Ubuntucat

If you’ve spent any time on a Linux forum, you know people there love to debate about Linux v. Windows v. Mac OS X. Throw in the term user-friendly or easier, and you’ll likely fan the flames so they can be put out only by a discussion thread closure.

One type of objection Linux defenders often raise is the idea of a fair comparison. For example, someone may assert that Windows “just works” out of the box and that Ubuntu is difficult to install and doesn’t detect everything. To be fair, a Linux defender responds, people generally buy computers with Windows preinstalled and preconfigured by the OEM (Dell, HP, etc.), and you’re comparing a preconfigured operating system to one you’re installing and configuring yourself.

Obviously, the Linux defender, in this case, has a point. After all, if you install Windows from scratch and don’t have all the necessary drivers available, it’s actually a nightmare to install and configure, much more so than Ubuntu is. Even if you do have the necessary driver CDs, it’s less of a nightmare but takes an extremely long time to set up.

It is worth exploring, though, whether we have to make fair comparisons or not. Yes, Windows is a pain to install and configure yourself, but if most people never have to install Windows themselves, how relevant is that point?

Imagine, if you will, a new fast food chain trying to unseat McDonald’s, or a new everything-store trying to topple Wal-Mart. Well, McDonald’s and Wal-Mart will have the advantages of name-brand recognition, infrastructure, inertia, and low prices (due to economies of scale). It wouldn’t be enough to say “My fast food tastes better than McDonald’s’” or “My store has employees who are happier than those at Wal-Mart.” That doesn’t mean you can compete. It also makes little sense to say, “Well, people who don’t want to shop at my store because of travel distance aren’t making a fair comparison, since Wal-Mart is already well-established and has stores all over, and I have only one store so far.” While someone may be understanding that you have difficulty gaining customers who live within ten miles of a Wal-Mart and five hundred miles away from your store, they’re still not going to drive five hundred miles to get to you.

The major flaw in my analogy, of course, is that the customer isn’t going to complain that the store is five hundred miles away. Customers understand that it’s hard to compete with well-established businesses… even if they ultimately choose the well-established business over the “underdog.”

So there are two sides to this. On the one hand, disgruntled would-be migrants to Linux from Windows should recognize that difficulties migrating do not always have to do with quality of workmanship—a lot of the problems Linux faces for impressing home users have to do with Microsoft (like McDonald’s and Wal-Mart) being the dominant force in home computing. Just as Wal-Marts are “everywhere” and the new store has only one location, Windows computers for home users are everywhere and supported by almost all major hardware and software vendors. You can stick with Windows if you want, but you do have to understand that it’s hard to unseat what has inertia and lots of money and name recognition.

At the same time, Linux advocates like myself need to remind ourselves that fair comparisons are fair only in theory and are often contrived and meaningless. Yes, a Windows installation can be difficult without driver CDs, but most Windows users won’t install Windows themselves, and a large percentage of Windows users who do install Windows will also have driver CDs for their hardware.

I don’t believe that security through obscurity is ideal or ultimately effective. I don’t believe it’s a generally good security approach. Nevertheless, it is not often the same as no security at all. Security through obscurity can have its place.

A few years ago, when it was brought to light that the newest (at the time) Ubuntu version stored the administrative password in plain text, that incident was a huge embarrassment to Ubuntu developers, and they fixed the security hole within hours of it having been brought to their attention. Nevertheless, it had been in place for months prior to being brought to the developers’ attention. Were any Ubuntu installations compromised because of this bug? Probably not.

Likewise, most people don’t know that physical access to a computer means (except in rare cases) total administrative access. If you encrypt your drive, you can prevent unauthorized access to your files. If you put a password on the BIOS and disable booting from CD, you can slow down or make more inconvenient the unauthorized access. Maybe that’ll stop people from compromising your computer if you’re away from it for only a few minutes.

Many users are naive to just what prolonged physical access means, though, in terms of security, and that’s dangerous, because then security through obscurity works against you. I used to believe (before I started using Linux) that having my laptop prompt me for a password upon waking the computer would mean that if my laptop were ever stolen, no one could get my files. Before I booted a Knoppix CD on his laptop, my dad used to think a fingerprint scanner would prevent people from seeing his files. In these cases, the “security” is obscured for the user and not the thief.

If a thief makes her living by taking the data off your computer (probably for the purposes of identity theft) and not solely by selling the hardware, she probably knows exactly how to access your data, whether it be resetting the BIOS password, booting from a live CD, or even moving the hard drive to another computer.

