Red Hat: Fedora will engage customers

Top Linux seller Red Hat acknowledged on Friday a misstep in its relations with technology enthusiasts but said the profit motive is helping it to mend its ways.

The problem came in recent years when Red Hat threw its energies into a stable product called Red Hat Enterprise Linux. RHEL let the company grow from a small market of technically savvy customers to the large market of mainstream customers.

But in the process, Red Hat left those "early adopters" behind, said Michael Tiemann, vice president of open-source affairs. That was a problem because Red Hat--a pioneer in the business of open-source software--believes customers should be directly involved in designing and creating products from the earliest stages.

The company now is trying to rectify the situation with a more aggressive Fedora project that's designed to engage again with those customers and outside developers. Part of that effort was the first-ever Fedora User and Developer Conference (FUDCon (http://fedoraproject.org/fudcon/)) held Friday at Boston University.

"One of the mistakes we made when we launched this Enterprise Linux product was we focused so exclusively on this enterprise market that we left this (early-adopter customer) square uncovered," Tiemann said. "It insulted some of our best supporters. But worse, we lost our opportunity to do customer-driven innovation."

Marten Mickos, chief executive of open-source-database company MySQL, said at the LinuxWorld Conference and Expo, also in Boston, that it can be difficult for open-source software companies to balance their commercial interests with those of their community of developers. It's best for them to indicate clearly where they're being self-interested and where they're not, he said.

"If people are unsure of your intentions, then they lose trust. You can see with Red Hat..." Mickos said. "They realized they went a little too far away and now they are back there saying that Fedora is good. There are companies that went out of business because they couldn't handle this part."

And Red Hat has ample competition. Projects such as Gentoo (http://www.gentoo.org/) lure hard-core Linux programmers, while Sun Microsystems is trying to build its own community of programmers around its OpenSolaris project.

The company acknowledged that Fedora didn't live up to the expectations it set when it launched the project two years ago. But the project has shown some success in maturing technology quickly so it can be incorporated into RHEL, Tiemann said.

"Fedora creates the DNA that allows us to create a new product," Tiemann said. For example, it was the heavy Fedora feedback that let Red Hat graft the Security Enhanced Linux, or SELinux, feature onto RHEL 4 without much disruption to customers, he said.

Red Hat hopes Fedora will expand beyond Red Hat's boundaries through a component called Fedora Extras and a publicly available system for building new versions of the software. Tiemann hopes the current 1,600 or so different software packages in Fedora will grow as high as 3,000 or 4,000 this way.

Outsiders are working at getting more engaged. The Fedora version of Linux today runs on computers with x86 processors--both 32-bit models, such as Intel's Pentium, and 64-bit models, such as Advanced Micro Devices' Opteron. But that base is expanding.

The upcoming Fedora Core 4 is slated to support computers with IBM's Power processors, such as Apple Computer's Mac Mini. A Silicon Graphics programmer, Prarit Bhargava, is trying to bring Fedora to computers using Intel's Itanium processors. And Red Hat programmer Tom "Spot" Callaway, working on his own time, has begun converging his Aurora project, which lets Linux run on Sun Microsystems' Sparc processors, with Fedora.

Mozilla releases Firefox security update

The Mozilla Foundation on Thursday released an update to the Firefox Web browser to fix several vulnerabilities, including one that would allow domain spoofing.

The open-source project released Firefox 1.0.1 to fix a vulnerability in the Internationalized Domain Names (IDN), a standard for handling special character sets in domain names that could let an attacker spoof Web sites on non-Microsoft browsers. The Standard allows companies to register domain names that appear to be the same in different languages.

That encoding scheme could enable an attacker to create a fake Web site for a phishing scam. A spoofed link would seem to be a legitimate URL in the address bar of affected browsers. But instead of taking the victim to the trusted site, the link would lead to a phony Web site with a domain rendered as the same address under the IDN process.

The updated browser will display the IDN Punycode in the address bar, preventing URL spoofing. Punycode is the encoding of Unicode strings into the limited character set supported by the Domain Name System and IDN.

"Regular security updates are essential for maintaining a safe browsing experience for our users," Chris Hofmann, director of engineering for the Mozilla Foundation, said in a statement.

Phishing attacks, which try to fool consumers into handing over sensitive information by creating legitimate-looking Web sites and e-mail messages, have become a central security concern recently. While vulnerabilities in Microsoft's Internet Explorer have been the focus of much of the concern, other browsers also have had their fair share of flaws.

