Lindows Allowed to Use Company Name in Holland

Supp0rtLinux writes "It appears that Lindows/Linspire has finally made some headway against Microsoft in the Netherlands. According this article, the Judge ruled that Linspire's continued, but minimal use of 'Lindows' for legal and trademark purposes doesn't violate Microsoft's trademark. With the US court date on this issue coming up soon, one can only wonder if Microsoft will have effectively cut off its nose to spite its face. And following immediately on the heels of today's Netherlands news, the latest Michael's Minutes from Linspire pegs all the blame for virus problems on Microsoft and basically says that Linux (well, Lindows anyway) is the cure."

It's nice to hear good things from my country.

[Da+Fokka]

But unfortunately, a wise man said about us:

'You think you're a superpower, and everyone else thinks your capital is copenhagen'.

Re:It's nice to hear good things from my country.

[kitofers]

that wise man must've been an american. ;)

Re:It's nice to hear good things from my country.

[pubjames]

that wise man must've been an american. ;)

No. An American would say "Holland? Is that in France?"

Re:It's nice to hear good things from my country.

[Sique]

No. It was indeed a wise man from the Netherlands.
But the Netherlands are so unimportant in the view of the world, that the world even don't get the capital right. "Just some small, quite prosperous country at the Northern Sea... Was it t'Gravenhage? Or Copenhagen?" (The Hague is called in Dutch Den Haag or t'Gravenhage ;) )

Re:It's nice to hear good things from my country.

[kitofers]

amsterdam really deserves much more credit than this, if you know what i mean (and you most probably do). :)

Re:It's nice to hear good things from my country.

I'll trade you one formerly-great nation that people were in awe when you told them "I'm an American" in other nations that now has the hate and scorn of the entire world no matter what we do (right or wrong) for one tiny insignificant modernized country that isn't in anyone's way, isn't hated by anyone and passes quietly in the background in bliss.

Re:It's nice to hear good things from my country.

[AKnightCowboy]

No. An American would say "Holland? Is that in France?"

Denmark, Norway, and Holland make up the Netherlands right?

Re:It's nice to hear good things from my country.

[Sique]

Ok, ok... for the sake of the joke I ignored the difference between "capital" and "seat of Parliament and Government" ;)

Re:It's nice to hear good things from my country.

The Hague is sometimes called 's Gravenhage not t'Gravenhage.

Re:It's nice to hear good things from my country.

[NineteenSixtyNine]

Unimportant my ass! You guys have Amsterdam.

Re:It's nice to hear good things from my country.

[ScottKin]

It might as well be - same useless leftist politics, same self-centered mamby-pamby attitudes.

Oh, I'm sorry - I thought this was all about Spain...but then again...

--ScottKin

Re:It's nice to hear good things from my country.

Iraq was a horrible mess when we got there. Now it is only a mess. Things there are improving. I do think the US is the most important country in the world. I can understand how someone who is not from the US might feel that their country is the most important because they are most effected by what happens in their own country but if you look at it objectively and from a global viewpoint there can be no question that the US is the most important country in the world. I will also add that it is the best country in the world in almost every way. It has its problems but it is still the best there is and unless things change dramatically it is the best there will ever be. I can also understand why people try to put the US down. The term is jealousy.

Re:It's nice to hear good things from my country.

No. An American would say "Holland? Is that in France?"

No. He would have said, "Holland? what state is that in?"

Re:It's nice to hear good things from my country.

[HogynCymraeg]

Er... Copenhagen is the capital of Denmark :/

Re:It's nice to hear good things from my country.

Is it just me or are anti-American comments often "insightful" or "informative", while pro-American comments are "redundant", "troll" or "flamebait"? I mean, to me both are usually off-topic, and many are trolls, but why do the Europeans (and anti-US Americans) get off so easily?

Re:It's nice to hear good things from my country.

That's what people think of Sweden too. I'm guessing it's not the same people who think our capitol is your capitol. Especially since it's Denmark's capitol.

Re:It's nice to hear good things from my country.

I was lurking in a chatroom once. Two Americans were there, chatting away when one of them asked the other if she was from west Texas or east Texas, to which she replied "I'm not sure which is which". Then I logged off.

Re:It's nice to hear good things from my country.

[jayminer]

Just like everyone else thinks that the capital of Turkey is Istanbul, while it is Ankara (since 1920, officially 1923).
(Istanbul is the biggest city anyway).

to michael credit

[xlyz]

even if there are things he does that I don't like, I must concede he is really relentless and aggressive in pushing lindows

Re:to michael credit

Sorta reminiscent of how Usama bin Laden is "really relentless and aggressive" in pushing radical Islam.

Re:to michael credit

[DebianRcksLindowsLie]

So is a used car salesman. He's also probably trying to sell you something broken, just like Robertson does with Lindows.

In other news - did anyone else notice over 30 comments NOT about this story FIRST? Does anyone even CARE if they call themselves Lindows? They give their OS away so they can charge for apt-get. Get real. Get Debian.

difference between Europe and US

[myom]

There are some differences between USA and Europe that will give some varying and odd court decisions. Big business has a strong hold of the US courts. The only way they can lose is if anyone even stronger is the counterpart, or if a state or country invests heavily in the suit to gain even larger monetary gains from winning in the court. In Europe, this is rarely the case, but on the other hand many European legislators and courts are weak, have little resources and time. In Sweden, for example, the Social Democarat party tends to legislate and vote in the EU parlament often following the US court results and organisation bullying (MPAA, RIAA) Some countries invest time and resources to actually learn what the cases are about, and court cases involving Microsoft etc, can in fact be lost by the larger companies, liek in this case.

Re:difference between Europe and US

[Ludo.Sanders]

I'm missing the word "yet". As the recent software patents in Europe painfully demonstrates, the European union is sold to big corporations. Ask Bolkestein , he'll confirm

Re:difference between Europe and US

[mpe]

The court system in Europe is very weak compaired to other parts of the government and has always been so. They do pretty much what the party in power wants them to do with few exceptions.

Actually European courts are quite good at telling the party in power where to stick it. The difficulty is that the party in power is likely to subsequently ammend the law...

Here in the United States that is different the courts have far more power and once in place a Judge has less pressure on them then his/her counterparts in europe.

The real difference is that in the US 2 political parties dominate at all levels. In most European countries there are not only more political parties but is perfectly possible to have independent judges and magistrates.

Re:difference between Europe and US

He know this because FOX news said so.

Re:difference between Europe and US

You leprotard. You can't remember Bush coming in and making sure Microsoft only got a slap on the wrist? Being an ignorant, annoying American cuntpuffin, I feel inclined to post this...

-----

HOWTO: Be an American

America, eh folks? It's a pretty screwed up place. Unfortunately, but not indefinitely, the USA's weapons of mass destruction make it the most powerful country in the world (militarily). As a result, it helps to be aware of American society and fit into it, and our quick 8-step guide should have you on the path to burger-munching enlightenment.

1 - Buy yourself a gun
To become a fully-fledged Yank, you'll need to get a weapon. Americans think that having more killing machines magically makes their country safer, and it helps them to walk around saying "I'll put a cap in your ass". Even though the concept of "no guns = no gun-related crimes" is alien to the average Yank, it'll give you a false sense of security in this country with the highest crime rates in the developed world.

2 - Put on at least 25 stone
Skinny? Medium? Chubby? That won't cut it in the good ol' US of A. Because America has the highest obesty levels on the planet, you'll need to get those rolls of flab built up. Eating 18 waffles with Maple syrup for breakfast (and visiting Burger King five times in a day) is all natural when much of the world is suffering massive poverty. Get fat and fit in.

3 - Learn the lingo
We've talked about issues affecting society, but on a personal level you'll need more knowledge (or ignorance as it may be) to fit in. First, forget proper English. Confuse "your" with "you're". Say "must of" instead of "must have". Whenever anything interesting occurs, say "shucks" repeatedly. Instead of clever spontaneity or witty insults, call people "asswipes". It's funny!

4 - Throw away all maps, history books etc.
To really feel a part of American society, you must lose all knowledge of the world. Forget where Poland is. Scrap your knowledge of the lengthy Chinese history. Make cretinous remarks like "India? Is that in Africa?". Because ALL that matters is America, and it doesn't matter how pathetic you look to educated people the world over.

5 - Become totally irrational and nonsensical
Spout on about the Constitution, and then make drastic changes to it. Talk about "freedom of speech" and watch TV programmes about the Ku Klux Klan. Rant on about market freedom, and sit back as companies run riot and destroy the economy with their anti-competitive practices. Essentially, act idiotic at all times.

6 - Sue everyone you ever meet
The USA doesn't produce many decent quality products, so the society is crumbling into a litigation-happy joke. With so many jobs going overseas to talented workers, your only option left is to start legal proceedings. About anything. Someone step on your toe? Get some hotshot downtown lawyer to sue their ass!

7 - Get a "shrink"
Americans have a hard time dealing with their own problems in a mature manner, and prefer to spend hundreds of dollars sitting in front of someone and whinging. However trivial your problems may be, blast them out like a baby!

8 - Watch abysmal TV
Forget educational programmes and incisive documentaries. Your ideal night in is with your gun, six cheeseburgers and a Friends box set. Watch as some over-paid talentless "actor" enters the scene, and whoop and scream hysterically as he delivers some ridiculously poor wisecrack.

So there you have it! Those 8 steps should have you killing innocent people, piling on pounds and acting like a moron in no time. America awaits you, brave hero! Just get out before it collapses in disarray.

END

Re:difference between Europe and US

Yeah, it's not like the leaders have help and assistance from the Supreme Court...

Re:difference between Europe and US

[Arngautr]

You sir, are as ignorant as the Americans you profess to understand. Now I know Europe does not consist solely of France, Germany, and Amsterdam (J/K) but for sake of argument I refer to them the most.

1. Well yes I do have a gun I suppose, about 2 yards (or meters, which I'll admit is a much better system) away in fact, but most Americans don't own guns, besides watch (a film maker some in Europe seem to idolize despite his repeated omission of the truth in his films, and his apples to oranges comparisons) Mr. Moore's Bowling for Columbine, which is a bunch of FUD in many regards but does make the point that, per capita, many other countries have much more personal weaponry, ie Canada. Plus we might have less crime if we lived by the same laws as countries like the Netherlands(the one the article is about)...pot, prostitution...in the extreme case we have much, much more crime than places like Somolia, it's all in how you define it, though I moved back to a city recently and started using locks again when I leave, for a year or so I never locked my door.

2. America is not the worst wrt obesity, though it is rather embarrassingly bad, as are most non-Asian modern societies. I, for one, am 6 foot 1 and weigh about 165 or so lbs, so by no means am I obese, in fact most people I know, or see on the streets aren't obese.

3. Have to admit some elements of society do behave this way, I refer to them as middle school aged males, by no means representative of the average American, though, unfortunately they are rather vocal.

4. This is so far off that I don't know where to begin, yes the media likes to find the stupidest people it can and show them making fools of themselves, this is for entertainment value, we, as Americans, laugh at these man on the street, interviews as they are funny, because, and you guessed it, many of us do in fact have some knowledge of the outside world.

5. Yeah, you're right, I guess the US economy sure is in shambles, esp. as compared to France, Germany, or Russia. The truth is the US Constitution serves its purpose, and does protect a level of freedom of speech not seen elsewhere in the world, France: Oh no a swastika, cover your eyes! Make it go away, I fear my history!...Encryption, why would you need that?...I know, lets ban headscarfs from schools! ... etc, etc... So this AC thing which you are using on this American based/oriented/operated websitedoes what exactly, (I think it records IP or something as one cannot mod their own AC post immediatly, I'll be looking into and likely complaining about this though, I do agree with not letting people mod their own posts)

6. The USA doesn't produce many decent quality products, right... yeah slashdot sucks, heck the internet..worthless...in all likelihood most of the parts in your computer were designed in America or Canada, though admittedly, likely built elsewhere.