There have been quite a few debates about whether recovery mode in Ubuntu should exist or perhaps be hidden by default. In Windows, if you need emergency administrative access, you need to boot a CD. In Mac OS X, you have to know the relatively obscure hold-down-Cmd-S-while-booting procedue to get into recovery mode. In Ubuntu, though, it’s right there in the boot menu. Just press the down arrow once and you’re in recovery mode, which means you have root (or total administrative) access to the computer.

On the one hand, obscuring recovery mode might give people a false sense of security (thinking it’s difficult to gain root access). On the other hand, having it in the boot menu kind of advertises it, and you might have a curious sibling or roommate who selects it and starts getting playful on the command-line, and she might not have done so if it weren’t in her face the way it is.

Outside of the computer world, it’s a bit like keeping the key to your house underneath the welcome mat. Doing so is definitely bad security. On the other hand, most people won’t know exactly where you keep your key or if you keep it under the welcome mat at all. If you post up a big sign next to your door saying “Hey, the key is underneath this welcome mat!” you’ll be sure to have your home broken into.

When it comes to computer security, definitely encryption and restriction of physical access should be publicized more as real security options, but I do believe there are tradeoffs to embracing and eschewing security through obscurity. Just make sure you are obscuring access for others and not for yourself.

Mark Shuttleworth’s vision
I know I’m not the only Ubuntu user blogging about Mark Shuttleworth saying he wants to make Ubuntu better-looking than OS X in the next two years. He also says

I can’t say we will succeed at this, but we will make a significant attempt to elevate the Linux desktop to the point where it is as good or better than Apple. We’ll also open up the debate to a broad community, rather than just software engineers—we’ll preserve the bazaar, but also redefine what success means for this particular crowd, so things are not just stable but also lovely. We can’t outspend Microsoft or Apple in terms of user-interface studies or the like, but we can invest in this.

I have a lot of respect for Mark Shuttleworth. He made a lot of money off open source, saw and filled a niche in the Linux community, and recognized the need for a balance between being a total corporate sellout and a total free software zealot.

But I think he’s either, in recent interviews, not sharing his total vision for Ubuntu, or not realizing why people like Mac OS X.

What’s so great about Macs and Apple anyway?
My wife is a Mac user. She has her Macbook Pro (recently traded up from a Powerbook), her iPhone, and her iPod (now a portable hard drive, since the iPhone is now her music player). I love Ubuntu and my Eee PC on which I’ve loaded it. I know, though, that no matter how much I like Ubuntu, my wife is having a better computing experience. It doesn’t have to do with software quality or availability, pretty looks, or hardware peripherals support.

In one of his recent MacWorld Expo keynotes, Steve Jobs talked about recognizing the importance of tightly integrating software and hardware. I don’t like how he’s locked people into his hardware with his software (right now Apple has already filed suit against Psystar, which recently began selling Mac OS X-preinstalled non-Apple computers), but he is right about how important that tight integration is.

What Apple offers you, and you realize this the moment you walk into an Apple store, is a total experience. You want a computer? They’ll sell you computers that are designed to work with the software on them. You want a portable music player? They’ll sell you one that’s designed to work with the music software on the computer they just sold you. You want a TV accessory for watching YouTube videos and renting movies and TV shows? They’ll sell you that, too. The software programs all talk to each other, and the software talks to the hardware, and the hardware is all meant to complement well the other hardware.

Yes, I have my criticisms of Apple and Mac OS X, just as many Ubuntu fans do. I don’t find Mac OS X intuitive at all. I don’t like DRM in the iTunes music store. I don’t like how they actively fight against people trying to use non-iTunes software to sync iPods. I don’t like how their end user license agreement makes you use only Apple computers with Mac OS X. Nevertheless, they’re doing something way beyond making good or beautiful software.

The Canonical store
This is what I would love to see, Mark Shuttleworth, and maybe it might take more than even your hundreds of millions to get set up, but I’m dreaming here. It’s okay to dream, I hope. For Ubuntu to surpass Apple, there should be a Canonical store—a brick and mortar store. You can start with a couple of them—maybe one in London, one in New York—and expand from there.

