Slashdot Mirror
Ubuntu Claims 12 Million Users — Before Lucid
darthcamaro writes "It's always a challenge to try and figure out how many users a particular Linux distro has — but Canonical is now providing a new figure for Ubuntu that is 50 percent more than what they were claiming just 18 months ago. 'We have no phone home or registration process, so it's always a guesstimate. But based on the same methodology that we came up with for the 2008 number, our present belief is that it's somewhere north of 12 million users at the moment,' Chris Kenyon, vice president for OEM at Canonical, told InternetNews.com. Just in case you were wondering, Fedora still claims more — actually almost double, at 24 million."
I always thought they used their NTP-servers to count installations...
... a few times to at least get some data to work with? If you're doing something like canonical is doing you think they'd want metrics.
Hardly. Maybe it won't take over the desktop, mainly because there aren't commercial applications aimed at off the shelf users available, but it's taking over the embedded space and doing rather well in mobile computing. We already know it's firmly established in the server and super-computing field. The only decline is on the PS3 ;-)
I'm not getting my hopes up until Netcraft confirms it.
I bet it's that guy next door with 12 million computers!
Smivs on the intertubes!
I've just downloaded and looked at the 10.04 beta, which I found pretty impressive. So the number is now 12 million and one...
Oh, the Lubuntu Desktop just looks fine for me.
I have many problems with these numbers, how many of those are dual boot systems with Windows? I have three machines like that. I'm not sure of any reliable way to differentiate dedicated stand alone desktops. Ubuntu is the kind of thing I muck around with alot, people such as myself drag up the stats if they are trying to work it out from downloads, respository use stats.
On the upside the total number of machines that have at least one linux distro on them must be rather higher than typical market share stats suggest.
After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.
I run Slackware but I masquerade my OS string as Ubuntu ;-))
I like to masquerade all ID strings, masquerading apache as IIS, sendmail as JavaMail etc. etc.
Everything I write is lies, read between the lines.
So why are we even discussing it?
---- Booth was a patriot ----
I suspect someone's guesstimate may be off as just about every "most popular distro" statistic I've seen has consistently put Ubuntu ahead of Fedora pretty much since Ubuntu first arrived on the scene, except for brief periods immediately after new Fedora releases. Reconciling a 2:1 advantage for Fedora with that is kind of hard, but not impossible; lots of big corporates and SMEs use Red Hat, so Fedora would be a logical choice for their techies' personal use or installs where paying the Red Hat license fee isn't an option for whatever reason, and chances are they'd only download each release once. I'd guess that I used to run at a 6:1 install:download ratio when I was doing this with Fedora, and the German office did something simmilar with Novell/SuSE, so maybe both numbers are actually in the ballpark.
;)
Either way, these are not too shabby figures for Linux market penetration. I wonder how many of those installs are on the Desktop though?
UNIX? They're not even circumcised! Savages!
Number of computer users worldwide = 1.2 billion (taken from various estimates)
Linux market share = 1.12% (composite of various sources)
Ubuntu market share = 50% of Linux (source = same Wikipedia article)
This gives us 1.2 billion * 0.0112 * 0.5 = 7 million Ubuntu users worldwide.
There is no way for these people to seriously know what the user base is. I have three current Ubuntu VMs not to mention countless others that I've deleted and the number of times I've downloaded it. The last time I downloaded it I did it strictly as a test of my download speeds from several high capacity download servers that I knew I could get to easily.
With all of this in mind, total number of converted users for all the static I have created? Zero.
I bet it's that guy next door with 12 million computers!
It's a lot easier to have 12 million than it used to be.
Analyzing server logs could determine unique IPs that request data from security.ubuntu.com and if you harvest that data you know how many different Ubuntu systems are live within a period of time.
Update Manager seems to retrieve a list of update servers at least once and that data is a good indicator of the number of installations, that's a good starting number then add some statistics on corporate usage where updates have been centralized, support contracts and you are starting to get a figure.
Downloads are probably too decentralized to get an accurate number, it would be like counting Windoze shipped sitting on store shelves, meh I guess they count those anyway.
I don't use Ubuntu, but i have ~5 Debian boxen, and 3 or 4 OpenBSD boxes... but I'm only one user. so... Yeah, not entirely sure what I'm getting at.
Sent from my PDP-11
Well, you better tell linuxcounter.org then! They estimate a total of 29 million Linux users world-wide. If just two distros- Unbuntu and Fedora claim 12 + 24 million, that is already 36 million, and you haven't even started counting Mandriva, SuSE, Debian, Mint, RedHat, or the dozens of smaller distros! If you believe all that, then MY estimate (more like guesstimate) would be close to 60-100 million Linux users.
If you set a password for root, then you can su to all your hearts content.
Every heard of sudo -i ?
The world's burning. Moped Jesus spotted on I50. Details at 11.
12 million? Bad. That is peanuts compared to the number of people who use my OS! I estimate that 50 millions machines run BestDamnLinuxDistroEver version 2.3!
--
Sounds like you don't like the "rough and tumble".
Sure, I have clients in that space. They are served by Redhat Enterprise Linux. With a support contract. If they feel frisky, they may go with CentOS. What are the important new features in RHEL (according to one of those customers)? Not the window manager. Gnome is fine (it's default), but, honestly, they don't care... Kernel crash handling and SystemTap, on the other hand, are to drool over.
Ubuntu? Fedora? Those distributions are for people who like it a little rough.
I went to your website. Seems that you are a bit young to be in the belt AND suspenders set, but you never can tell...
