Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
GUI Security Software Linux

When Does Usability Become a Liability? 930

nasteric asks: "I caught myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee. The discussion had to do with usability and security. Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack. Needless to say, this became an endless debate between our Microsoft Administrators and our Linux/Unix Administrators that will undoubtedly continue into the morning. Therefore I pose this question to the Slashdot community. Will making Linux more user friendly result in it becoming less secure? Hopefully your expertise will help shed some light on (and bring to and end) our discussion." Does decent usability necessarily imply the presence of vulnerabilities? Macs seem to have this area down pretty well, with little in the way of vulnerabilities. Can Linux software follow the same route?
This discussion has been archived. No new comments can be posted.

When Does Usability Become a Liability?

Comments Filter:
  • Wha? (Score:3, Insightful)

    by monstroyer ( 748389 ) * <> on Monday April 12, 2004 @04:13PM (#8840793) Homepage Journal
    Question: Is this an "Ask Slashdot" or an advertisement for Krispy Cream and Apple?

    Also, since the editorial already starts us off with an "OS X vs Linux" flamewar, let me add to the discussion... Windows and Linux admins in the same organization? What organization is this?!

    Why do people think that the command line [] is *not* "user friendly"? Do we write books by pointing and clicking at icons, avatars, and pictures? Except under amazing cirumcstances (Steven Hawking, the blind, etc) would you hire an author that did? Then why a system administrator?
    • Re:Wha? (Score:5, Insightful)

      by CountBrass ( 590228 ) on Monday April 12, 2004 @04:19PM (#8840878)
      Do we write books by pointing and clicking at icons, avatars,

      Extremely poor analogy.

      We spend literally decades learning to read and write and even then very few people are actually any good at writing books. Natural language is also, compared to computer languages, extremely stable. Natural language are also exactly that - natural. Our brains evolved to support them and our languages evolved over millenia to suit our brains.

      Understanding images is considerably more important than language and certainly long pre-dates any human language- written or spoken.

      And I'm sure you've heard the expression "A picture is worth a thousand words".

      So, your point would be?

      • Re:Wha? (Score:4, Insightful)

        by conner_bw ( 120497 ) on Monday April 12, 2004 @04:28PM (#8841001) Journal
        Computers don't understand pictorial representation. Their whole basis of understanding what a human wants is based on low-level -> high level languages.

        Stable computer languages or not, just because the human race has understood pictures long before text does not in any way make the computer understand pictures.

        It certainly won't help you in administration.

        For a computer "a thousand words is worth a picture" and the converse is much more difficult and abstract.

        • Re:Wha? (Score:5, Interesting)

          by Nexum ( 516661 ) on Monday April 12, 2004 @05:32PM (#8841704)
          This reminds me of something I've read. When Apple was engineering the GUI back in the early 1980's, early tendency in testing was to just use icons and imagery for buttons and functions, testing showed that this was disatrous however, and the best approach in terms of speed to learn and usability was to use both descriptive text and an icon.

          Apparently, the lead engineer is quoted as saying "a word is worth a thousand pictures" when it comes to GUI design.
      • Re:Wha? (Score:5, Funny)

        by NoMoreNicksLeft ( 516230 ) <`john.oyler' `at' `'> on Monday April 12, 2004 @04:30PM (#8841034) Journal
        Even with 4 byte words (or 8 byte words on some monster big iron), 4000 bytes is not enough for all but the tiniest gif file. Now, gif being a 256 color only format, with no serious compression and an inability to depict sharp photographs of any significant resolution, I contend that no,

        A picture is not ~1000 words.
      • Re:Wha? (Score:4, Interesting)

        by h4rm0ny ( 722443 ) * on Monday April 12, 2004 @04:40PM (#8841138) Journal
        Natural language are also exactly that - natural. Our brains evolved to support them and our languages evolved over millenia to suit our brains.

        I agree, but not with your inference. You suppose that a computer language does not have this property, but as it is produced by the human brain without constraints upon it, surely it is an even purer reflection of the human brain's inherent language ability (however much it is inherent). There might have been constraints in the old days, but have you tried Python yet? ;)

        More on-topic however, I agree with the original poster but for not for his reasons. The picture / point-and-click approach is more of a use-base method rather than one based on underlying theory.*

        The danger with this is you get people who do things by the step-by-step book instead of through a true understanding. Like how a mechanic used to have a good grasp of how an engine worked and nowadays tends to just follow the official process.

        *Doesn't have to be, but it is.**

        **My gods, I'm using footnotes in a /. post now.
      • by Svartalf ( 2997 ) on Monday April 12, 2004 @04:45PM (#8841182) Homepage
        If it's ease of learning, then yeah, a picture is probably worth a thousand words. If it's actual ease of use (which is NOT to be confused with the latter- even though everyone and his dog keeps doing it...), then a CLI may well be the thing.

        There's a lot of things that are purely cumbersome because of the GUI under XP or MacOS.
      • Re:Wha? (Score:5, Insightful)

        by spacecowboy420 ( 450426 ) <> on Monday April 12, 2004 @04:48PM (#8841222)
        Naw, it's even more simple than that. It is about choices. Staring at a blank command-line offers no intuitive options. You have no idea where to start as a n00b. Basically a graphical interface enables a user, without prior experience, to poke around and discover - simply by exploring all options.

        What is easier - a multiple choice test, or a fill in the blank test?
        • Re:Wha? (Score:4, Insightful)

          by johnlcallaway ( 165670 ) * on Monday April 12, 2004 @05:39PM (#8841766)
          What does this round icon with a lightening bolt do.

          What does 'Formating C drive, Select Yes or No' mean??
          I don't know what it's doing, but it's 5% done.
          You can get a better score on a true/false test than a 'Select A, B, C, or D' using random selections. The more choices, the higher the chance of selecting a wrong one.

          If you have limited computer background, icons, menus, and dialog boxes can help with choices and can help people cross OS boundries a lot easier, or learn the next version.

          Without that frame of reference, the choices mean nothing.
          • Re:Wha? (Score:5, Interesting)

            by spacecowboy420 ( 450426 ) <> on Monday April 12, 2004 @06:08PM (#8842026)
            Even a true or false question offers a question with options. A blank command line does neither. Even knowing to type man and a command requires
            a. To know that there is a `man' command
            b. To know which command to even bother looking up.

            Then expecting a n00b to dicipher a man page is a leap. I also have never seen an icon or have I even seen anyone make a shortcut to the "format c: /u/s" command - your argument is not representative of typical usage. Also, icons are generally easy to associate visually with an application - if not, you run it and see what comes up. As a general rule, most applications will not mess with your data just by loading them up and MOST applications will not negatively affect your hardware - thus poking around is good.

            Also, you imply there are 'wrong' choices, when in fact, there is not really a 'wrong' choice per se, just not the specific function you're looking for. If this is the case, you choose one of the other choices and move forward. Now you know what that other function does for when you do need it and have also completed what you set out to do. Not likely to get the same quick understanding on cl.

