ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    InfoWorld on Why Linux on the Desktop is Still Better than Windows 10

    Scheduled Pinned Locked Moved News
    linuxlinux desktopfedorawindowswindows 10infoworldfedora 23
    43 Posts 6 Posters 9.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stacksofplatesS
      stacksofplates @Dashrender
      last edited by stacksofplates

      @Dashrender said:

      The idea of the software repo is definitely nice, but what keeps the repo for a specific flavor of Linux safe and virus free?

      Mac didn't worry about viuii 10 yeas ago because they had so little of the environment it wasn't worth the effort for the virus writers. So let's assume that Linux gets up to 10-15% usage - now the virus writers will start paying attention. What keeps them from publishing to the repo?

      Now, all that said - the fact that MS hasn't had a repo until Windows 8 - yeah that kind of sucks. And even now, it seems that x86/x64 legacy apps had/have a hard time in the Windows store - not sure why..

      Because you can't just publish an app to the repo. Packages are vetted and signed by the repo owners.

      Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server

      DashrenderD 1 Reply Last reply Reply Quote 0
      • DashrenderD
        Dashrender
        last edited by

        Will that break down if Linux become desktop mainstream? I can't see app development shrinking - instead I see Linux suffering the same problem that Windows does. Those apps will be published on websites all over just like Windows apps, users will want an app to solve a problem, they will server Google, run across this non repo app and install it. Of course home users have root, so they'd be able to.

        Business would continue as they do today. users won't be able to install something assuming that IT has locked the machine down except for mobile, none installed apps - but since Linux doesn't have a registry, is this even possible? I suppose all applications written on Windows today could be written in such a way as to run completely in the user space (well, most of them, not things like firewalls, AV, etc)

        stacksofplatesS 1 Reply Last reply Reply Quote 0
        • DashrenderD
          Dashrender @stacksofplates
          last edited by

          @johnhooks said:

          Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server

          No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users.

          stacksofplatesS 1 Reply Last reply Reply Quote 0
          • stacksofplatesS
            stacksofplates @Dashrender
            last edited by

            @Dashrender said:

            Will that break down if Linux become desktop mainstream? I can't see app development shrinking - instead I see Linux suffering the same problem that Windows does. Those apps will be published on websites all over just like Windows apps, users will want an app to solve a problem, they will server Google, run across this non repo app and install it. Of course home users have root, so they'd be able to.

            Business would continue as they do today. users won't be able to install something assuming that IT has locked the machine down except for mobile, none installed apps - but since Linux doesn't have a registry, is this even possible? I suppose all applications written on Windows today could be written in such a way as to run completely in the user space (well, most of them, not things like firewalls, AV, etc)

            Why would they go to google to get the app, when you just do it in the software center? It's the same with the Windows Store, you don't look for those apps on the internet, you get them through the store.

            You usually can't run the Software Center without root access, so a normal user would have to be sudo to install software even in an office setting.

            1 Reply Last reply Reply Quote 0
            • stacksofplatesS
              stacksofplates @Dashrender
              last edited by

              @Dashrender said:

              @johnhooks said:

              Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server

              No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users.

              If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer.

              DashrenderD 1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender
                last edited by

                We both agree (I assume) that the Windows store is nearly useless today. Things that you want simply aren't in there. Examples, Putty, WinDirStat, etc.

                You're question implies that a home user would even know how to find something in the software center/repo (I have no clue how to search it - can it be done with a GUI? can you give it goal desires to help you find things like Google will?)

                So what's wrong with the store concept today? In the commercial world (Microsoft Store, Google Play, Apple Store, Amazon, etc) you have to pay to play. I don't think you can publish for free. And the vendor can choose to just not allow your stuff in the store.

                But in the world of Windows, MAC and Android you can just create software and toss it out on the web, and assuming your website has the correct keywords, will be indexed by Google so you can google it, download and install it.

                So if we apply that to the Linux world you need to get a place where developers can easily (probably required to be free) to put applications into the software center/repo.

                Again home users have to be allowed to install them without root.

                Think about mobile devices today - it pretty much needs to end up working like they do. Normal users, non rooted can't install anything from the store. But you have to have enough software in the store so people aren't trying to go around the blocks to get third party non store apps to solve a problem they have.

                Android personally makes this entirely to easy - but even if a user never enables the feature that allows them to install non Google Play apps, infected apps still make it into the curated Google Play store. I'm curious how you solve that problem without causing a back log, and needing some pretty serious funding to pay for the curation of the repo.

                stacksofplatesS 1 Reply Last reply Reply Quote 0
                • DashrenderD
                  Dashrender @stacksofplates
                  last edited by

                  @johnhooks said:

                  @Dashrender said:

                  @johnhooks said:

                  Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server

                  No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users.

