Forgot your password?
typodupeerror
Operating Systems Software Linux

A Gut Check On Gutsy Gibbon 390

Posted by kdawson
from the who-you-callin-windows-like dept.
jammag writes "Linux pundit Bruce Byfield looked inside the pre-release of Gutsy Gibbon and found what he calls 'Windows thinking.' His article, Divining from the Entrails of Ubuntu's Gutsy Gibbon, notes that Ubuntu is the dominant distro, having achieved a level of success that might be leading to complacency. He opines: 'Only once or twice did I find a balance between accessibility to newcomers and a feature set for advanced users. At times, I wondered whether the popularity might be preventing Ubuntu from finishing some rough edges.'"
This discussion has been archived. No new comments can be posted.

A Gut Check On Gutsy Gibbon

Comments Filter:
  • by Anonymous Coward on Thursday September 20, 2007 @11:28AM (#20681467)
    Hm, I guess it seems Gutsy Gibbon isn't quite up to stuff. Prolly oughta wait for the next edition, the more refined Hairy Hardon.
    • Re:Wait for next (Score:4, Insightful)

      by Braino420 (896819) on Thursday September 20, 2007 @11:45AM (#20681755)
      The author has some very interesting ideas about "security"
      TFA:

      This [not being able to choose additional packages at installation] lack is not only frustrating, but violates a main principle of security. After all, you can hardly secure a system if you do not know what is going on it.

      it [sudo] means that an intruder only needs one often-used password instead of two to gain control of the system.
      Ok, not being able to install additional packages at installation is a big deal, but calling it a "security issue" is a little silly. No ports are listening on a default Ubuntu install. It doesn't need to be "secured".

      I don't understand how not having sudo means the attacker has to gain control of two passwords. Does that even make any sense? They only need ONE password either time, the root password, or the password for a user that has sudo privs.

      I'm glad someone is really giving a critical eye towards Ubuntu (which can only result in further improvements), but talking out of your ass isn't going to get anything done.
      • Re:Wait for next (Score:5, Insightful)

        by Anonymous Coward on Thursday September 20, 2007 @11:55AM (#20681927)
        Presumably you don't allow the root user to login at all. The only way to get to root would be with su. His statement, I'm guessing, is based on that premise along with having to break into a normal user account first, before being able to su to root. Of course, that doesn't take into consideration the numerous possible attach vectors that do not require first breaking a normal user and then breaking root.

        For years I've never installed sudo because I liked the forced separation of privileges with different passwords. However, in an environment where numerous users need escalated privileges for different things, I have revised my thinking and enjoy the ability to provide fairly fine-grained controls on who/what people are able to access when raising privileges for specific tasks. Short of implementing SELinux, sudo gives me what I need for right now. I can see a day where SELinux will be more appropriate for some things, but until then...
        • Re:Wait for next (Score:5, Informative)

          by init100 (915886) on Thursday September 20, 2007 @01:33PM (#20683835)

          Short of implementing SELinux, sudo gives me what I need for right now. I can see a day where SELinux will be more appropriate for some things, but until then...

          I think that you have misunderstood what SELinux is all about. It is not a replacement for su or sudo, it is a completely different system. It allows the vendor/administrator to explicitly specify what privileges a specific process should have in fine-grained detail. Even though e.g. the apache account has read access to every file that everyone can read, SELinux enables you to specify that the apache process should be denied access to anything beyond its configuration file, its plugins and the web tree, even if it would have access according to the ordinary permissions system.

          By restricting rights on this level of detail, a cracker exploiting a security hole in the apache process would not be able to access any file beyond those explicitly specified in the SELinux policy.

        • Re: (Score:3, Insightful)

          by poopie (35416)
          sudo is way better than su. Here's why:

          sudo allows fine grained access control for users, machines, and commands. There is a config file that lets you do all sorts of restricted access.

          su to root allows a user to do anything, lock anyone else out, change root password, etc.

          the benefits of sudo may seem opaque in the case of a single user on a laptop where there's no admin or IT team. When you think about real multiuser machines with an IT support group and users who need a variety of privilege levels, sudo
      • Re:Wait for next (Score:5, Interesting)

        by eln (21727) * on Thursday September 20, 2007 @11:59AM (#20681981) Homepage
        I think with the sudo thing he's referring to the fact that most systems have more security vulnerabilities that allow you to take control of a non-privileged user, so it's a lot easier to hack into a non-privileged user than it is to hack into root. If you are able to hack into a non-privileged user that is in the sudoers file, you have root.

        Of course, most of those exploits involve gaining control of daemon users, like the httpd user or whatever, and if you have any of those users in your sudoers file you're asking for trouble anyway.

        There may also be the assumption that most people will choose stronger passwords for their root user than they do for their normal user account. I'm not so sure that this really holds true in a desktop environment, but it may in a server environment. Of course, there's also the issue that a frequently used password may be easier for someone to shoulder surf. So, while a normal person may only very rarely log in as root, so shoulder surfing opportunities are likewise rare, they probably log into their user account (which on Ubuntu will likely have sudo access) many times.

        So, while I think there is a lot of hand waving involved in whether or not Ubuntu's model is really more or less secure, there is at least an argument to be made.

        • by drx (123393) on Thursday September 20, 2007 @12:09PM (#20682123) Homepage
          I actually wonder why there is still this big iron thinking about root and "unprivileged users", especially around a desktop distro like Ubuntu. I am the only user of my system. If someone breaks into my normal user account and deletes all files there it is the worst possible scenario. If it is done from root, there is not much of a difference. And unprivileged users can also serve as spam bots, they have all the access to a heap of scripting languages and whatnot -- so really, what is the difference?

