Monthly Archives: July 2008

#1: Disable unnecessary services

Depending upon the use of the machine, plenty of services won’t be needed. Using Linux just for a desktop? Then you won’t need sendmail, httpd, and many other services. If your server is only a Web server, you can shut off many services as well. To do this, you can go to the Administration menu and take a look at the Services entry. Just deselect all of the services you don’t want to start.

#2: Disable unnecessary kernel modules

If your desktop is wired to the Ethernet, you don’t need to have a wireless kernel module loaded. This task is a bit more difficult and will require a kernel recompilation, which is not the easiest task to undertake. To do this, you will need the kernel sources. Then, follow the standard steps for compiling a kernel. The difference is that you’re going to go through your system and disable all of the modules you don’t need.

The best way to find out what kernel modules currently install and run on your system is to install Bootchart. Not only will this give you a good list of modules, it will illustrate for you what is happening during your system boot. You can also issue the command chkconfig –list | grep 3:on to find out what services are running. Once you know what loading modules you don’t need, you can remove them during a kernel recompilation. While you’re at it, compile the kernel to exactly match your architecture.

#3: Use a lightweight window manager instead of GNOME or KDE

I plug smaller footprint window managers for a reason — they drastically reduce graphical boot time. Instead of having to wait that extra 30 to 60 seconds for GNOME or KDE to boot up, why not wait two to 10 seconds for Enlightenment or XFCE to boot up? Not only will they save you boot time, they will save your memory and the headache of dealing with bloatware.

#4: Use a text-based login instead of a graphical login

Most of my Linux machines boot to run level 3 instead of run level 5. This will halt at the text-based login, where I only have to log in and issue startx to start my desktop of choice. The graphical logins do two things: increase load times and create headaches trying to recover from an X windows fubar.

#5: Use a lighter-weight distribution

Instead of loading the heavyweight Fedora, why not try a Gentoo, Arch, or Puppy Linux? The boot times for these smaller distributions are far faster than the more bloated Fedora (and even Ubuntu). Of the larger distributions, OpenSuSE claims to boot the fastest, but I have not personally tested this. Between the latest Fedora and Ubuntu, Ubuntu blows Fedora’s boot times away (and that is out of the box).

#6: Use an OpenBIOS

If you’re savvy enough to upgrade your PC’s firmware, you might consider migrating to an open source BIOS. One caveat to using open firmware is that it allows Linux to actually initialize the hardware as it boots (instead of relying on the BIOS). On top of that, many open BIOSes can be configured to meet your machine’s specific needs. If you don’t go the open BIOS route, you can at least configure your BIOS to not search for a floppy drive that’s not there or to boot directly to the first hard drive (instead of the CD drive first).

#7: Avoid dhcp

If you are working on a home network (or a small business network) where address lease isn’t a problem, go with static IP addresses. This will keep your machine from having to call out to a dhcp server to get an IP address. If you take this approach, make sure you configure your /etc/resolve.conf to reflect your DNS server addresses as well.

#8: If you can spare it, get rid of hotplug

Hotplug is the system that allows you to plug in new devices and use them immediately. If you know your server won’t need this system, delete it. This will cut down on boot time. On many systems, hotplugging consumes much of the boot time. Removing hotplug will vary depending upon the distribution you use. NOTE: udev has, for the most part, replaced hotplug. But if you’re running an older distribution, this does apply.

#9: If you are REALLY daring, you could give initng a try

The initng system serves as a replacement for the sysvinit system and promises to drastically decrease boot times in UNIX-like operating systems. If you would like to see the initng system in action, you can give the Pingwinek livecd a try.

#10: Use a hack with Debian

If you’re using Debian, there is a simple hack you can use to switch your startup scripts to run in parallel. If you look at the /etc/init.d/rc script, you will see: CONCURRENCY=none around line 24. Change this line to CONCURRENCY=shell and you should see a reduction in boot times.

That’s about it. Of course there are always more and better hacks out there. But the above should mostly cover everything. The good news is that you’re most likely already running Linux, so the burden of boot times is generally eased by the infrequency of reboots.


