Please feel free to forward this newsletter to as many friends as possible. I have a personal goal of reaching one million readers. I can achieve it with your help.

  the Software View: Linux, open sorcery. (Part I)

Welcome back, gentle readers. For those of you with Web access and a Netscape Navigator browser, please click here:
http://www.softwareview.com/
Scroll down the page and you will notice a link entitled, "Daily view weblog". The daily news page is also known as a "web log". It is en vogue and the fashion of these days to call it that. Click on the link, click "reload" on your browser or clear your browser cache to ensure that you always receive the freshest, hottest daily news concerning Java^TM, Linux®, XML, wireless, and the software industry! The link never changes, but I will be updating the HTML file page behind it every day. Please, do take a gander at it every day.

Also, gentle readers, the Software View is an Associate Internet World Wide Web site of Amazon.com. I'd like to extend my sincere, heartfelt gratitude and thanks for your patronage. I'm offering links to books, et cetera that you can purchase from my web site. I'd greatly appreciate it if you would purchase software industry books from my web site. Help support my newsletter and web site by purchasing items from Amazon.com from my web site. Here is the URL (Uniform Resource Locator):
Click here

Now, dear readers, on with this week's episode of the Software View!

From the ether of the Internet, emerged a powerful operating system that breathes fresh air into a desktop world populated with few alternatives. It is free, yet is as robust as any Unix operating system and more reliable than Microsoft's Windows. Linux is the fastest growing software operating system environment in the world, is loved by pony-tailed software developers world-wide, is free, and best of all, it's open-source. No longer the rarefied operating system environment of Unix developers, it is making its way onto numerous corporate networks. Many aspiring developers and Unix systems administrators cut their teeth on Linux, taking advantage of bundled software development tools, numerous well-written books, and fully open-source software code. It's fast becoming the darling of networking vendors and enterprise users alike, with a very devoted and knowledgeable following. Tux, the Linux penguin mascot originally drawn by Larry Ewing (lewing@isc.tamu.edu) using GIMP, has finally waddled off its isolated iceberg into the waters of enterprise network operating system environment territory.

Although warmly embraced by its devotees, Linux has often gotten the cold shoulder from the proprietary Microsoft Windows establishment. The efforts of loyalists to get the word out about this versatile, flexible - and undeniably economical - operating system environment were once considered a Linux love fest thrown by fringe-element code junkies who occasionally peered up from their workstations to flip through the latest issue of Pocket Protector Monthly. As this stereotype persisted, it pushed Linux to the bottom of the pile when it came to mind share among network managers and information technology professionals who were becoming more aware of the link between enterprise computing resources and business issues.

Ann Harrison writes, "The open-source Unix look-alike was hatched a mere eight years ago by an obscure, self-effacing twenty-one years old, native of Finland, University of Helsinki graduate student named Linus Torvalds. The thought that anything free could eventually have commercial value might make skeptics smirk. We're so invested in the party lines of behemoths like Microsoft, that many of us disregard Linux, at least where serious work is concerned.

EYES WIDE OPEN

So many analogies and metaphors have been used to explain the success of Linux. The following quote is attributed to Mahatma Ghandi.
"First, they ignore you.
Then they laugh at you.
Then they fight you.
Then you win."

This Unix clone, a community product of software engineers, based upon the work of Torvalds, has escaped its cage. Once prophesied by pundits to be one more in the tragic line of superior technologies doomed to an untimely demise (like AmigaDOS, the Next computer workstation line, and IBM's OS/2), Linux has, instead, confounded its critics by establishing a foothold on enterprise networks. While Linux was initially smuggled in through the back door by rebellious engineers, it's now rapidly gaining acceptance as an enterprise operating system environment. According to DataPro Information Services (Delran, New Jersey), the number of companies using Linux grew by twenty-seven percent from 1996 to 1997. More and more professionals plan on increasing the presence of Linux in their enterprises.

