Author: Daniel Mettler

recently i’ve revisited freedesktop.org. it’s amazing how fast this community-driven project is making progress! particularly the x server, a better replacement for xfree86’s x server. just take a look at these nice screenshots on keith packard’s page! this x server offers many new features we all have been waiting for, among them hw-accelerated, true transparency, shadows and shades (keith’s explanation of the implementation).

freedesktop.org also hosts a pile of other desktop-related projects. very promising: cairo, a “vector graphics library with cross-device output support”. this will enable quartz-/quartz extreme-like, hardware-accelerated, device-independent pdf display/output, but even with greater flexibility (it also supports postscript display/output) :)

go freedesktop, go! :)

take a look at the remail website! this interesting project by ibm research comes close to my vision of an ideal “communication center client” :) remail is flow-based instead of just entity-based, integrates different kinds of communication facilities and information sources (i guess it’s modular and easily extendable), ties information to time/calendar functions and offers more flexibility and better customization (e.g. various message flags, better categorization, keeping track of important things etc.).

btw. ka-ping yee (of roundup fame) is credited as an intern.

let’s hope there will soon be a public (open source?) prototype to test-drive..

(source: symlink, infoweek.ch)

see this page (at the bottom) on how to get rid of the distracting color-flip-ads and make acrobat reader 6.0 advertising-free..

for those who are interested:

the dec 15-23: 4th international conference on unix at uninet [url revised] is looking for “irc speakers”. the virtual conference will be held in the following irc channel:

#linux @ irc.uninet.edu

irc logs of previous umeet conferences

unfortunately, i lack the time for holding a session.. probably even for following any.. i’m very short in time atm – the reason why i also couldn’t attend the devdays (which i’d really have been interested in a lot).. at least ben cares for logs of it :)

btw. wsis in geneva, dec 10-12.

i lack the time for an in-depth coverage, but it looks like the recent security issue had a beneficial effect in that it made some more people think about the future development inside gentoo :) nice!

portage-ng requirements sheet (natural language, sure ;). it’s really time for a re-engineered, modular architecture as a) this is probably a pre-condition for any production-quality package signing feature (now: module) in portage b) modularity will improve manageability and quality assurance of portage-ng in general
gentoo release roadmap 2004

regarding the compromised rsync mirror: the attackers seem to have exploited a heap overflow in rsync (glsa: exploitable heap overflow in rsync) to gain access to the box and the recent brk() vuln to gain root privileges. (btw another nice novelty, gentoo now lists glsas on a dedicated web page. yet another thing i’ve been asking for yesterday fullfilled today. thanks! :).

now we know what kind of exploit was used [my assumption that this might well concern all of us who run gentoo was absolutely right] and which box was compromised. i think we can qualify this as “full disclosure”).

all in all: much better now, folks! :)

(see also the news on ln -s)

[note: this server always runs the most current software available. if there are any security announcements (bugtraq, full-disclosure, glsa) regarding software used on this server, i usually update the said software within minutes/hours. further, it’s hardened against some kind of attacks and constantly monitored.]

recently we were discussing about the quality of websites of popular open source applications regarding their usefulness for stakeholders (end-users, devs, media etc.). we did both agree in our judgements.

an example of a very good site: the relaunched mozilla website.

some improvable sites: eclipse.org, openoffice.org (both sites are too much developer-oriented and confusing for end-users despite that the according applications have reached stable status long ago).

recently, i’ve stumbled over openvpn.sourceforge.net. first, this seems to be an interesting project (haven’t tested it yet), second they’ve done a good job in creating a useful website. some points:

* no silly claptrap (think of flash intros and such), just the information visitors expect
* concise, informative overview what openvpn is about
* information about users’ benefits of openvpn
* information why to choose openvpn instead of any other vpn implementation (differences)
* quicklinks to download the application. note that package signatures are also available.
* quick installation notes (who wants to read tons of manuals to install an app?)
* changelog/what’s new
* content-overview with direct deep linking
* language selection
* no frames, good for bookmarking (meaningful page titles)

so content-wise every important thing is accessible from within the main/entry page.

downside:

* the site is not valid xhtml/html
* the site doesn’t satisfy any web content accessibility conformance level. it’s not that bad though, i could easily view the site using lynx and links (both are text-based browsers)