This site, like a lot of the other Mainstream Media sites, uses a service called Hitbox, part of Omniture Inc., instead of processing the actual server logs. The Hitbox tracking is done with a chunk of JavaScript that reports back to the Hitbox servers.

If you're running Firefox with the AdBlock Plus extension, and you have the right blocking list turned on, you become invisible to Hitbox-dependent webmasters. But Firefox/ABP users are a small enough fraction of traffic that it doesn't matter, and even if it did, the list that blocks Hitbox tracking is just an optional add on.

An upcoming new version of MSIE, though, is coming out with a feature called InPrivate Blocking. "InPrivate Blocking keeps a record of third-party items like the one above as you browse. When you choose to browse with InPrivate, IE automatically blocks sites that have 'seen' you across more than ten sites." (via Slashdot.)

Commenters speculate that it's aimed at Google Analytics, the free-of-charge Hitbox competitor that used to be Urchin, but there goes Hitbox tracking for a bunch more MSIE users, too.

Maybe it's time for Media sites that rely on Hitbox to start running a local log analyzer as a backup. Suggestions?

We just put up a podcast with Stormy Peters, the new executive director of the GNOME Foundation. This is the second in the series of "Jeremy Allison and I interview somebody" podcasts, which are fun to do. Yes, we should receive a severe reprimand for asking too many obscure technical questions of a new executive director, especially about stuff that you only see when you run GNOME apps to view mail attachments from mutt. (Stormy runs GNOME Do.) Other topics include useful Linux apps for kids, the secret history of Star Wars, and alternative input devices for GNOME.

Here is the combined RSS feed for all LinuxWorld podcasts: http://www.linuxworld.com/podcasts/linux/index.xml. We'll split out the Jeremy and me ones into a new RSS feed soon.

(The USB audio box we're using is supposed to do four channels, but I haven't found any mentions of anyone seeing all four under Linux. Anyone recording four tracks from an M-Audio Fast Track Pro? The thing works great for stereo, but putting more people on the podcast at once means I need more tracks.)

Well, some people don't listen to Julie Bort's advice. At Microsoft Subnet, she wrote, "At this point in the game, Microsoft should really come clean with a statement that rescinds its Linux/patent/suing threat altogether."

Good idea, but no such luck. This morning's press release haul brings "Microsoft and Novell Expand Successful Interoperability Relationship," which says,

"Microsoft Corp. and Novell Inc. are announcing an incremental investment in their relationship to meet accelerating customer demand for their business model solution, which is designed to build a bridge between open source and proprietary software to deliver interoperability and intellectual property (IP) peace of mind for organizations operating mixed-source IT environments."

Intellectual property peace of mind. Novell has a solid Linux, and punches above its weight in kernel contributions, so why does the marketing strategy so often come down to whining, "buy from us instead of Red Hat, or Microsoft will sue you?"

Meanwhile, Red Hat is talking about a customer win: Sabre Holdings, the company behind Travelocity, is standardizing on Red Hat Enterprise Linux. (Rule of thumb for pigeonholing IT companies based on press releases: startups brag on features, emerging companies brag on big-name reference customers, mature companies brag on new products and market share, and senescent companies bluster about Intellectual Property.)

Dish Network just called my (strike one) donotcall.gov-listed number, twice in a row, with a (strike two) illegal recorded-message bot. The caller id is UNKNOWN NAME, with the number 720-204-1286.

How much better off would the media business be if people just stopped responding to advertising that steals from them, and patronized the companies whose advertising funds something they want?

I mentioned some possible practical uses for Twitter, and it looks like the people at TweetMyRide are working on one of the same ideas: "TweetMyRide is a site that helps Twitter users link up to carpool if there are going to the same place. Save some gas. Use TweetMyRide."

I'm waiting to see what they come up with. Maybe they'll launch before TransitCampBayArea, coming up next month in San Carlos, California. (That's near the Caltrain station.)

I often use the Alameda virtual bus. Wait along the Santa Clara bus line and drivers will pick you up in order to use the Bay Bridge carpool lane. That's a big savings in time and money, and some kind of social networking/carpooling plan might make it practical to coordinate to use some of the other carpool lane opportunites.

After the alleged "AP attacks fair use" brouhaha, I tried an experiment. I grabbed a couple of substantial paragraphs of an AP story and quoted them here, along with some criticism.

Maybe "AP's actual energy reporting stinks of corporate sloth," is laying it on a bit thick, and maybe I quoted a little more of the original story than I needed to in order to make my point: too much attention to dueling quotes, not enough facts. (This is why politicians are so comfortable dishing out the you-know-what: reporters for mainstream media organizations such as the AP don't have a shared in-house wiki of the relevant facts checked out on their laptops. Now that git is cross-platform, they should hire someone to set them up with ikiwiki.)

But I've received no takedown letter from the AP. I guess I was right. They're smacking down cut-and-pasters, not people who are doing actual fair use.

(Another network abuser is whoever posted the spam comment with a link to tiffanyline dot com. Just as an experiment, I reported it to the real Tiffany®—how long until they get the domain?)

Miguel Helft at the New York Times asks, "Is Google a Media Company?"

And David Robinson at Freedom To Tinker fires back, Is the New York Times a Confused Company?

Google isn't a media company. Sure, they're in the ad business, but lots of useful stuff that's not media is ad-supported: the Opera browser, Kazaa. Think of Google at its best as ad-supported tools, not media.

Google can do tools. With the occasional outage, the software is great. Google's search, ad, and collaboration tools work just fine. Yes, sometimes a spoof story will make it into Google News with the real stories on the same topic, but the human-selected news on Yahoo had the same problem with Weekly World News stories. (What kind of yahoo syndicated that for the news department, anyway?)

But just because you can trust Google services to work doesn't mean that you can trust Google to provide new, original web content. googlepages.com is an embarassing spam pit. And Google Blog Search is pretty much unusable, not because of some outside "splog" sites gaming Google, but because it runs search results from Google's own Blogger and Blogspot, which are full of crappy and sometimes hazardous spam blogs.

Look at jvccamcorder-x7bp dot blogspot dot com. Actually, don't. It's loaded with JavaScript that will, if you roll the pointer over the wrong place on the page, take your browser to a site that triggers the Firefox "may harm your computer" warning.

And how about free--grant--money dot blogspot dot com? Same deal. The funny thing is that the Firefox warning page is powered by Google. (Blog hosting Googlers and malware warning Googlers, I know a great gourmet cafeteria in Mountain View where you could have lunch and talk about each other's projects.)

There's a big gap between "all the news that's fit to print" and something that's so minimally quality checked that it might infect your computer with malware. Obvious word salad and nasty JavaScript is only the bottom of the barrel of bad content. Figure out how to filter that out, and you still have inaccurate stuff, scams, unethical journalism, medical quackery, and other hard problems. So why pretend that Google is in the media business?

The net is abuzz with the news that open source software licenses are enforceable as copyright conditions, not just contracts.

What's the big deal? Besides the important point that the software's copyright holder can now get statutory damages, measured by the copy, there's another point that will matter to people who are interested in enforcing the GPL for embedded software.

The US Customs Service has the authority to seize infringing copies. Trademark holders take advantage of this all the time —make Batman underpants outside the USA without a license from DC Comics, and DC Comics can put your product on a list to be seized if someone tries to import it. But copyright and patent holders use it too.