The update is available for Windows, Mac OS X and Linux at Mozilla.org.

Firefox recently surpassed 25 million downloads, achieving that mark in 100 days. Mozilla, which released the free 1.0 program in November, says an average of 250,000 people download Firefox every day and more than half a million Web sites feature Firefox promotions.

Mozilla, an open-source software foundation formed by Netscape, was spun off from Time Warner in 2003.

Eclipse the said to be the best IDE

An IDE (Integrated Development Environment) is said to be good if
it satisfies the follwing fetaures

1. Ease of Use.
2. Good Performance.
3. Syntax Coloring and Highlighting.
4. on-the-fly syntax checking.
5. Auto complete.
6. Version Control.
7. Integration with open source Tools.
8. Code Analysis and Auditing.
9. Refactoring.
10. Auto indentation.
11. GUI Designer/ Visual Froms Designer.
12. Linux and Cross platform support.
13. Class and Method Browser.
14. Incremental Search.
15. Support for Agile Programming in IDE's.
16. Extensibility.
17. UML Support.
18. Mobile Application Development.
19. Web Services Designer.
20. Support for Inline Documentation.
21. EJB Deployement.



eclipse is the IDE which satisfies all these criteria and it is
treated as the best IDE among the IDE's available in the market.

IKVM Java Virtual Machine (JVM) for the .NET and Mono

we had some research on this tool for our official purposes and it
is more worthy than the J# compiler available in Microsoft .Net Platform.

IKVM.NET is a Java Virtual Machine (JVM) for the .NET and Mono
runtimes. IKVM.NET stands in the unique position of bringing them
together. Initially born out of frustration with the limitations of
tools like JUMP and J#, IKVM.NET was created when Jeroen Frijters set
out to create a way to migrate an existing JavaTM database application
to .NETTM.

IKVM.NET has gone through a variety of designs and name changes to
emerge as a sophisticated collection of tools offering a variety of
integration patterns between the Java and .NET languages and
platforms. It is still under development but people have reported
success in running sophisticated applications and tools including
Eclipse, JmDNS, JGroups, Jetty (with a few changes), etc.

what we had observed from using this tool is it had good
interoperability from java to MONO (C#) and even the latest versions
of JDk are supported, whereas when see .NET FrameWork Supports JDK1.1
only.

This is a nice tool and u can get this tool downloaded from
Sourceforge.net at http://sourceforge.net/projects/ikvm

it is open source tool and still work is going on this and u can even
contribute for it.

Novell's Linux makeover

It's been a fast-paced 13 months for Jack Messman.

he Novell CEO began an ambitious Linux overhaul of his company in 2003, acquiring SuSE Linux to provide an alternative to the fading NetWare operating system. Since then, the company has released a major new Linux edition, revamped sales, dropped its No. 2 executive and prepared a new version of NetWare: Open Enterprise Server, which comes with Linux built in.

The Linux transformation is going well but not completely as planned, Messman acknowledged. Among other things, Novell hasn't had the success it wanted in North America, where SuSE Linux trails rival Red Hat.

Messman's assessment of that weakness--and some progress fixing it--is borne out by a recent survey of 440 North American information technology managers published in January by securities firm SG Cowen. In a comparison of the percentage of sites that rely on different versions of Linux, Red Hat slipped from 86 percent in 2003 to 72 percent from November 2003 to January 2005, while Novell gained from 21 percent to 33 percent over the same period.

Messman, 64, has been a Novell board member since 1985--Novell's glory days selling NetWare--and became president and CEO when Novell bought his company, Cambridge Technology Partners, in 2001.

He sat down with CNET News.com's Stephen Shankland after his keynote address at the LinuxWorld Conference and Expo here.

Q: How would you assess the Linuxization of Novell?
A: When we did the merger with Cambridge Technology Partners and Silverstream, the strategy wasn't clear to our employees. They were still in this hunkered-down mode of protecting NetWare against Microsoft. Once we focused on Linux, they started to get it. In less than a year, we educated the entire staff. They embraced it. They saw how they wouldn't have to give up NetWare to get to Linux. They saw Open Enterprise Server as a good move. The morale is up. They see us in an offensive mode rather than a defensive mode.

We got a little bit of DNA from Ximian and SuSE that has permeated our entire company. Now we've started to cross-fertilize. We had a few emotional wars early on with KDE and GNOME (two competing graphical user interfaces). We solved that by putting them both in the Novell desktop and letting the customers decide.