            The main benefit of a gui is the flattening of the learning curve. It is not as efficient as knowing exactly what you want to do at the cl - this is true, but gets you to a point to where you can be somewhat productive. Obviously being adept at the cl will make you more efficient.
    • Re:Wha? (Score:5, Insightful)

      by Enry ( 630 ) <enry@wayga.QUOTEnet minus punct> on Monday April 12, 2004 @04:22PM (#8840928) Journal
      one picture is worth a thousand words?

      Seriously though, I'm an author and do a lot of writing. We are a visual species - look at the popularity of TV, movies, and video games. Why are GUIs popular? It gives you a lot of information in a small amount of space. Think small applets, like CPU usage or disk usage. More information can be sent quicker using a pie graph and setting colors than just giving raw capacity and percentage used.

      But writing is much more precise. When you write something down, you need to know *exactly* what you're saying and who you're saying it to. Otherwise the meaning could be lost.
    • Re:Wha? (Score:5, Insightful)

      by normal_guy ( 676813 ) on Monday April 12, 2004 @04:24PM (#8840943)
      Because commandline is NOT END-USER FRIENDLY. Things are different when you're a system admin. Click a picture of a music note, you get music. Click a picture with a music note flowing into a CD, you burn your CD. That's much easier than " CD_DA TRACK AUDIO FILE "secret-pregap.wav" START FILE "track1.wav""
      • Re:Wha? (Score:5, Interesting)

        by jd142 ( 129673 ) on Monday April 12, 2004 @04:36PM (#8841078) Homepage
        Because commandline is NOT END-USER FRIENDLY

        It depends. The command line can be quite user friendly.

        copy a b

        That's a fairly easy way to understand how to copy a file in dos. But in the gui world, a person has to remember to right click and say copy (or ctrl+c) and then right click on the destination and say paste (or ctrl+v). Or remember that if dragging files between folders not on the same drive, the file is copied by default but if dragging between folders on the same drive move is the default in windows. KDE does this better, always asking the user what to do with files drug from one location to another.

        As far as your example goes, it really depends on the os. In my copy example above, linux would have the user us cp. Well, how does the user know that? If the os let a person say:

        burn song.wav to cd1 as audio-cd
        burn all songs in c:\mp3 to cd1 as data-cd

        that would be pretty easy and friendly. But no os does that AFAIK. No reason you couldn't make a bash alias to do that and then it would be easy for people.

        On the other hand, I just found a really handy little program called sequoiaview that gives you a visual representation of how much space your files and folders occupy on a drive or network share. There's no way a command line utility could convey the amount of information in the sequoiaview window in as easy a fashion.

        The thing to remember is that usability is Hard. Very Hard. But it isn't the medium that's restrictive, it's the capabilities of the person creating the interface.
        • Re:Wha? (Score:4, Informative)

          by AKAImBatman ( 238306 ) <{akaimbatman} {at} {}> on Monday April 12, 2004 @04:49PM (#8841237) Homepage Journal
          If the os let a person say:

          burn song.wav to cd1 as audio-cd
          burn all songs in c:\mp3 to cd1 as data-cd

          that would be pretty easy and friendly. But no os does that AFAIK. No reason you couldn't make a bash alias to do that and then it would be easy for people.

          Actually, that looks pretty close to AppleScript. Unfortunately, the "ease of use" tends to become a liability to advanced users, as they have difficulty remembering the syntax.
        • Re:Wha? (Score:5, Insightful)

          by lawpoop ( 604919 ) on Monday April 12, 2004 @06:13PM (#8842077) Homepage Journal
          I argue that the a properly designed GUI is inherently more user-friendly that a CLI, even properly designed.

          Take your example to 'copy a b'. Is a the object or the indirect object? In order to find out, you have to consciously learn a particular grammar. You could do English-like where 'copy a b' means 'copy a to b' or switch positions, where 'copy a b' means 'copy to a, b' . Some natural languages actually use that kind of syntax. My point here is that your ad-hoc syntax is ambiguous from the start, and requires explicit training as to what exactly the grammar is.

          Contrast that, for example, a GUI where you have two different folders, anybody immediately understands an object's movement from one place to another. As a species, we're pretty good with language, but visual processing has been going on for millions of years longer.

        • Re:Wha? (Score:4, Insightful)

          by Graymalkin ( 13732 ) * on Monday April 12, 2004 @06:20PM (#8842148)
          Or...dragging files between folders ought to move it by default. When you've got a paper in one folder on your desk and pick it up and slip it into another folder does it duplicate the paper at the quantum level in the new folder? No. If you're using a spacial desktop metaphor on a computer it should behave in a spacial manner.

          A GUI should facilitate work getting done and then get the hell out of the way. Interupting the user's concentration and workflow by popping up a dialog asking how to move files is absurd. Changing the move behavior based on whether the destination is on the same drive is equally absurd. An interface needs to be consistant and forgettable. A user should never have to fight with the interface to get their work done. The specific task at hand - be it typing an essay, editing a photograph, or composing a musical score - should be all the user has to concern themself with. Computers are supposed to do the hard work while we get the important stuff done, not the other way around.
    • by kollivier ( 449524 ) on Monday April 12, 2004 @04:25PM (#8840959)
      GUIs let you explore until you find what you want by pointing and clicking on things. With command lines, you need to know the commands, and the options, before starting. That means that you need some sort of training before you start using the command line. So in your analogy, you'd have to "learn" the language of the OS before you can start 'writing' anything at all. Learning English actually took you a very, very long time, even if you don't remember it.

      Once you have that training, the command line is a very useful tool. But if you can't get the training, and aren't self-sufficient or technically apt enough to go to the bookstore and buy a book on how to use the command line, you're screwed.

      That's why people like having icons for things. The message icon is your mail program. Don't have to remember what it's name is, or where it's at. Just click.
    • Re:Wha? (Score:5, Interesting)

      by Planesdragon ( 210349 ) <slashdot@cPERIOD ... minus punct> on Monday April 12, 2004 @04:35PM (#8841068) Homepage Journal
      Except under amazing cirumcstances (Steven Hawking, the blind, etc) would you hire an author that did?

      Tracy Hickman (of Dragonlance fame.) has professed to using a "help you write" tool. Despite using what ammounts to a novel-wizard, his last four or five books were all NYT best-sellers. And he probably wrote the manuscripts in a GUI environment.

      As for the CLI itself--it's not that CLIs can't be user-friendly, it's that they simply aren't. A user-friendly, intuitive command line would:

      * Have plain-language redirects to all commands (swipe some code from a twenty-year old Command-line game if you must!)

      * Have a help-file that's intuitively found and starts with the basics--file maniuplation, directory navigation, et al.

      * Give immediate and clear feedback that something is working.
      • Re:Wha? (Score:4, Informative)

        by julesh ( 229690 ) on Monday April 12, 2004 @05:51PM (#8841886)
        Tracy Hickman (of Dragonlance fame.) has professed to using a "help you write" tool. Despite using what ammounts to a novel-wizard, [...]

        Its not as bad as you make it sound. The software in question is essentially a directed brainstorming application that helps authors make sure their ideas for a novel adequately cover the many different levels that many critics think are essential for a 'good book'. It isn't exactly 'point and drool'...
    • Re:Wha? (Score:5, Interesting)

      by Golias ( 176380 ) on Monday April 12, 2004 @04:53PM (#8841270)
      Also, since the editorial already starts us off with an "OS X vs Linux" flamewar

      Talk about an asinine knee-jerk reaction!

