A interesting read, IMHO, I found myself agree with pretty much everything written. Anyone got any opinions about it?

How Windows users are changing Linux and what we should do about it (http://linuxcanuck.wordpress.com/2008/12/03/how-windows-users-are-changing-linux-and-what-we-should-do-about-it/)

That was a very well written article. I also would agree with most of what was written. It raised several points that I hadn't thought of such as learning the history of Linux and knowing why things are the way they are. That it is that way intentionally. I liked that the author advocated for making educated responses to the newbies and to the seasoned critics alike and that emotion should be left out as it doesn't further the discussion. Most pieces covering the pros and cons of Linux don't take that approach and do allow emotion to drive a large part of the discussion.

My comment:


Here's a comment that struck me as particularly ignorant... and typical:

<blockquote>while you’re still dicking around with the command line, I’ve done my days work and gone home… c’mon Linux.</blockquote>

Seriously, you're never ever going to convince me that this person knows dick about the command line, or Linux for that matter. We've got some awesome GUIs, from fluxbox to the emerging KDE4, but the thing that we have that they don't have is a really powerful command line. A desktop user isn't going to be required to use the command line, therefore the command line is all advantage. There's no reason to use the command line other than it cuts through dull repetetive tasks like a hot knife through butter. The gui means that anyone can use it, the command line means that a long-term user can grow in power over a period of years... and THATS the best of both worlds.

The challenge is that Linux's greatest advantage is something that most people just don't understand, because Microsoft has been in charge of their computer education. Everything they know about what an operating system is supposed to be has been taught to them by Microsoft. Take Muhammed Ali in his prime, and take Jerry Seinfeld. Ali (who actually appeared in a couple of Linux commercials) represents Linux. Seinfeld represents Windows. Ali can easily take Seinfeld in the ring, of course, but right now, it's more like a Jerry Seinfeld look-alike contest.

Bottom line, it's going to take care of itself. Linux's strength is that it's not a business, therefore it can't be driven out of business. We're going to be around long enough for the general ignorance to be overcome, but it's going to be a long time. It may seem like we're stalled, but going from one percent to two percent of the desktop market (or from a half to one percent, the numbers vary) represents explosive growth, and Linux is viable and exciting, and all over the server world.

KDE4 is going to show the world that we're so much more than just a command line.

It is “chaotic” in the way it handles configuration files, therefore it needs a central registry.

If for some reason the developers ate too much acid and decided this was a good idea, it would be one of the few things possible to make me leave the OS. I HATE windows registry.

It is a well written article that I can agree mostly with. It goes along with what I have asked before. That is, who cares if the vast majority of Windows icon clickers move to Linux?

Ok, there would be two good results. Manufacturers would have to support Linux with real drivers. And spam would drop off when the number of zombies disappeared from the 'Net.

Or, maybe not. How long before some book called "Linux for clueless Windows users" tells them how to surf as root so that they don't have to deal with that pesky security stuff?

If the average non-technical user moves to Linux, they WILL demand that it become easier and more user friendly (i.e. have less security) and distros will arise that do just that. Look at Ubuntu - just like XP, you can plug in a flash drive and walk off with that persons entire home directory - by default. Fortunately, so far they can't suck out the entire hard drive without the password, unless it is set to something like 'password'. Which it would be on the systems of most of my friends.

So from a selfish standpoint, what do WE get out of converting the entire world to what we know is the best OS out there? Probably just Windows by another name.

BSD anybody?

Konan

The article reminds me (somewhat) of this one:

http://linux.oneandoneis2.org/LNW.htm

:)

If the average non-technical user moves to Linux, they WILL demand that it become easier and more user friendly (i.e. have less security) and distros will arise that do just that. Look at Ubuntu - just like XP, you can plug in a flash drive and walk off with that persons entire home directory - by default. Fortunately, so far they can't suck out the entire hard drive without the password, unless it is set to something like 'password'. Which it would be on the systems of most of my friends.


If someone has physical access to your (anyone's) computer they've got access to any file, wheter file permissions allow it or not.

People who need higher levels of security usually knows how to configure their computers, or have ppl who know how to do it.

If someone has physical access to your (anyone's) computer they've got access to any file, wheter file permissions allow it or not.

People who need higher levels of security usually knows how to configure their computers, or have ppl who know how to do it.

Of course. But notice that I said non-technical persons.

And the problem is that very few people who use windows know how to configure their computers. Or even know what the word "configure" means. Or even care when you tell them that their computer/data/personal info are open for reading to the whole world.

And I agree with poster "trilarian". The day that Linux get the equivalent of the Windows registery is the day that I move to BSD or something. That is like giving tanks a big glass window so that the crews can see out more easily.

Konan

I dont wanna start a flamewar here or anything but I do think your views on security are a bit flawed.

Passwords are worst kind of security ever. Why? Well because it doesnt matter if your password is 'betty' or '45xYR;;:[{bla' it's still only one layer of security that is easily beatable simply by asking for the password (and this happens alot more than you think). Or, better yet simply writing single on the kernel line in grub at boot, and belive me that works on most distros.