Now you DO seem to be obsessing over the desktop. KDE, GNOME, PulseAudio, ALSA, OpenOffice, Totem, Amarok, etc. May I suggest that you just pick, and go with something workable? Otherwise, you will never have a stable desktop to work with. Or, use Mac or Windows. Just pick!
For guidance, here is what I use.
Fedora Core 8 base (hardened). XFCE GUI. Thunar file manager. FireFox 3.03. OpenOffice 3.1, Amarok 1.4, ALSA for audio, Evolution (whatever version comes with Fedora 8) for email, contacts and calendar. Multisync (whatever version comes with Fedora 8) for Blackberry sync. Smplayer (mplayer) for A/V.
And, no, its not perfect. Let me give you my laundry list:
Evolution won't call on Multisync. It is insisting that the only mobile device it likes is a Palm. Mplayer won't play the audio on .3gp videos taken on my Blackberry. Evince (PDF viewer) that I prefer blows when displaying bitmapped PDF documents.
Nothing critical, making it a very useful desktop (for me). How did I get this together? Usually, I set a deadline for a decision -- and then just make it. I don't hop between stuff. So, I code audio to ALSA. Well... not exactly. I don't care much about high quality sound, so I usually just heave out ulaw to /dev/audio. Works for me; if I need anything fancier I'll revisit, but for 90% of my needs? It's ok. For other stuff, it's the same. About the only "regret" I have is that I seem to be locked into Evolution, but, it works, and it seems stable enough.
So, it works, I'm happy enough, and I don't have to obsess over what other people use, or what could be better.
Just another "Cubible(sic) Joe" 2 17 3061
Maybe Lubuntu can get an endorsement from Astroglide
I'm sorry, but there is no way Fedora is more widely installed on PERSONAL COMPUTERS (versus institutional/industrial settings) than Ubuntu.
And attackers can attack it. You can't crack the root password if it doesn't have one and it can't login, which, to me, is the whole point of the approach. I think it is avery GOOD thing. It closes an avenue of attack and improves accountability. It is a *smart* thing and I for one hope they never move back.
I'm typing this on my laptop running Fedora Core 12. After recent Fedora builds (from about FC 6) getting successively worse, I was teetering right on the edge of giving up on Fedora and getting a Mac. All my scripts and stuff assume a Fedora environment, (EG: yum) so switching to Ubuntu wouldn't have been significantly easier than jumping to MacOS.
Fedora 12 brought me back to the fold!
Drivers drive. Network managers actually manage networks. And widgets do proper widgetting. It's back to being what a computer O/S outta be - largely invisible!
I can't comment on Ubuntu, but I can say, to the Red Hat team: nice work, guys!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
That's the real question, isn't it?
Bibo Ergo Sum.
Based on estimates, I have had meaningful relationships with many, many hot ladies.
*Estimates based on downloads.
crazy dynamite monkey
I don't know anyone who uses redhat when not forced to do so by some vendor relationship / policy at work-- don't know anyone uses their abandoned... then not abandoned desktop, fedora, at all.
I know Ubuntu, Debian, Slackware, and Gentoo users, listed in order of popularity among the folks I know. Not a single hat user, regardless of type or color.
Sounds like marketing lies by redhat... redhat is well known for less than honest behavior... guess that is what you do when you realize you are becoming / have become irrelevant.
They could be using UbuntuOne registrations to estimate numbers. Its possible only 30% of users use UbuntuOne, so they take UbuntuOne numbers and multiply to get their user total.
THIS JUST IN
From United Press International/Gamma Liason
Ubuntu, maker of a popular version of Linus Torvalt's Linux computer application that runs on a Windows type PC, continues its drive toward an apparent IPO, expected in Q2-2011. Ubuntu spokeshumans did not return our calls. Apple Computer Corporation CEO Steve Jobs, when asked about the likelihood of an Ubuntu IPO stated 'not until it's magical. Until then fuck them.' Mr. Jobs was not explicit about what he meant by 'magical' although this reporter understood the 'fuck them' part sufficiently to interpret it as a coded message implying some degree of both psychic understanding and worry. Sun CEO Larry Ellison was unavailable for comment, or perhaps distracted.
12 Million plus or minus 12 Million
Ubuntu: Debian unstable + Shuttleworth's "pick of the day" apps and themes
My god, Ubuntu has become Windows! ;)
It is pitch black. You are likely to be eaten by a grue.
Sure, if your attackers will never try to crack any of your users' passwords...
Palm trees and 8
Until they jacked up some updates. I left RedHat Open Source product after using RedHat since 4.2. Ran into dependency hell with Fedora Core. I went Gentoo for a while (love the speed) but got lazy and tried Ubuntu. It has been my primary desktop and netbook distro ever since. (8.04) Solid as a rock. I even do the distro upgrades after being paranoid and backing everything up, but the upgrades have been flawless.
Still use RedHat Enterprise products with no major issues except the occasional hardware support thing.
Ubuntu just works. If there is a problem the forums have the answer. YMMV
Self Defense - A Human Right www.a-human-right.com
sudo su works
Make America grate again!
Or also sudo -s ('s' for shell). Lots of ways to not have to enter a shell's actual name. I liked Ubuntu's use of sudo so much, I setup my FreeBSD systems the same way.
mod parent up
Nope, I use all of that, well, not xfce, but I use or have used most of that. What I say in my blog is simply that the community nowadays seems to be all about competition, whereas I think that we should promote the standardization of these competitors. When I mention Firefox, OpenOffice and all the others, I am criticizing those who constantly bash these applications just because they are, in /their/ words, "Incomplete", "Bloated", "not match for proprietary-counterpart-X". This is what I believe must be done. We need to pick one piece of Software and standardize it. Note that I am not saying that we should drop the others -- Not at all! But if, and only if, we want to attract users, we first have to create something that they can universally recognize and interact with. Something that isn't buggy. Something that has been extensively tested on various distros. If we attract users with this standardization (keeping the other options out there, of course), we can then start the reverse process, by slowly going back to the less-standardized world because, at that point, these users will have learned how to actually use Linux/Unix and will be able to cope with the change. By doing so, we will firstly partially give up our chance to have multi options (be it whatever option, I didn't take many sides in my article), but after that, we'll get it back with even more users that can help the community stop criticizing the others.
