Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Red Hat Software Businesses

Red Hat Has a Rocking Week 79

bgarcia writes "There is a PR Newswire story stating that Red Hat and RSA Security have signed an agreement to include RSA's BSAFE SSL software in Red Hat Linux Professional Edition." And Wired tells us Red Hat is coming out with with a new version that improves large system performance and speeds crash recovery. (Click below for more)

Plus, earlier this week we read about the e-commerce product they're working on with Oracle and their rumored Cygnus acquisition. Hot stuff, especially for corporate Linux users.

It looks like Red Hat is back on track, doing great Linux stuff, instead of fooling around with peripheral things like their Linux version of MSNBC (with Salon, The Industry Standard, and The Register jointly playing NBC).

According to a friend of mine who dabbles in the stock market, Red Hat's stock is up nicely as a result of their decision to go back to doing more of what they do best: improving Linux and extending its marketability.

Mazeltov!

This discussion has been archived. No new comments can be posted.

Red Hat Has a Rocking Week

Comments Filter:
  • by Anonymous Coward
    Patented, but they let anyone use it for free.
  • They also released both the beta cycle was completed. The 6.1 installer wasn't ready yet.
  • I think the AC poster was being a wee bit sarcastic, Robin.

    I've had to reboot a Linux machine many times before because of failures.

    On occasion, my sound card will die, and all programs trying to use it will report it's already being used.

    My X server (XFree86) occasionally crashes while starting and won't let me switch over to a virtual console. On my RedHat 6.0 box, I have some problems with random lock-ups.

    XMame (SVGAlib) will nix your display under text mode under quite a few video games. Sometimes even because of a bad command line.

    So, badly designed programs would be happy to crash your system. Linux isn't just the kernel.

  • The world does not revolve around the United States.
  • With all due respect, one might as well say that it is available, but only usable on the moon.

    Hmmm ... I wonder how much money would be needed to setup a server farm on the moon. Obviously lots, but consider the idea of a domain that is actually outside all jurisdictions! Of course the ping time is a bitch, I know, but it wouldn't even be as bad as the original UUCP store and forward-at-night-when-the-rates-are-low days. I suppose we might have to get some patches for time-to-live parameters in the comms stack...

  • This is one of the things I love most about linux (as opposed to, say, windows). I find that about 90% of system freezes can be dealt with safely, and considering that system freezes are pretty rare to begin with, things tend to go smoothly more often than not.

    Isn't this really available in all modern OSes except Microsoft and MacOS 9 or lower? In other words with my NeXT or my Solaris box or any of my Linux machines it's just a given that I can probably get in over the network via telnet and clean up. When my NT box locks up it takes me a couple of microseconds of unpleasant confusion before I realise "Oh yeah, it's that piece of junk" and _try_ and get task manager up - the last resort. Now where Linux does have an edge over some other Unices in my experience is the multiple virtual consoles - oftentimes an X problem just needs a quick trip into VGA mode and I'm all done. Sweet.

    Chris

  • Production quality? its not even working at all yet. Right now, there is no way to read an XFS filesystem in Linux. I suspect it will be at least 6 months before that changes. Most users might be better suited by ext3 or ReiserFS anyway.
  • It definitely isn't. Last time I checked, it didn't even compile.
    Guess they stripped off a few things too much.
    For now, both ext3 and ReiserFS are better choices.
  • Diffie-Hellman is not equivalent to RSA. It's vulnerable to man-in-the-middle attack. There are, however, some free assymetric algorithms that *can* be used - elliptic curves, for instance.

    But the real problem is that many data-exchange standards (SSL, and MP3) *require* you to use patented technology. This is bad - you can't even save your data without violating a patent.
  • just ask NASA, which has multiple unique implementations of all critical systems

    Yeah, centimetres and inches.

  • First, to answer your question: Yes, I have used every RedHat release for the last several years. In fact, I used to exclusively use RedHat. As a systems administrator for an ISP, I think that that qualifies me to say whether or not the releases are acceptable.

    I don't know what your beef can possibly be with 5.2, as that is perhaps the only good release they've done in a long time. Now, I'm not talking about good as in compatibility with Quake or WINE or some stuff like that. I'm talking about pure reliability. And with the exception of polished releases like 4.2 and 5.2, RedHat has not had this in suitable amounts for quite some time.

    One more point in my rant. I attempted to install 6.1 the other day (this is what lead to my conversion), and could not even get the installer to function properly. After spending several hours with it, I continually got installer script errors.

