977 posts • joined 10 Aug 2011
Good, try also Linux Mint 16 Mate (based on Ubuntu). I use that one for this purpose.
the majority of people are perfectly happy to continue with the familiarity of Windows which they see as being free anyway because they bought this PC and it already has Windows.
That is the catch! That is why it is called "the MS Windows Tax". It appears to be free, though it is not. And btw, when I offer help with cleaning up, fix a slow, full of viruses PC, I offer a usb drive live Linux Mint persistent system with a few additional packages added to the base one. This would be either near impossible, expensive or plain hard with any version Windows. Cleaning and troubleshooting a Windows setup is more expensive than the original license. My setup is advertised as a viruses-immune, never aging, self-cleaning system. If this "ad" is true, and the system works and suits the needs, I install on the hard drive. No need to relearn and get used to the new operating system. At the very end, I do explain that it is not MS Windows, but a GNU/Linux distribution.
For the time being, I charge for the usb flash drive. Things are pretty automated now. When I get more people asking for the same, I might start charging them a pack of beers or a bottle of wine :)
more modern and secure, in design at least
theoretically speaking, there are advantages, though no one really knows how much of this theory is actually implemented. Once again, a proprietary product is pretty much a black box.
Hard to compare the performance here. As far as popularity, number of supported architectures, portability, flexibility (options to turn on and off), modularity and interconnectivity, modular independence with other software (say Linux, FreeBSD kernels are tested to work for many different OS envelops), NT loses big time.
PS is very fresh (2005) compared to the much wider and more thoroughly used and better documented POSIX/Unix shells. Think of portability again.
So, no AC, unfortunately, the proprietary counterparts a more clear to lose than win in this case.
A suggested list
Evidence? Try taking similar proprietary product and the one with the source code freely available. Compare their performance, stability, popularity, security, scalability, versatility, flexibility, portability, availability, ease of use, ubiquity, adherence to the main principles of IT etc.
1) Linux kernel, Free,Open,NetBSD, Darwin vs. NT kernel
2) vim, GNU Emacs vs notepad ;) okay, you can take Visual Studio editor
3) a GNU Linux, a BSD distro vs. Microsoft Windows
4) gnu bash, zsh etc vs. power shell
5) Apache, nginx vs Microsoft IIS
So what do we get here?
Re: there is a gnupg though
Note that GCC C does not issue a diagnostic for the GnuTLS or Apple SSL/TLS bugs even with "all" warnings enabled.
And which one that could compile them both would? For as many architectures?
there is a gnupg though
a very popular product, even the diehard jobsians, BSD-only, gpl haters cannot live without. There is also a gcc that is still the best compiler. Those allergic to gpl, gnu and FSF are creating their own clang compiler....
@the brave anonymous coward
Oh yeah, that would be because they get to drink from the teat of tax payer money...money never runs out and they are never held accountable.
Do you mean us, tax payers, that have to support Microsoft and their fat proprietary brethren with our own money for Schools, government institutions and pretty much everything that follows? No accountability indeed when this money is swallowed by the private giant leech from Redmond, WA.
None of your links talk about successful exploitation of getting a root. The first of them does mention an escape from the sandbox on the browser (very old one, applicable only to devices prior to Android 2.2) AMOF, MS Windows had no mandatory app sandbox mechanism (at least until Windows 8). So, again nothing specific.
Sure - but Linux has historically had some of the highest vulnerability counts of any OS (approaching 1,000 known holes in the kernel alone)
So, what is counted? Without weighing severity of each bug, one cannot say just by looking at the number. Does it apply to ALL versions of Linux, all or most generic configurations, architectures or not? You see you apply the monolithic Microsoft measure to this. MS kernels or whatever they call kernel cannot be configured in many gazillions ways with various options (like built into or as separate etc module). There is many more architectures and so many more current and extant versions of Linux kernel out there than for any other OS. Heterogeneity of Linux distros and Linux kernels diminishes that number substantially.
IE has a 75% market share of PC users
According to various statistics IE's market share fluctuates around 25%. Not sure where did you get the 75% number. It's pretty unlikely, if the 25% estimate is correct since Firefox, chrome et al are also counted for PC users.
but there certainly have been previous exploits that have rooted Android via the browser,
Links please, or do you mean a browser/Android exploit together with the privilege escalation exploit of the Linux kernel can render that. That is theory, a possibility, yet it doesn't mean it had been ever demonstrated.
hat has sucessully attacked OS-X / Linux via the browser
So again, you're trying to make it sound like it had happened.
