The Ubuntu Experience: Adventure in Motion

[Repo Man]

It's free. It's ridiculously customizable. You can venture into the deepest darkest dodgiest places on the internet without fear of catching a nasty digital disease (please don't read into that too much, I'm actually a pretty normal guy). In other words, you don't have to do things like spend time perusing av-comparatives.org in order to figure out what anti-virus software you should be using these days. Spyware is also a non-issue. Software is stupidly easy to install, and when you're looking for a particular application, you don't have to worry about potentially wasting your time installing something only to find out that the developers definition of "free" was actually synonymous with "crippleware". Further, hunting around for drivers is, the vast majority of the time, unnecessary. That's just some basic stuff for starters.

Linux is, for me, about freedom. Freedom from a long list of annoyances, but more than that, just freedom in general. I like to tinker, and I take issue with anyone who tries to dictate to me how I should be using my PC. Now that I've experienced this freedom; now that I've embraced it, there's just no way I could go back. No way at all. And given that Linux and it's associated software have matured to the point where the available desktop environments are both very usable and visually appealing, I don't feel tempted to in any way, shape or form.

That said, I've been using Linux since Red Hat 5.1, so I've got enough experience to fend for myself in the Linux world. The inexperienced user on the other hand will almost invariably, at some point, end up staring seemingly insurmountable challenges in the face in the course of trying to solve some particular problem, which might (understandably) put them off. But solutions are out there, and the community is, for the most part, a really good one in terms of offering assistance to new users. If you want to give Linux a real shot, for whatever reason, you just need to be prepared to dig in for a while. Some of the best rewards are on the other side.

The irony of this is that I've had almost no problems with viruses or spyware on my own Windows machines. But my friends and relatives have given me lots of experience in scraping the latest Win anti virus nuke ware off of their machines. They are the people that I would like to set up with virus and spyware proof machines; but the same lack of understanding of how to avoid getting spyware in the first place makes trying to set them up with some sort of Linux machine impossible. I've toyed with the idea of trying to move my mother to Windows 7 from XP, but I've come to the same conclusion every time I've contemplated it - there is no way it would be worth all of the bitching and moaning. Her cat managed to hit the F11 key last time I was at her place, and she was freaking out at me about how I had "Changed everything around".

As far as expense goes, I never paid for Windows until the release of Windows 7. My own limited experience with Red Hat, and an Ubuntu release from about four years ago bored me to tears. I understand Windows, and it does what I want. I don't have anything driving me to learn Linux.

 

[Tiassa]

Constraint and Necessity

This is RPM base rather than DEB and is a Red Hat Derivative rather than Debian. It's a bit different of a distro than Ubuntu. I don't have a PPC so I can't attest to it, however I use Fedora from which its based on.

I looked into Mint, Fedora, and ... uh ... a couple of others. (Damn, which ones? Doesn't matter.)

At any rate, I think in the end, because this is such an old machine, Xubuntu is the most likely outcome. Fedora and Mint have heavier system requirements that will leave the G4 tower gasping and stuttering.

Generally speaking, it should be smooth sailing with these system requirements.

 

[Rav]

I understand Windows, and it does what I want. I don't have anything driving me to learn Linux.

Which is, of course, completely fair enough. I hope my comments didn't come off as zealously evangelistic; they were merely designed to provide some encouragement to someone who already had an interest.

 

[michael_taylor]

So, tell me what's so good about it.

The supposed advantage is that the owner of a computer is allowed to use it how they see fit, rather than being restricted to the subset of things a corporation tells you to use it for.

I quite agree that's not an advantage to most people though. A web browser on a games console through a hd display would suit many people just as well.

 

[Tiassa]

An interesting Ubuntu experience

An interesting Ubuntu experience:

I'm currently experiencing an issue with the Thunderbird mail client, but that is likely user error; I've spent maybe ten minutes fretting about it, since I'm still getting my email on my Apple client. It should be easy enough to figure out once I put my mind to it, but yes, it's a bit frustrating to be having the problem at all—the default settings for a Gmail account don't seem to be correct, and my one attempt to manually set the POP server has failed. I'll restore the defaults and work from there.

