The SLUUG Cronicle

June 2003

St. Louis UNIX Users Group


HTML version: http://www.sluug.org/cronicle/




Table of Contents



Calendar of Events

Jun  2 Mon StlAdvLUG 7:00pm-11:00pm
Jun  3 Tue Gateway JUG 6:00pm-8:00pm
Jun  3 Tue MOSLUG 7:00pm-11:00pm
Jun  5 Thu SILUG - O'Fallon 7:00pm-9:00pm
Jun 10 Tue CCSL Dinner Meeting ($ - RSVP) 5:30pm-
  TOPIC: Selling with Attitude
Jun 10 Tue GAMUG 7:00pm-
Jun 10 Tue LUCI - Newbie Night 7:00pm-9:00pm
Jun 11 Wed SLUUG 6:30pm-9:00pm
  TUTORIAL: Security Part 2
  TOPIC: Agile Software Development
Jun 12 Thu St. Louis Java Users Group 6:30pm-8:00pm
Jun 14 Sat Flag Day -
Jun 15 Sun Fathers' Day -
Jun 16 Mon SLUUG - Steering Committee 6:00pm-8:30pm
Jun 16 Mon SILUG - Carbondale 7:00pm-9:00pm
Jun 17 Tue STLWEBDEV (NOTE: NEW Location) 6:30pm-9:00pm
Jun 19 Thu St. Louis LUG 7:00pm-9:00pm
  TOPIC: Threads
Jun 21 Sun First Day of Summer -
Jun 22 Sun CWE-LUG (NOTE: Not 3rd Sunday) 1:00pm-5:00pm
Jun 24 Tue LUCI 7:00pm-9:00pm
Jun 24 Tue Hazelwood LUG 6:30pm-9:00pm
Jun 26 Thu St. Charles LUG 6:30pm-9:00pm
 

NOTE: More information on these groups, including locations and web sites, can be found in the "Meeting Locations" section below.


Next General Meeting is Wednesday, June 11


6:30 pm Tutorial Security, Part 2 by Christine Wanta
7:00 pm Announcements Standard Introductions & Procedures
7:05 pm Q & A An opportunity to ask technical questions
7:15 pm Break Social, off-line conversations, book sales
7:30 pm Presentation Agile Software Development by Brian Button



Tutorial

Security, Part 2
by Christine Wanta

Abstract:

This is the second part of a two-part tutorial on security. The first part highlighted technical essentials for the newbie, terminology of the basics areas of security, network, system, and physical environments. This second part will look at prevention and what to do when you've been hacked. Christine will attempt to cover the components that make up a system and highlight primary areas of concern.

Bio:

Christine Wanta has been in the IT industry over 20 years. She has worked in a variety of positions, including creating a consulting firm. She has worked with a variety of systems including VMS, Windows and UNIX platforms, and heterogenous networked environments, and has supported a variety of applications including object-oriented designs, databases, proprietary software support, performance analysis and more. She was recruited as a certification writer for the Usenix/SAGE certification program in 2000.

Christine has been an active member of SLUUG for over a decade and currently acts as president. If you are 'impressed' into a project or positions within SLUUG, you probably have Christine nudging you.



Presentation

Agile Software Development
by Brian Button

Abstract:

Agile Programming is a set of methodologies intended to enhance and speed up program development. Extreme Programming (XP) is the most popular, but only one of the Agile Programming methods. Agile Programming focuses on agility and flexibility, realizing that things change throughout the lifetime of a project.

Since the end of the tech boom cycle, corporate software development organizations have been shrinking. These groups are usually cost centers in large companies, and are one of the first groups cut during tough times. Despite this fact, these same companies are demanding a steady stream of new applications from these groups. And each new application must justify itself by providing a rapid return on the corporate investment in them.

Starting from first principles, Brian will evolve and describe a software development methodology tailored to deliver value in the tech environment in which we live today. He will discuss the principles behind the Agile Software movement and describe how one particular methodology, Extreme Programming, produces teams and projects that thrive in today's economy. Brian will give an overview of Extreme Programming and then focus on how following the XP Developer Practices (Simple Design, Pair Programming, Test First Design, and Refactoring) leads to teams that create amazingly high quality software in short iterations, and have a great time doing it.

Bio:

Brian Button is the co-founder of the St. Louis Extreme Programming users group (XpStl). He is also founder and principal consultant at Agile Solutions Group, a software improvement company that works with small to medium sized companies, generally those who don't write software as their business, but need software for their business. He teaches them how to save money through better management and implementation techniques.

