Sun Microsystems will begin releasing its Solaris operating system as open-source software on Tuesday, starting with a new performance analysis and debugging tool called Dynamic Tracing.
"DTrace" is one of Sun's most loudly touted new features in version 10 of Solaris. Although the operating system will be available by the end of January, those wanting to see the full source code under the OpenSolaris plan will have to wait until the second quarter of 2005, a Sun representative said Monday.
Sun's OpenSolaris plan--to be formally unveiled Tuesday, along with legal details, the OpenSolaris.org Web site and a new community advisory board--is an attempt to steal some of the thunder of Linux, a project that unlike Solaris was open-source software from its earliest days. In another part of its Linux assault, Sun will make Solaris 10 available at no cost, a contrast to the practice of top Linux seller Red Hat, which requires payment for use of its Enterprise Linux.
Sun had hoped to launch OpenSolaris in 2004, but it was held up by licensing discussions with companies, Sun executives have said.
"The long and short of it is that going through the 5 to 10 million lines of code that is Solaris and making sure everything is ready to go takes a long time," said Tom Goguen, Sun's director of Solaris marketing, in a Monday interview. "We want to drive to get the whole thing on the Web starting sometime next quarter."
Sun representatives will hold two of the five positions on the OpenSolaris advisory board, Goguen said. The Sun minority will share power with two outside members of the OpenSolaris pilot project--elected by others in the project--and a representative of the broader open-source community, he said. The board members will probably be named by March, Goguen added.
Solaris--the software as sold and supported by Sun--will be a carefully tested and certified subset of OpenSolaris, Goguen said. It's not clear yet what mechanism will determine which code contributions are accepted into OpenSolaris, but Goguen said Sun would like a large group to control the approval process, as happens with Solaris itself.
Also on Monday, Sun confirmed plans to use the Community Development and Distribution License, a move first reported by CNET News.com. The license precludes programmers from intermingling Solaris and Linux software but does permit swapping with projects under several other open-source licenses.
"We are going to be doing OpenSolaris under the CDDL, and as a sign of how serious we are, we packaged up DTrace source code and made that available under the CDDL," Goguen said.
Rivals have responded differently to the arrival of Linux. Hewlett-Packard and IBM, the No. 2 and No. 3 sellers of Unix servers after Sun, embraced the operating system years before Sun and did so with more enthusiasm. IBM and HP see Linux as a way to advance their favored processor designs--IBM's Power and Intel's Itanium, respectively.
And Dell, which is a growing power in the market for servers using x86 processors such as Intel's Xeon and Advanced Micro Devices' Opteron, considered supporting Solaris in 1999 before settling unequivocally on Linux for its Unix-like option.
Sun said it spent more than $500 million in development to upgrade Solaris 9 into Solaris 10. The company has more than 1,000 Solaris programming engineers, Goguen said.
DTrace can be used to pick apart software as it runs, finding and tracking what processes are being requested by what programs. Unlike some probe technology, which requires a special version of the operating system, support for DTrace is included in the standard Solaris kernel.
"DTrace is a facility in Solaris 10 that dynamically instruments the kernel, dynamically instruments the applications, and weaves it together in real time," Bryan Cantrill, one of the programmers behind the software, said during a November presentation.
Cantrill said he used a DTrace prototype to diagnose a performance problem on a Sun server in 2002. "This is a machine that had 3,400 processes. But six knuckleheaded processes were bringing this system to its knees. Before DTrace, you didn't have a chance in hell of discovering this," he said.
DTrace is the favorite Solaris 10 feature of Sun programmer Alan DuBoff, one of the "Secret Six" who urged the company to reverse its 2002 decision to all but cancel the version of Solaris for x86 servers. Sun hired DuBoff in 2003.
Some software companies expressed concern that DTrace could let customers find out where those companies' software was inferior. There's some truth to that, DuBoff said, but he pointed out that the software subjects Sun to the exact same scrutiny.
"DTrace is like being in a nudist colony," DuBoff said. "There are no secrets--not even for Solaris."
But DTrace is the only thing open-source programmers will be permitted to see for the time being.
One of the troubles in releasing the Solaris source code has been getting rights to as much of the code as possible. Initially, Sun thought the sticking point would be with the Unix code originally licensed from AT&T, but in fact rights also had to be obtained from companies such as LSI Logic, DuBoff said. "A lot of the code didn't have specific copyrights. It was taking time figuring out where it came from," he said.
DTrace is one of several features coming with the new version, including containers that let a single server appear to be several independent ones; predictive self-healing, which finds and sidesteps hardware problems; faster networking; more detailed permission controls that restrict administrators to having only the privileges they require; and support for 64-bit x86 processors.
Coming in later updates to Solaris will be the ZFS file system, designed to bring greater reliability to the process of organizing data on storage systems, and the Linux Application Environment, code-named Janus, which lets Red Hat Linux software run without modification on Solaris x86.