WHY ASK WHY

Why? Because articles appeared in high-technology publications, illuminating the attributes of Linux. It outperforms all other operating system environments, including Microsoft's Windows, when ranked by customers according to interoperability, cost of ownership, price, and availability. Indeed, DataPro's customer satisfaction poll of eight hundred twenty-nine information systems managers in large organizations showed Linux trouncing the likes of Open Server, UnixWare, AIX, NetWare, and, yes, Windows.

Why do professionals choose Linux for their enterprises? Because Linux is freeware and can be easily downloaded from the Internet; it's easy to manage and configure; it's a legendarily stable operating system environment; and it is supported by a large user community; its excellent performance, it's easy to work with, it runs on legacy computer hardware, it has a large number of low-cost or free applications that run on it, and because its source code is easily available. One of the reasons Linux has become so popular is that no single vendor controls it.

LINUX VIRTUES

Its strengths as an operating system offer special appeal to businesses, as outlined below.

Total cost of ownership (TCO). The low TCO, including maintenance and unlimited user licenses, allows resellers to offer competitively priced solutions while focusing on value-added services. Linux and the open-source model offer great margins for value-added resellers (VAR's).

Stability and customization. Linux provides zero downtime, and its openness gives VAR's the freedom to custom-build solutions.

Scalability. Linux scales extremely well, and its unlimited user licenses and reliability ensure Linux will adapt well to the needs of companies as they grow. With Linux, businesses also are less likely to upgrade hardware constantly in order to support the operating system.

Multi-platform interoperability. For business customers with multiple computing environments, Linux's multi-platform interoperability enables Linux to serve as the "glue" that holds a heterogeneous network together. Linux supports NFS (Unix), SMB (OS/2, Windows), AppleTalk (Macintosh), and NCP (Novell Incorporated's NetWare).

Security. Network security is critical for the growing number of businesses offering electronic-commerce solutions. Linux systems provide a powerful firewall and ensure network security for internal and external traffic.

Growing demand for and availability of Linux solutions. Interest in Linux in the business community is growing steadily. As the number of business applications for Linux increases, Linux will expand onto the desktop as well as the server.

In general, companies choose Linux because they are attracted by the price. But in the end, they are won over by the reliability, flexibility and scalability of the operating system. Linux is a perfect fit for small business owners because they spend nothing on the operating system or applications, and can therefore better afford to spend money on information technology support, which they typically lack internally.

"For resellers, it's easy to work with, easier to support than Novell NetWare, Microsoft's Windows, or Unix, and it offers excellent opportunities to make money through service and support," says David Sifry, chief technical officer at LinuxCare, a San Francisco, California-based Linux technical support organization. "I can't say that about any other operating system environment."

THE LURE OF LINUX

Despite its grass-roots origins, Linux is a full-fledged operating system providing every feature that would be expected, including true multi-user multi-tasking, virtual memory, shared libraries and TCP/IP networking.

Part of Linux's appeal is that you can make of it what you will. Savvy users can download distributions of Linux from the Internet and tweak them to their liking. They can also download modules and patches as they become available and adjust them to their environment's needs. Because the software source code is freely available, Linux has provided flexibility for early adopters and others who know what they want in an operating system. This is a libertarian approach to assembling a workable operating system, as opposed to Microsoft, which commands by fiat what your operating system will consist of and look like. Other characteristics of the Linux operating system are prompting mainstream enterprise users to take a closer look. For one thing, the price is right - Linux is free.

Linux runs mission-critical software applications. In the corporate world, the more popular applications include Web servers, databases, business-process software, e-mail, and firewall services. Linux's prevalence in science and academia is no surprise. But the operating system environment is also trusted on Internet service providers' servers. It is embedded in firmware for industrial process control applications. It is also a popular choice for corporate network services such as FTP and proxy servers. Its use for DNS and DHCP is growing fast, and advances in Linux's file-and-print support services have enabled moves into that camp as well. With a multi-port modem or serial card, Linux makes an efficient and reliable PPP gateway for dial-up users. There isn't much Linux can't do.

A Linux box is a quick, cheap way to get a company onto the Internet. Products from both Caldera and Red Hat Software are ready to use barely an hour after you open the box. If your needs are basic, just drop your FTP and HTML content into the directories the installation process creates for you, and you're ready for business.