Brian has over 15 years of industry experience as a developer and as a leader. Brian is very experienced in introducing and implementing Extreme Programming in many organizations, handling the entire transition efforts himself. His technical qualifications include 10 years experience in Object Oriented Design and Programming and C++, 5 years experience in Java. He has presented at conferences, written articles for national publications, and is well known in his field as an instructor, consultant, and mentor.

Prior to forming Agile Solutions Group, Brian was a Senior Consultant at Object Mentor, Inc. In this role, Brian functioned as the architect for several 3-tier web-enabled projects, taught numerous classes worldwide in C++, Java, basic and advanced Object Oriented Development, Test Driven Development, and Extreme Programming, mentored hundreds of programmers into becoming better developers, and transitioned several large organizations to Agile Development and Extreme Programming.

Ideas, questions and suggestions are welcome; please contact Scott Granneman (presentations@sluug.org).



Book Sales

The O'Reilly and Associates line of books is available at each monthly general meeting as a convenience to our members. Proceeds from the book sales go toward running the organization. Most months we feature special offers on titles related to that month's presentation or tutorial topic. Discounts off retail prices are offered to all attendees.

Books that are not available at the meetings may be ordered to be picked up at the next SLUUG general meeting. Contact Sue Hurst (booksales@sluug.org).

June Special:

Books with a red sticker
(discontinued titles and older editions)
- 70% off
Books on special - 30% off
All other books - 25% off


Next St. Louis LUG Meeting Is June 19

Threads
by Rich Seibel

Abstract:

Have you looked at Red Hat 9 and wondered what the heck NPTL is? For that matter, what are threads and why should I care? If you have, then this Linux meeting is for you. Rich will start with the basics of threads -- how they differ from process, and why they are used. He will discuss the benefits and problems encountered when building treaded programs. The differences between NPTL (Native POSIX Thread Library) and the Linux threads currently in use will then be covered.

Bio:

Rich Seibel is Senior Software Engineer at Object Computing Inc.

Rich earned his Bachelor of Science degree in Electrical Engineering at Purdue University in 1966. He started out maintaining computers 25 years ago and moved into software and training. Some of his accomplishments include the design of computer hardware, computer languages, compilers, and operating systems. Rich has tracked technology in processors and communications, consulted in the areas of distributed processing, user interface and telecommunications, and developed software for client server systems.

Rich is currently working with an Open Source middleware package called ACE, which is used for building distributed software using the Object-Oriented paradigm. Rich teaches a 4-day intensive course on ACE, and several UNIX courses.

Comments, questions, and ideas for the St. Louis Linux Users Group are welcome; please send email to linux@sluug.org.



Meeting Locations

SLUUG - St. Louis UNIX Users Group (http://www.sluug.org)
General Meeting

Meets the 2nd Wednesday of the month, 6:30pm to 9:00pm. Free and open to the public. For the year 2003, we are meeting at:

Graybar Electric Co, Inc.
11885 Lackland Rd.
St. Louis, MO 63146

Directions: Take I-270 to Page east. Take first exit (Concourse). Turn right at stop light (Lackland). Turn right at stop light into Graybar parking lot. Enter building at main entrance and sign in with security guard. Proceed down 1 level to lake level and cafateria training room.

Map:   http://www.mapquest.com/maps/map.adp?address=11885+Lackland&zipcode=63146

SLUUG - St. Louis UNIX Users Group (http://www.sluug.org)
Steering Committee

Meets the Monday following the 2nd Wednesday of the month, 6:15pm to 8:30pm. Open to the public. This is where we make decisions on what topics to cover and other administration of the group. If you want to get involved, this is a good place to start. We now meet at:

The Commonspace
615 N Grand Blvd (between the Fox and Powell Symphony)
Saint Louis, MO 63103

Map:   http://maps.yahoo.com/py/maps.py?addr=615+N+Grand&csz=63103

St. Louis Linux Users Group (STLLUG) (http://www.stllinux.org)

Meets the 3rd Thursday of each month, 7:00pm to 9:00pm. The room is reserved starting at 6:00pm. (Ask a librarian to let you in if it is locked.) Members are encouraged to come early to mingle and/or give informal demos or presentations. Free and open to the public. (Formerly known as the Linux SIG.)

Indian Trails Library
8400 Delport Drive (at Midland)
St. Louis, MO
Directions:   Take I-170 to Page east. Turn left at North-South. Turn left at Midland. Drive 2 blocks and turn left on Delport. The library is on your left.