Tuesday, January 25, 2005
Google rolls out TV search prototype
Google introduced late Monday a prototype of a service to search TV programming, an anticipated move to broaden its search franchise for broadcast.
As previously reported, the Mountain View, Calif.-based company has been quietly developing Google Video, an engine that lets people search over the text of TV shows. Immediately, the service will scour programming from PBS, Fox News, C-SPAN, ABC, and the NBA, among others, making broadcasts searchable the same day.
People can search on a term--such as Indonesian tsunami--to find the TV shows in which it was mentioned, a still image of the video and closed-captioning text of that particular segment of the program.
For now, people will not be able to watch the video clip, nor will the Web pages contain the company's signature text advertising. But Google expects to add video playback down the road, after ironing out the complexities of broadcasting rights and business models with various content owners. Jonathan Rosenberg, Google's vice president of product management, also said he could foresee selling commercial-like advertising, among other business models, with the new service.
"We've taken a conservative view of what we can do with other people's content," Rosenberg said. "We're open to possibility of very different ways to monetize this. We'll work out over time what's best for consumers and content providers."
Though in its early stages, the service underscores Google's ambitions to digitize otherwise analog content and make it searchable, similar to Google's recent library project scanning volumes of books. It also foreshadows a heated race with rivals Yahoo and Microsoft to be the de facto service for finding information wherever it resides: the TV, Internet, cellphones or other convergence devices.
Already in response, Yahoo has said it will begin promoting the video search engine it introduced in December by adding a tab from its home page. Also, the company has teamed with TVeyes to begin searching closed-captioning text of Bloomberg and BBC programs. That partnership will add to Yahoo's core competency of searching Internet video, putting Yahoo's service more on par with Google's.
For now, Google Video will not search for Internet-only video clips, (i.e., Jibjab short films), but the company said it plans to eventually add that capability.
"More and more video content is getting on the Web, and they need to be there to index it," said Gary Stein, an analyst at Jupiter Research. "What's most noticeable about this was how cautious it is. They've got the entire program, but they're not showing it."
Google is holding back because Internet distribution is a nascent market for many broadcasters and securing rights over broadband could be tricky.
For example, if Google and Yahoo want to host and play video from their Web sites, they must clear those digital rights with broadcasters. And broadcasters themselves must secure Internet rights with actors, producers and musicians, as well as clear spectrum signal rights with affiliates. (Yahoo does not host video, but it points visitors to the content.)
Being careful of existing business models is an issue, too. For example, CBS News offers video for free online, while ABC News offers subscription and paid video services for the likes of AOL and SBC Yahoo. CBS may want to boost traffic in order to sell advertising, but ABC may want to promote its subscription services via video search.
Blinkx, for example, recently introduced a video search engine in partnership with Fox News and Sky Broadcasting. Fox agreed to give Blinkx access to hundreds of hours of program archives, as well as allow it to record some live shows for the search engine. Much of the video clips are ad supported so that Fox can make new revenue from the search deal.
Terms of Google's relationships with broadcasters were not disclosed, but PBS executives said no money has changed hands. Alex Hofmann, PBS' senior director of digital ventures, said the deal is a learning experience to determine what business opportunities would make sense. It's also a no-brainer, he said, given that Google already refers most of the broadcaster's online traffic of 4 billion annual page views.
"TV search is going to be a large advertising revenue driver in time," said Sean Morgan, CEO of Critical Mention, a corporate broadcast-search tool. "But broadcasters are still wondering if the search engines could cannibalize the TV viewing itself."
As previously reported, the Mountain View, Calif.-based company has been quietly developing Google Video, an engine that lets people search over the text of TV shows. Immediately, the service will scour programming from PBS, Fox News, C-SPAN, ABC, and the NBA, among others, making broadcasts searchable the same day.
People can search on a term--such as Indonesian tsunami--to find the TV shows in which it was mentioned, a still image of the video and closed-captioning text of that particular segment of the program.
For now, people will not be able to watch the video clip, nor will the Web pages contain the company's signature text advertising. But Google expects to add video playback down the road, after ironing out the complexities of broadcasting rights and business models with various content owners. Jonathan Rosenberg, Google's vice president of product management, also said he could foresee selling commercial-like advertising, among other business models, with the new service.
"We've taken a conservative view of what we can do with other people's content," Rosenberg said. "We're open to possibility of very different ways to monetize this. We'll work out over time what's best for consumers and content providers."
Though in its early stages, the service underscores Google's ambitions to digitize otherwise analog content and make it searchable, similar to Google's recent library project scanning volumes of books. It also foreshadows a heated race with rivals Yahoo and Microsoft to be the de facto service for finding information wherever it resides: the TV, Internet, cellphones or other convergence devices.
Already in response, Yahoo has said it will begin promoting the video search engine it introduced in December by adding a tab from its home page. Also, the company has teamed with TVeyes to begin searching closed-captioning text of Bloomberg and BBC programs. That partnership will add to Yahoo's core competency of searching Internet video, putting Yahoo's service more on par with Google's.