Potential, yet a very unlikely situation. Did you follow our own links and saw that this java trojan would write itself /etc/init.d? How well do you know Linux-based systems to run web browsers as root?
A java browser plug-in exploiting a patched java vulnerability?
I am not using java plug-in, even most people don't use it nowadays (FF turns it off by default). JS is more of headache due to a much heavier use, FF's user are still more safe with noscript...
theory vs. practice, @ the 2nd AC
the theoretical ability to boot into another kernel version is great except when your last update makes changes which render all the previous versions of the kernel un-bootable,
Sorry about that AC, can't recall it happening to me, actually.
So for me it's both practical and theoretical advantage, while missing in the MS Windows.
In your case, what could that be GRUB is pretty hard to break,
-- unless you updated/changed a proprietary video driver, but it's still bootable into mesa or a console non-X.
-- or you/update messed up with your configs, updates rarely (never happened to me), in case you did it, it's not the fault of the OS. And, it's still fairly easy to fix it by booting into a recovery mode (one user env) or a live system.
I suggested that taking examples of random /different/ bugs an using them to illustrate better
I've done it for you, pwn2own wasn't random enough for you? My perception was that Google has been super-fast, while MS does it ... on Tuesdays every month. On the other note, Chrome has yet to be compromised in the wild, unlike a popular target IE.
Lunix is ace/MS sucks attitude which flows through your posts because it holds back the FOSS movement as a whole.
Sorry, no it doesn't depend on me it depends on MS. BTW, holding back the FOSS movement, or rather using predatory practices and dirty tactics is one big thing. Sucking in the IT sense is a very different one. Say, Apple got the first one and many people despise them equally ( while Oracle got... Larry to join this very good company). In my opinion, MS deserves every beating and derision it receives for the both. No, it's all up to MS to not suck, I am afraid.
... but that company X fixes a problem with their browser faster than company Y doesn't even scratch the surface of what each company did to make the fix.
Since IE is a fully proprietary software, don't even guess what they are trying to do. Even Google's Chrome get their patches surfaced in the free Chromium.
Dear AC, you said that MS is faster to fix security bugs on IE than Google is on Chrome. You didn't provide any links for this allegation. I mentioned a few cases where MS was very slow. So are getting any links or not?
It also doesn't mean that Google and Mozilla tested their fixes with the same amount of hardware/software combinations to make sure that they worked.
Neither does it mean the converse. Should I be reminding you that Mozilla's Firefox and Google's Chrome run on the much wider scope of hardware and operating systems?
In general, MS takes too long to fix bugs and still get into trouble, say, when a few Windows systems wouldn't boot after a kernel patch. No, it's not the problem of those who patch it, it's the fundamental problem of the OS underpinning going against the modularity principle. AMOF, a faulty kernel update on a GNU/Linux system could easily be circumvented by booting into the old kernel. Sorry to break your Redmondian bubble.
How is that possible for MS to be faster with a scheduling it Tuesday every month? It would be interesting to see the analysis of the average time before fix. However, according to wikipedia, FF in 2006 was much faster in fixing than was IE , while having less security vulnerabilities than the latter. I also remember a few incidents on pwn2own, when both Mozilla and Google had patched their flaws almost immediately after the competition was over, while it took more than a month for MS to do a similar task.
As of the exploited vulnerabilities in the wild, Chrome was has yet to be mentioned, it's primarily MS IE that is exploited. On top of that, Firefox got the noscript plugin that makes overwhelming majority of exploits virtually useless.
It should also be emphasized, that the exploits both working exploits and exploits in the wild have been demonstrated on the MS Windows, not GNU/Linux, Android, FreeBSD etc. So, MS has to be born in mind and always mentioned as a responsible party.
if it were for Mozilla or Google
that would have been fixed by now.
going after Google
go after any company that offers at tizen phone.
Did they go after Google for exactly this? No, they only have a Ballmer's chair-hurtling syndrome, thanks to the famous bald guy.