7. OK this is not true at all, dang media. In your list you have the gun totting Americans and the shrink visiting Americans as one, whereas in reality the two groups are rather small, and very much mutually exclusive (ignore what television and the Sopranos indicate, which again is funny because it makes no sense and is so far off base and unlikely).

8. I Hardly watch TV, save my Sunday cartoons, heck, for over a year I didn't even have one in my home, too much of a no benefit timesink...kind of like slashdot, so on that note I say good day.

END

Re:difference between Europe and US

[wehe]

Money makes the world go round. -- Decisions of European courts tend to save the trademarks of the big players, too. See for example the way German courts are handling the cases were the TeleKom (the number one German communication provider) claims to have a trademark on almost any word beginning with a "T". BTW: You may get an international survey of trademark cases related to Linux and Open Source projects at TuxMobil.

Windows a generic term?

[houghi]

a jury [...] would be instructed to consider whether "windows" was a generic term before Microsoft introduced software with that name in 1985.

I can understand that such a thing is a different matter in non-English speaking countries, like The Netherlands.
How could they ever not say that it is a generic term in English speaking countries, like the USA?. I look in awe to the fact that such a thing has to be considerd.

Re:Windows a generic term?

[Mz6]

As do we Americans.

Re:Windows a generic term?

[khuber]

An operating system using the name Lindows when the most popular desktop OS is Windows is obviously using that name to capitalize on Microsoft's brand recognition.

Re:Windows a generic term?

[nickol]

In non-English speaking countries "Lindows" and "Windows" are different names. One trade mark could be considered similar to another only if their written styles are looking similar.

In Russia Microsoft can win the case easily by bribing jury, but not normal way.

BTW, Xerox already lost their case. "Xerox" can not be a trade mark in Russia any more, because it is a "generic term". Not "Windows", however...

Re:Windows a generic term?

[Rhubarb+Crumble]

BTW, Xerox already lost their case. "Xerox" can not be a trade mark in Russia any more, because it is a "generic term". Not "Windows", however...

Yes, but "to xerox" is used as a synonym for "to photocopy" (at least it used to be - not as widespread anymore).

Nobody says "windows" as a generic term for "operating system" unless they are terminally stupid.

"What Windows does it use?"
"Let me check... uh, RedHat 7.2".

Re:Windows a generic term?

An operating system using the name Lindows when the most popular desktop OS is Windows is obviously using that name to capitalize on Microsoft's brand recognition.

I don't think there's any doubt about that but that isn't enough. The question is whether "Windows" is a generic term in computer graphical interfaces and it seems pretty obvious that it is.

People are allowed to capitalize on all manner of things. Saying "but he's obviously trying to make money and stuff!" doesn't make a case for trademark infringement.

Re:Windows a generic term?

[mpe]

I can understand that such a thing is a different matter in non-English speaking countries, like The Netherlands.

The vast majority of the Dutch speak perfectly good English.

How could they ever not say that it is a generic term in English speaking countries, like the USA?

What proportion of the US population speak English?

Re:Windows a generic term?

[Sique]

Nobody says "windows" as a generic term for "operating system" unless they are terminally stupid.

I remember once to dispute with a quite intelligent but somewhat computer illiterate woman about the weaknesses of Windows. She was contradicting me the whole time and not accepting the flaws I pointed out.

Later I realized she was using a Mac, and for her the Mac desktop was "Windows" because it had many of them. Talk about generic terms...

Re:Windows a generic term?

[Rhubarb+Crumble]

Later I realized she was using a Mac, and for her the Mac desktop was "Windows" because it had many of them. Talk about generic terms...

Yeah, after I posted that I realised that while using "Windows" as a generic term for OS is far-fetched, using it as a generic term for GUI isn't - after all people (including me) say things like "X-Windows" even if pedants point out that isn't the right term. And the earlier versions of Windows(tm) were just GUIs that needed an OS to run on, which didn't even have to be MSDOS.

And of course for a lot of (computer illiterate) people GUI and OS are the same.

Re:Windows a generic term?

[richlv]

they will have to determine if it was a generic term in it. although it still isn't good for ms it's not like "hey, bars have windows, so it's a generic term" - more like "a. smit, 1984. a computerized windowing system is one that has windows." or something :)

Re:Windows a generic term?

[TechniMyoko]

Parent already covered this, your friend was terminally stupid

Re:Windows a generic term?

Which, in itself, is not a problem and is not illegal.

It's is a problem, and it is illegal, when the term in question is trademarked. And companies shouldn't be allowed to trademark terms that are generic in their industry. Microsoft trademarking "windows" is akin to Ford trademarking "wheel".

So, in short, if Microsoft wanted protection from this kind of thing, they shouldn't have used a term that is generic to the computer industry as the name of their operating system.

Re:Windows a generic term?

[br0ck]

And of course for a lot of (computer illiterate) people GUI and OS are the same.

How can the illiterate keep it straight when even Microsoft names their entire line of operating systems after their GUI?

Re:Windows a generic term?

[plopez]

And Microsoft using the terms 'Windows', 'Office', 'SQL Server' and 'Access' are not an attempt to capitalize on name recognition? 'Winows' was in use before MS tried to TM it in X window and also used by Apple.

'Office' is a generic term, but makes people think if you want office automation only MS has the answer.

'SQL' is the name of an ANSI standard. Once again giving the impression MS is the only one with a solution.

'Access' is also a generic English word.

So MS is hijacking the ENglish language for profit. This is simply a case of the pot calling the kettle black.

Re:Windows a generic term?

[Jaysyn]

Depends where you are at in the country. There are parts of Miami that you can go a week without hearing a word of English.

Jaysyn

Re:Windows a generic term?

[wed128]

windows is not a generic term for operating system. "window" is a generic term for "GUI box with stuff in it". therefore, windows is plural of that, and thus, a generic term.

Re:Windows a generic term?

[belmolis]

Actually, the word window has been borrowed into Dutch as a generic computing term. A while back I did a little research into this, reported here, using Google and easily found examples of window used in this way on Dutch-language websites, including examples in which Dutch suffixes were added, which demonstrates that the word has been incorporated into Dutch. So I think that the Dutch court was wrong in ruling that window is not a generic term in Dutch.

Re:Windows a generic term?

[NanoGator]

"I don't think there's any doubt about that but that isn't enough. The question is whether "Windows" is a generic term in computer graphical interfaces and it seems pretty obvious that it is."

I don't think that's the real question here. Windows is the de-facto OS, and has been trademarked for years. Whether it was generic or not, it would cause a great deal of confusion if somebody else released a "Windows" OS. The judge should really pay attention to that, especially when Lindows looks so much like Windows.

It's fun to hate Microsoft and all, but this just ain't right. You especially don't want this case to help Microsoft 'compete' with other companies. "Palm is a generic term for palm-top computers, we should be allowed to rename our PocketPC brand to PalmPC."

Re:Windows a generic term?

[jjo]

What isn't right is Microsoft attempting to arrogate generic computing terms to itself. Suppose I got the USPTO to let me trademark the word 'Chocolate' (by buying off all the people who would challenge it), and I sold lots of Chocolate(R) bars. Would it then be unfair for someone else to sell chocolate under that name?

Re:Windows a generic term?

[NanoGator]

"What isn't right is Microsoft attempting to arrogate generic computing terms to itself."

The choice to use Windows was to appeal to end users, not developers. From a marketing point of view, "Windows" refers to a visaul metaphor, not as a reference that a small handful of their customer base would understand as a computing term. Anybody ever notice their logo looks like a Window? (or, tee hee, window 'pain'. Blah)

Sorry, but you're going to need more than a incongruous metaphor to prove that one.

Re:Windows a generic term?

What about "X Windows" too? Also, I remember reading the Motif Style Guide where the author talls of supporting his mother on Windows as the Windows GUI paradigm was a subset of X/Motif.
http://accad.osu.edu/~waynec/history/les son16b.htm l The link is interesting but leaves the Amiga totally out. Funny since everyone seems to believe M$FT has invented what people do everyday. Along that lines, I remember a CNN article about YHOO being the first to release a video client. (http://cnnfn.cnn.com/2001/06/26/technology/yahoo/
) Ha Ha!
And then there's that darned "Internet Explorer" trademark that seems to never have seen the light of day. Do they say "justice is blind"?

TimJowers

Re:Windows a generic term?

[timjdot]

All,
I hereby notify everyone of my new product called "The". I also notify you of my plans to trademark this. A release of Linux called "The" and also a release of a database called "The". And also of lots of other software products. Do not even think of use the word "The" in your product descriptions any more.
Based on current legal precedents for the enforcement of common words used as product trademarks (notwithstanding windows, access, sql, CRM Server, and others), I believe I will have no problem upholding my trademarks in court.
In the future any documentation about an OS will have to use another word or simply blanks in place of "The". E.g.
"The dot release of the Linux 4.x added the following features" would definitely attempt to defame and leverage "The"'s popularity so should be changed to
"Current dot release of la Linux 4.x added some following features"

Understood?
TimJowers

Re:Windows a generic term?

Most of what you say is just a pile of MS-bashing rubish:

'Office' is a generic term, but makes people think if you want office automation only MS has the answer.

No. People think of MS Office as the sole answer because they haven't been exposed to any viable alternatives. Few people (even in US) are stupid enough to think that Office is so named because it's the only solution. And of course, this statement totally ignores products such as OpenOffice (which, somehow, in your mind doesn't use the word Office?)

'SQL' is the name of an ANSI standard. Once again giving the impression MS is the only one with a solution.

Most people who know the importance of the SQL standard realize that other SQL-compliant DBs exist. The exception being those totally married to MS. And sgain, this ignores yet another Open Source product called... MySQL. Are we bashing the use of generic terms, or just Microsoft?

'Access' is also a generic English word.

Whee! And...? It's not directly related to databases. Maybe if it was named for a product that implemented some sort of authorization scheme, but it's not remotely close to that. So what?

If anything, MS marketing has done a great job of turning generic names into names that are widely related to its own products (perhaps not a Good Thing, but a Great Job). As you say, X-Windows had a chance to make Windows popularly tied to its product and failed. MySQL can easily make everybody think it is the SQL database, and actually is doing a good job of that.

What you say is pure MS-bashing FUD.

Re:Windows a generic term?

Whether it was generic or not, it would cause a great deal of confusion if somebody else released a "Windows" OS. The judge should really pay attention to that, especially when Lindows looks so much like Windows [walmart.com].

No, because the judge is paid to apply the law. Causing confusion is not in itself enough to be unlawful - a lot of us would be in a lot of trouble if it were :)

The judge has made his ruling on the legal position, he also allowed an appeal on this point ahead of the main trial and the appeals court has agreed with his ruling. If you want to CHANGE the law then I suggest lobbying your political representatives.

It's fun to hate Microsoft and all, but this just ain't right.

I don't hate Microsoft and nothing in either my previous post or this one is remotely "hateful". I think "Lindows" a very poor and uninspired name, but that doesn't mean that just because they made a name similar to "Windows" that they've infringed upon a valid trademark.

Re:Windows a generic term?

[NanoGator]

"No, because the judge is paid to apply the law. Causing confusion is not in itself enough to be unlawful - a lot of us would be in a lot of trouble if it were :)"

I see what you're saying. However, the judge should not ignore the damage to the public. If he decides that the trademark is invalid, that's fine, but he still should not allow the use of the term Lindows. Trademark or not, Lindows still did this to give Microsoft the raspberry. Not cool. I'd have a lot more sympathy for them if they had stumbled on this a little more accidentally.

"...but that doesn't mean that just because they made a name similar to "Windows" that they've infringed upon a valid trademark."