      The whole point of bringing up OS X was as a proof-of-concept that the sort of user-friendliness which Linux is moving towards does not automatically mean weak security. It has nothing to do with flame-wars, and everything to do to paying attention to what others in the industry are doing. (Something everybody should do, unless they want to lose in the long run.)

      let me add to the discussion... Windows and Linux admins in the same organization? What organization is this?!

      Damn near every Linux-centric organization I've ever been a part of, for a start. If you are a software company, you are going to have customers on Windows. If you are going to support those customers at all, you need to make your shit work in a Windows environment, which means maintaining a Windows environment.

      Mixed environments are the norm, not the rule. A lot of companies even have a few Novell systems lying around doing stuff. Show me a "pure" Linux shop, or a "pure" Windows shop, and I'll show you an IS department run by a raging platform bigot.

      Why do people think that the command line is *not* "user friendly"?

      The command line is extremely user friendly. Having to remember the names and locations of dozens of config files in order to perform basic upkeep and maintenance of your server is not. I don't know about you, but I need to crack a book open to remind myself how to add a virtual host to my Apache web server each time I do it. If I was constantly editing the httpd.cnfg file (or whatever the hell it is), I wouldn't need to look it up every few months just to remember all the lines that need to be changed, but since it's only an occational change, a GUI front-end that held my hand through the process would not be entirely unwelcome. Granted, a badly designed GUI tool which lacked the flexibility I expect from raw config file edits would be ignored, but do it right and I would never need to open that file in vi again. That's what people mean when they say "user friendly."

      • Re:Wha? (Score:5, Insightful)

        by maximilln ( 654768 ) on Monday April 12, 2004 @04:57PM (#8841334) Homepage Journal
        The whole point of bringing up OS X was as a proof-of-concept that the sort of user-friendliness which Linux is moving towards does not automatically mean weak security
        I think everyone's ignoring that Apple was able to prevent the unitiated general run-of-the-mill script hacker from exploring the innards of their system for many many years before Windows became mainstream. Sticking with their ultra-super-secret closed model they've bred an OS that's secure not just because of the code it runs but because of the mindset and the historical knowledge and background of their top level programmers and designers.

        If we would take the Mach32 kernel and give it to a bunch of MS jockeys and ask them to produce OS X I have no doubt that it would be a security nightmare. Apple's been refining their methods for decades.
  • Simple (Score:5, Funny)

    by Limburgher ( 523006 ) on Monday April 12, 2004 @04:13PM (#8840797) Homepage Journal
    As soon as autoexec.bat runs.
  • by Anonymous Coward on Monday April 12, 2004 @04:13PM (#8840798)
    Is hide the more advanced/"dangerous" features from users that normally don't need them. They're there if you, but if you don't know about them, you shouldn't accidentally trigger them. That's part of good useability, too.
    • by corpsiclex ( 735510 ) <> on Monday April 12, 2004 @04:28PM (#8841000) Homepage
      This approach has been tried, and is extremely annoying to those of us who do know what we are doing. Last time I checked, Fedora Core doesn't even install gcc if you go with the typical installation (yet of course the Games and Entertainment package was installed). I guess this approach works to an extent, but be careful about carrying it too far. I also noticed several other things about Fedora Core that were designed with Windoze users in mind, and several of the features that they tried to make easier to find ended up being hidden from me; eg they changed the name of GAIM into Messaging Client...took me quite a while to figure this one out.
  • by weave ( 48069 ) * on Monday April 12, 2004 @04:13PM (#8840800) Journal
    Joy, a slashdot-sanctioned troll post.

    OK, here we go:

    • If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.
    • If Linux distros had everyone running with root perms, then yes, they will be screwed too. That means you, Lindows.
    • This argument ignores architecture and coding flaws. There is no reason why we have to settle for popularity meaning low security
    • by RTPMatt ( 468649 ) on Monday April 12, 2004 @04:18PM (#8840868) Homepage
      What will make it less secure is people using it without and idea of what they should be doing for security. Unless the average user can install it out of the box (they like boxes) and have all their security issues taken care of, they will most likley live with no security at all.
      • by LostCluster ( 625375 ) * on Monday April 12, 2004 @04:26PM (#8840978)
        What will make it less secure is people using it without and idea of what they should be doing for security. Unless the average user can install it out of the box (they like boxes) and have all their security issues taken care of, they will most likley live with no security at all.

        When a hole is discovered, the number of people who get hacked is equal to the number of people who are running the affected software who don't patch in time.

        If a luser wants to run telnet to get to their Linux server as root... they're just asking for trouble. Good thing most people who understand what to do at a bash prompt already know that. The problem comes when people who don't understand that SSH is better for a huge reason want to see a Linux command prompt on a remote server...
    • by LostCluster ( 625375 ) * on Monday April 12, 2004 @04:21PM (#8840904)
      If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.

      This theory needs only a slight modification to become valid...

      It's popularity among stupid people that breeds vulnerabilities.

      Apache may not have very many holes, but it's far too easy to write a PHP script that gives away the keys to the kingdom if you're not careful. A password of "password" is insecure on any system.
    • by Anonymous Coward
      and an Indian fellow named "Jack" was assigned my case.

      I cannot wait to hear from "Jack" and hear how his beloved "Mets" are doing in this fine baseball season.

      I await with interest to hear his small talk about traveling on the "NJ Turnpike" to work.

      Tech Support. You gotta love it.
  • Yes (Score:5, Insightful)

    by Tango42 ( 662363 ) on Monday April 12, 2004 @04:13PM (#8840802)
    Yes, because users are stupid. Most "viruses" at the moment need a stupid user. Also, more users=more damage=more chance of someone wanting to attack it.
    • Re:Yes (Score:5, Insightful)

      by LMCBoy ( 185365 ) on Monday April 12, 2004 @04:21PM (#8840907) Homepage Journal
      Most "viruses" at the moment need a stupid user.

      Hmm, I was under the impression that most viruses these days just need a stupid email client (read: Outlook), with no intervention by the user required one way or the other.

      Yes, I suppose there may be a way to disable the braindeadedness of Outlook, and that some may regard users as "stupid" if they do not lock down their system in this way. But, given that MS pitches Windows as the everyman's OS, does it not make much more sense to place the burden on *them* to provide a reasonably secure default setup, such that it is reasonably resistant to simple script-kiddie attacks "out of the box"?

      There's a difference between stupidity and ignorance. In this case, it seems to me that the OS design is stupid, and if the user is ignorant of this fact, then they are in trouble.
      • Re:Yes (Score:5, Informative)

        by Grayputer ( 618389 ) on Monday April 12, 2004 @04:29PM (#8841017)
        Actually most virus arrivals now do need a luser. Email gateways are doing more scanning and keeping outlook users from becoming auto-lusers. However, one of the latest/best scams is to zip the virus and password protect it (quasi-encrypted) so the gateway scanner can not scan it. Then include instructions in the email that social engineer some luser into unzipping it with the supplied password and running it. I've seen some pretty good email virus scams recently, the text is REALLY good, definitely luser friendly.
      • Re:Yes (Score:4, Informative)

        by jonwiley ( 79981 ) on Monday April 12, 2004 @05:15PM (#8841549) Homepage

        > Most "viruses" at the moment need a stupid user.

