Windows EU.'"
Microsoft made an updated version of Window XP N available on Wednesday, but none of the computer manufacturers that ZDNet UK spoke to are considering preinstalling it on desktops or laptops.
Dell, Hewlett-Packard, Lenovo and Fujitsu Siemens all said they have no firm plans to install Windows XP N, citing a lack of customer demand. A Dell representative added Tuesday that customers expect to have a media player included.
Also of note
Michael Dell said he'd be willing to add the Mac OS to Dell's repertoire if Apple decides to open it to others...Economist Fred Bergsten explained his tariff proposal for Chinese products and the prospects for the U.S. tech industry...The U.S. Department of Justice is quietly shopping around the explosive idea of requiring Internet service providers to retain records of their customers' online activities.