Preserved postings from the (vanished) linux.astcomm.net newsgroup on (likewise vanished) news.astcomm.net. Topics include:





From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Debian Package Dev
Date: Wed, 24 Jul 2002 03:23:11 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.12-20020311 ("Toxicity") (UNIX) (Linux/2.2.19 (i686))

Chris Olson (chris@astcomm.net) wrote:

> Do any of you guys know what tools are needed, and how to go about building
> Debian packages from a non-debian source archive? I've been exploring the
> Debian website with no luck on finding the information I'm looking for.

I think perhaps the toolset you're looking for is Debhelper. http://www.kitenet.net/programs/debhelper/

-- 
Cheers,             "I used to be on the border of insanity.  However, due 
Rick Moen           to pressing political concerns, I recently had to invade."
rick@linuxmafia.com                        -- Kurt Montandon, in r.a.sf.w.r-j





From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Libranet 2.0 First Impression - Installation
Date: Wed, 24 Jul 2002 03:59:35 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.12-20020311 ("Toxicity") (UNIX) (Linux/2.2.19 (i686))

Chris Olson (chris@astcomm.net) wrote:

> OTOH, Debian can be automatically upgraded using apt-get update && apt-get
> dist-upgrade from a cron job, the workstation user doesn't even know it's
> taking place, and there's no loss of productivity to perform the upgrade.

As you point out, there's some risk involved (though debconf helps). Here's a compromise approach (courtesy of Don Marti):

Run this, instead, as a nightly cron script:

apt-get update && \
apt-get -y --download-only dist-upgrade && \
apt-get autoclean

That updates the available-packages lists, retrieves into /var/lib/dpkg/archive but doesn't install any new packages, and removes those no longer essential. The admin later does a manual "apt-get dist-upgrade" to install the pre-fetched packages with human supervision (e.g., via remote ssh access).

-- 
Cheers,             The shortest distance between two puns is a straightline.
Rick Moen
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: My goodness....
Date: Wed, 24 Jul 2002 23:38:50 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.12-20020311 ("Toxicity") (UNIX) (Linux/2.2.19 (i686))

My recollection is that Corel's KDE 1.1 was gratuitously incompatible with everyone else's -- and I vaguely recall that Corel had a bad habit of inadvertantly forking projects by feeding back their changes only after such long delays that they could no longer be merged within reason. (There may be other perspectives. The foregoing is third-hand.)

On further reflection, you may have that exactly right (i.e., Corel's KDE1.1 may have been perfectly compatible, but just distributed in botched packages). It's been a while since I followed this stuff.

(Hmm, according to one passing reference, it was just one 20 MB package file, kde-corel-[nnn].deb, which breaks on upgrade because it was made to declare an erroneously narrow version dependency on "libapt-pkg2.5". My upgrade instructions explain how to yank out all the Corel packages, then put in standard KDE2 packages at the end.)

Anyhow, quick summary of the KDE 1.1 licensing fiasco:

The KDE Project started making good use of Trolltech's Qt graphics toolkit for X11 to make polished desktop applications without having to do graphics-object handling from scratch. Qt was under a generous but not open-source licence. Later, Trolltech let people use it under the QPL, which it wrote to be open-source but sadly clashed with the GPL. Some of the "K" apps were existing GPLed applications retrieved from the Net and revamped to use Qt/kdelib front-end graphics. Because of the licence clash, the resulting derivative works were (by their licence terms) not lawful to redistribute.

Therefore, the Debian Project wouldn't accept KDE 1.1 packages until this was fixed. Obvious remedy was to track down all the original works' authors and ask for written licence exceptions, allowing their works to be linked against Qt. A number of people, including me, tried to do this, only to find that typically the authors could no longer be found (and there were also language barriers to deal with). And the KDE Project leaders denied there was a problem.

(Anyone who wanted to install KDE 1.1 on Debian anyway, and ignore botched licensing, needed only to add one line to sources.list.)

The problem remained until Trolltech magnanimously stepped in and allowed future Qt versions to be accepted under the GPL (alternatively to the QPL or the earlier proprietary licence). The resulting KDE2 packages went into Debian immediately.


Most people care about licence problems only in wanting them to go away, because they're inconvenient. But a license is the terms under which you are allowed to use someone else's creation. Anyone who doesn't like those terms is free to write (or commission) a replacement of his own devising. Using someone's code contrary to its licensing amounts to ripping the author off.

-- 
Cheers,               "That article and its poster have been cancelled." 
Rick Moen                   -- David B. O'Donnel, sysadmin for America Online
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: debian apt-get problem
Date: Wed, 24 Jul 2002 06:34:55 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.12-20020311 ("Toxicity") (UNIX) (Linux/2.2.19 (i686))

Donald R. Spoon wrote:

> If you are NOT using "pinning" then having BOTH testing and unstable in
> your sources.list file may confuse apt as to which DIST to use for the
> upgrade. It might NOT be getting past the "testing", sees you already
> have it installed, and quits.

That's a common misconception.

What happens in that case is that apt-get update gets all the Packages.gz files from the various sources, and mergest them down to a single /var/lib/dpkg/available file, storing only the highest-version-# release of each named package.

In other words, the practice is harmless, except in making apt-get update and some other actions take longer.

-- 
Cheers,   "Why is the alphabet in that order?  Is it because of that song?"
Rick Moen                                              -- Steven Wright
rick@linuxmafia.com





From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Software exchange ring proposition?
Date: Wed, 24 Jul 2002 01:33:50 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.12-20020311 ("Toxicity") (UNIX) (Linux/2.2.19 (i686))

Rob McClure wrote:

> The legality question I had is this: Some of these disks came from
> commercial entities, such as SuSE and my Mandrake disks came from Linux
> Central. Are we allowed to exchange THESE disks without breaking any laws?
> I would think that disks created from images that we burn ourselves are
> exempt, but not sure about commercially produced copies.

ObDisclaimer: IANAL. TINLA.

Extremely rough and inexact rule of thumb: If it came in a boxed set, be careful, as some disks may include software that may not be lawfully redistributed without copyright owner's permission.

Big picture: Under copyright law, any time you produce a creative work "in fixed form" (as USA's Copyright Act says), you the creator gain an intangible property right called copyright, whose owner enjoys for a large number of years a limited monopoly over the contents. Among the rights included (reserved to the copyright owner by default) is the right of redistribution. So: If you lawfully receive a copy of some work covered by a copyright monopoly, and nothing says specifically that you're allowed to redistribute it, then you are not allowed to. By default.

This is why software licenses are necessary for open source software to exist, by the way. If there weren't a licence (grant of permssions) accompanying, say, GNU tar's source tarball, then giving a copy to anyone else would be copyright violation.


Anyhow, most distributions create ISO images for at least the base distribution containing only works that recipients are explicitly allowed to redistribute -- even though some of the components may be binary-only and proprietary (Acrobat Reader, Netscape Communicator, RealPlayer, Star Office 5.2), and some may be source-available but still proprietary (pine, pico, qmail, djbdns, xv). Those images may be lawfully exchanged and duplicated freely.

