Michael Robertson of Lindows Responds 614
1) why oh why?
by Ender Ryan
Why was it decided that Lindows would always run as 'root' by default? That seems like a pretty bad decision to me, and many others as it's the number 1 complaint of many Linux users who would otherwise like to give Lindows a try, but perhaps we should hear why that decision was made.
Is this how Lindows is going to continue to work in the future? I think this is one "feature" of Win9x that would really be better to leave in the past.
Robertson
I think the larger issue here is how do you balance security vs. ease of use. We are committed to providing a secure desktop operating system and make policy decisions about how to achieve a secure but usable system. For example, not plugging a computer into the 'Net would make it really secure, but not very usable. We did decide to build in a pre-configured firewall because it's largely an invisible security layer that adds meaningfully security to the desktop but stays out of the users way. Most security compromises are external attacks, not root vs. non-root issues.
Historically, multi-user systems made sense when hardware was expensive because not everyone could afford a computer and you could leverage the cost of expensive machines by creating multiple users and doing time sharing. But times have changed and computers are now ultra-affordable with PCs starting at $200.
So there's less need to share computers and have multi-user accounts with all that overhead and complexity. There aren't “administrators” in many of the homes, businesses and schools we are selling to. These are personal computers where the owner needs to be able to set the clock, change the wallpaper, configure a printer, install a flash drive, or load a new piece of software without bumping into nuances of computer science.
Take a Microsoft Windows XP or Mac OS X machine out of the box and use it and it operates in a similar manner to LindowsOS – the first person to touch it can do whatever they want. If we make Linux harder to use then other operating systems, users will not embrace it. Users just want to get their work done, they don't want to be computer experts and they shouldn't have to be. Of course, if they want to add a default password or setup multiple accounts and restrict access to their own machine, they can of course do it on all of these operating systems, including LindowsOS, even though none default that way.
2) User feedback on Linux-based desktop OS
by prostoalex
Since the Lindows PCs have been selling for a while, your marketing and customer service folks must have gotten some kind of feedback from current or prospective users.
What are the things people ask for? What are some things general users would like to see in Lindows or Linux-based desktop distributions that aren't there yet?
Robertson
When we started Lindows.com we believed that software installation was extremely difficult for most users and the biggest obstacle impeding widespread desktop adoption. So we invested considerable engineering in Click-N-Run http://www.lindows.com/clicknrun, which makes software installation (including downloading, menu items, icons, MIME types, etc.) in LindowsOS a one-click experience. It's far superior to anything Microsoft Windows XP has.
Since then, we've heard from consumers about what they want or think is missing in a desktop operating system. The number one item people thought was missing was virus protection. (This surprised me and wouldn't have been my guess; more on this topic in a later question.)
There are some key areas of hardware support which no desktop has today which users consistently bring up including: USB wireless support, Plug & Play USB drives (flash, hard drive and CD/RW), firewire and ACPI (power management for laptops). We hope to address most of these in our next release of LindowsOS version 4.0 coming shortly.
On the software side, it's amazing how quickly the community is filling application holes and a real testimony to the advances is making. Six to twelve months ago the list of “missing” software applications was different then it is today. For those seeking a Visual Basic-like program, Gambas (www.lindows.com/gambas), has made great strides. GAIM www.lindows.com/gaim has emerged as a solid meta-IM client, etc. The biggest individual holes today are probably an online banking aware personal finance program (ala Quicken) and a web development tool that is tightly integrated for creation and management such as FrontPage or Dreamweaver. (We'll announce an very cool, affordable product available in Click-N-Run next week which addresses the online banking need.) Video games is an entire product category missing for Linux. There are some great new companies like GarageGames (http://www.garagegames.com), but the high profile games are absent. Finally, video streaming is weak on desktop . None of the big three codecs (QuickTime, Real, Windows Media) have shown any real commitment to offering support. I think there's a real opportunity for one company to commit to gain the upper hand on the others with a true cross platform solution.
3) Should Linux Remain a Cult Object for Geeks?
by reallocate
Do you think the hostility toward Lindows that characterizes some members of the "community" can be attributed to their desire that Linux remain a "geeks only" cult object?
Robertson
Linux can literally save consumers billions of dollars on software, so I sure hope we can bring it to the masses – that's really our business.
I attended UCSD and as part of my major I was required to take an assembly language programming class. It was one of the computer science “weeder” classes where 60% of students fail or drop out. I struggled through it with a passing grade and had a great sense of accomplishment. The next year the major requirements were changed alleviating the assembly language requirement. I have to admit I wasn't happy with this decision since it meant that those sharing my degree after me didn't have to go through the same torturous experiment.
Until recently, it was a badge of honor to get a Linux desktop running. LindowsOS makes it possible to install in 3 minutes and have it auto-recognize all your components and then install most software with a single mouse click. Those who went through the “weeder” class path naturally won't be that excited.
4) Wine?
by IamTheRealMike
When you started, you put a lot of effort into Wine, sponsoring things like WineConf. That didn't work out, but Wine improves constantly, as the latest releases of CrossOver and WineX show. Do you think you'll ever return to it someday, or are you disillusioned with the whole thing?
Robertson
We really respect Jeremy White, Codeweavers and the rest of the Wine development team, but we did move away from Wine sometime ago. It was really a financial decision. Here's the analysis we went through. Microsoft makes roughly half of their profits from selling their operating system and half selling their office suite. If LindowsOS users still have to depend on Microsoft's office suite then they will only be able to save money on half of their software purchases. Additionally, they'll still have to deal with restrictive licensing, activation codes, endless security issues and expensive upgrade options. Undoubtedly Microsoft would continue to use their might to bully computer users who use one part of Microsoft's offerings into using the others, like they do now with Microsoft Word costing $349 and Microsoft Office priced at $399. We really need to move to a Microsoft-free computing solution to realize dramatic savings.
We thought it much better to continue to focus on the ease of use, but invest our energies in promoting and polishing native programs rather than legacy Micrsoft Windows based programs. This way we can save consumers considerable money on the OS and the other largest expenditure – the office suite. Another critical development is that the StarOffice/OpenOffice products really made major advances. We can now comfortably endorse and distribute these products.
While we stopped promoting Microsoft Windows program capability, we strongly emphasize file format compatibility which we think is critical. People often have a need to open and edit a doc, xls or ppt file and that's what we give them. By focusing on affordable programs, we can give computer users these capabilities for the lowest price.
5) MP3.com in retrospect
by prostoalex
Looking back at MP3.com, what would you do differently if you were to start the music service business all over?
Do you think MP3.com was a good business idea in the first place? Do you think the sale of the site to Vivendi Universal was a good idea?
Robertson
Our goal at MP3.com was to bring digital music to the masses and I think we made a lasting impact and left the world a better place then we found it. We fought hard in congress, courts and in the business world to make MP3 a universal standard because it was the best thing for music fans who were our ultimate customers. Today MP3 is a universal standard, DRM schemes have been thwarted, portable players are legal, virtually all hardware supports MP3, so consumers are in a relatively good place because they can freely move their music around.
We didn't accomplish everything we wanted to do. We championed the concept of a “Music Service Provider” and backed the concept up with phenomenal technology which would store a user's entire music collection online and zap it to any device via an open API (PC, portable, phone, car, CDR, etc) with a single mouse click. Licensing challenges, restrictive law interpretation, and music industry reluctance to embrace new technology torpedoed our efforts on this front. It's interesting to hear the press gush over Apple's itunes “one click” purchase and load to portable player features – something we had two years ago. I think we laid important groundwork to make this happen, but missed delivering on our entire vision.
I sold MP3.com at a time and price that I thought was good for our shareholders and have no regrets and wouldn't change any decision I made.
6)Wal-Mart
by Znonymous Coward
Microtel and Lindows have put togther some great deals for Wal-mart.com; How are sales going?
Will the Microtel + Lindows PCs ever make it to Wal-Mart store shelves?
Robertson
Sales are strong - we have the best selling products at Walmart.com. I'm confident that success will lead to retail store distribution on retailers' store shelves. We're waiting until our next version (4.0) to distribute LindowsOS in major outlets. The quality needs to be there to satisfy everyday (non-technical) computer users. I can't stress how critically important this is to the success of desktop Linux.