Let's say for arguments sake that it's not possible to mount a usb drive as a normal user. Go into the bios and set it boot from usb or cd. Pop in your favorite live cd or usb stick, boot and voilá every file on the hd is accessible. If that doesnt work remove the harddrive, take it with you and mount in your own computer. Moral of the story, physical access to your (anyone's) computer they've got access to any file, wheter file permissions allow it or not.

Text files vs. registry, security through obscurity
The registry in windows adds a simple layer of security to your system, simply because it's not very userfriendly (or even very maintainble at all). Let me also add here that I'm not a fan of the windows registry, actually it makes the hairs of my neck stand even thinking about editing anything there, and I do computer repairs for a living. As on any linux you simply can open any conf file with a text editor plus its easy to understand compared to HKEY-whatev. Not very good security but still another step someone has to understand.

When talking real security; physical access, house fires, mechanical failures and backups are the big issues. Users will be taught good and secure ways of handling files and how to act when asked questions about their work, passwords etc...

For the average home user security isnt such a big issue since they rarely handle sensitive information and if they do read previous paragraph. The biggest concern for home users is backups, it's easy and cheap to replace a faulty harddrive but alot more challenging and expensive to retrive the data from them. Having automounted usb drives helps this alot more than having to write passwords, which they will write down on paper which totally defeats the purpose. Again passwords are the worst kind of security.

Sorry for the long post :)

:eek:

wow!!!

fascinating read. :)

i wish i had more to say than just that. ;)

@con:

I see where you are coming from, but I don't think the registry is really giving you anymore security. I can take a generic windows NTFS drive out and put into my computer and read it the same way any Linux partition can.

Really, the is no way to be 100% secure if the intruder gains physical access to your drive. However, a good start is encryption. Depending on *how* secure you need it you can build layers (both physical and code). The classic example is to have a partition with a fake OS install that is not encrypted and encrypt your real OS in the empty space so that it appears to be random bits. You can also password protect your bios, put a lock on your case, etc.

I guess if you were engineering inclined (and that paranoid) you could build a custom case that has a massive electromagnetic shaft that resides around your hard drives. If the password (for encryption) is entered wrong x times or the case is opened without a proper secret key press, then zap the drives with a massive electromagnetic wave to disrupt any data (and use a capacitor to store a single charge in case they pull the plug first).

However, how many people really deal with something that needs that level of security at their house? If its work, and you need a government security pass to work there, then you can be sure they have the building itself locked down. So... the real reason for file permissions is not to prevent a user with physical access to your drive from reading your files, but to prevent other users or illegal remote users from reading your files. Say you have files for root, x, and y - with y being the generic account you run things that don't need root access. It is conceivable that a remote intruder or local user could gain access to that account via a bug in a program ran as that user. At least at that point that intruder doesn't have full access to your computer and there is a chance you will catch the intruder before he/she gains root level access. If you ran everything as root all the time, you have removed that layer. Linux tries to stop this right at install time... How many windows users do you know that login as Administrator or have their user name in the Admin group?

This article is proof that the typical "linux guru" (as the author puts it) wants the "windows newbie" to have absolutely nothing to do with his precious operating system! The author is obviously insulted that a "windows newbie" would expect his/her computer to operate in a "point-and-click, drag-and-drop" fashion. He implies that all Windows users are stupid and lazy because they are unwilling to learn the wondrous complexities, which is Linux. Even if I had never heard of Windows before, I would be insulted by such arrogance! This is why Linux "gurus" are not-so-lovingly referred to by Windows users as: "fanboys".

But more than that; the author repeatedly displays his hypocrisy, when in one breath he acknowledges that Linux is open-source, saying "anyone, even Microsoft has the right to create their own distribution"; then in the next breath, he openly calls for "a revolution" against people trying to make the OS into something he doesn't like! Spoken like a true twelve-year-old!

But, to the main point of the article... "Let's stop windows newbies from hijacking our OS"... Well... From what I can see, most Windows users who have tried Linux weren't all that impressed; so I don't think there's going to be much of a problem in that arena. And, FWIW, Micro$oft doesn't see Linux as much of a threat at all.

FWIW, I am a former Windows "guru", now running Linux (i.e. "windows newbie"). I made the switch (at least on this computer) because I didn't feel like wasting yet another fortune upgrading my hardware AGAIN. So I came here for certain answers; because.... On the front page of this website, it says: "We invite you to peruse the huge online forum, where you can get your questions answered in a helpful manner from users who have been in your shoes before!" But, when I saw this article, it put me off (like so many similar articles); as this type of posturing is in no way helpful to anyone! So, I felt compelled to join this forum (if for no other reason than) just to tell anyone who might agree with this article to GROW UP!

@nunyabeezwax
This is linux, don't take it so personnaly...there are just too many bloggers.