          Just because it happens to be Unix, some people seem to have a sysadmin reflex that tells them root is more worthy than others.
          • Re: (Score:2, Insightful)

            by roemcke (612429)
            The real difference is when you want to remove said spambot and be sure it hasn't left any backdors into your system. If root has been compromised, you need to reformat and reinstall everything (including the MBR and BIOS for the paranoid!!). If only a single user has been compromised a spambot is much easier to remove and detect, and it cannot bypass the firewall or hide funny processes.
          • by dfgchgfxrjtdhgh.jjhv (951946) on Thursday September 20, 2007 @12:34PM (#20682577) Homepage
            root gives them full control over your system, they can set daemons to run at startup, mess with system files, delete/modify every users files & any other file they want, run services on privileged ports (1024), install trojans, rootkits, delete/modify log files, and anything else they want.

            a root compromised means a full system rebuild. reformatting all drives & reinstalling from trusted media & the last known good backups. you cant trust anything on the system, or any backups taken since the hack. you might not even know the date of the hack, nevermind how they got in, or what they did, if they cleaned the logs.

            if a normal user account gets hacked & you're sure root hasnt been compromised, you could just delete the user, fix the vulnerability & restore the files from backups. you still have the log files, which will help give clues to how & when you were hacked.

            having your user account hacked is obviously very bad, but if they get root, its as bad as it gets, even on a single user system.

            btw, if your personal files mean a lot to you, you should take regular backups.
            • Re: (Score:3, Insightful)

              by Bluesman (104513)
              The thing is, you can do most of this from a user account. Users have access to a lot of stuff that can be just as bad, and once you have access to a user account, it's fairly easy to get root.

              Once someone with malicious intent can access your machine, you can pretty much kiss it goodbye. You can never really be sure that root wasn't compromised without an extensive investigation.
          • Re: (Score:3, Insightful)

            by DragonWriter (970822)

            I actually wonder why there is still this big iron thinking about root and "unprivileged users", especially around a desktop distro like Ubuntu.

            Because "desktop" computers are often multiuser machines for, e.g., families, and may even be used to perform server roles on a home network as well as a desktop functions. Its not "big iron" thinking, its "multiuser environment" thinking.

            Yes, compromising any user account is a Bad Thing, but compromising one that provides root access (whether root itself or one th

          • Re: (Score:3, Insightful)

            by Karellen (104380)
            "I am the only user of my system."

            I find that that just isn't the case much. Most computers I'm aware of are shared between a couple of users - owner + owner's partner, possibly + kids. And it's handy having your own account, just for simple stuff like desktop theme, recently used start-menu list, fonts, desktop icons, display resolution, etc... Then you've got email, web bookmarks + autocomplete, plugins, documents, preferred applications (e.g. juk vs. xmms), rss feed reader, calendar (surprise romantic re
        • by walt-sjc (145127)
          Sudo access and local priv-escalation bugs are two very different things. IMHO, he's probably referring to the fact that so many end-users use the same password EVERYWHERE, like untrusted web sites. Having the sudo password to get to root via the same password you use to login everywhere isn't so great from a security standpoint.

          Sudo is great for letting non-root users do some root things in a very controlled way when you DON'T want to give full root access. It's not "really" meant to be a substitute for
        • by gravyface (592485)
          I could see a myriad of phishing attacks involving checking the user-agent string to see what distro/desktop manager the user is running, and presently a Web-based pop-up identical to the typical Gnome/KDE/whatever "sudo required" dialog to phish for passwords with sudoer (root) abilities.
      • Re security, I was really surprised when I installed a previous release and SSH wasn't even available. I had to download/install it separately. Granted, you may not want to start the server automatically, but making it easy to set up post install a secure remote connection seems like a good idea.

        Also, while gcc was installed, the C++ frontend was not. Ok, so this is maybe an end-user distro, if you're using OpenOffice and mail you don't need C++. But if you want to start with Ubuntu and configure it to do d
        • by ambrosen (176977)
          Well, it's only one install to add dev-tools or whatever it's called. And presumably you're going to be downloading the source you want to compile anyway.
      • Re:Wait for next (Score:5, Insightful)

        by spagetti_code (773137) on Thursday September 20, 2007 @12:17PM (#20682263)

        Ok, not being able to install additional packages at installation is a big deal, but calling it a "security issue" is a little silly. No ports are listening on a default Ubuntu install. It doesn't need to be "secured".

        No!

        Not having to make choices at install time is EXACTLY the reason that ubuntu is good. After a couple of simple questions, you are up and running with a very well configured system with the best one of each type of app installed that most people want. You dont have a huge stack of apps installed that you dont need.

        If that idea doesn't suit you, then I think you need a different distro. Dont go raining on ubuntu because its executing its plan well. (And by the way, that plan is exactly what the general population want/need).

        • by Smidge204 (605297)
          "Not being able to make choices" != "Not having to make choices"

          =Smidge=
          • Re:Wait for next (Score:5, Insightful)

            by cloudmaster (10662) on Thursday September 20, 2007 @04:58PM (#20687815) Homepage Journal
            Get the "alternate install CD" or "Server install CD" or, at the boot menu, choose the non-GUI boot option. The installer is still basically the Debian installer, and you can do all sorts of things from the ncurses installer. The server install puts down a minimum system, upon which you can either then install the "ubuntu-desktop" package to get the default desktop, or install the individual packages you want (either for a secure server or secure desktop that you know all about)

            The "limited choice" installer is the one that runs in graphical mode after the end user has already chosen the *default* boot option - indicating that they're interested in defaults. People who want more options will examine the first menu they're presented with, or download something other than the "desktop live CD".