SECURITY IN AN INSECURE WORLD

Linux, with built-in firewalls, proxies, and extensive logging, is more secure than most operating systems' standard configurations. Linux developers take security seriously and tend to issue fixes to security problems within days of a report.

Concerning the topic of communications security and open-source software. Eric S. Raymond writes, "In today's internetworked world, countermeasures against electronic eavesdropping arguably provide an important laboratory model for cases that are decidedly not trivial, such as electronic commerce, securities trading, and banking. Open-source advocates (including me) have been making a strong argument over the last two years that open-source software such as Linux and Apache is fundamentally more secure than its closed-source competitors. Cryptographers have long understood that no encryption system can really be considered well-tested until it has been energetically and repeatedly attacked by experts who have full knowledge of the algorithms it uses. Open-source advocates argue that there is nothing special about cryptography but its high stakes - that, in general, open peer review is the only road to systems which are not merely accidentally secure by obscurity, but robustly secure by design. Opening the software source code to communications programs doesn't create security problems, it merely exposes those that are already present (and exploitable, and for all anyone knows already currently secretly exploited) in the design of the applications. I think one major lesson is simple. It's this: if you want a really secure system, you can't trade away security to get performance. Closing the source of a client may obscure the protocol between client and server, but that won't stop a clever cracker with a packet sniffer and too much time on his hands. The history of computer security is littered with the metaphorical (and in some cases maybe literal) corpses of people who thought security through obscurity was sufficient. Crackers love that kind of naiveté and prey on it ruthlessly. This teaches our most important lesson - that open-source is the key to security because it changes the behavior of developers. Open-source keeps designers honest. By depriving them of the crutch of obscurity, it forces them towards using methods that are provably secure not only against known attacks but against all possible attacks by an intruder with full knowledge of the system and its source code. This is real security, the kind cryptographers and other professional paranoids respect. It's the kind of security the Linux kernel and the Apache Web server have, and the kind people victimized by the Melissa and Chernobyl viruses and Back Orifice and the latest Microsoft-crack-of-the-week don't have. If you're betting your personal privacy or your business's critical functions on the integrity of software, it's the kind of security you want, too. (a) never trust a client program to be honest, (b) you can't have real security if you trade it away to get performance, (c) real security comes not from obscurity but from minimum disclosure and threat monitoring, and most importantly, (d) only open-source can force designers to use provably secure methods. Good security has to be designed as though any code on the client side is open."

Linux is more secure because it is open-source and it enforces a rigorous peer review process. That means that, even if breaches do occur, patches are readily - and freely - available. That leads to quicker fixes. Because it's open-source, it's easier to fix. You can come up with a fix or count upon tens of thousands of other programmers to come up with one. Peer review of Linux means that any holes are caught much faster. People pore over the code, and it's really a matter of looking good in front of your friends. Because vulnerabilities are easier to find, that means simple ones aren't going to pop up someplace. When you post something, you've really got several tens of thousands of pairs of eyes judging you. Peer review in the open-source world comes down to a matter of pride. When a programmer posts a fix, his or her colleagues examine the changes and often offer their own opinions - or even challenges. Linux is virtually virus-free.

The cryptography community has understood for years that security through obscurity doesn't work. Proprietary source code means that only the bad guys see the security holes. There's plenty of real world evidence on this score from CERT bulletins and the history of security holes like the Teardrop and Smurf attacks. Open-source software gets new holes fixed within days, sometimes hours; proprietary source code vendors often leave holes open for months when they acknowledge them at all.

STRAIGHT FROM THE SOURCE

The areas in which Linux excels are performance and breadth of services. For example, Linux enabled me to bring some older legacy systems back into service. In a lab test, I loaded Caldera and Red Hat onto several machines, but I let Red Hat stay on a 133-MHz Dell Pentium system that had been idle for more than a year. Performance was very good, and it made a sidelined system (this system could never have run today's resource-hungry Microsoft Windows) useful again. Even if your system is old, Linux is forgiving.