SuSE is something of a special case. Please see product taxonomy at: http://linuxmafia.com/faq/Licensing_and_Law/suse-product-strategy.html

Any copy of SuSE contains the YaST/YaST2 codebases, whose copyright SuSE Linux AG owns outright. (The SuSE installer uses YaST2.) SuSE Linux AG uses that copyright to control who's allowed to distribute the various SuSE editions. In order to gain brand recognition, they allow almost-free distribution of the "evaluation" single-ISO edition: You're allowed to duplicate it freely as long as it's not "for value". See:

This is detailed in: ftp://ftp.suse.com/pub/README.iso-images.english [2008 update: mirror copy]

Since LinuxCentral sells SuSE Evaluation 7.0 (http://www.linuxcentral.com/catalog/index.php3?prod_code=L000-090&id=tFxNJ59M7J7UB"), and thus is offering the CDs "for value", technically, they can do that lawfully only with explicit permission from SuSE Linux AG. (It's also possible that SuSE turn a blind eye to most such distribution.)

-- 
Cheers,                
Rick Moen                                           FORTH heart if honk then.
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: xauth
Date: Wed, 24 Jul 2002 01:52:49 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.12-20020311 ("Toxicity") (UNIX) (Linux/2.2.19 (i686))

Derek Broughton wrote:

> I can't make sense of the xauth documentation to be able to figure out
> how to allow root to connect to my server.

> Somebody suggested "xauth merge"....

There's the copying ~/.Xauthority trick. You'll also see some suggest "xhost +", which is a huge security hole.

My personal favourite solution is "ssh -X root@localhost". The resulting root shell has the .Xauthority and DISPLAY variable taken care of, and the X11 calls get mapped back over the (very fast, system-internal) SSH tunnel to your original user's session -- which of course owns the X11 server process. Thus, root-authority X11 apps launched from the root shell (using "# /path/to/appname &", preferably) can talk to the X11 server -- exactly what you're trying to do.

The command-line "-X" option enables X11 forwarding, in case it's disabled in SSH by default (which it usually is).

(Please see also my http://linuxmafia.com/lwce2001/ lecture notes for ways to use "sudo".)

-- 
Cheers,                             Ever wonder why the _same people_ 
Rick Moen                           make up _all_ the conspiracy theories? 
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Woody is Released! Stable = Woody now!
Date: Wed, 24 Jul 2002 07:04:31 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.12-20020311 ("Toxicity") (UNIX) (Linux/2.2.19 (i686))

Donald R. Spoon wrote:

> This means that all those CD's and things for Woody that came out over
> the last couple of months with their /etc/apt/sources.list files pointed
> at Debian "stable" will now work as intended!! No more need to jump out
> in the middle of a net-install to edit this file to point towards
> "woody" or "testing".

If I may make a modest suggestion: Most of the past 19 months "testing" has existed (since mid-December 2000), I've had a variety of desktop and server machines tracking the "testing" branch via apt-get -- and I'd like to invite others to jump in. The water's fine. Herewith, my main server's /etc/apt/sources.list:

deb http://security.debian.org testing/updates main contrib non-free
deb http://http.us.debian.org/debian/ testing main non-free contrib
deb http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free

You can put yours that way, and leave it that way. Period. End of story. Every week or so, resynchronise to the "testing" package updates using "apt-get update && apt-get dist-upgrade". Enjoy life. Forget all about "distribution releases", Toy Story characters, and all the related backage thereafter, because they'll cease to have any significance.

-- 
Cheers,                                             Live Faust, die Jung.
Rick Moen
rick@linuxmafia.com





From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: WP Linux FAQ
Date: Sat, 3 Aug 2002 03:44:13 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Leon A. Goldstein wrote:

> The guilX.gz dload came in a specific language. It does not have
> options for languages. You have to dload and install a specific
> version for each desired language.

Just a follow-up to close the loop on this one, since I've finally gotten around to investigating:

It turns out that Corel made the base tarball of WordPerfect 8.0 Download Personal Edition for Linux provide only the US English localisation files.[1] You could -=add=- any of nine other localisations to the base package, by downloading, unpacking, and installing ("./Runme") a separate tarball:

GUILGCE0.gz Canadian English
GUILGCF0.gz Canadian French
GUILGES0.gz Spanish
GUILGFR0.gz French
GUILGDE0.gz German
GUILGIT0.gz Italian
GUILGNL0.gz Dutch
GUILGOZ0.gz Australian English
GUILGUK0.gz UK English

This followed Corel's odd filenaming seen elsewhere: "GUI" was a prefix meaning this was an X11 version. That was followed by "LG" indicating that this was the "large" i.e. single-piece archive, ending with two letters to indicate the country/language. And each was not a gzip file precisely, but rather a confusingly misnamed .tar.gz archive.

Having installed the localisation file, you can then start up as follows:

$ xwp -lang XX &

...where XX is your two-letter code.

The files were available from the same Web page that offered WP 8.0 DPE itself -- where they were alternatively available in sets of from three to six files (split format) per language, from whose filenames the "LG" got dropped. For example, for Dutch you could get either GUILGNL0.gz (single-piece) or GUINL00.gz through GUINL03.gz (split format). Presumably, lots of little files were thought friendlier to users with slow modem connections.

People speaking those other languages and dialects have been mostly S.O.L. since Corel wiped most WP for Linux materials from their site. You could find three of the nine:

The latter also has an ES file (Spanish), but it's corrupted.

Anyhow, I happen to have tracked down all nine localisation archives, and ftp'ed them up to the "443.ch" webmaster's attention, and all nine of the WP 8 localisation files are now available once more at that location: WP 8.0 DPE localisation is back in business.

As should be obvious, I'm still quite fond of WP 8.x for Linux, and would rather it didn't vanish prematurely, regardless of Corel's neglect verging on outright hostility.

[1] I feel vaguely sheepish about an Ontario-based company doing this, but, hey, it's not us Yanks' fault for a change, eh? ;->

-- 
Cheers,                        "Censeo Toto nos in Kansa esse decisse."  
Rick Moen                                                  -- D. Gale
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: WP Linux FAQ
Date: Fri, 23 Aug 2002 22:20:50 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Donald R. Spoon wrote:

> Just saw a messages on Debian-User requesting help getting WP installed on
> SID. Thanks to this thread, I was able to point him to this site!

Cool.

After two months, the WP on Linux FAQ is now near the top of page 2, on Google hits for "WordPerfect Linux". I'm hoping it'll eventually outpoint the (now) basically worthless Corel pages and reviews of variable quality that still monopolise the top slots. (Rod Smith's superb pages on WP printing and fonts, fortunately, are listed up near the top.)

One of the reasons I wrote it is that the full story wasn't being told. People who'd heard of WP for Linux and remained curious were left hanging about what had happened. Obviously, Corel wasn't going to elaborate on the subject: The Filtrix debacle, a year ago, showed that they'd washed their hands of the entire product line. Customers browsing their product pages are, to this day, lead to believe that "Corel is currently working with the filter manufacturer to resolve this issue" (which sounds extremely unlikely).

Nor were Corel going to do anything at all to help WP 8.0 DPE users. (The 9 localisation packages are available again in the Netherlands basically because I uploaded them.)

And I'd always wanted to do my own survey of word processing software for Linux, which of course is included as FAQ section 8.5.

The LDP also now hosts a copy: http://www.tldp.org/FAQ/WordPerfect-Linux-FAQ/

(I need to send them another update.)


I was also rather appalled that all existing writings about WP for Linux completely failed to address some essential points:

1. Licensing. It's only gradually dawned on me that, outside the core Linux community, people tend to act as if software licence terms don't matter -- until the day those are enforced against them, at which time they act as if nobody could have anticipated it. (Example: Tim O'Reilly bellyaching about Microsoft enforcing the TCP-socket limits in Microsoft NT Workstation, just because the market for O'Reilly WebSite depended on violating the NT Workstation licence.)

