I disagree *completely*. No PC users are trying any Linux distros in large numbers these days-- that was almost a decade ago and in that time the curious ones have learned to be wary of anything termed "Linux" aimed at their desktop.
Although I have long bemoaned the lack of usability (which is not the same thing as gloss) in most Linux distros, Mint and the rest are about a ten-thousand miles away from being palatable to normal personal computer users. Linux distros simply lack the structure and consistency needed to make users and app developers feel at home.
Furthermore, newbies are exactly the sort of people who need the most security in their OS (I hope Qubes will someday shed enough of its distro-like encumbrances to be a contender for average folk-- maybe in another year) and there is nothing controlled about the collision between a naive user and an insecure OS on a hostile network-- its reckless.
A real solution would be to either accept the conventional Xhost restrictions or do what Apple did (and Canonical are currently doing) and dump X11 for a decent post-1980s graphics architecture... or use special VMs to prevent exploits from taking over the system as Qubes does.
PS - I also hated Unity for some time because of one thing: The Dash. Installing the 'classicmenu' took care of that, so in my view Canonical's real failing here can be remedied in 15 seconds; they really ought to alert users that this is an option. The other thing that has bothered me is the Amazon search thing and the remedy to this is a lot more obvious, so its not quite a bad situation. Other than that, the changes in Ubuntu are Apple-like and seem quite acceptable (even great) as they are.
I think the last thing Apple would want is to have OS X equated/synonymous with FreeBSD. Linux cliques pale in comparison to the gulf of separation there.
I enjoy using OS X, too. But I've minimized what I do on it because of Apple's collusion with the NSA.
Mint has no security. They intentionally run with access control disabled on the X server (xhost +). Keyloggers and screen scrapers are trivial in this case. Bugs have been filed about this, but Mint considers it working as designed.
I think this Ubuntu UI criticism is overblown. In my experienced and not-so-humble opinion, they've made 2 real mistakes with the UI... the integrated Amazon search and the total lack of any neat and well-organized launcher (the search panel results are very noisy even with the online component gone). Uninstalling the shopping search extension and adding the 'classicmenu' package rectifies these problems.
Canonical are trying to adopt Apple's UI features, but also trying here and there to be 'different'. The search-bar-replacing-all-else is one of those different things, but the rest of the UI changes feel decent and being Apple-inspired they ought to.
By comparison, Fedora usability is a mess and its due mostly to Fedora's abiding get-along-with-upstream-don't-surprise-anyone spirit. That's why Fedora displays your desktop contents to onlookers for 3 seconds when waking from sleep. That's why several Fedora releases wouldn't run the CPU fan on multiple Macbook models, causing them to overheat... because they are about tossing desktop/laptop users the hand-me-downs from the priests of the server world.
This is representative of the mountains of mis-features Canonical had to work out of the "Linux desktop". As a rule, if Fedora is F-ing up a subsystem or workflow on a PC a switch to Ubuntu usually clears it up. Ubuntu *never* ever overheated my various Macbooks and other laptops... Fedora did it for years. Yes, attention to detail is paid on the RedHat side of their community... but those are server details.
Beyond that, I don't consider either plain Ubuntu or Fedora to be quite secure but assume Mint would be significantly worse in this area. I prefer the Qubes hypervisor-based desktop for security as it puts the more powerful features of XEN within reach of my mouse.
Its the only OS that I'd trust to do online banking these days; BSD jails are flimsy compared to Qubes' XEN domains.
I'd also assume that any OS outfit offering "security" that doesn't have security researchers at its core is handing out a load of jive, especially if their system relies on a traditional kernel for said security.
Because Year of the Linux Desktop went from being a joke to just being sad. Look at what Google accomplished with Linux yet the desktop folks are still bickering and blaming users for the lack of adoption. It is a clear example of where "dogfooding" doesnt work, Microsoft does it too little and the desktop Linux community does it too much, everything seems simple and intuitive when you have spent so much time on it and have a keen interest in it but the average user (90%+ of the target audience) doesn't. That is why this issue with MINT seems like a non-issue to MINT users and developers, they actually understand the perils and benefits of pulling in these updates but an average user does not and this is not clearly communicated to those average users either but by all means continue to just say these users are idiots and move on ignoring them.