Linux MUST be preinstalled on computers to be a sustainable business. The Microsoft stranglehold on OEMs must be cracked to change the dynamics of the PC business. Until this happens, no desktop Linux company should be considered a viable longterm company.
7) PATENTING ONE-CLICK-INSTALL
by neitzsche
Dear Mr. Robertson,
Could you please update me on your efforts to patent your one-click-software-update solution?
If you are granted such a patent, do you plan on allowing the open source community free (beer/speech/both?) licensing?
Robertson
We don't have a patent on Click-N-Run and have not filed a patent application. I'm not a big believer in method patents. Patents need to be “non-obvious”. I'm not sure “one click anything” is patentable or should be – whether an order process (think Amazon) or software installation routine.
8) Viruses
by minus_273
Not having viruses is one of the upsides of . Why do you sell a virus scanner for Linux?
Shouldn't you be presenting the lack of viruses as one of the reasons to switch?
Robertson
I shared your viewpoint initially, but then we heard from users and discovered something new. What people thought was most lacking from LindowsOS that prevented everyday use was “virus protection”. I was surprised by this result so we talked to users to understand their logic. It turns out that they have been so traumatized by the virus problem on Microsoft Windows that it has shaped their view of the world. Many told us they would NEVER use a personal computer without virus protection because either they had been infected and publicly embarrassed or they knew someone close to them who had. Others said that their corporate policy mandated virus protection or the employee could be disciplined. It's no longer a rational decision, but simply a presupposition to using a computer.
Let me use an analogy. Say someone grew up in the crime-ridden inner city project and then decides to move to the country. No matter how hard that real estate agent tries to use statistics and reasoning to convince them they don't need locks on their doors of the house they're buying, the buyer won't believe it because that's not the world they grew up in. 95% of the world has grown up in a Microsoft virus-infested project. Microsoft has cleverly positioned it as a solely external problem so they don't have to incur the cost to fix it. Bravo to Microsoft for good marketing which has saved them billions in support. Consequently, computer users don't see the root of the problem as shoddy Microsoft programs that if they were to abandon the problem subsides, but rather a fact of life of personal computing. It's a lock on the door they insist on having – regardless of the crime statistics in their area.
So we offer a one-click virus solution powered by Central Command. Virii are a tiny problem today on Linux, but as more desktops migrate it would be foolish to think that it will never be a problem. Just stopping inadvertantly passing on Microsoft Windows vulnerabilities has value to many consumers, as I've attempted to illustrate to many people considering desktop Linux.
9) Click-n-Run vs apt-get
by mahdi13
Lindows is based off of the Debian code and uses apt-get to install software from the Click-n-Run repository. What is in place to keep people from changing the apt-get sources from CnR to the Debian sources and install something like Synaptic (and getting newer, updated packages for free) instead of paying the $99/year (with a few execptions)?
Robertson
It is true that LindowsOS is Debian based, but Click-N-Run is no longer apt-get based. We're now on the third generation of the Click-N-Run architecture and it shares virtually no code with apt-get. As often happens you learn a lot when you do version 1.0. In the first version we learned the limitations of apt-get and were forced to create our own system which would better support personalization, commerce, error handling, and low bandwidth environments. We saw about 60% success rate using the first version of apt-get. Today we achieve over a 90% success rate. And we're able to offer advanced features like Aisles, CNR Express, a full featured commerce engine, and critical features like auto-retry and partial install resume.
LindowsOS users are free to use apt-get or any other feature. We don't remove the command line or limit their ability to install software. They can “open the hood” if they want to. Our goal is to do all the heavy lifting for them for a fair price and build a profitable business. If we can't offer value beyone what they can get from apt-get then they shouldn't give us any money. So that keeps us working hard to offer value.
The Warehouse part of the Click-N-Run (http://lindows.com/warehouse) adds tremendous value as well. Not only do users get an informative graphical representation for many products, but because listings are based on popularity they can get a listing of the most valuable software as measured by the community. We also spend considerable amount of time working on the top 25 programs. We typically customize them to make them work well together and on LindowsOS. Since anyone can browse the information for free, we have even learned that our warehouse is used by many who don't use our products as a resource. We recompile the programs to use the “My Documents” folder by default to resolve one of the common complaints from users that “they can't find their saved files”. That's obviously a simple example, but those are the types of things that make all the pieces work well together for LindowsOS users and will bring desktop to a wider audience.
10) Xbox
by randomErr
What ever possessed you to put up the bounty on the Xbox project?
Robertson
To understand my motivation it's probably important to understand my belief in personal ownership. I believe that if you purchase a product, you should have the right to change it, move it, or alter it for your own personal needs. The seller should have the right to say that you void the warranty or refuse to support it if you change it, but you should still have right as the purchaser to make that choice. This goes for music, software and personal computers. My belief is that as long as consumers have this right, then they'll use that freedom to make choices which steer our society in a generally positive direction. I'd contend we've already witnessed this with MP3.
The Xbox is Microsoft's first attempt at a closed architecture PC. What they learn from the Xbox will be in their next generation closed desktop PC system. Microsoft wants to move to a world where THEY decide what software a computer runs because that will allow them to extract the most money from consumers. They'll position this product with a comforting sounding name like “trustworthy” computing and tout the benefits, but it's really about shifting power over an individual's PC from the buyer to Microsoft. Microsoft will put up a permission gate before any software can be installed which will have a fee associated with it. It will ultimately give Microsoft control over a user's computer. This is why we do not, in any way, limit what software users can install.
I think it's critical that consumers have control over their computers and the ability to decide what software they want to utilize. I look at the Xbox as simply a personal computer. This is why I funded the Xbox reward.
NOTE: I funded it through http://pubsoft.org, Russ Nelson's great concept which I hope catches on.
Consumer freedom is also one of the primary reasons I started Lindows.com. If we can get a substantial number of desktop users we will ensure the longevity of an open architecture PC and ensure that the computing world evolves in a consumer-friendly direction.
Thanks for the opportunity to answer your questions.
Running as root is insane. (Score:4, Interesting)
He talks, later, about how his customers are so traumatized by viruses that they'd never consider running a machine without some kind of protection. Windows, which has always been 'features before security', has horrific virus problems.
In essence, he's indirectly bashing his own way of doing business. One of the main reasons viruses don't spread as easily on Linux is simply that normal users don't have permission to mess with system files. Even if a virus DID infect your Linux box, the damage would most likely be contained to the user account's home directory, unless you did something stupid (or weren't patched up properly). Lindows is, in essence, being stupid by default. He's trying to make Lindows 'just like Windows' -- so you get all the design problems and fewer user-level features to boot. What a deal.
If he wants to make Linux BETTER than Microsoft, this is likely an area of key differentiation, and yet he's glossing over the whole issue for 'user convenience'. Instead, he should be investing resources into engineering a solution that preserves both ease of use AND security. It can be done, it just costs time and money. Mandrake has a decent solution to this problem. It could be improved, but it's not too bad. It would make a fine starting place.
A corollary of an old computer aphorism: "Cheap, secure, convenient. Pick any two."
Kidding yourself (Score:5, Insightful)
A Linux virus could do significant damage without root access, and there are a variety of ways that such a virus could trick the user into giving it root access. Trojan a RPM or DEB, or even just ask the user for their root password with some excuse like "Your hard disk has reached a fragmentation level of 30%, we recommend that you defragment it now. Please enter your root password").
Re:Kidding yourself (Score:5, Insightful)
In general, the idea that users don't have access to anything important is a holdover from when Unix meant large multi-user systems with regular backups. In Linux desktop use, the files in ~ are probably more important and less replaceable than system files. And, as you say, there's no need for root access for an email virus to spread.
Re:Kidding yourself (Score:5, Funny)
you are right... it needs Microsoft Outlook.
anyone who put's scripting in any email program needs to be brutally killed in the streets, and their body publically impaled as an example to others...
same goes for the ability to do anything with an attachment but SAVE AS.... come on programmers.. get a clue.
