After reading Adam Scheinberg’s original article “The Paradox of Choice” and Kevin Russo’s response, I want to add my personal comments to this discussion. I will quote Adam and Russo several times and pick up their arguments.
The first point I want to talk about, and my main point is: software choices, standards and the difference between them. Adam writes: “the same community that argues for choice seems to stand behind consolidation and standards.” He argues that standards are also some kind of “removal of choice”. I think, Adam’s argument is flawed here. Let my explain with the popular “car analogy”: cars adhere to certain standards, like having four wheels. While this is a removal of choice in itself, it is not bad at all. Four wheels are a standard, and every car maker who wants to produce a normal car has to follow this standard. Nobody complains about this fact, nobody writes petitions for 7-wheeled cars. So, where it is a matter of choice, if I buy a Mercedes or a Honda, it is a matter of standards that both of those have four wheels, three pedals, one engine and the same number of lights in the front and the back. The same goes for software standards: For example, I am really looking forward to KOffice 1.4 who will use OpenOffice.org’s document formats (and the new OASIS standard file format respectively).
I don’t see anything bad here, in fact, this move will increase my choices because now, I can only use OpenOffice.org to produce its files, then I will be able to bitch about how bloated it is and use KOffice on an older computer (Hint: I will probably not do this, I really like Openoffice.org). Another example: noone blames HTML to be responsible for the (sometimes) bad shape of the web. Internet Explorer is the black sheep because it does not render modern HTML well enough and has introduced proprietary extensions and other crap, using its monopolistic position to force contenders out of business. The problem here is also not the standard – HTML. If there would only be Firefox, Opera and Konqueror, we still would have choice between several software packages, all reading one standard file format.
Another quote from Adam’s article: “I don’t wanna flip-flop between Kontact and Evolution, Gaim and Kopete, … Applications are merely an aside to productivity, the key is a comfortable, cohesive system.” I think he hit the nail on the head with this one: and once again, standards are the key. An example: I can switch between Evolution and Mozilla Mail/Thunderbird whenever I want. As they both use the mbox-format to store their mails, I can choose between them freely (O.K., it takes about 15 minutes to move the mails, as there are some differences in the naming scheme, but that’s not the story of this article…). If one of these applications does not fit my needs, I can replace it with the other easily. That’s a very important thing in the software world: redundancy. I am not dependent on one or the other. The same goes for web browsers (aside from the fact that I have to ask myself how good Opera, Firefox or Konqueror interpret old, non-standard, IE-HTML. But just imagine for a second that they wouldn’t have to do this…).
Why do we need choice then? The answer is simple: Biology! Let me quote Kevin here: “If you want to use a Microsoft operating system your choices are Windows XP Home or Windows XP Professional.” Kevin goes on and arguments that this is good from a usability viewpoint. But what has this simplification brought us really? Just look at the Internet for a second. What has the Windows-monopoly and the Internet Explorer-monopoly done to the web? Right, it made the net a contaminated area. Nowadays, it is downright impossible to keep a Windows XP-machine running online without a firewall and antivirus software. After an average of 17 minutes, it is infected. The Linux and Mac-powered computers are immune to this epidemic. Biology has told us this lesson over and over again but noone wanted to listen. Monopolies ALWAYS have weaknesses. I firmly believe that the web would look no different if 95% of the world-wide computers would run Linux. Yes, we had this debate already, and I know that Linux has a better security model and all this. However, I am absolutely sure that It would just not be enough. It is good to have three really good rendering engines: Gecko, KHTML and Opera’s. They all read HTML and interpret it really fine. And if, by some magic, 80% of the web population would use Firefox tomorrow and there were security holes popping up and spyware and all that for Gecko-based browsers, we could switch to Opera and KHTML and happily go on surfing the net. Now that’s what I call redundant. Same goes for OpenOffice.org 2.0 and KOffice 1.4. The problem, if there will ever be one, will not be the OASIS file format, no, it will be OpenOffice.org or KOffice. And it will be a good thing if we can switch from one to the other without any problems.
And what to do about the kernel? Any distribution has the kernel, so a flaw in it affects everyone using Linux. Well, that’s why we need BSD, MAC OS and Windows. The key to a healthy internet is diversity. That’s what biology teaches us. And diversity does not necessarily mean chaos. How many different kinds of fish do exist? Well, who cares? Most of them swim and eat plankton. That’s our standards. Plankton is an MP3 (O.K., I AM getting tired right now…) If one kind of fish flourishes and grows to an immense population, be sure, something will find its weak points and start eating away on them. But the ecosystem is not destroyed because the other fish continue eating all the plankton, thereby flourishing themselves because of the food overflow. The system controls itself. Perfectly.
That’s why I believe that Kevin is fundamentally wrong when he writes: “By having one standards system, developers would have more time to work on new ideas to further along the migration of Linux.” It would work in the beginning. Maybe. But the defects of a monopoly would haunt us soon enough. Having 50% of the Linux desktops on Gnome and 50% on KDE makes both platforms less interesting for trojans and viruses. Niche players can survive for a long time. Just like Linux is a niche player on todays desktops. And who cares anyway? Linux desktops do not need to look the same everywhere. Sell some KDE here, some Gnome there, some OpenOffice.org here, some KOffice there, Mozilla here, Konqueror there. Users will be happy as long as their systems play their music-files, open their curriculum vitae correctly, display websites fine and have a nice email/pim-application. Highly integrated. Modular. As long as the plankton gets eaten, i don’t care what fish does it. As long as I can ride an animal to get faster from A to B, I don’t care if it’s a horse or a camel.
There is, however a difference between having choices and making decisions. The Linux distributors have to make these decisions: Fedora includes Evolution as their standard mail client, Mandrake uses Kontact. Ideally, it should make no difference for the user. Both mail-clients should use the same format to store their mails. Just like four wheels on each car. Just like OpenOffice.org’s file-formats for KOffice. It definitely is a tough thing for the distributors. What would we say, if RedHat ditched KDE from Fedora tomorrow? Or Mandrake removed Gnome? The outcry would be enormous! On the other hand, it would be good for the distributors because they could concentrate on the core of their distribution. Fedora, for example, IS a Gnome-centered distribution. Why do they even ship KDE? The answer is simple: they fear to lose costumers and they fear the outcry of the community and the bad press they would receive. I’d say: move it to Fedora Extras today, no one sane in their mind uses Fedora with KDE (O.K., flame away, this one will hit me hard…). Same goes for Mandrake and Gnome.
Now, what would change if both companies would really do that? Well, Gnome and KDE users would lose choice and flexibility, because they each would lose one distribution to use. But really, I don’t think that this would be so bad. You like Gnome? Use Fedora. You want KDE? Use Mandrake. Can’t decide between those two? Try Debian. Or one of the other distributions, there are plenty out there. What would we get? Smaller downloads, probably better applications, because the Fedora Team could concentrate on perfecting the Gnome Desktop while the Mandrake Folks would have more time to shake the bugs out of their KDE-centric distro. The key to all this: again standards. Ideally, it should be as easy for all applications as it is for Rhythmbox, iTunes and Juk. Just feed them your mp3s and they are happy. Same goes for browsers. Hopefully soon for a lot of other applications.
So, in the end, I am all for choice. Choice between desktops like Gnome and KDE will give Linux an important advantage if it ever grows so big that it becomes attractive for malware. An advantage that Windows never had: it will be redundant, thus far more resistant to attacks. 85% Linux-users worldwide and a heap of Linux-viruses will not be a problem for a KDE user. He will use BSD as the core and KDE as the desktop and happily go on computing. 95% Gnome users and the corresponding Gnome-virus-pest will not be a problem for Linux. Users will use KDE until Gnome shrinks to a healthy size. And when KDE gets too big in in the process, Gnome (or any other desktop) will help out, take KDE market share, thus making KDE less interesting for malware writers. The choice we have today in Linux software can be the key to a healthy software ecosystem in the future.
About the Author
Christian Paratschek is 28 years old, lives in Vienna and will really soon be finished with his studies. Really soon. Only a few DAYS left!
If you would like to see your thoughts or experiences with technology published, please consider writing an article for OSNews.
A well argued and sane article on the subject. I really had lost all hope to see something like this here on osnews. So, to make it short, I agree with the author.
This article makes much more sense. One point I would add is that not everyone uses a computer (or all computers) for the same thing.
This is in a large part the problem with Windows. Windows ships with all the services enabled and available. Each one has its own security problems and without documentation and expertise it can be difficult for a novice (or even a cluey geek) to work out what to disable (DNS Client service in Windows is an example of this).
However Windows is trying to cover all the bases and make it work out of the box without the user having to enable something that they probably don’t know that they need.
One of the reasons I like Linux and FreeBSD is that I can get base system and add stuff. I often don’t want a common set of tools and utilities that includes a lot of things I don’t use. I don’t use kerberos, nis, ldap etc for authentication. (In fact I suspect the uses of any of those protocols is not common except in enterprises)
Each purpose for which I setup a computer can have different requirements. Some require a bare minimum of features and others require the kitchen sink.
