| DistroWatch Weekly
1 • Linux Mint (by MI Vinas on 2013-04-08 09:15:36 GMT from United States) |
IMHO clearly the best Distro out thanks for the review. Have not tried the Debian edition, just may now. Although it's hard to beat the main edition that "just works"...(oh lord Mac slogans I so apologize!)
2 • Pisi (by Ariszló on 2013-04-08 09:31:38 GMT from Hungary)
Quoting from the Pisi blog:
Some people also notice that Pisi Linux has gone from Distrowatch. The reason is that some people, with toddler behavior who are trying to destroy the project, love to contact Distrowatch under the name of the Pisi Linux project. This has also caused confusion at Distrowatch, and therefore Distrowatch has decided to pass back Linux Pisi into place when it is 'grow up'. But do not worry, all kittens have to grow up :) All we ask is a little patience ...
3 • Stable distribution releases only (by Alexandru on 2013-04-08 09:35:19 GMT from Romania)
The possibility to list only stable releases in the news sections is VERY welcome for me. Unfortunately, I have some issues with it:
1. Filtering out development releases removes also DistroWatch weekly from the news, which is not good in my opinion.
2. After trying this option, I was unable to add any comment in Reader Comments section at all, even after setting "All Releases" back.
I hope these issues will be addressed.
4 • Mint (Cinnamon) not best for gaming. (by morgan on 2013-04-08 09:53:14 GMT from United Kingdom)
Benchmarking games on various DE's has shown that gnome3/cinnamon to be the worst in fps of all the desktop environments.
You will get higher framerates with KDE,LXDE,E17.
With KDE you simply need to enable 'suspend desktop effects for full screen apps' - now KDE with give you full speed games.
Unity you can download ccsm (compiz settings manager) and enable undirect fullscreen windows and also get full speed - i.e
Its madness that KDE doesn't ship with 'suspend desktop effects for full screen apps' by default but apparantly some poxy drivers have issues, (KDE should make it automatically do this for nvidia users imo..) but at least that's solved just by the click of one button. So Ubuntu/Mint (i.e the most popular desktop distros) out the box will be below par for gaming
5 • RE: 2 Pisi (by ladislav on 2013-04-08 10:40:08 GMT from Taiwan)
That just adds another sinister dimension to the whole project. In 12+ years of DW I don't recall any "toddler behaviour" that would try to sabotage a project in this way. Another reason to give Pisi more time to mature and sort out the issues.
6 • ZFS vs btrfs (by Omari on 2013-04-08 11:25:56 GMT from United States)
Great explanation! My conclusion is that if you are a Linux user pondering ZFS vs btrfs your two best choices are: 1) go use a BSD and get the power of ZFS, or 2) stick with Linux and cobble together a solution using existing technologies like LVM. Neither ZFS nor Btrfs on Linux seems like much of an option.
7 • Btrfs and ZFS (by Pierre on 2013-04-08 11:40:17 GMT from Germany)
Both filesystems have their advantages and drawbacks.
Personally I would never run ZFS on Linux because of the little support it has by most of the Linux distributions and their communities.
And although ZFS is more mature I would recommend to try and run it under systems that heavily support ZFS and include it in their kernel, like the BSD- and illumos-based systems.
Currently I am acutally using Btrfs as my main file system under openSUSE 12.3 and haven't encountered any problems until today.
I much enjoy the features it brings. OpenSUSE has by far the best integration of Btrfs into the operating system. Snapshots are done when updates are done, giving an extra layer of security and the possibility to easily roll back the system to a previous state.
Additionally openSUSE's snapper tool helps a lot with making and managing snapshots, reviewing changes and even rolling back single files.
For me there is absolutely no reason for a ZFS adventure on Linux, although I would not like to miss the very mature and feature rich ZFS on the BSDs and illumos-based systems.
Greetings from Germany.
8 • Btrfs and ZFS (by DavidEF on 2013-04-08 12:58:16 GMT from United States)
Great to know that there are not very many real differences between the two, and it mostly comes down to which OS you're using. Now, how about a simple, layman explanation for what use a normal user would have for these advanced file systems. Is there a huge benefit of either of these over ext4 for example to a regular user? Or, are the benefits mainly for system administrators with huge server installations?