And almost all commentators assume that, if a file was ever made available for public download without fee, that this implies an ongoing legal right to redistribute it forever. My FAQ points out (citing WP 8.0 DPE and its localisation files) that copyright holders can enjoin distribution entirely, unless they've granted that right specifically.

(Even downloadable files with such right of redistribution can have hidden gotchas that limit their long-term usability. For example, the proprietary spreadsheets WingZ and WingZ Professional for i386 Linux are non-functional until you enter a serial number and activation key available only from IISG, Ltd. of Kansas. All they have to do to put a sudden halt to new deployments is cease answering the telephone.)

If I'm considering entrusting my work to a software package with restrictive and/or peculiar licence terms, I bloody well want to know what they are, preferably before I buy or download it.

Thus, my FAQ summarises the licence terms for WP 8.0 DPE and 8.1 PE, pointing out the bizarre and annoying prohibitions that most people like to imagine somehow don't apply to them -- including 8.0 DPE being lawful only for "non-commercial" use, and both versions being lawful only for a single user. Which brings me to:

2. Multiuser. It should be, and always has been, the norm that Unix applications will be fully multiuser -- because Unix itself is. But WP for Linux honours this expectation only if you bought the US $500 boxed sets for the "Server Edition" (which was, in truth, the genuine base product). I'll bet that all of the open-source offerings listed in FAQ section 8.5 do competent multiuser operations, and that almost none of the proprietary ones do. Even Sun Microsystems, which knows better, has a rather appalling and poorly documented rigamarole one must endure with either Star Office or OpenOffice.org to avoid installing for only a single user. (They inherited this mess when they bought Star Division GmbH, but for heaven's sakes, why isn't it fixed yet?)

Written evaluations of Unix packages need to document any defect in multiuser support.

3. Portability. Again, it's a routine expectation in the Unix world that you won't suddenly lose all your software if/when you migrate to a new CPU family. Note that this doesn't require open source licensing, but it does require availability of source code (or use of interpreted code, instead).

If a package is going to make me be stuck on a rapidly aging CPU platform, and/or dependent on specific, obsolescence-prone libraries, I'd like to know of it in advance. I'd rather not find out the hard way.

4. Bloat. I'm sorry, but 73 MB of RAM just to load a word processor may or may not be acceptable, but it certainly is noteworthy -- especially when some of the competition weighs in at only 6 MB.


I tend to think of the lack of coverage of these matters, especially when "desktop" software is being discussed, as "ZDnet syndrome". My FAQ is in part an effort to redress the balance, and remind people of their importance.

-- 
Cheers,
Rick Moen                          Ban the Bomb.  
rick@linuxmafia.com                Save the world for conventional warfare.




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: WP Linux FAQ
Date: Fri, 23 Aug 2002 23:11:15 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Leon A. Goldstein wrote:

> I found it odd that there was little or no bellyaching last year about
> the Filtrix fiasco coming from the multi-user corner. Did Corel really
> expect that people who spent big $ on a core business app would just
> ignore the loss of the import/export filters?

For reasons that will have to go unspecified, I now know first-hand what happens when a company discontinues a product line that still has warranty obligations outstanding, which the company then becomes increasingly unable to satisfy as time passes.

It's simple: The company lies low, hoping that most of the warranty coverage will expire without their being called on it. As individual customers under warranty call in, the company makes a small effort using reduced resources to make them happy. If that fails, they attempt to come to a private settlement, which may include a partial or full refund. This is never publicised, because, of course, the more it gets talked about, the more past customers will show up wanting help and/or refunds while they're still possible. But, in any event, nobody gets helped who doesn't call and complain.

Typically, somebody in the customer service department keeps a spreadsheet of remaining warranty obligations, how much dollar value remains for each month looking forward, and the discounted present value of obligations at each monthly milestone. There may be detail sheets concerning the largest dozen customers' purchases, so the company can decide for each one when it's become cheaper to buy them off than to keep supporting them.

In the case of Corel, they may have quietly bought Filtrix upgrades for each of the large accounts. Or, if they had no shame about such things, they might have walked customers individually through applying Valentijn Sessink's GPLed wrapper script. (The above is pure speculation.)

-- 
Cheers,              "It ain't so much the things we don't know that get us
Rick Moen            in trouble.  It's the things we know that ain't so."
rick@linuxmafia.com          -- Artemus Ward (1834-67), U.S. journalist (attr.)





From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: "I see no advantages to Debian over Xandros"
Date: Sat, 27 Jul 2002 08:16:47 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.12-20020311 ("Toxicity") (UNIX) (Linux/2.2.19 (i686))

Larry Murphy wrote:

> My next venture will be to compile my own kernel - a little more
> reading first though.

The key precaution to take is to make sure you have a fallback kernel that you can boot if your newly compiled one doesn't work. E.g., if using lilo, have two paragraphs in /etc/lilo.conf:

boot=/dev/sda
root=/dev/sda5
install=/boot/boot.b
map=/boot/map
delay=20
vga=normal
default=linux
image=/boot/vmlinuz
label=linux
read-only
image=/boot/vmlinuz-old
label=linuxold
read-only
optional

That's the one from my main server system. Note that I can try new kernels as /boot/vmlinuz and retain, if that doesn't work, the ability to still boot my system using /boot/vmlinuz, which lets me recover from my error and try again.

Once you have your avenue of retreat worked out (e.g., the above) you can experiment with kernel compiles in pretty much total safety.

Kernel compiling seems like a big deal, and it's exhilarating, the first few times -- especially when they actually work ;-> -- but it's not tough once you're used to doing it.

-- 
"Is it not the beauty of an asynchronous form of discussion that one can go and 
make cups of tea, floss the cat, fluff the geraniums, open the kitchen window 
and scream out with operatic force, volume, and decorum, and then return to 
the vexed glowing letters calmer of mind and soul?" -- The Cube, forum3000.org




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: LyX
Date: Mon, 12 Aug 2002 22:27:16 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Leon A. Goldstein wrote:

> Consider Debian for your next upgrade. (This is, after all, a
> Debian-centric newsgroup, although it may be hard to tell sometimes with
> the occasional digressions.)
>
> Libranet is a very nice and reasonably priced introductory distro for
> making the jump from an RPM distro to Debian. Other group members have
> preferences for "pure" Debian, but it is still the same thing.

It is, indeed.

A HOWTO to help the less bold among us might be A Good Thing, but I'll not be writing one immediately, for lots of boring Real Life reasons. It should be as simple as just adding a couple of lines to /etc/apt/sources.list, then doing the standard upgrade dance:

# apt-get update && apt-get dist-upgrade

...and now you've converged your system to regular Debian. This is known to have worked fine with Stormix and Progeny. It should work fine with Xandros.

It mostly worked with Corel Linux OS, except for KDE breakage resulting from Corel having botched something-or-other about its KDE 1.1-variant packages.

The point is that enhanced-Debian distributions such as Libranet and Xandros Desktop have a major incentive to stay compatible with the Debian package mirrors, because that reduces drastically the amount of work they must go through in developing & maintaining a distribution in the first place. And that, in turn, means you can smoothly converge onto Debian proper via apt-get, without losing the enhanced-Debian special packages (those added by Libranet or Xandros) you might have become enamoured of.

