eldavojohn writes "In a brief article on CNet, a company named Coverity announced that Firefox is using software to detect flaws in Firefox's source code. Even more interesting is the DHS initiative for Coverity to use this same bug detection software on 40 open source projects." An interesting tidbit from the article: "Most of the 40 programs tested averaged less than one defect per thousand lines of code. The cleanest program was XMMS, a Unix-based multimedia application. It had only six bugs in its 116,899 lines of code, or .51 bugs per thousands lines of code. The buggiest program is the Advanced Maryland Automatic Network Disk Archiver, or AMANDA, a Linux backup application first developed at the University of Maryland. Coverity found 108 bugs in its 88,950 lines of code, or about 1.214 bugs per thousand lines of code." We've covered this before, only now Firefox is actually licensing the Coverity software and using it directly.

Marcus Maciel writes to tell that Linux.com's Joe Barr recently took a look at OSSEC-HIDS, an open source host intrusion detection system. From the article: "According the OOSEC-HIDS Web site, it's more than a host intrusion detection system (IDS). It's also a security event manager and a security information manager, which makes it the security equivalent of a hat trick in hockey, a triple-play in baseball, or a rare triple-double in basketball. OSSEC-HIDS runs on both Windows and Linux/Unix. You can download the latest version along with the project's PGP public key, so you can verify the download." Linux.com and Slashdot are both owned by OSTG.

The new wiki start-up founded by former Microsoft employees, MindTouch, has just announced two new open source offerings to help bolster their user base. MindTouch Dream, a development framework and Deki, a wiki-based document sharing program that was built using Dream, will both be debuted at this year's OSCON, currently underway. From the article: "Applications written with MindTouch Dream can be done in PHP or .Net languages such as C# or Visual Basic. Programs can run on Microsoft Windows machines or Novell's Mono software for running .Net applications on Linux or Unix."

Yesterday's post on the upcoming Windows Vista's image-based installer drew more than 450 comments. Some readers praised the change as sensible, even overdue, and others drew distinctions between various ways "image-based" software installations are implemented in real life, both in the Windows and Unix worlds, and supplied objections to the switch. Read on for some of the most interesting comments in the Backslash summary of the discussion.

Ravi writes "Any one who has had the opportunity to manipulate images would be aware of Adobe's Photoshop - considered to be the market leader in image manipulation software. But with its high price tag, buying Photoshop is akin to putting strain on your bank balance. What is interesting is that there is a very popular free alternative to Photoshop in GIMP. For those in the dark, GIMP is a state of the art image manipulation software which runs on multiple architectures and OSes and which is released under the GNU free License (GPL). I have been using GIMP exclusively for touching up images for many years now and it has met all my graphics manipulation needs." Read the rest of Ravi's review

Wednesday's press-release-borne message from security firm Sophos that the best way for Windows users to compute untroubled (or less troubled) by malware is to switch to Mac OS X drew more than 500 comments; read on for the Backslash summary of the conversation.

Lord_Slepnir writes "Security firm Sophos Security has released a report claiming that Macs will be more secure than Windows for some time to come. The report listed the 10 most common kinds of malware, and noted that they can only infect Windows systems."

Michael J. Ross writes "Of all the popular programming languages now in use, Perl is perhaps the best suited for writing utilities — for several reasons, such as its text-processing capabilities, ease of addressing system resources, and minimal language overhead for input, output, list processing. It was designed to blend the rapid solution development of shell scripting with the powerful control constructs of third-generation languages. Consequently, Perl quickly became a favorite language for developing programs ranging from system administration utilities to CGI scripts that power Web sites. In fact, Perl has been called the glue that holds the Internet together. The tremendous flexibility and power of Perl is seen in Steve Oualline's book Wicked Cool Perl Scripts: Useful Perl Scripts That Solve Difficult Problems." Read the rest of Michael's review

KO writes "On Wednesday the 24th of May at Loop Bar in Melbourne (Australia) fourteen teams of programmers gathered for the first ESCI LiveCoda real-time programming competition. Possibly the first performance based real-time programming competition. Before a packed night club with live music provided by Simulus and the Vs Chorus Crew, each team had just ten minutes to write a program which could correct a corrupted image.""

NoGuffCheck writes "CRN is reporting that Darl McBride is looking to get Unix developers back onboard with cash incentives for completing training in SCO's new mobile application kit; EdgeBuilder. It doesn't stop there; there's a 12-cylinder BMW or $100,000 dollars for the development of the best wireless application."