            Reporters who don't take the time to read "what's on the CD" before they download the .iso, IMHO, fall into the category of people who dhould be accepting default answers. Esp. if they're running a beta release of an OS.
        • Re:Wait for next (Score:5, Informative)

          by MMC Monster (602931) on Thursday September 20, 2007 @01:09PM (#20683327)

          Not having to make choices at install time is EXACTLY the reason that ubuntu is good. After a couple of simple questions, you are up and running with a very well configured system with the best one of each type of app installed that most people want. You dont have a huge stack of apps installed that you dont need.
          Absolutely agree with above. The problem with earlier distributions was that at installation I had to choose which office package to install, which text editor, etc. That's fine, now that I have used Ubuntu for a couple years, but back then I kind of shrugged, made a few wrong choices, and called the distribution "unusable".

          Sensible defaults and the ability to make changes later on is much preferable.

          Now how about installing ntp by default. :-)
      • by Hatta (162192)
        No ports are listening on a default Ubuntu install.

        Really? I don't remember having to do anything special to enable sshd. Is this new since edgy?
        • Is sshd installed by default? It's not exactly what one would consider an essential need for a desktop user (which is Ubuntu's primary target)
      • His other complaint about sudo is misguided, too:

        However, when you flip to the User Privileges tab in the application, you can see that Desktop Users can do everything except log in with sudo, which still seems unacceptably broad for security.

        Linux, like most Unixes, has a long history of separating things that users can do safely from the things that only privileged users should be able to do. The corners are worn smooth by this point. Windows grew from a single-tasking system with no memory protection

    • by dotwaffle (610149)
      Hardy Heron? Hungry Hippos is such a better name - if only it wasn't 'marked...
    • Re: (Score:3, Funny)

      by icydog (923695)
      Gutsy, even in its development state, is missing some really basic things. If you do "apt-cache search stdc++" on an x86_64, you can see that libstdc++6 and lib32stdc++ are available, but that only the 64-bit version has a -dev package.

      So I can't compile 32-bit c++ apps on Gutsy, when this really is a basic thing that, for example, Fedora gets right. This is something that most "users" probably won't notice... but isn't that Windows mentality?

      And I'm not really just complaining pedantically -- my CS c
      • Re:Wait for next (Score:4, Insightful)

        by tolan-b (230077) on Thursday September 20, 2007 @01:08PM (#20683305)
        > but isn't that Windows mentality?

        No it's pre-release software...
      • Re: (Score:3, Interesting)

        by Rei (128717)
        Yeah -- I just did a fresh Fedora 7 install for use by a complete computer novice (who is still in the stage that she's having trouble remembering how to use things like scroll bars), and was very pleased by how smooth it went. It replaced her old Windows ME system, which had almost no aps and, most critically, refused to work with two different wireless cards that I purchased. Her jaw practically dropped when I showed her the freshly configured Fedora system, up in KDE, with a news ticker and weather plu
    • Re: (Score:3, Funny)

      by gludington (101178)
      I hear coolest features have been pushed back into the 27th release, Aamazing Aardvark.
  • by Jeremiah Cornelius (137) * on Thursday September 20, 2007 @11:28AM (#20681471) Homepage Journal
    When read out loud, in a fruity "posh" voice. ;-)

    My response? Open a shell.
  • evidence (Score:3, Funny)

    by ILuvRamen (1026668) on Thursday September 20, 2007 @11:33AM (#20681569)
    Well they've obviously become complacent about the name because it has "random adjective and animal generator" written all over it. Maybe they'll give it some actual effort next time when it comes up with Aroused Aardvark
  • by saterdaies (842986) on Thursday September 20, 2007 @11:35AM (#20681583)
    Sometimes, one has to make choices:

    After all, you can hardly secure a system if you do not know what is going on it.
    So, I should manually pick each and every package that is installed on my computer. Wait, that won't do it. I need to read and audit the source and then compile that source to be completely sure! I understand where the author is going here, but that's one of the great things about GNU/Linux. I can have my Ubuntu that gives me a good system in 15 minutes and he can use Gentoo, Slackware, or Linux From Scratch to create a system where he can account for everything on it. One distribution doesn't have to be everything to everyone. Lucky for us, because of the nature of open-source, a plurality of distributions is easy which closer meet the needs of our diverse uses. Many users don't want or care about a lot of the choices offered (heck, most of the world uses Windows). Thankfully, Linux is open-source and allows us to choose as much or as little configuration, selection, and customization as we want to deal with.
    • by solafide (845228)
      You always have to trust your compiler; it is possible to change the compiler so that it compiles everything with a backdoor, even the compiler itself. The compiler is all-powerful. How do you find a trusted compiler?
      • by somersault (912633) on Thursday September 20, 2007 @12:00PM (#20682001) Homepage Journal
        More importantly, how do you find a trusted CPU? Is there some sequence of floating point operations that will disable page checking (or whatever) in an Intel processor? :P
      • by Erioll (229536)
        Guess you have to write it in assembly. Oh wait, that uses an assembler/linker, which is a vulnerability.

        Output the bits directly? Well what if your output program is actually a trojan that reads all bitstreams and STILL puts a backdoor in?

