LinuxDevices looks at the Ben NanoNote, a small, open machine produced by Qi Hardware. "The Ben NanoNote offers OpenWRT Linux pre-installed, and the device can also boot over USB. (OpenWRT is a small footprint distribution commonly found on routers.) Other components in the distribution include the Uboot boot-loader, although one of the many project pages on Qi Hardware notes that the eventual plan is to move to the lightweight Qi boot-loader."

Nathan Willis covers Mozilla's contest to provide add-ons for the Firefox for Mobile browser. "Mozilla has launched a contest to spur on development of add-ons for its recently-released Firefox for Mobile browser. Between now and April 12, developers are encouraged to create extensions or other add-ons tailored for the mobile browser. The top ten submissions (as judged by Mozilla's Add-ons and Mobile teams) will each be awarded a package containing a Mozilla t-shirt, phone case, and a brand-new Nokia N900 phone -- which runs the Maemo mobile Linux operating system and was the very first device to support Firefox for Mobile."

Here is an extensive set of performance benchmark results from 14 Python web application servers, done by Nicholas Piël. "The top performers are clearly FAPWS3, uWSGI and Gevent. FAPWS3 has been designed to be fast and lives up the expectations, this has been noted by others as well as it looks like it is being used in production at Ebay. uWSGI is used successfully in production at (and in development by) the Italian ISP Unbit. Gevent is a relatively young project but already very successful. Not only did it perform great in the previous async server benchmark but its reliance on the Libevent HTTP gives it a performance beyond the other asynchronous frameworks."

Version 2.3.0 of the Amarok music player has been released. "Areas such as podcast support and saved playlists have seen huge improvements, as has the support for USB mass storage devices (including generic MP3 players). With large parts of Amarok 2 becoming quite mature, it was also time to start looking forward again. Therefore, this release also contains a number of new features of a slightly more experimental nature. These include a new main toolbar and a rewritten and much simpler file browser."

Jennifer Cloer talks with Matt Asay, COO of Canonical. "Asay: We have the chance to turn the technology world upside down. At Canonical we have Google or Apple-sized ambition, because we have community that dwarfs both of them put together. Our task is to work with the community to fulfill that opportunity. I believe we can. That's what I signed up to accomplish."

Linux For You has an interview with Fedora Project Leader Paul Frields. "Two months after the launch of Fedora 12, we spoke to Paul Frields, Fedora Project Leader at Red Hat, about how this release has been received by the community, and what is in store for the next. Though it started as a technical discussion on what Fedora 12 offers IT admins and developers, it graduated into a more serious conversation on the relationship between Fedora and Red Hat Enterprise Linux, and the distinction (if any) between commercial and community Linux."

The 2.6.32.10 and 2.6.33.1 stable kernel updates are out. They are both massive, with 145 and 123 patches, respectively.

Mark Shuttleworth claims some progress toward his goal of having distributions synchronize their major releases and calls for more distributors to join in. "I think this is a big win for the free software community. Many upstreams have said 'we'd really like to help deliver a great stable release, but which distro should we arrange that around?' Upstreams should not have to play favourites with distributions, and it should be no more work to support 10 distributions as to support one."

LinuxCon Japan, formerly known as the Japan Linux Symposium, has announced its call for participation (CFP). This Linux Foundation sponsored conference will be held in Tokyo September 27-29. The CFP lists a number of topic areas that are of particular interest including desktop Linux, embedded and mobile Linux, Linux adoption, and so on; it closes on May 14. "LinuxCon Japan is the premiere Linux conference in Asia that brings together a unique blend of core developers, administrators, users, community managers and industry experts. It is designed not only to encourage collaboration but also to support future interaction between Japan and other Asia Pacific countries and the rest of the global Linux community. The conference includes presentations, tutorials, birds of a feather sessions, keynotes, sponsored mini-summits."

The Linux Foundation has announced the program for the Collaboration Summit to be held April 14-16 in San Francisco. This is an invitation-only event, though invitations can still be requested. Highlights include a full-day session on Meego, the Linux kernel roundtable, keynotes by Josh Berkus, Dr. Daniel Frye, Jim Zemlin, and others, a cloud computing roundtable, and more. "The Linux Foundation Collaboration Summit is the only event where a true cross-section of leaders from the Linux developer, industry and end user communities meet face-to-face to tackle today’s most pressing issues facing Linux, including technical development, legal topics, ISV porting and end user requirements."

