The Clueless Newbie Rides Again

overshoot writes "Anyone remember The Clueless Newbie's Linux Odyssey? As it happens, she's come back to have a go at Ubuntu Feisty. 'Four years ago I tried about a dozen Linux distributions, to see if they were ready for an ordinary user to install as an escape from the Windows world. None of the distros performed well enough for me to recommend them to a non-geek unless they were going to hire someone to install it. After hearing Dell's recent announcement that it will sell computers with pre-installed Ubuntu Linux, I decided to see if Ubuntu was user-friendly.'"

Re:And?

[rbanzai]

From the final page:

"I think Ubuntu Linux is definitely ready for almost anyone with a Windows system who is tired of havig their computer infested with spyware and viruses. It is also a way to avoid Microsoft's "activation" demands. It's free! It's good! It works!"

Re:Encouraging...

[insanius]

That problem unfortunately still exists.

Re:Ubuntu is hit or miss

[Drew McKinney]

I experienced the exact opposite.

I installed Edgy on a Dell D800 laptop with okay results - networking was spotty and wireless didn't work at all (i tried every trick in the book). Feisty fixed all of my problems - every piece of hardware was identified correctly. Wireless and wired networking works perfectly. Feisty is weird.

I'll be installing the new Ubuntu Studio [ubuntustudio.com] for my video/audio/image editing needs in lieu of a Mac.

I know I sound like a fanboy, but Ubuntu is the linux distro i've been waiting for. Not unlike Clueless Newbie, this is the one distro that has worked for me almost flawlessly.

Edited title

[overshoot]

Actually, I submitted it as "The Clueless Newbie Rudes Again."

Some spelling errors aren't.

Re:And?

[gbjbaanb]

summary: she likes it and would install it over Windows ... except for 2 items: the default gnome font (white with a black dropshadow) isn't acceptable for her as she's partially sighted. However she said she'd dump Gnome in favour of KDE so that's not a show-stopper.

The show stopper was the lack of an outline feature for Openoffice. Until that 2000/2001 bug report gets resolved, she'll remain dependant on Office and so cannot get rid of Windows.

Ubuntu came out with a big gold star though.

Wireless Networking

[SpzToid]

For anyone trying the latest K/X/Ubuntu flavor, or Debian 4 for that matter (as I did), wireless networking is easy, and cheap too, of you don't stray too far from these instructions.

1. Choose hardware from this madwifi/ Atheros list: http://madwifi.org/wiki/Compatibility [madwifi.org]. Last week I picked up two El Cheapo Sweek 802.11g cards for 20 euros each, and Ubuntu flashed its restricted driver message at one once, I accepted, and it just worked, even with WPA2 + TKIP encryption at the router. Note there are no USB wifi dongles supported. But PCI & pcmcia, etc.

2. Part of the above is working with Gnome NetworkManager.

Stay focused on 1 & 2, and don't use little USB wireless sticks, and wireless on Linux IS easy.

disk encryption: bonus points for starting with Debian 4, since the EZ installer gives you the option to encrypt the whole (laptop?) disk from the Get Go. I opted for Debian's easy disk encryption (Ubuntu doesn't offer it, really) and chose to fight the wireless puzzle. It was a hard fight, but I think I picked the correct battle to fight. So now just add a nice rsync backup to my http://www.dreamhost.com/r.cgi?134994 [dreamhost.com] Debian server's non-public disk-space for $7 a month, and well that's a secure, yet functional laptop.

Oh, and www.Hamachi.cc makes for easy newbie intranets, and Firestarter is a nifty newbie GUI for IPTables.

- --

You can't be ahead of the curve if you're stuck in a loop.

Re:To bring this up yet again:

[Trojan35]

If you don't want to change, don't change, Linux isn't windows, it's not trying to be, it's something different.

You're kidding right? Almost every single new feature of linux is basically a copy of something on Windows. I'm a supporter of Linux, but that whole "it's not trying to be windows" argument is just people keeping their heads in the sand.

The linux distros that are meant for end-users are trying to be exactly like Windows, but free/stable/secure.

Re:And?

