Slashdot Mirror
Michael Robertson of Lindows Responds
1) why oh why?
by Ender Ryan
Why was it decided that Lindows would always run as 'root' by default? That seems like a pretty bad decision to me, and many others as it's the number 1 complaint of many Linux users who would otherwise like to give Lindows a try, but perhaps we should hear why that decision was made.
Is this how Lindows is going to continue to work in the future? I think this is one "feature" of Win9x that would really be better to leave in the past.
Robertson
I think the larger issue here is how do you balance security vs. ease of use. We are committed to providing a secure desktop operating system and make policy decisions about how to achieve a secure but usable system. For example, not plugging a computer into the 'Net would make it really secure, but not very usable. We did decide to build in a pre-configured firewall because it's largely an invisible security layer that adds meaningfully security to the desktop but stays out of the users way. Most security compromises are external attacks, not root vs. non-root issues.
Historically, multi-user systems made sense when hardware was expensive because not everyone could afford a computer and you could leverage the cost of expensive machines by creating multiple users and doing time sharing. But times have changed and computers are now ultra-affordable with PCs starting at $200.
So there's less need to share computers and have multi-user accounts with all that overhead and complexity. There aren't “administrators” in many of the homes, businesses and schools we are selling to. These are personal computers where the owner needs to be able to set the clock, change the wallpaper, configure a printer, install a flash drive, or load a new piece of software without bumping into nuances of computer science.
Take a Microsoft Windows XP or Mac OS X machine out of the box and use it and it operates in a similar manner to LindowsOS – the first person to touch it can do whatever they want. If we make Linux harder to use then other operating systems, users will not embrace it. Users just want to get their work done, they don't want to be computer experts and they shouldn't have to be. Of course, if they want to add a default password or setup multiple accounts and restrict access to their own machine, they can of course do it on all of these operating systems, including LindowsOS, even though none default that way.
2) User feedback on Linux-based desktop OS
by prostoalex
Since the Lindows PCs have been selling for a while, your marketing and customer service folks must have gotten some kind of feedback from current or prospective users.
What are the things people ask for? What are some things general users would like to see in Lindows or Linux-based desktop distributions that aren't there yet?
Robertson
When we started Lindows.com we believed that software installation was extremely difficult for most users and the biggest obstacle impeding widespread desktop adoption. So we invested considerable engineering in Click-N-Run http://www.lindows.com/clicknrun, which makes software installation (including downloading, menu items, icons, MIME types, etc.) in LindowsOS a one-click experience. It's far superior to anything Microsoft Windows XP has.
Since then, we've heard from consumers about what they want or think is missing in a desktop operating system. The number one item people thought was missing was virus protection. (This surprised me and wouldn't have been my guess; more on this topic in a later question.)
There are some key areas of hardware support which no desktop has today which users consistently bring up including: USB wireless support, Plug & Play USB drives (flash, hard drive and CD/RW), firewire and ACPI (power management for laptops). We hope to address most of these in our next release of LindowsOS version 4.0 coming shortly.
On the software side, it's amazing how quickly the community is filling application holes and a real testimony to the advances is making. Six to twelve months ago the list of “missing” software applications was different then it is today. For those seeking a Visual Basic-like program, Gambas (www.lindows.com/gambas), has made great strides. GAIM www.lindows.com/gaim has emerged as a solid meta-IM client, etc. The biggest individual holes today are probably an online banking aware personal finance program (ala Quicken) and a web development tool that is tightly integrated for creation and management such as FrontPage or Dreamweaver. (We'll announce an very cool, affordable product available in Click-N-Run next week which addresses the online banking need.) Video games is an entire product category missing for Linux. There are some great new companies like GarageGames (http://www.garagegames.com), but the high profile games are absent. Finally, video streaming is weak on desktop . None of the big three codecs (QuickTime, Real, Windows Media) have shown any real commitment to offering support. I think there's a real opportunity for one company to commit to gain the upper hand on the others with a true cross platform solution.
3) Should Linux Remain a Cult Object for Geeks?
by reallocate
Do you think the hostility toward Lindows that characterizes some members of the "community" can be attributed to their desire that Linux remain a "geeks only" cult object?
Robertson
Linux can literally save consumers billions of dollars on software, so I sure hope we can bring it to the masses – that's really our business.