When they do go after a company, they make a big secret of how much is paid and where the money ends up eventually.
Except that Android, the base Android is now crippled and crappy.
Meaning of this and/or any links by any chance.
Just trying to understand what do you mean by core functionality of Android OS? What is proprietary? Google doesn't make software proprietary besides a few of their own apps. The kernel got very important proprietary bits or blobs. Are accusing Google for not divulging the source of PowerVR, Mali, ARM code, other proprietary drivers? Should Google be responsible for this? Good job for a Microsoft (hence a anti-Google) evangelist, but you gotta check your facts too at times .
Replicant or Blackberry OS and MADA
But that means they are locked out of Google's Play store and must source their own applications and find their own app store.
Where did you get this? You don't have to be a member of any org to be able to use apps from Google Play. You can either use a browser to download and install them, or an app. I am not sure about the actual Google Play app, it is also an app available on GP. Moreover, the fact that some Blackberry devices (and sailfish OS in future ) can use apps from GP as well. And what about the Replicant and Cyanogenmod?
not completely correct
I do agree with you, though, would like to say that Google approval doesn't have to do with Google Play, formerly known as Android Market. This might be true about the Google Play as an app itself, where you search for an app, install it etc. However, I would doubt that too. There is no such limitation. Moreover, one can use GP on even a few Blackberry devices.
any way to support it?
True WP has been always regarded as far less resource intensive than Android.
Any links with benchmarks or comparative analysis with similar hardware side by side?
AMOF, Microsoft corp. has been notorious in making a desktop OS (even with the allegedly better NT kernel) that is rich in cholesterol, doesn't last long, slows down with age therefore, unstable etc. Minimal system reqs are also quite impressive, no I am not talking about the great Vista, say, as of recent their WinRT was using humongous disk size is one example, compare to Android, iOS or even a desktop GNU/Linux.
@ac: ignorance is a good weapon
grep -i CONFIG_X86_X32 /boot/config-$(uname -r)
# CONFIG_X86_X32 is not set
I specifically gave you the name of my distro that ship their Debian kernels as most of other ones happen to be immune to this. And, btw, Canonical shipped the fix right the same day it was announced. So, dear AC, you have to admit that it's not as straightforward as you suggested, given the heterogeneity of the Linux population (which is almost non-existent according you , or whichever AC was there above)
However, it was said by the original AC to be a piece of cake to get an exploit utilizing some Linux kernel vulnerability through this flashplayer one. In this regards, a working exploit (at least for some distros) should be provided/linked to, or a few similar ones that existed in the past.
just make flash-plugin obsolete
A resource hog and vulnerability magnet should be avoided at any cost. For youtube pretty much any decent video can be used (10 times more efficiently) sometimes with help of youtube-dl, e.g.:
1) mplayer $(youtube-dl -g link-to-youtube-video)
2) vlc link-to-youtube-video
3) totem link-to-youtube-video
and so forth...
On some other sites it might be possible to find the video source by examining the html source. Then use flvstreamer or a player of your choice. In more intricate situations to resort to tcpdump (you still have to run flashplayer for a few seconds to "sniff" the source of the video).
Re: Linux Support
No - it's just as simple to exploit Flash under Linux.
Is it easy to say, or easy to do?
Have you written it for this one already so we, Linux desktop users, aka ghosts, could all try? E.g., on this system LMDE, with the kernel being 3.12.9-custom+, x86_64 GNU/Linux .
Thanks in advance.
the only nice use of Java plugin is
Στοιχεῖα of Euclid. I mean this wonderful website http://aleph0.clarku.edu/~djoyce/java/elements/toc.html
I don't think that use of java plug-in even there is so important.
Re: not a very plausible scenario
java applications frequently run as root
Just like _almost_every_ application can be run as root. For stupidity there is really no upper bound out there. You'd still have to manually and specifically launch it with su/sudo, or if already logged as uid=0. The most possible scenario (and perhaps, most vulnerable) when java is web browser plugin (I think FF now disables it by default). Then it would be run as a progeny and would inherit the uid of the parent process. So one has to be ... extra smart to do just that.
Those who run JVM specifically for other purposes are are likely to create a special user or group for it and change to that when needed, when launching it from the shell, to minimize the threat.