For now, Google Video will not search for Internet-only video clips, (i.e., Jibjab short films), but the company said it plans to eventually add that capability.
"More and more video content is getting on the Web, and they need to be there to index it," said Gary Stein, an analyst at Jupiter Research. "What's most noticeable about this was how cautious it is. They've got the entire program, but they're not showing it."
Google is holding back because Internet distribution is a nascent market for many broadcasters and securing rights over broadband could be tricky.
For example, if Google and Yahoo want to host and play video from their Web sites, they must clear those digital rights with broadcasters. And broadcasters themselves must secure Internet rights with actors, producers and musicians, as well as clear spectrum signal rights with affiliates. (Yahoo does not host video, but it points visitors to the content.)
Being careful of existing business models is an issue, too. For example, CBS News offers video for free online, while ABC News offers subscription and paid video services for the likes of AOL and SBC Yahoo. CBS may want to boost traffic in order to sell advertising, but ABC may want to promote its subscription services via video search.
Blinkx, for example, recently introduced a video search engine in partnership with Fox News and Sky Broadcasting. Fox agreed to give Blinkx access to hundreds of hours of program archives, as well as allow it to record some live shows for the search engine. Much of the video clips are ad supported so that Fox can make new revenue from the search deal.
Terms of Google's relationships with broadcasters were not disclosed, but PBS executives said no money has changed hands. Alex Hofmann, PBS' senior director of digital ventures, said the deal is a learning experience to determine what business opportunities would make sense. It's also a no-brainer, he said, given that Google already refers most of the broadcaster's online traffic of 4 billion annual page views.
"TV search is going to be a large advertising revenue driver in time," said Sean Morgan, CEO of Critical Mention, a corporate broadcast-search tool. "But broadcasters are still wondering if the search engines could cannibalize the TV viewing itself."
Friday, January 21, 2005
Novell, Red Hat ready Linux servers
Novell and Red Hat, the leading Linux distributors, are preparing major upgrades to their respective server product lines for release within the next two months.
By the end of February, Novell intends to release Novell Open Enterprise Server, a product aimed at helping its NetWare customers move to Linux. The company is expected to announce the pricing and shipping date of the product at the LinuxWorld conference in Boston in mid-February.
Meanwhile, Red Hat has said it will release Red Hat Enterprise Linux 4, the company's flagship Linux server operating-system package, this winter. The company is planning to hold a press conference at LinuxWorld, but a company representative on Wednesday declined to say whether Red Hat will announce the availability of Red Hat Enterprise Linux 4 at the event.
Red Hat Enterprise Linux 4 will be the first version of the server operating system based on version 2.6 of the Linux kernel. It will include support for Security-Enhanced Linux, a set of security-related utilities stemming from research at the National Security Agency( http://www.nsa.gov/selinux/info/faq.cfm#I1 ) that's designed to make the software more immune to attacks. It will also enable the use of wireless-networking chips from Intel, according to an e-mail list for the beta program of Red Hat Enterprise Linux 4.
Last summer, Novell released its direct competitor to Red Hat Enterprise Linux, which is called SuSE Enterprise Linux Server 9. That Linux server package is based on version 2.6 of the Linux kernel and is bundled with the JBoss Java application server.
Novell Open Enterprise Server, which was originally scheduled for release by the end of 2004, is a package that includes SuSE Enterprise Linux 9 as well as a copy of NetWare, Novell's operating system, which it has been developing since the 1980s.
The release is designed to capture existing NetWare customers considering a move to Linux or those who, over the past few years, dropped NetWare in favor of Microsoft's Windows, said Charlie Ungashick, director of product management and marketing for Novell's servers and desktops.
Novell is making network administration tools that have been available on NetWare--such as security and a directory--run on Linux. It is providing a single management console for both servers. Novell will also ease administration by better integrating with other open-source packages for file sharing and printing with both operating systems, Ungashick said.
The network administration tools inherited from NetWare will make Linux more suitable for large-scale deployments, he added.
Novell intends to release SuSE Enterprise Linux 10 in February 2006. The follow-on release of Open Enterprise Server, code-named Cypress, is slated for delivery in August 2006. The company also intends to release relatively minor updates, or service packs, for both products every six months.
By the end of February, Novell intends to release Novell Open Enterprise Server, a product aimed at helping its NetWare customers move to Linux. The company is expected to announce the pricing and shipping date of the product at the LinuxWorld conference in Boston in mid-February.
Meanwhile, Red Hat has said it will release Red Hat Enterprise Linux 4, the company's flagship Linux server operating-system package, this winter. The company is planning to hold a press conference at LinuxWorld, but a company representative on Wednesday declined to say whether Red Hat will announce the availability of Red Hat Enterprise Linux 4 at the event.
Red Hat Enterprise Linux 4 will be the first version of the server operating system based on version 2.6 of the Linux kernel. It will include support for Security-Enhanced Linux, a set of security-related utilities stemming from research at the National Security Agency( http://www.nsa.gov/selinux/info/faq.cfm#I1 ) that's designed to make the software more immune to attacks. It will also enable the use of wireless-networking chips from Intel, according to an e-mail list for the beta program of Red Hat Enterprise Linux 4.