[Kesshi]

From the final page:

"I think Ubuntu Linux is definitely ready for almost anyone with a Windows system who is tired of havig their computer infested with spyware and viruses. It is also a way to avoid Microsoft's "activation" demands. It's free! It's good! It works!"

I could be considered a "clueless newbie" when it comes to *nix. Sure I know how to ls, I know what grep does, I understand what man is, and I've even heard of chmod and used a bit of vi ! But that's about where my knowledge stops. I imagine that a lot of other "average users" are very much like me, or worse, have less knowledge than me. No, I'm pretty sure the "average user" has less knowledge of computers than me; I've been configuring home NT networks since the first release of NT4.0 in the mid 90s. Even with this knowledge and experience *nix has always scared me.

I've only ever used DOS and Windows my whole life, but after reading this article I feel comfortable to give UBUNTU a shot. And I like that.

Re:So?

[Gordonjcp]

The point is that if everyone switches to linux because it is safer, and if the reason it is safer is that it's a smaller target, than the end result will be that the "truth" that linux is safer will end up as a thing of the past.

That's a pretty big "if". The truth is that Linux is safer, because it's simply harder to break into. A default Ubuntu install doesn't expose any open ports. Windows is designed to expose hundreds of ports, none of which can safely be closed because that would break random bits of software that Windows depends on. Linux ought to be extremely easy to write exploits for; after all, the code is right there in the open. If it was that easy then most of the servers on the Internet would have been broken into by now, where the vast majority are Linux and Windows is a dwindling minority.

Re:To bring this up yet again:

[massysett]

A computer user who can boot from a Windows CD, follow a few instructions, and install Windows is not a terribly special case. Lots of boneheads can do it. I know, they're my friends and family.

You're right, lots of boneheads can do that; the problem is that installing Windows takes a lot more than what you have described. Windows doesn't come with a lot of the drivers that you need, so getting the printer, video, network, etc etc to work requires rounding that stuff up and installing it all. Installing Linux is not easy, but neither is installing Windows.

Re:So?

[rizzo420]

windows actually has very few open ports since XP SP2, and even fewer with vista, especially if you choose public location for when you plug into any network.

Re:So?

[jonbryce]

I don't think Vista automagically runs things from the web either. I tried installing Adobe Flash player on a friend's laptop that had the 64 bit version of Vista. It wasn't easy, and certainly not something you would do accidentally.

su
*******
urpmi flash
exit

is just so much easier

Of course I'm not clueless! I'm a tech writer!

[Tsu Dho Nimh]

I am a technical writer: I think like a Clueless Newbie when I am testing user documentation. My biggest gripe with the Linuxes of the first article was mostly that it was impossible to just RTFM and accomplish things because it depended on arcane knowledge and there was no FM to R. My goal with this project was to see if Ubuntu was something that a minimally competent computer user could install on their own, and end up with a working system. Point and click and copy and paste ... the basic skills. BTW: Ubuntu's GUI and help pages talk about drivers and partitions and Wine. I was surprised ... happily surprised ... to see so much clearly written, useful information in one spot.

Re:Nice...

[Tsu Dho Nimh]

It runs Second Life ... without WINE.

Re:"Problem solved by live in geek?" - So that's n

[swillden]

The 32-bit Flash plugin works just fine with 32-bit Firefox on a 64-bit (x86-64) system.

That's what I've got here. (Suse 10.1 distro, not Ubuntu, which may or may not make a difference. If Ubuntu is installing a 64-bit browser, they may want to rethink that.

Debian is working on the really ideal solution to that problem, they call it multiarch. The idea is to make the installer fully aware of all of the different variations of processors and which apps they can run and which libraries are needed.

In this case, what we want to happen is when you apt-get install the flash player, the installer realizes that the only version available is a 32-bit version and that it depends on a 32-bit version of the browser, which in turn needs a certain set of 32-bit libraries, so it downloads and installs all of it, installing the 32-bit libraries next to the 64-bit libraries and replacing the 64-bit browser. Multiarch will make all of that, and much more, not only possible but transparent to the user. It's still a work in progress, though.