        Hmm, I was under the impression that most viruses these days just need a stupid email client (read: Outlook), with no intervention by the user required one way or the other.

        A virus, by definition [], requires human intervention to propagate.

        A worm [] can propagate without human intervention.

  • by ArsSineArtificio ( 150115 ) on Monday April 12, 2004 @04:13PM (#8840804) Homepage
    I agree absolutely. If only we'd go back to using toggle-switches for computer input, the risk of viruses or security breaches would diminish enormously.

  • by LostCluster ( 625375 ) * on Monday April 12, 2004 @04:14PM (#8840810)
    One of the biggest design flaws in Windows from a security perspective is that nearly every service that comes with the system is turned on by default.

    One of the biggest design flaws in Linux from a usablity perspective is that nearly every service that comes with the system is turned on by default.
  • by mindless4210 ( 768563 ) * on Monday April 12, 2004 @04:14PM (#8840811) Homepage Journal
    I think that the claim has very little validity. I think the truth is that it "becomes more vulnerable" when the average user is less educated about security issues.

    Making Linux more user friendly, in my mind, means improving upon the features that revolve around the GUI. The great thing about Linux is how much you can customize it; you can strip away the GUI and have a powerful production-level server environment. This is different from Microsoft products, as the ease of usability encompases the operating system.

    Linux is much more "modular", in that you can build exactly what you want; an installation could take up anywhere from a few megs to a few gigs. The security and vulnerability lies in the end user.
  • oh of course! (Score:3, Interesting)

    by cartman837 ( 766019 ) on Monday April 12, 2004 @04:14PM (#8840814)
    windows, linux it doesnt matter... Lusers will FIND a way to screw things up... If linux had the larger market share, worm writers would tailor code for it. I dont really think it would change the world as we know it.
  • Mac OS X "trojan"? (Score:5, Insightful)

    by daveschroeder ( 516195 ) * on Monday April 12, 2004 @04:14PM (#8840820)
    Please, no comments about how Mac OS X was "attacked" by a trojan.

    It doesn't "expose" some fatal flaw in the OS, nor is it some newly discovered exploit. All it is was an application that displayed a dialog box. Mac OS applications (with the exception of Cocoa applications) have always been able to have:

    a.) any icon, and
    b.) any name

    The only remotely slightly interesting feature of this proof-of-concept was that it stored the executable code within an MP3 ID3 tag, and even contained valid MP3 data. But that's mostly irrelevant, since the executable code could be anywhere, and the code can't even be moved in raw binary form without destroying the resource fork. Though the major media outlets haven't picked up on the subtleties of this thanks to Intego's FUD-mongering and self-serving press release, this "trojan" is nothing more than a Carbon application. (Though, the discussion that comes of this will be fruitful: maybe Apple will revisit yet again the filesystem metadata vs. file extension dichotomy, and discuss novel ways of visually identifying executables, perhaps in the same fashion as aliases.)

    So, to get on-topic, no, an OS doesn't necessarily have to become less secure to become user-friendly. Some (most?) of the security of an operating system, both from a user perspective and network perspective, comes from underlying philosophical design principles and fundamentals - not to mention the intensive peer examination that open source software encourages. Sure, some user-friendly "features", such as auto-opening attachments in the preview pane of Outlook, exist to make things "easier" for the user. But this is a wrongheaded approach: a sensible focus on security can solve the majority of problems without necessarily making it harder on the user. Ease of use and security aren't entirely, or even mostly, mutually exclusive.

    The key is making security easy to use.

    But the age-old technique of "tricking the user" will ALWAYS be possible via various means, on any OS on any platform.
    • by IntlHarvester ( 11985 ) on Monday April 12, 2004 @04:24PM (#8840945) Journal
      the code can't even be moved in raw binary form without destroying the resource fork

      I assume that most Mac mailers observe the MacMIME [] spec. This makes sending forked files through email a transparent process.

      (Not arguing with the rest of your post -- I think it would be a lot easier to trojan Mac users with a "Install this Cool Screensaver" thing instead of jumping through hoops with a fake MP3.)
  • totally incorrect (Score:4, Insightful)

    by VAXGeek ( 3443 ) on Monday April 12, 2004 @04:15PM (#8840829) Homepage
    I fail to see any such correlation between usability and security. As many others have said (and will say), OS X really does have it down in regards to their security model, which I hope is embraced on OSS *nix soon.
  • by AnonymousKev ( 754127 ) on Monday April 12, 2004 @04:15PM (#8840831)
    ...then you should have asked for their explanation of why OS X is more secure than Windows.
  • by onyxruby ( 118189 ) * <<ten.tsacmoc> <ta> <yburxyno>> on Monday April 12, 2004 @04:16PM (#8840837)
    It's the same thing that has happened to other fields that eventually grew to the point where people could do some of the work on their own. For comparison think of publications, once restricted to highly specialized professionals and now available to anybody with a printer and a copy of printshop. Those home-brew print jobs make the pros squeem in pain. Amateur work will always be amateur, and the results will reflect this.

    Once Linux gets to the point that it can be administered by people who aren't dedicated specialists, it's inevitable they will try it out and that most of these people will be less careful administrators. After all they aren't dedicated *nix admins and will often wear many hats in their organization. This doesn't mean that Linux is insecure, it's just a growing pain that it has to go through.

    Don't forget how many people fall into the "it's working, it's now forgotten" category. These are the people that only perform oil changes on their cars and wonder why it eventually breaks down on them - and there are a lot of them. They won't patch it, back it up or anything else until the day it inevitably comes crashing down around them.
    • by Zwack ( 27039 ) on Monday April 12, 2004 @04:54PM (#8841287) Homepage Journal

      For comparison think of publications, once restricted to highly specialized professionals and now available to anybody with a printer and a copy of printshop. Those home-brew print jobs make the pros squeem in pain. Amateur work will always be amateur, and the results will reflect this.

      To quote a musician I know... "I'm an amateur. I don't need to practice."

      The only difference in quality of output between a lot of amateur musicians and a lot of professional musicians is the amount of practice. With more practice a musician makes fewer mistakes and can repeat the same music more consistently every time.

      One pottery class I heard about divided the class into two groups. One group was given the job of making just one pot in a semester, but it had to be "perfect". They spent the entire time studying and preparing for that one pot. The other group was told not to worry about quality but to make as many pots as they could. Each group would be graded differently. At the end of the semester the group that made one pot each had made their pot, and the group that made as many as they could had made a lot of pots. The pots made by the people who were aiming for quality were consistently bad. They had made mistakes in their pot making, come across issues that they hadn't encountered in their research and so on. The other group had a range of pots. Their first pots were awful. Their final pots were excellent. They had learned from their mistakes throughout the course and had continually experimented with different firing temperatures, glazes, and so on.

