Slashdot Mirror

I've got a lot of other problems with debian which prevent me from using it. However, their security track record is not really one of them. Given the huge project with a very large number of machines and developers, and their long track record with very few incidents, I don't think it's fair to pick too much on this one.

That, and Gentoo is hardly immune to this sort of thing either.

See Bug 122337.

You don't say what distro you're using, but try here

From a fellow Gentoo user, here is the scoop as I see it:

Reiser 4 hasn't been in the main Linux kernel for political reasons; however, apparently it is fairly stable. You can find patches to add Reiser 4 to a stock kernel, or you can get a modified kernel that has the patches already applied. A quick glance revealed the Beyond Sources on the Gentoo forums - these sources are done by the same guy who used to work on the Nitro sources, which aren't being maintained anymore. Here's a link:

http://forums.gentoo.org/viewtopic-t-466778.html

This stuff is generally considered too "unstable" to add to portage, so if you want to try it, add it to your overlay.

...and how many small-time uploaders will have their videos pulled and their revenue frozen for people clicking their adverts too many times?

> I use Gentoo on my toaster and it runs great. In about 13 years it will have finished compiling Bash

Go and read something about Gentoo Embedded and stop trolling!

As far as network drivers in particular go, the layers that use them, such as IP, live in the kernel, so it's rather annoying for them to talk to drivers that are up in user space. Specific network cards, especially wireless, might have bits that live up in user space, such as user interfaces for loading in crypto keys, but the bulk data transfer applications normally belong down in or near the kernel.

Why are there a whole pile of network card drivers in the kernel when you'd normally use only one or two? Same reason there are a whole pile of drivers for other devices in the kernel, when you've normally only got one graphics card and one sound card. If you're shipping a pre-compiled kernel, you want it to support as many different users as possible, and all it costs you is some RAM to store the code you're not using, or if you can handle them as loadable modules, it only costs you the work to keep track of those. But if you want to compile your own kernel for specific machines, and leave out the drivers you don't want, and while you're at it compile all your applications programs with the level of optimization your hardware supports, get a copy of Gentoo Linux and have fun learning lots more detail about Linux internals.

It is simpeler to audit source code than binarys. Therefore it is more likely that someone has audited it already. Gentoo even has a team auditing code, see http://www.gentoo.org/proj/en/security/audit.xml like OpenBSD.

I personaly prefer to use Reactive Autonomous Blackhole List (RABL) in combination with DSPAM.

Setting up RABL is easy as 1-2-3 (with the help of this Gentoo ebuild).

Some other people I trust more then SpamCop have as well installed RABL and we do exchange the data from our blocking list.

SpamCop is all okay but I like to have DNSBL data from sources I know that I can trust them. And I like to have IP's blocked from those dummies sending spam over here in europe. SpamCop has not enought data about those spammers. Only america and asia is well covered, but european spam is still not much found in SpamCop.

You couldn't compile it from source since there isn't any. Picasa uses some free software (wine for instance), but isn't free software itself. However, there's an ebuild already: http://bugs.gentoo.org/show_bug.cgi?id=134376

Gentoo.

Ahhh, much better.

You're right, that's a great idea. It's called the Gentoo Linux Installer LiveCD.

Nah. Every KDE individual component is installable as of Jan 2005. The 'kde-base' and 'kde-graphics' ebuilds are the old monolithic ebuilds. More info here.

Have you seen the number of packages you need to add to packages.keywords to switch to X.Org 7.0 in Gentoo? There's no way any sane person will do that until they move it all to the stable branch. echo "=x11-base/xorg-x11-6.9.0-r1" >> /etc/portage/package.unmask is the way to go.

First book I read and the first book I suggest to any computer savy friend interested in linux is the Gentoo Handbook. I'm not trying to start a distro flamewar but is does a really good job of explaining nearly everything you are putting into your system as you install it. Plus you end up with a working linux install which is a definite plus. Then if you aren't burned out any of the books above will give you a better understanding of why everything works the way it does and how it varies from system to system. Most users don't care about the later though. That's my $0.02 for what its worth.