In the meantime, I agree that a desktop-oriented distro like Ubuntu should probably install a 32-bit browser by default. Either that or accept a bit of temporary ugliness and code some specific flash and browser handling into the installer so it does the right thing.

Re:Not at all clueless

[Tsu Dho Nimh]

I built it. The old system died.

Every system I build gets easier and easier because more things get integrated into the mobo, like USB and graphics and sound and Ethernet. I don't remember which mobo I have, but the instructions were excellent. If you can assemble IKEA furniture, you can build a computer.

Unix receives more attack attempts than windows.

[GNUALMAFUERTE]

UnixA is NOT a smaller target audience, it is in the Desktop, but not on the server.
And let me tell you, servers with a fixed IP address, open well known ports listening, and lots of domains pointing to it are the most common target. I have a fixed IP address, on a Unix machine, and you should just see my logs. Tons of break-in attempts everyday, and my Slackware just resists all of them.

Desktop machines with windows with variable IP addresses are the target of bots. Unix servers with fixed IP addresses are the target of real crackers and wannabes trying to break in 24/7.

Unix is a far more secure platform than Windows; and it has been proved since it's more exposed to heavy attacks all the time.

Re:Doesn't Clobber Win2k

[Tsu Dho Nimh]

Some of my previous Linux experiments clobbered the existing OS. Red Hat did, and IIRC "Linux for Windows" did it by default.

Funny, I just installed 7.04 myself...

[MarcoAtWork]

... and I really, really, really don't belive it's ready for non-technical users at all unless they have a fairly basic PC configuration: I have two (older) video cards in my linux box, and there was absolutely no way to get ubuntu to actually initialize/configure them both in dualscreen/xinerama without serious editing of xorg.conf (basically creating the device entries for the non-detected card from scratch and configuring xinerama etc.).

Having been using linux since the 1.2pre days I do know how to gets my hands dirty, but if I had been a non technical user there'd have been no way I could've managed. On the other hand the networking and general system configuration was quite painless, automatix and synaptic have been a pleasure to use and the install was very straightforward, even to the point of putting my 2k partition in the grub boot menu (and it actually working, which is definitely a new experience).

With a slightly more robust x configuration (quite a few folks nowadays run dual screen, most developers for sure) it would be nearly perfect.

Re:What if you don't have a free partition?

[Tsu Dho Nimh]

Ubuntu re-sized the Main Windows partition to make enough room for itself and its swap file. It didn't mess with the data drives.

Re:Ubuntu is hit or miss

[l0b0]

Too many device drivers to worry about to get the kind of stability you see in OS X, and that means installation and device use will never be as smooth as Apple. However, it is a worthy goal - so long as you understand that you'll never quite achieve it with an open device ecosystem.

This relies on the assumption that one device = one driver. How about Michel Xhaard's driver for 235 webcams [slashdot.org]? Common, even open, protocols seem to be getting more popular every day.

Picasa and Ubuntu

[Wannabe Code Monkey]

Problem 5: Google's Picasa does not work. Every time I launch Picasa it locks up my computer and sends the CPU utilization to 100%. The problem is Google, not Ubuntu. Instead of writing real Linux software, all Google did was take their Windows version and wrap it in WINE (fake Windows) to make it work in Linux. I expected Google to do better than that.

I tried Google's Picasa offering for Linux a week ago when I wanted to upload like 50 pictures to a web album. It ran fine, but the version Google decided to Linux-ify with wine didn't have web album upload support. I downloaded the latest windows version and installed it with wine and it runs wonderfully. I was able to upload the photos to my picasa web albums and haven't had a single problem. Everything that I tried just worked, it was a lot slicker than the version specifically for Linux.

This is with: Ubuntu 7.04; wine 0.9.33; picasa 2.7 (build 36.4000,0)

Re:So?

[level_headed_midwest]

There is a big difference between the value (to the cracker) of a compromised Linux server versus a relatively anemic Windows desktop or notebook. The Linux server is much more valuable of a target because:

1. Its Internet connection is far faster than the desktop/notebook's connection. This greatly increases the number of spam e-mails sent out or illegal files served/stored in any one time period.