There is too much navel-gazing attitude in the community, and that tends to produce stuff that only looks friendly to Unix greybeards and those who want to emulate their elitism. Ubuntu has distanced itself somewhat from that unhealthy dynamic, but IMO they are still missing certain ingredients for a successful desktop OS. I think Elementary OS also deserves a mention because although its based on GNU/Linux, they publicly renounce any status as another "Linux distro" or close association with that subculture... they do not live to be cozy with "upstream" as doing so ensures that whatever you publish will be the product of a consortium of tech committees.
The biggest issue for a Lenovo or Samsung isn't Linux hardware support, it's the nightmare of customer support on Gnome3 + Cinnamon + KDE + XFCE + LXDE + Unity...
Also, I'll say that I actually like Unity except for the one feature (which everyone else seems to hate also)... replacing the 'start' menu with a search window. People often want quick access to apps that they don't run every day and thus can't remember the names, so having a bunch of accessory, control panel and utility icons crowd into the list when I start typing what I thought was the app name really REALLY sucks. Listing apps hierarchically under a handful of categories is what works; the user should have both a menu and search available, and not be herded into primarily using search.
The window handling, menus and taskbar in Unity are an improvement although they take a little getting used to.
As for Wayland, I think it will flounder the way X11 has been doing. It is one thing to design software components by committee... its quite another to do so through a committee of committees (which is what many FOSS consortia are); it took these pretenders decades to get display configuration half-right. Mir may or may not pan out, but it seems to have a strong vision for what the graphics layer needs to be.
Or not so much, and it just went through a phase 10G years ago that transitioned from producing a relative abundance of shorter-lived, supernova-prone stars to producing less of them.
1) The 'who' and 'when' of the data exchanges is still being watched, and you might be surprised how much of that can be used as justification under the slippery legal concept of "probable cause". Yes, you may well be innocent anyway, but that doesn't prevent them from using the system over and over again to harass you.
3) P2P carries more than just entertainment or files broadcast as available to everyone, and people should have a right to use it. I2P uses P2P modes of transmission to create connections that are private and secure. Does advertising to everyone that you have bandwidth to add to the network make the contents of your system open to investigation? Legalistic definitions of IT methods often go awry (...and usually against the public interest, I might add).
But its used for a lot more than just bittorrent. Its a network anonymity layer (a bit like Tor) with the important difference that everyone re-routes traffic by default and so creates the expectation of bandwidth-sharing... Nodes which don't share bandwidth might experience problems getting their own traffic forwarded.
So the task of routing packets is itself carved up among participating nodes in a decentralized P2P fashion. This has four really good side effects:
1) One's own traffic gets mixed-in with a lot of other encrypted packets
2) A much greater degree of decentralization than Tor making the network more resistant to attack
3) Nodes are more likely to behave and cooperate, as many sorts of attacks will show up as leeching
4) The flexibility to handle many different types of applications, even torrents, without staggering under the load.
I'd say that what I2P lacks is a nice user interface; Its currently stuck in a clunky 2000-ish web interface. Most of us would love to see someone with UI design skill get involved.
Someone else(TM) e.g. a non-client state government might commandeer all that great surveillance tech the US has been inventing and turning loose on its population. And then our current 'The Privileged That Be' would be reduced to being just another set of the watched and herded sheep.
Media blackout. A populace ignorant of goings on is easier to control.
Alternate media black-out. I can guarantee you CNN will be on the air saying what they're told[paid] to say.
And yes I am an ashamed American, ashamed of what my country has become.
You should be a proud American, but realize that the US Government has become an enemy of the idea the is America. There's a reason why the Founders spoke of "Enemies Foreign and Domestic".
Funny thing: '...and domestic' is the same emphasis the DHS boosters use, too. Bit of a philosophical quandary there.
Creating a police state involves building up walls of privilege, and its these privileged enemies we have to pay close attention to.
Now, owing to the fact that terrorists may be using electricity for their misdeeds, I fully expect someone on-high will call for a centrally-controlled electrical grid kill switch.
