When Does Usability Become a Liability?

nasteric asks: "I caught myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee. The discussion had to do with usability and security. Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack. Needless to say, this became an endless debate between our Microsoft Administrators and our Linux/Unix Administrators that will undoubtedly continue into the morning. Therefore I pose this question to the Slashdot community. Will making Linux more user friendly result in it becoming less secure? Hopefully your expertise will help shed some light on (and bring to and end) our discussion." Does decent usability necessarily imply the presence of vulnerabilities? Macs seem to have this area down pretty well, with little in the way of vulnerabilities. Can Linux software follow the same route?

Wha?

[monstroyer]

Question: Is this an "Ask Slashdot" or an advertisement for Krispy Cream and Apple?

Also, since the editorial already starts us off with an "OS X vs Linux" flamewar, let me add to the discussion... Windows and Linux admins in the same organization? What organization is this?!

Why do people think that the command line is *not* "user friendly"? Do we write books by pointing and clicking at icons, avatars, and pictures? Except under amazing cirumcstances (Steven Hawking, the blind, etc) would you hire an author that did? Then why a system administrator?

Re:Wha?

[CountBrass]

Do we write books by pointing and clicking at icons, avatars,

Extremely poor analogy.

We spend literally decades learning to read and write and even then very few people are actually any good at writing books. Natural language is also, compared to computer languages, extremely stable. Natural language are also exactly that - natural. Our brains evolved to support them and our languages evolved over millenia to suit our brains.

Understanding images is considerably more important than language and certainly long pre-dates any human language- written or spoken.

And I'm sure you've heard the expression "A picture is worth a thousand words".

So, your point would be?

Re:Wha?

[Enry]

one picture is worth a thousand words?

Seriously though, I'm an author and do a lot of writing. We are a visual species - look at the popularity of TV, movies, and video games. Why are GUIs popular? It gives you a lot of information in a small amount of space. Think small applets, like CPU usage or disk usage. More information can be sent quicker using a pie graph and setting colors than just giving raw capacity and percentage used.

But writing is much more precise. When you write something down, you need to know *exactly* what you're saying and who you're saying it to. Otherwise the meaning could be lost.

Re:Wha?

[normal_guy]

Because commandline is NOT END-USER FRIENDLY. Things are different when you're a system admin. Click a picture of a music note, you get music. Click a picture with a music note flowing into a CD, you burn your CD. That's much easier than " CD_DA TRACK AUDIO FILE "secret-pregap.wav" START FILE "track1.wav""

Re:Wha?

[leadfoot]

My organization has "Windows" and Unix admins. Our desktops machines run Windows NT with Novell client and Novell servers for shares. Our databases, internal and external web servers and middleware run on several flavors of Unix and Linux.

Re:Wha?

[stand]

Hey, I'm not offering any advice until I get one of them donuts. Hand it over!

Re:Wha?

[NoMoreNicksLeft]

Even with 4 byte words (or 8 byte words on some monster big iron), 4000 bytes is not enough for all but the tiniest gif file. Now, gif being a 256 color only format, with no serious compression and an inability to depict sharp photographs of any significant resolution, I contend that no,

A picture is not ~1000 words.

Re:Wha?

[rsmah]

The command line is not user friendly because you need to remember things to use it. While some may poo-poo the difficulty of memorizing dozens of commands and hudreds, if not thousands of cryptic options, the *fact* is that command lines are not "user friendly" for most people.

Moreover, the original article was not talking about being user-friendly to administrators, the argument was between administrators. The article was about how becoming more user-friendly would make the machines more accessible and vulnerable when used by non-administrators.

I swear, reading comprehension skills have gone way down.

Re:Wha?

[Planesdragon]

Except under amazing cirumcstances (Steven Hawking, the blind, etc) would you hire an author that did?

Tracy Hickman (of Dragonlance fame.) has professed to using a "help you write" tool. Despite using what ammounts to a novel-wizard, his last four or five books were all NYT best-sellers. And he probably wrote the manuscripts in a GUI environment.

As for the CLI itself--it's not that CLIs can't be user-friendly, it's that they simply aren't. A user-friendly, intuitive command line would:

* Have plain-language redirects to all commands (swipe some code from a twenty-year old Command-line game if you must!)

* Have a help-file that's intuitively found and starts with the basics--file maniuplation, directory navigation, et al.

* Give immediate and clear feedback that something is working.

Re:Wha?

[jd142]

Because commandline is NOT END-USER FRIENDLY

It depends. The command line can be quite user friendly.

copy a b

That's a fairly easy way to understand how to copy a file in dos. But in the gui world, a person has to remember to right click and say copy (or ctrl+c) and then right click on the destination and say paste (or ctrl+v). Or remember that if dragging files between folders not on the same drive, the file is copied by default but if dragging between folders on the same drive move is the default in windows. KDE does this better, always asking the user what to do with files drug from one location to another.

As far as your example goes, it really depends on the os. In my copy example above, linux would have the user us cp. Well, how does the user know that? If the os let a person say:

burn song.wav to cd1 as audio-cd
burn all songs in c:\mp3 to cd1 as data-cd

that would be pretty easy and friendly. But no os does that AFAIK. No reason you couldn't make a bash alias to do that and then it would be easy for people.

On the other hand, I just found a really handy little program called sequoiaview that gives you a visual representation of how much space your files and folders occupy on a drive or network share. There's no way a command line utility could convey the amount of information in the sequoiaview window in as easy a fashion.

The thing to remember is that usability is Hard. Very Hard. But it isn't the medium that's restrictive, it's the capabilities of the person creating the interface.

Re:Wha?

[proj_2501]

4k is plenty for a nice ascii art

Re:Wha?

[gcalvin]

Indeed, when you travel to a foreign country, where you can't communicate using their language, you can still get such necessities as food by pointing at things (or at pictures of things).

Re:Wha?

[h4rm0ny]

Natural language are also exactly that - natural. Our brains evolved to support them and our languages evolved over millenia to suit our brains.

I agree, but not with your inference. You suppose that a computer language does not have this property, but as it is produced by the human brain without constraints upon it, surely it is an even purer reflection of the human brain's inherent language ability (however much it is inherent). There might have been constraints in the old days, but have you tried Python yet? ;)

More on-topic however, I agree with the original poster but for not for his reasons. The picture / point-and-click approach is more of a use-base method rather than one based on underlying theory.*

The danger with this is you get people who do things by the step-by-step book instead of through a true understanding. Like how a mechanic used to have a good grasp of how an engine worked and nowadays tends to just follow the official process.


*Doesn't have to be, but it is.**

**My gods, I'm using footnotes in a /. post now.

Re:Wha?

[jtpalinmajere]

Why do people think that the command line is *not* "user friendly"? Do we write books by pointing and clicking at icons, avatars, and pictures? Except under amazing cirumcstances (Steven Hawking, the blind, etc) would you hire an author that did? Then why a system administrator?

Simply put, not all machines that need to be used are going to be used solely by the system administrator. The simplest example being your common system user. While a command line is indeed user friendly if you already know how to use it, it can be daunting and intimidating if you're more familiar with graphical environments. If the argument that "the commandline can do everything and is still user friendly" actually held true, then I would say that graphical interfaces would likely have never been invented, nor grown to such popularity.

Back to the original question posed by the article though, there have been many research articles in the past few years that have all come to the same conclusion that adding security features will generally detriment useability.

Some security aspects are in fact invisible to users, but if you are trying to secure all potential transactions that your common user initiates then it adds steps upon steps of procedure and policy that the user has to go through in order to complete the transaction. Following that line of thought, there comes a point where adding too many security features actually renders a system unusable.

Dorothy Denning has spoken many times of when she was working on a secure database project (complete with fully polyinstantiated tables and user authentication) for a government contract and the project ended up as a failure because of its lack of useability and general expense.

There is also a trend that the more useable a product is, the more popular it becomes, the more it becomes used, and the bigger a target for attacks in general. As is, Linux is hardly "secure", nor is OS X for that matter. When they become the dominant workstation platform of the world then I daresay that much of the security hype of said OS's will prove largely exaggerated. Just because Windows is the favorite for attacks also does not mean that it is any less secure than the other OS's. Quite frankly, they've hardly been put to the test to make a fair comparison to begin with.

Based upon those two reasons, I'd say that the hypothesis that Usability degrades Security (and vice-versa) stands as a reasonable argument.

Re:Wha?

[flewp]

Natural language are also exactly that - natural.

If you were to teach a child to communicate through computer languages from the beginning, it'd be just as natural as the so called "natural" language. Look at the huge difference in languages throughout the world. English could be considered as different from Japanese as English to Perl. Okay, bad example, but my point being that they seem natural because they're imprinted to our brains at an early age. While using language to communicate may be instinctual, the language we actually use is not, it is learned.

Re:Wha?

[Kirill+Lokshin]

Why do people think that the command line is *not* "user friendly"?

Two obvious reasons:

1. Although it's great for system administration (and writing books), there are a number of important tasks for which the command line is not a good interface: image editing, 3D modeling, fps games, and others. The common element here is that all of these try to deal with 2- or 3-dimensional interactions, while command lines are generally 1-dimensional and linear (do A, then do B, then do C). I suppose it would be possible to have, say, a command-line image editor, but it seems that having a point-and-click interface is more intuitive for that type of problem.

2. There is a deep psychological aversion to command line interfaces in the minds of the general public. This is partially the fault of things like awk, perl, *sh, etc, which have become associated with command lines. The average user sees a clever perl script once, cannot understand one bit of it, and automatically assumes that the rest of the interface is as abstruse.

Re:Wha?

[filmsmith]

Good point. And when computers start to operate themselves, they may feel free to use whichever language works best for them. Until then, we should use what works best for Humans!

Try not to miss the point next time.

fs

Re:Wha?

[spacecowboy420]

Naw, it's even more simple than that. It is about choices. Staring at a blank command-line offers no intuitive options. You have no idea where to start as a n00b. Basically a graphical interface enables a user, without prior experience, to poke around and discover - simply by exploring all options.

What is easier - a multiple choice test, or a fill in the blank test?

Re:Wha?

[AKAImBatman]

If the os let a person say:

burn song.wav to cd1 as audio-cd
burn all songs in c:\mp3 to cd1 as data-cd

that would be pretty easy and friendly. But no os does that AFAIK. No reason you couldn't make a bash alias to do that and then it would be easy for people.


Actually, that looks pretty close to AppleScript. Unfortunately, the "ease of use" tends to become a liability to advanced users, as they have difficulty remembering the syntax.

Re:Wha?

[Golias]

Also, since the editorial already starts us off with an "OS X vs Linux" flamewar

Talk about an asinine knee-jerk reaction!

The whole point of bringing up OS X was as a proof-of-concept that the sort of user-friendliness which Linux is moving towards does not automatically mean weak security. It has nothing to do with flame-wars, and everything to do to paying attention to what others in the industry are doing. (Something everybody should do, unless they want to lose in the long run.)

let me add to the discussion... Windows and Linux admins in the same organization? What organization is this?!

Damn near every Linux-centric organization I've ever been a part of, for a start. If you are a software company, you are going to have customers on Windows. If you are going to support those customers at all, you need to make your shit work in a Windows environment, which means maintaining a Windows environment.

Mixed environments are the norm, not the rule. A lot of companies even have a few Novell systems lying around doing stuff. Show me a "pure" Linux shop, or a "pure" Windows shop, and I'll show you an IS department run by a raging platform bigot.

Why do people think that the command line is *not* "user friendly"?

The command line is extremely user friendly. Having to remember the names and locations of dozens of config files in order to perform basic upkeep and maintenance of your server is not. I don't know about you, but I need to crack a book open to remind myself how to add a virtual host to my Apache web server each time I do it. If I was constantly editing the httpd.cnfg file (or whatever the hell it is), I wouldn't need to look it up every few months just to remember all the lines that need to be changed, but since it's only an occational change, a GUI front-end that held my hand through the process would not be entirely unwelcome. Granted, a badly designed GUI tool which lacked the flexibility I expect from raw config file edits would be ignored, but do it right and I would never need to open that file in vi again. That's what people mean when they say "user friendly."

Re:Wha?

[bhp]

I suspect the difference in security between Windows and *nix is real, and I suspect there are two major reasons, neither of which have anything to do with usability or user-friendliness.

First, Windows originated from a single-user single-system perspective that didn't take security seriously because it didn't need to. In contrast, Unix had security built in from the beginning because it was intended from the beginning to be multi-user. Even if the original security in Unix was less that what we expect today, tacking security on after the fact is still much more difficult that starting from any reasonable basis and updating it.

Second, Windows is a proprietary OS owned by a corporation that didn't take security seriously until recently, assuming you think they take it seriously now. Unix and Linux, on the other hand, with public source available, was more likely to be updated with security fixes over the years.

Re:Wha?

[Kur]

Wrong. Language studies have shown that computer langauges are not equivalent to conventional lanugages . One study, in part, was undertaken to identify whether teaching and using computers at an early age is beneficial. Unsurprisingly, it showed absolutely no benefit. Unlike spoken languages, where the earlier you start, the better you are, computer languages showed no such advantage. That's good news for adults.

Sorry, I do not have the source available. The study was discussed in the NYT within the last year or so.

Re:Wha?

Who said anything about GIF files? Also, this isn't even funny. We all know that text is smaller in byte size than pictures.

Re:Wha?

[maximilln]

-----
The whole point of bringing up OS X was as a proof-of-concept that the sort of user-friendliness which Linux is moving towards does not automatically mean weak security
-----
I think everyone's ignoring that Apple was able to prevent the unitiated general run-of-the-mill script hacker from exploring the innards of their system for many many years before Windows became mainstream. Sticking with their ultra-super-secret closed model they've bred an OS that's secure not just because of the code it runs but because of the mindset and the historical knowledge and background of their top level programmers and designers.

If we would take the Mach32 kernel and give it to a bunch of MS jockeys and ask them to produce OS X I have no doubt that it would be a security nightmare. Apple's been refining their methods for decades.

Re:Wha?

[fermion]

It depends on what the end user is doing. Certainly for a the varied tasks that the home user might do, a GUI is very good. I question if the GUI is best for office use. Most of the time a boss needs the average employee to do a few things. Write some memos. Run some reports. That sort of thing. Employees can be trained to type in the proper commands, or press the proper numbers. In the old days, command applications could be easily reconfigured to display a text menu that allowed the user to choose the exact options or reports they needed. This innovation was only recently copied in GUI application. It was not uncommon for a user to have to execute several mouse clicks, several times a day, to do what they once did with three or four keystrokes. Of course, to get back on topic, the GUI allowed untrained employees to gain access to the database and screw everything up.

Re:Wha?

If the os let a person say:

burn song.wav to cd1 as audio-cd
burn all songs in c:\mp3 to cd1 as data-cd

that would be pretty easy and friendly. But no os does that AFAIK.

VAX/VMS used to have a similarly verbose syntax. CD-R was not even invented when I was using it, but I bet it would accept something similarly wordy. Or maybe more like

$ BURNCD /TYPE=AUDIO /DRIVE=DISK$CDRW01 /CODEC=WAV SONG.WAV
$ BURNCD /TYPE=DATA /DRIVE=DISK$CDRW01 /CODEC=AUTO [.MUSIC]*.MP3

Apologies if I've messed up the syntax but it was 13 years ago. Anyway, whatever ..... a human being can learn it easily enough. It's a myth that a GUI is always easier, and it insults the intelligence of anyone who can communicate in words every time it gets spouted.

Re:Wha?

Anyone get a sense of irony here?

Denigrating command line (word based) control for graphical (icon based) control, because commands (words) are "not user friendly" and then complaining about people's lack of reading (word) comprehension skills?

Maybe if slashdot articles and comments were posted using pictograms rather than words they'd be more "user friendly"?

Re:Wha?

[TinkerDad]

True, but only because you both share a common frame of reference. Communicating outside of a common frame of reference becomes much much more difficult and thus a much larger volume of data. Try getting food from a blind man in france.

Re:Wha?

[AshtangiMan]

81818181818181

Re:Wha?

[flewp]

My point wasn't that becoming a good coder was based on starting earlier. I guess I'm not sure how to make my point more clear, but I'll try. I was basically trying to imply that if instead of speaking english or other languages, we spoke perl/c/etc, it would be "natural". Basically imagine flipping programming languages and natural languages, so that you spoke in perl/c/asm/etc, and coded in english/french/german/etc. Anyway, as I said before, our tendancy to use language to communicate is instinctual, the languages we use are not, and that was the main point (although poorly conveyed) of my post.

Re:Wha?

[God+of+Lemmings]

There are always exceptions to the rule.

http://www.scripts-lab.co.jp/mind/whatsmind.html

Re:Wha?

That's easy. He runs as soon as he hears you :)

Re:Wha?

[CorwinOfAmber]

Because commandline is NOT END-USER FRIENDLY.

Says who? A lot of GUIs are not end-user friendly either. Just because some CLI programs require the user to know arcane options does not mean that the CLI itself is broken. In fact, there is anecdotal evidence to suggest that the command line is easier to learn for people who have never used computers before.

Click a picture with a music note flowing into a CD, you burn your CD. That's much easier than " CD_DA TRACK AUDIO FILE "secret-pregap.wav" START FILE "track1.wav""

Come on, you have to do more than click an icon. At the very least, you have to select which files you want to burn from a list. More likely, you drag and drop the files you want to burn. That's easy for you, but not necessarily intuitive to someone who's never used a mouse before. With a CLI, a you at least have the option to write a script. Aunt Tillie might find it easier to type "burn file1.wav" than figure out which mouse button to press, and which icons to drag where.

Re:Wha?

[Chandon+Seldon]

Studies have shown that for people with little or no previous computer experience - useful proficency is reached faster in leaning a CLI than a GUI.

Re:Wha?

[Nexum]

This reminds me of something I've read. When Apple was engineering the GUI back in the early 1980's, early tendency in testing was to just use icons and imagery for buttons and functions, testing showed that this was disatrous however, and the best approach in terms of speed to learn and usability was to use both descriptive text and an icon.

Apparently, the lead engineer is quoted as saying "a word is worth a thousand pictures" when it comes to GUI design.

Re:Wha?

This might be a tangent.

When something is read, there is an extranous thing which is involved, which the writer could never anticipate, the reader's imagination.

How many times have you the phrase? "I loved the movie, by the book was better."

GUI, graphs etc. There are good to have, they have their place, but not don't replace, good old configuration file and decent understand of what you ar working with.

Re:Wha?

[johnlcallaway]

What does this round icon with a lightening bolt do.
<Click>
What does 'Formating C drive, Select Yes or No' mean??
<Click>
I don't know what it's doing, but it's 5% done.

You can get a better score on a true/false test than a 'Select A, B, C, or D' using random selections. The more choices, the higher the chance of selecting a wrong one.

If you have limited computer background, icons, menus, and dialog boxes can help with choices and can help people cross OS boundries a lot easier, or learn the next version.

Without that frame of reference, the choices mean nothing.

Re:Wha?

[gl4ss]

they should form those eulas into ascii art displaying hot chicks.

then at least they would be viewed.

Re:Wha?

[julesh]

Tracy Hickman (of Dragonlance fame.) has professed to using a "help you write" tool. Despite using what ammounts to a novel-wizard, [...]

Its not as bad as you make it sound. The software in question is essentially a directed brainstorming application that helps authors make sure their ideas for a novel adequately cover the many different levels that many critics think are essential for a 'good book'. It isn't exactly 'point and drool'...

Re:Wha?

[eric76]

In fact, there is anecdotal evidence [osnews.com] to suggest that the command line is easier to learn for people who have never used computers before.

That's sure good news. I have someone new that I'm teaching how to do some work that has lots of simple command line invocations.

It's slow going teach her to do it, but I'd sooner do that and have someone who doesn't think of command lines as "too hard".

Re:Wha?

[LinuxHam]

Windows and Linux admins in the same organization? What organization is this?!

Damn near every Linux-centric organization I've ever been a part of, for a start.

Your experience may be unique. For the organizations that I've dealt with as an IT Architect, thier Linux personnel grew out of UNIX operations, not Windows, which IMHO makes much more sense. There are always some hangers-on who think that the Intel space is called "Wintel" and that "if its Intel, the Windows folks own it", which is just really stupid.

Re:Wha?

[Dravik]

Isn't that why warnings are built into graphical systems? If you format the hard drive a warning pops up that tells you if will destroy all data. If somebody doesn't know what they are doing the words destroy and perminant make an impression. If the warnings are not there then it is a poorly designed graphical system. Despite all it's problems the one thing windows does well is the graphical interface. When you open a window all the things you can do are listed. All you have to do is click. You don't have to read through 30 pages in a man document to find the command with all the paramaters that you need.

Re:Wha?

[Graymalkin]

Why should configuring a server be exceedingly difficult and complex? Computers are supposed to make jobs easier to do, not harder. Configuring a server by tweaking a bunch of text configuration files might be l33t among your schoolyard friends, among people that have work to do it can be a pain.

On a Linux system you're not likely to find any two services with the same configuration syntax or language. Every time an admin has to learn a new configuration syntax the liklihood of them screwing something up increases. If a management tool works well there's little reason not to use it. If it reduces administration of the system to dragging icons and clicking buttons it shouldn't matter to anyone. An admin still has to know what values are required for the system to work right and how to effectively manage the system and network. Management tools whatever they may be let admins focus on their real job, system maintenance, rather than on the gritty details of learning the intricacies of Sendmail's configuration files.

Re:Wha?

[drsmithy]

In fact, there is anecdotal evidence to suggest that the command line is easier to learn for people who have never used computers before.

Only on /. will a posting on another soapbox website, recounting a biased personal experience completely lacking any sort of scientific method whatsoever, be offered up as something credible...

(Yes, I realise anecdotal means without rigorous study. But, sheesh, this thing doesn't even have the *beginnings* of objective research - if your standards are that loose, then every post here saying "GUIs are better" qualifies as "anecdotal evidence").

Re:Wha?

[lawpoop]

"Natural language are also exactly that - natural. Our brains evolved to support them and our languages evolved over millenia to suit our brains."

"I agree, but not with your inference. You suppose that a computer language does not have this property, but as it is produced by the human brain without constraints upon it, surely it is an even purer reflection of the human brain's inherent language ability (however much it is inherent). There might have been constraints in the old days, but have you tried Python yet? ;)" I disagree. Everybody all around the world can parse and produce natural language. In fact, if you find someone who can't, we consider that to be a kind of mental retardation. By contrast, creating things such as computer languages doesn't really seem to occur spontaneously anywhere -- it only really develops when you have a long history of continuous education. It's difficult to do, and the only reason Slashdot geeks can do it is because
1. We have a mechanized agrarian, which means we don't have to spen 14 hours a day in the field, and can do other things, such as learn to read.
2. We have libraries of work on logic and the like, dating back thousands of years, that we use to cheat with -- instead of having to figure something out for ourselves, someone just gives us the answer, in a book.
3. We have a modern, free, public education system where we are given enough resources in order to learn such things.

In any case, I think that most people have an easier time with visual-parallel problems, and that it takes a certain kind of mind, which I will call the geek mind, to tackle serial problems like reading and math.

Re:Wha?

[NaugaHunter]

"All he had was a hammer, so every problem looked like a nail."

A command line would be user friendly if it was an intelligent command line that could interpret whatever you typed. Think of speech recognition: it's essentially a command line w/o typing. There aren't many CLI's that are forgiving of grammar or spelling though.

The main reason CLI is viewed as inherently user unfriendly is that there is no context or clues if you have little or no instructions, or run into unusual problems. Also there has usually been little obvious consistency. You want to trash something in a gui? Drag it to the trash. CLI? It's rm, for remove you know. It's a directory? Oh, then rmdir. But first you have to empty it. Or you can just use rm -r . But not literally, because that period could erase everything depending on where you are. Oh, you already did? Hold on, let me transfer you to someone else.

Re:Wha?

[spacecowboy420]

Even a true or false question offers a question with options. A blank command line does neither. Even knowing to type man and a command requires
a. To know that there is a `man' command
b. To know which command to even bother looking up.

Then expecting a n00b to dicipher a man page is a leap. I also have never seen an icon or have I even seen anyone make a shortcut to the "format c: /u/s" command - your argument is not representative of typical usage. Also, icons are generally easy to associate visually with an application - if not, you run it and see what comes up. As a general rule, most applications will not mess with your data just by loading them up and MOST applications will not negatively affect your hardware - thus poking around is good.

Also, you imply there are 'wrong' choices, when in fact, there is not really a 'wrong' choice per se, just not the specific function you're looking for. If this is the case, you choose one of the other choices and move forward. Now you know what that other function does for when you do need it and have also completed what you set out to do. Not likely to get the same quick understanding on cl.

The main benefit of a gui is the flattening of the learning curve. It is not as efficient as knowing exactly what you want to do at the cl - this is true, but gets you to a point to where you can be somewhat productive. Obviously being adept at the cl will make you more efficient.

Re:Wha?

[Dravik]

How would a person know the command was burn? how does he know what the paramaters are? With a GUI you only have to learn how to deal with a window. Every window works the same way. With a command line you have to learn a different command for everything you want to do. If you want to save the file click on the menus at the top of the window untill you see save, you want to copy click on the menus at the top of the window, etc.. Everything works in the same way. How do you find out you can do? look at the menus at the top. With a command line to find out what you can do you have to read through a bunch of man pages.

Re:Wha?

[connery]

Quoth the parent:
Basically imagine flipping programming languages and natural languages, so that you spoke in perl/c/asm/etc, and coded in english/french/german/etc.

That's silly. Programming languages exist as a formalization of the logic that we are able to develop from having learned natural languages from such a young age. You can't "teach" a child to "speak in code" because the child hasn't yet developed the abstract logical reasoning which enabled people to develop formalized computer languages in the first place.

Re:Wha?

[x0n]

Ah come on; you can do better than that weak offering. W

"formatting C drive, yes or no?", that sounds much more like a CLI than a GUI prompt. Any GUI I've ever used will say a lot more than that, more like:

"This will erase all data from your hard drive; are you sure you want to continue?"

Ok, you could then argue that if the user has no clue what a hard drive is, they might click ok. But the point is, if same user knew what a hard drive was, he wouldn't continue (talking about the GUI i/f here); However, if the same user sat at a command line, he wouldn't even get that far.

- Oisin

Re:Wha?

[airjrdn]

Why do people think that the command line [osnews.com] is *not* "user friendly"? Do we write books by pointing and clicking at icons, avatars, and pictures? Except under amazing cirumcstances (Steven Hawking, the blind, etc) would you hire an author that did? Then why a system administrator?

I'm sitting here unable to fathom who would ask such a question. I can envision the interview now...

"Do you ever use a GUI?"

"Well of course"

"Well, we here at ABCD Company believe that system admins should always use the command line because of it's inherent efficiency. Why property an object, change a value, and make the change permanent in 3 clicks when one can simply pull up a command line, edit a config file with a command line editor, stop the service via the command line, then restart the service via the command line?"

Get real

Re:Wha?

[lawpoop]

I argue that the a properly designed GUI is inherently more user-friendly that a CLI, even properly designed.

Take your example to 'copy a b'. Is a the object or the indirect object? In order to find out, you have to consciously learn a particular grammar. You could do English-like where 'copy a b' means 'copy a to b' or switch positions, where 'copy a b' means 'copy to a, b' . Some natural languages actually use that kind of syntax. My point here is that your ad-hoc syntax is ambiguous from the start, and requires explicit training as to what exactly the grammar is.

Contrast that, for example, a GUI where you have two different folders, anybody immediately understands an object's movement from one place to another. As a species, we're pretty good with language, but visual processing has been going on for millions of years longer.

Re:Wha?

FS, I believe that there are alot of people missing the point on this one. The heart of this arguement falls into the category of installed base. As linux becomes installed on more systems, it becomes more of a target and thereby more vulnerable. As things stand, a linux virus or backdoor serves to only attack ~5% of the market. Outside of installed base there is the idea that with each added layer of "usability" improvements comes the chance of more vulnerabilities (it's just the nature of interoperability).

I would argue that on a whole Linux/Unix CAN be less vulnerable than Windows, in the right hands, but if you are anything like me you feel that in the scope of Open Source and Free Choice too many options are left open on the installation options. Most of the newbies willing to switch "if only the interface was easier to use" will rarely if ever go beyond that interface to understand the services and features turned on, and subsequently will always have a vulnerable system. Also, without a first rate centralized update system, most users will not keep their security updates current. I have worked with a couple of system administrators and it blew my mind how behind many of them were with security patches.

Re:Wha?

[be-fan]

Bah. People have, rightly, compared point-and-click interfaces to primitive "point and grunt" communication. You don't have to be a novelist to communicate well. The very fact that your brains have evolved to support them shows the sheer power of the system. Its the difference between interfacing with the computer at the level of an animal and interfacing with it at the level of a human.

Re:Wha?

Nobody said it's impossible to design bad or dangerous guis. But if that format-the-drive button were nested inside a "disk utility" application, rather than right on the desktop, and if the confirmation step said "WARNING: formatting will destroy all data on this volume. Are you sure you want to do this?", then the odds of a user stumbling into this would be very small indeed.

This argument is about as meaningful as someone saying that clis are unusable because it's dangerous to have the command (&*WDYWR&^ do something common and useful, while (&*WDYER&^ formats your drive. Yes, that would be terrible, and that's why people don't build things that way.

Re:Wha?

[jargoone]

Having to remember the names and locations of dozens of config files in order to perform basic upkeep and maintenance of your server is not.

Hi. My name is Webmin. Have we met?

Re:Wha?

[Graymalkin]

Or...dragging files between folders ought to move it by default. When you've got a paper in one folder on your desk and pick it up and slip it into another folder does it duplicate the paper at the quantum level in the new folder? No. If you're using a spacial desktop metaphor on a computer it should behave in a spacial manner.

A GUI should facilitate work getting done and then get the hell out of the way. Interupting the user's concentration and workflow by popping up a dialog asking how to move files is absurd. Changing the move behavior based on whether the destination is on the same drive is equally absurd. An interface needs to be consistant and forgettable. A user should never have to fight with the interface to get their work done. The specific task at hand - be it typing an essay, editing a photograph, or composing a musical score - should be all the user has to concern themself with. Computers are supposed to do the hard work while we get the important stuff done, not the other way around.

Re:Wha?

finally- it's 2004, right? yes. finally! a use for RIP

Re:Wha?

"But writing is much more precise. When you write something down, you need to know *exactly* what you're saying and who you're saying it to. Otherwise the meaning could be lost."

Actually writing is not very precise. Two people can read the same sentence and extract different meaning based on nuances. Lawyers and politicians try to be precise in writing and interpreting laws, but as the Florida electio ndebacle has shown, is that language is not very precise, and leaves a lot of room for individual interpretation. Computer languages are the only precise languages.

Re:Wha?

Yes, but only if the concept is reasonably obvious.

How to "train" people to use the mouse? Why, get them to play Solitaire or Minesweeper.

The double-click is NOT intuitive.

Re:Wha?

[drew]

What is easier - a multiple choice test, or a fill in the blank test?

Of course in the Microsoft multiple choice test, every single question has the option "E. None of the Above". And I can tell you, (because I had a teacher that did it once) that if you give students a multiple choice test where the correct answer to almost every question is "none of the above", 90% of them will score worse than they would on a short answer test with the same questions.

Re:Wha?

[vsprintf]

Windows and Linux admins in the same organization? What organization is this?!

Our company has Windows and *nix admins. What's so strange about that for a large company? There's Windows on the LAN PCs to keep the secretaries and PHBs happy (and to keep the Windows admins busy fighting worms and pumping up the ITS charges). Then there's Linux, Solaris, and IRIX on the big boxes and workstations to get the real work done.

Re:Wha?

Uh, no they don't understand. On some systems, dragging a file object from one folder to another copies it, on others, it moves it, unless various other combinations of eye winks, elbow wiggles, etc. are manifested.

On Windows, it's amazing that the above action does anything at all...

Re:Wha?

[MSZ]

Not to mention the fact, that you need to know what particular image means in particular context. A "magnifying glass" image may (and does) mean "enlarge object", "get a 'closer' view" or "search" depending on program. This inconsistency is not the fault of the medium itself, but it still frequently makes textual command simpler: "search" means search, not enlarge, rescale or change a view.

And then you get that little difference in approach, where in GUI you can only do what the programmers intended but in CLI you can typically do more if you really want to. That's what I really hate in Windows, theoretically so friendly and easy to use, but take a little step off the beaten path and everything becomes impossible.

Re:Wha?

The command line is based very closely on natural language.

For instance take this instance:

for i in `ls *zip`; do unzip -o $i;done

this says basicly:

for every file that ends in "zip", unzip it while overriding any files.

It's like talking to your computer. Except the person your talking to is a bit stupid and needs exact commands.

Re:Wha?

Oh, i don't know. CMD, VBScript and WMI are a pretty powerful combination. So it's the bastard stepchild of Windows operation.

But it is just about functionally equivalent as shell scripting on *nix.

Re:Wha?

[Deraj+DeZine]

How did this get modded insightful? The example make sense, but he's arguing against a point made by someone who appears to have a slightly below average intellect for a house fly or SCO manager (take your pick).

Oh wait! He mentioned Slashdot. Because none of the rest of us know anything about the community here.

Re:Wha?

[filmsmith]

Personally, I'm dumbfounded, too. I just meant for it to be funny.

fs

Re:Wha?

[flewp]

No fucking shit. It's a hypothetical idea. ONCE AGAIN: My point is that language (spoken) is instinctual. The languages (ie, english) we use are not, they are learned.

Re:Wha?

[ThisIsFred]

Also, since the editorial already starts us off with an "OS X vs Linux" flamewar, let me add to the discussion... Windows and Linux admins in the same organization? What organization is this?!

Mine! ...or anyone else's. Sometimes vendors don't have Linux server side software. Some of us work with what we have. I've got an NT4 box with enough CALs to last a while. It's running fine. Why throw it out? I had three Netware boxes that just weren't making the cut, but neither was my budget, so now they're running Linux. We've also got Win98, Windows 2000, XP desktops, and Mac OS 10 desktops. Network homogeneity costs money, and often there's a big trade in compatibility.

Okay, so technically we're all Linux/Netware/Mac OS/Windows admins, but sometimes we roleplay.

Re:Wha?

[ThePCJedi]

I work for the IT department of a major northwest plastics manufacturer. Needless to say, the network and equipment can be rather extensive. As far as having Linux and Windows administrators in the same organization goes, that's just the tip of the iceberg.

Our IT department must make sure that every computer and server that runs in this company are running properly. This includes the machines running the plastic extruders, the machines used to create the art that is printed on these products, the databases that store client information as well as poly recipes for various plastics, accounting information, etc.

This means that our IT department must be able to run, troubleshoot, and use several operating systems fluently, and all in sync, of which Linux, Windows, OS X, and Unix are all included. And around here, being at least bilingual, so to speak is a requirement, and is preferred if you're well skilled in all of the forementioned.

While I was never a Mac fan before I began working here, seeing that each of these operating systems has its strengths and weaknesses shows that if a major corporation wants to run as efficiently as possible, they must diversify.

Re:Wha?

[johnlcallaway]

I had several replies, but they all said something similar.

I tried to raise the suggestion that when people have no clue at all what the words format, data, or erasing mean, having the choice is a pointless affair. Obviously, everyone who responded understood these choices and I would agree that we would be able to respond to those dialog boxes (which I believe the original post pointed out).

It was not an endorsement of CLI over GUI, or even the other way around. Mearly an observation that arguments about GUIs being intuitive are cast aside when the unknowing show up.

Reminds me of the first hardware upgrade I experienced. We traded our big NCR box with dials and lots switches and lights for a new one without dials, switches, or lights. When we showed up on Saturday to test it, the guys who installed it had turned it off. The only button we could find had a I/O symbol on it. So we pressed it. Nothing happened. So we pressed it again. Still, nothing happend. No lights, no fans, no noise at all. We dug out the manuals and everything, and could not find any instructions about turning it on. Finally, I hit the button again and walked away. About 60 seconds later, the machine came on.

Today I know that the symbol was not I/O, but 1/0 for on/off (if they had put a cap on the one or a slash through the 0 we might have figured it out a little better). Hence, not having the knowledge made the icon useless. Pressing it twice turned it on and then back off again. Pressing it blindly without knowing it took 60 seconds for the machine to come on (POST testing I guess) did limited good. Only be accident did we figure out what the icon meant.

Good thing it wasn't a format button....

Re:Wha?

Hey be-fan, you usually avoid using stupid slashdot analogies and falling into the nerd trap of believing that interacting with a computer is some end in itself.

When the novelist finishes his literary masterpiece, does it really matter if he points-and-grunts at an icon of a printer?

Re:Wha?

[lawpoop]

I contend that those are poorly designed GUIs. A similarly poorly designed CLI would suck too. But compare a well-dessigned GUI to a well-designed CLI, you will see that the CLI has built-in ambiguity that the GUI does not.

Re:Wha?

burn song.wav to cd1 as audio-cd
burn all songs in c:\mp3 to cd1 as data-cd

I've been waiting for ZorkShell for a long time. I can't believe nobody has tried this -- it would seem to be an essential first step towards "star trek" style computing.

Re:Wha?

[McSporrran]

BEST SIG EVER

Re:Wha?

Yeah, and if we learned to communicate from an early age by flinging piles of manure at each other, with the size of the pile giving meaning, etc. that would be natural too. Problem is, such a stupid system would never arise because it wouln't work. You can rant all you want about what's natural, but part of being "natrual" is that it arises naturally to solve natural problems. Geez

Re:Wha?

I think everyone's ignoring that Apple was able to prevent the unitiated general run-of-the-mill script hacker from exploring the innards of their system for many many years before Windows became mainstream.

Anyone who has ever used a Mac knows this is ridiclous. Virtually every little piece of shareware and even a ton of commercial software relied on one undocumented hack or another -- and there were and are thousands of them. Even the little Icon March during startup was someone's hack and not a documented feature.

The difference is that Mac programmers are out to make their reputation in the Shareware market, not the hacker/virus crowd.

Re:Wha?

Basically a graphical interface enables a user, without prior experience, to poke around and discover - simply by exploring all options.

Which, back on subject a bit, does that make the system more secure?

My general feeling, which is probably common on Slashdot, is that it tends to lower the barrier to entry too much. Do you want an admin that learned by experimentation, but doesn't necessarily know what the icons and checkboxes really mean? It's a great way to learn, and all admins should poke around and experiment a lot, but on a production (stable/secure) system, you want someone who knows so much that it doesn't matter what the interface is.

Now, a well-designed interface will make things easier, by putting the important parts where you will see them. Any interface to the system can be used to make it secure (usually), or insecure (always), but if it is daunting enough to scare off the people who aren't dedicated, more of the survivors will be actually qualified.

The system I work on at work is run by a guy who knows nothing about computers. I'm extremely bitter (for the inefficiency, the times I have to do his job, and mostly for his attitude despite my having saved his ass so often). If there was a GUI on my Linux servers, he would probably demand the password and try to work on them, too. Since they're text-only, he stays away, and they keep working.

Re:Wha?

I believe the quote is "A picture is worth a thousand words, but a word is worth a thousand icons." Not because icons aren't useful, they are great targets and when done as icons (not small photographs) they give a visual cue that can be picked out of a crowd much more easily than text. A lot more mental processing power is required to examine words, but if icons are simple and differentiated enough (color for instance) they are much quicker to identify. But having just icons means that four Word docs look exactly the same and the meaning of the icon is hard to decipher (just see MacOS X dock as an example).

Re:Wha?

[platypussrex]

I tried to raise the suggestion that when people have no clue at all what the words format, data, or erasing mean, having the choice is a pointless affair.

Format and data I'll give you, but if the person doesn't know what erase means, then they have no business out of diapers, much less on a computer.

Bottom line: GUI needs to use language appropriate to the intended user, that's all.

Re:Wha?

[LMCBoy]

So, taking your ideal "Spatial desktop metaphor" UI to its logical conclusion: to copy a file, I would have to drag the file to a "Xerox machine" window or icon, and then press the "Copy" button on the Xerox machine, which would give me two copies of my file in the Xerox machine. I would then move one of them back to the original folder, and then move the copy to wherever I wanted a copy of it.

The point is, the metaphor can be pushed too far. To me, it's clearly easier to just have to OS ask "Copy, Move or Link?" when I drag an icon. This also has the advantage that the computer is not doing what it assumes I want to do; it is doing what I tell it to do.

(don't get me wrong, I really like when a program can guess what I want it to do, but only if it is right most of the time...)

Re:Wha?

[cpt+kangarooski]

Ah, ZorkShell... I see no song.wav here.

Re:Wha?

Except you're forgetting about the mouse as an interface. Single click to select, double click to open, click-and-hold and drag to move. Clicking, one action, has many meanings. The state of your mouse button makes a huge difference in how the interface responds. Ever watch someone new use a mouse? It is very confusing and experienced users have issues with letting go too soon or inadvertently moving text when they were just trying to highlight it. The use of the mouse alone has many issues. Of course, trying to use 'invisible' commands using a specific syntax isn't great either.

Re:Wha?

[Dumbush]

"What is easier - a multiple choice test, or a fill in the blank test?"

I don't like "multiple-guess" test since it's generally harder and offer no part mark =)

Re:Wha?

[westlake]

Studies have shown that for people with little or no previous computer experience - useful proficency is reached faster in leaning a CLI

---and your evidence is to be found where?

more to the point, perhaps, it is becoming difficult to imagine a user whose first experience with a computer wasn't with a GUI oriented system like Windows. even in the "dark ages" of personal computing there were friendly menu-driven, character based, GUIs available to insulate users from the command line.

Re:Wha?

[Tran]

As a new parent one does all kinds of interesting reading regarding lanuguage aquistion. Babies have been shown to master visual communication well before they can vocalize words that we as adults can understand. Babies communicating via sign language are something amazing to be hold.

Re:Wha?

[fireboy1919]

Specifically, language theory (Kleene's work, mostly) has shown that computer languages fall into a subset of the class of all possible languages.

Specifically, natural languages are "context sensitive" languages, whose parsing at worst is an NP hard problem, while programming languages are "context free" or "regular," whose parsing requires polynomial time.

So there are things that cannot be formulated in computer languages that can be in natural languages (I suppose that may be obvious, but there's mathematical backing, not just subjective studies). As far as learning young versus learning old, there's still the advantage of youth to aid in the process.

I learned my first programming language at the age of 7. It's been my experience that I pick up programming languages faster than most of my peers - probably because I've got a context-free language under my belt already to abstract from.

Re:Wha?

[Piquan]

As for the CLI itself--it's not that CLIs can't be user-friendly, it's that they simply aren't.

I just wrote a post that says the same thing, and I'm going to elaborate on it here. I use a decades-old OS called Genera as my example. It's absolutely amazingly easy to use. What a concept: put a Help key, labeled "Help", on the keyboard! And the UI is based around the idea that you are a human. The default messages are based around the idea that you're a programmer (in its stock configuration, it's a programmer's machine), but a human nonetheless.

When you first turn it on, after the version and copyright herald, you see in a plain, clear, proportional font, with special characters like (R) and named keys (I have to approximate it in ASCII):

You are typing to

Dynamic Lisp Listener 1.
Control characters are interpreted as commands to edit input.
Press Control-[Help] for a list of input editor commands.

Type "Help Commands" for a list of Command Processor commands.
Press [Select] D to select Document Examiner(R) to read online documentation.
Press [Select] [Help] for a list of programs.
Press [Function] [Help] for a list of asynchronous and window operations.
Hold down Shift and click the rightmost mouse button to select the System Menu of programs and window operations.
Press Symbol-[Help] for a list of special function keys and special character keys.

Please login.
Command:

At the bottom of the screen, I see:

Mouse-R: Menu
To see other commands, press Shift, Control, Meta-Shift, or Super.
[Mon 12 Apr 4:15] CL USER: User Input

Any time that there's an operation taking place, a progress bar appears on the bottom (in a slightly different place depending on what's going on, for advanced users) and "User Input" changes to whatever it's doing.

So I type "help commands". It's echoed as I type, and so I can see which parameters are what, and what the defaults are. They're all in an easy-to-read table in real life, but slashdot doesn't seem to want to format it correctly.

Command: Help (with [default All]) Commands

The User command table has nine commands of its own
and inherits additional commands from these command tables:
Access Control File Printer Maintenance
Activities File System Process
Breakpoint Flavors Programming Tools
Callers Fonts Remote terminal user
CLOS Garbage Collection Session
[snip- joelh]

Command:

If I move my mouse over one of these command tables (including where it says "User" at the top), it lights up with a box around it. The status line changes:

Mouse-L: Show all commands; Mouse-M: Describe command table; Mouse-R: Menu
To see other commands, press Shift, Control, Meta-Shift, or Super.

I can click it, and see what commands are in that category (again, in nice columns in RL):

The Mail Reading/Sending command table contains these commands:
Initialize Mail Send Mail
Save Mail Buffers Show Mail
Scan Mail Show Zmail Status

Command:

The highlighted box and mouse status board tell me I can (among other things) left-click on the "Send Mail" command to execute it, or middle-click to see the documentation, so I middle-click. Note that I don't have to use the mouse; there's a command available if I feel like typing, and Genera helpfully fills it in at my Command: prompt.

Command: Show Documentation Send Mail Command

Send Mail

Command
Send Mail recipient keywords

Prompts for the text of the message and sends it as electronic mail to recipient.

[It then goes on to describe the arg

Re:Wha?

[cyberchondriac]

Wrong. Language studies have shown that computer langauges are not equivalent to conventional lanugages.

Ah, that helps explain why so many coders can successfully program an app containing thousands of lines of code, but still can't spell "loser".
:-) ( I hereby envoke Godwin's law !!)

Re:Wha?

[colmore]

this just made me think...

has anyone ever tried adopting the old infocom interface as a shell?

Re:Wha?

[westlake]

shouldn't a CLI also have syntax checking and a "plain english" warning that you are about to do something damaging/irrevocable? generally speaking, a GUI will give warning and let you back out gracefully before you make a major mistake.

Re:Wha?

[mabinogi]

Being easy for someone to start clicking around isn't necearily a good thing.

Sure it gets them started, but its far less likely they will go on to have as thorough an understanding of what they are doing.

I'd be worried about any admin that hadn't read a manual, and just clicked and explored his way around a control panel.

We've got some like that unfortunately running our corporate network. They switched all the core infrastructure from Solaris to Windows, and when requested to add a new machine into DNS, the genius who did it, clicked around a bit, and added it as an Authorative nameserver for our external domain.
That mistake stood for months despite them being informed of it a number of times. Personally I suspect they either had no idea what I meant, or didn't know how to fix it.

It probably would have been quicker to add the A record manually to a configuration file anyway, and there's no way you could 'accidently' add an NS instead.

Re:Wha?

[r_jensen11]

But when the multiple choice tests start to deduct points for wrong answers, I'd rather take the essay test....

Re:Wha?

[Flower]

What a completely splendid troll. You totally ignore the issue the article brings up, take a comment made by the editor and spin it into something it's not and then you link to an article that brings up an age old controversy which is still not pertinent to the discussion at hand. Oh and the "What org has linux and Win admins?" was a nice touch.

For the reading impaired, the point of contention in the article is this "They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack." The second monstroyer focused on the admin angle he went off-topic.

Oh and the CLI isn't user-friendly for Joe User because the focus with him is the steepness of the learning curve. Joe User just needs to click an icon or menu option and get basic and sometimes power functionality. The question is do we allow Joe User the ability to click on executable content and have it just run or how do we represent a task as potentially dangerous and provide the appropriate information so Joe can determine if he wants to continue on. He isn't interested in awk '{ print $1 }' logfile | sort | uniq and doesn't want to invest the time to learn the various switches of any particuliar command.

Re:Wha?

[tekunokurato]

I completely agree--babies point at things they want, not type notes out for their parents to read. The most intuitive designs are simple point-and-click.

Re:Wha?

"Apple was engineering the GUI "
You mean Xerox, Apple didn't engineer the GUI. It was Xerox which invented and engineered it. Apple simply stole it, embraced it and extended it.

Re:Wha?

[be-fan]

Interacting with the computer isn't an end in itself. However, many jobs these days require interacting with the computer for hours on end. The more efficient the interface, the faster the work. Look at it this way: say you have Japanese co-workers who don't speak English, and you don't speak Japanese. Do you work together for years on end, communicating by pointing and grunting at things, or do you try to establish a common language?

Now, I'm not going to say that a CLI is the ideal human-computer interface. But I will say that current GUIs, based on "real world" metaphors aren't ideal either. The ideal interface utilizes both visual and linguistic skills, where appropriate. Visual elements can be very efficient for certain situations (data visualization, looking for patterns, etc), motor elements can be efficient for others (designing, drawing, etc), and linguistic elements for others (generally, telling the computer what you want it to do in an expressive way).

This paper goes into a lot of detail about these issues.

Re:Wha?

[anagama]

What would be really cool, is if the computer could understand things even if the syntax varried. So for example, one person might say, "burn the songs in the burn folder to a music CD", and another might say "burn a music cd from the songs in the burn folder" ... and both commands would do the same thing. For those who like terseness, or want to do something more complicated than normal sentence could deal with easily, the current style could still be available.

Perhaps it's as simple as breaking commands down into subject, object, verb components. But I would think, for something like this to be really effective and fast, the computer would have to get closer to a system of understanding concepts, as opposed to slavishly following commands.

Oh yeah, and spelling shouldn't be critical.

Re:Wha?

[acidtripp101]

Basically imagine flipping programming languages and natural languages, so that you spoke in perl/c/asm/etc, and coded in english/french/german/etc.

Ick... and I thought american english was hard to understand...

Re:Wha?

[JoeZeppy]

Also, since the editorial already starts us off with an "OS X vs Linux" flamewar, let me add to the discussion... Windows and Linux admins in the same organization? What organization is this?!

I've worked in a major Fortune 500 industrial manufacturer, a Fortune 500 financial inatitution and a small biotech startup, and all three of them had Windows admins and Unix admins. Why do you suppose that is?

Oh, yeah, I remember. Because most Unix weenies aren't any good at administering Windows, and they can't see around their gigantic egos to realize that, so they're incapable of improving.

Re:Wha?

[AstroDrabb]

As things stand, a Linux virus or backdoor serves to only attack ~5% of the market.

What decade are you living in? While I do agree with the more market share an OS has, the more of a target it should be. However, your Linux numbers are way off. Linux accounted for 25% of the server shipments and 2.8% of the desktops back in 2002, so it should be even higher now in 2004. MS Windows obviously has 90%+ of the Desktop, and around 50% of the server market. Mac OS has around 3% of the desktop _and_ server market total, so it should be the smallest attack target.

However, there are things far more important then market share such as the systems architecture. Unix/Linux has a LOOOONG history of a clear separation from user files/directories and OS files/directories. That is why a normal user under Solaris, Linux, FreeBSD, etc can only install/modify things in their home directory or directories that they own (traditionally only their home directory). MS Windows on the other hand has no separation on what files a user can modify by default. Your average Joe User running MS Windows XP is running with Administrator rights and a virus/worm/etc can just kill the whole system. I believe Mac OS has this problem, though not as bad as MS Windows. The permissions on the Applications directory can be pretty loose.

but if you are anything like me you feel that in the scope of Open Source and Free Choice too many options are left open on the installation options

Compared to what? MS Windows? Come on now. When was the last time you used or admined Linux? Most come with just about everything off and a very powerful firewall that "Big Three Linux Distros" have on by default and block common things like SMB, SMTP in, etc. You could turn off _everything_ and really lock down Linux with things like SELinux, but usability would go way down. I think a balance needs to be made on every OS between what services/ports etc are on by default and a certain level of user responsibility to get updates.

Re:Wha?

[JoeZeppy]

Having to remember the names and locations of dozens of config files in order to perform basic upkeep and maintenance of your server is not.

Hi. My name is Webmin. Have we met?

err, isn't Webmin a GUI? A "graphical user interface" to the text config files?

Re:Wha?

[naden]

You and your Windows-centric ways ..

That's a fairly easy way to understand how to copy a file in dos. But in the gui world, a person has to remember to right click and say copy (or ctrl+c) and then right click on the destination and say paste (or ctrl+v). Or remember that if dragging files between folders not on the same drive, the file is copied by default but if dragging between folders on the same drive move is the default in windows

To copy a file on OSX you simply drag and drop. If the file is from one drive to another, a little green (+) icon appears next to the file icon indicating the file is going to be copied.

that would be pretty easy and friendly. But no os does that AFAIK

OSX. Applescript.

tell application "iTunes"
&#160;&#160;&#160;copy (a reference to (get view of front window)) to thisPlaylist

&#160;&#160;&#160;-- if no tracks are selected, use them all
&#160;&#160;&#160;if selection is {} then
&#160;&#160;&#160;&#160;&#160;&#160;copy every file track of thisPlaylist to allTracks
&#160;&#160;&#160;else
&#160;&#160;&#1 60;&#160;&#160;&#160;copy selection to allTracks
&#160;&#160;&#160;end if

&#160;&#160;&#160;repeat with aTrack in allTracks
&#160;&#160;&#160;&#160;&#160;&#160;cop y (get aTrack's genre) to temp1
&#160;&#160;&#160;&#160;&#160;&#160;cop y (get aTrack's album) to aTrack's genre
&#160;&#160;&#160;&#160;&#160;&#160;cop y temp1 to aTrack's album
&#160;&#160;&#160;end repeat
end tell

Re:Wha?

[naden]

Lets try that again:

tell application "iTunes"

copy (a reference to (get view of front window)) to thisPlaylist

-- if no tracks are selected, use them all
if selection is {} then
copy every file track of thisPlaylist to allTracks
else
copy selection to allTracks
end if

repeat with aTrack in allTracks
copy (get aTrack's genre) to temp1
copy (get aTrack's album) to aTrack's genre
copy temp1 to aTrack's album
end repeat

end tell

Re:Wha?

[sdowney]

burn all songs in c:\mp3 to cd1 as data-cd

multiply a by b giving c

COBOL is alive and well. If it's simple enough, managers will be able to express what they want, without all of those expensive programmers.

Re:Wha?

[Vaughn+Anderson]

Why do people think that the command line [osnews.com] is *not* "user friendly"?

I am very computer literate, I work on computers daily, from my perspective, the number one reason is this:

I can't see all the options I have at my disposal for any particular application unless I request it and then it is only temporarily available.

I perceive you use only one application where I literally use 30+ applications, about 10 different ones at least every day. I am only extremely profficient in 5 apps where I know all the keyboard short cuts (which require NO TYPING) Typing is REALLY REALLY SLOOOOW compared to a keyboard shortcut or even a menu click.

I can make 30 - 40 clicks for your 3 command line sentences and get a tremendous amount of visual or auditor feedback on the information and more options (that don't dissappear because of scrolling text in a command window)

Not only that, but because of uniformity of GUI's now days, I can pick up and use another application _instantly_ having never touched it before or reading anything about it. I hardly think you would be so lucky that command line commands would be similar in applications differing from graphics manipulations to video editing to HTML editor.

Also, data returned via text is almost never as consice or informative as many graphical representations of data (take graphs, 3d applications, etc...)

Re:Wha?

[notsoclever]

Bruce Horn disagrees.

Re:Wha?

[flosswales]

Good point !... But we can't just forget that images and those other gui stuff born from their "text-mode ui" parent ( i like it much better honestly ). Develop the gui-based apps. needs more efforts and time rather than the text-based... which in effect needs some extra-mind from the developer... After all, there will always "a hole" in every os for the cracker. But just keep the good point, Linux is free-of-charge :)

Re:Wha?

Try getting food from a blind man in france.

If he's blind, just take his money and get the food yourself.

Re:Wha?

This reminds me of something I've read.
Really? That's very interesting.
Please, tell us more.
When Apple was engineering the GUI back in the early 1980's, early tendency in
Ok, shut the fuck up now.

fuck you nigga fuck fukc you niga nigga fuk you nigga fuck fukc you nigga, fuck you nigga fuck fuck you nigganigga fuk yu niga nigga fuck yo nigga...

Re:Wha?

[Ben+Urban]

Um...It's "invoke", not "envoke".

Re:Wha?

[qtothemax]

Has anyone else ever wished for a combo gui-command line interface? I would love to be able to click to get to a directory (which often have long annoying to type names) and use a command line to actually execute somthing in that directory, such as "vi README" This would be especially useful if there's a huge number of files in the directory and you don't feel like actually looking for it. So they both definately have thier strengths and weaknesses.

Re:Wha?

[Master+of+Transhuman]

> if icons are simple and differentiated enough

And when was the last time you used a system where this was true?

Certainly not on Windows which has fifty million different icons, most of which I have never learned to differentiate - and as long as there is text captions and detailed list views, I never will.

The same is true in Linux.

I suspect VERY few people do file selection using only icons without at the very least reading the text as well to confirm their selection. If that's the case, what the hell good are icons? Saving you a fraction of a second which you then use to read the text anyway?

Icons are IMHO HIGHLY overrated as a usability feature.

Re:Wha?

[tiki6]

> And I'm sure you've heard the expression "A picture is worth a thousand words". Does that work in Chinese too? I bet programming in Chinese is a bear.

Re:Wha?

[afroborg]

KDE kinda has this feature - if you enable "show terminal emulator" in the "window" menu of Konqueror, it gives you a terminal on the bottom of the current window which follows you around and can be used at any time

I use it all the time, it works pretty well

Re:Wha?

[cmoquin]

I agree. I have deleted files in CLI Unix where it was unclear whether I wanted copy a b or copy b a In some instances, Unix would overwrite my file with a non-existent file.

Re:Wha?

[marsonist]

Computers allow people to do things that aren't possible in a "paper/folder" phyiscal sense. The fact that you can't easily copy or link pieces of paper between physical folders doesn't mean that it sure wouldn't be helpful.