So you think it's been good culturally and technologically. How has it been from the business side?
We used to have trouble (getting noticed). Linux was like a flashlight. It shined light on Linux and Novell. Talking about Linux...got us in the door...to talk about other things we had, like identity management. The common comment was, 'I didn't know you guys did that.' Customers are now understanding better what we're trying to do. The identity management thing was tougher. Initially, we were trying to sell it as a directory. People said, 'What the hell is a directory?' If you talk about identity management, they get it.

But how are you doing on revenue?
The key reason for getting into the Linux business in the first place was figuring out what to do with the decline of NetWare. We won't know whether that strategy is working until we ship the OES (Open Enterprise Server) product at the beginning of next month. We hope that will arrest the decline of NetWare. We're expecting that's going to happen. Even though revenues are up 2 (percent) to 3 percent, embedded that is a 10 (percent) to 15 percent decline in the quarter from NetWare. If you separated out NetWare, the rest of the business grew at 10 percent.

One of the goals of the SuSE acquisition was to combine it with Novell's marketing power in North America to take on Red Hat. How is SuSE doing in North America now?
Red Hat had a seven- or eight-year lead. I don't think people switch that quickly in the infrastructure market. I think the differences we have are just starting to show up in the marketplace. We've only owned SuSE for 13 months.

The best advertising we did last year was the acquisition of SuSE Linux. Now we're in the process of bringing out the differentiators. The SuSE Linux kernel (the heart of Linux) is the same for everybody, so the question is what do you have that makes the difference? We've got worldwide service, we've got a consulting organization, a software stack with file and print and messaging and directory, we offer indemnity that Red Hat can't offer, because we used to own Unix. And we have a patent portfolio they don't have.

We've been gaining every month. The progress hasn't been as good as I liked. Pricing has come down, so we don't see the growth that we would have. We've signed some (computer maker) partners, and it takes a while for them to get to speed. The number of software partners increased significantly from 46 in 2003 to 531 in 2004. We have 1,100 applications certified on SuSE Linux.

With our sales force, we've reorganized how we go to market. We were focused on maintaining the revenue stream from NetWare. Now we're focused on selling new stuff like Linux and identity management. We're in the middle of a two-year transition in our sales force. And the channel (sales partners) is really interested in Linux. They made a lot of money switching NetWare customers to Windows customers. Now they're interested in switching Windows customers to Linux customers.

You don't seem eager to enter the embedded Linux market (for computing devices such as cell phones or slot machines).
We've got so many opportunities. Do we want to take on another one? I'm not disparaging of the market.

Are you thinking of acquiring an embedded Linux company?
We looked at several companies who had products or tools in that area. Rather than decide yes or no, we decided it wasn't on our priority list.

Did you look at MontaVista?
They and Wind River and a number of others develop Linux for embedded applications. At this point, I'm neutral on it. The only thing that's a repeatable revenue stream (in embedded Linux) is selling the tools that allow (customers) to create the next embedded device.

What happened with the departure of Chris Stone (Novell's former vice chairman and top Linux executive) last year?
If you listen to the press, this was the guy who did everything at Novell and nobody else did anything. We had a difference of opinion about how the strategy would be executed. So it was better that we make a change. I think our organization is very happy with the change.

What was the difference of opinion?
To be fair to Chris--very talented guy, and I like him a lot. His style of operating didn't fit with the company at the time.

Are you looking for a chief operating officer or a replacement for yourself?
No. They're going to have to drag me out with my boots on. I love working for Novell. I helped create it more than 20 years ago. I hope the board will support me.

There are always going to be succession issues. We are always looking. We have some executive capabilities we need; some skills we lack. Novell has never been strong in the marketing area. We saw that and added Bill Hewitt.

We want to remain profitable, so we're not going to go adding helter-skelter new people or expenses. I'm not going to deny we're looking for executives, but I would be lying to say we have a specific thing we're looking to do.

Open-source board eyes fewer licenses

The Open Source Initiative, an influential open-source organization, is devising ways to cut down on the rising number of open-source licenses attached to software.

The issue was on the front burner at this week's Linux World Conference (http://www.linuxworldexpo.com)here. Open-source software makers are concerned that a proliferation of licenses could hurt the spread of open source by creating compatibility problems and complicating potential sales.

The OSI, a nonprofit group that issues certifications for open-source licenses, has been investigating the topic since last year. Involved in the discussions are members of the OSI's board and of the Open Source Development Labs (OSDL (http://www.osdl.org/)), an industry group dedicated to making Linux better suited for corporate customers.

