When Does Usability Become a Liability? 930
nasteric asks: "I caught myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee. The discussion had to do with usability and security. Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack. Needless to say, this became an endless debate between our Microsoft Administrators and our Linux/Unix Administrators that will undoubtedly continue into the morning. Therefore I pose this question to the Slashdot community. Will making Linux more user friendly result in it becoming less secure? Hopefully your expertise will help shed some light on (and bring to and end) our discussion." Does decent usability necessarily imply the presence of vulnerabilities? Macs seem to have this area down pretty well, with little in the way of vulnerabilities. Can Linux software follow the same route?
Wha? (Score:3, Insightful)
Also, since the editorial already starts us off with an "OS X vs Linux" flamewar, let me add to the discussion... Windows and Linux admins in the same organization? What organization is this?!
Why do people think that the command line [osnews.com] is *not* "user friendly"? Do we write books by pointing and clicking at icons, avatars, and pictures? Except under amazing cirumcstances (Steven Hawking, the blind, etc) would you hire an author that did? Then why a system administrator?
What you need to do (Score:4, Insightful)
Here we go again... (Score:4, Insightful)
OK, here we go:
Yes (Score:5, Insightful)
It's all in the install program... (Score:5, Insightful)
One of the biggest design flaws in Linux from a usablity perspective is that nearly every service that comes with the system is turned on by default.
Mac OS X "trojan"? (Score:5, Insightful)
It doesn't "expose" some fatal flaw in the OS, nor is it some newly discovered exploit. All it is was an application that displayed a dialog box. Mac OS applications (with the exception of Cocoa applications) have always been able to have:
a.) any icon, and
b.) any name
The only remotely slightly interesting feature of this proof-of-concept was that it stored the executable code within an MP3 ID3 tag, and even contained valid MP3 data. But that's mostly irrelevant, since the executable code could be anywhere, and the code can't even be moved in raw binary form without destroying the resource fork. Though the major media outlets haven't picked up on the subtleties of this thanks to Intego's FUD-mongering and self-serving press release, this "trojan" is nothing more than a Carbon application. (Though, the discussion that comes of this will be fruitful: maybe Apple will revisit yet again the filesystem metadata vs. file extension dichotomy, and discuss novel ways of visually identifying executables, perhaps in the same fashion as aliases.)
So, to get on-topic, no, an OS doesn't necessarily have to become less secure to become user-friendly. Some (most?) of the security of an operating system, both from a user perspective and network perspective, comes from underlying philosophical design principles and fundamentals - not to mention the intensive peer examination that open source software encourages. Sure, some user-friendly "features", such as auto-opening attachments in the preview pane of Outlook, exist to make things "easier" for the user. But this is a wrongheaded approach: a sensible focus on security can solve the majority of problems without necessarily making it harder on the user. Ease of use and security aren't entirely, or even mostly, mutually exclusive.
The key is making security easy to use.
But the age-old technique of "tricking the user" will ALWAYS be possible via various means, on any OS on any platform.
totally incorrect (Score:4, Insightful)
If Usability implies vunerability... (Score:5, Insightful)
Let me sum this up for you. (Score:2, Insightful)
Lets move on..
Absolutely Inevitable. (Score:5, Insightful)
Once Linux gets to the point that it can be administered by people who aren't dedicated specialists, it's inevitable they will try it out and that most of these people will be less careful administrators. After all they aren't dedicated *nix admins and will often wear many hats in their organization. This doesn't mean that Linux is insecure, it's just a growing pain that it has to go through.
Don't forget how many people fall into the "it's working, it's now forgotten" category. These are the people that only perform oil changes on their cars and wonder why it eventually breaks down on them - and there are a lot of them. They won't patch it, back it up or anything else until the day it inevitably comes crashing down around them.
If by "making Linux more friendly"... (Score:1, Insightful)
It's all in the account setup... (Score:5, Insightful)
It's really more of a user eductation issue than a technical one. The best security practices are usually in counter to an element of ease of use.
Re:Here we go again... (Score:5, Insightful)
The anti-usability bullshit must stop. (Score:5, Insightful)
Of course if you have elitist programmer types who use their case-modded Amiga's to talk to talk to each in Klingon don't expect your user experience to be one 'Joe User' can use or enjoy. If you are one of those people who are disdainful of people not as smart as you and want to keep Linux/OSS in the hands of your CRT tanned brethren then by all means continue to disparage and FUD usability all day long - just don't complain about Linux's adoption - EVER.
