Linux News Today features the latest news from the global Linux community. This site is updated daily. Click here to return to our homepage. Get the lowest cost and the best tech support on any Linux web hosting plan. Click here for details.
                                          home   |   news archives   |   linux forum   |   advertise on our site   |   contact



Click here to order your new fully dedicated Plesk server with the Linux operating system.


Promote your company. Reach over 450,000 Linux software developers, Linux users, Web hosting companies, etc. Boost your sales and promote your brand. Read more, click here.


Do it right this time. Click here and we will take good care of you!


Get all the details by clicking here!


Plans begin at $24.95 a month. Get more details, click here.


Promote your company. Reach over 450,000 Linux software developers, Linux users, Web hosting companies, etc. Boost your sales and promote your brand. Read more, click here.




Click here to order your new fully dedicated Plesk server with the Linux operating system.





Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Android and Linux could actually make money for Microsoft

Add to del.icio.us     Digg this story Digg this

Get a great Linux dedicated server for less than $4 a day!

Share on Twitter

September 21, 2011

It's not that long ago that most people in the Linux community would have said that Linux and Microsoft make for very strange bed partners. But now things seem to be shifting for the software giant, and the company is poised to reap significant benefits if it puts its expensive lawyers to work.

And in the case of Casio, that's exactly what has been happening lately. Casio has in fact agreed to pay royalties to Microsoft in exchange for the company's pledge not to sue Casio for using some Linux code in its products. Huh you might say? Yes, you've read right!

The agreement makes Casio the latest in a rapidly growing list of OEMs that are paying to use what is ostensibly open source software, rather than risk a lengthy and expensive legal battle with Microsoft. Call it 'insurance' if you want, but this has significant positive impact, even for a company the size of Microsoft.

Under the multi-year agreement, Microsoft also promised not to pursue legal action against Casio's customers as well. Casio is most known for consumer devices such as watches and calculators, but it also makes business systems, including industrial handheld terminals that incorporate a mix of Microsoft and Linux technologies-- and that's what it's all about!

At Cloud Connect 2011 in Silicon Valley a few days ago, TechWeb's David Berlin got a demonstration of CA's recently acquired 3 Tera AppLogic graphical private cloud deployment tool. "We're pleased to reach an agreement and to see continued recognition of the value of our patent portfolio, particularly as it relates to operating systems," said Horacio Gutierrez, corporate vice president and deputy general counsel of Microsoft's intellectual property group.

And to the dismay of open source advocates, Microsoft has long maintained that Linux violates a number of Microsoft patents relating to the Windows operating system, and most likely will continue its rhetoric for many more years to come.

In recent months, a number of manufacturers that use Linux in their products have also agreed to pay royalties to Microsoft-- either because they agree with Redmond's claims or they simply do not want to waste a lot of time and large amounts of money to a long and ugly courtroom battle that would extend for years.

Among the companies now paying Microsoft for the right to use Linux are Samsung, LG Electronics, Fuji, Xerox, Brother, Kyocera and Mita. Strange bed fellows in deed.

But let's be fair here. After all, Microsoft does openly contribute some code to the Linux community. For instance, in July it released about 20,000 lines of device driver code under the open source GPLv2 license and submitted it for inclusion in the Linux repository root.

Also in July, it released the Microsoft Live Services Plug-in under GPLv2 so that its Live@edu services could also be integrated with the Moodle open-source course management system.

Gutierrez said there's no contradiction in the fact that Microsoft open sources some of its own code while asking Linux users to purchase licensing rights for those parts of the Linux kernel it believes are drawn from Windows, at least that's what he claims.

"Some observers in the Linux and open source community question how a company can contribute to open source projects while, at the same time, insist on respect of its intellectual property rights by its competitors," said Gutierrez, in a recent blog post.

"In fact, these two things are not inconsistent, and striking a balance between them is one of the key things every commercial technology company must do in order to compete effectively in a mixed source world," he added.

And Microsoft has taken a similar approach when it comes to smartphone software. The software giant has obtained royalties from a number of mobile handset makers that use Google's open source Android operating system to power their devices.