All the more reason... To avoid the GPL. I thought it was supposed to make things simpler, not have all of these caveats and 'gotchas'. I understand the next version of the GPL is supposed to eliminate these, but then there's the problem with dealing with multiple versions of the GPL.

Portage is almost as nice?

I'm glad FreeBSD addressed the SATA problems, that was the wall I ran into when installing one time. I wouldn't compare FreeBSD support and Gentoo support, but I would definately say Gentoo has a very active community. Any problem I've had compiling something in Gentoo, I type the error into google and instantly have an answer from bug reports or gentoo forums, etc. Not that you can't do this with every other distro, I've just found Gentoo to be very consistent and easy to find. It's also very nice to know that many other people have had the same problem and that you're not the first. Although no error in the first place would be good too.

Linux on SGI's MIPS workstations is already pretty usable. The core site is at http://www.linux-mips.org/, plus both Gentoo and Debian have functional MIPS Ports [ G | D ].

Between both distro's, most of SGI's systems from the Indy to the Octane are supported (although support for the individual components is dependent on the machine). We're hoping to get our hands on some of their newer stuff, like a Fuel or an Origin 300 to see how hard that will be to port to (especially the R14000), but the dream is to one day (hopefully before the year 3000) get Linux running on a quad-cpu Tezro :)

Linux on SGI's MIPS workstations is already pretty usable. The core site is at http://www.linux-mips.org/, plus both Gentoo and Debian have functional MIPS Ports [ G | D ].

Between both distro's, most of SGI's systems from the Indy to the Octane are supported (although support for the individual components is dependent on the machine). We're hoping to get our hands on some of their newer stuff, like a Fuel or an Origin 300 to see how hard that will be to port to (especially the R14000), but the dream is to one day (hopefully before the year 3000) get Linux running on a quad-cpu Tezro :)

Didn't the Jackass! distribution of Gentoo also had the same problem?

http://forums.gentoo.org/viewtopic-t-345229.html (near the bottom)

But the 9250 WILL be dying soon, at any rate it will die as AGP becomes obsolete. We need a replacement in the catagory of 3D hardware with Open drivers.


The r300 project is currently making great strides in getting open source direct rendering with the newer radeon chipsets. There is a thread in the Gentoo forums dedicated to testing their drivers out.

So, isn't RISE (Randomized Instruction Set Emulation) similar in concept to PIC (Position Independent Code)?

If you want to secure computers via the Linux route then with Hardened Gentoo is a good way (Follow the Resources links in sections 6).

PaX is a hardened Linux kernel using ASLR (Address Space Layout Randomization) to support applications built as a PIE (Position Independent Executable) and to provide non-executable memory (NX).
PaX home.

PIE/SSP (Position Independent Executable)/(Stack Smashing Protector) (follow PaX link)
When an application is built as a PIE (Position Independent Executable) the code is able to be randomize on load up and NX bit set on certain parts of the application. At run time, when a buffer is created, SSP adds a secret random value called the 'canary' to the end of the buffer.

MAC (Mandatory Access Control) (follow Hardened Gentoo link)
Hardened Gentoo supports 3 access control solutions, SELinux , grsecurity , and RSBAC .

PIC Introduction and Internals.

Other references:
Hardened Gentoo Primer
SeLinux is supported by the NSA (National Security Agency) of the USA.

So, isn't RISE (Randomized Instruction Set Emulation) similar in concept to PIC (Position Independent Code)?

If you want to secure computers via the Linux route then with Hardened Gentoo is a good way (Follow the Resources links in sections 6).

PaX is a hardened Linux kernel using ASLR (Address Space Layout Randomization) to support applications built as a PIE (Position Independent Executable) and to provide non-executable memory (NX).
PaX home.

