Michael Robertson of Lindows Responds

Naturally, when answering your questions, he boosted his company. (Wouldn't you?) But I assure you, he wrote these answers himself instead of having them laundered by a PR team. Whether or not you agree with Michael and the way he runs Lindows (and used to run MP3.com) you've got to give him credit for speaking more openly than most other modern American CEOs.

1) why oh why?
by Ender Ryan

Why was it decided that Lindows would always run as 'root' by default? That seems like a pretty bad decision to me, and many others as it's the number 1 complaint of many Linux users who would otherwise like to give Lindows a try, but perhaps we should hear why that decision was made.

Is this how Lindows is going to continue to work in the future? I think this is one "feature" of Win9x that would really be better to leave in the past.

Robertson

I think the larger issue here is how do you balance security vs. ease of use. We are committed to providing a secure desktop operating system and make policy decisions about how to achieve a secure but usable system. For example, not plugging a computer into the 'Net would make it really secure, but not very usable. We did decide to build in a pre-configured firewall because it's largely an invisible security layer that adds meaningfully security to the desktop but stays out of the users way. Most security compromises are external attacks, not root vs. non-root issues.

Historically, multi-user systems made sense when hardware was expensive because not everyone could afford a computer and you could leverage the cost of expensive machines by creating multiple users and doing time sharing. But times have changed and computers are now ultra-affordable with PCs starting at $200.

So there's less need to share computers and have multi-user accounts with all that overhead and complexity. There aren't “administrators” in many of the homes, businesses and schools we are selling to. These are personal computers where the owner needs to be able to set the clock, change the wallpaper, configure a printer, install a flash drive, or load a new piece of software without bumping into nuances of computer science.

Take a Microsoft Windows XP or Mac OS X machine out of the box and use it and it operates in a similar manner to LindowsOS – the first person to touch it can do whatever they want. If we make Linux harder to use then other operating systems, users will not embrace it. Users just want to get their work done, they don't want to be computer experts and they shouldn't have to be. Of course, if they want to add a default password or setup multiple accounts and restrict access to their own machine, they can of course do it on all of these operating systems, including LindowsOS, even though none default that way.

2) User feedback on Linux-based desktop OS
by prostoalex

Since the Lindows PCs have been selling for a while, your marketing and customer service folks must have gotten some kind of feedback from current or prospective users.

What are the things people ask for? What are some things general users would like to see in Lindows or Linux-based desktop distributions that aren't there yet?

Robertson

When we started Lindows.com we believed that software installation was extremely difficult for most users and the biggest obstacle impeding widespread desktop adoption. So we invested considerable engineering in Click-N-Run http://www.lindows.com/clicknrun, which makes software installation (including downloading, menu items, icons, MIME types, etc.) in LindowsOS a one-click experience. It's far superior to anything Microsoft Windows XP has.

Since then, we've heard from consumers about what they want or think is missing in a desktop operating system. The number one item people thought was missing was virus protection. (This surprised me and wouldn't have been my guess; more on this topic in a later question.)

There are some key areas of hardware support which no desktop has today which users consistently bring up including: USB wireless support, Plug & Play USB drives (flash, hard drive and CD/RW), firewire and ACPI (power management for laptops). We hope to address most of these in our next release of LindowsOS version 4.0 coming shortly.

On the software side, it's amazing how quickly the community is filling application holes and a real testimony to the advances is making. Six to twelve months ago the list of “missing” software applications was different then it is today. For those seeking a Visual Basic-like program, Gambas (www.lindows.com/gambas), has made great strides. GAIM www.lindows.com/gaim has emerged as a solid meta-IM client, etc. The biggest individual holes today are probably an online banking aware personal finance program (ala Quicken) and a web development tool that is tightly integrated for creation and management such as FrontPage or Dreamweaver. (We'll announce an very cool, affordable product available in Click-N-Run next week which addresses the online banking need.) Video games is an entire product category missing for Linux. There are some great new companies like GarageGames (http://www.garagegames.com), but the high profile games are absent. Finally, video streaming is weak on desktop . None of the big three codecs (QuickTime, Real, Windows Media) have shown any real commitment to offering support. I think there's a real opportunity for one company to commit to gain the upper hand on the others with a true cross platform solution.

