[UKUUG Logo] Copyright © 1995-2004 UKUUG Ltd

UKUUG


news@UK 4.1

The newsletter of the UK UNIX User Group.
Volume 4 Number 1 February 1995

UKUUG News

Reviews

Around Europe

From the Net

Calendar of Events

Acronyms for 1995


Editor's Column

(Susan Small)

The last issue contained a questionnaire designed to find out what you think about the three-year- old newsletter. Of the 18 responses I received, the statistical analysis showed an overwhelming majority for the "About Right" column. Is it only satisfied customers who return questionnaires? Or was the layout so cleverly constructed that ticks in the centre-column were the only possible option?

One respondent suggested a glossary of acronyms would be useful and I have taken this suggestion on board.

There was a request for the Guru column to return and for techie articles to be included. I will be following these ideas up and want to hear from anyone who would be prepared to contribute in these ways.

One member commented that the Group as a whole contributed "little to my life except expense". If the Group is to survive and give its members useful services, the Council needs to know from you what it could be doing.

In a similar vein, other members asked what the Council, SIGs, LUGs etc were actually doing and why they didn't have a regular column. Consequently, I have asked for a report of the monthly Council meetings for inclusion in the newsletter. YOU, however, are the SIGs and LUGs and I can only report your activities if you are doing anything. You will have seen by the other enclosures that the Linux SIG has sprung to life and has produced its own newsletter. This has been a tremendous effort by Martin and I hope the SIG will go from strength to strength.

More book and product reviews were asked for so, if there is a new book or product you would be interested in reviewing, let me know.

A number of people wanted to hear more about SAGE-UK. Lindsay can't, however, make up a column out of thin air, so unless administrators get involved there is nothing we can report.

My thanks to all those who took the time to respond - I hope future editions of the newsletter will convince you that it was worth your effort.


UKUUG News

Report from the Chair

(Mick Farmer)

The most important news I have to report this time is the fact that our new Linux SIG has been formally launched. This SIG is a departure from our normal organisation in that non- members of the UKUUG can subscribe for an annual fee of £20.00. The reason for this is that your Council feel that there's a lot of interest in Linux, especially amongst those who wouldn't normally join a technical group such as the UKUUG. Your Council thinks that our Linux SIG can act as a forum for those wanting to exchange information (including hardware and software) about this exciting version of UNIX. The SIG has an enthusiastic chair in Martin Houston, and he intends to publish a bi-monthly newsletter. Initially, this newsletter will be prepared as a hypertext document for the World Wide Web (WWW) and the paper version will simply be a hard-copy printout. We have taken the oportunity to send every member of the UKUUG a copy of this first issue of their newsletter. It is not a cheap exercise, so please let us know whether you would like to receive subsequent paper versions of the Linux newsletter (please phone, or send e-mail, to Owles Hall).

Your editor of news@UK published a readership survey in the last issue of news@UK, and, as Chair, I'm well pleased with the results as it seems that we are producing a newsletter containing what you, our members, want to read. However, as she points out in her own column, she can only include what the various LUGs and SIGs send her. In the future I, for one, will ensure that reports of any Council meetings are included.

It appears that some of you would like us to resurrect the "The Guru is In" column which appeared spasmodically in the old EurOpen Newsletter. For this to work, we need two things from you, our members. First, we need a small group of people to act as Gurus. If you would like to nominate someone, even yourself, then please contact Owles Hall, remembering to state that person's areas of Guru-ness. Second, we need queries from our membership for our Gurus to answer. So, if you have a question that we may be able to respond to, please send it to Owles Hall.

Finally, I had intended to include a trip report of my visit to the Usenix Conference in New Orleans during January. Unfortunately, the cold bug that seems to be going round laid me low for a couple of weeks, so this will have to be held over for the next issue.


SU2SG

(Nigel Mitchem)

The tenth meeting of the Small Unix Systems Services Group took place at Wye College, Kent, on Monday 16 January 1995. Those in attendance were from City University, Royal Free Hospital School of Medicine, London Business School, Sun Microsystems and of course Wye College. We were also joined by an ex member of Wye who has ventured out into the commercial world. After gathering in the Flying Horse (Shepherd Neame) we trouped off to the college where, after the initial business, Dai Jones of Sun Microsystems gave a presentation. The ensuing discussion was quite lively covering issues from support for Solaris 1 to Sun pricing compared with third party vendors. After the site reports the meeting closed and the hardened drinkers headed for Ashford where further discussions continued over several beers and games of pool.