Another point is that on a GNU/Linux distro you get updates without much headache suffered by most Windows users, such, as:
* it is not done from the same interface (one update interface for ALL programs)
* no need to reboot a machine (most update would just need to restart an app)
* more resilient, if a kernel update is buggy and you cannot boot into the fresh kernel, things are modular, the older kernels are kept together with the new to be able to boot into
@AC, yes let's make it clear
Android - has most malware despite its godlike...
Let's make it clear that most Android malware exist in the minds of AV advertisers and "security researchers". The sheer volume of it they talk about is not very well correlated with the number of infected devices. It's probably hard to reliably estimate those numbers too.
I would personally judge from the number of complaining acquaintances. Yes, about 70-75% of them use both Android and Windows devices. About 90% of them at least once had suffered a Windows malware (a scareware, desktop hijackers, credentials sniffers, spam-ware etc). I also know it from helping them clean it up or by getting spam sometimes originated from Romania, Ukraine, China and other outlandish places. No one would ever had any unsolicited texting, dialing etc nor any other indication of trojaned Android app installed.
One reason perhaps is that they have been using Windows longer than they have Android, yet there's an undeniable design superiority Android has over Windows. It's separation and sand-boxing of apps and transparent permission system. Existence of Google Play might be another one (yet still inferior to secure repos/ports most distros use). A simple design that Android has, it's low footprint and the fact that it runs atop of Linux kernel that is widely and actively tested, developed -- all these things are also pretty hard to overestimate.
No, Linux is not "godlike". You can still make a shitty envelope around it. Given special talents, you can easily put a fly in any ointment. Android is not that case though. On the other hand, no one knows what kind of ointment an NT kernel is with its magic hybrid design and other delicacies.
BTW, as far as Android is concerned, there hasn't been a single proper Android system or Linux kernel vulnerability exploited in the wild .. yet. Just sayin'....
poorly written malware... I mean scripts on Cisco's site?
Meanwhile, fully 99 per cent of all mobile malware discovered during the year targeted Android, as did 71 per cent of all web-based attacks on mobile devices.
So how did they discover it?
Can't download their report, even after "temporarily allowing all scripts" with NoScript on the linked page.
@AC: not very plausible figures...
Actually there is LOADS of Android malware out there, and about 0.5% (1 in 200 devices) are currently infected:
AC, your zdnet link points to the article that mentions another "Alcatel-Lucent report" stating your figures. Well, if the memory doesn't fail me it's one of the first attempts to count the actual number of trojaned android systems. However, the mentioned methodology is not very convincing to say the least. No details are provided, yet according to their own paper:
To accurately detect that a user is infected, our signature set looks for network behavior that provides unequivocal evidence of infection coming from the user’s computer. This includes:
• Malware command and control (C&C) communications
• Backdoor connections
• Attempts to infect others (e.g. exploits)
• Excessive e-mail
• Denial of Service (DoS) and hacking activity
Although for Windows all of those methods might be eligible, for Android it could only be #1, thanks to the Android's separation between apps. Other usual revelation of a malware activity they talk about is texting or even placing calls, yet they cannot intercept it.
Okay, so, it's from their sample a .5% of Android devices they found to engage in some C&C communications? Can we do it globally and monitor it world-wide? Yes, why is it not detected world-wide that a .5% of a billion (or more), some 5 million devices are flooding the Internet? Moreover, no figures of those activities seem to exist outside of the Kingsight's vigilant sight, because those might indeed be negligible or non-existent.
here's another quote: The table below shows the top 20 Android malware detected in Q2 in the networks where the Kindsight Mobile Security solution is deployed...
Kingsight seems to be able to not only detect so many C&C communications, they can easily distinguish between the actual species of trojans... No details of this innovative approach is attached with the report though...
Is it a scientific finding? To me it rather looks like another AV scaremongering ad.
"And 99% of mobile malware is Linux/android based..."
99% of those are not viruses but trojans never having a chance to get installed on users' systems and so exist only for AV ads, "security researchers" and other gullible folks' amusement.
It might be because of the Android's apps transparent permissions system or Google Play or the fact that Android runs atop of (modified a bit) Linux kernel and never manages to be as fat and messy as MS Windows.
If you're going to write a virus you target the biggest OS.