An anonymous reader writes "SCO has announced their plans to release a new version of Caldera Linux by the end of the year. From the announcement: 'To provide extensive reliability and performance features, the Linux Kernel 2.5 codebase has been merged with recently developed additions to SCO's world leading UNIX core operating system. Already contained code owned by SCO is still included benefiting the stability and overall experience opposed to recent Linux kernel releases.' The question is, is anyone listening?"

jwitko asks: "I work for an international telecommunications company. They're pretty enormous when it comes to size/budget so their willingness to send employees to get training and to better themselves is pretty strong. I am simply a student who got lucky to become a part-time contractor with this company and I've loved every minute of it. My job primarily relies on working on Unix platforms and installing/configuring our product on laptops for sales people to go out and sell to telecommunications company's (ex: T-Mobile, Verizon, and so forth). However, before I came to this company I had barely ever even touched a Unix-based OS. This summer, I would like to travel to as many different seminars, lectures, and classes to really get experience with *nix based operating systems and learn a lot more about how to use them. Where are some good places to find ongoing seminars, lectures, etc. in Unix and Linux that you think would really help a somewhat-new guy learn a lot and become more experienced?"

cyclomedia writes "While more and more platforms are getting (or aiming for) Firefox ports, the trunk itself seems to be going the other way. In an effort to clean up the API calls used and reduce the codesize a patch was posted at Bugzilla removing support from pre-W2k versions of Windows. There's a fiery discussion going on over at the Mozillazine forums about this after a counter bug was filed. The official position appears to be that Firefox 3.0 will maintain this un-compatibility, but developers are, obviously, free to work on a separate Win 98 compatible 'port.'"

RobbeR49 writes "Windows Server 2003 was recently compared against Linux and Unix variants in a survey by the Yankee Group, with Windows having a higher annual uptime than Linux. Unix was the big winner, however, beating both Windows and Linux in annual uptime. From the article: 'Red Hat Enterprise Linux, and Linux distributions from "niche" open source vendors, are offline more and longer than either Windows or Unix competitors, the survey said. The reason: the scarcity of Linux and open source documentation.' Yankee Group is claiming no bias in the survey as they were not sponsored by any particular OS vendor."

Andy Updegrove writes "Before there was Linux, before there was open source, there was of course (and still is) an operating system called Unix that was robust, stable and widely admired. It was also available under license to anyone that wanted to use it, and partly for that reason many variants grew up and lost interoperability - and the Unix wars began. Those wars helped Microsoft displace Unix with Windows NT, which steadily gained market share until Linux, a Unix clone, in turn began to supplant NT. Unfortunately, one of the very things that makes Linux powerful also makes it vulnerable to the same type of fragmentation that helped to doom Unix - the open source licenses under which Linux distributions are created and made available. Happily, there is a remedy to avoid the end that befell Unix, and that remedy is open standards - specifically, the Linux Standards Base (LSB). The LSB is now an ISO/IEC standard, and was created by the Free Standards Group. In a recent interview, the FSG's Executive Director, Jim Zemlin, and CTO, Ian Murdock, creator of Debian GNU/Linux, tell how the FSG works collaboratively with the open source community to support the continued progress of Linux and other key open source software, and ensure that end users do not suffer the same type of lock in that traps licensees of proprietary software products."

AriaStar asks: "It's overwhelming to start trying to learn all the different technologies needed to go into programming. It seems that every type of technology assumes knowledge of a different one, which in turn requires knowledge of another, until it's gone full circle. I am interested in everything from Unix to AJAX to Perl. Things like HTML, Javascript, and SQL are like English, but then again, they're basic. Where is the best place to start? What is a good path for someone who learns quickly and easily, but who is simply too overwhelmed, to take?"

nitsudima writes to mention a post on the Informit site about the common misunderstandings surrounding SSH, and how well-intentioned admins may be creating holes in their own security by using it. From the article: "In UNIX, all things are files. To send network traffic, UNIX writes the traffic to the network device file. In this case, the connection to Box A (and that private key used for authentication) is a socket file. This file will shuttle the authentication traffic between Box A and Box P. So what's the risk? Maybe the hacker can't get a copy of the private key through the socket file, but something better (from his/her view) can be done. If the hacker has root on Box D, he or she can point a private copy of the agent forwarding software to that socket file and thereby point the authentication process to the administrator's credentials--the ones kept on the 'safe' intranet. What are the chances that the administrator has configured access to all the DMZ servers he controls?"

chrisd writes "Hi, everyone. Today I'm pleased to announce that we're making Picasa, our photo management application, available for Linux. This is a pre-beta labs release and since we're still learning on how to best make software for Linux, we're asking that you submit your bugs as you find them. Picasa for Linux uses Wine internally; this shows a bit in the interface, but it works even better than we had hoped. Download it and check it out! A list of supported distributions can be found in the FAQ. We hope our patches to Wine will help make it easier for everyone to run Windows apps on Linux and other Unix-like systems. Thanks to our pals at CodeWeavers who did much of the heavy lifting, and to Marcus Meissner, whose libgphoto support patch was a welcome surprise."

lessthan0 writes "Anyone proficient with Linux had to climb the steep learning curve. Part of getting over the top for me was reading a hundred different Linux and Unix related books. From that list, three books stand out as the most useful and influential. I can't promise easy sledding; it will take some work, but mastering this material will demystify Linux and make you appreciate it more."

jbeaupre writes "Groklaw has spawned a new feature that may prove useful well beyond the current SCO litigation. The UNIX Methods and Concepts Database began as a list of books and papers on Groklaw that became so large it demanded organization. The new system was announced and is currently a work in progress."