Here's a reasonable sources.list, if you're going to converge your i386 enhanced-Debian distribution onto Debian's "testing" branch:

deb http://security.debian.org testing/updates main contrib non-free
deb http://security.debian.org stable/updates main contrib non-free
deb http://http.us.debian.org/debian/ testing main non-free contrib
deb http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free
deb-src http://http.us.debian.org/debian/ testing main non-free contrib
deb-src http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free
# Unofficial OpenOffice.org packages
deb ftp://ftp.vpn-junkies.de/openoffice unstable main contrib
# Unofficial KDE3 packages
deb http://people.debian.org/~bab/kde3/ ./
deb http://kde3.geniussystems.net/debian/ ./
# Sun Java J2r1.3
deb ftp://ftp.tux.org/pub/java/debian woody non-free

Distributions like Libranet and Xandros put extra effort into making their installers newcomer-friendly, at some expense in portability (they're i386-only, whereas Debian runs the same across 11 CPU architectures) and ability to work on any conceivable hardware. They also typically add a number of desktop-centric administrative and similar packages not otherwise available.

Argh. No sooner do I post that than I discover they've moved OpenOffice.org. That's part of the problem with unofficial apt repositories: They sometimes move, and you need to re-find them. Or they get removed entirely.

See here for the new information: ftp://ftp.vpn-junkies.de/openoffice/README

-- 
Cheers,
Rick Moen                                     Age, baro, fac ut gaudeam.
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: LyX
Date: Fri, 23 Aug 2002 12:42:48 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Vinay Ramnath wrote:
> I was wondering, do you debian people always wait for the deb?

Negatory.

/usr/local/ is always there, beckoning, and /usr/bin/gcc works just fine.

I'm left wondering what different answer would be even conceivable, to your question as posed.

> I installed the rpm because I use SuSE, but the source is available
> too. I read somewhere else someone had trouble when he installed KDE3
> under debian because KDE2.2 was the stable version for debian.

It would be more accurate to say that, on any distribution, installing the entire KDE3 suite on top of the entire KDE2.2 suite causes breakage. KDE3 unofficial packages are available for two of the 11 Debian CPU architectures; some porting and packaging problems apparently still exist for the others.

> Is there something different for debian compared to rpm-based
> distro's, except for the fact that they don't use rpms but debs or
> apt-get?

One gets spoiled by how well dependencies are resolved automatically and correctly, thanks to Debian Policy. The magic isn't -- and never was -- in the apt tool itself, but rather in Debian's enforcement of distribution/packaging policy. Nathan Myers did as good a job of explaining this as anyone: http://www.advogato.org/article/169.html Claudio Matsuoka and Alfredo Kojima at Conectiva confirm this in describing the obstacles they found in implementing the apt system on their Brazilian distribution after porting the utility to RPM:

http://www.advogato.org/person/claudio/diary.html?start=111
http://freshmeat.net/articles/view/182/

-- 
Cheers,                        When encryption is outlawed,
Rick Moen                      only outlaws will xr2d3fsxd df#$%xx`
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Galeon
Date: Fri, 9 Aug 2002 02:15:53 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Chris Olson (chris@astcomm.net) wrote:

> I've run Mozilla on systems with faster CPU's too and it still seems
> to do that. I think NS6 is marginally worse. Is this because of the
> graphics portion of the program or just plain "heavy" coding?

Probably the former, if I understand you correctly.

The Mozilla Project made the decision to write their own cross-platform front-end code, called "XUL", which I believe is what is exacting that overhead. Galeon uses a simpler GTK+ setup for those functions, but at the price of portability. (Behind the front-end code, it's the exact same browser code that the Web portion of Mozilla uses.)

There's a Galeon-analogue browser on MacOS X called Chimera (http://chimera.mozdev.org/): a native Cocoa (graphical programming interface inherited from NeXTSTep) user front end, attached to standard Mozilla code on the back-end. [2008 update: Chimera is now Camino.]

-- 
Cheers,                                              "Java is COBOL 2.0."
Rick Moen                                              -- Deirdre Saoirse Moen
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Netscape 6 vs Mozilla
Date: Sat, 17 Aug 2002 06:25:22 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
Lines: 35
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Chris Olson (chris@astcomm.net) wrote:

> I demo'd Microstation at the University of Minnesota
> Institute of Technology (where I graduated with a BS Mech
> Engineering back in the dark ages). Microstation is an
> excellent product but it falls short of the mark compared to
> AutoCAD because it can't handle Parasolids, so 3D work is
> limited to wireframe and surfaces. It is also not
> competitive cost-wise to the Windows solutions.

Yeah, I can believe that.

I've seen people do amazing things with AutoCAD.

> To my knowlege, AutoCAD has not been run successfully with
> any of the Windows emulators on the Linux platform :-(

If you need AutoCAD, you need AutoCAD.

Unlike the case with, say, MS-Project, AutoCAD probably would not be usable either under VMware/Win4Lin or via any of the remote-imaging protocols such as VNC -- because it's so inherently graphics-intensive.

So, if I were using *ix as my primary desktop system (which I am), and if I were a competent user of AutoCAD (which I'm not), then I'd probably use a KVM switchbox. AutoCAD really needs a box dedicated to that task, anyway.

Avocent (formerly Cybex) KVMs are a bit more expensive the Belkins -- and worth it. Much, much fewer hardware-compatibility problems.

Looks like someone runs a mailing list on Linux CADD:
http://www.freelists.org/cgi-bin/webpage?webpage_id=cad-linux
And here's a Linux Gazette survey article:
http://linuxgazette.net/issue54/frost.html

HOWEVER, I saw a recent post to the Answer Gang on Linux Gazette (in which I participate). Quoted without comment, as I don't know the gentleman and this is outside my field of experience, but it seems relevant to your interests:

+-+--------------------------------------------------------------------+-+
+-+ Original question from: answerguy@ssc.com,"Richard Brown"
+<rtbrown@sbcglobal.net>
+-+--------------------------------------------------------------------+-+

Saw your not yet. I am a mechanical engineer. I run AutoCAD daily on Linux using VMware. (Running SuSE 8.0 or 7.3, AMD 1.4 with 768 Mg) Works beautifully. Frequently I had 10 or 15 sessions of AutoCAD running at the same time. Never a problem. Nice also when want to reload or update as from 7.3 to 8.0 simply copy the back the Windows 2000 file. To me it is the preferrable way to run autocad.
-richard





From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Netscape 6 vs Mozilla
Date: Mon, 19 Aug 2002 02:52:08 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Revisiting an earlier part of this thread:

> And these are the types of things that still disappoint me about linux
> - install Mozilla vs. Netscape and Netscape is complete and it works
> with no further fanfare. Like you say, it would be easy to make
> Mozilla do the same thing, so why isn't it?

This is an interesting topic. Let's explore it.

Users who insist on installing only open-source-licensed[1] software will be at a disadvantage in this area, over at least the short term. Why? Because some things of interest are available so far only in proprietary form, or have their best implementations in that form.

Macromedia have made available the specifications for doing Flash, and have raised no patent-law obstacles to people writing open-source Flash parsers (http://www.openswf.org/) -- but code released thus far is pretty immature, beta quality at best. On the other side of things, the people producing the Galeon, Mozilla, Konqueror, and Skipstone Web browsers aren't going to add Macromedia's proprietary code to binary releases of their Web browsers, for two reasons: (1) that code, being binary-only, isn't portable, and thus supports only one or two of those browsers' CPU platforms. (2) You're just not generally going to see open-source coders bundling other people's proprietary-licensed code: The hassles with legal agreements just aren't worth the coders' trouble, for one thing.

But that doesn't mean it'd be impossible to get such bundling, just that it's more likely to occur elsewhere. For example, Libranet, SuSE, Caldera, and/or Lycoris might get around to doing it -- to maximise convenience for their "desktop" customers. If they aren't yet doing it, and you'd like it, make sure you let them know.

