News in General
First Linux Collaboration Summit Held at Google
Linux superstars, corporate heavyweights, and major customers all converged on the Mountain View Googleplex for the first of many Collaboration Summits. Hosted by the new Linux Foundation, the 3-day event focused on developer issues and, as Linux Foundation CEO Jim Zemlin stated, the sausage-making aspects of the open source ecosystem.
Although it started just after the announcement of Linspire partnering with Microsoft on multimedia support and patent IP (see below), conference organizers steered away from discussing the new Microsoft partnerships and potentially polarizing headlines. Instead, the focus was on working together on common goals. "They're projecting fear, uncertainty, and doubt. Let's come up with the things to move this platform ahead," Zemlin told attendees on the first day, which was open to journalists. After a public day with keynotes and press statements, the Collaboration Summit continued behind closed doors, and with blog silence.
The Linux Foundation hosted the Summit to bring together the diverse elements of the Linux community, and encourage face-to-face dialog. Among the aims behind the creation of the Linux Foundation was to foster innovation and act as a catalyst in the development of the open source software ecosystem. To some extent, the rapid acceptance of Linux and the diversity of projects has greatly enlarged what used to be a tight group of people, and better means of coordination and problem solving needs to be encouraged
Here's a link to the completed Summit schedule:
The conference wiki is still bare, but here are a few of the Summit highlights:
Marc Shuttleworth (of Canonical and Ubuntu fame) praised the collaborative nature of the open source community and the tools developed to help coordinate work on OS projects, but said more work needed to be done to foster sharing and collaboration between existing projects and their respective communities.
"Collaboration is an easy term to say, but it's hard to do. We often don't know whom to talk to, upstream, so the question is: how can we make collaboration better?", Shuttleworth asked.
Later in his keynote, he emphasized the importance of getting timely patches out to Linux users. He also cautioned against viewing the differences between the open source community and the Microsoft world as a new Cold War. He said it was more about the underlying ideas than about the personalities and companies. [What was the term from the 1960s? "Peaceful Co-existence"?]
Some discussion continued on the third version of the GPL. The attending kernel developers were reported to be polite but unswerving in their desire to continue with GPL v2. The consensus seemed to be to wait, and see how adoption of GPL v3 goes in the application space, first.
Brian Aker, Director of Architecture at MySQL, led a discussion on issues with implementation of Linux threads that had users reverting to earlier kernel versions (or even switching to versions of Solaris). This also touched on issues with variation between distros.
Efforts were also coordinated for better device drivers, especially printer drivers. LF announced a new LSB driver development kit at the Summit. According Zemlin, "The LSB print driver development kit is exactly the kind of work we can expedite as a united community of developers, vendors, and users. We all know we have to make it extremely easy for printing manufacturers to target Linux. This kit will reduce the effort it takes for them to take advantage of the tremendous opportunity Linux represents, and will help users 'just print' while using the Linux desktop and printer of their choice."
There was also recognition that, with the open-sourcing of many development tools, toolmakers are reluctant to invest in frameworks and integration tools that match the utility and sophistication of Microsoft's Visual Studio suite. Eclipse goes part of the distance, but has to accommodate multiple developer needs and overlapping development models. Developers and ISVs have too many choices and too few standards.
Here is a small PDF showing Google's wish list of development
Canonical Provides Details for Ubuntu for Mobile Internet Devices
Canonical Ltd., the commercial sponsor of Ubuntu, announced more details on Ubuntu Mobile and Embedded Edition, at Computex 2007 in Taipei. Following discussions at the Ubuntu Developer Summit in Seville, Spain, and a great response from its developer community generally, the target specifications and technical milestones for the project have been agreed. (With recent patches that support real-time processing in the kernel, some 50-60% of new mobile phones will be based on embedded Linux.)
Ubuntu Mobile and Embedded Edition will provide a rich Internet experience for users of Intel's 2008 Mobile Internet Device (MID) platform. To achieve this, Ubuntu Mobile and Embedded will run video, support sound, and offer fast and rich browsing experiences to the MID target user. Optimized for MIDs based on Intel's low power processors and chipsets, Ubuntu Mobile and Embedded edition is expected to deliver fast boot and resume times, and reside in a small memory and disk footprint.