Here's a letter of advice from attorney Margaret Minister O'Keefe: "Registered trademarks, copyrights, and certain trade names may be recorded with the U.S. Customs Service. (There is a small fee—$190 for a trademark in each class, for instance.) Customs will then seize any counterfeit or infringing goods coming into the U.S. and notify the intellectual-property owner. This service remains in force for the life of the trademark or copyright."

If GPL compliance were just a matter of contract, a GPL violator could make the software copyright holder fight an expensive civil court case. But with the Customs Service offering this convenient service for copyright holders, there's more incentive for the violator to come into compliance quickly, especially if a shipment of the product is already on its way to a US port.

Christopher Blizzard has a piece up, "competing for an open (generative) web."

"People are worried that Microsoft will leverage its market power to create a leadership position for multimedia on the web. Replacing the (proprietary) Flash video codecs with the (proprietary) Silverlight video codecs and associated tools. In some ways it looks like a battle between two companies and strategies that no one would care about. More lock-in, more proprietary tools, more opportunities to undermine the main single item that makes the web great: its open nature."

He goes on to suggest a series of video ideas for the open web, including, "Make a super-easy, consumer-focused, high-quality encoder for ogg theora that anyone can use to encode their videos for the web. (Here's a hint: Handbrake is still too hard to use.)"

But from my point of view, making the user mess around with the camera is still too much work. What open video really needs is a box that you mount on the wall, point at an interesting place, and forget about. Something like Podcast in a Box, but even simpler and always on. Instead of worrying about when you start and stop recording, just use a REST API to ask the box for a time range. (Naturally, the built-in web server would apply cache-friendly HTTP headers, so you could easily mirror the popular videos on a "real" web server. And naturally, the box would apply some kind of interestingness filter to discard empty room recordings first, and keep requested ones longer.) If you're covering a conference room, you might want two boxes: one shooting the speaker, one recording whatever goes through the projector.

I've seen the gear they use to do Tech Talks at Google, and it's out of the reach of most companies. But use a simple open video appliance, and you could make meetings, classes, demos, interviews, rehearsals, whatever, available for the browsing.

Every trade show has some great stuff and some dumb stuff, and it's time to point out the dumbest: GeekPAC.

"GeekPAC will form a political action committee with the goal of building grassroots political support for copyright reform, DMCA reform, net neutrality, patent reform, and other hot-button political issues."

OK, fine, you're for freedom, but "Geek?" Please. Geek is a label that spans both sides of the issue. The developers who work on DRM systems, illegal wiretapping, and other such blight on society are still "geeks."

And geek is still an insult. Use it to describe yourself or someone similar to you, and it's self-deprecation, but when someone else uses it, it's patronizing. When a management type at your company, usually some guy with too much gel in his hair, refers to employees as "geeks," hit the Dice booth for a new job. "Geek" is a shibboleth that identifies the dot-com a-holes who think you'll work for the "opportunity" to touch technically interesting stuff, a Foosball table, and all the Mountain Dew you can drink—while the non-"geeks" get the control and the profits.

A physical analogy for working in the Silicon Valley system is this: step one: build the most beautiful object you can. Step two: hand it to a venture capitalist to smash in front of your face. Repeat. Geek is what they call the person whose self-respect is retarded enough to tolerate that.

Second, most of the people who have an interest in copyright reform, DMCA reform, and related issues are not geeks. A podcaster who digs up obscure tracks to put together a new music show is not a geek. That would be an influencer, a trendsetter, a, let me see...cool person.

Third, a political movement takes a lot of energy, for a long time, and who wants to put a bunch of energy into an all-male organization? Include instrumentalists, singers, DJs, podcasters, librarians—the way Creative Commons does—and you'll have a more sensible, broader-based, sustainable organization.

Maybe information freedom could use a PAC, but no chance here unless you lose the "geek."

You can tell when someone who dropped his or her legacy OS for Linux is not moving back. It's when he or she gets the way of the package manager. Mark Pilgrim explains the difference between what most OSs make you do and the ease of installing everything from the package manager.

Instead of conflicting installers that scribble on each other's files, a well-designed system has a policy that keeps each application in its place. A Debian system can run for five years with frequent installs and uninstalls of key parts of the system: not just browsers and word processors, but the C library and other fundamental infrastructure. Everything upgrades in place, usually without even a reboot, and you can, after using the machine for a while, end up with not one bit of software the same but never having reinstalled.

But the happy friendly place of the package manager (read Mark Pilgrim's piece if you aren't convinced you want to be there) breaks down as soon as you bring in a proprietary application. When something isn't packaged for your distribution, you're back to wrangling installers, which claws back some of your precious productivity gain.

On that problem hangs a business model. Get in touch with the proprietary ISVs, package their applications, and offer a repository. Lindows, now Linspire, did it first, and now Ubuntu is doing it with an ISV partner program that actually does something.

Malcolm Yates, ISV alliance manager for Canonical, says that the company is launching a "partner" repository (a special-purpose web site that provides ready-to-install packages for the package manager to download) to give users easy access to the ISVs' applications through the package manager. Using the same System → Administration → menu as you would use to install OpenOffice or Firefox, you'll be able to get Zimbra, Alfresco, or Unison.

IBM, with Lotus Notes and Symphony, is even getting involved: IBM, Canonical/Ubuntu, Novell, Red Hat to Deliver Microsoft-Free Desktops Worldwide. Compare picking a checkbox from a software menu to the old way of installing, and will you want to go back?

Many of the partners are making trial installs available through the package manager, then selling a key that will activate the trial version to a full version. Parallels Workstation is installable as a 15-day trial, then upgradeable, Yates says.

Canonical is offering technical help to make the packages comply with policy, he says. "There are very few ISVs out there with the skill to package a .deb that meets our specifications." With Canonical's help to move from an installer model to a package model, easy install and integration might not be an automatic open source advantage any more.

More info: Steven J. Vaughan-Nichols on Ubuntu Goes Enterprise.

The judges picked the winners for the show awards, and we presented them yesterday afternoon at the show floor. My notes...

Best Application Development Tool: Ingres Consolidated Application Foundation for Eclipse: looks like a good solid corporate development tool for people who want to get started with Tomcat, Hibernate, and JSF. More info: Ingres in two bundling deals

Best Business Application: xTuple ERP 3.0. Looks like a way to scrap the secret shame of many Linux-using small companies: the proprietary server running the accounting package. But network effects matter for this kind of software: will your CPA learn it?

Best Clustering or Grid Solution: DataSynapse Fabric Server 2.6. "a dynamic application service management platform that configures, activates and scales applications based on business policies and demand."

Best Desktop Solution: Ubuntu Desktop Edition 8.04 LTS. Another one for the trophy case on the Isle of Man.

Most Innovative Hardware Solution: Violin Memory, Violin 1010. Costs about as much per megabyte as putting more memory in your database server, but runs cooler. A secret weapon for MySQL performance tuning or running memcached.

Best Integration Solution: Openbravo Network. Part of the encouraging trend of ERP going open source. Makes sense since customers need extensive customization on ERP anyway, and the legacy ERP projects are IT budget killers.

Best Messaging Solution: Barracuda Message Archiver 850. Be on your best email behavior from now on. Someone is automatically keeping a copy. And if you can't say something nice...

Best Mobility Solution: Unicon Systems Hermes Mobile Platform. This company won last year, and the judges are always coming up with ideas of all the cool stuff you could make. That's a good sign. (Did I mention that you could put a social network/GPS/automatic ride sharing system with it?)