Flash was just an example, but one I thought would be illustrative. Adobe acroread might be seen as another. The open-source xpdf program is quite good, and is able to do things that acroread is deliberately prevented from doing (and isn't limited to only specified CPU platforms). However, many "desktop" users might generally prefer acroread, as it's usually faster and tends to give somewhat crisper results.

Then there's Real Player. Open-source implementations of its streaming and data formats aren't difficult and have been done -- but Real Networks has litigated them nearly into non-existence, on several grounds including patents and DMCA restrictions.

Open-source implementations of QuickTime are a similar case, except that Apple raises no objection to implementing QuickTime itself -- and decent open-source player and recording software exists. However, support for the patented Sorenson codec is zealously kept as an Apple monopoly, and damned near everything available in so-called "QuickTime format" is encoded using the Sorenson algorithm.

So, browsers can and often do auto-invoke xpdf for PDF MIME-types, but Real Audio/Video and Sorenson/QuickTime are somewhat legally problematic. The browsers could be set up to invoke the i386 proprietary realplayer binary, if present, and maybe the Crossover Office-supported Win32 binary of QuickTime, if present. Again, urge this to distribution makers, if you want to see it.

Proprietary software divides into software that may be freely redistributed, and software that may not. The latter would of necessity be available only in retail boxed sets of Linux distributions, not the CD-image editions available on the Internet. (Star Office 5.x/6.x is in this category, for example.) Only in boxed sets will such software make sense economically for the distribution vendor: For them to have to pay royalties or other licence fees on free-of-charge CD-image downloads obviously can't work.

We haven't even really gotten into fonts, here. It turns out that there are almost no truly "open-source" fonts: Those that are such tend to be really sucky. There's a poor but unsatisfying collection of fonts that are proprietary but freely distributable. This is one of the reasons why OpenOffice.org comes across as being a little raw around the edges compared to Star Office. (Another is Apple's patent on some key hinting technologies for some TrueType fonts at small point sizes.)

It turns out (according to a study a Debian developer did, recently) that the overwhelming majority of fonts people pass around on the Net or on Linux distribution CD-ROMs are distributed in violation of someone's copyright who never licensed such use. Everyone assumes they're licensed, because nobody objects, but they aren't. Fortunately, those owners aren't suing -- but they could.

[1] The term needs definition, to be meaningful: Most of us grizzled old-timers crankily insist it's as defined in the Open Source Definition, http://www.opensource.org/osd.html . That was taken from, and is functionally identical to, the Debian Free Software Guidelines, http://www.debian.org/social_contract#guidelines. The latter is one of two standard definitions of "free software", the other being Stallman's rather vague and fuzzy "four freedoms".

-- 
Cheers,               "That article and its poster have been cancelled." 
Rick Moen                   -- David B. O'Donnel, sysadmin for America Online
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Openoffice.org - StarOffice replacement
Date: Mon, 5 Aug 2002 19:29:39 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Leon, I salute you for attempting to build from source, but you might want to go with a binary tarball, first. ;-> Of course, there is one thing you can fix when you're compiling from source, if you don't mind violating some Apple USA-patent rights over TrueType font hinting: http://linuxmafia.com/faq/Apps/OpenOffice.org/fonts.html

Please note also that OpenOffice.org omits Star Office's database component (for which Sun licenses the ADABAS D codebase from Software AG). For the Linux version of OpenOffice.org, you can compensate by fairly easily integrating MySQL or PostgreSQL, instead:

http://linuxmafia.com/faq/Apps/OpenOffice.org/database.html
http://linuxmafia.com/faq/Apps/OpenOffice.org/mysql.pdf
http://linuxmafia.com/faq/Apps/OpenOffice.org/mysql.html

There are of course other third-party proprietary components that had to be stripped out of the Star Office codebase prior to the OO.o release: spelling checkers and dictionaries, some printing code, a grammar checker, a Web browser, e-mail and calendar code, some templates/fonts/clipart, and some file filters.

Donald R. Spoon wrote:

> I just read on Slashdot, where Sun is going to liberalize their
> licenses and allow some of these proprietary components to be
> included with OO.o. Stay tuned... the database might be in there yet!

Sun Microsystems don't own that database: It's used in Star Office under licence. Unless they wants to buy ADABAS D from Software AG, Sun Microsystems can't change its proprietary licensing by iota, because it's not theirs.

Please understand that Sun inherited the licence agreement with Software AG for bundling of ADABA D when Sun bought Star Division GmbH, original makers of Star Office. So, it's nothing new in this picture.

It's difficult to tell what open-sourceable replacement (one usable on all supported platforms -- Linux, Solaris, Win32, and the pending support for Mac OS X) would be accomplishable with reasonable time and money, and also meet Sun's own needs. Consider some candidates:

(1) PostgreSQL currently works as a plug-in to the Linux OpenOffice.org port, is under BSD licensing, and can run on Win32 and OS X. The fact that it's BSD-licensed might make it agreeable to Sun, because Sun could then include it in proprietary Star Office bundles without having to pay for additional rights.

On the other hand, Sun have (if I remember correctly) so far been quite a stickler for including only code on which they receives assignment of copyright, which lets them own the code outright and gives them maximum control and freedom of movement.

(2) MySQL. GPLed and not Sun-owned, which puts it at a disadvantage from Sun's point of view.

(3) BerkeleyDB. Might work, though it's not SQL. BSD-licensed, like PostgreSQL.

(4) Something Sun themselves write. This is of course always possible, but would seem likely to take a lot of effort and time.

Leon A. Goldstein wrote:

> I guess what I'm looking for is a "light duty" DB that does not require
> direct intervention with the operating system to start it.

I'm not aware of casual databases coded for Linux, but they probably exist. Chris Browne's pages are often a good place to start:
http://cbbrowne.com/info/total.html [2008 update: I now have my own listing of such tools at http://linuxmafia.com/faq/Apps/databases-casual.html.]

Or just use a nice graphical front-end tool, and never deal directly with the back-end database at all.

PostgreSQL:
PG Explorer, http://www.pgexplorer.com/
QPSQL, http://www.maekitalo.de/qpsql/
others, http://postgresql.lerner.co.il/interfaces.html

MySQL:
Glom, http://www.glom.org/
(I'm sure there are lots more.)

-- 
Cheers,     "You have acquired a scroll entitled 'irk gleknow mizk'(n).--More--
Rick Moen    This is an IBM Manual scroll.--More__
rick@linuxmafia.com You are permanently confused." -- ADOM (a roguelike game)




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Wipe Out! #2
Date: Tue, 20 Aug 2002 07:08:17 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Lynn Avants wrote:

> Check the md5sum on the binary.

Yes, it's vital that you verify that the Bad Guys' tarball's md5sum matches the md5sum value that the Bad Guys stored on the download server! ;->

> Every Linux trojan that has been attached to a binary changes the md5
> checksum from the original. The one attached to the OpenBSD OpenSSH
> suite was identified this way.

Hmm. The trojaned code was present (for six hours) only in source tarballs on ftp.openbsd.org aka ftp.openssh.com. The generated binaries were actually fine, and would (individually) md5sum correctly. There's an additional set of backdoor code that got built and then executed once at build time, to send information to socket 203.62.158.32:6667, in Australia.

It is true that if you checked md5sums of the trojaned tarball versus a pristine tarball's md5sum value, then you could find a difference. However, getting the latter is the trick, you see -- as I was trying to humourously point out, above. That is, any ftp site that has a trojaned tarball will probably acquire and store a matching md5sum value at the same time -- resulting in rather doubtful assurance to downloaders.