"We are delighted with the progress of the Ubuntu Mobile and Embedded Edition", commented Jane Silber, Director of Operations at Canonical. "We have had a great response to our first announcement, with many developers showing interest in the project. With a clear roadmap, an active developer community, and a date for release, we look forward to bringing Ubuntu to Mobile Internet Devices."
The first full release of the software will be available in October 2007. Working collaboratively with Intel, Canonical is working to deliver software on actual devices in 2008.
(While this is, independently, good for Ubuntu and many mobile developers, large companies and ISPs continue to be concerned about the large number of Linux mobility platforms and lack of overarching standards. This is being noted increasingly at analyst events, and by companies such as Gartner and the 451 Group.)
Massive Multi-Web Site Attack Sweeps Europe, Enters US
Over 10,000 Web sites have been compromised by the "Mpack" hacker kit, and upwards of 100,000 user systems have had malware installed. The majority of compromised Web sites are in Italy, but the US has the third highest number of infected Web sites.
The multiexploit "Mpack" is a Russian collection of PHP script exploits that also collects statistics on the individual exploits. The hacked sites usually have additional IFRAME code embedded within the HTML source code, referencing the exploit server. Users are redirected to Web pages that download keyloggers, and other malware and exploits are selected based on the user's OS and browser.
Details on Mpack and its management console are reported at the
Websense and Symantec Web sites:
In the same timeframe, US Senator Mark Pryor (D-Arkansas) recently
introduced legislation making it a crime to install spyware on systems
without users' consent. Called The Counter Spy Act of 2007, it gives
enforcement power to the Federal Trade Commission (FTC). Violators
could face both fines and prison.
JavaOne: OpenJDK.org Formed for Future Java Implementations
Fulfilling its promise to the world last year, Sun is releasing a fully buildable implementation of the JDK to the new OpenJDK community. In front of a cheering developer audience at May's JavaOne, Sun's CEO Jonathon Schwartz announced the OpenJDK project, which will be tasked with implementing future releases of Java.
The project was seeded with Sun's May 6th JDK source bundle, which includes 25,169 source files. Almost all of the JDK - 6.5 million lines of code - is now available under the GPL, making it one of the largest contributions to the free software community in history. Of these, 4% or 894 cannot be shipped in source form: there are no rights for Sun to release the files, currently. An additional 1,885 files (8%) are not under GPLv2: These are mostly Apache-derived code, according to Sun.
Most of this exception code includes font and graphics rasterizers, sound engine code, and some crypto algorithms. There is also a little SNMP code, and some code for the Imaging APIs. (Richard Stallman of the Free Software Foundation has subsequently written that FOSSw developers should focus on this small subset of the JDK, and set Java completely free.) The encumbered code for the current JDK resides in the ALT_CLOSED_JDK, mostly in binaries. These are fully redistributable.
To help develop the community around OpenJDK, Sun launched a developer Web site: http://openjdk.java.net/
The site allows developers to download a full source-code bundle, or use Subversion to check out the code from the repository. Developers can contribute a patch to fix a bug, enhance an existing component, or define a new feature. Beside on-going blogs, the site also has links to live conversation via IRC on irc.oftc.net (#openjdk).
On the OpenJDK Web site, the founding engineers write: "With the community's help, we hope that encumbered code can be re-implemented over the next 6 to 12 months, balancing this critical engineering task with other priorities, and depending on the level of community participation in speeding this effort."
Also: Sun announced a one-year roadmap for the OpenJDK initiative, including clearing the remaining encumbrances, open-sourcing an implementation of Java SE 6 and associated deployment code, implementation of the compatibility testing and branding program, and establishment of the governance and contribution model for the community. At JavaOne, Sun announced the formation of the OpenJDK Interim Governance Board, with the charter to write and gain ratification for a constitution for the OpenJDK Community, based on transparency and an open, meritocratic process. Initially, this is viewed as separate from the Java Community Process (JCP), where specifications are thrashed out, mostly with vendor input.
As part of the NetBeans 6 preview release, Sun has created pre-built Netbeans projects to make it easy and intuitive to dive into the OpenJDK code base.