Best Security Solution: Trusted Computer Solutions. Security Blanket Enterprise. How many of your organization's servers are 100% configured in accordance with your server hardening policy? Are you sure? This might let you save your security-tweaking time for the hard tasks.

Best System Management Tool: Altinity Opsview v2.12. Bundles all the top open source management tools: Nagios, Linux-HA, Puppet, Syslog-NG and Xen. Not fair to the people who spend weeks getting all the tools installed and configured. Now the lazy people will be able to name-drop too. (Be honest: how many of you use the users as your monitoring tool? And how much less work would it be to get a program to tell you what's wrong instead of having to get it out of the user?)

Best Virtualization Solution: Pivot 3 : Serverless Computing. A storage platform that also runs application servers in virtual machines.

Best of Show: GoGrid. Another one that sets off ideas. Want to do a big administrator training, or a test network, or a big build farm? Judges are impressed with "cloud computing" working this smoothly.

And I'm off to Jon Loeliger's git talk (podcast, schedule and slides). See you at the show.

LinuxWorld Conference and Expo has a new area on the show floor, the Linux Garage for the "latest and coolest gadgets." Bug Labs is there, along with OpenMoko.

One more exhibitor could help close one of the industry's knowledge gaps. Tutorial instructor Mike Anderson wrote, "So, does the United States have a shortage of engineers? Well, if we are talking about engineers who understand how computers work, then I’m afraid we do."

Mike used the Linksys "slug" for his embedded Linux tutorial yesterday. Working with repurposed devices is cheap and fun, and one way to learn something, but try to get too hairy and you end up bricking the device. And if you need JTAG access to the device you need to buy JTAG hardware. The other alternative is to buy a development board, and those can get expensive.

At the Linux Garage, Rusty Herod from Tin Can Tools is showing off the "Hammer" and "Nail" development boards. For $189, you can get a complete ARM9 development board, with USB host and gadget, a serial port, an LCD interface, some GPIOs, two buttons, a buzzer, and a blinky LED, which you'll need for the embedded development version of hello.c. More than enough power and interfaces for your warrior robots, I mean embedded Linux learning project.

The cool part is not having to buy a separate JTAG adapter. The Nail has two USB endpoints: one goes to the target, and one goes to a built-in JTAG adapter. So you get an all-in-one ARM learning device for your home or school lab, just add a USB cable.

TI also has the Beagle board here at the show, which is an inexpensive near-PC.

Here's a potentially useful antispam measure: when someone tries to mail you, connect back to the sender's mail server, and see if the "postmaster" address works.

It's one of the tests used at rfc-ignorant.org, which also checks a bunch of other common mail and DNS mistakes.

Checking for a correct postmaster address probably blocks a lot of spam, but it blocks my outgoing mail too.

$ host -t MX nww.com 
nww.com mail is handled by 10 networkworld.com.s6a2.psmtp.com.
nww.com mail is handled by 20 networkworld.com.s6a1.psmtp.com.
$ telnet networkworld.com.s6a2.psmtp.com smtp
Trying 64.18.5.11...
Connected to networkworld.com.s6a2.psmtp.com.
Escape character is '^]'.
220 Postini ESMTP 233 y6_14_14c0 ready.  CA Business and Professions Code Section 17538.45 forbids use of this system for unsolicited electronic mail advertisements.
HELO zgp.org
250 Postini says hello back
MAIL From: dmarti@zgp.org
250 Ok
RCPT To: postmaster@nww.com
550 No such user - psmtp
QUIT
221 Catch you later

The burden of spam filtering is shifting from recipients, who are putting in tougher and tougher filtering while accepting some false positives, to senders. You have to make sure your mail server is squeaky-clean and set up 100% correctly to get through to anybody any more.

What are you doing at LinuxWorld Conference and Expo? Here's my list. (See the event page for a list of keynotes and tech sessions.)

Monday

Monday is usually tutorials day. I'm not responsible for any Linux/Microsoft integration, so I'm not going to do the latest version of Jerry Carter's famous Active Directory tutorials.

At 1pm, Mike Anderson is going to do a tutorial on embedded development, and you get a working Linux instal on a Linksys NSlug to take home. Looks like a huge time-saver if you're developing a product and making the move from server to appliance. I need the box because there's a NAT box/access point lying around that has its own nameserver, which isn't up to date on the latest BIND. So time to donate it to the computer recycling center and set up something else as a home router.

Then, Monday at 4:30, Sebastian Thrun will do the show kick-off talk, "Making Cars Drive Themselves."

Tuesday

Tuesday is a big day. As a program committee member, this is when I can start boasting: we're bringing two of the secret weapons of massively scalable web sites into the Mainstream, with two talks: "Hypertable - An Open Source, High Performance, Scalable Database" by Doug Judd, then "Getting more out of Memcached with libmemecached" by Brian Aker. (Bring your Drizzle questions for Brian, too. I'm sure he won't mind.

If you're not into big badass web sites, at the same time Mike Anderson will be doing a kernel troubleshooting talk.

Good stuff Tuesday in the other tracks too: Seth Schoen and Jacob Applebaum will talk about the famous cold boot attack. Sorry I have to miss this one, but everyone else in the world can go and tell me how awesome it is and stuff and why didn't I go?

At the same time, Luke Kanies from Reductive Labs will be talking Puppet, which is the hot tool for deploying and managing those large-scale application that you can finally build after hearing Doug and Brian's talks in the morning.

But I'll be working on the show awards during that time slot.

Then, late Tuesday afternoon we get the Golden Penguin Bowl, in which teams representing "Mobile" and "Stationary" Linux will compete for The Coveted Golden Penguin. This year I got dragooned into bringing the props for the final question, but at least I got a key to the storeroom to put them away.

Wednesday

I invited Jon Loeliger to do a talk on "Putting the IT in git" because you can use git for day-to-day stuff without getting all complicated and having flame wars over obscure uses of "rebase" and "cherry-pick." Trust me—you don't have to be a kernel hacker or a Distributed Revision Control guru to use git. You can start using git like "rsync with rollback" and expand later on. Small and easy enough to install absolutely everywhere. And easy to put hooks on so that you can make things happen when you push into a repository.

(Jeremy Allison gives me grief for putting baby pictures in it, but I don't care. It works. If you're reading this and you have an Exhibits Only badge, and you have ever contributed anything to any Free Software or Open Source at all, come see me after the Golden Penguin Bowl on Tuesday and I will give you a pass to Jon's talk.)

I'm going to have to recommend the whole rest of the "Quick and Dirty Development" track, which I worked on, too -- they're really important topics that if you work in IT and learn them, you can finally stop fighting fires and make yourself useful. There is hope here.

Steven Ellis on "Trac - Project and Process Management for Developers" -- if you read Time Management for System Administrators it tells you to get your IT tasks into some kind of ticketing system. Trac is one of the good ones. If you have lots of people asking you to do things, try Trac and RT, and get one of them installed and working. Even if people still send you mail you can bounce it into the system and restore your sanity.

Peter Thoeny on "Business applications in an enterprise wiki" There's stuff that you organize ad-hoc in a spreadsheet, and stuff that you put in an Application that has to be Developed. Where's the place in the middle? A little workflow but quick and easy to get working? Putting an application in a wiki is a possible answer.

At 3pm on Wednesday James Mikusi will be explaining how to put a computer in your car. Cool, and I already have a spare ITX board and a pack of extra fuses. Since talking on the phone while driving is illegal in California now, I'll be able to get some blogging done.