We shouldn't let limitations of the physical world set the limitations of the computer world.

Re:Wha?

Oh, yeah, I remember. Because most Unix weenies aren't any good at administering Windows, and they can't see around their gigantic egos to realize that, so they're incapable of improving.

^^^^^^^^^^^^^^^^^^

I noticed this as well. Going on 6 years at my current job starting from bottom to senior admin (mostly windows, some solaris/linux) this is so true. Leave the biased Unix admins to their toys and stay away from the Windows boxes.

The biggest flaw isn't them not being technical enough. They jump on a Windows box and it's like their eyes glaze over and they do stupid shit. They just don't *care* when it's not their Unix box. Oh I crashes a windows box, big deal. My unix box has 923 days uptime. Wanna bet? :)

I personally watched a incredible Unix admin of login to a 2000 Active directory domain trying to troubleshoot an issue and delete all the system objects because they had red X's on them. He looked at me and said "What? They are corrupted objects". Thank god only 10 people were on the domain testing it. :)

Re:Wha?

[thinkninja]

The (quite expensive) software.

Being cynical, I'd guess Hickman has some sort of advertising deal with write-bros rather than being a simple end-user.

Re:Wha?

[SillyNickName4me]

When a human can use concepts that are natural to a human (s)he has indeed a better chance to do the job right.

This was not about creating technically better admins but about getting the same quality of administration and usage while needing less technical knowledge.

Re:Wha?

[Sinterklaas]

Of course, the key to communicating is a common frame of reference. The key question in this thread is whether pictures or language are better for communicating. The existence of people with handicaps is a totally separate issue. While important, usability for a handicapped person is inherently different from usability for a 'regular' person.

Personally I think that pictures are easier to parse, but less accurate. As such, a mix is probably best, using language for complexer elements of the interface and pictures for those which are easy to understand. That way, you reduce the complexity of the interface, while maintaining a fair amount of accuracy.

Re:Wha?

[Sj0]

If I recall correctly, Xerox PARC came up with the idea of using a graphical terminal and mouse, but they didn't really take the concept where it is today. They were very much concentrating on the use of a mouse and graphics terminal as an extention to the dumb terminal in use everywhere. To say that Xerox engineered Apples GUI would be like saying that Ford simply embraced and extended the automobile from horse and buggy manufacturers. There was a LOT of groundwork to be done before you could call it a GUI, except in the broadest sense that it was on a graphics screen, rather than a text one.

Re:Wha?

[zero_offset]

Maybe you should read the article you link to. Most of that concerns differences between the Mac and Xerox GUI, such as overlapping windows with region invalidation. He doesn't actually disagree that Xerox had the GUI thing going on first, he just says that the Mac GUI wasn't a direct ripoff.

Hence... the AC grandparent's characterization as a form of "embrace and extend" does apply. This is further supported by many of the other anecdotes on folklore.org (which is a cool site worth reading through, and I don't even really like Macs).

Re:Wha?

[wannasleep]

where is the problem? I speak french :) as long as he knows where the food is....

Re:Wha?

I think you'll find that even the most idiotic user will probably think twice before agreeing to 'erase all data', especially as this message is in all caps. Newbies are naturally cautious (I know this, my dad is a prime example), and such a message would set alarm bells ringing. Still, a modicum of intelligence doesn't go amiss, and I think you're giving the general population too little credit (although I live in Europe, I don't know what it's like across the pond). There are lots of things in life that we take for granted that require more intelligence than is required to say no to an 'erase all data' prompt, and the vast majority manage just fine.

That said (and I just had to have a little dig), I find it incredible that you've never encountered the I/O symbol before. Look around the house - chances are quite a few appliances have it. And as a general rule, when an electrical appliance only has one button, chances are it means ON.

Re:Wha?

[Graymalkin]

You're not thinking abstractly enough. To make a Xerox copy you have to use a tool to accomplish that task. It is not the sort of operation you can do with your hands. The copy command being in your "toolbox" (the menu) makes sense because it is a non-natural action you're performing. Moving the file is a natural action and ought to happen in a way you'd predict it would spacially. Making an exact duplicate of something should also happen as it might spacially, by using some sort of tool to accomplish the task.

Metaphors should not be pushed too far but people have years upon years of experience using physical items and working in a spacial manner. A computer should do as much to leverage a user's previously learned knowlege as much as possible. It wasn't until computers could display information that was human readable did they become popular and useful to normal people. Before computers could be useful to most people they had to leverage the written and spoken language their users were already accustomed to and using regularly. When computers began to represent data in a spacial manner they started to leverage a user's lifetime of existing in space and using physical objects.

A GUI that works counter-intuitively to a user's learned actions and expectations slows them down and is inefficienct. A dialog box that pops up causes a user to perform a mental context switch. They have to go from the task at hand (organizing files) to deciding if they ought to link, copy, or move files after they've dragged them. If they move several files individually that is several context switches that need to be performed even if the action is identical.

This is a bad interface design. It requires the user to select multiple files at once to move and select them all at once so they don't have to waste time clicking a stupid dialog. With a default action the user can learn that dragging files always moves them while dragging with a modifier key held down will copy them. A finger can be put on the modifier key with a single action and from there pressing the key to copy instead of move becomes trivial. Performing the same copy action on several files is as simple as keeping one's finger down on the modifier key with no wasted motion finding a confirmation button in a dialog box.

Re:Wha?

[maximilln]

DragonLance references are worth points in my book.

Re:Wha?

If "A picture is worth a thousand words", why do you need a sentence to say it?

Re:Wha?

[doj8]

> I guess I'm not sure how to make my point more clear, but
> I'll try. I was basically trying to imply that if instead of
> speaking english or other languages, we spoke perl/c/etc, it
> would be "natural".
> Anyway, as I said before, our tendancy to use language to
> communicate is instinctual, the languages we use are not,
> and that was the main point (although poorly conveyed) of my
> post.

From what I understand of Chomsky, aspects of Natural Languages appear to be instinctual. There are deep structures in natural languages which do not exist in computer languages. So, a purely artificial language, such as a computer language, would never be a "natural language" because it doesn't match the biological deep structure.

That is not to say we couldn't build such a language eventually, but I doubt we know enough about our own language development to do that now.

Of course, most (if not all) current computer languages are designed to solve specific classes of problems, not as a generalized method of communication about the world and one's self within it. So, none are suitable for use as a natural language.

Re:Wha?

[LMCBoy]

I appreciate what you are saying, but I think you underestimate people's ability to learn and adapt. After seeing the "Move, Copy, or Link" window once, twice, at most three times, I seriously doubt it is going to come as some big work-interrupting suprise when they see it on subsequent drags. Besides, part of the magic of computers is that you *can* do things that can't be done in real life. You *can* copy a document - perfectly, instantly - with your bare hands! Why tell the user that they can't?

Sure, the first time they try to drag an icon from one window to another, they might think "what the heck is this?", but after a few tries, don't you think they'd learn and adapt to the new paradigm, and eventually come to see that it provides them with both efficiency and flexibility?

Anyway, I guess it comes down to personal opinion. I personally cannot stand the "spatial desktop" metaphor. I feel hog-tied whenever I have used it. It's not a RL desktop, it's a computer UI. Why limit yourself to the restrictions of the physical world?

Would you want to use a web browser that split a long document into window-sized "pages", instead of a scrolling display? After all, that's how you read a long document on your physical desktop, right? And why should we be able to do a text-search on that document? One can't do it in the real world, after all. If people accept these breakages of the metaphor, I don't see why the other breakages (changing folders in a single window, having a more flexible click-and-drag option) are so different as to be unadaptable.

Re:Wha?

[schon]

that would be pretty easy and friendly. But no os does that AFAIK

AmigaOS does exactly that.

You can even do things like:

copy from a to b

or

copy to b from a

in addition to

copy a b

(or

copy a to b

copy b from a

etc.) to copy a file from a to b.

So now you know.

Re:Wha?

[notsoclever]

Not quite. He quite clearly stated that Apple was working on the GUI before they visited Xerox, and that their resulting GUI was vastly different to what Xerox had demonstrated, and the concepts which made it from the Xerox GUI to the Apple GUI were both minimal and debatable. I'd classify that as a case of parallel evolution, similar to Alexander Graham Bell and Elisha Gray who both developed the telephone at the same time (but Bell submitted his patent application mere hours before Gray).

Re:Wha?

[Rich0]

You've obviously not seen some of the more recent 4k intro entries in the demoscene...

Re:Wha?

[garaged]

Actually, It does work for the 90% of the cases, the real problem comes when this click-and-run admin get's into 1 of the %10 case problems.

Most of this admins will spend hours-days-weeks to solve a simple problem, that a good admin would take from 5 minutes to a couple of hours at most.

Re:Wha?

I would love to be able to click to get to a directory (which often have long annoying to type names)

Tab completion....heard of it?

Re:Wha?

[Graymalkin]

Having to stop and wait for dialogs interupts workflow. Making a user travel across the screen to answer a dialog offers them a chance to press the wrong button. If you really meant to link some files and you accidently hit the copy key in your mouse clicking fervor you could end up very upset, especially if the write operation takes place over a slow network connection or the system doesn't handle "Cancel" operations gracefully or even at all.

I'll use my example again. I've got a folder where I store my pending projects. I make two subfolders for different project priorities so I can more easily find them later to work on them. In a browser-like file manager I have to either make the icons or names as small as possible so I don't have to drag-and-scroll or I need to take up a bunch of screen real estate with a second window with all of its browser widgets. So I go through my projects folder and carefully select my high priority projects so I can drag them all at once so I'm only bothered once by the action confirmation dialog. Then I open my lower priority folder and drag the rest of the files into it. I think it can be done better.

Now I do the same task working spacially. I've got my new folders with their sparse windows both open on my desktop. I go through my project folder hutning for my high priority projects. If I find several high priority projects grouped together I can drag them while my cursor is close to them and not have to worry about them later. Since I don't want to waste disk space I'm just going to move the files. To move them I just have to hold down a modifier key on my keyboard instead of answer a dialog. So I hold down my Alt key and drag those grouped high priority projects. When the window redraws a couple low priority projects are grouped together. I drag those holding down the Alt key. Working like that I'll be through the task in less time than I would be working with browser-like windows. I can also work dynamically since I don't have to travel all over hell and creation with my cursor to answer a dialog asking me what I want to do. Even if I were using multiple browser windows instead of sparse ones I'd still go faster not having a stupid dialog interupting me.

Dialogs should only come up when they are requested or when there is some dire warning I absolutely must have. Any other time I want my computer to just sit and listen and do what I tell it to. They should not be tied to every other action I'm going to perform. If I decide I want to enable user event sounds so I get an audio cue when something happens I'm going to have a beep or plonk every time I move a file. If the audio file isn't cached in memory and has to load from disk which means I have to wait on the disk for the event loop to complete. Sorry but no, being forced to deal with dialogs would cause me to throw a very expensive piece of equipment off the roof of a three story building.

Re:Wha?

[LMCBoy]

Hmm, I think you misunderstand what KDE does. The Move/Copy/Link is not a "Dialog" that appears somewhere else on the screen. It is more like a popup menu with just these three items, and it appears directly under your mouse cursor. No real interruption of workflow there.

Also, it does have keyboard modifiers for drag operations. The Move/Copy/Link menu only appears if you drag with no modifier. So it seems to me that it is not all that different from what you are describing. What happens to a drag operation with no key modifier in your scheme? I thought you had said before that move was the default drag operation, so why do you need to hold down Alt?

Re:Wha?

[Graymalkin]

I was only using the move operation as an example. In MacOS the default action is move, Option/Alt is copy, and Option + Command is link. The four modifier kets, Control, Shift, Option, and Command all live on the corner of the keyboard which makes them relatively easy to access while you're working.

I didn't realize KDE's menu was a menu rather than a dialog, I use GNOME and Nautilus personally. I still don't think a menu is the right thing to do in that situation. If a new user sits down to the system they may not have any idea what to do when something pops up as they try to drag some files. They won't know the modifier keys obviously but it reasonable to assume that files will move logically when they're moved physically. A menu as such is also pretty easy to miss if you're in a hurry and depending on its modality can reall throw off your chi. If the menu pops up in the bottom left corner of the screen and you've already begun to throw your mouse back towards the right corner you might miss the menu on a busy screen or have to pause to find it again. If the menu is view modal it might hidden behind another application or window and you'll never be able to figure out why your files aren't copying or your file managing doesn't want to respond. KDE ought to stick with the modifier keys or disable the option menu by default (if it doesn't).

The key is picking a good set of defaults. You can always let users change the defaults later. A file manager that requires user input to perform simple actions is getting in the user's way. The basic file management on a system should be as transparent as possible. A user ought to be putting more thought into where files should go instead of being bothered with getting them there.

Re:Wha?

[LMCBoy]

A menu as such is also pretty easy to miss if you're in a hurry and depending on its modality can reall throw off your chi. If the menu pops up in the bottom left corner of the screen and you've already begun to throw your mouse back towards the right corner you might miss the menu on a busy screen or have to pause to find it again.

There's really no way to miss it. As soon as you release the mouse button the menu appears right where your mouse cursor is (as if you'd right-clicked on that spot). This makes it effortless to consider the menu selection as an integral part of a drag operation. Don't know what you mean by modality, since it isn't a window. You can just press Esc or click outside the menu and it will disappear (but this cancels the drag operation altogether).

I agree that simple interfaces with good defaults are the key to good usability, but I am not convinced that there is a sensible deault action for un-modified drag operations in a file manager. This is why I prefer the popup menu to having the computer assume I meant to move the files.

Anyway, I have enjoyed our conversation. Thanks for your insights.

Re:Wha?

Amen!

Re:Wha?

[Chandon+Seldon]

Take a look at http://www.osnews.com/story.php?news_id=6282&page= 1

Simple

[Limburgher]

As soon as autoexec.bat runs.

Re:Simple

You mean the rc.local file?

Re:Simple

[boy_afraid]

He doesn't need a "commit" since he's probably using MS SQL Server.

What you need to do

Is hide the more advanced/"dangerous" features from users that normally don't need them. They're there if you, but if you don't know about them, you shouldn't accidentally trigger them. That's part of good useability, too.

Re:What you need to do

[corpsiclex]

This approach has been tried, and is extremely annoying to those of us who do know what we are doing. Last time I checked, Fedora Core doesn't even install gcc if you go with the typical installation (yet of course the Games and Entertainment package was installed). I guess this approach works to an extent, but be careful about carrying it too far. I also noticed several other things about Fedora Core that were designed with Windoze users in mind, and several of the features that they tried to make easier to find ended up being hidden from me; eg they changed the name of GAIM into Messaging Client...took me quite a while to figure this one out.

Re:What you need to do

[MoonBuggy]

While Fedora may have done the wrong thing with the concept, Mozilla Firefox has it perfect IMO. The standard options are in Tools -> Options and nothing too big can be accidentally broken by anyone but the most resourceful newbie/moron. All the power user options which are extremely useful (number of simultaneous connections, page render delay etc. etc.) but would scare the average user or enable them to easily break stuff (page render delay 10000 = why is my internet b0rked?) are only accesible though the about:config menu. If you don't understand the options shown or know enough to know what you should leave well alone, you sure as hell won't have found out that you can access these options by typing that particular command into the address bar. Anyone who feels the need to alter the number of simultaneous connections allowed will quickly find how to access that menu with the most minimal Googling.

Re:What you need to do

[Anonymous+Brave+Guy]

This approach has been tried, and is extremely annoying to those of us who do know what we are doing. Last time I checked, Fedora Core doesn't even install gcc if you go with the typical installation (yet of course the Games and Entertainment package was installed).

So Fedora has bad usability. If something intended for both power users and newbies has good usability, then the newbies won't be able to shoot themselves in the foot and the power users will be able to get things done efficiently.

Re:What you need to do

[Vancorps]

Last I checked this was common practice for Mandrake since 8.0. Annoyed the hell out of me because of dependency hell getting everything installed just so I could compile anything.

I don't see this is a problem, advanced users should be doing a custom install where they can select GCC, autoconf, and automake and the likes and they could even uncheck the Games if they so desired.

Its a default install, of course its going to have defaults you don't like. This has been a complaint of Windows since the get go. I'd say this is an argument for the original post about usability breaking security because you have to open the system up. The easier you make it, the easier it will be to turn something on that shouldn't.

That said this is news to be about Fedora, I was going to install it and see how it is but I chose to install Gentoo instead which turned out to be a mistake considering the mirror I was downloading from gave me all corrupt kernel headers. mmmmmmm

Re:What you need to do

[butane_bob2003]

BZZZ. Like in hidden folders? or 'click this link to show files I'm hiding from you, for your own good' folders? I disagree. It's simple, you have a 'root' user, and everybody else. Most of the time you are one of the everybody elses and you can run amok in your home directory all you like. When feel the need to hose the system, log in as root (ok, Administrator) and administrate away. Don't hide anything, I need to know where it is. But I don't always need to be authorized to launch that particular nuclear or delete the /bin folder.

Re:What you need to do

[geckofiend]

Funny, typing "gaim" on my Fedora Core commandling works just fine.. Are you sure you one of those that do know what they're doing?

Re:What you need to do

[imtheguru]

> I also noticed several other things about Fedora Core that were designed with Windoze users in mind, and several of the features that they tried to make easier to find ended up being hidden from me; eg they changed the name of GAIM into Messaging Client

Strictly speaking, this has little to do with Fedora per se. It has been a property of the REDHATisation of software. All the default software under RedHat 9.0 is labelled as the task it performs -- "Movie Player", "Instant Messenger", "Web Browser" etc. Fedora picks up where RedHat left off.

Take a look at the bigger picture. Gaim is an instant messenger. It wasnt always the default instant messenger on RedHat (now called Fedora), and perhaps may not be the default instant messenger on this distro forever. The task of instant messaging however, persists.

This is essentially an issue of nomenclature -- specifically the choice of naming against the task vs naming against the product. i believe that the former is more logical but i am also partial to naming schemes in the [product_name]--[task_name] format. Examples from my Windows parition (coz thats what im currently running) "Kerio Personal Firewall", "LANguard Network Security Scanner" etc.

Special cases, such as typical MS naming schemes, which use the task name as the product name, tend to cause confusion in their own way. But thats a discussion for another day.

Disclaimer: i run Debian and RedHat 9.0 (waiting for FC2) and i find that the RedHat shortcut naming conventions are better than Debian's defaults (which essentially has no customisation).

Re:What you need to do

[RedBear]

So what's your point? That we should sacrifice usability for 9 out of every 10 users by not renaming "Ferbsniddle" to "Instant Messaging Client", because it might inconvenience the few people who had prior knowledge of exactly what Ferbsniddle does? You'd like everyone to require a mountain of prior knowledge in order to get into your distro and use it productively within five minutes?

Every time someone says something like this, I wish they'd turn around and ask themselves if they'd like to have the brakes, gas pedal, steering wheel, ignition, radio and dials all in different shapes and locations on each brand of car. So you're used to driving a Ford? Well my Chevy is so much easier. To move forward, all I have to do is type in the desired speed on the dashboard and push this green button. To stop? Just tap pedal three and type in your current speed, then tap pedal four. It automatically reduces the speed to zero with an optimum deceleration curve! Steering? Grab that joystick thing marked "KLateral", that lets you control your lateral motion with .00009 precision! Cool, huh?

This is literally what much of the Linux "usability" experience is like. Only the users who want a really reliable car and/or don't want to pay for gasoline anymore, will stick with it, read the "man(ual)" and learn how to to use this "obviously superior" vehicle. After only six months, they'll be able to drive almost as well as they could with their old beat up Ford! Wow, such a deal.

Re:What you need to do

[corpsiclex]

yes. my gripe was with fedora's GUI, not with how it is actually set up below the surface.

Re:What you need to do

[corpsiclex]

mod parent up. this was informative and interesting. wheres those points when i need em....

Re:What you need to do

[danimrich]

That's what Windows does with file extensions if it recognizes the file type. I find it quite annoying and usually turn it off the first time I notice it. Many Joe Averages probably don't know where to find the appropriate checkbox, but would still prefer to see the extensions (people ask for pdf, jpeg etc.).
I'd suggest labelling the advanced features (like "Don't change this unless you know what you're doing!", "You normally don't need this." etc.) and providing well-documented context-sensitive help.

Re:What you need to do

The standard options are in Tools -> Options ... All the power user options which are extremely useful ... are only accesible though the about:config menu.

A fine example of the wonders of a graphical user interface - "All the options you need are right here, in this easy dialog" "Oh, and the rest of the options are hidden over here in an ugly list".

When I look at the config dialog, and it doesn't have what I want, I often assume it isn't available. Nothing comes with manuals anymore, so if I want to learn about a program I have to buy a book (or find a good website, which are rare). So for most of the programs I use, I will never find the hidden options, and will often lose features I want because of that.

With long, obscure text configuration files, I can browse the file and the man page, and see all my options.

Re:What you need to do

[MoonBuggy]

Firefox comes with a link saying 'Mozilla Firefox help' right there on the toolbar. It takes you to texturizer.net which has a vast quantitiy of helpful hints and combinations of options to set in order to do almost anything you need to do with the browser.

Re:What you need to do

[1lus10n]

right because internet explorer should be renamed to internet; for complete idiots.

When you learn to drive you learn what the hell your supposed to do, the signs dont change to accomodate the newest slang, or foriegners. Why is it that linux is supposed to change to accomodate people who are to fucking lazy to read for 10 minutes ?

car's are different, so are OS's. its life, if linux is the exact same as windows what the hell is the benifit of switching ? Linux is regressing because people (morons) seem to think it needs to be idiot proof. sorry no. thats the reason a lot of people are sick of windows, thats why a lot of people have already left MS.

And who is to say what should be called "Instant messaging client" ? gaim, kaim, irc, etc etc etc etc

I love it when people try to simplfy things without actually looking at the details. its never that easy.

Re:What you need to do

[RedBear]

You're the one oversimplifying, and you also don't seem to have a point. Stop signs always say "STOP" for a reason. The message written on that red octagon is accessible to all, even if they can't read.

I daresay nobody has "left MS" because they're sick of applications with "idiotic" names like "Internet Explorer" and "Notepad". I do know a lot of people who will leave with disgust when confronted with ksirc, kaim, gaim, irc, licq and told they should already know what those applications do and know how to choose the best one for their needs based solely on the name. There is room for a middle ground in this world. You can reduce the obscurity of the names short of just picking one and naming it "Instant messaging client". Gee, how about "Gaim Instant Messaging Client", and "Licq Instant Messaging Client". Gosh, that was tough.

Linux is "regressing" because non-geeks want it to be less obscure? Reveling in obscurity is not a show of intelligence or progress. It just points up the fact that you think knowing something obscure makes you more intelligent than all those "idiots" out there who can't "read for 10 minutes" and magically gather together all the pieces of knowledge they need to understand the current Linux obscurity. People need knowledge, not intelligence, in order to use Linux right now. A diligent idiot could sit down and read a manual on using Linux, and do all the things you do.

The simple fact is, Linux and its applications are obscure and cryptic to regular people, and not just because of naming conventions, and not based on whether or not those people come from the Windows world or not. They're just obscure, period. And any attempt made to de-obfuscate the Linux world in any form is immediately met with contempt and derision from wonderful, understanding people such as yourself.

By the way, I'd like to know where exactly it was that I said Linux should be exactly like Windows. Oh, that's right, I didn't.

But gee, I shouldn't even open my mouth. Obviously a "(moron)" like me shouldn't presume to talk back to a brilliant person like you who can "read for 10 minutes". (So brilliant you can't even use the shift key consistently.) I'm surprised I could overcome my "laziness" and write these paragraphs in response to your sarcastic anti-social derision.

Re:What you need to do

[1lus10n]

GAIM means Gnome Instant Messaging Client you ass, but perhaps you should heed your own message and call it Aol Instant Messanger instead of AIM, or Internet Explorer instead of IE and so on and so forth.

The names are not the problem, its people who dont want to learn. There should be a test required to operate a computer just like a car. Don't wanna LEARN how to drive: dont drive.

And if an idiot can sit down and learn all the things I do why doesnt he ? perhaps because HE'S a FRIGGIN IDIOT !!! could you be a little more dense in your analogy ? A person lacking intelligence might be able to read and possibly even understand most documentation, but they will not retain it or apply it after a few moments. Thats part of what makes them dumb.

"The simple fact is, Linux and its applications are obscure and cryptic to regular people, and not just because of naming conventions, and not based on whether or not those people come from the Windows world or not.

I am so fucking sick of windows bred morons saying this: Prove it. Its that simple, I have both my parents and one uncle (not to mention countless others whom I know through people or from work) running Linux, and guess what: No fscking problems. Did they need help with setting it up ? yep. Would they have needed help with windows ? Yep. Do they have to call me about the latest virus/worm/whatever ? nope. had any retarded "crashing" or "ultra slow" problems ? nope. spyware messing with shit ? nope. bonzi "uninstallible" buddy or some other shit ? nope.

Red means stop was Taught to people, it wasnt ingrained at birth.

What in the fucking universe makes you people think windows is ingrained in peoples heads at birth ? ctrl+alt+delete ? WTF ? some funny looking yellow guy is supposed to represent an Instant messaging client ? a blue E is supposed to represent the intarweb ? where the hell do you come up with the assanine idea that any (including mac OSX) OS is beginner friendly ? did you smoke some really good shit, or just put a mega-fuck-ton of effort into getting this fucking retarded ? I really wanna know so I can avoid it.

Hey asshole, before you assume to tell us to "de-obfuscate" perhaps you should deal with getting your own chickens in a row. Talk about the pot calling the kettle black ....

And *I* like most people (including windows users) choose wHaT I shall and ShalL not put effort into, such as using the fscking SHIFT key. (or conversly learning about what I am fucking doing with the shift key)

Oh and just so we are clear: I am one person who left windows because I was sick and damn tired of the computer fucking shit up when it was trying to "protect" me. I know what I want, not some asshole in redmond. When Linux loses the ability to handle everything from the ground up is when I switch to BSD.

Now go ahead and post your karma-whoring "windows is user friendly, it only took grandma 50 phone calls to get it to work!" bullshit. I'm done.

[lost carrier signal]

Re:What you need to do

[RedBear]

I shouldn't even reply, but this is just so over the top...

Is it really necessary to be so rude? Seriously.

Is it really necessary to always assume that anyone who doesn't agree with you is a "Windows Boy"?

Is it really necessary to call me an "ass", a "windows bred moron", "fucking retarded" and an "asshole"? Seriously.

Is it really necessary to assume that I'm anti-Linux because I say that obscurity makes it difficult to use? Your assumption is wrong, by the way. I've used Linux for years, but I shouldn't have to tell you that to avoid being called every nasty name in the book and avoid being berated as some "windows idiot". It is also possible to use Windows and not be an idiot.

"What in the fucking universe makes you" think that anything should be ingrained in somebody before birth, including stop signs? Nowhere, that's where. That's more of your over-simplifying.

"you people" What people am I a part of? I'm guessing the "idiot people" grouping. Obviously I'm an idiot, because I disagree with you.

Where did I come up with the idea that anything is beginner friendly? When you can plop down a beginner in front of it and have them using it productively within a short period of time, it's beginner friendly. When people can use an application for years (Windows/Linux/Mac, doesn't matter) and still complain about its lack of usability, there is obviously a problem. Just because it isn't a problem for you doesn't mean it doesn't exist.

You take things waaaay too far, you over-simplify, and you are a rude elitist. You seem to have the common Linuxite feeling that everyone else is an idiot and that everyone is against you. They aren't. I'm not. (Except for the fact that you're so rude, that does make people want to be against you whether they are idiots or intelligent.) It's like you're fighting The Man, or something. You need to chill. People like you drive a LOT of people away from the Linux community. But I'm sure you like it that way, because we're all idiots, and you're always right. Right? I don't know why you bothered to help those people set up and run on Linux instead of just calling them idiots. Oh yeah, you did it because it helps you in your fight against The Man.

Instead of replying right away, stop and think about your attitude towards others. Please. For a couple of days. Get some perspective.

Oh, and by the way. Gaim is just called Gaim on the Gaim website, on the front page and on the "What is Gaim?" page. I've been there before and went again just now. The word "GNOME" and the phrase "Instant Messaging" aren't on the front page at all. The "What is GNOME" page doesn't tell me what Gaim stands for. And wouldn't that be the logical place to find that sort of thing, if you could even find the website in the first place? Maybe you should find a better example, because that one doesn't disprove anything.

Plus, you can't really compare Gaim to AIM, because AIM has the sort of market share that means most people will know what it is already. Plus it is often referred to as "AOL Instant Messenger" on shortcuts and such. Go to aol.com or aim.com, and you'll see a big banner that says, "AOL Instant Messenger".

Oh, and this should make you happy: "Windows is user friendly, it only took grandma 50 phone calls to get to work!" Karma, here I come!

By the way two, everyone on this planet is an idiot in the right/wrong circumstances.

Here we go again...

[weave]

Joy, a slashdot-sanctioned troll post.

OK, here we go:

• If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.
• If Linux distros had everyone running with root perms, then yes, they will be screwed too. That means you, Lindows.
• This argument ignores architecture and coding flaws. There is no reason why we have to settle for popularity meaning low security

Re:Here we go again...

[RTPMatt]

What will make it less secure is people using it without and idea of what they should be doing for security. Unless the average user can install it out of the box (they like boxes) and have all their security issues taken care of, they will most likley live with no security at all.

Re:Here we go again...

Feed the Troll

Lindows does not logon as root by default. This was one of the first things they changed after the initial BETA Test

Re:Here we go again...

[LostCluster]

If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.

This theory needs only a slight modification to become valid...

It's popularity among stupid people that breeds vulnerabilities.

Apache may not have very many holes, but it's far too easy to write a PHP script that gives away the keys to the kingdom if you're not careful. A password of "password" is insecure on any system.

Re:Here we go again...

-----
This was one of the first things they changed after the initial BETA Test
-----
The initial Beta test? That was the one that shipped 10 billion copies to every Best Buy, Target, Wal-Mart, KMart, and BusyBee Electronics in the nation, wasn't it? :-)

It's too late to change it _after_ the fact. That's a lesson that Microsoft, with its political connections and limitless funding, has never had to learn.

+++ATHZ

Re:Here we go again...

[LostCluster]

What will make it less secure is people using it without and idea of what they should be doing for security. Unless the average user can install it out of the box (they like boxes) and have all their security issues taken care of, they will most likley live with no security at all.

When a hole is discovered, the number of people who get hacked is equal to the number of people who are running the affected software who don't patch in time.

If a luser wants to run telnet to get to their Linux server as root... they're just asking for trouble. Good thing most people who understand what to do at a bash prompt already know that. The problem comes when people who don't understand that SSH is better for a huge reason want to see a Linux command prompt on a remote server...

Re:Here we go again...

It's popularity among stupid people that breeds vulnerabilities

Not so much that, but the fact that Windows 2000 Server ships with IIS turned on (meaning some people never turn it off), and with about a dozen extentions enabled -- Index Server, Internet Printing, etc etc etc (meaning people are vulnerable even without using the functionality).

If Linux distros did the same thing with Apache, I have no doubt it would be 0wned in a similar manner to IIS.

Re:Here we go again...

[Pranjal]

If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't
I would disagree on that. Popularity is directly propotional to vulnerability on desktop systems. You don't find "joe users" installing apache or IIS, they are usually sysads who are good at what they do.

Re:Here we go again...

[RoLi]

And another point:

• OSS available through many sources and variations, everybody can pick one which offers adequate security

For some, running as root on Lindows is adequate, most will be satisfied with a standard-distribution (Mandrake, SuSE, debian), few will need the tight security of OpenBSD and even fewer will want to use a non-x86 CPU where the pre-packaged exploits don't work.

That's the beauty of OSS and one of the reasons why there are no and never will be virus/worm epidemies on Linux that are comparable to those we see on Windows.

Re:Here we go again...

[The+Spoonman]

but the fact that Windows 2000 Server ships with IIS turned on (meaning some people never turn it off)

You've just shown the problem isn't with the OS, then. It's with the people who don't take the time to shut it off, or lock it down, or anything. Hell, how many doorknocks do you get from CodeRed infected machines, despite the fact that the fix was released a month before the exploit YEARS ago? You can't fix that, the software ain't broken, the wetware is.

Re:Here we go again...

[MrRuslan]

It is possible to be secure and have that at the same time..just educate users how to type in a password when the need to install something from the box.

Re:Here we go again...

[sageman]

Unfortunately, the average user couldn't "install it out of the box" if their life depended on it. And the 'it' here is Windows even, as the "average user" doesn't even have any sort of idea of how to even begin installing Windows. The key is to have GNU/Linux preloaded where Windows is now. Even with basic security enabled in the GNU/Linux environment at least they have a modicum (being very conservative with that, thank you!) of more security than in Windows. But you're right; even the adept average user hasn't the slightest idea about security and a least some moderate form would have to be setup by default (which most distro's do, I do believe).

The real issue is explaining to joe user that running root all the time and using telnet or basic ftp are bad ideas. What will really happen when their are more GNU/Linux users is that the security will tighten, because new techniques to protect these silly folk will develop (with perhaps a feature to remove these defaults set in for the experienced user whom knows what he's doing but maybe only by compiling a new kernel or something, since even joe user++ is not going to be able to do that!).

Just an idea, at least!

Re:Here we go again...

[Abcd1234]

Someone's missing the point. If the distribution (Windows, for example) provides an out-of-the-box install that's easily exploitable (eg, RPC available to the world, IIS installed by default, etc), then it's just as fair to blame the distributor for providing such a system to it's (known to be) naive users as it is to blame the users of the system.

Re:Here we go again...

[AchilleTalon]

the point is somewhat irrelevant since the question is about the weight, if any, between security and usability.

The human factor should be ignore in most cases, except on the usability evaluation. We can safetly assume both hypothetical environments are managed by knowledgeable professionals.

So, I believe the affirmation from Windows administrators is just crappy. A piece of software just don't need to be vulnerable to be usable. And, in fact, when it is vulnerable it quickly becomes unusable and unmanageable.

Re:Here we go again...

If Linux distros had everyone running with root perms, then yes, they will be screwed too. That means you, Lindows.

Why? It doesn't matter if I'm not root, I still have permission to destroy the most expensive files on a system - the data and documents that I read and write as I work. If a virus is going to have maximum financial impact those are the files it should be messing with.

I - and most users - could not care less about the OS being protected. Modern viruses and trojans want the system to remain stable and running anyway so they can continue to spread.

The only restriction not running as root gives is that other users on the machine aren't affected. But today - and 99% of the time - a single person is using a computer. So the protection given by not running as root is minimal to non-existant. It made sense in a mainframe context - but it is less advantageous elsewhere.

My point is that nobody gives a damn if the system gets corrupted - reinstall and it's fixed. Being able to log in as root and fix the problem still requires a level of action beyond that of most users - and doesn't in any way prevent a user from being screwed by a virus or email trojan. The integrity of work documents are the only thing the user care about - the system integrity is rather secondary.

Re:Here we go again...

Yeah, but what's the point in blaming "stupid people"?

Most people ARE stupid and the smart people have to design the world around that fact. You can shake your fist all you want and Joe ?CSE is never going to turn off the HTTP demon running on his print server or dig around and disable the "foo" extention that he's never even heard of.

Re:Here we go again...

If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.
If Linux distros had everyone running with root perms, then yes, they will be screwed too. That means you, Lindows.
This argument ignores architecture and coding flaws. There is no reason why we have to settle for popularity meaning low security

The title was "When Does Usability Become a Liability?", not "When Does Popularity Become a Liability". None of your points seem to be on topic, except in the sense that the topic is security.

Re:Here we go again...

[jcummins]

Which is better? Vi or Emacs? *runs away*

Re:Here we go again...

Security is hard. It is so hard, it's complexity is not always fully recognized. This creates a situation where people inadvertently circumvent it. A common example is a sticky note on the monitor with a password on it.

Creating user friendly software is also hard. Statistically speaking, desinging user-friendly software requires more code to be generated. Additionally, each line of code generated has a chance to introduce a security vulnerability. Thus, more code means a greater chance of vulnerability.

Worse, however, is the mechanisms by which user-friendly behavior is realized. Is probing the network for systems with SMB shares user-friendly? Is it a secrity threat? What about print servers (see recent RMS rant)?

There is a limit to how much help can be provided by a system without creating an external connection. Each external connection may contain a vulnerability, thus increasing the threat.

Today's computers do not have fully trained security professionals operating them (a few may). As such, the best thing that can be done is information dissemination so people know the risks. Let people know when the engage in risky behavior and accurately reflect the level of risk. If educated, it will all boil down to a trade-off between security, cost, and productivity.

Re:Here we go again...

[mahdi13]

Right, but it was called the Sneak Preview and was taken care of when the product shipped
I guess they can't take back insider and preview copies, eh?

Re:Here we go again...

[AK+Marc]

If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.

The question isn't about popularity. It is about being "user friendly." For example, adding in the preview paine to Outlook is consider more usable, and considered less safe, as undesired code could be run without the user purposefully activating it.

There are a large number of usability enhancements of this nature that will necessarily require that the system running them become less secure. Do you want your email program to display HTML for you? Then you may end up running bad HTML code sent to you.

Popular means that there will probably be more attacks targeted toward it. User friendly means that it will be easier for the average user to unwittingly activate bad code. So yes, I expect that Linux will effectively become less secure as it becomes more popular. That doesn't mean it will be as bad as some other popular OS, but it will certainly be less secure than it is now.

Re:Here we go again...

Not really, because a lot of "Joe Users" will install their warez copy of Windows 2000 Datacenter Enterprise Server (Now Including IIS!) and then never patch it because they are afraid of connecting back to the man.

Most of the Code Red problem was from cable/dsl networks, not professionally managed IIS farms.

Re:Here we go again...

[IdleTime]

On any *nix system (as root):
rm -f telnet
ln -s ssh telnet

Problem solved!

The point is to not allow programs like telnet to run on any machine but use ssh all over. For morons, linking ssh to telnet is a nice way of giving them what they want without really giving it to them!

Re:Here we go again...

Dream on -- when large enterprises start deploying RedHat version X.Y to 50,000 end users, you will have a consistant enough and a large enough platform to target with worms.

The number of desktops running *BSD or non-x86 archs is statistically insigificant.

Re:Here we go again...

[abradsn]

Easily usable means easily exploitable? was the question posed by the original post.

Re:Here we go again...

Not to mention that "local root" exploits on Linux are a dime-a-dozen.

If the sysadmins of GNU and Debian can't protect against local root attacks, you can be sure that your average Linux desktop support shmuck won't be able to either.

Re:Here we go again...

[prshaw]

>>The human factor should be ignore in most cases
and
>>We can safetly assume both hypothetical environments are managed by knowledgeable professionals.

I think this is the problem, it can not be ignored.

As it becomes easier to use, the less knowledgeable people will be using it.

Administrators who administrate other computers probably do pretty well. These are "professional" administrators on the whole. They believe a command line is usable.

Administrators who adminstrate only their own computer (Joe Blow Six Pack), do not do as well. They want something more then a command line. These are your home users who don't even know that Windows is just one of many OS's.

So, as things become more usable (or easier to use) the more users without the knowledge will be using it. And that leads to poorer administration.

And we all know that leads to less secure systems.

Re:Here we go again...

[Ryan+Amos]

Many Linux distros are vulnerable out of the box; it's just that the vulnerabilities haven't been found yet. If you install Debian today and never run apt-get upgrade, chances are that a year from now something in that install will have been found to be vulnerable. The same thing goes for Windows. Windows 2000 is almost 5 years old. For fair comparison, you'd need to compare that Windows 2000 install to Debian stable from 5 years ago. Chances are that it ships with some now-known holes. Hell, even a 5 year old virgin OpenBSD install has remote holes. Oh, and most Linux distros will enable RPC services by default, even if you tell them not to. I know because I got bit in the ass by one.

Essentially, a computer is a computer. An operating system is an operating system. One is not inherently better than the other; they just do different things. Yes, I realize this is oversimplifying it a good deal, but at an ISP I used to work at we ran Win 2k web servers because there was no way to run VB .ASP files on Linux. Our customers wanted to do this, and we weren't about to tell them "No, use PHP you dumbass." We could run perl and PHP just fine on IIS (though we eventually moved most of the stuff to Apache) so in that case, Windows was a better solution. The point here is that you should choose what technology to use based on what you need it to do, not what the cool geek trends tell you to. If you need a cheap web/mail/dns/whatever server and don't have customers who need lots of proprietary stuff, then Linux is probably the better choice. But it isn't always.

The best solution, IMO, is to just throw everything behind a firewall and explicitly allow that which you want to get through. This applies to Linux, Windows, OS X, FreeBSD, whatever. There is too often a "holier than thou" attitude on this kind of crap, and there shouldn't be. Most of the people who make these kind of claims are bandwagoners anyway; using Linux and dissing Windows is "cool" so they do it. The real point is that if you're even having the argument, you're probably not really all that "cool" to begin with.

Re:Here we go again...

No the root post is making an intellectual error and equating Popularity with Usability. I don't think anyone's really going to argue that hacking apache.conf is more "usable" than just having the shit turned on by default.

Re:Here we go again...

[ajs318]

NO NO NO NO NO. Telnet is very useful for some purposes (I use it regularly to check my e-mail). It's not the telnet client that's the problem, but the telnetd server listening on port 23.

Re:Here we go again...

[The+Spoonman]

Then, every Linux distribution needs to be held accountable, too as they all install vulnerabilities on machines as well. I'm not talking YOUR machine, I'm talking Joe Sixpack who's heard "this Linux thing" is secure, goes to Best Buy, grabs a copy and installs it. He'll be hacked in a matter of hours as well. Without requiring a "driver's license" to get on the Internet, I don't see any way around it.

Re:Here we go again...

[a+whoabot]

I have Apache running on mine. I'm definitely a "joe user"; I use Windows and everything. I just use it so I can have some of my files available to other "joe users" and myself, a "joe user". It was easy to do, just ran the setup file, it did everything for me. Almost any "joe user" can do that: they were obviously expecting some serious "joe users". I saw "security tips" on the Apache page so I went to that and did what they said, and that was that. "Joe user".

Re:Here we go again...

[tolan-b]

I very much doubt debian has apache running by default when you start it up for the first time.

*nix *is* fundamentally better for security, and by extension as a webserver, simply because there is much greater partitioning of user access. If someone owns your IIS, then they've owned the whole box. On *nix you can put your webserver in a chroot jail, for example, so that the user it's running under doesn't have access to to the system files...

win2k3 improves on this situation, but it's a basic design flaw in windows (when network connected, which it clearly wasn't originally designed for) which isn't going to be fixed without breaking some compatibility with older apps, which is anathema to microsoft.

finally, putting everything behind a firewall is *not* a solution, you need security in depth, or you have a single point of failure. Witness the recent embarrassments for blackice and cisco.. if you'd been running cisco and that user account they announced had been made public, by your method you'd have just lost your whole network!

well done!

Re:Here we go again...

[farghen]

The problem with your apache example is although it is popular, it is popular amongst people who know the ins and outs of it. Apache is not an end-user program.

Re:Here we go again...

Typical kiddie advice -- the typical corporate network is already using Samba, FTP, HTTP, NFS, 3270/5250 and a dozen other protocols that are as bad as telnet, and therefore uses IPSEC or VPN for external access. SSH is good for admining your little webserver somewhere, I admit.

Re:Here we go again...

[IdleTime]

And why is it again that you need telnet to do this?
It's obvious you don't know how ssh works.

Re:Here we go again...

[AchilleTalon]

I maintain it can be ignore wrt the administration of the workstation itself.

The claim is: To become userfriendly you have to be less secure!

It has nothing to do with: Let an idiot administer a userfriendly system where he can click on a bunch of icons to make it unsecure.

Unless you believe the theorem: The best way to secure a system is through obscurity. If someone don't know anything about the system, the system can be considered secure.

With the corollary: To administer an obscure system, you need a Ph.D.

From which we can derive: If you earned a Ph.D. you are not an idiot!

But there is plenty of examples this last assumption is false.

So, obscurity is not a satisfactory way to secure a system. And userfriendliness has nothing to do with security.

Re:Here we go again...

[Foolhardy]

*nix *is* fundamentally better for security, and by extension as a webserver, simply because there is much greater partitioning of user access. If someone owns your IIS, then they've owned the whole box. On *nix you can put your webserver in a chroot jail, for example, so that the user it's running under doesn't have access to to the system files...

win2k3 improves on this situation, but it's a basic design flaw in windows (when network connected, which it clearly wasn't originally designed for) which isn't going to be fixed without breaking some compatibility with older apps, which is anathema to microsoft.

The design of WinNT provides for a great deal of access control: every object from thread to semaphore, file, window, etc... has a seperate ACL that can be used for access control and auditing. However, the implementation of Microsoft Windows NT's bundled services and applications suck for security. Part of IIS runs in kernel mode in 2k3, along with the SMB file sharing components. Half of the bundled services can only run as the priveleged user SYSTEM. You can't turn off RPC. NT itself can easily run those services as a lesser user and protect against their being breached, but for some reason, Microsoft doesn't want to make it possible.
I know that many high-performance server packages include the possibility of using a kernel mode component to reduce overhead (context switching usually), but only as an option. This is the only possibility for IIS.

What I'm trying to say is that it's not a basic design flaw in Windows, but reckless disregard for security on Microsoft's part in developing their server applications.
When I run Apache on Windows, it goes into a custom, unpriveleged account that can't damage anything.
About breaking compatibility: yeah, a lot of apps exist that can't run as a normal user; they friviously need admin access. That number is diminishing however, and there are a lot of workarounds.

Re:Here we go again...

[bgleason]

Removing telnet to force people to use ssh is a dumb idea. Some systems (gasp) still don't support ssh for some reason. Maybe alias telnet to a bash script that prints a warning before launching the binary.

Telnet is also very useful for server debugging or doing a quick check of email over POP. I use it all the time to test smtp servers, and make sure that they aren't allowing remote relay. Checking POP over telnet is faster than firing up a full email program if you just want to check if you have mail. Also its useful if you only have POP/IMAP access to mail and you're not at your computer. Without having to mess with configuring a program you can quickly read your mail.

Re:Here we go again...

[awkScooby]

What will make it less secure is people using it without and idea of what they should be doing for security. Unless the average user can install it out of the box (they like boxes) and have all their security issues taken care of, they will most likley live with no security at all.

For the average joe user, a netstat should show that no processes are listening to the network. If you're not listening on any sockets, it's really, really hard to be remotely compromised.

So long as applications don't trust data which is coming from outside (i.e. email, and email attachments), the average user should be ok. If attachments can't be executed, it's pretty hard to spread email viruses. Sure, there are rare cases where it might be more convenient to have the atachment run automatically, but we all have seen where that approach gets you. Same thing with web browsers -- they should force the user to save an app (by default at least) rather than execute it for them.

Some form of secure auto-update is needed to keep these applications up to date. There will be holes in them which will eventually be discovered. The user shouldn't be involved (by default) in deciding whether or not to update.

Documents with embedded scripts that are run automatically are also asking for trouble. The average user receives a document and generally need to open it to see if it is legitimate or not.

The user should run with a non-privileged account. If (should that be when?) the user runs malicious code which slipped by all of these preventative measures, only the stuff they have access to is impacted.

If a system needs to be locked down more than this, it probably will negatively impact the usability of the system.

Re:Here we go again...

[f0rt0r]

Good point. In addition, there is equipment out ther e that only supports telnet ( my Cisco 678 DSL router is an example ) so you still telnet in many cases.

Re:Here we go again...

If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.

Says who other than you? Going to back that sweeping statement up with anything?

Re:Here we go again...

[tolan-b]

Thanks for the heads up, I didn't realise that.

A little more of my ignorance died today :)

Re:Here we go again...

[OnHoliday]

I was starting to get bored 'till you wrote this. Is anyone actually arguing the points put forward in the orig. post? GUI this, CLI that.., zzz

Re:Here we go again...

[sakshale]

If Linux distros had everyone running with root perms, then yes, they will be screwed too.

That is the key. I cringe everytime I have to give someone "administrator" access to their windows desktop because some stupid application, that they are required to use, will not run unless they have those priviledges.

Until Windows clearly separates "root" from "user", there will be problems. If I run an trojan horse application on my Linux box, I am at risk of screwing up my account and my files. If I run a trojan horse on a Windows box, I am at risk of screwing up my account, my files, my workstation, my officemate's workstation and every windows system on the network.

The problem is not the GUI, the problem is the OS.

Yes

[Tango42]

Yes, because users are stupid. Most "viruses" at the moment need a stupid user. Also, more users=more damage=more chance of someone wanting to attack it.

Re:Yes

[LMCBoy]

Most "viruses" at the moment need a stupid user.

Hmm, I was under the impression that most viruses these days just need a stupid email client (read: Outlook), with no intervention by the user required one way or the other.

Yes, I suppose there may be a way to disable the braindeadedness of Outlook, and that some may regard users as "stupid" if they do not lock down their system in this way. But, given that MS pitches Windows as the everyman's OS, does it not make much more sense to place the burden on *them* to provide a reasonably secure default setup, such that it is reasonably resistant to simple script-kiddie attacks "out of the box"?

There's a difference between stupidity and ignorance. In this case, it seems to me that the OS design is stupid, and if the user is ignorant of this fact, then they are in trouble.

Re:Yes

[weave]

That's what's great about OS X. If you want to install an app and the installer requires admin rights, it prompts you to enter in your user accounts' regular password. This stops automated trojan installers, but doesn't require a separate id/password for doing system level work. It also alerts you that "Hey, I'm doing something that will change by system."

There is no need to log into an admin account to do any of this kind of stuff under OS X.

I've also never seen an OS X app that says you have to give all users all perms to the root folder, or have everyone running as admin, or open up the program folder for everyone to write to because settings are being stored in the wrong dang place.

Windows could be a lot more secure, but Microsoft doesn't go far enough to shame software vendors into sticking to the logo requirements. How many times have you Windows admins had to support a desktop app or driver for a peripheral that REQUIRES admin or power user rights? It's insane that there are Windows programmers that are still writing crap like this today.

Re:Yes

Viruses which run as a user process would be very limited in it's capabilities. If the system is set up properly, the only data a virus would be able to harm is the user's own /home folder. Why even bother with viruses that can't really do anything?

Re:Yes

> most viruses these days just need a stupid email client (read: Outlook),

This is incorrect. The majority of modern worms do not exploit security holes in Outlook.

In fact, modern versions of Outlook/Outlook Express block EXE/PIF/SCR/VBS/etc files by default and are immune to huge swath of virues. Which means the people spreading them are using other Windows mailers (Eudora, Mozilla, webmail, etc).

Of course, slashbots love to bash on Outlook so, your incorrect information will be moderated up no matter what.

Re:Yes

[Grayputer]

Actually most virus arrivals now do need a luser. Email gateways are doing more scanning and keeping outlook users from becoming auto-lusers. However, one of the latest/best scams is to zip the virus and password protect it (quasi-encrypted) so the gateway scanner can not scan it. Then include instructions in the email that social engineer some luser into unzipping it with the supplied password and running it. I've seen some pretty good email virus scams recently, the text is REALLY good, definitely luser friendly.

Re:Yes

[Huk]

Outlook by itself is fairly secure (i believe) from viruses due to the level one and level 2 blocking of attachments. It is when you start allowing .pif, .url and other file attachments, don't have virus scanning turned on that you get infected. I block everything but .zip and scan anything I open with an up to date scanner. No problems.

Re:Yes

[LostCluster]

How many times have you Windows admins had to support a desktop app or driver for a peripheral that REQUIRES admin or power user rights? It's insane that there are Windows programmers that are still writing crap like this today.

They're not. Most drivers that require admin rights to run were written in the days of Windows 9x, and because the device-maker doesn't make that product anymore there is no proper Windows NT/2000/XP driver. It's just that the company or user is too cheap to buy a modern version of the device, and instead resorts to the security-weakening workaround that's free.

Re:Yes

[dmp123]

The thing is, at least as far as I know, Windows doesn't have the equivalent of 'su'. In order to become administrator, you must first log out, then in again.

In Linux/Unix, su, then password, then you can do the stuff you need to do as root. Or even better, of course, there is the beauty that is sudo!

This makes it far less of a pain to run as a normal user, without the temptation of running permanently as root.

David

Re:Yes

Outlook by itself is fairly secure (i believe) from viruses due to the level one and level 2 blocking of attachments

You don't read bugtraq, do you? Seems like it's every other day that someone comes up with a new way trick IE's HTML handler into thinking that it's displaying something from the Local zone instead of the Internet zone (Local meaning that the handler will happily run executables). Here's a tip for ya: as long as you're running Outhouse (err...was it LookOut, or Outbreak...) with the option to view HTML turned on, you're wide open to every script kiddie over the age of 10.

Now what was your e-mail address again?

Re:Yes

sure it can only infect one user...but then it sends itself to the next user on the machine and then the next user, and pretty soon you have no /home left to go home to.

to the user /home is probably all they would care about so a virus that affects only the /home would be no less devestating to them than a machine that formats the hd.

Re:Yes

[cens0r]

what if it prompts for a root password first? My girlfriend gladly inputs her root password into her OSX box whenever it asks.

Re:Yes

[sqlrob]

You're assuming that ruining data is the goal.

You don't need root perms to open up a non-privileged port (assuming iptables isn't running blocking it).

Someone with malicious intent could then relay/spam through that.

Re:Yes

[weave]

Interesting. My tech staff have been telling me that people who have Palm Pilots must have admin rights, else the sync software won't run correctly. That's hardly ancient software.

So, who is the chump? They or you? (No, I'm not placing any bets on this one! :)

Re:Yes

[trifster]

So when the joe user uses linux instead of windows; linux will have in addition to superuser, stupiduser. nice.

Re:Yes

[MrRuslan]

Agreed but since a particular company is aware of such a userbase...shouldt they make there products more braindead proof...its posible...braindead users like that need help eather way weather it's windows stupid freindly or just as freindy kde or OSX you know.

Re:Yes

[OaXlin]

You know. I actaully tried to run as a "Limited" user on my WinXP box.... Damn that was a joke, only my microsoft programs worked properly....

Most of my games, accounting software, and other programs failed to work in anything other then administator (even tried power user) They usually crashed, or popped up an error message stating that they needed administrator access to run.

I eventually settled on the "run as user" option in winXP so that I could keep myself in a limited account... but hell if I am running "SU" for every little thing thats not much better then just being root in the first place.

I even called my accounting software company on it... and they stated that since its accounting software they require admin access to use it... To which I replied... damn... don't know about your accountant.. but an accountant not a person I would generally trust with admin rights....

Re:Yes

[TMB]

This reminds me of a thought I had of how the text could be made so good that it might fool even some of us...

(I'm kind of wary of mentioning it, in case the trojan writers haven't thought of it yet, but in the best open source tradition of "what you don't know can hurt you more"... )

Upon execution, Trojan reads through the user's Sent mail folder, picks some random emails (being sure to only send one to a given user, maybe even being clever and finding ones that include text suggesting that there is an attachment or that actually has an attachment), and forwards it again to the receipient with the preface "Sorry I forgot the attachment... try it this time."

I bet a lot of perfectly sane security-conscious people would fall for it.

[TMB]

Re:Yes

[Rallion]

Yes, I suppose there may be a way to disable the braindeadedness of Outlook...

Yes, there is. And it's actually done by default now. Outlook might not be great, but it's no longer 'insecure' enough to whine about by default.

Re:Yes

[jonwiley]

> Most "viruses" at the moment need a stupid user.

Hmm, I was under the impression that most viruses these days just need a stupid email client (read: Outlook), with no intervention by the user required one way or the other.

A virus, by definition, requires human intervention to propagate.

A worm can propagate without human intervention.

Re:Yes

[Tango42]

People try very hard to be stupid. They would succeed whatever the software writers did.

Underestimating the ingenuity of complete fools, and all that.

Re:Yes

[ajs318]

So you can open a non-privileged port as a non-privileged user and listen on it -- but you can't use that to send spam, at least not anonymously, because the daemon listening on the high-numbered port is non-privileged -- which means it can't suppress certain headers generated by the MTA, nor prevent its activities being logged.

Re:Yes

[MrRuslan]

I know it is not posible to make it totally braindead proof...but im sure it is posible to do it better than MS has beed doing it so far, IMHO....

Re:Yes

[sqlrob]

Huh? It simply has to proxy to port 25 on the target mail server. Done, no headers are an issue at all. You get the IP of the original compromised box in the Received headers, but BFD, that box is a throw away.

MyDoom (source code is available) could be implemented trivially in Perl or almost any other scripting language, and have identical behavior, barring use of Windows executables in the "download and run" command. It wouldn't require root permissions to do any of it's work either.

Re:Yes

Very good point. Having to login as admin to perform anything that could damage the system is a very strong point of Linux. I teach Microsoft technologies and a local college and have supported the systems for many years. They have started to push the concept of login as a regular user, and to perform maintenance or other actions, elevate to administrator(root). They have been pushing this for quite a while to network administrators. The tools are availible: both graphical and commandline (runas.exe). A person mentioned earlier about education. Until the mainstream users learn how to NOT login as root equivilent, windows systems will always be less secure.
But one of my favorite features in Linux is the promting for root password when needed. If anything, you are protecting the user from themselves.

Re:Yes

[julesh]

That's what's great about OS X. If you want to install an app and the installer requires admin rights, it prompts you to enter in your user accounts' regular password.

Strangely enough, Windows 2000 does pretty much the same thing for me. Not that the system doesn't have its flaws - it is surprisingly difficult to start control panel applets as a different user, for example, and installing applications off a network drive doesn't work correctly (because the network drive tends not to be mapped for administrator, only the logged in user), but for 99% of things I want to do it works fine.