I agree that standards are the way to go. Industry Standards are generally all about formalising cooperation and compromise. Freedesktop.org is an example of this, taking two (or ten) branches of the same thing and providing a forum to share ideas and cooperate. It doesn’t solve all the problems or ensure world peace, but then nothing does.
The author is (like almost everyone else) missing the point of the previous articles. It is NOT ABOUT CHOICE ITSELF! It’s about the ability or will to make choices. Come on. I know IT-professionals who don’t even care about the whole IE-Firefox thing that’s going on right now, let alone grandpa and grandma.
This is not about the quality of Linux versus Windows, or the quality of KDE versus GNOME, or Apache versus IIS, or Eclipse versus JBuilder, or whatever. This is about the psychology of end-users. All the points this author makes are moot.
Again, this is not an anti-linux post. I like linux a lot and have been using it since the early days of red hat. But someone who believes that the current desktop form of linux (in its various distributions) is better as a commodity “product” than Windows XP, needs to wake up. Fast.
Nowadays, it is downright impossible to keep a Windows XP-machine running online without a firewall and antivirus software.
Mmmm, then I must have been doing something weird here: I have been running several Windows computers here since 1995, without firewealls, without AV, and I never had a single problem. But then again, it’s in fashion to say stuff like the line from the author above. I never had a single virus infection on my computers running Windows, my parents’, my friends’, my relatives’ and so on.
While this article wasn’t too bad, the pro-Linux attitude was sickening. Please, when writing articles, please, try to be objective!
Mmmm, then I must have been doing something weird here: I have been running several Windows computers here since 1995, without firewealls, without AV, and I never had a single problem. But then again, it’s in fashion to say stuff like the line from the author above. I never had a single virus infection on my computers running Windows, my parents’, my friends’, my relatives’ and so on.
Now that’s weird, because you should at least have suffered the “push” kind of worms like Blaster and Sasser. I know that _all_ of my friends running XP were infected in a matter of days and were struggling to get their MS update asap, or setting up a firewall for the very first time. Anyway, this is really off-topic: the fact that nowadays Windows XP needs an AV and firewall is not the author’s opinion. It’s a fact: proof is the effort and economical investment that MS chose to put in SP2 instead of concentrating on newer and long promised products like Longhorn.
While this article wasn’t too bad, the pro-Linux attitude was sickening. Please, when writing articles, please, try to be objective!
Another kind of comment I don’t really understand… what is an “objective” article? You can only really be “objective” in reporting facts. Opinions and interpretations are always subjective. You can dissent with the point of view here expressed, but not with the fact that there is one.
It is very easy if your computer is not connected to the internet. But in other case your compoter will be infected in about 15-20 minute without firewall and virus killer. It is sad but true (I tired it
).
Now, let’s be fair here. There was an update that blocked the hole that Blaster used a month ago before the attacks began.
It’s a different story with Sasser, though, as far as I know.
here’s the link to back up my argument. i wrote that article late at night yesterday and i forogt to include the link…
http://news.com.com/Study:+Unpatched+PCs+compromised+in+20+minutes/…
basically, it was a big story on the net a few weeks ago. and don’t tell me that you can run an xp-machine without a firewall nowadays. it is just not true. i have gone trhrough this several timea already. buy a computer for one of my friends, connect it to the net, boot it up: *blam* – sasser. no chance to install a firewall first…
best regards,
christian
@others: thx for the positive reactions to my article!
This was the best article in the series so far. Thank you. One additional remark: four wheels on a car is a standard because it proved better than three. And that is one of the ways the ecosystem keeps itself healthy. If something better comes along, it will get it’s following.
Fair enough, but it’s still unlikely that “your parents, your friends, your relatives”, basically every XP user you know will not install an AV software but still keep Windows thoroughly updated, and that every exploit ever patched would be fixed _before_ it can damage you. I’m not blaming MS when it’s really expected that the users keep care of their software, we just have to _accept_ the fact that to keep an OS running and connected to the net you have to take care of it.
The article even states that in the opinion of the author Linux, were it in a monopolistic state of diffusion and were it available in a single distrivbution/batch would be more or less as vulnerable as Windows. I am not so sure of this fact, but I see the point.
I am a Windows XP user (AV, Firewall, no IE or Outlook) and a Linux user and I am willing to work to keep them up and running. Atm it’s really easier and smoother with Linux, but denying that there’s a problem is not really the way to go.
Why Fedora should drop KDE or Mandrake dropping GNOME. Its all about diversity and redundancy. Isn’t it ? They may concentrate on one desktop and push them but also keep the others. Nice article and good logic. Keep it up.
Mmmm, then I must have been doing something weird here: I have been running several Windows computers here since 1995, without firewealls, without AV, and I never had a single problem. But then again, it’s in fashion to say stuff like the line from the author above. I never had a single virus infection on my computers running Windows, my parents’, my friends’, my relatives’ and so on.
You didn’t say whether those machines are connected to the internet. It certainly sounds like they are not. If they are, then I would love to have your amazing luck!
After running linux exclusively for almost two years, I recently (back in July) decided to try Windows XP Pro. I finally had to go back to linux because of three things:
1. I prefer Gnomad2/libnjb to Dell’s Windows-only jukebox program for my Dell DJ music player.
2. I prefer jpilot to Palm Desktop for my palm pilot.
I could live without the above two programs, if not for the third reason:
3. Even after installing AV, firewall, anti-spyware, and all windows updates including SP2 from a CDRW (downloaded and burned in linux), AND clearing up any security holes that remained before going online, I still eventually got infected. My firewall was permanently disabled by whatever I was infected with, and both antivirus programs I installed were unable to detect and clean any viruses/worms from my system.
Now I’m back in Slackware and am loving every minute of it. I’m running the programs I really like, and I don’t have to worry about infections or security holes. I update regularly with swaret, and I keep an eye out for any new security risks that are found in the kernel and various user programs. Yes, that’s right, linux also has security vulnerabilities from time to time. I just find it a more secure system overall than Windows.
To go back on topic, if it weren’t for the choice of GNU/linux and other operating systems, I would have been stuck using Windows, which isn’t such a bad thing (not counting viruses etc), except that it also would limit my choice of which programs I can use for various tasks (see above). Because of the freedom of choice that I enjoy, I may one day move to OS X, since it allows me the freedom to use most POSIX-compliant software in addition to Mac-only software. That is an expensive choice, as I will have to buy new hardware, but the important thing is that I am free to make that decision.
Bahh, most routers have port forwarding disabled by default. With that and using FireFox and turning off that idiotic windows messenging service I’ve been safe without a firewall.
I guess the kiddies are warezing too much and that’s why they’re all infected.
well, not everyone i know has a router. actually, i have one because i have 3 computers in my home. most of my friends are connected to the internet via cable or adsl here in austria. that’s a cable modem, an rj45-cable and a network card. same goes for dsl. no firewall. and i am not talking about a minority, i am talking about 80-90% of austrian broadband users.
really, i can accept critique, in fact i like to hear opposing statements. but calling me a linux zealot and dismissing a well-proven argument about windows security is just retarded. you don’t have the slightest clue what i am talking about and just want to flame around. very weak…
christian
Don’t know about these days, but redhat used to turn on so many services by default that a machine connected directly to the internet without a router would be owned within days without even being on the machine.
Article is much more logical than the two previous. Good work.
As for the running of Win2k/XP without firewall – I have the same experience. It is not possible to install any of them without security updates pre-downloaded (at least not at my location). I got infected by Sasser and/or Blaster before I managed to download updates.
That’s right, he didn’t mention it, even that being one of the greatest mistakes in Linuxland.
And it’s just not about making all programs look the same, but about usability, and I’ll give a few examples:
1. Adding a side bookmark on a KDE Open/Save dialog box doesn’t put that same bookmark in GTK dialog box and vice-versa
2. Gnome programs have their confirmation dialogs with switched buttons (the No/Yes question in Gnome dialogs)
3. Changing UI settings in KDE doesn’t change them in GTK and vice-versa
4. It really looks bad
And these are just a few I remember now because there is probably much more.
That’s right, he didn’t mention it, even that being one of the greatest mistakes in Linuxland.
He didn’t even mention that vim uses different keybindings than emacs or how Konqueror renders some webpages differently from Firefox! Well shit, this article is worthless!
1. Adding a side bookmark on a KDE Open/Save dialog box doesn’t put that same bookmark in GTK dialog box and vice-versa
Valid point. I don’t know if fd.o addresses that somewhere.
2. Gnome programs have their confirmation dialogs with switched buttons (the No/Yes question in Gnome dialogs)
Well, cry me a river, people actually have to READ before the hit a button? Not to mention that “yes” and “no” is not really wanted according to the HIG (or so I heard). If it really bothers you that much, go install one of the GoneME patches that “fix” this “issue”. And don’t you dare start with “but the average user does not want to install patches, he just wants his buttons in the right order”. The average user is a braindead idiot who shouldn’t be allowed to walk, else he could fall and break his neck.