A few things for folks to remember:
Yes. (Score:3, Insightful)
Now let's face it, the ease of use your friends are talking about is things like not having to use a user ID and password when you turn on the PC and, most especially, not having to "su" to install spyware ^H^H^H^H^H^H^H pop-up blockers.
Re:Wha? (Score:5, Insightful)
Extremely poor analogy.
We spend literally decades learning to read and write and even then very few people are actually any good at writing books. Natural language is also, compared to computer languages, extremely stable. Natural language are also exactly that - natural. Our brains evolved to support them and our languages evolved over millenia to suit our brains.
Understanding images is considerably more important than language and certainly long pre-dates any human language- written or spoken.
And I'm sure you've heard the expression "A picture is worth a thousand words".
So, your point would be?
Yes... but not for the reason you think. (Score:3, Insightful)
[As | If] Linux becomes more 'userfriendly,' security will suffer. This is not because it becomes inherently more vulnerable, but because it becomes accessible to ever less competent people.
A *NIX system does have inherent security advantages over Windows, but it still requires a very competent Admin to do a thorough job. Right now, I'd lay money (based on experience) that the average Linux Admin has a far better understanding than the average Windows admin simply because he needs to. This is going to change.
Consider that in my day, a programmer was still a computer scientist. Nowadays, I have to work with people who took a few months at a college course using a Visual design package and couldn't even program a Bubble Sort routine. It'll be similar with Linux security.
Re:Here we go again... (Score:5, Insightful)
This theory needs only a slight modification to become valid...
It's popularity among stupid people that breeds vulnerabilities.
Apache may not have very many holes, but it's far too easy to write a PHP script that gives away the keys to the kingdom if you're not careful. A password of "password" is insecure on any system.
Re:Yes (Score:5, Insightful)
Hmm, I was under the impression that most viruses these days just need a stupid email client (read: Outlook), with no intervention by the user required one way or the other.
Yes, I suppose there may be a way to disable the braindeadedness of Outlook, and that some may regard users as "stupid" if they do not lock down their system in this way. But, given that MS pitches Windows as the everyman's OS, does it not make much more sense to place the burden on *them* to provide a reasonably secure default setup, such that it is reasonably resistant to simple script-kiddie attacks "out of the box"?
There's a difference between stupidity and ignorance. In this case, it seems to me that the OS design is stupid, and if the user is ignorant of this fact, then they are in trouble.
Convenience vs Security (Score:4, Insightful)
The argument is usually phrased as "Convenience vs Security." They can be seen as being opposed. That's not quite the same as "Usability vs Vulnerability" but that's the direction your friends' arguments were pointing.
I'm not sure that it always holds true that you have a single gradient between Convenience and Security. You can have elements of both, and it's not just a fractional position between two extremes.
For example, the 'root' problem is that root or Administrator can do anything on the system, so cracker types will focus their attention on the major prize. The alternative would be to spread rights and responsibilities into fine-grained accounts like "backup" and "network" and "installer" and other capabilities. An attacker has to work harder, but the machine's owner does too.
However, that doesn't mean that you're going to have to allow web browsers and email clients to execute unknown privileged code. Many of Microsoft's engineers in the 90s had no concept of trust and privilege, and it showed. Those few who understood the implications couldn't drive the rest of the overwhelmingly "convenience-driven" corporate culture to really care about the down-sides to an all-root-all-the-time lack of security. Now that Microsoft knows the implications, their inertia has them at a strict disadvantage: they must change, and in so changing, they break their #1 asset: long-term backwards compatibility.
Re:Wha? (Score:5, Insightful)
Seriously though, I'm an author and do a lot of writing. We are a visual species - look at the popularity of TV, movies, and video games. Why are GUIs popular? It gives you a lot of information in a small amount of space. Think small applets, like CPU usage or disk usage. More information can be sent quicker using a pie graph and setting colors than just giving raw capacity and percentage used.
But writing is much more precise. When you write something down, you need to know *exactly* what you're saying and who you're saying it to. Otherwise the meaning could be lost.
Re:It's all in the install program... (Score:3, Insightful)
WinXP SP2 will supposedly change that, to increase security by decreasing the number of services enabled by default. I think this question is good now, but should also be revisited after WinXP SP2.