Thursday

Thursday is, well, PHP day at the Quick and Dirty Development track.

Barry Jaspan will be talking about "Social Media Web Sites on LAMP: How Drupal Changes the Game" and I convinced him to get a quick module-writing tutorial in there. Too much material for a one-hour talk? No, your mind will be running at double productivity from the git, trac, and wiki stuff on Wednesday, so if you remember "Flowers for Algernon" you should be like Charlie Gordon at his smartest right about now. And finally, Andi Gutmans, CTO of Zend, will cover "PHP: Past, Present and Future."

At 12:45 on Thursday, Wind River is sponsoring a lunchtime Q and A session on embedded Linux, with Paul Gortmaker and Ralf Baechle. I want to hear what questions people ask at this one.

Random things to fit in when I have time

The Debian booth at the dot-org pavillion. File this under "I wish I knew how to quit you." I try to live a happy life with one of the mainstream distributions, but I keep sneaking back to Debian. Debian tolerates my Perl weeniedom by packaging lots (not quite all) of CPAN, and my Powertop weeniedom by packaging some really easy scripts for building my own 2.6.x.y "stable" kernels. Laugh if you want but my machine with my own .config, a new kernel, and a fairly minimal Debian install gets twice the battery life of a "major brand" Linux box. Plus, since I'm more elitist than actually elite, there's etckeeper, to make it easy to roll back my configuration file mistakes, I mean innovative solutions.

The rest of the dot-org pavillion looks good too -- a fair number of the usual suspects plus a few new projects.

I also need to check out the state of the server hardware market. A group I belong to is deliberating the idea of having me run a Drupal server for the members, which means buy or build a small Linux box. And since it has to go in my home server closet, I want something really energy-efficient that won't cook the other stuff in there. So I'll be checking out the hardware booths for some ideas.

Yes, I heard about the Chino Hills earthquake from Twitter before I heard about it from the Mainstream Media.

(Or maybe I didn't hear it from Twitter® brand Twitter—I have a Perl script to aggregage Twitter and its clone, identi.ca, and pop up messages on my screen. (screenshot) So the first earthquake message could have been from the other service.)

John Cox points out that Twitter doesn't really qualify as "news." But the earthquake news you want is usually too specific and local to make the regular news anyway. So why not look for an alternate medium?

Seismometers already microblog. The USGS has a selection of RSS feeds, and it's easy to drag one into whatever you're using to keep up with Twitter.

Should the fire department put out a feed too, so that you can get a notice when there's a call near your house or a family member's house?

Automated microblogging has a lot more potential that just reporting earthquakes, though. Maybe announcing every shell command you type is a little extreme, but why not integrate it with NetworkManager? Add a checkbox per network location: "Microblog when I connect to this network." You might not want people knowing every time you get on your home network, but if you go to the famous Dana Street Roasting Company, why not make an entrance?

Much of the stuff I do goes into a git repository at some point. Microblogging is an obvious git hook, and here's one implementation: TweetTheGit.

The real killer app for microblog services is ride mooching. I drive too much, but I'd be willing to give a ride to anyone who I'm following and who follows me on a microblog service. Set up my car to announce when it's approaching a known Virtual Bus stop, and listen for riders, and I'll pick someone up.

The secret to starting the Virtual Bus is to start with a few locations that connect well to parking and existing transit, are decent for waiting, and not too far from freeways.

I suggest the Starbucks at Tilden and Blanding, in Alameda, and the Mountain View Caltrain station.

Any other ideas for making microblogging useful?

Julie Bort over at Microsoft Subnet has this piece up: Microsoft, it's time to officially rescind the Linux lawsuit threats.

"At this point in the game, Microsoft should really come clean with a statement that rescinds its Linux/patent/suing threat altogether."

Plenty of good reasons to back off on suing. The IT industry is a recruiting contest, and the people you want are the developers who want to compete on features and quality, not legal shenanigans.

But one more reason from a corporate politics point of view. Imagine that MSFT manages to extract a patent royalty from every Linux-using device out there. TiVos, Motorola phones, Buffalo Terastations, everything.

All of a sudden, Linux becomes Microsoft's most profitable OS.

The executives who run product groups that actually code and support software, dealing with real bugs and users, start to look like bottom-of-the-list chumps compared to the shining winners who just play the patent lottery.

Two wannabe patent troll execs left MSFT last year. I have a feeling that nobody at the company want to see his or her numbers look weak in comparison to what a patent troll can pull in.

(I'll be at LinuxWorld Conference and Expo next week. If you'd like the super-1337 discount code, good for 50% off on a full conference pass, use this: 50LWSF)

This Ubuntu Forums thread got picked up by Slashdot and others. One Foxconn motherboard, not advertised with Linux support, has ACPI that doesn't work under the poster's version of Linux.

So, no Linux support, no mention of Linux in the ACPI tables, right? No, the Linux entry points to broken data.

Check the Slashdot thread. Foxconn are witches! Burn them! Remember the Bill Gates ACPI memo!

Maybe not exactly.

Did Foxconn actually break ACPI? Maybe what they have on the board really did work at some point— possibly with an earlier board or an earlier release of Linux—and they just didn't test it with the right hardware and a newer Linux.

Testing with Linux once doesn't necessarily mean that it will work again later. Thomas Renninger offers ACPI BIOS Guideline for Linux, which recommends, "Avoid the use of the _OSI function if possible." Vendors are happy to use OS detection to work around Microsoft bugs, but new kernel.org Linux releases will fix bugs without testing on all the old motherboards that worked around those bugs. So if you make a BIOS to work around last year's Linux, it might not work with this year's. And, as the motherboard vendor, even if you test for a certain release of Linux, you might get a patched distribution kernel that fixes the bug.

So what's the answer? As far as I can tell, the best available word is: Motherboard vendors, don't code for Linux, and Linux, for ACPI purposes, pretend to be some kind of Microsoft Windows.

Matthew Garrett writes, about the whole Foxconn brouhaha, "Linux hasn't claimed to be Linux in response to OSI queries since 2.6.24, so this is an interesting sidenote but basically irrelevant." Of course, 2.6.24 only came out this January, so a lot of users are still running old kernels that do say they're Linux.

With the current kernel.org Linux pretending to be Windows 2000, XP, Server 2003, or Vista, as a motherboard vendor you could just "not support Linux" in the BIOS, and, just to be on the safe side, send a couple pre-release boards to Linux people for testing. Newer releases of Linux are going to deny that they're Linux, after all.

What a mess. Why support Linux at all?

Supporting Linux isn't as expensive as it sounds. It's cheaper to support Linux than to add support for another proprietary OS. For ACPI, just read one paper and avoid Linux-specific tests. For most hardware, somebody please throw the Linux Driver Project a bone—there's a long list of driver developers waiting for one of the rare unsupported devices.

On the complicated side, VIA just hired Harald Welte to manage its connections with Linux and other free software developers. A lot of the Linux support job is just clearing up a few misunderstandings. Sometimes you don't need a whole Linux portal, just a presence on the right mailing list.

So when Linux users ask hardware manufacturers to support Linux, they aren't asking for something on the scale of the full Windows driver project: installable, QA-ed, updated, signed, and burned to CD. Just enough info to do the actual work, and the developers and the distributions will do the rest.

Not supporting Linux is a way to leave money on the table. By now, most hardware manufacturers know that even if they don't care about the Linux market at all, a credible threat is all it takes to get better treatment from Microsoft. Yes, there's loyalty-based pricing from MSFT, but loyalty gets you the _higher_ price. Even if all you want to do is Windows, Windows, Windows, just show that you can and will do Linux, and you get the Matthew 18:12 treatment.