Last summer, Novell released its direct competitor to Red Hat Enterprise Linux, which is called SuSE Enterprise Linux Server 9. That Linux server package is based on version 2.6 of the Linux kernel and is bundled with the JBoss Java application server.
Novell Open Enterprise Server, which was originally scheduled for release by the end of 2004, is a package that includes SuSE Enterprise Linux 9 as well as a copy of NetWare, Novell's operating system, which it has been developing since the 1980s.
The release is designed to capture existing NetWare customers considering a move to Linux or those who, over the past few years, dropped NetWare in favor of Microsoft's Windows, said Charlie Ungashick, director of product management and marketing for Novell's servers and desktops.
Novell is making network administration tools that have been available on NetWare--such as security and a directory--run on Linux. It is providing a single management console for both servers. Novell will also ease administration by better integrating with other open-source packages for file sharing and printing with both operating systems, Ungashick said.
The network administration tools inherited from NetWare will make Linux more suitable for large-scale deployments, he added.
Novell intends to release SuSE Enterprise Linux 10 in February 2006. The follow-on release of Open Enterprise Server, code-named Cypress, is slated for delivery in August 2006. The company also intends to release relatively minor updates, or service packs, for both products every six months.
Friday, January 14, 2005
The open-source revolution
As an entrepreneur many times over, he hopes he's really getting it right this time." So states half of Mitch Kapor's terse biography on the Open Source Applications Foundation staff page.
It's an odd statement ( http://osafoundation.org/people.htm ), considering that Kapor got it so spectacularly right the first time. In 1982, he co-founded Lotus Development, later acquired by IBM, and co-wrote the Lotus 1-2-3 spreadsheet application commonly credited with spurring the personal computer's conquest of the business world.
Although his latest effort is unfolding in comparative obscurity, many in the open-source world are hoping, along with Kapor, that he gets this one right and that the results once again rearrange the dynamics of the computer industry.
Having made his fortune during the heyday of proprietary software, the 54-year-old Kapor finds himself at the forefront of two foundations devoted to open-source software development. He is both president and chair of the OSAF and chairman of the Mozilla Foundation, the group founded by Netscape Communications to develop its browser and later spun off by Netscape acquirer AOL Time Warner.
The goal of the foundations isn't to create a new killer app but rather to use the open-source development model to dislodge Microsoft's Web-browsing and e-mail software titles from their dominant market positions.
Kapor spoke to CNET News.com about his open-source and charity foundations, what it will take to challenge Microsoft and the movement behind Mozilla.Q: Let's start with the basics: Why open source? A: Open source is important to different groups of people for different reasons. For consumers, it's one thing; for developers, it's another. But basically, it's an entirely different way of organizing the large-scale economic activity of creating and distributing software (and) has many advantages. It's not a cure-all.
I think that for people who use software, in the long run, open-source products are going to be less expensive and of higher quality. Also, open-source products put more control into the hands of people and organizations that use the software, which is a good thing.What did your experience at Lotus contribute to your philosophy today? One of the big events that changed open source a lot took place after I left Lotus in the late 1980s. That's when Linux started and, in particular, that's when other licensing models besides the pure GPL (General Public License) started to be more widely used. Open-source products started to move into the larger world of business software. And that wasn't even on the horizon when I was at Lotus.
By the time it got to the very late '90s, it was clear that it had become difficult to innovate successfully using the
(Firefox) represents proof that a well-done, well-wrought open-source product can have global impact.proprietary model if you wanted to develop everyday applications that anyone with a personal computer would use: e-mail, spreadsheets, word processors. (Open source) became an end-run around the stagnation that I saw going on. It was very frustrating for lots of people in that the existing products that were out there simply weren't up to the task of handling their e-mail and keeping their lives organized.
Is that still the case? It is. The great thing that's happened of late is to see the early, huge momentum of Firefox, attracting millions of users and beginning to grow its market share appreciably. That represents proof that a well-done, well-wrought open-source product can have global impact as an application--and I consider a Web browser to be one of those everyday products.
Is Firefox ultimately going to fizzle? Nobody knows what's going to happen. It's certainly not inevitable that Firefox's market share will continue to increase. I think open-source advocates would do well to be relatively cautious and avoid making claims and predictions. On the other hand, there are some fundamentals that favor Firefox. It's a great product, small, fast and more secure. You don't see anybody disputing that. The next question is how much mileage there is to get out of it, ultimately. Certainly, it has already caused Microsoft to improve IE.
Why is that? Why should it take something like Firefox to improve IE?
To the extent that the net result is that IE's fundamental security problems get addressed, that, too, is a victory.Microsoft does not respond and improve products otherwise. The Mozilla Foundation does not have financial goals, so it can take credit for whatever improvements happen in the browser, whether they're in Firefox or not. By the standards of the project itself, to the extent that the net result is that IE's fundamental security problems get addressed, that, too, is a victory. As for the analysts who look at this, I doubt that's their criteria for success.