      So, what am I trying to say here? The professional who doesn't practice is not going to be any better than the amateur who works hard at it his art. I've been involved in printing from an amateur stand point and I would be confident enough with some (but not all) of the "home-brew print jobs" that I have done that I would quite happily pass them to a pro with no expectation that they "squeem" in pain. Some talented amateurs will always be better than untalented pros, the best output from untalented amateurs will beat the worst output from untalented pros and vice versa. Talented pros and talented amateurs will both produce good and bad work, but the best work of both will be on a par.


      p.s. I used an 1854 Albion letter press for fine press printing. I can set type by hand using a case of type and a compositors wand, I can ink and run the (hand) press well, but I can't prepare the paper. My father (the owner of the press) can prepare the paper, and is better at page layout and adjusting the form. We both have our strengths and weaknesses but for rank amateurs our "home-brew print jobs" have done remarkably well. I also have a degree in Applied Physics and another in Software Technology, I am definitely no more than an amateur printer.

  • by winkydink ( 650484 ) * <> on Monday April 12, 2004 @04:16PM (#8840838) Homepage Journal
    I cought myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee

    Cheese it, it's the cops!

  • depends (Score:3, Interesting)

    by sumdumass ( 711423 ) on Monday April 12, 2004 @04:16PM (#8840851) Journal
    Depends on how the make it more user friendly. Most of microsofts flaws come from coding errors and automaticaly opend ports and services that aren't used.

    I think linux can be user friendly without all that but with anything the more layers you add to it the complexity and ability to keep it secure will become harder. Not impossible but harder. At least with linux you will know were the problems are instead of having it for 2 years and then finding a patch for it one day.
  • Yes (Score:5, Interesting)

    by YrWrstNtmr ( 564987 ) on Monday April 12, 2004 @04:17PM (#8840857)
    Take the basic Linux safety measure. Having to log in as root to do anything significant. Win has this as well (admin, power user, etc) , but most people run as admin, partly because of crappy, admin-rights demanding software, partly because Win doesn't really tell you not to, but also partly because its a PITA to remember, and log in with, that secure PW to do any installs or maintenance.

    A "user friendly Linux" (Lindows, anyone?) will have to be very, very careful not to end up down this same path.
    • Re:Yes (Score:5, Informative)

      by weave ( 48069 ) * on Monday April 12, 2004 @04:25PM (#8840958) Journal
      That's what's great about OS X. If you want to install an app and the installer requires admin rights, it prompts you to enter in your user accounts' regular password. This stops automated trojan installers, but doesn't require a separate id/password for doing system level work. It also alerts you that "Hey, I'm doing something that will change by system."

      There is no need to log into an admin account to do any of this kind of stuff under OS X.

      I've also never seen an OS X app that says you have to give all users all perms to the root folder, or have everyone running as admin, or open up the program folder for everyone to write to because settings are being stored in the wrong dang place.

      Windows could be a lot more secure, but Microsoft doesn't go far enough to shame software vendors into sticking to the logo requirements. How many times have you Windows admins had to support a desktop app or driver for a peripheral that REQUIRES admin or power user rights? It's insane that there are Windows programmers that are still writing crap like this today.

  • by LostCluster ( 625375 ) * on Monday April 12, 2004 @04:18PM (#8840864)
    On Windows they call it Administrator, on Linux they call it Root. It's the same thing, the user account that has no restrictions on it. Every user wants to run that way, because seeing a "permission denied" message on their own box just isn't going to make them consider the system user-friendly.

    It's really more of a user eductation issue than a technical one. The best security practices are usually in counter to an element of ease of use.
    • by J. J. Ramsey ( 658 ) on Monday April 12, 2004 @04:43PM (#8841166) Homepage
      "On Windows they call it Administrator, on Linux they call it Root. It's the same thing, the user account that has no restrictions on it. Every user wants to run that way, because seeing a "permission denied" message on their own box just isn't going to make them consider the system user-friendly."

      Except it's not quite the same. On Linux, graphical apps, at least the ones that are part of the distro's admin tools, prompt for the root password if they are started by a regular user. Windows XP, as far as I've been able to tell, doesn't do this. Ordinary *nix apps are designed to run with user-level privileges, and this has been so from the beginning. Many Windows apps, however, are written with a permissive environment like Windows 95/98 in mind, so apps do things that only work if the "Program Files" directory is writable. Most Linux distros have a regular user account created as part of the installation. Any additional users created as part of a Windows XP installation have Administrator privileges by default.

      On a typical Linux box, running as a regular user is usually the path of least resistance. The opposite is true for Windows XP.
  • The problem here is your "Microsoft Administrators" have only one frame of reference for the question, and that's Windows, which is
    • user-friendly
    • vulnerable
    and so they think anything that's user friendly must be vulnerable. A classic logic error, whose name I forget right now.

    User friendly does NOT imply vulnerable, nor vice versa. I've posted before about building secure systems and securing existing ones. The techniques are, for the most part, well known albeit tedious, though I do anyway. (I even posted a security advisory to BUGTRAQ today...)

    As long as the people making Linux user friendly keep security in mind when designing and implementing the new features, there will be no problem.

  • by TempusMagus ( 723668 ) * on Monday April 12, 2004 @04:18PM (#8840869) Homepage Journal
    To equate good usability with bad security is retarded and prejudicial. People who endorse that thinking in the linux community are, in my mind, the biggest hurdle to the widespread adoption of Linux on the desktop. Adding ill-conceived and ill-planned COMPLEXITY can lead to security issues but usability concerns, whether command line or GUI, don't have to.

    Of course if you have elitist programmer types who use their case-modded Amiga's to talk to talk to each in Klingon don't expect your user experience to be one 'Joe User' can use or enjoy. If you are one of those people who are disdainful of people not as smart as you and want to keep Linux/OSS in the hands of your CRT tanned brethren then by all means continue to disparage and FUD usability all day long - just don't complain about Linux's adoption - EVER.

    A few things for folks to remember:
    • Usability does not mean GUI. It's about performing tasks in the fewest steps requiring the least amount of memorization by the greatest number of targeted users.
    • Computer savvy people are atypical users. I may respect how a race-car driver drives his car and maintains his machine and there is no-doubt that he is a better driver than me. But if I need to go to the store and buy groceries or go out drinking with some-friends - not only is in inefficient for me to use a car designed for someone like that but its also uncomfortable and dangerous.
  • Yes. (Score:3, Insightful)

    by FreeLinux ( 555387 ) on Monday April 12, 2004 @04:18PM (#8840872)
    Have a look at Lindows. They make Linux easy enough for Windows users and supposedly, your grand mother to use. The first major step towards ease4 of use was the use of root as the primary logon. Security on these systems obviously just took a major step backwards.

    Now let's face it, the ease of use your friends are talking about is things like not having to use a user ID and password when you turn on the PC and, most especially, not having to "su" to install spyware ^H^H^H^H^H^H^H pop-up blockers.
  • by h4rm0ny ( 722443 ) * on Monday April 12, 2004 @04:19PM (#8840880) Journal

    [As | If] Linux becomes more 'userfriendly,' security will suffer. This is not because it becomes inherently more vulnerable, but because it becomes accessible to ever less competent people.

    A *NIX system does have inherent security advantages over Windows, but it still requires a very competent Admin to do a thorough job. Right now, I'd lay money (based on experience) that the average Linux Admin has a far better understanding than the average Windows admin simply because he needs to. This is going to change.