3) Should Linux Remain a Cult Object for Geeks?
by reallocate

Do you think the hostility toward Lindows that characterizes some members of the "community" can be attributed to their desire that Linux remain a "geeks only" cult object?

Robertson

Linux can literally save consumers billions of dollars on software, so I sure hope we can bring it to the masses – that's really our business.

I attended UCSD and as part of my major I was required to take an assembly language programming class. It was one of the computer science “weeder” classes where 60% of students fail or drop out. I struggled through it with a passing grade and had a great sense of accomplishment. The next year the major requirements were changed alleviating the assembly language requirement. I have to admit I wasn't happy with this decision since it meant that those sharing my degree after me didn't have to go through the same torturous experiment.

Until recently, it was a badge of honor to get a Linux desktop running. LindowsOS makes it possible to install in 3 minutes and have it auto-recognize all your components and then install most software with a single mouse click. Those who went through the “weeder” class path naturally won't be that excited.

4) Wine?
by IamTheRealMike

When you started, you put a lot of effort into Wine, sponsoring things like WineConf. That didn't work out, but Wine improves constantly, as the latest releases of CrossOver and WineX show. Do you think you'll ever return to it someday, or are you disillusioned with the whole thing?

Robertson

We really respect Jeremy White, Codeweavers and the rest of the Wine development team, but we did move away from Wine sometime ago. It was really a financial decision. Here's the analysis we went through. Microsoft makes roughly half of their profits from selling their operating system and half selling their office suite. If LindowsOS users still have to depend on Microsoft's office suite then they will only be able to save money on half of their software purchases. Additionally, they'll still have to deal with restrictive licensing, activation codes, endless security issues and expensive upgrade options. Undoubtedly Microsoft would continue to use their might to bully computer users who use one part of Microsoft's offerings into using the others, like they do now with Microsoft Word costing $349 and Microsoft Office priced at $399. We really need to move to a Microsoft-free computing solution to realize dramatic savings.

We thought it much better to continue to focus on the ease of use, but invest our energies in promoting and polishing native programs rather than legacy Micrsoft Windows based programs. This way we can save consumers considerable money on the OS and the other largest expenditure – the office suite. Another critical development is that the StarOffice/OpenOffice products really made major advances. We can now comfortably endorse and distribute these products.

While we stopped promoting Microsoft Windows program capability, we strongly emphasize file format compatibility which we think is critical. People often have a need to open and edit a doc, xls or ppt file and that's what we give them. By focusing on affordable programs, we can give computer users these capabilities for the lowest price.

5) MP3.com in retrospect
by prostoalex

Looking back at MP3.com, what would you do differently if you were to start the music service business all over?

Do you think MP3.com was a good business idea in the first place? Do you think the sale of the site to Vivendi Universal was a good idea?

Robertson

Our goal at MP3.com was to bring digital music to the masses and I think we made a lasting impact and left the world a better place then we found it. We fought hard in congress, courts and in the business world to make MP3 a universal standard because it was the best thing for music fans who were our ultimate customers. Today MP3 is a universal standard, DRM schemes have been thwarted, portable players are legal, virtually all hardware supports MP3, so consumers are in a relatively good place because they can freely move their music around.

We didn't accomplish everything we wanted to do. We championed the concept of a “Music Service Provider” and backed the concept up with phenomenal technology which would store a user's entire music collection online and zap it to any device via an open API (PC, portable, phone, car, CDR, etc) with a single mouse click. Licensing challenges, restrictive law interpretation, and music industry reluctance to embrace new technology torpedoed our efforts on this front. It's interesting to hear the press gush over Apple's itunes “one click” purchase and load to portable player features – something we had two years ago. I think we laid important groundwork to make this happen, but missed delivering on our entire vision.

I sold MP3.com at a time and price that I thought was good for our shareholders and have no regrets and wouldn't change any decision I made.

6)Wal-Mart
by Znonymous Coward

Microtel and Lindows have put togther some great deals for Wal-mart.com; How are sales going?

Will the Microtel + Lindows PCs ever make it to Wal-Mart store shelves?

Robertson

Sales are strong - we have the best selling products at Walmart.com. I'm confident that success will lead to retail store distribution on retailers' store shelves. We're waiting until our next version (4.0) to distribute LindowsOS in major outlets. The quality needs to be there to satisfy everyday (non-technical) computer users. I can't stress how critically important this is to the success of desktop Linux.