The other thing is that enterprises are not, in many cases, very satisfied with a single Microsoft alternative. This is a known and longstanding problem. They have been held back by a lack of alternatives that are comparable and satisfying in all the ways important to enterprises.
With Firefox, which begins to pass the threshold for enterprise acceptance, the question is, How will they respond? It's not a question of the economics of it, but will it help them to manage their computing infrastructure better? As for whether Firefox is overhyped, we'll have to see how this plays out.What exactly is your role at the Mozilla Foundation? I am the board chair. It's like being on the board of any for-profit or nonprofit--I'm not at all involved in day-to-day operations but rather with overall governance and consulting on strategic directions. So I meet regularly with (Mozilla Foundation president) Mitchell Baker.
I've been covering Mozilla almost since the beginning, I've spoken with Mitchell Baker many times, and I've still never gotten a good sense of her. I have to say that I have often found that people underestimate her. I know that when the project was inside Netscape/AOL, she did not receive the regard from the AOL executives that I thought was really due to her. Mozilla is a really interesting and complex project and organization.
I think it was like the Harry Potter of open source. You know how all the movies open with him living with his aunt and uncle, who give him no respect and lock him up? People had written off Mozilla on multiple occasions. I felt like and continue to feel like she does a remarkable job in a low-key way in shepherding that project through unique and difficult circumstances. I think the renaissance with Firefox and Thunderbird--without her this would not have happened.
Mozilla was like the Harry Potter of open source.I respect her leadership, which is very low-key and not charismatic--the opposite of the Larry Ellison style. She has been effective in the face of real challenges. I got involved at the point when we extracted it from AOL.
How did that come about, anyway? There was a recognition that it didn't make sense for that project to be inside AOL, but it was sort of stuck in the birth canal. It turned out that I was able to act as an intermediary or midwife because I know Mitchell, who has worked at the Open Source Applications Foundation, and I also know the vice chairman of AOL, Ted Leonsis, who, at the time, was running the AOL service. And he was one of the top handful of executives at the whole thing. I ran into him at a conference, and we got to talking, and I was able to make this thing happen. And we brokered an arrangement to spin Mozilla out into its own nonprofit. So that was a year and a half ago.
You also have two of your own foundations. Oh, at least. I'm almost entirely working on the nonprofit side. There's the Open Source Applications Foundation and the Mitchell Kapor Foundation( http://www.mkf.org/ ). Then there's also the Level Playing Field Institute( http://www.lpfi.org/).
Let me ask you about what's going on at the Open Source Applications Foundation. What are you doing with Chandler? Chandler is a personal information manager whose principle functions are e-mail and calendar. It also has some contact, address and task management.
One of the goals for Chandler all along has been to start with more of a clean sheet of paper in how we design the application. The other alternative is to do something more conventional that looks and works more or less like Outlook. There's nothing wrong with that, but as I was saying before, one of the goals is to see if we could innovate to improve the user experience in fundamental ways. We will either fail or succeed in how well we do with that goal.
Apart from writing this thing from the ground up, what are your larger strategic goals for Chandler? In the same way that Firefox has established itself as very viable open-source browser alternative, one strategic goal would be to establish another alternative in another important software applications category--a viable open-source alternative that has the potential, as it matures, to reach ultimately millions of people and a developer community of thousands. Those are goals which we will get to in several stages, not all at once.In terms of the e-mail and the calendar components, Chandler sounds a lot like what Mozilla is already doing with Thunderbird and Sunbird. Aren't your open-source foundations stepping on each other's toes? It's absolutely in the same category as Thunderbird. Sunbird is an existing community calendar, which is basic and not complete or robust. They're using that as a base, adding a lot of things to it and integrating that with Thunderbird.
The aspiration level of Sunbird, by everyone's account, is significantly more modest and different than what we're trying to do in Chandler. We're trying to provide a well-engineered, well-designed but vanilla IMAP( http://www.imap.org/about/whatisIMAP.html )client and some vanilla calendaring. But when I was talking about overcoming information silos and better integration between the different kinds of data that a PIM manages--that's a Chandler aspiration. In Outlook, your data is in separate silos when often you'd like to see things much better connected.The Mitchell Kapor Foundation and the Level Playing Field Initiative are both concerned with social, environmental and educational issues. When it comes to those issues, how would you rate the high-tech industry as a whole? It's pretty mixed. It's difficult and dangerous to make enormous generalizations. You'll find a number of progressive corporations that stand up for social responsibility, and tech companies are not like mining or these extractive industries that are wreaking enormous environmental damage.
At the same time, I'd say there's still a kind of Silicon Valley attitude that doesn't take its corporate responsibilities seriously. They say, "We help people get rich, and they should decide in their private lives what kind of philanthropy to support." That's irresponsible.