PIE/SSP (Position Independent Executable)/(Stack Smashing Protector) (follow PaX link)
When an application is built as a PIE (Position Independent Executable) the code is able to be randomize on load up and NX bit set on certain parts of the application. At run time, when a buffer is created, SSP adds a secret random value called the 'canary' to the end of the buffer.

MAC (Mandatory Access Control) (follow Hardened Gentoo link)
Hardened Gentoo supports 3 access control solutions, SELinux , grsecurity , and RSBAC .

PIC Introduction and Internals.

Other references:
Hardened Gentoo Primer
SeLinux is supported by the NSA (National Security Agency) of the USA.

So, isn't RISE (Randomized Instruction Set Emulation) similar in concept to PIC (Position Independent Code)?

If you want to secure computers via the Linux route then with Hardened Gentoo is a good way (Follow the Resources links in sections 6).

PaX is a hardened Linux kernel using ASLR (Address Space Layout Randomization) to support applications built as a PIE (Position Independent Executable) and to provide non-executable memory (NX).
PaX home.

PIE/SSP (Position Independent Executable)/(Stack Smashing Protector) (follow PaX link)
When an application is built as a PIE (Position Independent Executable) the code is able to be randomize on load up and NX bit set on certain parts of the application. At run time, when a buffer is created, SSP adds a secret random value called the 'canary' to the end of the buffer.

MAC (Mandatory Access Control) (follow Hardened Gentoo link)
Hardened Gentoo supports 3 access control solutions, SELinux , grsecurity , and RSBAC .

PIC Introduction and Internals.

Other references:
Hardened Gentoo Primer
SeLinux is supported by the NSA (National Security Agency) of the USA.

So, isn't RISE (Randomized Instruction Set Emulation) similar in concept to PIC (Position Independent Code)?

If you want to secure computers via the Linux route then with Hardened Gentoo is a good way (Follow the Resources links in sections 6).

PaX is a hardened Linux kernel using ASLR (Address Space Layout Randomization) to support applications built as a PIE (Position Independent Executable) and to provide non-executable memory (NX).
PaX home.

PIE/SSP (Position Independent Executable)/(Stack Smashing Protector) (follow PaX link)
When an application is built as a PIE (Position Independent Executable) the code is able to be randomize on load up and NX bit set on certain parts of the application. At run time, when a buffer is created, SSP adds a secret random value called the 'canary' to the end of the buffer.

MAC (Mandatory Access Control) (follow Hardened Gentoo link)
Hardened Gentoo supports 3 access control solutions, SELinux , grsecurity , and RSBAC .

PIC Introduction and Internals.

Other references:
Hardened Gentoo Primer
SeLinux is supported by the NSA (National Security Agency) of the USA.

So, isn't RISE (Randomized Instruction Set Emulation) similar in concept to PIC (Position Independent Code)?

If you want to secure computers via the Linux route then with Hardened Gentoo is a good way (Follow the Resources links in sections 6).

PaX is a hardened Linux kernel using ASLR (Address Space Layout Randomization) to support applications built as a PIE (Position Independent Executable) and to provide non-executable memory (NX).
PaX home.

PIE/SSP (Position Independent Executable)/(Stack Smashing Protector) (follow PaX link)
When an application is built as a PIE (Position Independent Executable) the code is able to be randomize on load up and NX bit set on certain parts of the application. At run time, when a buffer is created, SSP adds a secret random value called the 'canary' to the end of the buffer.

MAC (Mandatory Access Control) (follow Hardened Gentoo link)
Hardened Gentoo supports 3 access control solutions, SELinux , grsecurity , and RSBAC .

PIC Introduction and Internals.

Other references:
Hardened Gentoo Primer
SeLinux is supported by the NSA (National Security Agency) of the USA.

So, isn't RISE (Randomized Instruction Set Emulation) similar in concept to PIC (Position Independent Code)?

If you want to secure computers via the Linux route then with Hardened Gentoo is a good way (Follow the Resources links in sections 6).