Re:Wha? (Score:5, Insightful)
Guess what (Score:5, Insightful)
As secure as you think OSX is, anyone who wanted to write an application to fuck stuff up, call it "Super Happy Funtime Sexy Game", and email it to morons, could do so just as easily as they could with a VBScript file.
I could write:
#!\bin\sh
rm -rf
cat
echo Linux is teh gay!
Email it to some stupid people, tell them they have to run it as root or else they wont see the video of Condoleeza Rice's tits.
Stupid people will run what came with the box they bought at Best Buy. When those boxes start shipping with linux, they'll be on linux. The REALLY stupid people shop at K-Mart, who I understand are in the business of ubercheap linux boxes these days.
Be afraid, be very afraid, of the rootkits that get put on this new army of lindows boxes.
The UI doesn't kill security... (Score:2, Insightful)
Maybe... Need more sandboxes/restricted userids... (Score:5, Insightful)
I think that maybe all vulnerable processes, like web browsers, irc clients etc should run under a separate uid from the user (maybe each user should have 2 uid's - one normal, and one restricted so that it can only access a subdirectory of the users home). So rather than Mozilla launching as user fredbloggs:fredbloggs, it launches as "fredbloggs_restricted:fredbloggs_restricted" by default. The user could then chown some directory to be writable to fredbloggs_restricted" for downloads, cache etc.
Maybe this is already implemented? The real problem though is that a user could still build and run something they downloaded, potentially wiping all their files, unless a mechanism automatically made anything they installed themselves, run as the restricted user and not their own uid:gid.
Does any of that make sense?
It's not usability (Score:2, Insightful)
The trick to usability is to have a power interface which allows you to change everything and anything in the system and have a newbie interface which allows you to customize to your hearts content but not change the underlying core components. Because what most "joe users" want is modifying the look and feel of their desktop and not going into changing network settings or CPU settings. If they want that and can do that I think they are already ready for the power interface.
Command lines aren't *learner* friendly (Score:5, Insightful)
Once you have that training, the command line is a very useful tool. But if you can't get the training, and aren't self-sufficient or technically apt enough to go to the bookstore and buy a book on how to use the command line, you're screwed.
That's why people like having icons for things. The message icon is your mail program. Don't have to remember what it's name is, or where it's at. Just click.
user friendly means stable code (Score:5, Insightful)
My point is, moving towards usability shouldn't mean that we should loosen our belts, allowing the user to run amock in the system, we should tighten them.
Memory Permissions (Score:5, Insightful)
Usability, however, does have to do with coherent UI design: picking icons that communicate what the button does on a toolbar, grouping menus is a logical way, making sure that there are keystrokes available for commonly used features, etc.
It sounds like the Microsofties have confused usability with Feature Creep.
Now.. the more people running Linux may in fact lead to more vulnerabilities being found, since testing only proves the existence of bugs, not the absence. However, history shows that bugs are fixed much quicker in open source then in closed source, so that's a race Linux wins easily. But as far as usability, comparing the latest KDE and GNOME desktop to Windows XP just shows that as far as usability, Linux may have already surpassed Windows.
Re:Here we go again... (Score:2, Insightful)
This was one of the first things they changed after the initial BETA Test
-----
The initial Beta test? That was the one that shipped 10 billion copies to every Best Buy, Target, Wal-Mart, KMart, and BusyBee Electronics in the nation, wasn't it?
It's too late to change it _after_ the fact. That's a lesson that Microsoft, with its political connections and limitless funding, has never had to learn.
+++ATHZ
Re:Here we go again... (Score:5, Insightful)
When a hole is discovered, the number of people who get hacked is equal to the number of people who are running the affected software who don't patch in time.
If a luser wants to run telnet to get to their Linux server as root... they're just asking for trouble. Good thing most people who understand what to do at a bash prompt already know that. The problem comes when people who don't understand that SSH is better for a huge reason want to see a Linux command prompt on a remote server...
Comment removed (Score:4, Insightful)
Security is in the eye of the beholder (Score:3, Insightful)
On the other hand, anyone can make a linux box insecure. The question then becomes as simple as whether you trust users to administer their own boxes. This is where you need user friendliness. This is where the OS has a choice to remain secure by staying obfuscated (and thus scaring users away at the expense of functionality) or become more friendly (at the risk of letting users hurt themselves).
Windows, by default, can be (is?) insecure. But that's not where the "(Microsft vs. Linux) vs. (User Friendly vs. Insecure)" debate should begin.
windows is not user friendly (Score:3, Insightful)
User friendly doesn't mean root friendly. (Score:2, Insightful)
Only a "Built for Windows TV" would ever need such a capability !