Hmm, I just remembered exactly what did happen:

1. Genuine openssh-3.4p1.tar.gz was posted at ftp.openbsd.org .
2. That source tarball got picked up by FreeBSD "ports" system. The "ports" system stores information including md5sums.
3. The Bad Guy replaced ftp.openbsd.org's openssh-3.4p1.tar.gz file with his trojaned version.
4. A FreeBSD user updated his "ports" skeleton, then did:
# cd /usr/ports/openssh
# make
5. The user's autobuild system retrieved the trojaned tarball from ftp.openbsd.org, compared its md5sum with the stored value in the "ports" skeleton data, and reported a discrepancy.
6. The user did analysis, and posted his findings to the OpenBSD Foundation people. Elapsed time since the trojan upload: 6 hrs.

My point is that the correct md5sum happened in this case to be available at a completely separate site (FreeBSD's). Otherwise, this detection mode would not have worked.

-- 
Cheers,                              "Open your present...."
Rick Moen                            "No, you open your present...."
rick@linuxmafia.com                  Kaczinski Christmas.
               --  Unabomber Haiku Contest, CyberLaw mailing list




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Linux/KDE vs Win NT5.0 vs Mac OS X
Date: Sun, 8 Sep 2002 07:16:07 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Leon A. Goldstein wrote:
>> Using CDRs/CDRWs for data backup is not even faintly economical.
>
> I take it the above is an incontrovertable dictum?
> I guess I'll have to stop backing up my data on CDR.

We could have a discussion about what "economical" means in this context. That would be followed by one about what "backup" does and does not mean, to avoid the time wasted over and over by people who use it to cover several other different concepts as well. (See "Subject: Backups, again" in http://linuxmafia.com/faq/Admin/tape-backup.html. )

We would have to cover how the scale (byte count) of one's backup sets, the threat models one does and does not intend to protect against, and consequently (among other things) the frequency of backup required enters into the equation. We would cover how the value of data and its time-sensitivity likewise enters into the picture. (Some data are much more valuable and time-sensitive than others.)

Last, we'd cover the fact that should be obvious without discussion that people do poorly economical things all the time.

Greg Madden wrote:

> I have a 'small busines', 10 years of reports archived are less than
> 500mb, another 500mb for my computer fax logs = two cd-r. I do use a DOS
> imaging app to create images of the OS, these do not fit on cd-r but do
> fit on dvd-r.

Trace out the annual cost of media for all the rotational backup sets required by your rotational backup scheme. (If the term "rotational backup scheme" doesn't ring a bell, then you aren't serious about backup, and this discussion will be a waste of both of our time.)

Calculate the cost of time required to have someone there to switch CDRs in the middle of the night when the files aren't busy. (If you aren't taking care to take backups when the files are in a quiescent state, then again you aren't serious about backup.)

Calculate the prorated per-annum cost of drive replacement. (Burners have a low MTBF: They have burn lasers and heavy armatures. Heat and friction wear them out.)

Make sure the software you use tracks the backup sets in an equivalent way to decent tape backup software. (What? Yours doesn't? Then, you're not serious about backup.) Add the cost of the periodic test restore sessions you do onto a scratch machine. (If you don't....)

Add all of those annual costs required to give reasonable protection against the sorts of catastrophic loss your security policy requires. (You did work out a policy to decide what threats are and are not worth protecting against, right? After all, you can't formulate your rotational backup scheme until you've done that.) And you dao know that backup is insurance against particular categories of catastrophic loss, right? And how it differs from archiving or redundancy, right?

Take that total annual figure, and compare it against the annual costs for competing technologies. See if your preferred option is competitive.

-- 
Cheers,              "It ain't so much the things we don't know that get us
Rick Moen            in trouble.  It's the things we know that ain't so."
rick@linuxmafia.com          -- Artemus Ward (1834-67), U.S. journalist (attr.)




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Linux Helix Producer Basic 9.0
Date: Mon, 9 Sep 2002 15:29:07 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Chris Olson (chris@astcomm.net) wrote:
> For those that are interested in streaming media, and creation of Real
> Media files, RealNetworks has released Helix Producer Basic 9.0 for
> Linux (free download). I haven't tried it yet on the Linux platform,
> but I have converted mp3's to Real Media files on Win2K with it.

An interesting offering. Of course, those of us who've followed the rather unpleasant history of Real Networks, Inc. will have predicted the fly in the ointment: the extremely draconian licence agreement.

Summary: You may install it only on two computers and use it only on one machine at a time. Real Networks can modify this licence in any way it pleases, with fourteen days' notice. You're allowed to develop software that talks to Real Networks's ActiveX interfaces, but then may not distribute your own software without Real Networks's separate permission. You may not redistribute the program. You may not reverse-engineer or modify it.

You must be in compliance with export laws and not associated with countries the USA considers naughty, like Cuba. You mustn't be on the USA Treasury or Commerce Department's lists of naughty people (drug smugglers, terrorists, export-regs violators, etc.).

You may not use the program in a DMCA-style "circumvention" manner. You may not attempt to circumvent the built-in "serial copying management system". You may not develop software that can be used to stream or export your Real Networks-encoded data to any other format, or that generates live-transmitted Real Networks-encoded files.

Full text:
http://linuxmafia.com/pub/linux/apps/realnetworks-helix-producer-9-licence

At least it doesn't have the spyware/secret-modification provision that the RealPlayer licence does. Summary: You consent to the program reporting unspecified information about your computer and its doings to Real Networks. You may not circumvent "digital rights management" functions of plug-ins. You consent to that DRM code reporting unspecified unspecified information about your computer and its doings to the DRM code's unnamed authors, and to their substituting anything they want in its place without notice.

(The rest of the licence terms are pretty much the same as for Helix Producer Basic, except RealPlayer's licence is valid for personal, non-commercial use only, and specifically not for usage involved in any way with any commercial service or application.)

Full text:
http://linuxmafia.com/pub/linux/apps/realnetworks-realplayer-8-licence


Real Networks has a long history of suing into oblivion any individual or company that constructs any software that can read Real Networks formats, using its claimed patent coverage and the DMCA.

The Ogg Vorbis people are starting work on a new, unpatented streaming video format without RN-type police-state licensing. All of it will be openly documented, and their implementation will be open source.

-- 
Cheers,       "There's a sucker born every minute.  eBay is the delivery room."
Rick Moen                                                  -- David Crowe
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Linux Helix Producer Basic 9.0
Date: Mon, 9 Sep 2002 20:49:29 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Chris Olson (chris@astcomm.net) wrote:

> Sure the Real Networks license is restrictive - that's because they
> hold patents and copyrights. Welcome to the Real world of business
> (pun intended).

Luckily, few businesses conduct themselves in as outright evil a fashion as Real Networks does. Luckier, someone who is forewarned about the outrages they tell you up front they're going to visit upon you, such as the spyware and we-may-substitute-anything-without-notice provisions of the Real Player licence, can avoid their products entirely. And Microsoft Corporation's.

Luckiest still, there exists an open-source streaming, all-platform media system developed by a couple of guys at Cisco, doing a streaming variant of MPEG4. They gave a lecture and demonstration about it at SVLUG, a few months back: http://mpeg4ip.sourceforge.net/
http://mpeg4ip.sourceforge.net/documentation/mpeg4ip_svlug.pdf

Of course, that implementation's primary codec's exist under the shadow of a patent threat. The Ogg Vorbis work will remove that problem.