Linux MUST be preinstalled on computers to be a sustainable business. The Microsoft stranglehold on OEMs must be cracked to change the dynamics of the PC business. Until this happens, no desktop Linux company should be considered a viable longterm company.

7) PATENTING ONE-CLICK-INSTALL
by neitzsche

Dear Mr. Robertson,

Could you please update me on your efforts to patent your one-click-software-update solution?

If you are granted such a patent, do you plan on allowing the open source community free (beer/speech/both?) licensing?

Robertson

We don't have a patent on Click-N-Run and have not filed a patent application. I'm not a big believer in method patents. Patents need to be “non-obvious”. I'm not sure “one click anything” is patentable or should be – whether an order process (think Amazon) or software installation routine.

8) Viruses
by minus_273

Not having viruses is one of the upsides of . Why do you sell a virus scanner for Linux?

Shouldn't you be presenting the lack of viruses as one of the reasons to switch?

Robertson

I shared your viewpoint initially, but then we heard from users and discovered something new. What people thought was most lacking from LindowsOS that prevented everyday use was “virus protection”. I was surprised by this result so we talked to users to understand their logic. It turns out that they have been so traumatized by the virus problem on Microsoft Windows that it has shaped their view of the world. Many told us they would NEVER use a personal computer without virus protection because either they had been infected and publicly embarrassed or they knew someone close to them who had. Others said that their corporate policy mandated virus protection or the employee could be disciplined. It's no longer a rational decision, but simply a presupposition to using a computer.

Let me use an analogy. Say someone grew up in the crime-ridden inner city project and then decides to move to the country. No matter how hard that real estate agent tries to use statistics and reasoning to convince them they don't need locks on their doors of the house they're buying, the buyer won't believe it because that's not the world they grew up in. 95% of the world has grown up in a Microsoft virus-infested project. Microsoft has cleverly positioned it as a solely external problem so they don't have to incur the cost to fix it. Bravo to Microsoft for good marketing which has saved them billions in support. Consequently, computer users don't see the root of the problem as shoddy Microsoft programs that if they were to abandon the problem subsides, but rather a fact of life of personal computing. It's a lock on the door they insist on having – regardless of the crime statistics in their area.

So we offer a one-click virus solution powered by Central Command. Virii are a tiny problem today on Linux, but as more desktops migrate it would be foolish to think that it will never be a problem. Just stopping inadvertantly passing on Microsoft Windows vulnerabilities has value to many consumers, as I've attempted to illustrate to many people considering desktop Linux.

9) Click-n-Run vs apt-get
by mahdi13

Lindows is based off of the Debian code and uses apt-get to install software from the Click-n-Run repository. What is in place to keep people from changing the apt-get sources from CnR to the Debian sources and install something like Synaptic (and getting newer, updated packages for free) instead of paying the $99/year (with a few execptions)?

Robertson

It is true that LindowsOS is Debian based, but Click-N-Run is no longer apt-get based. We're now on the third generation of the Click-N-Run architecture and it shares virtually no code with apt-get. As often happens you learn a lot when you do version 1.0. In the first version we learned the limitations of apt-get and were forced to create our own system which would better support personalization, commerce, error handling, and low bandwidth environments. We saw about 60% success rate using the first version of apt-get. Today we achieve over a 90% success rate. And we're able to offer advanced features like Aisles, CNR Express, a full featured commerce engine, and critical features like auto-retry and partial install resume.

LindowsOS users are free to use apt-get or any other feature. We don't remove the command line or limit their ability to install software. They can “open the hood” if they want to. Our goal is to do all the heavy lifting for them for a fair price and build a profitable business. If we can't offer value beyone what they can get from apt-get then they shouldn't give us any money. So that keeps us working hard to offer value.

The Warehouse part of the Click-N-Run (http://lindows.com/warehouse) adds tremendous value as well. Not only do users get an informative graphical representation for many products, but because listings are based on popularity they can get a listing of the most valuable software as measured by the community. We also spend considerable amount of time working on the top 25 programs. We typically customize them to make them work well together and on LindowsOS. Since anyone can browse the information for free, we have even learned that our warehouse is used by many who don't use our products as a resource. We recompile the programs to use the “My Documents” folder by default to resolve one of the common complaints from users that “they can't find their saved files”. That's obviously a simple example, but those are the types of things that make all the pieces work well together for LindowsOS users and will bring desktop to a wider audience.

