Pictures from the Sorbonne Strike

by Miguel de Icaza

Pictures from the student strike in Paris that took over the Sorbonne University.

Posted on 12 Mar 2006

Novell's Linux Desktop Preview

by Miguel de Icaza

Alex today pointed me to some screenshots of the upcoming Novell Linux Desktop, they are here.

Posted on 09 Mar 2006

RSS Patents from Apple

by Miguel de Icaza

Dave Winer points to a couple of Apple patents:

Apple is patenting our inventions, again. Oy. 

Jens Alfke, one of Apple's "inventors" stopped by to explain how there's no real generosity in the tech business. I can see where he might get that idea, working where he does.

There is an interesting discussion on Dave's site.

If this is the kind of thing that passes as a patentable invention nowadays, we must get ready for a few very dull years in the technology scene.

Posted on 08 Mar 2006


by Miguel de Icaza

Joe posted an enthusiastic description of AppArmor: a Novell technology that uses the Linux security infrastructure to improve the security of your system. Novell originally acquired this proprietary product last year and included it with OpenSUSE and open sourced the effort.

Joe links to a recent presentation at FOSDEM which is worth watching as it explains how AppArmor works and demostrates how you can augment the rules in AppArmor for your own applications and how you can secure a web site.

I once got the demo live, and it was fairly impressive as I was given a root shell, but was basically unable to escape the "sandbox" that AppArmor had created.

Both AppArmor and SELinux use the same kernel infrastructure to create the sandbox. From the AppArmor FAQ I liked this explanation:

SELinux is an implementation of mandatory access controls that uses labeled security, ie, the application of a tag to each data file that identifies that file's appropriate security level. Labeled security has advantages in organizations where secrecy is paramount, that is, ensuring that only those authorized at appropriate clearance levels can view a given piece of data. The labels allow the operating system to handle data with appropriate controls, eliminating the need to store the information on multiple computers of varying security levels. Although this feature has value to organizations such as intelligence agencies whose main goal is to keep secret information secret, it introduces a significant level of complexity and has limited value to most commercial enterprises whose primary objective is data integrity, ie, preventing the corruption of data.

The FAQ goes into a larger comparison with SELinux if you are interested in that.

Posted on 07 Mar 2006

Using Visual Studio to develop with Mono

by Miguel de Icaza

If you are interested in developing with Mono using Visual Studio, there are a number of tools that Francisco Martinez has developed to make your experience smoother.

He created a few screencasts and a general introduction on his blog:

  • The Installing VSPrjMake screencast shows how you install the Visual Studio add-in.
  • In this screencast he shows how to test your Windows.Forms application with the Mono runtime using Visual Studio.
  • In this one he shows how to test an ASP.NET application with Mono from Visual Studio.

Today for the first time I had the chance to play with these on Paco's laptop (he is visiting the Cambridge office this week). He also has developed a tool to choose which Mono runtime to use. The tool is useful for Mono power-users on Windows (you can watch your app work better with new versions of Mono as you go; Or you can track regressions in Mono).

In his blog entry, he has other screencasts showing how to run the same application with different runtimes (.NET CLR and Mono). Check it out.

Pretty much these tools do most of what we had discussed in the past in terms of Visual Studio and Mono integration.

The next step would be to integrate this with a VMWare player with a OpenSUSE OS image to have all the Mono development tools and test applications directly from Visual Studio into the VMware image.

Posted on 25 Feb 2006

Novell's Open Audio Podcast, part 2

by Miguel de Icaza

Ted has posted some updates on Open Audio: Ogg formats are comming, he discusses high/medium qualities, why they chose the format they did and the music they use. His post is: Next Steps for Novell Open Audio.

Posted on 23 Feb 2006

The Dave Reveman Files: Xgl and AIGLX

by Miguel de Icaza

David Reveman, has posted his thoughts on the Xgl/Aiglx debate here:

One of the points that I particularly like is:

An important goal with X on OpenGL is to make it easier for X to keep up with the advances in graphics hardware. Eliminating the custom 2D acceleration code will reduce the development burden and make this easier. This can probably be achieved through AIGLX as well, I know that the people working on AIGLX have discussed putting some of the acceleration code I have in Xgl inside Xorg with AIGLX and that would be a step in that direction. However, I strongly believe that going all the way to an X server completely on top of the OpenGL API is the best solution in the long run.

In particular I like his comments on the criticisms of Xgl, they all boil down to "It is a lot of work":

I think the arguments made by nvidia to why X on OpenGL would be worse than the current driver architecture can be debated on until forever. I think it all boils down to if we want put some more effort to it and take the big scary step to something new or if we want to stick to the old well known. Not too surprising, we have people who are in favor of both and we'll likely have development being done on both, which I don't think is that bad after all.

So far I haven't heard a single argument for why X on OpenGL is a a bad idea other than that it's a big step and a lot of work will have to be done. If that would stop me from working on Xgl, I wouldn't have started working on it in the first place.

Finally, David sets the record straight on the Xgl development, to refute the claims made on the Fedora page:

"We've been working on the AIGLX code for a some time with the community, which is in direct contrast with the way that XGL was developed. XGL spent the last few months of its development behind closed doors and was dropped on the community as a finished solution. Unfortunately, it wasn't peer reviewed during its development process, and its architecture doesn't sit well with a lot of people."

I've been developing Xgl in the open since November 2004. Only the last few months have been behind closed doors. I can agree that this wasn't the best thing but no architectural changes have been made during this period, just a lot of hard work implementing missing functionality, tracking down and fixing bugs in xgl and various other places in the x server tree. We didn't drop a finished solution, we dropped a much improved version, that's all.

Anyways, more details are on David's post

Posted on 23 Feb 2006


by Miguel de Icaza

We have been exploring for some time the new Infocard identity framework from Microsoft. If you are interested in this new identity system being developed, check the Microsoft web site here.

Thanks go to Mike Shaver for getting us in touch with Kim Cameron and Mike Jones:


The Zen of this is that we cant change it by ourselves. Microsoft can be part of that.

Posted on 23 Feb 2006

Follow up to Chris

by Miguel de Icaza

Chris points out in his blog entry that Xgl is a lot of work:

[...] The big thing about the AIGLX approach is that it's incremental. The path to get from here to there allows us to leverage the strengths we have, allow people to participate as their hardware allows and work iteratively with vendors to add support to cards. Simply put, AIGLX presents us with a hill instead of a cliff. That's the big difference.

But it is not an academic discussion anymore about the complexity of getting from here to there. We are already there, and the code is already on CVS and we have already climbed the most difficult part of the cliff.

Anyways, Chrisl, what about addressing the comments on the Fedora Wiki to reflect David's comments? There is a link added, but there were no "architectural" changes developed in private.

Anyways, more power to the Red Hat folks with AIGLX, am sure we will have a combination of both in various machines and am just happy to be able to use both depending on the hardware I have available at my disposal.

Posted on 23 Feb 2006

Port Security

by Miguel de Icaza

Dave Winer observations are interesting:

I love the political storm President Bush is caught in over the UAE port managers, because it is totally unfair, as he says it is. Of course they're perfectly qualified to manage the ports. They're not terrorists. They employ Americans. There's no extra risk. I love it because it's exactly the kind of dirty trick Bush uses, the same kind of dumb emotional illogic, and like his opponents he's left stammering like an idiot, caught in the headlights, explaining how it's not really an issue. It's the Swift Boat logic turned back at the master. It's as if Karl Rove was working for the Dems. I love it because it's funny and it's justice.

Posted on 23 Feb 2006

« Newer entries | Older entries »