    Consider that in my day, a programmer was still a computer scientist. Nowadays, I have to work with people who took a few months at a college course using a Visual design package and couldn't even program a Bubble Sort routine. It'll be similar with Linux security.
  • by michael path ( 94586 ) * on Monday April 12, 2004 @04:19PM (#8840882) Homepage Journal
    I'm not sure how I understand how the product could be less secure. My concern, the same concern I have for Windows, is the implementation.

    End users generally either accept defaults, or install everything they can - regardless of if it's anything they'd ever use. This also means opening all the ports for the applications they install (by default, in Windows). They're simply not experienced enough to appreciate what they do.

    My limited experience in Linux (I consider myself a very average user at best) with Red Hat and Fedora distributions is that it opens itself up for whatever I install as well. I often find myself fortunate if I can get 80% of what I install working, so I suppose that's inherantly more secure.

    However, I still use 14 character passwords in Windows and Linux. I still set appropriate permissions on files in both Windows and Linux. Vulnerabilities will always exist, regardless of platform. I fail to see how wider use would make the produce less secure, however.
  • Using Security (Score:5, Interesting)

    by DreadSpoon ( 653424 ) on Monday April 12, 2004 @04:21PM (#8840909) Journal
    Usability doesn't mean "avoids security." It means the interface is easy to use. You can do this *with* security. For example, just asking the user to re-type their password before running admin tools, even if they have rights to run them. (No su'ing to root; no process should *ever* run as root with user input/control.) That means that a virus can't just start running admin commands without the user knowing.

    SELinux (or, hopefully, a similar system with a sane configuration/management interface) can also assist with this by limiting what vulnerabilities can do.

    And the interface design itself helps. Microsoft's attempts at usability equate to "do everything automatically." Compare this to GNOME where the design is based not on automation, but on streamlining. I fully believe GNOME is *more* usable than Windows in almost every way, yet it hasn't the security problems as apps don't try to auto-run executables from untrusted sources, embed scripting languages with system-modification abilities, etc.

    In truth, the interface can be designed such that it makes using security easier, vs hiding security away.
  • by Speare ( 84249 ) on Monday April 12, 2004 @04:21PM (#8840912) Homepage Journal

    The argument is usually phrased as "Convenience vs Security." They can be seen as being opposed. That's not quite the same as "Usability vs Vulnerability" but that's the direction your friends' arguments were pointing.

    I'm not sure that it always holds true that you have a single gradient between Convenience and Security. You can have elements of both, and it's not just a fractional position between two extremes.

    For example, the 'root' problem is that root or Administrator can do anything on the system, so cracker types will focus their attention on the major prize. The alternative would be to spread rights and responsibilities into fine-grained accounts like "backup" and "network" and "installer" and other capabilities. An attacker has to work harder, but the machine's owner does too.

    However, that doesn't mean that you're going to have to allow web browsers and email clients to execute unknown privileged code. Many of Microsoft's engineers in the 90s had no concept of trust and privilege, and it showed. Those few who understood the implications couldn't drive the rest of the overwhelmingly "convenience-driven" corporate culture to really care about the down-sides to an all-root-all-the-time lack of security. Now that Microsoft knows the implications, their inertia has them at a strict disadvantage: they must change, and in so changing, they break their #1 asset: long-term backwards compatibility.

  • by contrapuntalmindset ( 697143 ) on Monday April 12, 2004 @04:21PM (#8840917)
    "Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. " Ummm... what makes a Microsoft Admininstrator the authority on vulernability and usability?
  • by Random BedHead Ed ( 602081 ) on Monday April 12, 2004 @04:23PM (#8840931) Homepage Journal
    GNU/Linux development can really benefit from observing what Apple did with OS X. It's easy to use for pretty much anyone, but it's similar to a Linux-based system under the hood. It's easy, yet has very few vulnerabilities.

    One nice trick Apple discovered is to have the users be non-root, yet still administrative. (Did you hear that, Lindows?) They did this by creating tools that run as root, but which require authentication to run. For example, a mortal user who is an administator can't trash the whole filesystem by dragging and dropping important items, because they are not root. But they can run Software Update, an application for downloading patches, by supplying a username and password.

    On Linux you can add users to the group "wheel" and make them sudoers with much the same effect.

    Apple also made many important directories like /etc invisible from within the GUI, which I think is a great idea as long as power users can turn it off.

    Seems easy and secure to me...

  • Guess what (Score:5, Insightful)

    by stratjakt ( 596332 ) on Monday April 12, 2004 @04:24PM (#8840949) Journal
    All the "secure code" in the world wont shield the system from a clueless user.

    As secure as you think OSX is, anyone who wanted to write an application to fuck stuff up, call it "Super Happy Funtime Sexy Game", and email it to morons, could do so just as easily as they could with a VBScript file.
    I could write:

    rm -rf /
    cat /dev/rand > /dev/dsp
    echo Linux is teh gay!

    Email it to some stupid people, tell them they have to run it as root or else they wont see the video of Condoleeza Rice's tits.

    Stupid people will run what came with the box they bought at Best Buy. When those boxes start shipping with linux, they'll be on linux. The REALLY stupid people shop at K-Mart, who I understand are in the business of ubercheap linux boxes these days.

    Be afraid, be very afraid, of the rootkits that get put on this new army of lindows boxes.
    • Re:Guess what (Score:5, Interesting)

      by nojomofo ( 123944 ) on Monday April 12, 2004 @04:57PM (#8841327) Homepage

      Why is this modded as insightful? Anybody who knows how to run something as root (and how to do it) would know how to look at the script and decide what it's doing. It's not like OS X has a "Run as Root" button on the toolbar or anything.

      Yes, people can do stupid things. But if you sent that to your average OS X non-power-user, they would do absolutely no damage whatsoever, no matter how much they tried.

  • by FyRE666 ( 263011 ) * on Monday April 12, 2004 @04:24PM (#8840952) Homepage
    As you've noted, Mac OSX has managed it (although in all honesty it probably isn't the focus of as many attacks as Windows). I think that the main problem is that if users are running their browsers, email clients etc under their own uid, and they contract a virus then it's going to cause damage to all their files. I don't know about anyone else here, but I value the files in my /home more than the rest of the OS, which can easily be reinstalled (yes, I do back up, BTW).

    I think that maybe all vulnerable processes, like web browsers, irc clients etc should run under a separate uid from the user (maybe each user should have 2 uid's - one normal, and one restricted so that it can only access a subdirectory of the users home). So rather than Mozilla launching as user fredbloggs:fredbloggs, it launches as "fredbloggs_restricted:fredbloggs_restricted" by default. The user could then chown some directory to be writable to fredbloggs_restricted" for downloads, cache etc.

    Maybe this is already implemented? The real problem though is that a user could still build and run something they downloaded, potentially wiping all their files, unless a mechanism automatically made anything they installed themselves, run as the restricted user and not their own uid:gid.