I do wonder why you recommend proprietary products that have unusually evil licence provisions, without even saying word one about that aspect. Are you one of those people who still think licensing doesn't matter, even in the DMCA era? Or are you just accustomed to signing away all your rights, every time some software company pops up a EULA in front of you?

-- 
Cheers,   "This is mad, egotistical, sick, twisted, and stretches the bounds of
Rick Moen   good taste right off the tongue, past the uvula, and down around 
rick@linuxmafia.com      the duodenum.  It has other merits, but that should 
           indicate positive interest."  -- The Cube, http://www.forum3000.org/




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Linux Helix Producer Basic 9.0
Date: Mon, 9 Sep 2002 23:53:43 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Chris Olson (chris@astcomm.net) wrote:
> Rick Moen wrote:
>
>> I've found that businesses are really adverse to being the targets of
>> industrial espionage. I hope you mention to your clients that they're
>> consenting to same in their Real Player licence agreements.
>
> Well, I think they don't see it that way at all.

I infer that calling your clients' attention to particularly notable licence restrictions and peculiarities is a new concept for you. I hope you consider doing so in the future. There's a term for consultants and service industries that fail to disclose vital terms to their customers: failure of due diligence. Trust me, you don't want to be there.

Anyhow: One very hot button for corporate decision-makers is inability to control business risk. From that perspective, software that is prone to incompatiblity-inducing changes outside the company's control is an uncontrolled risk. Software whose licence can be unilaterally withdrawn or modified at will by the other side, with no discussion and only fourteen days' notice, is an uncontrolled risk. Software whose licence authorises the other side collecting unspecified private information about the inner workings of the company is an uncontrolled risk.

And: An executive who allows his company to becomes dependent on software he is not allowed to see inside, let alone change, has lost control of his business, and is on the wrong side of a monopoly relationship with a vendor who can thereby control his business.

> We have a local corporation here that uses Real streaming media to
> deliver desktop presentations for customers and investors, and also
> uses it for employee training.

Employee training sounds to me like a perfect test case for MPEG4IP, given the company's IT control over both client and server ends. But of course other considerations may apply.

> RealNetworks happens to provide excellent customer support, and has one
> of the best end to end solutions available. They also have *the* best
> streaming media application server available and it's very cost
> effective at < $5500 (Helix).

Actually, performance really rather sucks (by most measures) compared to some of the competition. MPEG4IP, for example, uses Apple's Darwin Streaming Server (open source), and it performs the hell out of anything Real Networks ever did. The latter didn't get to its market position by being better, so much as by being their early and having meaner lawyers than anyone else.

I mean, for crying out loud, all they have in the way of a codec is a slightly modified version of the ITU's H.263 protocol. That's antique.

-- 
Cheers,   "This is mad, egotistical, sick, twisted, and stretches the bounds of
Rick Moen   good taste right off the tongue, past the uvula, and down around 
rick@linuxmafia.com      the duodenum.  It has other merits, but that should 
           indicate positive interest."  -- The Cube, http://www.forum3000.org/




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Linux Helix Producer Basic 9.0
Date: Tue, 10 Sep 2002 06:15:29 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Chris Olson (chris@astcomm.net) wrote:

> There's no room for "testing" here. It has to work.

I don't want to belabour an obvious point, but one of the advantages of open-source software is that you can prototype it before deployment -- run pilot projects -- without lock-in. It's... um... a little startling to have to point this out.

>> MPEG4IP, for example, uses Apple's Darwin Streaming Server (open
>> source), and it performs the hell out of anything Real Networks ever
>> did.
>
> You are wrong, my friend. I've run both on Windows NT Server, Linux
> and Solaris. We had a demo of Quicktime Server running on Mac OS X
> Server from a local vendor and it *does* perform very well on that
> platform. Quicktime Streaming Server doesn't run on anything but Mac,
> however.

Sorry to hear that you've missed three years of news: Darwin Streaming Server runs on pretty much any *ix platforms. It was ported to Linux within (if memory serves) less than 24 hours of its initial release, a couple of years ago, at the time that Apple open-sourced it and Darwin itself.

Naturally, it runs a great deal faster on Linux, FreeBSD, and Solaris than it does on MacOS X Server.

E.g.:
http://www.cs.rochester.edu/u/charman/DSS_FreeBSD/

I must say, Chris, you seem to have suffered from a great deal of very bad advice. First, somebody mislead you into believing, in error, that Darwin Streaming Server runs only on OS X -- which a twenty-second Google search would have shown is not the case -- and then you got the "IT Comparison" from that university guy, and following that the "security expert" bloviating about system security.

> The Darwin Streaming Server is pretty close to Helix performance-wise
> on both Windows NT Server and Linux, but Helix has the added advantage
> of being able to handle three different streaming formats
> simultaneously - Darwin does not.

If you'll look at the way it's implemented in the MPEG4IP architecture, you'll see that it handles numerous codecs and data formats simultaneously. It doesn't handle numerous streaming formats simultaneously because it doesn't need to: Either RDP/UDP or RTP/RTSP/TCP (per the deployment's requirements) accomplishes all that the server has to do.

>> I mean, for crying out loud, all they have in the way of a codec is a
>> slightly modified version of the ITU's H.263 protocol. That's
>> antique.
>
> I thought it's H.263++ ...

Chris, H.263++ -=is=- Real Networks's name for its slightly modified proprietary extension of H.263 -- which is exactly as I said.

> ...which just happens to be a video standard, and which is also used by
> Quicktime/Darwin.

No, H.263 is an (antique, relatively poorly performing) International Telecommunications Union standard. Real Networks's proprietary "H.263++" variation on that standard is not a video standard, by any reasonable understanding of that term.

-- 
Cheers,   "This is mad, egotistical, sick, twisted, and stretches the bounds of
Rick Moen   good taste right off the tongue, past the uvula, and down around 
rick@linuxmafia.com      the duodenum.  It has other merits, but that should 
           indicate positive interest."  -- The Cube, http://www.forum3000.org/




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Re: Linux Helix Producer Basic 9.0
Date: Tue, 10 Sep 2002 16:40:43 +0000 (UTC)
Organization: news.astcomm.net
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Chris Olson (chris@astcomm.net) wrote:

> Now, re-read what I said again. Quicktime Streaming Server happens to
> be a different product than Darwin Streaming Server. I said Quicktime
> only runs on OS X, I didn't say anything about Darwin only running on OS X.

<sigh> It's the same code. The distinction is solely a marketing / product-positioning one. The code is called Apple QuickTime Streaming Server when compiled for PPC and bundled with OS X Server. It's called Darwin Streaming Server otherwise. You can see that for yourself, here: http://developer.apple.com/darwin/projects/streaming/faq.html
and here:
http://www.apple.com/quicktime/products/qtss/
and here:
http://www.apple.com/quicktime/products/qtss/qtssfaq.html

I quote from the latter:

Q: Does Darwin Streaming Server have the same features as QuickTime Streaming Server?
A: Yes. While there are inherent performance differences as a result of the platform, all versions have the same features.

They're saying that they use platform-specific compiler optimisations, in compiling the PPC-binary version that ships with OS X Server, plus they probably put a spiffy label on the box that says "Apple<tm> QuickTime<tm>". Otherwise, no difference at all.

Quoting the same page:

QuickTime Streaming Server, while designed for Mac OS X Server, is also available via the Darwin open source project, which offers a high level of customizability to just about any network. Sharing the same code base as QuickTime Streaming Server, ready-made versions of Darwin Streaming Server are available for Linux, Windows, and Solaris. In addition, since source code is available, it can be ported to most any platform by modifying a few files.

