New Linux Distros Insecure by Default?

An anonymous reader submits Two articles on Codefez and NewsForge review releases of Linspire 5.0 and Linare. Both these distributions let the user run as Root by default after installation, and don't prompt to set up a user ID. Is this a start of a new trend of 'dumbed down' Linux distributions that will damage the Linux reputation for security?"

Somewhat old news

[stoborrobots]

Linspire (formerly Lindows) made that decision a long time ago, and it has been brought up on Slashdot many-a-time...

A quick search reveals this article from 2003 in which the founder of Lindows states his case for the matter...

And this review from 2002 (linked to by /.) also noted this problem...

Re:Ubuntu got it right...

[adric]

After some consultation on IRC, I learned that Ubuntu has no root account by default

Not quite. Ubuntu doesn't set a root password by default, which leaves the account locked (to interactive logins), but it's still very much present. The traditional behaviour can be restored simply by running the passwd command via sudo.

Re:No

[aonaran]

That is what I liked most about Ubuntu.

It ships with the root account DISABLED!
It threw me off at first, but the documentation clearly explains how to use sudo and why they decided it is better to set up the first user as a sudoer rather than set up an active root account and a dumbed down user account for day to day stuff.