How many times have you Windows admins had to support a desktop app or driver for a peripheral that REQUIRES admin or power user rights?

'Power user' rights ought to be turned on by default for all new users. Basically, I don't see why you'd want to restrict most of these for anyone you give a desktop account to (debug programs, lock pages in memory, run processes with higher than average priority, stuff like that).

Admin rights - not many left now. I sometimes use 'cdrdao' on my machine, which is a partially ported piece of unix software, and that seems to require admin rights to be able to open raw access to my CD writer. Which it does without locking the device, so if you open an explorer window in the middle of a write it can screw it up. Process Explorer (from www.sysinternals.com) seems to need admin rights too, but that's quite understandable given what it does (snoop around inside other process's private handles).

Re:Yes

[wobblie]

That's called "sudo" and it's been around for quite some time on all unices.

Re:Yes

Most "viruses" at the moment need a stupid user.

No, they don't:
1. MSBlaster and SQLSlammer needed nothing more than an unfirewalled Internet connection. No stupid user intervention required.
2. Beagle/Bagle email viruses don't even have to be viewed, let alone click an attachment! No stupid user intervention required.
3. The latest vulnerabilties in IE allow the execution of code from malformed web-pages. You only have to browse to a certain web-site and attempt to view the page. Now, maybe you can argue that this requires user intervention but what the hell do I want a web-browser for if not to browse web-pages?

And before you start with the old Microsoft saw about updating, there is evidence that every one of these viruses were exploited before the patch came from Microsoft.

Re:Yes

If you want to install an app and the installer requires admin rights

The key word here is "installer". What if you bypass the installer (think Office v.X)? That's right...no prompt for a password and you've just installed an application. Do you think a virus writer is going to use the installer (not as crazy as it sounds...see below)?

it prompts you to enter in your user accounts' regular password

Why do you give users, who have demonstrated that they are too stupid to not open attachments from unknown users, credit for not just blindly entering the admin password? How many of you have checked the "Do not show this message again" to the dialog in a web browser that warns you about submitting un-encrypted information.

A clever trojan would might even prompt for the admin password so that it could obtain root access.

Windows could be a lot more secure, but Microsoft doesn't go far enough to shame software vendors into sticking to the logo requirements

You've nailed it right on the head. I just installed two programs this weekend that required administrative access in order to run. I don't mind having to be the administrator to install software...but to run?

Re:Yes

The thing is, at least as far as I know, Windows doesn't have the equivalent of 'su'.

Then you're not qualified to discuss security matters regarding Windows. Windows has had a "runas" (su equivalent) since Windows 2000. It's not perfect but sufficient in most cases. Windows XP goes one step further with user switching capabilities. It's a non-issue.

The problem is that applications require at least power-user rights in order to run properly.

Re:Yes

Yeah, like im going to take security advice from someone who calls directories "folders".

What makes you think OS X is secure? Because someone told you? Do you even have the technical ability to evaluate the security of OS X without the help of the Apple marketing department.

I am a little disappointed in the lack of Mac user's ability to construct independant thoughts.

Re:Yes

[kettch]

At home I run as administrator on my windows boxes because they are incapable of seeing the outside world (Dial-Up == why bother). At work (in a internet capable environment) I run as a power user. If I need to do something as admin. *right click* > Run As...

The parent is right, Windows security problems come from the fact that the software needs too many permissions to run. And so, users run as admin. On the other hand I have turned down some Linux packages that wanted root, and I found another package that could do without.

In some cases windows is good about asking if you would like to put in higher level permissions, but I think that it needs to ask that more often. Maybe the security should be more granular. The admin user can see every thing, and can execute anything, but the program runs under a different set of permissions unless it runs into a problem, and then it asks for permission. But that is up to others to figure out.

I think what it all comes down to is: Does the user believe that usability means less passwords? It has always been true that users will be less happy if they have to jump through security hoops, so OS makers try to present them with fewer hoops. I am not a zealot for any one OS because as far as a number of factors, no OS can claim to be "better" Certain OS's are better for certain people/situations. And it always falls to the maker to determine the proper mix of hoops, and no hoops.

Re:Yes

[ajs318]

But connecting to port 25 as a non-privileged user means the MTA will add headers to your message, and you need root privileges to get around that. Someone receives a message, lets the owner of the compromised box know, they check their logs, see what's happened and it gets fixed.

And that's even assuming that the owner of the box has their MTA misconfigured so as to relay mail from anywhere, which is no longer the default on popular distributions. With a really well-configured MTA, an outsider could only ever send to other users on that box.

Re:Yes

[LinuxHam]

As much as I hate to reply to AC's, you incorrectly assume that all Windows users frequently visit WindowsUpdate and *get* the latest versions of Outlook and Outlook Express. Nothing could be further from the truth. Viruses are not spread by the 10 people using Eudora or Mozilla under Windows and they CERTAINLY are not being spread by the people using webmail, such as Yahoo! or SquirrelMail.

I'm beginning to see why you posted AC.

Re:Yes

[dragonman97]

This is absolutely true. Palm Desktop is a royal pain. It is alledgedly Win2k/WinXP compatible, but that is in word more than in spirit (I guess compatible means that it runs at all). If you can find your way around the Palm website, you'll find a dark, little secret - for Palm Desktop to be used by multiple Windows users, you must install a separate copy of the software for each user. Normally, I only have one user to support, so trial and error has produced the following procedure:

• Log in as an admin.
• Add the user to the Administrator's group
• Log in as the user
• Install the stupid piece of 'multi-user' software known as Palm Deskop under the user's login
• Log out
• As admin, revoke those Admin privileges - I'll be damned if they're going to have admin privileges

What this does is to install the files in Progra~1 with the user's SID assigned as Creator, giving them the required rights in the future. Otherwise, if you install it as a regular admin user, when you log on as the end user, it sh*ts itself, having no ability to write the files into the folder. The files *should* be written out to the ~/App Data folder, but that would be a proper implementation - why should they be bothered to do that? Oh, and if you're not lucky, this still won't work, and you'll have to grant Full Control to that folder to the end user. No *nix program would be this stupid. There is a clear differentiation between app binaries, libraries, global config files -and- user data & config files. It is obvious in Win2k that M$ tried to copy this model, particularly with the more obvious "Documents & Settings" 'folder' that is an overly wordy equivalent to /home (Why do they make the things so long? Administrator is an evil word to use when you could use 'root'). Unfortunately, many of the programmers who write Windows apps don't pay any attention to proper techniques, and just write code like they've done since DOS days. I wish I didn't have to support M$ Windows :-/.

Re:Yes

Umm, no. You're impression is wrong. The email client has NOTHING to do with it. Its the user who opens the attachment that gets us into trouble. I am unaware of any 'stupid' email client that opens attachments automatically--It seems to me that you really have NO cross-client expierence to make such a claim against any OS.

Re:Yes

[drsmithy]

Hmm, I was under the impression that most viruses these days just need a stupid email client (read: Outlook), with no intervention by the user required one way or the other.

Your impression is about 5 years out of date and incorrect in any event. Barring a couple of (fixed) bugs, Outlook has never run attachments without user intervention and the level of user intervention necessary has been increasing steadily for years. To run an attachment from Outlook, users must change the default action of a strongly-worded dialog box and then dismiss it. In corporate environments, the executing of attachments can be completely disabled.

Yes, I suppose there may be a way to disable the braindeadedness of Outlook [...]

End users are prepared to open password-protected zip files attached to emails and then run the programs in them. I think it's safe to say the blame usually lies with the end user.

In this case, it seems to me that the OS design is stupid, and if the user is ignorant of this fact, then they are in trouble.

The OS design is not a factor. One could possibly argue the fault lies with Outlook, except it's fairly easy to demonstrate even significant barriers placed in the way of end users will not stop them running malicious code. Short of disallowing ignorant users executing any non-approved code *at all*, there's no real way to prevent the cause of the majority of current viruses, which is ignorant end users not acting in their own best interests.

Re:Yes

[drsmithy]

I know it is not posible to make it totally braindead proof...but im sure it is posible to do it better than MS has beed doing it so far, IMHO....

Does your HO have any ideas as to how ? When people are prepared to extract files from password-encrypted zip files and then execute them, the list of (practical) countermeasures is pretty short.

Re:Yes

Not being spread through webmail? Tell that to my friend who caught one that way. Sure Yahoo does scans (not always with up-to-date signatures though), but not all webmail providers do.

Or how about my boss who got infected through Netscape 4? I guess there's only 10 of him out there. Righttt...

I just don't get why you guys really have a hardon for blaming Outlook here. Maybe you really wanna believe that that Mozilla will Save The Day!, or some equally inane Zealot cause. Or maybe you are just 5 years out of date and don't know that these are all mailer-independant Win32 executables that contain their own SMTP engine.

Re:Yes

[kwelch007]

Hasn't anyone used the right-click/"Run As" feature in Windows?

Re:Yes

The "target box" is somewhere else, not localhost. It relies on the fact that most sites do not block port 25 outbound. Although it would not to scan the local config and find the 'smart host'.

> lets the owner of the compromised box know, they check their logs, see what's happened and it gets fixed.

It must be fun living in 1992.

Re:Yes

[t_pet422]

What was the last version of Outlook that you actually used? Not looked at once, but used as your primary client. If it's not 2003, you have no right to bash.

Re:Yes

[drsmithy]

That's what's great about OS X. If you want to install an app and the installer requires admin rights, it prompts you to enter in your user accounts' regular password. This stops automated trojan installers, but doesn't require a separate id/password for doing system level work.

No, it just means those "automated trojan installers" will pop up their own password prompt, into which the user will happily enter their password (and if you think they won't, you've obviously never dealt with end users).

It also alerts you that "Hey, I'm doing something that will change by system."

*You*, maybe. Typical end user, no.

Re:Yes

[Tango42]

They are not being SPREAD by webmail, not they are not being CAUGHT by webmail. You can catch a virus just as easily by webmail as anything else, but they can't send themselves out to other people as easilly.

Re:Yes

Why not? They have SMTP engines, they grep through your browser cache for email addresses. Your argument is uninformed and silly.

Re:Yes

[drsmithy]

Strangely enough, Windows 2000 does pretty much the same thing for me. Not that the system doesn't have its flaws - it is surprisingly difficult to start control panel applets as a different user, [...]

I don't have a Win2k machine around to check, but can't you shift-right-click Control Panel icons and get a "Run As" in the menu ?

for example, and installing applications off a network drive doesn't work correctly (because the network drive tends not to be mapped for administrator, only the logged in user)

Use UNC paths, not drive letters (alternatively, log onto the Administrator profile and make the same drive mappings).

Re:Yes

They are called "folders" even in the Mac programming manuals. If you thought "independantly", you might adapt to this.

Re:Yes

[dj245]

I am a little disappointed in the lack of Mac user's ability to construct independant thoughts.

Blah blah blah OsX, security usability OSX, ergonimics, integration blah blah blah.

Ipod "OS sex", secure logins with OS Sex, blah blah blah.

And no I don't use a mac. But I do get plenty of OS Sex!

Re:Yes

[VidarJMD]

I'm a student employee of an organization on my campus that (among other things) support virus issues inside the residence halls. The majority of students use the university supplied email address along with its accompanying webmail interface. You explain to me the hundreds of people currently in our database that have viruses such as Netsky if they aren't be spread by people using webmail.

The viruses are attachments that students open and have nothing to do with Outlook's behavior (the supported email client is Eudora anyway). Lately, these infections rely on their own built in smtp server so an email client doesn't even need to be set up on the computer for it to spread. I can guarantee you 99% of the infections on my university occur because a student opened a file attachment from their webmail.

Education is normally associated with universities. If supposedly educated people in their early 20s (people who grew up with computers and are more comfortable with them) can't stop themselves from opening attachments, it isn't a stretch to believe the general population has a similar problem.

Re:Yes

No, it just means those "automated trojan installers" will pop up their own password prompt, into which the user will happily enter their password.

Which does no good. su won't work out of the box or accept a command-line password, sudo doesn't accept a command-line password, and you can only access restricted functions in the security framework by using the system's own authentication dialog.

That's about as useful as stealing the keys for a Ford and then going to the Toyota dealership to see which car they open.

Re:Yes

[iabervon]

So I open the attachment. Hmm... the message didn't mention a program. Or the other person doesn't have a good reason to be sending programs to me. Better find out what this is all about before I run it.

The broken thing about Windows is that users have no way of knowing what will happen if they click on an attachment. Usually, they view the contents of the attached file. But sometimes it destroys their system instead. The expectation is that there will be no side effects of the operation; at most, they will be given the opportunity to save the file. But this assumption is violated by viruses which don't even use a security hole.

Re:Yes

[JoeZeppy]

Interesting. My tech staff have been telling me that people who have Palm Pilots must have admin rights, else the sync software won't run correctly. That's hardly ancient software.

I've seen a lot of software similar to this that requires installation as the user, yet requires admin rights. Usually it's something like this, mail-related, browser certificates or something similar, that depends on the users profile to provide authentication. Usually you just need admin rights to install, not to use.

Windows admins hate this. We're not morons, we know it's stupid. This is one reason why Windows admins hate developers. They don't know anything about how the system should work, because of that they fsck up everything they touch, and they just have to have admin rights, because they're "special".

Re:Yes

[jc42]

Huh? I've been syncing my PalmOS toy to my PC for several years without ever needing to type a password, and all the files are there on disk owned by me.

Oh, yeah; you're probably talking about an MS Windows PC. Mine's running linux, and I use Kpilot to do the sync.

Why in the world would anyone store a user's PDA files under any permissions except the user's? That makes no sense at all. Unless they've included some spyware that's trying to collect passwords and send them somewhere.

Re:Yes

[JurgenThor]

In living languages, definitions can change with popular usage. Get over it.

Re:Yes

[Tony-A]

The viruses are attachments that students open and have nothing to do with Outlook's behavior

Wrong. They have everything to do with Outlook's behavior. And Microsoft Word. And Microsoft Excel. And the behavior of Microsoft Windows in general.

Everything is the system is geared towards having the users click on everything. Suddenly they're supposed to be smart enough to not click on worms and viruses?

Re:Yes

[Master+of+Transhuman]

And a "blended attack" can do both and be a trojan as well. No human intervention needed at all - well, I suppose someone has to run the machine.

So, while the definitions are not incorrect or moot, they are pretty much irrelevant today.

Re:Yes

[Tango42]

They COULD do all that, but most don't, to the best of my knowledge.

Re:Yes

[0BoDy]

hopefully this ins't redundant.. . recently have had to do a lot of support on my friend's windows box to get some games running. I had originally set him up with a non-admin user. He is in his DMZ on his broadband and had his brwser hijacked major-big-time a while back, but now when he installs a game, I have to go in and change all kind of permissions so that he can play it. This is one of the biggest useability based threats to winXP; it's a PITA!!!! He's not a geek, he work construction, but he's willing to log in if I say it's more secure. He doesn't like that I have to help him fix this suff every time he installs warcraft III, etc.

Usability is always a liability.

[ArsSineArtificio]

I agree absolutely. If only we'd go back to using toggle-switches for computer input, the risk of viruses or security breaches would diminish enormously.

Re:Usability is always a liability.

[platypibri]

But with toggles switches, I could do a DoS attack on your machine with a pair of pliers. What is more primitive than that?

Re:Usability is always a liability.

[SpaceLifeForm]

A large rock.

Re:Usability is always a liability.

i prefer the femur of a large animal...

a rock just says you are primitive.

a femur says you are primitive, but well fed and willing/able to bash things to death. so you can be primitive, or you can be primitive with style!

Re:Usability is always a liability.

So that's one for bash then?

Re:Usability is always a liability.

[EMH_Mark3]

Good ol' rock.. NOTHING beats rock.

Re:Usability is always a liability.

Paper beats rock :-)

Re:Usability is always a liability.

Feh - rock died about ten years ago.

Re:Usability is always a liability.

Best. Post. Ever.

Slahdot needs to look at the possibility of adding a "six" or even "seven".

Re:Usability is always a liability.

[Raunch]

> Good ol' rock.. NOTHING beats rock.

This is a common misconception, especially for those who have had only experince with scissors.
I will clear it up here for everyone:

Paper beats rock.

look to OS X

[gatoresque]

Mac OS X is user-friendly and secure. Linux can
follow the same route.

Re:look to OS X

(Score:11, ueber-Insightful)

Re:look to OS X

Insightful, if you are a retarded Apple fanboi.

Redundant, if you are anyone else.

Re:look to OS X

You left out "Incomprehensible if you're eaten with jealousy over OSX like myself".

Re:look to OS X

Why would I want to pay too much for a system that gives me no benefits over the one I have now?

It's all in the install program...

[LostCluster]

One of the biggest design flaws in Windows from a security perspective is that nearly every service that comes with the system is turned on by default.

One of the biggest design flaws in Linux from a usablity perspective is that nearly every service that comes with the system is turned on by default.

Re:It's all in the install program...

[LostCluster]

ugh... foobared that post up... you know what I meant. Linux has everything off by default.

Re:It's all in the install program...

[H3lldr0p]

I don't know...you might get a "funny" or two out of it.

Re:It's all in the install program...

[Anonymous+Custard]

"Linux has everything off by default"

WinXP SP2 will supposedly change that, to increase security by decreasing the number of services enabled by default. I think this question is good now, but should also be revisited after WinXP SP2.

Re:It's all in the install program...

That wasn't always the case -- a lot of oldtime RedHat and Mandrake users got 0wned because they did an "everything" install which turned on a 100 exploitable services.

Re:It's all in the install program...

[jcr]

I disagree. Mac OS X ships with every service off by default as well, but it's very simple to turn them on.

Linux's usablility problem does not derive from this very prudent choice, but from the difficulty of discovering how to turn any particular service on or off.

-jcr

Re:It's all in the install program...

[xxdinkxx]

ugh... foobared that post up... you know what I meant. Linux has everything off by default

really? Tell that to redhat ..especially version 8 and 9.. I don't remember if that is true of fedora core 1, and I have not yet used fedora core 2. This is not intended to be a troll.. I would agree with you if you would have switched the word linux for openbsd, but then that would be offtopic now wouldn't it. =)

Re:It's all in the install program...

[photon317]

It's all about the distro. Linux is a kernel, and only the individual distros really count as an "OS". Some Linux distros turn everything on (mentioned above), some turn everything off (check out gentoo, the basic install has just about jack shit enabled until you do so explicitly).

Re:It's all in the install program...

[Gurp]

One of the biggest design flaws in Windows from a security perspective is that nearly every service that comes with the system is turned on by default.

No longer true as of Windows 2003.

IMO, the biggest flaw is Windows security is the legacy the crappy default file permissions Windows NT has left us with. These had everything R/W to everyone, more or less.

Applications developers are still writing software that (a) assumes this is still true (only true if the user is an admin) and (b) writes files outside of the user's profile (requiring point (a)).

Until this is fixed, dumb Windows admins will continue giving people local admin privileges as a matter of course, leaving the door wide open to whatever MalWare happens to arrive in their inbox.

Re:It's all in the install program...

[aaronl]

The preview SP2 release has many of the services that are often complained about disabled by default. It also comes with a fairly central security management app for Windows (well, virus scanning, firewall, system updates at least). They made the software firewall much better, as well.

There are still a few services that it would be nice for them to disable that are still active by default, though.

Re:It's all in the install program...

Now _there_ is a novel way to gain Karma: say something almost profound, but with an obvious error. Then, when that gets modded up, post again with the errata. Get modded up again. Marvelous. :P

Re:It's all in the install program...

[Frizzle+Fry]

One of the biggest design flaws in Windows from a security perspective is that nearly every service that comes with the system is turned on by default

It seems a little unfair that people consistently point out "flaws" in Windows by referring to things that were only true in old versions. Isn't it more interesting to discuss the current versions, even if not everyone uses them?

Re:It's all in the install program...

[julesh]

Linux's usablility problem does not derive from this very prudent choice, but from the difficulty of discovering how to turn any particular service on or off.

In my experience it tends to be fairly easy. First, you make sure you installed the service. Then, you start up your distro's config program (in my case, YAST), look through the settings until you come to the one described as 'start XXXX at boot time', where XXXX is the service you're after, and change it from 'No' to 'Yes'. Easy enough?

Re:It's all in the install program...

[dbc001]

Linux's usablility problem does not derive from this very prudent choice, but from the difficulty of discovering how to turn any particular service on or off.

or even what they do for that matter. I don't have time to read the man pages for every service that i have installed. even the services that i'm familiar with are somewhat mysterious, so i sometimes keep them running.

for instance, i know that apmd does battery and power stuff, but i don't know if i need it on my desktop box. i could stop it and see if anything breaks over the next few days, or spend half an hour trying to decipher the man pages, but it's easier just to keep it running. Even Mandrake's "info" button in the Control Center hardly tells me anything. I have a dozen services running that I have only the vaguest notion of what they do - and they could very well be security risks.

Re:It's all in the install program...

[HeghmoH]

Easy enough?

No. I prefer a sequence like; click on System Preferences, then Sharing, then click the box next to "Web Server" or "Windows File Sharing" or whatever it is you want to enable or disable.

Re:It's all in the install program...

[Blinkslowly]

It also seems to follow that amateurs with easy to use linux will become unwitting accomplices for spam and various distributed attacks. Their machines will be more open then they think or can maybe understand.

Re:It's all in the install program...

[jeeryg_flashaccess]

Ugh, except sendmail is ALWAYS turned on by default...

Re:It's all in the install program...

[cubic6]

Agreed. NTFS has supported ACLs for forever + a week, but nobody uses them. Some Linux filesystems support ACLs too, but unfortunately we're seeing a similar effect. There's tons and tons of programs hardcoded to use stupid rwxrwxrwx permissions, and no amount of work will update all of them.

Re:It's all in the install program...

[obeythefist]

Windows Server 2003 has nearly every service turned off by default. Every O/S that microsoft releases since Win2K3 was released (two years ago!) is following the same secure-by-default methodology. This includes file sharing services! A windows 2K3 server out of the box does *NOTHING* at all.

Yes, it took MS a long time to finally take notice that they had a bad reputation for security.

This doesn't excuse Slashdot readers, supposedly tech savvy people, from not knowing that Windows has been following this philosophy for two years!

Re:It's all in the install program...

I'd have to agree with you but I don't see a bloody way they (M$) can disable the freaking RPC service!

Re:It's all in the install program...

[jcr]

In my experience it tends to be fairly easy.

I think what you really meant is that with your experience it tends to be fairly easy. Keep in mind that we're talking about useability for non-programmers!

First, you make sure you installed the service.

Oh, not problem.. All I have to do is find the code on my distro or on the net, untar it, ./configure; make; make install, Whoops! su root; make install;

Easy enough?

Well, no. Can you explain it to someone who's sitting down to use a computer for the first time?

-jcr

It's all about the end user

[mindless4210]

I think that the claim has very little validity. I think the truth is that it "becomes more vulnerable" when the average user is less educated about security issues.

Making Linux more user friendly, in my mind, means improving upon the features that revolve around the GUI. The great thing about Linux is how much you can customize it; you can strip away the GUI and have a powerful production-level server environment. This is different from Microsoft products, as the ease of usability encompases the operating system.

Linux is much more "modular", in that you can build exactly what you want; an installation could take up anywhere from a few megs to a few gigs. The security and vulnerability lies in the end user.

Re:It's all about the end user

[Erratio]

The modularity is definitely the key point. Linux has become more user friendly by adding more interfaces to underlying programs. Those programs are written with security and functionality in mind, adhering to the *NIX mindset, and none come to mind that have actually been changed to make them easier to use, only those that have provided helpful tools and those which provided cushy GUI interfaces, which also in general seem to implement decent security by default, at least as secure as a similar situation on Windows. As long as these interfaces are written to take advantage of the the security present in the underlying programs (which should be easily done since it's simpler than having to do both at once), the problem should be squelched. The Linux community wouldn't stand for it being insecure.

Re:It's all about the end user

Those programs are written with security and functionality in mind, adhering to the *NIX mindset ... Linux community wouldn't stand for it being insecure.

Yeah right. 99% of the problems that Windows has are derived from "desktop integration" and not underlying operating system security.

For example, check out this thread where KDE developers defend launching a KMail virus attachment using Wine. That's at least 1 virus that was blocked by Outlook but spread through KMail. Oh, but the user sees a "warning dialog" -- I'm sure the folks in Redmond said the exact same thing :P

So here we have a prime example of Linux developers actually ignoring the security lessons of the Windows world in favor of "usability".

Re:It's all about the end user

[Erratio]

I didn't realise KMail was an underlying program (or Wine for that matter). I'd defend launching that attachment too, part of Linux is the ability to do what you want, which includes opening viruses or making your computer horribly insecure should you chose to do so. It's not an e-mail client's job to tell you what you can and can't run. There should be a virus scan incorporated somewhere if you're dumb enough to open attachments like that. And hopefully no one in Redmond would be stupid enough to open their mouths about viruses.

Re:It's all about the end user

So what you are saying is that Linux really isn't any more secure than Windows, because it all depends on sysadmin policies, virus checkers, and so on. I agree.

Re:It's all about the end user

[Keybase]

"The security and vulnerability lies in the end user."

The end user is the consumer. Consumers only worry about presentation. How the message or product gets there is up to the distributor or conveyor of the product. If the distribution or transportation is broken that's not the consumer's fault. Just make sure he/she gets it and it looks nice.

Isn't that what we are all taught in this consumer society?

Also we are taught that with computers "good enough" is the best you can get. Why complicate it with extra work to make things proper.

Re:It's all about the end user

The great thing about Linux is how much you can customize it; you can strip away the GUI and have a powerful production-level server environment.

It is also something that will keep the average "luser" away from Linux, because they don't care about customizing it. They just want to use it.

Re:It's all about the end user

[Erratio]

Way to draw conclusions out of thin air. What I'm saying is that Linux is modularized with the focus of the base system remaining on security and power, and therefore the OS itself is far more secure than one where everything is interwoven into something far more complicated and therefore more likely problematic to maintain. Notice the only reason viruses were mentioned which was in connection with Wine...viruses haven't been an issue for *NIX systems, and the only type mentioned were Windows e-mail viruses which are usually caused by IBK's, and I'd think would only screw up your Wine environment...but if you wanted protection then yes....I guess it does depend on a virus checker. So I suppose in a horribly round-a-bout, isolated, virtually irrevelant way, in that sense Linux isn't any more secure than Windows.

Re:It's all about the end user

[Brandybuck]

The security and vulnerability lies in the end user.

But it's the end user we're all fawning over. We utter statements that Linux will never enter the mainstream until it caters to every whim of the end user. All usability efforts revolve around the end user. The newer the end user is to computers, the higher the pedestal we place him upon.

It is this trend that will make Linux as insecure and vulnerable as Windows.

Before you reply that Apple managed to do it, take an honest look at OSX. Apple does not consider "convenience" to be an acceptable substitute for "usability". But we in the Open Source community have absolutely no clue as to what "usability" really is, so we latch on to convenience and simplification instead.

oh of course!

[cartman837]

windows, linux it doesnt matter... Lusers will FIND a way to screw things up... If linux had the larger market share, worm writers would tailor code for it. I dont really think it would change the world as we know it.

Re:oh of course!

[oberondarksoul]

People need to learn that this is not necessarily the case. One only needs to look at the fact that Apache, while being dominant over Microsoft's webserver (the abbreviation eludes me), suffers far fewer exploits than the latter, to know that it is not the case.

Re:oh of course!

[SnappleMaster]

Agree. If Linux ever has a large "grandmother" user base like Windows then the worm writers will start blasting out trojan emails targeting Linux systems.

Windows has suffered some horrific virii in the past but most issues these days are from trojans run but idiot users, not security flaws.

XP SP2 has a lot of good security enhancements.

Re:oh of course!

Lusers will do anything. They will send off to Australia with cheques drawing on foreign banks, to buy multiple-floppy-disk-set copies of software to get it's documentation, vaseline the security cameras, open the machines to reset their BIOSes, and boot root-floppy rescue disks to get encrypted passwords, use distributed internet farms to crack them, get the admin accounts, then install Gator as a standalone program.

Mac OS X "trojan"?

[daveschroeder]

Please, no comments about how Mac OS X was "attacked" by a trojan.

It doesn't "expose" some fatal flaw in the OS, nor is it some newly discovered exploit. All it is was an application that displayed a dialog box. Mac OS applications (with the exception of Cocoa applications) have always been able to have:

a.) any icon, and
b.) any name

The only remotely slightly interesting feature of this proof-of-concept was that it stored the executable code within an MP3 ID3 tag, and even contained valid MP3 data. But that's mostly irrelevant, since the executable code could be anywhere, and the code can't even be moved in raw binary form without destroying the resource fork. Though the major media outlets haven't picked up on the subtleties of this thanks to Intego's FUD-mongering and self-serving press release, this "trojan" is nothing more than a Carbon application. (Though, the discussion that comes of this will be fruitful: maybe Apple will revisit yet again the filesystem metadata vs. file extension dichotomy, and discuss novel ways of visually identifying executables, perhaps in the same fashion as aliases.)

So, to get on-topic, no, an OS doesn't necessarily have to become less secure to become user-friendly. Some (most?) of the security of an operating system, both from a user perspective and network perspective, comes from underlying philosophical design principles and fundamentals - not to mention the intensive peer examination that open source software encourages. Sure, some user-friendly "features", such as auto-opening attachments in the preview pane of Outlook, exist to make things "easier" for the user. But this is a wrongheaded approach: a sensible focus on security can solve the majority of problems without necessarily making it harder on the user. Ease of use and security aren't entirely, or even mostly, mutually exclusive.

The key is making security easy to use.

But the age-old technique of "tricking the user" will ALWAYS be possible via various means, on any OS on any platform.

Re:Mac OS X "trojan"?

[IntlHarvester]

the code can't even be moved in raw binary form without destroying the resource fork

I assume that most Mac mailers observe the MacMIME spec. This makes sending forked files through email a transparent process.

(Not arguing with the rest of your post -- I think it would be a lot easier to trojan Mac users with a "Install this Cool Screensaver" thing instead of jumping through hoops with a fake MP3.)

Re:Mac OS X "trojan"?

But the age-old technique of "tricking the user" will ALWAYS be possible via various means, on any OS on any platform.

I think this is the one way in which usability does necessarily lead to insecurity. More usable leads to more users, which means more users that can be tricked. Users are often the largest security risk. My mother and girlfriend may be running OSX, which is easy and relatively secure, but if a simple dictionary attack can expose thier passwords of "secret" and "monkey" then the machines can still be compromised more easily than the average linux box that takes a four year degree to get installed and running comfortably and which probably has a password like "1Ms0k00L"

Re:Mac OS X "trojan"?

[oskillator]

It doesn't "expose" some fatal flaw in the OS, nor is it some newly discovered exploit. All it is was an application that displayed a dialog box. Mac OS applications (with the exception of Cocoa applications) have always been able to have:

a.) any icon, and
b.) any name

So essentially you're saying that the ability for an application to masquerade as a document is a deep-rooted, system-wide flaw rather than something fixable in the mp3 player?

That's comforting to know.

Re:Mac OS X "trojan"?

[IntlHarvester]

As a side note, this "can't transfer a resource fork" thing seems like one of those net-rumors some uneducated Mac user invented, and the rest of the Mac users just repeat like good little grassroots drones whenever this MP3 Trojan comes up.

It's so obviously false -- MacMIME, SIT files, Disk Images, auto decoding of BinHex and MacBinary files, etc etc -- that I shouldn't be the only one getting the Informative points on this one. I've never had problems transfering applications between my Macs.

Re:Mac OS X "trojan"?

Actually it's just an aspect of the Finder and the way it prevents iCons...I mean icons. That's just an application, one that's usually running by default but which you can do without.

Still, it would be nice if the Finder badged application icons to make it clear they're executables. That would also provide a nice means to differentiate between Classic apps and Carbon CFM apps, as well as the now preferred .app bundles. I expect Apple will do the former (steenkin...I mean badges), though perhaps not the latter (different ones for Classic apps).

Re:Mac OS X "trojan"?

[Creepy]

I was skeptical of the Intego stuff, so interesting.

I'd still argue that Apple is slightly less safe than Linux but much more safe than Windows. Windows, on the other hand, is probably easier to use than macosx, because you don't have to remember your password whenever you want to install, although you do need to be an admin user.

Here's how I see it from a security standpoint:
Windows - insecure because most users run as admin users, which is the default. Admin users can install and remove software and make systemwide changes, as well as format drives, so running as an admin user is basically anologous to running as root in Linux.

Apple users typically run as an admin user, as well. The difference is, the user needs to enter a password when installing (essentially a 'sudo'). This means a trojan or other malicious code will not be able to install itself on the system, but could wipe the user and all their data out. A hacker that breaks in by guessing the admin user's password has full control of the system.

Linux - users typically run as a non-admin user and can only install software in their own directory or group/other enabled directories. To install software globally, user needs to become the root user or be given sudo permissions (which reduces security to Apple levels or slightly above, depending on what sudo permissions are given). A hacker that hacks this user or a trojan that is downloaded does not have root, but can wipe the user's data.

Personally, I find the Apple choice a nice compromise, but strongly recommend all admin users on all systems have a tough to crack password.

totally incorrect

[VAXGeek]

I fail to see any such correlation between usability and security. As many others have said (and will say), OS X really does have it down in regards to their security model, which I hope is embraced on OSS *nix soon.

Re:totally incorrect

Yes, but with only 5% adoption the question remains undecided. It's not just a question of usablitly, but of how many people actually use it. Bring the flaimbait mods on!

Re:totally incorrect

[Moraelin]

Well, the only point I see (somewhat) is that more GUI means more code, which inherently means more bugs. People make mistakes. E.g., strapping the most primitive command line to a compression function, a la pkzip, is a lot less code than having a whole GUI around it, a la WinZip.

It should also be noted that security and GUIs also have other problems. Since I'm not an OS programmer, I'll give examples from stuff I did work on, and where I've seen these vulnerabilities happening every day:

1. A lot of companies hire basically clueless monkeys to write their code, especially for Web-based GUIs. GUIs have their own pitfalls, and that goes double if that all has to go over HTTP. Without someone at least remotely security-minded on the team, everyone is doing the same mistakes over and over again.

To use a well known example: there is nothing inherently insecure about Perl (buffer overflows and such), but, in the early days of the Web, Perl and CGI were synonimous for a vulnerable site. Why? Because although Perl and CGI by themselves were good and stable, the monkeys coding those sites were doing fundamentally dangerous things with them. Like passing parameters received off a web-site, without any checking, to command line programs.

Now replace "to command line programs" with "to SQL without quoting the apostrophes" and you have a mistake (and a vulnerability) that every newbie somehow just has to make. Or replace it with "to HTTP text without parsing or quoting", and you have a way to let the user embed JavaScript/VBScript/ActiveX/whatever in the pages other users see. Etc. And we're only starting to see the tip of the iceberg of security problems waiting to happen.

2. Reinventing the square wheel. E.g., instead of having the OS manage login and authorization for you, every single Web GUI inherently has to have its own passwords and permissions mechanisms. Which too often are implemented all wrong. E.g., every newbie just has to write code where you can escalate your privileges or see confidential data by just editing the URL. (See the old Hotmail vulnerability.)

And, to be honest, it's not just the newbies. I've seen expensive enterprise systems written by extremely expensive consultants from a _big_ corporation, which had all the vulnerabilities above. And then some. I guess some people just never learn.

Usability should increase security...

[NemosomeN]

By making it harder for Joe User to change settings to something unsafe/stupid.

Re:Usability should increase security...

Bah, parent is not a troll. Redundant? Maybe, but not a Troll.

If Usability implies vunerability...

[AnonymousKev]

...then you should have asked for their explanation of why OS X is more secure than Windows.

Re:If Usability implies vunerability...

[mooredav]

The Wall Street Journal offered the usual explanation for why Mac had fewer malicious programs:

"Security experts say this state of affairs primarily reflects the Mac's very small share of the personal computer market, which makes it an unattractive target for virus writers looking to spread mayhem."

(quoted from "Apple Computer Probes Report of Music-File Virus" -- note the headline says "virus" not "trojan")

I think that's the lazy analysis. The primary reason is because Mac OS X is much better organized and configured by default. However, it's hard to explain that to your readership without sacrificing credibility. They don't want the Windows crowd to think they're Apple zealots. Journalists don't even care what the real deal is; they just write whatever people expect and believe.

"Security experts say..." is just code for "This journalist figured..."

Re:If Usability implies vunerability...

[colmore]

In journalism "objectivity" means "neutrality." Even if objective evidence rationally leads you to the decision, you can't praise or condemn anything without losing your "objectivity."

Let me sum this up for you.

[bludstone]

The answer is "No, because of peer review."

Lets move on..

Re:Let me sum this up for you.

[Halfbaked+Plan]

Then, the followup question is:

As Linux becomes increasingly popular, the 'peer group' will grow substancially. More and more 'mere users' will be involved. 'Peer review' will cease to be review by 'peers' and become more a 'review' by an 'elite' subgroup of the peers.

The 'peer review' model won't scale to the whole world as well as some people seem to think it will.

Besides which, as every joe sixpack gets involved using the software, all the shysters will come along as well. Right now they're scarce because there isn't a pool of knobs for them to rip off.

There are many factors, and obviously since many, many comments have been made on this topic here today, your 'Lets move on' attitude is a grave error.

Re:Let me sum this up for you.

[bludstone]

Wrong.

Not moving on would be a worse error.

Im fully aware that only a small subset of people would be able to review the actual code for something. But the more popular a program is, the more likely it will be to garner peer reviews. Its a simple matter of statistics.

I never claimed that EVERYONE would be reviewing code. Hell, my home pc is almost 100% open source (sans OS and a handful of programs) and ive never even looked at a line of the code.

But lots of other people have.

Shysters are there to weed out the morons. :)

Absolutely Inevitable.

[onyxruby]

It's the same thing that has happened to other fields that eventually grew to the point where people could do some of the work on their own. For comparison think of publications, once restricted to highly specialized professionals and now available to anybody with a printer and a copy of printshop. Those home-brew print jobs make the pros squeem in pain. Amateur work will always be amateur, and the results will reflect this.

Once Linux gets to the point that it can be administered by people who aren't dedicated specialists, it's inevitable they will try it out and that most of these people will be less careful administrators. After all they aren't dedicated *nix admins and will often wear many hats in their organization. This doesn't mean that Linux is insecure, it's just a growing pain that it has to go through.

Don't forget how many people fall into the "it's working, it's now forgotten" category. These are the people that only perform oil changes on their cars and wonder why it eventually breaks down on them - and there are a lot of them. They won't patch it, back it up or anything else until the day it inevitably comes crashing down around them.

Re:Absolutely Inevitable.

[Zwack]

For comparison think of publications, once restricted to highly specialized professionals and now available to anybody with a printer and a copy of printshop. Those home-brew print jobs make the pros squeem in pain. Amateur work will always be amateur, and the results will reflect this.

To quote a musician I know... "I'm an amateur. I don't need to practice."

The only difference in quality of output between a lot of amateur musicians and a lot of professional musicians is the amount of practice. With more practice a musician makes fewer mistakes and can repeat the same music more consistently every time.

One pottery class I heard about divided the class into two groups. One group was given the job of making just one pot in a semester, but it had to be "perfect". They spent the entire time studying and preparing for that one pot. The other group was told not to worry about quality but to make as many pots as they could. Each group would be graded differently. At the end of the semester the group that made one pot each had made their pot, and the group that made as many as they could had made a lot of pots. The pots made by the people who were aiming for quality were consistently bad. They had made mistakes in their pot making, come across issues that they hadn't encountered in their research and so on. The other group had a range of pots. Their first pots were awful. Their final pots were excellent. They had learned from their mistakes throughout the course and had continually experimented with different firing temperatures, glazes, and so on.

So, what am I trying to say here? The professional who doesn't practice is not going to be any better than the amateur who works hard at it his art. I've been involved in printing from an amateur stand point and I would be confident enough with some (but not all) of the "home-brew print jobs" that I have done that I would quite happily pass them to a pro with no expectation that they "squeem" in pain. Some talented amateurs will always be better than untalented pros, the best output from untalented amateurs will beat the worst output from untalented pros and vice versa. Talented pros and talented amateurs will both produce good and bad work, but the best work of both will be on a par.

Z.

p.s. I used an 1854 Albion letter press for fine press printing. I can set type by hand using a case of type and a compositors wand, I can ink and run the (hand) press well, but I can't prepare the paper. My father (the owner of the press) can prepare the paper, and is better at page layout and adjusting the form. We both have our strengths and weaknesses but for rank amateurs our "home-brew print jobs" have done remarkably well. I also have a degree in Applied Physics and another in Software Technology, I am definitely no more than an amateur printer.

Re:Absolutely Inevitable.

[dnamaners]

yup.

A few more notes:
Of course there is the inevitable factor of loosing ones security by obscurity. Once any Os (usable or otherwise) gains wide acceptance there will be by definition allot of people with a understanding sufficient to do harm and possibly break its security.

From the other side, As the number of users rise so do the number of less skilled users. They are the ones most at risk as they may not actually know or follow common sense security guidelines. The end result is a OS threatend by security risks, virus and/or hackers.

This loss in security can be partly offset by using good solid code and protocols. But the inevitable result of mass acceptance is that over all security is reduced and that more "bad stuff" happens. The number of "Bad things," such as a major Trojan, that happens may be very infrequent per user. However, if you double the number of users expect the incidence of bad things to at lease double as well.

*common signature removed due to excess monotony

Re:Absolutely Inevitable.

[onyxruby]

So, what am I trying to say here? The professional who doesn't practice is not going to be any better than the amateur who works hard at it his art.

I couldn't agree more. I've worked with too many dinosaurs with 20 years experience that should have been put out to pasture.

It's interesting that you have gone far enough with your hobby on publication to learn things like type setting. Most amateurs don't go that far though, and then some amateurs produce work that easily competes with professionals. More than a few map makers for games have found their way into professional employment, so by no means do I say an amateur automatically does bad work.

Most amateurs of course do the typical amateur job, and that was the point I was trying to make. When these people end up administrating systems, a few will do well, but most will do a half ass job.

Re:Absolutely Inevitable.

[ajs318]

Linux never had "security by obscurity". The source code has been equally available to good guys and bad guys since day one.

Re:Absolutely Inevitable.

[dnamaners]

I stated "obscurity" however "unimportance" may have more accurately described my meaning at that moment. Linux is certainly not using obscurity used in form of closed source. in this case "obscurity" is mostly toward the lack of market share and savvy users.

If a hypothetical Os had only 1% of the market compared to 2 or 3 other competitors then it may be an "obscure" system. This state can impart security to this system since few use it few are in a real position to exploit it weather or not the source was open and or inherently secure. Once that 1% is gets bigger, say 25% or more market share enough persons will be using it to make it a viable target for spamers, cheats and the mischievous. Few will learn a new Os just to phreak on some lame duck that will not go far, in stead they will concentrate on more valuable / common fare.

.....Of course there is unlimited room for reality to invalidate my opinions and / or inane babble at any moment, only time will tell.

Re:Absolutely Inevitable.

An amateur who works at it enough essentially becomes a pro (skill-wise, if not pay-wise). As you say, the biggest difference is practice, so an amateur who practices a lot can get pro-level skills. Combine that with a pro-level education, and you're there. Part of the difference is if they try to learn everything through experimentation, or if they study the same resources the pros do.

One of the things I notice between the self-taught and the trained is the appreciation of the rarities and the subtleties. If you learn by experience, then it's hard to troubleshoot a 1/1000 failure rate. If it's "good enough" for you, you may think you're doing everything right, even if you're actually making mistakes (that just don't show so obviously).

Self-taught people often think that formal education is useless, or even counter-productive. People with a formal education often think that you're useless without one. I'd say that you can get 60-95% of the way there without education (depending on the field), the last little bit requires someone telling you what you can't see.

Most people think they're close to the 95% mark, even if they're closer to the 60%.

Re:Absolutely Inevitable.

[Halfbaked+Plan]

" I used an 1854 Albion letter press for fine press printing. "

I didn't think there was anybody else but me left in the world who would know what a California Job Case is. I used to be able to compose a line of type fast from one.

I brought one home from auction awhile back. My wife said 'nice shadow box' and depressed me greatly.

Ok, we're on to you.

[winkydink]

I cought myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee

Cheese it, it's the cops!

Re:Ok, we're on to you.

[Xerp]

It can't be the cops, there wasn't any mention of Freecell...

Re:Ok, we're on to you.

[Chris+Burke]

It can't be the cops, there wasn't any mention of Freecell...

Yeah, because they were in the Krispy Kreme taking a break from Freecell in their squad cars.

Re:Ok, we're on to you.

I was informed by a cop "friend" recently that it's now bagels and cappacino

Why argue?

[sumac]

Seriously, just avoid the discussion. It always degrades into one of 2 arguments anyway: #1 you're stupid #2 you're gay There's no way to win the debate. Just ignore it.

If by "making Linux more friendly"...

...they actually mean something like to run everything as root so as to not bother the user with that all that pesky permissions-thingy nonsense, then yes Linux will of course become much more vulnerable.

depends

[sumdumass]

Depends on how the make it more user friendly. Most of microsofts flaws come from coding errors and automaticaly opend ports and services that aren't used.

I think linux can be user friendly without all that but with anything the more layers you add to it the complexity and ability to keep it secure will become harder. Not impossible but harder. At least with linux you will know were the problems are instead of having it for 2 years and then finding a patch for it one day.

Uh...

NO?

Yes

[YrWrstNtmr]

Take the basic Linux safety measure. Having to log in as root to do anything significant. Win has this as well (admin, power user, etc) , but most people run as admin, partly because of crappy, admin-rights demanding software, partly because Win doesn't really tell you not to, but also partly because its a PITA to remember, and log in with, that secure PW to do any installs or maintenance.

A "user friendly Linux" (Lindows, anyone?) will have to be very, very careful not to end up down this same path.

Write better SQL!

[markv242]

You need a COMMIT; in there to make sure your transaction runs, otherwise my base will still belong to me. For great zig! COMMIT;

Re:Write better SQL!

He's obviously using MySQL.

Re:Write better SQL!

[Limburgher]

Sorry, I have autocommit set in my scripts. :)PPP All your base are in fact belong to ME!

Re:Write better SQL!

[JohnFluxx]

":)PPP" - good grief! What is that - tounge within tongue within tongue, like in aliens.

Re:No wonder...

[Professr3]

I believe I saw you posting on Slashdot Friday night... need I say more?

Easy to refute.

[greg_barton]

OSX

It's all in the account setup...

[LostCluster]

On Windows they call it Administrator, on Linux they call it Root. It's the same thing, the user account that has no restrictions on it. Every user wants to run that way, because seeing a "permission denied" message on their own box just isn't going to make them consider the system user-friendly.

It's really more of a user eductation issue than a technical one. The best security practices are usually in counter to an element of ease of use.

Re:It's all in the account setup...

[sumdumass]

Well I think su or sudo can compensate for that a little. I havn't heard of any microsoft setting that lets a user run certain programs as root or have root capabilities in certain areas. I know there is a "run as" feature but from what I can see it just doesn't measure up to the linux alternatives.

I havn't found any real reason beside a misconfigured video card (my fault and it stoped me from playing a game E.T) to ever need to run as root user in anythign I have done on a local machine.

Re:It's all in the account setup...

[MrRuslan]

The Difrence is that most software for windows is Desighned to run on Administrator and not as a normal user...but with Unix most apps run perfect on a normal user with no privleges without the permision denied issue...unless it someone administrative you dont need root...i think thats a little more freindly.

Re:It's all in the account setup...

[J.+J.+Ramsey]

"On Windows they call it Administrator, on Linux they call it Root. It's the same thing, the user account that has no restrictions on it. Every user wants to run that way, because seeing a "permission denied" message on their own box just isn't going to make them consider the system user-friendly."

Except it's not quite the same. On Linux, graphical apps, at least the ones that are part of the distro's admin tools, prompt for the root password if they are started by a regular user. Windows XP, as far as I've been able to tell, doesn't do this. Ordinary *nix apps are designed to run with user-level privileges, and this has been so from the beginning. Many Windows apps, however, are written with a permissive environment like Windows 95/98 in mind, so apps do things that only work if the "Program Files" directory is writable. Most Linux distros have a regular user account created as part of the installation. Any additional users created as part of a Windows XP installation have Administrator privileges by default.

On a typical Linux box, running as a regular user is usually the path of least resistance. The opposite is true for Windows XP.

Re:It's all in the account setup...

[galay]

I cant even kill certain processes with Administrator, not the same with Root

Re:It's all in the account setup...

[Tim+C]

Many Windows apps, however, are written with a permissive environment like Windows 95/98 in mind... additional users created as part of a Windows XP installation have Administrator privileges by default

Your first point is the reason for your second. There are far too many applications (and programmers thereof) that think they need to be able to write to system directories (Program Files, Windows, etc) for MS to have made user accounts unprivileged by default in XP. This is the first time that MS has released an OS with any real sort of access restrictions that's targetted specifically at home users.

It's going to take time to make the transition - they have a hell of a lot of people to educate, both users and developers. After all, imagine the flack that MS would take if their new OS suddenly broke *the vast majority* of existing (home) software... I would be surprised if Longhorn displayed the same behaviour regarding user accounts though - I expect it to be rather more sensible in that regard.

Re:It's all in the account setup...

[sploo22]

It seems to me that an ideal solution for newbies would be run as a normal user, but have the system prompt you for any operation that requires root privileges. If it includes a warning about viruses/trojans/important files, most users should be able to handle it.

Re:It's all in the account setup...

[gmoschin]

While it is true that Windows XP accounts created during setup have full Administrator rights, you don't have to operate the OS that way.

To run with user-only permissions:

Go to Control Panel, User Accounts.
Make sure the Administrator account has a password, and that you know what it is. Very important! If you don't know the password, set one by choosing Change an Account > Administrator > Change Password.

Change your personal account to a limited account, by choosing "Change an Account > Your Name > Change the Account Type." Change the account type to "Limited".

Log off, and log back on again.

Ok, now you're logged on as a User, with a limited account. Congratulations.

Go to Control Panel, choose Add / Remove Programs, and go to Windows Components.
Notice that you don't have administrative rights. Close Add/Remove Programs.

Now here's the tricky part:

Hold down the Shift button (left or right), and right-click the Add/Remove Programs icon.

Choose the "Run As..." option. If you don't have the Run As option, the "Secondary Logon" service may need to be started. Log on as Administrator, right-click My Computer, Manage, go down to Services and Applications, Services, and double-click on "Secondary Logon". Set to start Automatic, and click Start.

Choose "The following user:", and enter in the Administrator account and password.

Voila! You've done the equivalent of "sudo", and are now running the Add/Remove control panel (and any processes spawned) as Administrator.

You can do the same with nearly any icon or shortcut, and for the command line, there's the "runas" command.

Quite useful, really.

Re:It's all in the account setup...

[MCherry]

Actually, I don't think this is quite right. Doesn't change much of what was said, but Administrator on Windows is not the top user login. That is called "System," and can't be accessed usless you change a setting, and then get the password from a manual. Basically it is to prevent the deletion of some ultra-important system file. If you use a Windows machine, you might be able to find some place where you will be denied access to something, even though you're logged in as Administrator.

Re:It's all in the account setup...

It's called "Runas". For WinNT, there is a DLL called "TQCRunAs" that will facilitate it as well (within VBScript). For Win2K/XP, TQCRunAs will also let you fully script the login with username and password, which the native Runas command can't do.

How to use "runas"? Much like "su" or "sudo":

C:\> runas /user administrator "notepad.exe"
or...

C:\> runas /user administrator "F:\setup.exe"

Of course, the "RunAs Service" service needs to be running for it to work.

MKS Utilities has a "sudo" command, but it's not scriptable, because it uses the same internal api calls that "runas" does.

So, yes, it is possible, if you know the Administrator password for your Win2K/XP box, to install software from your privelege-restricted account with 'runas'...

It is also programmable from Win32 to do something similar, but it requires some trickery with profile priveleges and other stuff. For system administration stuff, TQCRunAs also works from a domain login script (just call the vbscript from within the CMD file).

Why would you want to do this? Well, if you're working in a corporation, chances are all the desktop PCs have the same local administrator password. If it gets compromised, you probably need a good way to change it for all the computers in the domain, right?

So, with TQCRunAs, you can surreptitiously change all the local administrator passwords when the user logs in to the domain, install software patches, etc.

If you don't want to spend the big bucks on SMS or something similar, then TQCRunAs is a great hack for the enterprising system administrator.

Yes, I used it, and it saved our group about $18,000 (the annual cost to join the enterprise SMS servers, as well as losing autonomy). Pushed out over 1000 IE5/6 security upgrades with it...

Happy Hacking...

Re:It's all in the account setup...

True, however I know of many companies where servers autologin as Admin or processes run as the administrator because Active Directory is an absolute nightmare to set up and assumes it is at the top level of a DNS tree.

I spent a week trying to connect a network of narrowband pcs to a local ActiveDirectory server and in the end gave up. I have been using Windows since 3.11 (for WG). Maybe there is a very obvious thing I am missing, but since 2K & XP are supposed to be GUI fun and user friendly it kinda misses the point.

(I have the same relationship with windows as I do with my 12 year old car... it gets me where I want to go eventually, and when it works it's a dream and when it doesn't I want to take it to the knackers yard)

Re:It's all in the account setup...

[N1KO]

A more meaningful message would help, but other than installing/uninstalling software and configuration there is no reason to run as root on a desktop system. Even then, most of the configuration can be done without logging in as root.

Also, the more user friendly distros let the user access administration tools by providing the root password in a dialog box. I think a short description of the multiuser system and its virtues (makes it extremely hard for viruses to spread) would make most users happy to use the system in a safe way.

The best part, if there is more than one user (common in a family), each person can have his little sandbox to mess with. Although installing software in a user's home directory is more complicated (no package manager), a normal user can do pretty much every thing else he normally does without the possibility of screwing up the system for everyone else.

Re:It's all in the account setup...

[zalm]

Also a problem with users is using weak passwords, not changing them regularily (even in work envvironment), and writing them down somewhere accessable by others. Some even leave thier systems logged-in when they leave thier area, "for a few minutes." I've tried to explain how to generate a pseudorandom password from an easily remembered passphrase of thier own choosing (using the first letter of each word of the phrase as the password) they don't get it, or can't be bothered.

Mac OS X actually has three levels, user, admin, and root. Admin can install programs but can't make critical changes to OS; that is reserves for root and is turned off by default.

"Microsoft Administrators" have no perspective

[IO+ERROR]

The problem here is your "Microsoft Administrators" have only one frame of reference for the question, and that's Windows, which is

• user-friendly
• vulnerable

and so they think anything that's user friendly must be vulnerable. A classic logic error, whose name I forget right now.

User friendly does NOT imply vulnerable, nor vice versa. I've posted before about building secure systems and securing existing ones. The techniques are, for the most part, well known albeit tedious, though I do anyway. (I even posted a security advisory to BUGTRAQ today...)

As long as the people making Linux user friendly keep security in mind when designing and implementing the new features, there will be no problem.

Re:"Microsoft Administrators" have no perspective

so they think anything that's user friendly must be vulnerable. A classic logic error, whose name I forget right now.

How about "familiarity breeds contempt"? :-)

Re:"Microsoft Administrators" have no perspective

[panda]

so they think anything that's user friendly must be vulnerable. A classic logic error, whose name I forget right now.

How about "familiarity breeds contempt"? :-)

How about post hoc, ergo propter hoc?

Re:"Microsoft Administrators" have no perspective

[happyfrogcow]

and so they think anything that's user friendly must be vulnerable. A classic logic error, whose name I forget right now.

I'm pretty sure that's called the "Chattering Marmot Dilema" I swear! look it up!

Re:"Microsoft Administrators" have no perspective

[Bob9113]

A classic logic error, whose name I forget right now.

Way off topic, but I found myself in the same predicament recently, and found this handy guide.

Re:"Microsoft Administrators" have no perspective

I think that would be an inductive logic error.

Re:"Microsoft Administrators" have no perspective

[Shikoten]

That would be the fallacy of False Dichotomy (or false dilema)

Re:"Microsoft Administrators" have no perspective

I think it's actually this: Cum Hoc Ergo Propter Hoc

Re:"Microsoft Administrators" have no perspective

[Mannerism]

so they think anything that's user friendly must be vulnerable. A classic logic error, whose name I forget right now.

How about "familiarity breeds contempt"? :-)

How about post hoc, ergo propter hoc?

How about "hasty generalization"?

Re:"Microsoft Administrators" have no perspective

[Bullet-Dodger]

Dude, that would be a perfect name for a band.

Re:"Microsoft Administrators" have no perspective

[Bullet-Dodger]

Well to be about the eighth person to chime in with my opinion: It sounds like correlation implies causation (or cum hoc ergo propter hoc). The fact that high usability is found with low security and low usability is found with high security doesn't necessarily mean that one causes the other.

Re:"Microsoft Administrators" have no perspective

[Lifewish]

Yay! First time I've seen this phrase in the wild since I did my Critical Thinking A/S level :)

The anti-usability bullshit must stop.

[TempusMagus]

To equate good usability with bad security is retarded and prejudicial. People who endorse that thinking in the linux community are, in my mind, the biggest hurdle to the widespread adoption of Linux on the desktop. Adding ill-conceived and ill-planned COMPLEXITY can lead to security issues but usability concerns, whether command line or GUI, don't have to.

Of course if you have elitist programmer types who use their case-modded Amiga's to talk to talk to each in Klingon don't expect your user experience to be one 'Joe User' can use or enjoy. If you are one of those people who are disdainful of people not as smart as you and want to keep Linux/OSS in the hands of your CRT tanned brethren then by all means continue to disparage and FUD usability all day long - just don't complain about Linux's adoption - EVER.