    Short list of horrible RedHat problems of yore

    • Shipping developmental libraries/kernels/etc. with custom patches that make things work. But not quite.
    • Linuxconf (yes, it has improved, but that is a recent thing)
    • 15-20 security patches per version. Yes, they are released quickly, but some auditing would stop the majority of them in the first place.
    • Specifically to RH6.0: GNOME losing preferences constantly, and other related problems

    I could go on and on. And if you could see the redhat-list archives of the last few years, you would see people complaining about the same problems from release to release.

  • With all due respect, one might as well say that it is available, but only usable on the moon.

    What about international waters?
  • What about their announcement to include Motif?
  • The world does not revolve around the United States.

    *ahem*

    To repeat: The fact remains that most of the Internet's bandwidth and business is centered in the US.

    I'm sorry, but today, the Internet does revolve around the US. I am not saying that is good or bad, but it is the truth. Thus, an OSS e-commerce solution that cannot be used inside the US is locked out of the vast majority of the market.

    Next time, before you reply, please read the post you are replying to. Thank you.

  • To tell you the truth, from just the Slashdot article (I've been a bad boy, I didn't actually read the linked articles), it doesn't sound like RedHat is "getting back on track".


    In fact, it sounds like they continue to cater more and more towards corporate users or purchasers of their commercial package. Which is fine, except that they also have a certain responsibility to those of us who AREN'T paying customers. Strange but true.


    Frankly, I think that RedHat is going to be in seriouis trouble once a lot of people realize that they're recent releases (4.0, 5.0, 6.0, 6.1 for instance) are horrible and that the competition (Linux-Mandrake for instance) is way ahead in terms of actually getting things working correctly.


    I've used RedHat for a long, long time now; but the other night I formatted and moved on. First they didn't have the quality to warrant my money, and now they don't have the quality to warrant my bandwidth.

  • "But from 8 bucks to 100+, seems rather overwhelming."

    Reread the earlier post. Up $8... *to* $100..., meaning it went up $8, *not* from $8 to $100.
  • by Anonymous Coward
    The speed thing is because people try out the pre-release ext3, which journals /everything/ not just metadata, which is a speed hit. Metadata-only journalling will be the default for the release versions, AFAIK

  • > The thing I don't like about both distros is the
    > initialization scripts. I would really prefer a
    > *BSD style bootup, rather than that modified
    > SySV thing.


    What you're looking for is Slackware [slackware.com].

    :-)
  • > If you aren't doing that, stop whining.

    Buy a vowel, fella. He wasn't whining. He was stating a fact and offering his support in favor of Red Hat's decision. He went out of his way to be very polite in his statement of facts.

    If anything, you're the one whining with your "The world does not revolve around the US" statement. Duh. If I recall correctly, the world revolves around the sun.

    Thomas Dorris
  • by twdorris ( 29395 ) on Sunday November 14, 1999 @08:25AM (#1535194)
    > Is this just a new version of RSAREF, or what?

    It's RSA's implementation of their crypto algorithms. Here's an example of how one might find one's self in need of this (speaking from unfortunate experience). Let's say you wish to write a monitoring product that will submit queries to a secure web server and check that the applications being accessed are functional. In order to do this, one would need to construct a secure socket. In order to do this, one would need to implement a cipher suite that matches one of the cipher suites supported by the web server being accessed.

    Non of this implies use of RSA algorithms. However, RSA has their own little monopoly thing going where the ONLY cipher suites supported by the Netscape Enterprise webserver and Microsoft's IIS make use of RSA-patented algorithms. :-( This is very unfortunate because RSA can and will charge an arm and a leg, literally, for the privledge of using their super-cool algorithms in a commercial product. Nevermind the fact that they aren't the only game in town with it comes to cryptography.

    It's just very frustrating to be forced into a licensing agreement with a company because they hold a stanglehold on the market. There are plenty of good, FREE crypto algorithms out and about, but this doesn't matter. You can't use them because the webservers you wish to talk to don't support them. I assume RSA forced Netscape and Microsoft into some sort of exclusive arrangement that prevents them from using anything other than RSA stuff, but I don't know that for sure.

    It's just bad business practice and it hurts us all.

    Anyway, the BSAFE SSL-C library allows an application to make use of RSA algorithms over secure socket connections. I just wish Red Hat had also gotten a license for the SSL-J stuff as well...about 90% of my work these days is in Java. Yet another C library that I'd have to write wrappers around in Java just doesn't help me much.