        Maybe there's a way to probe the bus to directly enter in the bitstream manually? Oh but wait, what about the BIOS or the architecture of the chip itself?

        Paranoia can only go so far.
        • by solafide (845228)
          True, paranoia is difficult. However, it's a lot easier to have a backdoor in your gcc than to have backdoor in your cpu. You only have to backdoor gcc once and you can't trust it until you reinstall from scratch, with a CD burned on a trusted computer. The CPU is a lot harder to backdoor.
      • by ajs318 (655362)

        How do you find a trusted compiler?

        Armed with the specification for the C programming language and the Programmer's Reference Manual for your CPU, you write a partial C interpreter in Assembler (it only has to be able to interpret the instructions that are actually used in the Source Code of the actual C Compiler). This is verifiable, because you wrote it. You run the C compiler source code (which is clean; the backdoors are all contained within the binary) through your homemade interpreter. Now you

    • by kebes (861706) on Thursday September 20, 2007 @11:58AM (#20681955) Journal
      I agree with you.

      TFA is not wrong in what it says, but perhaps it misses a point. For years people were begging for a "user-friendly" Linux distribution, where the user would "not be inundated with choices" and so on. Ubuntu arose with the aim to be "Linux for human beings," where an ordinary person would be able (with some guidance) to install, learn, and productively use the OS. The aim of Ubuntu is to fill that niche.

      TFA discusses needing to find the balance between "simplicity for beginners" and "power for advanced users." But he seems to think that each Linux distro should be finding that balance--rather than accepting that the point of having multiple distros is that each one can strike a different balance. Ubuntu, clearly, is a distro that favors simplicity, because it is trying to capture some of the "mass market" of beginners. If you want the installation to expose lots of details to you, then there are distros that will make that happen (e.g. Debian).

      Now, having made the case that each distro can and should strike a different balance, I still find the argument misses the mark. I like to consider myself a "power user" who tries to do technical things (run webservers, programming, etc.), and Ubuntu (Kubuntu actually) is my distro of choice. Frankly, once you "know Linux" it's trivially easy to find and modify all the hidden features. Once you open a terminal, you have access to all the power, customization, and advanced features of any other Linux distro.

      Furthermore, many experts may prefer Ubuntu's simplicity, because it lets you get to the tasks you actually care about (and care about customizing) faster. It's nice to be able to complete a full install in 15 minutes (yes, I timed it), with no hassles, and then fine tune it as needed. As I said before--it's not like the customizations are not there. Just open a terminal, edit a config file, just like any other distro.
      • by norminator (784674) on Thursday September 20, 2007 @02:29PM (#20685127)

        TFA discusses needing to find the balance between "simplicity for beginners" and "power for advanced users."

        The funny thing about that is that he complains when Ubuntu provides tools for people with different levels of Linux familiarity. Like here, where he complains about package managers:

        The trouble is, Add/Remove Applications remains basic. Even its help suggests that you use Synaptic "for more advanced needs." Yet even Synaptic is less flexible than the basic apt-get command, and not much easier to use. And, for all the care given to the layout of Synaptic, the updater, and Add/Remove applications, I have to wonder: does any distro really need three or four desktop applications for the same function? After all, apt-get serves the same purpose as all of them. For some reason, the thinking of Ubuntu's planners seems uncharacteristically muddy here.

        If he doesn't think Synaptic is less flexible that apt-get, what are the reasons? Is he arguing that we should just have apt-get and not Synaptic or Add/Remove Applications? Of course Add/Remove Applications is basic. If I was going to hand Ubuntu over to my mom, I would be happy that there is a basic Add/Remove Applications menu item she can click on to see what's available. It is easy to see what it does, and it can get the job done for someone who wouldn't even know what to do with the flexibility of more advanced commands. I prefer Synaptic, because it lets me see all of the packages, categorized in several different ways, and gives me clear, easy to see information about each of them. I'm not scared of the CLI, but how is apt-get easier to use than Synaptic? Maybe if you already know the exact name of the package you want to install, but if you need any information about the packages available, I think Synaptic is very easy to use. The author seems to only like apt-get, but if that's all Ubuntu included, how would my mom install or remove apps?

        It sounds like he really wants Ubuntu to be less tailored for the average home user... He seems to be upset that the distro that home users would prefer is geared towards not confusing them.
    • by Pat__ (26992)
      >I need to read and audit the source and then compile that source to be completely sure!

      Even if you read the source, and compile it yourself, you would not be 100% sure it is safe.

      Reflections on Trusting Trust [cmu.edu] ;-)
  • So Ubuntu is the closest thing to a Linux distro that can fight off the Windows, Mac OS X will do okay but it will still be fan boys who get that. So unless we all want to run windows for another decade or two, we gotta respect what Ubuntu is doing for Linux distros........(sniff and a tear)......all over the world!
    • by p0tat03 (985078)

      Mac OS X will do okay but it will still be fan boys who get that.