A Canonical store would be much like an Apple store. There would be computers on display that ran Ubuntu and were guaranteed to work with Ubuntu in every way (no non-working resume-from-suspend, or no it-worked-in-a-previous-version-but-after-you-upgrade-there-might-be-a-sound-problem). There would be portable media players that were designed to work well with Rhythmbox and vice versa. These would also be on display. There would be Canonical cinema displays that played nice with Xorg, so all you would have to do is plug it in, click on an icon on the Gnome panel to auto-detect displays and have an extended desktop with proper screen resolutions on both your Ubuntu laptop and the Canonical cinema display. You would be able to buy Ogg and MP3 songs from major and independent music labels through a Rhythmbox plugin (the Magnatune and Jamendo plugins they have now are a good start). More importantly, all the printers and other peripherals sold at the Ubuntu store would be guaranteed to work with Ubuntu.

Ubuntu’s fruit would be free
How, some of you Ubuntu users are wondering, would this be any different from the Apple store? It sounds like an exact clone of Apple. We don’t want to be Apple. We want to be Ubuntu. We want to be different. We are not Windows. We are not Mac OS X. We are a Linux distribution. If people want a Mac, they should get a Mac. Leave them to their iPods and Apple TVs. This would be different, though, my dream Canonical store. It would be different in the only important way that Linux is different from OS X and Windows—the software would be open source.

It’s about software freedom, and that’s what the Canonical store would provide you with. Yes, there would be a limited number of default and recommended hardware combinations available at the Canonical store, but if Psystar (provided it still exists after the Apple lawsuit) wanted to sell Ubuntu preinstalled computers, instead of suing Psystar, Canonical would partner with Psystar. People could buy hardware from the Canonical store if they wanted their hardware to be guaranteed to work well with Ubuntu, but nothing would stop geeks from buying Linux-friendly hardware from NewEgg or TigerDirect (they could scour the out-of-date entries in Ubuntu Wiki entry on hardware support while the general public would walk into a Canonical store and not worry about doing all the research). Rhythmbox would be designed to work well with whatever portable media player Canonical sold, but the specs would be open so that anyone could use a regular MSC transfer on other portable media players.

If Ubuntu sets that up, I think they might actually have a chance of beating Apple, but it also means getting into the hardware business (or setting up a very close partnership with a hardware vendor).

What direction will Canonical go?
Of course, one could argue that Canonical could go the way of Microsoft and stay a software company (only with free software instead of proprietary software), but Windows can work that way because vendors support it instead of Windows supporting itself. You end up having to install a lot of drivers and software after a Windows installation just to get basic functionality. An Apple approach would be much more in line with a Ubuntu user experience, especially since the Linux kernel provides the drivers for hardware and package management provides all the software for the end user.

The Microsoft approach is “We make the operating system and very little else. All you hardware and software companies better just make sure your stuff works with our operating system.”

The Apple approach is “We make the operating system and the computers and the software. We’ll bundle it all together and make sure it works well together. It’d be awesome if you third-party people made your stuff work with our stuff, too.”

What should Canonical’s approach be? In my dream world (and I hope Mark Shuttleworth agrees with this), it would be “We make the operating system and highly recommend these computer configurations in order to work well with our software and will bundle everything together, but we have opened up the source code and specs for everything, so if you want to go a way other than our way, go for it. We fully support you in branching off and using something else.”

That might take care of Bug #1, or at least help Canonical surpass Apple.

I’m very glad my wife waited a year to get the second-generation iPhone. It has been quite difficult to actually get one, though. For a while, I thought it was some ploy by Apple to generate more demand and hype by pretending to have a limited supply and thus make the iPhones appear harder to get than they really are. After all, that worked for the Wii, except that Nintendo couldn’t get its act together even a year after demand for the Wii had swelled.

The long lines were a big put-off, and I kept thinking, “Why is there such a long line? Don’t they just sell whatever stock they have and then just tell people they’re sold out?” This thought came to me especially when I called one Apple store to ask if they had iPhones in stock, and they said, “Yes, we have them, but there’s a line, and it’s about a four- to five-hour wait right now.” Excuse me? Four- to five-hour wait? Who would do that? That’s crazy! I waited in line for three hours for the Uffizi in Firenze, but that’s because my friend who was studying there at the time said the Uffizi was the only tourist trap worth going to.