The Linux security model splits user (fancy stuff) and root (low level stuff) very well. Retail Windows has only recently had this separation; ever tried to log into Administrator in Windows XP Home ?????
As GNU/Linux (a distribution) becomes more user friendly (presuming is isn't already) then nothing the GNOME or KDE can do would break the intrinsic security of the Linux kernel. Nothing.
So as long as a user plays in user space , Linux is happy to keep the hardware rocking. Log in to root and all bets are off but even so, when Linux has the NSA stuff then root won't always mean root.
Nah - this is stupid. a GNU/Linux distro like Mandrake is user friendly and as long as you are not using root - it can be secure and quite usable. Sounds like FUD to me.
Re:Here we go again... (Score:1, Insightful)
Not so much that, but the fact that Windows 2000 Server ships with IIS turned on (meaning some people never turn it off), and with about a dozen extentions enabled -- Index Server, Internet Printing, etc etc etc (meaning people are vulnerable even without using the functionality).
If Linux distros did the same thing with Apache, I have no doubt it would be 0wned in a similar manner to IIS.
Re:Wha? (Score:2, Insightful)
Comment removed (Score:5, Insightful)
Re:Here we go again... (Score:3, Insightful)
For some, running as root on Lindows is adequate, most will be satisfied with a standard-distribution (Mandrake, SuSE, debian), few will need the tight security of OpenBSD and even fewer will want to use a non-x86 CPU where the pre-packaged exploits don't work.
That's the beauty of OSS and one of the reasons why there are no and never will be virus/worm epidemies on Linux that are comparable to those we see on Windows.
Re:Wha? (Score:2, Insightful)
Simply put, not all machines that need to be used are going to be used solely by the system administrator. The simplest example being your common system user. While a command line is indeed user friendly if you already know how to use it, it can be daunting and intimidating if you're more familiar with graphical environments. If the argument that "the commandline can do everything and is still user friendly" actually held true, then I would say that graphical interfaces would likely have never been invented, nor grown to such popularity.
Back to the original question posed by the article though, there have been many research articles in the past few years that have all come to the same conclusion that adding security features will generally detriment useability.
Some security aspects are in fact invisible to users, but if you are trying to secure all potential transactions that your common user initiates then it adds steps upon steps of procedure and policy that the user has to go through in order to complete the transaction. Following that line of thought, there comes a point where adding too many security features actually renders a system unusable.
Dorothy Denning [georgetown.edu] has spoken many times of when she was working on a secure database project (complete with fully polyinstantiated tables and user authentication) for a government contract and the project ended up as a failure because of its lack of useability and general expense.
There is also a trend that the more useable a product is, the more popular it becomes, the more it becomes used, and the bigger a target for attacks in general. As is, Linux is hardly "secure", nor is OS X for that matter. When they become the dominant workstation platform of the world then I daresay that much of the security hype of said OS's will prove largely exaggerated. Just because Windows is the favorite for attacks also does not mean that it is any less secure than the other OS's. Quite frankly, they've hardly been put to the test to make a fair comparison to begin with.
Based upon those two reasons, I'd say that the hypothesis that Usability degrades Security (and vice-versa) stands as a reasonable argument.
Re:Command lines aren't *learner* friendly (Score:2, Insightful)
man program_name
There, you are now equipped with knowledge for every program. I don't know any icons can do better than that.
And yes, I know HCI is more than icons. As I'm sure the parent poster also knows.
NessRe:Here we go again... (Score:3, Insightful)
You've just shown the problem isn't with the OS, then. It's with the people who don't take the time to shut it off, or lock it down, or anything. Hell, how many doorknocks do you get from CodeRed infected machines, despite the fact that the fix was released a month before the exploit YEARS ago? You can't fix that, the software ain't broken, the wetware is.
Re:Wha? (Score:1, Insightful)
Try not to miss the point next time.
fs
This depends on what you define as ease of use... (Score:5, Insightful)
There's a lot of things that are purely cumbersome because of the GUI under XP or MacOS.
Re:Here we go again... (Score:2, Insightful)
Comment removed (Score:1, Insightful)
Re:Wha? (Score:5, Insightful)
What is easier - a multiple choice test, or a fill in the blank test?