Re:Kidding yourself (Score:3, Insightful)
And you're kidding about Outlook right? I've seen email viruses that worked in Pine. All that was required were gullible users who would hasten to forward an email to their entire addressbook because they'd read a line in a scare-mail like "forward this to everyone you know immediately".
Just as scary, and not unheard of o
Re:Kidding yourself (Score:5, Insightful)
It most certainly does. Just remember that for the longest time, everyone KNEW that viruses couldn't be spread by looking at e-mails. nowadays, just looking at it in the preview pane is enough to infect your system and send it to everyone on your list if you haven't patched and secured Outlook Express.
The behaviour you're describing is a result of idiocy. Outlook viruses make it so non-idiots can infect their systems my doing something mundane and not paticularly stupid at all (reading an e-mail isn't stupid. Opening foreign executables can be.)
Re:Kidding yourself (Score:5, Insightful)
And when someone finds a security hole in a commonly used version of Mozilla or Evolution, that could hit a significant percent of desktop Linux users. If we make the assumption that the number of such users is going to grow, I think it is safe to assume that they are not as likely to use something that doesn't look like a Windows e-mail client. They want to make the transition as simply as possible.
There will be Linux viruses. We will get hit. Currently, the smaller installed base and the diversity of distributions, client software, kernel versions, etc. is making Linux harder to target. If 90% of desktop users were using Linux, and 80-90% of those all used the same e-mail client, browser, and word processor, Linux would provide a rich target environment. More virus writers would target it.
Re:Kidding yourself (Score:4, Insightful)
Thats why things like SELinux or the Debian RSBAC Linux are so important. There is a real need to make sure any user can work out which end is the barrel without pulling the trigger
Re:Kidding yourself (Score:4, Insightful)
OK, they want to save costs, but leave the users out in the cold. NOT the people I want coding my operating system/office/internet browser. Until they take a firm view about actual "security", I will not trust them. Not that I really matter..I'm just a consumer; They could probably care less how I think of them.
Re:Kidding yourself (Score:5, Interesting)
So many people who use this argument are overlooking the obvious. An email virus requires an email program that will automatically execute attachments. There is no email program for Linux that does this. All Linux email programs require the user to:
1) Save the attachment to disk.
2) Change the file attribute(s) to executable (because Linux email programs never save files with the execute bit(s) set).
3) Expicitly run the program.
The reason Microsoft email viruses are so prevelant is because Microsoft's email program requires the user to:
1) Read the email.
2) There is no second step.
Running the system as root will in no way make a user susceptible to email viruses on Linux. However, running as root will greatly increase the damage done to the system if a user runs a malicious program.
Assume that I, under my user account "stormreaver", get tricked into performing the three steps needed to run a malicious binary emailed to me and it completely wipes out my home directory.
If I didn't have backups, which is foolish considering how cheap CD-R's are nowadays and how easy KDE 3.1 makes backups, it's true that I'm out of luck for my personal files. I have to remove my account (by becoming root), recreate my account, and start over. The rest of my system (games, utilities, etc) are all fine.
If I did have backups, which I have, then I delete my compromised account, recreate the user account, and copy my backed-up config files. It takes my (estimating) about ten minutes to get back to where I was (allowing time for reading hundreds of megabytes from the backup CDs). I'm then back in business. Since all my executables (minus my in-development binaries) were protected by root access, nothing was permenantly damaged. At most, I'm somewhat inconvenienced. I saved days of redownloading and installing large non-system apps and several hours of installing and tweaking my operating system (with the latter taking most of the time).
The superuser/regular-user distinction made in Linux is real protection against filesystem viruses because it eliminates the automatic propogation mechanism required by such viruses.
Only profound stupidity on the part of email software developers (and profound stupidity on the part of users running Outlook through WINE, though the threat is greatly reduced on Linux because most WINE installations don't have Microsoft address books) will present an email virus problem on Linux.
Running everything as root will still require active user participation to propogate any type of Linux virus. However, the damage done will be far more extensive.
None of this will matter, of course, if a regular user installs something by temporarily becoming root, and the install program then makes the software setuid root. However, the protections added by the superuser/regular-user distinction are significant.
KDE has almost nailed all circumstances where this is inconvenient and provides a simple way to temporarily become root to perform system-altering tasks. The only one remaining, that I encounter, is having to use the command prompt to su to root in order to install a game using Loki's installer.
Re:Kidding yourself (Score:3, Informative)
Well, not from a virus' point of view. What a virus needs to do is load itself into memory, then save itself to disk, in some way that it will be started again, then hide it's presence as completely as possible.
All of the above is possible if you are running as Root... The last 2 above are ``more difficult'', and ``not possible'', respectively, if the virus is loaded as a non-privlidged user.
I would like to express my utte
Re:Kidding yourself (Score:5, Insightful)
But it is an extra layer of security; virus writers have to work harder to get around the inherent limitations. It's not a free lunch.
On a normal Linux/Unix machine, An HTML-code exploit is not, by itself, going to spawn a remote root shell to Joe Attacker's box; it's going to take either user foolishness ("Type in your root password for maintanance purposes") or a second local exploit to do it.
On a Lindows box, ALL you need is the HTML exploit, no additional stupidity required.
One of the key issues with both real-life and computer-based viruses is containment. You're seeing that now with SARS. If you can slow the rate of infection, you gain time to deploy a response.
Tens of thousands of run-as-root boxes directly attached to cablemodem make a very fertile environment for virus development. An extra layer of security, requiring additional stupidity on someone's part, will slow the spread and help contain the damage.
Any defense can be gotten around, given enough time and effort. That does not, however, imply that no defenses should be deployed. I stand behind my assertion that knowingly defeating one of the main lines of security in an operating system for 'convenience' is grossly stupid.
Re:Kidding yourself (Score:5, Insightful)
In light of this, I wonder if Lindows has considered an online backup service. You could have an automated or manually-run agent make a bzipped tarball of $HOME and transfer it to a Lindows server. Hell, I'd go one step further and encrypt that with ``openssl rc4'' and a user-defined password. Tack on an interface for excluding specified directories and a N-megabyte limit, and I think you have a killer service.
Re:Kidding yourself (Score:5, Insightful)
The reason viruses don't exist/spread is because Linux mailers don't treat data as code. Simply reading text files and HTML (sans Java/Javascript) cannot allow a virus to spread by the *simple* mechanisms that allow them to propagate in the Windoze world.
There is also the diversity argument. Under Windoze, there is essentially only one mailer in common use. If you hack a virus to work with that, it'll spread like wildfire because every mail it sends out to replicate itself has a 99% chance of hitting another machine that'll replicate it. In the Linux world, even if all those outgoing mails reach other Linux boxen, the chances are that most of the people it reaches will be running some other mailer and the virus will stop right there. That DRASTICALLY slows down the growth rate of the virus - so even if one were possible, it would spread at a snail's pace and be easy to contain.
I don't think it has anything to do with root access.
However, I regard the idea of running Lindows in root 100% of the time as sheer lunacy. There is such a thing as protecting a user from himself. "rm -R
Re:Rite of passage. (Score:3, Informative)
Yes, but it isn't:
rm -rf
which is a rite of passage, but instead:
rm -rf
The resulting behavior makes sense, but the first time around it definitely catches you off guard in the painful learning sense. (CAUTION: If you try this, only try it at least two directory levels deeper than anything important.)
Re:There are three reasons... (Score:3, Informative)
reasonable alternative? (Score:3, Insightful)
Re:reasonable alternative? (Score:3, Interesting)
Also, when we "install" applications on Mac OS X it is just a matter
Re:Running as root is insane. (Score:2, Interesting)
Re:Running as root is insane. (Score:5, Insightful)
The last time I used Linux (Redhat 8 for those who are curious), I had to log in as root just to change the resolution of my screen from KDE. This is trivial to a Linux user, but to a Windows user this is ridiculous. Security shouldn't make your computer hard to use, but it does. We all know that when it's scary to use a computer, people just plain won't. Linux may be 'secure', but it also tends to leave the uninitiated with a shivery feeling of using it. That is NOT mass-market appeal.