3. Changing UI settings in KDE doesn’t change them in GTK and vice-versa
True, but there are some people working on that. Look at Metatheme for example (I do not have a link handy, but it is somewhere on themes.freshmeat.net).
4. It really looks bad
Depends. It can, but does not have to.
Yup, this article makes the most sense.
I was getting worried there (for a second) with the previous two articles. It alsmost felt like the communists were creeping up. Thanks to Christian Paratschek for restoring the balance.
1. Adding a side bookmark on a KDE Open/Save dialog box doesn’t put that same bookmark in GTK dialog box and vice-versa
that’s exactly what i am talking about. a standard that does not hurt either application but if they follow it, exchanging apps gets easier. thanks for mentioning that one!
christian
But you have to agree that those and other problems could be solved if a single toolkit existed, and that no problems would arise from that, except having to convert old programs to use the new toolkit but a emulation layer could be created so those programs could still work while their developers convert them.
True, but what would happen if the only existing toolkit was a horrible mess, riddled with legacy crap that noone needs anymore? Or what if it would frequently and without reason break backwards compatibility?
Pick your poison, there’s no water here.
http://en.wikipedia.org/wiki/Trabant
Are you talking about GTK?
That’s not a problem and even if such thing existed just replace it with another, it would be simpler to replace only one messed toolkit than 5 messed toolkits.
Anyway how can having 2 or more different toolkits prevent that problem?
No, I am generally speaking.
You can either have several toolkits, with all the benefits and let-downs of this. Or you can have one toolkit, with all the benefits and let-downs of that.
My point is: a single toolkit is no silver bullet. It may look unified, but the problems might very well breed under the hood, worse than if the toolkit had competition.
>That’s not a problem and even if such thing existed just
>replace it with another, it would be simpler to replace only
>one messed toolkit than 5 messed toolkits.
If you only have one toolkit and want to replace it with another (which you have to code first, I doubt it is easy and fast), then you have two. Whoops, the same problem applies. Legacy applications will not be ported over, will you be able to make sure that it runs ok on low-power computers, handhelds, if desired? (I think GTK can this, but I remember several others that can, Fox Toolkit can do that too, IIRC.) Of course, you can bend over for backwards compatibility, but one time you WILL have to make a cut or it will end up like Windows XP, which still has the entire 16 bit subsystem, with all the problems that come from it.
While there is no perfect solution that’s not an impediment to do better than what we have now, is it?
Those bugs and situations may occur but they also may not occur, so why not give it a try?
Because you would have to get rid of all existing toolkits. None of those are without problems, so which one to pick?
KDE/Qt
Why?
1. Qt itself is good but with KDE extension is even better
2. Why not?
3. I like it
…
By the way the title of the posts are based on the movie The Good, the Bad and the Ugly
“You can stick your head in the sand if you want to”
Who is putting his head in the sand? You have still not replied to what you’d think of comparing windows 2003 to windows 95, wich is essentially what you are doing.
“but the fact of the matter is that your average linux box left open on the internet, with the default installation services turned on”
Which is this mysterious “average linux box”? Last time I checked Fedora sets up a firewall for you, along the lines “if you don’t know what this is it’s safe to say NO”, SuSe did the same and the distro I personally use, wich granted is not for newbies, doesn’t turn on squat. So what are you yapping about?
“I guess it really doesn’t matter though since nobody is really using Linux on the desktop”
Well. I do, and have done for several years. It works excellent. The problem you and your ilk have is that linux is not windows. You have to accept that. If not then fine. Don’t use it. Linux was around before you chapskates who want nothing but a “free as free beer” windows drop-in-replacement. I’m confident it will still prospher when you have perished.
“Oh well, linux will be remembered as a mediocre server OS since the fanboys are clueless to the needs of the home consumer.”
And some will be remembered with a great howl of laughter because of their stupidity, lack of insight in matters they speak loudly about and their total egocentricity.
QT has the problem that either your software is GPL or you have to pay $$$. If you code on Windows, you have to pay $$$ in any case.
Not everyone is willing to do that, so QT is out.
Listen up people: everyone who is responding to this discussion with “this or that is more secure, better, faster, more edible, more blablabla” is actually off-topic. Here’s a clue: those things don’t matter that much. This topic (at least initally) is about the negative impact of too much choice on Linux. Agreed, it also has a positive impact, but from a commercial point of view choice isn’t always positive. And let’s face it: if desktop linux wants to be big, they have to be more attentive to the commercial side of things. The market doesn’t always respond to quality alone, you know. Who cares about the differences between KDE and Gnome? Who cares about the differences between MacOS, WinXP and Linux? People who think that the answer is: the majority of people, well… I’m afraid they’re not living in the real world.
Let my explain with the popular “car analogy”: cars adhere to certain standards, like having four wheels. While this is a removal of choice in itself, it is not bad at all. Four wheels are a standard, and every car maker who wants to produce a normal car has to follow this standard.
Your point is reasonable, but your analogy is atrocious. Cars don’t have four wheels because it’s a ‘standard’, they have four wheels because it’s the best design tradeoff for their purpose. A better example would have been the wheel lug nut patterns (although there are several different ‘standards’ of them) that give third-party wheels ‘compatibility’ with different cars.
Internet Explorer is the black sheep because it does not render modern HTML well enough and has introduced proprietary extensions and other crap, using its monopolistic position to force contenders out of business.
IE renders every page I’ve ever seen fine. Also, you should blame Netscape for starting that whole ‘proprietry extensions’ thing as well – it was the cornerstone of their entire business model.
An example: I can switch between Evolution and Mozilla Mail/Thunderbird whenever I want. As they both use the mbox-format to store their mails, I can choose between them freely (O.K., it takes about 15 minutes to move the mails, as there are some differences in the naming scheme, but that’s not the story of this article…).
You should not confuse standards for things like file formats with UI standards. The only reason you can switch “freely” between Evolution and Mozilla is because a) you have invested time learning both UIs and b) you don’t use any features that are unique to either product. In other words, the “choice” only extends so far as the level of functionality and the user’s knowledge.
What has the Windows-monopoly and the Internet Explorer-monopoly done to the web? Right, it made the net a contaminated area.
It would be quicker if you just said “IE sucks” – it’s clear that’s all you mean.
Nowadays, it is downright impossible to keep a Windows XP-machine running online without a firewall and antivirus software.
Bollocks.
After an average of 17 minutes, it is infected.
Chuck a Linux machine running binaries dating from 2001 on the net and see how long it lasts.
Yes, we had this debate already, and I know that Linux has a better security model and all this.
Then you “know” wrong. Linux does not have a better security model than Windows.
Ideally, it should make no difference for the user. Both mail-clients should use the same format to store their mails.
It’s a long way from “using the same format to store their mails” to making “no difference for the user”.
85% Linux-users worldwide and a heap of Linux-viruses will not be a problem for a KDE user. He will use BSD as the core and KDE as the desktop and happily go on computing.
Except that a large chunk of those “Linux-viruses” will probably affect both platforms equally. After all, Windows 9x and NT are completely different OSes under the hood, and it’s not uncommon at all for a trojan, worm or virus to affect both of them due to their similarities.
And when KDE gets too big in in the process, Gnome (or any other desktop) will help out, take KDE market share, thus making KDE less interesting for malware writers.
The DE is not likely to be a big issue. Indeed, it’s not likely to be relevant at all.
This is in a large part the problem with Windows. Windows ships with all the services enabled and available. Each one has its own security problems and without documentation and expertise it can be difficult for a novice (or even a cluey geek) to work out what to disable (DNS Client service in Windows is an example of this).
Precisely what security hole do you think disabling the DNS Client service closes up ?
It is very easy if your computer is not connected to the internet. But in other case your compoter will be infected in about 15-20 minute without firewall and virus killer. It is sad but true (I tired it
).
Have you compared it with a freshly installed Linux box dating from 2001 ?
basically, it was a big story on the net a few weeks ago. and don’t tell me that you can run an xp-machine without a firewall nowadays. it is just not true. i have gone trhrough this several timea already. buy a computer for one of my friends, connect it to the net, boot it up: *blam* – sasser. no chance to install a firewall first…
Here’s the 31337 h4x0r trick to avoiding this.
1. unpack your shiny new computer and boot it up. Do not connect it to the network.
2. enable XP’s built-in firewall.
3. connect the network cable.
Wow, yet an other impressive windows fanboy.
Author:
You can’t run WinXp on the net without getting infected within a few minutes if you don’t turn on the firewall.
drsmithy:
Call author names, call him an idiot, tell him that he is wrong, because all you have to do to avoid the problem is turn on the firewall.
Does that in anyway contradict what the author said? No?