;)
I may not have made that clear, though. Do you speak Portuguese? Or did you simply think that that article was: "KDE is good; gnome is bad", "Pulseaudio sucks", "OSS is superior"? If you did, sorry, that was not my point -- it was the exact opposite.
As a side note, I am running Ubuntu 9.10 with OpenBox, fbpanel, PCManFM (and Nautilus), as well as nm-applet and my own little widgets and 'services' that make this a good experience. However, I had been using Gnome until I decided to switch.
Have you heard about SoylentNews?
Okay, in retrospect I really should have gone with a car metaphor rather than mentioning a microsoft product or a console of any type. Left myself open to at least three populations of fanboys there.
The graphics and lack of exclusive devlopers... you really went that extra mile to make that the most ridiculous console post I've read on slashdot. I did mention I had a wii, right? Exclusive developers? If I were a shareholder of MS, that might upset me
I bet you just can't wait for Microsoft to crap out another one of those retarded Halo games with that leaping shiny green Power Ranger.
Wait, the next Halo will star the Green Power Ranger... and you WOULDN'T want that?!?
I'm prepared to say that you are some type of zombie if a combination of alien slaughter and power rangers doesn't interest you.
Release an upgrade that crashes the machine. Then count the few dozen people who complain. Multiply by ten. Just as valid as the 12,000,000 number.
This report is updated monthly and displays linux distro market share stats. However, it mostly reports on desktop usage - not server usage.
It's a lot easier to have 12 million than it used to be.
Jesus, dude, get a life.
I've used several versions of Amiga OS, BBC Micro OS, several versions of Mac OS, OSX, DOS, every version of Windows apart from 2/Me/Server 2008, and a few different Linux distros over the years. I'm quite comfortable using any of them effectively, but I think Ubuntu is better than any of them at providing a usable system right off the bat. I don't see anything particularly childish about it being a well designed and polished distribution. Ubuntu works great for a lot of experienced computer users who appreciate an OS that just works and lets them get on with the more important things. It also works well for the noobs, because they appreciate exactly the same thing.
which is totally what she said
Jesus had a life, then it was taken from him. Then he took it bad. Don't you know why we just had a long weekend?!
Considering where they pulled *that* statistic from...
Science advances one funeral at a time- Max Planck
I set the root password when I first installed Ubuntu. I recently installed on a new laptop and decided to go the sudo route. It was surprisingly easy to get used to and it forced me to think about permissions and groups more. I might update the root password at some point, but I applaud Ubuntu's decision to leave it unset by default.
Why would any experience computer user want to use a GUI-fied toy distro?
I once caught a fish THIS big.
Only if it knows the user names.
Just sayin'.
Help! I'm a slashdot refugee.
Sure, if your attackers will never try to crack any of your users' passwords...
A username could be anything, but root is always root. Disabling the root password means a cracker needs to take the additional step of identifying a valid user account to target. Not a particularly large step, perhaps, but a step nonetheless.
This comment is for entertainment purposes only. Any similarity to real insight or information is purely coincidental.
A username could be anything, but root is always root.
Pfff. I changed "root" to "admin". No one would ever expect that on my Linux box. Security through obscurity, baby.
Life is short; think quickly.
Let's see...
Right click and hit "properties".
Then click on the "permissions" tab.
There is a checkbox for "Execute" near the bottom.
You are dabbling with some "niche physics package" yet you can't manage to explore an alien GUI?
That sounds rather sad really.
A Pirate and a Puritan look the same on a balance sheet.
I don't believe that Fedora anywhere claims to have 24 million users. Rather, they publish that a total of around 21 million IPs have connected to their repositories since Fedora 6. None of their published statistics support the belief that there are anywhere near that number of users, currently.
The difference between Fedora and Ubuntu, though, is that Fedora is completely transparent about their user estimates:
http://fedoraproject.org/wiki/Statistics
Ubuntu's numbers come from God-only-knows where.
Thats right, I just switched
Okay, first off, if you want to go full CLI, you can always install Ubuntu Server, which does not come with a GUI by default. It does come with Byobu, though, which just kicks ass; it isn't enabled by default, though. Second, the other options for desktop use are also "GUI-fied toy distros" - OpenSUSE, for example, is known for its excellent KDE support (definitely not a CLI), and Fedora Core comes with GNOME by default (if I remember correctly - I probably don't), just like Ubuntu.
So, why would someone use a GUI on Linux? Well, the same reason everyone else uses a GUI - for one-off tasks that you don't already know how to do, GUIs are far more intuitive than CLIs. It's a lot easier to look at an option screen with a bunch of radio buttons and check boxes that enumerate possible value combinations than it is to remember which flag combination does what, especially when working with a command that you're not particularly familiar with. Plus, GUIs can show a wealth of information on the screen simultaneously; unless you use something like Byobu or you really know what you're doing with Screen, showing the same level of information on a CLI can be a bit of a challenge. Of course, GUIs don't scale up particularly well, but, then again, CLIs don't scale down particularly well, either, so it all works out.