The group was set up as a forum where administrators of smaller systems could discuss problems and perhaps pick up some useful information. It evolved out of the old University of London Gould Unix Users Group which disbanded as all the Gould Powernodes disappeared to be either broken down for spares or used as pretty efficient room heaters. We meet about 3 times a year and always start and end in a pub, new members would be welcome.

If you are interested in coming along to a meeting or would like to find out more about the group please email me or look at our page on the World Wide Web: http://web.cs.city.ac.uk/archive/su2sg/su2sg.html The date of the next meeting is provisionally set for Monday 3 April 1995.


IP Workshop - Follow UP

(Andrew Macpherson)

Thank you all for filling in the questionnaires at the IP Workshop at the Zoo. Some of you doubt that we pay attention to them. We do. I thought we might share with you, what you as a group thought about the event, and what we have learned for next time.

We had two questionnaires. The first covered the two tutorial days, the other covered the workshop day itself. Both had space for general comments, as well as the questions where we wanted specific information. Very helpful your comments were too. Look out, at future events, for sketch plans or maps to guide you to the venue. Look also for coffee as you arrive (provided you don t beat the caterers).

On the Tutorial days, you thought the meal was better on the "Network Programming" day. We will be looking at the menus. You didn t like the long queues, and wanted more time to see the Zoo. You found the room only just acceptable, but our overall organisation scored well. In general the academics had higher expectations (though the numbers were too few to justify serious generalisation).

On the Workshop we asked a standard marketing effectiveness question. Where did you hear about the day? We were not surprised with the results. The most efficient way to attract attendees is via direct mail in some form. The most cost- effective is still the network news.

Overall, your comments complain about sessions being too short, insufficient in technological information, and containing too much background. The detailed questions reveal that two talks were unacceptable. One failed on the grounds of content, the other on the speaker s presentation ability. I shall not name these for obvious reasons. Runaway successes in the presentation stakes were Ian Batten, Nigel Titley, Jon Crowcroft and Jim Reid. Jim also hit the nail on the head with a presentation well suited to your needs, with Andy Wilson rated next most relevant. Well done chaps! Your public applauds you!

The bottom line is that you thought the event worth repeating, and that you would book for an advanced version of the IP Network Administration course. The Network Programming course was considered to be top-level and should be continued in its current form.

Looking at the technical side we have, below, the actual ratings you gave for the Tutorials:-

Tutorial        IP Network Administration       Network Programming     Overall

                Academic  Commercial            Academic  Commercial

Attendees              6          23                   5          17         51

Courses/Year        1.00        2.48                1.60        2.12       2.10

Knew His Stuff      8.83        8.57               10.00       10.00       9.22  High Praise

Quality of Notes    7.83        7.65                9.00        9.18       8.31  Good

Communication       8.00        8.70                9.40        9.35       8.90  Very Good

Quantity of Notes   6.11        6.52                7.33        6.86       6.67  Probably OK

Pace of lecture     5.56        6.38                6.00        7.06       6.47  Slow

Level of lecture    5.56        6.09                6.67        6.86       6.34  Slightly low

Correct background  5.00        6.38                6.00        6.67       6.27  Starting low

Value for money     7.33        7.78                6.80        9.00       8.04  Ivory tower?


News from Owles Hall

(Jane Morrison)

First of all thank you to all members who have already promptly paid their 1995 subscription fees. We have received numerous payments already and we trust that the trend to pay early will continue. Please don't forget you can pay your subscription by credit card by just telephoning this office and giving the details.

The Owles Hall office space was refurbished early in 1995 and the office redesigned. We also cleared all the old files into the basement and have now created quite a bit of space within which to work. The only problem is we keep losing things and looking in the wrong place; I expect we will sort ourselves out gradually.