Thus the FreeBSD port whose URL I provided, earlier.

> Tell you what, Mr. Moen. I didn't start this newsgroup to have some
> idiot lunatic dominate it with his personal rantings, authoritatively
> hand out bad advice and information, and personally attack the other
> subscribers on the group on any topic available, and make it perfectly
> clear that there's *NOBODY* who knows more than Rick Moen.

Chris, surely you know better: The above is pure ad hominem attack from you.

Nor have I ever personally attacked other posters. I'm sorry, that's simply in error. I have disputed factual assertions where I have held different views; I have not attacked posters. There's a world of difference.

And you will find that I have started quite a number of threads, not to mention providing information on Debian, other distributions, and WordPerfect for Linux that many have found useful.

> Now, I'm going racing for the rest of the week. When I get back, I
> expect that I won't see any more posts from you on this group, and I
> expect that you won't let the door hit you in the ass on the way out.

I hope that when you return, you'll have calmed down, and realised that you flew off the handle unreasonably. If not, well, I suppose you can do something draconian like autodeleting my articles or blocking my IP netblock.

-- 
Cheers,               "That article and its poster have been cancelled." 
Rick Moen                   -- David B. O'Donnel, sysadmin for America Online
rick@linuxmafia.com




From: Rick Moen (rick@linuxmafia.com)
Newsgroups: linux.astcomm.net
Subject: Take care, guys! See you later.
Date: Tue, 10 Sep 2002 21:56:23 +0000 (UTC)
Organization: If you lived here, you'd be $HOME already.
User-Agent: tin/1.5.13-20020703 ("Chop Suey!") (UNIX) (Linux/2.2.19 (i686))

Well, I got a couple of really unpleasant, personally abusive e-mails from Chris, so, having clarified that this wasn't just a spasm of pique, I'll gladly comply with his request that I cease using his newsgroup. If anyone needs info from my past posts, I'll be archiving those I figure could be useful to people, at http://linuxmafia.com/~rick/linux-info2/astcomm.html.

It's been a pleasure to know you guys, and I look forward to running into you elsewhere.

-- 
"Is it not the beauty of an asynchronous form of discussion that one can go and 
make cups of tea, floss the cat, fluff the geraniums, open the kitchen window 
and scream out with operatic force, volume, and decorum, and then return to 
the vexed glowing letters calmer of mind and soul?" -- The Cube, forum3000.org




As explained in my note at the bottom, it appears that Chris Olson's bizarre series of hostile actions culminating in a bogus lawsuit threat were his response to my (inadvertently) showing his firm's sale of Real Networks software, to clients probably present on the newsgroup, was based on his bad business advice, and on his ignorance of the market and of open source alternatives.

Date: Tue, 10 Sep 2002 19:15:04 -0700
From: Rick Moen (rick@linuxmafia.com)
To: rick@linuxmafia.com
Cc: [list suppressed]
Subject: (forw) Re: Posting linux.astcomm.net messages to your website

Folks, regrettably, Chris has overridden my deletion of my own posts from his newsgroup as I departed, and now is threatening me with litigation. (I had of course removed only my posts. Since Chris wanted me gone from his newsgroup, I preferred to take my writings with me.)

I regret having to bring this unpleasantness to your attention. My sole desire was to leave Chris's newsgroup amicably.

----- Forwarded message from Chris Olson (chris@astcomm.net) -----

Date: Tue, 10 Sep 2002 19:54:46 -0500
From: Chris Olson (chris@astcomm.net)
To: Rick Moen (rick@linuxmafia.com)
Subject: Re: Posting linux.astcomm.net messages to your website

Dear Mr. Moen,
The linux.astcomm.net newsgroup has been restored in it's [sic] entirety, including all posts made by you since you subscribed to the group. Further attempts to superceed [sic] or expire messages from the spool will prove unsuccessful.

Furthermore, you may post material to your website taken from the linux.astcomm.net newsgroup that was generated by you only. AST Communications and individual subscribers to the linux.astcomm.net newsgroup own the copyrights to said material. You may not:

1.) Publicly post to your website, copy, or otherwise distribute material taken from the linux.astcomm.net newsgroup that was generated by other subscribers. This includes, but is not limited to, quotations of other subscriber's posts that may be included in your own contributions to the newsgroup.

2.) Publicly post or distribute email addresses of other persons subscribed to the linux.astcomm.net newsgroup.

Failure to comply with these terms will result in legal action against you.

Regards,
--
Chris Olson
AST Communications, Inc.
Barron, WI 54812

----- End forwarded message -----






There has been, of course, no "legal action". However, Chris Olson subsequently (on a mailing list, linux-help@astcomm.net) accused me of posting "forged headers and duplicate message ID's in an attempt to wipe the news spool and corrupt the database, by causing all previous posts to expire", said that "the configuration files for the server have been altered", that "the backup news server was also located and corrupted", and that I "hit the firewall last Thursday with a bunch of Syn packet probes that filled the logs with garbage". On the basis of that, he spoke of handing over "the evidence" to the Federal Bureau of Investigation.

This is nonsense, and libelous, to boot: What he claims is "SYN packet probes" and "an attempt to wipe the news spool" was just me sitting doing ordinary, benign user operations with the tin newsreader. To wit: posting cancel articles against my own postings (only), to remove them. I'm sorry if Chris doesn't know how to run a news server or read firewall logs (such that he mistakes my cancels posted against my own newsgroup articles as a denial of service attack, and mistakes my attempted NNTP connections as "SYN packet probes"), but that doesn't excuse his falsely calling me a criminal for no better reason than his own incompetence at server and network administration.

As mentioned, the sum total of what I did was cancel (using the tin newsreader) my own posts (and no others) upon being told I was no longer welcome. I did this on two separate occasions: The first time, overriding my expressed desire to remove my writings from his newsgroup, Chris had (wrongfully) restored them to there. So, I cancelled them again.

It's likely that my "tin" connection attempts after Chris blocked out my entire IP netblock showed up in his firewall logs as SYN requests: A packet with the SYN flag set is required to open a TCP socket, after all. That is hardly a "SYN packet probe": It's a normal attempt to open a connection with a newsreader! And I don't even know what "backup news server" Chris is speaking of: The only Internet host at astcomm.net I ever connected to was news.astcomm.net. (For completeness's sake: I also come across http://macconnection.astcomm.net/, now likewise vanished, in unrelated Web browsing.)


In retrospect (although I cannot be sure of this), the most plausible explanation for Chris's otherwise bizarre, sudden explosion of hostility, summary expulsion, and nonsensical litigation and FBI threats was purely commercial concerns: I'm guessing that management of the major ASTcomm customer to whom Chris had sold an expensive, proprietary Real Networks setup were reading the newsgroup thread. That would make my posts seem no longer just innocent views on technology, but rather (from his perspective) attacks on the foundation of his business.

Readers were able to see that Chris apparently hadn't informed his clients of:

The latter point must have been particularly embarrassing since Chris's one-man firm Advanced Systems Technology Communications, Inc. (ASTcomm) was an Apple specialist consulting firm (and touted being an "Authorized Apple Reseller"), yet Chris was profoundly misinformed about Apple's flagship server offering for streaming A/V. Having no response and no room to retreat, his best available way to save face with customers was to summarily expel the critic and claim he was a criminal — of all things. (2017 addendum: Advanced Systems Technology Communications, Inc. subsequently vanished without a trace. astcomm.net is now a domain squatter site.)