They made a product with a name that is VERY similar to Lindows. They also made it so it performs the same basic job, and more damningly, they made it look virtually identical. That is exactly what trademarks is supposed to stop.

Re:Windows a generic term?

[angle_slam]

Microsoft trademarking "windows" is akin to Ford trademarking "wheel".

And Linodws is akin to Chevy marketing the "zheel".

Re:Windows a generic term?

So do you think that Chevy should be punished for using the term "zheel"?

Re:Major Break for Lindows

[whowho]

Just the "I predict" start sets the tone to the post...

--
coming to italy? http://alltuscany.com

Lindows and Security???

And the security subject comes up when they run the user as root?? Its having having a blind man sell you glasses...

Re:Linux is magically more secure

[BurritoWarrior]

Really? So all the holes in Outlook through the years haven't meant anything?

And the fact that all home users were "root" by default prior to XP means nothing?

And the fact that unless set up differently, even in XP the average user is "root" is not an issue?

Suuuuuuuuuuuuuure....

So how long...

[innerlimit]

before Apple sues LinSpire over their website design?

Re:So how long...

[aixou]

You think Lindows' site is bad? Browse a couple pages on THIS site. People are going to copy Apple no matter what. For the most part, all Apple can do is keep innovating and stay ahead of the game

Re:Linux is magically more secure

[JaF893]

What you have said isn't really true. One of the major strengths of Linux is the lack of a monoculture. Most distributions come with 3 or 4 web browsers, e-mail programs, and media players etc. It would take a very good hacker to find a generic security hole in every program.

The only other option would be to try and exploit a security hole in the Kernel. Given that not everybody runs the same Kernel this would also prove difficult.

Re:Linux is magically more secure

[lazy_arabica]

If Joe Average ran GNU/linux.. we'd see just as many worms, just as many viruses, just as many spam boxes..

If you only knew how many times I heard that argument... Go learn what a security model is, and how design-time decisions can make an OS much more secure than another one.

Irony

[omnirealm]

...the latest Michael's Minutes from Linspire pegs all the blame for virus problems on Microsoft and basically says that Linux (well, Lindows anyway) is the cure.

The irony of this statement is that Lindows will probably be one of the driving forces in getting Linux viruses popular. By marketing the software to those who are less computer-savvy while making the root user the default user, Lindows is opening up the door for some nasty widespread security exploits. Some of the reasons why viruses have not been a problem under Linux so far has been due to smaller desktop market penetration, heterogeneity, the computer literacy of those who run Linux, and the restricted account privileges of the user. Lindows threatens all of those factors.

Re:Irony

[dmaxwell]

What's sad about this is that Linspire could EASILY do this the way OS X does it. When you install something in OS X, a box pops up asking for the admininstrator password. It's easy and maintains security for the system level stuff. It wouldn't be that big a deal to prettify and simplify something like Kpackage.

Re:Irony

[mpe]

What's sad about this is that Linspire could EASILY do this the way OS X does it. When you install something in OS X, a box pops up asking for the admininstrator password. It's easy and maintains security for the system level stuff.

As well as maintaining a distinction between "administrator" and "user" tasks. Which means that it is far more difficult to get the "click on a web link and have some malware quietly installed" senario.

Re:Irony

By marketing the software to those who are less computer-savvy while making the root user the default user, Lindows is opening up the door for some nasty widespread security exploits.

Except they don't make root the default user. That was the case in their very first beta, and they changed it before the first version was officially released.

Please check your facts before mindlessly repeating some criticism you heard years ago.

Re:Irony

Well, That depends, actually it'll be possible to install all sorts of malware in the user directory, which is almost as bad.

However, I think it's easy to solve. Autopackage is soon going to be launched, and It'll have JUST that problem, what we ought to do is create an organisation that maintains a list of ID's of 'good packages'. We should then ensure that everyone who releases autopackages always sends this id in for acceptance.

I think we have every chance to NOT make the same mistake as MS did.

Re:Irony

[Kaboom13]

Training users to enter the aministrator password whenever a box pops up and asks for it might not be the best idea ever.

Re:Irony

If you have kids and you don't give them the password, it's a great idea.

If you have idiot friends and you don't give them the password, it's a great idea.

If you have ignorant in-laws and you don't give them the password, it's a great idea.

Re:Irony

It's easy and maintains security for the system level stuff.

Your kidding right? The less computer-savvy user will simply enter the root password (that's on a note stuck to the monitor) whenever prompted for it.

I know users who will install spyware and adware knowingly because it also gives them instant weather updates.

I know users who will install a virus to see some celebrity nude, spend a week fixing their computer, then install the same virus again to see the same celebrity nude.

These people will not even be slowed down by a root password prompt.

Not Holland...

it's the Netherlands!!!!!!!

Re:Not Holland...

[Nermal6693]

It was always Holland when I was a kid. I had never heard the name "Netherlands" until a few years ago.

Re:Not Holland...

[BorgDrone]

It was never Holland, there are two provinces in the Netherlands with Holland in the name Noord holland en Zuid Holland (North & South Holland). The dutch name for the country is Nederland which translates more or less directly to "the netherlands".

Re:Not Holland...

Which says enough about your educational system!

Re:Not Holland...

[pommiekiwifruit]

Yup, and the country that has Washington DC as the capital city is Texas.

Oh wait... that is actually how it looks at the moment.

Re:Not Holland...

[pjt33]

Although I saw a statistic a few years back that claimed 80% of US citizens thought the capital of the US was New York.

Re:Not Holland...

Officially it's: Kingdom of the Netherlands

Re:Not Holland...

Well, Texas was its own country at one point, so your joke actually kinda makes some sense. :)

Re:Not Holland...

Isn't Holland a province of the Netherlands? Oh, and Zeeland is a part of it too, I think. There you have the reason behind "New Zeeland"...

Re:Not Holland...

[bbc]

Not true. The Kingdom of the Netherlands also comprises Aruba and the Netherlands Antilles, but under one king (well, queen at this point in time) they are three different countries.

Re:Not Holland...

[Nermal6693]

By "it was always Holland", I meant that everyone called it Holland, not The Netherlands. I didn't mean to say that its official name was always Holland.

Re:Not Holland...

[Nermal6693]

Except it's "New Zealand". But I suppose that's just a language difference.

this will be good news for......

[hutkey]

...mike

coz microsoft already takes on and threatens him.

Who started using the term WINDOW(s) ?

[formal_entity]

Wasnt there something called "XWindows" or "Windows X" on Unix years before M$ coined their Windows?

Re:Who started using the term WINDOW(s) ?

[xlyz]

a carpenter opening a hole in the wall???

Re:Who started using the term WINDOW(s) ?

[bheer]

For the last time, people: NO. It was the "X Window System".

Re:Who started using the term WINDOW(s) ?

[formal_entity]

Well say that "X Window System" where first, then Microsoft added a single letter and it became "Windows" with an plural s. After that Lindows release yet another GUI system and changed again 1 letter... (W became L) and then Microsoft is all pissed off about it?! These word games are just aweful, it would be so much better if they could just write code instead! :)

Re:Who started using the term WINDOW(s) ?

[LilMikey]

...it would be so much better if they could just write code instead!

Well, you stick to what you're good at.

Re:Who started using the term WINDOW(s) ?

[spectecjr]

Wasnt there something called "XWindows" or "Windows X" on Unix years before M$ coined their Windows?

No, Windows was coined in 1983.

Mandatory Linux vulnerability disagreement here...

[the_rajah]

While the "safety by obscurity" factor has some validity and would largely disappear if a larger percentage of people were using GNU/linux, the simple fact is that Linux is much more secure by default.

Think of all those vulnerabilities that are defaults in Windows. Think also about the fact that most Linux distros do not encourage the user to run as "root". Not that Linux has no potential vulnerabilities, but they are much fewer than Windows..

Re:Linux is magically more secure

[It'sYerMam]

Also, because developers often release updates very frequently, bugs get fixed very quickly. You don't get Microsoft Windows XP.6.5-1.358, now, do you?
This of course may change if Linux "goes mainstream" as developers start being more concerned that users don't want to get updates every two minutes
Still, the use of update system like up2date mean that this happens relatively painlessly.

Perhaps, though, a patch based system similar to CVS would be a better idea, so as to minimize download times and bandwidth usage.

You have been Rooted

Lindows from what I understand makes the big mistake opf giving users the nice experiance by running as the root user.

This is pretty brain dead at the best of times and will allow worms to propogate as badly as at present. If windows users were not always logged in as admin there wouldn't be such a problem as there is. I am sure the same will be said for any OS, where you can do anything as the normal user.

If a Lindows user gets a browser worm or similar and is root, it can still propgate and do what it like just as on windows.

Re:You have been Rooted

[M.+Baranczak]

Why does a worm need root access? A process running as a regular user can still open a TCP connection, right? Which is all a worm needs in order to spread. It won't be able to do quite as much damage to the host machine, but it can still play hell with the network.

Re:Linux is magically more secure

[hutkey]

then the 'root' cause must be found out and be up'rooted' in Lindows immediately.

does Lindows prevents all the bugs seen in Windows? is the primary question

Re:Linux is magically more secure

[Erasmus+Darwin]

"And the fact that all home users were "root" by default prior to XP means nothing?"

Apparently, Lindows was guilty of this even more recently than Windows. From a July 21, 2002 Washington Post article:

But the single worst feature of Lindows lurks under its colorful interface. Lindows sets the PC's owner up to run the machine as its "root" user, with unrestricted access to every system command and capability, no matter how potentially damaging. Worse yet, the test system left the root password blank.

However, for the record, I've seen passing references while googling that indicate this has been fixed. But the point still stands that if you're going to criticize Microsoft for doing this in the past, it's only fair to criticize Lindows for also doing this in the past.

Re:Linux is magically more secure

[sheriff_p]

Exactly.

The idea that a virus/worm needs its exploited user to be root to replicate and spread to other people is ludicrous. Almost all recent Windows viruses wouldn't have been particularly hindered if the user wasn't running as root - in most cases, they simply replicate, by email - a situation you don't need to be running as a privileged user to replicate.

And if we're picking random piece of software oft-associated with a platform, and looking at their security history, try taking a deep look bind/sendmail.

+Pete (a commited OpenBSD user)

Re viri: MacOSX is the one to watch

[jdesbonnet]

I don't have the latest figures, but I'm pretty sure that MacOSX desktop figures far outweight those of any Linux distribution (right now anyway ;-)

MacOSX is a real OS. What's the virus situation here? I think it will be a good indication of what life will be like when Linux desktop becomes more common.

BTW: this is a question... not a statement, but my hunch is that MacOSX malware is rare (?)

Re:Re viri: MacOSX is the one to watch

Not in my house. 4 Linux desktops. And I did it cheaper than you can buy 1 OS X box.

Re:Re viri: MacOSX is the one to watch

[pjt33]

Apple just released a patch against the first concept virus specifically aimed at OS X. (It does, of course, also have to patch vulnerabilities found in things like OpenSSH). There have also been one or two trojans which have made the news.

Re:Re viri: MacOSX is the one to watch

Numbers are hard to pin-down as to desktop installs of Linux, but there have been several surveys in the past 6 months that have asked that question.

They all seem to conclude that the total deployment of Linux on the desktop (any distribution) is somewhere in the range of 150% to 200% that of OS/X. I don't know if anyone's though to ask about all Apple operating systems combined (there are still quite a few users of MacOS pre-OS/X).

Regardless, the adoption rate of Linux on the desktop is still greater than OS/X. Not that OS/X isn't a fabulous product, but it has more stringent hardware requirements and doesn't have a straight migration path on dominant hardware platform (IA32). There also seems to clearly be more third-party developer support behind Linux at the moment.