A few things for folks to remember:

• Usability does not mean GUI. It's about performing tasks in the fewest steps requiring the least amount of memorization by the greatest number of targeted users.
  
• Computer savvy people are atypical users. I may respect how a race-car driver drives his car and maintains his machine and there is no-doubt that he is a better driver than me. But if I need to go to the store and buy groceries or go out drinking with some-friends - not only is in inefficient for me to use a car designed for someone like that but its also uncomfortable and dangerous.

Re:The anti-usability bullshit must stop.

[bellers]

>>To equate good usability with bad security is retarded and prejudicial.

Isn't that sort of like saying "I want to rid the world of rascists. And Asians."?

KTHXBYE.

Re:The anti-usability bullshit must stop.

And the Dutch

(Nigel Powers reference ;) )

Re:The anti-usability bullshit must stop.

A point to support this. Remember Dos? I remember knowing a great number of people who were not super geeks but knew there way around Dos very well. Why? Because their company used Dos software. Nothing more. And just imagine, it was a command line that those everyday people had learned.

Re:The anti-usability bullshit must stop.

[happyfrogcow]

>>To equate good usability with bad security is retarded and prejudicial.

Isn't that sort of like saying "I want to rid the world of rascists. And Asians."?

Assuming your critiqing the use of "retarded", not really. from http://www.cogsci.princeton.edu/cgi-bin/webwn?stag e=1&word=retard

The verb "retard" has 4 senses in WordNet.

1. check, retard, delay -- (slow the growth or development of; "The brain damage will retard the child's language development")
2. retard -- (cause to move more slowly or operate at a slower rate; "This drug will retard your heart rate")
3. retard -- (be delayed)
4. decelerate, slow, slow down, slow up, retard -- (lose velocity; move more slowly; "The car decelerated")

So the original statement could be read as "To equate good usability with bad security both slows the growth of security and is prejudicial to the field of security" or something along those lines.

Re:The anti-usability bullshit must stop.

[eumaeus]

Or, since "retarded" is a passive participle: "To equate good usability with bad security is to [show oneself to] have fallen behind on the subject of security and to have prejudicial views [of security]." But the grandparent's point is well-taken... why risk being seen as nasty toward folks who don't deserve it?

Re:The anti-usability bullshit must stop.

If you drink and drive your a BLOODY idiot.

Re:The anti-usability bullshit must stop.

[Dravik]

Doesn't advocating tolerance imply that you must tolerate intolerant people? If you won't tolerate somebody elses intolerance then doesn't that make you intolerant?

Windows isn't less secure

[MerlynEmrys67]

Since it is easer to use - the average user of Windows has significantly less experience. This leads directly to more vulnerabilities as inexperienced users do things that no sane experienced person would do.

Inevitably as you create environments that any idiot can use (see Windows) any and every idiot will use them - leading to more security problems.

As an example - up until the last couple of windows exploits, the user of the infected machine was required to open an encrypted .zip file with a provided password, see the executable inside of it, then execute the program to be infected.

How many experienced Unix admins would take a shell script out of an e-mail and execute the shell script that did an cd / rm -rf ? Not too many, windows users did it by the droves.

Re:Windows isn't less secure

[nam37]

Out Out Damn Logic!

Get thee hence from Slashdot!

Re:Windows isn't less secure

Funny, when I open a ZIP (or TGZ) archive containing an executable that runs "rm -rf /", I get a "permission denied" error. Even if I type in "rm -rf" at the command line, nothing bad happens--and I administrate this machine! Oh! Wait! It's because I don't do non-administrative tasks with root privileges, like every other UNIX admin in existence. Perhaps you are talking out your ass?

Re:Windows isn't less secure

BS! thin air accusations that linux users are any more leet than windows users are retarded.

I remember one time on IRC telling someone to do a "/exec -o rm -rf". He didn't even ask. He just did it. The people who usually install linux are trying to learn a *nix and thus, commit a lot of errors.

"Unix Admins would..." Apples and Oranges. Don't compare users to admins. Stupid.

Re:Windows isn't less secure

[drsmithy]

I remember one time on IRC telling someone to do a "/exec -o rm -rf". He didn't even ask. He just did it. The people who usually install linux are trying to learn a *nix and thus, commit a lot of errors.

Uh, the point he's trying to make is that users like this are far, far less common on linux/unix platforms than they are on Windows. Hence, there's significantly less opportunity for worms leveraging these users to propogate and the damage caused is also significantly less.

Re:Windows isn't less secure

[kundor]

That's EXACTLY the point.

A windows user runs such a script, it destroys a system.

A unix user runs such a script, they get "permission denied." Your example would be entirely harmless.

Yes.

[FreeLinux]

Have a look at Lindows. They make Linux easy enough for Windows users and supposedly, your grand mother to use. The first major step towards ease4 of use was the use of root as the primary logon. Security on these systems obviously just took a major step backwards.

Now let's face it, the ease of use your friends are talking about is things like not having to use a user ID and password when you turn on the PC and, most especially, not having to "su" to install spyware ^H^H^H^H^H^H^H pop-up blockers.

Re:Yes.

[mahdi13]

When was the last time you even looked at Lindows?? It sounds like NEVER and you are judging it from the Preview that came out 2 years ago.
Lindow does NOT run as root unless you want to, just like every other Linux distribution.
Take a read through their FAQ of searches for root and more specificly the one about 'pushing security' on the users.

Did you know Windows runs as root 5 years ago! Even Windows has locked down somewhat on user security. It's just that with Windows, if you run as an administrator, you are the administrator account.

Re:Yes.

[advocate_one]

where's my MOD points when I really need them??? I am really getting sick and tired of this old crap about LindowsOS being trotted out at every opportunity...

plus two very obvious flamebait topics in one day???

Re:Yes.

[mahdi13]

I can't tell...did you want to mod me Troll or Informative?
I'm very sick of people dragging Lindows into these arguments as if they are some evil corp trying to take over the world. Sure, we don't really trust Michael, but Lindows has turned out to be a very excellent newbie distro.

BTW, I don't use Lindows but Gentoo. I just like to keep my facts straight on these topics, since most people here apperently do not

Re:Yes.

[advocate_one]

I wanted to mod you up as informative and mod him down as troll. I'm currently runing my boxen on Suse 9 and Mandrake 10 with a solitary smoothwall box for firewall duties. I've succesfully installed Gentoo for trial purposes but wasn't too impressed. I've been spoilt by the configuration tools that come with SuSE and Mandrake you see... but with SuSE's YAST shortly to become GPL, then some kind soul might do a port to Gentoo.

Re:Cought?

[kruczkowski]

What had me thinking is why did the editor let us know that he was at Krispy Kreme's having donuts and coffee. That could have been left out.

Yes... but not for the reason you think.

[h4rm0ny]

[As | If] Linux becomes more 'userfriendly,' security will suffer. This is not because it becomes inherently more vulnerable, but because it becomes accessible to ever less competent people.

A *NIX system does have inherent security advantages over Windows, but it still requires a very competent Admin to do a thorough job. Right now, I'd lay money (based on experience) that the average Linux Admin has a far better understanding than the average Windows admin simply because he needs to. This is going to change.

Consider that in my day, a programmer was still a computer scientist. Nowadays, I have to work with people who took a few months at a college course using a Visual design package and couldn't even program a Bubble Sort routine. It'll be similar with Linux security.

Re:Yes... but not for the reason you think.

[Handpaper]

One thing which may soften the blow if a noob's Linux box is compromised is to ensure that the default 'noob' installation doesn't include all the useful tools that make Linux boxes such a prime target. If you can 'own' somebody's Linux box now, you have any number of useful tools/apps already installed to help in your use of that box - off the top of my head, ping, ssh, telnet, ftp, tftp, screen, nmap, netstat, uucp, postfix - I'm sure there are more. But what can be done with a box with no network tools and no easy way of installing them?
OK, it doesn't help the noob - but it could make life easier for the rest of us.

Re:Yes... but not for the reason you think.

[TENTH+SHOW+JAM]

Hmm. I would disagree. I think part of good administration of a system is automation of crappy tasks, so you are only alerted to important information. (like things going wrong) I beleive that a competant admin will always have a stable setup whereas an incompetant will always have problems. The trick is education, so Joe 6Pack user starts thinking. OK, I can't do this for a reason. Do i really want to sudo it or am I being tricked? Once Joe starts thinking like this, then he is a large step closer to being a good admin.

Once people start finding out that you have to put on a seatbelt before the ignition will start, they will accept the seatbelt dispite it's restrictions of movement. Windows provides seatbelts, (sometimes not correctly installed) but you have to do the course to learn how to use them. Linux tends to educate users during the install about seatbelts and their proper use.

We need more education about security as applied to Linux to be freely available. We have to make it easier for the average user to understand and work in a secure environment. We need to automate processes so users are alerted to potential breaches and given enough information to make an informed choice. All this can, and some of this has been, done. Joe 6Pack does not need a corporate network, but he does need just enough of a secure system so he does not get toasted and can think to himself in 6 months time, "Its been a while since I had a computer problem. Wow."

Re:Yes... but not for the reason you think.

[h4rm0ny]

Hmm. I would disagree.

So would I actually. I've thought about this a bit more since I posted and of course making tasks easier should cut down on mistakes being made. Just because I use a front end for my CRON jobs nowadays, it doesn't mean I'll destroy my system.

The problem is that until recently, administering a *NIX system looked hard. You paid attention and you didn't feel comfortable doing anything until you'd acquired a decent level of education on the subject. If Linux takes the Windows approach to things though, then more people will be rushing in and bluffing their way through and that's when the problems occur.

Essentially, I'm agreeing with your point about needing more education, but I think we'll actually see a drop in this as people feel they need it less because they don't need to understand what goes on under the [bonnet|hood].

Hmmm. I seem to have ended up agreeing with myself again, but I'll post this anyway because I liked you seatbelt analogy.

How about the implementation?

[michael+path]

I'm not sure how I understand how the product could be less secure. My concern, the same concern I have for Windows, is the implementation.

End users generally either accept defaults, or install everything they can - regardless of if it's anything they'd ever use. This also means opening all the ports for the applications they install (by default, in Windows). They're simply not experienced enough to appreciate what they do.

My limited experience in Linux (I consider myself a very average user at best) with Red Hat and Fedora distributions is that it opens itself up for whatever I install as well. I often find myself fortunate if I can get 80% of what I install working, so I suppose that's inherantly more secure.

However, I still use 14 character passwords in Windows and Linux. I still set appropriate permissions on files in both Windows and Linux. Vulnerabilities will always exist, regardless of platform. I fail to see how wider use would make the produce less secure, however.

Lindows

[epcraig]

Since Lindows has chosen to trade security for usability, we have a perfect test case.

Whoosh...

[Run4yourlives]

That's the sound of the point passing you by...

One of the biggest knocks on Windows is the whole "you have to be admin to do anything" security flaw. As linux gets more and more "user friendly", it'll be difficult not to follow microsoft's example, in certain respects.

Don't tell me you've never heard of linux users surfing the web as root...

Re:Whoosh...

Don't tell me you've never heard of linux users surfing the web as root...

Ya, and we bitch-slap them every chance we get too

oxymoron

[linuxislandsucks]

oxymoron def:

Computer Usuability equals MS Windows..

Try mandrake 10!

[Krik+Johnson]

Mandrake 10 is very usable, and is SECURE! To everyone who think usabillity and security can't exisit please try it! I am using it now! I wish people wouild stop going on about Linux usabillity it has been usable for YEARS! Stop using shit distros!

Re:Try mandrake 10!

[sumdumass]

I think that the usability they are talking about is more to the windows like nature then actually being usable.

I like mandrake also and used 9.2 with an xp clone desktop just to see how people would react when I told them it was a beta of windows xp2. Most people liked it but were confused when they tryed to install a program and I told them I locked that out.Almost everythign else they wanted to do was easily acomplished. I was amazing to see them talk shit about linux when i asked them what they thought about it shortly after. Of course I never told them they just said mandrake linux masquerading as a new windows xp was awsome. I want to see them express more interest into it first.

possibly, but

A lot of security issues are related to either underlying architecture or social engineering. You can't always do anything about social engineering (leaving passwords in the open, providing information to a query on the phone), but the low-level architecture is a different creature entirely.

Why do Windows and other Microsoft-related products have so many security risks? It has nothing to do with the user-friendliness. It's at the core. Until and unless Microsoft is willing to write something from the bottom up which is not vulnerable to buffer overruns, you will always see security leaks (and hopefully, patches) in the news.

I haven't kept count, has anyone else? What percentage of the patches and security alerts are related to buffer overruns? (I'll wager dollars to those Krispy Kreme doughnuts it's a significant number)

And it's obvious Microsoft does not understand this issue is in the code's "DNA". Taking that month off to address "security issues" obviously did nothing. The security bulletins continue to flow as before. They just don't get it.

Using Security

[DreadSpoon]

Usability doesn't mean "avoids security." It means the interface is easy to use. You can do this *with* security. For example, just asking the user to re-type their password before running admin tools, even if they have rights to run them. (No su'ing to root; no process should *ever* run as root with user input/control.) That means that a virus can't just start running admin commands without the user knowing.

SELinux (or, hopefully, a similar system with a sane configuration/management interface) can also assist with this by limiting what vulnerabilities can do.

And the interface design itself helps. Microsoft's attempts at usability equate to "do everything automatically." Compare this to GNOME where the design is based not on automation, but on streamlining. I fully believe GNOME is *more* usable than Windows in almost every way, yet it hasn't the security problems as apps don't try to auto-run executables from untrusted sources, embed scripting languages with system-modification abilities, etc.

In truth, the interface can be designed such that it makes using security easier, vs hiding security away.

Re:Using Security

[leperkuhn]

Usability doesn't mean "avoids security." It means the interface is easy to use.

I agree with you, and here's my example. A button on the desktop that says "Turn Firewall On". Easy to use, makes computer more secure.

Re:Using Security

[drsmithy]

Usability doesn't mean "avoids security." It means the interface is easy to use. You can do this *with* security. For example, just asking the user to re-type their password before running admin tools, even if they have rights to run them. (No su'ing to root; no process should *ever* run as root with user input/control.) That means that a virus can't just start running admin commands without the user knowing.

You are working under the false assumption the average person will think before they enter their password when prompted.

Re:Using Security

SELinux can also assist with this by limiting what vulnerabilities can do.

SELinux *could* assist with this in the future, but right now that's vaporware. Feel free proving me wrong by showing a USABLE SELinux implementation.

This is sorta like saying that Java/NET will stop Windows Viruses with their security model -- which sounds great until you realize that nobody uses it.

Re:Using Security

[marauder404]

Usability doesn't mean "avoids security." It means the interface is easy to use.

Actually, that's not sufficient. Usability means that people understand how to use it, and sometimes they don't even understand what's going on. Sometimes, users don't even understand that admins can read their email -- try explaining to these people what a root/admin user is on their very own machine and why they can't do what they want to do. They simply don't understand the concepts that an interface, no matter how good, just can't convey. And even if it can deliver it, you have to deliver an interface that is equally understandable for the basic users and advanced for the sophisticated ones. That's the true challenge of security and configuration.

Re:Using Security

[starseeker]

SELinux (or, hopefully, a similar system with a sane configuration/management interface)

I think SELinux with a configuration/management interface will do fine. Right now its in a raw, gut level functionality state. ACLS on Linux I view in a similar fashion - given a proper interface, there won't be any reason not to use it.

Part of the problem is proper security involves knowing a lot about what a program is doing, what it needs to run, etc. and most people don't want to know all those details for all their programs. I think over time people who know each application will develop a default configuration for their program that will work. The final step will be to migrate applications to a system where each option is tied to data about what that option will need to function, and automatically notifies the user about it. That way, the minimum openness necessary to run the software in the fashion the user wants is always the default, but the details of functionality are hidden as much as possible. It's an interesting interface problem, and one I would like to see solved. SELinux as a desktop default, locked down, would be a Good Thing for people who don't maintain their systems much - it wouldn't stop people from exploiting an unmaintained system completely, but it would at least make it much harder.

Convenience vs Security

[Speare]

The argument is usually phrased as "Convenience vs Security." They can be seen as being opposed. That's not quite the same as "Usability vs Vulnerability" but that's the direction your friends' arguments were pointing.

I'm not sure that it always holds true that you have a single gradient between Convenience and Security. You can have elements of both, and it's not just a fractional position between two extremes.

For example, the 'root' problem is that root or Administrator can do anything on the system, so cracker types will focus their attention on the major prize. The alternative would be to spread rights and responsibilities into fine-grained accounts like "backup" and "network" and "installer" and other capabilities. An attacker has to work harder, but the machine's owner does too.

However, that doesn't mean that you're going to have to allow web browsers and email clients to execute unknown privileged code. Many of Microsoft's engineers in the 90s had no concept of trust and privilege, and it showed. Those few who understood the implications couldn't drive the rest of the overwhelmingly "convenience-driven" corporate culture to really care about the down-sides to an all-root-all-the-time lack of security. Now that Microsoft knows the implications, their inertia has them at a strict disadvantage: they must change, and in so changing, they break their #1 asset: long-term backwards compatibility.

Re:Convenience vs Security

[AeroIllini]

Many of Microsoft's engineers in the 90s had no concept of trust and privilege, and it showed. Those few who understood the implications couldn't drive the rest of the overwhelmingly "convenience-driven" corporate culture to really care about the down-sides to an all-root-all-the-time lack of security. Now that Microsoft knows the implications, their inertia has them at a strict disadvantage: they must change, and in so changing, they break their #1 asset: long-term backwards compatibility.

Apple recently broke backwards-compatibility, and they have thrived because of it. Sure, they added some "compatibility mode", which really amounts to a fast dual-boot, but as more and more new applications support only OSX, that will slowly fade away.

Oh, and Windows XP broke backwards compatibility with DOS, and Windows 9x. They also added a "compatibility mode" to run old applications. The problem is that Microsoft's breaking of backwards compatibility was for a half-assed operating system that still needs epic overhauls to be secure. When Mac did it, they set down the foundation first. OS 10.0 was buggy, full of holes, and very inconsistent. However, since the foundation was there, only incremental improvements were needed and now it's fantastic. MS still doesn't have a foundation. How well will their XP SP2 patch hold up without any support from below?

Breaking compatibility can be done, but it has to be done RIGHT.

OSX?

[DamienMcKenna]

OSX is easy to use and purdy secure. Why can't Linux be too?

Re:OSX?

[TempusMagus]

Because you have all these anti-usability and anti-GUI dunderheads running amok.

Re:OSX?

[Ilan+Volow]

To put things a little more elegantly than the parent post, I might suggestion the grandparent poster read Joel Spolsky's biculturalism article.

We often see in the linux community the false logic of:

OS X is successful with end-users
OS X is a unix
Linux is a unix
Therefore Linux can be successful with end users

The problems that make linux "un-userfriendly" are cultural, not technological. When people keep citing OS X, via its being a unix, as validating the concept of Desktop Linux, what they keep forgetting is that the mac and linux developer cultures are entirely different. The mac developer culture has a proud 20 year tradition of making graphical software for end-users and valuing usability; the linux developers comes from a 30 year tradition of programmers making command-line software for other programmers and not caring about the non-technical user's experience whatsoever.

Such long-held, deeply-ingrained traditions of the different developer communities affect the way their software evolves, even decades after those traditions began. The answer to the question of why can't linux be like OS X is not something that a lot of linux folks like to hear--Linux can be "purdy and usable" like OS X, but the linux community has to stop idolizing their unix cultural forbears and start realizing that it was the cultural practices of those forbears that put them in the miserable situation they're in today.

Desktop Linux isn't a battle of Proprietary vs. Free. It's really a culture war of graphical vs. command-line, end-user vs. geek, macintosh vs. unix. That's where the real conflict is; people just tend to obscure the conflict by focusing on what license something is put under.

Re:OSX?

Yes, but keep in mind that OS X routed around the damage that is the X11 Disaster.

That means Apple could go just ahead and implement advanced functionality without devolving into bitter debates about ICCCM clipboard specs and optional protocol extensions and 100 other decades-old "legacy" issues which haven't been completely solved with standard Unix.

Re:OSX?

[Ilan+Volow]

Exactly.

The end-user centric culture of mac developers was more concerned with coherence and consistency than abstraction and network transparency. They were more concerned with the end-user across sitting across from their machine, and less concerned with the geek sitting across the network. Quartz vs. X11 is an excellent example of how two different developer cultures take two different paths given the same (or roughly the same) basic technology (i.e. unix).

The difference in developer communities is manifest in the choices and engineering trade-offs they make.

Define Usability

[Eberlin]

Someone once jokingly said that a broader userbase will result in less security. Thus the best way to secure software is to make sure nobody uses it.

The main issue here is that the simpler an interface is, the less the user has to understand about the entire system. IF the system can sustain itself with minimal administration, it can survive.

The problem lies in making interfaces so easy that "mouse clicking solutions experts" can be lulled into thinking they've secured everything just because they've clicked on a few icons. If they understand the system fully, usability is a good thing. If you're a clueless user, a usable pointy-clicky interface can be a very dangerous thing that'll bork your system faster than you can su to root and type "rm -rf /"

MS Admins are experts on Linux security?

[contrapuntalmindset]

"Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. " Ummm... what makes a Microsoft Admininstrator the authority on vulernability and usability?

Re:MS Admins are experts on Linux security?

[Huk]

we're not all stupid. Many of us run both, as well as other os's like IRIX and Solaris. I'm more careful than our MS admins, so I get to take over their positions and direct them. I also try to school them as we work. Sometimes it works.

Re:MS Admins are experts on Linux security?

Because they are over their head in both.

Re:MS Admins are experts on Linux security?

[flossie]

what makes a Microsoft Admininstrator the authority on vulnerability ?

Experience?

Just Called Tech Support...

and an Indian fellow named "Jack" was assigned my case.

I cannot wait to hear from "Jack" and hear how his beloved "Mets" are doing in this fine baseball season.

I await with interest to hear his small talk about traveling on the "NJ Turnpike" to work.

Tech Support. You gotta love it.

Re:Just Called Tech Support...

I'm sure you intended your post to be funny but I'll just comment that an Indian named "Jack" is possible since there are many christians in India. Also, many of them follow the major leagues and NBA with interest.

Re:Just Called Tech Support...

Sure they follow the major leagues, if they're trained/forced to do so.

Re:Just Called Tech Support...

And there are lots of Indians in New Jersey!

Re:Just Called Tech Support...

You wouldnt be able to pronounce his original name anyways. The joke seems to be on you actually.

"windows, linux it doesnt matter"

I've been seeing a lot of this attitude lately.

Were I paranoid I'd say the Microsoft boosters have finally given up trying to make the absurd claim that Microsoft's products aren't security nightmares, and they have begun to try to shift the blame on the users of Microsoft's products.

And of course, just because you're paranoid doesn't mean no one is out to get you. Heck, we need to be paranoid because Microsoft is scared shitless of Linux - because Linux represents the commoditization of software, and the commoditization of software will kill Microsoft's business. So Microsoft is desperate to slow or stop Linux in any way they can - see the money provided to SCO, see the astroturfing, see the paid shills like Enderle.

Tinfoil hat alert: why not a bunch of Microsoft "talking points" attacking Linux? (Kinda like the weekly Democratic talking points attacking Bush...)

thats always the issue with security

[Nykon]

whether you talk about Windows,Linux, OS X....

its not a security + useablilty, it's a balance between the two.

As you increase useability, security goes down by rule.

For example: In terms of network security.
A box not connected to the network is 100% secure form outside hackers, but 0% useable to outside users.

Example #2: A machine that installs with all services running and ready to go right out of the box and slapped on a network is 99% useable to remote users on the network but 1% secure.

No matter what OS you are using, it generally boils down to a balance between the two,because as you make things easier to use you inherently lose some of the control over securing the machine.

Same route as Macs

Macs seem to have this area down pretty well, with little in the way of vulnerabilities. Can Linux software follow the same route?

Sure. Just keep your market share at 3% or less and few people will bother to write viruses and worms to take advantage of your vulnerabilities.

Take 10 jumps on Windows : 0.9^10 ~= 35% chance of getting 10 Windows machines in a row that might be vulnerable (assuming they haven't patched, and there has always been a patch for any of these widespread worms).

Mac: 0.03^10 ~= 6*10^-14%. Linux: 0.01^10 ~= 1*10^-18%.

I wonder why there are more Windows exploits. Hmm.

Macs are also closed source for most of their stuff - think that would work for Linux? Going closed source?

Apple doesn't think so

[Random+BedHead+Ed]

GNU/Linux development can really benefit from observing what Apple did with OS X. It's easy to use for pretty much anyone, but it's similar to a Linux-based system under the hood. It's easy, yet has very few vulnerabilities.

One nice trick Apple discovered is to have the users be non-root, yet still administrative. (Did you hear that, Lindows?) They did this by creating tools that run as root, but which require authentication to run. For example, a mortal user who is an administator can't trash the whole filesystem by dragging and dropping important items, because they are not root. But they can run Software Update, an application for downloading patches, by supplying a username and password.

On Linux you can add users to the group "wheel" and make them sudoers with much the same effect.

Apple also made many important directories like /etc invisible from within the GUI, which I think is a great idea as long as power users can turn it off.

Seems easy and secure to me...

Re:Apple doesn't think so

[DenOfEarth]

y'know, I've always wondered...where does the "wheel" group name comes from...once again, why not just call it privileged, or something like that...

Re:Apple doesn't think so

cp /dev/null /.hidden

muhahahahaha:-)

Re:Apple doesn't think so

[Random+BedHead+Ed]

I've always wondered that as well. Here's a message in a thread that might explain it:

http://lists.freebsd.org/pipermail/freebsd-chat/20 03-December/001746.html

TGFG (Thank God for Google).

One later poster seems informed: As for the origin of the group name: Yes, it came from the DECSystem-10/20 culture, where "wheel" was shorthand for "administrator."

Re:Apple doesn't think so

[AeroIllini]

One nice trick Apple discovered is to have the users be non-root, yet still administrative. (Did you hear that, Lindows?) They did this by creating tools that run as root, but which require authentication to run.

Ahh, that's a fantastic idea. Foolproof.

Downloading email attachment to /home/joeblow/attachments .....done.
[~/attachments]$ ls -l
-rwxr--r-- 1 joeblow joeblow 124 Apr 11 16:30 virus_scan.sh
[~/attachments]$ ./virus_scan.sh
This utility requires a root password to run.
Password: ***********

Linux is teh gay! 0wnx0r3d!
su: running as root
rmdir: removing directory, /bin
rmdir: removing directory, /boot
rmdir: removing directory, /dev
rmdir: removing directory, /etc
rmdir: removing directory, /home
rmdir: removing directory, /lib
rmdir: removing directory, /mnt
rmdir: removing directory, /opt
rmdir: removing directory, /proc
rmdir: removing directory, /root
rmdir: removing directory, /sbin
rmdir: removing directory, /tmp
rmdir: removing directory, /usr
rmdir: removing directory, /var
[~/attachments]$ ls -l
ls: command not found.
/home/joeblow/attachments: No such file or directory

Education is the key, not restrictive code. Most users are used to getting instructions from their computers, a la Clippy, F1, FAQs, tooltips, etc. Why is it then unreasonable for them to not know the difference between legitimate instructions from their computers and malicious ones? After all, context is everything in determining who's instructions to follow, and context doesn't exist without an experience base. It's not that people refuse to learn about computers; it's just that they are overwhelmed by them and give up easily. The people educating them slip into techspeak and they glaze over. The reason security is such an issue is that computers (and internet-related products in particular) were taking giant leaps forward when the public was still taking tiny steps.

*Thanks, stratjakt, for the script writer's editorial comment on Linux.

Re:Apple doesn't think so

[iiioxx]

One nice trick Apple discovered is to have the users be non-root, yet still administrative.

Ahh, that's a fantastic idea. Foolproof.

Downloading email attachment to /home/joeblow/attachments .....done.
[~/attachments]$ ls -l
-rwxr--r-- 1 joeblow joeblow 124 Apr 11 16:30 virus_scan.sh
[~/attachments]$ ./virus_scan.sh
This utility requires a root password to run. Password: ***********
<snip deleting files>

Except that it doesn't work like that. You see, under OS X, the root user is disabled by default. "Administrators" in OS X parlance, are users authorized to do sudo-permitted functions as root. In order for an admin to gain true root-level permissions, they need to enable the root user in NetInfo, and then su to root. If they enable the root user, they are circumventing the protective measures Apple put in place. But Apple *did* put them there, and they *do* work if left alone.

By the way, it's obvious that you are a Linux user, and have never seen the guts of OS X. The following directory structures don't even exist under OS X:

/boot
/home
/lib
/mnt
/opt
/proc
/root

You're just like the Windows Admin talking about Linux security. Ironic, eh?

Re:Apple doesn't think so

[AeroIllini]

By the way, it's obvious that you are a Linux user, and have never seen the guts of OS X. The following directory structures don't even exist under OS X: /boot /home /lib /mnt /opt /proc /root

You're just like the Windows Admin talking about Linux security. Ironic, eh?

No, it's not ironic at all; this topic is about security in Linux as used by general users, and I was merely applying what Macintosh believes to be a decent security measure to Linux.

My point was that the root user in (most flavors of) Linux is NOT disabled; with a single password, it is extremely easy to do some very dangerous things. But again, even if the root user *was* disabled, and only Administrators could do root-level things, the script would ask for that password. It could still do a lot of damage, installing software, setting up relays, etc. Asking for a password every time a root-level function needs to be executed, as OSX does, is not that great for security when the user is uninformed.

You can only secure the operating system so much. Any more and it's far too difficult for an Admin to get in there and do what s/he needs to do. The rest needs to come from the user making informed decisions about which programs to run (and the OS having dangerous services turned off by default, but that's a topic for another post).

And you're right; that directory structure is from my own install of Gentoo. But the example was not intended to address a specific problem. It was only intended to illustrate that people do what their computers tell them to, even if the instructions were written by some script kiddie and emailed through a relay with a spoofed From: address. Because they're not informed enough to make good decisions. Computers are, quite frankly, a mystery to them. If their computer asks them for a password, they will type it. They're not going to stop and ask themselves if they should, especially when their computer asks them that all the time.

Re:Apple doesn't think so

[iiioxx]

But again, even if the root user *was* disabled, and only Administrators could do root-level things, the script would ask for that password. It could still do a lot of damage, installing software, setting up relays, etc. Asking for a password every time a root-level function needs to be executed, as OSX does, is not that great for security when the user is uninformed.

I think you're still overlooking an important point: in MacOS X, administrator-level and root-level are NOT the same thing. Administrator-level functions are a subset of root-level functions. There are things an administrator is NOT permitted to do (and deleting System files is one). If the root user is disabled (as it is by default), those files simply can't be deleted, no matter how clever the script kiddie is.

I think that was the point of this thread, wasn't it? MacOS X was held up as an example of the way an operating system can be both usable and secure at the same time. In MacOS X, you can do any admin-level tasks as a non-root administrator, EXCEPT destroy the system.

And you're right; that directory structure is from my own install of Gentoo. But the example was not intended to address a specific problem.

No, but it illustrates that while you are clearly not familiar with the technical workings of MacOS X's security features, you are quick to dismiss them as useless. My point was that you should take some time to understand MacOS X security before you just shoot it down. I was a Linux user and admin from 1995 to 2002, and I've been a FreeBSD user and admin since 2000. I've installed and managed AIX, SCO, and Solaris systems, as well. I'm very familiar with Unix/Linux security, and I find Apple's solution to be an excellent mechanism for padding in the average user, while allowing the pro/admin to get into the guts of the system. In my opinion, "user-oriented" Linux distros should take note of Apple's methodology in that area, because they could learn a thing or two.

Re:Apple doesn't think so

If the root user is disabled (as it is by default), those files simply can't be deleted, no matter how clever the script kiddie is.

Root is disable on my Mac OS X, but the following works just fine:

foo:~ cps$ sudo -s
Password: ********
foo:~ root#

So, while Mac OS X is, in my opinion, more secure than some other OSes, your assertion that a script kiddie would be restricted because root is disabled is false.

Re:Apple doesn't think so

[AeroIllini]

There are things an administrator is NOT permitted to do (and deleting System files is one). If the root user is disabled (as it is by default), those files simply can't be deleted, no matter how clever the script kiddie is.

You're right. But that's why I said my deleting system files example was JUST AN EXAMPLE (and meant to be humorous, as well). There is quite a bit a script kiddie could do to an OSX machine without deleting system files. Setting up a spam relay and installing spyware come to mind, and you certainly can write to the program directories with Administrator permissions. How else would you install software? But again, my post was talking about Linux. Not Mac.

I think that was the point of this thread, wasn't it? MacOS X was held up as an example of the way an operating system can be both usable and secure at the same time. In MacOS X, you can do any admin-level tasks as a non-root administrator, EXCEPT destroy the system.

Yes, that is the point of the thread. MacOSX is currently the best balance between admin power and end user security. But don't underestimate the power of uninformed users, which was my point. If the user has an admin password, *someone* will find a way to dupe them into typing it, and then that someone will be able to do nasty things to the computer. Perhaps not deleting system files, but something nasty nonetheless. A system is not foolproof unless you remove the fool from the system.

No, but it illustrates that while you are clearly not familiar with the technical workings of MacOS X's security features, you are quick to dismiss them as useless.

I'm not dismissing them as useless. I'm taking them down off the Pedestal of Infallibility Mac zealots have put them on. Yes, these features are nice, but an end user can still be fooled by outside software.

I was not talking about OSX in my post, a fact you seem to have missed. I was talking about asking for a superuser password (be it root, Administrator, whoever--someone with privilege) whenever an administrative task needs to be completed. The user will get so used to typing in that password, that the next time malicious software comes along and asks for it, and the little window it pops up looks just like the one the operating system uses, that password is going to get typed in faster than you can say "spam relay." Perhaps the software was run because the email it came in made it look like a jpg file; whatever. Unless users have a basic grasp of how to tell when something is suspect, these issues will arise. No operating system can plug the security hole between the chair and the keyboard. Only training can do that.

Re:Apple doesn't think so

What you can do though, is walk into an Apple store, and rm -rf / a mac or two, and actually have it work. Walk into a real computer store, and try to delete all the files on the XP machines. It'll fail. Don't believe me? try it.

Apple. "Security". Sucks.

Re:Apple doesn't think so

[iiioxx]

I'm not dismissing them as useless. I'm taking them down off the Pedestal of Infallibility Mac zealots have put them on.

I just went back over this whole thread, and I fail to see where either the OP or myself claimed that Apple's security was "infallible". And I haven't seen any display of "zealotry" in this thread either, unless zealotry means saying, "hey, here's a good idea..."

All that was said about MacOS X, was that it presented an extra security buffer between the user and root-level access while still providing access for administrative functions, and that the Linux security model could learn from that approach. Now, this extra layer doesn't provide a foolproof countermeasure to malware, but I dare say a system that uses this approach has at least a little more security than a system that doesn't.

Unless users have a basic grasp of how to tell when something is suspect, these issues will arise. No operating system can plug the security hole between the chair and the keyboard. Only training can do that.

So you're saying that the problem of security is not a systemic one, but a problem of user-level training. And that no matter what security features you put into a system, dumb users will still break the system.

That sounds like a cop-out to me. "There's no point in trying to build in additional security, because dumb users will always screw things up. No operating system can fix that problem. We just need users to become more educated. Our system isn't broken, it's fine the way it is."

I'm suddenly reminded of why I walked away from Linux and the Linux community.

I've got news for you. YOU'LL NEVER FIX THE PROBLEM OF DUMB USERS. You can't train every computer user to be a sysadmin, because the vast majority have no interest in learning. So that leaves you with only two options:

1) Start requiring a license to own a computer, or
2) Harden the system as much as possible.

If you're waiting for the day when computer users are all educated and informed, and security abounds because nobody is stupid enough to be fooled by script kiddies, get yourself a coat and a chair. Hell will freeze over first, and you may get tired from standing.

Re:Apple doesn't think so

[AeroIllini]

I just went back over this whole thread, and I fail to see where either the OP or myself claimed that Apple's security was "infallible". And I haven't seen any display of "zealotry" in this thread either, unless zealotry means saying, "hey, here's a good idea..."

I was talking about Mac zealots in general. Read some of the other posts in this discussion.

So you're saying that the problem of security is not a systemic one, but a problem of user-level training. And that no matter what security features you put into a system, dumb users will still break the system.

That sounds like a cop-out to me. "There's no point in trying to build in additional security, because dumb users will always screw things up. No operating system can fix that problem. We just need users to become more educated. Our system isn't broken, it's fine the way it is."

Putting words into my mouth. What I really meant by my transcribed console session was that Linux DOES need to change, that it is NOT "fine the way it is." Having a single password allow access to all the deep recesses of the machine works for sysadmins and those with a large knowledge/experience base, but not for general users. If Linux is ever going to succeed on the desktop, these glaring security issues will need to be addressed. Additionally, applying a patch, like requiring a root password to be typed for administrative tasks and disabling the root user, will not fix it.

I've got news for you. YOU'LL NEVER FIX THE PROBLEM OF DUMB USERS. You can't train every computer user to be a sysadmin, because the vast majority have no interest in learning.

That's true, but since computers have been around for such a short amount of time, there is no intuition regarding them either. Other devices have intuition associated with them: to use a lawnmower, you fill it with gas, pull this cord, and push it around. Everyone knows this because lawnmowers have been around for such a long time. People have no clue how to operate their computers, and they refuse to learn because computer companies keep advertising that computers are really easy to use, and actively seeking out training about their computers admits that they are an idiot. Well, I have news for the Slashdot community: computers are not easy, no matter how many pretty icons or autoinstall wizards exist on the desktop. Even the most trivial tasks, like copying a file instead of moving it, are not intuitive. (Ask anyone who works in tech support how intuitive computers are.) Both Apple and Microsoft are guilty of this mentality, and AOL is responsible for a certain amount of it when people get on the internet, which is far from simple and easy to use, and also more dangerous than a stand-alone computer.

If you're waiting for the day when computer users are all educated and informed, and security abounds because nobody is stupid enough to be fooled by script kiddies, get yourself a coat and a chair. Hell will freeze over first, and you may get tired from standing.

I'm not waiting for that day. But I am waiting for the day when people are just knowledgeable enough to not click on every damn thing they see on their computer. This will require a certain amount of intuition and familiarity-- but computers change drastically every five years. How is anyone supposed to find their way around this maze when the builders keep shifting walls to make room for more features? Yes, systems should be hardened. Yes, security in software is an issue. But what we really need to focus on now is standards compliance, compatibility, and above all, *consistency of design*. When using computers from different companies is as similar as driving cars from different companies, then users will start to gain familiarity and intuition about their machines (sure, the dashboard has the speedometer in a different location, and all the sound system buttons are different, but the gas and the brake are in the right place). Then these types of "USER=ID-10-T" problems will become far less frequent. People are not stupid. They're just lost.

sysadminning

There are Unix/Linux and Windows sysadmins in the organisation I work for.

There are around 5000 servers and 58,000 desktops to support across the globe.

Security is always at the expense of convenience.

Windows suffers from being immature compared to *nix, that's for sure.

Linux is already as easy to use as Windows, certainly for any sysadmin.

Why is it a MCSE doesn't understand how Ethernet and Token Ring can exist on the same network? That says everything if you ask me.

False correlation

The usability / security or usability / reliability paradox isn't inherent in the system. You're really looking at the product of years of tradeoffs. Windows has been an exercise in ease, backward compatilbility and ubiquity, at the expense of careful design; OSS products tend to be designed and written by folks who live in a world a CLI is usable enough and the product should be bulletproof.

Also, don't forget the "many eyes make bugs shallow" phenomenon. It holds true for both scenarios. It's just that it happens to be a weakness for Windows where it's a strength for OSS.

Re:Mac Security

[__aajqwr7439]

Such a tired argument. It's more that marketshare that makes Windows such a target. This has been so well discussed that it hardly bears repeating, but: insanely liberal permissions on default install, heavy browser/os integration, and so on. I don't think Windows would have spread MyDoom and SoBig so rapidly if a security dialog had popped up asking the user to supply these worms with admin passwords as would have had to happen under OS X no matter what marketshare it had.

IHBT. IHL.

xox,
Dead Nancy

Guess what

[stratjakt]

All the "secure code" in the world wont shield the system from a clueless user.

As secure as you think OSX is, anyone who wanted to write an application to fuck stuff up, call it "Super Happy Funtime Sexy Game", and email it to morons, could do so just as easily as they could with a VBScript file.
I could write:

#!\bin\sh
rm -rf /
cat /dev/rand > /dev/dsp
echo Linux is teh gay!

Email it to some stupid people, tell them they have to run it as root or else they wont see the video of Condoleeza Rice's tits.

Stupid people will run what came with the box they bought at Best Buy. When those boxes start shipping with linux, they'll be on linux. The REALLY stupid people shop at K-Mart, who I understand are in the business of ubercheap linux boxes these days.

Be afraid, be very afraid, of the rootkits that get put on this new army of lindows boxes.

Re:Guess what

[ps_inkling]

#!\bin\sh
rm -rf /
cat /dev/rand > /dev/dsp
echo Linux is teh gay!

Shouldn't the rm and cat lines have an & after them (run in background), and perform a loop on the echo line?
Thank goodness for Open Source! Many eyes, fewer bugs.

Re:Guess what

[maximilln]

The OP didn't know it, but they hit it close on the head.

When users begin to install their systems do they:

a) Make XMMS suid
b) chmod 0666 /dev/dsp
c) chown root.audio /dev/dsp && chmod 0660 /dev/dsp
d) add users to group: audio as needed

I see a prevalence of b) with some unknowledge water-cooler types hooking their colleagues on a). I also forsee Shockwave exploits which manage to use /dev/dsp as a world useable i/o device.

If we make Linux useable the majority of the migrating users won't bother to learn why b) is a bad choice.

Re:Guess what

[b1t+r0t]

Email it to some stupid people, tell them they have to run it as root or else they wont see the video of Condoleeza Rice's tits.

If you're talking about mailing it to OS X users and saying that, the general reaction would either be "duhhh, how do I do this run as root thingy? is there a menu for that? and do I need to water it afterward?" or (among the Unixy type of users) "yeah, riiiiight."

It's not like under Windows where you can get away with "just click on the OK button, OK?" type tricks. It's one thing to have stupid users. It's another thing to make it easy for them to do stupid things.

Re:Guess what

[nojomofo]

Why is this modded as insightful? Anybody who knows how to run something as root (and how to do it) would know how to look at the script and decide what it's doing. It's not like OS X has a "Run as Root" button on the toolbar or anything.

Yes, people can do stupid things. But if you sent that to your average OS X non-power-user, they would do absolutely no damage whatsoever, no matter how much they tried.

Re:Guess what

[stratjakt]

Except I was talking about linux.

And if I wanted to do the same with OSX, I'd replace "Log in as the user root" with whatever hoop you'd have to jump through in OSX to accomplish the same thing.

Hell, I told a guy on IRC to try wrapping his mouse with tinfoil and unplugging it, as it may have been recieving interference from the TV. An hour later he came back saying "it didn't work". He actually drove to rite-aid to buy tinfoil.

You've seen those websites with "You must download and install porn_dialer.exe to continue" popups, complete with step-by-step directions on how to do just that. And people do it.

As stupid people move away from windows, so too will the security concerns.

Re:Guess what

[stratjakt]

Are you saying there's no way at all to gain superuser priveledges on a Macintosh?

MS wants to do that, they call it Palladium, and slashbots throw a tantrum about it. But for OSX, every-fucking-bit as closed source as Windows XP (oh yay a useless darwin kernel, the userland stuff is closed), it's a "good thing" that those sweet folks at Apple decided to keep control over your systems to protect you.

Re:Guess what

[rsmah]

Email it to some stupid people, tell them they have to run it as root or else they wont see the video of Condoleeza Rice's tits.

Actually, 90% of Mac users wouldn't be able to do that since the root account isn't even accessible by default and Apple purposefully makes it hard to login as root. My family members who use MacOSX don't even know what "root" is.

Cheers

Re:Guess what

[Loadmaster]

I agree. One should never underestimate the power of human stupidity when it comes to computers.

Re:Guess what

[Jeremy+Erwin]

(oh yay a useless darwin kernel, the userland stuff is closed)

there's a whole bsd userland that's free.

Re:Guess what

[WinterSolstice]

It's called "sudo" (sound familiar?)

And you *can* enable the root user. It is actually fairly simple. Pretty stupid too.

The idea is that you have to be well read enough to go find out how (it is easily found online, and in the help for OSX).

-WS

Re:Guess what

[stretch0611]

All the "secure code" in the world wont shield the system from a clueless user.

Creating a more user-friendly OS will not degrade security from worms and viruses. Being user friendly will not cause extra buffer overflows or executing code that comes in from a TCPIP port.

On the other hand, creating a more user-friendly OS will degrade security when clueless in-duh-viduals try to run malicious code. Technical people are not going to code 15 pop-ups into the OS verifying a user's intention to run a program because they will not want to go through that themselves. (Even if you did, a real idiot will click ok on all 15) In order to avoid this a user on the easiest system needs to be educated on what to do and what not to do in order to avoid security problems.

Re:Guess what

[Bullet-Dodger]

Actually, 90% of Mac users wouldn't be able to do that since the root account isn't even accessible by default and Apple purposefully makes it hard to login as root. My family members who use MacOSX don't even know what "root" is.

Well, root isn't enabled by default, but if you're using an administrator account the system can just pop up a dialog box asking you for your (not the root) password and execute using sudo. And more apps than really should ask for this on install.

Re:Guess what

> duhhh, how do I do this run as root thingy?

OS X will happy pop up a login box to let the user type their admin (sudo) password. And most people do just what the computer tells them to.

Re:Guess what

It's not stupid to enable the root user. It's stupid to log in as root on the Aqua console. Enabling root to use a traditional su, or log in at the text prompt from a local keyboard, is fine.

Re:Guess what

[drsmithy]

Actually, 90% of Mac users wouldn't be able to do that since the root account isn't even accessible by default [...]

Nor does it need to be. "sudo $PROGRAM" runs that program as root. Heck, every time an installer or some program pops up that little "Enter your admin password" box, it's going to do something as root.

[...] and Apple purposefully makes it hard to login as root. My family members who use MacOSX don't even know what "root" is.

Nor do they need to, to run things with root privileges.

Re:Guess what

[JoeBaldwin]

Email it to some stupid people, tell them they have to run it as root or else they wont see the video of Condoleeza Rice's tits.

And Condoleeza Rice's tits would make them run it why...?

It would be like someone saying "you have to run as root to see goatse".

Re:Guess what

[idsofmarch]

Except that is the beauty of OSX. You set up the moron users with limited accounts and you can be very specific about what they are allowed to and what they are not. I do this with all of my machines and it works quite well. If you need Administrative access, you either doing something you need me for, or you're doing something you shouldn't.

To their level

[The_Mystic_For_Real]

I don't think that linux afficionados would like to see what a distro that would be at the level of the infamous "Joe User" would look like. To do this, you would have to copy the Windows method of trying to prevent you from using anything besides Word and IE on your computer. This is not the best path for Linux. Linux should remain the better OS for the computer literate. There are certainly things that it could do to improve "usability" by the non-elite, but it should not dumb itself down. Furthermore, I don't agree that Windows is user-friendly. It seems like I have to do battle with it every time I want to do anything. It also hides a lot of things from you by default such as file extensions. Hiding file extensions certainly compromises security, especially for "Joe User".

The UI doesn't kill security...

[jcjewell]

...people kill security.

Re:The UI doesn't kill security...

[Pika]

I have found that the UI impacts stability much more than security.

Maybe... Need more sandboxes/restricted userids...

[FyRE666]

As you've noted, Mac OSX has managed it (although in all honesty it probably isn't the focus of as many attacks as Windows). I think that the main problem is that if users are running their browsers, email clients etc under their own uid, and they contract a virus then it's going to cause damage to all their files. I don't know about anyone else here, but I value the files in my /home more than the rest of the OS, which can easily be reinstalled (yes, I do back up, BTW).

I think that maybe all vulnerable processes, like web browsers, irc clients etc should run under a separate uid from the user (maybe each user should have 2 uid's - one normal, and one restricted so that it can only access a subdirectory of the users home). So rather than Mozilla launching as user fredbloggs:fredbloggs, it launches as "fredbloggs_restricted:fredbloggs_restricted" by default. The user could then chown some directory to be writable to fredbloggs_restricted" for downloads, cache etc.

Maybe this is already implemented? The real problem though is that a user could still build and run something they downloaded, potentially wiping all their files, unless a mechanism automatically made anything they installed themselves, run as the restricted user and not their own uid:gid.

Does any of that make sense? ;-)

It's not usability

[Pranjal]

...it's popularity. The more popular an OS gets, more script kiddies will target that OS as that is where they can do maximum damage.
The trick to usability is to have a power interface which allows you to change everything and anything in the system and have a newbie interface which allows you to customize to your hearts content but not change the underlying core components. Because what most "joe users" want is modifying the look and feel of their desktop and not going into changing network settings or CPU settings. If they want that and can do that I think they are already ready for the power interface.

Command lines aren't *learner* friendly

[kollivier]

GUIs let you explore until you find what you want by pointing and clicking on things. With command lines, you need to know the commands, and the options, before starting. That means that you need some sort of training before you start using the command line. So in your analogy, you'd have to "learn" the language of the OS before you can start 'writing' anything at all. Learning English actually took you a very, very long time, even if you don't remember it.

Once you have that training, the command line is a very useful tool. But if you can't get the training, and aren't self-sufficient or technically apt enough to go to the bookstore and buy a book on how to use the command line, you're screwed.

That's why people like having icons for things. The message icon is your mail program. Don't have to remember what it's name is, or where it's at. Just click.

Re:Command lines aren't *learner* friendly

[2nesser]

GUIs let you explore until you find what you want by pointing and clicking on things. With command lines, you need to know the commands, and the options, before starting.

./program_name --help
man program_name

There, you are now equipped with knowledge for every program. I don't know any icons can do better than that.

And yes, I know HCI is more than icons. As I'm sure the parent poster also knows.

Ness

Re:Command lines aren't *learner* friendly

[David+Hume]

GUIs let you explore until you find what you want by pointing and clicking on things. With command lines, you need to know the commands, and the options, before starting.

Very good point. I remember when I first used a Macintosh twenty-something years ago, I did just that. Without opening a manual, I clicked on things and typed until I completed my first computer generated resume. It turned out rather nice... even if it listed a number of fast food jobs. :) If Macs weren't so expensive, and I wasn't so poor, I doubt that I ever would have moved to the DOS world.

Re:Command lines aren't *learner* friendly

[thelenm]

Of course command lines are friendly! Whenever I need to find a program that does something new, I just hit the tab key. The shell helpfully asks, "Display all 2414 possibilities? (y or n)". I hit "y", and then it's just a matter of looking at about 25 pages of program names until I find the one I want. It even shows "--More--" at the bottom of each page and lets me go to the next page when I want to, instead of whizzing all 2414 programs by at ludicrous speed. How much more user friendly can you get?

Re:Command lines aren't *learner* friendly

[Dog135]

And what is "program_name"?

Say I want to create an email from the command prompt. Do I type "man email"?

What if I have a MS Word document I want to open, do I type "man MS Word"?

What if I want to update the software on my HD, do I type "man update"?

Re:Command lines aren't *learner* friendly

[gmby]

Your point is good. I have found myself browsing the /bin /sbin /usr/bin /usr/sbin
and all those others looking to see what was there.
It's kindof fun when I have time; but when I need a command now, and don't know the name of or even if it exist, it's frustrating looking for it. I don't mind using the man pages to find how they work; but that asumes you know the name first!
Googleing for it is just as much a waste of time sometimes. What is needed for all those CLI newbs is a GUI help system for CLI. Mostly to help find the right command; but also to maybe give some common use for it. For all I know someone has already done this. I hav'nt found it yet. It's not on my desktop?
It's not in my menu?

Mostly it's not IN MY FACE!

And that folks is what makes a easy OS.

Re:Command lines aren't *learner* friendly

[jedidiah]

Certainly.

apropos email
man -k email

Now if it's not in some searchable part of the
man/help system then it's not likely to be available
through some GUI or start menu either.

Re:Command lines aren't *learner* friendly

[ChrisMaple]

man man

apropos email

apropos update

This depends upon a good apropos database, of course, a dubious assumption.

If you want to open an MS Word document and you're running under Linux and don't know enough to open the appropriate editor, you're not trying hard enough.

A command line interface, properly designed, can be as good or better than a graphical (iconic) interface in many, perhaps most, situations. Most designers are no longer trying to provide that text interface and most customers are too impressed by the glitz.

Re:Command lines aren't *learner* friendly

[MagnaMark]

workbox:~magna > mod -h
MOD - Moderate Version 0.9a (2004, Mar 24)

usage: mod [arguments] [-|+]n comment [reason]

moderate the comment (up/down) n points for reason

arguments:

-h print this message
-v print MOD version number
-f force mod, even if no mod points

workbox:~magna > mod +1 8840959 insightfull
mod: unknown reason "insightfull"

workbox:~magna > mod +1 8840959 interesting
mod: you have no moderator points

workbox:~magna > mod -f +1 8840959 interesting
mod: you must be superuser to force a mod

workbox:~magna > su
Password: *************

workbox:~magna > mod -f +1 8840959 interesting
moderation complete

workbox:~magna > nethack &

Re:Command lines aren't *learner* friendly

[kollivier]

There, you are now equipped with knowledge for every program

...whose name you already know. And, sometimes -h works but --help doesn't, and vice versa. And, the user must know the difference between options (querying or configuring the program) and arguments (passing in data) in order to understand how to do things like get help or find the version.

Also, the user also has to remember names like 'man', which are quite frankly poorly named. (When you want help, think of 'man'...?) You may think all of this is 'simple' because you've learned it and use it on a regular basis, but that doesn't mean its easy to learn. You've simply forgotten or never realized what it took to learn and internalize it.

I'm not arguing which one is superior (they're both well-suited for different tasks, IMHO) but I'm arguing which one you can get started quicker with. It's hard to beat Help->Help Contents for easy to learn (i.e. no instruction needed) access to help.

Re:Command lines aren't *learner* friendly

[fmileto]

man -k word_you_are_looking_for
this will search all man pages for that word. not the best way to find something you don't know the name of, but it could speed things up.

Re:Command lines aren't *learner* friendly

[drsmithy]

There, you are now equipped with knowledge for every program. I don't know any icons can do better than that.

How does one find out what "program_name" is ?

Re:Command lines aren't *learner* friendly

[urbanRealist]

Actually, suppose we follow the example above and need to copy a file. Try

man -k copy

and you get too many possibilities. Try

man -k copy | grep file

and you get a much more useful list.

The only problem as I see it is that the basic ideas are a little more complicated than if using a GUI for finding help and searching for what you want.

Re:Command lines aren't *learner* friendly

[pseudochaotic]

man -k [thing you're looking for]

It's not that hard. I mean, the point could be made that there's not really an easy way to find this out, but once you get that far it's a piece of cake.

Re:Command lines aren't *learner* friendly

[drsmithy]

This depends upon a good apropos database, of course, a dubious assumption.

It also depends on pre-existing knowledge of the 'man' and 'apropos' commands, not to mention man pages that provide information useful to beginners. Both are vastly more dubious assumptions than whether or not the apropos DB has been created, which happens automatically in pretty much every Linux or BSD distribution I've ever installed..

If you want to open an MS Word document and you're running under Linux and don't know enough to open the appropriate editor, you're not trying hard enough.

It's this sort of attitude that turns people off.

A command line interface, properly designed, can be as good or better than a graphical (iconic) interface in many, perhaps most, situations.

Evidence ?

Most designers are no longer trying to provide that text interface and most customers are too impressed by the glitz.

"No longer" ? When did they ever ?

Also, don't confuse a CLI with a text-based/ASCII GUI/menu system. For example, FreeBSD's installer may be curses/text-based, but it's still a GUI.

Re:Command lines aren't *learner* friendly

[Piquan]

With command lines, you need to know the commands, and the options, before starting.

I have a computer here that's CLI-based, and I learned to use it without knowing the commands.

I pushed the "Help" button (it's not an IBM keyboard; it actually has a "Help" button). It gave me some ways to get started. I can always press Help to get context-specific help, or I can press Complete to see possible completions of my command. If I type "Help (with) Commands" then it'll give me a categorized list of commands available.

Yes, the Unix CLIs we have today suck. That doesn't mean that CLI == suck.

Re:Command lines aren't *learner* friendly

[ispeters]

I happen to like the CLI, but just because you know that

program_name --help

or

man program_name

will give you help doesn't mean that someone who's never used a command line will know that. Also, how do you know which program_name to pick? As another poster pointed out, if you hit <TAB> at a bash prompt, you'll get an offer to list all 2545 options (2447 for me). Which of those 2000+ program_names are you going to plug in to the "man program_name" template in order to learn how to do the job you're trying to do? The grandparent poster is right--CLIs may be "friendly", depending on your definition of friendly, but they sure as hell aren't discoverable, which is probably more important.

Ian

Re:Command lines aren't *learner* friendly

[arose]

When you visit country, you can use the pointing method, but you also should learn a few common phrases. If you intend to live somewhere you should learn the language ASAP. Of course even when you know a language body language remains a useful communication method.

Re:Command lines aren't *learner* friendly

Whether or not the command-line is friendly, it does make the beginning user think about what they are doing. Tell me that this is not what was done with Apple I,II+, TSR-80, etc.... The command-line did not deter those that wanted to learn. I see this very similar to schools these days .... let the user/student be lazy and where does this get you? A lot of students in schools still don't know how to read!!!