The structure of the current net at IP layer and below is architecturally about right as far as I'm concerned. 100% untrusted, 100% untrustworthy. All the network needs to do is forward packets with some degree of assurance they will be delivered.. the rest is up to us users.
This may be a good assumption for way points that build a network infrastructure, but it is unacceptable to Alice and Bob (e.g. the endpoint users of a network). IMHO, only a layer that is based on crypto and creates identities (addresses) that are both strongly immutable (can't be tampered with) and anonymous has a chance at succeeding, which is why I mentioned I2P elsewhere in this thread. I2P assumes that each hop on the network may be untrustworthy, but it also enforces encryption end-to-end thus allowing Alice and Bob to build/assign trust to each other as they see fit without worrying their communications are going right into a state surveillance algorithm. Such a network layer has permitted the building of fully anonymous bittorrent and decentralized (DHT-based) email.
I2P is not like Occupy. Its more like Bitcoin (which interestingly has a presence on I2P). And like holding more than one currency, I do think people are capable of running a networking alternative on the side to communicate with their peers; at the very least, techies should do it and that's how the best tech trends get started anyway.
I2P also doesn't have the proxy liability you mention about Tor: Everything is encrypted end-to-end. All the traffic you route for other nodes is like being a 'relay' on Tor; you have no way of knowing what the content is. There is no implicit trust necessary-- only the trust that you may or may not wish to assign to the party you are communicating with on the other end of the link.
If/. had even basic ssl support, at least a possible forged certificate could have been revealed.
They're too cheap. Slashdot had an interesting start with slashcode, but since then we've mainly seen a layout redesign. You'd think that turning on SSL would be simple today and it scarcely adds any load to modern systems, but there is always that one last 'hard' thing about it: You have to safeguard your private key(s).
Similarly, if/. were interesting in keeping its readers safe they might have opened a mirror on I2P or Tor by now.
So read your Slashdot, etc. in an untrusted Domain on Qubes instead. This is the era of the hypervisor-based OS now.
Time to start from scratch, and start a large-scale redesign of the Internet and its protocols, to try and better secure users from surveillance/attacks?
Tor and other fringe security protocols/networks won't cut it, and getting people to use very-user-unfriendly encryption tools won't happen...
The redesign of the net has to start at the fringe: An establishment-driven scheme will just get us worse surveillance and intrusion than we currently have.
I2P is an 'Internet' designed on P2P principles that has security and anonymity built-in. It 'cuts it' because although it has Tor-like onion routing, its also highly decentralized such that it also works a lot like bittorrent. In fact, you can fully torrent over I2P and a torrent app is built-in. A DHT-based email system is also available.
OTOH, IPv6 is yesterday's protocol. I can't tell it to transport only with encryption, or how many hops I want a particular application to use (trading off anonymity vs speed). I can't have my own address (or multiples) that can also be used to verify my identity cryptographically. Mostly, I can't have an identity where I choose the level of privacy I have (anyone watching the backbone can figure out exactly who I am by just monitoring me for 20-60 minutes).
HTTPS doesn't cache certs because that would create a prompt whenever you visited a secured site for the first time... and we can't have that. There is always this attitude in software design that regular users can't be bothered with even the slightest bit of key management.
Against that background, some popular sites like Google started changing their certs so frequently that even I was getting tired of seeing the alerts all the time.
On the whole, I think its just best to regard the Internet as a hostile environment and browse most sites using a hypervisor-based OS like Qubes. They can have their 'exploit' on my system... temporarily in a small corner of it.
Slashdot Mirror
In that respect also, its like Fedora.
I disagree *completely*. No PC users are trying any Linux distros in large numbers these days-- that was almost a decade ago and in that time the curious ones have learned to be wary of anything termed "Linux" aimed at their desktop.
Although I have long bemoaned the lack of usability (which is not the same thing as gloss) in most Linux distros, Mint and the rest are about a ten-thousand miles away from being palatable to normal personal computer users. Linux distros simply lack the structure and consistency needed to make users and app developers feel at home.
