Interview with Mohammed J. Kabir, author of the “Red Hat Linux Survival Guide”

Mohammed J. Kabir (prefers to be called Kabir) is the founder and CEO of EVOKNOW, Inc. His company, EVOKNOW, develops email and GIS software. Kabir also leads a consulting group that helps corporations utilize Open Source software.

Kabir has written many books on Open Source technologies since 1996. His recent ones are: Secure PHP Development, Red Hat Linux Server 8, Red Hat Linux Survival Guide, Red Hat Linux Security and Optimization, and Apache Server 2.

How long have you been working with Linux? How did you get interested in it?

I started with Linux in the early 90s during my university days at CSUS. I remember downloading Linux from a prominent Finish FTP site into 20+ 1.44MB floppies. It took three days in a row to get base Linux with X Windows up and running on an i386.

Once booted for the first time, the system remained turned on until many of my friends had a chance to visit my apartment. Next, I was able to hook up a dumb terminal to the Linux box via a null modem. This became my roommate’s Gopher/USENET browsing terminal. It was a lot of fun!

My interest continues to remain glued to Linux because it gives me a very powerful command-line, full remote access and the ability to tune just about every aspect of the OS.

How long did it take you to write “Red Hat Linux Survival Guide” and what was it like? Any major difficulties?

As it was not my first Linux book, I was pretty much at home with writing process. I remember worrying about the size of the book a lot as my goal was to give it a small profile. I was traveling a lot to Dhaka during the time when I was writing this. As power failure in Dhaka is an almost every-day event, I had a great desire to write about UPS and power management. But later I decided against it as I figured the target audience won’t worry about power failure too much. Now that I know better, UPS/power management will be in the future edition.

You’ve written several books – out of all of your writing ideas how do you decide which ones to develop further?

There is no defined process. Whatever seems most exciting to me personally gets the most attention.

In your opinion, where does Linux need the most software development at the moment?

I primarily use Linux on the server side. Linux servers are the most cost-effective, reliable, and least demanding on the hardware. I would like to see more Open Source network and security management/audit tools that make it easy for any Linux administrator to do the job right.

Even though Linux desktop is getting better every day. It still remains too complex for average users. IMHO, Mac OS X has the best desktop in the market. I would love to use Linux on the desktop if it can someday provide Mac OS X like user experience.

What advice do you have for people that are considering switching to Linux?

For individuals, switching to Linux has become an easy transition thanks to tons of good books, helpful USENET groups, useful Web sites and easy to install distributions.

However, many corporations are still switching to Linux the old fashion way. Someone in the MIS becomes tired of rebooting the blue-screen servers and switches one to Linux. Then one Linux server becomes two and so on. IMHO, such a process often lacks a proper migration strategy and can result into expectation mismatch.

I think large corporations interested in switching to Linux must make a strategic migration plan and execute it with expert help so that expectation mismatch is avoided. A migration plan that includes user training, security measures, expert review can yield a long-lasting positive Linux experience for everyone involved.

What’s your take on the adoption of Linux in the enterprise? Do you think it will give a boost to security?

Linux is already in many large and small enterprises throughout the world. Corporate adoption to Linux is very important for the growth of Linux as a professional server OS platform.

The consulting arm of my company is dedicated to Linux and other great open source technologies. We have helped many enterprises deploy Linux in their core business functions. It is our professional experience that many CEO/CTO/CIO are more and more aware of the security risks today than ever before. They are now asking for security blue-prints as part of new development or migration, which is good news for their customers. In short, security is finally “in” and it will play an active role in design, development, and deployment of IT infrastructure of the future.

What do you think about the full disclosure of vulnerabilities?

It’s a double edged sward. By having full disclosure consumers can gain information about potentially pending risks due to a breaking. This can potentially hurt a business if customers associate break-ins with negligence. Therefore, corporation will have to take a pro-active role in managing information security. IT security funding should grow, which would mean growth in security products and services — a very good thing.

Unfortunately, full disclosure can also benefit the bad guys. But in the long-run it should do more good than harm.

What’s the most careless act in system administration you’ve ever seen?

My company works in the email space a great deal. We often find system administrators leaving their email servers open for spam relay, which is very careless.

Another common issue we notice frequently is that often site administrators leave PHP error_reporting turned on a production site. This is very dangerous since it can often reveal important information that bad guys can abuse.

What are your plans for the future? Any exciting new projects?

I am currently involved in architecting a new email server solution that promises to improve corporate email communication. As you know, what we call email today has remained unchanged for decades. My company is working on a next-gen email platform that will bring accountability, security, and rules based routing to email in a very user-friendly manner.

On the personal side, I am giving dead-tree publishing a break and working on a few e-books that I plan to publish directly. Currently, I am writing two e-books: Job Tools for Linux and Working with LDAP.

What is your vision for Linux in the future?

Future of Linux is awesome. Linux is growing where IT is growing rapidly. I see a tremendous growth for Linux in Asia. As we all know, India and China have become the “factory” for information technology products and services because of the laws of economics and ready talent.

Interestingly, these countries are switching to Linux fast since most people in these countries cannot afford to pay hundreds of dollars in software licenses. Recently I heard that Japan, China, and Korea are considering making their own OS using Linux as the base. These are exciting changes that will have significant effect on IT worldwide.

Since Asia is learning Linux fast and major software and hardware companies are relocating their development to Asia, it is likely that many future implementation of new software will involve Linux. For example, my company, which has a development center in Dhaka, Bangladesh, plays a small role in promoting Linux in that part of the world. We offers free consultation to local universities and educational institutes that wish to embrace Linux in education.

Finally, I believe that embedded Linux also has a great future as more and more networking and consumer electronic companies will use embedded Linux to drive their products to market. Embedded Linux will help develop products faster, cheaper, and better.