Map:   http://www.stllinux.org/directions/

St. Charles LUG (http://www.sluug.org/~stclug)

We expect that meetings will usually be held at 6:30pm to 9:00pm on the 4th Thursday of each month, except during December, which will probably not have a meeting.
This is a SIG of SLUUG, intended for all Linux users in the Western and Northern parts of the greater metro area.

Ponderosa
513 South Main St. (just north of I-70)
O'Fallon, MO

Hazelwood LUG (http://www.sluug.org/~hzlug)

Generally meets the 4th Tuesday of each month, 6:30pm to 9:00pm. Free and open to the public. This is a SIG of SLUUG, intended for Linux newbies.

Prairie Commons Library
915 Utz Lane (between Howdershell and Dunn)
Hazelwood, MO

CWE-LUG - Central West End LUG (http://www.sluug.org/~cwelug/)

Generally meets on the third Sunday of the month from 1:00pm to 5:00pm. Meetings are now held at the ACLU building.

ACLU
4557 Laclede (just east of Euclid)
St Louis, MO 63108

Advanced LUG (http://www.stladvlug.org/)

Meetings are held on the first Monday of each month. This group is intended to be a venue for advanced topics as well as a time to work on Open Source projects as a group. Free and open to the public.

WDT Solutions
9450 Manchester, Suite 204
Rock Hill, MO

MOSLUG - MO Open Source LUG (http://www.moslug.org/)

Meets on the 1st Tuesday of the month, from 7:00pm to 11:00pm. Meetings are free and open to everyone. This is a Linux Users Group (LUG) for all levels, from new beginners to the more advanced users.

Culpeppers Restaurant (basement)
312 S. Kirkwood Road
Kirkwood, MO 63122

STLBSD - St. Louis BSD Users (http://www.stlbsd.org)

Just started holding official meetings, but no regular schedule yet. Also look for guys with little red daemons on their shirts at SLUUG and LUG meetings.

St. Louis Java Users Group (http://www.ociweb.com/javasig/)

Meets the 2nd Thursday of every month, 6:30pm to 8:00pm. Attendance is free, and you do not need to sign up -- just show up.

CityPlace One Auditorium
One City Place
Creve Coeur, MO 63141

Gateway JUG (Java Users Group) (http://www.gatewayjug.org/)

Meets 6:00pm to 8:00pm. Meets on the 1st Tuesday of the month. Please RSVP if you would like to attend.

Maryville Technologies
540 Maryville Centre Dr., Suite 300
St. Louis, MO 63141

STLWEBDEV - St. Louis Web Developers (http://www.stlwebdev.org)

Meets the 3rd Tuesday of the month from 6:30pm to 9:00pm. Meetings are free and open to everyone. This is an open group to facilitate communications between diverse professions involved in Internet/Intranet design and development. STLWEBDEV is also the St. Louis chapter of the International Webmasters Association and the HTML Writers Guild (IWA-HWG).

Savvis Communications (across from Maryville Centre)
1 Savvis Parkway (near I-64 and 141)
Chesterfield, MO 63017

GAMUG - Gateway Area Macintosh Users Group (http://www.gamug.org)

Meets the 2nd Tuesday of every month at 7:00pm. GAMUG has a number of active SIGs, so be sure to check out their web site. Of special interest is the Mac OS X SIG (which meets in Fenton). Membership is $30 a year for individuals.

Parkway Central High School
369 N. Woods Mill Rd. (Hwy. 141, between Olive and Ladue)
Chesterfield, MO 63017

CCSL - Computer Consultants of St. Louis (http://www.ccsl.org)
Monthly Dinner Meeting

Meetings are held the second Tuesday of each month at Cheshire Inn. RESERVATIONS ARE REQUIRED. Cost is $20 for members, $25 for non-members. Call 314-995-4652 (by the previous Friday) or email meeting@ccsl.org for reservations. Social hour starts at 5:30pm, meeting starts at 6:30pm.

Cheshire Inn
6306 Clayton Rd.
St. Louis, MO

SILUG - Southern Illinois LUG (http://www.silug.org)
O'Fallon meeting

The SILUG O'Fallon meeting is generally on the 1st Thursday of the month. It runs from 7:00pm to 9:00pm.

O'Fallon City Library
120 Civic Plaza
O'Fallon, IL 62269

SILUG - Southern Illinois LUG (http://www.silug.org)
Carbondale meeting

The SILUG Carbondale meeting is the 3rd Monday of the month, from 7:00pm to 9:00pm. The location can vary due to scheduling issues, so be sure to double-check their web site.