When I first set up the Thunderbird client, it downloaded only the newest, most recent emails from my Gmail account, all of about two. And then it stopped downloading anything.

Checked the settings, didn't recognize the POP server name, so I double-checked with my Apple Mail client; they were different. I tried setting the POP server in Thunderbird to match the Apple Mail listing. No go. Shrug. Forget about it. I still have the Apple Mail; I'll figure out the Thunderbird issue later.

You know .... Whatever.

I ran some updates the other day, and then some more yesterday. I don't pay much attention to the actual updates inside the bundle; it's not as vital with the Linux box as it is with a G5 that Apple is desperately trying to make obsolete.

Thus, I can only say the updates are coincidental, but when I dove back into Thunderbird yesterday to try to figure the problem, it properly downloaded all the emails it had missed since it stopped working. Seems to be running fine, now.

Obviously, I love it when things work out that way.

Meanwhile, I cannot specifically say it was the Linux community saving my Thunderbird with updates. Nor can I say the Ubuntu folks did it. Nor can I say that Mozilla did it. But things rarely happen that way with Apple, and I can't recall ever hearing that they work that way with Microsoft; of course, as a Windows avoidance user, I wouldn't necessarily hear about something like that, so ... yeah.

Funny thing is, I forgot to look through the settings to see if anything else changed. I'll check into it later today. It's hard to break old habits, and I probably won't be using the Linux box as my primary until I get another Apple keyboard and change the system settings. No, really, as so much of my computer use is writing—as opposed to, say, video editing, torrent file-sharing, or whatever else—I very much miss the keyboard. Losing my bullet points and long dashes cramps my style, baby.

 

[Chipz]

The keyboard and mouse are the most undervalued parts of computer system despite being the only mechanism in and out of the digital world. People are perfectly content to tolerate poorly crafted rubber domed keyboards. Apple does make a lot of keyboards which are pretty nice and they ued to make a lot nicer ones before the complied to some Windows standard conventions.

For some time I've used this:

And I can barely get work done without it. The mechanical spring keys...the perfect key indent...the CONTROL key where the worthless CAPS look invaded 15 years ago. A good keyboard is like a precisely aligned sight...or a perfectly weighted pen. It's a necessity for anyone serious.

 

[Tiassa]

On nukeware

The irony of this is that I've had almost no problems with viruses or spyware on my own Windows machines. But my friends and relatives have given me lots of experience in scraping the latest Win anti virus nuke ware off of their machines.

Two cents on that.

My brother, a technical writing manager for a tech firm—I don't know quite how to describe this company, as it has virtually no direct competition, though its approximate orbit crosses paths with some major players in the network solutions hardware market—runs a Windows machine for his personal and has Ubuntu on his company laptop. It's the Windows machine that is important here.

He runs a couple of defensive applications, namely a certain, well-known anti-virus program that can be legally and easily obtained for free, and a certain firewall that can also be obtained legally and easily for free.

It's a strong frankenstein computer that he's been running and upgrading for years. The actual tower box is over ten years old.

Security problems with that machine over the years? Zero.

To the other, of course, of the computers owned by family, friends, and other associates we've been asked to take a look at over the years—neither of us are professional tech repair geeks, and I'm not even a proper geek in any technical sense—the ones that weren't simply obsolete (i.e., all but a couple) all had "the latest Win anti virus nuke ware", including products you might see advertised on television. My opinion of those products is that they should be strenuously avoided, as part of their mission is to create their own market. I would not be surprised if, after a properly geeky state attorney general finds a reason to investigate, it turns out that half of them infect your computer when you go to their website for the free evaluation.

With so much reputable free security software available, I wonder why anyone would buy the extended anti-spyware/malware packages that, in my limited experience as one of the people who occasionally hears, "Oh, hey, you know computers ... can you help me?" seem to cause more problems than they solve.

A Windows machine can be very easily secured, and for free. After that, the only thing a user has to do is learn how to tell the firewall to let the AV software update its definitions.

Ooh. Scary, scary.

Yeah. The "nukeware"—I like that term; did you coin it?—should be avoided. Period.

 

[Repo Man]

Yeah. The "nukeware"—I like that term; did you coin it?—should be avoided. Period.