    Does any of that make sense? ;-)
  • by happyfrogcow ( 708359 ) on Monday April 12, 2004 @04:25PM (#8840960)
    I'm in the process of rewritting some small freely available application because the original caused my computer to segfault under two circumstances which I consider normal use. In rewritting it, i've eliminated those errors and maintained the same performance. As well, I decided to start using a memory profiler, Valgrind []. The end result is a more user friendly tool because it doesn't crash in normal operation giving bad error messages that only a programmer would understand. It is also more secure... no more buffer overflows.

    My point is, moving towards usability shouldn't mean that we should loosen our belts, allowing the user to run amock in the system, we should tighten them.
  • Memory Permissions (Score:5, Insightful)

    by RailGunner ( 554645 ) on Monday April 12, 2004 @04:25PM (#8840964) Journal
    Last time I checked, usability had nothing to do with allowing a user created process to stomp all over memory, like DOS / Win 16 / Win 32 did (and does). Usability also had nothing to do with being able to extend Office applications with Visual Basic For Applications, giving the world Marco virii.

    Usability, however, does have to do with coherent UI design: picking icons that communicate what the button does on a toolbar, grouping menus is a logical way, making sure that there are keystrokes available for commonly used features, etc.

    It sounds like the Microsofties have confused usability with Feature Creep.

    Now.. the more people running Linux may in fact lead to more vulnerabilities being found, since testing only proves the existence of bugs, not the absence. However, history shows that bugs are fixed much quicker in open source then in closed source, so that's a race Linux wins easily. But as far as usability, comparing the latest KDE and GNOME desktop to Windows XP just shows that as far as usability, Linux may have already surpassed Windows.

  • The List (Score:5, Funny)

    by Henry V .009 ( 518000 ) on Monday April 12, 2004 @04:26PM (#8840977) Journal
    Hmm, I'll have to add one to my list.
    1. Security through obscurity.
    2. Security through obsolescence.
    3. Security through unusability.
  • by Bronz ( 429622 ) on Monday April 12, 2004 @04:30PM (#8841030)
    Microsoft sacrifices security because, in their model, it is often the easiest way (tm) to make something more user friendly. So from a Microsoft point of view, it seems obvious that security and user friendliness are mortal enemies. That doesn't mean the two naturally correlate.

    On the other hand, anyone can make a linux box insecure. The question then becomes as simple as whether you trust users to administer their own boxes. This is where you need user friendliness. This is where the OS has a choice to remain secure by staying obfuscated (and thus scaring users away at the expense of functionality) or become more friendly (at the risk of letting users hurt themselves).

    Windows, by default, can be (is?) insecure. But that's not where the "(Microsft vs. Linux) vs. (User Friendly vs. Insecure)" debate should begin.

  • by mumblestheclown ( 569987 ) on Monday April 12, 2004 @04:30PM (#8841032)
    When does usability become a liability?

    Hey linux--how about you worry about that particular hurdle when it's within a light year away or so?

  • Maybe (Score:3, Interesting)

    by fudgefactor7 ( 581449 ) on Monday April 12, 2004 @04:30PM (#8841035)
    The answer clearly is "maybe." It all depends on implimentation. Simplicity in itself is not responsible for vulnerabilities. Simplicity is the goal for the designer. Usability is the goal (and key) for the user. The problem is when you ignore good security methodology in the name of K.I.S.S and for the uneducated user.

    I think it would be better to educate the users than to dummy-down the OS. Education needent be difficult. Documentation is key to understanding. If the user can't/won't read the docs....then it's all their problem, but if the docs are there, and they're clear and concise, and he reads them and can use them. Then you have a good system.

    End users like "Joe Sixpack" don't want to have to type things like mount /dev/cdrom /mnt/cdrom, they want to click on an icon or (if they're at the commandline) type in just the path to the drive. Autofs (and the like) go pretty far for this. But that's just a beginning.

    Take Microsoft's lead. They spent an enormous amount of time, money, and effort making the systems useable and simple. Apple did the same (albeit on a slightly different track). Linux can too. Just because someone makes Linux (as a whole) easier for Joe to use doesn't mean that security will go out the window. It just means that there's more that needs to be thought about before implimentation.

    And that's why there's the "maybe."
  • by b17bmbr ( 608864 ) on Monday April 12, 2004 @04:33PM (#8841050)
    i used to be tech coordinator at my school. oh the headaches. anyways, i'd get all kinds of lame ass questions about how to do simple things. people learned how to use windows. just like riding a bike, it takes time. windows UI's break lots of guidelines. ever look at all the dialog boxes, like the font box, or the print dialog. they are 1st class abortions. and how 'bout office. what, a toolbar button that is a pop up menu, which can then double (or triple?) as a pull off floating toolbar? (it's a desert topping, it's a floor polish!) windows has had the luxury of being how things are done, and people learn to use it. so, anything that doesn't do it that way is "wrong" and "difficult". it's no different that driving on the right side of the road, with the pedals on the left side of the car. (here in the US) linux desktop by default has to emulate/mirror windows (mis)feature for feature. now, there are lots of bonuses like in konq, but 100 cool things doesn't make up for the 1 thing it doesn't do like windows. the best hope for linux desktop is new users without the pre-conditioned actions. i had several linux desktops in my old 7th grade class. you'd be amazed that kids with little computer training can pick up kde or gnome. it's just that they're not stuck, as it were, doing things the redmond way.
  • by herrlich_98 ( 267669 ) on Monday April 12, 2004 @04:40PM (#8841136)
    If the user doesn't care about security then it is hard to add more security without making the system more difficult to use.

    On the other hand a system infected with viruses and trojans can be un-usable.

    In all fairness to MS, the Windows history is from a novice single user or small work group. Windows was kinda of thrust onto the Internet, by, well, the growth of the Internet. It is more usable and less secure because of that.

    Linux has the whole multi-user UNIX, USENET, geek, Internet history behind it. It is more secure and less usable because of that.

    I see Windows and Linux evolving toward each other in security, in usability and in many other ways.
  • by l33t-gu3lph1t3 ( 567059 ) <> on Monday April 12, 2004 @05:00PM (#8841356) Homepage
    Things that need to be expressed before my opinion:
    -Microsoft does not hire retards. Their programmers are skilled.
    -IBM,Sun,Novell,etc, do not hire retards. Their programmers are probably equally skilled with Microsoft's.
    -Linux was inspired by Unix
    -Unix is a multi-user operating system originally designed during the dawn of computing for big iron mainframes accessible by client terminals via command line.
    -Computer "users" at the time of the creation and dominance of Unix knew, more often than not, how to program, do shell scripts, etc. They were very computer-literate. To use a computer in that age meant you knew how a computer worked.
    -Windows began as a (more or less) single user operating system intended to run on PCs, not mainframes, and is used more often than not by people who know nothing of programming, or how a computer works abstractly.

    Before you jump to say that Microsoft produces crap code, think logically. The Windows O/S may be considered to be a history lesson for all the O/S programmers out there. Learn from it. Sure, they didn't invent the GUI. Sure they weren't the first windowing O/S. But consider that Windows is the first operating system to reach the level of adoption that it has. They have to support every common architecture, network protocol, hardware design, etc, in the world.