So was there a point in saying it? No.
And your comment about the precise security hole is equally impressive.
I know this will come as a surprise to you, so hold on to your seat, but every service that doesn’t run is a service that can’t be exploited if a vulnerability is found. That’s why all the world but drsmithy and MS agrees that it is good security policy to run only the necessary services.
Finally, you are right, you would probably find lots and lots of security holes in a linux distribution from 2001, however this doesn’t matter, as you can download or buy new versions of it. If you buy WinXP on the other hand, you’ll get the stuff from 2001 with all it’s problems.
1. Windows is a product line, so there is going to be a full package feel to it. You would get close to that feeling if you used Enterprise Linux, but not Fedora because Fedora is a community project, it’s not a product.
2. Standards are the bases for sofware commoditization (and all that is derived from that).
3. Your choice in Linux is choice of vendor.
4. There are several players in the open source paradigm, there are the vendors, there is the community, and there is an arbiter.
5. Point of view, strategic planning, directional planning, all make a difference about how you feel about something specific, and feelings change as more knowledge is uncovered. The process is called generalizing, or knowing the big picture. The bigger the better.
They compare a free and _evolving_ development model, that, like the evolution of life, does actually not veer towards anything. Products evolve by chance, or by personal necessity. Whats not good for the general public gets selected out by time, by some kind of natural selection.
The only way to influence somebodys development efforts is to pay him, to develop what _you_ want. There wouldnt be hundreds of window managers and text editors if the people had any need to “unite” and take it on Microsoft, a non free, streamlined, commercial product developer.
The authors of such articles just reveal that they are some kind of little dictators, who would like to govern Free Software development worldwide.
I really cannot understand that those “no choice” fanatics really want to regulate what other people do in their free time, so that some company like Novell or RedHat could have a more integrated and polished product to compete against Microsoft. To want something like that is nothing less but just ridiculous!
There _already_ are distros that limit choice and offer only a few common packages, so this discussion shouldnt be needed any more. Goal completed. No wait, they dont want to have one distro to offer that, they want to limit free choice of _all_ distributions and to yoke _all_ free software developers to spend their free time working for the biggest distributors without getting paid.
They obviously watched too many LOTR (unite against the evil or we are all lost) movies.
I dont like to repeat myself, but this is ridiculous, just ridiculous. Limiting software choices in a free software community, bah.
These Choice article series are superfluous. All three of them.
The enormous response to all three stories proved my original point 10 times over. Even the hint of removal of choice can start a near-civil war.
To anyone who thinks there was any “anti-choice,” whatever that now watered-down crappy term means these days, read them again. There’s no removal of “choice” from anything except individual distributions.
The best comment so far was the one about a guy who went to buy toothpaste and found over 60 brands. It was confusing – which is better? which tastes better? which fights tartar best? – and in the end, his 2 year old made up her mind and that was that.
Linux is, despite what a bunch of people on a technology site think, VERY INTIMIDATING for new users because there is so much choice and very little guidance. No one has to remove choice “from Linux” to fix this. But someone should start pushing an enterprise Linux distribution that doesn’t require a user to choose a DE and an app for every purpose. Know why? Because it’s not about philosophy in the workplace, it’s about being productive. And that’s a mystery to those who haven’t truly experienced it. I might not have time to properly research whether AbiWord, KWord, StarOffice, OpenOffice.org, gedit, Kate, KWrite, Nedit, Jedit, etc is the right product for me for a single project. I just need to write my damned weekly report.
Don’t believe me? Which is the best LiveCD? There are now about a million Knoppix spin-offs (hyperbole intended). In the end, if I need a LiveCD, I’ll just choose one quickly. I’m not doing the research, because there’s way too much involved in it and frankly, they all do pretty much the same thing.
With these articles, as long as everyone squabbles about the quality of the writing, the apparent rise of communism, the author(s) being “against choice,” etc, there’s no progress at all.
Frankly — rather, sadly — all these articles have actually done is start flamewars that really are quite embarassing, as they appear to be based solely on the instant reactions of people who skimmed the articles and probably had their mind made up before they finished reading it.
“But someone should start pushing an enterprise Linux distribution that doesn’t require a user to choose a DE and an app for every purpose.”
Suse, Mandrake, RedHat, the new Novel Desktop Distribution, Sun Java Desktop, User Linux, Linspire, Xandros, Ubuntu, …?
They may not do it perfectly yet, but I get the impression you are fighting against windmills here.
Linux desktops do not need to look the same everywhere. Sell some KDE here, some Gnome there, some OpenOffice.org here, some KOffice there, Mozilla here, Konqueror there. Users will be happy as long as their systems play their music-files, open their curriculum vitae correctly, display websites fine and have a nice email/pim-application. Highly integrated. Modular.
But that’s exactly the problem!
When you “sell some KDE here, some Gnome there”, the desktops don’t get INTEGRATED and don’t advance nearly as fast. Programming effort is divided, third parties wanting to port commercial apps are discouraged, etc. Things are also not integrated.
Let’s see an example from server space: Apple, for instance, has a tightly integrated server version of its OS. In it, Apache has an INTEGRATED MANAGEMENT GUI. Now, turn to Linux. After of so many years, with server space being the greatest success of Linux so far, and Apache the no1 unix server, there’s nothing integrated providing Apache management on Linux. RedHat may has this half-assed management tool, SuSE some other, but there’s nothing integrated with Gnome or KDE as it is (i.e not distro specific). Result? Crappy quality, limited exposure, etc.
Well, in desktop space the situation is even worse.
A great military and diplomatic technique is DIVIDE AND CONQUER. Well, that is exactly what is happening, and guess who does the conquering! The sad fact is they don’t even did the dividing, we inflicted it upon ourselves.
Wow. If I could give you a “+5 redundant” I’d do that in the blink of an eye. I’d give you a “+5 bigot” too.
“These Choice article series are superfluous. All three of them.”
Yes, especially the flamebait you posted as an article.
“The enormous response to all three stories proved my original point 10 times over. Even the hint of removal of choice can start a near-civil war.”
And rigthfully so. We have all seen what lack of choice leads to. A trabant.
“To anyone who thinks there was any “anti-choice,” whatever that now watered-down crappy term means these days, read them again. There’s no removal of “choice” from anything except individual distributions.”
And this is redundant beyond words. Distributions already do that. Last time I tried Fedora, just for instance – no preferences involved – it pretty much set up a singel choice of every thing. It also made it very clear that they think you should use gnome and not kde. In fact it’s so gnome-centric it makes you jump through hoops if you want kde.
“Linux is, despite what a bunch of people on a technology site think, VERY INTIMIDATING for new users”
Guess what? So is windows. I know, I have worked with training such people.
“because there is so much choice and very little guidance.”
As I said before this is bull.
“But someone should start pushing an enterprise Linux distribution that doesn’t require a user to choose a DE and an app for every purpose.”
This is already beeing done by novell, redhat userlinux and more. However, this is a far cry form your initial statement “Let me state that I’m all for removal of choice from linux”, Let’s see. Keywords. “Removal” “choice” “linux”, nope, not a word about distributions.
“Frankly — rather, sadly — all these articles have actually done is start flamewars that really are quite embarassing, as they appear to be based solely on the instant reactions of people who skimmed the articles and probably had their mind made up before they finished reading it.”
Yeah, you could have saved us all your sorry attempt at writing an article.
Reading the articles and many of the comments shows me that there are two types of Linux users:
The first group are the Linux “power users”. They build their own linux, compile everything on their own, they like to play with their system and they know how to do it. They are the “It works for me, so it’s all fine.” types.
The other group are the Linux “promoters”. They are in a way like the power users but they also want more people to use Linux, people who aren’t power users, who don’t even know how to compile source code.
The first group is for choice and everything that reduces it is pushed closer to the “windows world” (it’s not rare to read comments like “If you don’t understand it, use windows” on the internet). But that’s the way the second group want’s to push Linux. They want Linux to become an OS even for the inexperienced user. That doesn’t mean Linux has to become Windows but it should become similarly easy to use.
I don’t know if this is a problem, it might as well be a very good thing. Linux is on it’s way to become an OS for everyone – at first glance. But under the hood it keeps as flexible as ever, so the geeks can still play around. The trick is to keep the balance and in the best case the two mentioned groups unknowingly keep up this balance.
One last word: I’m quite fed up with this, I dare say, “Windows flaming”. The study about Windows getting infected after 17 minutes states that it’s about an unpatched Windows. So what? Did you notice the word “unpatched”? If I know there’s a secutriy hole, and I know there’s a patch for it, it’s my own fault when I get infected because of not using the patch. Would you install e.g. an Apache version that includes a known exploit and then whine about being hacked? And who would bother to read an article that claims “Old Linux distros, full of known securtiy leaks and exploits, get hacked minutes after being connected to the net.”
Don’t get bogged down in something that you don’t have any control over.
