However, Wisconsin produces more cheese, and higher quality dairy products.
I have to say that I am yet to encounter a US "dairy product" that I actually believe had anything to do with a cow. Maybe US cheese is made with milk from cows, but it sure as hell isn't evident from the result. The closest I have found to respectable dairy products from North America are some of the products from Quebec which are actually not too bad.
Sorry man, but you have too much faith in the user's ability to make correct choices when prompted with a dialog box. Unfortunately, most people just seem to "click first, and think later" when prompted with a technical question, and it causes all kinds of problems.
What kind of attitude is that? I think you'll find people are a lot brighter than you think and when prompted with a serious question they'll take the time to read it. The only reason people will not bother is if they get such prompts all the time - which means you have to make sure the default setup is good and sufficiently flexible that such warnings generally only occur if something is up - not that hard to do!
In the end your attitude comes down to: "People are stupid, so why bother to even try and help them at all?" which is pretty damn stupid really (maybe you're just trying to prove your point).
Windows XP SP2 is doing this already to some extent, such as when they dialog the user "Program X is connecting to remote host. Do you wish to allow this?" and the like.
I presume that's the firewall? Think of SELinux as a firewall built into the kernel that mediates access between processes and resources: everything on the system can be vetted for access to all the resources (files, network access, what have you) in as fine a grained way as you desire.
I agree that program and role based security could be taken further and it has with the Microsoft.NET Framework, but not many companies are currently developing major projects in.NET, so there will be some years of lag before the role based and code access security features of.NET begin to make inroads into a critical mass of the Windows software out there.
But there's the difference right there: Windows is adding it as an extra that you can use in the right framework. SELinux has added it as a security system built in to the kernel that applies to anywhere software running on the system and any resources made available by the system no matter the software was written in/with, and no matter what the resource is. If it runs on the OS then it needs to go through the security system. If the resource is made available to the user then it's the kernel doing so, and hence the security system can lock down that resource.
We're talking about the difference between ground up, and slapping patches on. Security works best when it is at the base level.
I hate to break it to you but someone downloading that sweet screen saver someone sent them, or the newest update to their spreadsheet would dutifully type in their root password to view it if so required.
Yes, that's reasonably likely. Then again, if the system had SELinux and a good default policy and integration they might run the installer and get a message
"Software SweetScreenSaver has attempted to access Network device,/home/Addressbook.xml, and/usr/bin/grep which are restricted. Would you like to grant access to these files in the future? [Don't grant Access] [Grant Access]"
Now sure, there will be people who will click "Grant Access", but I think you will have drastically reduced the number of people who got infected and or spread the virus because that would be enough to give a lot of users pause.
People will always be stupid - that doesn't mean you can't shore up the holes to make it easier for them to make informed decisions where possible.
Running with true least-privilege-necessary would involve a lot more than a user account
Yes, it would involve using SELinux and Role based mandatory access controls based on a good default policy, and an easy way for the user to alter that policy if they really so desire. All the backend to do this is already there, now it's just down to integration work and better administration tools. Redhat is working on that right now, and I'm sure they'd be happy with any help they could get.
SELinux works on a per file basis if you want, there are no issues there. I was merely proposing the folder based concept because it provides a simple management system for users - rather than having to worry about lists of allowed programs per file, but rather by logical groupings (which in this case was by folder).
SELinux is extremely powerful and allows very tight lockdown of your system to an exceptional fine granularity if you desire it. I was thinking of average users who don't want to have to worry about going through their security policy carefully - they want things to "just work". Having a basic (flexible enough) structure for which policy can be layed down in advance is porbably the way to go for these users.
The best edge I can see for Linux is SELinux and better support for it. Role based access and strong policy can make a real difference in security - it's the next layer on from the multiuser privilege separation that exists now (and is insufficient).
As other people have pointed out in replies, a non-root user can still hose the part of their system that counts: all their data. But let's imagine a nice future with SELinux or equivalent systems in place, good base policies, and good tools for maintaining them. You could, for instance, set up a "Music" folder under the users home directory, and by default only CD Rippers, encoders have write access to that folder. If you (or a virus, or malware) try to use a program to write to that folder a little dialog pops up saying something like
"Software X has tried to write to/home/Music which has restricted access. Would you like to grant software X access to write to this folder in the future? [Do not Grant Access] [Grant Access]"
Rinse and repeat the same scenario for email, documents etc. Sure some folder will have pretty loose defaults (granting access to most everything currently on the system) but that still stops a reasonable amount of malware which will be new to the system.
Will this stop viruses trashing machines? Nope, I'm sure some users will grant access to malware to trash their system, and I'm sure there will still be people stupid enough to be socially engineered into doing other stupid things to break the system. Nothing is foolproof. It does, however, add a really significant layer of protection to the system in the same way that having files as only writable by root adds some protection.
SELinux is a huge step forward, and we ought to be doing more to take advantage of it and make it easy to use.
I'm a big fan of Linux (and Mac and Windows, too) and I want it to be successful. I didn't write a blog post saying "Linux can't and won't succeed," I tried to point out the areas that I think are conditions for its success. I think there's a big opportunity pre-longhorn to show that we've got the right stuff. That window is closing and things will be much more difficult after that. I think it's dangerous for us to think "it's just a matter of time."
All I'm trying to say is that, barring the migration stuff (which I agree is a good idea), everything you discuss is in the works.
You can't get the whole Linux community to switch to a new system for packaging non-distro supplied software overnight - it's a loose collection of people all running in their own directions. The tools are all there and eventually momentum will carry the day, but it won't be immediate.