9 • the random distribution button (by Hugo Masse on 2013-04-08 13:39:28 GMT from Mexico)
I just wanted to congratulate you for the random distribution button, it's fantastic! I think it should actually read "distrohoppers paradise" or something like that, but it wouldn't be fair for first time visitors.
10 • News Filter+ (by zykoda on 2013-04-08 14:04:18 GMT from United Kingdom)
I'd vote for LTS (3+ years or RRs).
11 • Random distro? (by FormerDistroHopper on 2013-04-08 14:12:12 GMT from Germany)
A "Random Distro" button? With my luck, i'll get an ISO of a specialized console distro with tools for analyzing the sex life of fire ants, last updated in 2009, based on Cross-Linux-From-Scratch with a handbook in Chinese plus one in traditional Japanese, available for both Alpha and Sparc...
12 • Linux on Space Station (by octathlon on 2013-04-08 14:13:40 GMT from United States)
Great news about Linux on the ISS. The linked article is a good read. I'm always surprised when I hear about another case where critical systems have been running on Windows all this time. =:-O
13 • Btrfs and ZFS (re @ #8) (by Pierre on 2013-04-08 15:39:02 GMT from Germany)
As I wrote Btrfs has many nice features where the normal user with a single PC can benefit from as well as the administrator with huge server installations.
The question is how good solutions are integrated indistributions that are able to help the user to benefit from Btrfs and it's great advantages. Although it is not very complicated to do snapshots, diff comparisons on snapshots or to revert to a snapshot if you are familiar with the use of command line tools and not shy to get your hands dirty, it definitly needs a lot of time to become used to.
At the moment I only know of openSUSE's snapper that makes it a little more easier and delivers a GUI to such features.
Nevertheless I would still recommend to stay with ext4 until Btrfs becomes more mature and delivers kernel based fs check tools with it - especially on productive systems and despite the fact that I am already using it on my workstation.
That's the small drawback when you are using something that is still under heavy development - alhtough I find especially this a little frustrating regarding that it is under development since 2007, which means that the fs has had already more than 5 years to become mature and still isn't in every point.
14 • RE: 2 • Pisi by Ariszló (by FooFighter on 2013-04-08 16:11:09 GMT from United States)
So the PISI devs are basically saying they were framed by non-friendly people and they didn't send "unpleasant" things to the Distrowatch maintainers? The blog indicates there were many bad feelings with the former Pardus distro when the PISI tried to use the Pardus name in the past so they gave up and called it PISI after the package manager.
15 • LMDE (by David McCann on 2013-04-08 17:54:50 GMT from United Kingdom)
The new installer still needs a little work. It doesn't offer encryption (unlike Ubiquity in the ordinary Mint), only uses ext4, and occasionally crashes. If you get a crash, try rebooting in failsafe mode.
The software is excellent, though, and of course the Debian repo is much bigger than the Ubuntu one.
The man who wrote "For newer users, Ubuntu is still the best distribution choice overall." has obviously never tried Mint. Or Fuduntu, PCLinuxOS, Mepis, etc, etc.
16 • Mint's installer (by Ika on 2013-04-08 18:16:10 GMT from Spain)
" I'm hoping other Debian-based distributions consider adopting Mint's installer. There are a lot of Debian derivative projects out there and many of them lack a nice, graphical installer."
Yeah, Debian itself might consider adopting it. ;D
17 • re @ #16 - Mint Installer (by Pierre on 2013-04-08 19:06:29 GMT from Germany)
The Mint and the Debian installer are very different from one another - and for a good reason because they follow completely different design concepts.
The Mint installer ist aimed at being novice friendly, easy to deal with and is meant to simply copy over the disk image onto hard drive, as well as set up the presets and configure a bootloader.
It is a clean design, very simple and easy but as well by design very limited in options. It is good in copying over the system, adjust some very basic things for delivering a basic system everyone will be able to deal with.
On the other hand there is the Debian installer, which does not only offer a GUI for installing the system with basic configurations, but also an ncurses based text installer which works exactly the same like the GUI.
This limits your possibilities in design, nevertheless the Debian installer ist very flexible, you have a lot of choices, it's rock solid and does a great job in giving you many choices and possibilities which the Mint installer will never be able to dream of.
