Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Linux Business Software Linux

Michael Robertson of Lindows Responds 614

Naturally, when answering your questions, he boosted his company. (Wouldn't you?) But I assure you, he wrote these answers himself instead of having them laundered by a PR team. Whether or not you agree with Michael and the way he runs Lindows (and used to run MP3.com) you've got to give him credit for speaking more openly than most other modern American CEOs.

1) why oh why?
by Ender Ryan

Why was it decided that Lindows would always run as 'root' by default? That seems like a pretty bad decision to me, and many others as it's the number 1 complaint of many Linux users who would otherwise like to give Lindows a try, but perhaps we should hear why that decision was made.

Is this how Lindows is going to continue to work in the future? I think this is one "feature" of Win9x that would really be better to leave in the past.

Robertson

I think the larger issue here is how do you balance security vs. ease of use. We are committed to providing a secure desktop operating system and make policy decisions about how to achieve a secure but usable system. For example, not plugging a computer into the 'Net would make it really secure, but not very usable. We did decide to build in a pre-configured firewall because it's largely an invisible security layer that adds meaningfully security to the desktop but stays out of the users way. Most security compromises are external attacks, not root vs. non-root issues.

Historically, multi-user systems made sense when hardware was expensive because not everyone could afford a computer and you could leverage the cost of expensive machines by creating multiple users and doing time sharing. But times have changed and computers are now ultra-affordable with PCs starting at $200.

So there's less need to share computers and have multi-user accounts with all that overhead and complexity. There aren't “administrators” in many of the homes, businesses and schools we are selling to. These are personal computers where the owner needs to be able to set the clock, change the wallpaper, configure a printer, install a flash drive, or load a new piece of software without bumping into nuances of computer science.

Take a Microsoft Windows XP or Mac OS X machine out of the box and use it and it operates in a similar manner to LindowsOS – the first person to touch it can do whatever they want. If we make Linux harder to use then other operating systems, users will not embrace it. Users just want to get their work done, they don't want to be computer experts and they shouldn't have to be. Of course, if they want to add a default password or setup multiple accounts and restrict access to their own machine, they can of course do it on all of these operating systems, including LindowsOS, even though none default that way.

2) User feedback on Linux-based desktop OS
by prostoalex

Since the Lindows PCs have been selling for a while, your marketing and customer service folks must have gotten some kind of feedback from current or prospective users.

What are the things people ask for? What are some things general users would like to see in Lindows or Linux-based desktop distributions that aren't there yet?

Robertson

When we started Lindows.com we believed that software installation was extremely difficult for most users and the biggest obstacle impeding widespread desktop adoption. So we invested considerable engineering in Click-N-Run http://www.lindows.com/clicknrun, which makes software installation (including downloading, menu items, icons, MIME types, etc.) in LindowsOS a one-click experience. It's far superior to anything Microsoft Windows XP has.

Since then, we've heard from consumers about what they want or think is missing in a desktop operating system. The number one item people thought was missing was virus protection. (This surprised me and wouldn't have been my guess; more on this topic in a later question.)

There are some key areas of hardware support which no desktop has today which users consistently bring up including: USB wireless support, Plug & Play USB drives (flash, hard drive and CD/RW), firewire and ACPI (power management for laptops). We hope to address most of these in our next release of LindowsOS version 4.0 coming shortly.

On the software side, it's amazing how quickly the community is filling application holes and a real testimony to the advances is making. Six to twelve months ago the list of “missing” software applications was different then it is today. For those seeking a Visual Basic-like program, Gambas (www.lindows.com/gambas), has made great strides. GAIM www.lindows.com/gaim has emerged as a solid meta-IM client, etc. The biggest individual holes today are probably an online banking aware personal finance program (ala Quicken) and a web development tool that is tightly integrated for creation and management such as FrontPage or Dreamweaver. (We'll announce an very cool, affordable product available in Click-N-Run next week which addresses the online banking need.) Video games is an entire product category missing for Linux. There are some great new companies like GarageGames (http://www.garagegames.com), but the high profile games are absent. Finally, video streaming is weak on desktop . None of the big three codecs (QuickTime, Real, Windows Media) have shown any real commitment to offering support. I think there's a real opportunity for one company to commit to gain the upper hand on the others with a true cross platform solution.

3) Should Linux Remain a Cult Object for Geeks?
by reallocate

Do you think the hostility toward Lindows that characterizes some members of the "community" can be attributed to their desire that Linux remain a "geeks only" cult object?

Robertson

Linux can literally save consumers billions of dollars on software, so I sure hope we can bring it to the masses – that's really our business.

I attended UCSD and as part of my major I was required to take an assembly language programming class. It was one of the computer science “weeder” classes where 60% of students fail or drop out. I struggled through it with a passing grade and had a great sense of accomplishment. The next year the major requirements were changed alleviating the assembly language requirement. I have to admit I wasn't happy with this decision since it meant that those sharing my degree after me didn't have to go through the same torturous experiment.

Until recently, it was a badge of honor to get a Linux desktop running. LindowsOS makes it possible to install in 3 minutes and have it auto-recognize all your components and then install most software with a single mouse click. Those who went through the “weeder” class path naturally won't be that excited.

4) Wine?
by IamTheRealMike

When you started, you put a lot of effort into Wine, sponsoring things like WineConf. That didn't work out, but Wine improves constantly, as the latest releases of CrossOver and WineX show. Do you think you'll ever return to it someday, or are you disillusioned with the whole thing?

Robertson

We really respect Jeremy White, Codeweavers and the rest of the Wine development team, but we did move away from Wine sometime ago. It was really a financial decision. Here's the analysis we went through. Microsoft makes roughly half of their profits from selling their operating system and half selling their office suite. If LindowsOS users still have to depend on Microsoft's office suite then they will only be able to save money on half of their software purchases. Additionally, they'll still have to deal with restrictive licensing, activation codes, endless security issues and expensive upgrade options. Undoubtedly Microsoft would continue to use their might to bully computer users who use one part of Microsoft's offerings into using the others, like they do now with Microsoft Word costing $349 and Microsoft Office priced at $399. We really need to move to a Microsoft-free computing solution to realize dramatic savings.

We thought it much better to continue to focus on the ease of use, but invest our energies in promoting and polishing native programs rather than legacy Micrsoft Windows based programs. This way we can save consumers considerable money on the OS and the other largest expenditure – the office suite. Another critical development is that the StarOffice/OpenOffice products really made major advances. We can now comfortably endorse and distribute these products.

While we stopped promoting Microsoft Windows program capability, we strongly emphasize file format compatibility which we think is critical. People often have a need to open and edit a doc, xls or ppt file and that's what we give them. By focusing on affordable programs, we can give computer users these capabilities for the lowest price.

5) MP3.com in retrospect
by prostoalex

Looking back at MP3.com, what would you do differently if you were to start the music service business all over?

Do you think MP3.com was a good business idea in the first place? Do you think the sale of the site to Vivendi Universal was a good idea?

Robertson

Our goal at MP3.com was to bring digital music to the masses and I think we made a lasting impact and left the world a better place then we found it. We fought hard in congress, courts and in the business world to make MP3 a universal standard because it was the best thing for music fans who were our ultimate customers. Today MP3 is a universal standard, DRM schemes have been thwarted, portable players are legal, virtually all hardware supports MP3, so consumers are in a relatively good place because they can freely move their music around.

We didn't accomplish everything we wanted to do. We championed the concept of a “Music Service Provider” and backed the concept up with phenomenal technology which would store a user's entire music collection online and zap it to any device via an open API (PC, portable, phone, car, CDR, etc) with a single mouse click. Licensing challenges, restrictive law interpretation, and music industry reluctance to embrace new technology torpedoed our efforts on this front. It's interesting to hear the press gush over Apple's itunes “one click” purchase and load to portable player features – something we had two years ago. I think we laid important groundwork to make this happen, but missed delivering on our entire vision.

I sold MP3.com at a time and price that I thought was good for our shareholders and have no regrets and wouldn't change any decision I made.

6)Wal-Mart
by Znonymous Coward

Microtel and Lindows have put togther some great deals for Wal-mart.com; How are sales going?

Will the Microtel + Lindows PCs ever make it to Wal-Mart store shelves?

Robertson

Sales are strong - we have the best selling products at Walmart.com. I'm confident that success will lead to retail store distribution on retailers' store shelves. We're waiting until our next version (4.0) to distribute LindowsOS in major outlets. The quality needs to be there to satisfy everyday (non-technical) computer users. I can't stress how critically important this is to the success of desktop Linux.

Linux MUST be preinstalled on computers to be a sustainable business. The Microsoft stranglehold on OEMs must be cracked to change the dynamics of the PC business. Until this happens, no desktop Linux company should be considered a viable longterm company.

7) PATENTING ONE-CLICK-INSTALL
by neitzsche

Dear Mr. Robertson,

Could you please update me on your efforts to patent your one-click-software-update solution?

If you are granted such a patent, do you plan on allowing the open source community free (beer/speech/both?) licensing?

Robertson

We don't have a patent on Click-N-Run and have not filed a patent application. I'm not a big believer in method patents. Patents need to be “non-obvious”. I'm not sure “one click anything” is patentable or should be – whether an order process (think Amazon) or software installation routine.

8) Viruses
by minus_273

Not having viruses is one of the upsides of . Why do you sell a virus scanner for Linux?

Shouldn't you be presenting the lack of viruses as one of the reasons to switch?

Robertson

I shared your viewpoint initially, but then we heard from users and discovered something new. What people thought was most lacking from LindowsOS that prevented everyday use was “virus protection”. I was surprised by this result so we talked to users to understand their logic. It turns out that they have been so traumatized by the virus problem on Microsoft Windows that it has shaped their view of the world. Many told us they would NEVER use a personal computer without virus protection because either they had been infected and publicly embarrassed or they knew someone close to them who had. Others said that their corporate policy mandated virus protection or the employee could be disciplined. It's no longer a rational decision, but simply a presupposition to using a computer.