      Really? Mac OS X has already achieved what Ubuntu can only hope for, and for the user there is really no difference. Both OSes involve migrating away from Windows-only software, both are (fairly) secure and immune to common viruses, and both are 'nix based. The difference is that OS X has achieved the "it just works" holy grail that Ubuntu reaches for (albeit by "cheating" - limiting hardware configs), but for the end-user that hardly matters. But seriously, will the average user care about being able to

      • Re: (Score:3, Insightful)

        by walt-sjc (145127)
        The difference is that OS X has achieved the "it just works" holy grail that Ubuntu reaches for (albeit by "cheating" - limiting hardware configs)

        Yes, because OS X isn't limited at ALL in the hardware it can run on, right? Please.
  • by c0l0 (826165) * on Thursday September 20, 2007 @11:41AM (#20681703) Homepage
    Unhappy with *[Uu]buntu's way of installing, not leaving many choices for the "IT professional"?
    Use the alternative LiveCD. Note you don't need to "secure the system", since the default install does not bind any sockets listening. I actually consider it one of Ubuntu's strongest feats that you are not facing any choice of package selection whatsoever, so you can be sure you will end up with a sanely organized system you can build upon, if you want, or just walk on with the preset choices.

    Next hilarious thing on his list is the boot menu - if you're actually an advanced-enough user to know about the possibility of testing your memory at bootup, I figure you also know about how to hit Escape to have GRUB's full menu appear.

    He's got one point on fonts, as there can never be enough fonts included in an install. I personally do like Gentium though, and consider freetype's font rendering as Ubuntu sports it very pleasing to the eye.

    On page two, where he's going to whine about "Proliferating package managers", the author imho show severe lack of understanding concerning Debian-ish package management. Well, let there be a lightweight update-checking-utility that does not come up with the whole bunch of X11-windows that is synaptic. It's a good thing it's there - it uses the same backends as apt-get, aptitude, synpatic, dpkg, adept, whatthefuckever use, and it saves you from manually checking for updates every so often. So would you please stop being anal about it? Thanks.

    Also on page 2: "At any rate, the only way to judge how useful a package might be is to use it yourself." Oh wow, movie at eleven. I won't even comment on this, Cpt. Obvious to the rescue.

    Page 3 is about security, and once again tha author seems clueless to me. An "intruder" on a default Ubuntu system can pretty much by definition (due to the lack of running network-interfacing daemons) only be a local attacker with physical access to your machine. Well, in case of physical access you're hosed anyway.
    The point in criticizing default group memberships for the "desktop"-class of users is also beyond me. Well, that is how UNIX tends to work, and if it weren't for the desktop user to be able to, e. g., adjust the sound system's mixer levels or burn a CD, what's left for "desktop" usage to be done? No access via `sudo` means no (write-)access to other account's files and data. Besides, if you let people you don't trust gain local access to a machine via their very own personal account, you should probably check for your very own mental sanity/security first.

    My point is, if Ubuntu actually behaved like he now states he'd like it to in his article, it'd be a flamefest of a different kind: namely criticizing how Ubuntu lacked in "usability", and how it would shy away "novice users".

    Ubuntu is a very fine choice for someone starting out with GNU/Linux or computers all together. It's also a fine choice for someone more knowledgeable, since it's perfectly possible to stray away from the sane defaults the Ubuntu devs chose for the distro. If you happen to find your demands outstrip Ubuntu's capabilities, you're probably better off by creating a distribution of your own.

    My 2 cent.
    • by jonesy16 (595988) <jonesy@gm[ ].com ['ail' in gap]> on Thursday September 20, 2007 @11:57AM (#20681939)
      I was going to write a long post regarding this article but it looks like you covered it already. Good work, cause I couldn't agree more. The only reason that we see a linux distro preinstalled on Dell computers, for example, is because of the strides made by the Ubuntu team in creating a distro that is easy for a Windows-level user to sit down and interact with.

      I'm the first to agree that in a high-tech-level setting Ubuntu has MANY shortcomings. As an example, it takes me about 5 seconds to get a RedHat based machine configured on our Kerberos network using authconfig. I spent a half hour with it (I'm no Kerberos expert), and I still can't get Ubuntu working correctly since I have to do everything manually. My point, however, is that NO home user is EVER going to want to set up Kerberos, so that's not what Ubuntu is geared for and I can't get upset with them for that. Same goes for partitioning in the installer. Anyone remember the options in the Windows installer? They're on the same level: let the installer wipe the drive and commit it to Linux, or set up a few paritions on your own and tell the installer which one it can use.

      Lastly, I have to disagree with the author regarding the user account classifications. He claims, erroneously, that by allowing for the use of 'sudo', an attacker only needs one password to break a system, whereas with a root account he claims you need 2. Umm . . . hello . . . you still only need one password, root's password! Unless your savy enough to not allow root logins . . . It seems perfectly acceptable to me to provide those three levels of user accounts and even that is more than most people will need.
    • by recoiledsnake (879048) on Thursday September 20, 2007 @12:15PM (#20682223)

      Page 3 is about security, and once again tha author seems clueless to me. An "intruder" on a default Ubuntu system can pretty much by definition (due to the lack of running network-interfacing daemons) only be a local attacker with physical access to your machine.

      Wrong. A buffer overflow in Firefox can be the attack vector. As can be a hole in any internet facing software that use internet data (Synaptic, FreeAMP, Media players) or even applications that open any files(if GIMP has a vulnerability parsing JPEG files, even JPEG files could possibly result in a "intruder" gaining access to your machine(not root access though, unless you run GIMP as root).

    • by MacroRex (548024)

      At any rate, the only way to judge how useful a package might be is to use it yourself.

      I dunno. What if there was a wiki, conveniently linked straight from the package manager?

  • who (Score:3, Interesting)

    by wwmedia (950346) on Thursday September 20, 2007 @11:42AM (#20681721)
    who gives ubuntu versions these crazy names?
  • duhh (Score:5, Insightful)

    by thatskinnyguy (1129515) on Thursday September 20, 2007 @11:47AM (#20681771)
    Ubuntu isn't successful because it's an operating system for advanced users only (like Gentoo). It's successful due to being user friendly to people who are Windows users who are curious about Linux.

