No delays expected for SUSE/Microsoft virtualization connectors, Novell says

Some bloggers raised concerns that Microsoft would not release its Linux Integration Components on Sept. 8 as planned, concurrent with the release of its highly anticipated Hyper-V virtualization application. The components, which include special drivers for networking and storage, are expected to make Novell SUSE Linux Enterprise guests run as well on Hyper-V as Microsoft VMs and give SUSE a performance edge over rivals such as Red Hat Inc. and Ubuntu on Microsoft machines. But not to worry. Justin Steinman, Novell’s director of marketing, Open Platform Solutions, promised that the components will be available to download from prior to next Monday. Well, that one’s right down to the wire.

SELinux now enabled in AppArmor’s openSUSE

On Friday, Aug. 22, openSUSE announced that its newest version, 11.1, will support Security Enhanced Linux, or SELinux. Novell’s security tools, AppArmor and SELinux, have traditionally been considered intense rivals. In this interview, openSUSE’s Andreas Jaeger, Roman Drahtmüller and Matthias Eckermann discuss openSUSE’s support of SELinux.

OpenSUSE now has basic enablement with SELinux. That’s great for SELinux users now, but will openSUSE be able to integrate new patches for SELinux?

Andreas Jaeger : OpenSUSE is developed with a community approach; We are proud to have opened the openSUSE build service to the community, with the option to develop and package open source software cross-distribution.

As SELinux is a cross-distribution effort, we encourage members of the SELinux community to participate in the openSUSE build service: to develop, test-drive and integrate new user land patches and tools into openSUSE and other distributions using our cross-distribution service. This way, all distributions running with SELinux enabled in the Linux kernel will benefit.

Is support of SELinux indicative of a larger industry trend toward interoperability?

Roman Drahtmüller: Novell observes a tendency in the industry to increase the security value of a system by introducing additional controls beyond the scope of the application. This means the application is exposed to these controls but cannot change them.

In moving from AppArmor to SELinux, does a company sacrifice compliance benefits?

Drahtmüller: AppArmor profiles for application containment and confinement are comparatively easy to manage throughout an infrastructure. Creating them is a distinct, low-pain checkmark item. The same applies to evaluating log messages that record possible violation attempts against protected system services.

For customers, the transition to SELinux may need a change in thinking and architecture, but also allows for the definition of a complete policy in a system. It helps to disallow actions that are not subject to a defined policy. There are environments that require such a functionality — regardless of the cost associated with it — for compliance reasons.

We anticipate that customers with these requirements will aim for a SUSE Linux Enterprise operating system, as it targets the special needs of customers working in compliance-bound environments.

Security tools have created a tradeoff between capability (SELinux) and usability (AppArmor). Is Novell’s approach to this tradeoff changing with its basic enablement of SELinux?

Matthias Eckermann: As in earlier releases of our product, openSUSE 11.1 reflects our belief in the value of additional security mechanisms in the operating system. The benefit of such mechanisms is maximized if the configuration and administration is as transparent, straightforward and as easy as possible for administrators.

Security needs that aim toward mandatory access control, mandatory integrity control or even multi-level security require a suitable architecture. With the basic SELinux enablement, we will allow our partners and customers to use such an architecture to implement solutions that fulfill their specific needs.

Nevertheless, we want our users to be able to choose their own priorities between administrative effort and functional benefit.

What do you think? Leave a comment below or contact chunter@techtarget.com.

Strong Novell SUSE sales boost third quarter

Waltham, Mass.-based Novell Inc. reported solid revenue growth in its third-quarter earnings call yesterday, with net revenues of $245 million, up from $236 million for the second quarter of 2008 and from $237 million the third quarter of the previous year. Third-quarter operating profit this year was $1 million, compared to a $10 million operating loss the previous year.

Quarterly revenues from SUSE Linux were even stronger, however, with a 30% year-over-year growth, climbing from $25 million in the third quarter of 2007 to $32.5 million in the third quarter of 2008. Third-quarter SUSE revenues also were higher than the previous quarter’s revenues of $30.5 million. Despite the revenue gains, Novell racked up third-quarter losses of $15 million in 2008 and $4 million in 2007 due to charges from auction-rate securities and negative currency exchange rates, respectively.