As far as I know, I've never read it anywhere. It just came to me as I was typing that up, because some of these infestations make your computer so non functional, it's hard to know just what the writers of this malicious software hope to achieve, other than nuking your computer. Of course, they do get some people to pay them for the privilege of making your computer slow to a crawl. My boss at work actually paid for an older version of this garbage a few years back. I occasionally do this on the side for people, and I work cheap; as a result, I wasn't going to kill myself trying to fix his Windows installation, and I gave up and formatted it and reinstalled.

If anyone reading this does not already know, if one of those fake virus scanners pops up on a Windows box that you are using, immediately hit control alt delete, and use task manager to close your browser. Do a virus scan, and consider getting the free version of Malwarebytes, and doing a scan with that.

 

[Repo Man]

Which is, of course, completely fair enough. I hope my comments didn't come off as zealously evangelistic; they were merely designed to provide some encouragement to someone who already had an interest.

No, that's fine, I though you gave a good explanation as to why Linux operating systems appeal to some people.

 

[Syzygys]

OK, so I got again into Linux mode again. I fired up one of my older laptops, just collecting dust.It has some vertical line display problem, but otherwise it was OK. It had Ubuntu and Mint 8 on it. Ubuntu didn't want to work with the wireless, but Mint 8 was fine, although a bit sluggish. I checked the memory, and it only had half G.
I opened up another old, dead motherboard laptop and put its 3 G memory into this one. Voila! Mint 8 is running like crazy, speed is over 10 Mbps.

Now of course, life is not so simple. I tried to install Chrome and I got an error message. This being Linux, I said fuck it, FF and Opera are still fine.

Then I looked at the updates and there were 83. I tried to install them, again, error message. Fuck Linux sideways, do I really need a stupid update??? The internet is working, that is what all matters, so I am happily cruising with a renewed laptop, 15", still better than the little netbook with its 10" display.

So this is my general approach to Linux, if it doesn't work, switch to something else and don't waste time trying to tinker with it. I still have no idea why Ubuntu wireless wasn't working, but I don't care and I like Mint better anyway....

Linux is like a car, it takes you from point A to point B (internet). You might like how shiny it is or that you can costumize it, but eventually most likely you will use it for internet browsing, so all the whistles are irrelevant after all...

 

[Syzygys]

So how is the experience going?

I installed Linux Mint 10 from a USB stick to fix GRUB loading problems on 2 laptops, and it is working fine. Mint is at version 12 right now, but this was the latest version showing up on Unetbootin that's why I went with it. Probably nice and stabil too, some people go with the newest version but they usually have a few problems in the first few months.

So if I have to use anything Linux, I will always stick to Mint, with Ubuntu I had too many problems, missing drives and such. Mint works right out of the box, and that is all I ask for...

 

[Syzygys]

<rant mode on>

Silly me, I used Linux again. Since the FF video was jerky, I thought, maybe Chrome would play it smoother. Guess what? I couldn't even install Chrome!
I have found a guide how to fix the bug and be able to install Chrome, but couldn't follow it. Alright, fuck Chrome, I installed Opera. I was able to install and run it, although it didn't add itself to the available browsers, in short, the download wasn't the usual easy and smooth process.

Anyhow, the jerkiness of video playback stayed the same, so I checked the download speed. It was fine at 14 Mbps. When I went back to XP, the speed was much less, just 9 Mbps, nevertheless the video play (Youtube) was much more enjoyable.

Alright, usual Linux rant is over, going back to good old XP...

<rant mode off>

 

[steampunk]

Tiassa,

I've been a Mac, Windows and Linux user. Linux for the past six years.

I've tried several flavours of Linux on several different hardware. Hands down, Mint is your best bet for hardware compatibility and user-ability. It's based on Ubuntu, the most popular for a reason, but it's enhanced so the user gets a better experience during install and use.

I would recommend Mint 10 or 11, because the new direction Ubuntu has forced things into a not-as-intuitive-interface. I would suggest letting them mature their new stuff before committing to it.

I would not suggest using KDE unless there is a program that demands it that you are installing. Gnome is your best bet until they get the new stuff up to snuff.