    With Linux I've noticed that user control is inversely proportional to user-friendliness. Operating systems like Ubuntu are made with user-friendliness in mind and that comes at the price of user control. It's quick and easy to set-up and use which garners alot of favor from the Windows crowd.

    Similarly, Gentoo gives the user complete control over what applications, drivers, daemons are installed but is by no means user-friendly.

    The writer of TFA really did a whole lot of whining about how little control he had over the installation and initial software packages. What did he expect? It's Ubuntu.
    • And to think my mod points expired yesterday. Would someone please get this person to +5?

      I have tried Slack 10 and Debian somethingorother (same time as Slack). By tried I mean, downloaded everything, put them on CD and did manual installs just to see what I would be getting myself into. Four installs of Slack and I got four different results. Two installs of Debian and I got two different results.

      Now Ubuntu, as the OP has said, is for someone like me who wants to put their toes into the Linux pond. If
    • RH brought the linux desktop to the masses. it was roundly criticized for it being too newbie friendly. PEOPLE WONT LEARN LINUX! they all said. Later, the same allegations were leveled at mandrake(iva) and Lindows/spire. IT HURTS LINUX MORE THAN IT HELPS they all cried. Well now that ubuntu is taking the desktop maturity to new levels of easeness, its now completely acceptable, and welcomed by all. Ease of use is in.

      The ubuntu cheerleaders, which is allegedly now ~30% of all linux desktop users, defe
      • Re: (Score:2, Informative)

        I, much like you, grew up on RH and was mocked and ignored whenever I had issues. I also use FC7 now. But Ubuntu offers something to newcomers today that we didn't get 10 years ago: a community that doesn't suck.

        Perhaps it is dumbing Linux down. My response: so what. People who find Ubuntu to be useful may be likely to try more advanced distros in the future. This is a foot in the door; the gateway drug so-to-speak.
    • Re:duhh (Score:4, Informative)

      by Hatta (162192) on Thursday September 20, 2007 @12:28PM (#20682491) Journal

      With Linux I've noticed that user control is inversely proportional to user-friendliness.

      That's not so. A user who expects a large amount of control is going to find a "user friendly" OS that limits him to be very unfriendly.

      Operating systems like Ubuntu are made with user-friendliness in mind and that comes at the price of user control. It's quick and easy to set-up and use which garners alot of favor from the Windows crowd.

      Except that it doesn't come at the price of user control. A Ubuntu system can do pretty much everything a plain debian system can. The shell is still there and fully functional, same with apt-get.
    • Re: (Score:2, Interesting)

      by AvitarX (172628)
      Where is this lack of control in Ubuntu?

      I have been using it for a while now and I think I have complete control.

      Every remote service that is running I chose, I chose the desktop environment, the kernel optimizations (low latency), the theme, the default text editor.

      As someone who has used Linux as a primary desktop for around 30% of the 8 years I would describe myself as a "power user", but not an "expert". With this background Ubuntu is fulfilling the promise that was started (from my perspective) with R
    • by gosand (234100) on Thursday September 20, 2007 @12:57PM (#20683077)
      Ubuntu isn't successful because it's an operating system for advanced users only (like Gentoo). It's successful due to being user friendly to people who are Windows users who are curious about Linux.


      I completely disagree. I don't think Ubuntu is successful because of Windows users. At all. It is successful because it fills a need that Linux users have been waiting for - a distro that is easy to maintain. Unless you are maintaining multiple machines, you shouldn't be doing many installs. (even if you are, you shouldn't be doing many 'installs') I don't really care if the install takes 15 minutes or 2 hours. I only install once. I have never really understood why so many reviews focus on the installation! Yes, it is important, I have done some really tough installs in my day. It is a critical step, but the MORE important thing is how you maintain the system. That is where Ubuntu really stands out. It is why I switched to it. I was on Mandrake (before it changed names) and before that SuSE and various RedHat distros. This was dependency hell. Even though SuSE and Mandrake said you could update your system, you could not. I ran into ALL kinds of issues, my packages were getting outdated and I couldn't easily update them. So I have now been on Kubuntu for over 2 years, and even did an Upgrade with minimal hassle (damn NVIDIA). Dependency hell is pretty much a thing of the past for me.


      Ubuntu lets me USE Linux, and I can tinker where I want to - not where I have to. I still feel like the tinker-factor is still a little high for the average user (esp Windows users) but the strides that Ubuntu has made over other distros is immense.

  • by Chris_Jefferson (581445) on Thursday September 20, 2007 @11:50AM (#20681839) Homepage
    I think the main problem the reviewer is having is that he wants thinks to be like linux used to be. The reason I like Ubuntu is that it tries to escape from that. For example:

    - By default, the user never has to select any partitioning options, or even know what it is.
    Well, most people don't know what partitioning is.

    - Want to choose which software to install.
    Once again, new linux users won't know the names of all the programs they might want. Ubuntu installs what I consider a reasonable selection. Talk of knowing exactly what is installed sounds more like server talk, for which you probably want Ubuntu server, which does install a much smaller selection of packages by default

    - Doesn't send hundreds of confusing messages past at high speed on boot-up (me paraphrasing)
    Well good, particularly because most start-ups have at least one thing which looks to the untrained eye like a failure

    Other problems, including fonts, are possibly more valid. I'd be interested to know what an Ubuntu expert's opinion is on them.
    • Well, most people don't know what partitioning is.