Fedora, the community project, is theoretically supposed to contain all kinds of software, it’s not a product, it’s not streamlined or polished, although it is a little bit :+)
A vendor distribution is a different story. It’s a product line and certainly some of these characteristics described in the articles relate more to products.
These are very different things.
The nice thing about Fedora though is that you can experiment on it and learn about the system and the software.
Look for business opportunities in building software that integrates into a Linux vendors product line. Look to the vendors for leadership.
We are not going to talk about the arbiter but just know that there is a third character in the open source paradigm. This third person does some interfacing with the community, and with the vendors, from time to time.
I just want to post a quick reply to my comment on my windows machines not having firewall/AV: they are connected to the internet, had numerous re-install etc. and in my 13 years of computing I never ever had a single virus or worm or whatever. The most important thing to remeber is not to open attachments, and that’s it.
You can say that you cannot use windows without a firewall/AV, but it’s just not true!
Let me count: I had (it’s BeOS only for a while now) one machine running windows, my parents have three, my brother has one, and if I add up my friends’ computers which I use and know they aren’t firewalled/AVd… I get like 20 Windows machines who never ever had any security problems, are connected to the net, and experienced re-installs, and don’t use AV/Firewall. Now, y’all can go on and say I’m lying and all, but I don’t care. I know I’m right here.
Of course this extremely small sample doesn’t prove Windows is secure, I know that. But the statement “one cannot run Windows without AV/Firewall, you’ll be infected within 15 minutes” is just pure nonsense.
When you “sell some KDE here, some Gnome there”, the desktops don’t get INTEGRATED and don’t advance nearly as fast.
A Linspire, Lycoris or Xandros Desktop _IS_ integrated very well. So whats your point? Individual distributions do exactly what you “against choice” people want: Make choice for those who dont want to chose, integrate.
So it may be that products under the brand “Linux” are not well integrated, but mast things branded “Xandros” definitely are. So again? Whats your point? To regulate free evolving community driven distros so that they dont poison the Linux brand? This is it, isnt it? That the kernel name managed to get more popularity than the single distributors? That a Debian Linux affects the sales of a Xandos Linux because theyre both linux? What would you like? To stomp free non commercial distributions so far in the underground, where Joe User wouldnt see them? So they couldnt affect the sales of the comemrcial distributors?
Programming effort is divided, third parties wanting to port commercial apps are discouraged, etc. Things are also not integrated.
Thats the benefit/curse of Free Software. Everyone may chose the direction he develops for, and there is no central committee which defines the direction. Commercial developers just dont have the possibility to develop in a direction other than the management oder design department decide. There is no freedom in their development model, because they dont develop free software. This may result in a integrated and polished product, because all pull together as a team, but thats what they get paid for!
You just cant mandate free software developers what to do in their free time. When they dont like the direction of a project, they can just fork it, or start a new one, and get things done the way they like, and _not_ because they think all they do shoul be in competition with a hated comercial software developer and desktop king.
This is, what all these dumb anti choice articles are: little wannabe dictators wet dreams of how they could yoke free software developers against their will and overthrow the hated king. Poor, if you as me.
There are people who, for better or worse, have visions to solve problems, and there are people who just complain. Constructive criticism is still constructive. I didn’t see anything in your response except a willingness to argue. Go back and read my article. Anyone can pick a few words out of a sentence and create whatever they want, which is exactly what you’ve done.
People wonder how IT people get the impression of not being user friendly or responsive to user’s concerns? Hmmm… perhaps it’s because everything is pefectly peachy AS IS with no room whatsoever for improvement, and disagreement is tantamount to a spit in the face.
If you didn’t see anything in the post but a willingness to argue, look again:
“And this is redundant beyond words. Distributions already do that. Last time I tried Fedora, just for instance – no preferences involved – it pretty much set up a singel choice of every thing. It also made it very clear that they think you should use gnome and not kde. In fact it’s so gnome-centric it makes you jump through hoops if you want kde.”
“This is already beeing done by novell, redhat userlinux and more. However, this is a far cry form your initial statement “Let me state that I’m all for removal of choice from linux”, Let’s see. Keywords. “Removal” “choice” “linux”, nope, not a word about distributions.”
To spell it out yet again:
Distributions already do what you want them to do!
Maybe you could at least once address this issue, thanks.
Look at it from this point of view.
1. Linux represents software commoditization at the low layer of the platform, i.e. the low layer of the software stack.
2. At a higher layer in the software stack is the vendor product line. The vendor product line is just like a manufacturing plants assembly line. These vendors control the process for assembling a solution, based on Linux. In terms of software production, this is where the money is. If you want to make money producing software, you must integrate your product into this assembly line, so you have to talk to the vendor and ask them how to interface. Companies like Oracle and IBM market their software product at this level.
3. So the background, the low level of the software stack, is open and accessible, it’s a testing ground, a ground for experimentation, until you have a concept for a product that you can push up the software stack.
4. Technically Linux vendors have developed a few Linux home desktop products (ex Linspire) however there has not been a real push by the arbiter towards this concept, not yet anyway.
…I guess I should also say, look for Novell and RH to lower the bar, and make integration into their product lines easier in the future so small business can enter the software market with products based on Linux. Right now it’s still just the big iron.
Call author names, call him an idiot, tell him that he is wrong, because all you have to do to avoid the problem is turn on the firewall.
Does that in anyway contradict what the author said? No?
So was there a point in saying it? No.
Trouble is, his ‘point’ – that running an unpatched XP machine straight on the internet without any sort of protection – is asinine. It applies equally well to any OS, Windows is hardly specific. All he’s doing is saying “Windows sucks”, but trying to dress it up as a legitimate complaint by implying it’s adive that only applies to Windows.
As an aside, you certainly can successfully run Windows without a firewall or AV – I’ve been doing it at home for years – all you really need is some sort of NAT device, regular patching and keeping IE use to a minimum (or just stay away from questionable websites). This is far from an *ideal* configuration for the typical end user, but it will – practically speaking – reduce exposure to pretty much the same level as a firewalled machine directly on the internet with an AV.
And your comment about the precise security hole is equally impressive.
Actually I’d be just as happy if he could even come up with a theory as to how disabling the DNS Client service is going to meaningfully improve security. I mean, it’s like saying removing all the virtual consoles from /etc/inittab will meaningfully improve security.
I know this will come as a surprise to you, so hold on to your seat, but every service that doesn’t run is a service that can’t be exploited if a vulnerability is found. That’s why all the world but drsmithy and MS agrees that it is good security policy to run only the necessary services.
No doubt. Trouble is taking that theory through to its logical conclusion leaves us flipping switches on the front of an Altair or sliding beads back and forth on an abacus. There are very, very few things that are truly “necessary”.
See, the theory of minimising service us is fine, but the particular poster I was replying to doesn’t *really* understand that, he’s just parroting a line he heard somewhere – probably the same “expert” on the Register a week or two back who implie a DHCP client was a gaping security hole – who thinks having the DNS Service turned on by default has a meaningful negative impact on security. Had the poster picked some service that really does fall into the “shouldn’t be on by default” basket I wouldn’t have commented, but by picking something so insignificant and harmless, they demonstrate that they haven’t actually *thought* about either the principle or the specific example.
The DNS Client doesn’t really do much. It doesn’t listen on any network ports, it just makes DNS queries and caches them to reduce network bandwidth usage, reduce name resolution latency and, in general, improve the end user experience.
By all means, services that really don’t do anything to help the end user and/or perform actions that significantly increase system vulnerability – like listening on network ports – should be minimised. But harmless stuff like DNS caching, DHCP clients and, say, mousewheel daemons or USB daemons fall well and truly into the category of ‘acceptable risk’.
(Sorry, forgot this bit)
Finally, you are right, you would probably find lots and lots of security holes in a linux distribution from 2001, however this doesn’t matter, as you can download or buy new versions of it. If you buy WinXP on the other hand, you’ll get the stuff from 2001 with all it’s problems.
Copies of Windows distributed after service packs are released generally come with them slipstreamed in. So if you go and buy a copy of XP pressed after SP2 was released, it will already have SP2 slipstreamed in.
Certainly, it’s true for OEM and Select/Enterprise versions (and that probably covers 80%+ of distributed copies). I rarely see new retail versions, though, so I can’t comment on them.
1. While there are security issues with every OS I would take every bet that the chances of being infected running Windows without the precautions you talked about and the author said were necessary compared to the chance of being infected doing the same thing with OS X or Linux are indefinatly bigger. Part of this is of course due to market share, but that is only a part of the story.
2. And that brings us to point number two. Your claim that having 665 unnecessary services running in the background is necessary for having a modern computing experience is simply false. Look at OSX, compare it with windows and you will get a very good idea where one of the fundamental problems of windows lies. And I hope you don’t want to compare the user experience of using OSX with flipping switches on the front of an Altair.