Indeed. (Score:3, Insightful)
This is part of why home-NAT devices were able to spread so quickly among regular home users... because they don't care if their system can be accessed via ssh, http, or whatever... as long as they can access other systems in the expected fashion.
Still, a nice observation (once corrected).
Command Lines Different kind of Learning (Score:5, Insightful)
Re:It's all in the install program... (Score:3, Insightful)
It's all about the distro. Linux is a kernel, and only the individual distros really count as an "OS". Some Linux distros turn everything on (mentioned above), some turn everything off (check out gentoo, the basic install has just about jack shit enabled until you do so explicitly).
Re:Wha? (Score:5, Insightful)
The whole point of bringing up OS X was as a proof-of-concept that the sort of user-friendliness which Linux is moving towards does not automatically mean weak security
-----
I think everyone's ignoring that Apple was able to prevent the unitiated general run-of-the-mill script hacker from exploring the innards of their system for many many years before Windows became mainstream. Sticking with their ultra-super-secret closed model they've bred an OS that's secure not just because of the code it runs but because of the mindset and the historical knowledge and background of their top level programmers and designers.
If we would take the Mach32 kernel and give it to a bunch of MS jockeys and ask them to produce OS X I have no doubt that it would be a security nightmare. Apple's been refining their methods for decades.
Unix/Windows history (Score:5, Insightful)
-Microsoft does not hire retards. Their programmers are skilled.
-IBM,Sun,Novell,etc, do not hire retards. Their programmers are probably equally skilled with Microsoft's.
-Linux was inspired by Unix
-Unix is a multi-user operating system originally designed during the dawn of computing for big iron mainframes accessible by client terminals via command line.
-Computer "users" at the time of the creation and dominance of Unix knew, more often than not, how to program, do shell scripts, etc. They were very computer-literate. To use a computer in that age meant you knew how a computer worked.
-Windows began as a (more or less) single user operating system intended to run on PCs, not mainframes, and is used more often than not by people who know nothing of programming, or how a computer works abstractly.
Before you jump to say that Microsoft produces crap code, think logically. The Windows O/S may be considered to be a history lesson for all the O/S programmers out there. Learn from it. Sure, they didn't invent the GUI. Sure they weren't the first windowing O/S. But consider that Windows is the first operating system to reach the level of adoption that it has. They have to support every common architecture, network protocol, hardware design, etc, in the world.
If Windows serves any purpose to you guys at all, it is to illustrate what works, and what doesn't. From their example, user stupidity has been illustrated. Never more than now have programmers been aware of the need to balance ease of use with covering for the ignorance of a user. From their example, we've learned that the user really shouldn't be trusted to be a good admin, that firewalls are a good feature to build into an O/S, etc etc. Microsoft has proven useful in studying the effectiveness of GUI systems and their pitfalls.
Don't sit and criticize Microsoft. Take the lessons they had to learn the hard way, and use them to make better code. That's essentially what Apple did with OSX, even though for them it was a lot easier - they don't have to standardize for all hardware and software configs. They offered very limited backwards compatibility, as ugly compatibility hacks aren't good to keep in code
Re:Wha? (Score:2, Insightful)
Re:The anti-usability bullshit must stop. (Score:2, Insightful)
Isn't that sort of like saying "I want to rid the world of rascists. And Asians."?
KTHXBYE.
Re:Command Lines Different kind of Learning (Score:5, Insightful)
None of that is remotely friendly especially considering it is all something I could do in Windows only using a mouse. Two or Three buttons is a hell of a lot simpler than 104+
Re:Wha? (Score:2, Insightful)
No Maybe (Score:3, Insightful)
Does decent usability necessarily imply the presence of vulnerabilities?
Just because that's the broad experience of users with the current environment of "usable" administrative tools doesn't necessarily mean that it must be so. It's empirical evidence based on a sample size of ... well ... approximately one company.
However.
It is a caution. It shows that it is quite possible to (unintentionally) make system administration more unsafe when pursuing a single-minded goal and when the ideas for EZ system administration aren't subject to the kind of open scrutiny and community improvement that FOSS developers can provide. When a single company owns a market, it's tempting for them to "speed up" the standards process, to "innovate", and make something Really Great that later, turns out not to be perfect.
Practically, I've been encouraged that the free mail clients and free web browsers I use under Linux haven't been afflicted with "Automatically Run This" features of convenience to the degree that my Outlook and IE running friends have to contend with.