FWIW, I am a former Windows "guru", now running Linux (i.e. "windows newbie").

You don't sound very Guru'ish to me, Windows, Linux or otherwise. This thread is clearly a request for opinions on an article, in a non-technical category that is for such posts. Just like you will find on innumerable Windows forums if you have surfed for very long. And if you are surprised that many Linux users are very outspoken on their OS, then you definitely haven't browsed Linux outposts much. We like our OS and most of us don't want it to change to what we have spent years getting away from. Besides, if you stick with Linux long enough to become even partially guru'ish, you will find that you will also begin to have the same outlook as us.

That aside, over in the technical threads you will find plenty of friendly, non-MS battering, Linux help that is measured to whatever you indicate your Linux expertise level to be.

Go over to an Apple forum and post something along the lines that Vista, Xp, Utuntu (whatever) works better than Leopard. Now THERE is a way you can start a gen-u-wine flame war.

Welcome aboard.

Konan

Go over to an Apple forum and post something along the lines that Vista, Xp, Utuntu (whatever) works better than Leopard. Now THERE is a way you can start a gen-u-wine flame war.


LMAO. must...resist... :D

Linux has definite advantages over Windows, this is certain. But this article does nothing to highlight these advantages. It merely tries to portray "windows newbies" as unwelcome invaders, who are too stupid to understand why Linux is what it is. Like I said... Your own little club.

Yes, we Windows users love our point-and-click. But, if one really gave the question some consideration, one might realize that 9 out of 10 people would want nothing to do with a computer if they had to do everything from the command line. Most of the world, today, is sold on the general Windows philosophy: "It's so easy even a Grandmother can do it!". Well, now that "it's so expensive, only a millionaire can do it", people are going to start switching to Linux in droves. And you can bet your sweet a$$es they're going to want things to work the same way they always did... because, lets face it: 9 out of 10 people aren't going to spend the rest of their lives reading tech manuals!

And there are going to be people who will try to re-engineer Linux for the great unwashed masses. They will dumb-it-down and bloat-it-up so that grandma can do her point-and-click Christmas shopping (Ubuntu is well on it's way to doing exactly that). And they will turn-around and try to sell their creation to the highest bidder, because that's the nature of a free market! To complain about it is not only unrealistic; but futile. It's all about the money, baby!

Not to feed the trolls but...
Yeah, well they'll be paying for any support they get because I'm certainly not going to waste my time trying to help ungrateful people on the forums. I don't recall too many Lindows/Linspire issues being solved on forums either.
It's not that it's "Your own little club"... the people who make that complaint are the same ones that come off like pushy freeloaders.

LoL!!!!! Troll, am I?! I reply to a post that does nothing but belittle people like me, and I'M the troll???? Lmao!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!


You phuckers crack me up!

Wow...I just wanted opinions and I can see this turning into a nasty troll/flame war, no I'm not calling you a troll nunyabeezwaz just pointing out that both sides can get into the habit of trolling/flaming if they wish.

However saying that...
It's all about the money, baby!
Which is exactly why all of us here are spending our time helping people out by answering questions, or by improving code...if it's all about the money can I get a JL paycheck? Or a SourceForge one? Or a Gnome one? Thousands of hackers are hacking away in their spare time to make something usable by everyone. It really isn't all about the money, if you sincerely believer this you have missed the point of Linux and OpenSource.

Can someone do something before we have to get out the billy goats and asbestos suits?

nunyabeezwax

You phuckers crack me up!


Who sounds like the twelve year old now?

It really isn't all about the money, if you sincerely believer this you have missed the point of Linux and OpenSource.

I know what open source is all about. I'm saying that if people (windows users, specifically) are going to change Linux (the article's main premise), it will be about making money. It always is.

There are a few points in the article that I agree with; like wanting to preserve the open source model (which may be the modern equivalent of trying to save the Arawaks from the Spaniards).

But, for the most part, it's just an attack on (former) Windows users; saying that we threaten the very nature of open source, because we're all stupid and lazy. Is that your position as well?

As for "wanting comments", I think mine qualifies. Or are comments strictly limited to what the community agrees with? If so, I can go play somewhere else.

But, for the most part, it's just an attack on (former) Windows users; saying that we threaten the very nature of open source, because we're all stupid and lazy. Is that your position as well?
All stupid and lazy, nope that's not my position I try not to make generalisations when ever possible. Windows users who think for Linux to be successful it should be like Windows, yes I'd say they're stupid, and have missed the point.

The changes Windows users want, from my experience, are stupid from a technical and usability stand as they want Linux to work in a Windows way (none of the pesky business with only allowing 1 admin/root user that Linux suffers with). Usability tests have shown that Windows, when compared to Linux (Gnome from what I remember), is less intuitive so is changing in that respect what's best for Linux, the DE, distro and users? Or are we allowed to say 'you know what, I actually know better in this case, so listen to what I have to say and you'll probably find it works better. If not, you can always go and do something about it.' What Windows users need is a bit of re-education.
As for "wanting comments", I think mine qualifies. Or are comments strictly limited to what the community agrees with? If so, I can go play somewhere else.
I don't recall saying anything about your comments, I do however recall saying that both sides in these debates can be trolls and flamers. If you're trying to say that I was insisting that you must agree with me or the community or be called a troll then please read what I write before commenting on it.