MS rattles its patent sabers
[with major contributions from LG copy editor Rick Moen]
Microsoft ignited a firestorm of controversy in the open source community, when its lawyers used the medium of a Fortune magazine article to specify an exact number of (alleged) MS patent infringements in Linux and other FOSSw. The count was 235, including 42 violations for the kernel.
"Microsoft General Counsel Brad Smith and licensing chief Horacio Gutierrez sat down with Fortune recently to map out their strategy for getting FOSSw users to pay royalties."
It may be that Microsoft is creating FUD to slow the increasing speed of adoption of FOSSw at major corporations and many governments worldwide -- all current and former MS clients. It may be that MS sees the recent Supreme Court decision on software patents as weakening the value of its own patent portfolio, and thus needs to act quickly to maximize its advantage. Either way, the patent showdown will probably get worse, over the next few months. Microsoft expects royalties or cross-licensing deals, and maybe renewed customer loyalty. That seems to be the bottom line.
Microsoft has been asserting its patents recently, and has received royalty payments from Novell and other companies like Samsung. To prevent this trend, on March 28, the Free Software Foundation made public a revised GPLv3 draft. That may have set the stage for a confrontation with Microsoft, and perhaps between Microsoft and companies championing open source, like IBM and Sun.
For an alternative take, several Groklaw commentators have pointed out that:
Microsoft may have torpedoed their own case in advance by shipping a vast number of the usual GPLed and other open source codebases as part of Microsoft Services for Unix (nee Interix), creating a defence of equitable estoppel.
They will also face the defence of "laches" (impermissible delay), which becomes a bigger bar to litigation with each day that passes since both the Fortune magazine piece and their shipment of Interix.
If Microsoft ever sues anyone for patent infringement concerning a GPLed codebase, then both Microsoft (i.e., Interix) and patent-licensee Novell will immediately lose the right to distribute that codebase, per GPLv2 clause 7.
Complicating the already volatile situation, Dell became the first major systems provider to join the business collaboration that was formed by Microsoft and Novell for intellectual property (IP) assurance. As part of the agreement, Dell will purchase SUSE Linux Enterprise Server certificates from Microsoft, and establish a services and marketing program to migrate existing Linux users who are not Dell Linux customers to SUSE Linux Enterprise Server. Under this extended agreement, Dell will establish a customer marketing team for migrating Linux users who are not Dell Linux customers to SUSE Linux Enterprise Server.
"We're focused on delivering solutions that help simplify customers IT operations," said Rick Becker, vice-president of solutions at Dell Product Group. "Our customers have told us they want interoperability, and expect technology vendors to work better together. Dell is the first major systems provider to align with Microsoft and Novell in this collaboration, and we intend to lead in this space. This move is a huge success for the industry and, more specifically, for customers who haven't purchased Linux through Dell and who want to migrate to SUSE Linux Enterprise Server for the IP assurance and interoperability benefits."
From our editor Rick Moen, commenting via the Linux Users of Victoria mailing list:
"The Fortune piece that set off the patent debate contains embarrassing factual gaffes such as this one:
Lawyers for the Free Software Foundation have been able to force developers who incorporated free software into proprietary products to open up their source code, for instance."
"This is a notorious bit of misinformation often promoted by various opponents of copyleft licensing: In fact, copyright law provides no mechanism whatsoever to compel such a disclosure, and no such event has ever occurred (nor could it)."
Rick separately adds:
"You are advised to not hold your breath waiting for Microsoft Corp. to state patent numbers and clarify what specific open source / free-software codebases it believes are encumbered by its patents. For one thing, that would -- as you suggest -- enable anyone and everyone to assess those claims' merits. Also, it would assist open-source coders in, where necessary, rewriting their code with (probably) breathtaking speed to use other, equivalent techniques. The Redmondians know -- from watching the dismal fate of the few SCO infringement claims that SCO bothered to detail usefully -- that they cannot compete in a fair match of programming or analytical skill, so they instead make only vague claims that their better-staffed and more-energetic competition cannot address."
From Matt Asay, GM of Alfresco, who will be presenting at the Open Source Business Conference in late May: "If we could have referenced the MS 'patent threat' earlier [for our conference], it would have doubled our attendance, I'm sure."