Security Issues. You are most likely running with your root account enabled, unless you disabled it. What does that mean? A person can remotely sign into your computer who knows the default password Ubuntu gave it or knows how to hack it. This means your system can be fundamentally altered. Root access is better than the best Trojan. How do you check? Run this command:

sudo cat /etc/shadow/

You will see the following (I've clipped some output):

root:*:15435:0:99999:7:::
daemon:*:14889:0:99999:7:::
bin:*:14889:0:99999:7:::

Where it says root, you probably will not have an asterisk. You will have bunch of text that is separated between two colons. That is the root password encrypted. You have open the file with this command:

gksudo gedit /etc/shadow

and make it look my line by putting an asterisk in place of the encrypted password. This will disable the root account. You don't need it because your admin user can do everything anyway with the sudo command. Your admin user, the user you created when you installed, should not be used online unless you are installing software. You should make their password at least 35 digits in length and change it occasionally.

If you don't do this, then just considered when you connect to the Internet that you are at serious risk of being totally owned.

Keep in mind that any file in an account you go online with is readable, writable by some websites you connect to. So, create a new account that is meant only for online use. Do not store private files in it or they can be read, modified, even deleted by some websites. Keep private file on separate hard drives, DVD, memory sticks or other accounts. Encrypt these accounts and drives for more security. When you create a new user, you will be asked to check a box to encrypt the account. To encrypt hard drives or memory stick you can use TrueCrypt. TrueCrypt drives are compatible with Windows, Linux and Mac.

Your online account should also not have root privileges. That means when you create a new user, do not give them admin privileges. Why? A website that hacks your account (which is not hard) has the same privileges as they user you are connecting to the Internet with. So, if you sign on with a user who can modify any file on your computer (admin privileged user), if you are hacked by a website using this privileged user, they can permanently and fundamentally alter aspects of your system. Again, you'll be owned.

The best support you will find is at Ask Ubuntu. You will not find a forum that will answer as quick and be as helpful. If you use Mint, it's still Ubuntu with an interface spin.
http://askubuntu.com/

As far as your Mac, it looks like you may want ask some questions here:
http://mac.linux.be/

 

[Chipz]

I would not suggest using KDE unless there is a program that demands it that you are installing. Gnome is your best bet until they get the new stuff up to snuff.

Most of the things you said were on the border-line of acceptably true and ignorant, this one in particular rubbed me the wrong way. New stuff in KDE? KDE is in version 4.8 and has been just as stable as any other X for at least 3 years. In fact, KDE 4.8 is probably the most stable and maliable X manager available today since Gnome has only in the past year moved into a new major release version.

If you don't do this, then just considered when you connect to the Internet that you are at serious risk of being totally owned.

This one is simply flat out false. For one; yes, perhaps someone wants attack root access to your system... so what? Not sure what Ubuntu is packing up these days, SELinux? That was crafted by the US Department of Defense. If someone wants to circumvent it, you must have something seriously valuable....in which case you're probably not using Mint.

Keep in mind that any file in an account you go online with is readable, writable by some websites you connect to.

100% False. Nearly all modern browsers sandbox OS interface actions. These browsers are 100% jailed inside a virtual directory. If you can break that jail, I'm sure you can make $10,000 dollars telling Symantec how.

Encrypt these accounts and drives for more security. When you create a new user, you will be asked to check a box to encrypt the account. To encrypt hard drives or memory stick you can use TrueCrypt. TrueCrypt drives are compatible with Windows, Linux and Mac.

NO! Encrypted drives have up to 15% slower access rates and eat up your CPU. If you have an old system, this is a BAD idea. And in any case, encrypting a password-less drive only works if you've configured such that your keys are on a fab.

 

[steampunk]

Most of the things you said were on the border-line of acceptably true and ignorant, this one in particular rubbed me the wrong way. New stuff in KDE? KDE is in version 4.8 and has been just as stable as any other X for at least 3 years. In fact, KDE 4.8 is probably the most stable and maliable X manager available today since Gnome has only in the past year moved into a new major release version.

I don't think Gnome has been the most popular by coincidence over KDE. My experience has confirmed Gnome is better. Gnone is used more often in the most popular Linux distros over KDE hands down.