10) Xbox
by randomErr

What ever possessed you to put up the bounty on the Xbox project?

Robertson

To understand my motivation it's probably important to understand my belief in personal ownership. I believe that if you purchase a product, you should have the right to change it, move it, or alter it for your own personal needs. The seller should have the right to say that you void the warranty or refuse to support it if you change it, but you should still have right as the purchaser to make that choice. This goes for music, software and personal computers. My belief is that as long as consumers have this right, then they'll use that freedom to make choices which steer our society in a generally positive direction. I'd contend we've already witnessed this with MP3.

The Xbox is Microsoft's first attempt at a closed architecture PC. What they learn from the Xbox will be in their next generation closed desktop PC system. Microsoft wants to move to a world where THEY decide what software a computer runs because that will allow them to extract the most money from consumers. They'll position this product with a comforting sounding name like “trustworthy” computing and tout the benefits, but it's really about shifting power over an individual's PC from the buyer to Microsoft. Microsoft will put up a permission gate before any software can be installed which will have a fee associated with it. It will ultimately give Microsoft control over a user's computer. This is why we do not, in any way, limit what software users can install.

I think it's critical that consumers have control over their computers and the ability to decide what software they want to utilize. I look at the Xbox as simply a personal computer. This is why I funded the Xbox reward.

NOTE: I funded it through http://pubsoft.org, Russ Nelson's great concept which I hope catches on.

Consumer freedom is also one of the primary reasons I started Lindows.com. If we can get a substantial number of desktop users we will ensure the longevity of an open architecture PC and ensure that the computing world evolves in a consumer-friendly direction.

Thanks for the opportunity to answer your questions.

Running as root is insane.

[Malor]

You know, one of his answers really bugs me.... the old 'security versus convenience' argument. He essentially says that Lindows runs as root to be convenient.

He talks, later, about how his customers are so traumatized by viruses that they'd never consider running a machine without some kind of protection. Windows, which has always been 'features before security', has horrific virus problems.

In essence, he's indirectly bashing his own way of doing business. One of the main reasons viruses don't spread as easily on Linux is simply that normal users don't have permission to mess with system files. Even if a virus DID infect your Linux box, the damage would most likely be contained to the user account's home directory, unless you did something stupid (or weren't patched up properly). Lindows is, in essence, being stupid by default. He's trying to make Lindows 'just like Windows' -- so you get all the design problems and fewer user-level features to boot. What a deal.

If he wants to make Linux BETTER than Microsoft, this is likely an area of key differentiation, and yet he's glossing over the whole issue for 'user convenience'. Instead, he should be investing resources into engineering a solution that preserves both ease of use AND security. It can be done, it just costs time and money. Mandrake has a decent solution to this problem. It could be improved, but it's not too bad. It would make a fine starting place.

A corollary of an old computer aphorism: "Cheap, secure, convenient. Pick any two."

Geek Cult Linux

[CyborgWarrior]

I'm a high school student in CT, USA and have been for a long time trying to convince the technology department to move to a Linux server. Everyone in the technology department seems hesitant, but I've also talked to many of the teachers and they seem more open to it. Interestingly, it seems less of a geek thing around here, than a normal user thing. People are beginning to get seriously disgusted with Microsoft and are looking more for other options. This could be the perfect time for Lindows to enter the market for the average user.

Re:"the Click-N-Run architecture..."

[i_am_nitrogen]

Click-N-Run never shared any code with apt-get. It originally called the apt-get executable to download and install the software, but now the Click-N-Run client downloads the software itself, and uses dpkg to install it. This is just an accidental miswording by Michael Robertson.

Interesting and Insightful

[evilpenguin]

Well, I think this interview shows the man has his head on straight. He understands the real issues that keep "joe six-pack" from buying and using Linux and he understands why there is is little ISV support for Linux. He has a strategy for solving it. I don't know if it will work. I don't know if it is any good.

But $200 PCs from Wal-Mart with Linux pre-installed is a big step on the way to adoption.

I do not know Lindows (yet). I don't know if I think it is evil or not. But I bought one of the cheap PCs to find out. I figure that if I hate it, I can put another distro on the box.