"If he wants to make Linux BETTER than Microsoft, this is likely an area of key differentiation, and yet he's glossing over the whole issue for 'user convenience'. Instead, he should be investing resources into engineering a solution that preserves both ease of use AND security."
No, the Linux Community should be doing this. He's trying to get Linux out to a larger audience. He has to respond to customer demand that the product be useful without having to learn a lot of strange ideas like what 'root' is. That's exactly what he's doing. If his product is a security risk because they opened up some obvious features that root lets you have, then the Linux Community should step back and say "huh. Somebody could be a real shithead if they had access to this. Maybe we should find a better way to lock it down." His money will be spent trying to get this thing on shelves and marketed so that Linux has a broader user base. You guys want to compete with MS, right? Then make Linux more useful to newbs. Windows has, and continues to have a very strong edge against Linux in this area. Guess what, it's the type of thing people make purchasing decisions on.
Re:Running as root is insane. (Score:5, Funny)
What's so hard about configuring a separate OpenBSD box on the LAN for dialing the ISP while adding packet filtering, NAT, and routing...all in the name of security. It took me only a few days to get it all working just like I wanted it to, and I'm confident it doesn't have weak passwords nor overly-permissive rules for vendor back doors. HTTP, HTTPS, and DNS are all any user would need from the Internet, anyway. Of course, Mozilla needs its own user account. Anything else would be silly.
I just don't understand your argument that security is hard
(BTW, I actually had the above configuration for a while but dropped the separate user account stuff eventually--it's just a PITA)
Re:Running as root is insane. (Score:5, Interesting)
Because his target is people who aren't in the know, he doesn't actually have to be secure. He has to use the airport scheme.
Let me explain the airport scheme. Airport security is bs. I've been through it numerous times since 9/11 and every single time I've noticed obvious gaping holes. If I really wanted to I could have brought a variety of weapons onto the planes. So why is the security there? As one employee of the airport blatantly admitted,
"...It's to make customers feel safe. We know we can't really have foolproof security, so we do things that make people feel secure. The media scares them so much that they wont fly if there isn't an illusion of security to make them feel safe."
I could write a program that sits in the system tray, displays an icon of a bug, and has a few status meters. It would look like it was an anti-virus program. And peopld would buy it. And because it was there they would believe their computer was actually protected from viruses. The media has scared them to be worried about it. But most problems with computers owned by the average non-geek are because the person fudges up their own machine, not from a hax0r or virus.
I think you understand without me typing anymore.
Re:Running as root is insane. (Score:3, Insightful)
How else do you explain the security measures that passengers don't see ? (By the sound of it, I'm sure you're not aware of them all eit
Re:Running as root is insane. (Score:2, Interesting)
Agreed. The Mandrake and Red Hat technique of prompting for the root password seems perfectly reasonable and convenient to me. Running with minimal permission needed to do what you need done guards one against oneself as well as aga
As insane as the user. (Score:2, Funny)
I also own guns, and have never accidentally shot myself. So there you go.
Re:As insane as the user. (Score:5, Insightful)
I also own guns, and have never shot myself. OTOH, I don't keep (all of) them loaded at all times. Also, each has a safety, which I keep on unless I believe I'll need to fire the gun shortly. In addition, they are all kept under my control or observation at all times; I keep them locked in a safe when they're at home and when I transport them they're usually in locked cases and always have trigger locks. I consider all of this basic common sense, much as I consider running a non-priv user to be basic common sense.
Running root all the time is like keeping my guns loaded with safetys off. No matter how carefull I am, an accident is bound to happen.
Now, as I said, I don't think your analogy is all that great, as guns have a different aura of respect (or should) than computers. Running as root, I know I'd eventually become (even more) complacent. The "without a net" feeling would wear off and I'd do something similar to the proverbial "rm -rf * .bak" while in the root dir. (DAMHIKT - stitching inodes back together by hand is a bitch). Guns, OTOH, will always have that aura of respect about them for anyone brought up or trained properly.
Re:Running as root is insane. (Score:4, Insightful)
Re:Running as root is insane. (Score:4, Interesting)
Maybe require some sort of "secure keystroke" combination in response to a prompt for root authority (e.g., "Program x requires additional authority, please press ctl-alt-del to continue"
It shouldn't be impossible to come up with some analogy to temporary elevated privilege that a non-geek could relate to, then use this analogy to design a user interface.
The other usability issue is ensuring elevated authority is only required infrequently, like when installing a device driver. My pet peeve with Windows is requiring local admins authority for things like changing network addresses. Programs should be designed so that "root" is only required when it really is necessary
Mac OS X compromise (Score:5, Informative)
even better of course is that OS X is moving beyond the sudo model to an even more secure password framework. currently some programs still ask you to give them your password so they can in turn use sudo internally. (e.g. fink, and many other programs you install). But most new software for mac has gone to a system that passes authentication to an OS level agent, so the program never actually has access to the password itself.
Does linux do this too? or if it has this capability why do so few programs use it?
signature verification (Score:4, Insightful)
how could one defeat this? I could think of maybe two ways. one would be if the password agent only accepted keyboard input at the device level so that no program could feed it to the authentication agent.
another method might be to have some sort of video display effect that is accessible only to root level UIDs. for example suppose one had some particular easily recognized transparency effect or suppose that the upper right corner pixel of the screen was only root accessible. then the authentication agent could turn it red when activated to prove to the user it was the "real" agent and not an impersonator.
any one have better ideas?
Re:signature verification (Score:5, Informative)
It does have a special key kombination you have to press(ctrl+alt+delete) before you login. Then it will prompt you for your username/password. And ctrl+alt+delete is a special key kombination that is cought by the OS so an application can't catch it.
Re:Running as root is insane. (Score:5, Insightful)
Yes, the system itself can be salvaged, but none of alice' files or settings. If she had run as root, the system would require a reinstall, but that's the only difference. (and with Lindows, this isn't much of a problem I hear)
However, if her brother bob had an account, then all his stuff would be perfectly safe and sound if she used her user account. If she used root, then bob's files would be gone too.
So while running root is bad, it mostly* matters for multiple users.
*Exceptions include, but are not limited to, system-wide config, certain backup facilities, additional partitions, etc
Re:Running as root is insane. (Score:5, Insightful)
which is enough to destroy the users experience.
user:"I lost all my important files!!!"
Support:"at least you didn't loose your system files"
User:"but I need the files I use, couldn't I get the system files by just reinstalling?"
Support:"aaahhhhmmmm.... got to go."
Running as root hurts nothing of importance. (Score:4, Insightful)
But... hello? That's not how things work anymore. The computer on my desktop is _my computer_. No one else is going to use it. If I destroy the OS I inconvenience only myself, and I destroy only about three to five hours of work to reinstall everything that used to be there.
The thing I _should_ be worried about are all of my documents; my papers and photo albums, all of the _content_ that has taken me years to create and will never come back again. Are those stored as some weird protected user account? NO. And no one ever addresses this.
If I delete all the files that my "saurik" user on my box can access, I lost everything of value on the computer. The OS and all it's software has no intrinsic reason to exist, it is only there to help me modify the data that I store as my own user (and pretty much _have to_ as I _do_ want to be able to modify it).
It's not even something worth a minute of investment in protecting considering I end up reinstalling my computer every few six months or so with the lastest distribution anyway. Accidentally breaking it just gives me an excuse to start using new software.
The solution here has nothing to do with access priviledges and has everything to do with backups. You backup all of your files as often as possible (which is never often enough as the _most critical_ of all of my data is usually what I've spent the last five hours doing... last week's work tends to be last week's problem).
Re:Running as root is insane. (Score:4, Interesting)
This is cheaper than proprietary terminals, and a hell of alot cheaper than buying the server AND full blown workstations. In an economic crunch (like the one we are in now) it always makes sense not to waste resources.
If I can cut the need for a harddrive $100, cd rom $40, and floppy $20 from just 10 workstations that is $1600, or the cost of 4-5 more component built workstations. Now lets imagine a bigger setup, with 100 workstations, now we are talking $16,000. Ok now lets go bigger to 1000 workstations, $160,000. Without any sacrifice (since you'd only implement this in a situation that the applications of users don't require the cpu power of a full desktop) you've just paid your support costs for the first two years.