                  If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer.

                  @johnhooks said:

                  @Dashrender said:

                  @johnhooks said:

                  Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server

                  No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users.

                  If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer.

                  I'm not talking about infecting the repo.. just an app in the repo.

                  Just like there being a bad app in the Apple Store or Google Play.

                  stacksofplatesS 1 Reply Last reply Reply Quote 0
                  • stacksofplatesS
                    stacksofplates @Dashrender
                    last edited by

                    @Dashrender said:

                    @johnhooks said:

                    @Dashrender said:

                    @johnhooks said:

                    Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server

                    No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users.

                    If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer.

                    @johnhooks said:

                    @Dashrender said:

                    @johnhooks said:

                    Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server

                    No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users.

                    If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer.

                    I'm not talking about infecting the repo.. just an app in the repo.

                    Just like there being a bad app in the Apple Store or Google Play.

                    That's also what I'm saying. You can't, because it's vetted and signed by the repo maintainers.

                    DashrenderD 1 Reply Last reply Reply Quote 0
                    • DashrenderD
                      Dashrender @stacksofplates
                      last edited by

                      @johnhooks said:

                      @Dashrender said:

                      @johnhooks said:

                      @Dashrender said:

                      @johnhooks said:

                      Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server

                      No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users.

                      If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer.

                      @johnhooks said:

                      @Dashrender said:

                      @johnhooks said:

                      Plus, if this were possibly wouldn't it have happened in the server space anyway? Here is builtwith.com's statistics http://trends.builtwith.com/server

                      No, because IT Pros are the ones generally installing things on Linux servers, not unknowning, searching for emoticon programs end users.

                      If they could infiltrate the repo to install a virus, it wouldn't matter your level of ability. Whoever installed the package from the repo would be infected whether they were a home user or a seasoned Admin/Engineer.

                      I'm not talking about infecting the repo.. just an app in the repo.

                      Just like there being a bad app in the Apple Store or Google Play.

                      That's also what I'm saying. You can't, because it's vetted and signed by the repo maintainers.

                      So are all the ones in Google Play and Apple store, yet every year they end up pull out dozens or more apps because the vetting process failed. Why does it fail? Because it's an automated process that can be gamed. And I'm not sure that a human based system would REALLY be any better...

                      So, considering how many apps are in the Linux repos versus how many are in the Apple/Google stores, they (linux distros) have an easy time. What happens when the number of apps reaches hundreds of thousands, or millions?

                      1 Reply Last reply Reply Quote 0
                      • stacksofplatesS
                        stacksofplates @Dashrender
                        last edited by

                        @Dashrender said:

                        We both agree (I assume) that the Windows store is nearly useless today. Things that you want simply aren't in there. Examples, Putty, WinDirStat, etc.

                        You're question implies that a home user would even know how to find something in the software center/repo (I have no clue how to search it - can it be done with a GUI? can you give it goal desires to help you find things like Google will?)

                        So what's wrong with the store concept today? In the commercial world (Microsoft Store, Google Play, Apple Store, Amazon, etc) you have to pay to play. I don't think you can publish for free. And the vendor can choose to just not allow your stuff in the store.

                        But in the world of Windows, MAC and Android you can just create software and toss it out on the web, and assuming your website has the correct keywords, will be indexed by Google so you can google it, download and install it.

                        So if we apply that to the Linux world you need to get a place where developers can easily (probably required to be free) to put applications into the software center/repo.

                        Again home users have to be allowed to install them without root.

                        Think about mobile devices today - it pretty much needs to end up working like they do. Normal users, non rooted can't install anything from the store. But you have to have enough software in the store so people aren't trying to go around the blocks to get third party non store apps to solve a problem they have.

                        Android personally makes this entirely to easy - but even if a user never enables the feature that allows them to install non Google Play apps, infected apps still make it into the curated Google Play store. I'm curious how you solve that problem without causing a back log, and needing some pretty serious funding to pay for the curation of the repo.

                        The store has a GUI, they've had a store since before I've been using Linux. Ubuntu has a few paid apps, but very few. Everything else in the store is free. Same with Fedora, all free.

                        infected apps still make it into the curated Google Play store

                        When has this happened?

                        DashrenderD 1 Reply Last reply Reply Quote 0
                        • DashrenderD
                          Dashrender @stacksofplates
                          last edited by Dashrender

                          @johnhooks said:

                          When has this happened?

                          http://www.ibtimes.co.uk/google-removes-13-android-apps-play-store-infected-brain-test-malware-1537049

                          http://www.pcworld.com/article/2991011/security/apple-removes-apps-from-store-that-could-spy-on-your-data-traffic.html

                          stacksofplatesS 1 Reply Last reply Reply Quote 0
                          • stacksofplatesS
                            stacksofplates
                            last edited by

                            Even if something did make it into the repo, which I still say would have happened before now because of the number of Linux servers being used (the repos work just like a store) the history of patching on Linux is far far better than any other platform.