Paring down and cleaning up a desktop environment is no small task, but it has been a large focus for GNOME developers for some time now (ever since 2.0 in fact) and huge gains have been made and are continuing to be made.
I don't think either of those issues are amenable to be hurried by telling people to fix these things, because they either already have done the work and are waiting for the community shift to occur, or they already are working quite hard on the issues.
What it comes down to is this: If "Linux" (by which I mean the whole messy agglomeration of open source tools) were a single project with a single directed focus (or perhaps all under the umbrella of a single company) then this might work: send around a mandate that everyone needs to make autopackages and follow the GNOME HIG religiously. "Linux" isn't a single project, or even ten single projects - it's the bringing together of hundreds or even thousands of different little projects that, while they share a lot of code and effort, all have their own agendas and directions and ideas about how things should be done. There is no central authority for the mess of projects that is Linux, and that means you have to wait for the whole community to work it' way around to shifting. The tracks have been laid we just have to wait for the train to get in gear.
IN short linux needs to be almost perfect to wipe out windows.
Wiping out Windows isn't even close to a realistic goal. All I would hope for is that Linux gets sufficient desktop share that we can expect hardware makers to supply Linux drivers and ensure Linux compatability, and that software vendors bother to release Linux compatible versions of their software. That's not a huge ask - we're talking getting to the 5%-10% desktop share to make that happen.
I think Linux is on the right track, but free software cna be slow at some things (and fast at others), and desktop Linux requires some slow shifts. Be patient and it will happen. Will it destroy Windows? No. Will it be a viale alternative with significant enough market share that people actually pay attention? Eventually, yes.
First of all migration is raised as an issue: "When Regular People fire up the Linux desktop for the first time, the browser, office suite, email client, IM client, file manager, etc, each need to carry over as much as possible of the Windows application settings and all or very nearly all of the user data."
First of all that's a steep ask, but secondly I just don't think it's necessary. If that was required for people to switch no one would ever move to Apple. It's definitely a nice idea, and in the "nice to have" category, but I don't see that it's a deal-breaker.
The second point is API stability: "A user should be able to install Fedora Core 4 and go grab the latest Firefox release from Download.com and have it work without the need for finding and installing compat-libstdc++ or whatever."
This one is fixed - if developers would actually pay attention. Autopackage allows developers to package up their application into a self installing executable that can do dependency resolution. At that point not having compat-libstdc++ is the developer/packager's fault: they ought to have included an Autopackage for it in their repository so the installer can fetch it if it finds the right version of compat-libstdc++ isn't already installed. Better still, the people at Autopackage provide relaytool which allows developers to smoothly fallback to other library versions: for example, you can have your binary use the new GTK+ file chooser if it is available, but fallback to using the old one if it isn't. Which is really saying that the problem has been solved, it's up to the developers and people releasing the software to make use of the tools available.
The third point is preferences: "Gedit has about 30 user preferences spread across 5 tabs in a preferences window -- Notepad has about three."
Now that's not a great example becaue Gedit does a hell of a lot more than notepad, but I think the point is still very valid. To be fair I think GNOME has been putting in a lot of work on this front, and trying to clean a lot of these things up. That work is ongoing, and we can expect to see continuing improvment. That is, the way forward has been laid out, it's just a matter of continuing down the path.
The final point is "comfort":"The final major issue is comfort. Linux must feel comfortable to Windows users. Most people using computers today have been at it for a while now and they've been at it on Windows. Don't mess with their basic understanding of how things work."
I have to say, I think this one is a little dubious. If there is a better way of doing things why not do it? I think constraining yourself to the way Windows does things is a little pointless. There are plenty of things Windows does well, and it's fine to follow those examples, but there are plenty of things Windows does badly, and slavishly copying broken behaviour really doesn't make much sense.
I think the real point here is: be patient. I think the points are valid, but they are also largely well known, and being dealt with. Linux on the desktop is not going to "take off" anytime soon, but the rate of improvment in desktop Linux is tremendous, and it is making slow but steady inraods. Software installation (which has been the recent bugbear that people complain about) is looking quite good with Autopackage and Smart, but both of those are very new and it's going to take some time before a lot of stuff shifts over - that's life. GNOME is working hard on the preferences trim down and clean up, and, I think, is workign towards a fairly clean easy to use Desktop. KDE is headed in a different, but equally valid and interesting direction - I think the divergence is going to end up providing some real significant choice. Finally I think once all these bits properly fall into place and desktop Linux manages to make a dent in the enterprise (which seems to be where the major distros
How long has Linux been in development? Since the early 90's, no?
Yup. As I said, I wasn't claiming that Apple hasn't done an amazing job, merely pointing out that the OP's claim that they'd gone from nothing to what we have now in 5 years was a little extreme.
Why is it ok for linux to include everything but the kitchen sink (and beta drivers for that too), but microsoft is evil if it includes a web browser?
People are bandying about the fact that MS is a monopoly, or the fact that the Linux distros give you several options, but the real reason is this: If a company wants its software included in a Linux install they can talk to a variety of different distributions and see if any of them will do it. If they can't find a distribution they can make a distribution themselves that is, for example, a repackaged version of Redhat (they have to release the source and allow redistribution after all) except with their software included.
Which is to say: with Linux bundling is an entirely open thing, and if you feel you're being excluded it is not onerous to make your own distro that has your software suitably bundled. With MS and Windows if MS doesn't bundle your software (and let's be frank they only bundle their own software you have no ay to plug your software in place of whatever MS bundles.
In short: because Linux is open and Windows is not.