Sam Greenblatt, a member of the OSDL's board and senior vice president at Computer Associates International in charge of Linux strategy, told CNET News.com that he is actively working on a proposal for consolidating the number of open-source licenses down to three from the current figure of more than 50.

"You'll see some movement on that in the next six to eight weeks," he said Tuesday.

Although no specific plan has been put in place, the OSI considers the number of open-source licenses an industrywide problem, said Russell Nelson, who became president of the OSI earlier this month.

"Certainly a lot of people are upset about the license proliferation problem," Nelson said.

"Confusing as hell"
Incompatible licenses among different products prevent people from sharing code from different open-source projects. Having too many licenses complicates potential sales to corporate customers, which may have to do extensive legal reviews and manage multiple kinds of open-source contracts.

"It's confusing as hell to explain to customers," said Michael Olson, CEO of open-source database company Sleepycat Software. "It's confusing because we are just wrapping our heads around what (different licenses) mean to us as businesspeople."

There are a handful of popular open-source licenses, such as the General Public License (GPL), which is used for Linux, and the Apache Software License, which is used for all products that come out of the open-source Apache Software Foundation (http://www.apache.org/), such as the Apache Web server.

The number of open-source licenses has been climbing steadily. Right now, there are more than 50 OSI- approved Licenses (http://www.opensource.org/licenses/), some of which are specific to different organizations or companies.

Sun Microsystems, for example, recently introduced the Common Development and Distribution License (CDDL) for its open-source version of Solaris.

Greenblatt, and other industry executives, believe the number of licenses can be dramatically distilled down.

"Eventually there should be three licenses: The GPL, a commercial version of the GPL and, of course, there will be the BSD because you can't rid of it," he said. The Berkeley Software Distribution, or BSD, is a popular variant of Unix developed by the University of California, Berkeley, in the 1970s.

Greenblatt added that elements of other licenses, such as Sun's CDDL, could be used to form the short list of open-source licenses.

Computer Associates itself devised a separate license, called the CA Trusted Open Source License, when it created an open-source project around its Ingres r3 database. But it now regrets that decision, said Tony Gaughan, the company's senior vice president of development. "If we had taken more counsel, we might have done things differently," he said.

OSI's critical role
Working with Greenblatt on the effort to winnow the number of open-source licenses is Martin Fink, vice president of Linux at Hewlett-Packard and an OSDL board member, and Eben Moglen, a Columbia law professor and legal counsel for the Free Software Foundation that oversees the GPL.

At a keynote presentation at LinuxWorld on Tuesday, Fink, who is chair of the OSDL's intellectual property subcommittee, criticized the role the OSI has had in certifying licenses. He said he has asked OSDL Chief Executive Officer Stuart Cohen to work with the OSI to address the problem.

"Clearly, the OSI has not internalized its critical role to ensure that the licensing underpinnings upon which open source is built remain a force to be reckoned with," Fink said.

"This current path of approving licenses--based simply on the compliance to a specification rather than on the basis of a new license's ability to further innovate the business model of the open source industry--represents to me a clear and present danger to the very core of what makes open source work," Fink said. "If this is the path the OSI continues to choose, then it is choosing a path towards irrelevance."

For his part, OSI's Nelson said that he is still studying the issue. The OSI could set tougher standards for approving open-source licenses to discourage groups from creating their own. Also, cutting down on the number of licenses may not necessarily address the issue of code-sharing if organizations continue to choose incompatible licenses among a shorter list.

"If we said to Sun, 'No way, no how, are you going to get your license approved,' they probably would have gone with the MPL," Nelson said, referring to the Mozilla Public Licence (http://www.mozilla.org/MPL/), which governs the open-source Mozilla Web browser and related software. Sun's CDDL is a slight modification of MPL.

One idea that Nelson has considered is to have a tiered system of open-source license certifications. A "gold" license would apply to the top four or five licenses that are used in the great majority of open-source projects, he said, and a "silver" license would those that are used by fewer projects, such as the Apache Software License.

MySQL Network shifts pricing and licensing

Open-source software company MySQL has revamped its pricing and licensing practices in an effort to make its database more attractive to corporate customers.

On Tuesday, the company is expected to announce at the Linux World Conference and Expo here the MySQL Network, a yearly subscription service, rather than an up-front fee, for the right to use the MySQL software and to access the company's support services.

Customers that sign on to the annuity service can use the MySQL software under the General Public License (GPL), a widely used open-source license. Until now, MySQL used a commercial license for its corporate customers and the GPL for people who downloaded the company's software for free and used it without MySQL's support services.