This one is simply flat out false. For one; yes, perhaps someone wants attack root access to your system... so what?

A person having root access means you no longer have control over your computer. There is nothing false about that. What don't you get about root access? It's easy to prevent. If it's not prevented, it's one more way that is allows an attacker to have total control. Every website owner knows this through general principle of privilege de-escalation once their server is up and running. Not only is this a basic protocol for a web server, it applies to any account you may be using to connect to the Internet. The protocol is to run all your root stuff, then drop to a user with the least privileges. You generally don't need root when you are online unless you are performing updates or installing software from the repos.

100% False. Nearly all modern browsers sandbox OS interface actions. These browsers are 100% jailed inside a virtual directory. If you can break that jail, I'm sure you can make $10,000 dollars telling Symantec how.

Well, you not concerned about protecting the root account. So, did you know root can access that sandbox with no limitations? Where's my $10,000?

This sandboxing you talk about is not 100% protective. There is more than one exploit that circumvents this sandboxing. For example, sniffing attacks are available on all platforms. Browser extensions escape the sandbox. There are some dirtly little secrets with web languages. Chips, giving someone false security is bad advice. For those who might be listening, don't keep private files on the account in which you sign in. It is not a big inconvenience just to have two accounts: one for offline use with private files and one for online use, no private files. If have to send sensitive info, you should encrypt it before it is accessible the account on which you send it. Don't rely on this sandboxing nonsense. Sandboxing also requires root privileges, which could facilitate a root exploit.

An example of private files might be a diary, a proprietary project, project files from your place of employment, etc. For those in countries that who under oppression by brutal dictators, you especially have to watch what is on your home drive of your online account.

NO! Encrypted drives have up to 15% slower access rates and eat up your CPU. If you have an old system, this is a BAD idea. And in any case, encrypting a password-less drive only works if you've configured such that your keys are on a fab.

Even if 15% causes you such a problem, you will have other problems running software as well. It's time to get a faster computer.

I never talked about passwordless encryption.

Obviously you support ways that make it easier to exploit a users system.

 

[Tiassa]

I'm enjoying the hell out of it

So how is the experience going?

It's actually going fairly well. I need to make a couple small changes, like getting an Apple keyboard and resetting the OS specification to accommodate it. Like the whole long-dash thing--I know it's a petty issue, but I can't stand using the two standard dashes. That and bullet lists; I miss my option-dash and option-8 keystrokes. (And option-shift-8, for the degree symbol, which I use for endnotes; I would have used one for this parenthetic note, except, well ... right.)

Big deal, I'll get to it more later; meanwhile, my Apple tower still suffices, so I do most of my posting and social media on that machine, for the time being.

Meanwhile, I haven't really delved into the command terminal and proper, text-based Linux operation. I intend to, but I've been a bit distracted of late; I'll probably dive in come summer.

The big difference now is that watching video online is not a pain in the ass. Again, it seems like a petty issue, but my Apple is a G5, not an Intel; it is the first Apple I've had that can run YouTube reasonably well, but other Flash-based video applications, via Vimeo, DailyMotion, and so on, were always pretty slow.

What kills me about it all is that, even though I was never a programmer, using Linux is a bit like I remember computers, except that I've forgotten. It's been so long since I had a reason to type, "cd ..", or "dir", &c., that I still trip over differences I never should--do I put a space before the two periods? do I use a backslash, or will a forward slash suffice?

In the long run, I adore the idea of a computer that costs a third of what an Apple machine does, runs faster, has better video, and doesn't run Windows.

Now I just need to go back and clean out my font library. In search of replacements for Palatino and Book Antiqua, I've ended up with about two-hundred typefaces I'm never going to use.

Thus, the experience so far has been pleasant enough from an end-user standpoint. The upgrade to Pangolin went about as smoothly as one could ask.

And the software library? Good heavens. I'm so accustomed to saying, "It's Apple, there is no software for that." Now it's like, "Well, it's Linux, and a whole lot of it is free ... I wonder if they have ....?"

And more often than not, they do.

When it's time to get my daughter a computer of her very own, it's probably going to be a custom box packed with goodies and running one or another Linux variant.

But, yeah, I haven't really begun to explore the full potential of a Linux system.