2. The server has much more disk space to hold illegal files, and a good server's disk system is much, much faster, allowing for more users to use the illegal server. A notebook or laptop has a relatively small, slow drive that grinds under the load of far fewer connected users.

3. The Linux machine has many more tools built-in that can be used to wreak havoc on other computers. Windows doesn't have much more than tracert and ping installed and cannot spoof packet sources like Linux can (at least XP SP2 and 9x/Me can't.)

4. Servers often hold a lot of things that are of interest to people for nefarious reasons- lots of SSNs, CC numbers, medical records, etc, regardless of OS. My university just has 22,300 SSNs stolen from it off a server (a Windows server, actually.) The average desktop rarely contains anything more interesting than one or two SSNs or cached CC numbers. Cracking one machine is much less intensive than cracking 22,300 of them to get the same information.

5. Desktops and laptops generally use DHCP while servers have fixed IPs. This makes the server much easier to nail and then access after it's been cracked.

So servers, especially Linux servers, are a much better target than Windows desktops are. If they were equally difficult, the servers would be THE target as they are far more high-value than a desktop or laptop is. Think of it this way- would you rather rob a bum or a bank if both were equally easy to do and get away with?

Re:And?

[d3ac0n]

How about I answer you right here?

As you know, Windows has a particular look to it's User Interface (the windows, the task bar, the buttons, all the stuff you interact with to make the computer do stuff for you.) In Windows XP, the User Interface (or UI) is called Luna. In Windows Vista there are Two UI's; Aero (the core UI), and Aero Glass (the nifty 3D one)

Well Linux has MANY available UI's that can be loaded. GNOME and KDE are the two most popular. Most distributions ("brands", if you prefer) of Linux choose at least one UI to start with. Ubuntu Linux uses the GNOME UI. Kubuntu uses the KDE UI.

As far as selecting one over the other, it's really a matter of personal taste:

KDE is the traditional "Windowsy" looking UI. It has a task bar along the bottom of the screen, and the KDE equivalent to the "Start" button in the lower left corner, right where it is in Windows. However, it is more complex than Windows with far more options to work with. This can be confusing to new users, but many users who like to tinker find this interface enjoyable to use.

GNOME is the more "Mac-like" interface. It uses two task bars, one at the top, and one at the bottom. The top bar has all the menus on it, and yes, there is more than one. It is somewhat less configurable than KDE, but no less powerful. It is preferred among those who like a cleaner interface with a more mac-like approach to menus and usage.

Again, there isn't necessarily a "better" choice here. They are both equally good at what they do, they just do it in different ways. I would recommend using the Live CD's to explore the UI options you have without having to commit to one or the other right away. You can run the live CD, and then just rboot when you are done, with no changes made to your PC.

You can download the Ubuntu live CD here: http://www.ubuntu.com/getubuntu/download [ubuntu.com]
You can download a Kubuntu live CD here: http://www.kubuntu.org/download.php#latest [kubuntu.org]

Just download, burn to CD with your favorite burning software, insert into CD drive, reboot and enjoy!

Re:And yet

[blowdart]

IIS5, unpatched perhaps. IIS6 however has a decent security record; at least according to Secunia with a grand total of 3 vulnerabilities [secunia.com], one of which was in ASP, which is disabled by default, one in WebDAV, disabled by default and a low criticality problem with cookie handling. All are patched. Apache 2.0 has 33 [secunia.com], 3 of which are unpatched and 2.2 has 1 out of 3 unpatched [secunia.com].

You are wrong

[djlowe]

OK, you are wrong, and here's why:

"A default Ubuntu install doesn't expose any open ports"
True, but misleading: A default Ubuntu install doesn't offer any server-type services, so far as I know, so it doesn't have to open any ports.

Also, is it still true that a default Ubuntu install doesn't have a password around the root account? http://www.ubuntux.org/how-to-change-the-root-pass word-in-ubuntu [ubuntux.org]

"Windows is designed to expose hundreds of ports"
Care to list them all?

"none of which can safely be closed because that would break random bits of software that Windows depends on"
Care to list all of those?