I attended UCSD and as part of my major I was required to take an assembly language programming class. It was one of the computer science “weeder” classes where 60% of students fail or drop out. I struggled through it with a passing grade and had a great sense of accomplishment. The next year the major requirements were changed alleviating the assembly language requirement. I have to admit I wasn't happy with this decision since it meant that those sharing my degree after me didn't have to go through the same torturous experiment.
Until recently, it was a badge of honor to get a Linux desktop running. LindowsOS makes it possible to install in 3 minutes and have it auto-recognize all your components and then install most software with a single mouse click. Those who went through the “weeder” class path naturally won't be that excited.
4) Wine?
by IamTheRealMike
When you started, you put a lot of effort into Wine, sponsoring things like WineConf. That didn't work out, but Wine improves constantly, as the latest releases of CrossOver and WineX show. Do you think you'll ever return to it someday, or are you disillusioned with the whole thing?
Robertson
We really respect Jeremy White, Codeweavers and the rest of the Wine development team, but we did move away from Wine sometime ago. It was really a financial decision. Here's the analysis we went through. Microsoft makes roughly half of their profits from selling their operating system and half selling their office suite. If LindowsOS users still have to depend on Microsoft's office suite then they will only be able to save money on half of their software purchases. Additionally, they'll still have to deal with restrictive licensing, activation codes, endless security issues and expensive upgrade options. Undoubtedly Microsoft would continue to use their might to bully computer users who use one part of Microsoft's offerings into using the others, like they do now with Microsoft Word costing $349 and Microsoft Office priced at $399. We really need to move to a Microsoft-free computing solution to realize dramatic savings.
We thought it much better to continue to focus on the ease of use, but invest our energies in promoting and polishing native programs rather than legacy Micrsoft Windows based programs. This way we can save consumers considerable money on the OS and the other largest expenditure – the office suite. Another critical development is that the StarOffice/OpenOffice products really made major advances. We can now comfortably endorse and distribute these products.
While we stopped promoting Microsoft Windows program capability, we strongly emphasize file format compatibility which we think is critical. People often have a need to open and edit a doc, xls or ppt file and that's what we give them. By focusing on affordable programs, we can give computer users these capabilities for the lowest price.
5) MP3.com in retrospect
by prostoalex
Looking back at MP3.com, what would you do differently if you were to start the music service business all over?
Do you think MP3.com was a good business idea in the first place? Do you think the sale of the site to Vivendi Universal was a good idea?
Robertson
Our goal at MP3.com was to bring digital music to the masses and I think we made a lasting impact and left the world a better place then we found it. We fought hard in congress, courts and in the business world to make MP3 a universal standard because it was the best thing for music fans who were our ultimate customers. Today MP3 is a universal standard, DRM schemes have been thwarted, portable players are legal, virtually all hardware supports MP3, so consumers are in a relatively good place because they can freely move their music around.
We didn't accomplish everything we wanted to do. We championed the concept of a “Music Service Provider” and backed the concept up with phenomenal technology which would store a user's entire music collection online and zap it to any device via an open API (PC, portable, phone, car, CDR, etc) with a single mouse click. Licensing challenges, restrictive law interpretation, and music industry reluctance to embrace new technology torpedoed our efforts on this front. It's interesting to hear the press gush over Apple's itunes “one click” purchase and load to portable player features – something we had two years ago. I think we laid important groundwork to make this happen, but missed delivering on our entire vision.
I sold MP3.com at a time and price that I thought was good for our shareholders and have no regrets and wouldn't change any decision I made.
6)Wal-Mart
by Znonymous Coward
Microtel and Lindows have put togther some great deals for Wal-mart.com; How are sales going?
Will the Microtel + Lindows PCs ever make it to Wal-Mart store shelves?
Robertson
Sales are strong - we have the best selling products at Walmart.com. I'm confident that success will lead to retail store distribution on retailers' store shelves. We're waiting until our next version (4.0) to distribute LindowsOS in major outlets. The quality needs to be there to satisfy everyday (non-technical) computer users. I can't stress how critically important this is to the success of desktop Linux.
Linux MUST be preinstalled on computers to be a sustainable business. The Microsoft stranglehold on OEMs must be cracked to change the dynamics of the PC business. Until this happens, no desktop Linux company should be considered a viable longterm company.
7) PATENTING ONE-CLICK-INSTALL
by neitzsche
Dear Mr. Robertson,
Could you please update me on your efforts to patent your one-click-software-update solution?
If you are granted such a patent, do you plan on allowing the open source community free (beer/speech/both?) licensing?