I will say though, that I've been nervous about various things that "wget something; cd something; make" redcarpet like packages and their potential for abuse.
Re:Yes (Score:3, Insightful)
(I'm kind of wary of mentioning it, in case the trojan writers haven't thought of it yet, but in the best open source tradition of "what you don't know can hurt you more"... )
Upon execution, Trojan reads through the user's Sent mail folder, picks some random emails (being sure to only send one to a given user, maybe even being clever and finding ones that include text suggesting that there is an attachment or that actually has an attachment), and forwards it again to the receipient with the preface "Sorry I forgot the attachment... try it this time."
I bet a lot of perfectly sane security-conscious people would fall for it.
[TMB]
As an MS Admin and a Linux User ... (Score:5, Insightful)
Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack.
Spoken like a true MSCE. No, making Linux more usable will not open it up any more than necessary. One just needs to make sure that there isn't 1. a scripting host with direct access to the OS configuration, 2. all ports open by default, 3. lots of services open by default, 4. all user accounts with root access by default, 5. applications that can call the scripting host unecessarily (can we say Outlook running VBS attachments on open in the scripting engine with Admin privileges on a default installation?). None of these things really effects users. The two main ones that would affect users are 1. installation programs - just make installers call for an admin password when installed on default-configured accounts - which is what RPM for instance already does - and 2. make passwords mandatory (is that such a usability hardship?)
Asbestos suit time (Score:5, Insightful)
So with Windows you have to run as admin all the time, which is why trojans can get in so easily. Win9x effectively runs as admin all the time anyway unless you have a fancy administrator who configures it for you, which most home users don't.
If "user friendly" = "run as root by default" then yes, Linux would end up having the same problems as Windows. But it doesn't have to. Prompting for root password when attempting a privileged operation is one possible solution; if a trojan attempts to run and the root pw prompt appears, hopefully the user will be prompted to think "er, why did clicking on that MP3 cause a root prompt?" and give the game away. I'm sure there must be other solutions.
Re:Here we go again... (Score:3, Insightful)
Essentially, a computer is a computer. An operating system is an operating system. One is not inherently better than the other; they just do different things. Yes, I realize this is oversimplifying it a good deal, but at an ISP I used to work at we ran Win 2k web servers because there was no way to run VB
The best solution, IMO, is to just throw everything behind a firewall and explicitly allow that which you want to get through. This applies to Linux, Windows, OS X, FreeBSD, whatever. There is too often a "holier than thou" attitude on this kind of crap, and there shouldn't be. Most of the people who make these kind of claims are bandwagoners anyway; using Linux and dissing Windows is "cool" so they do it. The real point is that if you're even having the argument, you're probably not really all that "cool" to begin with.
I'm not convinced yet (Score:3, Insightful)
Re:Guess what (Score:3, Insightful)
Creating a more user-friendly OS will not degrade security from worms and viruses. Being user friendly will not cause extra buffer overflows or executing code that comes in from a TCPIP port.
On the other hand, creating a more user-friendly OS will degrade security when clueless in-duh-viduals try to run malicious code. Technical people are not going to code 15 pop-ups into the OS verifying a user's intention to run a program because they will not want to go through that themselves. (Even if you did, a real idiot will click ok on all 15) In order to avoid this a user on the easiest system needs to be educated on what to do and what not to do in order to avoid security problems.
Re:Wha? (Score:4, Insightful)
If you have limited computer background, icons, menus, and dialog boxes can help with choices and can help people cross OS boundries a lot easier, or learn the next version.
Without that frame of reference, the choices mean nothing.
No. (Score:5, Insightful)
Linux, on the other hand, has always been a multi-user system (well, it has since it became an OS, and not Linus's hyper-fast text editor). Because of this, and the unix philosophy in general, you'd have to go out of your way to find software that does not fit into the multi-user system model. Because of this, linux can remain more secure, even when giving it to 'joe user'.
Of course, the problem comes from the same third party vendors who don't get it in windows also not getting it in linux. Hopefully, they will know something about a multi-user system BEFORE bringing their wares to the linux world. Then again, the idiots creating cruft like 'bonzai buddy' will never get it, nor do they care.
back to the BBS-what about 'I'm smart | I'm stupid (Score:2, Insightful)
Computer admins being usabilty experts? (Score:2, Insightful)
Re:Wha? (Score:3, Insightful)
Only on /. will a posting on another soapbox website, recounting a biased personal experience completely lacking any sort of scientific method whatsoever, be offered up as something credible...