 

[steampunk]

And the software library? Good heavens. I'm so accustomed to saying, "It's Apple, there is no software for that." Now it's like, "Well, it's Linux, and a whole lot of it is free ... I wonder if they have ....?"

If Linux doesn't have it, Linux may still be able to run it. Wine allows you to run many Window software programs. I run Photoshop, Illustrator, Manga Studio EX, Maxon and several others. There are several Windows games that run on Linux as well if you have teenagers that love games. Many Windows online games work flawless on a Linux box.

In order to find out if specific app runs on Linux, see the Wine database at it's headquarters for Wine here http://appdb.winehq.org/

 

[Chipz]

Well steampunk. As a man who has contributed Red Hat Software, and Linux systems for over a decade, your attitude seems a bit disingenuous.

I don't think Gnome has been the most popular by coincidence over KDE. My experience has confirmed Gnome is better. Gnone is used more often in the most popular Linux distros over KDE hands down.

So what? This may be before your time, but when KDE 4 came out it was a disaster, and similarly the early KDE3 series was poor. Why is Gnome the default? Well more than a decade ago Qt was licensed in a way which was not acceptable to GPL licensing, therefore every distro which had its genesis in the 90's and early 2000's was forced to use GNOME or similar created X systems like LXDE. Because people are reluctant to change, this fact has no changed for more than a decade (for better or worse). I personally loved the old Gnome2 design and I used it as my primary desktop, but I never hated KDE. In fact KDE and Qt in general creates a beautiful product which its developers should be proud of, and it offers features not even considered in the most modern GNOME interfaces. I don't care if you prefer one to the other, but let's not lie... KDE is a legitimate interface.

A person having root access means you no longer have control over your computer. There is nothing false about that. What don't you get about root access? It's easy to prevent. If it's not prevented, it's one more way that is allows an attacker to have total control. Every website owner knows this through general principle of privilege de-escalation once their server is up and running. Not only is this a basic protocol for a web server, it applies to any account you may be using to connect to the Internet. The protocol is to run all your root stuff, then drop to a user with the least privileges. You generally don't need root when you are online unless you are performing updates or installing software from the repos.

If your application is run as sudo and is provided the proper umask does it matter? What effectively is the difference? Well, I run around 30 web-servers in a distributed web environment using a mix of nginx and Apache, I have no idea what it is you're trying to say. Of course, system services run under different group id's which either specified gid & uid or in rare case unrestricted access. So? Disabling root to your system helps nearly nothing in terms of security. There has only ever been TWO valid arguments for disabling root.

a.
You want to obfuscate legitimate access to outside users.

b.
You want to prevent idiots from harming themselves.

Well, you not concerned about protecting the root account. So, did you know root can access that sandbox with no limitations? Where's my $10,000?

Okay? So what? No web application can even theoretically run under such permissions, by what mechanism could it even theoretically drop down the permission scheme of root? If Chromium developers put this into their code, you couldn't even run the browser without typing SUDO. And by the way, this is the stupidest argument you've given yet. No one is saying outside users can't access a sandbox, 'JAILING' is about keeping people in...not out. Please write me the Javascript which can break modern virtual jails...when you can do that...we have a problem.

This sandboxing you talk about is not 100% protective. There is more than one exploit that circumvents this sandboxing. For example, sniffing attacks are available on all platforms. Browser extensions escape the sandbox. There are some dirtly little secrets with web languages. Chips, giving someone false security is bad advice. For those who might be listening, don't keep private files on the account in which you sign in. It is not a big inconvenience just to have two accounts: one for offline use with private files and one for online use, no private files. If have to send sensitive info, you should encrypt it before it is accessible the account on which you send it. Don't rely on this sandboxing nonsense. Sandboxing also requires root privileges, which could facilitate a root exploit.

"Sniffing", are you an idiot? What on earth does this have to do with anything? Do you understand the basic protocols under which browsers implement virtual environments for their pages? Virtual sandboxes are as I understand it more-or-less memory mapped, this has been the complaint of Kernel developers for a while now, as VM requirements have skyrocketed with the expansion of memory requirements in web runtime environments.