    Thomas Dorris


  • Free use or not, can it be GPL'd if its patented? Wouldn't that mean that if one day they want to collect license fees, I could just take the GPL'd
    source and use taht for free? IANAL.
    • Shipping developmental libraries/kernels/etc. with custom patches that make things work. But not quite.

      I haven't had any real library problems since the 5.1 hump.

    • Linuxconf (yes, it has improved, but that is a recent thing)

      Yes, it has improved, but as far as I can tell, it still mostly sucks. That's ok, it doesn't do anything I needed a GUI tool for anyway, really. I get very nervous and pale when some script is modifying my configuration files anyway... I'd rather use pico as my "GUI admin tool."

    • 15-20 security patches per version.

      How often are they problems unique to RedHat? Linux software in general tends to have frequent security patches, because a great deal of it is still under heavy development. This one's kind of a wash, I think. Also, it depends on what your main use is. If it's a server or a firewall, that needs to be locked down hard, use OpeBSD or something with serious auditing. I think RedHat tries to fill a niche-- multi-use servers, and workstations. Often it's more advantageous to have more recent software, that may be subject to security patching.

    • Specifically to RH6.0: GNOME losing preferences constantly, and other related problems

      I was really disappointed with Gnome 1.0. I think it was rushed to fit onto RH6. That said, Gnome 1.1 solved almost all of the problems I had with it. As of RH 6.0, I'd have said gnome was behind KDE in terms of stability, usability, etc. Now, I'd call it even. And I'll be very surprised if Gnome doesn't continue to gain market share. It's improving a lot faster than KDE, and all in all, I credit RedHat for sticking to their guns on it.

    As for the RH 6.1 installer-- You need to get the update. The first time I tried it (downloaded) I had the same problems. I installed off a CD, and poof! Problems gone. And man, is it ever a nice install. Puts any microsoft product absolutely to shame.

    I firmly believe RH 6.1 is a very, very good release. I'm glad you did know what you were talking about though. Thanks for the examples.

    ----
    Morning gray ignites a twisted mass of colors shapes and sounds

  • that they give some stuff back! (Speed improvements, etc)

    and.. the SSL stuff is really cool. e-commerce is a big key right now.
  • oops.

    I missed the part in the wired article about releasing the source to their changes.

    Sorry about that.
  • by schani ( 8889 ) on Sunday November 14, 1999 @04:07AM (#1535200) Homepage
    As far as I understand it, the RSA software will not be released as Free Software (am I wrong?). If this is in fact the case, then RedHat is actively supporting the development of proprietary software. The question is: is this a Good Thing? I seriously doubt it.

    bye
    schani
  • are they gonna push ext3 or one of the others reported in here last week hmmmmm...
    ill take clues for 100 please jim...
    im sure the deveolpers of the other file would kinda like to know tot, do you suppose??
  • Although Red Hat didn't announce a date for the new version's release, investors reacted happily, bumping the stock up US$8.25 to $103.50 per share.

    Okay, my biggest question, as I know nothing financial, is how I am to assume this reaction. Now, my guess being that investors and stockholders are typically ignorant, and are simply reacting to promises of 'making the fad even more', taking a niche market and exploiting it until it catches on, but I could be completely wrong.

    However, I think the addition of Intel 64-bit support as well as the inclusion of a journalling file system (Wired didn't tell me which one, does anybody know?), is a Good Thing. With Linux getting more and more support, and easier to operate with X, even those more accustomed to NT are finally falling prey to its lure.

  • Consider that there continues to be no open-source alternative at the strength and dependibility of the RSA product. Consider also that this is an area key to the viability of Linux as a serious alternative operating system.

    Sure there is. OpenSSL [openssl.org]. It's just not usable in the US (at least for commercial use, and only if you use RSAREF), because of stupid software patents.

    But next year, the patent *finally* goes away, and we should be able to use OpenSSL at long last.

    Argh. Software patents suck!

    --
    Interested in XFMail? New XFMail home page [slappy.org]

  • by Skyshadow ( 508 ) on Sunday November 14, 1999 @04:23AM (#1535205) Homepage
    Well, I prefer to look at it this way:

    Consider that there continues to be no open-source alternative at the strength and dependibility of the RSA product. Consider also that this is an area key to the viability of Linux as a serious alternative operating system.