The Debian project announced the fourth update of its stable distribution Debian GNU/Linux 4.0 (codename etch). In addition to correcting several security problems and a few serious defects in the stable release, for the first time in Debian’s history an update for a stable distrubtion also adds support for newer hardware by giving users the option to install newer drivers.

Existing Debian GNU/Linux 4.0 installation CDs and DVDs can continue to be used to install this update. After installation, upgrading via an up-to-date Debian mirror will cause any out of date packages to be updated. However, users of the network-console installation method are strongly encouraged to update their media, see the “Debian Installer” portion of this announcement for more information.

Those who install updates frequently from won’t have to update many packages and most updates from are included in this update.

New CD and DVD images containing updated packages and the regular installation media accompanied with the package archive respectively will be available soon at the regular locations.

Upgrading to this revision online should be done by directing the aptitude (or apt) package tool (see the sources.list(5) manual page) at one of Debian’s many FTP or HTTP mirrors. A comprehensive list of mirrors is available at:

About etch-and-a-half

Etch and a half is Debian’s desire to support hardware that requires updated drivers. This marks the first time the Debian project updates several core packages in its stable distribution without security implications and demonstrates its huge dedication for their users.

Components newer than the first release of Debian GNU/Linux 4.0 (etch) that were not supported yet will be detected by an updated installation routine which is able to install a newer Linux kernel (2.6.24) on the freshly installed system. This revision includes packages that are based upon the Linux 2.6.24 kernel as well. Installation of these additional packages is not required and will not occur by default. The existing 2.6.18-based kernel will continue to be the default kernel for the etch release.

A more recent version of, the X window system, also contains new drivers that add support to e.g. Geforce 8 series GPUs, intel 965GM, 965GME, G33, Q35, Q33 cards. Dual-head setups are also supported rudimentary.

These packages have been updated or newly introduced through etch-and-a-half:

Package Reason
linux-2.6.24 Updated for new kernel for etchnhalf
linux-kbuild-2.6.24 Updated for new kernel for etchnhalf
linux-latest-2.6-etchnhalf New kernel for etchnhalf
xserver-xorg-video-nv Supporting more hardware
xserver-xorg-video-intel Supporting more hardware
aboot Fix alpha build, add support for kernels newer than 2.6.23
b43-fwcutter Fix wrongly encoded es.po
debconf Make debconf-apt-progress compatible with the Lenny installer
sysvinit Update shutdown to work with libata in linux newer than 2.6.23
wireless-tools Update to claim support for WE API in etchnhalf kernel

Release notes covering the special features of etch-and-a-half have been written as well as a short update for the installation instructions.

Debian-Installer Update

The Debian-Installer was updated to repair an issue with the network-console installation option. Due to a lack of entropy in how the host key is generated, earlier Debian GNU/Linux 4.0 installers are vulnerable to a man-in-the-middle attack. Two other issues regarding installation on already existing RAID setups and recognizing PowerPC64 system have been fixed as well.

Miscellaneous Bugfixes

This stable update adds several binary updates for various architectures to packages whose version was not synchronised across all architectures. It also adds a few important corrections to the following packages:

Package Reason
apache2 Fix possible segfault introduced by patch for CVE-2007-6421
balsa Fix for stack-based buffer overflow
base-installer Correctly recognize powerpc64 systems
cbrpager Backported security fixes from upstream 0.9.18 for CVE-2008-2575
chkrootkit ‘Enye’ check was killing random applications
debian-installer Rebuilt images containing network-console
dns-flood-detector Actually write a pid file for start-stop-daemon
exiv2 Fix regression in security update
fai-kernels Rebuilt against linux-2.6_2.6.18.dfsg.1-21
firmware-nonfree Build-depend on new kernel ABI 2.6-6
glibc Fix nscd host caching and linker script for libraries using TLS
grub Fix 1 TiB disk addressing limit
hal Allow mounting ntfs volumes from within KDE
initramfs-tools Fix MBR checking on md devices and booting with Xen
kiosktool Correct the path to the KDE menu file
licq Fixing ‘ICQ version too old’ connection failure
linux-2.6 Fix several issues
partman-lvm Fix installation with already existing RAID
pdftohtml Transition users to poppler-utils
python-django Fix cross-site scripting vulnerability
qsynth Fix wrongly named desktop file
qt-x11-free Ease updates of KDE by hardcoding the unames
trac Fix multiple issues
tzdata New timezone information
user-mode-linux Rebuilt against linux-2.6_2.6.18.dfsg.1-21
vzctl Fix file permission transfer on migrations
wxmaxima Fix connection problems making the package unusable
xpdf Remove strict versioned dependency on xpdf-utils to fix upgrade
xpenguins-applet Avoid double free
znc Fix NULL pointer dereferences leading to crashes