Version 1.2 of PyPy - an alternative implementation of the Python interpreter - has been released. "This version 1.2 is a major milestone and it is the first release to ship a Just-in-Time compiler that is known to be faster than CPython (and unladen swallow) on some real-world applications (or the best benchmarks we could get for them). The main theme for the 1.2 release is speed." It's still not quite ready for production use, but it appears to be getting a lot closer.

Over at opensource.com, OpenNMS's Tarus Balog looks at the process of starting an open source business. This article covers much of the same material as his recent SCALE 8x keynote. "You might think that I was motivated by some sort of idealistic love of open source software. Nothing could be further from the truth. At the time, I was still running a Windows desktop. I undertook the OpenNMS project because I believed one thing: in the area of network management, open source represents the best business solution."

The Fedora board has, in response to ongoing discussions about updates to its releases (as covered in the March 11 Weekly Edition), adopted a "vision statement" on how Fedora releases should be maintained. "Stable releases should provide a consistent user experience throughout the lifecycle, and only fix bugs and security issues. Stable releases should not be used for tracking upstream version closely when this is likely to change the user experience beyond fixing bugs and security issues."

Google has announced the release of its RE2 library under a BSDish license. "At Google, we use regular expressions as part of the interface to many external and internal systems, including Code Search, Sawzall, and Bigtable. Those systems process large amounts of data; exponential run time would be a serious problem. On a more practical note, these are multithreaded C++ programs with fixed-size stacks: the unbounded stack usage in typical regular expression implementations leads to stack overflows and server crashes. To solve both problems, we've built a new regular expression engine, called RE2, which is based on automata theory and guarantees that searches complete in linear time with respect to the size of the input and in a fixed amount of stack space." More information can be found on the RE2 project page.

The H reports that the Open Source Initiative (OSI) has elected Simon Phipps, formerly Sun's Chief Open Source Officer, to the board of directors. "As a director, Phipps hopes to help the organisation change so that it becomes more member-oriented, more active in promoting open source in education, in policy development and possibly in organisational support for open source projects; "My goal as a Director will be to facilitate that change, a change that is already well under way following recent face to face discussions and the great work that Andrew Oliver and Danese Cooper have already put in"."

This year's Embedded Linux Conference, which will be held in San Francisco April 12-14, has announced that its program is now available. The keynote speakers will be Greg Kroah-Hartman ("Android: a Case Study of an Embedded Linux Project") and Matt Asay ("Embedded in 2010: an End to the Entropy?") along with a whole slate of over 50 presentations, tutorials, and BoFs. "This is your chance to meet leading developers from the embedded Linux community, and learn about the latest changes in Linux. Also, you can talk to engineers working on real products at some of the largest CE companies in the world, describing how they solved real issues in their own development projects." Click below for the full announcement.

Dave Phillips looks at arpeggiators for Linux. "An arpeggio is a musical technique whereby the notes of a chord are played in succession rather than all at once. The order of the chord notes in this succession may follow a strict set of rules or they may be played in purely random sequence. A device that acts upon a chord in this manner is known as an arpeggiator."

Over at CNET, Stephen Shankland has a fairly lengthy interview with Canonical's new CEO Jane Silber. "But is there more urgency about profit now? Silber: There is a sense of great opportunity right now. When we started Ubuntu in year one, we didn't put a strong push on trying to sell Canonical services, not because we were not interested, but it's hard to build a business around selling services around an operating system that nobody is using. We knew we needed to gain a user base and momentum before we could sell services. That user base is now there. There is urgency and momentum around that at a level we hadn't necessarily seen in the first couple years."

The LWN.net Weekly Edition for March 11, 2010 is available.

The SCO case has long since dropped off the radar for most. It is worth noting, though, that the Novell "slander of title" trial is now underway in Utah. Groklaw has detailed coverage of the testimony thus far. "Why did Novell slander SCO's title? Because of Linux. Linux started as a hobbyist tool. It's open source; 'nobody can be completely sure where the code comes from'. Starting around 2000, IBM inserted into Linux stuff that belonged to SCO. SCO sued, and started their licensing program (SCOsource). Novell stated that SCO doesn't have the copyrights and can't sue IBM."