Well, today, my wife finally got her iPhone. She went to the Apple store downtown, and they said they didn’t have it. Then I suggested she try the new Apple store in the Marina, and she got there just as a truck full of iPhones was pulling up to the store. A line immediately formed in front of the store, and she was about the fourth in line. What was this line for? Why did the process take so long? Well, first they had to individually “pre-screen” each customer to make sure they had an AT&T account (yes, we’re in America, and AT&T is the only provider you can use with the iPhone) or knew the appropriate account information to switch from another provider. Then they had to take each customer and set up an account and activate the phone specifically for that account. In other words, it was all this AT&T business that made the lines so long. The entire process of waiting to be pre-screened, being pre-screened, getting the iPhone set up, and purchasing the iPhone took about an hour and a half… for one customer (my wife, in this case). Talk about inefficiency. But, hey, at least AT&T knows Apple isn’t selling iPhones to people who will just unlock it and use it with another provider. No, you’re locked into their two-year contract. They have their claws in you.

That said, the iPhone’s pretty slick. I wish they had a Linux-based (and pay-as-you-go) phone that was this slick. The only things I don’t like about it (user experience-wise) are

• You can’t easily remove apps you don’t care for.
• You can’t easily install random apps, and a lot of the specifically-made-for-iPhone apps cost money.
• A lot of the menu items do not have a back button to return to the main menu. I prefer a back button to pressing the main menu button.

So, buying experience—lame. Actual user experience—pretty cool. I think my wife will have a lot of fun with it. I’m happy with my crappy Virgin Mobile phone, though. I don’t need all that fancy stuff. I just want to make phone calls and occasionally check when the next bus is coming.

Before I started using Linux and getting into frequent online discussions with other Linux users about security issues, I had no idea about computer security. I thought having a login and password was enough to keep the “bad guys” out, should my computer ever be stolen. Most people I know think the same. My dad (who actually is quite tech-savvy and can, unlike me, program in several languages and build his own computers from scratch) thought a fingerprint reader on his Thinkpad would keep people from accessing his files, but I showed him (with the aid of Knoppix CD) that that wasn’t the case.

The truth is that most computer “security” for home users is bogus and just security through obscurity. It may (or may not, depending on how resourceful they are) keep nosy family members and friends out, but it won’t stop someone who’s stolen your computer from getting to all your files. Having separate passwords and usernames on a home computer (as opposed to authenticated on a domain at work) is mainly a way to just make it slightly inconvenient for others using the same computer to snoop into your files.

If they had a little bit of knowledge and really wanted to snoop, however, they could. In the case of Mac OS X or Ubuntu, all it would take is booting into single-user mode and copying your files to their folders and changing ownership of those files. Or, if they didn’t want to be stealthy about it, they could change your password and log in as you. In Ubuntu, Mac OS X, and Windows, if you have a live CD (like Knoppix), you can boot it, mount the hard drive, and read any and all files on the computer.

Of course, in addition to having a username and password, there are other ways to slow down intruders and snooping friends from exploring your computer’s contents (setting a BIOS password, for example). Ultimately, though, once physical security is compromised, your computer’s contents have been also compromised… unless your drive is encrypted.

Of course, if one single person learns anything new from reading this, then the obscurity is that much less obscure now than before, but this understanding leads to the next question of “Is security through obscurity better than no security at all?” The Pidgin developers seem to think it’s not, as you can read in their justification for storing instant messaging passwords in plain text. In answer to the question “But surely something is better than nothing, right?” they say No. When a Pidgin user looks at her accounts.xml file, she can tell immediately that it’s a sensitive file and should be treated as such. When an application attempts to ‘trick’ the user into thinking its passwords are secure by obfuscating it in some way, the user assumes it’s safe.

In one sense, I agree with this. I don’t believe in giving users a false sense of security. In another sense, though, I think what they’re saying is ridiculous. Most users of instant messaging programs never look to see whether their passwords are stored in plain text or not, so they will almost always assume it’s safe. What would make much more sense by their line of reasoning would be to have a huge warning the first time you launch up Pidgin saying “Instant messaging is never secure, and that’s why we store your password in plain text.”

I’m a little ambivalent about all this, if you couldn’t tell. On the one hand, I do believe that for most purposes (keeping snooping family members and friends out), having usernames and passwords for unencrypted data serves its purpose. In this regard, security through obscurity works. On the other hand, this does give people a false sense of security, as they may think that not having an autologin will prevent laptop thieves from getting their data. People won’t be careful when it comes to their data and the real “bad guys.” On a lighter note, they may think that forgetting their administrative password means they have to reinstall the entire operating system instead of just resetting the password.

I guess if it really comes down to it, I believe in education. I believe people should know what is secure and what is not secure. What do people think? I know I have a lot of tech-savvy folks (people who know a lot more than I do) who read this blog. Is it ever the case that security through obscurity is better than no security at all?