InfoWorld on Why Linux on the Desktop is Still Better than Windows 10
- 
 @Dashrender said: The idea of the software repo is definitely nice, but what keeps the repo for a specific flavor of Linux safe and virus free? Mac didn't worry about viuii 10 yeas ago because they had so little of the environment it wasn't worth the effort for the virus writers. So let's assume that Linux gets up to 10-15% usage - now the virus writers will start paying attention. What keeps them from publishing to the repo? Now, all that said - the fact that MS hasn't had a repo until Windows 8 - yeah that kind of sucks. And even now, it seems that x86/x64 legacy apps had/have a hard time in the Windows store - not sure why.. Because you can't just publish an app to the repo. Packages are vetted and signed by the repo owners. Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server 
- 
 Will that break down if Linux become desktop mainstream? I can't see app development shrinking - instead I see Linux suffering the same problem that Windows does. Those apps will be published on websites all over just like Windows apps, users will want an app to solve a problem, they will server Google, run across this non repo app and install it. Of course home users have root, so they'd be able to. Business would continue as they do today. users won't be able to install something assuming that IT has locked the machine down except for mobile, none installed apps - but since Linux doesn't have a registry, is this even possible? I suppose all applications written on Windows today could be written in such a way as to run completely in the user space (well, most of them, not things like firewalls, AV, etc) 
- 
 @johnhooks said: Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users. 
- 
 @Dashrender said: Will that break down if Linux become desktop mainstream? I can't see app development shrinking - instead I see Linux suffering the same problem that Windows does. Those apps will be published on websites all over just like Windows apps, users will want an app to solve a problem, they will server Google, run across this non repo app and install it. Of course home users have root, so they'd be able to. Business would continue as they do today. users won't be able to install something assuming that IT has locked the machine down except for mobile, none installed apps - but since Linux doesn't have a registry, is this even possible? I suppose all applications written on Windows today could be written in such a way as to run completely in the user space (well, most of them, not things like firewalls, AV, etc) Why would they go to google to get the app, when you just do it in the software center? It's the same with the Windows Store, you don't look for those apps on the internet, you get them through the store. You usually can't run the Software Center without root access, so a normal user would have to be sudo to install software even in an office setting. 
- 
 @Dashrender said: @johnhooks said: Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users. If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer. 
- 
 We both agree (I assume) that the Windows store is nearly useless today. Things that you want simply aren't in there. Examples, Putty, WinDirStat, etc. You're question implies that a home user would even know how to find something in the software center/repo (I have no clue how to search it - can it be done with a GUI? can you give it goal desires to help you find things like Google will?) So what's wrong with the store concept today? In the commercial world (Microsoft Store, Google Play, Apple Store, Amazon, etc) you have to pay to play. I don't think you can publish for free. And the vendor can choose to just not allow your stuff in the store. But in the world of Windows, MAC and Android you can just create software and toss it out on the web, and assuming your website has the correct keywords, will be indexed by Google so you can google it, download and install it. So if we apply that to the Linux world you need to get a place where developers can easily (probably required to be free) to put applications into the software center/repo. Again home users have to be allowed to install them without root. Think about mobile devices today - it pretty much needs to end up working like they do. Normal users, non rooted can't install anything from the store. But you have to have enough software in the store so people aren't trying to go around the blocks to get third party non store apps to solve a problem they have. Android personally makes this entirely to easy - but even if a user never enables the feature that allows them to install non Google Play apps, infected apps still make it into the curated Google Play store. I'm curious how you solve that problem without causing a back log, and needing some pretty serious funding to pay for the curation of the repo. 
- 
 @johnhooks said: @Dashrender said: @johnhooks said: Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users. If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer. @johnhooks said: @Dashrender said: @johnhooks said: Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users. If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer. I'm not talking about infecting the repo.. just an app in the repo. Just like there being a bad app in the Apple Store or Google Play. 
- 
 @Dashrender said: @johnhooks said: @Dashrender said: @johnhooks said: Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users. If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer. @johnhooks said: @Dashrender said: @johnhooks said: Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users. If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer. I'm not talking about infecting the repo.. just an app in the repo. Just like there being a bad app in the Apple Store or Google Play. That's also what I'm saying. You can't, because it's vetted and signed by the repo maintainers. 