PaX is a hardened Linux kernel using ASLR (Address Space Layout Randomization) to support applications built as a PIE (Position Independent Executable) and to provide non-executable memory (NX).
PaX home.

PIE/SSP (Position Independent Executable)/(Stack Smashing Protector) (follow PaX link)
When an application is built as a PIE (Position Independent Executable) the code is able to be randomize on load up and NX bit set on certain parts of the application. At run time, when a buffer is created, SSP adds a secret random value called the 'canary' to the end of the buffer.

MAC (Mandatory Access Control) (follow Hardened Gentoo link)
Hardened Gentoo supports 3 access control solutions, SELinux , grsecurity , and RSBAC .

PIC Introduction and Internals.

Other references:
Hardened Gentoo Primer
SeLinux is supported by the NSA (National Security Agency) of the USA.

So, isn't RISE (Randomized Instruction Set Emulation) similar in concept to PIC (Position Independent Code)?

If you want to secure computers via the Linux route then with Hardened Gentoo is a good way (Follow the Resources links in sections 6).

PaX is a hardened Linux kernel using ASLR (Address Space Layout Randomization) to support applications built as a PIE (Position Independent Executable) and to provide non-executable memory (NX).
PaX home.

PIE/SSP (Position Independent Executable)/(Stack Smashing Protector) (follow PaX link)
When an application is built as a PIE (Position Independent Executable) the code is able to be randomize on load up and NX bit set on certain parts of the application. At run time, when a buffer is created, SSP adds a secret random value called the 'canary' to the end of the buffer.

MAC (Mandatory Access Control) (follow Hardened Gentoo link)
Hardened Gentoo supports 3 access control solutions, SELinux , grsecurity , and RSBAC .

PIC Introduction and Internals.

Other references:
Hardened Gentoo Primer
SeLinux is supported by the NSA (National Security Agency) of the USA.

So, isn't RISE (Randomized Instruction Set Emulation) similar in concept to PIC (Position Independent Code)?

If you want to secure computers via the Linux route then with Hardened Gentoo is a good way (Follow the Resources links in sections 6).

PaX is a hardened Linux kernel using ASLR (Address Space Layout Randomization) to support applications built as a PIE (Position Independent Executable) and to provide non-executable memory (NX).
PaX home.

PIE/SSP (Position Independent Executable)/(Stack Smashing Protector) (follow PaX link)
When an application is built as a PIE (Position Independent Executable) the code is able to be randomize on load up and NX bit set on certain parts of the application. At run time, when a buffer is created, SSP adds a secret random value called the 'canary' to the end of the buffer.

MAC (Mandatory Access Control) (follow Hardened Gentoo link)
Hardened Gentoo supports 3 access control solutions, SELinux , grsecurity , and RSBAC .

PIC Introduction and Internals.

Other references:
Hardened Gentoo Primer
SeLinux is supported by the NSA (National Security Agency) of the USA.

So, isn't RISE (Randomized Instruction Set Emulation) similar in concept to PIC (Position Independent Code)?

If you want to secure computers via the Linux route then with Hardened Gentoo is a good way (Follow the Resources links in sections 6).

PaX is a hardened Linux kernel using ASLR (Address Space Layout Randomization) to support applications built as a PIE (Position Independent Executable) and to provide non-executable memory (NX).
PaX home.

PIE/SSP (Position Independent Executable)/(Stack Smashing Protector) (follow PaX link)
When an application is built as a PIE (Position Independent Executable) the code is able to be randomize on load up and NX bit set on certain parts of the application. At run time, when a buffer is created, SSP adds a secret random value called the 'canary' to the end of the buffer.

MAC (Mandatory Access Control) (follow Hardened Gentoo link)
Hardened Gentoo supports 3 access control solutions, SELinux , grsecurity , and RSBAC .

PIC Introduction and Internals.

Other references:
Hardened Gentoo Primer
SeLinux is supported by the NSA (National Security Agency) of the USA.

