When you book an airline ticket, you use FOSS

This article on ReadWriteWeb really caught my eye today.

From my previous life in data and telecoms I know a little of the scale of the Sabre network. It’s BIG. By the sounds of things most of it runs on Open Source software too. They have announced a partnership with a commercial Open Source vendor Progress to use a number of their FUSE Open Source products.

By default, Sabre only chooses off-the-shelf software as its last option if when no open-source solution is available. If there is neither an open-source nor an off-the-shelf solution, Sabre’s own technology team will provide an in-house solution.

Sabre, as Progress’s Debbie Moynihan proudly pointed out to us, can’t afford any downtime – and FUSE’s Supplier-Side Gateway, which currently handles about 1.5 million transaction a day, has now run on Sabre’s system for 14 months without any error.

Besides FUSE’s offerings, which are based on Apache products, Sabre also extensively uses Apache’s web server, MySQL, Hibernate, Terracotta and a number of other open source products. Also, two-thirds of Sabre’s 5000 servers currently run Linux and the company expects to expand this number over time.

Nice figures. Good story.

It’s when I hear about these really massive and important networks that can’t really go down using FOSS because it works and works well that I really wonder why uptake across the whole enterprise space is so shockingly small in comparison. And then I remember why I think it is so.

The Huge Marketing Budgets of one or two proprietary vendors. But, you know what. I think the times they are a changing….

March 3rd, 2009 | Alan Lord | Tags: , , , , , , , .
Categories: FLOSS in the news | Comments: No Comments

Free Linux Virus Writing Course.

Over on the ubuntuweblogs, Gerry Ilagan pointed the readership to this excellent article by Foobar on how to write a Linux virus.

I will show how it is possible in a few easy steps to write a perfectly valid email borne virus for modern desktop Linux. I will do so not because I want to put down Linux. Quite the opposite: I like and support Linux, which is all I’m running at home and at work. I’m a big supporter of free and open software as readers of this blog will know. But if there are any security risks, even in my favourite OS or distribution then they will need to be discussed. Even more important: A false sense of security is worse than a lack of security. And unsubstantiated claims of superiority don’t help in a reasonable discussion either.

OK it isn’t quite a Linux virus, more like a Gnome/KDE virus but the point is clearly made. There is a pretty big hole in the current Desktop implementations, i.e. KDE and Gnome, whereby a file with the .desktop suffix is essentially executable even though it does not have to have the execute bit set.

It is well worth reading and understanding so you can protect yourself from being stupid.

And hopefully someone upstream will take notice too…

February 11th, 2009 | Alan Lord | Tags: , , , .
Categories: FLOSS in the news | Comments: 3 Comments

The Economics of Free: For Free

Remember the short piece I posted about the Radio 4 programme “In Business” a couple of weeks ago? Well, very kindly, the programme’s editor has provided me with a transcript of programme to

please use as you wish, but it has not been checked for accuracy. Good luck.

I have just read and listened again and didn’t find anything glaring although I did fix one rather amusing typo: “Linux Colonel” to “Linux Kernel”. It was sent to me as a Microsoft .doc file. I opened it in OpenOffice.org and exported it as a PDF so it should be readable by virtually everyone.

This programme does provide some excellent answers to the types of questions we repeatedly get asked in our day-to-day business:

  • “How do they/you make money from Open Source”
  • “Why should you/they give it away?”

So for those of you who get asked these sorts of questions and would like some non-technobable answers from a rather reputable source to use, the transcript can be downloaded in it’s entirety, for free, from our website here. On that page, there is also a link to the BBC’s permanent archive so the podcast can be retrieved too. As an interesting titbit, in his email with me, the editor said that about 600k people download the programme every month!

And just to whet your appetite, here is quite a nice quote from Chris Anderson – the editor of Wired

… Microsoft’s financial success is about taking a product whose underlying economics are zero, the marginal costs of reproducing software is zero, and charging $300 for it. You know incredible net profit margins. Unfortunately, economics always wins. People recognised that the underlying economics of distributing software were zero and so they were like okay, so Microsoft is getting monopoly profits because they are in fact a monopoly. What we need to do is break the monopoly. Not, as it turns out, by regulation and regulator, but instead the marketplace broke the monopoly.

If you are involved in any way with the promotion of FOSS and/or CC then this really is well worth listening too and or reading,

And although the editor didn’t provide any specific license conditions with the document, I plan to repsect the BBC’s copyright, and provide suitable attribution when and where we use snippets etc; something like this http://creativecommons.org/licenses/by-sa/2.0/uk/ perhaps.