    In other words, consider this a stopgap. I've noticed that OSS is normally better than the proprietary alternatives and can evolve at a staggering rate (witness KDE and Gnome), but they don't always do so. So, in order to not be viewed as falling behind, we need to get something in place until the OSS products catch up.

    It's also worth considering that commercial software is a good solution is some cases (note: this is not necessarily one of them). For example, the OSS paradigm has yet to produce a really killer game (except, of course, xBill), a good set of office applications or a competetive financial app (yeah, I know, GNUCash. It doesn't hold a candle to MS Money).

    Free software is a good development alternative because the end products are generally superior. I pride myself on being able to choose the superior solution, both for myself and for the people I work or consult for. Red Hat's partnering with RSA and use of their product puts them at the head of the pack, and that's what really counts.

    ----

  • Actually, GNU textutils, which is AFAICS completely GPL'd, contains MD5 code which RSA have also patented I believe.
  • Well, considering that reiserfs is the only journaling file system in any state which permits its release to the public, I think it's probably a safe bet that it'll be reiserfs. ext3 just has journaling, and it's reportedly extremely slow, and I don't know how far along XFS is.
  • I'm not sure that this is ignorance on the part of stockholders. A company's valuation includes future earnings -- and many investors (I am not currently a stockholder in RHAT) believe that the company's current valuation of $7.004 billion well represents the company's future. I haven't sat down and looked at all the numbers myself, and my gut is that that figure is a little high, but it seems to me to be a safe bet that RedHat will eventually be profitable.

    Deals like these reinforce my opinion that RedHat is firmly set on making a profit -- and despite much of the rhetoric on /., that's a fine thing to do, as long as it's balanced, and I think they've shown that they're planning on staying true to their Open Source roots for a long time. I think a lot of investors have been or still are waiting to see if Linux will be truly commercially viable (I know, I know, but don't preach to the choir!) and these jumps are typically people who are finally convinced, to whatever degree, that RedHat might actually someday make a profit.

  • Sure there is. OpenSSL. It's just not usable in the US, because of stupid software patents.

    With all due respect, one might as well say that it is available, but only usable on the moon.

    I am a huge Linux fan, and I hate stupid software patents as much as the next guy, but the fact remains that most of the Internet's bandwidth and business is centered in the US.

    Until that patent expires, I think Red Hat has made a good move.
  • According to a friend of mine who dabbles in the stock market, Red Hat's stock is up nicely as a result of their decision to go back to doing more of what they do best: improving Linux and extending its marketability.

    I wouldn't say that. RHAT settled in the $80-$85 range about a month ago, and hasn't moved either way with a comparatively low trading volume. That was until the Microsoft decision came down. On Monday after the decision, the stock jumped $16 to about $105. It's been a bit volatile this week, with heavier than normal trading volume.

    It looks to me like the stock is going to settle again in the $95-$100 range. Those PR announcements regarding RSA and ReiserFS did not appear to be much of a factor. In fact, Yahoo reported that the RSA announcement was more of a factor on RSA's stock, then anything else.

    This does appear to be an interesting pattern: announcements of some RHAT deal or partnership having very little effect on RHAT stock, but causing a rally in the other company's stock.
    --

  • Dan Kaminsky writes: "Ever since RSA insisted that PGP not use its independantly developed implementations of public key technology, and rather switch to the RSA codebase, I've been unable to trust BSAFE."

    Good point. If the same reasoning should lead anyone to distrust the US version of PGP, consider using PGPi, the International version of PGP (available from http://www.pgpi.com/ [pgpi.com]). It is Open Source and includes the source code to the RSA algorithm (and everything else in PGPi, of course). Being Open Source, it's very likely not RSA's implementation of the algorithm.

  • by Zoltar ( 24850 ) on Sunday November 14, 1999 @05:06AM (#1535214)
    These are crucial times for Redhat. I'm glad to see they are using the newfound $$$ to address the needs that many Fortune 500 Co.'s see as important for a commercial server.

    I am currently reading a book called "Insanely Great" by Steven Levy. The book takes a look at Apple in the early days, and the development of the Macintosh. One of the issues it talks about is the changes Apple went through after they went public.

    Many suits and professional manegement types were brought in to deal with the needs of a rapidly growing company. This of course clashed with the free-flowing free-spirit atmosphere that Apple started with. Creativity doesn't always mix well with Suits and endless meetings and paperwork. (One could make the point this was part of the downward slide of Netscape.)