What Windows users need is a bit of re-education.

Well, now you see, THERE'S my problem with the whole article! I don't think I should need a re-education. Linux is an Operating System... It should Operate.

The whole reason I am here, is to get an education. But I am not the average person, in that respect. The average person is not going to want re-education. Notice I did not say "Windows User". That's just how most people are... they want to turn something on and have it work. I'm the same way; and I've spent the better part of the last 10 years making people's Windows computers do exactly that... just work! And, FWIW, many of those people have been using Windows just as long as I have (if not longer).

And, you're right; the average Windows user wants nothing to do with administrator accounts, firewall rules, etc... But that's not because they are "Windows Users"; they are Windows Users because that's the way they want it! [well, that, and the fact that Microsoft has an enormous advertising budget]

Linux users (or should I say aficionados) are the exception to the rule. They want to tweak and tinker with everything. The command line is their ally, not their nemesis. Windows has a command line too; only few use it. Windows also has administrator accounts, firewall rules, etc... which most of it's users go to great lengths to circumvent! Why? Because they don't have time for all that! They just want to turn it on, and go. And, yes, this total disregard for system security is the major cause of all their headaches. But, again, it's NOT because they are Windows Users... It's because they are people.

But, I'll guarantee you that if someone changes Linux into whatever it is that all of you seem to be afraid of, it WON'T be a Windows user that does it. It will be some purely profit-minded Linux user, with the sole intent of selling his product to the great unwashed masses. It will be purely circumstantial that most of those masses were once Windows Users.

Oh... And I don't think Linux in it's current form will ever be all that successful. Success = Mainstream, and that (judging from everything I've been told) is what it's advocates fear the most.

I agree with most of what you're saying there but I just have 2 point...

1: The whole Windows users need re-education thing. I can't remember where I read this, but it makes the point very well...

We have 2 pilots, pilot A and pilot B both of who are fully quilifed and can fly their planes without any problems. Pilot A works for BA and flies jumbo jets, pilot B is a pilot in the RAF. Can they swap roles or is some further (re)education required? Just because both are OS it doesn't mean they should act in the same way, they do operate. If they all operated in the same way we wouldn't have a need BSD/Linux/Windows/Unix, we'd just have a OS.

2: I have no doubt that someone will (try to)create a Linux distrubtion what behaves in the way I (and others) fear, running as root etc. But I don't see why you're set on saying it'll be a pure profit Linux user, maybe it will be time will tell, but if anything recent history has shown us it will be a Organisation that does it, granted they'll hire Linux devs to do it, but everyone needs their bread. Anyway at the end of the day, if there is a Linux distro that turns out to be a Windows released under the GPL it won't affect me beyond having to answer more "I've got this virus how to do I get rid of it" questions. Every computer user will continue to need re-education because forms of attack will continue to advance and anyone that doesn't is doomed to having their credit card numbers / identity / data / what ever stolen.

Oh... And I don't think Linux in it's current form will ever be all that successful. Success = Mainstream, and that (judging from everything I've been told) is what it's advocates fear the most.
Really? That's what successful means? Maybe I need a new O.E.D then? ;)

[EDIT]
Oh, btw mainstream is a interesting one...do we mean mainstream in the server market? Desktop market? Highend computing market? Embedded systems? Realtime systems? Sucess and mainstream are very selective words :)

I just realised...O.E.D = Oxford English Dictionary for those who don't know.

We have 2 pilots, pilot A and pilot B both of who are fully qualified and can fly their planes without any problems. Pilot A works for BA and flies jumbo jets, pilot B is a pilot in the RAF. Can they swap roles or is some further (re)education required?

Now who's missing the point? The real question is "Which plane will Aunt Sally feel more comfortable flying when she takes her Christmas vacation?" Because, THAT's who we're really talking about here... Not the pilot (the administrator); but Aunt Sally (the user). THAT's who you have to program for.

You're looking at the Operating System from an administrator standpoint. But how many administrators really come here looking for help?

I'm no Linux guru... My area of expertise is Windows. But from what little I know of Linux so far, I am compelled to say that Linux is a LOT more complicated than Windows; at least from a user standpoint. Don't get me wrong; I love that I can get this machine to do pretty much anything I tell it to, and at half the power of my machines downstairs. But Aunt Sally could NEVER fly this bucket!

But that's not what set me off to begin with. Literally, it was "Windows users need to stop trying to hijack our OS", and the authors obvious lack of understanding of what Open Source really means. For one, it's not HIS OS to cry about: and 2; Open Source means that we're ALL free to do with it as we please; even if that means changing it into a Windows clone, and putting Bill Gates portrait on the cover! What pisses me off is that someone would tout open source in one breath, then berate anyone who might want to change it in the next. THAT is pure and simple hypocrisy! But more than that, it angers me the amount of congratulations he received for saying it in the first place!