“basically, it was a big story on the net a few weeks ago. and don’t tell me that you can run an xp-machine without a firewall nowadays. it is just not true. i have gone trhrough this several timea already. buy a computer for one of my friends, connect it to the net, boot it up: *blam* – sasser. no chance to install a firewall first… ”
an absolute os expert.
several times huh?
windows xp shipped in 2001 with a firewall included.
os expert didnt bother to turn it on first huh?
and after several times you still hadnt learned enough to enable the built in firewall?
thats one of the reasons you lose power in arguement. you dont know what you write about.
sheesh.
and, the fella said windows pcs since 1995. so who said anything about it being xp to begin with? i regularly go to do work for folks still running windows 98 that have the original 90 day eval av software never updated and no firewall and they have never had any problems.
still a bad move though. its just like you saying mac os and linux are “immune”. that is false. they are not immune. just because you get attacked less is no reason to not take reasonable and responsible precautions. and thats why linux and mac os x include firewalls today.
IE renders every page I’ve ever seen fine.
But i would dare say that this is only because people actually test their stuff on it and make it work. In my personal experience, the most annoying browser to develop for these days is IE, while (the subset that i use of the) standards compliant things seems to just work on gecko and khtml browsers.
So yes, IE renders all pages just fine, but that says absolutely nothing about the quality of IE. The users might not care about why things works, but i really find it silly that developers have to spend time working around bugs instead of doing more productive things.
“Finally, you are right, you would probably find lots and lots of security holes in a linux distribution from 2001, however this doesn’t matter, as you can download or buy new versions of it. If you buy WinXP on the other hand, you’ll get the stuff from 2001 with all it’s problems.”
it can happen ralph. but you can also:
buy a new pc with windows xp svc pk 2 pre-installed.
buy a copy of windows xp with svc pk 2 already integrated.
A Linspire, Lycoris or Xandros Desktop _IS_ integrated very well. So whats your point? Individual distributions do exactly what you “against choice” people want: Make choice for those who dont want to chose, integrate.
Linspire, Lycoris or Xandros are a joke regarding integration.
The mere fact that someone proposes them as “integrated” solutions, means that there is very little understanding of what integration is on the Linux camps.
While there are security issues with every OS I would take every bet that the chances of being infected running Windows without the precautions you talked about and the author said were necessary compared to the chance of being infected doing the same thing with OS X or Linux are indefinatly bigger. Part of this is of course due to market share, but that is only a part of the story.
You are welcome to your opinion. Personally, I’ll just keep giving *all* my important machines the same levels of protection and maintenance.
And that brings us to point number two. Your claim that having 665 unnecessary services running in the background is necessary for having a modern computing experience is simply false.
I made no such claim.
Look at OSX, compare it with windows and you will get a very good idea where one of the fundamental problems of windows lies.
After looking, I was unsurprised to see that OS X has a DNS cacher and a DHCP client active by default as well. Undoubtedly there are other services running by default that are quite arguably “unnecessary” (like, say, the crash reporter or the automounter – heck, my iBook actually appears to be running nfsd by default).
How would you like if every movie released is released in 10 different versions with variations? Viewers will have a choice to watch the kind of version they like. Will they like it, NO.
Do i like 100s of distros each with different settings but almost same features? NO.
Does it cause confustion to a user which one to chose? YES.
And…i really feel Microsoft will come out as a winner, if Linux is not standardized and this too much non-sense choice is cut. See what happened to Unix due to fragmantation. Unix would have been much stronger if it was not forked that much.
Yeah now someone will say but hey Unix kernel was forked too…hell like as a user i care…incompatible is what scare me.
Microsoft is good because it makes things just work and it works for 99% of people. Damn even some of my DOS tools work like Turbo Assembler.
In linux i am even scared to upgrade my redhat 9 box in fear of something getting broken and then i wasting 1 day to get things up n running again.
What value does these distributions provide? I wish Linux kernel group release a standard distro which has a minimum base and everything should just build up from there…or i dun have much hope for Linux
FANTASTIC comment.
Unfortunately, that would defeat the purpose of everything the *nix community stands for. Distro’s like Xandros, Suse, Fedora, and linspire are shooting for the corporate/home user and are extremely easy to install and use. I know that in Suse and Fedora they have some defaults already picked out for you, so you don’t have thirty apps to choose from right from the start.
However, you do have the option to use something else if the provided default application doesn’t satisfy your needs. I’m a longtime Slackware and more recently freeBSD user because thats what suits MY needs. For the average home user like yourself who is “scared to upgrade my redhat 9 box in fear of something getting broken and then i wasting 1 day to get things up n running again.”, their are distro’s for your uses.
The *nix community is about choice, different things for different people. Suse, Xandros, and Fedora’s targeted audience may not be for me, but it may work for others. If you take away choice, you take away one of the better aspects of the *nix community.
My 42 year old computer illiterate mom can install software in suse fine, so can my 11 year old sister and my 7 year old brother. Installation of software is not hard in many mainstream oriented distros, people just need to get past the stereotypes and their own fears.
Let’s show some professionalism in writing, please.
OK i am going to paraphrase and take this statement somewhat out of context, but Christian did say “this is a removal of choice in itself, it is not bad at all”
Can you please explain to me the Author of the Response to the paradox of choice how his statements differ from my statements. I said “it (meaning choice) is not necessarily a good thing” or this statement “if closing some options were to make Linux more unified is that not a step in the right direction. And last “”eliminate choice in a “positive” way”
I do believe that Christian and my self are on the same team with regards to Linux. I agree with his article for the most part.
Kevin .
Let me count: I had (it’s BeOS only for a while now) one machine running windows, my parents have three, my brother has one, and if I add up my friends’ computers which I use and know they aren’t firewalled/AVd… I get like 20 Windows machines who never ever had any security problems, are connected to the net, and experienced re-installs, and don’t use AV/Firewall.
So you’re the reason I get so much spam!
Seriously though, without a virus scanner, how would you know you’ve never had any viruses? Being as how your machines have been on the internet for so long without any protection, I kinda wonder what will happen if you do scan them with a virus scanner. I’d imagine a few things would pop up. Heh, and man, I can just imagine all the spyware!
But even if your machines are still clean to this day, with all the free antivirus apps out there, why take the chance? When you’re so careless and do get a virus you’re just making the internet worse for everyone else in the world.
Seriously though, without a virus scanner, how would you know you’ve never had any viruses?
I said I don’t use a virus scanner, as in, running it all day long. It eats resources and my experiences have tought me that I don’t need one. I occasinally checked my Windows box for viruses, but never a thing popped up. Now, the only machines here that run windows are my parents’, and they are just as clean.
Being as how your machines have been on the internet for so long without any protection, I kinda wonder what will happen if you do scan them with a virus scanner.
I cannot scan my computer for Windows viruses because I don’t run Windows. My parents’ computers are clean, and I never experienced a virus in someone else’s computer; I can’t be sure though, I don’t like to install AV’s on someone else’s computer. It’s not my responsibility.
Heh, and man, I can just imagine all the spyware!
I never mentioned anything about me not using anti-spyware software. I never said I wasn’t infected with spyware. Please read and read carefully before making up stuff.
But even if your machines are still clean to this day, with all the free antivirus apps out there, why take the chance? When you’re so careless and do get a virus you’re just making the internet worse for everyone else in the world.
I rely on my own experiences, and i’m not easy influenceable by Linux-fans going bezerkon the net scremaing I need AV software. I never had a virus, so why would I use an AV? Why would you get medicine against disease X if you don’t have disease X?
And I’m not careless. I have a BeOS box and an iMac, so I’m not spamming you. The other two computers I manage here aren’t either.
Virusses aren’t much of a problem anymore. Its more worms, trojans and spyware these days. All of these have in common that they’re hostile code which ought to be evaded on a computer; the author meant either of ‘worm’, ‘trojan’, ‘spyware’ and ‘virus’ ofcourse. Doh.
I want a Linux distro that will work out the box for my laptop. An IBM T42p laptop.
Let’s take a look:
Fedora Core 2: First, screws up hard drive geometry, leaving Windows unbootable (thanks). Second, speed-step does not work. It’s not very nice to use a laptop at full power all the time. This almost halves the battery life. Also, no driver supports the Mobility Fire GL 128MB video card. It hangs trying to awaken from suspend to disk. Modem driver is not available, have to have it locked at 14.4kbps per second , or pay for a driver. ACPI must be manually configured. Have to install three modules to get wireless to (maybe) work. Thinkpad buttons don’t work. Bluetooth doesn’t work.
RHE WS 3.0: Guess what? The EXACT same problems.
Debian 3.0: Exact same probles.
Knoppix: Same problems, and the advantage of having to fix them every time I turn my computer back on.
There are zero easy to use, freely available Linux distros that work well on this laptop. Hip hip hooray for the folks who can say “Linux just works” with a straight face.
You misinterpreted my comments and well congratulations if you 7 year daughter can install software on linux. She must be a genius.