He was asking about using the BSD userland with the Linux kernel. BSD/Linux. As opposed to the GNU userland/BSD kernel thing that Gentoo are attempting.

Unfortunately, GP, I don't know.

I'm going to keep XP on that machine for as long as it runs, or until I replace it with an open OS.

So why haven't you replaced it now?

You can get Ubuntu up and running in minutes, with full functionality. If you're more of a tinkerer type, set aside a weekend and take the plunge with Gentoo.

Say what you will about the odd Gentoo user, but in my experience Gentoo has one of the most welcoming and informative communities I've witnessed. Almost any problem encountered can be found on the huuuuge forum, and any post that you've put in at least a little effort into will get an almost instant, polite reply.

Naturally, if you write a post entitled "lol!" with the body "omg help!" you're not going to get a great response. But if you're clear about what your problem is, people will pour in with suggestions and directions to fix it.

Similarly on their IRC channel. Stop by, ask for help, and odds are someone will be around willing to help. I make it a point to pop by once a week or so and just help a few people.

Yes, Gentoo is harder to get started with than some other distros (Ubuntu, Mandrake, etc). But I must say, I've known people who have used Ubuntu or Mandrake or what have you for as long as I have used Gentoo, and they learned nothing about Linux during that time.

Clearly Gentoo isn't for the "average" user. But if you want to learn something and have a solid and flexible distro with a reliable community behind it, I highly recommend Gentoo.

- shazow

Not all Gentoo users are nice

I've not personally tried Debian, but, I have heard the community there isn't exactly 'newbie friendly'.

I've tried RH back in the day, and Slackware was my first Linux try, back in the early 90's. I've found so far, the most friendly to newbs distro, is probably Gentoo. The forums are a great place to look for info, and also easy to get even easy questions answered. The community seems pretty tolerant of questions that 'have been asked before'.

I've never had much a problem finding help with any distro I've tried in the past tho...but, then again, I learned early on, to start a USENET post with something like "OK, I've tried, this, this, this and this...and am still stuck, does anyone have any links or suggestions?" Just to show that I've tried on my own and am now stuck. That usually got a good response. I also used to be more active in USENET groups....if people see you posting to help others, they'd more likely be willing to help you.

Which is why Gentoo is the best distro. Sure, it has an aura of snobbery, but generally speaking the users themselves are not snobs. And the manuals are extremely easy to understand. Though it takes some time and typing to use Gentoo, it's very easy to use otherwise, because everything is spelled out. http://gentoo.org/ http://www.gentoo-wiki.com/

Since the last thing you mentioned was keeping up with vulnerability patches, I want to add something here to keep you from turning anyone off from gentoo.

Gentoo has toolkit which includes an app called glsa-check described here:

http://www.gentoo.org/doc/en/security/security-han dbook.xml?part=1&chap=14

It's preliminary, but it will report the components of your installation which have security issues and the security issue id's themselves.

There is also an email alert sent out whenever a security alert is announced. So don't let this guys attitude discourage you from at least trying it on for size. Sure, it may not be what you need, but then again, it just might.

My freshman year (2000) in college started with me not knowing what a "linux" was. This all changed when a friend handed me a Debian distribution burned to an ISO. He encouraged me to repartition my hard drive and install this next to my Windows 98 SE installation. Like a lot of new people, I hosed my hard drive. I ended up doing fresh installs on both OS's and getting the dual boot to work. There were cheap little games and some truly great and historical open source software on that disc also. The next day in class, the guy couldn't get me to shut up about how great it was. I had hit a few snags but the answers were all online.

My first college kegger could not compare to the first time I ran Linux. Nor would a kegger ever be as memorable. A free operating system? That works?

A year or two later, I'm in a new class. There's a kid sitting in front of me going on and on about Linux. Up to this point, I've used Debian, Mandrake & Red Hat so I drop a question out there:

Me: "I really like Mandrake, what do you think is the best distribution?"
Student A: "It's obviously Gentoo."
Me: "Gentoo? I haven't even heard of that one..."
Student A: "Well, it's clearly the superior distribution."