I, frankly, look forward to to seeing Lindows on PCs actually in Wal-Mart stores. You see, I'd rather have a substantial number of the people who don't care what their OS is running Linux (or at least having the choice) than being locked in to a Microsoft-only world. It will lead to better hardware and software support for the OS. Nothing this man does can take away our Free Software or our other distros. If some of the people today locked in to Microsoft become locked in to Lindows, does that really hurt anything or anyone?

I disagree with him about the "running as root" issue. I understand his logic, but a "root only" Linux box is a Linux box that might very well come to need its virus scanner! Non-priv'd users are a big part of why Linux viruses are NOT a big issue.

Anyways, I know I'm rambling. I'm not likely to ever buy a Lindows subscription. I'll end up putting Debian, RedHat, or SuSE on the box first (heck, maybe my first Gentoo box, who knows). But I think there is a supply of users for whom a product like Lindows is theoretically perfect. My mother-in-law, for example.

Those of us who care about Free Software as a freedom issue wont be hurt by Lindows. And we might be at least indirectly helped.

Interesting views. Good interview.

Where did that question come from?

[Otter]

Re: "Could you please update me on your efforts to patent your one-click-software-update solution?"

Is there any factual evidence for such an effort, is the poster confusing Lindows with Amazon, is he completely clueless or did a bunch of crack-addled moderators mod up a troll?

Re:Where did that question come from?

[neitzsche]

"evidence" - well no, no evidence per se. (Since when does one need evidence to post a question on /.?)

I do not have any secret recordings of Michael Robertson outlining plans for focusing his efforts on legal (instead of technical) matters.

But his colorful history does show that he seems to excel in the legal arena. OTOH, his technical decisions lead to very belabored discussions about whether users should run as root or not.

I am happy with his answer to my question.

I am glad that my question was moderated up, AND he deigned to answer it.

Perhaps if I had carefully prepared a question, I would have asked how or if he intends to legally "help" the linux community. He was given the source code to a simply excellent operating system, as well as tons of application code for free. With some amount of effort, he is now able to call it his own. Does he now intend to fight legal battles that "little guys" cannot? (The Microsoft (TM) battle is the one example that I know of.) Does he feel that he owes the linux community anything?

But I didn't. That's what I get for being in a rush to post rapidly after the call for questions appeared.

BTW Otter, are you a Lindows employee or just an advocate?

Lastly,
is he completely clueless or did a bunch of crack-addled moderators mod up a troll?
I've never done crack myself (can't speak for the moderators) and it's been a long time since I've had any mind-altering chemical stronger than the caffeine in my coffee. I certainly do not consider myself (nor my question) a troll. I'm sorry that you do.

We should have asked...

[scubacuda]

..."What percentage of Lindows boxen do you think that the public buys just to install another OS on? And of those boxen, how many do you think have pirated versions of Windows on them?"

Quanta?

[Ktulu_03]

web development tool that is tightly integrated for creation and management such as FrontPage or Dreamweaver
I have used Quanta for over a year now, and it is a great tool for creation and management of a website, especially with kiofish now a part of KDE.

Re:Why the Walmart Thing is Bogus

[mahdi13]

Buy a Lindows machine, format it and install Windows...this is not a good thing to do (or easy for those that don't know howto "fdisk /mbr" but for every Lindows machine sold it is +1 for Linux and 0 for Windows.
If they don't sign up for the CnR, that doesn't mean they are not using the Lindows. They could be like me and want to run other apps from the apt-get sources (not hard to enter ftp.debian.org in the /etc/apt/apt.sources

I do hope to see these sitting on the shelves at Wal-Mart soon, with a running display model to show people. Hope they have an image on hand for when people like me come along, open a terminal and "rm -rf /" =)

I would pay $99 a year

[gsfprez]

If Apple would fix the problem with my aunt's single-user iBook wanting a password everytime a software install comes up. That would save me so much money in time, it would be insane.

Most users are deathly afraid when the system puts up a window telling them to do somthing and does not explain to them why they are doing it. I can't fathom what it would be like to put a Linux box in front of her. Lindows is something i'm actually concidering becuause it DOES run in root, and she can make changes and add software without having to call me to see if its "okay" to type in a password every time she wants to install something.

of course, otoh, it does slow her down from installing 500 apps a week that she gets in spammail with executables... which is why i took her PC away from her running 98...