The Mozilla Foundation has launched a process to update the Mozilla Public License. The project is described this way: We've been using version 1.1 of the Mozilla Public License for about a decade now. Its spirit has served us well, helping to communicate some of the values that underpin our large and growing community. However, some of its wording may be showing its age. Keeping both those things in mind, we're launching this process to update the license, hoping to modernize and simplify it while still keeping the things that have made the license and the Mozilla project such a success. While the update process is inspired by the GPLv3 update, the objectives are far less ambitious: Mozilla would like to smooth various rough edges without making major changes to the license. They hope to have the process complete - after releasing three drafts for comments - by November of this year.

Jonathan Schwartz writes about patent attacks, and Apple's attack on Android in particular. "Having watched this movie play out many times, suing a competitor typically makes them more relevant, not less. Developers I know aren’t getting less interested in Google’s Android platform, they’re getting more interested - Apple’s actions are enhancing that interest." He also says that Microsoft tried to shake down Sun with patent claims on OpenOffice.org.

Swedish MEP Christian Engström reports that the European Parliament has passed a resolution coming out against the secretive ACTA copyright treaty negotiations and demanding transparency in the process. The vote was rather definitive: 633 for, 13 against. "At last, the elected representatives in the parliament have sent a strong message. We have shown that we do not accept secrecy. We have shown that we are prepared to stand up for a free internet open to everybody."

Konstatin Dmitriev's Morevna Project is to 2-D animation what the Blender Foundation's Open movie projects have been for 3-D. The goal is to produce a production-quality, full-length animated feature, using only open source software, and license the source content and final product under free, re-use-friendly terms. Along the way, the work provides stress-testing, feedback, and development help to the open source software used, while raising awareness of the quality of the code. Subscribers can click below for a look at the project from this week's edition.

Texas Linux Fest has announced the initial list of speakers and presentations for its inaugural event. Keynote speakers include Joe "Zonker" Brockmeier and Randal L. Schwartz, with additional presentations by Linux, free software, and open source experts such as Jon "maddog" Hall, Amber Graner, Bradley Kuhn, and Max Spevack. The event will take place on Saturday, April 10th, in Austin Texas. Registration is available online. The complete list of talks is available as well.

Almost exactly one year ago, LWN examined the problem of 4K-sector drives and the reasons for their existence. In short, going to 4KB physical sectors allows drive manufacturers to increase storage density, always welcome in that competitive market. Recently, there have been a number of reports that Linux is not ready to work with these drives; kernel developer Tejun Heo even posted an extensive, worth-reading summary stating that "4 KiB logical sector support is broken in both the kernel and partitioners." As the subsequent discussion revealed, though, the truth of the matter is that we're not quite that badly prepared; click below (subscribers only) for details.

The LibrePlanet conference, being held March 19-21 in Cambridge, Massachusetts, will be featuring a day-long Women's Caucus on Sunday March 21st. That track will be focusing on finding concrete ways to increase women's participation in free software, including a panel on recruiting and retaining women, a presentation on mentoring, and a workshop on how non-coders can take up critical roles in free software projects. In addition, LibrePlanet has keynotes from FSF founder Richard Stallman and EFF founder John Gilmore. More information can be found on the web sites or in the schedule.

Bruce Byfield takes a look at innovations in GNOME and KDE. "Of course, GNOME and KDE have long had features that Windows lacked, such as multiple desktops and finer controls for customizing the user experience. However, in the last few years, both major free desktops have added features that show not only an interest in usability, but, at times, an effort to anticipate what users might actually want. The focus is by no means consistent, yet scattered here and there are features that can make any user glad that they're using a open source desktop."

The H covers the CeBIT Open Source Forum. "The CeBIT Open Source Forum, a prominent feature in the Open Source area of Hall 2, featured several lectures, demonstrations and keynote speeches on several topics, from Open Source in data centres and security, to web browsers, mobility and multimedia. The H attended several of the Open Source Forum sessions, including the introduction of the latest 6.3 release of the popular Knoppix Live Linux distribution by Knoppix creator Klaus Knopper."

Simon Phipps, Chief Open Source Officer at Sun, reminisces about some achievements during his tenure. "Got some of the most important software in the computer industry released under Free licenses that guarantee software freedom for people who rely on them, regardless of who owns the copyrights. Unix, Java, key elements of Linux, the SPARC chip and much more have been liberated."