I suspect that Linux will eat away more Windows desktop share (but not become dominant) than Mac OS/X share, and that will ultimately become beneficial for Apple as the familiarity with UNIX derivative environments and the incumbent accustomization to slightly different UIs will make their product seem less alien to consumers and businesses.

As far as viruses... There will be some exploits for MacOS/X and Linux like the sort that have always existed but nothing like the Windows situation -- except in the case like Lindows where every action is done as root.

Re:Re viri: MacOSX is the one to watch

[Tezkah]

"Certainly by...2005, possibly by the end of 2003, Linux will pass Mac OS as the No. 2 operating environment," said IDC analyst Dan Kusnetzky. http://www.macobserver.com/article/2002/12/19.13.s html

Re:Linux is magically more secure

[Decker-Mage]

and if you only knew how many times I've heard that argument... I suggest that you subscribe to the various industry newsletters (SecurityFocus.com is a good start). I receive them all. There are many holes in Linux apps and distros, many of which can grant root from user, and the list keeps growing on their side of the house as well, just not as fast. Should it become a bigger target, well then we'll see more vulnerabilities sought. Simple economics here (look up opportunity costs). I am 0S agnostic, do security consulting among other things, and frankly, no OS is absolutely pure, perfectly armored, nor any application suite. The article gets another thing wrong. The right collection of free tools and for a home setup, each day should take a couple of minutes at most, reboot rarely.

Kinspire

[2br02b]

Under what's new (right hand side of page)

New Linspire name
Rock with Lsongs
Lphoto ships

Looks Like Lanother KDE Lin Lthe Lmaking

Re:Kinspire

iThink iThat's iNot ThatX RareX...

Can you name a single major desktop environment that *doesn't* use a short prefix or suffix to identify integrated programs?

Re:Linux is magically more secure

Many say it's because of the large community of Windows users that Windows suffers like it does from worms and viruses and therefore are likely to say this will be the case if another OS like Linux or Mac OS X became mainstream.

But let's not forget that Apache holds nearly if not already 70% of the webserver marketshare, so you could call Apache mainstream. But by a long way is it as vulnerable to worms and viruses like it's Windows counterparts are.

Ok, first off...

[AltGrendel]

...I really don't like Microsoft.

But saying Linspire pegs all the blame for virus problems on Microsoft and basically says that Linux (well, Lindows anyway) is the cure." strikes me as wrongheaded. The problems with Microsoft/virus issue are all legacy issues. If you think about it, all Microsoft code is based on a pre-Internet OS. It really isn't geared to the Internet to day. It's kind of like why pre-'70s (US) cars may not need to meet modern pollution codes. This does not make it right. But Microsoft itself is too monolithic to respond properly.

Also the users that are having the problems are all the "unwashed masses" that don't know to patch their systems properly and to pratice safe web surfing. They need to be educated.

Re:Ok, first off...

[_|()|\|]

The problems with Microsoft/virus issue are all legacy issues.

We just read a story about Netscape's last gasp against IE's dominance, in which one comment linked to Browsers used to visit Google, April 2004. The graph shows an overwhelming adoption of IE 6.0--if Microsoft delivers a secure browser, users will adopt it.

Re:Ok, first off...

If you think about it, all Microsoft code is based on a pre-Internet OS.

So, would you say that a cheap UNIX knockoff was based on a pre- or post-Internet OS? Not to mention that modern MS OS's are based on Windows 2000, a complete rewrite of the codebase for the Internet era.

Re:Ok, first off...

Oh, please.

Nobody is adopting IE 6.0 because it's secure. People use it because that's what came with their shiny new computer. If Microsoft delivers a secure browser, users will ignore it until it comes pre-installed on a new computer.

Go Lindows/Linspire!

I enjoy reading the weekly Michael's Minute, always a good read, except of course for the obligatory Lindows advertisements.

With regards to the fight over the Lindows name, I like to see Lindows standing up for principles and also for taking on Microsoft.

I applaud Lindows efforts to create a user friendly Linux release, I wish that it was a free distribution that I could just make copies of and give out to people, with revenue coming from optional support, click n run subscriptions.

Re:Go Lindows/Linspire!

[Nyder]

...'I applaud Lindows efforts to create a user friendly Linux release, I wish that it was a free distribution that I could just make copies of and give out to people, with revenue coming from optional support, click n run subscriptions.'...

apparently version 4.5 is a free download only through bittorrent. I read that in a magazine article, i'm lookin for a link... here we go: http://info.linspire.com/lindowslive/p2p.html have fun...

GUI vs. OS

The argument is that Windows may have been a generic term to describe a graphical user interface, but it wasn't a generic term to describe an operating system.

Re:GUI vs. OS

[dsfox]

However, this might mean that one is willing to accept that there could *be* an operating system without a GUI, so the argument becomes a bit difficult.

keep the new name

[qBeaks]

I wonder if they will change the name back, I'm just starting to like Linspire better than Lindows.

Re:Linux is magically more secure

[Frit+Mock]

Although I think that Linux is more secure, I think the writer of the parent article is (almost) right.

How many Worms/Viruses/Spams we "see", is less related to the number of security hole that exist in a certain system, it is more related to the number of "attackers" and the number of targets!

Not every securityhole is exploited, typically a high number of securityholes means nothing more, than only a tiny fraction of them are exploited.

If the number of systems prone to an attack is the same and the number of attackers is the same, then the fraction of exploited securityholes just increases ... and the total number of attacks stays nearly constant.

Thank you, Bill Gates

Casual computer users now have the expectation of being able to do anything on a computer whenever they want to.

Lindows is just playing to that "cult" of users, and until that cult is deprogrammed we'll always be feeling the effects of "There's no security in Microsoft".

Re:Thank you, Bill Gates

[KarmaMB84]

I believe this expectation comes from the people that own their computer and in fact should be able to do anything with them since it is their property. :P

Re:Big fish in a small pond

[I+confirm+I'm+not+a]

Do you guys really think for one second that if Linux were the dominant operating system, and thus had the attention of hackers worldwide, that it would remain as secure as it seems to be now?
I'll bet it would turn up at least as full of holes as Windows is now. Microsoft OSes are under asault in a trial by fire the likes of which no one has ever seen before.

Really, this hoary old chestnut has been done-to-death. No. I don' think for one second that if Linux yada yada yada. For numerous reasons outlined already in this thread. Because Linux has a competent security model. Because Windows is homogenous - many/most users use identical apps (think Outlook Express, IE), on Linux there's too much choice for a worm, etc, to successfully propogate using one target. Because Linux doesn't default to running as root, and provides an easy mechanism for dropping-into root when you need to (disclaimer: maybe Windows has this - I've never found it, and I've been running Windows a lot longer than I've been running Linux).

Please, people, rather than using arguments like "I'll bet...", try just googling for facts. Or give up trolling.

The problem is the business model

[mangu]

Linux is intrinsically more secure because it's open source. Linux is used in so many universities all over the world that there are too many professors and researchers looking over the code for a dangerous weak spot to grow. Windows, on the other hand, is known only by a few programmers in Redmond. It's a combination of two factors: fewer eyes looking at the code and monoculture.

A team of programmers in a commercial company distributes the work in the most cost-effective way, so that each person in the team specializes in a section of the code. There is little cross-checking if any. In open source, OTOH, there are people with different backgrounds verifying the code, independently.

That's the same reason why crackers find weak spots in software, they verify details that the programmers who created the software never thought about checking. In open source there is a balance of forces that's strongly biased to "good", instead of "evil", because the "black hats" are more often immature teens while the "white hats" are university professors. In commercial software, the balance of forces tends more to the "evil" side, because of the larger number of people in the black hats.

Re:The problem is the business model

Linux is intrinsically more secure because it's open source. Linux is used in so many universities all over the world that there are too many professors and researchers looking over the code for a dangerous weak spot to grow. Windows, on the other hand, is known only by a few programmers in Redmond. It's a combination of two factors: fewer eyes looking at the code and monoculture.

Yet when the source code to Windows was released on the Internet how many flaws were discovered? One (if it would even count). So much for the "many eyes" argument. Seems that's not a factor (at least not with Windows).

Ot but had to say -

[JosKarith]

Look at the Related links bar on the right - about halfway down it says:
-Linspire
-Microsoft
-doesn't infringe Microsoft's patent

Well I thought it was funny anyway.

I can relate

[acariquara]

As a Brazilian myself, I am happy when ppl/the media does not say our capital is either Rio or -ugh- Buenos Aires.

Re:I can relate

[pommiekiwifruit]

Too right, it's Manaus isn't it? Well, somewhere far away from the people anyway :-)

Re:I can relate

[Da+Fokka]

Isn't Brazil one of those countries (like Tanzania) where the capital is located in the geographical center (and therefore, in the middle of the jungle)?!

Re:I can relate

No it's Brasilia.

Re:I can relate

[Arngautr]

correct me if I'm wrong but didn't it used to be, before the govt. started trying to push people inwards, wrt the country in question (the netherlands) I'm afraid we have no such excuses.

Re:I can relate

I knew that; I was being sarcastic.

Re:I can relate

not quite in the middle of the jungle. It is in the middle of basically nowhere but it's a "cerrado" nowhere (low vegetation, mainly twisted trees and open fields as opposed to the ultradense rainforest that dominates the north/nortwestern region)

So then why isn't spyware blamed on Windows too?

[goldspider]

Here's what I want to know.

Most slashdotters direct much wrath towards the makers of spyware, adware, and malware in general, because they are a pain in the ass that inconvenience users.

However when someone writes a virus that inconveniences users, almost everyone here blames Microsoft and not the writer of the virus.

Seeing how there is almost no difference between the two, why are spyware publishers lambasted but virus writers given a free pass, and in many cases, lauded as champions against the evil Microsoft Empire?

No, that's not a "strength"

[fmaxwell]

One of the major strengths of Linux is the lack of a monoculture. Most distributions come with 3 or 4 web browsers, e-mail programs, and media players etc.

Spoken like a true, myopic computer geek. It's the "monoculture" of Windows that makes it usable by the average person. It's what makes it possible to publish books with screen shots. It's what allows the tech-savvy family member to tell his parents and siblings to "click on file and then click on ..." It's why ISPs can support users cost-effectively. The lack of consistency in Linux, the fact that each major distro installs three, four, or more browsers rather than one, and the lack of recognition of this as a problem is why, despite being free (as in beer), it still has no significant penetration onto end-user desktops.

Re:No, that's not a "strength"

[JaF893]

Just to clarify - I meant that the lack of a monoculture was a strength of Linux when it comes to Security. The downside to this is that it makes Linux less accessible to new users and you were right to point this out.

Re:No, that's not a "strength"

Oh dear. No, _you're_ myopic. You fail to see things long-term.

Here's a clue. In the future, people won't be using, reading about and supporting 'Linux' per se. Linux is just technology; strictly speaking it's just a kernel.

Instead, people will buy apps for, read about and support Sun JDS. Or Red Hat Desktop. Or SUSE. This is already happening to some extent, and it's eliminating the problems you mention. Your slightly misguided view stems from the belief that everyone is somehow running vanilla Linux -- but they're not.

There will be three or four major distros (also known as 'choice' in a non-Microsoft world), all straightforward to support. Your ISP will support three distros, you'll buy books for your distro, hardware will have drivers for the big three.

It's not hard to understand. If you phone an ISP, they'll typically ask you: "Win98, 2000 or XP?" etc. Similarly, driver disks cater for the differences, as do books. So if everyone was using their own hand-crafted LFS or Gentoo installation, you may have a point, but as Linux hits the mainstream desktop it's not going that way. There are clearly defined products and releases, and only a few major players, so it's not remotely a problem for support. It's not vanilla Linux.