Going with the GPL for more of its customers is intended to simplify the licensing for corporations, said Marten Mickos, CEO of MySQL.

"It was an unnecessary discussion. CIOs told us they don't want to hear about licensing," Mickos said. "It creates an unnecessary debate over what is a derivative work."

The GPL, which is used for the Linux operating system, places some restrictions on how different software can be assembled and distributed.

MySQL will continue to use the commercial license for those customers that embed the company's database in other products, such as other software providers.

Through the MySQL Network program, customers get certified versions of the MySQL database, support services, legal indemnification and access to a "knowledge base" of technical information. MySQL also is introducing alert services that provide updated information on bugs and new features as well as help on installation.

Combining the support services with indemnification into a subscription service will appeal to corporate customers looking to lower their risk in using open-source software, Mickos said.

Customers purchase the MySQL Network services based on the amount of servers and the number of years of the contract. The company also will offer tiered services with varying levels of support.

The tiered support structure will let customers get round-the-clock support services for as little as $4,995 per year. Until now, customers needed to have a contract valued at about $50,000 to get the highest support service, Mickos said. The entry-level pricing is $595 per year.

Separately, MySQL announced that a number of independent software vendors have certified their software to run on the MySQL database. New partners include analytics software company Business Objects, Intel, Novell, Veritas Software and management software company Embarcadero Technologies.

IBM taking open source on world tour

IBM is gearing up to try its hand at Linux diplomacy.

Buoyed by the success of cooperative ventures promoting Linux in Brazil and a few other developing countries, IBM plans to spread its open-source philosophy to other parts of the globe in 2005.

The program involves sponsoring faculty awards at universities, erecting Linux competency centers where local application developers can hone their skills, and collaborating with venture capitalists to form indigenous start-ups that in turn could become the bedrock for local, autonomous IT activity.

"It is an even chance that someone in Russia or China will come up with the next big thing," said Andrew Clark, director of strategy and market intelligence for the venture capital group at IBM. "It is literally a war for the best and brightest. If we don't get there, somebody else will."

In 2004, IBM concentrated on establishing the program and spent most of its energy on the "BRIC" nations: Brazil, Russia, India and China. In 2005, the company will increase its efforts in those countries but will also begin outreach programs in Eastern Europe and elsewhere, Clark said. More details will be released later this week.

IBM is targeting geographical areas where open-source is growing, analysts said.

"The greatest opportunity for the growth of open-source software and Linux will be outside North America," said Stacey Quandt, an analyst at the Robert Frances Group.

"IBM has approached this from multiple points," she added.

Everyone's going there
Microsoft, Intel, Hewlett-Packard and Advanced Micro Devices have all started to train their eyes on the growing mass of consumers and businesses in emerging markets.

Most of these programs follow the same general outline. The multinational companies try to jump-start local Silicon Valley-type hotbeds of tech activity, in the hopes of one day turning a region into the next China.

IBM's strategy differs slightly. The company is not primarily interested in selling services or software to local markets. Instead, it wants to identify and groom local talent that, ideally, will develop technology that IBM can then sell to its mostly existing customers in developed nations, Clark said.

"We look at where the gaps are in our ability," he said. IBM uses what it calls its GAP (growth alliance program) procedure to identify indigenous talents--online game technology in South Korea, for example, or semiconductor design in China--and plot it against international demand.

IBM may buy some of the companies it helps foster, but most of them become members of Big Blue's partnership program.

Unlike Intel, IBM does not invest in local companies. However, it partners with U.S. ventures that do, such as Draper Fisher Jurvetson.

To Russia with love...and capital
Nation-building isn't easy. Russia, for example, has long been seen as fertile ground for the technology industry, but Western investment there has been lukewarm.

"For all of Russia's problems, they have a pretty good educational system," said Esther Dyson, editor-at-large at EDventure (which is owned by CNET Networks, publisher of News.Com). Notable companies in the country include Yandex, a search company that's like the Russian Google, and PIK RFID, which makes chipless RFID tags.

At the same time, governmental, legal and social instability have prompted most Western investors to shy away. So far, Westerners in Russia have put most of their money into natural resources. Both sides of the coin will be discussed at the U.S. Russia Technology Symposium, which is taking place at Stanford University later this week.

The start-up concept remains somewhat vague in Russia, too.