The first alpha release of Fedora 13 is out. "We need your help to make Fedora 13 the best release yet, so please take a moment of your time to download and try out the Alpha and make sure the things that are important to you are working. If you find a bug, please report it -- every bug you uncover is a chance to improve the experience for millions of Fedora users worldwide." There is a lot of new stuff in this release; see the announcement for a summary.

Linus has kept his promise and released 2.6.34-rc1 a bit earlier than usual, even though he reserves the right to pull in a few more trees yet. "So if you feel like you sent me a pull request bit might have been over-looked, please point that out to me, but in general the merge window is over. And as promised, if you left your pull request to the last day of a two-week window, you're now going to have to wait for the 2.6.35 window." Nouveau users should note that they can't upgrade to this kernel without updating their user-space as well.

TuxRadar takes a look at several desktops and applications. "For the tinkerers and testers, 2010 is shaping up to be a perfect year. Almost every desktop and application we can think of is going to have a major release, and while release dates and roadmaps always have to be taken with a pinch of salt, many of these projects have built technology and enhancements you can play with now. We've selected the few we think are worth keeping an eye on and that can be installed easily, but Linux is littered with applications that are evolving all the time, so we've also tried to guess what the next big things might be."

LWN first looked at LogFS, a new filesystem aimed at solid-state storage devices, back in 2007. It has taken a long time, but, as of 2.6.34, LogFS will be in the mainline kernel and available for use; let the benchmarking begin.

Version 2.2.15 of the Apache HTTPD server is out. "Notably, this release was updated to reflect the OpenSSL Project's release 0.9.8m of the openssl library, and addresses CVE-2009-3555 (cve.mitre.org), the TLS renegotiation prefix injection attack. This release further addresses the issues CVE-2010-0408, CVE-2010-0425 and CVE-2010-0434 within mod_proxy_ajp, mod_isapi and mod_headers respectively."

The OpenSSH 5.4 release is out, with a number of new features; these include a new certificate format, a "netcat mode," a key revocation operation, better multiplexing support, and strengthened encryption. This release also removes disables (by default) support for version 1 of the SSH protocol - a change which few users should notice at this point.

The Register has posted an article on a reported OpenSSL vulnerability that allows attackers to obtain a system's private key. Before hitting the panic button, though, it's worth seeing what's involved in carrying out this attack: "The university scientists found that they could deduce tiny pieces of a private key by injecting slight fluctuations in a device's power supply as it was processing encrypted messages. In a little more than 100 hours, they fed the device enough 'transient faults' that they were able to assemble the entirety of its 1024-bit key." It could be a problem for keys hidden in embedded systems, but that is probably about the extent of it.

A new major release of the Mercurial source code management system is out. New features can be seen on the Mercurial "what's new" page; they include some new branching options, more flexible importing of patches, XML log templates, and more. The download directory contains the source.

ITProPortal reports that Japan-based I-O Data Device has signed a patent cross-licensing deal with Microsoft. "The software maker asserted that the network attached storage devices from I-O Data Device use Linux-based technologies that come under the "patent covenants". David Kaefer, intellectual property chief at Microsoft, said in a statement: "We're pleased to reach this agreement with I-O Data"."

EDN reports that MontaVista Software has developed an embedded version of Linux that boots in less than a second. "In addition to designing real-time Linux, MontaVista has been working on the development of real-fast Linux, a Linux operating system that boots in less than 1 second. The team who worked on the project includes Alexander Kaliadin, Nikita Youshchenko, and Cedric Hombourger. Many on the team also worked on the MontaVista real-time Linux. "One of the first things we did years ago was to make the Linux scheduler pre-emptive and deterministic," says Hombourger. These fast-boot developments are not necessarily limited to real-time or an embedded Linux; however, they can get a conventional Linux distribution to boot in 1 second, as well."

Ecofriend takes a look at a Linux-powered electric motorcycle. "The motorcycle sports a touchscreen dash powered by Ubuntu that offers stats about the bike's performance and GPS navigation as well. The one-of-a-kind motorcycle is based around a Honda chassis that has its tail chopped and engine replaced with a pack of nickel-metal batteries for a completely silent ride."

Valtteri Halla, the Nokia representative on the MeeGo Technical Steering Group, has posted some information on the future of the project. "The most important question is of course about the code. We hope to move on here very quickly now. Nokia and Intel have set the target to open the MeeGo repository by the end of this month. I guess this is something that finally will signify the real 'Day One' of MeeGo project, a genuine merger of moblin and maemo. What is scheduled to be available then is the first and very raw baseline to a source and binary repository to build MeeGo trunk on Intel ATOM boards and Nokia N900."