Furthermore, newbies are exactly the sort of people who need the most security in their OS (I hope Qubes will someday shed enough of its distro-like encumbrances to be a contender for average folk-- maybe in another year) and there is nothing controlled about the collision between a naive user and an insecure OS on a hostile network-- its reckless.
A real solution would be to either accept the conventional Xhost restrictions or do what Apple did (and Canonical are currently doing) and dump X11 for a decent post-1980s graphics architecture... or use special VMs to prevent exploits from taking over the system as Qubes does.
PS - I also hated Unity for some time because of one thing: The Dash. Installing the 'classicmenu' took care of that, so in my view Canonical's real failing here can be remedied in 15 seconds; they really ought to alert users that this is an option. The other thing that has bothered me is the Amazon search thing and the remedy to this is a lot more obvious, so its not quite a bad situation. Other than that, the changes in Ubuntu are Apple-like and seem quite acceptable (even great) as they are.
I think the last thing Apple would want is to have OS X equated/synonymous with FreeBSD. Linux cliques pale in comparison to the gulf of separation there.
I enjoy using OS X, too. But I've minimized what I do on it because of Apple's collusion with the NSA.
Um, getting attacked by the banking site hardly counts as an effective exploit, and one doesn't use a banking vm with other sites.
The point of Qubes' UI is to make domain traversal trivial for the user and impossible for anyone else.
Mint has no security. They intentionally run with access control disabled on the X server (xhost +). Keyloggers and screen scrapers are trivial in this case. Bugs have been filed about this, but Mint considers it working as designed.
Now that is interesting.
I think this Ubuntu UI criticism is overblown. In my experienced and not-so-humble opinion, they've made 2 real mistakes with the UI... the integrated Amazon search and the total lack of any neat and well-organized launcher (the search panel results are very noisy even with the online component gone). Uninstalling the shopping search extension and adding the 'classicmenu' package rectifies these problems.
Canonical are trying to adopt Apple's UI features, but also trying here and there to be 'different'. The search-bar-replacing-all-else is one of those different things, but the rest of the UI changes feel decent and being Apple-inspired they ought to.
By comparison, Fedora usability is a mess and its due mostly to Fedora's abiding get-along-with-upstream-don't-surprise-anyone spirit. That's why Fedora displays your desktop contents to onlookers for 3 seconds when waking from sleep. That's why several Fedora releases wouldn't run the CPU fan on multiple Macbook models, causing them to overheat... because they are about tossing desktop/laptop users the hand-me-downs from the priests of the server world.
This is representative of the mountains of mis-features Canonical had to work out of the "Linux desktop". As a rule, if Fedora is F-ing up a subsystem or workflow on a PC a switch to Ubuntu usually clears it up. Ubuntu *never* ever overheated my various Macbooks and other laptops... Fedora did it for years. Yes, attention to detail is paid on the RedHat side of their community... but those are server details.
Beyond that, I don't consider either plain Ubuntu or Fedora to be quite secure but assume Mint would be significantly worse in this area. I prefer the Qubes hypervisor-based desktop for security as it puts the more powerful features of XEN within reach of my mouse.
Its the only OS that I'd trust to do online banking these days; BSD jails are flimsy compared to Qubes' XEN domains.
I'd also assume that any OS outfit offering "security" that doesn't have security researchers at its core is handing out a load of jive, especially if their system relies on a traditional kernel for said security.
Because Year of the Linux Desktop went from being a joke to just being sad. Look at what Google accomplished with Linux yet the desktop folks are still bickering and blaming users for the lack of adoption. It is a clear example of where "dogfooding" doesnt work, Microsoft does it too little and the desktop Linux community does it too much, everything seems simple and intuitive when you have spent so much time on it and have a keen interest in it but the average user (90%+ of the target audience) doesn't. That is why this issue with MINT seems like a non-issue to MINT users and developers, they actually understand the perils and benefits of pulling in these updates but an average user does not and this is not clearly communicated to those average users either but by all means continue to just say these users are idiots and move on ignoring them.