Stormy Peters wrote that 2008 is the year of the free and open source desktop, but that's pushing it. What 2008 is, though, is the year that Asus succeeded with its emphatic request for continued Windows XP availability—a request put into the only format that Microsoft listens to: the original Linux-based EEE PC. Now Asus has the Windows XP they really wanted, and all it took was running up the Linux flag.

That's the biggest example—a whole product line spared from EOLitude—but there are other examples, too. Paul Kim from Everex explained the better Microsoft licensing offer that he got just by putting OpenOffice on some desktop machines.

And, nifty though I'm sure Ubuntu is, I doubt Michael Dell is running Ubuntu purely for the niftyness value. Dell depends on getting favorable terms from suppliers: "They have a negative 44 days CCC, which means that their sales are converted in hard cash 44 days BEFORE Dell needs to pay for purchase invoices to vendors." Would be nice if the one vendor that's too big to push around were a little more compliant.

If anything, we're likely to see more Linux as bargaining chip than less. Economics professor Mark J. Perry points out that computer prices are down 90% in the last 10 years, but software is only down 47%. There's more price pressure waiting to be applied.

So watch for a lot more desktop Linux "failures." 1. Introduce Linux product. 2. Get a better deal from Microsoft, and kill it. 3. PROFIT! Microsoft isn't stupid, so half-assed Linux PCs aren't going to bring in the favorable licensing terms they once did. The Linux feint will have to be at least credible. Something that you can plug a random printer or webcam into, and have it just work. (Sarah Sharp suggests a test: walk into a Circuit City store, buy a computer product, and buy it.)

So, Linux fans, don't get discouraged by failures. From the financial point of view of the company that "failed," they're likely to be successes, and the company is likely to want to repeat, not avoid Linux.

Linux media, we're going to have to do a better job of calling fail when we see it. When someone comes out with a Linux feint, it's time to check on whether the product actually does the basic PC tasks.

Customers, you aren't actually going to use something that was made to fail, are you? Good. The attractiveness of the Linux feint to vendors means that now is the time to turn desktop Linux skepticism up, not down.

And vendors, the basic fail has been done. So has the halfway-there desktop Linux product. Time to move up to a better class of fail. Fortunately the process of doing this is the same as the process of actually succeeding.

The embarassing little secret is that it never was. It would be nice to have a story of the innovative, disruptive master Linux plan breaking down the ossified IT industry, but that would be rewriting history. Linux itself started as an educational coding project, but Linux as a product was just the Unix scene's not-quite-unthinking reaction against the actual disruptive product, Microsoft Windows NT.
In the mid-1990s, Microsoft's product was a cheap, hot alternative to overpriced, incompatible "open systems" from greedy, shortsighted Unix vendors. It didn't work especially well, but it offered something to customers who were denied Unix, by price or learning curve. That's the whole point of a disruptive product; it doesn't have to be good.
In theory, you administer the system the one standard MSCE way, and a Windows NT-using company could swap out IT staff more easily than trying to replace the guy who used every trick in Unix Power Tools. Perhaps the biggest cost appeal was to ISVs. Instead of building and supporting a version per Unix, you could do one Windows NT version.
(Yes, so-called PC Unix saved you money on hardware, but it was still Unix from a compatibilty and training point of view.)
Windows NT wasn't just a hit with the existing IT industry (Remember the Compaq ads with the tide coming in, and the herd of cattle? The message of Windows NT inevitability?) but also caught the imagination of one classic Unix leadership center, O'Reilly and Associates. Not only did the publishing firm start issuing catalogs with Windows NT up front and all the Unix stuff pushed back, but it actually went into the software business, with O'Reilly WebSite Professional, a web server for Windows NT.
With all that disruption going on, the Linux business was the suddenly-marginalized Unix people scrambling for some way to stay relevant, either inside their existing employers or at startups. Just as the bookstore section has gone from "Unix" to "Unix/Linux" to "Linux/Unix," the same people's business cards changed from the U word to the L word. Linux was a de-disruptive technology, because it let the Unix customers keep more of their Unix coding and skills investment. (Of course they didn't actually take any Unix code with them, because any excuse to drop an old codebase and start over is a good one.)
Many stories about disruptive technologies make it sound like resistance is futile. But in the case of Unix, the incumbent being disrupted wasn't one decision-making center, but a loose collection of companies and individuals moving among companies. No one big cheese had enough prestige tied to Unix as such to stop the counterdisruption. (There's an obvious lesson here for the record industry: deconsolidate, and fund a few toothless industry organizations instead of one RIAA.) The Unix industry wasn't very well set up to defend itself, since it let basic compatibility and pricing issues slide, but it was well set up to rebrand and regroup.
The lesson here might be something like this: if you're using product A, and product B comes along to disrupt it, watch if A tries to hold the line against a successful disruptor, in which case you might as well jump to B, or if it's able to join the disruption, in which case you can save your investment in it.

William H. Page and Seldon J. Childers cite my podcast interview with Jeremy Allison in an article for the Northwestern University Law Review. part 1 part 2.

"The Samba license formed under the order in the European Microsoft case, in contrast, is both significant and perilous for global antitrust policy. It provides critical protocols and documentation to Microsoft’s most important rival in the server market, a rival, moreover, whose development methods are focused on the analysis of those very protocols."

True, but the license is, as mentioned in the article, the result of a settlement with the European Commission. It's "perilous" to perpetrators, not to the software business in general. If Steve Ballmer got caught selling crack, and ended up with community service under a plea bargain, yes, he could end up having to clean up in front of the beer store.

You can't have it both ways: if "Intellectual Property" should be treated like actual property, then you put it at risk when you use it in a crime. The European Commission isn't picking on a US-based company for no reason here. In fact, the Commission generally advocates for expansions of exclusive rights in information that tend to benefit US-based companies at the expense of Europe. And in this case, the Commission didn't even limit Microsoft's use of the patent system. It only limited the company's ability to make vague anticompetitive threats based on unspecified parts of a large patent portfolio, and handed over some protocol information that Samba was in the process of working out anyway.

A common-sense patent regime would limit the tools available to future software monopolists, and might make the next antitrust action unnecessary.

Meanwhile, this Monday morning, some Red Hat patent lawyer is looking at this useful weekend hack from Dave Jones and considering filing for a "defensive" patent, one that has no bearing on Dave's incentive to come up with the next kernel tweak, but that might help deter troll raids or patent Ragnarok. Don't people have better things to do?

Tim Lee links back to my earlier piece on GPL/patent gamesmanship. This paper on patent invalidation from Joseph Scott Miller makes an essential point on real-world patent cases: if you're defending a patent suit from a troll, and you have the necessary prior art to invalidate the patent, the best move for you is not to fight it out and finish the patent off, unless you're just trying to impress Matt Asay. Instead, you pay the troll a token, undisclosed amount for a license and make the patent a nusiance to your competitors. This is why Trend Micro can brag that its weak virus scanning patent hasn't lost in court.

Defendants are usually better off becoming a troll's allies, but should the troll accept the offer? Depends on the strength of the patent and the projected revenue stream from the victim. In the case of an open source defendant, you can treat the patent as weaker, since it's more likely to attract outside research help. And the projected revenue stream is smaller, since an open source defendant is limited in its ability to raise prices to pay an ongoing license fee. The open source vendor's customers aren't locked in enough to pay more for no benefit.