If you're running a business, you have employees, and that comes with very basic responsibilities to be a good citizen. That's not a mainstream attitude in the technology industry.
It's an odd statement ( http://osafoundation.org/people.htm ), considering that Kapor got it so spectacularly right the first time. In 1982, he co-founded Lotus Development, later acquired by IBM, and co-wrote the Lotus 1-2-3 spreadsheet application commonly credited with spurring the personal computer's conquest of the business world.
Although his latest effort is unfolding in comparative obscurity, many in the open-source world are hoping, along with Kapor, that he gets this one right and that the results once again rearrange the dynamics of the computer industry.
Having made his fortune during the heyday of proprietary software, the 54-year-old Kapor finds himself at the forefront of two foundations devoted to open-source software development. He is both president and chair of the OSAF and chairman of the Mozilla Foundation, the group founded by Netscape Communications to develop its browser and later spun off by Netscape acquirer AOL Time Warner.
The goal of the foundations isn't to create a new killer app but rather to use the open-source development model to dislodge Microsoft's Web-browsing and e-mail software titles from their dominant market positions.
Kapor spoke to CNET News.com about his open-source and charity foundations, what it will take to challenge Microsoft and the movement behind Mozilla.Q: Let's start with the basics: Why open source? A: Open source is important to different groups of people for different reasons. For consumers, it's one thing; for developers, it's another. But basically, it's an entirely different way of organizing the large-scale economic activity of creating and distributing software (and) has many advantages. It's not a cure-all.
I think that for people who use software, in the long run, open-source products are going to be less expensive and of higher quality. Also, open-source products put more control into the hands of people and organizations that use the software, which is a good thing.What did your experience at Lotus contribute to your philosophy today? One of the big events that changed open source a lot took place after I left Lotus in the late 1980s. That's when Linux started and, in particular, that's when other licensing models besides the pure GPL (General Public License) started to be more widely used. Open-source products started to move into the larger world of business software. And that wasn't even on the horizon when I was at Lotus.
By the time it got to the very late '90s, it was clear that it had become difficult to innovate successfully using the
(Firefox) represents proof that a well-done, well-wrought open-source product can have global impact.proprietary model if you wanted to develop everyday applications that anyone with a personal computer would use: e-mail, spreadsheets, word processors. (Open source) became an end-run around the stagnation that I saw going on. It was very frustrating for lots of people in that the existing products that were out there simply weren't up to the task of handling their e-mail and keeping their lives organized.
Is that still the case? It is. The great thing that's happened of late is to see the early, huge momentum of Firefox, attracting millions of users and beginning to grow its market share appreciably. That represents proof that a well-done, well-wrought open-source product can have global impact as an application--and I consider a Web browser to be one of those everyday products.
Is Firefox ultimately going to fizzle? Nobody knows what's going to happen. It's certainly not inevitable that Firefox's market share will continue to increase. I think open-source advocates would do well to be relatively cautious and avoid making claims and predictions. On the other hand, there are some fundamentals that favor Firefox. It's a great product, small, fast and more secure. You don't see anybody disputing that. The next question is how much mileage there is to get out of it, ultimately. Certainly, it has already caused Microsoft to improve IE.
Why is that? Why should it take something like Firefox to improve IE?
To the extent that the net result is that IE's fundamental security problems get addressed, that, too, is a victory.Microsoft does not respond and improve products otherwise. The Mozilla Foundation does not have financial goals, so it can take credit for whatever improvements happen in the browser, whether they're in Firefox or not. By the standards of the project itself, to the extent that the net result is that IE's fundamental security problems get addressed, that, too, is a victory. As for the analysts who look at this, I doubt that's their criteria for success.
The other thing is that enterprises are not, in many cases, very satisfied with a single Microsoft alternative. This is a known and longstanding problem. They have been held back by a lack of alternatives that are comparable and satisfying in all the ways important to enterprises.
With Firefox, which begins to pass the threshold for enterprise acceptance, the question is, How will they respond? It's not a question of the economics of it, but will it help them to manage their computing infrastructure better? As for whether Firefox is overhyped, we'll have to see how this plays out.What exactly is your role at the Mozilla Foundation? I am the board chair. It's like being on the board of any for-profit or nonprofit--I'm not at all involved in day-to-day operations but rather with overall governance and consulting on strategic directions. So I meet regularly with (Mozilla Foundation president) Mitchell Baker.
I've been covering Mozilla almost since the beginning, I've spoken with Mitchell Baker many times, and I've still never gotten a good sense of her. I have to say that I have often found that people underestimate her. I know that when the project was inside Netscape/AOL, she did not receive the regard from the AOL executives that I thought was really due to her. Mozilla is a really interesting and complex project and organization.
I think it was like the Harry Potter of open source. You know how all the movies open with him living with his aunt and uncle, who give him no respect and lock him up? People had written off Mozilla on multiple occasions. I felt like and continue to feel like she does a remarkable job in a low-key way in shepherding that project through unique and difficult circumstances. I think the renaissance with Firefox and Thunderbird--without her this would not have happened.