Finally, your "no significant penetration onto end-user desktops" remark is curious. Sun has recently signed a deal to supply 1 million Chinese desktops with Linux. Walmart is selling machines with Linux. Red Hat has just launched a new desktop offering. IBM and Novell are converting all staff to Linux desktops. There are at least four major newsstand Linux magazines (here in the UK).

That's pretty "significant" to me.

Re:No, that's not a "strength"

[FooBarWidget]

But if you *do* ship only one browser, people will flame you down for being insecure. And then you *still* lose.

Re:No, that's not a "strength"

[fmaxwell]

Your slightly misguided view stems from the belief that everyone is somehow running vanilla Linux -- but they're not.

I am a computer professional with over 20 years of professional software development and support experience. My views are, to be immodest, insightful and well-reasoned. You would be well-served to learn from what I have to say rather than assuming that you know better.

Instead, people will buy apps for, read about and support Sun JDS. Or Red Hat Desktop. Or SUSE.

How will grandma buy apps for SUSE when she can't configure it to work with her ISP, her ISP won't provide support (because the ISP can't support multiple releases of Linux OSs cost-effectively), has no idea what "SUSE" is, and can't get support when she calls the company that sold her the computer? Do you think that the average Windows user 'reads about' Windows? Heck no. They turn on the computer and click the icons for installed apps.

There will be three or four major distros (also known as 'choice' in a non-Microsoft world), all straightforward to support.

Says who? How will this magically happen? I've not seen any ISPs embracing any of the existing distros for end-user desktops. I've not seen major companies that publish game software, tax preparation software, or mapping software choose flavors of linux to support. There aren't hardware vendors who are, en masse, going to a given few distros of Linux.

It's not hard to understand.

Apparently it is.

If you phone an ISP, they'll typically ask you: "Win98, 2000 or XP?" etc.

So let's pretend that you are right and that there are three major distros of Linux. Each one of those has multiple releases in common usage. Each of the releases probably has given the users the choice of, at the least, KDE or Gnome UIs. Just start doing the math and you'll see that there is a lot more work.

Similarly, driver disks cater for the differences, as do books. So if everyone was using their own hand-crafted LFS or Gentoo installation, you may have a point, but as Linux hits the mainstream desktop it's not going that way. There are clearly defined products and releases, and only a few major players, so it's not remotely a problem for support.

Again, three or four distros times probably three or four active releases per distro times (at least) two GUI front-ends... The numbers are not pretty.

Finally, your "no significant penetration onto end-user desktops" remark is curious.

Apparently you have not been reading the mainstream press. According to a May 21 ZDNet article

Linux's share of the desktop PC market is growing, but is still a small fraction in comparison to the 90 percent-plus market share enjoyed by Windows.

Worse than that, you haven't even been reading the pro-Linux press, such as this articlefrom LinuxPlanet on May 6 in which they state that

...Linux desktop remains far behind with IDC estimating its market share at less than 3 percent.

Sounds pretty grim to me.

Sun has recently signed a deal to supply 1 million Chinese desktops with Linux.

There are 1.3-1.4 billion people in China. That means one copy of Sun-supplied Linux per 1,300 - 1,400 people.

Walmart is selling machines with Linux.

They are also selling Depends adult diapers, but I don't think that means that Depends is about to become a a major player in the undergarment market.

Red Hat has just launched a new desktop offering.

No, Red Hat just killed off their boxed desktop offering and is letting connected geeks beta test for them with Fedora.

IBM and Novell are converting all staff to Linux desktops.

And what percentage of the desktop PCs in the world are owned by IBM and

Re:No, that's not a "strength"

[fmaxwell]

But if you *do* ship only one browser, people will flame you down for being insecure. And then you *still* lose.

Agreed. That's the predicament in which Linux publishers find themselves. Unlike Microsoft, they cannot decide to ship just one browser. If they do, they lose many of the Linux faithful -- and that's, for all intents and purposes, their sales staff. Linux is sold by word of mouth recommendations. But keep supplying three or four browsers, three e-mail clients, four music players, etc., and you limit your penetration into the mass-market. I don't have a solution -- just observations.

Re:No, that's not a "strength"

"My views are, to be immodest, insightful and well-reasoned. You would be well-served to learn from what I have to say"

Shame about your unbearable ego, then. Wow, you must be great fun at parties -- that's if you go to any, of course.

"because the ISP can't support multiple releases of Linux OSs cost-effectively"

Yeah, because ISPs can't support multiple releases of Windows and MacOS X cost-effectively, right? *sigh*

Another thing you fail to take into account is that distro-neutral apps aren't THAT hard to package. OpenOffice.org, Mozilla and others manage it, and they're BIG beasts. It wouldn't be hard for an ISP to develop a distro-neutral dialup and config software, supply Mozilla and say "we only support Mozilla". End result: same support costs as Windows.

"They turn on the computer and click the icons for installed apps."

Erm, and you can do that with desktop Linux distros now. And as stated, the world is moving towards a handful of mainstream distros -- Sun JDS, Mandrake, RHEL and SUSE. Together they hold a huge amount of Linux 'market share' (what an ugly term).

On this note, how would you improve this situation? Sure, I respect that multiple distros adds support complexities, but that's a small price to pay for CHOICE -- something seriously lacking in the market at present. Should we just have one distro? We both know that'd never work.

Some people are so sucked in by the Microsoftian way of thinking that they can't even _imagine_ a world in which several OSes are used.

"No, Red Hat just killed off their boxed desktop offering and is letting connected geeks beta test for them with Fedora."

Erm, I just said that RH has launched a new desktop offering. I'm not talking about RH 9. I'm talking about the RHEL Desktop announced last week. Please keep up with developments before you make comments...

"There are 1.3-1.4 billion people in China. That means one copy of Sun-supplied Linux per 1,300 - 1,400 people."

Ratios aren't important at this stage, unless you're desperately trying to justify your argument. What matters is this: by 2007 there will be more Chinese online than Americans. A large percentage of these, and perhaps the majority, will be using Linux. That is MASSIVE.

"And what percentage of the desktop PCs in the world are owned by IBM and Novell?"

That wasn't my point and you know it. Anyway, remember that IBM is a bigger company than MS in terms of staff and revenue, and has enormous clout in big business. Once they've converted all their systems to Linux, they're in a very healthy position to promote desktop Linux -- and it will come.

It's all semantics, but "insignificant" would be better attributed to BeOS, SkyOS and so forth. Linux may still be a small player, but the developments in the last few months have been incredible.

I get the feeling that when Linux reaches 20% market share, there'll still be people like yourself talking about "insignificant" and "never going anywhere".

Re:No, that's not a "strength"

[fmaxwell]

Shame about your unbearable ego, then. Wow, you must be great fun at parties -- that's if you go to any, of course.

If you were interested in making friends, you wouldn't be posting anonymously. Besides, what do my social graces have to do with the strength of my arguments?

Yeah, because ISPs can't support multiple releases of Windows and MacOS X cost-effectively, right? *sigh*

Windows 98, 2000, XP. That's it. Three releases of Mandrake, three releases of RedHat, three releases of SUSE, three releases of Lindows, three releases of Slackware. Now multiply that times two (KDE and Gnome) and you're up to 30 different basic support scripts plus the three that already existed for Windows.

Erm, and you can do that with desktop Linux distros now.

Quit taking things out of context. I pointed that out to counter your earlier argument that "people will buy apps for, read about and support Sun JDS. Or Red Hat Desktop. Or SUSE." Normal people don't read about the OS on their computer or buy many (if any) apps for it.

On this note, how would you improve this situation?

United Linux was the smartest effort towards resolving the situation thus far. There need to be standards for tools, directories, etc. A support person has to know, beyond any doubt, that a given tool exists, where it exists, etc. Binary compatability is an absolute must-have. A company needs to be able to build an app that runs on any "standard" Linux without recompilation. But the main thing that has to happen is for the Linux community to consider the needs of average users and not demand four browsers, three e-mail clients, etc. Pick a standard UI, browser, e-mail client, etc. and only install others in an "advanced setup" mode.

Please keep up with developments before you make comments...

I was aware of RHEL for their enterprise customers, but don't care about it. I hate RedHat. I think that they are scumballs and I look forward to them failing so that more reputable Linux vendors can take their customers. Why should I care about their Enterprise offering when they just killed off their mainstream desktop offering when so many individuals and businesses relied on it?

Ratios aren't important at this stage, unless you're desperately trying to justify your argument. What matters is this: by 2007 there will be more Chinese online than Americans. A large percentage of these, and perhaps the majority, will be using Linux. That is MASSIVE.

LOL!!! First you say that "ratios aren't important" and then talk about "a large percentage" and "the majority". What do you think that those terms represent if not ratios? How can you say that a "large percentage of them" will be using Linux when the biggest sale you can point to is 1 million copies? How do you extrapolate from that agreement that Linux will become wildly popular in China?

I get the feeling that when Linux reaches 20% market share, there'll still be people like yourself talking about "insignificant" and "never going anywhere".

In the last few days, I've downloaded Mandrake 10.0 and Linspire 4.5 (AKA Lindows). I stay on top of the Linux market, have deployed Linux servers, have Linux installed on machines at my home, and use it at my work. I have a bootable Linux distro on a flash drive that I take to work. I also run Windows 2000, XP, and 2003 Server Enterprise Edition. I know the strengths and weaknesses of both Windows and Linux, from both a technical and a marketing standpoint. You're trying to paint me as some kind of anti-Linux, pro-Microsoft fanatic -- and nothing could be further from the truth.

Re:No, that's not a "strength"

"If you were interested in making friends, you wouldn't be posting anonymously."

I'm not interested in making friends with Slashdotters. Having said that, and as much as I may disagree with your views, it's good to see that you're not part of the groupthink and you can put forward your points eloquently...

"Now multiply that times two (KDE and Gnome) and you're up to 30 different basic support scripts plus the three that already existed for Windows."

But that's assuming an ISP would support the different desktops. More likely, they'd only support the DEFAULT. I mean, you don't expect ISPs to support WinBlinds, LiteStep and all the other alternative Windows desktops, do you?

Equally, there are loads of browsers, text editors, mail clients etc. for Windows, but ISPs only support the ones they supply/recommend. An ISP could say "Supported: standard JDS, SUSE and RH Desktop with Mozilla" and it wouldn't be far from what we have today in the Windows world.

"Normal people don't read about the OS on their computer or buy many (if any) apps for it."

Well, if normal people don't read about it or buy apps, where's the problem? If the user just wants to turn it on, browse the Web, write a few letters and send an email, what's the big deal? Modern desktop Linux distros do this almost perfectly. Support isn't an issue for the reasons mentioned above, and Linux's stability and resilience against virusus/spyware/crap make it a good candidate.

As you say, a lot of people are using their PCs like a PDA -- a few straightforward tasks. The multi-distro problems don't come into play here.

"But the main thing that has to happen is for the Linux community to consider the needs of average users and not demand four browsers, three e-mail clients, etc. Pick a standard UI, browser, e-mail client, etc. and only install others in an "advanced setup" mode."

Pretty much all major desktop distros do this. Fedora, for example, has Mozilla, Evolution and OOo as the browser, email client and office suite respectively. You have the option of installing extras, but you have that on Windows too -- so what's the problem? The support people can say "we only support the default apps", and it's EXACTLY the same as on Windows.

You use Moz on JDS, that's fine. You use IE on Windows, that's fine. However, if you use Dillo on JDS and Links on Windows, you're left to your own devices. There's no differences between the OSes.

"I hate RedHat. I think that they are scumballs and I look forward to them failing so that more reputable Linux vendors can take their customers."

If you hate Red Hat, go back to glibc 1.x, GCC 2.7.2, XFree86 3.3.6 and kernel 2.2. Hey, I've disagreed with some stuff RH has done, but the work it has put into the community deserves HUGE respect. It has funded coders for the kernel, X, GCC, glibc, OOo, Mozilla, GNOME, and loads more.