Let me use an analogy. Say someone grew up in the crime-ridden inner city project and then decides to move to the country. No matter how hard that real estate agent tries to use statistics and reasoning to convince them they don't need locks on their doors of the house they're buying, the buyer won't believe it because that's not the world they grew up in. 95% of the world has grown up in a Microsoft virus-infested project. Microsoft has cleverly positioned it as a solely external problem so they don't have to incur the cost to fix it. Bravo to Microsoft for good marketing which has saved them billions in support. Consequently, computer users don't see the root of the problem as shoddy Microsoft programs that if they were to abandon the problem subsides, but rather a fact of life of personal computing. It's a lock on the door they insist on having – regardless of the crime statistics in their area.

So we offer a one-click virus solution powered by Central Command. Virii are a tiny problem today on Linux, but as more desktops migrate it would be foolish to think that it will never be a problem. Just stopping inadvertantly passing on Microsoft Windows vulnerabilities has value to many consumers, as I've attempted to illustrate to many people considering desktop Linux.

9) Click-n-Run vs apt-get
by mahdi13

Lindows is based off of the Debian code and uses apt-get to install software from the Click-n-Run repository. What is in place to keep people from changing the apt-get sources from CnR to the Debian sources and install something like Synaptic (and getting newer, updated packages for free) instead of paying the $99/year (with a few execptions)?

Robertson

It is true that LindowsOS is Debian based, but Click-N-Run is no longer apt-get based. We're now on the third generation of the Click-N-Run architecture and it shares virtually no code with apt-get. As often happens you learn a lot when you do version 1.0. In the first version we learned the limitations of apt-get and were forced to create our own system which would better support personalization, commerce, error handling, and low bandwidth environments. We saw about 60% success rate using the first version of apt-get. Today we achieve over a 90% success rate. And we're able to offer advanced features like Aisles, CNR Express, a full featured commerce engine, and critical features like auto-retry and partial install resume.

LindowsOS users are free to use apt-get or any other feature. We don't remove the command line or limit their ability to install software. They can “open the hood” if they want to. Our goal is to do all the heavy lifting for them for a fair price and build a profitable business. If we can't offer value beyone what they can get from apt-get then they shouldn't give us any money. So that keeps us working hard to offer value.

The Warehouse part of the Click-N-Run (http://lindows.com/warehouse) adds tremendous value as well. Not only do users get an informative graphical representation for many products, but because listings are based on popularity they can get a listing of the most valuable software as measured by the community. We also spend considerable amount of time working on the top 25 programs. We typically customize them to make them work well together and on LindowsOS. Since anyone can browse the information for free, we have even learned that our warehouse is used by many who don't use our products as a resource. We recompile the programs to use the “My Documents” folder by default to resolve one of the common complaints from users that “they can't find their saved files”. That's obviously a simple example, but those are the types of things that make all the pieces work well together for LindowsOS users and will bring desktop to a wider audience.

10) Xbox
by randomErr

What ever possessed you to put up the bounty on the Xbox project?

Robertson

To understand my motivation it's probably important to understand my belief in personal ownership. I believe that if you purchase a product, you should have the right to change it, move it, or alter it for your own personal needs. The seller should have the right to say that you void the warranty or refuse to support it if you change it, but you should still have right as the purchaser to make that choice. This goes for music, software and personal computers. My belief is that as long as consumers have this right, then they'll use that freedom to make choices which steer our society in a generally positive direction. I'd contend we've already witnessed this with MP3.

The Xbox is Microsoft's first attempt at a closed architecture PC. What they learn from the Xbox will be in their next generation closed desktop PC system. Microsoft wants to move to a world where THEY decide what software a computer runs because that will allow them to extract the most money from consumers. They'll position this product with a comforting sounding name like “trustworthy” computing and tout the benefits, but it's really about shifting power over an individual's PC from the buyer to Microsoft. Microsoft will put up a permission gate before any software can be installed which will have a fee associated with it. It will ultimately give Microsoft control over a user's computer. This is why we do not, in any way, limit what software users can install.

I think it's critical that consumers have control over their computers and the ability to decide what software they want to utilize. I look at the Xbox as simply a personal computer. This is why I funded the Xbox reward.

NOTE: I funded it through http://pubsoft.org, Russ Nelson's great concept which I hope catches on.

Consumer freedom is also one of the primary reasons I started Lindows.com. If we can get a substantial number of desktop users we will ensure the longevity of an open architecture PC and ensure that the computing world evolves in a consumer-friendly direction.

Thanks for the opportunity to answer your questions.

This discussion has been archived. No new comments can be posted.

Michael Robertson of Lindows Responds

Comments Filter:
  • by Malor ( 3658 ) * on Monday May 05, 2003 @01:04PM (#5883023) Journal
    You know, one of his answers really bugs me.... the old 'security versus convenience' argument. He essentially says that Lindows runs as root to be convenient.

    He talks, later, about how his customers are so traumatized by viruses that they'd never consider running a machine without some kind of protection. Windows, which has always been 'features before security', has horrific virus problems.

    In essence, he's indirectly bashing his own way of doing business. One of the main reasons viruses don't spread as easily on Linux is simply that normal users don't have permission to mess with system files. Even if a virus DID infect your Linux box, the damage would most likely be contained to the user account's home directory, unless you did something stupid (or weren't patched up properly). Lindows is, in essence, being stupid by default. He's trying to make Lindows 'just like Windows' -- so you get all the design problems and fewer user-level features to boot. What a deal.

    If he wants to make Linux BETTER than Microsoft, this is likely an area of key differentiation, and yet he's glossing over the whole issue for 'user convenience'. Instead, he should be investing resources into engineering a solution that preserves both ease of use AND security. It can be done, it just costs time and money. Mandrake has a decent solution to this problem. It could be improved, but it's not too bad. It would make a fine starting place.

    A corollary of an old computer aphorism: "Cheap, secure, convenient. Pick any two."
    • Kidding yourself (Score:5, Insightful)

      by Sanity ( 1431 ) * on Monday May 05, 2003 @01:19PM (#5883169) Homepage Journal
      One of the main reasons viruses don't spread as easily on Linux is simply that normal users don't have permission to mess with system files.
      I really think that Linux users are kidding themselves when they use this argument. The main reason that there are so few Linux viruses out there is that there are so few desktop Linux installations relative to Windows, making it less fun to write Linux viruses, and less likely for them to spread.

      A Linux virus could do significant damage without root access, and there are a variety of ways that such a virus could trick the user into giving it root access. Trojan a RPM or DEB, or even just ask the user for their root password with some excuse like "Your hard disk has reached a fragmentation level of 30%, we recommend that you defragment it now. Please enter your root password").

      • by Otter ( 3800 ) on Monday May 05, 2003 @01:29PM (#5883291) Journal
        A Linux virus could do significant damage without root access...

        In general, the idea that users don't have access to anything important is a holdover from when Unix meant large multi-user systems with regular backups. In Linux desktop use, the files in ~ are probably more important and less replaceable than system files. And, as you say, there's no need for root access for an email virus to spread.

        • by Lumpy ( 12016 ) on Monday May 05, 2003 @03:25PM (#5884488) Homepage
          And, as you say, there's no need for root access for an email virus to spread.

          you are right... it needs Microsoft Outlook.

          anyone who put's scripting in any email program needs to be brutally killed in the streets, and their body publically impaled as an example to others...

          same goes for the ability to do anything with an attachment but SAVE AS.... come on programmers.. get a clue.
          • by ichimunki ( 194887 )
            Why shouldn't there be an ability to open the attachment directly with an appropriate application? The extra step of saving the file to disk isn't ultimately making anything safer.

            And you're kidding about Outlook right? I've seen email viruses that worked in Pine. All that was required were gullible users who would hasten to forward an email to their entire addressbook because they'd read a line in a scare-mail like "forward this to everyone you know immediately". :)

            Just as scary, and not unheard of o
            • by Sj0 ( 472011 ) on Monday May 05, 2003 @06:44PM (#5886217) Journal
              The extra step of saving the file to disk isn't ultimately making anything safer.

              It most certainly does. Just remember that for the longest time, everyone KNEW that viruses couldn't be spread by looking at e-mails. nowadays, just looking at it in the preview pane is enough to infect your system and send it to everyone on your list if you haven't patched and secured Outlook Express.

              The behaviour you're describing is a result of idiocy. Outlook viruses make it so non-idiots can infect their systems my doing something mundane and not paticularly stupid at all (reading an e-mail isn't stupid. Opening foreign executables can be.)
          • by dsplat ( 73054 ) on Monday May 05, 2003 @04:41PM (#5885195)
            you are right... it needs Microsoft Outlook.

            And when someone finds a security hole in a commonly used version of Mozilla or Evolution, that could hit a significant percent of desktop Linux users. If we make the assumption that the number of such users is going to grow, I think it is safe to assume that they are not as likely to use something that doesn't look like a Windows e-mail client. They want to make the transition as simply as possible.

            There will be Linux viruses. We will get hit. Currently, the smaller installed base and the diversity of distributions, client software, kernel versions, etc. is making Linux harder to target. If 90% of desktop users were using Linux, and 80-90% of those all used the same e-mail client, browser, and word processor, Linux would provide a rich target environment. More virus writers would target it.
            • by Alan Cox ( 27532 ) on Monday May 05, 2003 @06:16PM (#5885974) Homepage
              It stops being about program security at a point as your user base grows. While there is no excuse for the shoddy UIs in things like Windows that made it natural to click Ok to "a fun thing fred sent" the ultimate target nowdays is the user, because users are the weakest part of the system.

              Thats why things like SELinux or the Debian RSBAC Linux are so important. There is a real need to make sure any user can work out which end is the barrel without pulling the trigger

            • by Azureflare ( 645778 ) on Monday May 05, 2003 @06:27PM (#5886062)
              Isn't it better that we make ourselves harder to hit though? That's why it's important that the linux community continues creating quality coded products, without easy-access holes. Yes, people will find vulnerabilities. Is there a system that will never have vulnerabilities? That's like the notion of "100%"..You can protect 99.99999% of the time, but pure freak chance will always get you in the end. But at least those vulnerabilities will be fewer (hopefully?) than microsoft's products. At least the damn script kiddies won't be able to send out viruses? I remember when some Microsoft high-up guy was speaking on some major security hazard in Windows XP home edition (It was on grc.com a while back), he said (Basically) Why should we make it hard for hackers? They will find a way, so we shouldn't waste time trying to prevent it.