Open Invention Network is halfway to the convergence of a troll company and a GPL patent pool. But because the investors are actually in the software business, OIN can't go as whole hog with actually making money as the true bastard spawn of troll and open source pool could. Buy up some patents, license them to the relevant open source projects to take them and their users out of the picture, and target the proprietary infringers.

In the US, we're stuck with a cheap dollar and high oil prices, which means that the Sovereign Wealth Funds of oil-producing countries are in an ideal position to accumulate US paper assets such as software patents. We're closer to Europe's situation than it might appear. When you're paying $7 a gallon for gas, and the money goes to snap up patent portfolios that restrict your work, defenders of Qatari troll companies are going to look pretty silly, whether or not the trolls strike a bargain with the open source types.

If you administer anything, you're either web-scraping or your're already in the carpal tunnel ward. How many have a script that visits every application's supposedly all-in-one "dashboard" to grab the one piece of information you need?

I've written my share of yeechy pattern matches. (Bad enough that I actually invented the Reverse Bastard Copyleft: "You can do anything with this script that you want, as long as you claim YOU wrote it.")

In the Media, we have a similar problem: partner sites and multiple content management systems. When I need to get the weekly kernel article from LWN, it's view source, cut, paste. In the never-ending quest to get things organized around here, I ran into this useful article from Sean M. Burke, and now I should be able to do more things like:

element ArticleText http://lwn.net/Articles/287056/ | xsel

Here's the script: element

I think this will be useful when I'm building chunks of stuff to incorporate into a CMS-built page. Instead of having to look at validator output for the whole final page (if your pages validate they throw you out of the Mainstream Media) I'll be able to build my thing in a simple template, validate the page, then extract the right chunk and pass it on.

Microsoft is sponsoring an open source measurement project—one that has inventoried a total of 1300 computers.

But despite the sheer number of projects that want to measure open source adoption, the numbers are bogus, because it's not in the interest of the people who have the data to release it.

The more interesting the customer, and the more that customer deploys, the less they'll talk about it. Banks are especially wary of talking about their software habits. Wall Street becoming Linux stronghold" is still news now, almost ten years after Linux broke investment banks's "no eating in the data center" rule by eating Sun's lunch there.

Now, of course, with a steady drumbeat of legal threats (usually phrased something like, "we just want you to compensate us for our Intellectual Property and work together") Linux and free software users have even more reason to keep quiet. And it's not all patent trolls, who tend to be relatively sane and revenue-maximizing. You get wackos. After all, it's still hard to even pin SCO's CEO down on what he claims customers are infringing. Give one "we use Linux" quote to one news site, and it's "On information and belief" in a lawsuit against you. The publicity isn't worth it.

Jay Lyman at the 451 Group says Microsoft has "changed" but it's a big company, companies change back, and companies have partner companies. Sure, they're not suing their customers, but they bankrolled SCO. The threat is there no matter how much happy friendly working together PR you put on it.

I like hearing about real-world business IT success stories as much as the next media weasel, but if I were on the other side, the policy on chatty IT staff would be Shut the Fool Up. Employees, feel free to ask questions on web sites or mailing lists, but use your personal email address, and any discussion that mentions both a software choice and the company name is off limits.

So, how do you measure how much open source is out there? The obvious choice is a "popularity contest" application that checks the filesystem or the package manager.

Look at the Debian Popularity Contest. Of course, it can only measure what's installed, not what you actually use, unless you decide to mount your filesystems without the "noatime" option, but don't do that. Several companies have released open search search tools as sales tools (like this one at OpenLogic) "Look at all the open source stuff you're running and didn't know it—you need our support plan!"

But people don't run popularity contest applications on production machines. So, as much commentary as the OMG WTF M$ WANTS YOUR INSTALLED SOFTWARE LIST thread has gotten, it looks like a waste of the company's money.

Strangely enough, what might be the best open source measuring tool to come along in a while recently got released by accident. Netcraft's report on bad SSL certificates on bank and other secure web sites. (via LWN). That reveals not the OS on the outward-facing server, but the OS on the internal system on which someone ran a broken version of critical software.

Naturally, it would be irresponsible to publish today which banks are running with a bad certificate. But Netcraft now has data on companies running not just open source, but the squeaky-clean Debian distribution whose software guidelines were the basis of the "Open Source" brand in the first place.

(This might be a good one for Revealing Errors.)

Debian's "Iceweasel" build of Firefox 3.0 is out. Working fine for me so far with one exception.

"There was an error launching the default action command associated with this location."

If you install Iceweasel 3.0 and get this error trying to open a URL from gnome-terminal or some other GNOME app, it looks like the answer is that Iceweasel 3.0 doesn't have a program called /usr/lib/iceweasel/firefox.

For an answer, look to the explanation at defindit.com. Both Debian and GNOME havetheir own ideas of how and where to set the user's preferred web browser, and you need to go in and set the GNOME preference in the XML files under

.gconf/desktop/gnome/url-handlers/http

and

.gconf/desktop/gnome/url-handlers/http

I'm just setting it to "iceweasel" without the pathname.

Yes, it would be nice if Debian could ship Firefox-brand Firefox, but it can't happen. The Microsoft Windows software world is too full of sneaky people on both sides of the law who would release spyware-infected Firefox builds, or "Firefox" installers full of marketing crapware. So the Mozilla Corporation needs the power of trademark law to, at least, kick spyware mongers' ads out of Google and get their sites taken down. We're going to see more of this kind of stuff when the same project finds itself releasing code both for downstream Linux distributions and for the sometimes-shady world of Windows "Freeware."

Good comments on my previous post on news copyrights.

Jonathan Peterson writes, "even if I DO license the 5 words, I can be sued if I use those 5 words to criticize AP reporting."

I'm not an AP licensee. Why? One example: the company's reporting on energy is pretty much useless. The usual, "Republicans say, Democrats say" stenography, without the relevant facts. Look at this:

"With gasoline topping $4 a gallon, President Bush urged Congress on Wednesday to lift its long-standing ban on offshore oil and gas drilling, saying the United States needs to increase its energy production. Democrats quickly rejected the idea.

'There is no excuse for delay,' the president said in a statement in the Rose Garden. With the presidential election just months away, Bush made a pointed attack on Democrats, accusing them of obstructing his energy proposals and blaming them for high gasoline costs. His proposal echoed a call by Republican presidential candidate John McCain to open the Continental Shelf for exploration."

AP customers pay good money for this? The AP, I'm sure, gets the quotes right, word for word, but—except for which side in some Washington, DC argument said what—you don't know anything after reading the story that you didn't know before you read it.

How much oil do geologists think is under the continental shelf, and how much does the USA use in a year? Look to Wikipedia, and you get a useful fact: the country has three years' worth of proven oil reserves in the ground.

Look to the "Raising Kaine" blog and you get more useful information: there's another estimated 1.5 billion barrels under the ocean off Delaware, Maryland, Virginia, and North Carolina. Here's a useful Mainstream Media story from David Lightman at McClatchy Newspapers: "Annual American oil production is about 1.8 billion barrels, and the Interior Department estimates that as much as 19 billion barrels remain untapped in coastal areas currently off limits to drillers."

Try to run all the cars in the USA on domestic oil, even if you add in the coasts, and someone who signs a car loan today could still be making payments when the oil runs out. But the AP just gives us dueling soundbites without the information to put them in context. Sure, no Professional News Organization is going to work from Wikipedia, but they could have made their own behind-the-firewall wiki with this kind of basic stuff by now. AP's actual energy reporting stinks of corporate sloth, which is a failure smell worse than any copyright shenanigans.