Re:Command lines aren't *learner* friendly

[Trepalium]

I'm not sure if Windows is any better in this regard. I don't know how many times I've 'lost' PowerDVD because the start menu menu it gets filed under is 'CyberLink PowerDVD', or how many games get lost on that maze because I can't remember the publisher/developer of that particular game. I can go through each and every one, but is that any better than looking at all 2545 options that would at least be in alphabetical order (the Windows start menu rarely is these days).

Re:Command lines aren't *learner* friendly

Yes I always find that looking thru 2145 possiblities in icon forms is easier then on a command line.

Also, please show me in a gui a easy way to find a file that contains the string: "cool" in a directory with 300 files. Then put the output in a text file I can save for future reference. I can do that on the command line:

grep cool * > file.search

Also show the a easy way to unzip a unlimited number of small zip files in a directory from a gui. In a command line I can do it:

for i in 'ls -R *zip`; do unzip $i;done

A gui is easy, but very limited in it's ability to do things.

What is represented as images is the images I store in my head. Commands are powerfull and easy to make.

People find guis easy because they are limited in scope. A gui tool that equals the usefullness and power of a simple bash shell would be so big and complex that it would be almost impossible to use.

A gui is easy to use for things that guis are good at.

Anything else the command line is easier.

Re:Command lines aren't *learner* friendly

[gmby]

THanks that i did'nt know.
Guess I need to read the man "man" page more.

Re:Command lines aren't *learner* friendly

[aardvarkjoe]

...It even shows "--More--" at the bottom of each page and lets me go to the next page when I want to, instead of whizzing all 2414 programs by at ludicrous speed.

Really? How come my system is missing this feature? Perhaps it's because I'm using Debian, and they want to make sure that the "--More--" prompt doesn't have any serious security flaws.

Re:Command lines aren't *learner* friendly

[mdvolm]

Once you have that training, the command line is a very useful tool. But if you can't get the training, and aren't self-sufficient or technically apt enough to go to the bookstore and buy a book on how to use the command line, you're screwed.

I would maintain that in the context of an administrator the command line would actually be more user friendly. If you don't have any technical training or aren't technically apt you probably shouldn't be a system administrator in the first place!

Another advantage of the command line interface is easy script-ability. Anything you can do from the command line can be put in a script to automate that process, something that is vital to any administrator.

"Now go away, before I replace you with a very small shell script." --Logic

Re:Command lines aren't *learner* friendly

[ispeters]

True. I'm not trying to say that anything in particular is better than the CLI. I've just seen several comments, here on /. and elsewhere, that try to defend the CLI as the ultimate interface and I don't understand the argument. Now, I like the CLI, and I actively try to learn new tricks to make it more useful for me, but I never fool myself into thinking that it's a newbie-friendly interface. The CLI is only easy to use, or even useful at all, once you have a certain familiarity with it, and that required familiarity only comes through active attempts to find it--at least in my experience.

Ian

Re:Command lines aren't *learner* friendly

[Ben+Urban]

Did anyone else notice that nethack is being run as root (ignoring the prompt)?

Re:Command lines aren't *learner* friendly

Being a woman I find man -k highly discrimitive. Can't they think of a different command? I mean we never type woman -k...

All this male dominance in the unix world. :)

user friendly means stable code

[happyfrogcow]

I'm in the process of rewritting some small freely available application because the original caused my computer to segfault under two circumstances which I consider normal use. In rewritting it, i've eliminated those errors and maintained the same performance. As well, I decided to start using a memory profiler, Valgrind. The end result is a more user friendly tool because it doesn't crash in normal operation giving bad error messages that only a programmer would understand. It is also more secure... no more buffer overflows.

My point is, moving towards usability shouldn't mean that we should loosen our belts, allowing the user to run amock in the system, we should tighten them.

Re:user friendly means stable code

[butane_bob2003]

HMM, usability == not crashing? well, its a start.

Re:user friendly means stable code

[happyfrogcow]

you say that in jest, but how many times i've logged on to the Windows 2k computers at work and first thing it does is crash takes more than 2 hands to count. these computers are up to date, patched, and cleansed of virus and spyware. still they crash.

crashing on strange boundary conditions is something a lot of programs will do. in the case i was talking about, i considered them quite normal, the original author apparently did not.

if you've ever had to listen to siblings cry over the phone because their word processing software crashed for no reason, then not crashing is a great step towards usability. why do you think all the WP software now has autosaves enabled? because they couldn't stop the bulky systems from crashing under all situations. instead of writting robust code, they hacked a safegaurd in so the user atleast doesn't lose their data.

robust code is a start, and should be the foundation that usable systems are built on. Doing otherwise is like building a two storey house with the first storey made of rotten wood.

Re:user friendly means stable code

[dizee]

holy crap, your whole computer segfaulted? was your cpu forcefully ejected out the front of the case and 'dumped' on the floor?

Re:user friendly means stable code

[butane_bob2003]

True, True, I completely agree. Stability and performance are extremely important measures of usability that can be compromised by the 'feature rush' of development. It's very important in all stages of development to make sure rigidity is not built in, that problems can be fixed quickly without changing or breaking existing code. Windows seems to crash even without strange boundry conditions in place, and there is nothing you can do about it. I think if people continue to use and improve more modern programming languages and move away from archaic development practices, some of these problems will be easier to deal with. I have written complex Java applications which never once crash or lose data, but just the same some of them do occasionally throw unexpected errors. It takes more than writing test cases to catch boundry conditions, it takes lots and lots of user testing. I don't know how many times I have written lazy test cases thinking that they were complete and ended up finding problems that they did not take into account. Testable code can be difficult to write when there are time constraints.

Memory Permissions

[RailGunner]

Last time I checked, usability had nothing to do with allowing a user created process to stomp all over memory, like DOS / Win 16 / Win 32 did (and does). Usability also had nothing to do with being able to extend Office applications with Visual Basic For Applications, giving the world Marco virii.

Usability, however, does have to do with coherent UI design: picking icons that communicate what the button does on a toolbar, grouping menus is a logical way, making sure that there are keystrokes available for commonly used features, etc.

It sounds like the Microsofties have confused usability with Feature Creep.

Now.. the more people running Linux may in fact lead to more vulnerabilities being found, since testing only proves the existence of bugs, not the absence. However, history shows that bugs are fixed much quicker in open source then in closed source, so that's a race Linux wins easily. But as far as usability, comparing the latest KDE and GNOME desktop to Windows XP just shows that as far as usability, Linux may have already surpassed Windows.

Re:Memory Permissions

[hypnagogue]

comparing the latest KDE and GNOME desktop to Windows XP just shows that as far as usability, Linux may have already surpassed Windows.

I'm not so sure. Showing my wife how to use her new Gnome desktop: opened a samba share, double-clicked on a .jpg; Gimp started automatically... but didn't open the picture.

"Oh. *Ahem* That's because Nautilus views samba shares through the VFS subsystem, which only some Gnome applications actually implement, and none of the applications you would use. So to work around that, honey, just copy-and-paste into your home directory, then double-click the new file, edit it, save it, then copy-and-paste it back onto the samba share using Nautilus. Or if you like, I can su root, change the smb.conf, send a USR1 signal to smbd and then mount the share. That'll work except when you boot when outside of wireless LAN range. Then an additional reboot may be needed."

"Honey?"

Re:Memory Permissions

[hypnagogue]

Oh, silly me... it's HUP, not USR1. ;-)

Re:Memory Permissions

But as far as usability, comparing the latest KDE and GNOME desktop to Windows XP just shows that as far as usability, Linux may have already surpassed Windows.

Usability has been surpassed for whom? You? Or the average user? I think Gnome and KDE are far away from Windows XP when it comes to the average user. There might be average users out there such as your mom or dad who are using Linux, but most likely they had it all setup for them, and I would really like to see them actually install an application under Linux. Atleast under Windows, most of the time you just pop in a CD, and most everything else is pretty self-explanitory. But under Linux, one of the first instructions you have to follow is pull up a terminal to change this or that config file. It just seems that too many integral parts of Linux go back to the command-line, and it won't be considered more of a user-friendly OS until everything is done in the GUI - or atleast CAN be done in the OS. I'm not advocating that the GUI be required for everything, but it should be the first and foremost way to get something done under Linux.

Re:Memory Permissions

[dizee]

Last time I checked, usability had nothing to do with allowing a user created process to stomp all over memory, like DOS / Win 16 / Win 32 did (and does). Usability also had nothing to do with being able to extend Office applications with Visual Basic For Applications, giving the world Marco virii.

readily countered, of course, with Polo anti-virus.

Depends on your priorities

[Perl-Pusher]

Would you choose to run as root because it's easier? Or would you try to find a reasonable compromise and if that cannot be made always choose security over ease of use? If you said yes to the first, then no. You will probably have an unsecure system. If you answered the second yes, then yes you probably can make it a little more useable and still be secure.

What you can't do is disregard security totally for years, get a large market using your product and then start thinking about security. Or at least it hasn't worked for Microsoft.

No

[Ckwop+Johnson]

Usability and security are not at loggerheads.
I mean, take for example recompiling the whole of Windows again with a compiler that magically fixes buffer overflows.

That would considerably raise the security of the entire internet.

The consider the fact that the role that most people want to use their computers for like Word Processing Games, Web Browser, E-mail, Music etc.. don't require the administrator privileges to be useful then the real problem becomes apparent.

I have a windows box down stairs that is highly usable for my customers (my family) yet is highly internet hardened without any great loss in functionality..

Windows insecurity is a configuration problem as much as it's it's also a bad software development problem.

Simon.

Re:No

[prshaw]

>> I have a windows box down stairs that is highly usable for my customers (my family)

The catch is they have you. What would that box be like if you never touched it, or explained how to secure it? Would they be doing it as well?

That is what the vast majority of users are, without an administrator and without knowledge.

How many people would change the oil in their car if someone didn't tell them to? It's in the manual, but none of them ever read that.

How many will update their OS if someone doesn't tell them to? It's in the documentation but they never read that.

Re:No

[mpe]

All other viruses are actually *caused* by usability *flaws*. This includes those viruses that come as .pif or .zip files, and spyware that installs itself by instructing users to click "yes" on IE warning dialogs.

A warning dialogue which "crys wolf" is also not very good for warning either.

The problem is not that users are stupid, the problem is that usability is bad. Truly usable software would always inform the user of the consequences of their actions in a way the user can understand, and not allow various ways of "tricking" the user into running something dangerous.

Assuming that it should be possible for a user to do something dangerous in the first place. A big problem with Windows is the lack of demakation between "user" and "service" tasks. Of the kind which is commonplace with most machines.

The List

[Henry+V+.009]

Hmm, I'll have to add one to my list.

1. Security through obscurity.
2. Security through obsolescence.
3. Security through unusability.

simple answer is:

Yes. when you add ease of use and transparency for the users' benefit you almost always have to give a little on the security. likewise, when you make something more secure, more often than not you have to make it a little less user friendly.

an easy example is Windows 2000/XP. XP comes by default with each user in the Administrators group. this is very bad security, as part of the point behind having normal user accounts is so that when a virus or something infects a user account it doesn't affect the whole system. the problem is, if the user isn't in the Administrators group they can't do things like install software or drivers. they'd then have to log out and log back in as Administrator and continue the install process (making sure to select Install For All Users And Not Just This one). then they'd log back out and back into their normal user account. if this was (for example) a laptop with one user then it would be too annoying a process for most users and they would either ditch their passwords or stick with the Administrator account or both. if they just put up with the annoyance their system would be much safer, but they want ease of use, so they say "oh who cares that i don't back up. how often do viruses delete files anyway?"

the more user friendly you make linux, the more _LIKELY_ it is that it'll become less secure, but if you do it right there's a much less likely chance of opening up new holes. it definetly takes work to keep it secure though.

LINDOWS DOES NOT RUN AS ROOT!

[Krik+Johnson]

I CAN'T BEL1VE THERE ARE S0 MANY !1NORANT SLASHDOTTERS POSTING ABOUT L1NDOWS RUNNING AS R00T! HAVE ANY 0F YOU EVEN TRIED IT?!? 1 HAVE AND 1 CAN TELL YOU THAT 1T MAKES Y0U CREATE A PASSW0RD 0N 1NSTALLAT1ON AND WHEN Y0U B00T 1T STR0NGLY WARNS THE USER T0 CREATE AN ACC0UNT! N0W ST0P WITH THE R00T BULLSHIT! THAT WAS 0NLY IN A BETA VERSION THAT WAS N0T RELEASED T0 THE PUBLIC!

Re:LINDOWS DOES NOT RUN AS ROOT!

[Jane_Dozey]

Shhhhh!
I'm trying to read.

Re:LINDOWS DOES NOT RUN AS ROOT!

[sumdumass]

Someone saw this as flaimbait... i'm still trying not to fall off my chair laughing so hard.

This should be moded as funny. It reminds me of the days when I got on the computer just to piss people off. good to see it still working.

Re:LINDOWS DOES NOT RUN AS ROOT!

CAN'T BEL1VE THERE ARE S0 MANY !1NORANT SLASHDOTTERS POSTING ABOUT L1NDOWS RUNNING AS R00T! HAVE ANY 0F YOU EVEN TRIED IT?!? 1 HAVE AND 1 CAN TELL YOU THAT 1T MAKES Y0U CREATE A PASSW0RD 0N 1NSTALLAT1ON AND WHEN Y0U B00T 1T STR0NGLY WARNS THE USER T0 CREATE AN ACC0UNT! N0W ST0P WITH THE R00T BULLSHIT! THAT WAS 0NLY IN A BETA VERSION THAT WAS N0T RELEASED T0 THE PUBLIC!

just testing the lameness filter here . . . curious

It depends on where you put the 'friendliness'

[thrill12]

...if you put it on the administrative side, where you actually decide which packets get in etc., I think you are misunderstanding the term USER-friendliness, and instead get "admin laziness".
When you put it into the (features of) applications that users everyday use (office stuff), it can help a great deal without affecting security.

It is where the two things (admin/user) meet that the mushy stuff starts to hit the fan, so to speak. Implementing scripting capability with wide-ranging (or: poorly designed...) powers into a wordprocessor ? The admin can use it as a tool, the user can use it as a tool and, as such, the scriptkiddy can use it as a 'tool'. Just don't link two things that won't require this linking...

Making an application 'easily accessible' doesn't make it a bigger risk, as long as the application is clearly isolated from the system (including programming specifics like buffer overflows) and it doesn't result in adding 'hidden features' to said application.

No in theory, Yes in practice

[dfay]

There is no reason that more user-friendliness would necessarily reduce the security of the average Linux installation, as long as the user was still more committed to security than to ease-of-use. But sad and frequent experience has shown us that ease-of-use is often more important than security.

In cases where there is a trade-off, such as with executable email attachments, we saw what Microsoft chose to do. But before you condemn MS, first answer to yourself how often you check md5sum files of executable code that you download? And if you do, how did you ensure that the person who generated the md5sum is actually the creator of the file? Security often involves these kinds of trade-offs.

And that is why ease-of-use will end up limiting Linux's security in a default installation in the real world.

Of course, the real strength of Linux is that it is infinitely configurable, especially if you consider modification of the source to be "configuration". Therefore it can always be made secure, which isn't always true of MS boxes. Just try to disable that RPC service on your XP box, I dare you! (And then do a google search for how to reg-hack it back to enabled, since you won't be able to open the Services window anymore. ;)

Side rant: IMHO we need to get the crypto crowd to start thinking hard about usability, because they will probably be better at creating usable security products than the average joe programmer would be at making their usable software secure. And right now, there is definitely a barrier between the two fields.

weakest link

[MSG]

Your MS friends are right in one way that comes to mind. The weakest link in security is almost always the user. Social engineering is often the easiest "hack" in any system. As a reference, consider the virus plagues that spread widely despite requiring users to do stupid things.

Making the system more "user friendly" means that users with less education regarding the issues inherent to computer systems will use it. Less educated users are more likely to fall victim to social engineering attacks. Thus, a system which is more user friendly will be more open to attack.

Comment removed

[account_deleted]

Comment removed based on user account deletion

DOS 5 - most secure

[DR+SoB]

I mean how many DOS virus are going around still? I know there were 50,000 back in the day, but now, I'm curious how many are "in the wild".

When's the last time a DOS 5 computer running a text based server was hacked? What if it only runs plain-text emails, whens the last time there was a DOS exploit/virus released?

Hmmm, does this mean obscurity = security? Scary, it just might!

I've told people for a while now, you want secure? TEXT ONLY. GUI's are the downfall of computers I tells u!

server vs. desktop distros

[mr.capaneus]

I bet most people would agree that as a distro caters more toward usability as a desktop OS it can introduce security problems that are not acceptable in a server OS. For example, Lindows uses root accounts for general use. For a desktop system this enhances the usability and (maybe) isn't a major security risk. At least not as bad as a server OS doing the same thing. Of course, you would assume that a true desktop OS would not have a bunch of extraneous crap running, like telnetd, for no reason.
I think once we see more of a separation between server distros and desktop distros, the issue of usability/security will be less severe. I know that there are specialized server distros but the fact that we are talking about "Linux" exemplifies that there is not really a very distinct separation.

User friendly == blunter instruments

[mark0]

It isn't that making Linux more user friendly will make it less secure. It is that making the tools require less understanding will lead the friendly users to a false sense of security.

Consider netfilter/iptables... Understanding how to really secure your system from this particular perspective requires a bit of study. Sure, you can paint relatively broad strokes and secure your system with a few clicks for a large majority of cases. But not knowing how the configuration files ended up being written means not knowing to what you are actually vunerable as a result of making a few simplistic choices.

Unfortunately, the Peter Principle often applies to home computer ownership, too.

It comes down to target market,

[orion41us]

If corporations start writing applications/distributions aimed at "DeskTop" users then the server features included will be less secure - If I am releasing a new Desktop App - I will be more worried about UI - features ect... If I am writing a server App - I will be more worried about Access Control, preformance... It will ultimately be where the $ is...

Re:Maybe... Need more sandboxes/restricted userids

[LostCluster]

Does any of that make sense? ;-)

Nope. Any system that doesn't allow the user to do whatever they want to do is going to is not user friendly. We've got two somewhat paradoxical concepts here.

Users will always want to be runing at root at all times. Some won't grasp the security implications until it's too late.

Re:Cought?

Because then they would have to actually edit the story, instead of putting the smack down on trolls.

coffee and donuts

[fermion]

I cought myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee

I like the little cups of strong coffee. Could never understand the appeal of Krispy Kreme doughnuts though. I am lucky enough to have a local place which knows that a doughnut is supposed to be light and fluffy. The more sugar the better.

I suppose the security issue comes from insufficient caffiene and sugar. All these people on low carb diets have no idea what they are doing to thier minds.

Security is in the eye of the beholder

[Bronz]

Microsoft sacrifices security because, in their model, it is often the easiest way (tm) to make something more user friendly. So from a Microsoft point of view, it seems obvious that security and user friendliness are mortal enemies. That doesn't mean the two naturally correlate.

On the other hand, anyone can make a linux box insecure. The question then becomes as simple as whether you trust users to administer their own boxes. This is where you need user friendliness. This is where the OS has a choice to remain secure by staying obfuscated (and thus scaring users away at the expense of functionality) or become more friendly (at the risk of letting users hurt themselves).

Windows, by default, can be (is?) insecure. But that's not where the "(Microsft vs. Linux) vs. (User Friendly vs. Insecure)" debate should begin.

Note to Linux

[mumblestheclown]

When does usability become a liability?

Hey linux--how about you worry about that particular hurdle when it's within a light year away or so?

Maybe

[fudgefactor7]

The answer clearly is "maybe." It all depends on implimentation. Simplicity in itself is not responsible for vulnerabilities. Simplicity is the goal for the designer. Usability is the goal (and key) for the user. The problem is when you ignore good security methodology in the name of K.I.S.S and for the uneducated user.

I think it would be better to educate the users than to dummy-down the OS. Education needent be difficult. Documentation is key to understanding. If the user can't/won't read the docs....then it's all their problem, but if the docs are there, and they're clear and concise, and he reads them and can use them. Then you have a good system.

End users like "Joe Sixpack" don't want to have to type things like mount /dev/cdrom /mnt/cdrom, they want to click on an icon or (if they're at the commandline) type in just the path to the drive. Autofs (and the like) go pretty far for this. But that's just a beginning.

Take Microsoft's lead. They spent an enormous amount of time, money, and effort making the systems useable and simple. Apple did the same (albeit on a slightly different track). Linux can too. Just because someone makes Linux (as a whole) easier for Joe to use doesn't mean that security will go out the window. It just means that there's more that needs to be thought about before implimentation.

And that's why there's the "maybe."

Re:Maybe

[leperkuhn]

Most people don't want to learn any more than they have to, especially then they could care less about the computer. It would be like teaching me how to pet a skunk. I don't care, and I dont' want to learn.

Why don't you guys just settle this like adults?

Needless to say, this became an endless debate between our Microsoft Administrators and our Linux/Unix Administrators that will undoubtedly continue into the morning

Why don't you guys just settle this like adults?

Flintlocks at 10 paces, then fire.

BULLSHIT!

[TempusMagus]

As you increase useability, security goes down by rule.

That is complete and utter nonsense and only holds true when you are working with incompetents or people with stunted problem solving skills.

Your example is faulty out the yin-yang because you could have a usable interface to securely set-up a system with those very things you mention as being insecure.

What it generally boils down to is having the developer form the experience around the behaviors of the user rather than make the user conform to how the developers thinks they should react to the software. This typically pisses-off developers and makes them resent the very people they are writing the software for.

I'd say no

[Paulrothrock]

To make things user friendly, you have to make them more robust. Linux is already robust, so it's not an issue. The only disadvantage is that you'd have to secure the system against its users and the outside world. Look at Mac OS X: Most of the users don't even know about the Terminal, or that they're using a Corvette to drive the kids to school, so to speak. (FreeBSD in home computing, that is.) I think it would be a good model for Linux. People like shiny things, and I don't think there are enough of those in Linux.

Re:I'd say no

Linux may not be a Corvette, but at least it boots.

As usability goes, FreeBSD = 0, Linux = actually runs. (Windows = installs fourth time on the third box you try).

windows is not user friendly

[b17bmbr]

i used to be tech coordinator at my school. oh the headaches. anyways, i'd get all kinds of lame ass questions about how to do simple things. people learned how to use windows. just like riding a bike, it takes time. windows UI's break lots of guidelines. ever look at all the dialog boxes, like the font box, or the print dialog. they are 1st class abortions. and how 'bout office. what, a toolbar button that is a pop up menu, which can then double (or triple?) as a pull off floating toolbar? (it's a desert topping, it's a floor polish!) windows has had the luxury of being how things are done, and people learn to use it. so, anything that doesn't do it that way is "wrong" and "difficult". it's no different that driving on the right side of the road, with the pedals on the left side of the car. (here in the US) linux desktop by default has to emulate/mirror windows (mis)feature for feature. now, there are lots of bonuses like in konq, but 100 cool things doesn't make up for the 1 thing it doesn't do like windows. the best hope for linux desktop is new users without the pre-conditioned actions. i had several linux desktops in my old 7th grade class. you'd be amazed that kids with little computer training can pick up kde or gnome. it's just that they're not stuck, as it were, doing things the redmond way.

If usability means all powerful scripting

[Aging_Newbie]

If usability means all powerful scripting then Linux will become as troublesome as Windows. If, on the other hand, it remains impossible to run full executables from HTML (and then not be able to exclude HTML email even as an option) then the major attack vector for Windows will never exist.

If HTML email can still be turned off in Linux (like all the email programs in Linux do) then not only can't spammers run trojans but they don't know if I look at their creative efforts.

Port exploits will remain a problem in both Windows and Linux. Patches are issued for both on a somewhat regular basis.

Presumably Gator and other spyware would need to be rewritten for Linux and packaged as RPM's to be installed by Joe User based on his version of Linux. Somehow I suspect that it would be less frequent when installation is not a thoughtless act of clicking a box.

User friendly doesn't mean root friendly.

[openmtl]

This is like asking : when I change the channel on my TV I need to really have access to the flyback controller on the electron gun.

Only a "Built for Windows TV" would ever need such a capability !

The Linux security model splits user (fancy stuff) and root (low level stuff) very well. Retail Windows has only recently had this separation; ever tried to log into Administrator in Windows XP Home ?????

As GNU/Linux (a distribution) becomes more user friendly (presuming is isn't already) then nothing the GNOME or KDE can do would break the intrinsic security of the Linux kernel. Nothing.

So as long as a user plays in user space , Linux is happy to keep the hardware rocking. Log in to root and all bets are off but even so, when Linux has the NSA stuff then root won't always mean root.

Nah - this is stupid. a GNU/Linux distro like Mandrake is user friendly and as long as you are not using root - it can be secure and quite usable. Sounds like FUD to me.

Good Question

[MrRuslan]

I see it this way. An operating system should be as secure as posible and as usable as possible...it is possible with minimal sacrifice...i mean look at the numeros linux distros like Suse and mandrake and the like...im not even going into lindows and xandros...i never used OSX so i cant make a comment but in most of my expereances (I'm a part time computer tech) Linux for the "AOLish" people is no difrent than windows and look how much more secure it is...i disagree with popularity making things vulneruble..i think its design...windows is not desighned with security in mind in the first place and nether are the apps that run on it... on the other hand if u put linux or any nix for that matter on someones box with all the services off it will work...i did it lots of times...when i have to format somones infested box i throw suse or mandrake on it and i have zero complaints because people have less problems in general...its posible to do it with windows but some apps will refuse to work without admin privledges...basicly the way i see it is windows is a broken legacy system that should be replaced from the groud up...im not bashing microsoft but windows is just not a good product and security is not very lickeley on it...for averge users it dosent matter what os it is...most people i do work for are also clueless in windows and thats why they hire somone to help them set things up...even if another non ms Unix derived os came to the top of the market I think it will be more secure because it is not windows...

Re:Mac Security

[feldsteins]

The argument that Would. Not. Die. Seriously, you can see this argument popping up in discussion forums everywhere with great regularity. Then you can read it in major computer industry publications, too. I'd like to believe that ./ readers know better. For those that don't, here's an interesting article.

Obligatory OT request:

[Asprin]

While we're on the subject of usability vs. security, does anyone know of a link to those gag pictures from a few years back of the user-secure keyboard and mouse that don't have any buttons? I want to save them this time. I'd post 'em if I had 'em - they're almost on-topic and a certain +5 funny.

Thanks.

Joe Sixpack & Susie Soccermom can do it.

[B5_geek]

Windows greatest benefit: "1 click = complete install"
Windows greatest flaw: "1 click = complete install"

There is no reason to assume that making GNU/Linux _more_ user-friendly will mean that it will be more insecure.

Most linux distros (with default installs) look like an evil half breed of XP & Mac OS, large `cutesy` icons do not make an OS easier to use. (Just ask anybody that is skilled with MacOS).

What is wrong with the old DOS days & Win3.1 from a useabily standpoint? Not much. (8bit & 16bit code notwithstanding) When configured correctly it worked.

Here is a novel concept: Aim that that level OS knowledge in your users. The "power-users" could easily find & tweak the .ini files as well as config.sys & autoexec.bat to squeaze every inch of preformance out of a box that we needed. The dumb office-sheep had there 5-6 iconc that launched the few programs that they needed on a day-to-day basis. They didn't need or care about all the settings because it did what they needed to.

I have been trying to use Linux since the RedHat5.2 days. I know my way around a dos prompt but the simple things like being able to tell the difference between a txt file and an executable file were beyond me at that time. (I now know that file extensions are not necessary, but imagine how much easier it would have made life.)

If Linux were easier to add apps to (1 click = install) BUT more strict in what it allowed to go through the NIC, that might make for a decent compromise.

* I know everyone here used to curse at win3.1 but try to seperate the shitty 8-16 bit code issues that plagued it.

Re:Joe Sixpack & Susie Soccermom can do it.

You can't do one-click installs in Windows.

Windows...

click on download link
click on "save to..."
click OK to save in default My Documents location
click twice to start installer
click next
scroll EULA down to bottom so the installer thinks you've read it
click "I agree" radio box
click next
click next
click next
click finish
click start
click shutdown
click OK ...five minutes later...
you're done!

Broader usability compromises security because...

[MisterLawyer]

Broader Linux usability

yields a bigger bite out of Microsoft's marketshare

yields more desperation at Microsoft's headquarters

yields more Linux-virus-writers hired by Microsoft.

Root keeps things secure.

[Krik+Johnson]

In Mandrake 10, configuration is split in to two control centers. "Configure your desktop", to configure desktop stuff, and "Configure your computer" to do the dangerous stuff, which requires root password. Mandrake is one of the most usable linux distributions out there, with millions of satsisfied users, plus its secure! So the answer is : Usabillity dosen't equal insecurity. Just run Manmdrake update once in a while to keep up with the security patches. For those who want to see the usabillity magic of mandrake 10, download the iso files here. This ask slashdot question is nonsense, if slashdot employed competent editors this question would of never been posted!

False Assumptions

[Thanatopsis]

Clearly the idea that a OS that is usability is easier to attack seems intuitively right. However like many inuitive ideas like this it's wrong. The current MacOS is much much more usable (as defined by Jakob Nielson) than either Linux or the current Windows XP. However it is considerably more secure than either product. It all comes down to proper design in a network setting. The Mac OS was designed as a secure network OS first and then layered with Apple's top notch GUI. This shows the base idea (systems with high usability have poor security) to be false. The problem is that Windows NT, 2000 and XP were not originally designed as networked OSes. SO applications are often granted root priviledges (and need them to run) while applications that run on a properly design OS, can run in user space.

DCOM

[wandazulu]

Wpart of DCOM is user-friendly, exactly?

more usability=more stupid users = bigger targets=

[jerky42]

bigger payoffs.

Right now, the userbase is small, the difficulty high. More usability will mean more consistency, and more stupid users, which will make the platform a much bigger target than it is now.

Jerky's law
As the number of users grows, so do the number of successful attacks.

This is when it happens in Linux:

[Neil+Blender]

[root@localhost]$ chmod -R 777 /*

Re:This is when it happens in Linux:

[maximilln]

It'll only take one vulnerability in Mozilla coupled with an unknown root exploit to make that a vicious reality. Reuse of the same Mozilla exploit farther down the page (or in the next click-link) makes anything possible.

I'll probably notice that my directories look quite different in my shells, but what about the user that doesn't alias dir='ls -la'? What about the user that doesn't eval dircolors? What about the user that doesn't use shells at all?

*shiver*

Useability Vs Ab(Useablity)

[vishmaster]

My take on the whole thing - the one thing that definitely does happen to technologies and systems in general ( including OSs) is that the easier it becomes to use it - the easier it becomes to Ab(use) it - for me security considerations are merely unchecked abuses of the system - To make things clearer - take the analogy of Email - the original intent was for free and easy communication - which also mean for spammers - a free and easy guerilla marketing tool - so - in essence - I would say that Useability does imply - more chances of Ab-using it !

Re:Cought?

[Country_hacker]

Corporate sponsership of Slashdot. Yup, Krispy Kreme paid CmdrTaco an exorbitant amount of money to put that line in the story. Didn't you get the memo, it's the next new wave in marketing.

not really

[xenocide2]

When Linux switched from ipchains to iptables, was there an inherant trade of security for usability? I hope not. You might point out that very few people use iptables or ipchains directly, which leads me to my real point.

GNU/linux is a collection of disparate software. There isn't a large entitity directing the manufacture and integration of the various tools hewn together to make what most people think of as "Linux." Usability means something above and beyond vim and bash. iptables is nice, but shorewall is usable. Sure, you can think of some trades a distribution might make ie users as root. But building an integrated system of management isn't nessecarily a bad thing, and done in a well thought out and managable way can actually help a hardened system. apt-get makes updating for security releases nearly painless, but it would be hard to argue that the added usability detracts from security. Sure, the servers could be comprimised, but so can source code. In the meantime, there's several ideas roaming about in certificying package authenticity.

Not unless it takes second priority

[21chrisp]

Will making Linux more user friendly result in it becoming less secure? Hopefully your expertise will help shed some light on (and bring to and end) our discussion.

NO! Improved usability does not have to come at the cost of security (or stability)! The reason Microsoft's products have had problems with these issues is because usability was their primary (you could almost say only) concern for decades! The result? ..an OS that's very easy to use, but unadvanced in terms of security, stability, and (in many cases) performance.

Linux is simply taking the reverse path, focusing on security and stability first, and then trying to build improved usability on top of that. MacOS1-9 had the same problems really. A great and very user-friendly interface that was build upon an insecure and somewhat unstable base. Time has shown that the only way to fix this is to pretty much start over from scratch..

if (user-friendliness == insecure)

[TheABomb]

then Windows would be user-friendly, no?

Seriously, though: it depends on what you mean by user-friendly. If you mean works just like Windows (i.e. running as superuser by default, LookOut!-style e-mail running attachments by default, etc.), then yes, security flaws are inherent. These generally stem, however, from the inherent regular/super-user problem that single-user OSes like Windows exemplify.

On the other hand, if user-friendly means simple to use, then no, security flaws will not be the natural result. Just look at the current state of the KDE project for proof.

What does "Usability" mean anyway?

[Jane_Dozey]

Most average computer users use Windows, so they're accustomed to using windows. If they were all used to doing things differently then the term "usability" would apply to the system that they were all used to using.
For (a rather simplistic) example: If the toolbars in windows software were all at the bottom of a window instead of the top, people would automatically look down there for them, instead of the top. This is what they would be used to. So, in this senario, putting them at the top would be considered less user-friendly since it requires the user turn off autopilot and think about it for a second.
I'd agree that linux needs to be more intuative if it's ever going to be mainstream but why assume the need to be exactly like windows in order to do this. Just teaching the average user that different isn't nessessarly more difficult is part of making the system more "Usable"....isn't it?

No.

Linux is secure because it properly serperates ordinary user priveliges from superuser priveliges. It is secure also because of the peer review inherent in its development process. None of these things are going to change.
It's conceivable that, in the future, idiotic distros will set users up with root accounts. However, this seems doubtful as people who make distros aren't idiots and the security of regular user accounts is too valuable to throw away. More likely, the distros will insist that the user provide a root password during the install process and then demand it whenever the user tries to install software or make system changes. The ordinary user will probably not understand why this must be on the most basic level, but he will put up with it as an unavoidable nuisance. Thus, Linux will be as secure from a technological standpoint as it is now (probably even more so, see SELinux for example). If end-users choose to make their root passwords "password," or enter it into any pop-up dialog that asks, this is not Linux's fault.

Re:Mac Security

[dgatwood]

I disagree. The best defense Apple has in the way of security is not giving any application run by a user permission to change ANYTHING other than minor configuration options without authenticating each application individually.

This means that yes, a trojan horse could run, and yes, it could keep running until the user logs out, and maybe even add a login item on a per-user basis, but it can't install anything into the system that runs at startup unless the user explicitly enters a password to say that "yes, I really expected this to be installing something". This simple authentication requirement would have prevented 99% of what has made Windows viruses so virulent.

In fact, the best form of user-friendly security basically amounts to having a bunch of policies for things that shouldn't generally happen, then shouting at the user and asking if you really want to do that. This concept has been popping up repeatedly on the Mac platform ever since the classic "GateKeeper" virus checker extension. I remember saying that I wanted to see an OS do exactly this sort of sanity checking (don't let an application modify the OS without user permission) back when I was still in elementary school (mid-eighties).

So here's what I don't get.... If this was obvious to me at about age 10, what does that say about companies that still haven't figured out how to implement such a basic security measure? And why would anyone in his/her right mind use an OS like Windows whose security policies haven't caught up to what seemed obvious to a 10-year-old kid almost 20 years ago?

For shame.

Not exactly, but there is some truth to it

[herrlich_98]

If the user doesn't care about security then it is hard to add more security without making the system more difficult to use.

On the other hand a system infected with viruses and trojans can be un-usable.

In all fairness to MS, the Windows history is from a novice single user or small work group. Windows was kinda of thrust onto the Internet, by, well, the growth of the Internet. It is more usable and less secure because of that.

Linux has the whole multi-user UNIX, USENET, geek, Internet history behind it. It is more secure and less usable because of that.

I see Windows and Linux evolving toward each other in security, in usability and in many other ways.

Re:Why don't you guys just settle this like adults

[sn0wman3030]

I agree. People argue and bicker way too much about their desktops. It's really not all that productive.

RE:

There's an interesting blog entry about this over at Wil Wheatons blog

oh please

[Knights+who+say+'INT]

Even to do trivial stuff like mounting a cd-rom you have to have root access.

Soon you find yourself su`ing whenever something complains it wants to run as root.

Finally, you get pissed off and add yourself to /etc/sudoers. Now, all an evil shell script that comes in an attachment needs to do is add a "sudo" before its evil-doing!

Instant linux virus: "nudie-pictures.jpg" (chmodded +x, of course)

sudo cat /dev/random &gt; /dev/hda1

.

Duh.

This is offtopic a bit, but...

Natural language is also, compared to computer languages, extremely stable.

So when we move to more fuzzy based computing systems and we get people programming simple-to-moderate automation tasks based on speech recognition algorithms, image representation computer languages, and feedback loop based "AI" that interprets our spoken and visually represented commands, does that mean our computer systems become less "stable" even though they are ultimately based on the mathematical flip-flopping of 1's and 0's?

Re:This is offtopic a bit, but...

[d34thm0nk3y]

Yes, it does! Any layer of abstraction on top of the basic actual machine languge results in performance and stability issues. Just like Python is slower than C is slower than assembly.

OS X Topped Secure OS List

[millahtime]

OS X and the other BSDs topped the most secure OS list. It was also rated by OS News I believe as one of the best operating systems the rated had ever seen. Great OS that is secure.

This depends on what you define as ease of use...

[Svartalf]

If it's ease of learning, then yeah, a picture is probably worth a thousand words. If it's actual ease of use (which is NOT to be confused with the latter- even though everyone and his dog keeps doing it...), then a CLI may well be the thing.

There's a lot of things that are purely cumbersome because of the GUI under XP or MacOS.

Big difference.....

[vwjeff]

One cannot compare a service/daemon to an operating system. The average user will never configure Apache or Microsoft's IIS.

I'm not defending Microsoft at all. Windows has many problems that need to be fixed. The best example is root access for users. The problem stems from Window's "root" (I made a funny) which is DOS, a single user OS. Linux on the other hand from the beginning was a multiuser OS. The problem I now see is that people are trying to make Linux too easy (ie. Lindows). This sounds good on the surface but I fear Linux is moving to the single user model on the desktop.

The best thing Microsoft can do now is to start with a new codebase.

depends what you mean by usability...

[xutopia]

but in my book usability won't make Linux inherently less secure.

I think the Windows admins mistake usability with features or something else like insecure macros. I think the design approach of linux is much more protected and secure than what we saw in Windows to date. This has nothing to do with usability at all. It just had to do with the convenience of MS to not have to deal with security issues.

yes

[cybercuzco]

Yes, user friendly is code for "accessable to people who are not computer literate" somone who is not computer literate will use a more friendly to use computer operating system. Which, while it may be secure, will have flaws, since no system can be 100% flaw free and still grow. (if you fix the features of a piece of software, you can approach perfection, but even the software to run the space shuttle had 4 bugs in it) As more and more people use the software, more and more non literate eyes are looking at it, and not adding to the software (if it is open source) but they are finding flaws in the software, they just arent doing anything about it except maybe complaining to each other. As the number of newbies reach critical mass, some malicious user will exploit one of the flaws in the software, making use of the gullibility of those who use said software, reducing security.

Comment removed

[account_deleted]

Comment removed based on user account deletion

HAVE ANY OF YOU TRIED A MODERN DISTRO?!?

[Krik+Johnson]

WHY are there so many people claiming Linux is hard! REPEAT AFTER ME!

MODERN LINUX IS EASY TO USE!
MODERN LINUX IS EASY TO USE!
MODERN LINUX IS EASY TO USE!
MODERN LINUX IS EASY TO USE!

If ANY of you disagree, reply to this post with ALL of the following
Your distro and version number (if its less than 9.0 upgrade and try again).
Your full hardware specification
What you found hard.

For reference : I am using Mandrake 10.0.

Software installation is done all from the GUI, with automatically solved depenencies. My Printer, Digital camera, TV card, Sound card, Scanner mouse, keyboard monitor all just automagically work!

I have KDE 3.2, which has had over a YEAR of usabillity improvements, if you are not using KDE 3.2 then upgrade and try again! OpenOffice.org 1.1 has ALL the speed problem solved, so upgrade if you are using the slow version! I can run all my legacy Windows software securly in a sandboxx using crossover.

And I have used both OSX and Linux and Mandrake linux 10 stomps all over OSX for usabillity! Its so easy to use that I removed OSX and put Linux on my mac! Its that easy! My brother who is illiterate can use linux because of the nice shiny icons that KDE provides

So if you have any of the following problems
*Depandancies
*Bad fonts
*Slow office suite
*Ugly GUI

Than upgrade your distro! Either to Mandrake 10.0, Ark Linux 11, SuSE 9.0 or Fedora 2 when it comes out!

Re:HAVE ANY OF YOU TRIED A MODERN DISTRO?!?

[The+Bungi]

Your distro and version number (if its less than 9.0 upgrade and try again).

1994 - UGRADE AND TRY AGAIN!
1995 - UGRADE AND TRY AGAIN!
1996 - UGRADE AND TRY AGAIN!
1997 - UGRADE AND TRY AGAIN!
1998 - UGRADE AND TRY AGAIN!
1999 - UGRADE AND TRY AGAIN!
2000 - UGRADE AND TRY AGAIN!
2001 - UGRADE AND TRY AGAIN!
2002 - UGRADE AND TRY AGAIN!
2003 - UGRADE AND TRY AGAIN!
2004 - UGRADE AND TRY AGAIN!
2005 - ...

Klingon Amigas

Of course if you have elitist programmer types who use their case-modded Amiga's to talk to talk to each other in Klingon

Hey buster, the Amiga I use to talk to my friends in Klingon is not case-modded - otherwise people would think I was a geek.

The Apple Way - Consitency!

[BeProf]

It's all about the Human Interface Guidelines people.

Every app has most of the same keyboard shortcuts and the same menu items in the same places. That means that on a Mac I have to learn the interface once.

I just point and click at the main menu and select "Preferences" to get to my preferences. I press Command-C to copy and Command-V to paste. It doesn't matter if I'm in Safari, Dreamweaver, Acrobat, or Word. My most commonly used shortcuts are the same in every app.

Apple has been very good at this sort of thing. Linux hasn't, I'm sorry to say. Think about it. Where do you go in Mozilla to change the preferences? Now, where to you go in Evolution? See what I mean? It doesn't matter that you knew how to do both. What does matter is that you had to think about it. That's the difference between a "usable" and "intuitive".

If Windows is easier to use than any particular Linux distro (and I believe it is), it is only because they have a more consistent interface across applications.

So what do you (i.e. the Linux developers of the world) do about it? Standardize! Come up with an open HIG document, and then STICK TO IT!

It's not rocket science, people.

OT: karma

[Rufus88]

Sorry for the off-topic slashdot-posting-meta-post, but...

Is there a cap on the amount of karma you can earn in a reply to your own post? I'm not trolling, and I don't want to sound accusatory, but if I wanted to earn some points toward meta-modding and the posting bonus point, Why wouldn't I introduce some trivial error into a post and then issue a follow-up correction that also gets modded up?

Re:OT: karma

[lgas]

No reason. In fact, you would want to.

Re:OT: karma

Metamod isn't based much on karma but rather the number of user accounts registered after yours.

Typically, if I make an error in a comment that survives even a Preview, I reply to myself as an AC: "You've got it backwards. Don't you mean $bar"?

-- tepples, meta-posting as AC

Re:OT: karma

Is there a cap on the amount of karma you can earn in a reply to your own post? I'm not trolling, and I don't want to sound accusatory, but if I wanted to earn some points toward meta-modding and the posting bonus point, Why wouldn't I introduce some trivial error into a post and then issue a follow-up correction that also gets modded up?

I think you're the only one who cares about this.

If you're not the only one who cares about this, you should be.

Lost Cluster is in almost every discussion, stating the blindingly obvious early and often.

If you really think it's worth the time and effort, I'd suggest Lost Cluster's strategy of shotgunning the obvious at every discussion is far more successful at gaining karma points than any deliberate error in an insightful post followed by a correction.

If you REALLY want the bonus point added to your posts, then load grapeshot and fire at the broad side, Slashdot pirate!

The only problem is that you'll have to race Lost Cluster to get off the shot; he's always there with the obvious bordering on moronic observations and you might get smacked down "Redundant".

Lost Cluster: "Grass is green because of chlorophyll, not leprechaun blood." +1 Informative

(just amusing myself and distracting myself from the tedium of work by answering a question that really didn't deserve one...)

Re:OT: karma

Lost Cluster, is that you?

Re:OT: karma

[LostCluster]

First... notice that I proudly display the subscriber star. That means I get access to a story 15-20 minutes before the rest of the world. In that time, I often can RTFA and queue-up my first three or four posts. Yeah, it does mean that I capture some of most blindingly obvious discussion points first.

I admit that I know linking to my own site in my sig exposes it as almost an inline-ad that generates traffic and Google PageRank. Although, you should also consider that my Slashdot membership and posting history predates the existance of that site. From my point of view, that sig space is a free ad that I get in exchange for contributing to Slashdot. It's not a very high-value ad however... if I really wanted to drive more traffic to it I'd work more on making it better rather than posting here.

I honestly think that my karma level is at the positive limit. Therefore, I don't particularlly care when I make a post that's going to get modded to -1 for calling another poster a troll. I've got the karma to burn, and I'm in no danger of losing the bonus point. It also means that posting more than I already do can't raise it, so that's no motivator.

I never get mod points, and don't really care that I don't. Since the system looks for "averageness" in the users it selects, and I have above average stats, I'm not going to be selected very often. I don't mind, I'd rather post than mod in a thread anyway.

Re:OT: karma

[lcsjk]

If you get mod points for sounding ego-centric, you are indeed at the top! (Sorry, but I did not see your star.)
Did you know that RTFA is a four-letter-word, but that RTAF (pronounced aretaff) is not? (Read The Article First)!

Re:OT: karma

First... notice that I proudly display the subscriber star. That means I get access to a story 15-20 minutes before the rest of the world. In that time, I often can RTFA and queue-up my first three or four posts. Yeah, it does mean that I capture some of most blindingly obvious discussion points first.

And yet you miss the most blindingly obvious point made here: blindingly obvious points don't need to be made because they're BLINDINGLY OBVIOUS! (And especially not by the same person every time. It makes you look like a simple Karma Whore.)

There really should be a mod -1, Blindingly Obvious

There are two kinds of user-friendly

[shawn99452]

Remember that there are two schools of user friendly interface design. Microsoft goes for the 'our users are stupid and can't learn, so let's just do it for them and name the options so people will be afraid to change things'. Apple uses 'our users are stupid, but maybe they can learn, so lets make all the options make sense and do what they say they do.'
In my experience, Apple's way of doing things makes the user feel empowered, and is much less scary and overwhelming. People are more likely to know how to change their screensaver in OS X, and are less afraid to do it, because it's more accessible to them. OS X doesn't present options that imply that if you do it wrong, your computer won't work again. Notice that OS X dialogs generally don't even have Cancel or OK buttons. You change something, and it changes. You don't like it, change it back (Network options do have an apply and cancel for obvious reasons). Personally, I like Apple's way better.

Politician's logic?

Sir Humphrey: "All cats have four legs. My dog has four legs. Therefore my dog is a cat."

Logical error: Non sequitur

[KilobyteKnight]

This topic reminds me of a cartoon I saw once. In it there were two people at a chalk board. The chalk board was filled with a complicated flow chart; each box containing formulas and numbers and equations. Near the end, right before the "Answer" box was one that stated "Here a miracle happens". The caption was "I think we need to work on this part a little".

Anyway, my point is that the assumption that ease of use = lack of security is a non sequiter. There was nothing stated in the topic to support that conclusion. Additionally, I don't know of any evidence to support the assumption that security flaws are inherit to easy user interfaces.

Indeed.

[Yobgod+Ababua]

I'd actually argue that having all services turned off by default doesn't impact the "average dumb user's" useability experience at all, because the average dumb user utilizes their system pretty much exclusively as a client.

This is part of why home-NAT devices were able to spread so quickly among regular home users... because they don't care if their system can be accessed via ssh, http, or whatever... as long as they can access other systems in the expected fashion.

Still, a nice observation (once corrected).

Usability vs Stupidity

[TooManyNames]

You know, this argument has persisted for quite some time and I wonder where people think that Linux truly is in comparison to Windows or Mac usability. There are just some aspects of Linux that I have noticed that convince me that this comparison is premature and, unless developmental attitudes change (for applications running on Linux), destined to remain a faulty comparison. I know that some of you out there think I'm absolutely insane or some Linux noob that is utterly stupid or something (even though I use Linux and have for some years now) but let me post a question to you...

I remember using Redhat 9 and running into a problem editing the main menu in Gnome; 1 hour later I found that menu editing was turned off by default and needed to be turned on. Now, all issues about whether editing the menu should be off by default or not aside, wouldn't it have been a good idea to at least mention this in some readily available documentation instead of having to dig through tons of posts about this problem before finding a solution?

This, to me, represents a lot of the Linux experience as a whole to users that want to utilize the OS for something other than scripting or coding or whatever. Regardless of how pretty the desktops become or how many more codecs mplayer gets, various defaults (that matter in terms of usability) only accessible through various text files that are next to impossible to find any documentation on will keep Linux in this unfriendly place.

Also, before you make the plugs for Debian, Gentoo, Mandrake, Suse, etc, I have tried all of these distros and found them to be roughly the same or worse in terms of overall usability as Redhat so don't make the claim to me that one is better overall than the other. You can, however, make that claim to other readers.

So I basically think that this whole idea of usability being inversely related to security doesn't yet apply to Linux. If you're talking about nice desktop environments or other nifty guis then blather on.

Just my own critical opinion though I know that most of you other open-minded people will correct my views... Let the name calling/personal attacks begin.

Usability && security

I'm not sure why people have such a predisposition toward one or the other? Why can't we have both usability and security? Shouldn't people be able to use computers they way the drive a car? Just because there are complexities and advances in different parts of a car that makes a car, a driver shouldn't need to know anything more than just drive safely and rely at the same time that the car won't break down as he's driving it. :)

Re:Usability && security

[maximilln]

-----
Usability && security
-----
Egads! That should the other way around!

There's no way I want my system executing usability before it's had a chance to evaluate the return value of security.

Command Lines Different kind of Learning

[millahtime]

A GUI you have to learn to click, double click, right click, directory structure, etc. You still have to learn. You are just learning something different. instead of cd [enter] you are double clicking on something. wether you type it or click it you are still learning something.

Re:Command Lines Different kind of Learning

[Vancorps]

Sorry, but learning to click a mouse is a lot easier than learning "mount -t ntfs /dev/hdc1 /mnt/windows" Don't forget the ole favorite from Gentoo stage 2 installs. "/sbin/lilo -C /etc/lilo.conf"

None of that is remotely friendly especially considering it is all something I could do in Windows only using a mouse. Two or Three buttons is a hell of a lot simpler than 104+

Re:Command Lines Different kind of Learning

[CorwinOfAmber]

Sorry, but learning to click a mouse is a lot easier than learning "mount -t ntfs /dev/hdc1 /mnt/windows"

So? Typing "copy file1.txt file2.txt" is a lot easier to learn than double-clicking My Computer, then double-clicking each directory in the hierarchy until you get to the right one, then right-clicking on file1, selecting Copy, then right-clicking the directory name, clicking Paste, then entering file2.txt. Contrived examples do not prove either point.

Re:Command Lines Different kind of Learning

[kollivier]

The difference is that with a GUI you can explore. Click and see what happens. (Guess what, lots of kids learn this way.) You learn by seeing, you learn by doing. It's a very powerful way to learn.

You can certainly type random commands and see what happens, if you've got a few days to kill... =) Otherwise, you will need to have someone teach you the command to check your mail, the command to browse your files, the command to do word processing, the command to login to the internet, the command to browse the web... Without knowing those commands, you are helpless.

Need I go on?

Re:Command Lines Different kind of Learning

You, dear sir, are an idiot, as shown by your examples and obvious lack of knowledge. Your disgustingly high UID doesn't help either. Please do the world a favor and kill yourself before you reproduce and cause further harm.
Thanks, and have a nice day.

Re:Command Lines Different kind of Learning

[Vancorps]

Right click, copy, right click paste when you get where you going. The point holds because you are doing the exact same type of task as you did when you mounted a new drive. The commands are no different, they are purely contextual which is a lot easier for anybody to learn.

There are many times when a cli can make a task faster but I've yet to see a time when it can make a task easier.

Re:Command Lines Different kind of Learning

[arose]

A good tutorial will teach you basic CLI usage in a few hours. If you don't know how to use a mouse, the CLI might be a better starting point. But I really don't understand why people seem to think that GUI and CLI are exclusive. Some seem to think GUIs are the root of all evil, others want to hide the CLI away in a dark corner.

Re:Command Lines Different kind of Learning

[mheine]

Find all files last modified in jan or feb that have X in the title and move them to the X folder. Almost no gui's support that kind of selection and it's relatively straight forward in a cli. Of course that's the design difference between CLI and GUI. CLI says make the easy stuff reasonable and the hard stuff possible. GUI says make the easy stuff as easy as possible and don't support the hard.

Re:Command Lines Different kind of Learning

[Ralman]

So you have learned to type using a mouse. Good for you, I am sure that is much faster and simpler than using a keyboard.

What if you have extensions in Windows turned off, as in the default Windows setting? Are you sure you named the file correctly? Seeing that is rather difficult to change the extension with that setting.

Hell even when using the explorer interface, I type in the path name, why, I can type it faster than it takes windows to read the disk and render the directory structure. Seems a hell of a lot easier (not to mention faster) than waiting for the GUI to catch up.

Re:Command Lines Different kind of Learning

[Vancorps]

Hit F3 in Windows from the desktop and you can do all that from the GUI. The alternate path is the start menu and click search. It is more than capable of all those search terms, pretty much for the last 7 or more years Windows has had that its base install and if you happen to have Office they give you some more options like searching for Who Authored what document on what machine.

In general you're right about a GUI which is in my opinion why the cli is still around. There are things that you can't do reasonly because there would be too many options on the screen. Avid is a great example of how this can go wrong but it is also an example of how it can go right because pretty well anyone can build transitions and splice videos together with it because its all drag and drop. Everything is the same motion.

There are situations when both are more appropriate. Configuring Samba with a GUI for instance is almost always a mistake. Doesn't mean it will always be one, they will get better and soon enough the graphical tools will perform all the tasks most people need. It's the greatest good for the greatest people, and since the cli is still there in the background, those that would be hurt by it are not.

Re:Command Lines Different kind of Learning

You gotta be kidding. Every GUI's Find feature allows that, and the move part is the same as always.

Now if you are actually talking about automating routine tasks, that's programming and is a different story. (And even programming is often done from a visual IDE nowdays -- NO CLI).

Re:Command Lines Different kind of Learning

[Vancorps]

Typing in a path is not the same thing as typing in a command. And it is definitely not easier for anyone not already familiar with how the file system is organized. Think you going through the hundreds of the thousands of files and directories I have in my 16 terabyte array. It would be a lot easier and not to mention faster to look at the directories and read the comments to the left to figure out where everything is. Of course, it would be even easier to search but depending on the content that isn't always possible nor an acceptable use of time.

I also never said in my previous post that the mouse was at all faster. I said it was easier. A lot of people confuse the two. I can write a sql join 50 tables wide by 5 databases tall quite quickly, but its far from easy because I have to make sure all the relationships are aligned. In such a situation it is also faster to use a GUI which already knows all the relationships.

Also, I'm not sure where you figure my typing was done with a mouse. Sounds to be like someone is either confused or making assumptions about a person making a statement because he can't come up with an argument.

Now, extensions, why the hell would you change an extension? Seriously, I know there are situations where an AVI gets renamed as an MPG because some idiot wants to create a link to his page when the file is viewed but realistically this does not happen to a large number of people. Plus, I am always sure that I typed the extension properly because I have an icon and in some places thumbnails that show what the file is. It is also quite easy to change the extension. Should it be in the default state then it is three clicks to fix the problem for good.

It also sounds like you've got a slow computer, possibly antique if the GUI has to spend any time rendering the directory structure. Or maybe all your data is in an array of chaos in which case. I wish the best of luck to you in your endeavors.

Re:Command Lines Different kind of Learning

[martin-boundary]

Sorry, but learning to click a mouse is a lot easier than learning "mount

Ha! Try telling that to my mother, who likes to hold the mouse with two fingers, then lifts the hand and presses the (more often than not) wrong button, while imperceptibly pushing the mouse off to the side.

She's quite capable of pressing the letters on the keyboard accurately, though.

Re:Command Lines Different kind of Learning

[Ralman]

Aw crap, now I really screwed that up. I was reading over the posts and mentally merged the commands for lilo and a copy. Then on top of it I came up with an argument for something not even mention in the post. Too much allergery medication I guess. My bad... sorry.

There have actually been many times I have had to change extension on files, usually due to someone else sending me something in completely the wrong format. Being a web developer by trade I am always getting .gif/.jpg files with a .bmp extension, and the file still being in a bmp format. The best ones I get are .doc where it should be .html <rant>Word is NOT an HTML editor, and a web site is not a word doc.</rant>

Re:Command Lines Different kind of Learning

[Vancorps]

Maybe she should use a different mouse. The fact is, she wouldn't know what to type unless instructed. There's no mechanism to show the user what is available until you teach them ls and man. Even man falls short because you have to know the name of the app you want help with. A lot of people don't know what netfilter is for instance.

I might also add that it doesn't sound like your mother is an average computer user or even a newbie as I've seen six year old kids from China that have never used a computer look at a mouse, move it to see what happens on the screen and within a few minutes they are off getting into word processors, spreadsheets, generally applications that makes sense to them on paper.