Robertson
We don't have a patent on Click-N-Run and have not filed a patent application. I'm not a big believer in method patents. Patents need to be “non-obvious”. I'm not sure “one click anything” is patentable or should be – whether an order process (think Amazon) or software installation routine.
8) Viruses
by minus_273
Not having viruses is one of the upsides of . Why do you sell a virus scanner for Linux?
Shouldn't you be presenting the lack of viruses as one of the reasons to switch?
Robertson
I shared your viewpoint initially, but then we heard from users and discovered something new. What people thought was most lacking from LindowsOS that prevented everyday use was “virus protection”. I was surprised by this result so we talked to users to understand their logic. It turns out that they have been so traumatized by the virus problem on Microsoft Windows that it has shaped their view of the world. Many told us they would NEVER use a personal computer without virus protection because either they had been infected and publicly embarrassed or they knew someone close to them who had. Others said that their corporate policy mandated virus protection or the employee could be disciplined. It's no longer a rational decision, but simply a presupposition to using a computer.
Let me use an analogy. Say someone grew up in the crime-ridden inner city project and then decides to move to the country. No matter how hard that real estate agent tries to use statistics and reasoning to convince them they don't need locks on their doors of the house they're buying, the buyer won't believe it because that's not the world they grew up in. 95% of the world has grown up in a Microsoft virus-infested project. Microsoft has cleverly positioned it as a solely external problem so they don't have to incur the cost to fix it. Bravo to Microsoft for good marketing which has saved them billions in support. Consequently, computer users don't see the root of the problem as shoddy Microsoft programs that if they were to abandon the problem subsides, but rather a fact of life of personal computing. It's a lock on the door they insist on having – regardless of the crime statistics in their area.
So we offer a one-click virus solution powered by Central Command. Virii are a tiny problem today on Linux, but as more desktops migrate it would be foolish to think that it will never be a problem. Just stopping inadvertantly passing on Microsoft Windows vulnerabilities has value to many consumers, as I've attempted to illustrate to many people considering desktop Linux.
9) Click-n-Run vs apt-get
by mahdi13
Lindows is based off of the Debian code and uses apt-get to install software from the Click-n-Run repository. What is in place to keep people from changing the apt-get sources from CnR to the Debian sources and install something like Synaptic (and getting newer, updated packages for free) instead of paying the $99/year (with a few execptions)?
Robertson
It is true that LindowsOS is Debian based, but Click-N-Run is no longer apt-get based. We're now on the third generation of the Click-N-Run architecture and it shares virtually no code with apt-get. As often happens you learn a lot when you do version 1.0. In the first version we learned the limitations of apt-get and were forced to create our own system which would better support personalization, commerce, error handling, and low bandwidth environments. We saw about 60% success rate using the first version of apt-get. Today we achieve over a 90% success rate. And we're able to offer advanced features like Aisles, CNR Express, a full featured commerce engine, and critical features like auto-retry and partial install resume.
LindowsOS users are free to use apt-get or any other feature. We don't remove the command line or limit their ability to install software. They can “open the hood” if they want to. Our goal is to do all the heavy lifting for them for a fair price and build a profitable business. If we can't offer value beyone what they can get from apt-get then they shouldn't give us any money. So that keeps us working hard to offer value.
The Warehouse part of the Click-N-Run (http://lindows.com/warehouse) adds tremendous value as well. Not only do users get an informative graphical representation for many products, but because listings are based on popularity they can get a listing of the most valuable software as measured by the community. We also spend considerable amount of time working on the top 25 programs. We typically customize them to make them work well together and on LindowsOS. Since anyone can browse the information for free, we have even learned that our warehouse is used by many who don't use our products as a resource. We recompile the programs to use the “My Documents” folder by default to resolve one of the common complaints from users that “they can't find their saved files”. That's obviously a simple example, but those are the types of things that make all the pieces work well together for LindowsOS users and will bring desktop to a wider audience.
10) Xbox
by randomErr
What ever possessed you to put up the bounty on the Xbox project?
Robertson
To understand my motivation it's probably important to understand my belief in personal ownership. I believe that if you purchase a product, you should have the right to change it, move it, or alter it for your own personal needs. The seller should have the right to say that you void the warranty or refuse to support it if you change it, but you should still have right as the purchaser to make that choice. This goes for music, software and personal computers. My belief is that as long as consumers have this right, then they'll use that freedom to make choices which steer our society in a generally positive direction. I'd contend we've already witnessed this with MP3.