"Microsoft Takes on the Free World"
Also see: "Three Scenarios for How Microsoft's Open Source Threat
July 22-24, 2007, Portland, Oregon
Security '07 / HotSec '07
August 6-10, Boston, MA
MetriCon 2.0, Workshop on Security Metrics
August 7, Boston, MA
Linux Kernel '07 Developers Summit
September 4-6, Cambridge, U.K.
RailsConf Europe 2007
September 17-19, Berlin, Germany
Storage Networking World
October 15-18, Dallas, Texas
OpenSUSE 10.3 Alpha four now out
The openSUSE community announced the fourth public alpha release of openSUSE 10.3. Highlights include the YaST meta packages handler; InstLux allows users to start the Linux installation from Windows; TeX Live replaces teTeX; first parts of KDE4svn entered Factory; OpenOffice.org 2.2; GNOME 2.18.1; improvements to the init script starter ('startpar') to reduce boot time; first changes to support Sony PS3; Linux 2.6.21 with an updated AppArmor patchset; initial support for installation in Afrikaans, Gurajati, Hindi, Marathi, Tamil, Xhosa, and Zulu."
Quick link to the DVD torrent files:
Kernel 2.6.22 release candidate 5 available
Mid-June also saw the release of kernel 2.6.22-rc5. Said Linus: "On a more serious note, I have to admit that I'm a bit unhappy with the pure volume of changes this late in the game. I was really wanting to stop some of the merges, but, while not all of it really fixed regressions, there really are a lot of bugfixes in there."
Fedora Core 7 is out
Among the updates in Fedora 7 are user installation tools that allow for several different "spins", which are variations of Fedora built from a specific set of software packages. Each spin can be a combination of software to meet requirements of specific end users. In addition to a very small boot.iso image for network installation, users have the following spin choices:
GNOME and KDE desktop environment-based bootable Live images that can be installed to a hard disk. These spins are meant for desktop users who prefer a single disk installation, and for sharing Fedora with friends, family, and event attendees.
A regular image for desktops, workstations, and server users. This spin provides a good upgrade path and similar environment for users of previous releases of Fedora.
A set of DVD images that includes all software available in the Fedora repository.
This release provides for enhanced wireless networking. The NetworkManager presents a graphical interface that allows user to quickly switch between wireless and wired networks for increased mobility. NetworkManager is installed by default in both GNOME and KDE Live CDs.
Additionally, Fedora Core 7 uses Python 2.5, and all of the Python
software available in the repository uses it.
Fedora 7 includes Liberation fonts, which are metric equivalents for several well-known proprietary fonts found throughout the Internet, and give better results when viewing and printing shared documents.
SUSE Linux Enterprise 10 SP1 now available
SUSE 10 SP1 is out now, and provides enhancements in the areas from the desktop to the data center, including:
Enhanced server virtualization and management enables unmodified Windows and Linux guest operating systems to run with near native performance.
Updated high availability storage infrastructure
Support for Open Enterprise Server 2 and paravirtualized NetWare.
Enhanced security features:
Novell AppArmor 2.0 security framework now includes support for Apache Tomcat.
Support for new processor technologies, including Quad-Core Intel Xeon and AMD Opteron processors.
On the desktop, SP1 delivers updates to the desktop effects engine, a re-designed main menu, and the ability to play embedded video in OpenOffice.org presentation files. It also provides improved integration with enterprise technologies such as Microsoft Active Directory and Microsoft Office, including the new OpenXML/ODF translator to convert Microsoft Word 2007 documents to OpenOffice.org. (That Novell-Microsoft patent deal, again!)
And... SUSE Linux 9.3 is now officially discontinued, and out of support.
Skype for Linux 1.4 Beta
Skype Version 188.8.131.52 for Linux was released June 14. "The big news of this release is the support of glibc 2.3 systems. What this means is that Skype 1.4 will now run on some older systems without upgrading the base system."
Skype for Linux previously required glibc 2.3.3 or greater and Qt 3.2 or greater. If you do not have Qt 3.2 or greater, you are still able to use Skype for Linux by downloading its static version that has Qt 3.2 compiled in.