So I don't think Debian should change the installer because it would not be able to satisfy more professional needs.
Both installers do exactly what they are supposed to do but aim at completely different userbasis and usecases.
Mint's installer for example has never been able or been designed to meet the needs of server installs etc.
A Debian with a Mint installer would be a castrated one and therefore no Debian anymore. So what I want to say: Just always keep in mind what a piece of software was designed for.
18 • LMDE (by FSFer on 2013-04-08 19:10:04 GMT from United States)
The problem with LMDE doesn't become apparent until are running for some months, ie the update packs only are released every few months. Therefore to get timely updates, you have to change repos to the standard testing ( or sid) negating the proposed advantage of the update packs.
19 • Jesse's desktop (by Andy Prough on 2013-04-08 19:41:16 GMT from United States)
Jesse - you noted in DWW #500 that the same desktop did not work with openSUSE. Now, with Mint Debian not working, I'm wondering if you've got some kind of a hardware problem? I've got to wonder about that Radeon graphics card you are using - I've had much more luck since I started running Intel or Nvidia on my Linux rigs.
Otherwise, I liked this review. I'm glad that Mint seems to be building an effective Control Center with some very useful tools. One thing I miss when I try distros other than SUSE/openSUSE is the YAST2 Control Center. Mint could gain a lot of converts simply by continuing to evolve their admin tools.
20 • Hardware (by Jesse on 2013-04-08 20:34:19 GMT from Canada)
>> "Jesse - you noted in DWW #500 that the same desktop did not work with openSUSE. Now, with Mint Debian not working, I'm wondering if you've got some kind of a hardware problem?"
Since I use the same desktop almost every day with one Linux distribution or another I think it would be more accurate to say some distributions have a hardware support problem. A few years back when I first started using my laptop with its Intel wireless card many people raised the same question. Some distributions worked with it, but many wouldn't detect the card. Now, a few years later, every distribution I throw at it seems to work on this laptop. The laptop hasn't changed, but support has grown much better. I suspect the same will be true of the desktop machine. Right now some distributions aren't booting on it, but as time goes by support for my hardware will likely trickle down to them. The hardware works just fine when paired with distributions with proper support.
21 • LMDE (by Sam on 2013-04-08 21:14:14 GMT from United States)
Another plus for LMDE versus Ubuntu or even Mint 14 is LMDE's support for all the Python and Perl libraries necessary to run several scientific programs including Grass, QGIS and R. On Ubuntu many R packages conflict with Ubuntu's maintained Perl libraries and QGIS installs on Ubuntu with broken support for the python library necessary to add/manage extensions.
22 • LMDE (by mz on 2013-04-08 23:10:45 GMT from United States)
After rolling off of a working kernel on LMDE update pack 5 to a bad one on update pack 6, I just used the Device Driver Manager to switch to a 686 based kernel. It works great so far, but rolling onto a bad kernel was a little disappointing. At lest now it'll default to a working system. LMDE is still good, but I like PCLOS better overall for a rolling release type system.
I stopped booting into vista a long time ago & have no regrets, but I did leave it there. Leaving an old copy of Windows on your system is probably the preferred option for most, even if you never use it like me you might need some Windows software sometime.
23 • Btrfs and ZFS (by Oko on 2013-04-08 23:15:20 GMT from United States)
The main difference between ZFS and Btrfs is that one exists (ZFS) and the another one doesn't! The second difference is that ZFS requires Solaris kernel or at least ability of the host operating system to run paravirtualized Solaris kernel while the second one requires Linux kernel. The third difference is that a FreeBSD developer who lives on the another side of Atlantic and doesn't know too much about U.S. legal system thought that CDDL meant Free so he wrote the code which enables FreeBSD to run paravirtualized Solaris kernel. However, we who live on this side Atlantic know that CDDL is not free so we pay to run Solaris when we need ZFS and need not to switch our operating system just to use cryptography with ZFS. Btrfs is not going to have the same luck as there are too few developers of FreeBSD left who are not running OS X and have any need to hack FreeBSD as they can install Linux in the VirtualBox just as FreeBSD on their beloved MAC.