As for hardware, there isn't much you need to run Linux. Whatever system you've got lying around will likely suffice. Part of the beauty of Linux is its small footprint compared with other operating systems. You can run it on that old 80386 you've got stashed in the back room, or on the latest high-end computer microprocessor.

Linux has proved to scale remarkably well. The kernel is tiny (it still fits on a single 3 1/2-inch floppy disk), the most widely used device drivers have been streamlined from years of tuning by top-notch software developers, and the network services conform to the latest standards, often outperforming their bloated commercial counterparts.

Let's face it: new networking standards are set on Unix, and Linux is closer to that line than Microsoft's Windows. For example, networking standards tend to materialize as software first in Berkeley System Distribution (BSD) Unix, which, like Linux, is primarily supported by a network of independent software developers. New BSD networking code is rapidly ported to Linux. But even proprietary standards such as SMB, NFS and IPX, which were invented by commercial developers, are painstakingly reverse-engineered and brought to Linux. In my tests, I achieved perfectly acceptable performance running SMB, NFS, Web, e-mail, domain naming, DHCP, and dial-up services on the aforementioned Pentium 133-MHz with 64 Mb of RAM. Linux's services have always performed adequately.

APACHE ON A WARPATH

In the all-important area of Web services, Linux does itself proud. The open-source Apache Web server is the number one server on the Internet, according to a Web server survey conducted by Netcraft, a consulting firm in Bath, England. Apache is fast, easy to set up, and does everything you need a Web server to do. And it's still free.

Big companies are finally realizing that groups of hackers can produce superb technology. IBM recently entered into a partnership with the Apache Group, a loose collaboration of twenty open-source software programmers who developed the Apache HTTP Server. The Apache Server has captured over fifty percent of the Web server market and is often used by Internet Service Providers who run Linux. IBM wants to use it as the basis of its WebSphere electronic commerce package. But the only currency the group would accept was IBM's technique to make the server run faster and its pledge to work towards Apache's future development.

IBM declared Apache to be its primary Web server moving forward. Indeed, IBM's biggest growth area of late has been service and support. Why not throw that expertise behind a solution like Apache? "A reason why corporations weren't running Apache for mission-critical applications was because they needed support. We'll provide that function around the clock," says IBM product manager James Barry.

IBM lobbied in 1998 to actively participate in the Apache development process. In fact, Big Blue was kept on hold waiting for more than three months until it finally convinced the Apache group that it had no ill will. "We had to convince them we didn't want to do something counterproductive, like run a different source tree ... We just want to drive the code to make its releases," says IBM's Barry. In less than a half year of involvement, Big Blue went on to cohost the first ever Apache conference and declared Apache its optimal Web server across numerous product lines.

Today's Linux supports multi-processor servers, and you can network it with existing Windows, NetWare, and Macintosh workstations as both a client and a server. Perhaps you haven't seen the new window managers (software incorporated into graphical user interfaces that adorns a window with menus, buttons, and scroll bars) and the free X-Window server, which runs on the new Matrox Millennium G200 card (a high-speed computer board with three-dimensional graphics capabilities and a 128-bit Dual-Bus graphics chip). Almost every element of Linux has changed significantly since 1997. Today's Linux is easier to learn, install, and manage than previous versions. Recent distributions, especially those from Red Hat Software and Caldera, set up many parts of the system for you.

OF MICE AND MINIX

The story of Linux really begins in June 1979 at the Usenix meeting in Toronto, according to Peter Salus, editorial director at Specialized Systems Consultants, Incorporated in Seattle, Washington which publishes the Linux Journal. "The lawyer from AT&T Corporation got up and announced the new pricing structure for AT&T Unix System V," Salus said. "The discounted educational fee was $7,500, and the full commercial fee was $40,000 per central processing unit. You can imagine what the feeling among the guys there was." One of those guys was Andrew Tanenbaum, a professor at a university in Amsterdam. "He couldn't ask a free university to pay that kind of money, but he wanted his students to work with Unix," Salus said. So Tanenbaum wrote Minix, a smaller version of Unix that would run on a minimally configured desktop system. Torvalds began using Minix after becoming frustrated with getting computer time on the university's Digital Equipment Corporation MicroVAX minicomputer.

