Dal Linux World Expo...

Eccovi qualche notizia succosa di argomento sicurezza dall'arena del Linux
World, gentilmente offerta da IDG News Corp.

Per gli interessati c'e' un reportage piu' completo su www.cwi.it ; sul
prossimo numero di ComputerWorld Italia, tra l'altro, ci sara' uno speciale
dedicato alla sicurezza.

---------------------

HP takes security route to Linux arena
By Todd R. Weiss
Computerworld (US)

FRAMINGHAM (08/27/2001) - Hewlett-Packard Co. is striving to gain a
higher profile in the Linux arena by offering its own version of Linux
that incorporates high-security features for business users.

The new HP Secure OS Software for Linux will offer features that have
been long desired but not built into the operating system, according to
Mike Balma, director of operations for Linux systems at HP.

The package, which will be released today, will sell for US$3,000 per
system and is based on the Linux 2.4 kernel and Red Hat Linux 7.1. The
offering includes the Apache Web server, the Amanda backup utility,
configuration and security auditing tools, and installation and
integration support.

The operating system is targeted at Internet service providers,
telecommunications companies and e-businesses that want a more secure
operating system that still offers the flexibility of open-source
software, according to HP.

One of the major criticisms of Linux in the past has been that it
doesn't offer the higher security needed by business computing
environments.

"Commercial users do require security, and that's where HP is filling in
the gap," Balma said.

But Al Gillen, an analyst at IDC in Framingham, Mass., said that
although there may be users who are interested in higher security for
Linux, HP "may be ahead of the market" at this point. Linux is "not an
inherently insecure operating system," he said.

Such a product could possibly help generate interest in Linux among
users who have particular worries about security features in existing
distributions of the operating system, Gillen said.

"If they have concerns, maybe this will help them decide on it," he
noted.

Eric Hemmendinger, an analyst at Aberdeen Group Inc. in Boston, said the
features are reminiscent of HP's VirtualVault security concepts, which
it used in its HP-UX version of Unix. "It hasn't met with widespread
acceptance in its HP-UX form; I'm not sure why it would have widespread
acceptance in a Linux form," he said. "I'm not sure where this is going
to take them."

Generally, customers have "not looked to operating system suppliers for
security products," Hemmendinger said. "They look to companies with
domain experience in security."

Copyright 2001 Computerworld (US), International Data Group Inc. All
rights reserved.

Linux community gathers for 10th anniversary
By Ed Scannell
InfoWorld.com (US)
SAN MATEO (08/27/2001)

[snip]

SuSE Linux AG will show off its Linux Firewall, a live system that
enables the operating system to be booted directly from a read-only
CD-ROM. Company officials believe that because the product's code is on
fixed media, it will be impossible for outsiders to manipulate the
firewall software.

Hewlett-Packard Co. will debut its HP Secure OS Software For Linux,
expected to be priced at US$3,000. It will include the 2.4 version of
the Linux kernel, a variety of HP-developed open-source enhancements,
and the Apache Web Server.

Copyright 2001 Computerworld (US), International Data Group Inc. All
rights reserved.

Compaq executive kicks off Linuxworld
By Mark Jones
InfoWorld.com (US)
SAN FRANCISCO (08/28/2001) - Compaq Computer Corp. kicked off the annual
LinuxWorld Conference and Expo here Tuesday calling for improved
scalability, reliability, security, and support before Linux will truly
take off in the enterprise.

"There are [security] vulnerabilities in open source," said this
morning's keynote speaker Shane Robison, Compaq's CTO and senior vice
president, who challenged the Linux community to come up with answers to
these shortcomings.

[snip]

The number one reason enterprise customers are hesitant to deploy Linux
in mission-critical environments beyond Web and file serving is because
it "lacks the one-stop shop of support," otherwise offered by vendors.

The second shortcoming is the "need for highly skilled individuals to
deploy and run mission-critical applications," he said. In addition,
attention to a coherence and adoption of open-source standards and
better scalability of large Linux systems is needed, he said.

Linux must also improve in the areas of system throughput and enhanced
administration capabilities for large enterprise applications before
large ISVs move to greater acceptance, Robison said.

[snip]

Copyright 2001 InfoWorld.com (US), International Data Group Inc. All
rights reserved.

Cordialmente,
Stefano Zanero

ComputerWorld Italia (www.cwi.it)



________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List