I will re-quote my comment again for you:
Too many distributions is bad if they are only minor variants of existing ones and doesn’t provide true value. Also if they don’t provide 100% binary compatibility than its even worse. It affects:
1. Users – who now have to make sure they everytime get a correct version of the application. If they downloaded application on a slow connection and then they upgrade to a newer distro, shouldn’t the archived application be able to install itself? I would want it to work fine. I don’t want to go to the pain of reinstalling every single damn application on my box and then making all its settings.
2. People want software to work. Period. Software should *just* work. And to be true, it 99% of the time works fine on windows. In linux unless u get it right, it will never work.
3. Too many incompatible distro means programmers are screwed because they have now much more burden on them. This tends to turns programmers off the platform. Reason, programmers likes to focus more on creative work rather than doing shitty work like maintaining same code for 10 different distros.
Same goes for companies. They turn to Linux thinking it will decrease TCO but if they need to do some much more maintainence then their TCO will increase. Windows TCO is higher due to Viruses and Patches but their excellent backward compatibility and application support lowers the TCO. The day Microsoft gets rid of these viruses and have a secure platform (they already have stable platform with XP and 2003) then Windows TCO will dramatically redduce and i really feel that the chance of Linux that time becoming a major platform other than in developer world will diminish to ZERO, if it didn’t fix the 100s distribution issues.
Choice is good if it has a *value* and that too a distinct value. Too much choice with no value is *BAD*. Too much choice is a slippery slope and IMHO if Linux keeps going this path, it will not be able to come back with a sustained growth.
> Too many distributions is bad if they are only minor variants of existing ones and doesn’t provide true value.
Too bad for whom? For the people whose needs exactly this special distribution fits the best?
> 1. Users – who now have to make sure they everytime get a correct version of the application.
Users should stick with the applications their distributor offers. You arent able to install mac binaries on windows, so why should you be able to do that between different, competing distributions?
> I don’t want to go to the pain of reinstalling every single damn application on my box and then making all its settings.
You mostly dont have to, dont lie so blatantly.
> 2. People want software to work. Period. Software should *just* work. And to be true, it 99% of the time works fine on windows. In linux unless u get it right, it will never work.
This is pure FUD. You have either never used a modern linux distribution in your entire life, or have been simply unbelieveably stupid to mark a desired package in either Yast or Synaptic and click “Install”.
> 3. Too many incompatible distro means programmers are screwed because they have now much more burden on them. This tends to turns programmers off the platform. Reason, programmers likes to focus more on creative work rather than doing shitty work like maintaining same code for 10 different distros.
This is again, pure FUD. Name a single app which doesnt work across distros.
> Too much choice is a slippery slope and IMHO if Linux keeps going this path, it will not be able to come back with a sustained growth.
“Linux”, as you call it, is not a software company, Linux is just a operating system kernel. What you are speaking of are single Distributors. There are already many of them which limit app choice, and make sane defaults for average users. So with having _several_ companies, packaging and offering Free Software _exactly_ how you think is right, where is your problem???
Do you have a problem with “someone else” doing “something else” and packaging Free Software as they see fit? Its free software man! Its the _pure essence_ of it, to permit anyone modifying and distributing it as they see fit!
Well, to everyone saying to “use Linux binaries from 2001 and see how long it takes to get infected”
OK…
go and grab some *redhat* 7.1 ISO images here
ftp://ftp.redhat.com/pub/redhat/linux/7.1/en/iso/i386/
during the install you will see this:
http://www.redhat.com/docs/manuals/linux/RHL-7.1-Manual/install-gui…
and to let you know:
redhat 7.1 release date: (different from timestamps of ISOs) 04/16/2001. This was months before Windows XP was even released to Manufacturers.
If your article starts out, “in response to article xyz”, THEN WRITE IT IN THE DISCUSSION SECTION. That’s what it’s for. Perhaps I shouuld write an article about this idea.
Now that’s weird, because you should at least have suffered the “push” kind of worms like Blaster and Sasser.
not really, a lot of isp’s block those ports, and netbios ports etc.
not really, a lot of isp’s block those ports, and netbios ports etc.
Then his claim about running without firewall is not true.
Now I’m running linux at home and every day I see in a firewall log thousands of connection attempts to ports used for windows networking from all over the internet. I guess these come from machines infected by blaster, sassler etc..
On the other hand, I also ran windows machines without active antivirus for several years and never got a virus.
Actually I had an interesting experience just today at work. We have a Sony digital still camera ( I don’t remember exact model). This camera works only with WinXP, but all the development team work with Win2k, so we were unable to get the images. I was quite amazed to see that Knoppix detected this camera without any problems.
Just a couple of quick notes:
1) Human nature being what it is, most people will be inclined to conclude that there’s not enough choice as long as none of the available choices satisfy them. Once something satisfies them, though, any additional options are liable to be labelled superfluous and unnecessary.
2) The first piece, I believe, referred to wars that might not have been fought had religion not existed. Religion has often been trumpeted as a justifaction for war — as in the Crusades or in the medieval Islamic aggressions against northern Africa and Europe — but these wars are actually provoked by the usual secular concerns. Ideology plays the same role: Hitler, Stalin, Mao, etc., did not make war to advance their beliefs. They made war to acquire territory, secure wealth and security, etc., as did their medieval predecessors in Europe and the Arabian Peninsula. If real religious faith has had any impact at all on war, it is probably to slightly reduce the number of people willing to participate.
I don’t think it takes a rocket scientist to realize that Windows is horribly insecure out of the box (although SP2 helps quite a bit). But for those of you acting like it is impossible to run Windows on a 24/7 broadband connection without a firewall and/or virus scanner without getting infected, I have one thing to say to you:
You guys are full of shit. It is very possible and that is a verifiable FACT. And not only is it possible, it’s actually pretty easy. Of course, if you could actually see past your own religion, maybe you’d be smart enough to figure that out.
As for out of the box experience, a $40 firewall router that puts you behind a NAT will pretty much take care of those worms .. it’ll hit the router and scan it like a Windows box looking for vunerabilities, and of course it won’t find anyway.
…why people so often tend to exaggerate their comments? When you exaggerate, you risk your comment not to be taken seriously. Many times exaggerations are recieved as lies – and aren’t they that many times? (some times of course they are just meant to be funny)
…why is the word “choice” starting to sound almost like a mantra here, which, if repeated all the time, will make one happy forever. (now I’m exaggerating, but because I confess it myself, it’s not so bad :-).
…shouldn’t this standards versus choice thing be considered case by case? There is always a price to standards – that’s easy to understand. But you need a wider perspective to weigh that price. Who loses what? Who gains what? What doors does it close in the future? What doors does it open in the future? Benefits of a standard may be far reaching of their nature and it may take time for them to materialize. It seems to me that not so many people understand this. The (seemingly) simple consept of choice is much easier to talk about.
Actually, something like win98 was a lot more secure than your average redhat box of the time, because it didn’t have all these service ports turned on by default. At work, we’d set up various redhat distros directly on the internet and see how fast they’d get owned and needless to say it wouldn’t take long.
XP complicates things because it opens up various services by default and the OEMs(Dell) make it even worse, but the biggest problem is not viruses per se, but spyware and various crap that gets run because of IE and people not knowing what they’re doing. In the unlikely event that linux ever takes off on the home desktop, the same thing will happen.
In any case, the slashdweebs were out in force for this article including the article writer. Most of these idiots are in severe need of professional psychological help. But hey, as long as these dorks can pop in a mandrake CD they feel elite.
Well, it seems the other user replied to your comments before I did. I’d have to agree with him though =)
“You misinterpreted my comments and well congratulations if you 7 year daughter can install software on linux. She must be a genius.”
No, my sister definitely is NOT a genious. Anyone who cannot use Yast is also unable to install programs in windows. In fact, yast can be a lot easier. If you have a knowledgable IT staff, well than running bsd or linux on your servers *will* cut costs. Of course, a dumb Windows admin or UNIX admin are likely to raise operating costs as well as give each os a bad name.
> Too many distributions is bad if they are only minor variants of existing ones and doesn’t provide true value.
Too bad for whom? For the people whose needs exactly this special distribution fits the best?
Too bad for people trying to figure out which distro to use. It would be a lot easier if there were maybe 7 or 8 to choose from instead of like 80.
> 1. Users – who now have to make sure they everytime get a correct version of the application.
Users should stick with the applications their distributor offers.?
I have a problem with this mentality. If there are 10,000 apps for me to choose from on Linux, I don’t want to be limited to the 500 or so that my distro says I should be using. I personally don’t have a problem with choice, as long as there is good compatability throughout and everything goes on smoothly.
You guys are full of shit. It is very possible and that is a verifiable FACT. And not only is it possible, it’s actually pretty easy. Of course, if you could actually see past your own religion, maybe you’d be smart enough to figure that out.