- 
 @johnhooks said: @Dashrender said: @johnhooks said: @Dashrender said: @johnhooks said: Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users. If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer. @johnhooks said: @Dashrender said: @johnhooks said: Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users. If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer. I'm not talking about infecting the repo.. just an app in the repo. Just like there being a bad app in the Apple Store or Google Play. That's also what I'm saying. You can't, because it's vetted and signed by the repo maintainers. So are all the ones in Google Play and Apple store, yet every year they end up pull out dozens or more apps because the vetting process failed. Why does it fail? Because it's an automated process that can be gamed. And I'm not sure that a human based system would REALLY be any better... So, considering how many apps are in the Linux repos versus how many are in the Apple/Google stores, they (linux distros) have an easy time. What happens when the number of apps reaches hundreds of thousands, or millions? 
- 
 @Dashrender said: We both agree (I assume) that the Windows store is nearly useless today. Things that you want simply aren't in there. Examples, Putty, WinDirStat, etc. You're question implies that a home user would even know how to find something in the software center/repo (I have no clue how to search it - can it be done with a GUI? can you give it goal desires to help you find things like Google will?) So what's wrong with the store concept today? In the commercial world (Microsoft Store, Google Play, Apple Store, Amazon, etc) you have to pay to play. I don't think you can publish for free. And the vendor can choose to just not allow your stuff in the store. But in the world of Windows, MAC and Android you can just create software and toss it out on the web, and assuming your website has the correct keywords, will be indexed by Google so you can google it, download and install it. So if we apply that to the Linux world you need to get a place where developers can easily (probably required to be free) to put applications into the software center/repo. Again home users have to be allowed to install them without root. Think about mobile devices today - it pretty much needs to end up working like they do. Normal users, non rooted can't install anything from the store. But you have to have enough software in the store so people aren't trying to go around the blocks to get third party non store apps to solve a problem they have. Android personally makes this entirely to easy - but even if a user never enables the feature that allows them to install non Google Play apps, infected apps still make it into the curated Google Play store. I'm curious how you solve that problem without causing a back log, and needing some pretty serious funding to pay for the curation of the repo. The store has a GUI, they've had a store since before I've been using Linux. Ubuntu has a few paid apps, but very few. Everything else in the store is free. Same with Fedora, all free. infected apps still make it into the curated Google Play store When has this happened? 
- 
 
- 
 Even if something did make it into the repo, which I still say would have happened before now because of the number of Linux servers being used (the repos work just like a store) the history of patching on Linux is far far better than any other platform. 
- 
 Linux repos have been breached as early as 2010/2011. No platform has 100% track record of reliability, lot of us like Linux but let's not ignore the past. 
- 
 @Dashrender said: @johnhooks said: When has this happened? The malicious app basically attempts to detect if a device is rooted, and then it copies several files to the/system partition The devices have to be rooted. Which removes all security that was given. 
- 
 @johnhooks said: Even if something did make it into the repo, which I still say would have happened before now because of the number of Linux servers being used (the repos work just like a store) the history of patching on Linux is far far better than any other platform. I'll definitely give you that. Though Apps on mobile platforms are rip and replace. When you update an app on Android for example, you remove the old one, and replace it with the whole new install apk. 
- 
 @johnhooks said: @Dashrender said: @johnhooks said: When has this happened? The malicious app basically attempts to detect if a device is rooted, and then it copies several files to the/system partition The devices have to be rooted. Which removes all security that was given. That definitely wasn't the case for bad apps that were released in china. There was an infected compiler running around china that was being used to create apps, those apps did make their way into the apple store, later to be removed. 
- 
 @Breffni-Potter said: Linux repos have been breached as early as 2010/2011. No platform has 100% track record of reliability, lot of us like Linux but let's not ignore the past. You're right, I shouldn't say you can't. It's just super hard. And with the number of servers running critical and important data, you would have think it would have happened more frequently than it does on Windows home computers running goofy software. 
- 
 @Dashrender said: @johnhooks said: @Dashrender said: @johnhooks said: When has this happened? The malicious app basically attempts to detect if a device is rooted, and then it copies several files to the/system partition The devices have to be rooted. Which removes all security that was given. That definitely wasn't the case for bad apps that were released in china. There was an infected compiler running around china that was being used to create apps, those apps did make their way into the apple store, later to be removed. The apps in question installed their own digital certificates on a person's Apple mobile device. It would enable the apps to terminate an encrypted connection between a device and a service and view the traffic, which is a potential security risk. That's all it did. 
- 
 @johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected. Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc. 
- 
 @Dashrender said: @johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected. Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc. But being in the repo or store means its not unknown. The software stores use the same repos. If you can install it on Ubuntu with Unity, you can install it on Ubuntu server. 