"Hello everybody out there using minix -

- Linus"

Nikki Itoi writes, "In 1991, a very green but extraordinarily enthusiastic Linus Torvalds began to toy with an idea for a new computer operating system. Mr. Torvalds, then twenty-one years of age, was a Helsinki University student learning about operating systems on the fly. Through newsgroup postings like the one above, he asked early and often for input from his peers, and with contributions from hackers across the globe, his work began to take the shape of an alternative. Little did he know that by 1996, his operating system, called Linux, would strike the fancy of millions of developers and evolve into a reliable, feature-rich substitute for expensive, proprietary operating systems."

But while it was a great teaching tool, Minix really wasn't a fully functioning operating system. It's what Torvalds did in response that was extraordinary. "He was interested in trying to see how an operating system worked by writing one, just as one would learn to ride a bicycle by falling off one. The result was an operating system software kernel that contained the basic Unix components - task-switching, a file system and device drivers. In other words, Linux version 0.02.

Linux may have remained in that early state if it weren't for the Internet, because it was the Internet that got the word out so quickly. Soon after Torvalds mentioned his development to the Minix newsgroup, it was arranged so that Linux would be available to anyone who wanted to download it, for free, over the Internet. Linux was licensed under the Free Software Foundation's GNU General Public License (GPL), meaning that anyone could sell, copy and change the source code, as long as they allowed others to do the same. Unlike other operating system software environments, Linux - including the source code - may be freely copied and distributed as well as freely altered provided that the source code is made available with all subsequent distributions.

With these ground rules, a whole industry has developed that charges for documentation and the media costs of distributing the software and then extends the operating system environment with value-added utilities.

Since any programmer in the world can access the original source code, Linux has undergone more scrutiny and improvements than any other software in the world. In 1994, Linux version 1.0 was released as a full-fledged operating system that included the Linux software kernel, networking support, hundreds of utility programs, development software tools and more.

Fast-forward to the year 2000, when we can safely say that open-source software is no longer exclusively the domain of non-commercial programmers. Mr. Torvalds - now a software engineer working for Transmeta, a semiconductor startup based in Santa Clara, California - taught an invaluable lesson to his more seasoned colleagues in the developer community. Taking what was once called "freeware" and is now more appropriately termed "open-source software" far beyond anyone's wildest imagination, he demonstrated that even with millions of active developers and extremely complex technology, peer-reviewed software development works amazingly well.

A group of vocal open-source software developers - who represent the open-source Linux computer operating system environment, Apache (an open-source HTTP Web server), Perl (an open-source scripting language), Tool Command Language (another open-source scripting language, known as Tcl), and other pieces of liberated software code that have been generated by the voluntary collaboration of developers around the world - have presented a persuasive case to the technology business community for adopting this software development model. Much to their surprise, a lot of leading technology companies, including Netscape, IBM, Sun Microsystems, and Oracle, already have begun to listen.

Today, Version 2.0 of Linux offers 64-bit processing, symmetric multiprocessing and advanced networking capabilities. According to Dataquest, a market research firm in San Jose, California (in the United States of America) the number of companies using Linux grew twenty-seven percent in 1998, and a well-reasoned count of users is fourteen million. In a recent survey of 788 large, small and medium-size organizations in the United States and Canada by International Data Corporation (IDC) in Framingham, Massachusetts, thirteen percent of respondents said they use Linux. It seems obvious that millions of users around the world are sending a message that Linux is a serious platform for serious business.

"Linux is a competitor to Microsoft's Windows and Unix for some server applications," says Dan Kusnetzky, program director for IDC's Operating Environments and Serverware research programs. Major vendors like Oracle Corporation and Netscape Communications Corporation have announced their support, and commercial applications are on the increase. Distributors like Red Hat Software Incorporated and Caldera Systems Incorporated sell versions of Linux that include support.

To be continued ...

Sincerely,
Mark Kuharich

Join my free e-mail newsletter called the Software View by clicking here or by sending an e-mail to thesoftwareview-owner@west-point.org

Sun, Java, and all Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. the Software View is independent of Sun Microsystems, Inc.