January 22nd, 2009 | Alan Lord | Tags: , , , , , , , .
Categories: FLOSS in the news, The Open Learning Centre | Comments: 4 Comments

Yet Another Microsoft Worm [Conficker] Runs Amok

According to the BBC today,

Infections of a worm that spreads through low security networks, memory sticks, and PCs without the latest security updates is “skyrocketing”.

The malicious program, known as Conficker, Downadup, or Kido was first discovered in October 2008.

Anti-virus firm F-Secure estimates there are now 8.9m machines infected.

This is yet another major outbreak. At least the coverage of this one is pretty clear that it is just Windows PCs that are affected, but jeez, how come people are still putting up with this crap:

“Microsoft did a good job of updating people’s home computers, but the virus continues to infect business who have ignored the patch update.

“A shortage of IT staff during the holiday break didn’t help and rolling out a patch over a large number of computers isn’t easy.

“What’s more, if your users are using weak passwords – 12345, QWERTY, etc – then the virus can crack them in short order,” he added.

“But as the virus can be spread with USB memory sticks, even having the Windows patch won’t keep you safe. You need anti-virus software for that.”

Sorry. What? Microsoft did a good job patching another hole. People just don’t get it do they? It’s a bit like trying to plug the holes in a sieve using a knitting needle. You might block one, but hey, there are hundreds more holes just next door.

I love the bit about having the Windows patch is not enough. So that only protects you from network born infections? And not from other sources? Or so it would seem. Be afraid. Be very afraid…

According to Microsoft, the worm works by searching for a Windows executable file called “services.exe” and then becomes part of that code.

It then copies itself into the Windows system folder as a random file of a type known as a “dll”. It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service.

I know that for most of the readers of this blog this is teaching your granny to suck eggs but please:

just try doing something like this on a proper operating system.

But of course the malware-that-masquerades-as-an-operating-systemTM isn’t so robust.

If you find it hard to convince the great unwashed why it is that “proper operating systems” don’t really get viruses, this article is quite a good, and not too technical, explanation of the main reasons.

For a Linux binary virus to infect executables, those executables must be writeable by the user activating the virus. That is not likely to be the case. Chances are, the programs are owned by root and the user is running from a non-privileged account. Further, the less experienced the user, the lower the likelihood that he actually owns any executable programs. Therefore, the users who are the least savvy about such hazards are also the ones with the least fertile home directories for viruses…

… A computer virus, like a biological virus, must have a reproduction rate that exceeds its death (eradication) rate in order to spread. Each of the above obstacles significantly reduces the reproduction rate of the Linux virus. If the reproduction rate falls below the threshold necessary to replace the existing population, the virus is doomed from the beginning — even before news reports start to raise the awareness level of potential victims.

The reason that we have not seen a real Linux virus epidemic in the wild is simply that none of the existing Linux viruses can thrive in the hostile environment that Linux provides. The Linux viruses that exist today are nothing more than technical curiosities; the reality is that there is no viable Linux virus.

Now please go and upgrade someone you love from Windows to a proper operating system.

January 19th, 2009 | Alan Lord | Tags: , , , , , .
Categories: FLOSS in the news, Runes and tales | Comments: 14 Comments

Migrating from Windows

The last Windows computer in our house is very shortly going to be history 🙂

I have been threatening my wife’s PC for quite some time now, but there has been no real motivation to move until today… Our bank called and told her a credit card has been fraudulently used in the last few days. Fortunately they appear to have correctly and swiftly identified the misuse and are dealing with the problem.

However, this experience has obviously caused my beloved (Helen) to start wondering how her details were captured in the first place. She is pretty scrupulous with the shredder, and this particular card is almost only ever used for on-line transactions; so her PC was a possible, if not likely, route for the thieves. The ClamWin AV scan threw up a few nasty sounding files, including some IE.IFrame trojan thing, although they had all been quarantined already.  But the fact that Windows is so vulnerable to attack and subsequent compromise when compared to Linux, this saga has just tipped the scales. We now have a good reason to start the final migration of the Lord household.

This evening, I have installed Thunderbird on Helen’s Windows PC and imported everything from her Outlook email client. The import was basically flawless and after changing a few settings she’s now up and running with TB. (Interestingly, her first few comments were very positive: “This looks nice”, “It’s much faster”, “I like the address book layout” and so forth.) I added Lightning and connected her up to our caldav Calendar Server (Cosmo) which is an added bonus for Helen. We all use this for work, family and personal scheduling and Helen had been limited to using web access (simply because Outlook doesn’t support the Caldav standard) which is not the optimum interface to this calendar.