This would violate Kerckhoffs' principle. The enemy knows the system.
NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
Why not just set the SSH config to AllowRootLogin = no? The vast majority of your attacks will come from there anyway.
You're fucked regardless if they have physical access to the box.
That's right, because nobody ever cracked a user's password. Don't know if you've noticed, but if you type sudo su - and hit enter, you now have superuser access. What does this mean about sudo being safer? it means it's not.
Because if SELinux is still set up the way it was last time I looked, the OP could simply guess. If it still requires jumping through forty hoops just to get an ATI video card working (and I hope it doesn't) or you can never get sound working because of the confusing set of incompatible supplied applications... Or you have to set up 3 or 4 different alternative package sites just to get Avidemux installed and working. These things matter to ordinary users.
It's just the natural way of linux distributions - most of us use the first thing we find that installs and keep using it until something bad happens. If it takes 3 days to install something that plays back an mp3, that's "something bad" and most users will simply move to the next distro.
I started with Yggdrasil because it came on a CD and it "just worked", but the releases stopped coming to I switched to slackware.
Slackware was great because it "just worked" right up until they busted the installer and I couldn't get it to boot on vanilla hardware. So I went Red Hat.
Red Hat "just worked", was slick and was completely awesome but then it suddenly got very spendy. I bought a boxed Red Hat but they started to get hard to find. So I went Fedora (brief flirt with Mandrake/Mandriva *shudder*). I stopped buying linux on CD at this point.
Fedora "just worked" but two releases on SELinux was busted out of the box and installing mp3 players and video playback and even video drivers got progressively worse as time went on. So I went Ubuntu.
At this point I bought an eee pc with Xandros on it, which was hands down the worst distro on the planet. Ubuntu netbook remix "just works" so much better than the pre-installed Xandros it's hard to comprehend why Asus bothered with it.
Ubuntu "just works" (and at least the alternative media packages are pointed at inside the distro, not requiring web searching to find like Fedora) but you know they'll find a way to stuff it up, at which point I'll just move on. The only constant is that it's Linux.
Notice the pattern? Once the distro has screwed the pooch, it's done. People move on and never look back.
I'd also wonder: What percent of those linux boxes were bought with MS Windows installed, and are thus also counted a satisfied customers by Microsoft?
(And they must be satisfied, since they aren't calling Customer Support. ;-)
Actually, one of my two linux boxes is running Ubuntu, but it actially came with Ubuntu installed. The other was a castoff Windows machine from my wife ("required for work"), and is running a rather old Debian. It works fine as a gateway/router/server machine, even if it does have less than a GB of memory. Some of us benefit from MS's upgrade process that encourages customers to buy new hardware so often. But it does sorta rankle that MS and their fanboys count our machines as Windows machines.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
Since most of the installations out there will be up-dated using Ubuntu's repositories ... just count the kernel downloads for a minimum number of installations.
Here is the hit count for operating system from Wikimedia:
http://stats.wikimedia.org/wikimedia/squids/SquidReportOperatingSystems.htm
Linux has a 1.65% market share and of that share Ubuntu has 0.71%. Ubuntu has approximately 43% market share among Linux users, which by a very large margin makes it the most popular distro.
Don't know if you've noticed, but if you type sudo su - and hit enter, you now have superuser access.
Actually, no. You can escalate your privileges to the superuser only if your account is configured to allow for that. You can easily configure every account on the machine to not be escalatable and just use one account for admin tasks. Secondly, you have to type in your password so, no, you don't just "hit enter".
The soylentnews experiment has been a dismal failure.
sudo passwd root and you are good to go
Your desire for a GUI that sets file permissions by octal expression seems... odd.
Disabling the root password means a cracker needs to take the additional step of identifying a valid user account to target.
Disabling the root password means now they only need to hijack a normal local user account, not root. You're effectively running as root, with all the security implications.
FWIW having been a Windows user for years, I recently checked out Ubuntu 9.10 and was so impressed by the interface that I decided to dual-boot it alongside Windows XP. This was about 1 month ago, and I've since logged into Windows exactly twice to use a Windows-specific business program. Ubuntu picked up my wireless HP keyboard and mouse immediately, as did it find my office wireless connection. My Brother wireless printer was configured with a bit more trouble, but taking no more than 10 minutes.
It boots probably 4x as fast as Windows XP does on the same machine, no kidding.
The bottom line is that Ubuntu is the real deal; a practical operating system that I guarantee most Windows users would love. Do yourself a favor and give it a try.
Jason
how is it more GUI-fied, or toy like than any other mainstream distro?
Also, the answer to your question is: because they have nothing to prove to anyone.
Advanced users are users too!
A local user in sudoers. This has been argued to death in many forums, and I don't think either side is going to back down anytime soon. No matter what, at least we're more secure than Windows, right?
I tried Ubuntu, But I just can't.
I wanted to install my favorite niche physics package. I couldn't even figure out how to set the files to 777 through the GUI, I had to 'sudo chmod' them.
Oh and no 'su'? really? I mean 'sudo bash' isn't that hard but jeez I don't know if this is more secure, but it sure is harder to use. I think I'll install centos before going back to fedora.
you can tell ubuntu is getting pretty good when the trolls have to try this hard to criticize it.
or did I miss a whoosh somewhere?
This seemed like a reasonable sig at the time.
sudo passwd root and you are good to go
Your desire for a GUI that sets file permissions by octal expression seems... odd.
Setting the execute permission through the GUI is odd?
Best pr1ces on V1AGRA!>>Click Here>>
See who's looking for you on Facebook!>>Click Here>>
Please login to Paypal to verify your information.>>Click Here>>
Too much work. I disabled gdm, then at login I "sudo -s" and "startx". Works great, makes the system as easy to administer as Win98, and it's not Windows so it's still secure!