The service i really want to see is $99 a year for users to be able to call Apple/some linux company evey time they have a dumb-ass question of the hour. So instead of my cell phone going off at work, Apple could field the "what's with this iPod updator window? I don't know how to close it!!!" (its quit, just like all other 100 programs you run on Mac OS X.. don't freak out, damint.)

Is it just me?

[ArhcAngel]

Or are there some EXTREMELY angry/anti-Lindows posters today? I understand the underlying issue about why it is unwise (Insane) to make the default account root but I completely understand why he says he does it that way. If you really stop and think about it how many people (non technical) do you know who would ditch Lindows in a heartbeat if they couldn't do something they currently can do in Windows. They EXPECT things to work like windows. Just like they EXPECT to have anti-virus software. A few years ago, when the Melissa virus stormed the net, I worked in a Novel/Lotus Notes environment. We got phone calles ALL DAY LONG for several weeks from people saying they were infected with Melissa. I had to explain to them that since Melissa only affected MS Outlook they couldn't be infected but were simply receiving emails from people who were infected. Many of them still insisted I come look at their systems. That is why Lindows works the way it does. No geek in their right mind is going to be enticed by this distro because it was NEVER EVER EVER targeted at you. Stop whining that it perverts Linux/OSS and help them succeed where every other attempt has failed. Is it so wrong to expect payment for services rendered?

Roberts makes an ironic observation

[WebCowboy]

To a /. reader I'm sure this is far from a profound insight but it's refreshing to see CEO's who are clued in:

Microsoft wants to move to a world where THEY decide what software a computer runs because that will allow them to extract the most money from consumers. They'll position this product with a comforting sounding name like "trustworthy" computing and tout the benefits [...] It will ultimately give Microsoft control over a user's computer. This is why we do not, in any way, limit what software users can install.

The fact that Microsoft is leading the charge in this direction is somewhat ironic. Microsoft rose to prominence based ENTIRELY on an industry that came to being because of enthusiasts who believed in bringing availability and control of computer hardware and software to the masses. The personal computer was invented chiefly to wrest control of computer resources from institutions (and their black-suit and white-labl-coat cladded minions) and place it in the hands of the end user.

Nearly 30 years ago, computer users had to pay through the nose for timeshare services what was allowed was decided based on corporate policy and the whim of system administrators (and even the mainframe vendors!). Running your process or batch on the big IBM iron was a privlige you paid dearly for and you were grateful for it (kinda sounds like grandpa walking to school barefoot in the snow but it was kinda true). Computer enthusiasts were tired of it and brash upstarts provided hardware (MITS) and software (Microsoft) they could purchase and use as they saw fit.

Fast forward to today. What a sad situation when a once brash young upstart--one that totally owes its successful existence to PC users past and present--turns into the "enemy" and betrays its customers by angling to control what people can do with the machines they own.

Microsoft is becoming a throwback to the 70's and earlier--like the companies that sold mainframes or timeshare services that called all the shots. With the arrival of the PC revolution none of those companies were the same again (and most don't exist at all). Microsoft has always been good at looking out for competition and the next big thing, and when they miss the boat (as they did with the Internet) they'd hop a raft and paddle out to it to stage a mutiny. I wonder if they're losing their touch now. They're responding to a new threat with an old business model.

And--irony of ironies--it looks like IBM is clued in enough to be a willing player in the game (even if they still are heavily invested in mainframes and proprietary computing).

Interesting times...

Re:I would pay $99 a year more reasons

Gentoo (source)
Debian (binaries)

Those are your answers for worry-free s/w install.

Re:Why the Walmart Thing is Bogus

You would have to unalias 'rm' first, ot else be presented with quite a number of interactive removes.

Fair Enough

[SomeOtherGuy]

Kudos to him. Well informed, spoken, and fair answers. I do not have to agree with them all to sympathize. Anyone who has had to offer "support" to a non-computer type in your family or circle of friends can sympathize with trying to do away with as much confusion as possible. (and like it or not, in a single user desktop environment -- having to login or su as root in order to install programs is crazy.) I guess I would lean more towards a system that installed "after rollout or 3rd party apps" into privdir's (or home directories) by default rather than giving full root....because diskspace is pretty cheap anymore -- and in a typical home user environment (single user) the chances of getting the same app installed 20 times in 20 different privdirs is minimal anyhow.

Re:Kidding yourself

[StormReaver]

"And, as you say, there's no need for root access for an email virus to spread."