An example of private files might be a diary, a proprietary project, project files from your place of employment, etc. For those in countries that who under oppression by brutal dictators, you especially have to watch what is on your home drive of your online account.


Even if 15% causes you such a problem, you will have other problems running software as well. It's time to get a faster computer.

I never talked about passwordless encryption.

Obviously you support ways that make it easier to exploit a users system.

Well, do I 'support' ways to make it easier to exploit systems? No. But I do believe there's a level of reasonable behaviour for a user within a given context. As I said...I work on Linux systems for a living and I understand security. But the security measures you mentioned are bordering on paranoia with virtually no legitimate return in inaccessibility to private information.

That being the case, I have to assume the following:
- You're genuinely interested in Linux.
- You're perhaps overly concerned with security.
- You should probably move to BSD.

 

[steampunk]

So what? This may be before your time, but when KDE 4 came out it was a disaster, and similarly the early KDE3 series was poor. Why is Gnome the default? Well more than a decade ago Qt was licensed in a way which was not acceptable to GPL licensing, therefore every distro which had its genesis in the 90's and early 2000's was forced to use GNOME or similar created X systems like LXDE. Because people are reluctant to change, this fact has no changed for more than a decade (for better or worse). I personally loved the old Gnome2 design and I used it as my primary desktop, but I never hated KDE. In fact KDE and Qt in general creates a beautiful product which its developers should be proud of, and it offers features not even considered in the most modern GNOME interfaces. I don't care if you prefer one to the other, but let's not lie... KDE is a legitimate interface.

You are being over sensitive about KDE. I never put it down as bad, I just implied Gnome worked better for me and it seems other have felt the same by pushing it more often than KDE. I actually like KDE quite well when I used it, found it more intuitive in several ways, but it just crashed way too much for me to seriously use it. When the gui messes up and effects data you are working on to the point you begin loosing work, it can be very frustrating. The only reason I decided against it. But I will admit, each time, it's gotten better. Kubuntu was my last try, but Ubuntu stopped funding for it. I can see why atleast from my point of view in terms of KDE. I don't know if KDE was why, but it certainly is why I didn't use it.

There has only ever been TWO valid arguments for disabling root.

a.
You want to obfuscate legitimate access to outside users.

b.
You want to prevent idiots from harming themselves.

I'm not clear on what you mean by obfuscate legitimate access.

But, it's certainly stupid to leave an account enabled, where this account has the ability to fundamentally alter any part of your system and the only thing stopping this access is a password.

As far as 'preventing idiots from harming themselves', I think you are calling people idiots because you are arrogant. I think arrogant people are stupid. People may try and use root to get things done. They may make a few mistakes they regret. They learn from their mistakes. They become wiser computer users. They are not idiots. They are humans who evolve their intelligence.

Okay? So what? No web application can even theoretically run under such permissions, by what mechanism could it even theoretically drop down the permission scheme of root? If Chromium developers put this into their code, you couldn't even run the browser without typing SUDO.

user id

And by the way, this is the stupidest argument you've given yet. No one is saying outside users can't access a sandbox, 'JAILING' is about keeping people in...not out. Please write me the Javascript which can break modern virtual jails...when you can do that...we have a problem.

I don't don't need to tell you that. You are too arrogant. But, I will say this much, Javascript can easily be tied to system services to perform all kinds of root exploits. This is like beginner shit. I learned in in the first two weeks of Javascript.

"Sniffing", are you an idiot? What on earth does this have to do with anything? Do you understand the basic protocols under which browsers implement virtual environments for their pages? Virtual sandboxes are as I understand it more-or-less memory mapped, this has been the complaint of Kernel developers for a while now, as VM requirements have skyrocketed with the expansion of memory requirements in web runtime environments.

Well, I don't have the time to educate you on how close things ride to one another inside a computer. Sniffing is an abstract term. When you get close to something, and you know how it's connected to another thing, you begin to get more than some may think you can. When I was learning web programming, I stumbled upon some exploits because I was doing something honest. I certainly won't broadcast them because I know how many shitty people there are and I know these things are too established and will not go away. I will say, don't trust a browser ever in an account with personal files on it. It's not a big inconvenience either. Just make a fricken online account for on-line use only and don't give it root privileges. That will save lots potential trouble that easy hacks that I stumbled upon can take advantage of.