I think you missed my point. Since 1998 Microsoft has made small incremental improvments to Windows (okay moving to the NT line with Win2k was useful, but from an end user perspective...) Since 1998 Linux has gone from a desktop OS only a devout hacker could love to something almost on par with Windows. That says to me that in 5 years time it will be Windows playing catch up to Linux on the desktop, not vice versa.
Comparing linux to MacOS is humiliating. With a tiny team of developers (compared to MS/Linux), apple built an OS in 5 years that is considered by most to be the most 'modern' operating system available to consumers.
In 5 years with a small team of developers (compared to MS/Linux), Apple ported, cleaned up, and stuck a pretty GUI on NeXTSTEP which had been in development since around 1990, and was pretty revolutionary even then. I'm not saying Apple hasn't done an amazing job, I'm just trying to point out that your rather drastically overstating the case.
Wouldn't be interesting to see them show a fully configured Win98, 2000 and XP systems along with Linux to show what compelling reasons to move to the newest and best MS has to offer.
You could make a very unflattering comparison out of that. Just sit the different eras of Windows (95, 98, 2000, XP) alongside the version of Linux from that year.
Windows 98 would be sitting alongside say Redhat 5.2 - you know, back when AfterStep and FVWM95 were the default window managers. Windows 2000 would be sitting alongside Redhat 7.2, so we have the beginnings of a decent GNOME environment, but still a long ways to go on real ease of use. Windows XP would be, what, Redhat 9? I don't really recall the release dates. Then you could have the brand new Longhorn beta next to Fedora Core 4.
There is a very startling difference in the rate of improvement there, and Linux isn't showing any sign of slowing down. Cairo and Beagle (equivalent to Avalon and WinFS) will be standard in distros by the time Longhorn actually comes out, and there are plenty of other interesting developments going like SELinux, Xen, Redhat's Stateless Linux, and plenty of things that I'm sure I haven't heard of yet.
* Disclaimer: I have tended to use Redhat, so that's mostly what I know. I am not trying to short change other distros (some of which I've tried, and I agree are excellent), I simply don't know enough about them to speak with any confidence.
I'm guessing that if they're doing this they'll be doing it via smart, a very nice looking potential successor to apt. Basically it does the dependency resolution/download/install that apt does (with more powerful dependency resolution algorithms and a built in GUI) but does so via a pluggable backned system which means it can access apt-deb resositories or yum repositories or apt-rpm repositories, and even slackware packages.
My reason for guessing smart is the answer is that its a Conectiva initiative, which is to say Mandriva. If Mandriva wanted to use apt-deb repositories this would probably be the easiest way for them.
However, mandatory bound checking on arrays, at runtime, in those languages would have caught the problem.
There exist type systems that can catch these kind of errors, but they are very cumbersome, and not very practical.
Obviously the right thing to do would have been to use Ada or SPARK which have runtime checks, and in the caes of SPARK extended static checking and formal verification. The real question is: How secure do you want to be? For a random desktop appliation such measures might be going a bit far, for core libraries like zlib where such errors have broad and far reaching effects, maybe it's worth going to a little extra trouble. Not that I see that as ever happening of course...
Despite the grand claims people make about formal verification, even this isn't enough. The problem with formal verification is that the abstraction of the language you're using to obtain your proof may not adequately represent the way the compiler actually compiles the program. Besides, it's possible to engineer a compiler that deliberately miscompiles itself such that it compiles programs with security flaws in it.
Does formal specification and verification eliminate all bugs and security issues? No. Does it make a vast and significant improvement over not doing so? Hell yes. There are reasons why these techniques are used when designing and writing safety or security critical software.
You may as well say "And even locking your doors isn't enough, burglars can still break a window and get in, and you don't know exactly how the lock works - maybe it's really easy to pick."
I think most people who live in areas with any significant amount of burgularies will still bother to lock their doors.
And speaking of insecure males, I suppose at this point I should say something mildly witty to point out the fact that I am, in fact, straight. Unfortunately, nothing is coming to mind except: "I'm not gay, really! I'm married! Yes, to a woman."
Which raises another interesting point - the whole US presumption that Nudity == Sex. There seems to be this idea that nudity must be entirely sexual, and hence if you're a man looking at naked men (regardless of context) you must be gay. If you ever look at nude woman, regardless of context, then its all about sex. In practice I would think it is the context, rather than the nudity, that ought to be of concern.
I think the tight binding of nudity and sex in the US stems, in a large part, from the fact that nudity is so taboo there. That means the only time you see much nudity is if you're secretively looking at porn or some such. That is, because nudity has been driven underground the only context in which it is generally encountered is a sexual one. It's rather sad really.
I'm talking about head to toe frontal nude shots. You'll see such shots of women often enough (quite often not in a sexual context), but regardless of context it is very rare that you'll see such shots of men.
The thing that confuses me the most with the attitudes is that the "accetpable" line seems to run almost orthogonal to what I would expect it to be. That is to say, the question is "Is there any sex or nudity?" and if the answer is "yes" then it's bad, and if the answer is "no" then it's fine.
It's not the sex or nudity that are the potential problem though, it's the manner of portrayal. I can think of films that have considerable amounts of nudity that I would much rather children see than, for instance, some popular music videos that have not a bit of nudity.
The issue, I would think, that divides sex from violence is that we expect our children to one day have sex, but we hope that they never engage in violence. The problem I would have with children watching graphic depictions of sex is the potential for miseducation about sex and how to engage in it. No, I'm not kidding. The objection to porn that most of the women I know have is mostly that it teaches guys how to be remarkably bad lovers. It usually has a remarkably inaccurate portrayal of how women react. I don't mind children finding out about sex, I would prefer, however, that they don't end up with a rather warped view of how things work.