              OK, they want to save costs, but leave the users out in the cold. NOT the people I want coding my operating system/office/internet browser. Until they take a firm view about actual "security", I will not trust them. Not that I really matter..I'm just a consumer; They could probably care less how I think of them.

        • Re:Kidding yourself (Score:5, Interesting)

          by StormReaver ( 59959 ) on Monday May 05, 2003 @03:28PM (#5884523)
          "And, as you say, there's no need for root access for an email virus to spread."

          So many people who use this argument are overlooking the obvious. An email virus requires an email program that will automatically execute attachments. There is no email program for Linux that does this. All Linux email programs require the user to:

          1) Save the attachment to disk.
          2) Change the file attribute(s) to executable (because Linux email programs never save files with the execute bit(s) set).
          3) Expicitly run the program.

          The reason Microsoft email viruses are so prevelant is because Microsoft's email program requires the user to:

          1) Read the email.
          2) There is no second step.

          Running the system as root will in no way make a user susceptible to email viruses on Linux. However, running as root will greatly increase the damage done to the system if a user runs a malicious program.

          Assume that I, under my user account "stormreaver", get tricked into performing the three steps needed to run a malicious binary emailed to me and it completely wipes out my home directory.

          If I didn't have backups, which is foolish considering how cheap CD-R's are nowadays and how easy KDE 3.1 makes backups, it's true that I'm out of luck for my personal files. I have to remove my account (by becoming root), recreate my account, and start over. The rest of my system (games, utilities, etc) are all fine.

          If I did have backups, which I have, then I delete my compromised account, recreate the user account, and copy my backed-up config files. It takes my (estimating) about ten minutes to get back to where I was (allowing time for reading hundreds of megabytes from the backup CDs). I'm then back in business. Since all my executables (minus my in-development binaries) were protected by root access, nothing was permenantly damaged. At most, I'm somewhat inconvenienced. I saved days of redownloading and installing large non-system apps and several hours of installing and tweaking my operating system (with the latter taking most of the time).

          The superuser/regular-user distinction made in Linux is real protection against filesystem viruses because it eliminates the automatic propogation mechanism required by such viruses.

          Only profound stupidity on the part of email software developers (and profound stupidity on the part of users running Outlook through WINE, though the threat is greatly reduced on Linux because most WINE installations don't have Microsoft address books) will present an email virus problem on Linux.

          Running everything as root will still require active user participation to propogate any type of Linux virus. However, the damage done will be far more extensive.

          None of this will matter, of course, if a regular user installs something by temporarily becoming root, and the install program then makes the software setuid root. However, the protections added by the superuser/regular-user distinction are significant.

          KDE has almost nailed all circumstances where this is inconvenient and provides a simple way to temporarily become root to perform system-altering tasks. The only one remaining, that I encounter, is having to use the command prompt to su to root in order to install a game using Loki's installer.
        • Re:Kidding yourself (Score:3, Informative)

          by evilviper ( 135110 )

          the files in ~ are probably more important and less replaceable than system files

          Well, not from a virus' point of view. What a virus needs to do is load itself into memory, then save itself to disk, in some way that it will be started again, then hide it's presence as completely as possible.

          All of the above is possible if you are running as Root... The last 2 above are ``more difficult'', and ``not possible'', respectively, if the virus is loaded as a non-privlidged user.

          I would like to express my utte

      • by Malor ( 3658 ) * on Monday May 05, 2003 @01:33PM (#5883334) Journal
        Yes, all of those things are true. And I imagine that eventually, Linux viruses may become a real problem.

        But it is an extra layer of security; virus writers have to work harder to get around the inherent limitations. It's not a free lunch.

        On a normal Linux/Unix machine, An HTML-code exploit is not, by itself, going to spawn a remote root shell to Joe Attacker's box; it's going to take either user foolishness ("Type in your root password for maintanance purposes") or a second local exploit to do it.

        On a Lindows box, ALL you need is the HTML exploit, no additional stupidity required.

        One of the key issues with both real-life and computer-based viruses is containment. You're seeing that now with SARS. If you can slow the rate of infection, you gain time to deploy a response.

        Tens of thousands of run-as-root boxes directly attached to cablemodem make a very fertile environment for virus development. An extra layer of security, requiring additional stupidity on someone's part, will slow the spread and help contain the damage.

        Any defense can be gotten around, given enough time and effort. That does not, however, imply that no defenses should be deployed. I stand behind my assertion that knowingly defeating one of the main lines of security in an operating system for 'convenience' is grossly stupid.
      • by sbaker ( 47485 ) on Monday May 05, 2003 @02:50PM (#5884108) Homepage
        EH?

        The reason viruses don't exist/spread is because Linux mailers don't treat data as code. Simply reading text files and HTML (sans Java/Javascript) cannot allow a virus to spread by the *simple* mechanisms that allow them to propagate in the Windoze world.

        There is also the diversity argument. Under Windoze, there is essentially only one mailer in common use. If you hack a virus to work with that, it'll spread like wildfire because every mail it sends out to replicate itself has a 99% chance of hitting another machine that'll replicate it. In the Linux world, even if all those outgoing mails reach other Linux boxen, the chances are that most of the people it reaches will be running some other mailer and the virus will stop right there. That DRASTICALLY slows down the growth rate of the virus - so even if one were possible, it would spread at a snail's pace and be easy to contain.

        I don't think it has anything to do with root access.

        However, I regard the idea of running Lindows in root 100% of the time as sheer lunacy. There is such a thing as protecting a user from himself. "rm -R /" should NOT work! If it were both safe and convenient to run in root all the time, most Linux desktop users would do so - however we don't - an overwhelming number of people will voluntarily give up a small measure of convenience in order to gain a measure of protection-from-self-induced-screwups.

    • by Anonymous Coward
      I agree with you, but also see his point that people should be able to sit down and get on with things.. maybe it would be possible to run everything that requires root privs through a version of sudo that checks whether the user is logged in at the console? Perhaps someone should point out the negative impact of thousands of users returning their PCs to walmart because an email worm does rm -rf /... not only in terms of cost, but also the damage it would do to lindows reputation.
      • by gig ( 78408 )
        You don't have to actually figure out how to do this right. You can just copy it from Mac OS X. Artists and musicians run as User or User/Administrator on Mac OS X. The root account is not even enabled unless a User/Administrator specifically does so for that machine. You can run as User/Administrator in Mac OS X full-time and it is basically like running Mac OS 9 only you can't put the System folder in the Trash without really meaning to.

        Also, when we "install" applications on Mac OS X it is just a matter
    • I kind of agree with you, but am not conviced. When I install a linux distro, I get root access, the "only" difference is that I am recommended to get a user account. I haven't installed lindows, but for sure there must be some info during the first logon?? The virus issue, well...They could have a splash telling you "linux is immune to virus", but as you know, that is not entirely true, so give them their(windoze users) antivirus sw, it's like giving a crash helmet to the "go-cart" at the local fair, it is
    • by NanoGator ( 522640 ) on Monday May 05, 2003 @01:21PM (#5883201) Homepage Journal
      " Lindows is, in essence, being stupid by default. He's trying to make Lindows 'just like Windows' -- so you get all the design problems and fewer user-level features to boot. What a deal."

      The last time I used Linux (Redhat 8 for those who are curious), I had to log in as root just to change the resolution of my screen from KDE. This is trivial to a Linux user, but to a Windows user this is ridiculous. Security shouldn't make your computer hard to use, but it does. We all know that when it's scary to use a computer, people just plain won't. Linux may be 'secure', but it also tends to leave the uninitiated with a shivery feeling of using it. That is NOT mass-market appeal.

      "If he wants to make Linux BETTER than Microsoft, this is likely an area of key differentiation, and yet he's glossing over the whole issue for 'user convenience'. Instead, he should be investing resources into engineering a solution that preserves both ease of use AND security."

      No, the Linux Community should be doing this. He's trying to get Linux out to a larger audience. He has to respond to customer demand that the product be useful without having to learn a lot of strange ideas like what 'root' is. That's exactly what he's doing. If his product is a security risk because they opened up some obvious features that root lets you have, then the Linux Community should step back and say "huh. Somebody could be a real shithead if they had access to this. Maybe we should find a better way to lock it down." His money will be spent trying to get this thing on shelves and marketed so that Linux has a broader user base. You guys want to compete with MS, right? Then make Linux more useful to newbs. Windows has, and continues to have a very strong edge against Linux in this area. Guess what, it's the type of thing people make purchasing decisions on.
      • by pmz ( 462998 ) on Monday May 05, 2003 @02:24PM (#5883840) Homepage
        Security shouldn't make your computer hard to use, but it does.

        What's so hard about configuring a separate OpenBSD box on the LAN for dialing the ISP while adding packet filtering, NAT, and routing...all in the name of security. It took me only a few days to get it all working just like I wanted it to, and I'm confident it doesn't have weak passwords nor overly-permissive rules for vendor back doors. HTTP, HTTPS, and DNS are all any user would need from the Internet, anyway. Of course, Mozilla needs its own user account. Anything else would be silly.

        I just don't understand your argument that security is hard ;)

        (BTW, I actually had the above configuration for a while but dropped the separate user account stuff eventually--it's just a PITA)

    • by Apreche ( 239272 ) on Monday May 05, 2003 @01:21PM (#5883205) Homepage Journal
      Yes, indeed. You and I and others here are computer geeks. We understand that running as root is bad. What this guy is saying is that he doesn't care if it is really secure or not. His target audience is not you. His target is the average joe who doesn't know jack about computers. The person who things that a bsod means they have a virus. The person who uses windows me because it came with their computer.

      Because his target is people who aren't in the know, he doesn't actually have to be secure. He has to use the airport scheme.

      Let me explain the airport scheme. Airport security is bs. I've been through it numerous times since 9/11 and every single time I've noticed obvious gaping holes. If I really wanted to I could have brought a variety of weapons onto the planes. So why is the security there? As one employee of the airport blatantly admitted,

      "...It's to make customers feel safe. We know we can't really have foolproof security, so we do things that make people feel secure. The media scares them so much that they wont fly if there isn't an illusion of security to make them feel safe."

      I could write a program that sits in the system tray, displays an icon of a bug, and has a few status meters. It would look like it was an anti-virus program. And peopld would buy it. And because it was there they would believe their computer was actually protected from viruses. The media has scared them to be worried about it. But most problems with computers owned by the average non-geek are because the person fudges up their own machine, not from a hax0r or virus.