By mainstream, I mean "something that everyone can agree upon how to program for". Many call those "standards", and it seems to be what you guys hate the most.

Can Aunt Sally fly the Windows bucket? Last time I check Aunt Sally was so bogged down with viruses/malware because she couldn't fly the bucket that I had to take the wheel, the administrator. I've given people with no technical skills a Linux install before and after a hour or so introduction I haven't been need to fix the machine slowing down, or this virus or that bit of malware...

Ofcourse I'm looking at it from an administrators point of view, because that's always what it boils down to, the administrator.

You may get annoyed that the author wrote that, but as the author of software I get annoyed at users trying to take my stable, secure application and making it into something less, just because they can't be bothered to learn some basics. This will always be the problem, no matter the system.

As a administator / coder I come here for help, not as often as I use to but I've learnt to fix stuff myself now especially since more often than not it's me that breaks them.

Really we hate standards? How?

Anyway we both have strong opinions on this but I'm going to withdraw before it turns into a real flame war.

I've given people with no technical skills a Linux install before and after a hour or so introduction I haven't been need to fix the machine slowing down, or this virus or that bit of malware...

No, you get to deal with kernel panic, because they tried to upgrade their word processor! :p

...as the author of software I get annoyed at users trying to take my stable, secure application and making it into something less, just because they can't be bothered to learn some basics...

Yes, but... How does a user do that, exactly? It seems to me that might require some programming skills.

Really we hate standards? How?

Maybe not you, personally. But to quote the article: "...This frustration and confusion causes Windows users to say that Linux should be more like Windows. They want to remove choice and want to see standardization..." Yep! I'd like to be able to download something, click on it, and have it actually install! To my mind, that's a good thing! And, yes, I am confused as to what the author's way might be, and how it could be better.


I'm going to withdraw before it turns into a real flame war.

Not trying to flame, dude... Just speaking my mind. Peace!

Not trying to flame, dude... Just speaking my mind. Peace!
I know, but I also know a good (lively) debate can turn into a flame war in the blink of an eye, and would like to end it as a debate if possible.

Well I live in the USA and what I've seen here is people come in from another country, for what ever reason. Maybe they can speak a little of our language, but for the most part they can't. The problem is they don't want to learn our language or way of life, they want to pass off their way of life to us and change us into where they came from. If I wanted to learn or live as one of the other countries I would move there and learn their ways, not try to make them be like me or the country I come from. Now there is nothing wrong with them coming to the USA and making a life for themselves, but if they chose to move here then they should be willing to learn the language and ways of this Country.

Yeah, but we're not talking about learning languages; we're talking about computer operating systems. The whole idea of an operating system is that it does the operating for you. In other words; IT takes care of all the foreign stuff, so that WE can get to work using it in our OWN language.

Are you people really trying to tell me that Aunt Sally is shirking her responsibilities because she hasn't yet learned the purpose of chmod? Maybe she also shouldn't be allowed to drive a car because she doesn't know how a transmission works. Or maybe she shouldn't be allowed to use a cellphone because she doesn't understand the grid? That sure as hell sounds like what you're trying to say... and what the article was trying to say! That's what pisses me off!

they want to pass off their way of life to us and change us into where they came from.

OT... I seem to remember something like that happening between a bunch of English folk and some local Aborigines... I believe they called the final result "America". :p

Windows power users need to stay with windows. When they leave their comfort zone shrill posts appear, disturbing the force :)
I have several "aunt sally" types running a variety of linuxes here with no trouble at all. Ever.
Many call those "standards", and it seems to be what you guys hate the most.
I expect better bait than that from a power user.

new here, registered just cos of this thread, felt i had to add my 2c worth

i have to agree with nunyabeezwax, on some points

want to use linux as a server? keep it true to the original kernel
want widespread use? dumb it down (which will inevitably make it less secure!)

point is i play (a bit) on linux cos i like to tinker, but the overwhelming majority of people do not, hell if i install something it is through yast, and even then i have installed stuff that i have never used cos i dont know where it went!


linux is open source, so if there are ex windows users who want a central registry they have every RIGHT to develop their own distro! so what is the problem? they are allowed to use the source code right?

if people are upset cos they will have to answer questions like i got a virus etc. then set up a new forum specifically for that distro so that people who use can help each other.

i am particularly attracted to linux because if the open nature, so why kill if off with in-fighting over what is allowed to be done?

nunyabeezwax

Maybe she also shouldn't be allowed to drive a car because she doesn't know how a transmission works.

Not at all, but if she is driving a Chevy should she be complaining that it doesn't run or drive like her Ford? If she likes the Ford so much she should stay with the Ford.