General Dynamics, Itronix, Velocity Micro and even Onkyo are among the Android users that have agreed to purchase Android licensing rights from Microsoft. Barnes & Noble, meanwhile, is disputing Microsoft's claim that its Android-based Nook e-reader violates Microsoft patents.

For now, it's still not clear how much Microsoft earns from its royalty program, as the company doesn't report the number on its public financial statements. By some estimates, however, it has earned more from Android, the most popular mobile operating system in the U.S. market, than it has from its own Windows Phone 7 software, which greatly lags behind Apple's iOS and even RIM's BlackBerry OS, in market share.

Google recently struck a deal to acquire Motorola Mobility, according to many observers, in a strategy to gain control of Motorola's significant patent chest. The reasoning is that Google felt it needs a richer patent portfolio to counter Microsoft's intellectual property licensing drive.

Microsoft said it has struck about 700 deals since launching its IP licensing program eight years ago.

In other news about the Linux community

The UEFI (Unified Extensible Firmware Interface) secure boot protocol is part of recent UEFI specification releases. It allows one or more signing keys to be installed into a system firmware.

Once enabled, secure boot prevents executables or drivers from being loaded unless they're signed by one of these keys. Another set of keys (PKEK) permits server communication between an operating system (OS) and the firmware itself.

An OS with a PKEK matching that installed in the firmware may add additional keys to the whitelist. Alternatively, it may add keys to a blacklist as well. For security reasons, binaries signed with a blacklisted key will not load.

However, and this is a bit sad for now, there's no centralised signing authority for these UEFI keys as of today, but it is hoped that this will soon change.

If a vendor key is installed on a PC or on a server, the only way to get the code signed with that key is to get the vendor to perform the signing.

A personal computer or server may have several keys installed all at once, but if you are unable to get any of them to sign your binary, then it won't be installable.

And of course, this impacts both software and hardware vendors at the same time. An OS vendor cannot boot its software on a system unless it's signed with a key that's included in the system firmware.

A hardware vendor cannot use its hardware inside the EFI environment unless the drivers are signed with a key that's included in the system firmware.

If you install a new graphics card that either has unsigned drivers, or drivers that are signed with a key that's not in your system firmware, you'll get no graphics support in the firmware-- it's as simple as that.

For its part, Microsoft requires that PCs and servers conforming to the Windows 8 program and running a client version of Windows 8 ship with secure boot enabled.

The two alternatives are for the Windows OS to be signed with a Microsoft key and for the public part of that key to be included with all systems, or alternatively for each OEM to include their own key and sign the pre-installed versions of Windows.

The second approach would make it impossible to run boxed copies of Windows on some hardware, and also impossible to install new versions of Windows unless your OEM provided a new signed copy. The former seems more likely, and would certainly make a lot of sense in terms of potential copyright violations of the OS.

Therefore, a system that ships with only OEM and Microsoft keys will not boot a generic copy of Linux.

Of course, one could always provide a signed version of a Linux flavor or specific distribution. But that poses several issues, however.

For a start, we would need a non-GPL bootloader. Grub 2 is released under the GPLv3, which explicitly requires that we provide the signing keys. Grub is under GPLv2 which lacks the explicit requirement for keys, but it could be argued that the requirement for the scripts used to control the compilation includes just that.

But to be sure, it's certainly a grey area, no question about that, and exploiting it would be a pretty good show of bad faith.

Additionally, and in the near future, the inherent design of the Linux kernel will mean that the kernel itself will most likely be part of the bootloader.

This means that kernels will also have to be signed, making it impossible for users or developers to build their own kernels.

Finally, if we self-sign, it's still necessary to get our keys included by every OEM, a procedure that will most likely annoy some system developers and integrators.

For now, there's simply no indication that Microsoft will prevent vendors and OEMs from providing firmware support for disabling this feature and running unsigned code.

But experience has taught us that many firmware vendors and OEMs are interested in providing only the minimum of firmware functionality required for their own specific market.

And it's almost certainly the case that some systems will ship with the option of disabling this. Equally, it's almost certainly the case that some systems won't at all.