    IMHO this is probably something RedHat is dealing with now. I would be interested in hearing from some employees at RedHat about how this transition is going. What is the atmosphere like ?
  • These things do happen. The worst, by far, are X lockups, which can in fact freeze the whole system. I've also has IRQ conflicts freeze the system (usually when something else tries to use the same IRQ as a disk controller-- that's bad news).

    The good news, though, is that most application crashes can be recovered from without a hard restart. If you have another machine around, you can often telnet or ssh into your frozen box, even if the keyboard and console are giving you no love. It appears to be possible for apps to lock up your input devices without freezing the rest of the system. So just telnet in, su to root, and check out the process table to see what's got your system in a headlock. Sometimes you have to do more drastic things, like /sbin/init 3 (I run in 5, ususally), or /sbin/init 6 to reboot, if you can't figure out any other way to unlock the thing. This does force a reboot, but at least it'll shut down clean and come back up without fsck'ing. It also gives you a chance to warn people and put the system in a reasonable state.

    This is one of the things I love most about linux (as opposed to, say, windows). I find that about 90% of system freezes can be dealt with safely, and considering that system freezes are pretty rare to begin with, things tend to go smoothly more often than not.

    ----
    Morning gray ignites a twisted mass of colors shapes and sounds

  • by um... Lucas ( 13147 ) on Sunday November 14, 1999 @09:35AM (#1535216) Journal
    You're not an "insider". Just a programmer. If may be a different case if you were working for Redhat on some secretive project. But you're not. Even then, you'd probably be in the clear, because a software project on it's own is not going to have a DEFINITE impact on a single companies stock price. The work you're doing is presumably in the open, and even if it's not, you have no guarentees that Redhat or any other company is going to adopt whatever you've done.

    Insider trading is mainly enforced when:
    1 - Someone (CEO, CFO, buddy of a guy in accounting) finds that the company is going to produce a larger than expected loss and sells their stock before that information is disclosed to the rest of the investing public.

    2 - Someone again involved with the company in some way, finds that they're about to take over another company, and buys up stock in the second company knowing that it's about to be bought out, but prior to it becoming general knowledge.
  • by kuro5hin ( 8501 ) on Sunday November 14, 1999 @09:44AM (#1535218) Homepage
    ...once a lot of people realize that they're recent releases (4.0, 5.0, 6.0, 6.1 for instance) are horrible and that the competition (Linux-Mandrake for instance) is way ahead in terms of actually getting things working correctly.

    Have you used any of these products? I've used all of them, and uniformly, the ones you mention have been the best distro's available when they were released. I have a feeling that you're just talking smack, because if you had any idea what you were talking about, you wouldn't have pointed at the good releases as examples of how bad redhat is.

    In fact, they have had some weak releases. 5.1 and 5.2 leap to mind as miserable piles of crap. Even this was not really redhat's fault, since both of these were released in the midst of the general libc5->glibc->glibc2 shuffling, not to even mention all the gtk incompatibilities. Basically, the 5 series is not particularly strong. They did the best they could with what was available, though, and 5.0 is not bad.

    6.0 and 6.1 in particular, I've found to be outstanding. 6.1 especially. For a .1 version number, it has a lot of nice improvements. I installed it on a Toshiba Satellite laptop two days ago, expecting lots of problems, and had none whatsoever. It just works, beautifully.

    RedHat continues to gain market share because they put out the most balanced distribution. Debian hobbles themselves with Free Software fanatacism (NOT that this is a bad thing, they just serve a different market sector, and one that is not likely to ever be the majority), SuSe, I've found, tends to run behind the curve in terms of functionality (SuSe 6.0 included ancient versions of KDE and Gnome, not to even mention WindowMaker). and tries to make up for it by piling everything under the sun onto their 6 CD's. And slackware... well, never mind.

    I'm sure mandrake is a good distro. It's redhat. You simply can't have mandrake be really good and redhat be really bad. It doesn't make any sense!

    Anyway, this wasn't supposed to be a "my distro's better than yours" flame. I just see a lot of this "RedHat sucks" talk around, and it mystifies me. Where is the great distro that puts redhat to shame, if it's so bad? And why have I not had these "horrible problems" with it that no one ever specifically names? I don't know...

    ----
    Morning gray ignites a twisted mass of colors shapes and sounds

  • Should RedHat really be doing all these "changes" to the kernel and applications now? Are we going to be stuck with another horrible standard like RPM? Which, by the way, no matter how good you say it is, it's still the wrong way to do it.