Besides substantial bugfixes, this update
includes Skype's own audio codec and an improved conference call
As a present to its community, instead of releasing Bugzilla 2.24, the Bugzilla Project has released Bugzilla 3.0. Earlier development snapshots named 2.23.x have become the new Bugzilla 3.0. This is the first major upgrade to the popular tool in almost a decade. Among the Bugzilla changes are mod_perl support and a Web Services interface using the XML-RPC protocol.
Download the new Bugzilla here: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-3.0.tar.gz
JavaOne and NASA's World Wind
At the JavaOne conference in San Francisco, Robert Brewin, Sun's CTO of software, and NASA's Patrick Hogan showed off a new open-source geospatial browser plugin that implements Java GL and incorporates NASA's visualization technology. The new software also allows developers to create mashups and detailed geo-spatial simulations.
One demonstration was the DiSTI F-16 Flight Simulator, a Web plugin based on Java GL Studio. It allowed a user to 'fly' an F-16 with external and cockpit views, as it maneuvers over the Earth's terrain. A collaboration between Sun Microsystems, NASA Ames, and DiSTI, the simulator links Sun's Java Open GL platform, NASA's World Wind, which provides actual satellite imagery and radar topography from Shuttle missions, with GL Studio for Java - to enable Java developers to create 3D, real time visualizations of the Earth, using cost-effective, high fidelity imagery.
DiSTI's GL Studio package lets an instructional designer integrate photo-realistic objects into simulations that react just like the real parts. Such parts affect the performance of the systems, and accurately reproduce real behaviors (i.e., unscrew an important connector from a simulated jet engine, and it will stop running.)
The NASA World Wind Java SDK is platform independent, and current demos run under Fedora Core 6, Ubuntu, Microsoft Windows, and Mac OS X.
There were some problems with the World Wind download from NASA, but these seem to have been fixed by mid-May. Check out the FAQ on WorldWind Central: http://www.worldwindcentral.com/wiki/WWJava_FAQ
Primary Download Site : http://www.simulation.com/products/glstudio/content/JDJ/index.html
Red Hat Adds Business Solutions to Open Source RHX
In May, at Red Hat Summit 2007 in SAN DIEGO, Red Hat announced the availability of Red Hat Exchange (RHX). RHX extends Red Hat's Open Source Architecture to include integrated business application solutions from fourteen open source partners built on Red Hat Enterprise Linux and JBoss platform software.
All solutions are purchased, delivered, and supported via a single, standardized Red Hat subscription agreement with consolidated billing covering the complete application stack. At the RHX Web site, customers have access to application profiles, user ratings and reviews, free trials, and online purchase options for all applications. Red Hat will provide customers with a single point of contact for all support issues throughout the application stack. In addition, RHX may be purchased through select Red Hat Value-Added Reseller Channel partners.
RHX launch partners include Alfresco, CentricCRM, Compiere, EnterpriseDB, Groundwork, Jaspersoft, Jive, MySQL, Pentaho, Scalix, SugarCRM, Zenoss, Zimbra, and Zmanda.
"When customers can minimize the number of number of vendors they are dealing with and the associated number of support contracts, they can reduce the complexity and often the cost associated with managing workloads," said Al Gillen, Research Vice President, System Software at IDC.
Red Hat Virtual Appliance OS to Manage Intel vPro-based Desktops
At its Red Hat Summit, Red Hat announced a joint program with Intel to bring hardware-assisted virtualization to desktop PCs with Intel vPro technology. Using Intel vPro PCs, IT departments will be able to deploy appliances in a virtual machine that bring enterprise-class management and security to the PC.
"The legacy desktop falls short in its ability to provide a secure, reliable and manageable environment," said Brian Stevens, CTO at Red Hat. "Intel vPro technology combined with a Red Hat Virtual Appliance OS will allow customers to create a rock-solid foundation that can then provision, manage and secure the PC. This technology will reduce operational costs and increase operational flexibility."
The Appliance OS from Red Hat will support pluggable Virtual Appliances to deliver functions such as network security, provisioning, monitoring and asset management, regardless of the state of the desktop OS. In collaboration with Intel, Red Hat plans to develop, productize, and support software components, including the hypervisor, the Service OS, and the Software Development Kit (SDK).
Active development on the project is underway today, with beta software expected later this year and general release planned for 2008.