(Yes, I realise anecdotal means without rigorous study. But, sheesh, this thing doesn't even have the *beginnings* of objective research - if your standards are that loose, then every post here saying "GUIs are better" qualifies as "anecdotal evidence").
Re:Wha? (Score:3, Insightful)
Re:Wha? (Score:2, Insightful)
Basically imagine flipping programming languages and natural languages, so that you spoke in perl/c/asm/etc, and coded in english/french/german/etc.
That's silly. Programming languages exist as a formalization of the logic that we are able to develop from having learned natural languages from such a young age. You can't "teach" a child to "speak in code" because the child hasn't yet developed the abstract logical reasoning which enabled people to develop formalized computer languages in the first place.
Re:Wha? (Score:5, Insightful)
Take your example to 'copy a b'. Is a the object or the indirect object? In order to find out, you have to consciously learn a particular grammar. You could do English-like where 'copy a b' means 'copy a to b' or switch positions, where 'copy a b' means 'copy to a, b' . Some natural languages actually use that kind of syntax. My point here is that your ad-hoc syntax is ambiguous from the start, and requires explicit training as to what exactly the grammar is.
Contrast that, for example, a GUI where you have two different folders, anybody immediately understands an object's movement from one place to another. As a species, we're pretty good with language, but visual processing has been going on for millions of years longer.
Re:Wha? (Score:2, Insightful)
I would argue that on a whole Linux/Unix CAN be less vulnerable than Windows, in the right hands, but if you are anything like me you feel that in the scope of Open Source and Free Choice too many options are left open on the installation options. Most of the newbies willing to switch "if only the interface was easier to use" will rarely if ever go beyond that interface to understand the services and features turned on, and subsequently will always have a vulnerable system. Also, without a first rate centralized update system, most users will not keep their security updates current. I have worked with a couple of system administrators and it blew my mind how behind many of them were with security patches.
No (Score:3, Insightful)
Re:Wha? (Score:4, Insightful)
A GUI should facilitate work getting done and then get the hell out of the way. Interupting the user's concentration and workflow by popping up a dialog asking how to move files is absurd. Changing the move behavior based on whether the destination is on the same drive is equally absurd. An interface needs to be consistant and forgettable. A user should never have to fight with the interface to get their work done. The specific task at hand - be it typing an essay, editing a photograph, or composing a musical score - should be all the user has to concern themself with. Computers are supposed to do the hard work while we get the important stuff done, not the other way around.
That's not the point (Score:1, Insightful)
The scare was all over an application that literally did nothing but display a dialog box, but was *presented* in such a way as to make it out to be a terrible, new, easily adaptable exploit that ostensibly took advantage of some fatal flaw of Mac OS X, when in fact it's just demonstrating that an application can have any icon and any name, which has been known, and possible, on the Mac platform for over twenty years.
To get back to the original question... (Score:2, Insightful)
I would argue that certain things shouldn't work out of the box. Items such as your internet connection, terminal services (remote desktop), drive formatting (outside of the initial installation), and basically any other stuff that could kill your machine in a hurry should require a single additional step each in order to activate them.
Instead of enabling security holes the size of Texas by default, these items should have prominent, easy to follow displays which show you how to enable/disable and configure them (and perhaps a sentence on why it is disabled by default). When you click on them for the first time you should get a "set this up" wizard. You should also have the option of skipping the "wizard" style settings tool and go right a well designed advanced tool for those who know exactly what to change.
By making the act of enabling devices/services intuitive you are contributing to ease of use without sacrificing security. You are also promoting a sense of caution. If I need to take an extra step to turn something on, there is probably a reason for it. It also gets me used to how the system works and when there is a problem in the future, I'll have had the initial experience to help me resolve it.
That's my 2 cents worth at least.
--KS
Re:Wha? (Score:1, Insightful)
Anyone who has ever used a Mac knows this is ridiclous. Virtually every little piece of shareware and even a ton of commercial software relied on one undocumented hack or another -- and there were and are thousands of them. Even the little Icon March during startup was someone's hack and not a documented feature.
The difference is that Mac programmers are out to make their reputation in the Shareware market, not the hacker/virus crowd.
Um, sorry but... (Score:1, Insightful)
All else being equal, the product that is easier to use is better. I think you're confusing usability with something else.
Re:This depends on what you define as ease of use. (Score:3, Insightful)
So what did we learn from this?