      I think his point was that you could keep user friendly defaults while giving flexibility to the power user. For example, you could have the automatic option as default and have 'Guided' and 'Advanced' options for the power user. I think that's what most distros that I have installed did.

      Once again, new linux users won't know the names of all the programs they might want. Ubuntu installs what I consider a reasonable selection. Talk of knowing exactly what is installed sounds more like server talk, for which you probably want Ubuntu server, which does install a much smaller selection of packages by default

      Again, it's the same thing, provide a option(not selected by default), to choose packages. Again, this is how it was done in most distros i have used. User friendliness is not always in conflict with configurability.

  • I've got a mix of systems at home. Debian, Windows, etc..

    For a while my kitchen laptop (a 5 year old old Dell Inspiron) was running Ubuntu G.G. and I found it quite nice to use. This was my first desktop Linux system in about 4 years. It was responsive, easy to find things, and perfect for that application. (Lots of web browsing and some note taking.) I'd still be using it except...

    Eventually, though, I had to install XP Home on the system. No amount of research, begging, pleading and tweaking in /et
    • by ErikZ (55491) *

      Did you try the invert option in xrandr?

      My ubuntu box is headless, so I wasn't able to test it.
    • Re: (Score:3, Informative)

      by PitaBred (632671)
      You should be able to add an

      Option "Rotate" "UD"

      To your device section to show the display upside down by default. It'll work with most X.org drivers.
  • ubuntu (Score:2, Interesting)

    by treak007 (985345)
    Ubuntu is very popular atm because it is very beginner friendly. Ubuntu seems to strive to make itself like Windows to attract more people. It is only a matter of time before Ubuntu looks and acts just like Windows.
    • A lot of people think that this is "selling out". But ignoring the problems "under the hood", Microsoft has done many many studies into how their OS UI is designed, and the result is based on actual user input. An unbiased view accepts that there are many many users who like the Windows UI, and find it quite usable.

      Perhaps Ubuntu doesn't look like Windows to be like Windows, but because many users like that kind of UI?

    • by Stormx2 (1003260)
      Uhg, I wouldn't say so. You're confusing "Familiar" with "User friendly". My brother finds it hard to use windows machines after so long on ubuntu (he's 13).

      I'd say that windows is a bunch less user friendly for most tasks. For example, "All Programs" contains a bunch of brand names you may have forgotten, forget what they do, etc. This is rectified by GNOME's menus, which are so simple I could orgasm right now over their cute icons. Yeah....

      It depends what we're aiming for. Striking a balance betwee
  • User Friendliness (Score:5, Interesting)

    by Stooshie (993666) on Thursday September 20, 2007 @12:13PM (#20682177) Journal

    FTFA

    ... I find myself wondering whether user-friendliness must inevitably mean discouraging users from exploring their systems or taking firm control over them ...

    and

    ... while even novices are unlikely to have much trouble if they accept the defaults, straying beyond them is difficult ...

    I think this is where us techies fall down sometimes. We assume that everyone who uses a computer wants to "Explore their system" or take "control over them".

    Let's face it, probably about 90% of computer users use an office type application, a browser and an email client and the more advanced of them may use a feed reader of some sort. The most "control" they want over their system is to change the background and perhaps the colour scheme, and they want to do it easily, no code, no hassle.

    And that's fine! Their computer is a tool to do their job. They learn how to do what they need to do and that's it.

    So, it's a good thing that Ubuntu is easy to use. Us techies who want to "stray beyond the defaults" will find the way to do it anyway.

  • Gah! (Score:2, Insightful)

    by unfunk (804468)
    This guy is obviously writing the review from the angle of a Linux Geek. A newcomer to the world of Linux will just be intimidated by all the shell commands this guy is talking about. I mean, really... is "apt-get update install xasd fdsix ikispkg mnfklsad --v" really that simple to remember? All those incredibly cryptic CLI commands are quite intimidating for the noob, and even intermediate users like myself tend to keep away from them.

    Ubuntu is doing wonders for Linux in the popular mindset... users ca
    • by Hatta (162192)
      is "apt-get update install xasd fdsix ikispkg mnfklsad --v" really that simple to remember?

      Yes. Humans are built for language, and interacting with the computer with a language is orders of magnitude more simple, direct, and intuitive than some physical metaphor. There may be a steeper learning curve, but harder to learn doesn't mean harder.
      • Re: (Score:2, Funny)

        by unfunk (804468)
        Forgive me, I am teh drunken intertubes user.

        What I meant to say was 'is "apt-get update install xasd fdsix ikispkg mnfklsad --v" that much better than "click, click, click, click, click"?'

        But then I got distracted by LOLcats, and by extension, LOLrats.

        ...and a shiny thing
      • "Humans are built for language, and interacting with the computer with a language is orders of magnitude more simple, direct, and intuitive than some physical metaphor"

        I think if you do a little research you'd find that humans have been manipulating the physical world for thousands of years before languages came along. Written languages came along much, much later. In addition CLI "languages" have little in common with any spoken language.

        Of course, the research on learning and retention that GUI's are base
    • users can cut their teeth on it first, then if they want, they can move on to more advanced distros.

      The thing is, Ubuntu is an advanced system. It's based on Debian. Sure, it handles a lot of the crap for you and that's a good thing. If you're a power user then it can be tweaked however you need it just like any Linux system. You can even build stuff from source, imagine that.