A side note: My mother is 73 yrs old and doesn't have a problem using linux. Granted I manage the system but I haven't had to worry about or work on it like I did when she was using windows.

i am particularly attracted to linux because if the open nature, so why kill if off with in-fighting over what is allowed to be done?

THANK YOU!! Finally, someone who caught the gist of what I was saying!

By someone (lost track in this thread):
If someone has physical access to your (anyone's) computer they've got access to any file, wheter file permissions allow it or not.
Not true.

I dare anyone to attempt to break into my laptop since I use extremely powerful encryption on the root drive and when I'm not around, it's turned off. The password to decrypt it is well above the minimum 20-character requirement of the encryption system I use. I believe I have defeated that argument but I concede that not all computers can be secured in such a fashion (i.e. need to be left on unattended).

I've also dispelled the myth that "security through obscurity" is, in fact, a myth. My Linux installation (Debian) on my laptop is "masked" by a Windows XP install. To avoid any security issues whilst travelling (particularly anticipated if I need to travel through the US) I have a normal XP install on my laptop that will start perfectly normally if you turn on my laptop. If, on the other hand, you have a particular USB stick plugged in and it boots off that (or CD for back up) then it will offer you what you want to boot: Encrypted Debian or unencrypted Windows.

The Windows install has nothing but a few bits of e-mail (non-relevant) and a couple of Word documents. Nothing else.

I have nothing to hide except my personal e-mail and I can operate on the drive with utter impunity knowing that even if it's stolen, the data is irrecoverable.

Only Linux is capable of doing this.

My server is left unattended for 4 months or more at a time where it is required to record voicemail and process e-mail. I cannot update it from the locations that I go to, so I must trust it to survive. The security models I put in place are therefore extremely severe but the technology is available to stop people from breaking in and Linux is up at the forefront of this technology. The only reason I run a virus scanner is so it can process e-mail on the way in and block them at the SMTP level.

Windows is utter crap, IMHO. It is bloated, clumsy and utterly impossible to maintain. That's my opinion and not an invite into a flamewar. The registry is a particular disaster and I'd love to vote the cretin that thought that one up into the next MS firing line. Still, the fact that I actually find Linux easier to maintain than Windows MUST say something.

nunyabeezwax - you say you are a Windows maintainer (might've got lost reading this long thread) for 10 years but aren't you even sick of "repairing" machines because they have viruses?

A friend of mine pulled a brand new Dell machine out of a skip just a couple of days ago (he was dumping his own stuff and saw it) and whilst it was missing the hard drive (a few scares in the UK recently may have made people more aware of this) it's utterly perfectly working and a professional, modern machine. Why would someone throw out a perfectly working machine? Is it because it was so full of viruses and malware that it was "unusable" to them? We certainly suspect so. It, at least, wouldn't be the first time he's had to fix a machine because it was "running slowly" and the hard drive light never once went off...

Passwords? Don't even get me started! They're a bloody nightmare! Where's the ability of a single user to remember a different (8-character minimum) password for everything they have log in to?

I have just three to remember and rely on backups, encryption and my web browsers ability to cache them (OK, it's KDE Wallet, but it interfaces with the web browser to "remember" passwords). They are insecure but they are better than nothing and I personally don't want my thumbprint/DNA/retina scan stored anywhere other than where they currently are. I use RSA keys for SSH, SFTP and strong high-grade cryptography (enforced) on the users of my systems to prevent abuse of them. Still, a password is better than absolutely nothing. You cannot trust a user to be secure themselves.

OK, enough on security. The whole MS vs Linux argument that this thread has let get out of hand...

Vista and XP are both buggy, bloated and a complete mess. They do however have the bonus that they are very similar and most people can sit down and use them natively with the minimum of setup.

Linux requires work.

We do not FORCE Linux on people, people have to CHOOSE, which is what Open Source Software is all about. No-one ever said it was going to be easy, but they also never said it was going to be a Windows drop-in replacement. They never promised a lot of things, in fact, "they" just built it and it works.

I may be gifted when it comes to computers and understanding computer technology (particularly logic), but I'm also far from Joe Average. "Aunt Sally" might not be able to configure a multi-system cluster so she can order some Christmas shopping. She MAY be able to sit down and operate a Windows console, however. I bet, though, that after a small amount of teaching, she could equally operate a Linux KDE terminal as fluently as she would be able to use Windows. It's about choice. I'm also prepared to bet that "Aunt Sally" couldn't care less what she was operating as long as it did what she wanted.

The majority of the current argument (as I see it) is that the "current" generation of people have been brought up with computers in the modern age. The generation ahead of us (read: older) have not had them all their lives and therefore have less interest in them. The generation behind us (read: younger) will have even greater exposure than most of us have had the privilege of. I'm not even old (not even 30) but still there are "kids" out there that can do a LOT more than I can. They are the ones with the free choice.

I have used both Windows and Linux and I can confidently say that Linux DOES have a future.

As I read earlier, Linux is not a business and therefore cannot go out of business. It will simply continue to develop much to Microsoft's chagrin.