Linspire, Freespire Add Desktop Virtualization
Linspire, Inc., developer of the Linspire commercial and Freespire community desktop Linux operating systems, and Parallels, Inc., maker of desktop virtualization solutions for Windows, Linux, and Mac OS X, have announced the Parallels Workstation 2.2 desktop virtualization solution for Linspire and Freespire users via CNR, a one-click delivery service for desktop Linux software. The companies also announced a technology partnership where Linspire will make a Freespire Virtual Appliance available using Parallels.
"Virtualization continues to impact the industry," said Randy Linnell, Vice-President of Business Development of Linspire. "We're excited about expanding our relationship with one of the leaders."
Parallels Workstation for Linux is a virtualization solution allowing Linux users to simultaneously run any version of Windows, including Windows Vista, any Linux distribution, Solaris, FreeBSD, NetBSD, OpenBSD, OS/2, eComStation, or DOS, in a stable, secure virtual machine on any Linux-powered PC. No re-booting or partitioning is required, and users never need to shut down or leave their home desktop to access a virtual machine.
Parallels Workstation is available immediately to Linspire and Freespire users for $49.99. Linspire and Freespire users can download and buy Parallels Workstation via CNR at http://www.linspire.com/parallels
FiveRuns Introduces Industry-First Enterprise Management Suite for Rails
FiveRuns, a vendor of enterprise-class management for Rails and other popular open source and commercial systems, has released RM-Manage, the first product from the FiveRuns Enterprise Management Suite for Rails.
The Management Suite for Rails will manage the full Rails application lifecycle, from automating the setup and maintenance of an integrated Rails development environment to ensuring Rails applications perform well in production. Following the release of the RM-Manage, RM-Install will ship in June. FiveRuns will complete the Management Suite for Rails with three additional products to help in the pre-production performance testing, deployment, and end-to-end visibility of Rails applications.
RM-Install, a free, multi-platform, enterprise-ready Rails stack, supports developing and deploying Rails applications without manually installing, configuring, or maintaining various integrated software components. RM-Install includes: a single integrated and tested Rails stack with pre-compiled binaries for Ruby, Rails, MySQL, Apache, Lighttpd and other important libraries, a stack management update component, and a demo application showing Rails and AJAX functions.
Lt. Cmdr. Data Added to CMU's Robot Hall of Fame
Data, the inquisitive and evolving robot of Star Trek NG, was among the four 2007 inductees announced for Carnegie Mellon University's Robot Hall of Fame.
The four inductees - the one-legged Raibert Hopper, the NavLab 5 self-steering vehicle, the LEGO(R) Mindstorms kit, and Data - were announced in May at the fourth annual RoboBusiness Conference in Boston. Some robots from the first three induction classes include the Mars Pathfinder Rover; Honda's ASIMO robot; the HAL 9000 computer from "2001: A Space Odyssey"; the "Star Wars" duo of R2-D2 and C-3PO; and Gort, the metallic giant from "The Day the Earth Stood Still." (Klaatu Barata Nikto -- http://en.wikipedia.org/wiki/Klaatu_barada_nikto)
The one-legged Hopper was ideal for studying dynamic balance because it could not stand still, but had to keep moving to stay upright. The lessons learned with the Hopper proved central for biped, quadruped, and even hexapod running. NavLab 5's crowning achievement was "No Hands Across America," a 1995 cross-country tour on which it did 98 percent of the driving.
CMU plans a formal induction ceremony for the four robots in the fall. http://www.cmu.edu/news/archive/2007/May/may15_rhof.shtml
Reinventing the Mag Stripe
QSecure, Inc., a SV startup with multiple patents in credit card authentication technology, has announced new technology that significantly reduces fraud resulting from stolen card data. The company's SmartStripe technology protects against counterfeit fraud without requiring changes in retail systems or card holder behavior.
SmartStripe technology incorporates dynamic cryptography on the card's magnetic stripe, augmenting the static data on the magnetic stripe. Each time a consumer uses a SmartStripe card, a proprietary magnetic media chip embedded in the magnetic stripe programs a unique cryptographic number on the stripe that is valid for only one transaction. If the payment card's data is compromised, and criminals attempt to re-use the data from the stripe, card issuers will be able to stop the transaction in real time.