A draft security assessment of IP, which may one day become an Internet Engineering Task Force (IETF) RFC, has been announced. "This document is the result of an assessment the IETF specifications of the Internet Protocol (IP), from a security point of view. Possible threats were identified and, where possible, countermeasures were proposed. Additionally, many implementation flaws that have led to security vulnerabilities have been referenced in the hope that future implementations will not incur the same problems. Furthermore, this document does not limit itself to performing a security assessment of the relevant IETF specifications, but also provides an assessment of common implementation strategies found in the real world."

After 8 months of development, the open microblogging system StatusNet has released version 0.9.0. StatusNet is the software behind the identi.ca microblogging service. The new version has lots of new features including support for the OStatus distributed status update standard, support for geolocation, no fixed message size (though 140 characters is still the default), web-based administration, a moderation system, and much more. "Under the covers, the software has a vastly improved plugin and extension mechanism that makes writing powerful and flexible additions to the core functionality much easier."

Andy Updegrove looks at the next steps in Elliott Associates' bid for Novell. He looks at what a tender offer is, what Elliott's and the Novell board's strategy may be going forward, and what other bidders might bring to the table. "There are two things to watch for at this point: the first is whether Novell's board decides to enter into negotiations with Elliott, or to rebuff the offer (you saw Microsoft and Yahoo go through this dance not so long ago). And the second is whether other bidders enter the scene. Such a bidder could be solicited by Novell's management and board (a 'White Knight'), because they don't like the looks of the Elliott bid and what may come afterwards, or there could be further unsolicited bids."

Debian has updated cups (arbitrary code execution). Fedora has updated automake (v1.4: F11, F12; v1.5: F11, F12; v1.6: F11, F12; v1.7: F11, F12: arbitrary code execution), wireshark (F12: LWRES dissector crash), and argyllcms (F12: udev rules set incorrect tty permissions). Mandriva has updated pam_krb5 (username existence disclosure). Red Hat has updated cups (fix to previous denial of service fix) and java-1.5.0-ibm (TLS/SSL man-in-the-middle plaintext injection). SUSE has updated firefox, seamonkey (multiple vulnerabilities). Ubuntu has updated cups (multiple vulnerabilities).

John Buckman, founder and owner of Magnatune, writes about sending money to the GNOME foundation based on 10% of the sales via Rhythmbox's Magnatune plugin. "Also FYI this means that RB has raised $3579.50 for independent musicians (because we pay out 50% of what comes in to musicians, and the 10% RB payout is coming out of Magnatune's half) [...] What this means is that I've now sent a check for $614.20 to GNOME Foundation." He also notes that Ubuntu has changed the referrer in the Rhythmbox plugin so that the $1017 in sales via that channel will instead be credited to Ubuntu. Also see the related article from the March 4th edition of LWN. (Thanks to Don Marti).

Over at Linux Journal, Dave Phillips continues his adventures in Linux audio with a look at audio loopers for Linux. "Performance loopers are machines that record an audio signal and capture it to a buffer for use as a repeating loop over which a performer improvises a new musical line or even another loop. A performance looper records multiple loops, thus giving the user an opportunity to compose additively in realtime."

PCWorld reports on a speech given by Microsoft's Vice President for Trustworthy Computing, Scott Charney, at the RSA security conference in San Francisco. In it, he suggests that a tax of some sort might be just the way to pay for cleaning up systems that are infected with viruses and other malware. "So who would foot the bill? 'Maybe markets will make it work,' Charney said. But an Internet usage tax might be the way to go. 'You could say it's a public safety issue and do it with general taxation,' he said."

Transifex, the "open translation platform" has released version 0.8, codenamed "Magneto". There are lots of new features in the release including the addition of translation teams and reviews, a timeline/history view, better notification support, and more. "Transifex is a localization platform that gives translators a simple yet featureful web interface to manage translations for multiple remotely-hosted projects. Files to be translated can be translated straight from the user's browser or retrieved for offline translation, and various translation statistics can be read at a glance. Popular projects using Transifex include the Fedora Project, Moblin, XFCE and LXDE." Click below for the full announcement.