All under the GPL. No other Linux company has put as much 'Linux' code back into the community as Red Hat. Can't you give them some kudos for that?!

"How do you extrapolate from that agreement that Linux will become wildly popular in China?"

Easy. Linux is more popular in China than in any other large country. There's a growing anti-American sentiment. The Sun deal. Demand for home-grown OS and apps. And then, take into account the projection that China will have the most Net users in 2007, and that's a LOT of Linux users.

"You're trying to paint me as some kind of anti-Linux, pro-Microsoft fanatic -- and nothing could be further from the truth."

OK, I didn't mean to do that. And as said, you've put your views forward very well. However, I do think you're creating a problem where one doesn't exist with regards to desktop Linux; you can apply these issues to Windows too.

Re:No, that's not a "strength"

[fmaxwell]

Having said that, and as much as I may disagree with your views, it's good to see that you're not part of the groupthink and you can put forward your points eloquently...

Thanks. I appreciate you saying/writing that.

But that's assuming an ISP would support the different desktops. More likely, they'd only support the DEFAULT.

But, unlike the Windows alternative UIs you mention, there are many Linux distros which come with, and install, multiple desktop UIs.

Well, if normal people don't read about it or buy apps, where's the problem?

Because normal people, do, on an all to frequent basis, require tech support. Is the cable modem connection down or is it an OS problem? Has the user accidentally cleared/changed their password? Has some app overwritten something critical? Did the user move a file that they should not have? We've all seen it.

No other Linux company has put as much 'Linux' code back into the community as Red Hat. Can't you give them some kudos for that?

Yes I can, but they just abandoned a large group of loyal users, both individuals and businesses, and I really dislike companies that abandon their user base.

Linux is more popular in China than in any other large country. There's a growing anti-American sentiment. The Sun deal. Demand for home-grown OS and apps. And then, take into account the projection that China will have the most Net users in 2007, and that's a LOT of Linux users.

And they will probably all be trying to spam me, if the existing Chinese Internet users are an example of those to come... But, that aside, I'm not convinced that Microsoft will be willing to give up that whole market. They'd rather give away Windows just to maintain dominance and so that they can sell apps (like Office) to businesses. They are far shrewder than many people give them credit for.

However, I do think you're creating a problem where one doesn't exist with regards to desktop Linux; you can apply these issues to Windows too.

I wish that I could agree with the former and I do agree, to some extent, with the latter. On the former, there clearly is a problem. Hardware vendors don't, by and large, support Linux. Nor do most mainstream software vendors. If you want to do your taxes, you're not going to go out and buy a Linux version of TaxCut. Nor will you find Linux versions of most games. ISPs won't support Linux. Very few home computers are sold with Linux. And when something goes wrong in Linux, the "fix" often involves typing commands that look suspiciously lik modem line noise to fix the problem.

While Windows has more than its share of warts, it's an issue of economics. My ISP can create three tech support scripts for the three major versions of Windows (98/2000/XP). They can train their staff about the vagaries of Windows and the ins and outs. Once that's done, they cover about 90% of the market. Is that 3% of the desktop market running Linux worth the hassle of creating more scripts, more training courses for support personnel, etc.? Probably not. For that reason, Linux has to be BETTER than Windows just to gain a foothold. It must be self-healing and require almost no support.

Re:No, that's not a "strength"

[FooBarWidget]

RedHat/Fedora ships with only one app for every category. There is only one browser (well, actually two: Mozilla and Konqueror. but the latter doesn't show up in the menus), one email client, one IRC client, one instant messenger, one office suit, etc.

Re:No, that's not a "strength"

[strider_starslayer]

What OS you are running is rarely an issue for support so long as you can assume that the person on the other end of the line has some mild understanding of what they are looking at- if they don't know what there looking at, they will be using one of the major applications, with it's default software, after all there the same options, just in different places (For instance, lets just say that in the future when linux takes over, the three major distrobutions are Fedora, Sussie, and Mandrake), which is no more complicated (I would actually say less complicated) then supporting windows 95, 98, ME, NT, 2000, XP (all of which place the same options in different places).

Just like today in the windows world, if you use opera for your browser and you have problems; the tech person is going to ask you to use IE- so too will those with odd programs be told to use more 'basic' ones (mozilla instead of Konq for instance) and it will be up to the user to apply the settings and changes in the basic program to there variations of those programs, or that person could contact applicaiton specific support (contact KDE for problems with Konq)

However while tech support can say 'use the specific application' a virus writer cannot- a virus writer will have to guess what the person is browsing the internet with or else write explots that have variations for multiple programs and setups.

Real world example: If you call internet tech support they are going to tell you to disconnect your firewall- they support the internet to ONE computer, not to your network, and they only support it on windows, with Netscape (mozilla) or IE as browsers; However, once you reestablish the connection your perfectly free (and many people do) then hook it up to there network, firewall it, and use other browsers- This makes things far more difficult for a hacker to get into those systems, and then to actually do dammage to them (not impossible mind you, but more difficult)

Re:Big fish in a small pond

[meringuoid]

if Linux were the dominant operating system, and thus had the attention of hackers worldwide

What do you mean, 'if'? Linux does have the attention of hackers worldwide. How else do you think it ever got written?

Re:Big fish in a small pond

Do you guys really think for one second that if Linux were the dominant operating system, and thus had the attention of hackers worldwide, that it would remain as secure as it seems to be now?

YES.

at least our programmers are not stupid enough to make the email client able to execute software or HIDE FILE EXTENSIONS.

PLUS I dont see a RPC hole there, or the databases shipping with the default username password of sa/none.

I could go on... but the biggest thing is that patches for linux holes are fixed within hours instead of weeks.

Slightly OT: The Netherlands, Holland, Dutch

[Serious+Simon]

If the country is called The Netherlands, then what is Holland? and who are the Dutch?

The official name of the country is Nederland (The Netherlands) which is an appropriate name as a considerable area of the country actually lies below sea level, protected by dikes that keep the water out.

Holland is the name of two provinces in the West of the country, with port cities Amsterdam and Rotterdam, and the seat of the government The Hague. Historically, international trade was done mostly out of Holland, therefore this name is often used for the whole country throughout the world.

"Dutch" is the English word for the language of the Netherlands, it is related to the German word for "German" which is "Deutsch". The Dutch call themselves "Nederlanders".

Re:Slightly OT: The Netherlands, Holland, Dutch

[Jippie]

That a bit funny, Dutch people always call people from Britain, English :)

Britain is also made from 4 part,
England, scotland, Wales and North-island.
Must say not shaw about North-island anymore.

jippie

Re:Slightly OT: The Netherlands, Holland, Dutch

[geschild]

If you're confused now, don't be ashamed. It's intentionally made this complicated to evade or muddle up international discussions about our drugs policies... ;)

This message brought to you from the Marihuana capitol of the world.

Re:Slightly OT: The Netherlands, Holland, Dutch

North-island? Surely you mean Northern ireland? Funny realy...Nothern Ireland is part of the United Kingdom but not of Great Britain

Re:Slightly OT: The Netherlands, Holland, Dutch

[crowke]

To make it a little bit more complex: Dutch is also spoken by the majority of the people in Belgium, but "Dutch" as an adjective refers to The Netherlands. (Dutch flag vs. Belgian flag)

Re:Slightly OT: The Netherlands, Holland, Dutch

What is the difference between UK and Great Britain?

Re:Slightly OT: The Netherlands, Holland, Dutch

[pommiekiwifruit]

Not Flemish? Or Vlanderen?

Ik vind je Ardich. Een cola alstubleft.

Yup, on slashdot you can misspell in any language!

Linux in the Netherlands

[barbazoo]

Isn't Linux a laundry detergent in the Netherlands?

Re:Linux in the Netherlands

[NightWhistler]

No it's not. There actually is an employment agency called "Linux" in the Hague.

Re:Linux in the Netherlands

[barbazoo]

My bad, it was in Switzerland: Switch your washing machine system to Linux!.

Re:Linux is magically more secure

[mpe]

What you have said isn't really true. One of the major strengths of Linux is the lack of a monoculture. Most distributions come with 3 or 4 web browsers, e-mail programs, and media players etc. It would take a very good hacker to find a generic security hole in every program.

Also Redhat, Debian, SuSE, etc all have different binaries of the same program. With things like buffer overflow attacks it's the binary which matters.

Re:So then why isn't spyware blamed on Windows too

[cranos]

I think you'll find that aside from a tiny minority of pimply gits, most people here would love to take virus writers out the back and show them the sharp end of a mainframe. However we would also like to have a quiet word with the idiots who wrote the code that allows these viruses, malwares and trojans to infest your machine without any iaction by the user.

It is a two way street, the virus writers are a pain in the arse for the damage they do, but MS has allowed these attacks to happen through non-existant security and software development run by the fucking Marketing Department.

Copenhagen?

[zonix]

'You think you're a superpower, and everyone else thinks your capital is copenhagen'.

Heh, that's funny, Copenhagen being the capital of my country: Denmark. But then again, most people think Denmark is a city in Sweden. :-)

z

Re:Copenhagen?

[pommiekiwifruit]

It's a suburb of Malmo, isn't it? I believe there's a bridge...

Re:Copenhagen?

[zonix]

It's a suburb of Malmo, isn't it? I believe there's a bridge...

You've got it backwards! Malmoe was a Danish province a couple of hundred years ago.

Actually, most of Scandinavia plus surrounding extra countries were united under the Danish crown back in the 14th century. Those were the days. :-)

z

Re:Mandatory Linux vulnerability disagreement here

[mpe]

Think of all those vulnerabilities that are defaults in Windows. Think also about the fact that most Linux distros do not encourage the user to run as "root". Not that Linux has no potential vulnerabilities, but they are much fewer than Windows..

The other difference is that Linux code, both kernel and application, is more likely to be modular and structured.
Both because this is the "unix way" but also because it's far easier for a diverse group of developers to work with such code.

Re:Big fish in a small pond

[cball2k]

...and those same people are writting viruses to attack MS products, soooooo draw a few conclusions based on your statement...

- linux users are hackers
- linux users write viruses to attack MS os's
- linux users are a security risk
- linux users should be detained for cybercrimes

see how easy it is to spout FUD against an OS....

do something constructive instead of riding the ms-hater bandwagons...

In other news...

[Brando_Calrisean]

Microsoft changes name of flagship product to 'Winspire'.

Waiting for the KILLER virus

[georgep77]

The main problem with windows in-security is that there hasn't been a virus/worm attack bad enough to make people really look at alternatives. Lax building codes don't get addressed until a supermarket roof collapses and many people are injured/killed, the same is true for the computer world. If a worm was created that automatically nulled all sectors of a hard drive 4 hours after infection people would take notice and steps would be taken to either i) fix the problem ii) change the product that has the problem. I think MSFT is on pins and needles hoping that this never happens . It would be catastrophic if said worm ever did exist but that might be the only thing to get people to really take this seriously.

Cheers,
_GP_
p.s. Why didn't they call in "Lin+dows - Linux + XWindows" ??

Re:Waiting for the KILLER virus

[wed128]

it wouldnt be hard to do to fry a hard drive...the payload of a virus isn't the hard part, and isn't specific to windows. Propegation is the real issue here.

Re:Linux is magically more secure

[choas]

I know quite a bit about security and long ago I realised that REAL security involves mutilation of the end-user.

moron

[wasabii]

Well Michael is a moron frankly. What WOULD prevent Linux from becoming as virus infested as Windows would be security out of the box. Locked down settings.

We have buffer overflows in programs just like them.

So, it's good to know that Lindows distributes itself with no user accounts, but you run as root.

Re:Big fish in a small pond

Because Linux has a competent security model.

So does Windows. As a matter of fact Linux and Windows conceptually share a common security model.