    If Windows serves any purpose to you guys at all, it is to illustrate what works, and what doesn't. From their example, user stupidity has been illustrated. Never more than now have programmers been aware of the need to balance ease of use with covering for the ignorance of a user. From their example, we've learned that the user really shouldn't be trusted to be a good admin, that firewalls are a good feature to build into an O/S, etc etc. Microsoft has proven useful in studying the effectiveness of GUI systems and their pitfalls.

    Don't sit and criticize Microsoft. Take the lessons they had to learn the hard way, and use them to make better code. That's essentially what Apple did with OSX, even though for them it was a lot easier - they don't have to standardize for all hardware and software configs. They offered very limited backwards compatibility, as ugly compatibility hacks aren't good to keep in code :)
  • by kalidasa ( 577403 ) * on Monday April 12, 2004 @05:13PM (#8841528) Journal

    Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack.

    Spoken like a true MSCE. No, making Linux more usable will not open it up any more than necessary. One just needs to make sure that there isn't 1. a scripting host with direct access to the OS configuration, 2. all ports open by default, 3. lots of services open by default, 4. all user accounts with root access by default, 5. applications that can call the scripting host unecessarily (can we say Outlook running VBS attachments on open in the scripting engine with Admin privileges on a default installation?). None of these things really effects users. The two main ones that would affect users are 1. installation programs - just make installers call for an admin password when installed on default-configured accounts - which is what RPM for instance already does - and 2. make passwords mandatory (is that such a usability hardship?)

  • Asbestos suit time (Score:5, Insightful)

    by jazman ( 9111 ) on Monday April 12, 2004 @05:16PM (#8841557)
    The problem with Windows is that it's *too* secure. Yeah, you heard me. Try using a Windows box without admin rights. I did, once, never again. It was some time ago so I can't remember what the problem was. And you can't just supply the Admin password, you have to logout, kill all your apps, login as admin, do what you were trying to do in the first place, if you haven't forgotten because of some other app whinging about losing data or something, logout again, restart just isn't worth it.

    So with Windows you have to run as admin all the time, which is why trojans can get in so easily. Win9x effectively runs as admin all the time anyway unless you have a fancy administrator who configures it for you, which most home users don't.

    If "user friendly" = "run as root by default" then yes, Linux would end up having the same problems as Windows. But it doesn't have to. Prompting for root password when attempting a privileged operation is one possible solution; if a trojan attempts to run and the root pw prompt appears, hopefully the user will be prompted to think "er, why did clicking on that MP3 cause a root prompt?" and give the game away. I'm sure there must be other solutions.
  • by abb3w ( 696381 ) on Monday April 12, 2004 @05:16PM (#8841558) Journal
    It depends what you mean by increased usability. A linux expert can do almost anything on Linux right now. Aunt Tillie can't check her e-mail, without risking creating an open SPAM proxy. Increasing usability has very little to do with the underlying code functions, and far more to do with the visual communication of relevant information. As long as the interface does not rely on security through obscurity, improving the interface will only improve security, with things like:
    "Warning: Setting Up a SendMail Daemon without checking for security patches may risk increasing the world supply of electronic Junk Mail (SPAM). Perform check for securely signed patches (Default: Yes)? Use Default trusted patch Server (Default: Yes)?"

    Of course, increasing accessibility also increases accessibility to potential shoot-yourself-in-the-foot things like filesharing. Right now, Security through Obscurity usually protects Aunt Tillie from setting up a SMB share of her entire hard drive. On the other hand, if she does do it somehow, she'll never figure out that her DSL is slow because she's been turned into the leading WAREZ distro for Podunk. Security through Obscurity is generally considered harmful-- but it is Security. Good interfaces can be designed to provide the users with warnings to educate them as to hazards, while letting them shoot themselves in the foot if they really, really want to.

    Now, if you talk about increasing the functionality, so the Linux users can do things like install spyware, or DirectX components to reformat their hard drive, then yes, that's likely to decrease security.
  • by deego ( 587575 ) on Monday April 12, 2004 @05:26PM (#8841645)
    "To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it."

  • No. (Score:5, Insightful)

    by SCHecklerX ( 229973 ) <> on Monday April 12, 2004 @05:40PM (#8841786) Homepage
    Not necessarily. Keep in mind, that many of the problems 'joe user' has, is because he runs with administrator privilege. The reason he does so, really isn't his fault, as many windows programs REQUIRE this. Windows has a legacy of being a single-user system, so there is a lot of 'bad' software out there (doesn't keep separate user profiles, wants to write configuration files where it shouldn't, wants access to stuff it doesn't need, etc).

    Linux, on the other hand, has always been a multi-user system (well, it has since it became an OS, and not Linus's hyper-fast text editor). Because of this, and the unix philosophy in general, you'd have to go out of your way to find software that does not fit into the multi-user system model. Because of this, linux can remain more secure, even when giving it to 'joe user'.

    Of course, the problem comes from the same third party vendors who don't get it in windows also not getting it in linux. Hopefully, they will know something about a multi-user system BEFORE bringing their wares to the linux world. Then again, the idiots creating cruft like 'bonzai buddy' will never get it, nor do they care.

  • by Tim Browse ( 9263 ) on Monday April 12, 2004 @07:19PM (#8842668)
    Hopefully your expertise will help shed some light on (and bring to and end) our discussion.

    You're new here, aren't you?

  • by mslinux ( 570958 ) on Monday April 12, 2004 @08:10PM (#8843066)
    Below is the truth, the whole truth and nothing but the truth.

    Windows was originally designed as a single-user, game-playing operating system. It had no concept of networking or segmented user space or file permissions, etc. These things, among others, were added on later as the need arose.

    Windows was originally marketed to home users who wanted to play games and small businesses who wanted to track a few dozen or perhaps a few hundred accounts/clients.

    Today, MS has positioned Windows as an Enterprise class OS. People who grew up playing games on Windows should know that this doesn't make sense.

    I used to laugh when looking for patches for an NT4 domain that I administered a few years ago. I'd skip all of the new video (DirectX) enhancements that were constantly avaiable. What did gaming/video drivers have to do with domain controllers?

    In short, you can't make something into something it's not... at least not without many problems. MS Windows is a classic example of this.
  • apples v. oranges (Score:4, Insightful)

    by frAme57 ( 145879 ) <> on Monday April 12, 2004 @10:41PM (#8843993) Homepage
    The question is a strawman. The underlying (and false) assumption here is that security and usability are inversely proportional. The other questionable assumption - that Windows is, by definition, user-friendly - is such a tired subject here that I won't even touch it.

    Windows is not less secure because it is "more user friendly" and linux is not more secure because it can be obtuse and seem l33t-friendly. Windows is still locked into a one-box, one-app, one-user approach to things. And until they change that - and demand some basic network savvy from their average user - windows will never be more secure.

    The unices were designed for a networked environment with lots of users with varying degrees of access. Security wasn't as afterthought - it was a prerequisite. As long as they are developed properly, adding some pretty icons, some control panels, even some (shudder) wizards will not make Linux less secure.

    And since your pro-MS buddies are horrified by the thought of an open-source system,"open(ing) itself up" to "Joe User", I wonder why you're even taking the argument seriously. Burn them some liveCDs (I'd start with Knoppix, SuSE live-eval and FreeSBIE) and ask them to give those systems a good, hard look.

Nondeterminism means never having to say you are wrong.