Microsoft sales of SUSE certificates continue to increase throughout 2008, with $176 million or 73% of the $240 million agreement invoiced to date, according to Ian Bruce, Novell’s director of public relations. Microsoft is so far ahead of schedule in sales of the SUSE certificates, which it agreed to resell within five years of November 2006, that Microsoft recently agreed to buy up to an additional $100 million in SUSE certificates. Last year, Microsoft certificate sales gave a hefty boost to Novell revenues and boosted SUSE’s market share by 3% to 29% and Red Hat Inc.’s declined proportionately.

As Al Gillen, research vice president of system software at Framingham, Mass.-based IDC pointed out recently, the certificates give Microsoft an alternative product to offer customers who prefer Linux to Windows. And the paid-support certificates can convince customers to switch from free software to paid-support subscriptions, which “levels the playing field” with proprietary software, he said. Novell CEO Ron Hovsepian said he is “pleased” with the overall results, which he said affirms that the company is on the right strategic path and should achieve further growth and higher profit margins in 2009. Consulting services will continue to decline but product sales will increase, keeping the company on target to earn $940 million to $970 million by the end of the fiscal year, he said. Last year’s net revenues were $932 million.

Red Hat tight-lipped on breach, but risk appears small

Red Hat Inc. has declined to provide additional details on last week’s security breach on some Fedora servers that were illegally accessed. Although Red Hat said it did not believe that the package-signing key used to gain access to Fedora operating systems was compromised, the Raleigh, N.C.-based company issued a new Fedora signing key as a precaution. Fedora is Red Hat’s free operating system where innovations are introduced and tested before they are incorporated into production-ready Red Hat Enterprise Linux (RHEL).

Related to the Fedora intrusion, Red Hat also announced a breach into a few Open Secure Shell (SSH) security encryption packages for some versions of RHEL 4 and RHEL 5 that are not under the umbrella of a Red Hat network management system. As a precaution, Red Hat issued an updated version of the affected RHEL Open SSH security packages.

No big deal? 
Reaction to the breach is muted at best.

Joe Clabby, a principal at Falmouth, Maine-based Clabby Analytics, said that a new signing key install “could be a real hassle” for a large install base without an automated deployment system, but he didn’t think it was a huge problem. “It’s good they found it and made it public so people can fix it and life goes on,” he said.

Charles King, a principal analyst at Hayward, Calif.-based Pund-IT Inc., agreed.

A security breach is “always disquieting,” he noted, but this one is probably of lesser impact, because most data centers do not run Red Hat exclusively. In one sense, the breach could be viewed as an indicator of Red Hat’s growing success. Hackers generally target only commercially successful distros, King said.

Well-known tech blogger Jason Perlow said that the breach is “standard stuff” that will be remedied quickly because the entire open source community will become engaged in developing a remedy, versus a breach with a proprietary vendor, which could take months to solve the problem.

I suspect that most large Red Hat installs run RHEL rather than Fedora, thus reducing the probable risk to businesses. Nevertheless, as an admittedly impatient journalist wired to ask questions and expect answers, Red Hat’s failure to be more forthcoming about the extent of the breach and the potential impact is disappointing. Users aren’t well served by a limited statement and a wall of silence.

Should VMware buy Red Hat?

A recent Business Week article said that Raleigh, N.C.-based Red Hat Inc. is ripe for a takeover bid because its pockets don’t bulge as quickly as those of proprietary vendors and suggested Palo Alto, Calif.-based VMware Inc. as a promising buyer. VMware has a heftier cash flow and doesn’t have an operating system, a gap that Red Hat would fill, the author argues.

But three IT analysts panned the idea for multiple reasons. Richard Jones, the vice president and service director of Burton Group in Midvale, Utah, and Charles King, a principal analyst of Pund-IT Inc. in Hayward, Calif., don’t think Red Hat’s relative flat stock price makes it vulnerable.

“I don’t think it’s a risk,” King said. “The players within the industry and those in investment live in separate realities. If Red Hat can’t be a success as the clear leader in the market, what could VMware do to make it more successful?”