The Xbox is Microsoft's first attempt at a closed architecture PC. What they learn from the Xbox will be in their next generation closed desktop PC system. Microsoft wants to move to a world where THEY decide what software a computer runs because that will allow them to extract the most money from consumers. They'll position this product with a comforting sounding name like “trustworthy” computing and tout the benefits, but it's really about shifting power over an individual's PC from the buyer to Microsoft. Microsoft will put up a permission gate before any software can be installed which will have a fee associated with it. It will ultimately give Microsoft control over a user's computer. This is why we do not, in any way, limit what software users can install.
I think it's critical that consumers have control over their computers and the ability to decide what software they want to utilize. I look at the Xbox as simply a personal computer. This is why I funded the Xbox reward.
NOTE: I funded it through http://pubsoft.org, Russ Nelson's great concept which I hope catches on.
Consumer freedom is also one of the primary reasons I started Lindows.com. If we can get a substantial number of desktop users we will ensure the longevity of an open architecture PC and ensure that the computing world evolves in a consumer-friendly direction.
Thanks for the opportunity to answer your questions.
"Take a Microsoft Windows XP or Mac OS X machine out of the box and use it and it operates in a similar manner to LindowsOS ? the first person to touch it can do whatever they want."
Sorry, Mac OS X is not running as root out of the box.
While the first user is an Admin, they do no have root access, there are many directories they can't see, and they can't go in and trash stuff in another users account.
Look again. You can get the machines without Linows, thats probably the case with the non-Lindows machines, but why would you want have to figure out how to get Lindows off of a machine to put Windows on? I know it can be difficult for newbies to remove Linux type file systems with a Win98 CD. I've walked more than one semi-experienced tech through having to do it myself.
The preceding post was not a Slashvertisement.
"Surely this is not a popular opinion around here, but shouldn't we accept as legitimate the concept of subsidized hardware based on a subscription?"
Of course not, since this reduce consumers choice.
"Anyone can get a free mobile phone by signing up for a wireless service contract and agreeing to pay the fees for a specified period of time, typically one or two years."
In many countries like Finland this kind of stuff is illegal. That's why cell phones are very popular here:
- you can choose a cell phone and service provider independently
- you can replace your cell phone with a new one when you like and keep your phone number
- you can switch to the better service provider any time
Yep, you are right.
For more info see Wikipedia:
Despite frequent claims to the contrary, the only correct English plural of the word for any of these senses is viruses. The Latin word does not appear to have had a plural. Virii would be the plural of the word virius, and viri was the plural of the word vir, meaning man. See [1] for more on this.
There are 4 people in our house and 4 PCs (not counting the laptop). Most of my techie friends also have a 1-1 correspondance. Wait, my sister lives alone and has one.... my niece lives with 3 other folks and they have 3.... hmmm I think I suspect a pattern. Computers are addictive and they are NOT really a spectator sport. My girls got tired of watching each other playing on our PC so we got them thier own. They 'parallel play'.
"If you are on fire you can just stop, drop, and roll. If you fall into Lava you are just dead." - my 5yr old daughter
Free Software is one of the keys to placing control back in the hands of those who should have it: The consumer. The more installations there are of Linux, BSD and anything else that is free and open, the better off the consumer will be, if only because the overall community has more power to avoid getting locked in to Microsoft solutions that are all designed to keep you stuck to their products.
Lindows is definitely a good thing in this respect. There are issues (technical, political, intellectual or otherwise) that you might not like to use Lindows. Perhaps you don't want to run as root all the time. But consider this: IT IS IN YOUR BEST INTEREST THAT AS MANY PEOPLE AS POSSIBLE USE LINDOWS, root or not. Juan Q. Público is never going to care about the "nuances" of computer science.
As recently as last year, I tried to help out a medical doctor who is a relatively technology literate businessman. I explained that I should do this and that to set up a reasonable security policy, which will require that he change somewhat the way his staff uses their computers at his clinic. Fully knowing the problems of computers, he told me in so many words, "I don't care about security." That's right. All of this stuff (software, computers, security, passwords, etc.) doesn't mean jack to him. He wants his business to be successful and gain value. If he has to spend a few thousands each year to correct problems, that's acceptable as long as the risk is relatively low in comparison to that of incurring overhead due to security requirements. The best security is frequent backups anyway. Everything else is just there to prevent more sophisticated attacks, which won't so badly affect home users. They already have gigabytes of shit on their computers... all kinds of sounds and videos, viruses, porn advertisements, "enlarge your penis" SPAM containing viruses that they click on anyway... it couldn't get much worse than that, root or not.