My t'pence said and done.

Goodnight,

James

nunyabeezwax - you say you are a Windows maintainer (might've got lost reading this long thread) for 10 years but aren't you even sick of "repairing" machines because they have viruses?

On the contrary... Viruses and malware have been my bread and butter for the last 10 years. Sure I'm tired of fixing them. But they pay the bills.

OK, enough on security. The whole MS vs Linux argument that this thread has let get out of hand...

Well, I never was on about the whole "Linux vs. Windows" thing. I came here specifically because the original poster linked to an article which pointed exclusively at Windows Users as being the main cause of all the changes in Linux that he (I'm assuming it was a he) didn't like... which is a physical impossibility, unless those Windows users also happen to be Linux programmers! I'm a lot more sick of hearing that tired old ****, than I am of having to fix Windows viruses and malware, believe me!

Couldn't agree more. Linux is developed for the purposes of the users. If a programmer wants something done, he does it with the collaboration of the development circle. It is developing in every way at once because it needs to do different things for different people in different ways.

However, Windows and Linux have to interoperate because of the Internet and the whole globalisation issue at large. If Microsoft develop some technology (imagine MSN Messenger as an example) then not developing that same technology for Linux so that the two can interoperate is counter-intuitive. It's the same with Samba, or virtually any networking software.

Both are essentially driving at the same needs - to achieve more functionality and usability for the users to do the jobs that need doing. So in a sense, Windows is motivating and manipulating the development of Linux to a certain extent but it certainly isn't the driving force behind it.

The classic to think of (and to keep this thread on track) is the malware issue. We don't need anti-virus for Linux but we still have it because Windows needs it and it is used in different ways under Linux (e-mail scanning, network scanning, fileshare scanning etc).

James

Not true.

I dare anyone to attempt to break into my laptop since I use extremely powerful encryption on the root drive and when I'm not around, it's turned off.

Yes, it is cemantics... but usually believing you have a 100% fool proof system is the first step to inviting a weakness into your model. It is true that the average power available to a user will not be enough to decrypt a 256 bit 20+ character AES encryption in any reasonable amount of time. However, we have been throwing around extremes, and if you consider the extreme, say a supercomputer rated in the upper limit of terraflops, then that time is greatly reduced and becomes plausible (also while on extremes - dd can be used to map your bits to a faster i/o device not available to the public).

Additionally, technology is never a solid thing. At one time, people thought the original WEP encryption was sufficient for wireless communication. With the current power available, it can be cracked with a dictionary attack quite quickly.

The point being is you have to be ever diligent and keep up with the new technology. There will inevitably come a time where processing power has reached a point that 256 bit encryption becomes trivial to decrypt with brute force. It is up to you to know when that time comes and adjust your encryption accordingly.

If Microsoft develop some technology (imagine MSN Messenger as an example) then not developing that same technology for Linux so that the two can interoperate is counter-intuitive. It's the same with Samba, or virtually any networking software.

Counter-intuitive for everyone, except Microsoft!

Samba, NTFS tools, etc... are often a pain, but at least they EXIST! You can't say the same for their Windows counterparts (although I have seen a few lame attempts to create such utilities).

But, again, this comes down to marketing. From a Redmond standpoint, it's not counter-intuitive to steer their u$er-ba$e as far away from Linux as possible. Heaven forbid, they should get a taste of open-source -- particularly where it affects the 4-to-5-figure-per-license server market! Users shall have no say in the matter.

trilarian:

I use AES v3 encryption which uses 65 keys, each of which is 60 characters in length and encrypt just one block per key and then cycles. The 65th key is a hash key used to further encrypt the data.

I have estimated that a brute force attack would take in the region of 140 billion years in order to crack all 65 keys simultaneously.

If you can assume that a standard keyboard has 100 (usable) keys on it for password creation (a-z, A-Z, 1-0 plus all the punctuation) then a simple test in bc for 100^20 yields 1*10^40 which, even if you could process 1000 passwords a second, would still take an inordinate amount of time to process. I'm not redoing the math here, but considering that I use MORE than 20 characters would mean a brute-force attack on my GPG key alone would have to take factorials into the equation to test each length of password AND all combinations into the equation.

AES is secure. At least, for now. Maybe a weakness will be found, maybe not, but I'm certainly not concerned about someone arbitrarily breaking my encryption "because they can". I'm never likely to end up in that situation. Most people don't have access to sophisticated multi-cluster super-computers and it's not worth someone making the effort the crack the system (brute-force or otherwise) just to access some personal e-mail, my bank details and god-only knows what else I have on this machine. I'm aware of the new UK government legislation to force people to divulge passwords etc with a court order, but it cannot work. The police (et al) would require my co-operation in order to give them up. If, supposing, I was trying to orchestrate a terror attack or a paedophilia ring then it would always be preferential to keep the data secure and do 6 years at Her Majesty's Pleasure rather than be caught with that sort of information. Obviously I'm not involved in anything like that or I probably wouldn't be posting her (let alone have my current job). Therefore, under the legislation, I cannot be forced to divulge the passwords to access my systems.