Jones doesn’t think Red Hat is vulnerable either. Red Hat has only its brand to offer (since open source software is free) and the company would be too expensive to buy, he said. Instead of VMware, Jones thinks that Oracle Corp. would be the more likely buyer.

Joe Clabby, principal at Clabby Analytics in Yarmouth, Maine, said a VMware/Red Hat merger doesn’t make sense because the addition of an operating system would put Hopkinton, Mass.-based EMC Corp., VMware’s parent company, in conflict with the other major hardware vendors who distribute VMware.

“I don’t see Red Hat making a ton of money,” Clabby said. “‘But I don’t think anybody’s at risk.”

But Clabby admitted that his crystal ball is sometimes a bit cloudy. “I didn’t think EMC Corp. should have bought VMware. But that acquisition has paid off extremely well.”

Ironically, the Red Hat news alert that initially popped up this week linked to a Computerworld column suggesting that IBM buy Red Hat, while admitting the outcome was quite unlikely. But a closer look revealed that Google erred in listing the “recent” article, which was written in 2002. The author, Nicholas Petreley, a computer consultant in Hayward, Calif., said this week that he was one of the first to urge IBM to buy Red Hat in the mid-’90s but said the acquisition now would simply put it in competition with other distros, similar to Clabby’s argument against a VMware/Red Hat merger. And Petreley’s thoughts were the same as mine: somehow the VMware piece resurrected his IBM column out of the depths of time and presented it as something new.

Well, as we all know, technology doesn’t always work 100% of the time. And this is just one more example.

The bottom line: Red Hat appears not to be a takeover candidate for now. And that’s probably a good thing.

Boston “Installfest” is Saturday, Aug. 23, at MIT

The Boston Linux & Unix Users Group’s 30th Installfest, which we announced in a previous blog as taking place on Sat., Aug. 16, is actually tomorrow, Sat., Aug. 23, at MIT. Volunteers will help users install open source software on their laptops from 9 a.m. to 5 p.m. at MIT Building E-51, Room 61, 2 Amherst St., Cambridge. Copies of Fedora 9, OpenSuse 11.0, Ubuntu Hardy Heron 8.04 and Debian are available. Bring your computer, monitor, distros to be installed, a power strip and some bucks. Although the volunteer-run service is free, a $25 donation is encouraged

Microsoft buys $100 million more Novell SUSE Linux Enterprise certificates

Microsoft Corp. recently announced that it will buy $25 million to $100 million in additional customer support certificates for Novell SUSE Linux Enterprise software that Microsoft will, in turn, sell to its customers that want a mix of open source and proprietary software. The pact is an extension of the five-year interoperability agreement of November 2006, in which Microsoft agreed to sell $240 million of SUSE certificates in five years. (SUSE itself can be downloaded for free but customers must pay for patches and support.)

Microsoft’s SUSE certificate sales, in fact, have grown faster than expected, exceeding $157 million in the first 18 months. Novell, in turn, agreed to boost its investment in tools and customer training to help make the two systems more interoperable and user-friendly at the joint Microsoft/Novell research facility in Cambridge, Mass.

Justin Steinman, Novell’s director of product marketing for Linux and Open Source, said SUSE Linux core sales have continued to grow rapidly and the Microsoft certificate sales represent just another channel to get into the market.

Al Gillen, research vice president of system software with Framingham, Mass.-based International Data Corp., said that the extension is “positive for both companies” and reassures users that the pact “isn’t going to run out of gas” before its scheduled termination.“The market for nonsupported Linux is strong, and Microsoft is trying to penetrate that market with these certificates,” Gillen added. “Microsoft doesn’t want to compete against free Linux software, and by selling SUSE support certificates, Microsoft creates a level playing field.”

Although open source is touted as a lower-cost alternative to proprietary software, Gillen said the cost difference is insignificant when comparing the tab for acquisition and support over a five-year period.

Canonical, VMware: Start of a new wave at Linux Foundation?

Less than two weeks after VMware Inc., the proprietary virtualization software leader, signed up for membership in the Linux Foundation, Canonical Ltd., the commercial sponsor of Ubuntu open source software, joined as well.