Ok, so my first encounter with Linux people working against Linux people in a childish d*ck measuring contest. To my horror, I overheard the following conversation thereafter ensue between him and a person in the class looking for a Linux installation experience:

Student B: "I use Windows and I'm confused even as where to start..."
Student A: "That's easy, just install Gentoo."
Student B: "I ... Where do I get a disc for that?"
Student A: "They're freely online, you just have to find them and install them--I recommend an ftp install so that you get the latest versions of everything. And with Gentoo, you can just emerge whenever you want to update. "
Student B: "'Emerge'--what does that mean?"
Student A: *snorts* "If I have to tell you, there's no point in you even getting Linux."

And on it went, with Student A asserting his superiority. When I got home, I tried to install Gentoo. It took forever, I hit a million snags but eventually got it working. I hated it. After talking again to them, the only reason Student A was using Gentoo was because he had some crazy chipset he needed to compile everything for (a dual AMD setup which was rare back then) and he also revealed that he spent every Sunday night "emerging."

Luckily, I intevened with Mandrake and gave him something close to Windows that an idiot probably could install. I told him all the cautionary advice I had to give and I feel that he most closely identified with me.

The truth is: not all Linux experiences are for everybody.

All the cool people use Gentoo.

I was thinking more on a kind of white pages ordered by name, so for example, if i want to contact my uncle Gen Too but I don't remmeber his address, I'll go to gentoo.tel, and I will find there contact information from all people and companies around the world who have decided they want to appear in that index and are named Gen Too (or Gentoo, for instance).

This way I will find in gentoo.tel a link to the homepage for the gentoo linux distribution but also another one for the file manager called gentoo.

So when I decide to create my company Ge nToo, S. L. in Spain, I will submit my information to the authority who controls .tel domains, so when my clients want to contact me, they don't have to think if my domain is gentoo.org, gentoo.com or whatever, they will just type gentoo.tel, and search in the descriptions of all gentoo named persons and companies, till they find mine.

There would be no more conflicts about who should own which domain, because all of them will be as easy to reach as any other - just type gentoo.tel and decide which gentoo are you interested in, the linux distribution, the file manager, my beer company called Ge nToo or my uncle Gen Too.

I really don't know if this would work, but is the only utility I can find to a the .tel TLD.

"Larry Linux"? I thought that was Gentoo

But I dont give a fuck. Microsoft Windows fucking sucks. The box I am on right now is Windows. If you want to stand for this shit then fine do whatever you please. But until you decide to use FreeBSD or one of the many other alternatives like one of my favorites Gentoo Linux or Debian Lunix or one of the many others... Stop bitching about rights erosion. Excuses about market share and running easily managed homogenous networks are tired. If you cannot use a computer... Don't use one. Nothing is private. Especially now. If it wasn't a computer giant watching us it would be a media company or something else. Everyone has an axe to grind, this is just another example of that. People are paranoid now because of the massive FUD that has been disseminated by hollywood in movies like Swordfish, the many claims of "spying" unbiased liberal and conservative media has been bashing the public with lately and over the years. Not to mention that we all already have a bar code implanted in us... It's called a social security number. If you believe you aren't being watched well. You are mistaken. Nothing is private. The first reason to switch from Windows should be because it fucking sucks. Then you should worry about your (already) non private data.

Every single distro does its own thing and there is no standardization whatsoever.

I humblely disagree.

Filesystem Hierarchy Standard (FHS)

The filesystem standard has been designed to be used by Unix distribution developers, package developers, and system implementors. However, it is primarily intended to be a reference and is not a tutorial on how to manage a Unix filesystem or directory hierarchy.