If the movie involves people talking out their problems while there is a breast visible, then it's adults-only fare.
There's a further double standard too: female nudity is (relatively speaking) fine, but if there is any male nudity where any amount of penis can be seen (regardless of context) the film is guaranteed and NC17 rating. Seriously consider how much male nudity you've seen compared to female nudity in mainstream (as in not porn) film. On the odd occasions where you get directors who lean toward a more balanced take (Peter Greenaway for instacne) it seems rather surprising and odd. I can only presume that it is due to a large number of insecure males in the censors offices.
Any radical fundie who wants to blow something up now will call himself a member of "Al Qaeda". It's a like a decentralized franchise operation.
Exactly. There just isn't any real evidence of some globe spanning terror network, or army of al Qaeda out to get us. Everything we know about al Qaeda shows them to be a kind of venture capital enterprise for terrorists. Bin Laden didn't come up with the idea, or plan, or mastermind or orchestrate the WTC attack. He provided money to some people because they explained their idea and I guess he thought it sounded good.
The statement we have for the London attack is worth reading carefully. For a moment pretend that al Qaeda is just a small operation that had a lot of cash to fund whatever terrorist came to them looking for money, and that said small organisation is (post Afghanistant) essentially unable to do anything. The name of the group claiming responsibility "The Secret Organization Group of Al-Qa'ida of Jihad Organization in Europe", and their statements to the effect of "We worked really hard to pull this off" start to come off like a small group of nutjob wannabes who have heard the western media portrayal of al Qaeda, thought it sounded like a good idea, tried to "join up" but couldn't actually find anything to join up with, so created their own little secret club and are trying to "get attention" from this massive globe spanning terror network they've heard about and prove that they're capable by blowing things up.
However, I honestly believe a lot of the ground troops in Al Quaeda - probably some of the people who planted these bombs - joined up because of the innocent civilians who died in those military actions. If you stop the people they're recruiting, it won't matter what the leaders think.
I think a lot of people are misinformed about what exactly al Qaeda is. They don't have ground troops, they don't have an army, and post the Afghanistan invasion they don't even have much of anything resembling an organisation anymore.
What al Qaeda are/were was essentially a venture capital firm for terrorists - they would give funding to anyone who came to them with good ideas about how to kill Americans (or other westerners). Relatively speaking they were pretty small, but they did have a fair amount of cash. Usama bin Laden didn't, as far as we can tell, mastermind the WTC and Pentagon attacks. He didn't come up with the idea, he didn't plan them. He did provide the cash to the people who did though, presumably because he thought it sounded like a good idea when they came looking for funding.
Post Afghanistan al Qaeda as a funding system for terrorists is largely destroyed - they still have money, but the means to disburse it is ridiculously curtailed. Al Qaeda were, really, quite a small group, and what little there was of them was largely captured, disbanded, or dispersed.
What we have now is, instead, disparate groups of islamist terrorists (which we've always had) who have a common name to rally behind and attribute their work to - a name happily provide and publicised by the western media. It would surprise me not in the least to find that the perpertrators of the London bombings have never met with bin Laden, or any member of al Qaeda for that matter. I fully expect they are an entirely independent unrelated group who are borrowing/using the "al Qaeda" name because it carries greater recognition. Read their name and statement again with this in mind - they sound exactly like a small group of idiots trying to pretend to be a super secret branch of an organisation they've heard plenty about and would love to join, but for the life of them can't figure out how (perhaps demonstrations of terrorist acts will do it they think).
We are not facing an army, nor a terror network, nor a grand machiavellian plot. We are facing random disjoint groups islamist radicals who now have a convenient name to ascribe to so they can have a pretend sense of "belonging".
Yes, of course it will (eventually, once the DRM is cracked) make it easier to pirate movies.
But it will also make it easier for people to legitimately buy movies.
It's the second point that's the key: ease. All you really have to do is make it a pain to manage to burn the movies to CD or DVD, or easily transfer/copy the file to another machine.
Yes any such restrictions will get cracked, but it's like iTunes, you only have to discourage the average casual users; the people that can be bothered tracking down the required extra software and going to the trouble are a sufficiently small portion that, in the grand scheme of things, it hardly matters.
Presuming average users are incapable of burning the movies the DVD then they will delete them themselves - they take up significant hard drive space, and really if you're not watcing it you ma as well make space for some new filsm yo want to download...
Yes there are people that will buy truly massive hard drives and just keep everything, but as with the people burning to CD that's going to be a smallish minority if the service actually takes off. Most people would, I expect, keep a few favourite films kicking around, and mostly just delete whatever they're not watching so they can watch somethign else... and then if you're keeping a film permanently on your hard drive, wh not spend the extra money and get a nicely packaged DVD with all the menus and extra features...
The end result: as long as casual users are discouraged from redistriuting it should all work well enough. The biggest hurdle I see is distribution: managing to get the movie delivered more efficiently than, say, Netflix: we're talking convenience, wich is really the key selling point. Presuming they have a decent compression, and you have enough bandwidth that you can download a full length movie in a few hours... then it may well just work.
Slashdot Mirror
However, Wisconsin produces more cheese, and higher quality dairy products.
I have to say that I am yet to encounter a US "dairy product" that I actually believe had anything to do with a cow. Maybe US cheese is made with milk from cows, but it sure as hell isn't evident from the result. The closest I have found to respectable dairy products from North America are some of the products from Quebec which are actually not too bad.