Morris Library, Room 325
SIU-Carbondale
Carbondale, IL

LUCI - Linux Users of Central Illinois (http://www.luci.org)

All LUCI meetings are held at the same location, from 7:00pm to 9:00pm. General meetings are on the 4th Tuesday of the month, and Newbie night is held on the 2nd Tuesday of the month.

Illinois State Museum Research & Collections Center
1011 East Ash St.
Springfield, IL 62703

CORCC - County Older Residents Computer Club (http://www.a-zuc.com/corcc/)

Meets (almost) every Friday from 1:00pm to 3:00pm. Provides free classes for seniors 55 or older. For info, contact Tom Kimber (t.kimber@worldnet.att.net) or Arthur Hollman (ajhollman@juno.com).

Prairie Commons Library
915 Utz Lane (between Howdershell and Dunn)
Hazelwood, MO

We publish meeting schedules of groups in the St. Louis region that may be of interest to our members. If you would like to have info added about your group, please mail the newsletter editor (editor@sluug.org) or call any of the SLUUG officers.


Articles:

WARNING: These articles may express personal opinions and SLUUG exerts no more editorial control over such content than does a public library, bookstore, or newsstand. Any opinions, advice, statements, services, offers, or other information or content expressed herein are those of the respective authors and not necessarily supported by SLUUG. SLUUG does not guarantee the accuracy, completeness, or usefulness of any content, nor its merchantability or fitness for any particular purpose.


SCO Versus IBM and Linux

by Craig Buchek

The big news in the UNIX/Linux world is the $1 billion SCO lawsuit against IBM. In case you haven't been paying attention, SCO has accused IBM of misappropriating trade secrets by transferring technology from UNIX (via AIX and the failed Monterey project) to Linux.

While the community has been worried about what might happen to Linux, there's something more immediate to worry about: AIX. SCO says that it will revoke IBM's license to the core UNIX code on June 13. SCO has not yet taken any legal actions against Linux itself; they've only made threats. So the threat to AIX is much more immediate than to Linux. Some analysts are advising companies to be wary about deploying Linux in critical areas. I have not heard any analyst advise AIX customers to be wary, but if SCO revokes the license, companies may not be able to expand their use of AIX systems. It seems rather odd that analysts are more concerned about mere threats than direct legal action. One theory is that IBM has enough money to post a bond to continue selling AIX even in the face of an injunction, and that IBM will indemnify their customers from liability.

SCO's behavior has been inconsistent and erratic to say the least. Their claim states that Linux could not have gained "enterprise" features without help from IBM, using code and knowledge from core UNIX code. But SCO's UNIX doesn't even include such features. The lawsuit is based on trade secrets and contracts, but then SCO began making claims about Linux containing their copyrighted code. SCO's executives first claimed that it wasn't the Linux kernel that contained the "stolen" code, but then changed their story. They won't tell anyone what code in Linux came from UNIX without a very strict Non-Disclosure Agreement. (Very few have taken SCO up on the offer.) But if the code is already in Linux, it's already out there; and even if it's removed quickly, SCO can just show that it was in previous versions -- there are thousands of copies of every previous version of the Linux kernel to be found on the Internet and Linux CDs.

The leading theory is that SCO is just making a last-ditch effort to get acquired. Their SCO UNIX business has been slipping for years. They had one or two good versions of Linux (as Caldera), but recent versions have fallen behind. (And they stopped selling their own version of Linux a few days after they made the accusations of Linux containing their code.) They still make some money on services. But a significant portion of their income now comes from licensing their Intellectual Property, including the core UNIX code. That portion is growing -- they've created a separate division just for source licensing, and they've hired lawyers to pursue any possible violations. And Microsoft just recently purchased a license to the UNIX code for $10 million. (It's for their Interix and Services For UNIX products, but it's unclear why they didn't need the license before now.)

Asked about why SCO didn't take action against Linux source code until recently, SCO's CEO said "Even if you potentially had a problem [with concerns about UNIX code in Linux back then], what are you going to do? Sue Linus Torvalds? And get what?" Which may mean that SCO knew of any infringement before, but waited until it was more profitable for them to sue. While it isn't required to sue for infringement of copyright violations immediately, it is against the law to knowingly wait in order to cause more violations.