Unlike other solutions which require changes to the existing credit card infrastructure, QSecure's technology works seamlessly within the existing retail system, requiring no modifications to merchants' card readers. Further, its usage is transparent to the card holder, so no changes to buying behavior are necessary. Future versions of QSecure solutions will incorporate a small, flexible display to secure online and other card-not-present transactions. The company is now working on programs with major card issuers.
 Rick Moen comments: On account of what I assume was a lapse in management concerning this program, an oversight that has not yet been corrected, Red Hat, Inc. has regrettably published false claims in press releases such as this one, and others on both http://www.redhat.com/rhx/ and on various subpages of http://rhx.redhat.com/ -- that Red Hat Exchange's offerings are open source.
In fact, some are open source, some are under doubtful "badgeware" MPL + restrictions licences whose sponsoring firms carefully avoid submitting them to Open Source Initative for scrutiny lest they be definitively rejected as open source, and some -- Centric CRM v. 4.1 and Jive Software's OpenFire being obvious examples -- are very clearly, past any possibility of doubt, absolutely proprietary. (Sixty seconds' checking should show readers that the Centric CRM's licence doesn't permit redistribution, and, to quote http://rhx.redhat.com/rhx/support/article/DOC-1384, "OpenFire has a time-based license that unlocks the Enterprise features in the application. An e-mail is sent to purchasing customers with a license file.")
I am among several people who have attempted to call Red Hat, Inc.'s attention to these false and misleading statements (starting with a private comment to the company's CTO immediately following the RHEL5 / RHX product launch in San Francisco on March 14). Their response thus far has been very disappointing: my best guess is that we're hearing only reactive and poorly-thought-out damage control from the very same Marketing Department and Professional Services people who created this program, i.e., that the issue has not yet reached upper management, but rather remains bogged down among sponsoring middle managers motivated only to sweep controversy under the rug.
The latter group's spin control, in response to criticism, is in the FAQ section of the "More about RHX" page:
Q: Are you only accepting open source ISVs into RHX?
A: The initial set of participating ISVs all have an open source focus. We realize that there is debate about which companies are truly open source. To make it transparent to users, RHX includes information about each ISV's license approach. Longer term, we may introduce proprietary applications that are friendly with open source applications.
This is confused, largely nonsensical, and unresponsive to the issue: The notion of an "open source company" is undefined and (more to the point) irrelevant to the issue at hand. By contrast, open-source codebases are abundantly well defined, by OSI's formal and precise Open Source Definition that has always been the guiding criterion since OSI invented the concept (and definition) in 1998.
I strongly hope that RH management takes this issue in hand soon and corrects the many distortive claims of open source within RHX, that are unsupported by the plain facts about many of the offerings.
(A separate page at the RHX site, http://rhx.redhat.com/rhx/support/article/DOC-1310, makes absolutely all of the RHX offerings seem proprietary, even the ones that are, in fact, true open source. Fortunately, I guess, the licence summary on that page is not very competently written, and is substantively in error on most items listed.)
Howard Dyckoff is a long term IT professional with primary experience at
Fortune 100 and 200 firms. Before his IT career, he worked for Aviation
Week and Space Technology magazine and before that used to edit SkyCom, a
newsletter for astronomers and rocketeers. He hails from the Republic of
Brooklyn [and Polytechnic Institute] and now, after several trips to
Himalayan mountain tops, resides in the SF Bay Area with a large book
collection and several pet rocks.
Howard maintains the Technology-Events blog at
blogspot.com from which he contributes the Events listing for Linux
Gazette. Visit the blog to preview some of the next month's NewsBytes
Howard Dyckoff is a long term IT professional with primary experience at Fortune 100 and 200 firms. Before his IT career, he worked for Aviation Week and Space Technology magazine and before that used to edit SkyCom, a newsletter for astronomers and rocketeers. He hails from the Republic of Brooklyn [and Polytechnic Institute] and now, after several trips to Himalayan mountain tops, resides in the SF Bay Area with a large book collection and several pet rocks.
Howard maintains the Technology-Events blog at blogspot.com from which he contributes the Events listing for Linux Gazette. Visit the blog to preview some of the next month's NewsBytes Events.