Of the two, VMware is the more surprising since its software isn’t open source, despite its recent decision to make its ESXi virtualization server available for free. In fact, however, VMware recently contributed its Virtual Machine Interface for paravirtualization to the open source community and is working on other ongoing community projects. But Canonical’s joining seems, if anything, overdue; its founder, Mark Shuttleworth, also helped launch the Linux Foundation and is a current board member.

So what’s going on? Is this the beginning of a wave of new members? Jim Zemlin, the Linux Foundation’s executive director, thinks so. “You will be seeing many more new members of the Linux Foundation in the near future,” Zemlin predicted. Collaboration is critical in the open source community, and the Foundation is a place to meet and solve problems, he said.

Well-known tech blogger Jason Perlow wasn’t quite in agreement. He said Canonical’s joining is “almost a nonevent” because of its “huge support” of the community. Nevertheless, its membership puts it on an equal footing with multibillion-dollar firms in a “somewhat exclusive club” and might prompt Red Hat Inc. and Novell Inc. “to take the snappy little upstart” more seriously, he said. Jay Lyman, an analyst at the New York-based 451 Group, said the two new members — especially Canonical — are both “key” to the Foundation because of the popularity and innovation of Canonical’s Ubuntu software. VMware’s membership is not as important to the organization overall, but should help Linux to stay at the forefront of virtualization, he said. Canonical’s silver-level membership (the lowest of three full membership levels) puts it one up on open source leader Red Hat, which is at the same support level but, unlike Canonical, doesn’t have a seat on the board. (Novell is a top-level platinum member.)

Hmmm …perhaps the popular open source software company from across the ocean will start getting a lot more respect.

Microsoft win for OOXML could undermine open source

On Friday, Aug. 15, the software behemoth from Redmond, Wash., won another victory over open source, when the International Organization for Standardization (ISO) and the International Electrotechnical Commission gave the go-ahead to Microsoft’s alternative Office Open XML (OOXML) document format. The organizations rejected appeals by four countries (Brazil, South Africa, Venezuela and India) because they failed to obtain two-thirds membership support for their position. The four objectors contended that procedural violations last February invalidated the subsequent April 1 boards’ approval of the Microsoft-sponsored standard. OOXML opponents also argue that the addition of a second document format standard will undermine the Open Document Format (ODL) developed earlier by the open source community. However, the ISO contends that its approval of two standards will give the market the opportunity to choose between the two alternatives.

Since when has Microsoft been in favor of choice? Like the choice of eat or be eaten. . . .

Ubuntu growing its ecosystem of apps, partners, Canonical says

Malcolm Yates, the global independent software vendor (ISV) alliance manager at Canonical Ltd., traveled halfway around the world, flying from London to San Francisco with a message for LinuxWorld: Ubuntu is growing up. No longer just an operating system for geeks, Ubuntu has begun to evolve into a mature ecosystem with a small but growing cache of applications to run on top of an OS and more partners to expand its reach, he said.

Addressing an oft-cited shortcoming, Canonical is in the process of adding numerous key partnerships to expand the desktop and server offerings on top of Ubuntu’s OS and forging pacts with hardware vendors as well, Yates said. Parallels virtualization software and IBM DB2 database software already are downloadable from Canonical’s website and enterprise resource planning and customer relationship management applications in the works, he said. The desktop is beefing up, too, with OBM messaging and collaboration software and IBM groupware are coming soon, he said.

Canonical also has strengthened its development team to nearly a dozen members during the last year and has built a mini-operating system to enable ISVs to develop Ubuntu-based applications quickly and bring them to market, Yates said.

Although he didn’t have solid numbers, Yates estimated that Ubuntu’s share of the open source operating system market has doubled or tripled from IDC’s 9% projection last year, with the number of users opting for paid support rising proportionately. Server and desktop users both are growing but desktops – boosted by a 50,000 deployment by French police – are increasing faster, he said. But the coming addition of IBM groupware to Ubuntu’s desktop should boost Ubuntu’s momentum in the corporate market, both desktops and servers, he said.

Canonical’s goal is to make Ubuntu available via any partner and any business model and deliver it to users on the server as well as the desktop, Yates said.