Finally, it is too bad that Jesse was consumed by getting latest KDE working and his wireless card recognized by DragonFly BSD while writing a review for this flavor of BSD as he would have discovered another fully functional, free, and open source journaling file system called Hammer which doesn't require 32 GB of RAM like ZFS and could actually be used even on his laptop. Ahh so long another day in the search for that perfect distro which will run the latest KDE, recognize that broadcom crap and win printer.
24 • LMDE / 32 bit vs 64 bit (by kernelpanic! on 2013-04-08 23:17:52 GMT from Germany)
I personally prefer LMDE over the .buntu-based versions because of the phantastic feature of rolling release package handling. just tired of eternal new installations => install once and forget. plus you have 3 choices: 1.safest: stay with default mint repos, 2. testing: my choice, 3. unstable: if you want bleeding edge and are not afraid to play with occasional breakages.
this combined with about 40000 packages ... what more could I ask for?
25 • LMDE died on me (by mz on 2013-04-08 23:30:02 GMT from United States)
Odd, it seems like LMDE wants to roll over & die after the second boot with the 686 kernel. I think it may have done the same thing when I installed update pack 6. I was hoping the new Device Driver Manager would fix it without further tweaking. Very disappointing.
26 • "We have removed Pisi Linux from DistroWatch." (by Lumberjack on 2013-04-09 09:57:34 GMT from Sweden)
Not to take away, ( http://www.pardus-anka.org/en/ ) is create confusion about leadership in the project. Poor organization of leadership has probably created an unsustainable project. Not to appoint a leader or someone who takes on a leadership role in the project is a disaster. Someone who is responsible for all contacts with the media/DistroWatch. Being kicked out of "DistroWatch" because of bad behavior equals a dead project. It's probably a likely fate for the project Pisi Linux.
27 • Passwords (by MervPatrick on 2013-04-09 11:37:43 GMT from Australia)
As an ardent Linux Fan mainly Linux Mint and Ubuntu i am in a quandary as to why we have to have these annoying passwords for everything least little thing we do. Now as a single (sole) user in my household i think it is totally unnecessary.
Oh i can just see the Linux diehards crying into their Lentil soup at the very idea of not having passwords, but could we not have a choice at the installation point as to whether we want to use passwords or not. just a thought as it drives me crazy.
28 • Why the new Ubuntu GNOME had not been added to DistroWatch (by ange on 2013-04-09 14:01:02 GMT from Hungary)
Because it's lighter, faster, more usable than the Unity version, but Unity can steal all points from this derivant. Funny.
29 • re @ #27 - Passwords (by Pierre on 2013-04-09 17:11:53 GMT from Germany)
We all are in heavy need for not only passwords, but save passwords. This is simply a matter of security.
But actually you don't have to set a user password when creating a new one, only the root user has to get a password.
In the KDE wallet - if you use it - you can configure it to never close an open wallet and so you need to only type your password once.
Non the less I really recommend to simply see passwords as a must have. The few seconds you need to type it in are worth the effort.
30 • Passwords are a nuisance (by Herbert Thornton on 2013-04-09 17:18:56 GMT from Canada)
MervPatrick dislikes having to use passwords. I hadn't given the idea much thought, but having read his proposal that we should be given a choice, right from the start, to use passwords or not, I agree with him completely. For all my purposes, passwords are completely unnecessary. My own favorite Linux is Peppermint3 - so much so that every time I've tried something else, I always come back to it - but I would like it even better without a silly password. Peppermint is already better than any Windows or Mac program, so how about it, Peppermint?
31 • Passwords (by Pearson on 2013-04-09 19:58:53 GMT from United States)
We have this discussion here at DWW every so often (monthly?). There are some intelligent people who agree with the idea of disabling passwords (or running as root). My concern is that it's not at all obvious the manner of things that can be compromised without a password. Even if it's offered as an opt-in option, the first time someone had their identity stolen, the "Linux is insecure" headline would be all over the place.
If you *really* hate passwords, then there are ways in many distros to set the password to an empty string (effective no password) or just on letter. I certainly do *not* recommend this!
32 • 27 passwords (by mandog on 2013-04-09 21:24:42 GMT from Peru)
I can't believe your comment or logic
What made windows so insecure the lack of security ie not using a password
So you want the same thing with Linux Well just login as xxxx BUT DON'T come here complaining when all has gone wrong?