After the first week of reorganisation we plunged back into work swamped not only by the subscription payments but also the flood of bookings for the joint EurOpen/UKUUG Advanced UNIX & Internet Security Seminar. This event is very popular and at this time we are awaiting confirmation of the exact size of the room booked to see if we have reached our capacity. It is very welcoming to us to run an event that is so popular. Let's hope this trend continues into the rest of the 1995 UKUUG and EurOpen events.

The book discount scheme still appears to be popular and we turn over quite a number of books per month.

We have just started work on the newly formed Linux SIG. A press release has been circulated and applications have already been received to join the group - please note that if you are already a member of UKUUG you will receive all the Linux SIG information, but you will need to register your interest first. Non-members of the UKUUG who wish to join the SIG and receive the various materials will need to pay a fee.

The next UKUUG council meeting will be held early in February and hopefully your Committee will discuss future events and will be able to announce a list of dates for the rest of 1995.


Reviews

ReadyFaxPak

£289 from User Interface Technologies

(Mick Farmer)

User Interface Technologies (UIT) is one of a growing number of software suppliers who make available pre-compiled binaries of popular public-domain software for a variety of hardware platforms. Although paying for something that we can get for free may appear dumb, there are advantages in this approach. We are paying someone else to worry about collecting the software together, compiling it without errors, and generally packaging it into one neat module. It also means that we have support to call on if our installation comes to grief.

UIT has produced a number of such software packages, under the general name of Ready-to-Run Software. Their packages are available for the following hardware platforms:

If you need to modify the package, or port it onto another system then a source package is also available.

Installation

ReadyFaxPak is UIT's version of Sam Leffler's flexfax package that has been available on the net, and elsewhere, for some years now. Some people in my department have wanted the ability to send faxes directly from electronic documents without having to print them first so I had already investigated Sam's package when Niall Mansfield of UIT offered me this review copy. Good timing I thought.

Installation was straightforward, mainly concerned with where to put such a large package. As is usual with UNIX installations, the files and sub-directories were spread over half a dozen directories, making it non-trivial remembering where everything was. The script, faxaddmodem, for creating our modem configuration file was a little flaky (though, to be fair, UIT mention this in their Installation Information) so I ended up doing it the time-honoured way, by hacking a similar existing configuration file.

ReadyFaxPak relies on the ghostscript package for format conversions and displaying PostScript documents. We already had this on board so no problems there. However, when I started to create a cover sheet the software kept complaining about missing font files. A quick call to UIT's help desk soon solved this. Apparently, the installation occasionally created a file where there should have been a directory! I deleted the file and renamed a handy backup directory and we were in business.

The only other problem I encountered was with my modem. When I want to send a fax, the software chats to the modem. This is called "teaching the modem" about your document. The problem was that my modem refused to learn! Another quick call to the UIT help desk solved the problem. My modem was antiquated (US Robotics 14,400 fax modem bought last year :-). Sam's software assumes that it's talking to a Class 2 Group 3 fax modem. As soon as I installed one of those, the fax system was working.

Sending faxes

I designed a cover sheet suitable for most purposes, though the software allows individuals to use their own sheets. You can mix document types in a single fax document, which is handy for faxing pictures and diagrams to publishers. I very quickly fell into the pattern of creating my documents using troff, etc. and then sending the resultant PostScript files as faxes.

Receiving faxes

Incoming faxes are saved in a spool directory. As it is almost impossible to reliably determine who a fax is addressed to, we leave it to one of our system administrators to periodically check incoming faxes and to notify those concerned that they have received a fax.

Graphical Interface

I thought that I'd leave one of the best bits until last. UIT provide a neat GUI for X Windows users. Written in tcl, this front end allows you to view faxes, either before sending them or after receiving them. It also allows you to control the send queue, receive queue, and the server in an easy-to-follow manner.

Finally

UIT describe ReadyFaxPak as "an easy-to-use, easy-to-administer fax system for UNIX networks ...". Certainly I thought that it lived up to these claims. Once installed, the system worked beautifully and many people were happy with the new facility.

As is often the case, new software in one place emphasises a defect in older software somewhere else. One colleague wanted to incorporate incoming faxes directly into electronic documents, but found that the faxes were often not aligned correctly. Could I provide an extra facility to just rotate the images a little? I suggested, as politely as possible, that they go elsewhere.