"Entrepreneurship is not the way you think about technology," Clark said of the mindset there. "You work for the government or a quasi-governmental body." Nonetheless, he added, "Russia is kind of the unrecognized treasure."

To better familiarize themselves with the situation, IBM executives in Clark's group participated in a tour of Russian start-ups last year in order to identify promising ideas and individuals. They also recruited venture firms Landmark Capital and Draper Fisher Jurvetson to help them in Russia.

Western investment in local Russian companies, which is still a trickle at best, will likely follow the model pioneered when Israel was emerging as a technology center. Employees will stay in Russia, but the financing, corporate headquarters and some top executives will relocate to safe harbors like the Cayman Islands or Delaware, which enjoy pro-business laws and conditions.

"This is a governance model that is more suitable to investors," Clark said; "99.9 percent of the company is in Russia, but the risk is lower."

More developed emerging nations pose problems, too. In Latin America, for instance, standard contracts are somewhat rare, Clark said. As a result, parties getting involved in deals do not have as clear an idea of their risks and potential liabilities as in the United States.

Sun's open-source gamble

Sun Microsystems is a company that's made good use of its visionary impulses to survive against bigger rivals. So it's fitting that Jonathan Schwartz is the company's No. 2 executive.

Schwartz has a reputation as an ideas man, but now he's got to turn those ideas into reality. For Sun, which is still working to reverse a three-year revenue slide, that suggests a period of intense change.

Schwartz has climbed Sun's ranks since the company

acquired his start-up, Lighthouse Design, in 1996. On the same day in April 2004 that Sun announced a detente with Microsoft, along with its third major round of layoffs in three years, he was promoted to president and chief operating officer.

Since then, Schwartz has pinned much of Sun's turnaround plan on software. So it is that the company's salespeople are no longer compensated simply for selling hardware. Meanwhile, the Solaris operating system is becoming open-source software, and adding a Sun database has become a real possibility.

But Schwartz intends to move beyond software into the Sun Grid--blocks of computing power that he believes will reel in new customers who previously bought and operated their own equipment. Schwartz talked with CNET News.com at the company's annual analyst event last week.

Q: Over the last year, the economy has been recovering and the server market has recovered from its revenue declines. But Sun hasn't seen nearly as much of that growth as IBM and Dell. If your sales pitch is so compelling, why is it that the revenue numbers haven't been going up to show it?
A: I think the average revenue per unit has been going down, but in terms of unit volume, I think our share has actually been growing, quite to the contrary of what you were talking about. If you look at the growth, for example, on the x86 (processor) side, we are now the market leader in Opteron servers over HP and IBM. Who would have predicted that? Where we haven't been seeing the growth necessarily has been in the high-scale data center systems, but that's been reflective of the industry as a whole.

Also, a leading indicator for the growth is the open sourcing of Solaris 10. We've downloaded probably close to about a million licenses now, and 95 percent of those have gone onto non-Sun hardware. So that's a growth opportunity, because running Solaris on Dell means now we can go talk to a Dell customer.

I recognize that unit shipments are significant and understand your argument that volume begets volume, but revenue also is relevant. Do you believe that at some point the revenue will pick up, and if so, when?
Thank you for the offer, but I'm not going to make a forward-looking statement. The unit volume numbers are important to us, the revenue growth is important to us and we've grown half-over-half from last year to this year. Certainly we're prioritizing growth as a company, and the leading indicator for us of growth is the adoption of our software platforms. So we're seeing more Java-enabled handsets go out into the world, seeing more XM Satellite Radio clients go out into the world, more Solaris downloads off of the Web site--those all accrue ultimately to an infrastructure opportunity that Sun's going to get after.

Describe your vision of how computing power will be consumed by the vast majority of customers five to 10 years from now.
I think you need only look to what an average consumer does to understand what the future of the enterprise will be. Most consumers use more infrastructure that's owned and operated by other people than they use their own. For example, I have my little cell phone here. I'm actually using a great deal of my operator's infrastructure to go chat with my friends and send pictures to my parents. When I go make a dinner reservation and I go to Opentable.com...I'm using their infrastructure.

The laggards in this process have been the enterprise. Some--who actually leverage Salesforce.com or Hewlett or even eBay--have figured out that the network affords them an opportunity to stop having to own and operate everything that they use. But how many consumers run their own e-mail server versus (those who) just use Yahoo Mail or Gmail? Very few. Should (companies) be using their $50 million infrastructure budget along with their management personnel, their data centers, their real estate, their power, or should they just go out and see if a buck an hour is a cheaper way of acquiring the same computer capacity?