For this very purpose you might also make sure to choose the arguably most fattest and messiest OS available.
Did it ever occur to you that the real reason for Google to not chip in with MS and Apple was inability to use those patents to counter-sue against other patent suits MS and Apple bullying Google directly and through their partners? MS and Apple have plenty of other bogus patents like rounded corners, rubber band and exFat long file names.
Re: How quickly we forget
Blarkon, it might be because Google has never done it before. They only counter-sued as a response when some other companies (let's not name those ones from Redmond and Cupertino) having sued Google exactly for patent infringement.
Re: Missing the obvious...
Agreeing with you guys on most things, yet we don't know how competent the interrogators are, what kind of methods..cough-cough.. tortures they might employ. Not sure if I wouldn't confess of stealing the pope's watch if becoming a suspect.
-- Using Tor at the same time some message was sent, so what? Bomb threat, what is it? Wait, wait why are you putting this plastic bag on me, I can't breath.... I will confess, I did whatever you say, please, let me breath!!!
Re: No numbers of successfully installed ones are ever given.
"Ei incumbit probatio qui dicit, non qui negat"
Presumption of innocence, Codex Iustinianius.
I say it, because, most Android's critics, who deplore the malware affairs almost always insinuate the equity between being available and being installed. I also tell you that, if the latter number were in any way discernible, it would be apparent and much better pronounced in the press and everyday life. We would see it in real action, hearing about complaints, having acquaintances, relatives and friends to tell their funny stories, just like in case with MS Windows of whatever version. Nothing of this happens which implies its insignificance for Android.
Re: Crazy Platform
Indeed boring for a Windows-oriented mind. Too much simplicity, order and too little mess, bloat and room for the MIcrosoft-type creativity .
Android is riddled with money stealing malware that no-one is doing anything about
In you dreams and imagination it might be. Android malware are always presented in numbers that are available for download (usually outside of Google Play). No numbers of successfully installed ones are ever given., unlike with MS Windows where we almost always know an estimate for the number of PC to suffer from a particular malware.
I don't care if it's design is any good or not, the end result is that there's a shed load of Android malware.
Right, good design is detrimental, let's rewrite the postulates of modern IT... How big is this shed that gets to actually infect?
(Anti) Virus software is an afterthought, and the result of many Microsoft's blunders, it's not a good idea after all.
Re: Crazy Platform
bazza, you seem to not understand. Android, unlike any version of Windows, isolates apps giving them separate uid's and thus has them running in a sandboxed env. Each uid routinely joins various groups with different permissions. These permissions are also transparent to a user.
All apps are pretty much equal and cannot have higher privileges over each other. An admin (the user) or root can go over their heads. You cannot simply allow an app on an unrooted system to do just that.
All those features combined is a good measure against malware already.
This is why Windows is so vulnerable and helpless against viruses and trojans. MS Windows is the one that is crazy.
Mate got more features than cinnamon
Mate is, by design, less resource intensive and lacks some of the flash found in Cinnamon.
I think that there are more flashes in Mate than in the Cinnamon desktop.
Say, panel applets available in Mate by default. Calendar applet can show time and weather for multiple cities . I also noticed, that Mate applets tend to be a bit less flashy, yet much more functional. You can run compiz with all of its configurable flashes instead of marco. Gnome-terminal lacks the transparency feature for some time now, unlike good ol' mate-terminal. All of it is done with more stability and less resources.
However, Cinnamon moves fast and improves steadily.
Both Mate and Cinnamon are great desktops. We (GNU/Linux and *BSD people) also got Xfce, KDE, LXDE, Unity, Fluxbox, e17 and more. All are great DEs. Hence the penguin icon.
eliminate that superbotnet that calls itself Microsoft corp.
Re: if I remember correctly
Yes indeed, Clovis was the first Catholic Frankish or French King. Yet, there is a Clovis culture, the oldest found in North America (peculiar shapes of arrow heads etc) . One hypothesis uses the fact that unlike the later cultures in the Americas, Clovis is very reminiscent of those found in Northern Europe and asserts that it was a result of migration of people from the Ice Age Europe that eventually settled in in North America.