Mozilla was like the Harry Potter of open source.I respect her leadership, which is very low-key and not charismatic--the opposite of the Larry Ellison style. She has been effective in the face of real challenges. I got involved at the point when we extracted it from AOL.
How did that come about, anyway? There was a recognition that it didn't make sense for that project to be inside AOL, but it was sort of stuck in the birth canal. It turned out that I was able to act as an intermediary or midwife because I know Mitchell, who has worked at the Open Source Applications Foundation, and I also know the vice chairman of AOL, Ted Leonsis, who, at the time, was running the AOL service. And he was one of the top handful of executives at the whole thing. I ran into him at a conference, and we got to talking, and I was able to make this thing happen. And we brokered an arrangement to spin Mozilla out into its own nonprofit. So that was a year and a half ago.
You also have two of your own foundations. Oh, at least. I'm almost entirely working on the nonprofit side. There's the Open Source Applications Foundation and the Mitchell Kapor Foundation( http://www.mkf.org/ ). Then there's also the Level Playing Field Institute( http://www.lpfi.org/).
Let me ask you about what's going on at the Open Source Applications Foundation. What are you doing with Chandler? Chandler is a personal information manager whose principle functions are e-mail and calendar. It also has some contact, address and task management.
One of the goals for Chandler all along has been to start with more of a clean sheet of paper in how we design the application. The other alternative is to do something more conventional that looks and works more or less like Outlook. There's nothing wrong with that, but as I was saying before, one of the goals is to see if we could innovate to improve the user experience in fundamental ways. We will either fail or succeed in how well we do with that goal.
Apart from writing this thing from the ground up, what are your larger strategic goals for Chandler? In the same way that Firefox has established itself as very viable open-source browser alternative, one strategic goal would be to establish another alternative in another important software applications category--a viable open-source alternative that has the potential, as it matures, to reach ultimately millions of people and a developer community of thousands. Those are goals which we will get to in several stages, not all at once.In terms of the e-mail and the calendar components, Chandler sounds a lot like what Mozilla is already doing with Thunderbird and Sunbird. Aren't your open-source foundations stepping on each other's toes? It's absolutely in the same category as Thunderbird. Sunbird is an existing community calendar, which is basic and not complete or robust. They're using that as a base, adding a lot of things to it and integrating that with Thunderbird.
The aspiration level of Sunbird, by everyone's account, is significantly more modest and different than what we're trying to do in Chandler. We're trying to provide a well-engineered, well-designed but vanilla IMAP( http://www.imap.org/about/whatisIMAP.html )client and some vanilla calendaring. But when I was talking about overcoming information silos and better integration between the different kinds of data that a PIM manages--that's a Chandler aspiration. In Outlook, your data is in separate silos when often you'd like to see things much better connected.The Mitchell Kapor Foundation and the Level Playing Field Initiative are both concerned with social, environmental and educational issues. When it comes to those issues, how would you rate the high-tech industry as a whole? It's pretty mixed. It's difficult and dangerous to make enormous generalizations. You'll find a number of progressive corporations that stand up for social responsibility, and tech companies are not like mining or these extractive industries that are wreaking enormous environmental damage.
At the same time, I'd say there's still a kind of Silicon Valley attitude that doesn't take its corporate responsibilities seriously. They say, "We help people get rich, and they should decide in their private lives what kind of philanthropy to support." That's irresponsible.
If you're running a business, you have employees, and that comes with very basic responsibilities to be a good citizen. That's not a mainstream attitude in the technology industry.
Tuesday, January 11, 2005
Firefox flaw raises phishing fears
A vulnerability in Firefox could expose users of the open-source browser to the risk of phishing scams, security experts have warned.
The flaw in Mozilla Firefox 1.0, details of which were published by security company Secunia on Tuesday, could allow hackers to spoof the URL in the download dialog box that pops up when a Firefox user tries to download an item from a Web site. This flaw is caused by the dialog box incorrectly displaying long sub-domains and paths, which can be exploited to conceal the actual source of the download.
Mikko Hypponen, director of antivirus research at software maker F-Secure, said this bug could make Firefox users vulnerable to cybercriminals. "The most likely way we could see this exploited would be in phishing scams," he said.
To fall victim to such a scam, a Firefox user would have to click on a link in an e-mail that pointed to a spoofed Web site and then download malicious software from the site, which would appear to be downloaded from a legitimate site.
This flaw was given a severity rating of two out of a possible five by Secunia.
David Emm, a senior technology consultant at antivirus company Kaspersky Labs, said that phishers aren't likely to take advantage of this flaw in Firefox, because Microsoft's Internet Explorer still dominates the browser market.
"I think it's unlikely that we'll see hackers rush to exploit this vulnerability," Emm said. "After all, Firefox has a much, much smaller install base than IE, and it's likely that hackers will continue to pay more attention to (IE) instead."