Because Linux doesn't default to running as root, and provides an easy mechanism for dropping-into root when you need to (disclaimer: maybe Windows has this - I've never found it, and I've been running Windows a lot longer than I've been running Linux).

Then you haven't been looking very hard. Windows provides two methods:

1. "RunAs"
2. Switch user

"RunAs" has been available since Windows 2000. Switch user since Windows XP.

To use "RunAs" hold down the shift key and right click on the program you want to run. Select "RunAs" from the contextual menu. Hell, correctly written programs take this one step farther by prompting for administrative credentials if they need them (try installing a recent version of Office as a non-administrator to see what I mean).

It appears that your knowledge of Windows is woefully inadequete for a discussion about Windows security.

Re:Big fish in a small pond

Heh. Which webserver has the largest market share? Yep, Apache with around 67%. Three times as much as Microsoft's IIS.

And yet which one has by far the most vulnerabilities and exploits? Yep, IIS.

Thus making your argument completely and utterly weak in every way.

No

Virus writers won't do that. They need their playgrounds up and running to launch DDoS/next version of worm, etc.

Off-topic somewhat, but still Lindows relevant

[fzammett]

I had an old Compaq 1255 laptop sitting on the shelf with a bad hard drive for quite some time. Recently a friend of mine gave me an old 2.4G HD to put in it. Now, that's smaller than the original HD, so I couldn't use the factory reinstall disc, which was Win98 anyway, so all the the better I figured! I could have maybe put some other version of Windows on it, but it's an older machine, so I figured maybe this would be the perfect opportunity to do my first native Linux installation (i.e., the first time it's the primary OS and not running in VMWare, or a dual-boot with Windows as the primary OS). I figured it would run OK, and I'd have a useful machine out of it.

So, first I tried Redhat, 8.0 I believe (I'm not sure the exact version, but it was the latest as of about a month ago). Installation took about four hours (seriously!), and the majority of that time was the automated portion (i.e, after I selected packages and it was doing the actual install). I opted for a non-graphical bootup (because I've had problems with XFree in the past, I always prefer booting to a console and starting KDE from there). Ok, so the install finally completes, and I try to boot, no good. A few seconds after the LILO message appears, the screen fills with a bunch of random gibberish (and I'm not talking about the normal Linux bootup here, I'm talking real random character gibberish all over the place), and locks solid. I let it sit for about an hour, just in case it was long bootup, not that I would have used it even if it was at that point, but still no good. It didn't work.

Ok, maybe it's just Redhat I figured, and I personally prefer Mandrake anyway, so I gave that a shot. Again, it was the latest version at the time (9.2 I believe it was, 9.x something in any case for sure). Installation took about two hours, still not good, but when I restarted the laptop the exact same problem ocurred.

Ok, so maybe it's Redhat AND Mandrake. Wait, maybe I did something wrong during installation (even though I pretty much just took default options). Ok, let me try Mandrake again and this time don't do ANYTHING beyond defaults (i.e., I'll let it to the disc partitioning and I won't select packages individually). Long story short, same result.

Ok, maybe Suse? Nope, same problem. Gee, could the newer kernel be the problem? Nope, Redhat 6 did the same thing.

Ok, at this point I'm ready to just do my own Win98 installation, to hell with the Linux mess.

(And here's where the relevancy to this topic comes in)...

I notice that I have a copy of Lindows 4.0 via a friend of mine (yeah, yeah, shouldn't have it, I know, but I did, so let's move past that point), so what the hell, why not try it? Guess what? IT WORKED!

The installation took about an hour, and although I wasn't thrilled with having almost no options during install (just the one question about partitioning, and I told it to just use the entire hard drive since it was going to be the only OS, why not??)... But in the end, it worked. Network worked right away, video worked right away. No sound at all, so that's a problem, and I haven't tried the modem at all, but I don't really expect it to work as it's a Winmodem piece of crap, and it doesn't really matter anyway.

Now, it is SLOW AS A DOG, a lot slower than I expected. But, it has been my observation that KDE isn't particularly snappy even on my 2.4GHz Pentium 4 with 1G RAM at work (certainly useable, but to my eyes it lags WinXP a little bit, not a ton, but noticeably). But on the plus side, it mostly works as expected, and isn't that bad of a transition for a Windows guy. Tons of configuration options to be sure, which is nice. I did have a number of programs crash already (and I really don't need some Willie Coyote on crack-looking kid with a bomb in his hand pop up when that happens), but generally it's been fine.

I was surprised to see Lindows work at all, given the failure of the other distros. And before anyone says it, sure, I could have t

Re:So then why isn't spyware blamed on Windows too

[meringuoid]

Spyware and adware and similar evils are nothing to do with MS. They don't exploit any technical flaw - they just assume that nobody's actually going to read the EULA. They're a social evil. We therefore hate the companies that use them to advertise, and we hate the people who take their filthy lucre, and we get really pissed off when we clean a bunch of adware crap from some idiot's computer when we told them not to install that shit. Microsoft can hardly be blamed for this.

Worms, however, do not exploit luser stupidity - they attack flaws in Windows itself or in the software thereon, flaws left there by Microsoft. Sometimes these flaws have already been patched, but we've all heard the horror stories about Microsoft's updates changing EULAs, or breaking critical services... The misery of worms can much more readily be laid at Microsoft's door.

Viruses are a middle-ground. They exploit Microsoft's brainfarts, but generally rely on the still greater stupidity between the keyboard and the chair to get their start :-)

Linspire is virus free

[Orion+Blastar]

I had two of my XP systems down because of all the virus infections going around. Four different virus scanners detected nothing, but people claimed I might be infected. So while I reformatted two XP systems just to make sure, I had Lindows/Linspire running for my email, web server, etc. I even created some documents in OpenOffice.org and sent them to people using MSOffice and they opened them with no problems.

Linspire is like the MS version of Linux, easy to install and configure. Linspire also wants you to use the CNR interface to install and buy software from.

Apt-get is disabled and so is rpm.

Edit /etc/apt/sources.lst to take out the comments on the sources and then run:

apt-get install man
apt-get install rpm
apt-get install gcc

Then create /etc/lib/rpm/ and run

rpm --initdb
rpm --rebuilddb

You now can use apt-get and rpm to install software. Just be careful what you install, some KDE libraries will wreck the Linspire KDE modified libraries.

Bummer that the install CD for Linspire only formats and does not reinstall the OS when a problem happens. So back up all your data before a reinstall of Linspire should you hose up the KDE libraries or something.

Lindows/Linspire does not run Windows code, unless you use WINE or buy Win4Lin. Otherwise Linspire is virus free.

Linspire does use the same file types that Windows uses, without using Windows code. Office documents, media files, etc. Except for Outlook and Access data files, and maybe without MSPublisher files. Linspire is marketed as a replacement for Windows that is an alternative to running Windows. It is for newbies, not experts who need a CLI shell and can build packages from tarballs. Yet the tools to do more advanced stuff are available as I outlined above.

Re:So then why isn't spyware blamed on Windows too

Worms, however, do not exploit luser stupidity - they attack flaws in Windows itself or in the software thereon, flaws left there by Microsoft. Sometimes these flaws have already been patched, but we've all heard the horror stories about Microsoft's updates changing EULAs, or breaking critical services... The misery of worms can much more readily be laid at Microsoft's door.

No software is flawless...including Lindows and Linux. Why the desire to single out Microsoft?

Re:So then why isn't spyware blamed on Windows too

[goldspider]

On the contrary, spyware, worms, and viruses all require some sort of human interaction (or lack thereof) to manifest themselves on a PC or network.

Spyware - user installs the application.
Worm - user not keeping up to date with AV definitions and/or Microsoft OS updates.
Virus - see Worm, user opens unknown attachment.

And do the same flaws that allow viruses and worms to manifest themselves not also allow spyware to be installed without the user's consent?

I think there's more in common between worms, viruses, and spyware than people here realize or acknowledge. While Microsoft and dumb users bear some of the blame for allowing these things to get on PC's, the one most responsible for it is whoever wrote the code.

In holland?

[pragma_x]

"Lindows" is okay in Holland, check. ... so what *isn't* allowed in Holland again?

Texas

[pommiekiwifruit]

Yes, briefly. i.e. after the immigrants from the USA colonised it, then rebelled against the spanish rulers, but before they rejoined their original country.

What isn't allowed in The Netherlands?

Come by and find out while you still can before we all have to stick our [insert favorite bodypart here] in the dike. (http://www.thedayaftertomorrow.com) Prepare yourself by making a checklist first. A small giveaway: anonymous posting or being a coward is a crime here.

-Joe Nederlander

Users are the biggest security hole

[CustomDesigned]

Dear accounting,

I have pictures of your daughter! Install the enclosed RPM to view them. Enter the admin password when prompted.

Re:Users are the biggest security hole

[plugger]

Sorry, I'm an accountant. I don't know the admin password, our systems guy is a real sourpuss and won't tell us what it is :(

I forwarded your mail to our systems guy for him to install, but he refused. He said something about informing your ISP , but I don't know what that means.

Re:Users are the biggest security hole

[CustomDesigned]

I don't know the admin password, our systems guy is a real sourpuss and won't tell us what it is :(

If you have a systems guy, you are probably not running Lindows. The point is, for the Lindows market - where the user and and admin are the same - user security won't help. A typical home user or Mom and Pop business user simply has no idea of when it is appropriate to supply the admin password.

The only solution to security for the Mom and Pop user (other than basic common sense learned in the school of hard knocks) is something like Paladium, where a 3rd party company fills the role of the "systems guy".

If only there were a way to guarantee a choice of who provides the security service (and control which programs you are allowed to install), the Trusted Computing Architecture could be a boon, rather than a strategic tool for World Domination by M$. Switching security providers for a TCA machine should be as easy as switching name servers for an internet domain. (Although a reinstall might be required.)

Re:Users are the biggest security hole

[plugger]

I guess you're right about the Mom and Pop scenario. Still, anything that requires some user interaction has to be a help.

Re:Linux is magically more secure

[the+chao+goes+mu]

Frequent updating is a two-edged sword. The spee dof updates means holes are patched faster, but it also gives an increased probability of introducing a new hole. Faster patches mean less review before a patch is released.

Re:Linux is magically more secure

[Tony-A]

There are many holes in Linux apps and distros, many of which can grant root from user, and the list keeps growing on their side of the house as well, just not as fast. Should it become a bigger target, well then we'll see more vulnerabilities sought. Simple economics here (look up opportunity costs). I am 0S agnostic, do security consulting among other things, and frankly, no OS is absolutely pure, perfectly armored, nor any application suite. [Emphasis added]

Microsoft Windows has problems.
Linux isn't perfect.
Conclusion?

Fact: Other things being equal, Linux is a better target. More and better tools.

Fact: Regardless of anyone's idea of what should be the results of Microsoft's security initiatives, the reality is that Microsoft software is suffering disproportionately from the effects of malware. Even with Microsoft's initiatives, there has been a steady increasing stream ever since Melissa. I'm sure the trend will change, but I haven't seen any sign of it yet. The malware is getting more and more clever, but with no sign yet of running out of room. The worst is ahead of us, not behind us.

Fact: Microsoft has had a patch for most all the vulnerabilities exploited. This means that the reality is that the user-friendly Microsoft Windows is somehow much harder to keep adequately patched than Linux or BSD. This is the same user-friendly Microsoft Windows that according to Microsoft's TCO studies requires less experienced administrators.

Fact: There are successful attacks on Linux/BSD, but they seems to be much rarer and never seem to accomplish much of anything. Now it might be that Linux/BSD administrators are uniformly much more competent than Microsoft Windows administrators, but too often they are the same people doing both. I suspect that in many cases a semi-skilled Microsoft Windows administrator is also a very green Linux newbie, myself included. There are no silver bullets, but seems like somehow Linux is effective much more secure.