Around Europe

Congratulations are due to Andrew Macpherson, one of our Council members, who was elected as Treasurer of EurOpen at the beginning of February.


From the Net

Phil Zimmermann Legal Defense Fund Appeal

(Hugh Miller)

In November, 1976, Martin Hellman and Whitfield Diffie announced their discovery of public-key cryptography by beginning their paper with the sentence: "We stand today on the brink of a revolution in cryptography."

We stand today on the brink of an important battle in the revolution they unleashed. Philip Zimmermann, who encoded and released the most popular and successful program to flow from that discovery, Pretty Good Privacy ("PGP"), may be about to go to court.

It has been over fourteen months now since Phil was first informed that he was the subject of a grand jury investigation being mounted by the San Jose office of US Customs into the international distribution, over the Internet, of the original version of the program. On January 12th, Phil's legal team will meet for the first time with William Keane, Assistant US Attorney for the Northern District of California, who is in charge of the grand jury investigation, in San Jose. An indictment, if one is pursued by the government after this meeting, could be handed down very shortly thereafter.

If indicted, Phil would likely be charged with violating statute 22 USC 2778 of the US Code, "Control of arms exports and imports." This is the federal statute behind the regulation known as ITAR, "International Traffic in Arms Regulations," 22 CFR 120.1 et seq. of the Code of Federal Regulations. Specifically, the indictment would allege that Phil violated 22 USC 2778 by exporting an item listed as a "munition" in 22 CFR 120.1 et seq. without having a license to do so. That item is cryptographic software PGP.

At stake, of course, is far more than establishing whether Phil violated federal law or not. The case presents significant issues and will establish legal precedent, a fact known to everyone involved. According to his lead counsel, Phil Dubois, the US government hopes to establish the proposition that anyone having anything at all to do with an illegal export even someone like Phil, whose only involvement was writing the program and making it available to US citizens and who has no idea who actually exported it has committed a federal felony offense. The government also hopes to establish the proposition that posting a "munition" on a BBS or on the Internet is exportation. If the government wins its case, the judgment will have a profound chilling effect on the US software industry, on the free flow of information on the emerging global networks, and in particular upon the grassroots movement to put effective cryptography in the hands of ordinary citizens. The US government will, in effect, resurrect Checkpoint Charlie on the Information Superhighway.

By now, most of us who are reading this know about Phil and the case, whether by having the program and reading the doc files or by seeing reports in the Wall Steet Journal, Time, Scientific American, the New York Times, Wired, US News and World Report, and hundreds of other news outlets; on Usenet groups like talk.crypto.politics or alt.security.pgp; or by listening to Phil give talks such as the one he gave at CFP '94 in Chicago. We know that PGP has made great strides since version 1.0, and is now a sophisticated encryption and key-management package which has become the de facto standard in both micro and mainframe environments. We know that Phil and the PGP development team successfully negotiated a commercial license with Viacrypt, and, through the efforts of MIT, a noncommercial license for PGP with RSA Data Security, the holders of the patent on the RSA algorithm on which PGP is based, thus freeing the program from the shadow of allegations of patent infringement. We know that programs such as PGP represent one of our best bulwarks in the Information Age against the intrusions of public and private information gatherers. We know that PGP is a key tool in insuring that the "Information Superhighway" will open the world to us, without opening us to the world.

What we may not all know is the price Phil has had to pay for his courage and willingness to challenge the crypto status quo. For years now Phil has been the point man in the ongoing campaign for freely available effective cryptography for the everyday computer user. The costs, personal and professional, to him have been great. He wrote the original code for PGP 1.0 by sacrificing months of valuable time from his consulting career and exhausting his savings. He continues to devote large amounts of his time to testifying before Congress, doing public speaking engagements around the world, and agitating for "cryptography for the masses," largely at his own expense. He is now working, still for free, on the next step in PGP technology, PGP Phone, which will turn every PC with a sound card and a modem into a secure telephone. And we know that, just last month, he was searched and interrogated in the absence of counsel by US Customs officials upon his return from a speaking tour in Europe.