This may change in the future as Firefox has attracted a lot of interest in the past few months. A survey at the end of November found that Mozilla-based software, including Firefox, accounted for 7.4 percent of browsers in November 2004, up 5 percent from May.
The download vulnerability has been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and Mozilla Firefox 1.0. No solution is available at present, but Mozilla developers are expected to fix this bug in an upcoming version of the product.
The Secunia advisory ( http://secunia.com/secunia_research/2004-15/advisory/ ) and Mozilla bug report ( https://bugzilla.mozilla.org/show_bug.cgi?id=275417 )are available online.
The flaw in Mozilla Firefox 1.0, details of which were published by security company Secunia on Tuesday, could allow hackers to spoof the URL in the download dialog box that pops up when a Firefox user tries to download an item from a Web site. This flaw is caused by the dialog box incorrectly displaying long sub-domains and paths, which can be exploited to conceal the actual source of the download.
Mikko Hypponen, director of antivirus research at software maker F-Secure, said this bug could make Firefox users vulnerable to cybercriminals. "The most likely way we could see this exploited would be in phishing scams," he said.
To fall victim to such a scam, a Firefox user would have to click on a link in an e-mail that pointed to a spoofed Web site and then download malicious software from the site, which would appear to be downloaded from a legitimate site.
This flaw was given a severity rating of two out of a possible five by Secunia.
David Emm, a senior technology consultant at antivirus company Kaspersky Labs, said that phishers aren't likely to take advantage of this flaw in Firefox, because Microsoft's Internet Explorer still dominates the browser market.
"I think it's unlikely that we'll see hackers rush to exploit this vulnerability," Emm said. "After all, Firefox has a much, much smaller install base than IE, and it's likely that hackers will continue to pay more attention to (IE) instead."
This may change in the future as Firefox has attracted a lot of interest in the past few months. A survey at the end of November found that Mozilla-based software, including Firefox, accounted for 7.4 percent of browsers in November 2004, up 5 percent from May.
The download vulnerability has been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and Mozilla Firefox 1.0. No solution is available at present, but Mozilla developers are expected to fix this bug in an upcoming version of the product.
The Secunia advisory ( http://secunia.com/secunia_research/2004-15/advisory/ ) and Mozilla bug report ( https://bugzilla.mozilla.org/show_bug.cgi?id=275417 )are available online.
Friday, January 07, 2005
MySQL is expected to to release a beta version of its MySQL 5.0 open source database
San Francisco (InfoWorld) - MySQL at the end of January is expected to release a beta version of its MySQL 5.0 open source database, which is to feature enterprise-level functionality such as stored procedures and triggers, according to a company representative.
The product has been available in early, alpha-level versions. The production release, originally expected to be available in 2004, now is anticipated sometime this year. But a MySQL representative stressed the company’s release estimates are just that -- estimates -- and that the vendor waits until it has deemed the product production-ready before shipping.
“They’re not concerned with the specific date as much as they’re concerned that the quality is there,” said the representative, who requested anonymity.
As part of stored procedures capabilities, Version 5.0 also adds server-side cursor support to boost scaling by moving more program execution to the server.
An analyst who recently published a report on open source databases described version 5.0 as critical for MySQL.
“I think it’s a very important release,” said Noel Yuhanna, senior industry analyst at Forrester Research. “This is going to have some enterprise features like triggers, stored procedures, and views, which are very important -- especially when you’re dealing with business applications, especially when you’re dealing with packaged applications. This will take MySQL to the next level [in terms of] adoption.”
Overall, open source databases such as MySQL, Ingres, and PostgreSQL are gaining momentum, with companies leveraging them to save money as the products themselves improve, Yuhanna said. “The outlook is very strong,” he said.
Open source databases soon will be broken up into two categories: easy-to-use offerings and more feature-rich, enterprise-level products, said Yuhanna.
The product has been available in early, alpha-level versions. The production release, originally expected to be available in 2004, now is anticipated sometime this year. But a MySQL representative stressed the company’s release estimates are just that -- estimates -- and that the vendor waits until it has deemed the product production-ready before shipping.
“They’re not concerned with the specific date as much as they’re concerned that the quality is there,” said the representative, who requested anonymity.
As part of stored procedures capabilities, Version 5.0 also adds server-side cursor support to boost scaling by moving more program execution to the server.
An analyst who recently published a report on open source databases described version 5.0 as critical for MySQL.
“I think it’s a very important release,” said Noel Yuhanna, senior industry analyst at Forrester Research. “This is going to have some enterprise features like triggers, stored procedures, and views, which are very important -- especially when you’re dealing with business applications, especially when you’re dealing with packaged applications. This will take MySQL to the next level [in terms of] adoption.”
Overall, open source databases such as MySQL, Ingres, and PostgreSQL are gaining momentum, with companies leveraging them to save money as the products themselves improve, Yuhanna said. “The outlook is very strong,” he said.
Open source databases soon will be broken up into two categories: easy-to-use offerings and more feature-rich, enterprise-level products, said Yuhanna.
Subscribe to:
Posts (Atom)