      I think you understand without me typing anymore.
      • I think you're wrong about airport security. Sure, it's not foolproof - very little is, and the cost of getting close to it would be prohibitive. But it's not there just to make passenger's feel secure - it's there to give potential terrorists the knowledge that there's a good enough chance of them being caught that they'll not attempt what they would otherwise have tried.

        How else do you explain the security measures that passengers don't see ? (By the sound of it, I'm sure you're not aware of them all eit
    • If he wants to make Linux BETTER than Microsoft, this is likely an area of key differentiation, and yet he's glossing over the whole issue for 'user convenience'. Instead, he should be investing resources into engineering a solution that preserves both ease of use AND security.

      Agreed. The Mandrake and Red Hat technique of prompting for the root password seems perfectly reasonable and convenient to me. Running with minimal permission needed to do what you need done guards one against oneself as well as aga

    • I've been using Linux since about 1996, and have always run as root, because it annoys be to be denied access to something and have to su. I have NEVER had a problem because of this.

      I also own guns, and have never accidentally shot myself. So there you go.
      • by gaj ( 1933 ) on Monday May 05, 2003 @01:42PM (#5883403) Homepage Journal
        I think your analogy is faulty; at least I hope so.

        I also own guns, and have never shot myself. OTOH, I don't keep (all of) them loaded at all times. Also, each has a safety, which I keep on unless I believe I'll need to fire the gun shortly. In addition, they are all kept under my control or observation at all times; I keep them locked in a safe when they're at home and when I transport them they're usually in locked cases and always have trigger locks. I consider all of this basic common sense, much as I consider running a non-priv user to be basic common sense.

        Running root all the time is like keeping my guns loaded with safetys off. No matter how carefull I am, an accident is bound to happen.

        Now, as I said, I don't think your analogy is all that great, as guns have a different aura of respect (or should) than computers. Running as root, I know I'd eventually become (even more) complacent. The "without a net" feeling would wear off and I'd do something similar to the proverbial "rm -rf * .bak" while in the root dir. (DAMHIKT - stitching inodes back together by hand is a bitch). Guns, OTOH, will always have that aura of respect about them for anyone brought up or trained properly.

    • by jj_johny ( 626460 ) on Monday May 05, 2003 @01:24PM (#5883239)
      I really love you and all your geek friends that don't understand a damn thing about end users. Yeah, you could setup a nice system where people had to use one password for their everyday use and another for their admin needs. Guess what 90% of the users out there don't even want passwords on their home machine. So they really don't want two. Duh. If you look at what Lindows market is it really means making it easy to use like the competition. If you want to stay in a niche like Linux is right now, just keep it up.
      • by dogfart ( 601976 ) on Monday May 05, 2003 @02:27PM (#5883868) Homepage Journal
        The issue isn't security versus convenience, it's finding a user-friendly non-geek way to allow people to happily do 99% of their work as non-root, while providing an intuitive, secure, replacement for "sudo".

        Maybe require some sort of "secure keystroke" combination in response to a prompt for root authority (e.g., "Program x requires additional authority, please press ctl-alt-del to continue"

        It shouldn't be impossible to come up with some analogy to temporary elevated privilege that a non-geek could relate to, then use this analogy to design a user interface.

        The other usability issue is ensuring elevated authority is only required infrequently, like when installing a device driver. My pet peeve with Windows is requiring local admins authority for things like changing network addresses. Programs should be designed so that "root" is only required when it really is necessary

    • Mac OS X compromise (Score:5, Informative)

      by goombah99 ( 560566 ) on Monday May 05, 2003 @01:24PM (#5883245)
      The mac OSX compromise on root is great I think. The main user has full admin privledges but must authenticate (like sudo) every time they are used. thus a rogue code cannot act as root even when running in the admin users account.

      even better of course is that OS X is moving beyond the sudo model to an even more secure password framework. currently some programs still ask you to give them your password so they can in turn use sudo internally. (e.g. fink, and many other programs you install). But most new software for mac has gone to a system that passes authentication to an OS level agent, so the program never actually has access to the password itself.

      Does linux do this too? or if it has this capability why do so few programs use it?

      • by goombah99 ( 560566 ) on Monday May 05, 2003 @01:37PM (#5883368)
        It seems to me that viruses/trojans could do a variation on the old fake-login prompt. emulating the expected look of the password agent then grabbing the password before passing it along to the real agent.

        how could one defeat this? I could think of maybe two ways. one would be if the password agent only accepted keyboard input at the device level so that no program could feed it to the authentication agent.

        another method might be to have some sort of video display effect that is accessible only to root level UIDs. for example suppose one had some particular easily recognized transparency effect or suppose that the upper right corner pixel of the screen was only root accessible. then the authentication agent could turn it red when activated to prove to the user it was the "real" agent and not an impersonator.

        any one have better ideas?

    • by vidnet ( 580068 ) on Monday May 05, 2003 @01:48PM (#5883449) Homepage
      If you're the only person that uses the computer, running as root or user makes little difference. If you have a single non-system account "alice", and the user always uses it, then a virus will be able to send email itself to all of alice' friends, delete all of alice' files and documents, and mess up the config files until alice can't log in (think ~/.xinitrc that ends at once).

      Yes, the system itself can be salvaged, but none of alice' files or settings. If she had run as root, the system would require a reinstall, but that's the only difference. (and with Lindows, this isn't much of a problem I hear)

      However, if her brother bob had an account, then all his stuff would be perfectly safe and sound if she used her user account. If she used root, then bob's files would be gone too.

      So while running root is bad, it mostly* matters for multiple users.



      *Exceptions include, but are not limited to, system-wide config, certain backup facilities, additional partitions, etc

    • " Even if a virus DID infect your Linux box, the damage would most likely be contained to the user account's home directory, "

      which is enough to destroy the users experience.
      user:"I lost all my important files!!!"
      Support:"at least you didn't loose your system files"
      User:"but I need the files I use, couldn't I get the system files by just reinstalling?"
      Support:"aaahhhhmmmm.... got to go."

    • by saurik ( 37804 ) on Monday May 05, 2003 @02:23PM (#5883832) Homepage
      Frankly, I've never understood this whole "running as root is bad" thing. It's this mantra that's continually expoused by Unix types and it really has no point. Back when the idea was "one computer, multiple dumb terminals", it made a lot of sense, and that's when it got ingrained in everyone's head. One user shouldn't be able to take down an entire computer by deleting the OS, and shouldn't be able to delete other people's files.

      But... hello? That's not how things work anymore. The computer on my desktop is _my computer_. No one else is going to use it. If I destroy the OS I inconvenience only myself, and I destroy only about three to five hours of work to reinstall everything that used to be there.

      The thing I _should_ be worried about are all of my documents; my papers and photo albums, all of the _content_ that has taken me years to create and will never come back again. Are those stored as some weird protected user account? NO. And no one ever addresses this.

      If I delete all the files that my "saurik" user on my box can access, I lost everything of value on the computer. The OS and all it's software has no intrinsic reason to exist, it is only there to help me modify the data that I store as my own user (and pretty much _have to_ as I _do_ want to be able to modify it).

      It's not even something worth a minute of investment in protecting considering I end up reinstalling my computer every few six months or so with the lastest distribution anyway. Accidentally breaking it just gives me an excuse to start using new software.

      The solution here has nothing to do with access priviledges and has everything to do with backups. You backup all of your files as often as possible (which is never often enough as the _most critical_ of all of my data is usually what I've spent the last five hours doing... last week's work tends to be last week's problem).
  • Lindows is good (Score:4, Insightful)

    by Anonymous Coward on Monday May 05, 2003 @01:04PM (#5883035)
    Why does this poor company get so much flak? I don't care what RMS says the GPL make making money *very* hard. Lindows adopts practices that remind the Linux community of proprietry companies and all hell breaks loose. Let them be.
    • Re:Lindows is good (Score:3, Insightful)

      by DThorne ( 21879 )
      I agree. This is, in fact, the very model of Open Source(without all the frickin' religion) - what will survive will thrive, what dies will die. Let them go ahead and see if there is a market for people that don't want multi-user systems, and don't want Windows. Personally, I'll be the first to agree with most that he's got it wrong, and there is no such market. I think the very few that are in that camp will get a Mac, and other non-experienced users won't understand why Lindows doesn't have the same s
      • Re:Lindows is good (Score:4, Insightful)

        by scrotch ( 605605 ) on Monday May 05, 2003 @03:27PM (#5884514)
        I think we need to alter your market definition. I don't think it's so much about people not wanting Windows as people that want the cheapest computer they can find.

        This makes the market a great deal larger. It doesn't put me in the market (or you I'm guessing), but a lot of people fall into it.

        And like you said, if this market works for Lindows, it works. I don't see that they're really taking any users away from the Mac or hardcore Linux/Unix markets. They're more likely to sell to new computer users or potential Windows users. Once they get into retail stores, that is - they're not going to be selling to the majority of new users with an online-only store.
    • Re:Lindows is good (Score:3, Insightful)

      by HiThere ( 15173 ) *
      Lindows got (not gets, got) a lot of attention because it was the first mass-market available pre-installed version of Linux, and everyone wanted it to be perfect. And had different ideas of what perfect was than Michael did.

      I still don't agree with all his choices, but I do respect them as reasonable. Probably better than the ones that I would have made. Mine would have been technically nicer, but not as customer friendly, and that's important for a mass market distribution. I don't consider any of th
  • Ummm...No (Score:5, Informative)

    by Wyatt Earp ( 1029 ) on Monday May 05, 2003 @01:07PM (#5883060)
    "Take a Microsoft Windows XP or Mac OS X machine out of the box and use it and it operates in a similar manner to LindowsOS ? the first person to touch it can do whatever they want."

    Sorry, Mac OS X is not running as root out of the box.

    While the first user is an Admin, they do no have root access, there are many directories they can't see, and they can't go in and trash stuff in another users account.