Multi user systems make less since at home (thought not none, keeping the kids locked out of costing you $200 to call in the tech is still an issue) they are far from dead, and I see no reason to ever call this concept outdated, it's something that scales with prices and hardware (if anything it makes more sense when the hardware gets bigger because the fast machine is cheaper). It's simply not wasting resources when their is no point. It's also easier for someone who knows what they are doing to set up and maintain a terminal server/stations than it is to maintain 10 or more desktop systems. There is really only one setup to maintain and it forces you to lock users out of doing anything more than CLICKING ON THE DAMN ICONS YOU PUT ON THEIR DESKTOP INSTEAD OF SCREWING WITH SOFTWARE THE TECHNICIAN HASN'T APPROVED.
Re:ACLs are inane. (Score:4, Informative)
Anterior cruciate ligament. One of those bits of the knee that athletes are always tearing.
Seriously, though, it's an Access Control List. The idea is, rather than apps being associated with a user and having all the permissions of said user, you have to give individual apps permissions/restrictions. You could thus give your browser read-only access to your files, for example, or you could prevent an app from accessing the network.
Lindows is good (Score:4, Insightful)
Re:Lindows is good (Score:3, Insightful)
Re:Lindows is good (Score:4, Insightful)
This makes the market a great deal larger. It doesn't put me in the market (or you I'm guessing), but a lot of people fall into it.
And like you said, if this market works for Lindows, it works. I don't see that they're really taking any users away from the Mac or hardcore Linux/Unix markets. They're more likely to sell to new computer users or potential Windows users. Once they get into retail stores, that is - they're not going to be selling to the majority of new users with an online-only store.
Re:Lindows is good (Score:3, Insightful)
I still don't agree with all his choices, but I do respect them as reasonable. Probably better than the ones that I would have made. Mine would have been technically nicer, but not as customer friendly, and that's important for a mass market distribution. I don't consider any of th
Ummm...No (Score:5, Informative)
Sorry, Mac OS X is not running as root out of the box.
While the first user is an Admin, they do no have root access, there are many directories they can't see, and they can't go in and trash stuff in another users account.
Re:Ummm...No (Score:3, Insightful)
Re:Ummm...No (Score:2, Insightful)
Virus protection: same thing. They want 'virus protection' because thats all the rage. Wether or not they KNOW what the fuck virus protection even does, they dont care... they need it.
They're selling an illusion, if you will. Jesus, MS does it all the time.
Re:Ummm...No (Score:5, Insightful)
Robertson's contention is that commodity PCs aren't running as multi-user systems. The person who powers it on is the user, the admin, the only one using it. There are no "other users" to trash.
The tradeoff is convenience/security. Some claim that it's better to spend your day-to-day operations in an unpriv account, and intentionally change to a priv account when those privs are needed. Robertson's claim is that non-geeks don't want to make that distinction or take that extra step, and the reduction in protection is worth it for ease of use and the resulting acceptance.
He's in an interesting position by pushing an OS for folks without CS (or generally geeky) backgrounds. My linux boxes all have non-priv accounts, and I use sudo when I need it. To be quite honest though, I'm typing on a win2k box, and my user has full Administrator privs. It is also a single-user system. There are no other users who's data needs to be protected. Am I more vulnerable to OS damage from inadvertant actions? Sure. Do I care enough to give up the convenience, not really.
--
Re:Ummm...No (Score:4, Insightful)
Most households only have one computer. No network. no multiple machines. Johnny, Dad, Mom, and Suzie all use the same computer. A multi-user OS is the proper way to do this, so that Dad doesn't have to worry about Johnny fscking up his files, or if dad is the administrator, of johnny, suzie, or mom fscking up the computer system files.
Unfortunately, Lusers have been trained that it is 'ok' to trample all over the system, fscking up the settings for everybody. Linux has always been a multi-user system, so it is TRIVIAL to have several people in the household share a single computer, yet all have their own environment to work in. My ex-g/f and her two children certainly have no problems with the linux box I built for them.
Win2k was a step in the right direction, but most windoze programs are not multi-user aware still.
Re:Ummm...No (Score:5, Informative)
But, in contrast to Linux, MacOS X doesn't require root priviledges to change the clock or a number of other operations (many hardware related). Linux often requires higher permissions than it should, because it is coming from the perspective of a shared, multiuser environment, or it does not give the console user extra priviledges.
and if this were a Microsoft or MS-friendly CEO... (Score:4, Funny)
"Naturally, when answering your questions, he boosted his company. (Wouldn't you?)"
would read:Naturally, when answering your questions, he boosted his company. (Which is typical for a money-grubbing, morally bankrupt merchant of the Devil!)
Geek Cult Linux (Score:4, Interesting)
"the Click-N-Run architecture..." (Score:2, Insightful)
Isn't this a GPL violation, if Click-n-run is utilizing any code at all from Apt? So where is the publicly available source code for click-n-run anyway? I don't see it on their source code FTP site. [130.94.123.237]
Re:"the Click-N-Run architecture..." (Score:5, Interesting)
Re:"the Click-N-Run architecture..." (Score:5, Insightful)
From the GPL FAQ [gnu.org]:
I read that to mean that you are only required to relese the source to those people you've released the binaries to, and it says nothing of making the source available to the general public (unless the binaries are as well, of course).
In summation: Buy Lindows, install it and then you should be able to get the source to Click-n-run. After that, you can modify and re-distribute it to your hearts content.
Soko
Mac OS X doesn't run as root!!! (Score:2, Insightful)
"Take a Microsoft Windows XP or Mac OS X machine out of the box and use it and it operates in a similar manner to LindowsOS ? the first person to touch it can do whatever they want."
And Mac OS X runs a *NIX base and doesn't run everything as root.. >=P Everything makes use of sudo, wheel users, etc.. *shrug* Sounds like he didn't really have a valid answer to justify this... (They could have written the tools to
A few things (Score:5, Insightful)
Sounds like PR speak to me...I could easily see Dilbert's boos (Bossbert?) saying this.
In addition, I find it very interesting in regards to his talk about viruses and how users have become accustomed to the viruses that "ravage" the windows world.
It's amazing to me that people will even *consider* it part and parcel of dealing with Windows that they can't even fathom there are alternatives (i.e. virus free ways of dealing with things), sad really!
Interesting and Insightful (Score:5, Interesting)
But $200 PCs from Wal-Mart with Linux pre-installed is a big step on the way to adoption.
I do not know Lindows (yet). I don't know if I think it is evil or not. But I bought one of the cheap PCs to find out. I figure that if I hate it, I can put another distro on the box.
I, frankly, look forward to to seeing Lindows on PCs actually in Wal-Mart stores. You see, I'd rather have a substantial number of the people who don't care what their OS is running Linux (or at least having the choice) than being locked in to a Microsoft-only world. It will lead to better hardware and software support for the OS. Nothing this man does can take away our Free Software or our other distros. If some of the people today locked in to Microsoft become locked in to Lindows, does that really hurt anything or anyone?
I disagree with him about the "running as root" issue. I understand his logic, but a "root only" Linux box is a Linux box that might very well come to need its virus scanner! Non-priv'd users are a big part of why Linux viruses are NOT a big issue.
Anyways, I know I'm rambling. I'm not likely to ever buy a Lindows subscription. I'll end up putting Debian, RedHat, or SuSE on the box first (heck, maybe my first Gentoo box, who knows). But I think there is a supply of users for whom a product like Lindows is theoretically perfect. My mother-in-law, for example.
Those of us who care about Free Software as a freedom issue wont be hurt by Lindows. And we might be at least indirectly helped.
Interesting views. Good interview.
Re:Interesting and Insightful (Score:3, Insightful)
Um, actually I don't think this is true at all. The biggest "virus" problem in Windows land is the various email "virus". Technically worms, but the point is the same. And these abuse the easy code-execution abilities for Microsoft mail clients. If Ximian Evolut
I must agree (Score:4, Interesting)
I think the default account should be a normal user, and users should be encouraged to give normal user accounts to family members and others sharing the PC, so that one member doesn't destroy the whole system. To "su" to root when installing software, changing configuration, etc., the system could simply have the user enter a keyboard combination that is captured by the OS, eg. ctrl+alt+delete.