These packages were updated on the specified architecture to bring the architectures back in sync:

Package Architecture — Reason
apache2-mpm-itk s390 amd64 sparc powerpc arm i386 mips ia64 alpha mipsel hppa — Rebuilt against updated apache2
gtimer amd64 — Rebuilt against Etch libraries
kdebase arm
kdelibs arm
sage ia64 — Rebuilt against libsdl1.2_1.2.11-8 to kill off dangling .la references
sear ia64 — Rebuilt against lib3ds-dev 1.2.0-4.1+etch1

Security Updates

This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates:

Advisory ID Package Correction(s)
DSA-1484 xulrunner Fix several vulnerabilities
DSA-1485 icedove Fix several vulnerabilities
DSA-1492 wml Clean up temporary files
DSA-1497 clamav Fix several vulnerabilities
DSA-1498 libimager-perl Fix arbitrary code execution
DSA-1499 pcre3 Fix arbitrary code execution
DSA-1500 splitvt Fix privilege escalation
DSA-1501 dspam Fix information disclosure
DSA-1502 wordpress Fix multiple vulnerabilities
DSA-1505 alsa-driver Fix kernel memory leak
DSA-1506 iceape Fix several vulnerabilities
DSA-1507 turba2 Fix permission testing
DSA-1508 sword Fix insufficient input sanitising
DSA-1509 koffice Fix multiple vulnerabilities
DSA-1510 gs-gpl Fix arbitrary code execution
DSA-1511 icu Fix multiple problems
DSA-1512 evolution Fix arbitrary code execution
DSA-1513 lighttpd Fix CGI source disclosure
DSA-1514 moin Fix several vulnerabilities
DSA-1515 libnet-dns-perl Fix several vulnerabilities
DSA-1516 dovecot Fix privilege escalation
DSA-1517 ldapscripts Fix information disclosure
DSA-1518 backup-manager Fix password disclosure
DSA-1519 horde3 Fix insufficient input sanitising
DSA-1520 smarty Fix insufficient input sanitising
DSA-1522 unzip Fix programming error
DSA-1523 ikiwiki Fix cross-site scripting
DSA-1524 krb5 Fix multiple vulnerabilities
DSA-1525 asterisk Fix several vulnerabilities
DSA-1526 xwine Fix several vulnerabilities
DSA-1527 debian-goodies Fix insufficient input sanitising
DSA-1528 serendipity Fix cross site scripting
DSA-1530 cupsys Fix multiple vulnerabilities
DSA-1531 policyd-weight Fix insecure temporary files
DSA-1532 xulrunner Fix several vulnerabilities
DSA-1533 exiftags Fix several vulnerabilities
DSA-1534 iceape Fix several vulnerabilities
DSA-1535 iceweasel Fix several vulnerabilities
DSA-1536 xine-lib Fix several vulnerabilities
DSA-1537 xpdf Fix multiple vulnerabilities
DSA-1538 alsaplayer Fix arbitrary code execution
DSA-1539 mapserver Fix multiple vulnerabilities
DSA-1540 lighttpd Fix denial of service
DSA-1541 openldap2.3 Fix denial of service
DSA-1542 libcairo Fix arbitrary code execution
DSA-1543 vlc Fix several vulnerabilities
DSA-1544 pdns-recursor Fix cache poisioning vulnerability
DSA-1545 rsync Fix arbitrary code execution
DSA-1546 gnumeric Fix arbitrary code execution
DSA-1547 Fix arbitrary code execution
DSA-1548 xpdf Fix arbitrary code execution
DSA-1549 clamav Fix several vulnerabilities
DSA-1550 suphp Fix local privilege escalation
DSA-1551 python2.4 Fix several vulnerabilities