    • Re:Ummm...No (Score:3, Insightful)

      And even at that level of ease vs. security there are inconveniences for less technically inclined users. Having to enter an administrator password every time one installs something under OS X is an annoyance. I won't argue whether it's better (safer, etc.), just that it does introduce a new hurdle for novices. Outside of the geek community that understands and argues about such things is the real world where products need to be delivered with ease of use to the masses.
    • Re:Ummm...No (Score:2, Insightful)

      by Anonymous Coward
      His point on this was that noone gives a crap about wether or not root logs on. The market he is selling to jsut wants to get its dumb work done and then turn the stupid computer off.

      Virus protection: same thing. They want 'virus protection' because thats all the rage. Wether or not they KNOW what the fuck virus protection even does, they dont care... they need it.

      They're selling an illusion, if you will. Jesus, MS does it all the time. :)
    • Re:Ummm...No (Score:5, Insightful)

      by JUSTONEMORELATTE ( 584508 ) on Monday May 05, 2003 @01:22PM (#5883216) Homepage
      Sorry, Mac OS X is not running as root out of the box.


      While the first user is an Admin, they do no have root access, there are many directories they can't see, and they can't go in and trash stuff in another users account.
      While you point out an interesting distinction (BSD/OSX's difference between admin and root) it is beside the point.
      Robertson's contention is that commodity PCs aren't running as multi-user systems. The person who powers it on is the user, the admin, the only one using it. There are no "other users" to trash.
      The tradeoff is convenience/security. Some claim that it's better to spend your day-to-day operations in an unpriv account, and intentionally change to a priv account when those privs are needed. Robertson's claim is that non-geeks don't want to make that distinction or take that extra step, and the reduction in protection is worth it for ease of use and the resulting acceptance.

      He's in an interesting position by pushing an OS for folks without CS (or generally geeky) backgrounds. My linux boxes all have non-priv accounts, and I use sudo when I need it. To be quite honest though, I'm typing on a win2k box, and my user has full Administrator privs. It is also a single-user system. There are no other users who's data needs to be protected. Am I more vulnerable to OS damage from inadvertant actions? Sure. Do I care enough to give up the convenience, not really.

      --
      • Re:Ummm...No (Score:4, Insightful)

        by SCHecklerX ( 229973 ) <greg@gksnetworks.com> on Monday May 05, 2003 @01:48PM (#5883459) Homepage
        I beg to differ

        Most households only have one computer. No network. no multiple machines. Johnny, Dad, Mom, and Suzie all use the same computer. A multi-user OS is the proper way to do this, so that Dad doesn't have to worry about Johnny fscking up his files, or if dad is the administrator, of johnny, suzie, or mom fscking up the computer system files.

        Unfortunately, Lusers have been trained that it is 'ok' to trample all over the system, fscking up the settings for everybody. Linux has always been a multi-user system, so it is TRIVIAL to have several people in the household share a single computer, yet all have their own environment to work in. My ex-g/f and her two children certainly have no problems with the linux box I built for them.

        Win2k was a step in the right direction, but most windoze programs are not multi-user aware still.

    • Re:Ummm...No (Score:5, Informative)

      by Ian Bicking ( 980 ) <[ianb] [at] [colorstudy.com]> on Monday May 05, 2003 @01:26PM (#5883262) Homepage
      the first person to touch it can do whatever they want.
      In contrast, however, this is true for MacOS X, and for any version of Linux (because the person that sets up the machine gets to set up the root account).

      But, in contrast to Linux, MacOS X doesn't require root priviledges to change the clock or a number of other operations (many hardware related). Linux often requires higher permissions than it should, because it is coming from the perspective of a shared, multiuser environment, or it does not give the console user extra priviledges.

  • "Naturally, when answering your questions, he boosted his company. (Wouldn't you?)"

    would read:

    Naturally, when answering your questions, he boosted his company. (Which is typical for a money-grubbing, morally bankrupt merchant of the Devil!)

  • Geek Cult Linux (Score:4, Interesting)

    by CyborgWarrior ( 633205 ) on Monday May 05, 2003 @01:15PM (#5883139) Homepage
    I'm a high school student in CT, USA and have been for a long time trying to convince the technology department to move to a Linux server. Everyone in the technology department seems hesitant, but I've also talked to many of the teachers and they seem more open to it. Interestingly, it seems less of a geek thing around here, than a normal user thing. People are beginning to get seriously disgusted with Microsoft and are looking more for other options. This could be the perfect time for Lindows to enter the market for the average user.
  • "the Click-N-Run architecture and it shares virtually no code with apt-get"

    Isn't this a GPL violation, if Click-n-run is utilizing any code at all from Apt? So where is the publicly available source code for click-n-run anyway? I don't see it on their source code FTP site. [130.94.123.237]
    • by i_am_nitrogen ( 524475 ) on Monday May 05, 2003 @01:20PM (#5883187) Homepage Journal
      Click-N-Run never shared any code with apt-get. It originally called the apt-get executable to download and install the software, but now the Click-N-Run client downloads the software itself, and uses dpkg to install it. This is just an accidental miswording by Michael Robertson.
    • by Soko ( 17987 ) on Monday May 05, 2003 @01:42PM (#5883410) Homepage
      Do you have the binary of Click-n-run?

      From the GPL FAQ [gnu.org]:

      The GPL does not require you to release your modified version. You are free to make modifications and use them privately, without ever releasing them. This applies to organizations (including companies), too; an organization can make a modified version and use it internally without ever releasing it outside the organization.


      But if you release the modified version to the public in some way, the GPL requires you to make the modified source code available to the users, under the GPL.

      Thus, the GPL gives permission to release the modified program in certain ways, and not in other ways; but the decision of whether to release it is up to you.


      I read that to mean that you are only required to relese the source to those people you've released the binaries to, and it says nothing of making the source available to the general public (unless the binaries are as well, of course).

      In summation: Buy Lindows, install it and then you should be able to get the source to Click-n-run. After that, you can modify and re-distribute it to your hearts content.

      Soko
  • Question #1: Why was it decided that Lindows would always run as 'root' by default?

    "Take a Microsoft Windows XP or Mac OS X machine out of the box and use it and it operates in a similar manner to LindowsOS ? the first person to touch it can do whatever they want."

    And Mac OS X runs a *NIX base and doesn't run everything as root.. >=P Everything makes use of sudo, wheel users, etc.. *shrug* Sounds like he didn't really have a valid answer to justify this... (They could have written the tools to
  • A few things (Score:5, Insightful)

    by IWantMoreSpamPlease ( 571972 ) on Monday May 05, 2003 @01:21PM (#5883197) Homepage Journal
    ..I think the larger issue here is how do you balance security vs. ease of use. We are committed to providing a secure desktop operating system and make policy decisions about how to achieve a secure but usable system. ..

    Sounds like PR speak to me...I could easily see Dilbert's boos (Bossbert?) saying this.

    In addition, I find it very interesting in regards to his talk about viruses and how users have become accustomed to the viruses that "ravage" the windows world.

    It's amazing to me that people will even *consider* it part and parcel of dealing with Windows that they can't even fathom there are alternatives (i.e. virus free ways of dealing with things), sad really!
  • by evilpenguin ( 18720 ) on Monday May 05, 2003 @01:22PM (#5883206)
    Well, I think this interview shows the man has his head on straight. He understands the real issues that keep "joe six-pack" from buying and using Linux and he understands why there is is little ISV support for Linux. He has a strategy for solving it. I don't know if it will work. I don't know if it is any good.

    But $200 PCs from Wal-Mart with Linux pre-installed is a big step on the way to adoption.

    I do not know Lindows (yet). I don't know if I think it is evil or not. But I bought one of the cheap PCs to find out. I figure that if I hate it, I can put another distro on the box.

    I, frankly, look forward to to seeing Lindows on PCs actually in Wal-Mart stores. You see, I'd rather have a substantial number of the people who don't care what their OS is running Linux (or at least having the choice) than being locked in to a Microsoft-only world. It will lead to better hardware and software support for the OS. Nothing this man does can take away our Free Software or our other distros. If some of the people today locked in to Microsoft become locked in to Lindows, does that really hurt anything or anyone?

    I disagree with him about the "running as root" issue. I understand his logic, but a "root only" Linux box is a Linux box that might very well come to need its virus scanner! Non-priv'd users are a big part of why Linux viruses are NOT a big issue.

    Anyways, I know I'm rambling. I'm not likely to ever buy a Lindows subscription. I'll end up putting Debian, RedHat, or SuSE on the box first (heck, maybe my first Gentoo box, who knows). But I think there is a supply of users for whom a product like Lindows is theoretically perfect. My mother-in-law, for example.

    Those of us who care about Free Software as a freedom issue wont be hurt by Lindows. And we might be at least indirectly helped.

    Interesting views. Good interview.
    • I disagree with him about the "running as root" issue. I understand his logic, but a "root only" Linux box is a Linux box that might very well come to need its virus scanner! Non-priv'd users are a big part of why Linux viruses are NOT a big issue.

      Um, actually I don't think this is true at all. The biggest "virus" problem in Windows land is the various email "virus". Technically worms, but the point is the same. And these abuse the easy code-execution abilities for Microsoft mail clients. If Ximian Evolut
    • I must agree (Score:4, Interesting)

      by Ender Ryan ( 79406 ) on Monday May 05, 2003 @03:40PM (#5884644) Journal
      I submitted the "why root" question, and while I think Lindows should use some method to separate the normal user from the superuser, I must admit that overall I am impressed by Robertson's tackling of the problems of putting Linux on the "average Joe's" computer.

      I think the default account should be a normal user, and users should be encouraged to give normal user accounts to family members and others sharing the PC, so that one member doesn't destroy the whole system. To "su" to root when installing software, changing configuration, etc., the system could simply have the user enter a keyboard combination that is captured by the OS, eg. ctrl+alt+delete.

      That would bring complete ease of use, while maintaining tighter security.

      OTOH, after posting the original question, a Lindows user informed me that current versions of Lindows ask the user, during installation, if they want to create accounts for normal users...

  • by Otter ( 3800 ) on Monday May 05, 2003 @01:23PM (#5883227) Journal
    Re: "Could you please update me on your efforts to patent your one-click-software-update solution?"

    Is there any factual evidence for such an effort, is the poster confusing Lindows with Amazon, is he completely clueless or did a bunch of crack-addled moderators mod up a troll?