(A New Zealander who misses real cheese)
Sorry man, but you have too much faith in the user's ability to make correct choices when prompted with a dialog box. Unfortunately, most people just seem to "click first, and think later" when prompted with a technical question, and it causes all kinds of problems.
What kind of attitude is that? I think you'll find people are a lot brighter than you think and when prompted with a serious question they'll take the time to read it. The only reason people will not bother is if they get such prompts all the time - which means you have to make sure the default setup is good and sufficiently flexible that such warnings generally only occur if something is up - not that hard to do!
In the end your attitude comes down to: "People are stupid, so why bother to even try and help them at all?" which is pretty damn stupid really (maybe you're just trying to prove your point).
Jedidiah
Windows XP SP2 is doing this already to some extent, such as when they dialog the user "Program X is connecting to remote host. Do you wish to allow this?" and the like.
.NET Framework, but not many companies are currently developing major projects in .NET, so there will be some years of lag before the role based and code access security features of .NET begin to make inroads into a critical mass of the Windows software out there.
I presume that's the firewall? Think of SELinux as a firewall built into the kernel that mediates access between processes and resources: everything on the system can be vetted for access to all the resources (files, network access, what have you) in as fine a grained way as you desire.
I agree that program and role based security could be taken further and it has with the Microsoft
But there's the difference right there: Windows is adding it as an extra that you can use in the right framework. SELinux has added it as a security system built in to the kernel that applies to anywhere software running on the system and any resources made available by the system no matter the software was written in/with, and no matter what the resource is. If it runs on the OS then it needs to go through the security system. If the resource is made available to the user then it's the kernel doing so, and hence the security system can lock down that resource.
We're talking about the difference between ground up, and slapping patches on. Security works best when it is at the base level.
Jedidiah.
I hate to break it to you but someone downloading that sweet screen saver someone sent them, or the newest update to their spreadsheet would dutifully type in their root password to view it if so required.
/home/Addressbook.xml, and /usr/bin/grep which are restricted. Would you like to grant access to these files in the future? [Don't grant Access] [Grant Access]"
Yes, that's reasonably likely. Then again, if the system had SELinux and a good default policy and integration they might run the installer and get a message
"Software SweetScreenSaver has attempted to access Network device,
Now sure, there will be people who will click "Grant Access", but I think you will have drastically reduced the number of people who got infected and or spread the virus because that would be enough to give a lot of users pause.
People will always be stupid - that doesn't mean you can't shore up the holes to make it easier for them to make informed decisions where possible.
Jedidiah.
Running with true least-privilege-necessary would involve a lot more than a user account
Yes, it would involve using SELinux and Role based mandatory access controls based on a good default policy, and an easy way for the user to alter that policy if they really so desire. All the backend to do this is already there, now it's just down to integration work and better administration tools. Redhat is working on that right now, and I'm sure they'd be happy with any help they could get.
Jedidiah.
SELinux works on a per file basis if you want, there are no issues there. I was merely proposing the folder based concept because it provides a simple management system for users - rather than having to worry about lists of allowed programs per file, but rather by logical groupings (which in this case was by folder).
SELinux is extremely powerful and allows very tight lockdown of your system to an exceptional fine granularity if you desire it. I was thinking of average users who don't want to have to worry about going through their security policy carefully - they want things to "just work". Having a basic (flexible enough) structure for which policy can be layed down in advance is porbably the way to go for these users.
Jedidiah.
The best edge I can see for Linux is SELinux and better support for it. Role based access and strong policy can make a real difference in security - it's the next layer on from the multiuser privilege separation that exists now (and is insufficient).
/home/Music which has restricted access. Would you like to grant software X access to write to this folder in the future? [Do not Grant Access] [Grant Access]"
As other people have pointed out in replies, a non-root user can still hose the part of their system that counts: all their data. But let's imagine a nice future with SELinux or equivalent systems in place, good base policies, and good tools for maintaining them. You could, for instance, set up a "Music" folder under the users home directory, and by default only CD Rippers, encoders have write access to that folder. If you (or a virus, or malware) try to use a program to write to that folder a little dialog pops up saying something like
"Software X has tried to write to
Rinse and repeat the same scenario for email, documents etc. Sure some folder will have pretty loose defaults (granting access to most everything currently on the system) but that still stops a reasonable amount of malware which will be new to the system.
Will this stop viruses trashing machines? Nope, I'm sure some users will grant access to malware to trash their system, and I'm sure there will still be people stupid enough to be socially engineered into doing other stupid things to break the system. Nothing is foolproof. It does, however, add a really significant layer of protection to the system in the same way that having files as only writable by root adds some protection.
SELinux is a huge step forward, and we ought to be doing more to take advantage of it and make it easy to use.
Jedidiah.
I'm a big fan of Linux (and Mac and Windows, too) and I want it to be successful. I didn't write a blog post saying "Linux can't and won't succeed," I tried to point out the areas that I think are conditions for its success. I think there's a big opportunity pre-longhorn to show that we've got the right stuff. That window is closing and things will be much more difficult after that. I think it's dangerous for us to think "it's just a matter of time."
All I'm trying to say is that, barring the migration stuff (which I agree is a good idea), everything you discuss is in the works.
You can't get the whole Linux community to switch to a new system for packaging non-distro supplied software overnight - it's a loose collection of people all running in their own directions. The tools are all there and eventually momentum will carry the day, but it won't be immediate.