There is too much navel-gazing attitude in the community, and that tends to produce stuff that only looks friendly to Unix greybeards and those who want to emulate their elitism. Ubuntu has distanced itself somewhat from that unhealthy dynamic, but IMO they are still missing certain ingredients for a successful desktop OS. I think Elementary OS also deserves a mention because although its based on GNU/Linux, they publicly renounce any status as another "Linux distro" or close association with that subculture... they do not live to be cozy with "upstream" as doing so ensures that whatever you publish will be the product of a consortium of tech committees.
I thought of it as soon as I saw the headline. Thanks for posting a link!
The biggest issue for a Lenovo or Samsung isn't Linux hardware support, it's the nightmare of customer support on Gnome3 + Cinnamon + KDE + XFCE + LXDE + Unity...
Also, I'll say that I actually like Unity except for the one feature (which everyone else seems to hate also)... replacing the 'start' menu with a search window. People often want quick access to apps that they don't run every day and thus can't remember the names, so having a bunch of accessory, control panel and utility icons crowd into the list when I start typing what I thought was the app name really REALLY sucks. Listing apps hierarchically under a handful of categories is what works; the user should have both a menu and search available, and not be herded into primarily using search.
The window handling, menus and taskbar in Unity are an improvement although they take a little getting used to.
As for Wayland, I think it will flounder the way X11 has been doing. It is one thing to design software components by committee... its quite another to do so through a committee of committees (which is what many FOSS consortia are); it took these pretenders decades to get display configuration half-right. Mir may or may not pan out, but it seems to have a strong vision for what the graphics layer needs to be.
Like carelessly made Cream of Wheat.
Or not so much, and it just went through a phase 10G years ago that transitioned from producing a relative abundance of shorter-lived, supernova-prone stars to producing less of them.
1) The 'who' and 'when' of the data exchanges is still being watched, and you might be surprised how much of that can be used as justification under the slippery legal concept of "probable cause". Yes, you may well be innocent anyway, but that doesn't prevent them from using the system over and over again to harass you.
2) They've already established a trend of admitting evidence that would normally require a warrant.
3) P2P carries more than just entertainment or files broadcast as available to everyone, and people should have a right to use it. I2P uses P2P modes of transmission to create connections that are private and secure. Does advertising to everyone that you have bandwidth to add to the network make the contents of your system open to investigation? Legalistic definitions of IT methods often go awry (...and usually against the public interest, I might add).
But its used for a lot more than just bittorrent. Its a network anonymity layer (a bit like Tor) with the important difference that everyone re-routes traffic by default and so creates the expectation of bandwidth-sharing... Nodes which don't share bandwidth might experience problems getting their own traffic forwarded.
So the task of routing packets is itself carved up among participating nodes in a decentralized P2P fashion. This has four really good side effects:
1) One's own traffic gets mixed-in with a lot of other encrypted packets
2) A much greater degree of decentralization than Tor making the network more resistant to attack
3) Nodes are more likely to behave and cooperate, as many sorts of attacks will show up as leeching
4) The flexibility to handle many different types of applications, even torrents, without staggering under the load.
I'd say that what I2P lacks is a nice user interface; Its currently stuck in a clunky 2000-ish web interface. Most of us would love to see someone with UI design skill get involved.
...an independent Internet:
Someone else(TM) e.g. a non-client state government might commandeer all that great surveillance tech the US has been inventing and turning loose on its population. And then our current 'The Privileged That Be' would be reduced to being just another set of the watched and herded sheep.
Media blackout. A populace ignorant of goings on is easier to control.
Alternate media black-out. I can guarantee you CNN will be on the air saying what they're told[paid] to say.
And yes I am an ashamed American, ashamed of what my country has become.
You should be a proud American, but realize that the US Government has become an enemy of the idea the is America. There's a reason why the Founders spoke of "Enemies Foreign and Domestic".
Funny thing: '...and domestic' is the same emphasis the DHS boosters use, too. Bit of a philosophical quandary there.
Creating a police state involves building up walls of privilege, and its these privileged enemies we have to pay close attention to.
Now, owing to the fact that terrorists may be using electricity for their misdeeds, I fully expect someone on-high will call for a centrally-controlled electrical grid kill switch.
