Slashdot Mirror

← Back to Stories (view on slashdot.org)

Automatix 'Actively Dangerous' to Ubuntu

Posted by Zonk on from the don't-tread-on-me dept.

exeme writes "Ubuntu developer Matthew Garrett has recently analyzed famed Ubuntu illegal software installer Automatix, and found it to be actively dangerous to Ubuntu desktop systems. In a detailed report which only took Garrett a couple of hours he found many serious, show-stopper bugs and concluded that Ubuntu could not officially support Automatix in its current state. Garrett also goes on to say that simple Debian packages could provide all of the functionality of Automatix without any of the problems it exhibits."

6 of 284 comments (clear)

  1. I think it screws up when upgrading. by rolfwind · · Score: 4, Interesting

    Automatix is a really nice idea.

    But I noticed that all the Ubuntu distros, which it is installed upon, get a range of problems with upgrading to the next release of Ubuntu.

    Automatix is not as necessary as it once one, codecs are done by Ubuntu itself in the meantime - Automatix was good two years back when it was a PITA to get DVDs and mp3s to play without editing files and going crazy on the command line.

    It still is nice to use to install some programs like virtualbox, but the problems it causes are not worth it.

    1. Re:I think it screws up when upgrading. by Anonymous Coward · · Score: 5, Interesting

      solaris. Sending an audio file to /dev/audiof will play it. They use a plugin architecture to play the files, but wav, aiff, au, and mp3 support are standard.

  2. Re:Illegal? by morgan_greywolf · · Score: 5, Interesting

    Neither, in some countries it can be used to obtain illegal software...Automatix in itself is no more illegal than Firefox or Internet Explorer Exactly. I can download the same packages that it does with any Web browser or wget. The summary is inaccurate when it says that the package is 'illegal'. If the package is illegal, then so is Firefox and wget, both of which can be used to download packages that may be in violation of the DMCA or of patent laws or of the GPL (as in the case of nVidia or ATI drivers).

    As TFA points out, it also gives dubious legal advice. Downloading MP3 codecs or Win32 codecs is far from a crime in the United States. For example, for the Microsoft-created codecs like WMA or WMV, Microsoft only requests that you have a Windows license in order to download them, but does nothing to prevent you from downloading them (WGA checks are not required, for instance.) It could be argued that as long as one has a valid Windows license, using them on Linux is not illegal. As for MP3 or other patent-encumbered codecs, it is a violation of patent law to distribute such codecs. Whether it is a violation of patent law to use or download these codecs without paying a license is a legal gray area.

    OTOH, downloading libdvdcss may, in fact, be a violation of the DMCA.

    Note that I'm not a lawyer, and if you're looking for legal advice, go pay one.

    --
    My blog
  3. Re:Illegal? by cheater512 · · Score: 3, Interesting

    What if libdvdcss was made before the DMCA? Wouldnt that make it legal?

  4. Re:Illegal? by jZnat · · Score: 4, Interesting

    Besides the fact that it wasn't, I believe the problem is distributing the software today as the action that violates the DMCA. As confusing as it is, it is not illegal to use libdvdcss, DeCSS, or anything like that, but it is illegal to distribute it (as far as the DMCA says; it could be legal to distribute it as protected free speech, but I don't know if anyone has tried to use that defence since the MPAA backed off in the DVDJon case).

    --
    'Yes, firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.'
  5. Re:Illegal? by Warbothong · · Score: 3, Interesting
    "illegal software installer" can be interpreted two ways. Either as a software installer which is illegal (which Automatix is not), or as an installer for illegal software (which, in areas like the US, it certainly is (DeCSS, LAME, etc.), and in other areas it probably is too (for instance the Adobe Acrobat issue mentioned in the report)).

    It is a shame that those with the ability to make correct, safe software installers and those with the inclination to make souht-after-but-problematic-software installers are two seperate camps.

    Personally I do not like Automatix anyway, from experience trying to help those in IRC for whom these problems have surfaced, but for the most part its functionality seems to be that of an extremely limited package installer, ie. a vast amount of the stuff it installs (Java, Flash, MP3/etc. codecs, media player browser plugins, etc.) can be found in Synaptic or the Add/Remove tool along with thousands of other packages, Automatix just limits the selection to the most popular ones, along with some third-party unpackaged software (the installation and removal of which seems to be the main cause of its problems). I can't help feeling, however, that if people actually want to install a Java VM or multimedia codecs then looking for them in Applications>Add/Remove is very straightforward, whereas Automatix gives such a small selection that users of it would end up installing stuff they might not need or want simply because it is there for free so they might as well. If they spent their time in the Add/Remove tool doing this then they might end up finding better quality, better integrated, better supported software for a much broader range of things, but of course that might end up *shock horror* introducing people to new software which doesn't pay whatever company dominates that particular field.