The AP has no business using copyright law to defend its failure to fill in the backup information on the subject the politicians are talking about. But still—just cutting and pasting is not blogging, and it's not necessarily fair use. Being for copyright balance and the right to quote other people's writing in the context of criticism or discussion doesn't necessarily mean that mindless copying is fine.

Is this spam blog fair use? No. Would it be fair use if it just copied the headline and one sentence? No. A corporation can spew dumb bluster about copyright and still be right on a copyright issue.

(update: part 2)

Look what the Perl script dragged in: "The Associated Press wants to charge you $12.50 to quote five words from them."

Five words? That's silly. Must be fair use, right?

Not necessarily. People quote five words from me all the time, and it's not fair use. And the same infringers also hurt the AP. The problem is the "word salad" text that email and blog spammers use in their never-ending quest to mess with the search engines and spam filters.

Let's look at the four factors of fair use as they apply to copying a small chunk of text to get by a spam filter.

Transformative? No. The spamware is just grabbing the words as is, not transforming them.

Nature of the copyrighted work? OK, the work of the Linux media is exactly the kind of thing that people should be able to make fair use of, a lot. That's one.

Amount and substantiality of the portion taken? Sure, if you quote the same amount from me in an original piece, this applies, but if your whole post is copied from various people, no dice.

Effect on the potential market? This is the web. People use search engines to find stuff. When you copy my keywords, or use AP copy, you interfere with people finding me or an AP client.

No original writer or webmaster should have to carry on an SEO fight against blog spammers.

So, go, AP, go. Show the spammers no mercy.

Paul McNamara is worried about ad blocking, but a much bigger threat to ad-supported media is the "advertisers" who steal resources instead of funding something that people want. Advertising that pays for a newspaper, web site, or conference: good. Advertising that makes the audience pay to deal with it: bad.

Email spammers? The inconsiderate road spammers who jam city traffic with truck-mounted billboards? "Bloggers" who grab other people's words to play search engine games? They're the ones who are messing with Paul's kids, and they're the ones who deserve the countermeasures, whether that's pulling down "street spam" or smacking spam bloggers with a DMCA letter.

I talked with Tom Henderson about his server power test, which showed Linux with sendmail and procmail drawing less power than Microsoft Windows and Exchange.

Naturally, when one OS beats another on a benchmark, there'a a "yes, but...."

The biggest one about this test was, "Yes, but was the Linux box accepting mail at the same rate?" Answer: yes. In fact, the Linux setup was actually able to accept mail a little faster.

And yes, the Linux machine wasn't running a full-blown calendar/groupware setup as you get with the Microsoft product.

But a typical medium-sized mail configuration has one or more incoming SMTP servers, which take the punishment of all the viruses, spam, and other naughty stuff, and then pass it on to an internal server that handles IMAP requests from the users. It's good to know that you can save some power by making that server a Linux box—even if you choose to keep your legacy server for IMAP and collaboration.

A bigger "yes, but..." is on the disk side, though. The Windows box was set up to commit incoming mail to disk, and the Linux box wasn't. (The mail spool wasn't mounted with the "sync" option.) So, the Linux box used less juice accepting mail to RAM than the Windows box used accepting it to disk.

So, there's a chunk of bad news to balance out Matthew Garrett's good news: the current kernel.org version of Linux has untapped power-saving potential that hasn't yet made it into the "enterprise" distributions.

There's one more potential power-saving technology on Uwe Hermann's blog. A laptop with VIA Padlock uses 8% of CPU doing hardware crypto, and 20% doing it in software. It would be interesting to see if that translates to power savings.

When you're driving down the highway and you see a spotless white tanker truck with a big green tree painted on the side, you can be pretty sure that it's full of hazardous waste.

Likewise, companies with "innovation" in their names are generally innovation-hostile patent trolls. The problem isn't just that they file for obvious patents, or patents on things that someone else already invented, but that they drag the enormous transaction costs of the patent system into the flexible world of software, where transaction costs are low.

Red Hat, which comes out against software patents, just announced that it's "putting a patent issue to rest." They've struck a deal with a patent troll to leave them alone that also covers the related open source project and other companies that ship it.

Richard Fontana, Open Source Licensing and Patent Counsel for Red Hat, told me, "The real takeaway is that this agreement is really historically unprecendented in the extent to which it covers not just us, the company that was sued, but also an entire ecosystem."

Red Hat is settling, on undisclosed financial terms, a lawsuit over Hibernate from two trolls, DataTern and Amphion Innovations PLC. Hibernate, part of the JBoss system, is a useful building block for Java developers, and if you're running Java-based business software you're probably using it. (Useful intro at JavaWorld.)

Matt Asay called RHT's action "a truly open-source friendly way to tackle patent lawsuits." The settlement also applies to the upstream software projects that go into Red Hat projects, and to any derivative works based on upstream or on Red Hat's products—current or future. Yes, if you download a copy of Hibernate and go into business competing with Red Hat, you're covered. Yes, if someone builds something better than Hibernate and Red Hat starts using it, that new software is covered.

PJ at Groklaw says the settlement "makes history". FSMLabs first released a GPL-compatible patent license in 2001, to allow its realtime Linux patent to be used not just in one vendor's Linux, but in all Linux and derived works. More companies have followed. And another troll, Blackboard, has backed off and agreed not to enforce a patent against open source.

But it is the first time that all the pieces have come together: a lawsuit against an open source vendor followed by a settlement in which the troll grants a broad open source patent license.

Patent troll 2.0?

Red Hat made the right move here considering the situation, but what we're really seeing here is a skillful example of patent gamesmanship by the troll. Open source companies can't pay off a troll with per-user royalties, since they can't lock down the software per user. A Novell-style "non-license license" only works if the patent holder refuses to disclose which patents it applies to. As soon as contributors to the project are put on notice that they actually infringe a known patent, they have to remove that functionality from the software—as Linux kernel hackers inside and outside Novell are committed to doing for the kernel.

Faced with the DataTern/Amphion suit, Red Hat's only options were to make a one-time payment to the troll, to pull the software and release a non-infringing version if possible, to get a court to rule that no claim of the patent actually reads on the software, or to get the patent thrown out. None of those options turn into long-term or per-user revenue for the troll, and it's clear that Red Hat can't afford to pay much to license a patent for non-customers. Even if Red Hat did pay the troll, it's not the kind of payday that a troll could expect from a proprietary software company that can agree on a per-user settlement and pass the costs on to users as they license the software.

Symantec agreed to pay off Trend Micro to license the same patent that Barracuda is fighting, not because Barracuda CEO Dean Drako is a better poker player, but because Barracuda can realistically say that the option of licensing is off the table.

KSR v. Teleflex

Last year, the US Supreme Court unanimously ruled in favor of a patent infringement defendant in KSR v. Teleflex, helping to bring the legal definition of an "obvious" invention much closer to the obvious definition of "obvious." With one ruling, the Court likely brought the value of many software patent portfolios down to whatever the holders can get at the paper recycling center.

Did the KSR v. Teleflex case motivate the troll to settle? Possibly, Fontana says. Red Hat's defense in the original case was based on "anticipation and obviousness based on the existence of prior art," he adds.

KSR "has changed the climate surrounding patent litigation in a way that is beneficial to Red Hat and other defendants," he says. "So many software patents are, I believe, vunerable on obviousness grounds."