The structure of the current net at IP layer and below is architecturally about right as far as I'm concerned. 100% untrusted, 100% untrustworthy. All the network needs to do is forward packets with some degree of assurance they will be delivered.. the rest is up to us users.
This may be a good assumption for way points that build a network infrastructure, but it is unacceptable to Alice and Bob (e.g. the endpoint users of a network). IMHO, only a layer that is based on crypto and creates identities (addresses) that are both strongly immutable (can't be tampered with) and anonymous has a chance at succeeding, which is why I mentioned I2P elsewhere in this thread. I2P assumes that each hop on the network may be untrustworthy, but it also enforces encryption end-to-end thus allowing Alice and Bob to build/assign trust to each other as they see fit without worrying their communications are going right into a state surveillance algorithm. Such a network layer has permitted the building of fully anonymous bittorrent and decentralized (DHT-based) email.
I2P is not like Occupy. Its more like Bitcoin (which interestingly has a presence on I2P). And like holding more than one currency, I do think people are capable of running a networking alternative on the side to communicate with their peers; at the very least, techies should do it and that's how the best tech trends get started anyway.
I2P also doesn't have the proxy liability you mention about Tor: Everything is encrypted end-to-end. All the traffic you route for other nodes is like being a 'relay' on Tor; you have no way of knowing what the content is. There is no implicit trust necessary-- only the trust that you may or may not wish to assign to the party you are communicating with on the other end of the link.
If /. had even basic ssl support, at least a possible forged certificate could have been revealed.
They're too cheap. Slashdot had an interesting start with slashcode, but since then we've mainly seen a layout redesign. You'd think that turning on SSL would be simple today and it scarcely adds any load to modern systems, but there is always that one last 'hard' thing about it: You have to safeguard your private key(s).
Similarly, if /. were interesting in keeping its readers safe they might have opened a mirror on I2P or Tor by now.
So read your Slashdot, etc. in an untrusted Domain on Qubes instead. This is the era of the hypervisor-based OS now.
Time to start from scratch, and start a large-scale redesign of the Internet and its protocols, to try and better secure users from surveillance/attacks?
Tor and other fringe security protocols/networks won't cut it, and getting people to use very-user-unfriendly encryption tools won't happen...
The redesign of the net has to start at the fringe: An establishment-driven scheme will just get us worse surveillance and intrusion than we currently have.
I2P is an 'Internet' designed on P2P principles that has security and anonymity built-in. It 'cuts it' because although it has Tor-like onion routing, its also highly decentralized such that it also works a lot like bittorrent. In fact, you can fully torrent over I2P and a torrent app is built-in. A DHT-based email system is also available.
OTOH, IPv6 is yesterday's protocol. I can't tell it to transport only with encryption, or how many hops I want a particular application to use (trading off anonymity vs speed). I can't have my own address (or multiples) that can also be used to verify my identity cryptographically. Mostly, I can't have an identity where I choose the level of privacy I have (anyone watching the backbone can figure out exactly who I am by just monitoring me for 20-60 minutes).
HTTPS doesn't cache certs because that would create a prompt whenever you visited a secured site for the first time... and we can't have that. There is always this attitude in software design that regular users can't be bothered with even the slightest bit of key management.
Against that background, some popular sites like Google started changing their certs so frequently that even I was getting tired of seeing the alerts all the time.
On the whole, I think its just best to regard the Internet as a hostile environment and browse most sites using a hypervisor-based OS like Qubes. They can have their 'exploit' on my system... temporarily in a small corner of it.
...your "sacred cow" is more like "a big steaming pile of bullshit."
Hey, at least the cow was there at some point.
https://bugzilla.redhat.com/buglist.cgi?component=vulnerability&order=bug_id%20DESC&product=Security%20Response&query_based_on=&query_format=advanced
OTOH, MS helps the NSA keep a secret catalog of zero-days to use at their leisure.
Notice there is no mention of IIS or other MS products in the article or the linked page.
iTunes--- I totally forgot about this! One of the biggest marketing engines in the world supposedly has "no interest" in collecting personal info?
They held out longer than some others, but Apple now cooperates in spying on their customers.