Even if it turns out that there is some shared code in UNIX and Linux, does it mean that Linux is in violation of SCO's copyrights? Not necessarily. It's possible that the code came from a 3rd-party source, perhaps BSD. Maybe the code is a small enough portion that there's really only one way to do the same thing. Books have been published with operating system source code, including some older versions of UNIX. Lots of people have seen the UNIX source code; it's possible that so many have seen it that it's no longer considered a secret. Can SCO prove that the code was taken from their UNIX, or might they have stolen the code from Linux? Some former Caldera developers have reported that the latter may be the case. (It should be fairly easy to show which direction the code went, by looking at its evolution over various versions of Linux.) Since SCO has previously sold Linux, it's hard for them to deny that they did not agree to the terms of the GPL. And since the code is included, it's hard for them to deny that they did not knowingly do so. Once they've licensed their code under the GPL, they really can't take it back. Novell has even raised questions about whether SCO owns the copyrights to the UNIX code after it was transferred from Novell.

How much do we really need to worry about SCO's threats to Linux? Everyone agrees that all of SCO's accusations are unlikely to pan out. The biggest effect on Linux will probably be the Fear, Uncertainty, and Doubt (FUD) created in the minds of company executives, wondering if it's safe to use Linux. Is there real liability for users? Probably not too much. Copyright law only concerns copying, modifying, and distributing -- it does not pertain to the use of copyrighted materials. (If a book at the library is found to have been plagiarized or stolen, are people who have read the book held liable?) So if you've bought and paid for a copy of Linux, it's the seller who is liable. So as a user, you should only be liable if you've copied or modified Linux.

There's a lot of info (and speculation) about the SCO case to be found on the Internet. Be sure to check out Linux Weekly News, Slashdot, the Open Source Initiative, Google News, and all the other usual sources.

[This article contains the author's opinion. None of it should be considered legal advice.]



Sponsors

For more information about sponsoring the St. Louis UNIX Users Group, contact Frank Lipski (sponsorship@sluug.org).


Quotes

Sharing is fine unless it's software or music.
That's what I was taught in kindergarten anyway.

It would appear that SCO has about the same grasp of reality as did 
the infamous Iraqi information minister, Mohammed Saeed al-Sahaf, 
in the closing days of the war in Iraq.
 -- http://comment.zdnet.co.uk/story/0,,t479-s2134763,00.html

If Darl McBride and complainants did not know at the time of the 
complaint that Caldera itself had played a lead role in the very 
development they accuse IBM of having unfairly and unlawfully 
pursued, they are incompetent. If they did know, their complaint 
appears to verge closely upon perjury.
 -- ESR, http://www.opensource.org/sco-vs-ibm.html

Contracts are what you use against parties you have relationships 
with. From a legal standpoint, contracts end up being far stronger 
than anything you could do with copyrights.
 -- SCO
Funny, I thought "Contracts" were a method for doing business in 
good faith with people, not just something to be used for 
frivolous lawsuits....
 -- wrero on Slashdot

Statistics are like a bikini. What they reveal is suggestive, but 
what they conceal is vital.
 -- Aaron Levenstein


Special Interest Groups (SIGs)

As our membership grows, we have had some inquiries about the possibility of having Special Interest Groups in several areas. If you are interested in starting or participating in a SIG for System Administration, Networking, C, Object Oriented Programming, a specific vendor, etc., please contact any officer of the group.

Volunteering

SLUUG administration is volunteer based. We're always looking for volunteers to help with presentations, web page development, managing corporate sponsorships, and many other tasks. If you would like to help out contact Christine Wanta (volunteer@sluug.org).

Contacts

  President president@sluug.org Christine Wanta
  Vice-President vice-president@sluug.org Gary Meyer
  Secretary secretary@sluug.org Buck Pyland 
  Treasurer treasurer@sluug.org Mike Kriz 
  Linux Users Group Chair linux@sluug.org Frank Lipski
  Board of Directors board@sluug.org Ed Wehner
Craig Buchek
Robert Citek
Stan Reichardt
Christine Wanta
  Presentations presentations@sluug.org Scott Granneman
  Corporate Sponsors sponsorship@sluug.org Frank Lipski
  O'Reilly Book Sales booksales@sluug.org Sue Hurst
  Newsletter Editor editor@sluug.org Open position
  PR reporter@sluug.org Stan Reichardt
  Steering Committee Info info@sluug.org Gary Meyer
  BBS Questions bbs@sluug.org Gary Meyer
  Official Correspondence SLUUG Mailing Address PO Box 411302
St. Louis, MO 63141


Submitting Articles to the SLUUG Cronicle

If you would like to submit an article to the Cronicle of general interest to the members of the St. Louis UNIX Users Group, send your info or complete article to editor@sluug.org. The deadline for article submissions is the second last day of the month. Plain HTML format is preferred.


UNIX® is a registered trademark of the Open Group
Linux® is a registered trademark of Linus Torvalds