                            DashrenderD 1 Reply Last reply Reply Quote 0
                            • Deleted74295D
                              Deleted74295 Banned
                              last edited by

                              Linux repos have been breached as early as 2010/2011.

                              No platform has 100% track record of reliability, lot of us like Linux but let's not ignore the past.

                              stacksofplatesS 1 Reply Last reply Reply Quote 0
                              • stacksofplatesS
                                stacksofplates @Dashrender
                                last edited by

                                @Dashrender said:

                                @johnhooks said:

                                When has this happened?

                                http://www.ibtimes.co.uk/google-removes-13-android-apps-play-store-infected-brain-test-malware-1537049

                                http://www.pcworld.com/article/2991011/security/apple-removes-apps-from-store-that-could-spy-on-your-data-traffic.html

                                The malicious app basically attempts to detect if a device is rooted, and then it copies several files to the/system partition

                                The devices have to be rooted. Which removes all security that was given.

                                DashrenderD 2 Replies Last reply Reply Quote 0
                                • DashrenderD
                                  Dashrender @stacksofplates
                                  last edited by

                                  @johnhooks said:

                                  Even if something did make it into the repo, which I still say would have happened before now because of the number of Linux servers being used (the repos work just like a store) the history of patching on Linux is far far better than any other platform.

                                  I'll definitely give you that. Though Apps on mobile platforms are rip and replace. When you update an app on Android for example, you remove the old one, and replace it with the whole new install apk.

                                  1 Reply Last reply Reply Quote 0
                                  • DashrenderD
                                    Dashrender @stacksofplates
                                    last edited by

                                    @johnhooks said:

                                    @Dashrender said:

                                    @johnhooks said:

                                    When has this happened?

                                    http://www.ibtimes.co.uk/google-removes-13-android-apps-play-store-infected-brain-test-malware-1537049

                                    http://www.pcworld.com/article/2991011/security/apple-removes-apps-from-store-that-could-spy-on-your-data-traffic.html

                                    The malicious app basically attempts to detect if a device is rooted, and then it copies several files to the/system partition

                                    The devices have to be rooted. Which removes all security that was given.

                                    That definitely wasn't the case for bad apps that were released in china. There was an infected compiler running around china that was being used to create apps, those apps did make their way into the apple store, later to be removed.

                                    stacksofplatesS 1 Reply Last reply Reply Quote 0
                                    • stacksofplatesS
                                      stacksofplates @Deleted74295
                                      last edited by

                                      @Breffni-Potter said:

                                      Linux repos have been breached as early as 2010/2011.

                                      No platform has 100% track record of reliability, lot of us like Linux but let's not ignore the past.

                                      You're right, I shouldn't say you can't. It's just super hard. And with the number of servers running critical and important data, you would have think it would have happened more frequently than it does on Windows home computers running goofy software.

                                      1 Reply Last reply Reply Quote 1
                                      • stacksofplatesS
                                        stacksofplates @Dashrender
                                        last edited by

                                        @Dashrender said:

                                        @johnhooks said:

                                        @Dashrender said:

                                        @johnhooks said:

                                        When has this happened?

                                        http://www.ibtimes.co.uk/google-removes-13-android-apps-play-store-infected-brain-test-malware-1537049

                                        http://www.pcworld.com/article/2991011/security/apple-removes-apps-from-store-that-could-spy-on-your-data-traffic.html

                                        The malicious app basically attempts to detect if a device is rooted, and then it copies several files to the/system partition

                                        The devices have to be rooted. Which removes all security that was given.

                                        That definitely wasn't the case for bad apps that were released in china. There was an infected compiler running around china that was being used to create apps, those apps did make their way into the apple store, later to be removed.

                                        The apps in question installed their own digital certificates on a person's Apple mobile device. It would enable the apps to terminate an encrypted connection between a device and a service and view the traffic, which is a potential security risk.

                                        That's all it did.

                                        1 Reply Last reply Reply Quote 0
                                        • DashrenderD
                                          Dashrender
                                          last edited by

                                          @johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.

                                          Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.

                                          stacksofplatesS 1 Reply Last reply Reply Quote 0
                                          • stacksofplatesS
                                            stacksofplates @Dashrender
                                            last edited by

                                            @Dashrender said:

                                            @johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.

                                            Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.

                                            But being in the repo or store means its not unknown. The software stores use the same repos. If you can install it on Ubuntu with Unity, you can install it on Ubuntu server.

                                            DashrenderD 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 2 / 3
                                            • First post
                                              Last post