Since you’ve been so very kind up to this moment, could you please tell me how, then? And please keep in mind that I’m talking about ppl who just use xp for everyday use on laptops and desktops and have no IT competence at all, thus the reality of facts is that they will never be always behind a firewall/router.
As to religion, I profess myself an agnostic in this field as in many others
I use both XP and Linux for a living and I like many things of windows, of wich I had enough care to avoid malware since uhm, must have been 7 years ago.
That said the thesis of the article was _not_ that Linux is more secure of windows _out-of-the-box_ because of features or smart unix security design, but more because it’s varied and thus offers a much lesser surface available for a specific attack.
Oh, and a last suggestion: calm down, we’re just talking about OSs
.
thx for a very sane comment. i am surprised that the discussion about this article even got into the windows-security direction. that really wasn’t the main point…
one thing i got out of this discussion: i do believe now that windows security is very much dependent on the provider you have. some people seemed to be able to use windows without av/firewall/nat and still not get infected. that would be downright impossible here.
well, always interesting to read the comments. if you post an article here, you will get flamed almost every time. that’s life 🙂
best regards,
christian
True, Christian
I guess it indeed might be very provider dependant, we all use the same cable provider here where I live. I’ma send ‘m a thankyou note 
.
i chose linux definitely, windows is history for me (fully patched winxp, firewall on, fully updated nod antivirus and knock-knock, “your system will restart in one minute” – noo, i don’t have the time for this)
i tried many distros but now i’m stuck with Xandros.
for a linux newbie it looks like windows, for a more experienced user here is xandros networks for installing software, and under the hood there is debian, so any “poweruser” capable of ./configure, make, make install (i prefer checkinstall
is capable to add anything he needs or tinker with cfg or rc files or what…
installation is for dummies, for one task there is one application, xandros file manager is explorers own brother and with redmond theme windows user will bet that this is win2k
and this is the best example of usability-over-choice – there is only kde 3.1.4 – but when it works like swiss clock, you don’t have to think about it… (and if you know where the choice is hidden, you can find it and choose
)
it’s not bleeding edge, but rock solid and stable like chinese government
why are you whining that there is no distro for average user with a limited number of chices? it has been here for a long time. and not only xandros, you can choose linspire, suse or many others i don’t remeber or even know.
When your wife/girlfriend spends hours in a boutique
trying this dress and that one and that one … that’s OK.
When you are taken to the army and you have no choice
about the color of your trousers this is also OK.
Thus what’s this jazz all about?
>> Too bad for whom? For the people whose needs exactly this special distribution fits the best?
> Too bad for people trying to figure out which distro to use. It would be a lot easier if there were maybe 7 or 8 to choose from instead of like 80.
People currently using windows and trying to figure out which one to use should stick with mainstream distros, or distros their acquaintances or colleagues use. Wheres the problem with that? How are they supposed to even get to know that Linux exists, when not reading about it, or see it run somwhere? Whoever they ask, what to check out as a new user, they are most probbably going to hear either Mandrake or Suse. Somebody who is interested and knowlegeable enough to wipe out a partition on their windows box, and to install a completely new operating system will most certainly know more about linux than that it has a cute mascot, dont you agree with me here?
On the other side, how would you expect a Windows user to ever switch to a Mac, if he has not only never used it, but has to pay a whola lot of cash to even try it out? Why would someone actually do that, if he had never seen a Mac? Somebody doing that would think about the “switch” for a little while, and have gathered some information together about what is to expect from the new system? So why does that not apply to GNU/Linux distros? Why do in your opinion dozens of geeky distros like Crux or Arch or Debian have to be wiped from earths surface just to not confuse Joe Users Granny in the first five minutes when she decides to try out this “Linux thingy” on a lazy sunday afternoon?
Do you really think somebody would download isos of the net, burn them, repartition their disk, and try to install a new operating system _without_ ever having read about whats he installing, what it is good for, who it is suited for, whats he gonna do with it, and anything like that? Jesus, then he/she could even be even more confused and trying to install FreeBSD or freeware Solaris, and wouldnt even know what it is!
user is starting to hati his trojan infested windows, an he heard about something called linux, so he types “linux” in google…
1, http://www.linux.org – info
2, http://www.linux.com – another info, i’m getting bored
3, http://www.redhat.com – wow! “open source leader”! hmmm, i don’t wanna pay! fedora? what fedora? but i’m not a “highly technical enthusiast”! i’m gettig bored more and more…
4, http://www.linux-mandrake.com – “friendly operating system”! i’ve got it!
5, http://www.suse.com/us – hmmm, maybe next time…
so, there is no difficult choice for the linux newbie. and what if mandrake fails? maybe the user tries windows one mor time, but now there will be a little bug digging in his brain “maybe the another linux will be right for me”
the linux has you
case
so, there is no difficult choice for the linux newbie.
Well, let’s see, there is …
1. Lycoris
2. Xandros
3. Linspire
4. Mandrake
5. Fedora
6. Suse
And those are just the ‘newbie friendly’ distros that I know about, and certainly some of these are duplicating each others efforts.
Cheapskate
or these kinds of people there is Windoze & all the marketing hype that goes with it such as third party firewalls, anti-virus, and lots of other expensive propiority software
Yeah right, firewall and antivirus software are freely available. And anyway, we should know by your name how you feel about paying for software regardless of how good it is.
>> So, there is no difficult choice for the linux newbie.
> Well, let’s see, there is …
The newbie should either just take the first one, and test it, or just ask somebody.
> And those are just the ‘newbie friendly’ distros that I know about, and certainly some of these are duplicating each others efforts.
Efforts to achieve exactly _what_? To overthrow Microsoft? Are you dreaming? I doubt that anyone in these companies wet dreams about really questioning Microsofts desktop dominance. Hell, not even the billion heavy Apple does this. Whats so bad about having its own market and developing for that? Cant you dream about something slightly less than “total world domination”? Act less crazy than Ballmer does?
Each of these companies packages free software and tries to make their own money doing that. Among each other, and inside the infinitesimal Linux desktop market, these distributors are _competitors_, as are a great number of other companies. Each one tries _the best_ to make their product, so tell me _who_ should be the one who decides what companies will have to be closed down, to dissapear as competition for the one left over?
Requiereing companies investing so much and doing so much for the Linux Desktop to close completely down, defect to next bigger competition and to stifle their own ideas for some never to be achieved “higher goals” must be some of the most unworldly “rejoice and unite, comrades” leftist crap ever to be written on the OSNEWS boards.
Requiereing companies investing so much and doing so much for the Linux Desktop to close completely down, defect to next bigger competition and to stifle their own ideas for some never to be achieved “higher goals” must be some of the most unworldly “rejoice and unite, comrades” leftist crap ever to be written on the OSNEWS boards.
Please. If you have two distros that are offering the same desktop enviroment(s), the same applications, and the same (or very similar) package manager, you have two distros that are duplicating each other’s efforts.
If you’ve got something really innovative in your distro that clearly seperates it from all the others, then more power to you. But if the only difference between your distro and somebody else’s is the version of emacs you’re including, perhaps it’s time for one of you to give it up.
Just to be fair, I’m not just limiting my last comment to Linux or its distros, because Windows has the same problem. For example, if I want to install an FTP program in Windows, I’ve probably got at least 25 from which to choose from, 90% of which are pretty much the same. I opinion is that if you’re going make an application, website, or anything else for public consumption, don’t waste my time by creating more ‘me too’ crap. If you’re going to make something, then make it better or at least different from everybody else.
I opinion is that if you’re going make an application, website, or anything else for public consumption, don’t waste my time by creating more ‘me too’ crap. If you’re going to make something, then make it better or at least different from everybody else.
I imagine that most of the programers of those 25 FTP programs “90% of which are pretty much the same” did think they were making it better or different from what was out there.
Maybe they couldn’t find an FTP program for free at all. Maybe their version is faster, easier, or more secure than the ones they did find. (Or maybe they just thought it was.) Maybe they wanted one written in Java so it would run on any platform or maybe they were just learning a new language. All of these things seem like acceptable reasons to write your own FTP application if you have the skill to do so.
The point is why do you want to prevent someone from writing a program just because there are similar ones out there. If too much choice is confusing to you then only download and use the highest rated one on some website. Or ask a friend who uses FTP a lot. Or maybe try one for a while and then another, etc. until you find one that works the best for you. If they really are all that similar then it doesn’t matter which one you use… just download one and use it.
So what if a version gets only 0.2% market share. According to the Computer Industry Almanac, there are almost 1 billion users online. ( http://tinyurl.com/2732k ) So even such a small market share would mean that 200 million people benefitted from that particular FTP app. Besides, if one has .2% market share and one has 90%, guess which one hackers are going to target. If for some reason they target the tiny market share app the other 99.8% of us win.
I guess I just don’t see the problem.
This is a very good article. Good arguments about choices. I use KDE on Mandrake at home and GNOME on Fedora at work. It really feels good to have to different systems (look and feel wise) allowing you to do similar things at home and in office.