SuSE founder flees, stupid Sony (and discover new music)

In today's IT Blogwatch, we look at the founder of SuSE leaving Novell, as well as the first trojan to use that Sony DRM-cum-Trojan-cum-rootkit we reported on last week. Not to mention a great way to discover new music based on "music genomes."

The founder of SuSE, Hubert Mantel, has decided to throw in the towel at Novell. As Jeremy Garcia of LinuxQuestions.org tells it, "Hubert Mantel has announced his resignation from Novell. '...this is no longer the company I founded 13 years ago.' were his parting words. Novell has a terrible history of wasted opportunity with technically superior products, but poor marketing. I held high hopes for them this time, but with this news along with the layoffs and other high profile departures, one has to wonder. I think the following comment is extremely telling: 'I have been the maintainer of the Suse kernel for more than a decade now,' Mantel wrote. 'I'm very confident the Novell management will find a competent successor very quickly. After all, there are lots of extremely skilled people over there in the Ximian division.' ... Does it have to do with a different internal struggle that was lost by the Suse division? Hard to tell at this point, but the recent grumblings I've heard about 'being noising' gaining more ground within the company than 'being correct' may have some basis. Please Novell, don't screw this up. Having two solid Enterprise distributions is critical."

» MajQa': "I suspect that when Novell purchased Ximian and later SuSE, the higher-ups at both firms probably had visions of eventually running Novell. I believe it was inevitable to see a shakeout or coup take place within Novell given the polar opposites that SuSE and Ximian team are -or- were ... Yes, Novell is going to have the KDE libraries included on their future releases, but as a practical matter I think SuSE's KDE support is going to go largely (at best) the way of RH's and Fedora's. Sure, a community project will probably appear, perhaps through OpenSuse, that keeps KDE going - but it's obvious to me that Novell is casting its lot with the Ximian/Mono team and all things Gnome. This was probably a business decision driven not so much by technical merits, but by internal lobbying and PowerPoint presentations. ;-) ... Although I think Novell would have been much smarter to dump Gnome and focus solely on KDE with respect to the desktop, they probably couldn't justify it given all of the investments they made in Mono and the Ximian guys. Besides, I don't think Novell bought Suse because of its strong KDE focus, rather it was interested in the SuSE brand, market position, and a fast way to become the #2 player in the Linux ballgame."

» Bsonne: "Gah... so Novell is cutting people and hurting my favourite bloated distro, SuSE. Been a happy SuSE & KDE user for years, mostly because I can't stand RedHat and the god awful Gnome desktop. Feels like crap, organized like crap, looks like crap. Retarded 'spatial views'." [Ah c'mon, don't beat around the bush, tell us how you really feel] "In addition, I've always felt that SuSE's internationalization has been better than any other distro I've tried, probably because it started off non-American and consequently had to have a wider worldview and culture scope..."

On Nov 2 IT Blogwatch warned about rootkits on music CDs. Now word is out now that the first exploit has been spotted. Carlo at Techdirt admonishes Sony: "As if things weren't bad enough with Sony's lovely rootkit DRM, what with it acting like spyware and everything, now virus writers are using it to cover up their work -- just as was earlier predicted. The Sony software conceals filenames that start with "$sys$", so a new variant of a trojan simply uses a similarly named file that becomes completely invisible on computers infected with the Sony rootkit."

» Tom Raftery put it succinctly in his heading: "Don't buy Sony label music! ... Since [Mark Russinovich of Sysinternals] revealed the existence of the rootkit software, Sony has issued an uninstall procedure for the software but as Mark points out this uninstall procedure requires the user to go through by two web forms, an email and an ActiveX control and the uninstaller is locked to a single computer, preventing deployment in a corporation. Now we learn from an article in the Reg that a virus writer has written a variant of of the Breplibot Trojan which drops files into the Windows directory which are incapable of being found except with very specialised software, if you have the Sony rootkit on your PC. Bottom line - if you are buying music CDs - check if they have Sony on the label, and if they do, don’t buy them."

» Our own Alex Scoble echoes this thought: "Just amazing to me how companies can do this sort of thing and then act like it's the most natural, moral and ethical thing to do. Sony might as well not be putting these CDs on the market. Either way, they'll get no money from me. On CDs or other Sony branded products. Again I urge others to do the same. Companies that treat their customers as criminals, rather than as human beings, don't deserve to have customers. It's as plain as that."

» Mary Jo Foley, Microsoft Watch: "Microsoft execs are saying they are "concerned" and "evaluating the situation." Sony BMG acknowledged that the rootkit-style features are part of DRM technology that began shipping with CDs in 2005, and released a software patch to disable it. But the patch did not really remove the rootkit. And Sony made the process for cleaning contaminated systems too arduous, critics said. Sony has a long way to go to get out of the doghouse on this one."

» Dwight Silverman, TechBlog: "In my interview with First 4 Internet Chief Executive Mathew Gilliat-Smith earlier this week, I speculated it wouldn't take long before theory became reality. He said his company and Sony were working with antivirus companies to provide them the information needed to remove the rootkit. Here's hoping those companies are deploying that fix, and fast."

Buffer overflow:

And finally... Pandora 2.0 is now free

Richi Jennings is an independent technology and marketing consultant, specializing in email, blogging, Linux, and computer security. A 20 year, cross-functional IT veteran, he is also an analyst at Ferris Research. Contact Richi at blogwatch@richi.co.uk. Also contributing to today's post: Judi Dey, our very own Antipodean.