Or go back to windows and get yourself a nice big root virus
Linux is about security security means you use a password now that is not hard is it.
33 • Passwords (by Ika on 2013-04-10 08:04:34 GMT from Spain)
I agree with @27. It should be an opt-in. If we’re speaking about freedom and highly claiming it, then let the user have plenty of freedom in his decisions.
Let’s see: say I’m setting passwords everywhere I can - root, user(s), boot, drives, partitions, every app/program, and whatever can be encrypted, and creating very “secure” ones (LOL! - 20-30 characters each password) -, this is useful just to prevent intrusion on a PHYSICAL access in a machine.
Once accessing a internet site/page (video, audio, news, social, whatever you like), opening a P2P client, a mail, etc..., what kind of protection is offering a password?
”Or go back to windows and get yourself a nice big root virus”
Is a password acting like an antivirus? Or like a firewall?
So, @32, I don’t understand your aggressive reply. Either in Windows can be used passwords as in Linux if someone want/need so.
34 • @ 33 • Passwords (by greg on 2013-04-10 08:39:44 GMT from Slovenia)
"what kind of protection is offering a password?"
if you donwload a malware it would need to know your password in order to access system files or to be able to run itself. without it it can not run. it doesn't magically protect your mashcine. but it's a security layer. the more layers you have the more difficulty to get infected or have the system compromised.
35 • passwords and security (by david on 2013-04-10 09:28:52 GMT from United Kingdom)
@34 - there is no such thing as security. There is either secure or not secure. Even if it is thought that there is 99% secure then that means the system is not secure. Its one of those black and white issues no grey. People say a lot about security by passwords and questions but really this only makes it difficult to get in - security by difficulty if you will. But not secure.
36 • @34 greg (by Ika on 2013-04-10 10:24:18 GMT from Spain)
"if you donwload a malware..."
Suposing you are downloading a picture. a video, a book etc.
How do you know if your download is or contain a malware?
Don't tell me: "Use trusted sites." This is very relative.
37 • security (by Brandon Sniadajewkski on 2013-04-10 11:50:53 GMT from United States)
There is a delicate balance between security and usability. By going off what david said; the only secure machine is one that's turned off, but it's not quite usable until it's turned on, then it's not secure, until... well you get the picture. Passwords, security updates, anti-malware, etc. are all reasonable measures to prevent someone else from compromising your machine while still giving you the ability to use your machine for what you want/need to do.
38 • Pisi Linux (by Murat on 2013-04-10 12:02:00 GMT from Belgium)
About Pisi Linux
It's one thing to remove Pisi Linux from Distrowatch (DW), it is an entirely different thing to accuse the project of being "immature", the communications being "unpleasant" and "disrespectful" (while there is only ONE email made to DW in reality).
Blindly believing anyone who claims to be a Pisi Linux team member is not what we expected from DW.
Only ONE Pisi Linux member contacted DW only ONCE (email: http://forum.pisilinuxworld.org/index.php?topic=82.msg282#msg282).
So, of which 'communications' are we talking here exactly? Who made which requests to DW?
Someone impersonated to be a Pisi Linux member and DW believed this person without even questioning their statements, disregarding every attempt by Pisi Linux to clarify this matter.
No one has the right to throw mud at this project.
The Pisi Linux project is not chaotic. Everything about Pisi Linux is open and transparent. Pisi Linux team members are listed on their Github page at https://github.com/pisilinux?tab=members. Pisi Linux' official websites are: www.pisilinux.org and www.pisilinuxworld.org (email: email@example.com).
Pisi Linux community
39 • #15 Ubuntu - Mint (by Rev_Don on 2013-04-10 14:47:03 GMT from United States)
>>> The man who wrote "For newer users, Ubuntu is still the best distribution choice overall." has obviously never tried Mint. Or Fuduntu, PCLinuxOS, Mepis, etc, etc.<<<
Matt Hartley wrote that, and having followed him for quite some time I can assure you that he has tried Mint, and more than likely all of the distros you mentioned. You are taking his comment out of context in that he was specifically comparing Ubuntu to OpenSuse. In that defined context he feels that Ubuntu is the better choice for new users, and most knowledgeable users would more than likely agree. The complete article can be found at http://www.datamation.com/open-source/opensuse-and-ubuntu-compared.html
In a more general context he would probably be referring to Ubuntu in a broader sense including it's various derivatives and distros based on it (Mint, Pinguy, Xubuntu, etc.). I can't speak for him, but if asked I'm positive that is what he would say. At least that is the way he has come across on various pod casts and posts that I have seen/heard of his.