So, Northern France comes up there pretty coincidentally. It's quite likely that the Atlantic ocean was much better navigable at the time, so the coast of Normandy is a pretty good candidate.
you wrote: Google may get up to as their arrogance continues to grow
So thank you for being honest. The "may" or "might" is the crucial meaning there. It's not up to us to project what might happen in the future. However, in case you want to do forecasting more wisely, I think, the best way here is to extrapolate from the previous history of the same entity. We should be more concerned about the present though. In this present Google is still an angel (not by themselves) but rather in comparison to any of the big fat bastards: Microsoft, Apple or Oracle.
Can you do the same to Microsoft Windows, just for a start?
The philosophy that "everything is equal to everything else" is a cool one. Equating Google with Microsoft is also a pretty nice idea. Let's see what we get there:
-- can we recall any similar shitty PR campaigns Google had ever initiated in the past against Microsoft or anybody else?
-- did Google ever try to lock-in to their products?
-- have Google been imposing it's proprietary products upon humanity for the last 20 years?
-- how many times did Google try to embrace and extinguish, just like Microsoft had done in the Java/Visual J++ or Netscape/IE controversies?
-- how many times did Google try to impose it's proprietary standards and protocols on consumers like ActiveSync, MSO and other formats?
-- how many times did Google try to extort money by (ab)using the patent system and it's own bogus patents, as a means to compensate the lack of its own innovative ideas ( not as a countermeasure against someone else that was trying to do just that)?
-- when did Google last time try to insert some secret API's in their product to acquire an unfair advantage against it's competitors?
-- is there a Google Tax and bundling of their messy software a consumer has to pay for no matter what?
-- how much damage did Google do to contaminate the culture of IT with its poor software design, lack of provision and constant drive to monopolize the Schools, Universities and other institutions?
-- can you not simply opt out using Google's free products by not going google.com, closing gmail account, not buying an Android device approved by Google (the most source code of which is freely available)? Just like when you virtually cannot avoid some non-free Microsoft products?
@RedneckMBA: "get the facts"
Why not addressing this directly at Microsoft? Suggesting them to shut the f***ck up would also be nice.
..fanbois arguing is simply a colossal waste of time
It's particularly disgusting when a colossal waste is conducted by a psychopathic colossus with plenty of extorted money still enough to squander on some moronic PR campaigns.
bug vs. feature
This Android bug is a feature on Windows OS. There has been no mandatory authenticity verification on MS Windows for all these past and current years.
KISS and emacs in one sentence. Must be a joke. Just not a funny one.
I pointed this out above, vim occupies more space than the emacs-nox package on Debian. This is not a joke, yet actually is pretty funny. BTW, there is no emacs anymore. There is either GNU Emacs or XEmacs and a few other clones.
Why would you need that? You can always fire up that good ol' MS Notepade on your system. This is the decency you're after, I guess.
but makes little sense from the terminal
Imho, it does, I've been running it predominantly this way until pretty recently. AMOF, on Debian, vim-runtime (a dependency for vim) takes more space (about 23mb) than emacs23-nox with its dependencies (about 13mb). It still comes with the lisp interpreter and quite a few very useful modes and things.
A lot of people run their CAS software inside of emacs because it makes a lot of sense. GNU Emacs got it's own very powerful yet simple reverse polish calculator Calc, often used as embedded while editing various stuff. This one plays so nicely with other cool modes like org-mode. Emacs Calc, unlike so many other calculators, can not only operate on dates, units, it supports various formats, does symbolic calculus and so on.
No other editor can do it.
Try it out to see how wrong you are. Thanks to Lisp it actually has grown into a super editor. This very design and and its modular architecture still ensures adherence to the KISS principle. I can barely remember any annoying bugs within Emacs despite some heavy usage of it for the last ... 8 years, I think.
Perhaps it's farther away from the Unix ideas than vi is, yet vi or even vim are not as extensible as GNU Emacs is.
That Google, Samsung, Asus and others will return with something painful at these abominable fat mongrels from both Cupertino and Redmond. The rest of the rascals of this Cartel seem to be just their cowardly lackeys.
Those patents in question are so general and ludicrous. What a fucked-up patent system it really is!
Re: Ubuntu @Jedidiah
Metrognome, once again. With Windows, when installing you look for drivers elsewhere, with Linux they are already there. See the difference.