    I think RedHat is getting a big head over this whole IPO thing. I don't really think them buying Cygnus is a GoodThing(tm) either. egcs has been incorporated into the FreeBSD source tree. RedHat's software has never been know to be even remotely portable. (Trust me. I've tried it) What will happen when RedHat starts "making changes" to the egcs code base? Are we going to end up with a compiler that only works with the Linux 2.3.78-ac256 kernel?
  • by Jamie Zawinski ( 775 ) <jwz@jwz.org> on Sunday November 14, 1999 @10:34AM (#1535221) Homepage
    It's just bad business practice and it hurts us all.

    Well, it doesn't hurt RSA. Monopolies, de-facto and otherwise, are very profitable.

    And important thing to note here is that this is not an example of the patent system breaking down: this is an example of the patent system working as intended. A patent is a grant of a time-limited monopoly, with the condition of full disclosure of the technique. The US government granted RSA a monopoly on these algorithms, and so it's not terribly surprising that they've been able to parlay that into market domination.

    I point this out because it's important to understand the differences between bad things that happen when the patent system is working as intended, versus when it's not working as intended. Most of the time, the patent-related complaints we hear are about bogus patents, patents that were obvious or trivial or already in the prior art. Those are examples of the patent system breaking down.

    But if you fixed the problems at the patent office that caused bogus patents to be issued, and caused the patent office to execute their mandate correctly, situations like the RSA one would still occur.

    In other words, if you're against the recent Amazon patent, you're against stupid patents. If you're against the RSA patents, you're against software patents.

  • I guess I may have phrased my question wrong. Let me try again.(ahem)

    "Does convincing a bunch of stockholders and investors that RedHat is going to turn a profit, mean that RedHat is going to turn a profit?" Actually, even my rephrasing of the question is bad. My thinking is, that investors are just jumping on the band-wagon, and I don't mind that, I really don't. But from 8 bucks to 100+, seems rather overwhelming.

    Are they jumping on the bandwagon, and possibly (at least in my estimation) being "not-so-technically-sound", are they reacting to hype? Yes the support for Intel 64-bit procs is good, yes a journalling file system is good, but still, this isn't exactly a revolutionary thing, at least not to me. But is it to them??? I dunno...

    In summation, I've done a terrible job of asking my question, but not knowing anything of investing, or big business money, I'm doing my very best.

    Thanks...
  • by StormCrow99 ( 18611 ) on Sunday November 14, 1999 @05:21AM (#1535224)
    BSAFE is a commercial toolkit from RSA used for integrating RSA's patented algo's into software. I can not speak on the quality of this library, but I am under the impression that if you want to include RSA's algorithms in your program and sell it in the USA, you need to buy a copy of this toolkit and use their (RSA's) implementations of their algorithms. For more info click here [rsasecurity.com]

    I don't understand the importance of this inclusion as I figured that it was already in their secure server version. As far as I understand RSA will not allow you to license their stuff in the USA without it's use.

  • by Anonymous Coward
    ext3. It is, after all, the one developed by a RH
    employee.

    Counter to the claims others are making, I've found ext3 to be quite fast. It also has the advantage of being much more "standard" (in that you can convert existing filesystems to it, etc.).
  • The beta was widely publicized - did you help to fix before the release?

    I'll agree, though, that there were a few errors that probably shouldn't have crept in there. :)

    ----

  • My understanding is the RSA issue is primarily a legal one. There are stronger algorithms which were developed in western Canada and overseas in Ireland which aren't allowed to be used in software distributed in US/Canada.

    If you try to download their encryption, you are directed to RSAs US-based website.
  • RedHat has always provided options to buy commercial software packaged with RedHat Linux. RedHat has been providing Motif for years, also CDE, in addition to the non-free examples mentioned in the previous post.

    I think that it's perfectly legit (i.e. non-hypocritical) for RedHat to sell their basic RedHat Linux system, which comprises all free software, and then to additionally sell more commercialized versions which include non-free software.

    Note that RedHat has in the past included non-free software on their CDs, but it's only on the CD that you buy (i.e. it's not available via FTP), and it has been non-core parts of the OS. (The flak over KDE was because KDE was a core OS component, and therefore it was dangerous to support it.)
    ----------

  • by Effugas ( 2378 ) on Sunday November 14, 1999 @05:49AM (#1535232) Homepage
    Something just doesn't sit right between BSAFE and I.