Scott McNealy said to "stay tuned" about the Sun database. Is it fair to say that at some point Sun expects to be supplying database software?
I think it's clear the market has spoken that open source is the path that the developer community and the customer community wants to drive down, and we're going to do what we can to try to give customers as big a set of options as we can...we take the open-source developer community very seriously. It's an authentic commitment. What else can we do to continue to evolve that relationship? I don't think it's going to be limited to simply operating systems. Maybe it will extend to file systems, maybe it will extend to databases, maybe it will extend to middleware.

You've been a software guy, but as president, you're now more than that. It appears to me that software is increasingly important in Sun's constellation of products. To what extent is that because you're now No. 2?
That's a hard question for me to answer. I'm interested right now in creating new relationships with customers, and I believe those new relationships will be dominantly driven by the software platforms at Sun and then secondarily by the systems platforms.

How has your relationship with Scott McNealy changed in the last year since you became president? For example, are you in agreement or in disagreement more often than you used to be?
There are some environments in which I can complete the guy's sentences. There are other environments where we just disagree--and by the way, it's about 50-50. It's always been that way. It's never going to change...it's a highly communicative relationship. Plus, I send e-mail to the guy at 12:30 at night and I get a response at 12:31. That's an unusual boss relationship.

Clearly you're confident that you'll be able to build a vibrant community around OpenSolaris.
I just find it laughable that Red Hat and (CEO) Matthew (Szulik) can no longer claim we're proprietary. He's reduced to saying, "Yeah, but they'll never build a community because they don't know how." Sorry guys, we've been building communities for 20 years.

In Sun's perfect OpenSolaris world, what will the balance of power be between Sun and non-Sun folks?
In the advisory board (governing OpenSolaris) the majority will not be Sun. (In comparison), Red Hat makes proprietary decisions (such as) whether or not they put Jonas (Java server software) into Red Hat. They made that decision exclusively, without input from the community.

We expect that the governance model and the community model we build around Solaris will be as big a competitive weapon against Red Hat as the innovation within Solaris. We know that they have frustrated such a broad portion of their customer base that there is opportunity for us to really excel in ways that aren't necessarily technology-related. The governance model we use will be more open source and transparent. We'll be really meaning free when we talk about free and open-source software. Red Hat binaries aren't free. It will have genuine protection from a patent portfolio and indemnity against all intellectual-property claims, which for our customers will be something, I think, that's a real differentiator. Red Hat doesn't provide that.

One thing that I think enabled HP, Dell, IBM and even Sun to adopt Linux is its comparative neutrality. IBM's OS/2 by comparison was definitely not a neutral product. Do you think that Solaris is going to achieve the same level of neutrality as Linux?
First of all, it seems incongruous to call Linux one thing. (In market share charts) we've now broken Unix out into Solaris and HP-UX and AIX. That hasn't happened in Linux yet, even though that's already happened in the marketplace because there is a dominant player, Red Hat. You have to look at how many users Red Hat has, not how many Linux has. So when you assert that Linux is neutral, Red Hat is not neutral.

I agree that Red Hat is not neutral, but I take some issue with that. There are a lot of Linux developments by Oracle or Cisco Systems or Topspin or Dell or IBM. Red Hat packages them up and sells that package and has a relationship with some customer, but it is not the sole company to benefit from it. There is certainly still a cooperative development model that is neutral, even if the process of delivering that package of bits to the customer is not neutral. I think the overall project of Linux still is a valid entity to talk about. It might not be what I get on a CD-ROM and install in my computer, but given where the bits in that CD-ROM come from, I think it is legitimate still to talk about Linux as an entity.
So, number one, Solaris is now officially platform-neutral. There is an open-source license under which you will be managed. Gentoo OpenSolaris will be available. My belief is that there'll be another 10 or so (non-Sun OpenSolaris) distributions that will emerge.

And I suspect the company that will benefit the most from OpenSolaris will probably be not IBM or Dell, but Sun, which perhaps is why I think it's not considered a neutral product.
And I think when IBM acquires either Red Hat or Novell, I think the scales will fall from peoples' eyes and they'll also realize that neither of them are neutral. I believe that Solaris will be a platform-neutral operating system. I think it is up to us to prove that neutrality with the governance model. But a lot of the contributions that Cisco and Dell and Topspin are making (to Linux) are drivers. They'll also make them available for open-source Solaris.