Paring down and cleaning up a desktop environment is no small task, but it has been a large focus for GNOME developers for some time now (ever since 2.0 in fact) and huge gains have been made and are continuing to be made.
I don't think either of those issues are amenable to be hurried by telling people to fix these things, because they either already have done the work and are waiting for the community shift to occur, or they already are working quite hard on the issues.
What it comes down to is this: If "Linux" (by which I mean the whole messy agglomeration of open source tools) were a single project with a single directed focus (or perhaps all under the umbrella of a single company) then this might work: send around a mandate that everyone needs to make autopackages and follow the GNOME HIG religiously. "Linux" isn't a single project, or even ten single projects - it's the bringing together of hundreds or even thousands of different little projects that, while they share a lot of code and effort, all have their own agendas and directions and ideas about how things should be done. There is no central authority for the mess of projects that is Linux, and that means you have to wait for the whole community to work it' way around to shifting. The tracks have been laid we just have to wait for the train to get in gear.
Jedidiah.
IN short linux needs to be almost perfect to wipe out windows.
Wiping out Windows isn't even close to a realistic goal. All I would hope for is that Linux gets sufficient desktop share that we can expect hardware makers to supply Linux drivers and ensure Linux compatability, and that software vendors bother to release Linux compatible versions of their software. That's not a huge ask - we're talking getting to the 5%-10% desktop share to make that happen.
I think Linux is on the right track, but free software cna be slow at some things (and fast at others), and desktop Linux requires some slow shifts. Be patient and it will happen. Will it destroy Windows? No. Will it be a viale alternative with significant enough market share that people actually pay attention? Eventually, yes.
Jedidiah.
First of all migration is raised as an issue: "When Regular People fire up the Linux desktop for the first time, the browser, office suite, email client, IM client, file manager, etc, each need to carry over as much as possible of the Windows application settings and all or very nearly all of the user data."
First of all that's a steep ask, but secondly I just don't think it's necessary. If that was required for people to switch no one would ever move to Apple. It's definitely a nice idea, and in the "nice to have" category, but I don't see that it's a deal-breaker.
The second point is API stability: "A user should be able to install Fedora Core 4 and go grab the latest Firefox release from Download.com and have it work without the need for finding and installing compat-libstdc++ or whatever."
This one is fixed - if developers would actually pay attention. Autopackage allows developers to package up their application into a self installing executable that can do dependency resolution. At that point not having compat-libstdc++ is the developer/packager's fault: they ought to have included an Autopackage for it in their repository so the installer can fetch it if it finds the right version of compat-libstdc++ isn't already installed. Better still, the people at Autopackage provide relaytool which allows developers to smoothly fallback to other library versions: for example, you can have your binary use the new GTK+ file chooser if it is available, but fallback to using the old one if it isn't. Which is really saying that the problem has been solved, it's up to the developers and people releasing the software to make use of the tools available.
The third point is preferences: "Gedit has about 30 user preferences spread across 5 tabs in a preferences window -- Notepad has about three."
Now that's not a great example becaue Gedit does a hell of a lot more than notepad, but I think the point is still very valid. To be fair I think GNOME has been putting in a lot of work on this front, and trying to clean a lot of these things up. That work is ongoing, and we can expect to see continuing improvment. That is, the way forward has been laid out, it's just a matter of continuing down the path.
The final point is "comfort":"The final major issue is comfort. Linux must feel comfortable to Windows users. Most people using computers today have been at it for a while now and they've been at it on Windows. Don't mess with their basic understanding of how things work."
I have to say, I think this one is a little dubious. If there is a better way of doing things why not do it? I think constraining yourself to the way Windows does things is a little pointless. There are plenty of things Windows does well, and it's fine to follow those examples, but there are plenty of things Windows does badly, and slavishly copying broken behaviour really doesn't make much sense.
I think the real point here is: be patient. I think the points are valid, but they are also largely well known, and being dealt with. Linux on the desktop is not going to "take off" anytime soon, but the rate of improvment in desktop Linux is tremendous, and it is making slow but steady inraods. Software installation (which has been the recent bugbear that people complain about) is looking quite good with Autopackage and Smart, but both of those are very new and it's going to take some time before a lot of stuff shifts over - that's life. GNOME is working hard on the preferences trim down and clean up, and, I think, is workign towards a fairly clean easy to use Desktop. KDE is headed in a different, but equally valid and interesting direction - I think the divergence is going to end up providing some real significant choice. Finally I think once all these bits properly fall into place and desktop Linux manages to make a dent in the enterprise (which seems to be where the major distros
How long has Linux been in development? Since the early 90's, no?
Yup. As I said, I wasn't claiming that Apple hasn't done an amazing job, merely pointing out that the OP's claim that they'd gone from nothing to what we have now in 5 years was a little extreme.
Jedidiah.
Why is it ok for linux to include everything but the kitchen sink (and beta drivers for that too), but microsoft is evil if it includes a web browser?
People are bandying about the fact that MS is a monopoly, or the fact that the Linux distros give you several options, but the real reason is this: If a company wants its software included in a Linux install they can talk to a variety of different distributions and see if any of them will do it. If they can't find a distribution they can make a distribution themselves that is, for example, a repackaged version of Redhat (they have to release the source and allow redistribution after all) except with their software included.
Which is to say: with Linux bundling is an entirely open thing, and if you feel you're being excluded it is not onerous to make your own distro that has your software suitably bundled. With MS and Windows if MS doesn't bundle your software (and let's be frank they only bundle their own software you have no ay to plug your software in place of whatever MS bundles.
In short: because Linux is open and Windows is not.
Jedidiah.