A mouse that works for most people

Re:Command Lines Different kind of Learning

[Vancorps]

On a side note, something I actually like about Office 2003. You can strip out any non W3C compliant code and force Word to be a standards compliant editor but there is no HTML involved so you're definitely right, its not an HTML editor.

As a web developer myself the only times I change extensions are when I'm converting formats. Often times I am given a psd which I proceed to cut up into sometimes hundreds of jpgs and gifs. Spose that's because I'm fortunate and work with people that know what they're doing. Doesn't sound like its the same everywhere.

How "root"ed are users on linux/BSD/etc.?

[unfortunateson]

I'm not a desktop linux user, although I've got a Knoppix disk around for when I had a corporate machine and wanted to be able to play games when stuck in a hotel room and not violate the "don't install games" policy (among many other things).

Windows 'grew up' (OK, it's only in its adolescence, from how often its face breaks out) on a one-user framework. Linux' unix background has always had the root+users built into it. But are the 'desktop' users of Linux normally the root user?

Even with NT/2000/XP, I can't live without being "Administrator" because of the frequency of installing software, if only for a test drive. Logging off and on is a pain in the butt.

On the other hand, the inability to install software (as simple as Perl modules) in 'my' space on a shared host is one of my biggest incentives to leave my shared host for a dedicated server (not worth the 6X cost increase just for that).

In my mind, what Windows needs is a simple, "This requires Administrator Mode to continue. Please enter the Administrator password, or click cancel to prevent this from continuing." dialog.

That would let me run in a safer sandbox, with minimal hassle, and a pretty darn stern warning that isn't any less secure than leaving idjits in Admin level like they are now.

Re:How "root"ed are users on linux/BSD/etc.?

No, most Linux users are not root. Knoppix dosen't run as root, it runs as a user called knoppix. Must linux distros have what you describe, which is used for running tools like software installers. You should try installing Knoppix to a hard disk by clicking the Shell Screen icon, type su, then knx-hdinstall and install Knoppix to disk. It will promopt your for a root (administrator) password and a ordinary user account.

Re:Here we go again... MOD PARENT DOWN

Why is he talking about popularity? The OP is talking about how usability affects security, not how popularity affects security.

Maybe he's saying popularity and usability are the same thing? Well then, we know where LODT's problem really is. : )

Answer from a Psuedo Linux Newbie

[cb8100]

Quick answer: Yes. Making Linux more "user friendly" will potentially make it more insecure.

The main thing about Linux (as with all true multi-user OSes) is that a regular user can't do much of anything. User's can't install a new program or a simple browser plugin. Hell, some Linux distros don't even let regular users mount and access USB drives, floppies or CD-ROMs.

Doing away with the need to login as root (or "su") to do anything more than running installed programs. will definitely help make Linux more user friendly, but that is precisely what keeps Linux secure. I am currently migrating from Windows to Linux and I often forget to "su" before installing a program. It gets annoying, and may be one thing that keeps Linux from being an everyday desktop OS for the common person.

Now, I -- and several other geeks -- are taking (or have took) the time to learn Linux and have the patience to deal with its quirks. The problem is, Joe Average Computer User doesn't have the patience. He's the guy that only has the Administrator account on his Windows XP box because he can't be bothered to log out and install software as admin. Joe Average needs to get something done, and it needs to be done now. Joe Average is the user that defies all of the warnings about running as Admin. I honestly feel that typing "su password" then changing to the proper directory is something that the average user just doesn't have patience for.

If no one ran Windows as admin, it would still be a flawed OS, but its vulnerability would be significantly decreased. Linux, so far, has a low vulnerability, and I believe that is because no one (hopefully) runs Linux as root all the time.

If you give Joe Average a Linux box and show him how to use it, he'll probably never use the "adduser" command. He'll treat it just like his Windows box and will always be logged on as root.

Now that I think about it, I retract my original answer. Making Linux more user friendly will not necessarily make it more insecure. Giving a Linux box to Joe Average Computer User will make Linux more insecure because the average computer user can't be bothered to learn how to keep his box secure.

Probability

[CubicEntity]

IMO: More usability means more code, more code means the probablity for vulnerablity increases. This means as more code is introduced the probability for vulnerabilities is also increased. So, I would say the probability for Linux to become more vullnerable will increase as usability increases.

WHAT KIND OF DISTRO ARE YOU USING?!

I use Mandrake 10.0, and I never had something to do something like that to access my CDROM! I just insert the cd, the icon appears on the desktop, i click it and there I am! Looks like your using a pretty messed up distro!

Linux could do it better than MacOS

[wayne606]

My impression is that OSX has lots of backdoors because they had to make a tradeoff between shipping an OS on time and getting it perfect. I'll bet it will get more secure over time - Linux/UNIX is secure by design (unlike Windows) and it's just a thin layer of setuid utilities that cause the trouble.

On my Linux box I can put a CD in and have it automatically mounted as /mnt/cdrom. That's not a good example. What about adding new users? Can you make a bulletproof setuid useradd ? A bit more of a challenge.

Anyway, users having root access isn't a big deal. Say a user is maximally unsafe and always logs in as root. Then a virus can trash his whole OS. He will have to restore the OS from the install CD and then his files from his most recent backup.

On the other hand, say a user is very secure and there is no way for a virus to get root. So it just does a rm -rf ~. He doesn't have to install from CD but he does have to restore his files. Probably that won't be a big consolation when his last backup was 6 months ago.

Does making cars go faster make them more...

[ikeee]

I guess the person who posted this has a very simplistic approach to the question he poses. With the same logic we can ask does making cars go faster make them more prone to accidents? Well, an uneducated answer would be a strong yes? But when you consider the fact that there are tons of other factors that play into an accident, it becomes obvious that relating one cause (ease o use) to a result (level of vulnerability) is not so easy.

Yes and no answer.

If you were to make Linux AS userfriendly as Windows, I am sure it will be as vulnerable. But the question should be, is how much user friendlyness is neccessary? Can Linux sacrifice some ease of use for avergae joe and still maintain enough security for avergae joe? That is what needs to be answered.

You have it backwards.

[Anthony+Boyd]

Will making Linux more user friendly result in it becoming less secure?

Stupidest. Question. Ever.

Look, can you honestly suggest that making things UNfriendly will somehow secure Linux? By making settings confusing and leaving things undocumented, you only serve to work against the user. Do you want defeated users deploying Linux systems? In fact, it looks like that is happening already -- the BSDs, MacOS, even Windows has fewer security problems than Linux (of course, I dispute the Windows part of it, since they didn't bother to count viruses). MacOS is the most user-friendly system in the world, and yet it has fewer issues than Linux. You might wonder about the BSDs, but at least in my experience, I don't see them getting deployed everywhere. So whatever 1337 system is in place now for Linux isn't working.

The problem is that Linux is now accessible to a huge chunk of the population, but only half that chunk of the population can slog though the proper administration of a Linux box. This has to balance out -- if we want to push Linux out to everyone, then everyone ought to be able to figure out how to secure it. If we want to limit Linux's penetration to "power users and above" then we have to be sure Linux can be secured by them. Whatever line we draw in the sand, we need to cater to those people. If that means better or more robust help systems, great. If that means more people need to volunteer to document the apps, great. If that means that we should program defensively, defaulting to the more conservative options and putting the dangerous settings under a tab labeled "advanced" then so be it. We have to accept the reality of where Linux is and tackle that head-on, not heads-in-sand.

"anti-usability" and security

[cadience]

An OS that is secure has more of a chance to be heuristically easy-to-use, than one that isn't. The goal of the OS is to provide functionality to the user. If the OS provides a means for someone to inflict damage to another without protecting them then certain users are leveraging some of the usability to make the system harder to use for others. I term this "anti-usability". In this regard the functionality of a system should protect the user while allowing them to utilize all the functions necessary to complete his or her tasks in a proficient manner. An easy-to-use OS can gain popularity. This popularity does not bring insecurity. It is actually those with the most knowledge of the system's workings that threaten the security of the system. These few are the ones that threaten the security of the rest, [name your social analogy here]. A large user base does not mean are large population of deviants. When designing an OS, an application, a weapon, or a can-opener, its important to keep those who are affected in mind. If the product is easy to use (ignoring distribution, market-ploy etc) then more and more people will use it. If the product is "anti-usable" then the product will be used in a more and more nefarious manner. If the system has a high easy-of-use (and possibly wide spread use) and a high "anti-use", then the system can negatively affect those that use the system for its original intent. It lays on the shoulders of the designer then to ensure that the system can only be used in a manner consistent with its original intent.

Re: Security && usability

alright :) you know what i meant.

Re: Toggle Switches

[schodackwm]

... toggle switches: good; rotating drum memory: script-kiddie proof!

Pessimists are never disappointed.

Bullshit

[gregm]

Tons of apps require writes to the registry to function... All versions of Quickbooks as a quick off the top example. It's stupid stupid stupid. I'm not a MS fan but they're security problems aren't completely their own fault. If they were smart they'd use that monoplistic power for good rather than evil and force third party software vendors to write more secure stuff. I do IT work for an accounting office and they'd like to lock things down and can't because of stupid shit like this.

Re:Bullshit

[cubic6]

It's not even that they're writing to the registry. The registry has a perfectly fine spot (HKEY_CURRENT_USER) for things like user-install software and settings. There is absolutely *no* reason for software to write to other parts of the reg unless they're doing something administration-related.

Re:Mac Security - On windows too

[millahtime]

"is not giving any application run by a user permission to change ANYTHING other than minor configuration options without authenticating each application individually."

Windows 2k and beyond does this. If you want to modify something you have to use the admin password. Problem is there are so many other windows holes that this isn't a real stopper on windows.

Need some standards here

The thing that Microsoft has done security-wise is that it's developed its own standards for doing admin-type stuff. What Linux needs is a standard that gives the "are you sure?" question to non-techie users, even if they do have the root password. i.e.:

rm -r /*
Are you sure?

this message would basically be the indication that you're doing something that's going to modify how the system works. Now, for software installs, the software install needs to be able to check all of the operations it's going to do, and ask the "are you sure?" question if anything needs root access. Standardize these two things, and Linux for the average person will be happy.

As far as services, etc, go, leave it the way Linux does it - it's the right way! Don't turn anything on until it's needed. Yeah, Joe Luser is gonna whine that he has to try something and fail because the service isn't turned on, but it's better than having to unplug your machine from the network jack because you can't figure out which useless service is letting intruders in.

Honestly, most users would learn a bit by using a typewriter, a calculator, and some pigeons in place of their computer anyway. Although, they're probably the same users that need a CERT advisory to keep them from jamming the typewriter by placing badly-folded recieved papers from the pigeons. (mental image: a malicious raver-lookin' dude making michevious faces while folding paper and attaching the sheets to pigeon's legs)

What is program_name ?

[tepples]

So given a task, what are the appropriate program_names? A GUI OS would typically have a hierarchical view of program_names.

Caugh, caugh. "Cought"?

Is this an "Ask Slashdot" or an advertisement for Krispy Cream and Apple?

Commercial editors generally check spelling. Slashdot editors on the other hand ... well, nobody is really sure what they do, but they don't check spelling.

So, I think it's pretty safe to assume that the answer to your question is the former, rather than the latter.

Re:Caugh, caugh. "Cought"?

Make that two.

It's Krispy Kreme, not Krispy Cream.

WOW!

[Thunderstruck]

Philosophers of the future may ask, how many unsupported assertions can dance on the head of a post? This post for example:

1. Asserts most people could never develop the talent to write a book.

2. Asserts that natural language is stable even though we don't all speak latin.

3. Asserts that language is natural, even though there are thousands of incompatible variations. (Sex is natural)

4. Assumes humanity evolved over millenia

5. Assumes language is less "important" than vision.

6. Assumes there are plenty of taglines with pretty ASCII pictures that cheat character limits on /. posts.

Re:WOW!

[bareshiyth]

You sure got that right! I've been reading along just amazed at those "assertions" (or "assumptions"). Checked out this thread a bit curious about the original point, but sidetracked into this rabbit trail... and kept on just wondering where these folks were going to go, and if anyone would ever realise the unreality of it all... By the way, you might add the assertion that icons aren't a language in themselves that must be learned. For example, the icon of a printer on my task bar... will only mean something to me if I know all about my computer, paper, printing, what a "printer" is, and have enough experience to recognize that generic image, etc... The primary advantage of an icon is its multi-lingual, or cross-cultural currency. Rather similar to the way North American Indians (or native americans, to be "pc") could use "sign language" to effect some rudimentary communication between folks who couldn't understand a word they said.

Patches don't always help

[tepples]

Newly installed operating systems with known vulnerabilities are vulnerable to worms even before the user on dial-up can manage to download and install the service pack.

it will be less secure, logically

[DaveJay]

The easier you make something, the more likely it is that an inexperienced and/or incompetent person will feel that they know how to use it -- and increase the likelihood that they will make a mistake.

On the other hand, the harder you make something, the more likely it is that an experienced and/or competent person will make a mistake inadvertently.

The sweet spot for danger seems to be:

Hard enough to make mistakes possible, but not hard enough to make mistakes obvious.

For example, let's say you need to set up a network card.

If it's so difficult to do that you need to be extremely knowledgeable just to bring the card up in the first place, you will make lots of mistakes, but you'll have to get everything perfect to get it working -- which means you won't have random incorrect settings or unnecessary options selected (if you did, it wouldn't work.)

If it's so easy to do that you just click a button and the network card comes up, then you don't have any opportunity to make mistakes.

Split the difference, though -- click a button to launch the network card, but provide thirty little options that may or may not be necessary to change -- and suddenly mistakes become likely, and you might go a month using a configuration that "works", but is (harmlessly) slower than it needs to be or (harmfully) woefully insecure.

GNU/Linux programmers need to make a choice: make it really, really foolproof, or make it strict and demanding.

Note: It should be obvious that, historically, UNIX leans toward the strict, Mac leans toward the foolproof, and Windows floats in the middle, which causes a lot of security problems. Don't believe me? Consider networking via NFS vs Rendevous vs NetBIOS...

Re:it will be less secure, logically

[zpok]

I don't know, maybe the only option here is to make it really really really really easy?

Home user wants wireless network, buys airport and airport card (or third party wireless card), plugs and fits them in, looks at control panel and un-checks the option to allow anonymous guest access to the network.

Take into account user is already behind a firewall, is using a UNIX system and is not Root.

Now translate to Linux, do you really want to make it more complicated?

Why?

As in OS X, in Linux the experienced user can go as complicated as he likes, but there's no need to make it required, unless you're really not in the business of selling network cards ;-)

Unix/Windows history

[l33t-gu3lph1t3]

Things that need to be expressed before my opinion:
-Microsoft does not hire retards. Their programmers are skilled.
-IBM,Sun,Novell,etc, do not hire retards. Their programmers are probably equally skilled with Microsoft's.
-Linux was inspired by Unix
-Unix is a multi-user operating system originally designed during the dawn of computing for big iron mainframes accessible by client terminals via command line.
-Computer "users" at the time of the creation and dominance of Unix knew, more often than not, how to program, do shell scripts, etc. They were very computer-literate. To use a computer in that age meant you knew how a computer worked.
-Windows began as a (more or less) single user operating system intended to run on PCs, not mainframes, and is used more often than not by people who know nothing of programming, or how a computer works abstractly.

Before you jump to say that Microsoft produces crap code, think logically. The Windows O/S may be considered to be a history lesson for all the O/S programmers out there. Learn from it. Sure, they didn't invent the GUI. Sure they weren't the first windowing O/S. But consider that Windows is the first operating system to reach the level of adoption that it has. They have to support every common architecture, network protocol, hardware design, etc, in the world.

If Windows serves any purpose to you guys at all, it is to illustrate what works, and what doesn't. From their example, user stupidity has been illustrated. Never more than now have programmers been aware of the need to balance ease of use with covering for the ignorance of a user. From their example, we've learned that the user really shouldn't be trusted to be a good admin, that firewalls are a good feature to build into an O/S, etc etc. Microsoft has proven useful in studying the effectiveness of GUI systems and their pitfalls.

Don't sit and criticize Microsoft. Take the lessons they had to learn the hard way, and use them to make better code. That's essentially what Apple did with OSX, even though for them it was a lot easier - they don't have to standardize for all hardware and software configs. They offered very limited backwards compatibility, as ugly compatibility hacks aren't good to keep in code :)

Re:Unix/Windows history

[Azureflare]

Exactly. This is why we need to at least educate the user to some degree, so they aren't totally ignorant about their system. Finding a happy balance between Windows and Linux is going to be difficult, but I think it can be done.

There's no reason why we can't make GUI's as Mandrake has done in the Mandrake Control Center, which allows you to visually control the firewall/local security settings/local services, all in one handy graphical interface which is easy to use. I think a possibility is better descriptors of system process, not stuff like httpd for apache, and not xinetd for whatever it does (i'm still not sure), etc. etc. The only problem is, this can cause confusion, especially amongst experienced users; but I think there could be an option to enable or disable the newbie mode. (Gosh, That sounds like a really good idea...) I'm sure others could figure out stuff that would make it better too.

If we can make it easy for the user to configure the linux box, without having to have indepth knowledge of hacking config files and the CLI, then Linux will be highly accessible to most people, while still making them learn just enough about their computer so they aren't totally vulnerable.

I think one of the reasons people like Windows is that they just don't have time to learn about how to properly secure and configure the operating system. Windows says "Ok, you're the customer, you're always right..." and doesn't complain. Vendors of Linux distributions should realize that, and make it so that users can spend the minimum amount of time required to adequately secure their box, while still allowing the option for power users to configure the linux distro as they wish.

Like I said, I think it would be awesome if there was the ability to toggle newbie mode on and off. It would require a lot of work (a hell of a lot) but the result would be what Linux needs to be accessible to the masses.

Re:Unix/Windows history

[maximilln]

I've never implied that Windows programmers were retards.

Windows was was not created with the same goals, nor does it have the same intense commitment to excellence, that is definitive of Apple and *NIX. Windows was created as a corporate entity whose first purpose is to deliver a product and maximize earnings. Windows had business competition that Apple never had to worry about because Apple used a closed model where Windows dealt with an architecture that was much more open. Consequently Apple could afford to devote more time to troubleshooting and improvement while Windows had to release a buggy beta Win95 in order to beat OS/2 to market.

My ethics are stringent however. If MS couldn't deliver a good product they should've done what the .coms did in 2000--dump the shares, bankrupt the business, and run off with the money. Delivering a bad product to the open market was the most irresponsible thing they ever could have done. Let the public whine about computers being hard. Other than the horrendous .com boom-bust cycle of the 90s which left most of us bleeding and only a priveleged few with increased wealth what positive effect have computers had on society that results directly from putting Windows in the home of every American who could really give a flying patoot about their OS?

Medical advances? Scientific advances? All of the important advances would have been made without Windows. The only thing the widespread distribution of Windows did was allow a large group of backroom hacks create pretty spreadsheets to wow, amaze, and swindle investors.

Mmmmmm donuts... *drool*

[jayveekay]

You had me at "Krispy Kreme". ;)

Apache seems to have plenty of vulnerabilities

[Len]

If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.

Apache has plenty of vulnerabilities, judging by the patch readmes over the last year or so. I don't know why they haven't been exploited. Fashion? Lazy hackers? Really diligent hackers at apache.org catching them first?

Q: When does usability become a liability?

[Unnngh!]

A: When the user is a liability.

Microsoft spends lots of money on usability studies. Ever wonder why the F5 key refreshes pretty much every MS app? This is, in my mind, what usability implies.

If the user is trained on a Windows environment, they will see parts of the environment as more-or-less user friendly. If they move from this to Linux, they will see the entire linux environment as non-user-friendly, until they learn the ropes.

Likewise, someone coming from linux/unix will probably find Windows horribly obtuse and inefficient, whereas a proficient windows user can do (most) of the same stuff a linux user can do and often in the same amount of time.

The main differences between these two OS's are, IMO, that Windows is lacking an adequate scripting language, and tries to keep users from doing damage to their systems. That being said, my windows box really doesn't try to keep me from damaging my system because I set it up not to--I know what I'm doing. Then, I spend the rest of my time working with other applications than the OS, many of which are open-source tools, that work just fine in either environment. From an end-user standpoint, I'm about equally happy with both, in reality...

friendly misuse

[Uzik2]

> the more user friendly Linux becomes, the more vulnerable it becomes

This is nonsense on many levels. It's just FUD.

Windows displaced DOS and Unix on desktops
because of ease of use and user friendliness.
Their entire corporation is built on what they
tell you Linux shouldn't be doing.

Vulnerabilities come from bad designs, short
sightedness, or cost reducing decisions on the
part of programmers, or (more likely in my view)
from design decisions forced on projects by
management.

It's most probably a rationalization by people
who are worried their part of the gravy train
is going to go away.

Balance of power

[BubbaTheBarbarian]

Can you really remember the last time there was a virus that did not take an action by a stupid user. I am talking about viruses in the classic séance, not the ones that rely heavily on social engineering as most of today's do.

The last one I remember that was not totally reliant on social engineering was the CIH virus, something the spread over time, then hammered everything in it's path.

OT I know, but my take is that if a company creates a user account that is balanced between usability while limiting the ability to do something stupid, then Linux will be fine. Windows does not do this, ergo you get stupid people with ability to do incredibly powerful action through sheer ignorance.

Nah... I only log in as root:)

[CPNABEND]

And I don't run backups, cuz' Im a perfessional! I don't care what Billy G. says, computers are never going to be easy to use for the mere mortal... ESPECIALLY the ones that like to "futz" because they think they are power-users. Until we get to the movie world... Where the system says, "I'm sorry Dave, I can't do that"

Gut feel on this

[scovetta]

I see Windows as being so vulnerable for 2 reasons: (1) with such a large code-base and so many interdependencies, it is difficult to keep the quality "perfect", and (2) with such a large user-base, the number of eyes poking and prodding will naturally lead to more discoveries.

I don't see Linux adopting (1)-- even though it's probably a few gigabytes with everything installed, the base kernel is much smaller. When you separate the operating system from the utilities and keep the interfaces clean, you can build secure software. If you have every application you wrote executing in kernel mode so that your web pages load 10% faster, duh, you're going to have problems.

As more users switch to Linux, however, more bugs will be found, and M$FT will be happy to point them out for us. I don't see Linux developers as "better" than Microsoft developers, they're just working with different things in mind.

I had a professor once that claimed that just about everything that came on a computer was "part of the kernel". This is a mistake, IMHO. A kernel needs to be only large enough to provide an interface between applications and hardware. If Microsoft focused on this for a while and tightened the Kernel code, I think the rest of their problems would become easier (I mean really, how hard can it be to go through the IE code and fix the 1001 bugs it has now?)
</rant>

Security through confusion?

[skintigh2]

I've heard of the myth of "security through obscurity" (i.e. hiding the key under the mat is secure because NOBODY knows it's there) but I have never heard of security through confusing the users (label the entrance door in chinese, I suppose).

Perhaps the poster is suggesting a new paradigm: security through UN-usability: if NOBODY can use a system then it should stay pretty secure. (Do you know any Atari ST 'sploits?) Heck, even if it isn't then who cares because nobody uses it.

Because it lost in the marketplace?

[David+Hume]

Why do people think that the command line is *not* "user friendly"?

Perhaps because it lost in the marketplace?

Perhaps because there is not a great market for CLI only computers? Even if they were sold at a discount?

Perhaps because the overwhelming majority of people who own computers that are both CLI and GUI capable choose to use the GUI to operate them?

More seriously, the question probably should be "user friendly for whom?" For you and perhaps many Slashdoters, the CLI is more user friendly -- at least for certain tasks. But the market indicates that for most people that is not the case.

Unrelated issues

[Ozwald]

Microsoft may be famous for security issues and for usability, but they are certainly unrelated.

For example, if I create a control-panel application that modifies the Apache conf file and runs apachectl on Apply, have I introduced security holes? Ofcourse not. Even if a guest runs this program, the permissions to do anything don't exist and Apply has no choice but the throw an exception.

Instead of giving up on usability because of fear, try coming up with user interfaces that lower the learning curves. Put in smart, secure defaults. Have an basic/advanced option to cut down on choices presented to users. Build common interfaces so an administrator can learn a new tool quicker. And we are still talking about *nix here, none of these tools have to divorce the text files and command-line tools to do this. If you want to get really fancy, have a output window that shows the user what is being done in the background.

Not that any of this hasn't been done already.

Ozwald

The answer is "no"

[retro128]

Windows was NEVER built with security/multiple users in mind. It just kind of was added on as an afterthought when they got into the networking game. The problem Microsoft has had has always been of one with backwards compatibility. Windows 3.1 apps had to be compatible with 95, 95 apps had to work on 98, and so on. That's why to this day any app you install is going to drop something into the /WINDOWS/SYSTEM directory. Applications for Windows were pretty much written assuming that they will have full access to everything in the system. In a lot of cases that's still true today (for instance, an HP scanner driver/program I installed won't work properly on any other account besides the one that installed it).
When you install a Windows app, it typically wants to go in and overwrite/add .DLL's, write stuff into the HKEY_LOCAL_MACHINE registry hive, and other such important things.

Linux/Unix, on the other hand, has always, always always been about networks and shared access. And the apps have always been written as such. Users can install and run apps straight from their home directories without having to add or change anything in /sbin, /lib, or /etc. Primary system files never need to be touched, nor should they be. If someone wants to change the look and feel of their shell or X, they can write the appropriate file into their home directory.

I guess what I am trying to say is that Linux won't be necessary to "open up" as it becomes more user friendly because it and the apps that run on it have been written with the idea that it's a shared system. Give the user their sandbox to play in and don't let them touch the rest of the system. Saying opening up the system Windows style is apples and oranges because Windows was originally created with a single, trusted user in mind, and it's been impossible for Microsoft to extricate themselves from that trap they set way back when. If you want an analogy, take a look at SMTP. If it was originally built with distrust in mind would we be having the problems with spam we are today?

Re:Hey Assclown:

MySQL has autocommit enabled by default.
See here.

The argument is simply pointless.

The two topics do not *need* to be related.
simply put:
rsh vs. ssh

--ignorance was bliss.

of all the stupid questions...

[zpok]

OK, once more we are talking about Joe User aka Joe Six-pack and Aunt Tilly. Freely translated: "morons that use computers and only talk human languages like French and English".

Also, I assume we're not talking about people who have the luxury of once every few days having a sys-admin looking at them through their nostrils.

So, in other words, we're talking about people who are responsible for their own security.

What do you think? Would making/keeping security mechanisms really complicated make Linux more secure?

To me it seems a far-fetched extension of the security through obscurity myth. And it doesn't surprise me one bit this is a MS Admin belief.

Come on guys, blame it on the GUI ;-)

It doesn't HAVE to but it likely will...

[praedor]

increase the vulnerability. Look at Lindows. Its behavior was to essentially make it easy and have all users run as root. That makes it little better than windoze as anyone could totally dork the system or help a virus or trojan come right on in. I understand that there has been SOME improvement but still the option is left there for user-as-root.

I think that this should be absolutely proscribed in any and all linux distros. Make it as easy to use as you wish but NEVER EVER permit the option of user-as-root. FORCE people to enter a username and password that they will use and do not provide a root login icon in kdm/gdm/xdm. Make users login as user and then go superuser if they must, the way Mithras intended it to be.

If you make it too easy, as in reducing the steps needed to setup all the various system settings, then you automatically make it more vulnerable to both stupidity, error, and leveraged attack by malware.

It CAN be made much easier without needing to open the system to some sort of user-as-root nonsense.

it's not simplicity, it's ancestry

[yagu]

I respectfully disagree with the thesis that ease of use and security are somehow directly related. They are IMO, at best, indirectly related.

Moreover, I think a lot of the MS Windows XX security issues stem more from derivation and ancestry than simplicity to use (the discussion of whether Windows is simple to use is a whole 'nother discussion!). That is, the roots of Windows is the PC, with the emphasis on "P", i.e., "PERSONAL". When Windows was spawned, the notion of multi-user was non-existent. Even Windows NT, XP, etc. is not really a multi-user environment. Soooooo, when Windows had to come up with "multi-user" architecture, the groundwork had been laid, and the whole multi-user framework has been layered on top of the "P", with all of the convenience functionality mostly intact (default root access to directory structures (anyone can download and install software)), e-mail's launching executables for those users with, by default, root privelege, etc.

Yes, these are artifacts of "ease of use", but the insecurity is not because of ease of use, but more because MS chose not to go back and re-craft the "single user" framework.

Just my $.02.

ANOTHER PERSON WHO HASN'T RUN LINDOWS

Lindows does not run as root! I know because I tried it! I wish more people would try Lindows and learn the truth!

Easy to whom?

It seems reasonable that there would be some degree of trade-off between ease-of-use and security. You can't have both zones maxed out.

However, you CAN have both zones minned out.

In the case of Linux, the security is very high, and the ease of use is middling. It seems reasonable that Linux could still make SOME progress in the ease-of-use area before it starts sacrificing security. And, if Microsoft is to be prevented from owning the entire industry, Linux better get cracking.

However, making it easy-to-use for technicians is different than making it easy-to-use for the hoi polloi. Non-techies will demand a degree of ease-of-use which necessarily sacrifices much (if not all) of security, largely because of their lack of technical education.

I propose that such people be given souped-up playstations, and that real computers for real mission-critical systems be maintained by the educated geeks who appreciate the robustness of secure systems.

But thats just me.

Re:Easy to whom?

why did you reply to that message? just because it got +5 funny? wtf?

Why Linux Makes for Bad Interfaces.

Will making Linux more usable decrease its security? It doesn't have to, but it will.

Writing a program is easy (relatively)
Writing that program so it can be used easily is sort of hard.
Making it easy _without_hiding_functionality_or_increasing_overal l_interface_complexity_is_very_hard_ (program complexity is part of the cause of bad security)

OSS developers will likely never take the time needed to research, design and test their interfaces to make them as good as they could be.

Linux is also at a serious disadvantage in the interface arena because there's no one that can set a standard for interfaces. A standard is important for any platform because learning one application then makes learning others that much easier. Linux is not likely to every have such a standard outside of projects that create whole suites of applications.

One possible help could be tools like the NeXT/Mac OS X interface builder. It wouldn't make it easier to research or test, but it would be easier and faster to implement any design, so OSS devs would be more likely to spend time on testing at least.

I think GNU has an interface builder clone, but I doubt that anyone uses it. I mean, why should OSS care about usability?

Security != Human Engineering

[Allen+Zadr]

That's stupidity engineering, not security.

Look, the reason why Macintosh is decent at security where other OSes fail is that 'root' is NOT required to run games, or record a DVD. RedHat 7, 8 or 9, start cdrecord (xCD-BURN), and it asks for the Root password. That's just plain nuts from a security standpoint.

That's why I'm very excited about the NSA Linux kernel extensions (there is no root, only levels of authority). This will give to Linux what Mac already has, and what all 'secure' Operating Systems need.
--
Even under NT, if someone doesn't need to belong to the 'Administrators' group, then this cuts the spyware, malware and virus installs my more than half. Cut PowerUser access and your down to a few percent of bad things that can happen.

But game manufacturers keep putting out games that won't run without Administrative access.

No Maybe

[4of12]

Does decent usability necessarily imply the presence of vulnerabilities?

Just because that's the broad experience of users with the current environment of "usable" administrative tools doesn't necessarily mean that it must be so. It's empirical evidence based on a sample size of ... well ... approximately one company.

However.

It is a caution. It shows that it is quite possible to (unintentionally) make system administration more unsafe when pursuing a single-minded goal and when the ideas for EZ system administration aren't subject to the kind of open scrutiny and community improvement that FOSS developers can provide. When a single company owns a market, it's tempting for them to "speed up" the standards process, to "innovate", and make something Really Great that later, turns out not to be perfect.

Practically, I've been encouraged that the free mail clients and free web browsers I use under Linux haven't been afflicted with "Automatically Run This" features of convenience to the degree that my Outlook and IE running friends have to contend with.

I will say though, that I've been nervous about various things that "wget something; cd something; make" redcarpet like packages and their potential for abuse.

Top level management

[Aram+Fingal]

There are a number of things which contribute to usability but I think one of the most important is consistency. Historically, Apple's human interface guidelines have made Mac applications more consistant from one developer to another than what you find on other OSes. This principal not only applies to the GUI, where you want common commands to always be in the same menu, with the same keyboard shortcut, from application to application, but it also applies to the command line where you want arguments to be formulated in the same way from one program to the next. Achieving such consistency is a matter of top level management. You need as many developers as possible to follow the same guidelines as each other. Ideally, you want someone or some group to review all the many development efforts and see that they follow good practices consistently. Such management would not only look for consistency but also look for common programming mistakes like buffer overflows. Linux developers are implementing some top level management (in a decentralized sort of way) but perhaps they should consider more. In a nutshell, good programming practices improve usability and security at the same time.

Re:This depends on what you define as ease of use.

[tyrione]

If your claims are true than be professional and list these ease of learning via CLI over GUI.

Otherwise, be like most of the folks who write without substance.

Been that way since 1984

[daveschroeder]

At least you understand it's not an "MP3 virus" or some kind of issue with iTunes, as others believe.

1. All Mac OS and Mac OS X applications have always been able to have any icon.

2. All Mac OS applications and all Classic/Carbon applications under Mac OS X, have always been able to have any name...including misleading names.

I would hardly call this a "deep-rooted, system-wide flaw". What does a Linux command-line executable "look like"? And indeed, it, too, can have any name, yes? Is that also a "deep-rooted, system-wide flaw"?

In fact, this item is revealed as the application that it is in every Finder view *except* icon view (which is also how it will appear on the desktop). Even a simple Get Info reveals that it's an application. The "solution", if one is needed, is to visually badge and/or identify something as executable, possibly with some small addition to its icon, as is done with aliases.

But no, this is not a "flaw" any more than it's been for the last two decades. (And for the market share number enthusiasts, this EXACT same "technique", as it were, was possible during the heyday of Mac market share as well. In fact, it's probably been "exploited" countless times. That's because the "exploit" is nothing more than tricking the user into running something they shouldn't.)

Usability and choice

[Intrigued]

Actually, it may turn out to be exactly reversed.

Usability frequently means reducing options to the user and streamlining advanced functions. For example, how many windows users know what to do with a command prompt? Most companies running windows disable the command prompt because it is not needed for the average user.

Fewer options and less user access to advanced features may increase the security of the system.

The user interface can be viewed like a protocol. The underlying framework makes more of a difference to security than the asthetics, form or content. Linux isn't secure because it was originally designed as "not usable". It is secure because it (and it's components) was designed as a multi-user system with security in mind.

The absolute demonstration of this is to compare windows 2000 with MS-DOS. Which is more "usable" and which is more secure?

my 2ps worth

[fiddlesticks]

Well, when I started using linux, I couldn't get on the 'Net with it (winmodem grrr) - so *that's* secure, yeah :P

In all seriousness, usability and power do not have to come with inbuilt insecurities - look at a pro knife (Stanley, or something)

It's both more powerful, and more safe, compared to an ordinary kitchen knife

Moving away from metaphors, to take something like a MUA (Evolution?) or a browser (moz?), what are the points of failure? Most of these - surely - ar at points that end users don't actually want to use -, say, loading images from other sites, or randomly executing a random attachment

Enabling these holes isn't what makes something easier to use - modifying, say, 'add sender to address book' *whilst* ensuring that that isn't itslef a new vuln. is what counts

Doing something different than everybody else.....

[whoolwerf]

hmm.. Good one I think.

The problem is, I think, that most (server) applications are set up with some sort of expert using a console interface in mind.

Windows applications on the other hand, are set up with a graphical interface in mind.

With linux applications, I usually find that to make it as secure as possible and tweak all settings you simple cannot do with a graphical interface. Might be the interface, but in windows you also see people exploring the registry.

I think in time, on linux, when configurations get less cryptic and default settings get more usable in most situations (in which the community is already doing a great job btw) most common things can perfectly be done by a graphical interface (I already see myself adding virtual domains to my webserver by linux-config-httpd).

But in the end, the problem always remains (the way I see it): The end user always wants something different than the rest and thus, the administrator wants something different than can usually be done by graphical interface. So you need a console (or registry).
Ofcourse, doing something different than the rest, is what our commerce exists from. What else could be a reason to choose one product above another :D

Ofcourse, there'll be dozens of other ways of looking at this, thus: Happy discussing :D

Re:Cought?

[sumdumass]

Kind of makes you never want to got krispy kreme for donuts now doesn't it.

sandbox

[cyrilc]

I think that the risk today is greater just because it's not user friendly.

Let me explain
example: KMAIL

When this nice tool shows an email in html format to "joe user", it desactivate certain dangerous tags such as REFRESH (and many others) that should never appear in emails (i.e. brings nothing to the readability of it)

Now, with the problem of worms, Linux is still left untouched because of the user base that is much more "IT knowledgeable" and the diversity of tools that make the writting of worms more difficult.
...but that's still not enough !

Any worm could easily destroy the user's data if an attachement is run without control

OTOH, if the user is granted with a nice interface when the attachement is clicked and instead of saving it right in the home directory, why not running it in a sandbox (chrooted), with limited ressources (ulimit) etc.

This could be the best of both world : better security and more user friendly !

YET ANOTHER PERSON WHO WAN'T READ THE HIG!

[Krik+Johnson]

Please read this, then use Gnome 2.6! You will see that your comments are -1, obsolete!

Its not ease of use its abuse

[DarkOx]

Makeing Linux totaly point and click and simple to configure would not make it less secure. (Please note I don't want to see what I just wrote actually happen). If we can be honest and stop trolling for a seccond recent versions of windows have had the potential to be very secure. Most these huge worms and the like we becasue machines were badly misconfigured and we running al sorts of services that were not needed by those users. The rest of the big windows holes have been result of people being loged in as Administrators all the time. Granted wholes such as the one in the help system should not happen but, they really can't hurt you if you are not an admin or a power user.
This issue here is that if you make it easy people just sit down and use it. If you don't make it easy they have to read the documentation and while they are learning the bare minimum of how to do the setup they also get the theory of how to do it right. GNU/Linux could be a security night mare if you let some noobie build your server, and he makes the permissions on everything 777.
The thing many windows users do stip stuff like that becasue its easy enough for them just to click around unill it works. Most *nix users don't do stuff like that because all the noobies can even figure out how to login untill they read the docs, and when they do the learn what stuff is for and how it *should* be used.

One word: modular

[PinkFreud]

The big problem with Windows is it's basic design: it's not modular. Just about everything in Windows is interdependent on something else.

UNIX (and Linux, being based on UNIX) has far more modularity built in. Do you absolutely need a GUI to run a server? Must you have KDE if you want to use WindowMaker?

With Windows, when a security hole is found, it often takes months to fix, since Microsoft has to figure out every aspect of their software which is affected by this bug - and even then, their patches tend to not fix the entire problem.

This isn't necessarily the cause of being user-friendly, though. Rather, it's the *way* Microsoft chooses to implement user-friendly - in the least efficient manner possible.

As an MS Admin and a Linux User ...

[kalidasa]

Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack.

Spoken like a true MSCE. No, making Linux more usable will not open it up any more than necessary. One just needs to make sure that there isn't 1. a scripting host with direct access to the OS configuration, 2. all ports open by default, 3. lots of services open by default, 4. all user accounts with root access by default, 5. applications that can call the scripting host unecessarily (can we say Outlook running VBS attachments on open in the scripting engine with Admin privileges on a default installation?). None of these things really effects users. The two main ones that would affect users are 1. installation programs - just make installers call for an admin password when installed on default-configured accounts - which is what RPM for instance already does - and 2. make passwords mandatory (is that such a usability hardship?)

Re:As an MS Admin and a Linux User ...

[maximilln]

The shell is a scripting host. There's always a subsystem that malicious code can get to if it can find an outlet in the application. Mozilla is way too big and crashes way too often for me to trust that web exploits won't start targeting Mozilla to deliver payloads.

Re:As an MS Admin and a Linux User ...

[kalidasa]

When was the last time you were able to get the shell to run stuff as root without being logged in as root or SUing? Comparing the Windows Scripting Host to a shell is an awfully problematical comparison. And your second comment about Mozilla speculative and has no real logical basis.

Depends on your idea of "User Friendly"

[lgas]

I think the notion of "User Friendly" should include more than just "easy to use". To me, a chainsaw is "easy to use" (just pull the cord and point it at what you want cut) but not "user friendly" because it's very easy to accidentally injure yourself, or others, or simply mess up the job you were trying to do if you're not an "experienced user".

If the chainsaw could detect that it was going to cut through human flesh and would shut itself down, or if had a screen that asked what angle you wanted the cut and how deep and then a robotic mechanism performed the cut exactly right, it would still be both easy to use (in fact, easier to use for the inexperienced user) and also more "user friendly".

Of course "experienced users" would be annoyed by the new interface and how long it took to specify the cut correctly and sooner or later someone would need to use a chainsaw to cut through someone's leg that was trapped under a fallen car or something and it would refuse to operate, costing this person's life... but it would be more user friendly.

Security needs to be usable

[annodomini]

Usability and security are not opposites. In fact, secure software needs to be usable, or else people won't use it properly, and will completely defeat the point of it being secure. Case in point, firewall software. If you need to edit a half dozen configuration files to set up a firewall, no one will have a firewall set up. If you have firewalls on by default without letting anything through, and make it difficult for someone to enable specific ports, people will probably just opt for the simpler route of turning the entire firewall off rather than figuring out how to set up a particular port. Even Mac OS X, which handles this fairly well, doesn't do it quite well enough. Most applications don't check to see if a port is firewalled when they bind to that port, and many don't even tell you what port they bind to, so in order to set the software up, I have to run it, turn off my firewall, portscan myself, and then add the new port I see open to my firewall configuration. In the ideal world, the application would pop up a dialog box saying "port 4242 appears to be firewalled. Shall I turn off the firewall for this port?", or at the very least, tell me what port it is and direct me to the system preferences (also, the firewall configuration shouldn't be in the "Sharing" preference panel).

There are plenty of other examples where making software more usable can make it more secure. I've used PGP before, which most of the time, is a pain in the ass, since I have to run all kinds of separate programs to generate keys and encrypt my text which I then have to paste into my mail program (yeah, I know, some have it built in, but mine doesn't [and yes, I know, you can get a hack to get Mail.app to use GPG, but it uses undocumented API's that are subject to change with each release of the OS]), and then do a similar amount of work when receiving mail. Apple's Mail can use X.509 certificates for S/MIME, which is pretty easy to use, although getting a key is somewhat difficult and undocumented. When I was working for a company which used Lotus Notes, however, signing and encryption were incredibly easy; in fact, your emails were signed and encrypted without you even knowing it, if they were sent to other Notes users on the same network. Now, Notes had problems of it's own, but that's the way security should work; it should be completely transparent to the user, so the user can work securely without having to worry about it.

The real danger with usability is making some of the software usable, while making the security features hard to use. This is the problem with Windows. On Windows, it is really easy to run an executable, but fairly difficult to tell that you're running an executable. On Linux, you don't have this problem because it's hard to run an executable, but it would be equally secure if you could easily run an executable, as long as it was clear that you were running an untrusted executable. For one thing, both Windows and the Mac need to do away with this file extension hiding business. If you can easily name an application Foo.mp3.exe and hide the .exe part (or Foo.mp3.app on the Mac), then it will always be difficult for users to tell that it is an executable, not an mp3 file. In fact, when double clicking on an application for the first time, the operating system should probably display a warning dialog saying that the application may be untrusted. This wouldn't effect most apps that people use, since they would only see that once, and then the operating system would remember that that app had been run. But it would make sure that if someone is double clicking a file that they didn't expect to be an application they would be warned, and would have the option of canceling that operation.

Nope

[butane_bob2003]

Vulnerabilities are created by bad programming, they are not necessarily linked to ease of use. Linux can continue to become more and more user freindly without running into the same problems that Windows has. Applications can be integrated without opening up holes in common libraries. Linux developers can learn from the mistakes of the past (uh, windows) and make sure to avoid the patterns that cause holes in the architecture. Linux usability can continue to improve without needing to 'dumb it down' or 'userify' it as I would say. An example of annoying windows userification:
My Documents
My Pictures
My Music
etc...
The 'My' in those file names adds no value to the idea of a documents or music folder. Of course they're mine, they are on my goddamn computer! Oh, then there's that 'My Computer' link... How could My Computer by on My Computer's desktop??? These are the things I used to ask myself when forced to use windows to access the corporate email client (lotus notes, another boundless bastion of usability). In OS X, some nice usage patterns are applied to the default filesystem, but the 'userification' is avoided by a clean heirarchy with clear names: System->Users->Documents This makes sense to a novice as well as an experienced user. Userification can be classified as anything that does nothing to help novices and makes experienced users feel like they are working with a system designed for someone who is develomentally retarded from a technical aspect. Another thing to avoid would be a completely disgusting default color scheme and cartoony window decorations. But these things have little to do with real usability. Integrated applications and clean, intuative interface controls are much more important. Ease of installation and configuration of OS components and applications is very important. There is no reason why improving any of these things should introduce vulnerabilities. As long as these features are not being hacked into the system in a ass backwards fashion, there should not be a problem.

Asbestos suit time

[jazman]

The problem with Windows is that it's *too* secure. Yeah, you heard me. Try using a Windows box without admin rights. I did, once, never again. It was some time ago so I can't remember what the problem was. And you can't just supply the Admin password, you have to logout, kill all your apps, login as admin, do what you were trying to do in the first place, if you haven't forgotten because of some other app whinging about losing data or something, logout again, restart everything....it just isn't worth it.

So with Windows you have to run as admin all the time, which is why trojans can get in so easily. Win9x effectively runs as admin all the time anyway unless you have a fancy administrator who configures it for you, which most home users don't.

If "user friendly" = "run as root by default" then yes, Linux would end up having the same problems as Windows. But it doesn't have to. Prompting for root password when attempting a privileged operation is one possible solution; if a trojan attempts to run and the root pw prompt appears, hopefully the user will be prompted to think "er, why did clicking on that MP3 cause a root prompt?" and give the game away. I'm sure there must be other solutions.

Re:Asbestos suit time

[g0bshiTe]

I agree Windows is secure.

That is the exact reason there are more IE and ActiveX exploits than I have fingers and toes.
Oh and if you think you need to run as root to install them, think again.
Scripts are executed with the permission of the application that called it.
Does IE and ActiveX run as Aunt Tillie? No, they run as system.
As system they are installed and run without her knowledge.
Leading to a ploliforation of pr0n, and animal sex acts the likes of which haven't been seen since the days of Sodom and Gamora.

Re:Asbestos suit time

[thoth]

It must have been an old version of Windows. I too had experienced this problem in the past, but with Win2000 and especially WinXP, it has gotten much better. Heck, on NT4 Microsoft's own apps would gripe if you weren't Administrator.

My normal usage account on my WinXP box is a "power user". I switch user to Administrator for all installs, and so far, everything I've installed except for three apps have worked fine. Those three apps are two games (Star Wars: KOTOR, C&C Generals) and Calendar Creator by Broderbunc. Personal finance program, Open Office, Acrobat, editors, music players, you name it, are working just fine as "power user".

Re:Asbestos suit time

[emurphy42]

> you can't just supply the Admin password, you have to logout, kill all your apps, login as admin, do what you were trying to do in the first place

C:\> RUNAS /?

RUNAS USAGE:

RUNAS [/profile] [/env] [/netonly] /user:<UserName> program

/profile if the user's profile needs to be loaded
/env to use current environment instead of user's.
/netonly use if the credentials specified are for remote access only.
/user <UserName> should be in form USER@DOMAIN or DOMAIN\USER
program command line for EXE. See below for examples

Examples:
> runas /profile /user:mymachine\administrator cmd
> runas /profile /env /user:mydomain\admin "mmc %windir%\system32\dsa.msc"
> runas /env /user:user@domain.microsoft.com "notepad \"my file.txt\""

NOTE: Enter user's password only when prompted.
NOTE: USER@DOMAIN is not compatible with /netonly.

Re:Asbestos suit time

[petrus4]

>The problem with Windows is that it's *too*
>secure. Yeah, you heard me. Try using a Windows
>box without admin rights. I did, once, never

Interesting. I remember one case a few years ago where I was on an NT net sharing system in a library...in what was supposedly a restricted environment. I wanted to be able to do more with it, so on a hunch I changed Netscape's source viewer from Notepad.exe to Explorer.exe. It worked, explorer started, and I had the run of the whole system.
Also, my fiancee forgot her XP password a few months back. Took me a few hours, but I was able to download a copy of ERD Commander, which not only allows wiping of NT passwords but has a file manager which again, gives you complete access to a system. NT doesn't seem so secure to my mind...but maybe it's just me.

Re:Asbestos suit time

Boot Linux in single user mode and you can do anything you want to the password of any account - including root. Check out this link:

http://www.techtv.com/screensavers/answerstips/sto ry/0,24330,3657192,00.html

Here's the pertinent bit of info from the article:

Once you're in single-user mode, you can change the root password with the "passwd root" (no quotes) command. Then you can reboot, go into X Window System, and change all the other user passwords as well. That's how you get back into a Linux system after you lose your password.

Re:Asbestos suit time

Shift+right-click > Run As...

Usability is not vulnerability

[abb3w]

It depends what you mean by increased usability. A linux expert can do almost anything on Linux right now. Aunt Tillie can't check her e-mail, without risking creating an open SPAM proxy. Increasing usability has very little to do with the underlying code functions, and far more to do with the visual communication of relevant information. As long as the interface does not rely on security through obscurity, improving the interface will only improve security, with things like:
"Warning: Setting Up a SendMail Daemon without checking for security patches may risk increasing the world supply of electronic Junk Mail (SPAM). Perform check for securely signed patches (Default: Yes)? Use Default trusted patch Server patchserver.ThisLinuxVendor.com (Default: Yes)?"

Of course, increasing accessibility also increases accessibility to potential shoot-yourself-in-the-foot things like filesharing. Right now, Security through Obscurity usually protects Aunt Tillie from setting up a SMB share of her entire hard drive. On the other hand, if she does do it somehow, she'll never figure out that her DSL is slow because she's been turned into the leading WAREZ distro for Podunk. Security through Obscurity is generally considered harmful-- but it is Security. Good interfaces can be designed to provide the users with warnings to educate them as to hazards, while letting them shoot themselves in the foot if they really, really want to.

Now, if you talk about increasing the functionality, so the Linux users can do things like install spyware, or DirectX components to reformat their hard drive, then yes, that's likely to decrease security.

difficult interface != secure software

[YouHaveSnail]

I'm pretty sure that if you ask any security expert, they'll tell you that obscurity is not security. In other words, if you're relying on poor usability to protect you from intrusion and other bad things, your software is not secure.

Indeed, I'd take that a bit further. An interface that's difficult to use may be a security liability. Administrative tools which are difficult to use are far more likely to flummox legitimate administrators than to dissuade some curious kid with time on his hands or someone bent on doing some real harm. Bugs are less likely to be spotted and fixed if the software is hard to use in the first place. And prospective customers are less likely to be able to decide whether a tool really does what it claims to do before they buy it.

That's not to say that there aren't plenty of relatively secure programs out there with lousy user interfaces. And there are surely plenty of pretty, easy to use programs that are full of holes.

But really, if you have to rely on ugliness to increase the security of your software, what does that say about your code?

how to trick a stupid linux user

-> click here to download the ultimate porn search engine!!!

-> download completed! double click on the install program located on your desktop.

-> please enter your system password (aka root password) below to complete installation!!!

-> thank you, enjoy!!!

(0wnz3d)

security through obscurity

[circletimessquare]

this entire discusssion to me is little more than a variation on a theme: security through obscurity

the obscurity here being the clueless admin being unable to mess around with settings he or she shouldn't be messing around with without an understanding of the implications

so, insert your own argument for/ against/ around security through obscurity here, and it applies to this discussion, and encapsulates it

Way To Go!!

[davezirk]

Great way to "sell" a product that I'm hearing - calling the users stupid. In way, though, this attitute guarantees that I'll be employed forever. When I'm dealing with an angry CUSTOMER, I look like a winner just because I'm willing to listen to their problem and deal with them as the reasonably intelligent people that most of them are. They're looking for answers from a person who will treat them with respect, and I'm just the person who will help them out. Thanks!!

Useablitity

[g0bshiTe]

Doesn't mean sacrificing security.
I also found that Linux wasn't that much different from Windwos
As far as useability went.
It is I guess like anything you do.
You have to learn how to use it.
And like everything there is a learning curve.

We all know that Micro$oft Corp. is after the bottom line.
Linux, as long as it remains open source will continue to be scrutinized for bugs, and or ways to innovate and optimize code.
Should Linux follow suite to Micro$oft then I think we would see degredation of good coding practices.
As far as which is more secure, I would lean toward Linix.
Because the user has so much more control over the kernel
it is bound to be more secure.
Though no code is 100% bug free.
Both OS'es will have their bugs, flaws or what-have-you.
I took the leap to Linux a few years ago, and have never once regretted giving the OS a try.
I look forward to the inovation the open source community brings to computing.
And cannot wait for the day when I can contribute to the open source initiative.
Three cheers for Tux.

BTW I've learned more about computers in general since using Linux than I ever had using Windows.

opinion

[erikdotla]

This question sounds like, "If I drink, will I have a car accident?" Well yes, but only if you're stupid and drive after you drink.

Adding easy usability is not a direct cause of poor security, rather, an indirect cause. Increasing usability usually means pre-configuring options and features for the user. As Microsoft has learned with XP-SP2, the defaults are a big part of it.

It's difficult to imagine all of the permutations of configuration a user might do, while believing it to be secure, and then to code that to configure everything the way they want, and to keep it secure at the same time. However, if you're going to expose these abilities to the user through a simple user interface, difficult or not, you have to plan for it.

When there is no UI, the documentation is the authority on whether the user is secure or not. The user has to follow the directions, config themselves, and if they mess up, it's their fault. Creating simple UIs to do this for the user means you are expecting them to do more while reading less documentation.

This does not make the user more liable for his stupidity, instead it makes the programmer more liable for the security.

The moral is: Don't add the UI unless you've considered all of the possible configuration and security side effects and you're willing to deal with them. It can be as simple as error messages that explain to the user that certain combinations of choices creates an insecure condition and a suggestion to RTFM before continuing. That puts the liability back on the user.

Another viewpoint is that adding easy UIs to a program that previously had none should make it more secure - because the UI provides the opportunity to proactively warn the user before they do something stupid. It's up to the programmer to take advantage of that opportunity. Having only a binary, documention, and config files means the user must be proactive and read the docs.

Bottom line: The UI can't possibly create more security vulnerabilities than no UI whatsoever already afforded the user. The only way it does that is by encouraging a clueless user to touch something they wouldn't otherwise touch. And that's a conscious desicion the programmer made and didn't bother to plan for in the form of security warnings attached to bad configuration choice events.

Windows is a victim of it's own simplicity. Microsoft can only combat this with better default settings, better UIs with more knowledge being passed to the user, and lots and lots of security patches.

Re:opinion

better default settings

Yes, the number one thing that bugs me is that Windows hides file extensions by default. Every system I work on still has the extensions hidden. And people wonder why executables are so easy to spread by email. Bad, bad Microsoft!!

You can have ease of use as well as security

[jimfrost]

The principal issue Windows has with security that most of the other OSs don't is that it fails to compartmentalize administration spaces from user spaces. There is effectively no security on applications or the filesystem; they run fully privileged all the time.

As a result anything that wants to break down security has no barriers to it beyond whatever the application provides. That is insane.

You can vastly improve security by separating these spaces, making applications run in the user spaces as much as possible, and requiring authentication to bridge the spaces.

UNIXen have done this for decades. You might argue that "UNIX is hard to use." That has generally been the case, but not universally. MacOS X does a pretty good job of providing a smooth interface on top of UNIX and does so without breaking down the UNIX security structure. Users do not run applications in privileged mode without authentication, for instance. If you want to install new capabilities, you must authenticate to do it. Thus it is difficult for viruses and malware to insinuate themselves.

If the application and OS data is not writable by normal users, and they must somehow authenticate to get write privileges, viruses have a much harder time propagating.

It is for this reason that more and more UNIX software that used to run in the old days (e.g. ftp) now runs as an unprivileged user now. You can break in through flaws in the application, perhaps, but the damage you can do is limited. This was a good security practice that became mainstream back in the 1980s.

Getting back to "user friendly" systems, the Mac is not even the best example of a nice user-friendly UNIX box. I'd argue that some of the network appliances are much better at it. I had a Cobalt box, for instance, that had a fine point-and-click web interface to UNIX system management. It was really easy to use; you didn't have to know squat about UNIX, or even that the box was running UNIX. And it required authentication for every change request. This was mediated by the browser so it wasn't even noticed by the user.

Or just look at the Tivo. Is Tivo easy to use? Oh yea. How many security problems have you heard of with Tivo boxes? None, because getting unauthorized software onto that box is a bitch. Hmm. Maybe it's possible to be both easy to use and very secure.

I note that you can set up a Windows box to be pretty secure if you want to. I used to do it as a matter of course. The problem with doing that is that there is no easy way to run an application as a different user, which means you have to bounce back and forth between the Administrator login and your user login. This was a royal pain in the neck in NT and 2K, although in XP it's pretty easy (but not nearly as sweet as it is on MacOS!).

Unfortunately Microsoft has never promoted this configuration as best practice. In fact, they've implicitly discouraged it by making it hard to create a system that separates administrator and user spaces. There is no installation system that takes authentication into account, much less tries to enforce it. And they've actively promoted wide-open systems by shipping them that way by default.