What does this mean for companies using open source?

No matter whose software you use, some of your suppliers are going to get hit with patent lawsuits. Most software patents don't hold up in court against a determined defense, but one does occasionally get through, as web developers found when Microsoft had to change its Internet Explorer browser to get around a troll patent. Patents are going to cost you no matter whose software you use.

Trolls need to collect money to survive, and open source vendors can't give it to them. The good news from this settlement, and Blackboard's, is that trolls are realizing that hitting an open source company is like robbing a store where the safe is on a time lock. They can do damage and hurt people, but the money isn't available to them.

If you depend on software that you download outside of a vendor indemnification agreement—if, for example, you get it straight from a developer site and build it yourself—you do have one more set of paperwork to keep up with.

There's no publicly available document on the Red Hat settlement yet, but if you run Hibernate and you're not a Red Hat customer, you're going to need to find one for your files. (I'll put up a link when I know of one, but it might make more sense to keep all the open source patent permissions in one place. Linux Foundation?) Your "license" to the software you run isn't always just the license file bundled with it, but might include other documents.

By now, even the Mainstream Media is safely aware of the need to get rid of software patents. When a Cato Institute scholar is writing an anti-software-patent op-ed for the New York Times, you can't get much more Mainstream than that.

Tom Henderson and Rand Dvorak have put up a Microsoft vs. Linux server power test.

The headline result is that Red Hat Enterprise Linux and SUSE Linux Enterprise server both beat Microsoft Windows Server 2008 on power consumption.

That's a good start, but there's good news and bad news here.

The good news is that these numbers are pre-tickless, pre-PowerTOP, so there's more efficiency to pick up. Tom and Rand write, "A tickless version of the Linux kernel now reportedly exists that interrupts the CPU less frequently, but was not part of the Linux distribution kernels we tested—although that addition is planned in future editions of Red Hat and SUSE."

Tickless does exist, and it does work. But most of the tickless machines out there are developers' and testers' laptops—the tickless kernel came in with 2.6.21, and both of the "enterprise" distributions commonly used on servers are running earlier releases. The latest RHEL uses a patched 2.6.18, and SLES uses a patched 2.6.16. Those so-called "vendor kernels" have the latest security fixes and some relatively minor changes to make things work for customers, but vendors don't backport a major feature like tickless to an old kernel.

If you're running real-world Linux servers, tickless will give you part of the puzzle, the infrastructure to put a server into economical sleep states. But the rest of the software on the machine needs to cooperate. One more piece of good news is that—again, after the release of the kernel versions on which the current vendor kernels are based—Arjan van de Ven at Intel released PowerTOP, a tool to point the finger at power-hog applications. With PowerTOP numbers out there, more developers are paying attention to power suckage.

So, thanks to tickless and PowerTOP, most of us are going to see some power savings from the next release of the enterprise distributions. (Ubuntu has tickless already, but I'm not counting Ubuntu as an enterprise distribution, since they're not yet much of a presence in the kernel stats. When a distribution gets used in production, customers find bugs—even if they're just hardware conflicts or performance snags. Then the company that supports those customers makes fixes, and the fixes show up upstream. When we see a flow of enterprisey-looking kernel changesets from Ubuntu's kernel team, that'll mean it's becoming production Linux for somebody.)

The current generation of x86 servers shows that manufacturers are paying attention to power when parts shopping, too. Dell bought the back cover of The Economist for several months this spring to brag on the power savings from its small server line. All this "green" server marketing seems to be one of the main reasons why proprietary device drivers are going the way of music DRM. You can't get the efficiency of a native driver from a vendor's plug-and-pray module, and Dell, HP, and IBM know it.

Greg K-H has pointed out the size of some vendor "drivers" compares to the size of the entire kernel. Of course, we don't know what's in those "drivers" because it would be a EULA violation to try to find out, but whether the vendor wants to do one driver that works with historic and current kernel versions, or whether they cut and paste a substantial chunk of the Microsoft Windows driver into the Linux one, that strategy doesn't fly for power savings.

Now for the bad news.

Tom and Rand put sendmail and procmail on the Linux box, and Microsoft Exchange on the Windows box. That might be a fair comparison if you're just using the Exchange server for basic email, but if you want collaboration features or web mail, the Linux box would end up running more, possibly power-hogging, software too. And, as a commenter at LWN points out, the measurements are watts, not joules/transaction. So we don't know for sure if the two servers are accepting mail at the same rate. I'll ask Tom about this on a podcast tomorrow.

There's also the problem of virtualization. If you put VMWare or Xen on the Linux box, all of a sudden the lowest-level software is the hypervisor, not the kernel, and where are your kernel's power-saving features then?

Ulrich Drepper, who as lead maintainer of the C library is up to his elbows in the low-level guts of the system, points out that going the hypervisor route "you end up with a full OS." And why write an OS kernel when you already have one?

Kernel developer Andrea Arcangeli points out, in effect, that the best hypervisor is one that you don't have to write. With KVM, Linux is the "hypervisor" and you get the power savings benefits of the vanilla kernel in the virtualized one. Red Hat is considering KVM for RHEL6.

But many production Linux systems will be on Xen or VMWare for a long time, which means that even if you install a power-sipping new kernel release on top of the hypervisor, your hypervisor might take your power savings back anyway.

We can look forward to a lot more power benchmarks from the IT Media and various labs. But what we really need is another Mindcraft benchmark that gives Microsoft a massive, Linux-crushing, walrus-saving win over Linux. As LWN pointed out after the original Mindcraft report, "Two months after the benchmark, the TCP stack was fully SMP threaded; five months after that the entire networking subsystem was fully parallelized. The end result: last months Specweb results which blow away everything else. Things like Mindcraft work perversely with Linux - once problems are pointed out, people just jump in and fix them."

What all this means for server admins

If you're using Linux on production servers today, the fact that Linux and related software are all being tweaked to cut your power bill is nice, but not yet something you can take advantage of. But you can check the software you run, and make it more likely that the next generation of Linux will help you.

Power savings is one area where the bleeding-edge Fedora and OpenSUSE will give you a decent preview of what's to come in the next releases of the enterprise distributions.

What you can do at this point is try building and testing your production apps on the latest bleeding-edge release from whoever does your enterprise Linux. You might find a power-sucking bug and save a walrus. Tickless will not help you if your software busy-waits or wakes up too much, but it will magnify the effects of any code cleanups you do.

If you have third-party code that makes PowerTOP cry, now is the time to file a bug. Get the maintainer to clean it up before the next enterprise Linux release, and you'll have a cooler-running server closet or data center.

But, as discussed on Matthew Garrett's blog, the server admin or the admin's department is probably not accountable for the server's power suckage. So can you justify taking the time to fix something that you aren't being graded on?

What to listen to?

What can you listen to when LinuxWorld Podcast is on paternity leave?

Luis Villa got some good answers in a blog thread. Quite a few NPR and BBC shows, plus some independent Linux and IT ones.

Seth Godin points out the "new standard for meetings and conferences." If you're going to go to all the inconvenience and expense of actually traveling to something, it had better be good. So I'm happy to point out that we're raising the standard of heckling, I mean discussion, at LinuxWorld Conference and Expo this year. All of the volunteers for the dot-org booths can now get into any technical sessions. So, when you're hearing a talk from a speaker who works on Project X, you might also get a question from a contributor to Project Y, that connects to it.

negropante is just thinking about money