DSA-1552 mplayer Fix arbitrary code execution
DSA-1553 ikiwiki Fix cross-site request forgery
DSA-1554 roundup Fix cross-site scripting vulnerability
DSA-1555 iceweasel Fix arbitrary code execution
DSA-1556 perl Fix denial of service
DSA-1557 phpmyadmin Fix several vulnerabilities
DSA-1558 xulrunner Fix arbitrary code execution
DSA-1559 phpgedview Fix cross site scripting
DSA-1560 kronolith2 Fix cross site scripting
DSA-1561 ltsp Fix information disclosure
DSA-1562 iceape Fix arbitrary code execution
DSA-1563 asterisk Fix denial of service
DSA-1564 wordpress Fix several vulnerabilities
DSA-1566 cpio Fix denial of service
DSA-1567 blender Fix arbitrary code execution
DSA-1568 b2evolution Fix cross site scripting
DSA-1569 cacti Fix multiple vulnerabilities
DSA-1570 kazehakase Fix arbitrary code execution
DSA-1571 openssl Fix predictable random number generator
DSA-1572 php5 Fix several vulnerabilities
DSA-1573 rdesktop Fix several vulnerabilities
DSA-1574 icedove Fix several vulnerabilities
DSA-1576 openssh Fix predictable randomness
DSA-1577 gforge Fix insecure temporary files
DSA-1578 php4 Fix several vulnerabilities
DSA-1579 netpbm-free Fix arbitrary code execution
DSA-1580 phpgedview Fix privilege escalation
DSA-1581 gnutls13 Fix potential code execution
DSA-1582 peercast Fix arbitrary code execution
DSA-1583 gnome-peercast Fix several vulnerabilities
DSA-1584 libfishsound Fix arbitrary code execution
DSA-1585 speex Fix arbitrary code execution
DSA-1586 xine-lib Fix several vulnerabilities
DSA-1587 mtr Fix arbitrary code execution
DSA-1589 libxslt Fix arbitrary code execution
DSA-1590 samba Fix arbitrary code execution
DSA-1591 libvorbis Fix several vulnerabilities
DSA-1593 tomcat5.5 Fix missing input sanitising and cross site scripting issue
DSA-1594 imlib2 Fix buffer overflows in XPM and PNM loaders
DSA-1595 xorg-server Fix several vulnerabilities
DSA-1596 typo3-src Fix several vulnerabilities
DSA-1597 mt-daapd Fix several vulnerabilities
DSA-1598 libtk-img Fix buffer overflow
DSA-1599 dbus Fix programming error
DSA-1600 sympa Fix denial of service
DSA-1601 wordpress Fix several vulnerabilities
DSA-1602 pcre3 Fix arbitrary code execution
DSA-1603 bind9 Fix cache poisioning
DSA-1606 poppler Fix arbitrary code execution
DSA-1608 mysql-dfsg-5.0 Fix authorization bypass
DSA-1611 afuse Fix privilege escalation
DSA-1612 ruby1.8 Fix several vulnerabilities
DSA-1613 libgd2 Fix multiple vulnerabilities

A complete list of all accepted and rejected packages together with rationale is available on the preparation page for this revision:

Removed packages

The following packages were removed due to circumstances beyond our control:

Package Reason
glimpse Licensing issues
dcc Incompatible with DCC network, security issues
maxdb-7.5.00 Security issues


The complete lists of packages that have changed with this release:

The current stable distribution:

Proposed updates to the stable distribution:

Stable distribution information (release notes, errata, etc.):

Security announcements and information:


The operating system must be reloaded onto a separate disk, which will become the primary, and old disck can be mounted as a different mount point for reference / restore. Plesk actually has a nice migration tool (, and as such, a disk to disk-based migration is easy to accomplish. The following steps can be used: Mount the old drive, for example to the /restore directory. If there are several partitions on the old drive, for example / and /var, they all should be mounted as they were in the old system, so / is mounted to /restore/ and /var/ to /restore/var/Stop all Plesk services in the new system with: # /etc/init.d/psa stopallCopy the migration agent to the old drive (make sure that there is enough free disk space to perform the dump): # mkdir /restore/migration # mkdir /restore/migration/archives # cp -r /usr/local/psa/PMM/agents/shared/* /usr/local/psa/PMM/agents/PleskX/* /restore/migration chroot to the root directory of the old server (/restore in our case): # export SHELL=/bin/bash # chroot /restoreStart MySQL from the old drive in the new chrooted environment: # /etc/init.d/mysql startRun migration agent to make Plesk dump (note, this may take a few hour depending on the amount of data to backup): # cd /migration # ./ –dump-all -v5Move all files except for dump.xml from /restore/migration/ to /restore/migration/archive directory.You can now import data via the Plesk control panel. Select the import option on the Server->Migration page and specify /restore/migration (used in this example) as the working directory.

Microsoft, one of the biggest rivals to open-source programming, has begun funding the Apache Software Foundation, one of open-source software’s biggest supporters.

“Microsoft is becoming a sponsor of the Apache Software Foundation. This sponsorship will enable the ASF to pay administrators and other support staff so that ASF developers can focus on writing great software,” said Sam Ramji, a senior director of platform strategy at Microsoft. He announced the move Friday in a speech at the Open Source Convention, and noted Microsoft’s support of Apache on the software company’s Port 25 blog as well.

Obviously you might think this an opportune moment to cue up the soundtracks of record needles screeching and cars crashing into each other. But hold your horses.

For one thing, some within Microsoft have for years been making various encouraging words about open-source software, even though others have engaged in serious trash-talking. The company has no apparent desire to let the programming world have its way with Windows, as is possible with Linux, but Microsoft has been trying to make nice in some circles.

Playing nice with open source
For example, Microsoft has released its own open-source licenses and has put some technology under its Open Specification Promise, which lets open-source programmers use it. Also on Friday, Ramji said that policy makes it clear the promise applies to commercial uses of the technology, too.

Another example: Microsoft has been working closely with Zend for Windows support of PHP, an open-source project that lets servers create Web pages on the fly.

PHP is often used in conjunction with other open-source components: Linux, the Apache Web server software that’s used to dish up Web pages, and the MySQL database that’s used to store the data used to build Web pages elements such as online catalog pages or online forum postings. In fact, the four are used often enough that there’s an acronym for it: LAMP.

But there’s also the idea of WISP, which substitutes many of Microsoft’s own components: Windows, Internet Information Services for a Web server, and SQL Server for the database. On Friday, Microsoft released a patch to ADOdb, a package PHP uses to access databases. The patch lets PHP use SQL Server.

In other words, some parts of Microsoft are learning how to play nice with some parts of the open-source world.

Apache’s liberal license
Second is the Apache License that governs the foundation’s projects. Many of Microsoft’s attacks on open-source software were aimed at the General Public License, which has a reciprocity provision: If you make a change to a GPL project, then distribute software employing that change, you must share the change under the GPL.

The Apache License, though, lets programmers take software and combine it with proprietary software in any way, with no obligation to share. That’s how IBM, for example, uses the Apache Web server software in its proprietary WebSphere product.

For Microsoft, that means Apache’s projects can be used within Microsoft. And there are some that could be of interest.

Apache: Useful projects
Third is what the Apache Software Foundation is up to.

When it began, Apache didn’t have too many projects under its umbrella besides the HTTP Web server that has surpassed Microsoft’s competing products in market share since at least 1995, according to Netcraft’s Web server survey.

Now Apache has dozens of projects.