I think you missed my point. Since 1998 Microsoft has made small incremental improvments to Windows (okay moving to the NT line with Win2k was useful, but from an end user perspective...) Since 1998 Linux has gone from a desktop OS only a devout hacker could love to something almost on par with Windows. That says to me that in 5 years time it will be Windows playing catch up to Linux on the desktop, not vice versa.
Jedidiah.
Comparing linux to MacOS is humiliating. With a tiny team of developers (compared to MS/Linux), apple built an OS in 5 years that is considered by most to be the most 'modern' operating system available to consumers.
In 5 years with a small team of developers (compared to MS/Linux), Apple ported, cleaned up, and stuck a pretty GUI on NeXTSTEP which had been in development since around 1990, and was pretty revolutionary even then. I'm not saying Apple hasn't done an amazing job, I'm just trying to point out that your rather drastically overstating the case.
Jedidiah.
Wouldn't be interesting to see them show a fully configured Win98, 2000 and XP systems along with Linux to show what compelling reasons to move to the newest and best MS has to offer.
You could make a very unflattering comparison out of that. Just sit the different eras of Windows (95, 98, 2000, XP) alongside the version of Linux from that year.
Windows 98 would be sitting alongside say Redhat 5.2 - you know, back when AfterStep and FVWM95 were the default window managers. Windows 2000 would be sitting alongside Redhat 7.2, so we have the beginnings of a decent GNOME environment, but still a long ways to go on real ease of use. Windows XP would be, what, Redhat 9? I don't really recall the release dates. Then you could have the brand new Longhorn beta next to Fedora Core 4.
There is a very startling difference in the rate of improvement there, and Linux isn't showing any sign of slowing down. Cairo and Beagle (equivalent to Avalon and WinFS) will be standard in distros by the time Longhorn actually comes out, and there are plenty of other interesting developments going like SELinux, Xen, Redhat's Stateless Linux, and plenty of things that I'm sure I haven't heard of yet.
* Disclaimer: I have tended to use Redhat, so that's mostly what I know. I am not trying to short change other distros (some of which I've tried, and I agree are excellent), I simply don't know enough about them to speak with any confidence.
Jedidiah.
I'm guessing that if they're doing this they'll be doing it via smart, a very nice looking potential successor to apt. Basically it does the dependency resolution/download/install that apt does (with more powerful dependency resolution algorithms and a built in GUI) but does so via a pluggable backned system which means it can access apt-deb resositories or yum repositories or apt-rpm repositories, and even slackware packages.
My reason for guessing smart is the answer is that its a Conectiva initiative, which is to say Mandriva. If Mandriva wanted to use apt-deb repositories this would probably be the easiest way for them.
Jedidiah.
However, mandatory bound checking on arrays, at runtime, in those languages would have caught the problem.
There exist type systems that can catch these kind of errors, but they are very cumbersome, and not very practical.
Obviously the right thing to do would have been to use Ada or SPARK which have runtime checks, and in the caes of SPARK extended static checking and formal verification. The real question is: How secure do you want to be? For a random desktop appliation such measures might be going a bit far, for core libraries like zlib where such errors have broad and far reaching effects, maybe it's worth going to a little extra trouble. Not that I see that as ever happening of course...
Jedidiah.
Despite the grand claims people make about formal verification, even this isn't enough. The problem with formal verification is that the abstraction of the language you're using to obtain your proof may not adequately represent the way the compiler actually compiles the program. Besides, it's possible to engineer a compiler that deliberately miscompiles itself such that it compiles programs with security flaws in it.
Does formal specification and verification eliminate all bugs and security issues? No. Does it make a vast and significant improvement over not doing so? Hell yes. There are reasons why these techniques are used when designing and writing safety or security critical software.
You may as well say "And even locking your doors isn't enough, burglars can still break a window and get in, and you don't know exactly how the lock works - maybe it's really easy to pick."
I think most people who live in areas with any significant amount of burgularies will still bother to lock their doors.
Jedidiah.
And speaking of insecure males, I suppose at this point I should say something mildly witty to point out the fact that I am, in fact, straight. Unfortunately, nothing is coming to mind except: "I'm not gay, really! I'm married! Yes, to a woman."
Which raises another interesting point - the whole US presumption that Nudity == Sex. There seems to be this idea that nudity must be entirely sexual, and hence if you're a man looking at naked men (regardless of context) you must be gay. If you ever look at nude woman, regardless of context, then its all about sex. In practice I would think it is the context, rather than the nudity, that ought to be of concern.
I think the tight binding of nudity and sex in the US stems, in a large part, from the fact that nudity is so taboo there. That means the only time you see much nudity is if you're secretively looking at porn or some such. That is, because nudity has been driven underground the only context in which it is generally encountered is a sexual one. It's rather sad really.
Jedidiah.
I'm talking about head to toe frontal nude shots. You'll see such shots of women often enough (quite often not in a sexual context), but regardless of context it is very rare that you'll see such shots of men.
Jedidiah.
What's causing this 'fear of sex' anyways?
The thing that confuses me the most with the attitudes is that the "accetpable" line seems to run almost orthogonal to what I would expect it to be. That is to say, the question is "Is there any sex or nudity?" and if the answer is "yes" then it's bad, and if the answer is "no" then it's fine.
It's not the sex or nudity that are the potential problem though, it's the manner of portrayal. I can think of films that have considerable amounts of nudity that I would much rather children see than, for instance, some popular music videos that have not a bit of nudity.