I think the dominant beneficiary right now of Linux is Red Hat. Does that mean Linux is neutral? Red Hat has the branded relationship with the customer, so Red Hat is more in charge right now of Linux in North America than Linus is.

SuSE releases critical patches

Novell's SuSE has released a number of "highly critical" patches, according to a report released Monday.

Thepatches are designed to address vulnerabilities ( http://www.novell.com/linux/security/advisories/2005_03_sr.html ) that can be exploited for cross-site scripting attacks, remote system access, exposure of sensitive information, spoofing and denial-of-service attacks, according to the report from security information provider Secunia.

The vulnerabilities are found ( http://secunia.com/advisories/14149/) in SuSE' eMail Server 3.x, Linux Database Server, Linux Enterprise Server 9 and Linux Office Server.

One issue that particularly concerns Secunia is SuSE's method of sending out weekly scheduled patches.

"SuSE started a new policy of bundling their updates, so that creates some confusion over what is highly critical and needs to be addressed first," said Thomas Kristensen, Secunia's chief technology officer. "Microsoft has scheduled updates too, but there is one patch for one product. SuSE bundles in multiple patches for multiple products."

SuSE could not be immediately reached for comment.

Last month, SuSE, along with several other Linux companies, issued patches for several vulnerabilities. In the case of SuSE, the software seller issued updates to resolve a vulnerability that could allow malicious code to create a local denial-of-service attack using a specially created Acrobat document.

Firefox 'secret support partner' to be revealed

Looking healthy after its public success, the Firefox browser now has to woo professionals and the private sector. With that in mind, Mozilla Europe is going to snuggle up to a commercial partner to assure technical support.

Tristant Nitot, president and founder of Mozilla Europe, said at the Linux Solutions 2005 conference: "2005 is the year that Firefox has to conquer businesses and government organizations."

The European head of the Mozilla Foundation, which manages the browser's development, predicts that the product now has enough credibility to attack the commercial and public sector worlds.

"In order to woo businesses and government organizations, we are developing complementary administration tools to the browser to make it easier to deploy to a network," he said.

"We're also looking at getting together with a commercial partner, which will provide technical support and other services around Firefox." A deal is to be finalized in the coming weeks, although Nitot wouldn't reveal the name of the partner in question.

"The partnership doesn't have a money-making aim, our objective isn't to grow our market share in new markets but simply to ensure the durability of our structures," Nitot said. "Our mission consists of reintroducing competition, and therefore innovation, into the browser market," he added.

From the public sector side, a representative of the French Home Office revealed at the same conference that it had already "evaluated Firefox".

According to a recent study of browser use by Xiti Monitor, Firefox now has over 10 per cent of the market in France.

Mozilla's Sunbird spreads its wings

The Mozilla Foundation has released the first version of Sunbird, its standalone calendar application, for Windows, Linux and Mac OS X.

Sunbird 0.2 offers various features, including the ability to create scheduled events and to see an overview of events on a particular day, week or month. The calendar can be shared by publishing it to a WebDAV (World Wide Web Distributed Authoring and Versioning)-capable server. WebDAV is a set of extensions to the basic HTTP (Hypertext Transfer Protocol) underlying the Web, enabling people to collaboratively edit and manage files on remote Web servers.

he Sunbird application is available for download on Mozilla's Web Site (http://www.mozilla.org/projects/calendar/sunbird_download.html).

Although Sunbird is a standalone calendar application, the Mozilla Foundation has started a project to integrate it with Thunderbird. The project, code-named Lightning, is scheduled for its first general release in the middle of 2005, according to the Mozilla Web site. The integration of the applications could take on Microsoft's widely used Outlook software.

However, according to some postings on the Mozilla Zine news Site (http://www.mozillazine.org), some consumers don't believe that Sunbird is a viable alternative to Outlook just yet.

While Mozilla's Firefox browser has advantages over Microsoft's Internet Explorer, Sunbird and the Thunderbird e-mail application need extra features before companies can consider them as an alternative to Outlook, one user said.

Firefox "beats IE hands down, but no serious business users can switch from Outlook to (Thunderbird or Sunbird) because of numerous usability issues," according to the posting. "If all you want is the e-mail functionality, Thunderbird is fine. I use it for that, but I can't get anybody who likes the calendar, reminders, etc., to switch from Outlook still."

But Mozilla contributor David McGuinness pointed out that Sunbird is not currently aimed at corporate users.

"Sunbird is still in the early stages of development and is certainly experimental software," McGuinness said. "Nonetheless, Sunbird is a promising application for those already using Thunderbird or Firefox."