For nunyabeezwax:

I was at LUG Radio Live in Wolverhampton back in the summer and there was an interesting speech by one of the Samba team there about how Microsoft had to approach the Samba team (I forget the details) because when incorporating SMB (now known as CIFS) into Vista, they completely buggered it up. The Samba team had to help them to repair it so that it COULD interoperate with Linux and other systems. MS even have an open-source lab where they work for the interoperability with OSS.

Now, I'm not saying that MS are playing on a level field, but with the problems of Vista, they are at least acknowledging that they need to work WITH Linux and OSS if only to maintain compatibility across fields. Yes, they have a massive market share, but it will only hurt them in the future if they deliberately sabotage protocols etc because stuff will then be incompatible with their own products and hurt their development. Imagine if Vista could not talk to XP over, I don't know, CIFS/Samba. How BAD would that actually look? Do you think people would actually accept Vista as the new standard?

I doubt it.

MS has to work with the other companies to push their development forward because of globalisation (terrible term, I know) in order to survive. They are not the driving force behind Linux, but they are, most definitely, a powerful factor in its development and it's all because of their market share.

James

It sounds like you know what you are doing, so more than likely you'll live and die at an old age without a problem. I just try to impart upon people that no system can ever achieve 100%. They can reach 99.9999999999 <insert a stream of more 9s>%, but there is always someone out there that can think of something you didn't. It also seems that every protocol has a shelf life and once that expires it becomes trivial to crack. I don't think we'll be seeing AES v3 being reduced to fodder anytime soon, but that doesn't mean it is impossible to find a bug in it's algorithm (remember packet injection for WEP (http://tapir.cs.ucl.ac.uk/bittau-wep.pdf)? - reduced it to less than a minute to crack on most systems).

Aside from brute force on encryption, I've seen too many examples where a person will have a beautiful file system encryption setup, but fail to realize (or maybe just overlooked) that their distro auto-installed SSHD and the default config file. That file allows root as a login and doesn't monitor and block failed attempts... Or a situation where an old version of flash is used on the browser which allows malicious code to execute.

Just to get your mind going too... you say "even if you could process 1000 passwords a second, would still take an inordinate amount of time to process."

This is true, but for under $10k you can have a system that "Elcomsoft Distributed Password Recovery reaches and breaks its previous speed record of one billion passwords per second." found here (http://www.titanbackup.com/community/articles/nvidia_elcomsoft_password_recovery_supercomputer_t esla_gpu/). So... does a system that can do more than 1,000,000,000 passwords per second change your math any? It may still take a few hundred thousand years for a straight dictionary attack, but then AES may find a weakness like WEP has.

At any rate, sorry if I've gone long winded and off topic. I don't get the opportunity to talk with intellectuals much at my job. *snicker* I'm not trying to force my views on you, just get you thinking.

Oh, don't worry. I am thinking about the encryption system all the time. I'm just saying that I'm still safe. Encryption systems these days (AES) are still far better than they used to be with modern developments in mathematics. DES and WEP were cracked because the former was simply weak (and I assume that no-one figured out how much computer technology would advance these past few years) and the latter because it was just crap.

Because I have to leave my main server running 24x7 (it's an e-mail server amongst other things) but also unattended for 4 months or more at a time, I need to make sure that it's secure. SSHD is active and running, and I HAVE turned off passwords but enabled RSA keys so that unless you have the correct key (more secure and more convenient than a password) you're stuffed. DenyHosts will also block you after just 3 failed attempts (you don't need many attempts if you have RSA keys to log in) permanently.

Now, I'm not saying my systems are 100% secure (unless I turn them off altogether) but I go to great lengths to achieve security. I worked out a short script in Exim4, for example, that prevents people from choosing weak passwords to send e-mail - it interfaces with MySQL to get the password and I choose the password. Naturally, it's long and random. I do not allow insecure SMTP log ons either. This is purely to make a robust system as secure as I possibly can but I DO have to rely on the technical expertise of many, many people to achieve this. That is my fundamental weakness.

James

me thinks this post has gone off topic

i got internet access at home about a month ago, so decided to switch my flavour of linux (had suse 9.3 but lost my install cd's)

downloaded all 98megs of puppy linux (gotta love broadband!) burned the cd, booted into the live cd, installed from the cd and booted into puppy
was so simple!!

comparing that to a live cd of knoppix someone gave me a few years back I must say that the ease of use has increased 100% if not more

being a person who has limited knowledge of linux (and wants to learn more with having to compile kernels etc,) i must say that windows users looking to move to linux do have a positive influence on development.

if however i was a hardcore linux user i could just choose a different distro (like gentoo i think?)

beauty of open source? freedom! freedom to choose

so should i be so inclined, and wanted to make linux even more easy to use, surely I have the freedom to do so?