The issue, I would think, that divides sex from violence is that we expect our children to one day have sex, but we hope that they never engage in violence. The problem I would have with children watching graphic depictions of sex is the potential for miseducation about sex and how to engage in it. No, I'm not kidding. The objection to porn that most of the women I know have is mostly that it teaches guys how to be remarkably bad lovers. It usually has a remarkably inaccurate portrayal of how women react. I don't mind children finding out about sex, I would prefer, however, that they don't end up with a rather warped view of how things work.
Jedidiah.
If the movie involves people talking out their problems while there is a breast visible, then it's adults-only fare.
There's a further double standard too: female nudity is (relatively speaking) fine, but if there is any male nudity where any amount of penis can be seen (regardless of context) the film is guaranteed and NC17 rating. Seriously consider how much male nudity you've seen compared to female nudity in mainstream (as in not porn) film. On the odd occasions where you get directors who lean toward a more balanced take (Peter Greenaway for instacne) it seems rather surprising and odd. I can only presume that it is due to a large number of insecure males in the censors offices.
Jedidiah.
Any radical fundie who wants to blow something up now will call himself a member of "Al Qaeda". It's a like a decentralized franchise operation.
Exactly. There just isn't any real evidence of some globe spanning terror network, or army of al Qaeda out to get us. Everything we know about al Qaeda shows them to be a kind of venture capital enterprise for terrorists. Bin Laden didn't come up with the idea, or plan, or mastermind or orchestrate the WTC attack. He provided money to some people because they explained their idea and I guess he thought it sounded good.
The statement we have for the London attack is worth reading carefully. For a moment pretend that al Qaeda is just a small operation that had a lot of cash to fund whatever terrorist came to them looking for money, and that said small organisation is (post Afghanistant) essentially unable to do anything. The name of the group claiming responsibility "The Secret Organization Group of Al-Qa'ida of Jihad Organization in Europe", and their statements to the effect of "We worked really hard to pull this off" start to come off like a small group of nutjob wannabes who have heard the western media portrayal of al Qaeda, thought it sounded like a good idea, tried to "join up" but couldn't actually find anything to join up with, so created their own little secret club and are trying to "get attention" from this massive globe spanning terror network they've heard about and prove that they're capable by blowing things up.
Jedidiah.
However, I honestly believe a lot of the ground troops in Al Quaeda - probably some of the people who planted these bombs - joined up because of the innocent civilians who died in those military actions. If you stop the people they're recruiting, it won't matter what the leaders think.
I think a lot of people are misinformed about what exactly al Qaeda is. They don't have ground troops, they don't have an army, and post the Afghanistan invasion they don't even have much of anything resembling an organisation anymore.
What al Qaeda are/were was essentially a venture capital firm for terrorists - they would give funding to anyone who came to them with good ideas about how to kill Americans (or other westerners). Relatively speaking they were pretty small, but they did have a fair amount of cash. Usama bin Laden didn't, as far as we can tell, mastermind the WTC and Pentagon attacks. He didn't come up with the idea, he didn't plan them. He did provide the cash to the people who did though, presumably because he thought it sounded like a good idea when they came looking for funding.
Post Afghanistan al Qaeda as a funding system for terrorists is largely destroyed - they still have money, but the means to disburse it is ridiculously curtailed. Al Qaeda were, really, quite a small group, and what little there was of them was largely captured, disbanded, or dispersed.
What we have now is, instead, disparate groups of islamist terrorists (which we've always had) who have a common name to rally behind and attribute their work to - a name happily provide and publicised by the western media. It would surprise me not in the least to find that the perpertrators of the London bombings have never met with bin Laden, or any member of al Qaeda for that matter. I fully expect they are an entirely independent unrelated group who are borrowing/using the "al Qaeda" name because it carries greater recognition. Read their name and statement again with this in mind - they sound exactly like a small group of idiots trying to pretend to be a super secret branch of an organisation they've heard plenty about and would love to join, but for the life of them can't figure out how (perhaps demonstrations of terrorist acts will do it they think).
We are not facing an army, nor a terror network, nor a grand machiavellian plot. We are facing random disjoint groups islamist radicals who now have a convenient name to ascribe to so they can have a pretend sense of "belonging".
Jedidiah.
Yes, of course it will (eventually, once the DRM is cracked) make it easier to pirate movies.
But it will also make it easier for people to legitimately buy movies.
It's the second point that's the key: ease. All you really have to do is make it a pain to manage to burn the movies to CD or DVD, or easily transfer/copy the file to another machine.
Yes any such restrictions will get cracked, but it's like iTunes, you only have to discourage the average casual users; the people that can be bothered tracking down the required extra software and going to the trouble are a sufficiently small portion that, in the grand scheme of things, it hardly matters.
Presuming average users are incapable of burning the movies the DVD then they will delete them themselves - they take up significant hard drive space, and really if you're not watcing it you ma as well make space for some new filsm yo want to download...
Yes there are people that will buy truly massive hard drives and just keep everything, but as with the people burning to CD that's going to be a smallish minority if the service actually takes off. Most people would, I expect, keep a few favourite films kicking around, and mostly just delete whatever they're not watching so they can watch somethign else... and then if you're keeping a film permanently on your hard drive, wh not spend the extra money and get a nicely packaged DVD with all the menus and extra features...
The end result: as long as casual users are discouraged from redistriuting it should all work well enough. The biggest hurdle I see is distribution: managing to get the movie delivered more efficiently than, say, Netflix: we're talking convenience, wich is really the key selling point. Presuming they have a decent compression, and you have enough bandwidth that you can download a full length movie in a few hours... then it may well just work.
Jedidiah.