    • by neitzsche ( 520188 ) on Monday May 05, 2003 @03:54PM (#5884796) Journal
      "evidence" - well no, no evidence per se. (Since when does one need evidence to post a question on /.?)

      I do not have any secret recordings of Michael Robertson outlining plans for focusing his efforts on legal (instead of technical) matters.

      But his colorful history does show that he seems to excel in the legal arena. OTOH, his technical decisions lead to very belabored discussions about whether users should run as root or not.

      I am happy with his answer to my question.

      I am glad that my question was moderated up, AND he deigned to answer it.

      Perhaps if I had carefully prepared a question, I would have asked how or if he intends to legally "help" the linux community. He was given the source code to a simply excellent operating system, as well as tons of application code for free. With some amount of effort, he is now able to call it his own. Does he now intend to fight legal battles that "little guys" cannot? (The Microsoft (TM) battle is the one example that I know of.) Does he feel that he owes the linux community anything?

      But I didn't. That's what I get for being in a rush to post rapidly after the call for questions appeared.

      BTW Otter, are you a Lindows employee or just an advocate?

      Lastly,
      is he completely clueless or did a bunch of crack-addled moderators mod up a troll?
      I've never done crack myself (can't speak for the moderators) and it's been a long time since I've had any mind-altering chemical stronger than the caffeine in my coffee. I certainly do not consider myself (nor my question) a troll. I'm sorry that you do.
  • Quite impressed (Score:5, Interesting)

    by be-fan ( 61476 ) on Monday May 05, 2003 @01:24PM (#5883238)
    I'm rather impressed with this interview. If anything, it seems to dispel a lot of myths about LindowsOS. In particular, I think it was very important that the information about the Click&Run patent, and the Click&Run vs apt-get issue was emphasized. I was rather surprised to find out that Lindows PCs are selling so well on Walmart.com, as well as to find out that they'd be hitting store shelves soon. All in all, I wish them a great deal of luck in pushing Linux in the mainstream.
  • I'm impressed (Score:5, Insightful)

    by u38cg ( 607297 ) <calum@callingthetune.co.uk> on Monday May 05, 2003 @01:25PM (#5883247) Homepage
    While I don't agree with everything he says, I have to say he's far better informed and making far better decisions than I thought he was.

    For the first time, someone is pushing a Linux distribution at customers with regard only to what customers want, not what geeks feel like providing.

    He has a serious handle on the things that will crack open the door to mass acceptance; pre-installation...simple installation - criticise the ethics of CnR all you like, at the end of the day it is designed to work seamlessly without specialist knowledge, and precious little else manages it.

    He also seems to have a good handle on what freedom means in a practical sense; the ability to control your computer - witness the Xbox bounty, leaving in apt-get, and so on.

    Lindows won't ever be my cup of tea, but I suspect that in a few versions down the road it will be the ideal Christmas present for Granny.

  • by Anonymous Coward on Monday May 05, 2003 @01:25PM (#5883252)
    I'm not so sure that the lindows/microtel boxes are anything but cheap white boxes that people install their pirated copies of windows software on....no one likes talking about this, but I'd imagine that many of those lindows machines being sold are being taken home, run once or twice as a linux machine , and then wiped and installed as a windows machine.

    Call me a pessimist, but the people who have the numbers (lindows and microtel) aren't likely to release them. How many people sign up for click & run vs the numbers of machines sold....

    • Buy a Lindows machine, format it and install Windows...this is not a good thing to do (or easy for those that don't know howto "fdisk /mbr" but for every Lindows machine sold it is +1 for Linux and 0 for Windows.
      If they don't sign up for the CnR, that doesn't mean they are not using the Lindows. They could be like me and want to run other apps from the apt-get sources (not hard to enter ftp.debian.org in the /etc/apt/apt.sources

      I do hope to see these sitting on the shelves at Wal-Mart soon, with a runnin
    • by jgardn ( 539054 )
      First, you are wrong on many levels.

      Just because someone buys the machine and doesn't use CnR doesn't mean they have pirated and installed windows on it. First off, where are they going to obtain a copy of windows? Do you really think they are downloading and burning their own copy of windows?

      If they do install windows, most likely they will install a version that they have already bought and paid for and have handy.

      If they don't, then they are probably not using the machine at all, or they are satisfied
  • by 1337_h4x0r ( 643377 ) on Monday May 05, 2003 @01:25PM (#5883254)
    Instead of saying "well why should we pay you for apt-get" and such, why can't we embrace this, work to extend their apps and do what we can to make this work? Isn't this what we wanted? A non-MS alternative that everyday people can use? I don't understand the hostility towards Lindows thats prevalent on /.
    • by stile ( 54877 ) on Monday May 05, 2003 @01:51PM (#5883482)
      Frankly, I don't give a crap if he's providing a non-MS alternative to "normal" people. I run linux because I'm a power user, and it does exactly what I want -- no more, no less (and it's free). When I was 16 and using linux, I was all about the "down with Microsoft" movement. But now, I realize just how much work is going to go into bringing Linux to the masses, because the fundamental philosophies of Linux are not compatible with today's end user.

      I think that Lindows is doing a good thing here, and I say, more power to them. But I also think that it probably still has quite a long way to go. When it gets there, we'll end up with something that runs on a Linux kernel alright... but it won't be Linux like we know it. That's not bad at all, because the standard user won't be happy with Linux in the slightest. That's not bad either, because Linux was made for and by power users.

      So I don't feel the need to spread the Linux gospel to non-geeks at all. I'll let someone else make his money doing that. Then again, I'm not hostile to it either... nor am I hostile toward Microsoft, except in that I'm forced to purchase their OS bundled with many standard kinds of computers. The point is: I've found what I'm happy with, and that's pretty much all that I care about.
  • by pecosdave ( 536896 ) on Monday May 05, 2003 @01:26PM (#5883258) Homepage Journal
    One of my past employers demanded that I install a virus scanning program on my Linux box that wasn't even connected to the network after a big Windows virus took out most the workstations at the company. I used it simply for reference when walking customers through fixing their own issues. Stupid stupid stupid stupid stupid.
  • I'm Impressed (Score:5, Insightful)

    by AlabamaMike ( 657318 ) on Monday May 05, 2003 @01:27PM (#5883270) Journal
    Hats off to this CEO. First off, I'm very impressed by his stance on patents. To find a CEO today that shares his vision of "non-obvious" patents is a chore. I like to think of most CEOs as "IP Raiders." Next, his comparing Microsoft's code base to a ratty housing project is also on point. It's good to be reminded how a company with both the monitary resources and marketing might can actually "mold" reality into something that shelters their position. The virus problem in Windows isn't all MS's fault, but there's more than enough blame to go around. Finally, his point on the XBox is very important, and I am enthralled to see it stated so well. Closed PC architectures are an upcoming menance, and if history is to be our guide here it's clear that we have no protection from our government(s). MS got off scot-free from the anti-trust action (something not even the Bell System was able to do.) They'll probably get away with this as well, but at least we'll have a choice with gentlemen like Mr. Robertson out there. A giant thank you to him for his response, and props to the /. community for coming out with some excellent questions.

    -A.M.

  • by Octagon Most ( 522688 ) on Monday May 05, 2003 @01:30PM (#5883303)
    I have a differing opinion on this concept of consumers having "control over their computers and the ability to decide what software they want to utilize." Surely this is not a popular opinion around here, but shouldn't we accept as legitimate the concept of subsidized hardware based on a subscription? This is most typified by wireless phones. Anyone can get a free mobile phone by signing up for a wireless service contract and agreeing to pay the fees for a specified period of time, typically one or two years. Part of those fees goes toward the initial cost of the device that the user got for free or a subsidized cost. Now even if we don't like it can't we accept that the X-Box is priced the same way? The X-Box buyer gets the unit cheaply (subsidized if you will) because of the condition that it is locked to specific software - authorized games that generate fees for Microsoft.

    Instead of arguing that consumers should have some inherent right to do as they wish with any hardware they buy shouldn't we fight for the option to purchase such unrestricted hardware at an unsubsidized price? It's unrealistic to suggest that Microsoft or any other company provide cheap, even below-cost, hardware and not recoup their development costs. And it wouldn't look like such an attractive project to get Linux running on a $2000 unrestricted version, would it? I just think it is fair to accept that it is not just restricted hardware locking you into an evil vendor, but rather subsidized hardware purchased with an explicit service contract.
    • by Anonymous Coward on Monday May 05, 2003 @01:50PM (#5883470)
      "Surely this is not a popular opinion around here, but shouldn't we accept as legitimate the concept of subsidized hardware based on a subscription?"

      Of course not, since this reduce consumers choice.

      "Anyone can get a free mobile phone by signing up for a wireless service contract and agreeing to pay the fees for a specified period of time, typically one or two years."

      In many countries like Finland this kind of stuff is illegal. That's why cell phones are very popular here:
      - you can choose a cell phone and service provider independently
      - you can replace your cell phone with a new one when you like and keep your phone number
      - you can switch to the better service provider any time

  • by pantropik ( 604178 ) on Monday May 05, 2003 @01:33PM (#5883331)
    I was expecting a lot of CEO-speak and doubletalk (redundant?). You know, "productizing" and stuff. I wasn't expecting his answers to come across as candid and conversational. He didn't "boost" Lindows nearly as much as I figured he would. Maybe I'm just easily fooled ...

    One of the questions that really caught my attention was the one about apt-get.

    Does apt-get break ClickNRun? I'd be willing to bet you'd end up with a seriously mangled system if you dist-upraded using apt, added some packages, then tried to use CNR. Does anyone know how this is handled?

  • by NanoGator ( 522640 ) on Monday May 05, 2003 @01:36PM (#5883362) Homepage Journal
    "I think it's critical that consumers have control over their computers and the ability to decide what software they want to utilize. I look at the Xbox as simply a personal computer. This is why I funded the Xbox reward."

    "Coincidentally, when I put money up for a project like this, suddenly I become a good guy with the Slashdot Community. It's cheaper than a Superbowl ad! (Plus there's a chance I'll never have to pay! woot!)"
  • by llywrch ( 9023 ) on Monday May 05, 2003 @01:38PM (#5883375) Homepage Journal
    Roblimo writes:

    >But I assure you, he wrote these answers himself instead of having them laundered by a PT team.