The truth is, as best I recall, a default Windows XP install has 4 or 5 open ports, all related to SMB and Windows Networking - and anyone with a clue wouldn't ever allow those to be exposed to the Internet - that's what hardware NAT/firewalls/routers are for.

And, from a home perspective - every ISP I've ever dealt with filters those at their routers. I know that Time-Warner still does, on their Roadrunner network, and as far as I know, so does Verizon.

I'd be willing to bet that just about every ISP does as well - they'd be foolish not to.

Re:Unix receives more attack attempts than windows

[Bargearse]

UnixA is NOT a smaller target audience, it is in the Desktop, but not on the server.
And let me tell you, servers with a fixed IP address, open well known ports listening, and lots of domains pointing to it are the most common target. I have a fixed IP address, on a Unix machine, and you should just see my logs. Tons of break-in attempts everyday, and my Slackware just resists all of them.

99% of these break-in attempts are portscans. Any machine on the net, running any OS, fixed IP or not, is subjected to this barrage on a daily basis. The people doing this generally don't care what kind of machines they get in their botnet, they'll be used for the same purpose one way or another.

Desktop machines with windows with variable IP addresses are the target of bots. Unix servers with fixed IP addresses are the target of real crackers and wannabes trying to break in 24/7.
Unix is a far more secure platform than Windows; and it has been proved since it's more exposed to heavy attacks all the time.

Any machine connected to the net has the same exposure to these general attacks. The difference is not Unix/Windows/whatever; the difference is the setup and administration. Most servers are managed by professionals who know how to configure, maintain and monitor a machine properly. Most desktops are not.

Re:You are wrong

[Gordonjcp]

"A default Ubuntu install doesn't expose any open ports"
True, but misleading: A default Ubuntu install doesn't offer any server-type services, so far as I know, so it doesn't have to open any ports.

And the vast majority of Windows users don't need to run any servers, either. Why does it have them?

Also, is it still true that a default Ubuntu install doesn't have a password around the root account?

No, there is no root password set, so you cannot log into Ubuntu as root in the default configuration. Have a read of this [ubuntu.com] - it explains a little bit about what root is, and the pros and cons of using sudo instead of having locked root account

You're right about the ports. Looking at a couple of PCs running XP, they seem to only have about 10 ports open. Apart from the NetBIOS ports, I don't know what most of them are - looking them up in my /etc/services they're either not listed or don't match what I'd expect. I don't really know why they'd be open.

Re:You are wrong

[damium]

Also, is it still true that a default Ubuntu install doesn't have a password around the root account?

True. This is by design and a security feature. Don't confuse it with a *blank* root password. There is no way for the root user to login to a default Ubuntu install to discourage users running as root.

"Windows is designed to expose hundreds of ports" Care to list them all?

RPC :)

The truth is, as best I recall, a default Windows XP install has 4 or 5 open ports, all related to SMB and Windows Networking - and anyone with a clue wouldn't ever allow those to be exposed to the Internet - that's what hardware NAT/firewalls/routers are for.

I count 3 by default, 7 if you turn file sharing on, and more than 20 if you disable the windows firewall.

And, from a home perspective - every ISP I've ever dealt with filters those at their routers. I know that Time-Warner still does, on their Roadrunner network, and as far as I know, so does Verizon.

I'd be willing to bet that just about every ISP does as well - they'd be foolish not to.

When I was with Verizon they were filtered from the internet but not from other Verizon customers (2 years ago or longer). The very last time I dealt with a Verizon network was when a friend of mine who had no computer experience went down to the local Best Buy, bought a computer, got service from Verizon got p0wn3d following their directions.

Step 1: Put the CD into your computer.
Step 2: Plug the (pre-SP2) PC directly into the DSL modem.
He never made it to step 3. Time to infection was about 24 seconds. By the time he called me and I drove over he had no less than 10 distinct viruses/worms. He only knew about them because one of them was closing his Anti-Virus software when he tried to activate it.

I hear they are doing better these days and shipping wireless routers with service. When I was with them you couldn't even get support for a dead line if you were not plugged into the modem directly. My point from all of this is that I wouldn't trust your ISP to keep known malicious traffic out. Most ISPs are too large and don't even care enough to disconnect known bots from within their network.