Here’s one that Microsoft, given its so-far fruitless efforts to catch up to Google in search, might enjoy: Hadoop, an open-source version of Google’s MapReduce algorithm that’s instrumental to processing huge data sets. Yahoo contributes to Hadoop and uses it in its own operations.

There’s nothing stopping Microsoft from using Hadoop or any other Apache project without funding Apache, but sponsorship makes some sense for political and practical reasons.


It’s difficult to separate the movie from its mystique. Even under ordinary circumstances, The Dark Knight would have been one of the most hotly awaited movies of the summer blockbuster season.

The loss of Heath Ledger to an accidental prescription-drug overdose in January has amplified the buzz around the film — and his crazed performance as the Joker — to extraordinary levels.

Nothing could possibly satisfy that kind of expectation. The Dark Knight comes pretty close.

Christopher Nolan’s film is indeed an epic that will leave you staggering from the theatre, stunned by its scope and complexity. It’s also, thankfully, a vast improvement over his self-serious origin story, 2005’s Batman Begins.

As director and co-writer with his brother, Jonathan (David S Goyer shares a story credit), Nolan has found a way to mix in some fun with his philosophising.

Ambitious, explosive set pieces share screen time with meaty debates about good vs evil and the nature of — and need for — a hero.

Batman (Christian Bale) has been that guy. Now, he’s not so sure he should be anymore. He’s protected Gotham fiercely (and with some fierce toys), but the new district attorney, Harvey Dent (Aaron Eckhart), seems to be putting a dent in organised crime with help from Lt Gordon (Gary Oldman).

Perhaps Batman should return to his “normal” life as billionaire Bruce Wayne and leave the clean-up work to the professionals. Maybe he can even rekindle his romance with old flame Rachel Dawes (Maggie Gyllenhaal, taking over more than capably for Katie Holmes, although she doesn’t get much to do, either).

And so The Dark Knight presents an existential crisis — what comic-book hero doesn’t suffer these? — but does so in a totally different way from its predecessor. Whereas Batman Begins felt too solemn and introspective, this installment might actually be too fast.

Like the Caped Crusader himself, speeding through the streets of Gotham City on his tricked-out Bat-Pod motorcycle, Nolan moves breathlessly from one scene to the next.

Trouble is, he’s got such great vision and is so adept at creating a compelling mood, it makes you wish he’d held some moments for a beat or two longer, just to savour them — and to let us do the same.

A couple of scenes in Bruce’s stark, crisply lit Bat-bunker come to mind, as does Batman’s nighttime flight over a glittering Hong Kong.

(Wally Pfister, a longtime Nolan collaborator who also shot Batman Begins and Memento, returns as cinematographer. Hans Zimmer and James Newton Howard once again teamed up to compose the huge, sweeping score.)

Nolan was wise enough, however, to give Ledger plenty of room to shine — albeit in the actor’s indelibly perverse, twisted way. There’s nothing cartoony about his Joker.

Ledger wrested the role from previous performers Cesar Romero and Jack Nicholson and reinvented it completely.

Yes, he’s funny, wringing laughs from both clever one-liners and maniacally grand schemes. He can be playful, finding unexpected avenues into the character: “You complete me,” he purrs to Batman, mockingly borrowing Tom Cruise’s classic line from Jerry Maguire and dashing all possibilities for the Caped One’s imminent retirement.

But because there’s no logic behind his mayhem, he’s also truly terrifying.

The terror he inflicts on Gotham is meticulously planned (the opening bank heist, shot with IMAX cameras, is a marvel of timing) and yet his sole inspiration is to create chaos, then watch the city squirm and burn.
That his attacks grow larger each time, regardless of the collateral damage, makes him so genuinely disturbing.

Ledger seems to have understood that, and brings an appropriate — and riveting — unpredictability to the role. It’s also a neat touch that his makeup, which looked like a slapdash effort from the start, steadily deteriorates, streaking, cracking and peeling away as the film progresses; it’s an outward manifestation of his psychological spiral.

Back to Batman, though — because theoretically, it is his movie, right?
Bale seems more assured than ever, now that he has more facets of Batman/Bruce’s personality to reveal than he did in the last film.