There are numerous ways to contact him and I'm sure that he would be more than willing to clarify that statement for you.
40 • The Pisi Linux project. (by Lumberjack on 2013-04-10 14:53:48 GMT from Sweden)
A sad story, ("Murat Özen"). How can it be so wrong? You must obviously be educational with information to DW. DistroWatch failed to perform a simple check of the facts and truth. I must apologize for my conclusions in the previous comment about Pisi Linux. I think DistroWatch will give Pisi Linux project a comprehensive excuse for a hasty action.
In my country, you are innocent until proved guilty.
41 • zfs vs. btrfs (by mj@ on 2013-04-10 19:50:13 GMT from United States)
I had the same question a few days ago, and did a Google search "zfs vs btrfs"... first entry in the search results was this link:
Which lists by topic specific areas where ZFS has advantages over BTRFS in both design concepts (tree structure) and implementation. I found this article very informative.
Also, the ZFSonLinux project announced on March 28th, 2013:
"Today the ZFS on Linux project reached an important milestone with the official 0.6.1 release! Over two years of use by real users has convinced us ZoL is ready for wide scale deployment on everything from desktops to super computers. " the article went on to list new repositories for Fedora, Debian, etc....
Hope this helps :-) --marc
42 • malware (by Dave Postles on 2013-04-10 20:21:04 GMT from United Kingdom)
If the malware is known, then you can check your downloads with Clamtk. If it's new, of course, then there may not be a signature for that one. If you want higher security, you can run LPS with no hard disk.
43 • 27 passwords (by Serge on 2013-04-10 23:44:12 GMT from United States)
Other options include using sudo to perform administrative tasks. It is possible to configure sudo to be invokable without entering root's password. The time before sudo requires root's password again is also adjustable. I've never tried this, but I remember reading about a configuration that enables sudo password state to carry over across multiple virtual terminals and pseudo terminals, meaning that if you type in root's password for sudo on one tty / pty, you won't need to on the others.
Another approach is to use Kerberos. You can set up true "single sign-on" (SSO), where you type your password once and never again until next time you boot your computer. Furthermore, using the keytab file in lieu of passwords makes it possible to get Kerberos to initialize the user without the user having to enter the password even a single time.
But setting up Kerberos isn't something for novices. That's one of several security areas (another major one that comes to mind being native access control / hierarchal permissions for files and directories, without the use of ACLs) that Windows kills Linux in. Windows has had built-in Kerberos support since Win 2k, and Kerberos is MIT / Unix technology originally! I really think that good, hassle-free Kerberos support in a default install is an area that the big distros seriously need to focus on.
44 • @36 passwords (by greg on 2013-04-11 06:53:42 GMT from Slovenia)
@34 greg (by Ika on 2013-04-10 10:24:18 GMT from Spain)
"if you donwload a malware..."
Suposing you are downloading a picture. a video, a book etc.
How do you know if your download is or contain a malware?
Don't tell me: "Use trusted sites." This is very relative.
45 • Passwords (by Herbert Thornton on 2013-04-11 17:07:07 GMT from Canada)
There seems to be a good deal of heat generated over having passwords. But isn't the most important question - do you record on your computer, personal information that a hacker can steal and use to cause you serious financial loss?
So long as you NEVER entrust things of that sort on your computer, why bother with passwords?
If you suspect that malware has got into your computer - e.g. your computer is malfunctioning - why not just format the hard drive and re-install your o/s?*
*I concede that if you are using Windows, re-installing is not always be possible - Microsoft have put such unreasonable limits on doing it.
46 • the only secure machine... (by imnotrich on 2013-04-12 01:58:34 GMT from Mexico)
Leaving a computer turned off is not "secure" unless the bios "wake on lan" feature has been disabled.