Congratulations, you won!>>Click Here>>
Dearest friend, my tribe in Nigeria is suffering and we are at our nearly at our end. I know I am not asking too much of you but we really need help. Can you see it in your heart to help us out.............. Sincerely Ibraham Olombo>>Click Here>>
My Portuguese sucks. Hurts the Kerbesa (sp?). Anyway, the article lamented the CHOICE. My point was to simply put a stake in it. Pick something, and go with it. It's the same as the Windows vs. Mac decision. You pick one.
Gnome, KDE, pick one. Development may or may not occur on the other -- but after your choice, it doesn't matter. As long as your choice is good for you. "Future" may matter, but (perhaps surprisingly), not that much.
Current choices ARE stable enough to be used.
Now, I never simply recommend Linux (or Windows, or Mac). Instead, I say "Choose the platform you are comfortable with. If you have a reason to use Linux, then, ok, go with it. If you have a reason to go with another platform, go for that".
If a user CHOOSES something like Linux, and COMMITS to it, they are going to use it. Reasons for the choice? Let me give you a (real) example.
Some family friends were using a computer for email, mailing lists, ballet organization, web browsing. They were using Windows 98, and were reasonably happy. After all, it came with the computer (but was probably bootlegged), and it worked.
Fast forward 4 years. Their daughter started dating a "Web Designer". He thought it wholly offensive and very uncool that they should be using Windows 98. He put Windows XP on the machine. Better, right? Wrong... It now took 40 minutes to boot up to a usable desktop.
They asked me "what should we do"? I gave then some choices (1) a new(er) computer, (2) restore Windows 98, or (3) Linux. They decided to try Linux (a newer computer was not in the budget, and Windows 98 crashed a lot).
We (the family, with my assistance) chose a distribution, and some applications. They have been happy with the choice. After all, they committed to it. When they purchased a new computer (3 years later), they specified Linux, and their application choice.
They never vacillated between Gnome or KDE, Koffice or OpenOffice.org, ARTS or ESD. Because (after they committed), I assisted them in the base (workable) selection. Indeed, one of the reasons for using a (Linux, BSD, other) system is that the user has someone around who can assist this way. It's simply part of the network effect. I think that having a good deal of choice (as a technical person) is a good thing -- but the users don't need to see it.
I don't think it's a problem. But then, I don't really care what platform someone uses. I do care that they have chosen it for (reasonably) rational reasons.
Just another "Cubible(sic) Joe" 2 17 3061
No, that isn't odd at all - in fact the GUI does that fine (right click on file > properties > permissions > check "execute").
Setting the permission to executable by selecting "777" from a GUI would be odd. This is what I thought you wanted, but reading your comment again I see it could have just been a case of ambiguous wording. My bad.
A username could be anything, but root is always root. Disabling the root password means a cracker needs to take the additional step of identifying a valid user account to target. Not a particularly large step, perhaps, but a step nonetheless.
A quick look at /etc/passwd and /etc/group would reveal which users had sudo access, so I don't see how disabling root does anything.
Why not just set the SSH config to AllowRootLogin = no?
Or, if you need root ssh for things like backup, allow just key authentication, preferably for all users but at least for root:
Match user=root
PasswordAuthentication=no
Also, ssh access for root (at least) should be restricted to known IPs:
Match Address=192.168.0.1/24
PermitRootLogin=yes
If the only places where root password can be used are physical console and su, it is no longer much of a security risk as compared to unlimited sudo in a single-user machine.
That said, leaving root password unset by default may still be a sensible choice. I would be happier with sudo, however, if it could be configured to use a smartcard or similar instead of just re-entering same password (indeed in some cases I've used "ssh root@localhost" with sshd configured to accept only smartcard authentication instead of sudo). But most people don't have smartcards, all alternatives are compromises.
From what I recall at an Ubuntu meeting a year ago they thought the number was already around 16 million then. Either they weren't very sure of the number then or they are grossly under-reporting what they think the number is now for some other reason. If it really was 16 million back then it would be around 24 million now at the same growth rate they are estimating which would put it on par with Fedora. According to distrowatch Ubuntu has been number 1 since it was released in Oct 2004 and for the majority of that time by not a small margin. So if Fedora really has 24 million users Ubuntu might have on the order of 36 million. It all depends on what you use to try to base the number on since there is no way to get an accurate count.
I think the numbers are a lot more smaller. For example, if they are oriented by the downloads they have from the site than this is a big mistake. I use Ubuntu very rarely. I downloaded it a lot of times but I don't use it.
Pfff. I changed "root" to "admin". No one would ever expect that on my Linux box. Security through obscurity, baby.
I changed it to Administator!
Nobody will ever guess that!
I tried Ubuntu, But I just can't.
I wanted to install my favorite niche physics package. I couldn't even figure out how to set the files to 777 through the GUI, I had to 'sudo chmod' them.
Oh and no 'su'? really? I mean 'sudo bash' isn't that hard but jeez I don't know if this is more secure, but it sure is harder to use. I think I'll install centos before going back to fedora.
You can still "sudo su -" if you really want it.
'For we walk by faith, not by sight.' II Corinthians 5:7
Ubuntu always uses the same UID for the first main user account. So instead of trying to get the password for UID=0, you're trying to get the password for UID=1000.
Just do
sudo su
and you're there.
The sad thing is they are really only users.