Because Microsoft does not even try to ship systems configured relatively securely it's no surprise that many applications do not operate correctly if installed on a fully secured system. That is unforgivable now that they've had Windows with security out there for eleven years. They should have steadily increased default security to force application vendors to use best practices.

When my daughter's account has to have administration privileges to run her Winnie The Pooh game, it really is not a surprise that there are a lot of these problems. And that is blame we can lay squarely on bad configuration practices promulgated by Microsoft more than any requirement to make the software easy to use.

If Microsoft really were interested in security then the next OS release would ship

Different Starting Paths

[meplaysocr]

As I have seen a few times so far, Linux and Windows have traveled different paths in their product life cycles. Microsoft was born out of usability and friendliness. A pretty (to some) GUI with easy to use features (some what) with all the built in functionality you could ever need (and Bill said 640K would be all we'd need...). By lumping so much into an Operating system (which is inheritantly large to begin with - generally) you will definatly find yourself facing issues of Security.

Linux is different. Linux started out with a security mindset. Make it secure and let people figure out how to make it work. So with that as its roots, it was able to grow from there, and that focus on security is still there.

There is also a different community feeling with Linux as opposed to Windows. With Linux you have the Kernel changes and OS changes and what not, and that gets released for trail before an official release is made. And there is an avid community that tries out the latest and greatest and bugs are fixed and issues resolved before a release is mad public. That is not to say that there are no bugs and vulnerbilities found later on, but at least a good deal of things can be caught prior to general acceptance and use. On the flip side we have Windows that makes a SP release or an version of the OS avaialable, we download or buy the newest and run it only to find out later there are a couple thousand bugs that have yet to be fixed and we will have to wait 4 months until it is resolved in the next SP release. Or even better, a vulnerability is found, a worm/virus comes out to attack that exploit, MS then releases a patch/hotfix, then we run around trying to figure out which machines have been compromised and fix them.

Linux has come a long way in its usability, which I think is great. And if Microsoft is any clue, I think it is easier to add usability to a secure system then it is to add security to a newbie friendly OS.

That's just my two bits...

Sorry to burst your bubble

[bonch]

If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.

According to the study Slashdot posted, THEY DO.

Guess you missed the breaches of Debian, Gentoo, Gnome, GNU, etc.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Easy

[Tatarize]

If usabillity and insecurity go hand then the most user frendly item is the most insecure. I proclaim this "most user friendly" item to be minesweeper. Now, how insecure is minesweeper?

So you mean to say that you can be both user friendly and rock solid secure? IIS is hacked much much more often, but Apache has market share.

The simple fact that just because more people know the system doesn't mean more people can hack the system. With Microsoft products the more you know the more you realize some of the huge holes which exist in the system. With Linux no huge holes present themselves. Get a person who knows Linux Servers and Microsoft Servers like the back of their hand. They will be much more likely to be able to hack the Micorsoft Server.

The question is not usablillity, its knowledge of flaws. No flaws, no knowledge of flaws. I'm not saying that there aren't flaws in Linux, but I am saying that the flaws in MS products are much much larger.

Slashdot: Where Analogy Is King

[Crash+Culligan]

The argument is usually phrased as "Convenience vs Security." They can be seen as being opposed. That's not quite the same as "Usability vs Vulnerability" but that's the direction your friends' arguments were pointing.

Given that you're comparing a pair of synonyms against a pair of antonyms, it's easy to get confused. Which describes 85% of the semantic arguments around here, I'm afraid.

I'm not sure that it always holds true that you have a single gradient between Convenience and Security. You can have elements of both, and it's not just a fractional position between two extremes.

I'll go one better, and claim flat-out that you can have both, and they're not playing a zero-sum game, bearing in mind that there's no way a system can be made either 100% secure (*cough*LONGHORN*cough*) or 100% convenient ("Okay, I plugged in the computer and turned it on. Where's the document that I'm thinking of?")

Imagine the computer as a house. It's a place where you keep your stuff. (Yes, kids, here comes the analogy!)

Within that house, usability is a matter of placing light switches and doorknobs so that they're both within easy reach and easily recognizeable as such. It's a matter of leaving a clear path between rooms, unblocked by furniture. It's a matter of making doorways large enough (or using furniture thin enough) that you can moving things around if you must. To the person that lives within it, usability is a matter of making as much as possible convenient and accessible.

And within that house, security is a matter of sturdy locks on the doors and windows that close firmly, without room to stick a credit card in. It's also a matter of denying spaces within to those that don't need it. It may involve locking certain rooms, or if those rooms must be left open, then locking those few cabinets that contain dangerous things (like bleach and ammonia) or putting those dangerous things up and out of reach. Security is as great as possible a deterrant against anyone outside the house who doesn't have a key or permission to be there, and safeguards within the house to keep the unwary from setting the curtains on fire with a misplaced candle.

(A third analogy could be made for attractive design: things that are pleasing to the eye. But those lend nothing to security, and may sometimes even get in the way of usability: curtains may obscure doors. Furniture may be quite comfy and eye-catching but still be in the way.)

In that way, it is possible to have a house be both secure and usable. It's maximizing and facilitating access to what may be used at any time, and minimizing or restricting access to that which could do more harm than good.

As for what this all has to do with software, everybody can figure that it. Besides, all I promised to do was provide the analogy. :)

Re:Slashdot: Where Analogy Is King

[AeroIllini]

Imagine the computer as a house. It's a place where you keep your stuff. (Yes, kids, here comes the analogy!)

Within that house, usability is a matter of placing light switches and doorknobs so that they're both within easy reach and easily recognizeable as such. It's a matter of leaving a clear path between rooms, unblocked by furniture. It's a matter of making doorways large enough (or using furniture thin enough) that you can moving things around if you must. To the person that lives within it, usability is a matter of making as much as possible convenient and accessible.

And within that house, security is a matter of sturdy locks on the doors and windows that close firmly, without room to stick a credit card in. It's also a matter of denying spaces within to those that don't need it. It may involve locking certain rooms, or if those rooms must be left open, then locking those few cabinets that contain dangerous things (like bleach and ammonia) or putting those dangerous things up and out of reach. Security is as great as possible a deterrant against anyone outside the house who doesn't have a key or permission to be there, and safeguards within the house to keep the unwary from setting the curtains on fire with a misplaced candle.

That's a fine analogy, but it's missing one rather large ingredient: the internet. Connecting your house with lots of other peoples' houses, the vast majority of whom you don't even know and never meet. You get to exchange furniture, gain ideas about the color of your curtains, and even sell your car. So here's the kicker: how do you make it easy to exchange all this data between the houses, yet still keep your house secure from outside attacks? Your front door is locked, to be sure ... but a burglar could be clinging to the underside of that couch you just bought and are currently pulling in through the window.

Microsoft is actively trying to blur the line between online and offline. Already they have the option of downloading whole websites and viewing them offline, yet these offline sites look exactly as they would when viewing them online (except, perhaps, for a tiny icon way down in the corner, amid the other onslaught of tiny icons no one pays attention to). Not only are both copies of the website (online and offline) seen in the OS as a *single folder* by default, but most users don't even understand the concept of an HTML file having to be downloaded to a cache directory before it can be viewed. The internet is a very abstract concept, and it doesn't help that we (the geeks) keep metaphorizing it. Many of the "Joe Blow" users I deal with on a daily basis refer to sites like Google and Yahoo as if they were applications that are launched from the toolbar.

I think the true solution is to make an extremely clear distinction between "online" and "offline." Only when users understand that fundamental concept will they be able to make their own judgements about what to trust. They can't always rely on us to educate them on what's good and what's bad: they should be able to see an instruction on the computer screen and decide for themselves whether it's "online" (meaning not installed by them, and therefore probably malicious) or "offline" (meaning installed by them or GatewayDellCompaq, and therefore probably legit).

Usability != Functionality

[dumbnose]

Usability doesn't require that you enable the system to do anything that it can't do today. All usability focuses on is making it easier / more intuitive to accomplish those same tasks.

What kind of krispy cremes?

[Gannoc]

Because that's really important. If glazed, I think a documented and rigidly tested security model will quickly overcome user error. If creme-filled, then clearly the user experience must be restricted in favor of a secure system.

I'm not convinced yet

[roystgnr]

For your post to be persuasive, you're going to have to reexpress it as an image or series of images which conveys the same argument. Good luck.

Re:I'm not convinced yet

[MikeXpop]

Okay

Lies, opinions, and half-truths

If you agree with any of this, feel free to repost it endlessly!

* If "Linux" just refers to the kernel and not the operating system, how can "FreeBSD" refer to the operating system (userland tools, standard libraries, etc.) and not just the kernel? Face it, "GNU/Linux" looks and sounds ridiculous.

* If you expect companies to follow the copyright of the GPL, you should support the RIAA going after infringers of its copyright. If not, you're a hypocrite.

* There is absolutely nothing wrong with a company being upset that its product is being pirated freely over online networks. Try getting a real job sometime and see what it feels like when your work is everywhere, and you start worrying that your days are numbered. Does John Carmack want you to "sample" his new game via the "free advertising" happening on eMule?

* OSDN-owned Slashdot thinks its niche opinion represents the majority of the world. This is a result of people visiting every day and buying into the groupthink. Nobody outside of Slashdot knows or cares about "Linux," "RIAA", "M$," or anything else Slashdotters think is such a huge issue in today's society. Go to a mall or coffee shop sometime and see what people actually talk about.

* Speaking of OSDN--it's a Linux company...that owns a "tech news" site...that posts news stories negative toward competitors like Microsoft. If a Windows company or even Microsoft itself owned a "tech news" site and posted anti-Linux articles all the time, everyone would be up in arms. But with OSDN, it's a-okay.

* Slashbots think people don't like the music coming out these days, which is the cause of the piracy. Never mind that if people didn't like the music they wouldn't be pirating it, most Slashbots--again, this goes back to the niche
opinion thing--don't realize that most people these days love the music coming out and want to hear all of it. Probing around, you discover that Slashdot is made up of nerds and fogies who listen to things like The Who and Blind Guardian and techno--not what mainstream society enjoys.

* Any company ending in "AA" is evil. Especially if it doesn't want you distributing its works without paying for it. Somehow, this mindset is supposed to make sense.

* The inevitable result of all this is a world in which nothing can be profitable because people simply pirate free copies. Is that really what Slashbots want? OSS and free-ness in general reminds me of the hippie era of the 60s--idealistic socialism that only exists because of the surrounding capitalism around it that provides the environment for it to exist. We all know what happened to that idea.

* Slashdot editors are abusive. We all remember the Post. It's amusing the editors never mention the issue. The worst editor is michael, who will mod you down, insult you for your post count, and post unprofessional color commentary along with the article. This is the same bizarre person who cybersquatted Censorware for years--even as Slashdot posted articles negative toward cybersquatting! Michael played it off like he was some sort of stalking victim, which made it all even more bizarre.

* The moderation system is broken. If you mod someone as "Overrated," you can't be metamodded. People abuse this all the time to gang up and knock you down into oblivion.

* Somehow, user-ran executables are always a "New Microsoft Hole" (actual article headline). Meanwhile, LinuxSecurity posts weekly security advisories for all the Linux distributions. You never, ever, EVER see
any of these mentioned on Slashdot--bizarre things like arbitrary code execution via MPlayer.

* Microsoft is supposed to be some sort of non-innovative rip-off artist. Meanwhile, the same people posting those comments do it through KDE with taskbars, sidepanels, start menus, similar print dialogs, and an integrated
web/filesystem browser. Slashdotters--ripping people off then criticizing those who came up with t

Re:Lies, opinions, and half-truths

damn, that's a pretty good post!

one comment though. you say that we should go to a mall and see what people really talk about. most people are so ignorant to the important issues that affect their lives, it is sickening! why would i want to lower my thoughts to their level? come on now.

Usability != Bad Security

[fozzmeister]

however it can be, Imagine a tool that made a mailserver / dns so easy to set up that you didn't have to know how IP worked. That is a security problem.

Having said that is that really usability? I personally don't think so, perhaps a real world equivelant would be knowing how to use a VCR without knowing how to plug it in (which is kindof bizarre).

An example then...

[Allen+Zadr]

Easy to use: You want web services, simply put your files in the InetPub folder. Here's a tool that can help you design your web page.

Easily Exploitable: Windows 2000 IIS server is already running, out of the box.
--
Yet another example... if you want to watch a box get hacked very fast, Install RedHat 6.2 out of the box, and plug it into the Internet. I'll guarantee that a Win 98 box is not nearly as lethal. I give it two hours before it's attacking somebody.

Yet the much easier to use RedHat 7, 8 and 9 all came with Firewalling turned on as the default selection during install (something that would have saved the RedHat 6.2 box).

In the same category, many of us are not so patiently awaiting Windows XP Service Pack 2 - where the default firewalling will actually work. The "I don't know what I'm doing default settings on WinXP - will get a working firewall out of the box.

To my view (and I run a LOT of Linux/Solaris/HP-UX) everything that is more than 4 months out of patch is an open playground for hackers (and even more sad, script kiddies).

NONE of this accounts for the number of security flaws that are directly attributable to Outlook, Office and Internet Explorer (which are a category unto their own). To these, I would have to admit, the level of "ease of use" is attributed to "programming shortcuts" that lead to "security breaches" across software platforms. If each of these products were actually separate from eachother and the underlying Windows OS, then this wouldn't be as much of an issue either. Further, the interoperability of these things annoy many new users:

• "I don't know how to save, it keeps opening the file, but I want to save it."
• "I double-click on the mov file, and this WinAmp thing appears and says it can't open my file"

There's got to be a better way, and it doesn't have to be less secure.

When Does Usablility Become a Liability?

So far from all the replies I have read. A majority of you are right but your viewing it to narrow mindedly. The security issues with Linux, Mac OS and Windows is a combination of the following.

1) Human Error - THIS IS THE MOST IMPORTANT THING!! we are not perfect, NO operating system can EVER be secure. There will always be a hole somewhere that some body will exploit. There is no such thing as a 100% secure operating system because we all can ( and have! ) made mistakes in programming, setup and simply by using our favorite operating systems. Human error will always be there whether it shows up in our programming, our system administration or simply checking your email and not paying attention to the attachment. We have all made mistakes and it will continue until the day we die. The only computer that is 100% secure is one that is simply shut off and unplugged from a power supply.

2) User Simplicity - Making an OS easier to use has the posibility (Does't mean it will happen, just the possibility) that security flaws will arise. This goes back to human error and the complixity of the system that is being made simple to manage. Their is a balance between usability and security. Yes a certain component in linux could be secure but when you add an easier interface to the component increases the chance of insecurity through human error. Also the basic computer user does not know computer security and does not take the time or want to learn computer security. They just want everything to work when they want to use it. For us computer savy administrators and programmers commandline isn't much of an issue. For the basic computer user it is hard if not impossible to remember all of those commands. My Dad can't remember what url to type in to get to cnn.com let alone starting a service or program by typing in the name. He can use his computer just fine by icons because he doesn't have to remember a command and how it's spelled to use it. When I worked technical support for a local ISP there wasn't a day that went by that when I asked someone to click a mouse button they tapped the mouse on the monitor. That is an extreme look at it but the average user isn't that much more savvy.

3) Market Share - Fact is Fact however that Windows WAS full of holes and M$ is finally making it more Secure. If M$ had made these security strides back with Win 95 security wouldn't be as much of an issue. Linux was built from the ground up to run more secure than other OS's. But it is not without it's flaws that have not yet been discovered. Sooner or later someone will find these flaws. Due to Windows market share, it is all the more possible to find these flaws sooner than later. Windows on the other hand has started from the opposite end by being completely open to begin with to more secure today. Windows 2003 has been the most secure Windows platform ever. It wasn't without problem however andd As long as M$ continues to make security they're #1 priority it will eventually become just as secure as Linux and Mac OS. Anyone thinking that market share has nothing to do with finding flaws is retarded. Finding a needle in a huge haystack is really hard to do for one person but the odds change when you add more and more people to equation.

Fact is 100% of all virus, worms, trojans, etc exploit one contant. HUMAN ERROR. There is no question that Windows was full of holes and still has holes to this day. Now that M$ has made strides in they're security in Windows. Flaws are starting to show up in Mac OS. I love the Mac OS but I have seen more security holes in the news about Jaguar than any previous version. How many times in the past year has linux breaches been in the news? It's all been in the news more so than in previous years.

So the real question isn't who's more secure. It should be "When are we all going to quit making mistakes?"

Not quite.

[AltGrendel]

We have our SMTP server set to delete encrypted zip files. It is somewhat of a hassle, but most people that we deal have been willing to resend as an unencrypted file.

Re:Not quite.

There was a recent post here that current Email-Scanners include technologies to extract (read: guess) the Password from the Email Message and nowadays even include OCR (yep, that's Optical Character Recongnition like your scanner does) since one of the recent Viruses hid the Password in a GIF or JPEG File. How strange will it get?

Re:Not quite.

Yup. Our Anti-virus package has a nice checkbox "Delete Encrypted Compressed" and "Corrupted Compressed". If it can't scan the archive it doesn't let it pass. If you rename the zip file to something like .die it will still know it's a zip and try and open it. What a concept...

Re:Not quite.

[Rich0]

Interesting - until recently my employer did the opposite - deleting EXE files in ZIP attachments unless they WERE encrypted...

Re:Not quite.

[Rich0]

Hmm - how long until viruses encrypt the contents and embed a new dictionary-based password in a GIF not susceptible to OCR'ing (think how yahoo/hotmail prevent spamming with new accounts).

System vs. Application UF

[Tony]

Many exploits in the MS-Windows world are application-level exploits, ones that sacrifice security for "usability," for some definition of the term "usability." Many of these features are not really very good to start with (such as those regularly exploited by MS-Outlook worms and trojans).

MS-Windows has its own lion's share of OS-level exploits as well, but most of the annoying ones seem to be user-level.

Can Linux avoid these types of exploits? I believe so. The key factors for OS "ease-of-use" is consistency in application interface between similar applications, ease of software installation, ease of system maintenance, and a sane approach to UI design.

Note none of those require a dumbing-down of the system to suit the user. Basing file type on three letter extensions was just a stupid idea (but a holdover from the DOS days, so understandable); hiding those extensions was not only the act of a moron, but potentially dangerous. Requiring the user to jump through hoops to turn off autoexecute of inserted CD media is just as stupid. (I mean permanently, not just holding down the shift key.)

If Linux doesn't treat the end-user like an idiot, but still provides the services most users are used to, Linux can certainly become easy-to-use and maintain decent security. But it'll take concentrating on the basics: package installation as a user function (perhaps in their own directory tree), for instance.

I think Microsoft's security problems are based more on the way they do business: technical decisions are driven by marketing, not by the needs of the users.

Perhaps the development model of Linux will help avoid those pitfalls.

Fallacy of Equivocation

[abb3w]

Why do people think that the command line [osnews.com] is *not* "user friendly"?
SNIP
Then why a system administrator?

You're talking about two different groups of "users". Most users are not system administrators in any significant sense of the word. Yes, home users are by necessity "administrator" on their machine... but they don't do much administration, and I don't think that what you're talking about.

Linux, as is, is fine for systems admins. It is not fine for Aunt Tillie types; I believe the increasing usability is targeted at the latter group.

Oh, and as an incidental aside...
Windows and Linux admins in the same organization? What organization is this?!
Hell, sometimes you can have Windows, Linux, and even Mac administrators in the same *person*. Some of us are agnostic in the great OS holy wars. =)

Re:Fallacy of Equivocation

[juan2074]

It is not fine for Aunt Tillie types.

Computers are not for Aunt Tillie. She should stick to churning butter and sewing her own clothes, like her other Amish neighbours.

No.

[SCHecklerX]

Not necessarily. Keep in mind, that many of the problems 'joe user' has, is because he runs with administrator privilege. The reason he does so, really isn't his fault, as many windows programs REQUIRE this. Windows has a legacy of being a single-user system, so there is a lot of 'bad' software out there (doesn't keep separate user profiles, wants to write configuration files where it shouldn't, wants access to stuff it doesn't need, etc).

Linux, on the other hand, has always been a multi-user system (well, it has since it became an OS, and not Linus's hyper-fast text editor). Because of this, and the unix philosophy in general, you'd have to go out of your way to find software that does not fit into the multi-user system model. Because of this, linux can remain more secure, even when giving it to 'joe user'.

Of course, the problem comes from the same third party vendors who don't get it in windows also not getting it in linux. Hopefully, they will know something about a multi-user system BEFORE bringing their wares to the linux world. Then again, the idiots creating cruft like 'bonzai buddy' will never get it, nor do they care.

Windows seems to be heading in this direction

[DeadVulcan]

I've noticed that Windows XP Home already has an idea of privileges. On my own machine, I've created a "root" account that has administrator access, and a user account that doesn't.

The problem is installing older win32 programs that assume you have write permission to all files on the filesystem. I stubbornly refused to give my user account administrator privileges, and the result was that I had to open a command prompt and use the "CACLS" command to give Users write permission to specific files and directories. Sometimes, this required a certain amount of trial and error to reverse-engineer how the program works.

Recently, I installed XP on my parents' computer, and I briefly thought of suggesting they make user accounts that have no administrator privileges, but I abandoned that idea right quick, when I recalled how much hacking I had to do, to get things to work.

However, when applications catch up with XP in terms of being aware of user privileges, hacking won't be required any more, and Microsoft will be in a position to start educating common users about the difference between an Administrator vs. User account.

I'm no great fan of Microsoft, but I have to admit that there are many things that I really like about XP and the direction it's taking.

usability and security

[mboedick]

Usability and security are not mutually exlusive. On the contrary the more usable software is, the more secure it is. The more the user understands the software and the more at ease he feels with it, the more secure it is, because the weakest insecurities in any system are the human elements.

For example, say some software mandates changing your password every day and does not allow repeats. Not very usable. The user will avoid this obstacle by writing down his passwords, figuring out a way to stay logged in, using easier passwords, or something else which compromises security.

If your definition of "more usable" is "more graphical and has more features" (seems like Microsoft uses this one), then possibly as usability increases, security decreases. However, true usability and security are both results of the same thing - good design.

Nice product placement

I was having a similar discussion at a McDonald's last week. The discussion ran long so my friends and I hopped into my Toyota Matrix and continued our discussion at a nearby Denny's.

back to the BBS-what about 'I'm smart | I'm stupid

[mojoNYC]

back in the (command line) BBS days, our BBS shell had a toggled user var called (appropriately enough) I'm Smart | I'm Stupid--the 'stupid' user got less options, and more verbose help onscreen--i've always thought this was a great solution to the dilemma of how to have a workable system for both experts and newbs--why not create a modern version of this setup that will show/hide information and options, based on the user's S/S preference?

Linux newbie

[bigredmed]

I am nowhere close to a sys-admin for a linux farm, but from my POV, the needs to make Linux more user friendly focus on two things:
1. Making it easier to load and update programs
2. Making USB connections for PDA's and other peripherals work better in terms of hot-syncing.

I would be very happy to have a 75% improvement in loading and updating existing programs that didn't leave my system open like a windows machine, rather than a 100% improvement that did. (I would take 50%).

I need the PDA to sync without having to push buttons while being twisted around like a russian gymnast. Trying to push the hotsync button and launch the script at precisely the same moment is not OK.

Trying to load a program, only to find that I don't have some obscure file that should have come with the tarball, but didn't, is not OK. Hearing about the great features that the grand and glorious KDE 3.2 will do only to find out that KDE 3.2 won't run on my version of SuSE is not OK.

Fix these problems and linux will be just good enough (and that will be great and should be the desired target). Don't need more. Don't want any of the MS bells and whistles, especially when its these that cause the vulnerability.

Eating in France

[The+Angry+Mick]

Try getting food from a blind man in france.

How to acquire French cuisine in four simple steps:

1. Go to France.
2. Find blind man eating a sandwich.
3. Hit blind man with hammer.
4. Enjoy sandwich.

Re:Eating in France

[Opie812]

...typically American....

Re:Eating in France

[vsprintf]

1. Go to France.
2. Find blind man eating a sandwich.
3. Hit blind man with hammer.
4. Enjoy sandwich.

I thought that the sandwich was an English invention and that even a blind Frenchman wouldn't be caught dead eating one.

Re:Eating in France

[Unregistered]

bad idea. They'll surrender the country to you and do you reallly want to be responsible for France? Unless you happen to really like wine, it's a lose-lose situation.

Re:Eating in France

[zulux]

How to acquire French cuisine in four simple steps:

1. Go to France.
2. Find blind man eating a sandwich.
3. Hit blind man with hammer.
4. Enjoy sandwich.

No need for violence. Replace Step #3 with: Say to him - "I am German."

Re:Eating in France

[jesser]

When all you have is a hammer...

Re:Eating in France

every blind man starts to look like a frenchman?

Re:Eating in France

When all you have is a hammer, every problem looks like a blind frenchman eating a sandwich?

Re:Eating in France

[Halfbaked+Plan]

Sung to Peter, Paul, and Mary's melody:

"If I had a haaaaamer... ...I'd a hammer in your fo-ore-head"

Re:Eating in France

The last song that Joe Orton ever heard.

Re:Eating in France

[bankman]

How to acquire French cuisine in four simple steps:

1. Go to France. 2. Find blind man eating a sandwich. 3. Hit blind man with hammer. 4. Enjoy sandwich.

No need for violence. Replace Step #3 with: Say to him - "I am German."

This won't work, and I am speaking from experience. Remember that you are in France and that the English language will not help you at all (especially not with a heavy American accent). You should either try "Je suis Allemand!!!" or "Ich bin Deutscher!!!" maybe followed up with a proud "Sieg Heil!!!". The latter might get you arrested though, and quite rightly so I might add. But then you can enjoy french cuisine for free for some time.

SELinux to make Linux even better

[jgardn]

With SELinux, it can be setup so that even root can't do anything it wants. Instead, there will be multiple administration accounts, each with particular permissions. The level of granularity is up to the users (or the distros), and with some experience, you'll see some pretty user-friendly installations with SELinux running (FC2 is coming up)

We'll soon be able to run apache securely, even with a gaping security holes that allow browsers to execute arbitrary code. We'll be able to download code and run it in harmless environments where privilege escalation is impossible and the bounds for operation are clearly set. And this will be the default setup for every linux user.

Re:SELinux to make Linux even better

[Master+of+Transhuman]

> With SELinux, it can be setup so that even root
> can't do anything it wants.

I've considered for some time that a defect in Unix is to allow root to be more powerful than the kernel itself. What happens when someone other than root escalates privileges to root level?

The kernel should be able to protect iself from security violations even by root.

This causes most Unix geeks to react in horror. They love being all-powerful.

OTOH, there probably are situations where having the kernel override root would lead to system problems as well.

This remainds me of what the sysops used to tell me when learning computer operations on the Xerox Sigma 6 thirty years ago - "When there's a problem and the OS is popping up messages, satisfy the OS first before trying anything else."

The bottom line - we need smarter kernels - and smarter roots.

To paraphrase what someone once said, "We can probably figure out how to make software smarter, but there doesn't seem to be any way to make humans smarter."

since no one else got it right, I'll chime in

[typhoonius]

A classic logic error, whose name I forget right now.

It's a syllogism.

Corporatization

[botmfeedr]

To me it's not about usability which will make it more insecure, it's the more corporate it becomes (i.e. Redhat, etc) which will bring about more vulnerabilty.

Computer admins being usabilty experts?

[voidref]

It seems kindof odd that a computer super expert would be able to discuss usability issues with any sort of authority. The simple fact thay they know computer systems so well makes them prejudicial to being human interaction specialists.

yes and yes

of course it will.

Same-sex marriage

Broadened platform adoption is like gay marriage: whether or not you feel that this other set of users will end up with insecure systems, their existence doesn't make yours any less secure.

Whats the argument here?

The more user friendly any OS is, generally the less secure it will become.

yes and no

Usablility as joe use would want it would be a security vialation. joe user would be rely happy if he dint have to use passwords and if the file sharing alredy was enabeld so he could acess the files from every where. ive seen joe users getting mad about being prompted for passwors on osx aswell.

but there is always a trade of doing it the osx way with prompting for passwords and pherhaps a key ring
for less dangerus stuff would work.

Heh! "Microsoft Administrators".

That always makes me laugh, thinking about the guy who used to be the office flunky who knew how to unjam the old printer and does some lame-ass "Microsoft Certification" and now calls himself a Network Administrator...or worse yet a Network Engineer...!

Re:Heh! "Microsoft Administrators".

but he has a job and a payback and right now that looks pretty damn good

No

[Spy+Hunter]

Let me provide a counterpoint. No, increasing usability does not decrease security. Here's why:

• A lot of viruses exploit flaws in OS/application code, usually C/C++. These flaws are completely unrelated to usability issues, so increasing usability does not require these flaws to become more common.
• All other viruses are actually *caused* by usability *flaws*. This includes those viruses that come as .pif or .zip files, and spyware that installs itself by instructing users to click "yes" on IE warning dialogs. The problem is not that users are stupid, the problem is that usability is bad. Truly usable software would always inform the user of the consequences of their actions in a way the user can understand, and not allow various ways of "tricking" the user into running something dangerous. Fixing these flaws increases usability and security.
• Bad usability can cause security breaches in other ways: users can be unaware that they just shared their entire hard drive to the Internet with write access, or that there is hidden information inside Word documents, or things like that. Usable software always informs the user of the consequences of their actions. Increasing usability increases user awareness of security issues.
• Increasing usability can increase code complexity, which means that there will be more bugs. However, the security problems fixed by the increased usability outweigh this, especially when safe languages are used so that code execution bugs aren't a possibility.

Usability is not the problem. Bloated, complex code in unsafe languages is the problem. The two are not necessarily associated. Increased usability increases security due to increased user awareness of security issues.

Actually it's the opposite. Usability = Security

[InrdZQdxdqn]

That's ill reasoning: "Windows is more usable, windows is less secure, thus usability means insecurity".

What really happens is that the lack of usability in Linux is the main cause of insecure setups.

I am sure most of you guys can manage the thousands of setup options and configuration files Linux has.
Not me. And not some other thousands of users.

As I occasionally use Linux, I have to rely on the default setup most of the times for most of the programs. But what happens when you need to change the default setup? Yo crawl through lines and lines of text till you find the f**ing line that changes the f**ing option you need to change. Before this, you have changed a dozen of some other options you are not really sure what are there for, just to try...

So, my conclusion is:
- Security problems in Windows are caused mainly by bad design.
- Security problems in Linux are caused mainly by bad usability.

I may be oversimplifying (wouldn't be a first)...

[reverendslappy]

... but my answer is: it shouldn't.

One thing I want to preface my full answer with is that I think people toss a lot of things under the heading "usability", without really knowing what it means. I, not really knowing what "usability" means (I have friends with Masters Degrees in Human-Computer Interaction, and there's no way I'd claim to know as much as them), I'll define it for the purposes of answering the question: "Usability" is the concept of making an application, OS, or other piece of software easier and more efficient to use through employing an intelligent and consistent graphical interface design. While I'm sure it entails more than that, I'll just talk about that much.

There.

Now for my answer: Usability has nothing at all to do in any way with the basic, underlying security of a piece of software, with one exception.

Although the issue gets more difficult to deal with as the complexity of a particular application, if we use the definition of "usability" above, it's pretty simple. An interface design shouldn't really ever be able to make an application less secure (now obviously if the interface application itself has underlying vulnerabilities, that's a different story). How you navigate, manipulate, and "use" an application or OS doesn't affect how secure or insecure the underlying code is. Except in one way...

The one way in which striving for better "usability" could make an OS or application less secure has to do with the interface used to administer security in that OS or application. If the interface design for that piece of the software is not as "usable" as it could or should be, the security of the application or OS could be comprimised.

Other than that, "usability" as a discipline isn't to blame for vulnerabilities. Microsoft does play the usability game really well. While a lot of it is subjective, it generally does a good job at making the interface consistent, efficient, and intuitive. Windows is also insecure. But that has only to do with more underlying, structural problems with the OS. Let's not confuse things like the Administrator rights requirement, for example, with "usability" issues; things like that are software design flaws, not interface design flaws, and I think acknowledging the difference helps in attacking the problems.

Better usability != less security. At least not always. If anything, it's my opinion that improved usability makes software more secure, in that it can make it easier to make software more secure with improved interface design. But that's just me.

a similar conflict...

this is slightly off-topic yet related...

i was arguing with my boss today that "open sourcing" our software product is gonna be something we might have to do in the not-so-distant future to compete with OSS offerings. one of his worries is that if we do this and switch to a charge-for-support revenue model (ala red hat) we would actually be providing ourselves with a dis-incentive to make our package easier to use. (the easier it is to use the less support is necessary thus our revenue stream would be lessened) does this make any sense? i have to admit that to me it kinda does. what do you think?

Macs and Linux are NOT more secure.

All popular OS's are written in C, and therefore, have the same vulnerabilities since C doesn't secure itself against programming errors. MS is a target, particularly recently, because their is profit in spam, and these virii are trying to set up a spam network. If you want to email a virus with an over 90% chance of hitting a machine of a particular OS, of course you choose Windows. This doesn't excuse Windows from their responsibilities of making their OS more secure. However, MacOS and Linux are not secure either, and shouldn't rely on their obscurity as a defense.

Those Who Do

[blunte]

Those of us who do know what we're doing know how to install GCC and any other tool we might need.

Those who don't know how to install it probably shouldn't be compiling apps. They should be installing binaries using a GUI tool.

A typical user OS doesn't need a C compiler. Strictly speaking it's even a security vulnerability to have development tools on the machine.

Sounds to me like Fedora is a user-targeted OS rather than a techie/developer targeted OS. Seems wise to me.

Re:Those Who Do

[corpsiclex]

at least most of the time, i am not a developer. But the user in me still requires a c compiler for installing programs: there aren't always pre-compiled binaries for every possible unix set up.

Re:Those Who Do

[1lus10n]

Then how are people going to learn ? and why should the core linux market (geeks) be punished (any idea how long it takes to get all of the GCC shit to compile with deps ? ... ) for the sake of the few ? If Linux is going to advance it needs to stop trying to be windows and be Linux. stop with the moron proofing. Come right out with it and say "if your lazy or dumb, dont bother."

Security vs Usability

[Quenyar]

As others have mentioned, user level security is part of usability.

However, there are differences between ground up security and added-on as afterthought security.

Windows' prime security and usability flaw is that every user insists on running as root (with admin privileges). Security Check: Walk up to any computer in your building. Open a command-line interface. Go to filesystem root. Issue command that tells computer to delete everything. If it does it, then it is not being used securely - regardless of whether it could be used securely.

Windows' admins get proud of some pretty strange stuff. For example, they don't like the idea of having computers on all the time and really like people to turn off their computers at night. Why, do you ask? One reason that was explained to me by Windows proponent was that all those switched-off computers were invulnerable to hacking/virus/attack. I responded to this argument by saying that my stapler didn't get viruses, but it didn't do email very well even so.

Best security is simplest security. The more your O/S CAN do, the more it might be persuaded to do. If you want to discuss apples and oranges, we can compare W2K security with Linux router. Both are difficult to hack, but the latter is much more difficult. As Linux gets more and more market share, there are going to be more security hits, viruses, worms, and whatnot. Not doing Linux because this is true is like not doing email because you might get (will get) spam. We're grownups. We can do arithmetic. What gives me the most functionality for the least price, balanced against risk? Linux, period.

Re:Maybe... Need more sandboxes/restricted userids

[e+r+i+k+0]

What was your IP address again?

I mean, I need it for security reasons.

That's not the point

The point isn't to ignore problems; the point was that there was no "attack".

The scare was all over an application that literally did nothing but display a dialog box, but was *presented* in such a way as to make it out to be a terrible, new, easily adaptable exploit that ostensibly took advantage of some fatal flaw of Mac OS X, when in fact it's just demonstrating that an application can have any icon and any name, which has been known, and possible, on the Mac platform for over twenty years.

To get back to the original question...

[KaiserZoze_860]

Usability in its purest form means that the user has to jump through the fewest number of hoops possible in order to achieve their goals. Your programs can have streamlined menus, clear text, obvious buttons and intuitive guides and shortcuts without compromising security. Only in the case of default system settings do you see a conflict.

I would argue that certain things shouldn't work out of the box. Items such as your internet connection, terminal services (remote desktop), drive formatting (outside of the initial installation), and basically any other stuff that could kill your machine in a hurry should require a single additional step each in order to activate them.

Instead of enabling security holes the size of Texas by default, these items should have prominent, easy to follow displays which show you how to enable/disable and configure them (and perhaps a sentence on why it is disabled by default). When you click on them for the first time you should get a "set this up" wizard. You should also have the option of skipping the "wizard" style settings tool and go right a well designed advanced tool for those who know exactly what to change.

By making the act of enabling devices/services intuitive you are contributing to ease of use without sacrificing security. You are also promoting a sense of caution. If I need to take an extra step to turn something on, there is probably a reason for it. It also gets me used to how the system works and when there is a problem in the future, I'll have had the initial experience to help me resolve it.

That's my 2 cents worth at least.

--KS

Irrelevant question

[defile]

Regardless of whatever Joe Blow installs, I'll always be installing Debian. And if Debian is compromised to suit Joe Blow, I can find something else.

You don't have the choice with Windows.

Re:Mac Security - On windows too

[dragonman97]

No, not true. What the parent poster was saying is that to cause a serious effect on your system, you will get an authentication dialog box that requires you to enter the admin password. Even if you have this password, it will make you think twice, or at least put some accountability on you. In Windows, if you log in as Administrator (as most home computers ship), the malware will install with no security prompting whatsoever, as your logon credentials are enough for Windows.

Usability

[barkie19]

I'm never sure why but when the topic of usability comes up it is always assumed that usability means that you have to assume the user is a moron. MS makes that assumption. It is the default assumption in the MS world. MS knows your needs and expertise better than you do so MS assumes everyone is a moron and writs an O/S for morons. Making Linux more usable doesn't mean that the MS paradigm must be followed.

Graphical command interface?

What about this - it kind of makes me thinks of Raskin's Cat. I remember watching my Dad fool around with my TI 99/4a.

Kenneth

BAD NAME

How about if you take command-completion and apropos a level further, and pop up a menu for each successive logical item?

#cd Menu: burn | eject | play | mount |directory

You type the first letter, and it completes. You solve the problem of having to know what the commands are, because the commands are regular-language descriptors, and they're presented to you, just as they are in a mouse-clickable menu. (it could be mousable, too). You ease the problem of learning the syntax, because once you do a task a few times, you'll probably remember. If not, the options will always be there to hold your hand. It's a helluva lot quicker than clicking through 20 menus to get one task done, because you go directly from command to option.

Click through (or imagine clicking through) GIMP menus (this diagram may help), then imagine if there was 1 simple little GIMP prompt waiting for you to:

Animation 'TAB' Menu: |O|ptimize |P|layback |U|noptimize

If you wanted to do the command again, 'up-arrow' your way to happiness. Use the 'graphical user interface' for graphics. Buttons to do things that are more complicated than simply giving instructions to the machine. Drag and drop the commands out of the console into a clickable well, use it to display persistant information. Take better friggin advantage of the power of all this 3D hardware, screen real-estate, and the rising level of computer literacy of the general public. Making it 'simpler' doesn't make it 'easier' necessarily. It's nice to have things to click on, but when you can have both, why not take advantage? -itomato

Re:Maybe... Need more sandboxes/restricted userids

[thomas.galvin]

Perhaps the following:

There is a system-protected directory, which you need root access to write to, known as the "trusted applications directory." In order to put an application in this directory, you must enter the root password.

Any application run from this directory by $USER will have all of the permissions of $USER. This way, apps like mozilla/safari/office/etc can be installed by a trusted user once, and the users won't be bothered with a password prompt every time they want to save their homework or update their bookmarks.

Applications that run outside of this directory (or directories; you could have a system-wide and user-specific set of trusted dirs) would prompt for the user's password before they are allowed to write to the hard disk, and before they do anything that would require super-user access.

Am I the only one...

[mdielmann]

...that laughed my ass off at someone thinking a question like that could be resolved on /.?

Re:This depends on what you define as ease of use.

[Creepy]

I can probably answer this - the main advantage to a GUI is ease of learning what to do without reading a manual. I don't know if you ever read some of the old DOS manuals, but they were written in a way that my Dad or Grandma would never be able to figure out what to do, so they'd try the hunt and peck method.

for instance...

Dad sits down to a computer for the first time ever and see this:
#linux>

In his head - What is the first thing to do? Maybe type a sentence?

#linux>Show me what you do.
Show: command not found
#linux>What the heck does that mean?
What: command not found

Hmm - looks like the first word I type does something. I should try help
#linux> help /lib/help: Permission denied
#linux> linux
linux: Command not found

At this point, dad tries to read the manual, but it's all so much techno-gibberish that he is lost by the third page. He smashes monitor with his typewriter.

Icons:
Dad starts computer and sees a screen with three pictures and a menu bar with Start on it. He clicks Start, and some more pictures appear. He selects one of the pictures from the menu and it starts the program. He tries to click a picture on the Desktop and it does nothing. He's not really sure what to do with those, but he can run them from the Start menu, so he ignores them.

So what did we learn from this?
GUIs have multiple solutions to the same task while CLIs usually don't (aliases break this slightly, but require being a little less noob)

CLIs require directions to learn at least the basics, and often those directions aren't easy enough to understand for the computer illiterate.

GUIs facilitate learning by showing the options, where with CLIs you need to find the options, and then usually the options for the options.

CLIs have a lot of configurability that GUIs have, but not ease of learning. Even once learned, the options need to be remembered, where a GUI will put them all in front of you if done correctly, although it has a tendency to get buried in submenus (like Preferences).

Unix's advantage

[ca1v1n]

The unix world has the advantage of starting with a lot of software designed to be used in a multi-user environment by non-administrative users. The Windows world is rife with the artifacts of DOS/Win16/Win9x/WinME software development which makes no such assumptions, with the result that it is considered normal by both users and developers to have and require administrative access. While this is slowly changing, it is a problem that unix-based environments won't have to face.

Of course, people will come out with things like Lindows and face them anyway, but it should be pretty easy for them to adopt the standard linux security model if they start having significant problems.

Linux has that too...

It's called sudo.

AFAIK there isn't a graphical app to implement sudo (as there is for su, see kdesu etc.) But it does exist. sudo is very nice.

Sometimes I get the impression reading these posts on slashdot that people haven't used linux for a long time (if ever).

User Friendliness is not a risk

[Prototerm]

About 20 years ago, a friend of mine in the IT department of a company where I used to work was nearly fired for pressing the company to write user documentation for the company's purchasing system. The head of IT firmly believed that User Friendliness was a threat to corporate security.

It's nice to see that this sort of attitude hasn't changed much in the intervening time.

User Friendliness is platform and interface agnostic. It is a state of mind, not a set of tools, keywords, or icons. What works for the normal user might be inappropriate for the programmer or system administrator. Good UI design considers who the person is that's using the program, not try to apply one person's standards on all sorts of users.

One common problem I've seen is the "dumbing down" of an interface to meet the needs of the lowest common denominator. This is just as bad as forcing everyone to use an obscure, hard-to-figure-out interface.

The best solution, in my opinion, is to give people a choice of both lowest-common-denominator and power-user interface, since even among a group of users, abilities differ.

A poorly designed interface is what gives rise to security problems. Another factor in security risk is allowing programs and system code to interact too closely together, as Windows does, with no effort made to enforce security restrictions. Thus, the problem isn't giving an email program an easy-to-use interface, but giving that email program abilities it shouldn't have had in the first place.

Catering to the lazy user (as opposed to the non-expert user) is another area where security problems may arise.

User Friendliness and Ease of Use is not the cause of security risks, and making Linux easier to use will not increase the security risk of using it. Security through Obscurity has never worked, and never will.

Eh?

[raehl]

If TV's and movies and video games are popular because we're a visual species, why do we spend so much money on music?

TV's and movies and video games are popular because they are 1) Easy and/or 2) Interactive. Sit, receive.

Your definition of precise is off. I think you mean that writing is much less descriptive. If meaning is easily lost, that's not precise - precise would be very little variation in interpretation - and in fact, sometimes you WANT writing to be imprecise, it's what lets the reader draw from their imagination.

But if you're trying to tell someone how to build a widget, you probably want precision. If you're describing what your girlfriend looks like (it's hypothetical, ok?), writing will only get you so far, as the reader is invariably going to have to fill in the details you've left out. A picture or diagram will be more precise in those cases.

You're sort of right on information - GUI's arn't popular because they're more space eficient (they're not) or more time efficient (they are), but because they are easy to comprehend. Your brain has a very easy time understanding big, small, red, green and blue. It has to jump through significantly more hoops to make sense of '1', '9', and '11', or "Your hovercraft is full of eels."

p.s.

[filmsmith]

I personally find it a little insulting when someone replies to me, yet addresses a third person.

fs

Re:p.s.

Does anyone else agree with me that this guy should just fuck right off?

Re:p.s.

[Deraj+DeZine]

That's funny; I didn't address this guy directly because I wasn't talking to him, but rather to the mods who thought his post was worthy of an insightful moderation.

Re:p.s.

Yeah well fuck you I don't need to take this tone of voice from you. And fuck the mods who modded me down, you can't mod this now can you?

Re:p.s.

[filmsmith]

I know. Sad thing is, the mods won't see it and (really) no one will care or answer you.

It just seems to me that the method of communication on Slashdot is really twisted. I'm of the opinion that conversations should be held using the replies and that should someone desire a third party response, a plea for such can then be made.

Anyone else out there agree with this? Or do more AC's just wanna cuss up a storm for the sake of being dicks?

fs

p.s. Thanks for responding. I really appreciate it. And I meant no ill will.

People should be ignorant

So you think it's good for people to know nothing about their operating system?

Ignorance is never bliss when it comes to operating systems.

No word in English

[Simonetta]

As far as I can tell, there is no word in everyday English that means 'being unable to speak the local language'.

This is quite a common occurance nowdays. Hop on a plane and within a few hours you can be in a place where you can't speak the local language. But we don't have any word for that condition.

Allow me to propose the new word:

illinguate

from 'illiterate' and 'linguistics'.

Re:No word in English

As far as I can tell, there is no word in everyday English that means 'being unable to speak the local language'.


Sure there is. "American."

Re:No word in English

wow your an idiot. I can't think of anywhere in the US that I could travel and not be able to communicate easily. Perhaps if I went to England, I would not be able to speak Caucney English, but then again, no else can either who is not from there. Sorry, just wanted to point out your stupidity.

Re:No word in English

[tekunokurato]

Er, he didn't say in the US. One could go south, or to iceland, or to certain parts of canada. Or, you could take a perspective that doesn't focus on the US (as he didn't say that AT ALL), and realize that the world is bigger than you imagine.

Re:No word in English

[macwhiz]

The word you're looking for is "inarticulate."

It means "without or deprived of the use of speech or words."

Example: "That poster is inarticulate with English."

Re:No word in English

I believe the word you are looking for is

stupid

Re:No word in English

[cbiltcliffe]

As far as I can tell, there is no word in everyday English that means 'being unable to speak the local language'.

Well, if you're in Canada, the word is "Chretien".

For our non-Canadian readers, our former Prime Minister, Jean Chretien, was so grammatically obtuse that he was once called "The only Prime Minister unable to speak either of Canada's official languages."

Re:No word in English

[megazoid81]

I'd suggest 'avernacular'. Vernacular is a straightforward enough word for the local language. Negating that with an a- prefix would arrive at a meaning similar to the one you propose.

Re:No word in English

[thinkninja]

Monoglot/monolingual is almost the word he is after since it describes the problem most native English speakers have.

How about "tourist"? :)

Re:No word in English

[Sj0]

I thought that was a synonym for "managing to travel to another country without REALIZING that you're in a different country".

Example: "WHAT!? WHY, BACK HOME I CAN BUY MYSELF A BIG OL' QUARTER POUNDER WITH CHEESE IN ANY RESTURAUNT, BUT YOU'RE TELLING ME I CAN'T GET ONE HERE?! AND WHAT'S WITH THIS MONOPOLY MONEY I GOTTA USE? CAN'T I PAY IN REGULAR MONEY?"

Best said(yelled) in a world famous resuraunt, renowned for it's refined culinary palette, possibly (but not nessessarily) in france. :)

Re:No word in English

Or is it "USian"?

Re:No word in English

[tehcyder]

Example: "That poster is inarticulate with English."

Er, not really, it's "that poster is inarticulate in their use of English" in English.

Oh, and you can be inarticulate in your own native language too, so it's not really precise enough for this usage.

Re:No word in English

Agreed. Being inarticulate does not mean you cannot speak a language, it just means you do not speak a language well, in a comfortable manner.

Like the poster who suggested 'inarticulate'. ;-)

Re:No word in English

[Simonetta]

The word you're looking for is "inarticulate."
It means "without or deprived of the use of speech or words."

In common usage, 'inarticulate' means not having the vocabulary in one's native language to express one's current emotion or situation.

It does not mean being unable to make even simple communication because one doesn't know the vocabulary of the commonly spoken language of one's present surroundings.

I still believe that there is no word in English for being unable to speak the local language.

I suspect that this is true for most languages.

Re:No word in English

[Simonetta]

Monolingual would describe a person who only speaks their home language. That's different from being in a place where you don't speak the local language regardless of how many other languages that you've mastered.

Being unable to speak the local language is a common tourist situation and one whose complexity and overwhelmingness is ignored until the tourist finds themselves in that situation.

It can be really uncomfortable when one is of the same general appearance of the local people whose language you don't know. No one who randomly speaks to you will be aware that you are illinguate and will instead assume that you are a mentally retarded freak or exhibiting extreme anti-social behavior towards them.

To my eternal dismay, my racial characteristics make people assume that I'm German. Once in Germany on a business trip, I tried to buy bananas in a local supermarket. I brought a small number to the counter and the check-out clerk spoke harshly and loudly at me for almost an entire minute before having the manager escort me to the door (without being able to buy the bananas).
Finally I said 'Es tut mir leid...Ich bin Americaner. Ich sprech kein Deutsch.' which was all of the German that I knew then.
A light went on in his head as he realized what could have caused the whole situation, but still threw me out of the store.

I've heard that these situations are much more difficult for fifth generation Japanese-Americans whose ancestors restricted their marriages to other Japanese-Americans. These people have enormous difficulty when visiting Japan because they are ethnically Japanese while being either completely illinguate or unable to understand the unspoken subtleties of the language.

Re:No word in English

[Simonetta]

(as he didn't say that AT ALL) ...he didn't even say that he was a he...

Thank you,
Simonetta

Re:No word in English

[Simonetta]

I'd suggest 'avernacular'. Vernacular is a straightforward enough word for the local language. Negating that with an a- prefix would arrive at a meaning similar to the one you propose.

An excellent suggestion.

My only partial doubt towards this word would be that it might imply that a person doesn't completely understand the local dialect, such as a tourist in Jamaica, or doesn't follow a specialized vocabulary, such as a defendant unversed in legal vernacular.

'Illinguate' conveys that sense of total alienation that comes from knowing that one can't even express the simplest verbal communication with the people around you only because you don't know the local words for common things and expressions.

Re:No word in English

[Simonetta]

There isn't anything uniquely American about being in an illinguate situation.

Americans happened to be the leading world power when technology advanced enough to allow millions of middle-class people to travel very long distances easily for vacations.

That, coupled with the historical American tendency to surpress the languages of immigrants in favor of English, led to the current situation where people assume the uncouth behavior associated with culture shock and illinguacy to be a cultural characteristic distinctly of Americans.

But in similar circumstances, it can happen to anybody from anywhere.

I live in an American suburb of a small city. Twenty years ago my friends and I laughed at smug cuteness of our little town. Then we got hit with a wave of immigrants from all over the world. About one quarter of the local people are from very different countries. I myself find it exciting. For example, as a kid in the late 1960's, Red China was as culturally far away as the dark side of the moon. But last week I met a middle-aged Chinese woman waiting at my bus stop who told me that she had actually been a Red Guard and had once traveled three days during the Cultural Revolution to hear Mao speak in Tienamien square in Beijing.
I used to worry about not going out, traveling, and seeing the world. Now I don't. The world has come to see me in my little town in Oregon.
I have seen literally none of the racism and xenophobia that people normally accuse Americans of having. It's probably still out there, but not in sleepy little Beaverton.

Re:No word in English

[Simonetta]

Best said(yelled) in a world famous resuraunt, renowned for its refined culinary palette, possibly (but not nessessarily) in France.

A cultural stereotype situation from the 1960's. Typically used in Hollywood movies to portray the 'bad foreign vacation' cliche.

But funny, nonetheless.

Ever seen anything remotely resembling it in real life?

Quote from the secret American all-purpose tourist guide book for dealing with foreigners: "Quand personne ne comprend ce que vous dites, parlez juste plus fort!"

Re:No word in English

[Simonetta]

When you're the youngest (or next to youngest) of fifteen children, you learn quickly how to speak in a way that has all the superficial appearance of being polite but has no real meaning that can be used against you in the future by older brothers eager for any excuse to knock you around for fun.

This guy would have been a master politician in any country.

Re:No word in English

[Sj0]

I deal with americans all the time. You have no idea how bad they can be. It's sad.

Re:No word in English

[dustmite]

Actually, he/she could even just stay in the US, too: There are still roughly 150 indigenous American languages in use. (Although most of those are going extinct fairly radidly)

Re:No word in English

[dustmite]

Unfortunately, someone beat you to it, that word has already been used, from google: http://www.asa3.org/archive/evolution/199808/0150. html. Although there it seems to be used for a bit of a different meaning - not being able to speak a language. Amazing, only one other occurrence of this word on the Web.

Uh, everyone knows how to read their CLI email...

[raehl]

strongbad_email.exe

I don't think so

[tarballedtux]

Surprisinly some of the better systems to "0wn" are linux hosts. So why don't these "l33t h4>0r5" crack a government box or something better than a Microsoft common vulnerability. Cause it is too hard for them.

Re:Mac Security

The problem is that most users don't know what the admin authentication dialog really means, and they get asked to do it all the time by poorly-designed apps and installers. It becomes second-nature, and it won't stop a trojan from spreading, though it will slow it down a little.

The Unix 102-button mouse

[mveloso]

Funny, I was just thinking today about all those people complaining about Apple's 1-button mouse usually are the same ones that use the 102-button mouse on a daily basis. They'll never be happy with less.

You'd have to be a pretty big loser...

[raehl]

To fall for the "I have encrypted this super-secret document with the password that I have sent with this document." trick.

It's like putting your valuables on a safe with a note on the front saying "The combination to this safe is...."

Re:You'd have to be a pretty big loser...

[Grayputer]

Actually the wording is along the lines of:

The mail system has come under virus attack, several accounts including your account have been attacked and have been suspended. We have included a form that you will need to fill out in order to have mail service restored. Since the form includes spaces for a new password and some personal information, it has been encrypted. The password on the form is: xxxxx, please forward the form to supportstaff@yourcompany.com after completion.

Obviously you should NOT include the form password in the return mail or your password and personal information could be compromised again.

-- The support staff

It has all the correct domain names filled in, reasonable to/from headers (the rec'd headers are obviously bad but outlook and several other mailers do not show those without asking and most non techies do not ask), and reasonable generic addresses to forward to (supportstaff@xxx or helpdesk@xxx).

Like I said, pretty good, not perfect but definitely very good luser bait. Unfortunately we DO get encrypted files from off-site so blocking ALL encrypted files is not an option. Guess it's time to build an encrypted file whitelist [sigh].

Obligatory response

[Tim+Browse]

Hopefully your expertise will help shed some light on (and bring to and end) our discussion.

You're new here, aren't you?

Doesn't that prove the point?

[raehl]

1) Vulnerabilities are bred by stupid people.
2) Software must have good usability for stupid people to use it

ergo

3) Usability breeds vulnerabilites.

I think you've beaten this hornet's nest enough.

You've beaten the hornets, too.

This is why Slashdot and the slashdot readership is laughed at (regardless of what you say or think).

Here's Correlation for you:

[raehl]

I have a computer with a fried power supply. Its usability is 0, but its security is infinite.

Re:Here's Correlation for you:

i'll fucking bludgeon your nuts with my boot, and when you are on floor howling like a gibon, i'll walk out the front door with your computer. fried power supply and all.

your security is shit.

Mod Parent Down

Stupid people will run what came with the box they bought at Best Buy. When those boxes start shipping with linux, they'll be on linux. The REALLY stupid people shop at K-Mart, who I understand are in the business of ubercheap linux boxes these days.

Anybody who knows how to run something as root (and how to do it) would know how to look at the script and decide what it's doing.

Try reading the parent's post carefully next time.

Re:This depends on what you define as ease of use.

[squidfood]

#linux>Show me what you do.
Show: command not found
#linux>What the heck does that mean?
What: command not found

GUI's are for people who can't play Zork.

The user has to trade their 'freedom' for security

[mgbastard]

Sounds like I'm talking about the US, but I'm talking OS UI design. Even if you have a "secure by design" OS, with quality implementation practices and design patterns, the end-run is, the user is not going to be allowed to do whatever they please to a secured os. If you have access to run untrusted/approved code on the box, you cannot be secure. Prove me wrong. You can get close, but there will be always be a local memory map hole of some sort.

As long as you are allowing the "power user" to have the unfettered access to modify the system, its a pipe dream to think you can prevent bad code from running. Even on Mac OS X, the "administrator rights" dialog is simply a nuisance, to be dismissed with the login/pwd. Users are trained to enter it, because it occurs so much. It should be SO difficult to run code at elevated privileges, then just maybe application developers wouldn't annoy their users with the authorization. Almost nothing folks run needs elevated privileges, unless your a true uber geek.

I think most here would agree with the following: if you have local hardware access, there is no software/hardware security past the lock on the door.