    Hmm. Most CEOs wouldn't think of having a bunch of PT Cruiser drivers write their speech material, but may have a Public Relations consultant or two help them write what they say. Obviously Robertson has done neither.

    I guess both Robertson & Roblimo both think outside of the box.

    Geoff
  • by nuggz ( 69912 ) on Monday May 05, 2003 @01:50PM (#5883467) Homepage
    Our goal is to do all the heavy lifting for them for a fair price and build a profitable business. If we can't offer value beyone what they can get from apt-get then they shouldn't give us any money.

    Wow a one line business plan, and a corresponding one line risk. If more companies did this, maybe the dot-com crash wouldn't be a problem.

    We should do something useful that people will pay for.
    If we don't do it better then cheaper alternatives we won't make it.
  • The root issue (Score:3, Insightful)

    by niom ( 638987 ) on Monday May 05, 2003 @01:51PM (#5883483)

    I don't understand why so many people get their panties in a bunch because Lindows runs as root. Remember this is intended to be run as a single user system, and by people who are not tech-savvy.

    If the normal-use account is compromised, what is the big advantage if it's not the root account? It would be real easy to deceive the user into giving up his root password, and that would not even be necessary to do the most damage, namely deleting/infecting/trojanning the user documents.

    What is lost to the hacker/virus if it can't get root? Not being able to run a webserver at port 80? Not something to make so much noise about, I think.

  • by gsfprez ( 27403 ) on Monday May 05, 2003 @02:01PM (#5883579)
    If Apple would fix the problem with my aunt's single-user iBook wanting a password everytime a software install comes up. That would save me so much money in time, it would be insane.

    Most users are deathly afraid when the system puts up a window telling them to do somthing and does not explain to them why they are doing it. I can't fathom what it would be like to put a Linux box in front of her. Lindows is something i'm actually concidering becuause it DOES run in root, and she can make changes and add software without having to call me to see if its "okay" to type in a password every time she wants to install something.

    of course, otoh, it does slow her down from installing 500 apps a week that she gets in spammail with executables... which is why i took her PC away from her running 98...

    The service i really want to see is $99 a year for users to be able to call Apple/some linux company evey time they have a dumb-ass question of the hour. So instead of my cell phone going off at work, Apple could field the "what's with this iPod updator window? I don't know how to close it!!!" (its quit, just like all other 100 programs you run on Mac OS X.. don't freak out, damint.)
    • by pecosdave ( 536896 ) on Monday May 05, 2003 @02:11PM (#5883690) Homepage Journal
      I would pay $99 a year not to have to

      1. locate obscure libraries everytime I want to install something

      2. compile obscure libraries that require me to download more obscure libraries everytime I want to install something

      3. Install more Gnome components every time I want to install an application that doesn't appear to be a Gnome app for use on my KDE system

      4. Compile every program I want to use because binaries aren't available for my distro, but they are for Red Hat, oh did we mention you're going to have to download and install some obscure libraries for that?

      Ahhh!!! I don't have broadband at home anymore since moving, and my notebook doesn't have the hardware I need to do what I want, so my software update cycle goes something like

      1. decide what I need
      2. "borrow" company bandwidth to download it to my notebook
      3. Copy software from my notebook to my home machine
      4. Find out I need obscure libraries
      5. Go back to work, get obscure libraries, source only, binaries not available
      6. Take libraries home, not able to compile because they require more obscure libraries
      7. Go back to work, get more obscure libraries, different distro. Install anyways
      8. Move files from other distro to proper place in my system
      9. Fail to compile, need newer/older version of obscure library.

      Grrrrr. I like Linux, but Windows has its temptations.
  • by Squarewav ( 241189 ) on Monday May 05, 2003 @02:07PM (#5883648)
    but, I kinda agree with the root issue, when I use winxp I run it in single user mode (i.e. as admin) why? you ask couse I want to be able to put files anyware I want, c:\downloads c:\shared d:\movies ect.. I dont want to fuck around with file permissions or having everything stuck in "My Documents" much less login as admin just to install software. I know what your thinking "But you'll get viruses up the ass", you know what for the past 8 years that I've been useing windows, I have never gotin a windows virus( knock on wood). When I run linux however I do have a user and root acount mostly couse many programs bitch if you try running as root
  • virus protection (Score:3, Insightful)

    by skt ( 248449 ) on Monday May 05, 2003 @02:07PM (#5883650)
    That is a good interview.. an interesting find about the virus protection too. I think this goes to show that the average computer user and the media just do not understand the basics about computer viruses. I see this quite a bit, where users are deleting jdbgmgr.exe and wondering how somebody got access to their email and sent bulk messages (klez). I wouldn't expect the average email-sending, web-browsing, .doc-writing user to understand technical details about viruses, but maybe there is a problem here?

    The media doesn't help much either, by making announcements without consulting someone before warning their viewers/listeners about the latest virus threat. Also, ignorant or uninformed techs can be quick to blame every problem on a "virus" when they do not know the answer to something.. And then there is the word of mouth method that Robertson mentions.. I had not thought of that one but it makes a lot of sense.. uninformed users telling each other of how their computer was destroyed by a virus when in fact the computer may have stopped working for other reasons.

    So as a result, virus scanners seem to be required now to operate a Windows computer.. even inside of corporations where email is scanned at the mail-server level. I would say that scanners for other systems are probably not required yet, but they will be if the platform ever becomes popular. Linux-based systems have a lot going for them though to make viruses less of a threat right now though, fragmentation of communications software and better security histories for some of the more common ones (mozilla, netscape 7) come to mind.

    My opinion on scanners for the corporate desktop is that the users should not know that the scanner is there. Any modern scanner can do automatic updates in the background.. nobody is going to see it or messages from it unless some virus manages to sneak passed the email server which scans for viruses and is updated even more frequently than the workstations. The only kind that have been bypassing the servers that I have heard about are the social, hoax viruses.. jdbgmgr.exe and such.
  • Is it just me? (Score:4, Interesting)

    by ArhcAngel ( 247594 ) on Monday May 05, 2003 @02:21PM (#5883808)
    Or are there some EXTREMELY angry/anti-Lindows posters today? I understand the underlying issue about why it is unwise (Insane) to make the default account root but I completely understand why he says he does it that way. If you really stop and think about it how many people (non technical) do you know who would ditch Lindows in a heartbeat if they couldn't do something they currently can do in Windows. They EXPECT things to work like windows. Just like they EXPECT to have anti-virus software. A few years ago, when the Melissa virus stormed the net, I worked in a Novel/Lotus Notes environment. We got phone calles ALL DAY LONG for several weeks from people saying they were infected with Melissa. I had to explain to them that since Melissa only affected MS Outlook they couldn't be infected but were simply receiving emails from people who were infected. Many of them still insisted I come look at their systems. That is why Lindows works the way it does. No geek in their right mind is going to be enticed by this distro because it was NEVER EVER EVER targeted at you. Stop whining that it perverts Linux/OSS and help them succeed where every other attempt has failed. Is it so wrong to expect payment for services rendered?
  • by zulux ( 112259 ) on Monday May 05, 2003 @02:26PM (#5883856) Homepage Journal

    Let's see:

    He selles a decent computer for $200 bucks.
    He sponsors the XBOX hack.
    He thinks that consumers *OWN* their own purchases.
    He's helping the public to get aquainted with Free Software.
    He fights the bogus Winodws trademark.
    He thinks one-click patents are stuipd/silly.

    He'd be welcome in my house for a beer.

    • by Xtifr ( 1323 )
      For example, see this message [debian.org] on the Debian-Devel-Announce list, where it mentions that Lindows is providing 4.5kUSD to help support a Debian conference. (HP, Trolltech and O'Reilly are also mentioned.)

      He'd be welcome in my house for a beer.

      Mine too. Heck, I'd probably offer him snacks to go with it. :)
  • by rice_burners_suck ( 243660 ) on Monday May 05, 2003 @02:33PM (#5883921)
    The point is this: There are big organizations like Microsoft, the RIAA and MPAA around, whose management thinks their company has a God given right to eternal perpetually increasing profits. When they don't make "enough" billions of dollars, they make up for it through court litigation and by getting all kinds of Big Brother legislation passed, like the DMCA.

    Free Software is one of the keys to placing control back in the hands of those who should have it: The consumer. The more installations there are of Linux, BSD and anything else that is free and open, the better off the consumer will be, if only because the overall community has more power to avoid getting locked in to Microsoft solutions that are all designed to keep you stuck to their products.

    Lindows is definitely a good thing in this respect. There are issues (technical, political, intellectual or otherwise) that you might not like to use Lindows. Perhaps you don't want to run as root all the time. But consider this: IT IS IN YOUR BEST INTEREST THAT AS MANY PEOPLE AS POSSIBLE USE LINDOWS, root or not. Juan Q. Público is never going to care about the "nuances" of computer science.

    As recently as last year, I tried to help out a medical doctor who is a relatively technology literate businessman. I explained that I should do this and that to set up a reasonable security policy, which will require that he change somewhat the way his staff uses their computers at his clinic. Fully knowing the problems of computers, he told me in so many words, "I don't care about security." That's right. All of this stuff (software, computers, security, passwords, etc.) doesn't mean jack to him. He wants his business to be successful and gain value. If he has to spend a few thousands each year to correct problems, that's acceptable as long as the risk is relatively low in comparison to that of incurring overhead due to security requirements. The best security is frequent backups anyway. Everything else is just there to prevent more sophisticated attacks, which won't so badly affect home users. They already have gigabytes of shit on their computers... all kinds of sounds and videos, viruses, porn advertisements, "enlarge your penis" SPAM containing viruses that they click on anyway... it couldn't get much worse than that, root or not.

    So, yes, security will remain a huge problems in computing for a long time to come, mostly because most people don't know or care enough to do something about it. When they lose their data and come crying to me, I'll continue to say what I've repeatedly said for ten years: "Did you make a backup of your data? No? Well, the only way I can fix this is to blow everything off your hard drive and reinstall everything. Sorry." C'est la vie.

    They want virus protection? Give 'em virus protection! No viruses in Linux?! Oh, well... just put in a framework that runs fsck in the background once in a while to make the disk spin. A false sense of security might be the root of all evil but at least it will make them feel better about using Linux instead of Windows.