RHEL/Centos 6 Systems (Servers + 20+ VM's)
SLES 3 Servers
Fedora 10 (Desktops)
AIX 3 Servers with one LPAR running Linux
Solaris 2 Servers (on Sparc)
Ok, one of us boots Ubuntu for a while when it turns up on a Linux Mag DVD but none of us do serious work on it as we produce Commercial Linux/Unix Software. .deb install of our software, we will have to bite the bullet.
For us, it is just too different from our core market.
I just installed F12 on an eeeBox EB1501 the other day. Everything inc Wireless works OOTB. Ubuntu 9.10 didn't handle the Wireless very well at all.
Still, when a customer says they want a
I tried Ubuntu, But I just can't.
I wanted to install my favorite niche physics package. I couldn't even figure out how to set the files to 777 through the GUI, I had to 'sudo chmod' them.
Oh and no 'su'? really? I mean 'sudo bash' isn't that hard but jeez I don't know if this is more secure, but it sure is harder to use. I think I'll install centos before going back to fedora.
you can tell ubuntu is getting pretty good when the trolls have to try this hard to criticize it.
or did I miss a whoosh somewhere?
Why don't you create a root account so you can su all you like? Also interesting: http://blogs.techrepublic.com.com/opensource/?p=1415&tag=nl.e011
And when someone cracks that account...?
I use CentOS and I've found cases where changing file permissions through the GUI just silently fails. Never really looked into it - you know how these things can distract you away from what you're actually trying to do. Just opened a shell, cursed a little, and did it from there.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Ultimately this measure is meaningless, even more so if it's a wild guess. What matters is how many people join in and contribute to the project - testing, graphics, documentation etc. - as well as code.
Re: numbers, I always get and try out new Ubuntu releases. They are really pretty, but I've never actually went on to use one. On the other hand, fedora is happily churning on some 10 machines around the house and data centres (+ countless VMs). Perhaps because most machines are headless or because I'm used to Fedora. Anyway, it seems that there is not too much real difference between distributions these days apart from installation, branding and defaults, in any case not nearly enough to warrant bothering to change distro.
-actually almost double, at 24 million 12 * 2 anybody? Well it's got to be almost 24 at least...
If I had an Ass, I'd call it Fanny Bottom, then I could slap my Ass; Fanny Bottom, on the Arse.
Maybe, but once dictionary attacks provide for simple misspellings you'll have a problem.
In your haste, you omitted to say how many of our Jewish friends use Ubuntu!
On the other hand, your figures would probably be as nonsensical as the rest of your post.
I totally disagree, this kind of healthy competition keeps the wheel spinning.
Developers take pride in what they do, so KDE and Gnome folks will always look over and try to
improve their software,usability with different insights,beliefs...
It's good to have choice, it's good to have healthy competition. This is the cherry on top of the cake, you get not what it works best for others but what it works the best for you.
Try live-cds until you can make up your choices about desktop,software.
Then select a distro, install it and live with it.
That's what i do when someone asks me for help, results? Largely positive.
It's a lot easier to have 12 million than it used to be.
Promote true freedom - support standards and interoperability.
I use toor. And my password is 321drowssap
"at least we're more secure than Windows, right?"
In the default configuration, yes. However, last I checked, Ubuntu does not ship with SELinux, and so if you are looking for data security, Windows wins (note that there are other distros, like RHEL, that ship with SELinux, and are tied with Windows for multilevel security applications).
Really, the days of bashing Windows on security are long past. The users are a far greater problem than the software, and that will not change as they use different OSes.
Palm trees and 8
....and they'll have 1% of the Windows userbase!
What bugs me is that Linux seems to get 10 - 20% of media coverage, and yet has such a tiny desktop penetration....
No, Ubuntu ships with AppArmor rather than SELinux:
https://wiki.ubuntu.com/AppArmor
Life is short: void the warranty.
The last time I saw it, passwd is world readable. Are you talking about network based attacks? If so, whether root has a password or not is irrelevant.
Also, I bet your computer have one of those users: guest, www-data, apache, smb, netconfig, system. There are others to put on the list, but I'm too lazy to look for them now.
Rethinking email
Thanks for the correction, I was not aware of that.
Palm trees and 8
You mean, like the root account?
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
This is way overblown. If you don't allow root to login in, then knowing the root account exists and has a password isn't going to do an attacker any good unless they first break a user account.
Loving Lubuntu here. I recently picked up an old 1.3 Ghz Celeron laptop with 512 MB of RAM and installed Lubuntu on it. After a few bad glitches (Plymouth!) I have it updated to Lubuntu 10.04 Beta with the nightly Lubuntu builds. Runs fabulous and still boots up in less then 30 seconds. The way Lubuntu is shaping up, KDE will get the punt from my desktop sooner rather then later.
I call it 'The Aristocrats'
Sir, if mod points, I'd hand all five to you.
I call it 'The Aristocrats'
Sure, if your attackers will never try to crack any of your users' passwords...
A username could be anything, but root is always root. Disabling the root password means a cracker needs to take the additional step of identifying a valid user account to target. Not a particularly large step, perhaps, but a step nonetheless.
Or, you could just disable remote root logins.
If you're talking about an application already running locally, then they obviously can read /etc/passwd to identify other account names.
You're all missing the real reason behind this. It's merely to have one less password to remember, and make Ubuntu (in that respect) as easy to use as Windows and OS X. You don't need a second password when the computer knows which users are also admins and only needs to verify they are themselves..
you know how these things can distract you away from what you're actually trying to do.
Yah, that's Linux in a nutshell.
Yes, I understand your point of view and much agree with it! However, we seem to be talking about different things:
/these/ users. ;)
You are talking about attracting users that come to Linux because they see it as a good alternative, by pondering the situation carefully. From what I understood, they (family) already knew what Linux was, at least in comparison to other OSes.