The jury is still out on all of this. It's probably not worth panicking just yet, but it's certainly worth being concerned for the time being.

As always, we will keep you posted on this and on other Linux news.

In other news from the Linux community and elsewhere

Just two weeks after the kernel.org Linux archive site suffered a critical hacker attack, now the Linux Foundation has gone public about an attack it has also suffered and now has pulled its websites down to clean up a security breach.

Get your fully dedicated Plesk Linux server with a free Plesk control panel, a $40 per month value.

A notice posted on the Linux Foundation site said the entire infrastructure including LinuxFoundation.org, Linux.com, and all their many subdomains are now down for security patch-up work due to a security breach that was discovered on September 8.

“The LinuxFoundation made this important decision in the interest of extreme caution and security best practices. We believe this security breach was connected to the intrusion on kernel.org,” the group said.

"We are currently in the process of restoring services in a secure manner as quickly as possible. As with any security intrusion, and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all our systems and will update this statement when we have more information," a posting on its homepage said.

"We greatly apologize for this inconvenience. We are taking this matter very seriously and appreciate your patience," said the Foundation.

The Linux Foundation infrastructure houses a variety of files, programs, scripts and services including Linux.com, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories. Those are hosted on numerous mirror sites across the globe.

The kernel.org website is still offline as of today after a security compromise was discovered on August 28th.

In other Linux news

So far, 2011 started with some radical and even controversial changes to prepare Ubuntu for touch-based consumer computing, and now the company is getting ready for the transition into Cloud on Servers. And the change should be a smooth one as it is for most companies involved in the Cloud Segment of the IT industry.

The Linux community has released the first beta of Ubuntu 11.10, codenamed Oneiric Ocelot and expected as finished code for potential download in October.

The deployment and management of clouds and cloud-based workloads running Ubuntu Linux and CentOS Linux on server hardware isn't exactly new. Sun Hosting fully deployed its Cloud-Based Hosting Solutions in March 2010, and now the company is busy deploying version 2.0 of its Cloud Enterprise Solutions that will be ready in November.

The beta of Ubuntu Server includes Orchestra, which allows you to provision, deploy, host, manage and orchestrate enterprise data center infrastructure services.

According to one Linux application developer, OpenStack is Orchestra's foremost workload. Orchestra features separate servers for provisioning, management, monitoring and logging of applications, servers and workloads.

Orchestra, meanwhile, is tightly integrated with the Ocelot beta's other big push towards clustered servers running Ubuntu Linux as a cloud platform-- Ubuntu Ensemble, which is designed to handle service deployment and orchestration for cloud and on bare metal.

Orchestra is billed as something that will bring 'Dev Ops' to clouds and data centres running Ubuntu. Devops is the voguish term for trying to bridge the gap between the development and management of applications that was once called application lifecycle management by marketing people.

Ensemble provides a set of best practices and formulas to help ensure that Linux apps running on a server will operate in the same way once in the cloud. In that case, the cloud in question would be an Amazon or Sun Hosting-compatible service.

Source: Microsoft.

Add to del.icio.us     Digg this story Digg this

Get a great Linux dedicated server for less than $4 a day!

Share on Twitter

All logos, trade marks or service marks on this website are the property of their respective companies or owners.

Article featured on Tech Blog and on Business 5.0

Get a best price and the most dependable server colocation reliability from the experts at Sun Hosting. Learn more. This article was featured on Tech Blog and Business 5.0.












ADVERTISERS:
Linux News Today.org is read by over 450,000 people involved in the field of Linux application development, professional Web hosting services, Linux security, Linux Web development, etc. Inquire about our reasonable advertising rates on our news website. One of our advertising representatives will be in touch with you. Simply email us to learn about our ad rates and how we can help drive relevant traffic to your website. Advertising space is limited.





  Site powered by Linux Hosting      Sponsored by DMZ eMail and by Sun Hosting.      Linux news while they are still fresh.    © LinuxNewsToday.org.   Linux is a registered trademark of Linus Torvalds.