Also helpful if you never connect to the internet, never use removeable media and install nothing.
47 • @45 Passwords (by greg on 2013-04-12 07:01:43 GMT from Slovenia)
Unfortunatelly it is not that easy. for example i have digital signatures on my computer. sure i could move them to USB key. but i do not think this is the biggest issue. since even if you stole them you would still need my password to use them.
problem each persons computer stores plenty of personal data. often we do not even realise what things are stored there that would help others steal our identity. aside from theft of personal data there are other types of malware we should be worried about - such as hijacking computer to attach other computers. installing keylogger so that everytime you type a password or credit card number that info is transmitted to thieves, to the more mundane malware that corrupts your data (e.g. family photos, work documents, videos...). reinstalling the OS doesn't even always help. if the malware installed a rootkit reinstalling the OS won't solve the issue. let's not even start about special targeted malware (such as for example stuxnet) that attacks, steals and damages corporate data.
which is why the OS needs various security layers to make it as difficult as possible for these kind of events to occur. password is just one of the layers.
windows also has similar password settings as linux nowadays. the issue are it's default settings (no password & root access) that just invite malware and also some security holes that they take their time to patch (if they patch them at all).
48 • Throwing my bits in...AKA "RE: Passwords" (by DavidEF on 2013-04-12 14:54:55 GMT from United States)
I believe in using passwords, and making them as "hard to guess" as they are "easy to remember." I think a balance is definitely called for. For giggles, here is a XKCD webcomic about the issue of "secure passwords" and remembering versus guessing:
However, I agree that passwords, just like everything else in the system, should be easy to configure, and choosing "Yes" or "No" at install time is alright by me. I will always choose "Yes", of course, but why shouldn't someone get to choose "No"? Then again, isn't this a moot point, because some distros do, in fact give you this choice in the installer? I'd never advocate that ALL distros "should" do this, or anything else, because then again, choice becomes limited. There are even distros that choose to run as root with no password, by default. See, something for everyone! Are we happy now?
49 • Layers, too... (by DavidEF on 2013-04-12 15:01:27 GMT from United States)
Oh, forgot to mention this: I think the idea of passwords being one of several security layers is a perfect analogy, and lets BOTH sides be right! From one side, there is the view that the more layers, the better, so using passwords (strong ones!) makes sense. From the other side, it can be said that choice allows us to use the layers we want and not use the ones we don't want. I'm pretty sure this is the approach that Puppy linux takes. When I'm in bed, sometimes I want only a sheet, sometimes a sheet and blanket, sometimes no covering at all (who turned off the A/C anyway?). If we believe in choice, then it makes sense to let people do with their own computer what they wish.
50 • Passwords (by Rev_Don on 2013-04-12 16:49:17 GMT from United States)
If you are so bound and determined to run without passwords and your distro of choice isn't giving you that option then use a little common sense and use a single letter password and quite bellyaching about it. It's not worth the aggravation to get all worked up about something so simple.
51 • Passwords Yet Another Rebuttal (by Sarcastic Security Enthusiast on 2013-04-13 16:48:50 GMT from United States)
A Secure Computer has: a fully encrypted hard drive with truecrypt hidden OS option
A Secure Computer has: the shadow/sam file stored on an encrypted usb drive
A Secure Computer has: a yubikey* to log into your account
A Secure Computer is: left powered down when not in use
A Secure Computer has: an unplugged network cable at least 1 metre from the computer, chopped into 27 different pieces and network ports on computer are sealed
A Secure Computer has: has only 2 read port, no card readers, no firewire or all (but two usbs) sealed with concrete or epoxy, like your network ports
A Secure Computer has: no CD/DVD drive
A Secure Computer has: Loads of anti-forensics software, scripts and hacks installed and set up to run on boot
A Secure Computer has: the case welded shut
A Secure Computer is: locked in the most secure safe money can buy and guarded by mercenaries or your own private army
A Secure Computer has: A 100Kt nuclear fail safe in case anyone gets past your army/mercs and gets near the safe
A Secure Computer is: otherwise useless
(was going to add an emp to this but with the NUCLEAR fail safe device that should effectively destroy the data)
*this is actually a good idea 1 yubikey can used for many accounts local and internet. http://www.yubico.com/
It is true that there is no totally secure computer anywhere because security (cyber and physical) isn't an absolute state but an ongoing process. You need to use as many layers of security as you deem necessary. Not even Secure Shell (ssh) is totally secure but it is still widely used. Basically as soon as there is a new security measure taken, you can be sure there is somebody somewhere trying to break, crack, or bypass it in some way, shape or form.