    Ever since RSA insisted that PGP not use its independantly developed implementations of public key technology, and rather switch to the RSA codebase, I've been unable to trust BSAFE.

    After all--we know the design justifications behind everything in the original version of PGP, and the various algorithms contained with SSLeay. I can't imagine how I could ever have the same kind of faith in a company whose very existence is dependant upon the agencies whose primary agenda is to stifle the spread of encryption technologies.

    Protocols are proved by unique implementations--just ask NASA, which has multiple unique implementations of all critical systems, so a major bug in one doesn't cause the primary mission to fail. That RSA Inc. specifically tries to suppress unique implementations tells me that any software based on their code is unproved.

    That's my opinion, and I'm sticking to it.

    Yours Truly,

    Dan Kaminsky
    DoxPara Research
    http://www.doxpara.com
  • I've never had a crash caused by Linux, but I've had more than a few caused by power outages, hardware failures, and other "outside" factors. The ability to recover from these problems without going through a bunch of fsck dancing sounds like a damned good idea to me even for my little home setup. If I were running a commercial high-reliability network, self-recovering Linux would make my heart sing.

    -Robin

  • Um, whether you or I like it or not, the world of business, commerce, and the internet DOES currently revolve around the largest economy on the earth, that being the USA. By the way, as a Canadian I am not especially fond of this fact. But it is a fact. Accept it.
  • by Anonymous Coward
    There is a very simple solution to your problem. Try FreeBSD and you might see the light.... Try SOlaris and you might see the light(well maybe not).Try debian and you might see the light. That is BEUTY of the thing. You have a VERY large number of choises you can use. And that is why there is so much competition. And that is why in the LONG run if redhat or mandrake or ANY other distro is not living up to the hype, they will either fade away or Make their products even better.
  • Why is it everyone's all bent out of shape about RSA's patents??? They did discover their algorithm.

    IF someone else had first, then they couldn't be awarded the patent.

    IF someone else had devised a suitable alternative, then you'd be free to use that implementation as well or instead of.

    The truth is they spent a lot of time in developing and testing (read: INVENTING) their algorithm. That time could have been spent in a more risk-free setting, working on already "proven" technologies. Would we be better off? Would their technology ever have made it past the intellegence community and to us? Doubtfully.

    Patents are here to protect the inventors. Some companies abuse them, by letting their implentations be subject to widespread use prior to notifying users of their intent to collect royalties, like Unisys and LZW. RSA has always charged fees to use their products.

    If patents hadn't been around to protect theirs and countless other inventions, I doubt that even computers as they are today would have been possible. Why would someone want to take the risk of spending huge amounts of time and money on a project only to allow others to profit from it?

    By the way, isn't Diffie-Hellman considered equivilant? Why don't you people simply use that? Apache's opensource, Netscape fully documents their API's, and Microsoft provides enough access to theirs so that you could make plug-ins for all the major servers. Likewise for browsers. Or is it that RSA's implentation is more proven?
  • Why not XFS? Is it not production-quality yet? (Would surprise me if it isn't.)
  • >Frankly, I think that RedHat is going to be in
    >seriouis trouble once a lot of people realize
    >that they're recent releases (4.0, 5.0, 6.0, 6.1
    >for instance) are horrible and that the
    >competition (Linux-Mandrake for instance) is way
    >ahead in terms of actually getting things working
    >correctly.

    I have installed both RedHat and Mandrake's 6.0 (i386) releases on a number of machines, including laptops. I have found RedHat's distro to be much better than Mandrake's in terms of things working correctly. For example, Mandrake 6.0 has a problem where filesystems may not be unmounted correctly during system shutdown. I think this is an issue with Mandrake's 2.2.9 kernel, as when I use the Mandrake kernel source rpms on a RedHat system and compile a kernel, the problem will occur on that system. A "regular?" 2.2.9 kernel does not have this issue.
    Linux-Mandrake's advantage, IMHO, is that it has some useful packages that aren't included in RedHat's distro (some of these made it into 6.1, rock on RedHat!) and it has some nice updated versions of others. My solution to this has been to install the less buggy RedHat, and do some upgrades from the Mandrake CD.

    The thing I don't like about both distros is the initialization scripts. I would really prefer a *BSD style bootup, rather than that modified SySV thing.
  • >> It's just bad business practice and it
    >> hurts us all.