      I have been a Linux user for something like 15 years now and personally I would hate to go back to that ancient SLS/Slackware sys
  • by simong (32944) on Thursday September 20, 2007 @12:33PM (#20682567) Homepage
    Because Windows also makes those choices for the desktop user, and the idea at this stage is to get users away from Windows and on to Linux without them having to think about partitioning disks, one password for them and another for whatever root is, and having to look for a instant messenger app, so they can chat to their sister in Spain. It has to just work as much as possible: to that end the model seems more like OS X, which of course also uses a single user and sudo (and with the rise in popularity of Beryl and Compiz, Ubuntu is starting to look like OS X).

    I can see the author's point to an extent, but Ubuntu isn't aimed at him, and he won't be able to approach it from the target user'sperspective.
  • Power user features? (Score:4, Informative)

    by Bluesman (104513) on Thursday September 20, 2007 @12:46PM (#20682843) Homepage
    You have a command line, emacs, vi, the gcc suite, perl, clisp and sbcl. What more could you possibly want?

    As long as there's a terminal available and gcc, you just can't complain about lack of power user features in Linux.

    He complains about the multiple package management programs. There's no problem here, since they all use the same underlying database, and a newbie would never know about the command line ones, and wouldn't need to.

    A new user will get along just fine with the simplicity of Ubuntu on the desktop. A power user will hit the command line and have no problems.

    It seems like this guy knows just enough about Debian to be dangerous, and is now cranky that Ubuntu is slightly different.

  • A different take... (Score:3, Informative)

    by MrFSL (958006) on Thursday September 20, 2007 @12:48PM (#20682887)
    So many people like to proclaim that Ubuntu is for the novice Windows convert. I contest that assertion! I have been managing a fairly large and quite diverse network for a few years now. Our servers range wildly from Debian varieties, to Windows 200x, and Solaris. Personally, I have been using Linux for several years and am not afraid of any "advanced-user" functions. I recently switched to Ubuntu (about a year ago) and won't be going back to my Debian roots anytime soon. Some like to spout that Ubuntu is the *nix O/S that "just works" - I feel differently about that too. Gentoo, Slackware, Red Hat, ... the all "work," it's the operator/administrator that "just doesn't." The question is should the administrator have to? Should time be spent in making the O/S work; or should time be spent configuring the Services and Applications to work? The answer is simple - Ubuntu gives me a well-secured, base system with excellent hardware support and updates. On more then one occasion I have found the need to break the default Ubuntu base system (removing a default package in favor of another system) and was shocked to see a seamless transition. Try messing around with udev, hal, dbus, and hotplug on any other Linux distro and see what happens. Try swapping out X servers and welcome to Linux hell! Lastly, Ubuntu has achieved what no other Linux distro ever has and that is their Exceptional support community. The Ubuntu forums (coupled with their online Community contributed docs) is one of the single greatest achievements in the Open community (IMHO) in the last 3 years. The support on the Ubuntu forums is not limited to Ubuntu and I see several non-Ubuntu users linking to Ubuntu forum threads, or asking questions there directly. The support I have received from the forum rivals all other *nix support I have ever dealt with including paid support for Red Hat and Solaris. I even ask questions on the forums non-Ubuntu related. I have asked Perl programming questions and got answers faster then I could through any other Perl or Linux forum. This is the true power of this Distro!
  • For crying out loud! (Score:4, Informative)

    by Vexorian (959249) on Thursday September 20, 2007 @01:47PM (#20684199)

    If you want gentoo use gentoo , If you want debian use debian, please don't expect every distro to follow your own ideas of the perfect distro and for god's sake, don't even think that your idea of the perfect distro should be considered dogma.

    I think that as much as the author blames ubuntu for complacency out of popularity, the things the author is complaining about are not specific to this release which kind of destroys the whole article, as if the guy didn't know the things he is complaining about are exactly the reason ubuntu is so popular.

    I RTFA this is a summary:

    • Installation : "Is easy, but I want it to be hard, complicated and specific"
    • Boot: "Grub doesn't show up when there are no choices to make! OMG that's profanity"
    • Desktop: "But man, I like fedora fonts" Side note: he says icons are too small at high resolutions which is probably huge BS.
    • Add-remove: "Look, I'll complaint about a gnome feature and blame ubuntu for it"
    • Security: "After so many ages ubuntu used sudo, I'll complaint about gutsy using sudo. And I'll demonstrate how little I understand of it and how much I ignore about sudo actually making things more secure" And accessible root account makes your computer less secure, sure people could initially give administrator priviledges to everyone in the family (this is a desktop computer, damnit!) but once they learn about it is as easy to remove sudo priviledges, it is also very easy to exchange the sudo priviledges and all without really having to give someone the root password...
    • Debian: "I want ubuntu to be debian and friking restrictive ubuntu won't let me convert it into debian by adding a bunch of overcomplicated options, for some reason I think that not willing to complicate the user for no reason is 'windows thinking' and I actually think it is a bad thing because Linux must be hard and punish the user with a lot of choices even for trivial things, even though I complained before about how ubuntu offered 3 ways to install software, this is a clear contradiction but I'll include it in the article"
    • Conclussion "I'll complaint about software that is in alpha stage calling it unpolished. I'll call things that aren't new in gutsy as proof ubuntu is dropping in quality. I don't understand that ubuntu's objective is to be easy for everyone and not to be overcomplicated and flexible like the distribution I like more."

    Color me unimpressed by this article.

"An open mind has but one disadvantage: it collects dirt." -- a saying at RPI

Working...