So, yes, security will remain a huge problems in computing for a long time to come, mostly because most people don't know or care enough to do something about it. When they lose their data and come crying to me, I'll continue to say what I've repeatedly said for ten years: "Did you make a backup of your data? No? Well, the only way I can fix this is to blow everything off your hard drive and reinstall everything. Sorry." C'est la vie.
They want virus protection? Give 'em virus protection! No viruses in Linux?! Oh, well... just put in a framework that runs fsck in the background once in a while to make the disk spin. A false sense of security might be the root of all evil but at least it will make them feel better about using Linux instead of Windows.
It is STILL in our best interest, though, that more people use Linux. It will create a market for us developers to make a profit. It will create interesting challenges in figuring out security policies that benefit the user without making computer use any more difficult. It might require that we rethink security altogether and come up with methods different from those we use now, which would perhaps be more flexible and powerful. Who knows. But the important point is that in order for this wonderful thing to continue, fucked up legislation like the DMCA needs to stop happening, and for that to happen, Linux needs to gain in power, whether by smart computer scientists or stupid shmoes like Joe Sixpack.
Don't take the words of the few as gospel. Not all of us are closed minded like some of the purists who frequent here.
I for one welcome any new users and am more than happy helping them out. Every user that tries out (or maybe even moves over to) Linux is a good thing.
What's an ACL?
Anterior cruciate ligament. One of those bits of the knee that athletes are always tearing.
Seriously, though, it's an Access Control List. The idea is, rather than apps being associated with a user and having all the permissions of said user, you have to give individual apps permissions/restrictions. You could thus give your browser read-only access to your files, for example, or you could prevent an app from accessing the network.
Ooh, a sarcasm detector. Oh, that's a real useful invention.
Accidentally deleting the entire filesystem is a rite of passage. :)
/
.*
Yes, but it isn't:
rm -rf
which is a rite of passage, but instead:
rm -rf
The resulting behavior makes sense, but the first time around it definitely catches you off guard in the painful learning sense. (CAUTION: If you try this, only try it at least two directory levels deeper than anything important.)
Well, not from a virus' point of view. What a virus needs to do is load itself into memory, then save itself to disk, in some way that it will be started again, then hide it's presence as completely as possible.
All of the above is possible if you are running as Root... The last 2 above are ``more difficult'', and ``not possible'', respectively, if the virus is loaded as a non-privlidged user.
I would like to express my utter disgust at the current methods of virus protection. All an antivirus program on Windows would have to do is to see if a program attempts to write to system files, and carefully monitor changes made to startup configuration files, such as the registry. When it notices this acticivity, it could stop the program, and ask the user what to do. Of course, this method wouldn't make antivirus companies stinking rich from selling virus definitions.
In Unix, the task would be a bit more difficult, simply because there are far more places something could be written to be run automatically. However, there are certainly methods that could negate the virus problem. Systrace is one very significant option. Right now, Mozilla is running under systrace. If Mozilla was to execute some code, it couldn't do much of anything but download webpages, and ruin my bookmarks...
For a commercial solution that is older, and slightly different, you may want to check out Cylant Secure. It boasts an impressive record, and most importantly, it runs on the platforms that systrace doesn't yet.
A virus scanner is simply a half-assed way of treating the symptoms, instead of the disease, so that a company can leech a subscription out of you.
There's no need for Root access for any virus to SPREAD. Root access is just needed for the other important parts of a virus' life, not for replicating itself.
Of course, three cheers for Microsoft for NOT porting Outlook over to Unix, and hence, by in-action, making the world a better place.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
For example, see this message on the Debian-Devel-Announce list, where it mentions that Lindows is providing 4.5kUSD to help support a Debian conference. (HP, Trolltech and O'Reilly are also mentioned.)
:)
He'd be welcome in my house for a beer.
Mine too. Heck, I'd probably offer him snacks to go with it.
This is true only if you get the administrator's account password so that you can run through sudo, or if you can wait for the user to do a privileged operation and hijack it. As long as Joe User doesn't escalate to administrator privileges, it can only run with Joe User's rights. This is a win; I basically only escalate privilege these days for the occasional software installation.
And he (Lindows anyways) sponsors KDE-Look, your source for KDE themes etc. who fell on hard times recently. Maybe I misjudged him.