    It is STILL in our best interest, though, that more people use Linux. It will create a market for us developers to make a profit. It will create interesting challenges in figuring out security policies that benefit the user without making computer use any more difficult. It might require that we rethink security altogether and come up with methods different from those we use now, which would perhaps be more flexible and powerful. Who knows. But the important point is that in order for this wonderful thing to continue, fucked up legislation like the DMCA needs to stop happening, and for that to happen, Linux needs to gain in power, whether by smart computer scientists or stupid shmoes like Joe Sixpack.

  • by WebCowboy ( 196209 ) on Monday May 05, 2003 @02:40PM (#5883996)
    To a /. reader I'm sure this is far from a profound insight but it's refreshing to see CEO's who are clued in:

    Microsoft wants to move to a world where THEY decide what software a computer runs because that will allow them to extract the most money from consumers. They'll position this product with a comforting sounding name like "trustworthy" computing and tout the benefits [...] It will ultimately give Microsoft control over a user's computer. This is why we do not, in any way, limit what software users can install.

    The fact that Microsoft is leading the charge in this direction is somewhat ironic. Microsoft rose to prominence based ENTIRELY on an industry that came to being because of enthusiasts who believed in bringing availability and control of computer hardware and software to the masses. The personal computer was invented chiefly to wrest control of computer resources from institutions (and their black-suit and white-labl-coat cladded minions) and place it in the hands of the end user.

    Nearly 30 years ago, computer users had to pay through the nose for timeshare services what was allowed was decided based on corporate policy and the whim of system administrators (and even the mainframe vendors!). Running your process or batch on the big IBM iron was a privlige you paid dearly for and you were grateful for it (kinda sounds like grandpa walking to school barefoot in the snow but it was kinda true). Computer enthusiasts were tired of it and brash upstarts provided hardware (MITS) and software (Microsoft) they could purchase and use as they saw fit.

    Fast forward to today. What a sad situation when a once brash young upstart--one that totally owes its successful existence to PC users past and present--turns into the "enemy" and betrays its customers by angling to control what people can do with the machines they own.

    Microsoft is becoming a throwback to the 70's and earlier--like the companies that sold mainframes or timeshare services that called all the shots. With the arrival of the PC revolution none of those companies were the same again (and most don't exist at all). Microsoft has always been good at looking out for competition and the next big thing, and when they miss the boat (as they did with the Internet) they'd hop a raft and paddle out to it to stage a mutiny. I wonder if they're losing their touch now. They're responding to a new threat with an old business model.

    And--irony of ironies--it looks like IBM is clued in enough to be a willing player in the game (even if they still are heavily invested in mainframes and proprietary computing).

    Interesting times...
  • This is not a distro targetted at advanced users. As a pretty advanced user, I'm not going to be using Lindows (I installed Gentoo a while ago...that'll put hair on your nuts). Let me check...yep, just making sure, there is no law mandating that any of us 133t's have to use it. Phew. Freedom of choice still exists. But this company is doing a good thing. Incidentally, it's refreshing to see a CEO out there who doesn't use newspeak and cares about something other than $$$$.

    Try to understand -- he's not making an OS for advanced computer users. He's not taking away the option to create user accounts. You want an account -- you can ADD one. By the way, all you jerk-offs should NOTE that when you finish installing Gentoo -- a pretty technically orientated distro -- there IS NO USER. ONLY ROOT. That's following the protocol of the install-guide. Look at the Gentoo Install Guide. Nowhere along are you forced to create a user-account, and the install guide doesn't even cover creating a user account, though it does suggest doing so, and references you to their FAQ (I've recommended that they cover how to create a user account at the end of the install guide). So, if you're going to bash Lindows for not having a user/root separation by default, you can only do so consistently if you also bash Gentoo. If you choose to bash Lindows but not Gentoo for this, then you are a hypocrite and are just doing this because you want to bash Lindows because it's easy.

    Now, maybe Lindows install process should at some point prompt the user, "Do you want to create a user account?" with no default (I say no default, because if there's a default hard-liner jerk-offs on either side are going to bitch). There would be a Yes and a No option, each explaining the merits of both approaches. Simply put, the word "Easier" should be placed next to "No", and "More Secure" next to "Yes". Because average user's are incapable of reading long paragraphs (see Joel on Software), just leave it at that simplified explanation. Alternatively, Lindows could go the Gentoo route and simply advise users to create a user account after the OS is installed, maybe bring up a step-by-step wizard for how to do it after initial install.

    Now, I feel that Robertson has done some good things with Click-'n-Run. I naturally think it would be better if it's GPL'ed, but these guys are a business and have to have some model for making money. Click-'n-Run is their model. They will make money because people will pay for the Click-'n-Run service, and also through their contracts with Walmart (in addition to selling Lindows). If you can think of a way for them to GPL Click-'n-Run and still get $99 a year from people who use it, then please SUGGEST that. Since Robertson wants to have good community-relations, I'm sure he'd appreciate it. He has blatantly said that his business model relies largely on Click-'n-Run succeeding, and that means $99 from it per year for customers using it. The only thing I can think of would be adding a portion of code to Click-'n-Run that only allows it to be run if the user has paid the $99 for that year (by checking some database, whatever) and distributing it under a modified version of the GPL with an additional clause specifying "may not be redistributed/modified with that check disabled".

    In regards to other areas, I think he's pretty-much on the 8-ball. Very good analysis of patents -- btw, what moron asked him the question about patenting Click-'n-Run? There was never anything to suggest Lindows wanted a patent on that. And what group of crackpot moderators moderated that one up? There could have been a more useful question posted.

    Quite frankly, I think Robertson has a good plan to bring a GNU/Linux distribution to more home users. This means more exposure for GNU/Linux, which means more users will know how to use it, which means more software support and more hardware support, and probably more FS and OSS. Because of the commonalities shared by all GNU/Linux distributions, it will be beneficial for all distributions.

    All that said, I think that Lindows would be better off using WindowMaker as their WM.
  • by talks_to_birds ( 2488 ) on Monday May 05, 2003 @03:02PM (#5884245) Homepage Journal
    "...Most security compromises are external attacks, not root vs. non-root issues. ..."

    This evades the real root versus non-root user issue, and suggests a major ignorance of the *NIX operating system family.

    root is all-powerful.

    For a beginning user, this power can be absolutely fatal.

    I started in UNIX in 1985; I've been working with Linux since the mid-90's; just 6 weeks ago, while working too hastily as root and with the indiscrminate use of a dot and a star, I managed to chown an entire file system to that of a mere user.

    It wasn't the archtypical rm -rf * but it had an equivalent effect: all the files are *there* but almost nothing worked...

    That's the real issue of root versus non-root: too much power, used with too little thought.

    Poof! All gone!

    How's the beginning user ever going to understand what went wrong? And if they do it once, will they ever come back to Linux again?

    t_t_b

    • Excuse me, but what novice user will be playing around with chown? And since there's only one user and he is root anyway, what possible damage can he do with chown?

      In fact, Lindows seems to be aimed at people who want point and click rather than a command line interface.

      How is this worse than Windows 98 or XP Home, where there is only one user, and that user is "all-powerful"?

      I don't get it. Why this attitude towards doing something which is uncommon in the Linux world? He isn't aiming his product at

  • Fair Enough (Score:4, Interesting)

    by SomeOtherGuy ( 179082 ) on Monday May 05, 2003 @03:11PM (#5884344) Journal
    Kudos to him. Well informed, spoken, and fair answers. I do not have to agree with them all to sympathize. Anyone who has had to offer "support" to a non-computer type in your family or circle of friends can sympathize with trying to do away with as much confusion as possible. (and like it or not, in a single user desktop environment -- having to login or su as root in order to install programs is crazy.) I guess I would lean more towards a system that installed "after rollout or 3rd party apps" into privdir's (or home directories) by default rather than giving full root....because diskspace is pretty cheap anymore -- and in a typical home user environment (single user) the chances of getting the same app installed 20 times in 20 different privdirs is minimal anyhow.
  • by dboyles ( 65512 ) on Monday May 05, 2003 @03:45PM (#5884701) Homepage
    #!/bin/bash
    echo "Scanning for viruses..."
    sleep 360
    echo "Virus scan complete! 0 viruses detected."
  • by Newer Guy ( 520108 ) on Monday May 05, 2003 @04:52PM (#5885302)
    There's one flaw in most of the posts I see here. Most of you (with a few notable exceptions) talk this guy down because he does things like using root as default, sells a virus scanner, has a built in firewall, etc. One even asked: " Why the need for a firewall when you can take an old machine, put XXX on it, configure it as a firewall, etc.." The operative word here is YOU. Maybe YOU can do that, but the average consumer shopping at Walmart.com both CAN'T and WON'T do that! Like it or not, computers are mass market items. Microsoft saw this many years ago and made their OS a mass market item too. They even essentially got rid of the DOS command line. Lindows is trying to do the same. Geeks have to ask themselves this: Do I want Linux to become a mass market OS or do I want it to remain a geeky OS?. If your answer is the former, then you MUST EMBRACE Lindows and others like it!! If your answer is the latter, keep running with the command line! Personally, I think there's room for both!! As such, though I run Red Hat on one machine (and spent hours trying to make my on board sound work, only to give up in frustration and spend 50 bucks for a SoundBlaster card) , and Lindows on another (and it found and configured the sound in about 30 seconds), I consider them both to be Linux, and I respect both Red Hat and Lindows for the different, yet so similar things they are trying to do for Linux.
  • If Mr. Robertson really wants a financial app that can do online banking, the easiest way to do so is to fund GnuCash development and, equally importantly, help persuade some financial institutions to work with the GnuCash developers so that they can get online banking support up and running.

    Back in the day where some of the GnuCash developers (myself included) were employed by a company, we considered where to focus our efforts. Basically, we had to concentrate on business stuff because that's where we thought there was going to be cash (it didn't turn out that way, but that's another story and not really mine to tell). If somebody had have come along and said - "here's $BIGNUM (or even $MODERATELY_BIG_NUM), we'll schmooze some financial institutions for ya, now go implement online banking and make it work seamlessly", we could have done it (as some of the other developers have demonstrated in Germany with their online financial transaction standard).

    The opportunity still exists if somebody wants to take the ball and run with it.

Happiness is twin floppies.

Working...