He’s consistently proven he’s capable of going to dark, scary places for his characters (see: American Psycho, Rescue Dawn) and this is no exception.

Also returning are Michael Caine as Bruce’s butler, Alfred, and Morgan Freeman as gadget guru Lucius Fox. Both veterans help anchor the movie with a wisdom and calmness that’s crucial when everything (and everyone) is in a state of turmoil. As for Oldman, he disappears into the role of Lt Gordon and makes it look so effortless, he makes you forget he’s acting.

Eckhart, the snarky star of Thank You for Smoking, may seem an unusual choice to play a law-and-order kind of guy.

Here, he’s subtle enough to keep us guessing until nearly the end as to where his morals and allegiances truly lie (though eventually he will become the villainous Two-Face, as we know).

But the key showdown, of course, is between Batman and the Joker. Theirs is a relationship that’s strangely symbiotic — you could even call it codependent. Or as the Joker puts it, “You and I could do this forever.” If only.

Billionaire, cosmonaut and founder of the fast-growing Ubuntu Linux distro Mark Shuttleworth dreams impossible dreams.

No, not a return to the stars. He believes in something that’s far harder for mortal open source engineers to achieve.

That dream? To produce a desktop more beautiful to ordinary users than legions of Apple programmers supping on the milk of chief exec Steve Jobs’ alleged brilliance are capable of producing. That includes a desktop not funded by a clutter of annoying banner or Flash-based ads, but paid for by subscription-based services.

Now you’re done dreaming, go home and code for the victory.

the company in the quality of the desktop experience they deliver users.

His company Canonical, Ubuntu’s commercial sponsor, is working to make the Ubuntu desktop “more beautiful” in the next two years, he told OSCON.

“I think the great task in front of us in the next two years is to lift the experience of the Linux desktop from something stable and usable and not pretty, to something that’s art,” Shuttleworth said.

“Think of the way the iPhone uses a pure software experience, it abstracts away all the hardware,” he said. “You can paint anything on the screen because it’s all software.”

There is the tiny question of funding open-source development. Shuttleworth noted the demand is clearly there from companies and individuals for open-source software, but where the money comes from to support such efforts is not clear.

The noise machine of Web 2.0 and software-as-a-service (SaaS) is all about ads-based revenue. Even mighty companies such as Microsoft are willing to stuff their software full of ads, which are irritating to users and cause distractions. Just for the chance to get online ads dollars.

Carrying the banner of the TiVo generation, Shuttleworth dismissed placement of ads in desktop software as “offensive”. He suggested ISVs should make money doing a little hard work selling services, instead.

“There is an emerging emphasis on services – that is the engine to invest in free software applications,” he said. “We [Canonical] are hiring guys to work on the desktop… the rationale is online services. This must be a shared platform.”

According to Shuttleworth, open source provides unparalleled opportunities to generate wealth and create change through innovation. He supported open-source projects like Firefox, which rely on plug-ins to harness other people’s ideas and extend the underlying platform.

He warned that a few challenges exist on the road to greater innovation, wealth and social change via open source.

Platform, tolerance and Linux

First, there’s a need for “platform tolerance”. Open source must figure out how to work with rather than exclude those on Windows. “While we can all be focused on making Linux the winning platform, we need to think about how we work with other people who work across multiple platforms,” he said.

Open source needs the participation of non-experts using tools that are simple enough for non-rock star developers to use. “The bulk of participants in free software projects come from people around the core… We sometimes focus on the rock stars. Choosing tools in our projects that make it easy for people to get stuff done and get out is a winning strategy,” Shuttleworth said.

He also returned to a familiar theme of greater cooperation between disparate projects. Coordination of releases would be beneficial in cases where there are interdependencies, reducing bugs, helping produce a general open-source platform that could bring open source to the attention of the world at large.


as reported by

Linkin park

[clearspring_widget title=”Linkin Park widget” wid=”47150cd6885d8f10″ pid=”48825238653a879d” width=”404″ height=”431″ domain=””]