    > Well, it doesn't hurt RSA. Monopolies,
    > de-facto and otherwise, are very profitable.

    I don't consider RSA a member of the set "us". I still believe their business practice has hurt "us" all. The term "us" in this case means all software developers just trying to implement a set of project requirements. There is no good reason why I HAVE to use an RSA algorithm to talk to a secure web server. There is only one reason, a very stupid one at that, that forces me to do this... RSA has bullied itself into market dominance. And until their crazy little patent expires, development on other similar algorithms has been hindered. Granted, there are plenty of other alternatives that have been developed despite RSA's position, but until most major browsers *and* servers support these alternatives, I contend that their development has been hampered greatly.

    > In other words, if you're against the recent
    > Amazon patent, you're against stupid patents.
    > If you're against the RSA patents, you're
    > against software patents.

    For the record, I didn't say I was against the RSA patent; just their business practice. I believe RSA has a valid claim to their particular way of approaching encryption. I think they have every right to patent that idea. And if anyone wants to mangle data according to their specification, then they should feel obligated to pay RSA for that right. What I'm against, however, is the fact that RSA used that single, annoying little patent to stiffle deployment and, I'm sure to some extent, development of more robust, open solutions to the same problem. That's RSA's fault...not the patent office.

    Thomas Dorris
  • Organizations usually protect their patents from expiration by securing similar/dependent patents that expire at different times.

  • We're definitely including ext3, and experimenting with ReiserFS.
  • There were a couple of bugs in 6.1 (tight release schedule) - most of the known ones have been fixed by now. Did you download the updated boot images?
  • by Hobbex ( 41473 ) on Sunday November 14, 1999 @05:56AM (#1535245)

    In my mind RSA is not a company that stands for open solutions. They have horded patents for the last 17 years that allowed them to monopolize the whole concept of assymetric crypto, and even attempted to keep some of their symmetric algorithms as trade secrets.

    You could claim that it is more their fault than anything else that crypto didn't become reality for the common man until the last couple of years (though, before I get flamed, they also did make many great discoverees).

    I'm not sure I'm happy to see Redhat in bed with them..

    -
    We cannot reason ourselves out of our basic irrationality. All we can do is learn the art of being irrational in a reasonable way.
  • Red Hat had a lot of momentum going last week after the finding of fact for Micros~1. It jumped something like 15 points the day it was announced. Red Hat is a market sweetheart right now, getting a ton of financial publicity, and people (not just geeks) are being very sensitive to ANY reason to put money into RHAT.

    IMHO that's why a relatively minor announcement kicked the stock price (hence, valuation of the company) up ~10%.

    discordia
  • Redhat paid fees to RSA quite some time ago and has been passing along the result in the "Secure" and "Commerce" (now called "Professional") editions of its distro since at least 5.2. They use the same mod_ssl and openSSL packages you can download for free but aren't legally allowed to use for commercial deployment in North America.

    Redhat is paying RSA's "toll" for using their patented algorithms in North America. In other words, they make it legal for commercial sites in the US to run Apache with mod_ssl, making for a cheap, first-rate alternative to Raven or Stronghold.

    As far as I can tell, this PR blitz is mostly RSA stock trying to ride in Redhat's jetstream.
  • by Weezul ( 52464 ) on Sunday November 14, 1999 @06:13AM (#1535248)
    The rummor is that ths announcment did not really have much influence on RedHat's stock, but as the investors become more clueful over time we may even begin to see open source announcment have an effect on stock price. My question is:

    The Law regulates what the CEO, etc. do with their stock to make a quick buck, but do these laws say anything about somebody not even imployed by the company? i.e. If some open source project I am quietly working on is going to bump up RedHat stock assuming I release it with optimal timing and lots of fanfair.. is there anyhting to keep me from casing in on the jump in stock price?

    I know currently the release of open source projects appears to have no influence n stock prices, but this could change.. and with improvments to especially relivant programs like Apache, Samba, or the Kernel this is not impossible.

    Jeff
  • by Anonymous Coward
    MIT's patent on the RSA algo is due to expire, meaning RSA Security will no longer hold an exclusive license. Knowing they will have to compete in an open market in the near future, it is to their bennefit to put BSAFE SSL in front of the crowd that uses the most popular web server on the internet, Apache.

    Its good buisness to get ahead of future competitors.

A person with one watch knows what time it is; a person with two watches is never sure. Proverb

Working...