Phil's legal team consists of his lead counsel, Philip Dubois of Boulder, CO; Kenneth Bass of Venable, Baetjer, Howard & Civiletti, in Washington, DC, first counsel for intelligence policy for the Justice Department under President Carter; Eben Moglen, professor of law at Columbia and Harvard Universities; Curt Karnow, a former assistant US attorney and intellectual property law specialist at Landels, Ripley & Diamond in San Francisco; and Thomas Nolan, noted criminal defense attorney in Menlo Park.

While this is a stellar legal team, what makes it even more extraordinary is that several of its members have given their time for free to Phil's case. Still, while their time has been donated so far, other expenses travel, lodging, telephone, and other costs have fallen to Phil. If the indictment is handed down, time and costs will soar, and the members of the team currently working pro bono may no longer be able to. Justice does not come cheap in this country, but Phil deserves the best justice money can buy him.

This is where you and I come in. Phil Dubois estimates that the costs of the case, leaving aside the lawyers' fees, will run from US$100,000 - $150,000. If Phil's team must charge for their services, the total cost of the litigation may range as high as US$300,000. The legal defense fund is already several thousand dollars in the red and the airline tickets to San Jose haven't even been purchased yet.

In September, 1993 I wrote a letter urging us all to support Phil, shortly after the first subpoenas were issued by Customs. Today the need is greater than ever, and I'm repeating the call.

Phil has assumed the burden and risk of being the first to develop truly effective tools with which we all might secure our communications against prying eyes, in a political environment increasingly hostile to such an idea an environment in which Clipper chips and digital telephony bills are our own government's answer to our concerns. Now is the time for us all to step forward and help shoulder that burden with him.

It is time more than ever. I call on all of us, both here in the US and abroad, to help defend Phil and perhaps establish a groundbreaking legal precedent. PGP now has an installed base of hundreds of thousands of users. PGP works. It must no other "crypto" package, of the hundreds available on the Internet and BBS's worldwide, has ever been subjected to the governmental attention PGP has. How much is PGP worth to you? How much is the complete security of your thoughts, writings, ideas, communications, your life's work, worth to you? The price of a retail application package? Send it. More? Send it. Whatever you can spare: send it.

A legal trust fund, the Philip Zimmermann Defense Fund (PZDF), has been established with Phil Dubois in Boulder. Donations will be accepted in any reliable form, check, money order, or wire transfer, and in any currency, as well as by credit card.

If you admire PGP, what it was intended to do and the ideals which animated its creation, express your support with a contribution to this fund. To send a cheque or money order by mail, make it payable, NOT to Phil Zimmermann, but to "Philip L. Dubois, Attorney Trust Account." Mail the cheque or money order to the following address: Philip Dubois, 2305 Broadway, Boulder, Colarado, USA 80304. To send a wire transfer, your bank will need the following information: Bank: VectraBank Routing No: 107004365 Account No: 0113830 Account Name: "Philip L. Dubois, Attorney Trust Account".


Calendar of Events

1995
8-10 Feb,
Advanced UNIX and Internet Security Workshop, London, UK
21-23 Feb,
Uniforum, Texas, USA
12-13 Mar,
USENIX/SAGE Tutorials On Internet Security, UNIX Power Tools, Firewalls, And The Law And Computers, Texas, USA
21-23 Mar,
UNIX 95: Challenge and Strategies, Paris, France (AFUU)
10-11 Apr,
2nd USENIX Symposium On Mobile And Location-Independent Computing, Michigan, USA
24-29 Apr,
4th System Administration, Networking, And Security Symposium (Sans IV), Washington, D.C., USA
18-22 Sep,
LISA IX, California, USA

Acronyms for 1995

BBS:
Bulletin Board Service
GUI:
Graphical User Interface
LISA:
Large Installation System Administration
LUG:
Local (UNIX) User Group
MIT:
Massachusetts Institute of Technology
SAGE:
System Administrators' Guild
SIG:
Special Interest Group
SU2SG:
Small UNIX Users Systems Group
WWW:
World Wide Web
Tel: 01763 273 475
Fax: 01763 273 255
Web: Webmaster
Queries: Ask Here
Join UKUUG Today!

UKUUG Secretariat
PO BOX 37
Buntingford
Herts
SG9 9UQ