That would bring complete ease of use, while maintaining tighter security.
OTOH, after posting the original question, a Lindows user informed me that current versions of Lindows ask the user, during installation, if they want to create accounts for normal users...
Where did that question come from? (Score:4, Interesting)
Is there any factual evidence for such an effort, is the poster confusing Lindows with Amazon, is he completely clueless or did a bunch of crack-addled moderators mod up a troll?
Re:Where did that question come from? (Score:5, Interesting)
I do not have any secret recordings of Michael Robertson outlining plans for focusing his efforts on legal (instead of technical) matters.
But his colorful history does show that he seems to excel in the legal arena. OTOH, his technical decisions lead to very belabored discussions about whether users should run as root or not.
I am happy with his answer to my question.
I am glad that my question was moderated up, AND he deigned to answer it.
Perhaps if I had carefully prepared a question, I would have asked how or if he intends to legally "help" the linux community. He was given the source code to a simply excellent operating system, as well as tons of application code for free. With some amount of effort, he is now able to call it his own. Does he now intend to fight legal battles that "little guys" cannot? (The Microsoft (TM) battle is the one example that I know of.) Does he feel that he owes the linux community anything?
But I didn't. That's what I get for being in a rush to post rapidly after the call for questions appeared.
BTW Otter, are you a Lindows employee or just an advocate?
Lastly,
is he completely clueless or did a bunch of crack-addled moderators mod up a troll?
I've never done crack myself (can't speak for the moderators) and it's been a long time since I've had any mind-altering chemical stronger than the caffeine in my coffee. I certainly do not consider myself (nor my question) a troll. I'm sorry that you do.
Quite impressed (Score:5, Interesting)
I'm impressed (Score:5, Insightful)
For the first time, someone is pushing a Linux distribution at customers with regard only to what customers want, not what geeks feel like providing.
He has a serious handle on the things that will crack open the door to mass acceptance; pre-installation...simple installation - criticise the ethics of CnR all you like, at the end of the day it is designed to work seamlessly without specialist knowledge, and precious little else manages it.
He also seems to have a good handle on what freedom means in a practical sense; the ability to control your computer - witness the Xbox bounty, leaving in apt-get, and so on.
Lindows won't ever be my cup of tea, but I suspect that in a few versions down the road it will be the ideal Christmas present for Granny.
Why the Walmart Thing is Bogus (Score:4, Insightful)
Call me a pessimist, but the people who have the numbers (lindows and microtel) aren't likely to release them. How many people sign up for click & run vs the numbers of machines sold....
Re:Why the Walmart Thing is Bogus (Score:3, Interesting)
If they don't sign up for the CnR, that doesn't mean they are not using the Lindows. They could be like me and want to run other apps from the apt-get sources (not hard to enter ftp.debian.org in the
I do hope to see these sitting on the shelves at Wal-Mart soon, with a runnin
Why your post is bogus (Score:3, Insightful)
Just because someone buys the machine and doesn't use CnR doesn't mean they have pirated and installed windows on it. First off, where are they going to obtain a copy of windows? Do you really think they are downloading and burning their own copy of windows?
If they do install windows, most likely they will install a version that they have already bought and paid for and have handy.
If they don't, then they are probably not using the machine at all, or they are satisfied
Re:Why the Walmart Thing is Bogus (Score:3, Insightful)
Someone is really trying to take Linux mainstream! (Score:5, Insightful)
Great, more power to him. (Score:4, Insightful)
I think that Lindows is doing a good thing here, and I say, more power to them. But I also think that it probably still has quite a long way to go. When it gets there, we'll end up with something that runs on a Linux kernel alright... but it won't be Linux like we know it. That's not bad at all, because the standard user won't be happy with Linux in the slightest. That's not bad either, because Linux was made for and by power users.
So I don't feel the need to spread the Linux gospel to non-geeks at all. I'll let someone else make his money doing that. Then again, I'm not hostile to it either... nor am I hostile toward Microsoft, except in that I'm forced to purchase their OS bundled with many standard kinds of computers. The point is: I've found what I'm happy with, and that's pretty much all that I care about.
I'm a victim of the "Virus Protection" bit. (Score:4, Funny)
I'm Impressed (Score:5, Insightful)
-A.M.
Subsidized hardware vs. consumer control (Score:4, Insightful)
Instead of arguing that consumers should have some inherent right to do as they wish with any hardware they buy shouldn't we fight for the option to purchase such unrestricted hardware at an unsubsidized price? It's unrealistic to suggest that Microsoft or any other company provide cheap, even below-cost, hardware and not recoup their development costs. And it wouldn't look like such an attractive project to get Linux running on a $2000 unrestricted version, would it? I just think it is fair to accept that it is not just restricted hardware locking you into an evil vendor, but rather subsidized hardware purchased with an explicit service contract.
Re:Subsidized hardware vs. consumer control (Score:4, Informative)
Of course not, since this reduce consumers choice.
"Anyone can get a free mobile phone by signing up for a wireless service contract and agreeing to pay the fees for a specified period of time, typically one or two years."
In many countries like Finland this kind of stuff is illegal. That's why cell phones are very popular here:
- you can choose a cell phone and service provider independently
- you can replace your cell phone with a new one when you like and keep your phone number
- you can switch to the better service provider any time
I'm a bit shocked ... (Score:4, Insightful)
One of the questions that really caught my attention was the one about apt-get.
Does apt-get break ClickNRun? I'd be willing to bet you'd end up with a seriously mangled system if you dist-upraded using apt, added some packages, then tried to use CNR. Does anyone know how this is handled?
*cough*liar*cough* (Score:3, Funny)
"Coincidentally, when I put money up for a project like this, suddenly I become a good guy with the Slashdot Community. It's cheaper than a Superbowl ad! (Plus there's a chance I'll never have to pay! woot!)"
Re:*cough*liar*cough* (Score:5, Funny)
Popularity with the
Oh yeah, and OGG support too.
--
Obligatory Comment on the Editorial Write-up (Score:3, Funny)
>But I assure you, he wrote these answers himself instead of having them laundered by a PT team.
Hmm. Most CEOs wouldn't think of having a bunch of PT Cruiser drivers write their speech material, but may have a Public Relations consultant or two help them write what they say. Obviously Robertson has done neither.
I guess both Robertson & Roblimo both think outside of the box.
Geoff
Why they will succeed (or fail) (Score:5, Insightful)
Wow a one line business plan, and a corresponding one line risk. If more companies did this, maybe the dot-com crash wouldn't be a problem.
We should do something useful that people will pay for.
If we don't do it better then cheaper alternatives we won't make it.
The root issue (Score:3, Insightful)
I don't understand why so many people get their panties in a bunch because Lindows runs as root. Remember this is intended to be run as a single user system, and by people who are not tech-savvy.
If the normal-use account is compromised, what is the big advantage if it's not the root account? It would be real easy to deceive the user into giving up his root password, and that would not even be necessary to do the most damage, namely deleting/infecting/trojanning the user documents.
What is lost to the hacker/virus if it can't get root? Not being able to run a webserver at port 80? Not something to make so much noise about, I think.
I would pay $99 a year (Score:4, Interesting)
Most users are deathly afraid when the system puts up a window telling them to do somthing and does not explain to them why they are doing it. I can't fathom what it would be like to put a Linux box in front of her. Lindows is something i'm actually concidering becuause it DOES run in root, and she can make changes and add software without having to call me to see if its "okay" to type in a password every time she wants to install something.
of course, otoh, it does slow her down from installing 500 apps a week that she gets in spammail with executables... which is why i took her PC away from her running 98...
The service i really want to see is $99 a year for users to be able to call Apple/some linux company evey time they have a dumb-ass question of the hour. So instead of my cell phone going off at work, Apple could field the "what's with this iPod updator window? I don't know how to close it!!!" (its quit, just like all other 100 programs you run on Mac OS X.. don't freak out, damint.)