Now I was talking about attracting users who simply do not even know what an Operating System is. Attracting users that can't even find out that double-clicking isn't used in the same situations as clicking.
As an addition, I do find it extremely valuable to make a choice and I see what you magnificently describe as "someone around who can assist this way" as an extremely valuable property of 'the Linux world'. I do, however, think that such a degree of divergence is not useful for those who do not want to care about the underlying platform that they are developing for, so I think there are two alternatives:
1. Standardize one of the alternatives, as it doesn't make much sense to me to provide wrappers from API A to B if the decision is to develop with API B but use API A in the end. B->B-A-Wrapper->A -- Look at that!
2. Create wrapper libraries that take care of this decision. This choice seems the appropriate choice for me, but I don't see it *that* often. Sure it pops up here and there, but people don't say: Develop for the Wrapper API! Why? Sure, there's an extra level of abstraction, which can mildly hit performance, but is it really worth it? Take sound, for instance, it's one of the things that frustrates me the most: It's two-thousand-fucking-ten and Linux still has issues with the correct audio API to use and the correct system. Why? Because there's the lack of a distro-pattern. But things are, fortunately, getting better! With ALSA seeming to be considered de-facto now, and Pulse being improved and adopted, with more card drivers being added. But, again, it's 2010 and this is an important function that an OS needs to properly have to attract its users.
"Current choices ARE stable enough to be used."
As for that, you are quite right, whereas I didn't seem to support that opinion in my previous writings. There is a good-enough degree of stability, I would say, but it notoriously isn't enough yet. Nowadays I have a "write-three-words-save" syndrome with OpenOffice because it often crashes when editing formulas. I once lost an 8-page work because I was stupid enough not to save --'.
Another issue with our current choices is, again, the fact that, with different interfaces and options, we are not connecting enough to users who lack many computer skills. Take....my mother, for instance. She can't even distinguish closing a window from minimizing. Now when I put my Linux PC in front of her, she's gotten used to the interface and she already knows where things are and what each thing does. Now my friend pops up with his fancy KDE/Gnome (irrelevant for the issue) desktop and my mother gets lost.
You may argue that Windows/Mac users can also personalize their desktop. Sure they can, but who does it? Is it these users who lack skills? Or is it the users that have more skills and that can handle the additional change? From my point of view (once again, I speak for myself), this is what we need if we want to attract
You may also argue that, to get used to the transition, we can help these users, because that's part of the "spirit of Free Software". Sure we can, but will there be enough of us? However, this seems to be a good counter-argument for my thesis
Once again, I fully agree with most of what you said!
Have you heard about SoylentNews?
That's great that your installation was able to give them what they need. I recently installed Ubuntu 9.10 (having used Ubuntu Server and several previous Ubuntu Desktop versions), and aside from giving the basic "yeah, here's the internet and some apps, my wife and I found it almost completely unusable for any day-to-day stuff.
OpenOffice: Great stuff, and works well, and works great with MS Office documents. Thanks, Sun!
Issues I had were: .mp3 file by default. Not only do I have to go into package managing to fix it, but I have to go to the Multiverse repositories, which are also not selected by default. Awesome.
1. (Ubuntu specifically) No mp3 support by default? Do you even want me to use this thing? I'm sorry it doesn't conform to your idea of free, but that's the format most people listen to. If you want to be acceptable as a desktop, make it able to play an
2. (Not OSS's fault, but this was a big issue) Flash sucks on Linux. Big time. This thing stays at 80% CPU usage, even when idle. Sure, it's Adobe's fault with their closed-source, cathedral-style software. For as bad as it performs, Flash Player still works better on OSX. Why? Probably because they have a unified API, instead of 5 different APIs for sound, 3 for video, and a choice of 15 window managers. Choice is great; shitty choices are not so great.
3. Free fonts suck, at least, those that come with the OS. As a designer, this one is important to me. Why do your fonts look like ass? I like how the top result for "how to get clear fonts on linux" gives instructions on installing the Microsoft system fonts (lovingly pixel-hinted by a worker in the cathedral you all revile so often, paid for by Microsoft). If you just use your PC for the terminal window, IRC, and Slashdot through Lynx, I guess you don't give a crap about how your fonts look.
4. Why do I need to choose a sound architecture at all? It's a sound card; they've been around for years. Is it really that hard? Disclaimer: I'm not a sound card driver developer, so don't know how difficult it is, but I'm pretty sure I remember even DOS games (most times) figuring out how to get sound to the fucking card without a giant tree of dependencies.
5. Firefox is slow. Oh my freaking god, is it ever slow. I thought that maybe Mozilla enhanced performance on Linux, since it is also OSS, and so it would be developers' pet project...etc. That is, until I realized that Mozilla is a software company, and they pay their developers to work on useful features that people want, i.e. faster performance on Windows.
6. The included games look like crap. Normally, I wouldn't even notice. But, this being a PC for the wife, she does. None of the games pretend to have any sort of design consistency (in line with everything else on Linux), and you can't even change the card image for the card games! The standard answer, of course, to complaints about Linux is, "you are free to change anything you want." That's super-keen, guys, but the reality is that almost nobody sees this as an asset except for people who are already actively involved in Linux development. That is not an asset to anybody else.
7. The solution to almost every issue is "Open the terminal..." No. If you want to be taken seriously as a desktop system, don't slap a desktop over a CLI and call it a day. If my wife (grandmother, daughter, non-technical-joeblow, etc) has to do this, you've pretty much already failed.