That a person on Slashdot can construct a hypothetical situation to support any point of view.
Hmm - looks like the first word I type does something. I should try help
/lib/help: Permission denied
#linux> help
Funny, I type "help" on my linux box and I get:
(There is more, but the lameness filter blocked it...)
So a help system that is incorrectly configured is apparently an example of the horrible usabiity of a command-line UI?
At this point, dad tries to read the manual, but it's all so much techno-gibberish that he is lost by the third page.
Nice bit of hand-waving there. "Darn, I forgot, the manuals might actually have useful information. Well, I'll just pretend that it's too geeky for poor old Dad to read through..."
Jay (=
Re:Yes (Score:3, Insightful)
The broken thing about Windows is that users have no way of knowing what will happen if they click on an attachment. Usually, they view the contents of the attached file. But sometimes it destroys their system instead. The expectation is that there will be no side effects of the operation; at most, they will be given the opportunity to save the file. But this assumption is violated by viruses which don't even use a security hole.
apples v. oranges (Score:4, Insightful)
Windows is not less secure because it is "more user friendly" and linux is not more secure because it can be obtuse and seem l33t-friendly. Windows is still locked into a one-box, one-app, one-user approach to things. And until they change that - and demand some basic network savvy from their average user - windows will never be more secure.
The unices were designed for a networked environment with lots of users with varying degrees of access. Security wasn't as afterthought - it was a prerequisite. As long as they are developed properly, adding some pretty icons, some control panels, even some (shudder) wizards will not make Linux less secure.
And since your pro-MS buddies are horrified by the thought of an open-source system,"open(ing) itself up" to "Joe User", I wonder why you're even taking the argument seriously. Burn them some liveCDs (I'd start with Knoppix, SuSE live-eval and FreeSBIE) and ask them to give those systems a good, hard look.
Usability != Liability (Score:3, Insightful)
Just because on OS is very usable (easy to understand, navigate, etc) does NOT make it more liable to be hacked/trojaned/virused. What makes an OS a target of the "crackers"/script kiddies is how easy it is to bypass or defeat an OS's security system. The real blackhats enjoy a good challenge while the "crackers" and script kiddies want to do as little work as possible; all they are interested in is causing chaos and havoc.
Unfortunately, there are many more "crackers" and script kiddies than there are blackhats. As a result, the OS that's easiest to penetrate will ALWAYS be the one that gets attacked the most.
OS-X is proof of concept (Score:3, Insightful)
That a bunch of Windows admins would so profoundly believe that insecurity is a necessary side effect of usability is simply an indicator of just how ingrained Microsoft's fatalistic view of security is in the windows community.
The problem isn't usability, the problem is Microsoft.
There are already Linux distributions with the usability of Windows that are far more secure. The barrier to Linux acceptance on the desktop is not usability. It's more in areas like organizational inertia, ignorance of the options and the success of Microsoft's FUD campaigns.
______
My friends and roommates who I've moved to Linux haven't had any problems with Linux's usability. It's the ones who haven't been willing to try it that have had problems with being afraid of it's usability. The roomate I have now is quite happy with Linux... I tossed him into it because his windows installation self destructed, and I really wasn't willing to provide support for Windows. He tried Linux 'as a test', and hasn't looked back since.
My first roomate that I tossed into the Linux lion's den ended up with Red Hat 6.1 and Windows 95 dual-boot. He started using Linux mostly beause that's where I always left it, and it generally just wasn't worth it to boot into Windows for most things. By the time he moved out, he'd not only given up on Windows... He'd turned into one of the most avid Linux boosters I've ever known.
Re:SELinux to make Linux even better (Score:3, Insightful)
> can't do anything it wants.
I've considered for some time that a defect in Unix is to allow root to be more powerful than the kernel itself. What happens when someone other than root escalates privileges to root level?
The kernel should be able to protect iself from security violations even by root.
This causes most Unix geeks to react in horror. They love being all-powerful.
OTOH, there probably are situations where having the kernel override root would lead to system problems as well.
This remainds me of what the sysops used to tell me when learning computer operations on the Xerox Sigma 6 thirty years ago - "When there's a problem and the OS is popping up messages, satisfy the OS first before trying anything else."
The bottom line - we need smarter kernels - and smarter roots.
To paraphrase what someone once said, "We can probably figure out how to make software smarter, but there doesn't seem to be any way to make humans smarter."