Re:Linux is magically more secure

[the+chao+goes+mu]

I am no fan of windows (far from it) but I have to take issue with one point:

Windows is no harder to patch than, say, Solaris (Have you ever tried to apply the endless Solaris 8 security patches?) Windows is not properly patched because, with such a huge market share, the number of non-professional users is much, much higher. BSD/Linux has a higher percentage of computer-literate users, and so has a higher percentage of patched machines.

This really says nothing about the OSes themselves.

Re:Linux is magically more secure

[the+chao+goes+mu]

s/BSD\/Linux has/BSD\/Linux have/

My mistake. Typing too fast.

Great Britain doesn't include Northern Ireland

[blorg]

What is the difference between UK and Great Britain?

Great Britain is the island containing England, Scotland and Wales. The UK ("United Kingdom of Great Britain and Northern Ireland") is the state that also includes Northern Ireland.

It used to be simply "United Kingdom of Great Britain and Ireland" between 1801 and 1922 (Irish independence.)

Re:Great Britain doesn't include Northern Ireland

Thank you kindly.

*all* the blame is ludecrous

[nurb432]

If I remember right, the first real worm released on the internet was a UNIX worm...

Hard to blame Microsoft for that one.

I agree they are negligent in their security practices, but to blame them for all viruses is silly and only makes the Lindows team look like name calling children.

The *blame* goes to the people that are exploiting the issues..

Windows a generic term before that

[blorg]

Wasnt there something called "XWindows" or "Windows X" on Unix years before M$ coined their Windows?

According to Wikipedia, The X Window System originated at MIT in 1984, while Microsoft Windows 1.0 was released in 1985.

Not that it makes much of a difference as "Window" was a generic term for a particular GUI widget long before either of these. (See for example the Xerox Star.)

Re:just more food for slashdot trolls

[The+MESMERIC]

But we are superior
Well I am .. (on sunny days only)

Re:Big fish in a small pond

Ahh, I see the "criticize Linux" ==> moderate low rule is still in effect. I'm glad you people can vote in the general elections. It enheartens me. And I wonder how it is redundant given I hadn't seen any comment like this by the time I had posted.

Re:Linux is magically more secure

[Tony-A]

Solaris? Sorry, outa my league.
I'm only marginally competent with Linux, learning by doing, on the cheap.

Windows is easier to patch if you just want to go through the motions and do not care about the results. But in that case, why bother patching? What do youdo if a patch ges wrong?

BSD/Linux probably has the higher percentage of computer-literate users. This is due to the OS. Take two equivalent groups, one on Linux, one on Windows. With no difference in external factors, the Linux users will become more competent and the Windows users will become less competent.

Re:Big fish in a small pond

[I+confirm+I'm+not+a]

So does Windows. As a matter of fact Linux and Windows conceptually share a common security model.

But as always, the devil's in the details: most Windows systems I encounter, even today, are set up with full Admin privileges for the default user. Usability is the Windows watchword, usability at the expense of security. Until XP there was no firewall as part of the default install, and even now XP's firewall is - well - basic. I acknowledge it's possible to harden Windows; it's just that it's well beyond the capabilities of the average Windows user (myself included).

Then you haven't been looking very hard. Windows provides two methods:
1. "RunAs"
2. Switch user
"RunAs" has been available since Windows 2000. Switch user since Windows XP.

I'd forgotten about "RunAs" - my enduring memory of it was using it to get a Microsoft game (!) to run, as it wouldn't run without Admin privileges. No offense, but it's hardly "su", and coupled with an abject lack of security awareness amongst most Microsoft developers it's major role is to get round, not enhance, security. (I can't comment on SwitchUser: no direct experience)

It appears that your knowledge of Windows is woefully inadequete for a discussion about Windows security.

No argument there: I used to keep on top of Windows security, until it became too time consuming. Now I keep on top of Linux security instead.

Re:So then why isn't spyware blamed on Windows too

On the contrary, spyware, worms, and viruses all require some sort of human interaction (or lack thereof) to manifest themselves on a PC or network. Spyware - user installs the application.

Here, you're actually right. Of course, the original message was asking why we blame Microsoft for other failings when we don't blame them for spyware...

Worm - user not keeping up to date with AV definitions and/or Microsoft OS updates.

Now you're only sort of right. Yes, some (perhaps most) worm infections do get in because of user failures. Are you seriously claiming that Microsoft has no more zero-day exploits than everybody else?

Virus - see Worm, user opens unknown attachment.

Now you're just plain wrong. Four words: Outlook Express preview display.

Re:Big fish in a small pond

How this post is 0 rather than +4 is beyond me. It's clearly more insightful than the post above it.

In any case, not only does Windows have a competent security model, you could easily argue that it has a much better security model than Linux and Unix in general. First, you can specify far more granularity of permissions with ACLs and ACEs than with the r/w/x on uid/gid/world model. Second, Windows has all sorts of interesting permissions like Delegation, Debugging, Impersonation, etc. that have no equivalent in the Unix world. Third, the whole concept of uid/gid is extremely problematic when trying to merge domains; at least SIDs are almost guaranteed to be unique (even if they are large). And last, the auditing aspects of Windows security are infinitely better than anything in the Unix world.

The only thing Unix security does better is that it is much better at having usable accounts without being root. Admittedly, this is a big difference, but I can't even fathom how the orginal (+5!) post can imply Windows security model isn't 'competent'.

And to add to what you said, there is also a command line 'runas' tool, just as you would have in the Unix world.

Re:Big fish in a small pond

[I+confirm+I'm+not+a]

And I wonder how it is redundant given I hadn't seen any comment like this by the time I had posted.

True, but comments like these come up every time there's a discussion on the relative security of Windows and Linux, so they certainly feel redundant. Linux has had worms and viruses, Linux users can be socially engineered. But a virus I catch can only damage my data; my friends and relatives with Windows routinely need helped after a virus they catch damages the entire system's data. As regards trojans, the "many eyes make bugs shallow" principle becomes "many eyes make exploits and trojans shallow". There's nowt I can do about social engineering - it potentially affects everyone (to varying degrees).

Ahh, I see the "criticize Linux" ==> moderate low rule is still in effect.

Sorry, mate, I think you wanted somewhere else.

Re:So then why isn't spyware blamed on Windows too

Now you're just plain wrong. Four words: Outlook Express preview display.

Which hasn't been a problem for how long now? Two? Three years?

Re:Big fish in a small pond

But as always, the devil's in the details: most Windows systems I encounter, even today, are set up with full Admin privileges for the default user.

Which has nothing to do with its security model. You said that "Because Linux has a competent security model." implying that Windows does not. Windows has a competent security model. It's just overridden due to the default of most users running as an administrator.

Usability is the Windows watchword, usability at the expense of security.

Users want ease of use. Microsoft gave it to them. Microsoft is even stating this.

Until XP there was no firewall as part of the default install

Windows XP is the current version of Windows. And it has been for quite sometime now. I think it's foolish to fault an OS based on previous versions. Otherwise I could have a heyday with Linux.

"No offense, but it's hardly "su",

While it does have some limitations it's sufficient for most tasks that require administrative priviledges. If you're not happy with its limitations you can always use "Switch User".

and coupled with an abject lack of security awareness amongst most Microsoft developers it's major role is to get round

When you refer to "Microsoft developers" are you referring to Microsoft's own developers or those who develop for the Microsoft platform? If you're referring to the former I would have to say that Microsofts developers haven't been shown to be any worse than other developers. If you're referring to the latter then I would agree that too many developers continue to write software as if Windows is still a single user system.

I used to keep on top of Windows security, until it became too time consuming.

What's time consuming about it?

So why are they selling ...

[CgiJobs]

Antivirus Software?

Re:Linux is magically more secure

[Decker-Mage]

Woah! Circular argument alert! If you have a self-selected population (Linux/BSD users) that have to be more computer literate to even operate/install the operating system, then they are far more likely to establish and continue to maintain a secure computing environment. That does not however address the fundamental issue here. The idea behind Linspire (Lindows) is to put Linux into the hands of the self-same group of people who cannot or will not put in the time to maintain (administer) a Windows environment in a secure manner. Is Linux going to be some sort of panacea here and wave a magick wand over their heads to make them behave in a secure manner? I think not. Does it have that potential? No. Patch management is a simple fact of life in any operating system or application environment. Only user education, just as with handling mail and attachments, browsing habits, virus updates, and all the grungy aspects of sysadmin tasks is going to fix the problem.

As for patches going wrong? That is what testing is about, yet another aspect of sysadmin. Sorry, computers are inherently complex machines and proper operation requires knowledge and skill. All patches here are tested against virtual machines (Linux and Windows). At least I do get the chance to identify a problem with a bad patch. Your average Joe/Jane Blow isn't going to have that capability and I don't care which OS you are talking about.

As for your last statement, I can only shake my head here. That would imply that Windows performs automagical frontal lobatomies on users. I've met a lot of stupid users in both camps but then again, the same can be said of any endeavor.

Re:Linux is magically more secure

[Tony-A]

That would imply that Windows performs automagical frontal lobatomies on users.

How else would you explain the Microsoft Office ad which has its users falling all over each other?

Re:Linux is magically more secure

[Decker-Mage]

Tony, I wouldn't know since I haven't seen the ad. Then again, I don't watch TV at all except for the occasional burst of news (about 2 minutes of headlines) since I find it, American TV at least, entirely useless ;-).

Then again, it does seem appropriate. The first thing I have to kill when I bother to install MS Office is the stupid wizards and assistants.

"I'd rather have a bottle in front of me rather than a frontal lobatomy."

Re:Linux is magically more secure

[Tony-A]

Then again, it does seem appropriate. The first thing I have to kill when I bother to install MS Office is the stupid wizards and assistants.
Now imagine yourself considering those same wizards and assistants as smart. And yourself as smart for using them. Look at what the system wants you to believe.

"I'd rather have a bottle in front of me rather than a frontal lobotomy."
Right!

Anthromorphizing things. Water wants to run downhill. Without understanding the effects of gravity, how else would you put it?

How well things work out depends on the intrinsics, but possibly more importantly on the differences between expectations and reality. If something is good, but not quite as good as expected, you get blindsided and things do not work out as expected. Unix is immune to worms and viruses? The Unix Honor virus is an immediate counter-example. All you've got to do is make it credible.

Re:Big fish in a small pond

> Linux users can be socially engineered

"If you give me the password to your company's computers, I'll let you stare at me without calling the police." Sheesh.

Re:Big fish in a small pond

> What do you mean, 'if'? Linux does have the
> attention of hackers worldwide. How else do
> you think it ever got written?

I don't mean the little, puny world you are thinking of. I mean the vicious, industrial strength hacking, the likes of which the Linux community cannot imagine.

Re:Big fish in a small pond

Windows has problem X.

Linux, like any other OS, most likely doesn't have problem X, but does have problem Y.

Therefore Linux is better because it doesn't have problem X.

Consider the massive data storage, retrieval, and search implemented and researched by Google, light years beyond what some professor in some university somewhere thought was the "state of the art". Linux is that professor, in their small world, not touched by thousands of hackers who think themself on a holy cruscade against Antichrist-Linux.

No, my ignorant friends. Linux would go through a year and a half of hell, and be mocked at it's lack of security and stupid designs, were it to be attacked in such a way.

Of course, Linux will never get there because the programmers still just don't "get it". You still talk in terms of downloading tars and building it, for god's sake. My dad, like millions who actually use computers, just wants to know why the fu** he can't just plug in a printer and use it. Why? Asshole-level idiotic design by hardware AND software engineers who don't no squat about products. Microsoft has done a ton by at least including basically every known driver for every device on thier install CDs (at the time of publishing.)