So many people who use this argument are overlooking the obvious. An email virus requires an email program that will automatically execute attachments. There is no email program for Linux that does this. All Linux email programs require the user to:

1) Save the attachment to disk.
2) Change the file attribute(s) to executable (because Linux email programs never save files with the execute bit(s) set).
3) Expicitly run the program.

The reason Microsoft email viruses are so prevelant is because Microsoft's email program requires the user to:

1) Read the email.
2) There is no second step.

Running the system as root will in no way make a user susceptible to email viruses on Linux. However, running as root will greatly increase the damage done to the system if a user runs a malicious program.

Assume that I, under my user account "stormreaver", get tricked into performing the three steps needed to run a malicious binary emailed to me and it completely wipes out my home directory.

If I didn't have backups, which is foolish considering how cheap CD-R's are nowadays and how easy KDE 3.1 makes backups, it's true that I'm out of luck for my personal files. I have to remove my account (by becoming root), recreate my account, and start over. The rest of my system (games, utilities, etc) are all fine.

If I did have backups, which I have, then I delete my compromised account, recreate the user account, and copy my backed-up config files. It takes my (estimating) about ten minutes to get back to where I was (allowing time for reading hundreds of megabytes from the backup CDs). I'm then back in business. Since all my executables (minus my in-development binaries) were protected by root access, nothing was permenantly damaged. At most, I'm somewhat inconvenienced. I saved days of redownloading and installing large non-system apps and several hours of installing and tweaking my operating system (with the latter taking most of the time).

The superuser/regular-user distinction made in Linux is real protection against filesystem viruses because it eliminates the automatic propogation mechanism required by such viruses.

Only profound stupidity on the part of email software developers (and profound stupidity on the part of users running Outlook through WINE, though the threat is greatly reduced on Linux because most WINE installations don't have Microsoft address books) will present an email virus problem on Linux.

Running everything as root will still require active user participation to propogate any type of Linux virus. However, the damage done will be far more extensive.

None of this will matter, of course, if a regular user installs something by temporarily becoming root, and the install program then makes the software setuid root. However, the protections added by the superuser/regular-user distinction are significant.

KDE has almost nailed all circumstances where this is inconvenient and provides a simple way to temporarily become root to perform system-altering tasks. The only one remaining, that I encounter, is having to use the command prompt to su to root in order to install a game using Loki's installer.

I must agree

[Ender+Ryan]

I submitted the "why root" question, and while I think Lindows should use some method to separate the normal user from the superuser, I must admit that overall I am impressed by Robertson's tackling of the problems of putting Linux on the "average Joe's" computer.

I think the default account should be a normal user, and users should be encouraged to give normal user accounts to family members and others sharing the PC, so that one member doesn't destroy the whole system. To "su" to root when installing software, changing configuration, etc., the system could simply have the user enter a keyboard combination that is captured by the OS, eg. ctrl+alt+delete.

That would bring complete ease of use, while maintaining tighter security.

OTOH, after posting the original question, a Lindows user informed me that current versions of Lindows ask the user, during installation, if they want to create accounts for normal users...

Re:Vandalism on the sales floor

debug
-o 060 ED

Then you can't type anything else.

If Lindows is so secure where are the updates?

I have a $99 Click'N'Run subscription and
was disturbed that after the recent sendmail
issues their version of sendmail was not and
is still not (from the date) patched.

Same with ssh (openssh)

My solution...

Install RedHat, their free updates are much
more timely..

I asked on the Lindows support pages about
the updates and I get the distinct impression
that they did not fully understand my question.

His company should help GnuCash...

[Goonie]

If Mr. Robertson really wants a financial app that can do online banking, the easiest way to do so is to fund GnuCash development and, equally importantly, help persuade some financial institutions to work with the GnuCash developers so that they can get online banking support up and running.

Back in the day where some of the GnuCash developers (myself included) were employed by a company, we considered where to focus our efforts. Basically, we had to concentrate on business stuff because that's where we thought there was going to be cash (it didn't turn out that way, but that's another story and not really mine to tell). If somebody had have come along and said - "here's $BIGNUM (or even $MODERATELY_BIG_NUM), we'll schmooze some financial institutions for ya, now go implement online banking and make it work seamlessly", we could have done it (as some of the other developers have demonstrated in Germany with their online financial transaction standard).

The opportunity still exists if somebody wants to take the ball and run with it.