Well, do I 'support' ways to make it easier to exploit systems? No. But I do believe there's a level of reasonable behaviour for a user within a given context. As I said...I work on Linux systems for a living and I understand security. But the security measures you mentioned are bordering on paranoia with virtually no legitimate return in inaccessibility to private information.

So, if I make a file inaccessible physically to you, that is paranoia? If say, 'disable the account that is god on your computer', that is paranoia? Don't mind me, I'm atheist, I hate god.

Don't pretend you know everything about a browser. You've obviously don't. Neither does Symantic. Exploits are discovered and broadcasted in the news on a regular basis. With this in mind, an offline account for offline use and an online account for online use, keeps things disconnected, physcially disconnected if you use two computers. It's a great idea, better than any virus software you can buy, or sandbox root exploit bullshit.

That being the case, I have to assume the following:
- You're genuinely interested in Linux.
- You're perhaps overly concerned with security.
- You should probably move to BSD.

Nope. I don't need the Mac solution. I have physical account separation, the best security. An online account and offline account will do me just fine. Anyway, the X window system if full of security holes and needs to be abandoned or redesigned from the ground up. BSD is laughable when you consider X. Everything is sniffable in X. Even root. Windows has the best solution so far, but still sniffable.

 

[Chipz]

You are being over sensitive about KDE. I never put it down as bad, I just implied Gnome worked better for me and it seems other have felt the same by pushing it more often than KDE. I actually like KDE quite well when I used it, found it more intuitive in several ways, but it just crashed way too much for me to seriously use it. When the gui messes up and effects data you are working on to the point you begin loosing work, it can be very frustrating. The only reason I decided against it. But I will admit, each time, it's gotten better. Kubuntu was my last try, but Ubuntu stopped funding for it. I can see why atleast from my point of view in terms of KDE. I don't know if KDE was why, but it certainly is why I didn't use it.



I'm not clear on what you mean by obfuscate legitimate access.

But, it's certainly stupid to leave an account enabled, where this account has the ability to fundamentally alter any part of your system and the only thing stopping this access is a password.

As far as 'preventing idiots from harming themselves', I think you are calling people idiots because you are arrogant. I think arrogant people are stupid. People may try and use root to get things done. They may make a few mistakes they regret. They learn from their mistakes. They become wiser computer users. They are not idiots. They are humans who evolve their intelligence.




user id



I don't don't need to tell you that. You are too arrogant. But, I will say this much, Javascript can easily be tied to system services to perform all kinds of root exploits. This is like beginner shit. I learned in in the first two weeks of Javascript.



Well, I don't have the time to educate you on how close things ride to one another inside a computer. Sniffing is an abstract term. When you get close to something, and you know how it's connected to another thing, you begin to get more than some may think you can. When I was learning web programming, I stumbled upon some exploits because I was doing something honest. I certainly won't broadcast them because I know how many shitty people there are and I know these things are too established and will not go away. I will say, don't trust a browser ever in an account with personal files on it. It's not a big inconvenience either. Just make a fricken online account for on-line use only and don't give it root privileges. That will save lots potential trouble that easy hacks that I stumbled upon can take advantage of.




So, if I make a file inaccessible physically to you, that is paranoia? If say, 'disable the account that is god on your computer', that is paranoia? Don't mind me, I'm atheist, I hate god.

Don't pretend you know everything about a browser. You've obviously don't. Neither does Symantic. Exploits are discovered and broadcasted in the news on a regular basis. With this in mind, an offline account for offline use and an online account for online use, keeps things disconnected, physcially disconnected if you use two computers. It's a great idea, better than any virus software you can buy, or sandbox root exploit bullshit.



Nope. I don't need the Mac solution. I have physical account separation, the best security. An online account and offline account will do me just fine. Anyway, the X window system if full of security holes and needs to be abandoned or redesigned from the ground up. BSD is laughable when you consider X. Everything is sniffable in X. Even root. Windows has the best solution so far, but still sniffable.

I'm still waiting for even the most modest Javscript exploit. Until you can provide it, you're not much more than a crackpot.