Re:I would pay $99 a year more reasons (Score:5, Insightful)
1. locate obscure libraries everytime I want to install something
2. compile obscure libraries that require me to download more obscure libraries everytime I want to install something
3. Install more Gnome components every time I want to install an application that doesn't appear to be a Gnome app for use on my KDE system
4. Compile every program I want to use because binaries aren't available for my distro, but they are for Red Hat, oh did we mention you're going to have to download and install some obscure libraries for that?
Ahhh!!! I don't have broadband at home anymore since moving, and my notebook doesn't have the hardware I need to do what I want, so my software update cycle goes something like
1. decide what I need
2. "borrow" company bandwidth to download it to my notebook
3. Copy software from my notebook to my home machine
4. Find out I need obscure libraries
5. Go back to work, get obscure libraries, source only, binaries not available
6. Take libraries home, not able to compile because they require more obscure libraries
7. Go back to work, get more obscure libraries, different distro. Install anyways
8. Move files from other distro to proper place in my system
9. Fail to compile, need newer/older version of obscure library.
Grrrrr. I like Linux, but Windows has its temptations.
flame me if you will.. (Score:4, Insightful)
virus protection (Score:3, Insightful)
The media doesn't help much either, by making announcements without consulting someone before warning their viewers/listeners about the latest virus threat. Also, ignorant or uninformed techs can be quick to blame every problem on a "virus" when they do not know the answer to something.. And then there is the word of mouth method that Robertson mentions.. I had not thought of that one but it makes a lot of sense.. uninformed users telling each other of how their computer was destroyed by a virus when in fact the computer may have stopped working for other reasons.
So as a result, virus scanners seem to be required now to operate a Windows computer.. even inside of corporations where email is scanned at the mail-server level. I would say that scanners for other systems are probably not required yet, but they will be if the platform ever becomes popular. Linux-based systems have a lot going for them though to make viruses less of a threat right now though, fragmentation of communications software and better security histories for some of the more common ones (mozilla, netscape 7) come to mind.
My opinion on scanners for the corporate desktop is that the users should not know that the scanner is there. Any modern scanner can do automatic updates in the background.. nobody is going to see it or messages from it unless some virus manages to sneak passed the email server which scans for viruses and is updated even more frequently than the workstations. The only kind that have been bypassing the servers that I have heard about are the social, hoax viruses.. jdbgmgr.exe and such.
Is it just me? (Score:4, Interesting)
Sounds like one of the good guys... (Score:5, Funny)
Let's see:
He selles a decent computer for $200 bucks.
He sponsors the XBOX hack.
He thinks that consumers *OWN* their own purchases.
He's helping the public to get aquainted with Free Software.
He fights the bogus Winodws trademark.
He thinks one-click patents are stuipd/silly.
He'd be welcome in my house for a beer.
And he helps Debian.... (Score:3, Informative)
He'd be welcome in my house for a beer.
Mine too. Heck, I'd probably offer him snacks to go with it.
Re:Sounds like one of the good guys... (Score:3, Insightful)
Obviously you're not a computing professional.
I had "windows" running on a 6809 processor-based workstation before Mircosoft even had multiple prosesses in their toy OS.
The XBox hack is stupid. If you hate MS so much that you want to use Linux, why install it on an MS machine.
A 'hack' doesent even have a central nervous system, let alone a brain - your admonition of it's state leaves me to conclude that you same could be said of you.
Gain power over Windows, root or not! (Score:3, Informative)
Free Software is one of the keys to placing control back in the hands of those who should have it: The consumer. The more installations there are of Linux, BSD and anything else that is free and open, the better off the consumer will be, if only because the overall community has more power to avoid getting locked in to Microsoft solutions that are all designed to keep you stuck to their products.
Lindows is definitely a good thing in this respect. There are issues (technical, political, intellectual or otherwise) that you might not like to use Lindows. Perhaps you don't want to run as root all the time. But consider this: IT IS IN YOUR BEST INTEREST THAT AS MANY PEOPLE AS POSSIBLE USE LINDOWS, root or not. Juan Q. Público is never going to care about the "nuances" of computer science.
As recently as last year, I tried to help out a medical doctor who is a relatively technology literate businessman. I explained that I should do this and that to set up a reasonable security policy, which will require that he change somewhat the way his staff uses their computers at his clinic. Fully knowing the problems of computers, he told me in so many words, "I don't care about security." That's right. All of this stuff (software, computers, security, passwords, etc.) doesn't mean jack to him. He wants his business to be successful and gain value. If he has to spend a few thousands each year to correct problems, that's acceptable as long as the risk is relatively low in comparison to that of incurring overhead due to security requirements. The best security is frequent backups anyway. Everything else is just there to prevent more sophisticated attacks, which won't so badly affect home users. They already have gigabytes of shit on their computers... all kinds of sounds and videos, viruses, porn advertisements, "enlarge your penis" SPAM containing viruses that they click on anyway... it couldn't get much worse than that, root or not.
So, yes, security will remain a huge problems in computing for a long time to come, mostly because most people don't know or care enough to do something about it. When they lose their data and come crying to me, I'll continue to say what I've repeatedly said for ten years: "Did you make a backup of your data? No? Well, the only way I can fix this is to blow everything off your hard drive and reinstall everything. Sorry." C'est la vie.
They want virus protection? Give 'em virus protection! No viruses in Linux?! Oh, well... just put in a framework that runs fsck in the background once in a while to make the disk spin. A false sense of security might be the root of all evil but at least it will make them feel better about using Linux instead of Windows.
It is STILL in our best interest, though, that more people use Linux. It will create a market for us developers to make a profit. It will create interesting challenges in figuring out security policies that benefit the user without making computer use any more difficult. It might require that we rethink security altogether and come up with methods different from those we use now, which would perhaps be more flexible and powerful. Who knows. But the important point is that in order for this wonderful thing to continue, fucked up legislation like the DMCA needs to stop happening, and for that to happen, Linux needs to gain in power, whether by smart computer scientists or stupid shmoes like Joe Sixpack.
Roberts makes an ironic observation (Score:5, Interesting)
Microsoft wants to move to a world where THEY decide what software a computer runs because that will allow them to extract the most money from consumers. They'll position this product with a comforting sounding name like "trustworthy" computing and tout the benefits [...] It will ultimately give Microsoft control over a user's computer. This is why we do not, in any way, limit what software users can install.
The fact that Microsoft is leading the charge in this direction is somewhat ironic. Microsoft rose to prominence based ENTIRELY on an industry that came to being because of enthusiasts who believed in bringing availability and control of computer hardware and software to the masses. The personal computer was invented chiefly to wrest control of computer resources from institutions (and their black-suit and white-labl-coat cladded minions) and place it in the hands of the end user.
Nearly 30 years ago, computer users had to pay through the nose for timeshare services what was allowed was decided based on corporate policy and the whim of system administrators (and even the mainframe vendors!). Running your process or batch on the big IBM iron was a privlige you paid dearly for and you were grateful for it (kinda sounds like grandpa walking to school barefoot in the snow but it was kinda true). Computer enthusiasts were tired of it and brash upstarts provided hardware (MITS) and software (Microsoft) they could purchase and use as they saw fit.
Fast forward to today. What a sad situation when a once brash young upstart--one that totally owes its successful existence to PC users past and present--turns into the "enemy" and betrays its customers by angling to control what people can do with the machines they own.
Microsoft is becoming a throwback to the 70's and earlier--like the companies that sold mainframes or timeshare services that called all the shots. With the arrival of the PC revolution none of those companies were the same again (and most don't exist at all). Microsoft has always been good at looking out for competition and the next big thing, and when they miss the boat (as they did with the Internet) they'd hop a raft and paddle out to it to stage a mutiny. I wonder if they're losing their touch now. They're responding to a new threat with an old business model.
And--irony of ironies--it looks like IBM is clued in enough to be a willing player in the game (even if they still are heavily invested in mainframes and proprietary computing).