This is only on the most recent attempt to use Ubuntu for anything useful on a desktop. Note that I do run Ubuntu Server running a LAMP stack, along with Samba and SSH. I love it, but it also stays the hell out of my way.
I don't really care what desktop I use for most of the computers in the house. What I do want is something I don't have to babysit all the time. Windows may be "less secure," but when it, too, is set up correctly (by adding a non-admin user and booting into that (which is, wow, two whole steps, in a desktop, without going to CLI)) and behind a firewall, there's no issue.
Cue posts about how I don't understand Linux, or the philosophy behind Linux, or how I should make my own distro (yeah, right), or about how people like me are welcome to not use Linux.
Just sayin'...
Use what works. I haven't yet but I intend on installing Ubuntu on my Mac and when I do I dualboot. Then I'll also use a VM so I don't have to reboot when I'm not going to spend a lot of tyme using Ubuntu. When I will spend a lot then I'll go ahead and boot into Ubuntu.
The one thing I need to find out is how to run OSX in a VM in Ubuntu. Last tyme I looked I didn't find out specific instructions on how to do it. Of course that was months ago, so there may be some ways to do it online now.
Falcon
Should there be a Law?
Ten years ago I found Linux to be buggy and inconsistent as a daily typical use OS.
For about 10 years I had to deal with buggy Windows almost daily. Finally when I got a new laptop I got a MacBook Pro. And while I've had some problems with it, the DVD and graphics both had to be replaced, I have not had as many problems with it as I have had with 3 of my Windows PCs. I had more problems in the first year I had them than in the almost 3 years I've had my Mac. Only one Windows PC had given me less problems than my Mac, that is depending on how it's looked at. While the only hardware problem I had with it was the modem, because the CPU's a DEC Alpha I wasn't able to get much software installed on it. What I find ironic is that most of the software I did install was open source.
Falcon
Should there be a Law?
Sudo nautilus and type in your password! We got a GUI for all that stuff 8-)
Of course not. Why would I enable the root account making it that much easier for an attacker to own my box by brute forcing the password? If you want my systems, you're going to have to at least show a little effort.
The soylentnews experiment has been a dismal failure.
There are several thousand accounts on the machine only one of which will grant you the privileges you need. How large is your brute force password cracking botnet and exactly how much time did you say you had on your hands?
The soylentnews experiment has been a dismal failure.
No, they need to hijack an admin account, which is by default only the first created user. It may not be terribly secure, but is still somewhat safer than running as root.
My Portuguese sucks. Hurts the Kerbesa (sp?). Anyway, the article lamented the CHOICE. My point was to simply put a stake in it. Pick something, and go with it. It's the same as the Windows vs. Mac decision. You pick one.
Gnome, KDE, pick one. Development may or may not occur on the other -- but after your choice, it doesn't matter. As long as your choice is good for you. "Future" may matter, but (perhaps surprisingly), not that much.
Current choices ARE stable enough to be used.
Now, I never simply recommend Linux (or Windows, or Mac). Instead, I say "Choose the platform you are comfortable with. If you have a reason to use Linux, then, ok, go with it. If you have a reason to go with another platform, go for that".
If a user CHOOSES something like Linux, and COMMITS to it, they are going to use it. Reasons for the choice? Let me give you a (real) example.
Some family friends were using a computer for email, mailing lists, ballet organization, web browsing. They were using Windows 98, and were reasonably happy. After all, it came with the computer (but was probably bootlegged), and it worked.
Fast forward 4 years. Their daughter started dating a "Web Designer". He thought it wholly offensive and very uncool that they should be using Windows 98. He put Windows XP on the machine. Better, right? Wrong... It now took 40 minutes to boot up to a usable desktop.
They asked me "what should we do"? I gave then some choices (1) a new(er) computer, (2) restore Windows 98, or (3) Linux. They decided to try Linux (a newer computer was not in the budget, and Windows 98 crashed a lot).
We (the family, with my assistance) chose a distribution, and some applications. They have been happy with the choice. After all, they committed to it. When they purchased a new computer (3 years later), they specified Linux, and their application choice.
They never vacillated between Gnome or KDE, Koffice or OpenOffice.org, ARTS or ESD. Because (after they committed), I assisted them in the base (workable) selection. Indeed, one of the reasons for using a (Linux, BSD, other) system is that the user has someone around who can assist this way. It's simply part of the network effect. I think that having a good deal of choice (as a technical person) is a good thing -- but the users don't need to see it.
I don't think it's a problem. But then, I don't really care what platform someone uses. I do care that they have chosen it for (reasonably) rational reasons.
Case in point, a friend gave me a 700mhz ibm lap top for nothing. Windows was not an option as this baby is way out of date. Ubuntu works like a dream, so I get to learn a new distro and can still operate this antique that is in deed a sturty machine. Thanks guys.
I now have 4 computers running Ubuntu, none of them registered. I've also installed Ubuntu on a number of machines for persons who have no Internet access, none of them registered either.
On every install I have done for at least the past 2 years, the automatic updates option has been on by default, and set to download and automatically install firefox updates. I have verified this for past discussions on the subject by creating a brand new Windows 7 VM (just fire up a sysprepped one) and installing the latest install from the Mozilla website.
--
OS X - Ive upped my standards, up yours!
Maybe that's the key, the default for Windows installs may be on to check for updates whereas for OSX the default is off.
Then again, my memory is bad and maybe I manually set the check for updates to off. Hold on, let me check... Okay, you're right. I just set up a new account and the default was check for and install updates. My mistake.
I need to check and make sure about something before I state something as a fact. Of course I won't remember in 15 minutes.
Falcon
Should there be a Law?