But with careful UI design, and good enterprise software distribution, you can get pretty close to a secure OS, that still lets you get the job done. I don't know how you teach Joe Home User not to run a Trojan, aside from flashing horrible warnings that he's likely to be running one now... (unsigned/modified after signing code, etc.) But as we've witnessed, hardly any developers mess with the Microsoft Signing, unless its a driver that shipped with windows :| Perhaps the FSF or a major linux binary distro could start a code signing initiative. There is nothing wrong with compiled code for the masses... (don't make me slap you!)

You have to pound the crap out of any middleware that is allowed to run remote code.. like ActiveX and JavaScript. Your system policies can prevent unsigned ActiveX from running - JavaScript on the browser can get too deep into the bowels of the OS, and if that OS isn't secure by design... well don't run untrusted JavaScript either. System policies can handle this too. Unsigned MS Office Macro's are rediculous to ever allow to run. The same goes with any code block before it's allowed to execute in an email message. Throw up a stern warning.

If you're using a real interpreter...

[raehl]

s/Us/Li/

ANSWER.

[Eric_Cartman_South_P]

Q: Does *nix + usability reduce security?

A: No. For more details, visit www.apple.com

You must be kidding.

Any study which claims kids don't have a significant computer learning advantage relative to adults is highly suspect. Conventional wisdom: if your computer doesn't work, call the neighborhood 8-year-old.

Nope: root is going away, protocol hardening, ...

[Spoing]

As Linux becomes easier to use and more popular, there are multiple reasons why it won't become a virus/trojan/spyware trap like Windows is.

1. SELinux and other extentions to Linux basically remove the traditional super user account.

   Super user is a single account that can do everything. (By default, super user is named "root" on *nix and administrator for the NT branch of Windows.) When it goes away, breaking in and causing system-wide changes will be much more difficult by default.

2. Right now, it is trivial to convince many Windows users to install bad software or to run apps they shouldn't. Over time, that will change...though other angles will still be open to these programs; weak protocol/APIs.

   In the meantime, Linux (not having making it easy to install this garbage) is becomming harder to penetrate since the main way to get things running is to force it on to the system or to actually behave and to get it running because the program is actually useful. By the time that Linux is super popular, the benifit of decades of hardening that Unix systems have supported will be even stronger, not weaker.

3. The gaps to fill are much smaller.

   Under Windows, most of the freeware+spyware apps for Windows are there since Windows doesn't provide a feature.

   Linux -- with KDE, Gnome, and Mozilla/Firefox -- often provide most of these creature comforts and it can be argued that there may be too many features (thus the Gnome simplification changes -- if you agree with them or not).

   If a need arises for a minor utility, chances are it will be incorporated into KDE/Gnome/Mozilla/Firefox/... elimitating the teaser app that carries the spyware along with it.

4. Very protective community.

   If a version of spyware becomes sucessful under Linux, chances are this will annoy enough people that they will change the design of the software (KDE/Gnome/Mozilla...) so that -- like pop-ups in browsers now -- the spyware will become largely ineffective and sterile.

   There are no commercial interests to ensure that this type of dammage is ignored. It will be routed around and not just for one specific annoying piece of spyware either; for everything in that class.

Ever see somebody who's *really* good at the CLI?

[walterbyrd]

On a *nix system, it can be just amazing.

Some people can do about 14 different computer operations in the time it takes most users to grope around for the mouse.

Usability is a prerequisite for security

[aminorex]

People don't use secure systems because they are
inconvenient. By making them more usable, it
becomes feasible to enforce their use, hence
improving effective security.

Wha? bout the question

I think there are two different cases. There are features that are intrinsically insecure. Imagine, for instance, if a sexy sythesized female voice whispers everything you type, what could be considered very user friendly ;-). Now type your login. That's insecure. In general those intrinsically insecure features have to do with connecting your computer with a network (or, in the previous case, "connecting" it with the room you are). User friendliness here means vulnerability.

In very sharp contrast, there are things that could be turned user friendly to the extreme. For example, I would have loved go through XFree configuration without have ever learned about "modelines". Just a single line on the config file: "I have 1 video card and 1 monitor." In this second case, vulnerabilities are in direct relation to the quality of programming and so it can be different for different systems. Here, user friendliness means bigger code and bigger databases (user friendliness usually means treating a lot of different cases to make the relation to the computer seem more natural). In a networked case, it's very interesting to click on a link to a net radio and have your favourite music player automatically loaded, and if this code is "perfect" (that is, reasonably well coded), this would never be a security vulnerability. This feature, however, does mean a lot of plugin programming, handling of mime types, identifying valid data, etc.

Since programming in Linux is far more cooperative than in closed source software, it turns to be a simple matter of figuring out what is intrinsically insecure to implement and what is safe (and to what degree). It should never be a matter to the user to become aware of security issues in his computer until he has some confidential data to hide. For example, mail software could never execute code. Maybe the user never wanted it to. It would be as easy if there were a big fat button written "You have received a program. Click here to execute it".

Henrique Dante de Almeida

Why Windows is Insecure

[mslinux]

Below is the truth, the whole truth and nothing but the truth.

Windows was originally designed as a single-user, game-playing operating system. It had no concept of networking or segmented user space or file permissions, etc. These things, among others, were added on later as the need arose.

Windows was originally marketed to home users who wanted to play games and small businesses who wanted to track a few dozen or perhaps a few hundred accounts/clients.

Today, MS has positioned Windows as an Enterprise class OS. People who grew up playing games on Windows should know that this doesn't make sense.

I used to laugh when looking for patches for an NT4 domain that I administered a few years ago. I'd skip all of the new video (DirectX) enhancements that were constantly avaiable. What did gaming/video drivers have to do with domain controllers?

In short, you can't make something into something it's not... at least not without many problems. MS Windows is a classic example of this.

Re:Why Windows is Insecure

[BCW2]

All correct above with one addition:
Institutional philosophy of rights and permissions
In windows you have everything until someone takes it away.
I the world of Linux/Unix you have nothing until root gives it to you.

Windows could be secure, if it was rewritten from scratch. Look deep in the tree, there are stil 3.1 and 3.0 modules in there>

Viruses

[JPEWdev]

I for one, am glad that there are plenty of lusers out there who open E-mail virus.

1. It gives me a job that I get paid for
2. More importantly, as long as the lusers keep getting the viruses, the people that write them will feel no need to make them more advanced, and thus the people that do know what they are doing are less likely to be suprised by an unknow virus. Make sense?

maybe kinda selfish... but it works.

Re:Viruses

[Grayputer]

Ahh yes a real world example of the bear joke. For the uninformed:

Two fishermen are suprised by an angry bear in the woods. The first guy looks at the second guy and says, let's run. The second guy says, you can't outrun a bear. The first guy points out, I don't have to outrun a bear, I just have to outrun you.

Problem: for all you know, the 'second guy' has been practicing or eventually all the slow 'second guys' get eaten by bears. Either way, ultimately you too get eaten by a bear. So this is not really a good strategy, IMO.

KNOW YOUR USERS!! Security is in the INSTALL !

[lcsjk]

For many user's, the real security is whatever the programmer can manage to put into the install as a default. Yesterday I helped an lady, age 55-60, with her PC. She had purchased McAfee's (download) antivirus upgrade and did not know how to install it onto her computer. It turned out that McAfee's Firewall, not the antivirus, trial had ended, and she had followed the "buy it now" link (she thought), but somehow managed to purchase "SecureIE". This lady's main security is that I set her computer to use Mozilla email in order to avoid MSOutlook. She doesn't even use IE, and has no idea of what the word "Browser" means.

My point is that for most older, and many young users, PC security is no more than is built-in by the programmers. Programs need to install themselves, and security updates need to be completely transparent after a mouse click. Popular programs like McAfee are only secure if they make themselves secure.

Re:and I quote...

[dizgust]

I love that one. I invented something close once : "Linux can be repaired. Windows can only be broken".

My teacher always said

[alphax45]

That security is inversely proportional to usability; increase one and the other suffers. It makes sense to a point; as the most secure systems are (usually) the most simple ones; but that usually means no net; no HDD; etc; and more of an emphasis on Physical security. Once you start connect machines to other machines (increasing usability) you inherently decrease security. Just some thoughts

Bottom Line: Design Matters

The fundamental challenge is resolved by clear requirements and good design. To make things more user friendly (or are you trying to say dumb-user-friendly?), there simply needs to be easier ways to do things. I remember my first linux install took 3 days and multiple attempts. With Suse 8.2, it took all of a couple of hours (most of that watching a movie in the other room). Tools like YAST provide a user-friendly means to accomplishing what scripting did several years ago. Unix/Linux have some more stable security features by design of their architectures - and that allows them to be more secure by default. Second to that, the education process still (as always) needs to continue.

Instead of the continuous barrage of "software failures" we all read about, I think we need to consider that there are successful ventures out there. Good software does exist and should be touted around more often to educate others. Or is every techy person a pessimist by nature and it's pure dumb luck that we accomplish things like sending people to the moon or rovers to mars?

One more thing - regardless of how "idiot-proof" things are made, there will always be a bigger idiot right around the corner.

Security-through-Obscurity Argument

[JGski]

This argument is nothing more than the same old and discredited "Security-through-Obscurity" argument wrapped (bizarrely) in the flag of Usability. Talk about Orwellian! We must keep it hard to use (and prone to errors even among system admins) in order to keep it secure!? Next: we need to destroy the village to save it; kill the villagers to save them!

This illustrates why usability enhances security

[xant]

Read this.

The problem isn't that windows is too secure. The problem you're describing is that Windows is not usable enough to make certain "advanced" (for lack of a better word) operations accessible to the users who need them. Important functions that are hard to reach == reduced usability. Reduced usability leads to errors and security flaws.

... Also, as another user pointed out to you, windows has runas. Runas is not exactly well-known. It's a hidden feature in a command line that's already hidden from the user as much as possible. Therefore, its usability has deliberately been reduced by the engineers of the Windows system, and it illustrates this point as well. I think the poster I linked to is dead on; usability leads to increased security, not reduced security.

Well written software ...

[rben]

should be both easy to use and secure. The two are certainly not mutually exclusive though it does require more resources to accomplish both goals than it does to address only one.

For most of the eighties and early nineties, security was not nearly as big an issue for desktop systems as it has become recently. Usability was the big issue, so that got the lion's share of the resources. On the other hand, security was much more important on interconnected systems like the systems at universities and those used by DoD and large corporations. For that reason, security was emphisized for the operating systems that were built for those types of machines. Linux inherited some of this security orientation because of it's roots in UNIX.

The programmers working on Windows not only had to make the operating system easy to use, they also had to deal with techincal decisions that were driven by marketting and political concerns rather than engineering best practices. It's not surprising that Windows is less secure than other operating systems that were originally developed in more security aware environments.

Programmers working on Macintosh Operating Systems had a big advantage over Windows programmers. They were working in an environment where there was far less variation in hardware than you find in the rest of the PC world. That left more time for development of good user interfaces and secure code.

Finally, we shouldn't forget that some of Windows' reputation for being insecure comes from it's popularity. A virus writer who wants to make a big splash might concentrate on attacking Windows machines because of the larger installed base and because he or she finds more tools available for writing malware that targets Windows. It's also likely that malware authors write first for the operating system they use and are familiar with. Microsoft's stranglehold on the personal computer operating system market works against it there as well.

In today's world, good user interfaces and security are both important requirements for any software under development. With good planning and realistic estimation there is no reason that software can't be written that is robust, secure and easy to use.

Shameless self-promotion

[user555]

Here's a link to a paper I wrote on a somewhat related topic.

Basically I argue that there is a tradeoff between security and general functionality. Technical advances do not change the basic trade off and have historically resulted in additional functionality but no additional security.

(Usability is just a sub-case of functionality in general.)

I would be curious to know what slashdot'er think of this idea.

Usability isn't about dumbing down

[c0d3h4x0r]

Security does not have to suffer if you have real usability.

Usability doesn't mean dumbing things down in insecure ways. Providing root access to all users, for example, is a hack job approach to usability. It takes a fundamental design mistake of the system -- the inability to install programs or administer common things without root access -- and completely bypasses it, rather than redesigning things in a sound way to facilitate security AND usability.

Usability doesn't even mean that someone with absolutely zero clue will be able to properly administer or run a computer.

Usability just means that any normal person can learn to use it quickly, and can use it from then on without unnecessary hassle or complexity. Usability means simplicity, organization, consistency, predictability, and responsiveness.

Proper usability benefits both newcomers and experts equally, because it eliminates hassle and minimizes time investment for everyone.

Don't make a user redo 40-step process from scratch just to change their mind on one item. When a user clicks something, give them instant, consistent, clear response, not 30 seconds of hard drive chatter or an unhelpful hourglass. Don't make a user spend an hour learning some new thing every time they want to accomplish a simple task such as installing a device driver or a program. Make all programs behave and appear in standard ways.

Or, to summarize: don't make users keep jumping through painful learning hurdles at every turn. Let them learn how to do something once, and make it easy to learn with as few steps as possible. Make it consistent, standardized behavior across all programs and the entire OS so that the user's new knowledge actually empowers them to do everything painlessly from then on.

The fundamental thing preventing Linux adoption is this one key point. With Linux, you have to keep learning and doing everything all over again. Slapping a pretty GUI interface over top of that mess doesn't make it any more usable. It's still a giant hassle due to the chaos that lies underneath. You invest a ton of time to finally figure one thing out, and that doesn't enable you to do other things any more quickly. Nothing works the same across the system. Nothing is standardized. There are 400 different ways of doing the same thing, when there should in fact just be one way. Configuration of programs often means carefully supplying options to a poorly-crafted configuration script, which then forces the user to start over at the beginning of the process if they fouled up just one option. Other times it means learning an entirely new pseudo-language just to configure the program.

Different Linux GUIs try to work around the chaos underneath, but the problem is that it's already too complex and poorly architected. That's why GUI configurators for hardware or device drivers only get you 50-70% of the way there, but you still have to go hack around on a command line and recompile the kernal to deal with the other 30% of cases. There are too many special-cases and different ways of doing things under the hood for any GUI to be able to present it in a consistent, clear way.

A GUI isn't even necessary for Linux usability. All the focus on the GUI is misplaced effort. The underlying system needs to be made usable first.

Depends on how you look at it.

[WanderingFighter]

Okay. IMHO, I would have to say that the Linux community would do well to start pushing out Desktop quality OS's. Look at Red Hat and Suse. Both versions are excellent, and are capable of replacing Windows for a Desktop.

Now, to the question of security. XP is a good OS, but. All the security problems makes you wonder. Is this a problem devoted to just it being whats run on 85 % of the worlds computers? Yes and no.

I think its on equal parts, of it being pushed out the door before more development could be done, and it being so popular. Also I give credit to the hundreds of thousands of idiots who download .exe files and scripts of shady website, and P2P network. If people were smarter, there would be less problems.

Now. Linux, again IMHO, and Os X. ARE more secure. This is in fact to better coding, more R&D on the coding, and by being less known.

Linux users are in general smarter than windows users. And considering Linux is Open Source; problems can be found faster than closed source software can. Seriously, would you buy a car with the Hood welded shut?

Microsoft is honestly trying to make XP more secure. And if Service Pack 2 lives up to what hype is making it. Things might get better.

I use XP for gaming, and demo-ing software. {Family Comp}. But for my Laptop I run Suse 9.

The same was said about a multi-tasking envirnment

[HP9845Lives]

This reminds me of the old debates related to multi-tasking on the Amiga versus non-multitasking OSes at the time. It's really a question of whether developers take advantage of the (security) features made available to they by the host operating system. How many legacy Microsoft applications risk breakage by incorporating new security features while they're in the user feature upgrade process? The same will be true of a developer on any operating system if they just keep adding on top of obsolete/insecure code and practices.

ridiculous argument.

What is going to change to make linux less secure by adding on extra gui tools?

Is the command line going to be removed? I dont think so.

Are the tools that manipulate the config files going to lack features that you can have using a text editor? I would hope not.

The only way it will make it less secure is if the gui components are programmed really badly.

And if a gui makes an application or operating system less secure. Then something very wrong is being done.

History's Answer

[Brandybuck]

History already supplies us an answer to this question. Lindows originally shipped with a password-less default root account. Why did they do such a braindead nincompoop maneuver? Because it made the system easier to use. I know several people who think Linux is too hard to use because they have to log in.

The security of a system is inversely proportional to its convenience of use. It follows that the more convenient we make a system to use, the less secure it will be.

I am rapidly coming to the conclusion that while we shouldn't deliberately make software difficult to use, it is equally wrong to cater to the lowest common denominator user. We erred when we decided that computers should be easy enough for completely untrained users to operate.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Yes.....but

[ChrisJones]

Making it easier to use doesn't directly make it less secure in my opinion. Other than software bugs (which are common in open source stuff too, let's be fair), it is possible to make Windows fairly secure from a network point of view.
The problem is that making it easier to use lowers the barrier of entry, so you have people who aren't clued up to security best practices setting up mission critical machines. THAT makes them less secure, not the interface to the same software. imo natch.

Re:This depends on what you define as ease of use.

[westlake]

GUI's are for people who can't play Zork

But development at Infocom didn't end with Zork 1. The ideal was to keep the player's focus on the game and not his on his battle with the command line processor.

A mouse is not intuitive

What about your presumtion that the 'Dad' knows what to do with a 'MOUSE'. It has been shown that the desktop mouse intuits NOTHING about its function.

JoeR

Um, sorry but...

... usability is never a liability.

All else being equal, the product that is easier to use is better. I think you're confusing usability with something else.

no IMO

[firefly2442]

With more people supporting and creating code fixes for Linux, security will just go up. Just like supply and demand.

popularity will "decrease" security

I don't think linux has had a real test of its security until it is as large of a target as windows.
I've just been getting back into *ix, and linux particularly. With all the cool things you can do, and all the different disros out there, it's pretty easy to leave something nasty unbuttoned and waiting for exploiting it seems.

Damn trojans

[Ilan+Volow]

Not only do they prevent you from enjoying sex, but now they attack your computer as well.

And thus the evil of condoms is revealed.

Re:This depends on what you define as ease of use.

[TrentC]

So what did we learn from this?

That a person on Slashdot can construct a hypothetical situation to support any point of view.

Hmm - looks like the first word I type does something. I should try help
#linux> help
/lib/help: Permission denied

Funny, I type "help" on my linux box and I get:

GNU bash, version 2.05b.0(1)-release (i386-pc-linux-gnu)
These shell commands are defined internally.
Type `help' to see this list.
Type `help name' to find out more about the function `name'.
Use `info bash' to find out more about the shell in general.
Use `man -k' or `info' to find out more about commands not in this list.

A star (*) next to a name means that the command is disabled.

(There is more, but the lameness filter blocked it...)

So a help system that is incorrectly configured is apparently an example of the horrible usabiity of a command-line UI?

At this point, dad tries to read the manual, but it's all so much techno-gibberish that he is lost by the third page.

Nice bit of hand-waving there. "Darn, I forgot, the manuals might actually have useful information. Well, I'll just pretend that it's too geeky for poor old Dad to read through..."

Jay (=

Re:This depends on what you define as ease of use.

I know the solution:

put "man bash" on a peice of tape attached to the monitor. then if the user ever asks for help you can yell at him for being such a stupid helpless baby, tell him to type what's right in front of his face and hang up on him.

basic navigation solved and then the user can blossom from there as they see fit.

Re:This depends on what you define as ease of use.

Firstly, the last thing anyone would want is to dumb down the shell so that the commands you entered would be valid. If Joe User actually thinks that the default shell is advanced enough to recognize the English language, he should not be using Linux to begin with.

"CLIs require directions to learn at least the basics, and often those directions aren't easy enough to understand for the computer illiterate."

Linux is not designed for those users (e.g. mom and dad) in mind. Such users pay for companies like Microsoft to make software which is easy and intuitive to use. Linux and Windows fill two separate niches. I do not think it is fair to say that one provides a superset of features of the other.

"CLIs have a lot of configurability that GUIs have, but not ease of learning. Even once learned, the options need to be remembered, where a GUI will put them all in front of you if done correctly, although it has a tendency to get buried in submenus (like Preferences)."

GUIs lack a lot of configurability that CLIs have. Hence, CLI-scripting languages (e.g. bash) are often used to perform complicated tasks that would otherwise be cumbersome to perform with a GUI.

On another note, if an organization (e.g. Lindows) wants to create their own distribution to appeal to users who want a more user-friendly environment, then so be it. However, the Linux community should be wary of changing their development focus to satisfy such users.

The fact that many Joe Users do not like our software is not our problem. If Joe Users do not pay for their software, why should we be inclined to make our software work for them?

Don't get me wrong. Developers should be encouraged to help out the community by developing and providing free software that is useful. However, they should not be expected to make their software so easy to use that any monkey can use it. Let companies like Microsoft do this... they are the ones who must succomb to Joe User's demands. Fortunately, free software developers are not encumbered by the same problems (e.g. deadlines, budgets, and usability aspects.)

This goes back to my point that Linux and Windows fill two separate niches. Linux is whatever you want it to be. Windows is whatever sells.

apples v. oranges

[frAme57]

The question is a strawman. The underlying (and false) assumption here is that security and usability are inversely proportional. The other questionable assumption - that Windows is, by definition, user-friendly - is such a tired subject here that I won't even touch it.

Windows is not less secure because it is "more user friendly" and linux is not more secure because it can be obtuse and seem l33t-friendly. Windows is still locked into a one-box, one-app, one-user approach to things. And until they change that - and demand some basic network savvy from their average user - windows will never be more secure.

The unices were designed for a networked environment with lots of users with varying degrees of access. Security wasn't as afterthought - it was a prerequisite. As long as they are developed properly, adding some pretty icons, some control panels, even some (shudder) wizards will not make Linux less secure.

And since your pro-MS buddies are horrified by the thought of an open-source system,"open(ing) itself up" to "Joe User", I wonder why you're even taking the argument seriously. Burn them some liveCDs (I'd start with Knoppix, SuSE live-eval and FreeSBIE) and ask them to give those systems a good, hard look.

Usability != Liability

[thewiz]

As a daily user of all three of the mentioned OS's (OS X, Unix/Linux, 2000/XP) I've encountered the various problems and pitfalls that each have.

Just because on OS is very usable (easy to understand, navigate, etc) does NOT make it more liable to be hacked/trojaned/virused. What makes an OS a target of the "crackers"/script kiddies is how easy it is to bypass or defeat an OS's security system. The real blackhats enjoy a good challenge while the "crackers" and script kiddies want to do as little work as possible; all they are interested in is causing chaos and havoc.

Unfortunately, there are many more "crackers" and script kiddies than there are blackhats. As a result, the OS that's easiest to penetrate will ALWAYS be the one that gets attacked the most.

SELinix == ZoneAlarm on Steroids

There was a recent discussion on the Fedora-Devel mailing list (it hasn't been archived yet, so I've only seen the first post) that described SELinux as a ZoneAlarm on Steroids.

I can imagine a world where, signed packages from a trusted source could be installed and they include their SELinux permission settings, and all is well so they don't bother the user. However, if a user decides to run some Joe Random Binary in their home directory (that they got from some email) - it could run in a jail, i.e. SELinux won't let it open a port, open a file, or pretty much do anything.

Now that might annoy people, but it could work with dbus so that, once SELinux decides this app doesn't have permission to say, Open a file, it could suspend the process, and send a message out via dbus to the desktop environment, which then prompts the user with something like this:

"Program /home/user/SomeVirus (PID 2332) is attempting to read /home/user/Mail/inbox.mbx. Do yuo wish to allow this?

WARNING: This is an untrusted program and could compromise your systems security! Click _here_ to configure permissions for this program.

[x] Remember this answer.

(buttons) [Yes ] [ No ] [Terminate this Program]
"

If the user clicks yes, then the program is allowed to proceed with the action. Otherwise it can be given permission denied, or the system can terminate the process.

The "click here" part to configure permissions, could be a simplified permissions console that has stuff like :

[ ] This program can read files in my home directory
[ ] This program can write to files in my home directory
[ ] This program can open ports for outgoing traffic on device (combobox) [eth0/ppp0]
[ ] This program can open ports for incoming traffic on device (combobox) [eth0/ppp0]
(Advanced Settings...)

The advanced settings could allow you to say "This program can bind to port 1334 and ONLY this port", etc...

Re:Apple doesn't think so/ Mod up insightful

[jazzis]

iiioxx is dead right here! Listen up uninformed Linuxians!

README SECOND

From what I can tell, the parent to this post is the "second" post to this story. So, I'll post this here to get away from the noise of the replies to this story's first-post thread.

The above thread is (largely) an erudite, overthought, masturbatory, navel-gazing, pissing contest about CLI vs. GUI. In case you hadn't heard, that battle/debate was DECIDED in 1984. You can argue till the cows come home and are ground into hamburger, but history has already proven one the overwhelming winner regarding the term "usability."

I'm reminded of something Amborse Bierce once wrote that exposes the problem of syllogistic reasoning

LOGIC, n. The art of thinking and reasoning in strict accordance with the limitations and incapacities of the human misunderstanding. The basic of logic is the syllogism, consisting of a major and a minor premise and a conclusion thus:

Major Premise: Sixty men can do a piece of work sixty times as quickly as one man.

Minor Premise: One man can dig a posthole in sixty seconds; therefore

Conclusion: Sixty men can dig a posthole in one second.

For now, I'll just say that sometimes the problem with Slashdot is that there are many more than sixty diggers.

:P

Security and usability

[linuxpyro]

My first experience with Linux was on an old HP Vectra, with a 166mHz Pentium and 48 MB RAM. I installed RedHat 8 on it, and so the GUI wouldn't runvery well. Essentially I learned how to use the OS at first through the command line. I learned some of the basic commands (mkdir, rm, mv, chmod, etc.) from a book, but I figured out a lot of it on my own. It was a bit of a shock, considering I was more used to Windows.

The command line forces you to learn more, if you're willing to learn. With the GUI, it's easier to just be lulled into a false sense of security. Of cousrse, once you get into it, you learn that in a lot of ways the command line really does have an advantage over the GUI; it uses less resources, and if you know the commands, it's quicker to get things done. The main advantage I have with the GUI is really just the ability to open multiple terminal windows.

Having said that, I don't really think it matters how userfriendly Linux ever becomes. If you want to secure it, you simply have to learn how to do so. Just about any OS can be secure with a bit of work, even Windows (though it's not as easy). The only thing that really changes is the OS's reputation; if Linux all of a sudden became so easy to use people forgot about security, it would be known as unsecure, just as we think of Windows.

In comparison to the Mac OS, Linux really is more of a server OS: just look at all of the services a typical distro comes bundled with. Mac OS (any of them, really) is a desktop OS; though it can be used as a server, it was not exactly meant for this at first. Thus, it doesn't really have as many vulnerabilities as a server would (by default, or course).

Apple's Vulnerabilities

[AntiMac]

It's my theory that the vulnerabilities are there on Apple, but nobody cares enough about the platform to find them. Windows vulnerabilities are found so frequently because it's the most popular platform in the world. Einstein. Everything is relative. In fact, I've been finding myself saying that so much, I think I'll invent a new pop-culture Internet acronym: EIR.

threshold passed long ago, custom is good.

[twitter]

Once Linux gets to the point that it can be administered by people who aren't dedicated specialists, it's inevitable they will try it out and that most of these people will be less careful administrators. After all they aren't dedicated *nix admins and will often wear many hats in their organization. This doesn't mean that Linux is insecure, it's just a growing pain that it has to go through.

You are overlooking the information sharing that's already happened. First, most distros come with reasonable default settings that get the job done. Second, efficient web searching and LUG lists have made it easy for just about anyone to get cluefull advice. This knowledge sharing is what free software is all about and it works for everyone.

Anyone who uses a current distribution of free software has already taken an enormous leap of increased security. They might be less secure than a shop that's looked over by someone with twenty years of experience, but they are much better off than those poor saps who put their faith in Microsoft and other vendors.

So, decreased "security" this way is a point function not a global problem. You will never see internet threatening worms from free software like you have from the Microsoft monoculture. There's too much variety and each individual that makes a new custom solution just adds that much more diversity to the net. Individuals might screw one or two things up, and no one will ever be able to stop the pros but security and data integrity can only get better than they are now.

Good practice comes from experience. Experience comes from someone making mistakes. If you don't make mistakes, you are not doing anything.

Re:threshold passed long ago, custom is good.

Moderators: Please note that "twitter" is a known fanatical psycophant whose obnoxious offtopic rants are legend here on Slashdot. It doesn't matter what the topic is, he'll find a way to scrape in some pointless Microsoft bashing. While nobody expects us to love Microsoft in any way, his particularly tepid style of calling anyone he replies to "troll" or "liar" because he happens to disagree with whatever they're saying is well documented and should not be rewarded. If anything, twitter is the type of person that should not be part of the open source/free software community. He is an anathema to all that is good about free software.

I'm posting this so that you (the moderator) have some context to consider twitter and not mod him up whenever he posts his filler preformatted rants about installing Knoppix or whatever that unfortunately get him karma every single time and allow him to continue posting his trademark toxic crap (read on) day in and day out. You may consider this a troll - I consider it community service. And I ain't kidding.

If you're a /. subscriber, I invite you to look through some of his posting history. I guarantee that you'll be hard pressed to find someone that is more "out there" than twitter. You'll also probably notice he's got quite an AC following. Don't just read his posts, make sure you go through the replies.

For example, in this recent post twitter not only calls the OP a troll but attempts to "tell it like it is" while making some vague argument about "GNU". Yes, if you're confused, you're not alone. The reply (modded +4) proceeds to simply destroy his bogus argument. You will notice he did not reply. This is what some people call "drive-by advocacy". A sort of I'll just leave you with my thoughts here and move on to the next flamebait kind of deal. In fact, he almost never replies because he knows that his fanatical arguments simply do not hold up to any sort of discussion. It's not that he's chosen the wrong cause - he's just going at it in a completely wrong way.

More? Just read though this post and the subsequent replies. I guess this stands on its own.

More? Bad spelling in astounding conspiracy theories, more offtopic FUD and uninformed "I'm right, look at me" rants, promptly proven wrong. Worse even, twitter wants to be RMS, apparently (that first one is a winner). I mean, really. You think?

FUD, FUD, FUD, FUD, offtopic FUD, and more FUD. This guy is like the Monty Python SPAM skit, but with FUD and more FUD instead of canned meat. Amazed

Not *useability* that's the problem

[obeythefist]

It's not useability, it's market penetration.

How many windows 3.11 vulnerabilities do you hear about today? None?

Does that mean that Windows 3.11 is secure? (haha).

So does it then follow that if 90% of the severs and clients on the internet were Linux... people would be complaining about how insecure linux was because people could hack it or spam it or DOS it or infect it with virii through unpatched vulnerabilities?

Two words

[wizwormathome]

Not fluent.

Re:Two words

[tehcyder]

Not fluent.

Not really, as you don't haveto be anywhere near fluent to be able to communicate successfully in a foreign language. Fluency means you can read and write at the same level as a native speaker.

CLI can be easy to learn too

A good example of discoverable CLI is OS/400's shell. It's both a CLI and menu/dialog driven interface. When you first login to the system, it greets you with the group of tasks that you're allowed to do. This is much like a start menu organized into task groups instead of just one big "Programs" menu.

This interface allows new user to discover the system through the menus (kind of like browsing gopher). At the same time there is a command line at the bottom of the terminal screen. When you select items from the menu you can see what commands are executed here. As you get used to the system, you can jump through the menus by typing commands directly.

If you're not sure what arguements to give to commands, you can enter only the command and it will automatically give you a dialog to fill in the needed information.

To me this was much much easier to learn than Windows. The problem with icons is that they don't describe much. It's a lot easier when you have your options spelled out on the screen.

Unfortunately OS/400's shell is not as flexible as *nix shells. That puts a limit on the fun of the interface. Now if you take some of the great design that went into OS/400 into a *nix shell... Well I'm just ranting now.

OS-X is proof of concept

[Stephen+Samuel]

Mac's OS-X comes from pretty much the same base (Unix) as Linux does. Given that OS-X has been able to be both more secure and more usable than windows, I'd say that this pretty much proves that usability != insecurity.

That a bunch of Windows admins would so profoundly believe that insecurity is a necessary side effect of usability is simply an indicator of just how ingrained Microsoft's fatalistic view of security is in the windows community.

The problem isn't usability, the problem is Microsoft.

There are already Linux distributions with the usability of Windows that are far more secure. The barrier to Linux acceptance on the desktop is not usability. It's more in areas like organizational inertia, ignorance of the options and the success of Microsoft's FUD campaigns.
______

My friends and roommates who I've moved to Linux haven't had any problems with Linux's usability. It's the ones who haven't been willing to try it that have had problems with being afraid of it's usability. The roomate I have now is quite happy with Linux... I tossed him into it because his windows installation self destructed, and I really wasn't willing to provide support for Windows. He tried Linux 'as a test', and hasn't looked back since.

My first roomate that I tossed into the Linux lion's den ended up with Red Hat 6.1 and Windows 95 dual-boot. He started using Linux mostly beause that's where I always left it, and it generally just wasn't worth it to boot into Windows for most things. By the time he moved out, he'd not only given up on Windows... He'd turned into one of the most avid Linux boosters I've ever known.

Re:This depends on what you define as ease of use.

[soft_guy]

Did you ever notice how lame Zork games got once they started trying to add graphics? Zork Zero was pretty bad, but no where near as bad as Return to Zork.

Want some Rye? 'Course you do!

Just kill me now and get it over with!!

Easy to use - More secure - less accidents

[aaron_pet]

If the software is easy to use, a user will not end up quitting when it "works", but is insecure..

I want my functionality, and When I'm tired after a day of research into how to do a basic function, I just get it working, and move on.

We need a "don't delete" permission by default on Linux, and a "don't change permissions" permission, so we can protect our config and system files from accidents...

Basically I'm saying:
We have no time to worry about security because we are busy getting basic things working, and userfriendlyness and ease of use, come along with being more secure.

I'm having more problems just setting up Linux to do thing the way I want, that I don't have time to worry about security.

The software MUST get more user friendly so it can become more secure...

userfriendlyness is proportional to 1/time spent configuring and 1/time spent solving problem and 1/bugs and developer time spent studying users and number of sanely defaulted option boxes and time saving tools and 1/time saving tools that actually cost more time (like word completion implementation in Open Office (YECCH)) 1/security vulerabilties

(NPTL, foreign language support (haven't figured this out yet), multiple sounds at one time (artsd and artsdsp -m are my friends for that), desktop switching (startx -- :1)... Multiple monitor support (xinerama)... J

Macs Have it Down

[Laebshade]

Macs have it down because nothing is required to install to make it secure. Mac, while it does have vulnerabilities, puts security with usability and keeps liability completely.

With Windows, you have to install 1-2 antiviruses, anti-spyware, anti-trojan, and firewall to even begin to make it secure. Then you have to ditch the default browser and e-mail programs. Then you have to ditch the default media player... you get the idea.

And no I'm not a Mac person. I don't even own one.

Re:This depends on what you define as ease of use.

[IchBinEinPenguin]

GUIs have multiple solutions to the same task while CLIs usually don't (aliases break this slightly, but require being a little less noob)

Not so sure about this one.
I find that the CLI gives you lots of options and ways to do stuff, whereas the GUI gives you only one.
OK. I can right click, or drop down a file menu, or press the DEL key, but the only way to delete files is to 'select' them and then 'delete' them
If I'm really advanced I can do a search and then delete all the files found.
Nothing like the flexibility on the command-line, with rm, find, xargs, grep --files-with-match, tar --remove-files ....
I agree that initially the GUI is friendlier and faster, but eventually I always end up back at the CLI for power, flexibility and repeatability.
GUI's are very good at letting you do stuff that others anticipated you might like to do, which is both it's power and it's limitation.

Not a lazy analysis

[Sangloth]

Directly from Google Zeitgeist:


==
Operating Systems Used to Access Google
February 2004

Windows 98 23%
Windows XP 46%
Windows 2000 18%
Windows NT 3%
Mac 4%
Windows 95 1%
Linux 1%
Other 4%
==

That's Windows 91% vs Mac 4%

I'm not saying Mac's are more or less secure then Windows, because I have touched a Mac in 12 years.

I am saying that
"Security experts say this state of affairs primarily reflects the Mac's very small share of the personal computer market, which makes it an unattractive target for virus writers looking to spread mayhem."
is hardly a lazy analysis. When there are 22.75 Windows Boxen for every Mac, you can assume that:

Virtually all hackers are familiar with Windows.

As a Windows guy, I haven't had to touch a Mac for years.
That's not the case with Macintosh guys.

A Windows attack would reach 22.75 times the audience as a Macintosh attack.

Further more, Macintosh and Linux users are experienced enough with computers to know what an Operating System is.
These people are experienced enough to download patches, and not open all attachments.

I meet people who don't know what version of Windows they are running. These people cheerfully sign up for Gator(Grrrrrr....), double click attachments, and haven't updated virus definitions since the day they got their computer.

Again, I'm not saying that Windows is more secure, I am saying that it's ubiquity has made it the target to attack.

Sangloth
I'd appreciate any comment with a logical basis...it doesn't even have to agree with me.

Re:Not a lazy analysis

[AnonymousKev]

Further more, Macintosh and Linux users are experienced enough with computers to know what an Operating System is. These people are experienced enough to download patches, and not open all attachments.

That's a first! Usually Macintosh users are insulted because they "don't know anything about computers."

I think there are probably a thousand reasons OS X is more secure than Windows. But the first, foremost, and primary reason is: On Windows, you're running as root. On OS X, root account is disabled by default.

OSS is fundamentally different than closed source

[qtothemax]

If there is a vulnerability in a closed source OS, chances are there is going to be a virus or exploit written before there is a fix, but in an open source OS, vulnerabilities are discovered much easier by anyone looking for them, but the people finding them, possibly even would be virus writers, write a fix for the problem, and the software maintainers will actually add your fix into the code. It seems virus writers (with the exception of spammers) just want to show off thier technical prowess, and if its open source, they have an alternative to writing a virus. Surely though, if average Joe User starts using linux, he will run as root and download everything mailed to him, which will cause problems for him. Experienced users will have no problems most likely, just because they dont do stupid stuff like that. I haven't gotten a windows virus in about 7 years.. its not that hard to avoid if you know what you're doing.

Feedback

And with the gui there is immediate visual feedback as to the effect of your action. You can see if the file was moved or duplicated.

The visual feedback is one of the most important parts of a GUI

True... almost.

[ladadadada]

It is true that that script wouldn't do much without root privileges... but a slight change and it could be quite devestating.

Simply rm -rf ~ instead of rm -rf /

Sure, it doesn't wipe the whole computer. It will still boot up, you can still even log in. But everything will be gone. Documents, songs, even your Dock will be reset back to the default.

Also, if the user was an Admin user (The default account is an Admin), you could change it to sudo rm -rf / and it would prompt them for their password. Not the root password but THEIR password... and then happpily delete the entire hard drive.

It wouldn't be hard to include instructions on how to run this... in fact you could even get them to type the entire script in using pico (most people would get too confused using vi from instructions in an email) themselves and then run it thus avoiding the need to have an attachment. (How many users have you told never to open attachments because they could be viruses ? None ? Well why do they all think that ?)

Social engineering is not hard when the victim is not a power user.

Mac OS X is more secure in general, but a more powerful system has more things you can do with it and therefore more ways you can screw it up.

For some users, education is the answer. For others, restricted privileges and a competent Sys admin is the answer.

User Base

[MudDude]

As long as Linux does not have the user base of Windows, we have nothing to worry about. You see, it is basically an elementary law of nature: Whenever a homogenous population dominates, any sufficiently advanced virus/bacteria/disease can wreak havoc and destroy 75% or more of the population.

You see this in Humans too, but at that time it was called The Black Plague. And just as we download patches from Microsoft to cure us of computer virusses, doctors help us overcome our "real-time" virusses.

I think often times people make the mistake of considering open source "better" because of the quality when it is really just this law at work. Feel free to flame.
(P.S. perhaps someone who knows a bit about biology can provide some background info, because I know didley squat about biology)

Re:This depends on what you define as ease of use.

[salparadyse]

But that's completely ignoring the original question. No, being easier to use will NOT result in Linux being open to more attacks. As long as the current security procedures are left in place. As long as the user has his/her own area and does not have root authority by default, the secureness of Linux will continue. Things will only go wrong if Linux programmers all suddenly lose their minds and start coding in a redmond stylee! Easy doesn't have to mean stupid.

Re:This depends on what you define as ease of use.

[Darkangael]

I should introduce you to a guy I know who can't use the start menu at all and thinks that excel is what you use to write essays.

GUI is easy to use if you don't know what you want to do. CLI is easy to use if you know exactly what you want to do. And then there are the million grey areas in between, and the people who just can't use either for anything.

Security Usability

The point is people need to learn about security and practice what they've learned.

Losing / is obviously devastating, but so is losing just /home/~ where the user has all important data in there and having no backups.

Usability to non-technical people usually mean more convenience like no login and no typing passwords to install programs. The thinking is why bother with inconveniences to protect against some small odds. Sometimes they don't even think about consequences because they think a computer is another appliance. If you bought a new fridge, would you expect to maintain it regularly and to jump through hoops to use it?

I'll repeat the mantra "security is a process." This process is adding on top of usability. Without learning and practicing security, it doesn't matter which OS a user use.

Just because a user knows about root and switching from it doesn't mean the user can read scripts.

Contradiction

[Carl+T]

I know this is redundant nitpicking, but I just want to point out a flaw in what you're saying: You say that 4k isn't enough, except for some GIFs, but that the GIF format has much worse compression than some other formats, and that therefore 4k isn't enough in any format.
Try JPEG-compressing a small-ish photo (640x480 or so) to 4k. It'll look like crap, but it'll probably look a lot better than the same image scaled down to be compressible to a 4k GIF and then scaled back up again.

from Apple Macintosh to Canon Cat

Interestingly, Jef Raskin -- the inventor of the GUI [ask anybody at PARC] and creator of the Macintosh -- went on [after the jealous Jobs smoked him out of Apple] to create the Canon Cat, which was wholly text based and keyboard operated.

Raskin considered it the pinnacle of interface design and the most usable computer ever. Sad that Canon never understood what it had but marketed the Cat as an elaborate typewriter.

Google finds plenty. Wish I had one of them Cats to fool around with...

Re:This depends on what you define as ease of use.

GUI: Grandma sits down by the keyboard, looks at the screen, and presses some keys. Grandson says: "use the mouse". Grandma says "The WHAT?" Grandson points to mouse. Grandma turns it left and right. Grandson says says "move the mouse to the start button, and press the left mouse button". Grandma lifts the mouse and start looking at the keyboard for the start button.

Grandson gives up.

At least everyone born after 1900 knows how to use a type writer, and thus can figure out a keyboard. Then we only need to explain the commands, which is easier than explaining what those crazy icons.

Come'on, even Microsoft gave up on "a picture is better than a thousand words", and added subtitles to the icons. It seems that one or two words is better than the picture itself.

Why is insecurity thought to come with usability?

[Qbertino]

Because Windows is the OS that couldn't seperate the two concepts.

Rubbish

[meadowsp]

Windows was originally designed as a single-user, game-playing operating system. It had no concept of networking or segmented user space or file permissions, etc. These things, among others, were added on later as the need arose.

MS-DOS file permissions

usability?

[kr0n1c]

Wouldn't a much improved k-desktop or knome environment do the job? Usability should be about improving the users experience by making applications available and accessable to all - it should not be about providing root access! Idealy, the user should not ever need to worry about access rights, or needing root access! A bad example of this is win XP Professional (as used in offices) - it provides the correct level of access to its normal users while retaining full access for admins - despite the fact that its based on windows OS it provides far more security, and an improved level of usability not seen in previous versions of NT, this is a perfect example of how security can be maintained, while usability in improved.

You can't attack a service that isn't running.

[Nonesuch]

How fast would the last half dozen MS-RPC worms have spread if Microsoft had chosen to ship their workstation OS releases with TCP ports 135,139 and 445 bound to 127.0.0.1 instead of IN_ADDR_ANY?

obeythefist writes:

So does it then follow that if 90% of the severs and clients on the internet were Linux... people would be complaining about how insecure linux was because people could hack it or spam it or DOS it or infect it with virii through unpatched vulnerabilities?

How many listening ports do Windows workstations ship with by default? 4 - 6

How many listening ports do MacOS X workstations ship with by default? 0

What percentage of recent Windows worms spread by attacking default listening services on these ports? 100%

You cannot attack a service that isn't listening. "Secure by Default" is how OpenBSD can claim "Only one remote hole in the default install, in more than 7 years!" with a straight face -- by not blindly leaving ports and services open in the default installed system.

OpenBSD does get attacked, mostly because it has a reputation as a hardened target (and because some people just cannot stand Theo). OpenBSD has that reputation not because there aren't 300 million installed hosts (like Microsoft claims), but rather because the primary focus of development is security. To quote the first page of OpenBSD.org "Our efforts emphasize portability, standardization, correctness, proactive security and integrated cryptography.".

Meanwhile Apple doesn't make the same claims (and doesn't publish their source code), but does take a similar approach to remotely accessible services, and the result is one (rather silly, DHCP client) remote exploit in Jaguar/Panther.

Re:You can't attack a service that isn't running.

[obeythefist]

worms spread by attacking default listening services on these ports? 100%

Actually they latest big worms (netsky etc) to hit the front news pages are spreading through Kazaa and through vulnerabilities in BlackIce. Nothing to do with open ports at all.

Please remember - credibility does not come from making up statistics unless you're a politician.

Re:You can't attack a service that isn't running.

[Nonesuch]

Actually they latest big worms (netsky etc) to hit the front news pages are spreading through Kazaa and through vulnerabilities in BlackIce. Nothing to do with open ports at all.

You make a good point.

The Netsky virus can in certain cases infect a machine without user interaction (worm-like behavior) and while it hasn't had all that much impact in the real world, it has been getting a lot of press lately.

The line between "worm" (automated infection) and "virus" (requires human intervention) continues to blur.

usability != vulnerability

[macraig]

The relative vulnerability of a system, silicon or otherwise, is exactly equal to the incentive and motivation to compromise it.

The only part that usability might play in increasing a system's vulnerability is an indirect one: improved usability increases a system's popularity and value, and thus the incentive to unfairly exploit it.

Case in point: the bigger the ISP, the bigger the bulls-eye painted on it for spammers' dictionary attacks.

Re:This depends on what you define as ease of use.

$linux>help

My first experience with CLI was TADS games. Once I got stuck in DOS and tried this. It didn't work. I spent 20min and finally worked out to type `win' for windows.

About 4 yrs ago I installed Mandrake. It didn't work, I got a command line. I tried help. That got me enough to reboot.

Similarly, I worked out to add '--help' by the third attempt.

Working out how to do something, compare windows / Mac help (which now requires net access!) to apropos(1).

[I am 18. I grew up on Macs, then Win9x. I have used Linux exclusively for three years.]

Tiniest gif?

[fforw]

4 out of 5 topic pictures for this story are less than 4000 bytes.

Not enough people care about Macs

[skidoo2]

The original poster writes, "Macs seem to have this area down pretty well, with little in the way of vulnerabilities."

That's because the exposure of Macs is sooooo limited, no one bothers to exploit its many vulnerabilities. Zeitgeist doesn't lie.

Re:Mac Security

[Davoid]

The best defense Apple has in the way of security is not giving any application run by a user permission to change ANYTHING other than minor configuration options without authenticating each application individually.

This is true for all most all Unix I have ever seen. However, the primary user on Mac OS X is the admin user and logs in as that user most of the time (often ALL of the time). The admin user in Mac OS X has full write permissions to the /Applications folder and /Applications/Utilities folder and to all the apps/files under those. In those folders are applications (take a look) that are critical to the use, maintenance, and configuration of the system. No authentication or authorization is required for the primary/admin user to write to that folder. It is obvious that this leaves a path open for a virus/trojan/worm/whatever to compromise the system.

-DU-...etc...

MS Flaws are fundamental, not superficial

[tz]

If the browser and media player are "part of the OS", which was a decision from Bill, not engineers, then a flaw in them is by definition a flaw in the OS (they run as "root").

The second flaw (which they are slowly fixing) is "open unless closed". Nmap a fresh XP install. I almost shrieked and fainted. In this way, windows is far more open - to attacks. UPNP? A dozen other "services" I could not shut off or close (where is lsof -i? And what would break if I shut some of these ports at the source?).

Lindows runs as root (shame on them), but they don't have the second flaw. Someone running evolution isn't going to be able to cause the same problems as someone running outlook. The fine-grained modularity limits what any attachment can do.

For that matter, Mac OS X has been around for quite a while, but features even better ease of use, while keeping all the security design decisions of the typical linux/unix/bsd (Safari and Quicktime are add-ons; ports are closed unless explicitly opened). Where are all the viri and worms?

In fact, good GUI and good security share the same idea - good fundamental design. MS eye-candy (fading menus? Why?) is as badly flawed as their security (MacOSX-window fades showing dock position).

To Illustrate the point

I believe this project demonstrates just how easy a GUI is to learn.
http://www.niitholeinthewall.com/
http:// www.greenstar.org/butterflies/Hole-in-the-W all.htm

Just what Windows needs.

[DeVilla]

Maybe now I can play all of my Linux games on Windows.

Re:This depends on what you define as ease of use.

[Creepy]

Actually, I was going to bring up the mouse, but had to post quick - boss walked in looking for a status :)

The mouse is the single hardest piece to learn for a new user, but the user gets feedback from it in the same way the monitor gives you feedback when you type. The button is actually the tricky part, because users have a tendency to move the mouse when they click the button and that can be frustrating, and there isn't always feedback when you click it. Mouse usage takes about an hour of training, but it is self learned and generally remembered in subsequent attempts, which facilitates users. Keyboard commands are memorized and often forgotten and need to be relearned. I've re-trained myself on lslpp (AIX) for what has to be the 10th time just yesterday, because I only use the program once ever 6 months or so.

The adding of words under icons reinforces the idea of what the icon does. Studies have shown that the eye focuses only on the words, but I personally think that the eye processes the picture without much thought. Eventually, an association is made, and the item is quickly locatable. Try this with randomly sorted text objects - I'm pretty sure that I could find IE or mozilla faster looking for their icons than I could from a random list of words, since I'm familiar with the icon. The same wouldn't go for Spybot Search and Destroy, since I'm not familiar with the icon yet. On the same note, an icon alone won't train the user to what the program is unless they try it multiple times.

Use Rename and Organize Folders

[spockman]

Just do the ole Right Click on CyberLink Power DVD and rename to Power DVD or something you will remember. Same for your other programs/games, the rename is a very powerful tool for helping you to get organized. Can be done via a CLI cmd window also, but you have to drill down the appropriate level first, same as with nix. But the point of not knowing the program name is very valid.

Re:Use Rename and Organize Folders

[Trepalium]

Yes, I know I can do that, and I know I can right click to sort the start menu, too. I was merely pointing out a instance where GUIs isn't innately discoverable. The Start Menu on Windows is simply chaos. Microsoft has guidelines on what shortcuts one should make in the start menu, the format, etc, but no one, Microsoft included, tends to follow them. Some use "Vendor\Application\Appname", others use "Vendor Application\Appname", others still use merely "Vendor Appname" or "Appname".

My point is that just because something's a GUI doesn't make it easy to use or easy to learn. If I were to sit in front of Autocad, just about the only thing I'd be able to accomplish would be to exit the program. Sit me in front of an accouting package, and I may not even get that far.

ABOUT LINUX/WINDOWS ADMINISTRATORS

Hi. I am a System Engineer student from Argentina. I have been using Linux for 5 years. I used Slackware, Mandrake, RedHat and Debian; among others. I also used Windows from 3.1 to XP. I am not agree with Windows Administrators that "a friendly linux distribution is more unsecure". I think that a friendly Linux distribution is harder to set up properly (that is what i experienced). The goal with Linux is that there is only one version of the kernel, generally, and you can find easily! tons of documentation about it. If you have a doubt you connect to the Internet and download a howto, a man or an info page. Thats the main problem of Windows. As we know, Windows tries to get secure by hiding stuff. It is a security by darkness method. That is why if you computer hangs up; you lose! In my opinion, that is a reason why Linux is a programmers like operation system: you can control every single aspect of your system (from memory to your desktop wallpaper); and everything is clear. You don't have to be God to guess how can you restore your machine after a hang. Of course, Windows is a payed operating system and Linux is an Open Source one. Each one has its benefits. In summary, I love Linux; and I think and I've experienced that a Linux system is by far better than Linux. Unless you are Mrs White that the only thing she does of her life is cooking. I expect not to be unpolite. If i was i apologise.

I like it; maybe add context-sensitive help?

[IceAgeComing]

How about if you take command-completion and apropos a level further, and pop up a menu for each successive logical item?

#cd Menu: burn | eject | play | mount |directory


I like it; it doesn't have to get in the way of an expert user, but it's a simple enough approach that a beginner could catch on quickly and always have some kind of help available.

What about a key like "F1" giving you a split-screen view of the manpage for the current command? Perhaps if you're in the middle of selecting an option, it can move you to the relevant part of the man page? Or if you're within X, you get a separate help window that updates for each F1 keypress and optionally keeps a history?

Brainstorming is fun.

Usability vulnarability corelation

I don't think you can corelate usability and vulnarability. These are parallel issues for any software. In the case of Microsoft since it has a high share of the market place more virusus and other security breaking programs are written for it. If linux becomes more popular you are sure to see an increase in the numbers of viruses written for it. By your theory you don't want Linux to become popular because of the fear of vulnarability. One way not to make if ubiquitous is to makeit less usable for common desktop users. In my opinion Linux should be made more usable for my grandmother or a 3 yrs old to use, simultaneously makeing it more secure.

Re:Usability vulnarability corelation

[baluDot]

One way not to make "it" ubiquitous is to make it less usable for common desktop users. this is what i meant.

login:

including the GUI.

Steve Gibson's site has a great set of graphics

that show what's necessary--and the default Windoze install.

Cringely touched on a related subject when XP was being prep'd.
Note: The very top of that page (Google cache--some key stuff highlighted) is trashed by Moz 1.4,
but the link at the top is the original page.

gewg_

It can be overcome with design

[gooogle]

Usability seeks to minimize the learning curve and optimize the speed of user-driven tasks. It relies quite heavily on abstraction. Security, in this context should aim to ensure that the level of abstraction does not create loss of information that can lead to an ill-informed decision.

It is a design issue. The problem is that people who work on usability are not proficient in security and vice versa and for the two things to co-exists in harmony, requires extensive planning and effort on part of both security and usability teams.

For example, consider file extensions not being displayed by default in windows and being replaced by familiar icons. Not displaying file extensions by default allows for easier renaming. If the "stupid" user renames the file and forgets to add a .doc extension it will render his file useless since he can't double click and open it anymore. MS Word won't show up the file by default in the "open file" dialog box either, since it only shows known document files by default. All this adds to the confusion and increases the level of knowledge required about the system, to work around the problem. We take it for granted but a beginner has to know about file extensions, file/program associations and file types, then use these "elementary" concepts to open the file in the file dialog by choosing "display all files" from the "file type" list (even then the file will be missing his familiar word document icon) OR by renaming the file by adding a . (using the knowledge of file extensions), adding a "doc" extension (using knowledge of extensions and file associations). All this is over-whelming for the new user. Security folks don't think this way!

Going back to my orignal argument. It is a design issue. We are accustomed to and inclined to think in terms of windows GUI and moulding existing systems for security. If these systems were designed from the ground up with security in mind a solution to the problem is certainly achievable.

In the case of my example, the .doc extension can still be displayed (only greyed out). Hitting F2 highlights only the filename (the extension is still greyed out and unselected) so the user can type in a file name and the .doc extension remains intact (beyond the scope of the cursor). The user would have to hit the right arrow key to skip past the dot or hit delete button a few times to assign a new extension. In either case, when the scope of the cursor extends beyond the dot or touches upon the file extension, a warning could be displayed as a dialog box. The dialog box could have the option of "do not display warning in future". Additionally the warning dialog box could have the requirement that at least 3 instances of it must be displayed before the "do not display in warning in future" option is enabled (this is to handle accidental dismissals or users acting in a hurry (and for that it could require the user hit TAB -> ENTER or explictly click OK to dismiss rather than just enter)). Furthermore, the status bar could still always display the warning so it's less intrusive, but instructive none-the-less.

Does enabling file extensions improve security? Not immediately, but if the users were always accustomed to file extensions the concept of file extensions/program-association would be implicitly relayed to them (by cognitive association -- every time the user clicked a .doc file and it opened up in MS word). A file called report.doc.exe will arouse some suspiscion since it is not the norm they will get accustomed to. Further more, once they are bitten by that file, they will be more careful and their knowledge will have gone up. (using only icons cannot overcome the problem since exe files can have the same icon as a .doc document).

I do agree, however, that security requires the user to be more knowledgeable and usability assumes "stupid" users, but like in the example above. The two conce

Re:Maybe... Need more sandboxes/restricted userids

[idsofmarch]

I disagree, most normal processes do not use root, email, web-browsing, MS office, the things many people do should not delve that deep into the system. Some things will and those are things that need a sanity check or a roadblock that can be easily bypassed. Similar to the warning labels on just about everything, you can use your hairdryer in the shower, however we just told you it might not be such a good idea. That kind of Are you sure? is enough to slow down many users. Combine that with limited, none Administrator/Root accounts and most lusers can't break nearly as much shit as they would with free-reign. There's a reason that your TV has all the screws on the back and the big scary warning label. The Sandbox, restricted user is the best way to keep your 10-year old from trashing the system; secretaries aren't any different.

Do you really want linux to become user friendly?

[alicethehonkey]

Im all for linux being more user friendly, but i still cant stand seeing people treat it like windows. I love the fact that you can operate the whole operating system from the command line, but people who are migrating from windows, often dont and wont appreciate this. alice@ozforces.com