Helen was already using Firefox most of the time but now I’ve asked her to stop using IE altogether.

Helen also has OpenOfice.org (OOo) installed already but has not been using it much as the Windows defaults are [were] set for MSO 2003. This will probably be the area where there will be some new learning as she stops using MSO and starts using OOo but it isn’t that painful to be frank.

I think within a month, I will install Ubuntu 8.10 as a dual boot for a short period just in case she finds there are things that don’t work and then we’ll turn off the malware-that-pretends-to-be-an-OS Windows within a few weeks from then.

She does use iTunes for her work and pleasure so I am thinking we’ll need to have a VM (VirtualBox) running her copy of XP to support that, unless someone would like to offer advice on alternatives. She runs music therapy classes and her material is ripped onto her iPod using Apple’s lossless codec IIRC that iTunes seems to default to. Never having used it myself, nor do I own an iPod I am not the best source of advice on this one so if anyone can help here I’d be grateful.

I can’t think there is much else that will bite us though; she doesn’t have any other proprietary apps I can see that are going to prove troublesome to replace.

One thing that is really important in this story is this ability to run the main applications: Firefox, Thunderbird and OpenOffice.org, on both Windows and Linux platforms. It will make the transition, for a non-technical user, much less painful than having to switch wholesale over to new apps and a new OS all at the same time. Thanks Mozilla and OOo.

As we go through this migration I’ll write a little more (I might even ask Helen to document her experiences and thoughts). Hopefully it will help others doing, or wanting to do, the same thing.

January 4th, 2009 | Alan Lord | Tags: , , , , , , , , , , , , .
Categories: Runes and tales | Comments: 10 Comments

Another tale of Open Sourcery

Martyn, from Severn Delta Ltd, emailed me saying he had an Open Source story to tell. I’ve had this in my inbox for a while now, but have finally got round to publishing it.

Alan,

I own 50% of a manufacturing company in Bridgwater. When we bought the company out of receivership in ’03 we had no systems at all. Our former parent company was running a character based ERP system called MAX on Unix and a Windows file serving network.

So day 1 (ish!) we set up two RH servers and installed samba, sendmail, apache etc on one for file print intranet and email and the Linux port of MAX on the other.

See this post for some other detail.

http://blogs.severndelta.co.uk/?p=5

We have not been able to find a “right-sized” ERP solution for our needs to replace the ageing character based system (which had been “sunsetted” by infor in ’05). We also needed some form of CRM package to mange the growth of the company once we had moved into our new building in ’05.

So…. we decided to develop our own system in combination with an open source CRM package from a company called Senokian Solutions (http://www.senokian.com) called EGS.

EGS is PHP/Ajax based and runs against PostgreSQL. It also has its own development framework based on MVC that allows you to add modules. EGS 2.0 core has CRM, Project Management, Ticketing modules and a framework that allows for integrated e-commerce apps and site content management. It is free and open source.

The tools on which the system is built are:
Linux (Ubuntu)
Apache
PostgreSQL
PHP 5
Ajax
Smarty Template Engine
EZ pdf
XML/SWF Charts

In November 2006 I took on a developer, Dave Easeman, to help code the accounts/ERP system as I specified it – we are now 99% of the way through – although I guess we will never finish the project! We are about to go live (Jan 1st) and then the aim is to polish everything up in Quarter 1/2 2009.

See here for a link on our blog
http://blogs.severndelta.co.uk/?p=58

Maybe what I’ll do is update you as we progress to “go live” on Jan 1.

Regards

Martyn Shiner
Financial Director
Severn Delta Limited

Thanks for the story Martyn, it’s very encouraging how companies such as yours (i.e. not some global enterprise with billions of dollars in the bank) are able to deploy, manage, run and develop their own IT systems using FOSS. This is a great example of just how flexible and accessible FOSS really is.

I love this quote (from the first blog link):

I will never buy a Windows based PC ever again.

Are you listening Bill?

That was written in August last year. I’m interested if you have managed to stick to that goal Martyn?

Good luck with your deployment. I genuinely hope it goes well, and please do keep us updated on your progress. You seem to have a similar tenacity to Adrian Steele at Mercian Labels who has also been blogging about their own migration to FOSS. And they also developed a core application from scratch too – for them it was a CRM/MIS app.

December 1st, 2008 | Alan Lord | Tags: , , , , , , .
Categories: Runes and tales | Comments: 2 Comments

« Previous PageNext Page »