Interesting times...
any sign of intelligence on /. regarding root? (Score:5, Insightful)
Try to understand -- he's not making an OS for advanced computer users. He's not taking away the option to create user accounts. You want an account -- you can ADD one. By the way, all you jerk-offs should NOTE that when you finish installing Gentoo -- a pretty technically orientated distro -- there IS NO USER. ONLY ROOT. That's following the protocol of the install-guide. Look at the Gentoo Install Guide. Nowhere along are you forced to create a user-account, and the install guide doesn't even cover creating a user account, though it does suggest doing so, and references you to their FAQ (I've recommended that they cover how to create a user account at the end of the install guide). So, if you're going to bash Lindows for not having a user/root separation by default, you can only do so consistently if you also bash Gentoo. If you choose to bash Lindows but not Gentoo for this, then you are a hypocrite and are just doing this because you want to bash Lindows because it's easy.
Now, maybe Lindows install process should at some point prompt the user, "Do you want to create a user account?" with no default (I say no default, because if there's a default hard-liner jerk-offs on either side are going to bitch). There would be a Yes and a No option, each explaining the merits of both approaches. Simply put, the word "Easier" should be placed next to "No", and "More Secure" next to "Yes". Because average user's are incapable of reading long paragraphs (see Joel on Software), just leave it at that simplified explanation. Alternatively, Lindows could go the Gentoo route and simply advise users to create a user account after the OS is installed, maybe bring up a step-by-step wizard for how to do it after initial install.
Now, I feel that Robertson has done some good things with Click-'n-Run. I naturally think it would be better if it's GPL'ed, but these guys are a business and have to have some model for making money. Click-'n-Run is their model. They will make money because people will pay for the Click-'n-Run service, and also through their contracts with Walmart (in addition to selling Lindows). If you can think of a way for them to GPL Click-'n-Run and still get $99 a year from people who use it, then please SUGGEST that. Since Robertson wants to have good community-relations, I'm sure he'd appreciate it. He has blatantly said that his business model relies largely on Click-'n-Run succeeding, and that means $99 from it per year for customers using it. The only thing I can think of would be adding a portion of code to Click-'n-Run that only allows it to be run if the user has paid the $99 for that year (by checking some database, whatever) and distributing it under a modified version of the GPL with an additional clause specifying "may not be redistributed/modified with that check disabled".
In regards to other areas, I think he's pretty-much on the 8-ball. Very good analysis of patents -- btw, what moron asked him the question about patenting Click-'n-Run? There was never anything to suggest Lindows wanted a patent on that. And what group of crackpot moderators moderated that one up? There could have been a more useful question posted.
Quite frankly, I think Robertson has a good plan to bring a GNU/Linux distribution to more home users. This means more exposure for GNU/Linux, which means more users will know how to use it, which means more software support and more hardware support, and probably more FS and OSS. Because of the commonalities shared by all GNU/Linux distributions, it will be beneficial for all distributions.
All that said, I think that Lindows would be better off using WindowMaker as their WM.
root versus non-root... (Score:3, Insightful)
This evades the real root versus non-root user issue, and suggests a major ignorance of the *NIX operating system family.
root is all-powerful.
For a beginning user, this power can be absolutely fatal.
I started in UNIX in 1985; I've been working with Linux since the mid-90's; just 6 weeks ago, while working too hastily as root and with the indiscrminate use of a dot and a star, I managed to chown an entire file system to that of a mere user.
It wasn't the archtypical rm -rf * but it had an equivalent effect: all the files are *there* but almost nothing worked...
That's the real issue of root versus non-root: too much power, used with too little thought.
Poof! All gone!
How's the beginning user ever going to understand what went wrong? And if they do it once, will they ever come back to Linux again?
t_t_b
Re:root versus non-root... (Score:3, Insightful)
In fact, Lindows seems to be aimed at people who want point and click rather than a command line interface.
How is this worse than Windows 98 or XP Home, where there is only one user, and that user is "all-powerful"?
I don't get it. Why this attitude towards doing something which is uncommon in the Linux world? He isn't aiming his product at
Fair Enough (Score:4, Interesting)
my virus protection script (Score:4, Funny)
echo "Scanning for viruses..."
sleep 360
echo "Virus scan complete! 0 viruses detected."
He's marketing to consumers, NOT GEEKS! (Score:5, Insightful)
His company should help GnuCash... (Score:4, Interesting)
Back in the day where some of the GnuCash developers (myself included) were employed by a company, we considered where to focus our efforts. Basically, we had to concentrate on business stuff because that's where we thought there was going to be cash (it didn't turn out that way, but that's another story and not really mine to tell). If somebody had have come along and said - "here's $BIGNUM (or even $MODERATELY_BIG_NUM), we'll schmooze some financial institutions for ya, now go implement online banking and make it work seamlessly", we could have done it (as some of the other developers have demonstrated in Germany with their online financial transaction standard).
The opportunity still exists if somebody wants to take the ball and run with it.
Re:"Closed Architecture"...My Eye (Score:5, Insightful)
It not even close to the same. You can't run other apps on the X-Box. Lindows lets you run apt-get if you want, but if you don't know how/don't want to take the time you can pay them to handle the process for you...
On the X-Box you have to crack it to run unlicensed code. On Lindows you always run as root, on the X-Box, you can't run as root at all...
They're capitalizing on Linux being hard to use!
And you probably didn't build your house all by yourself, and you probably pay a mechanic when you don't know how to fix your car, and you probably don't cut your own hair, or cook every meal at home. Every business capitalizes on the something being hard/inconvenient...
Sheesh, give the guy a break. What changes would you make to his company that would increase profits from selling Linux to the masses?
--
Was it the sheep climbing onto the altar, or the cattle lowing to be slain,
or the Son of God hanging dead and bloodied on a cross that told me this was a world condemned, but loved and bought with blood.
How hard can it be... (Score:3, Insightful)
Let the user run unprivileged and free of worries about corrupting the system. That would be a real value-add and improvement over Win9X. Think about it Mr. Robertson....
Re:He's joking, right? (Score:4, Insightful)
He has at least put himself out there to be critiqued. When did BillG ever put himself out for questioning (re: business practices, trashing open source, purchaser ownership issues)?
The fact that you have grist for the mill makes him less of a slimeball than some CEOs I've read interviews from.
At least he doesn't front a company [microsoft.com] convicted of a crime in a federal court.
Re:He's joking, right? (Score:3, Insightful)
For home users, always running at "root" level is the right thing to do. The computer is supposed to be
Re:He's joking, right? (Score:4, Insightful)
We are. XP Home defaults to it. XP Pro lets you run that way as well... in fact, you have to go through a good bit to set Home up otherwise (and, admittedly, you have to convince Pro to run that way as well - but it's easily done).
Yeah, so you can setup additional users. Whoop de doo. You can do that on Lindows or any other Linux install too.
Which is, of course, bullshit. Both Windows 2000 and XP (especially XP) have great support for all of the above.
Way to take things out of context!
Read the question. Read it carefully. It was specifically asking about features missing on Linux based desktop distros. There was nothing about Windows systems. Hell, by the same token you should be flaming him over the virus protection tidbit -- since there's been virus protection for DOS/Windows systems since at least DOS 3.3!
And while there is sporadic support for everything listed, it's certainly not as clean as it is under Windows... which is what he's trying to get at.
Of course, then he has to spout off about Microsoft Office pricing
He was making a point about where MS gets its revenue from. And the prices given were MSRP. You want to bitch and kvetch about that? Then bitch at MS for absurd MSRPs. Hell, bitch at the entire freaking world, since virtually nobody has MSRPs that actually relate to reality.
Your comments about actual price and relative value stand though, and are good points. I disagree about the relative security of the two products though... I run XP and Linux at home, and while there are exploits for both, I'm far more concerned about breaches on my XP desktop than my Linux server... although since I never use Outlook and have switched to Mozilla from IE my concerns have decreased significantly.
Re:Is "Root or Non-Root" Old Think? (Score:3, Insightful)
I mean really, does everyone in the family have their own PC? Or do you share it?
I think if the latter is the case, multiple user accounts make sense.
M.
Re:Is "Root or Non-Root" Old Think? (Score:3, Informative)