Gentoo FHS
RedHat FHS
Suse FHS&LSB

And for binary distros there is Linux Standard Base (LSB)

The LSB specification is made up of several components, known as modules. The base specification consists the of Core, Graphics and CXX (C++) modules. The specification is further extended with the Desktop set. Each module might be subdivided into a common document plus architecture-specific documents (in some cases the subdivision is not needed). A complete binary standard for a particular processor architecture consists of the set of necessary common documents plus the matching set of architecture-specific documents.

Latest LSB Spec 3.1.0

find me a Linux distribution that lets you customer a Linux kernel at install time.
*Raises hand* Me me! that one is easy!

Gentoo, slackware

Or what about NeoMagiclux

Neat uh?

Look, the problem with the article and almost all the articles is that they try to add labels and properties to "Linux" as an operating system. Linux is not an operating system it is a kernel, Mandriva, Gentoo or whatever you want is an operating system, some of them are Fat, some of them are bloated, some or them are insecure and whatever.

But you can not say that "Linux is a fat operating system" because linux is not an operating system.

Ummmmm, how about switching? :-)

oh if only there were a way!

with an open source project [gentoo.org] many of the people I correspond with are outside of the US. For that matter, a good portion of the people who view and use what I work on are outside of the US. The people who helped me get started doing this, yes, not in the US. It's apparent that the thing to be most largely hindered woud be international coopearation. Why the heck would we want to do that, or rather, advanced it? I see no tangable gains from this idea.

don't forget about Portage for Mac OS X! :)

All these revelations about the goings-on within Microsoft give new meaning to the term "open source". Something is certainly "open" here, now they have a percentage on the code rewrite. That's a start.

I don't want to sound mean here, I love Windows, if it were not for it, all these nice PC's would not be all over the place. Imagine, "no Windows". Classes all weekend long on "installing Gentoo Linux.
Every Joe Sixpack for miles around required to attend, he needs that, since there is "no Windows", and his PC needs a specially tailored OS so he can get on the web.

Seriously, I have several old PC's that have very small amounts of RAM by todays standards, (4MB - 32MB), and run Windows 3.1 just fine. I got one little laptop out of the Dumpster, and it had a smashed screen. I fixed up a nice Windows 3.1 installation for the hard drive, then got another little hard drive for it, and put Basic Linux on that. It's now a little dial up server, and can serve up a web page that can be viewed (Netscape) and edited as needed.
  So, I can do both OS's, but I'll always like Windows, especially since the drivers in it exactly match the video, sound and modem in the box, something I have (over the years) had an interesting and educational time getting-to-work in Linux. Here's a link to one of my legacy pages detailing my progress in working with Linux.
I started out with Redhat 6.1, and stuck with it until I had it working just right on a little IBM PS-1 with 32 MB RAM, and a 25 MHZ system bus. I gave a thrift store $5.00 for it, in perfect shape, stuck in a closet for years, then donated.

If it were not for Windows being preinstalled (and simple to use for Mr. and Mrs. Joe Sixpack), the techies would not have cheap PC's to play with.
Those things would cost tens of thousands of dollars, just like they did before the advent of Windows.

I say keep your Windows installation, even if you only use it occasionally, (not on the web, it's virus-land for Windows) and "install" some flavor of Linux.
I have Redhat 9, Windows 98, and almost always run my livecd linux with the cheatcode "fromhd=/dev/hdd7" on this box. Do that also on an XP box.
To get my printers to work, I have to use Kanotix livecd linux on the XP box, and Kubuntu Linux live cd on the Windows 98 box. (That one takes _forever_ to boot).

The other side of the flood of Windows computers into the marketplace is that the owners have virus problems, other troubles, and tend to set them out on the curb for the trashman to pick up. No suprise that they cannot fix the box. The modem I'm using right now came from such a discarded PC. All the machines I use were discarded Windows boxes, some just given away, here you are. Some bought for a fraction of what they cost new. All will run Linux, I have a (free) HP Pavilion 6330 that does sound just fine with my livecd linux.

So, what's not to like about Windows?

Gentoo's advisory, released 2006/03/22