Think of an old style scale with two plates balanced on either side. Security on one side and Convenience on the other. No matter which side you pick to improve the other will drop. As others have said it's a delicate balance. See AT&T and Auernheimer, AT&T thought they'd save people the huge hassle of typing in their email address when setting up a new ipad on the AT&T server by getting them to register it and all it took was some thought and a script to get all of these email addresses. More convenience usually means less security. More security usually means less convenience
Passwords in Any Windows System ARE A JOKE!! Don't believe me? Go watch a few seasons of Hak5 and check out this link http://www.piotrbania.com/all/kon-boot/ (yea I know requires physical access) Kon also works a good deal of Linux systems to.
Another really good security tip is CHANGE as many DEFAULTS as you can. Settings, Ports, Passwords (router, etc..)
btw I don't personally use the following:
Use an OFFLINE password manager and set all your passwords from this site https://www.grc.com/passwords.htm but don't use these to log into a local account it sucks trying to type in 63 characters only to mess up and have to try again. This way you'd only have to remember two or three really strong passwords, Account logins, Master password for your password manager, and any disk encryption
@50 +1, best advice for MervPatrick!
another method is picking an easy to remember password like love, sex or god. WHATEVER you pick "love" "a" or "mervpatrick" make sure you use it everywhere you login, facebook, gmail etc.. so you only have to remember 1 password. Don't be afraid to post your password on fb, twitter, email it to your friends so if you forget your friends can remind you. And it's too bad Richard Stallman's password hack doesn't still work, "press the enter key twice" that's really easy to remember
52 • Passwords (by Terence on 2013-04-14 02:03:47 GMT from United States)
I am not responsible for having come up with the following, though I follow the format for my own passwords.
A password should be divided into three components. The first component is a "base word" that is used in every password. For our example, let us use the word "mother." The second component is an identifier associated with a specific site or function you need the password for. In the case of Facebook, you could use the word "face" or even "facebook." The final component is a series of characters such as the !, $, or *. You want to use at least 12 of these same characters in a row.
So using the above example, your Facebook login could be "motherface************" which is very easy to remember, very secure (as a hacker does not know your passwords length nor does he know which common words you are using), and a great password to use.
Obviously you will want to create your own variation on this format to add a bit of security. You can use uppercase letters where you see fit, as well as leetspeak by replacing letters with numbers. It is a great system to use.
53 • @52 (by Sarcastic Security Enthusiast on 2013-04-14 02:54:07 GMT from Canada)
Eerily like my own system, yet different in ways. I use a three part system as well
1. I use a base word with substitutions for some special characters
2. Then an identifier for local, internet, etc...
3. Finally I pick a word to remind about the service then encrypt it in my head with a key code that I can write down on piece of paper. As long as you never speak the base or reminder word aloud your password should be pretty safe unless someone can get good clear video of you typing it in.
what it sounds like in your head:
base i reminder (i for internet)
what it would look like:
B@s3id!g2u3M4 (13 characters)
all you have to do is change the words make a cyptro scheme you could also memorize it and destroy the paper copy if ur super aluminium foil hat paranoid
in my pervious post i had tagged the post with but i closed them like html and messed everything up and added line breaks. So my bad. Inspect the element if you want some minor lolz
54 • For a secure password, I use ... (by Fairly Reticent on 2013-04-14 17:51:29 GMT from United States)
... wait, why would I post it here? Do I have "stupid" stenciled on my forehead!?
(Isn't copper mesh easier to mold to your preferred hat/stocking-cap shape? Of course, for proper operation it should be grounded, say with fine-stranded copper wire to your sole ... ;-)
Number of Comments: 54
Display mode: DWW Only • Comments Only • Both DWW and Comments
|• Issue 569 (2014-07-28): Deepin 2014, Ask Fedora, Gentoo and LibreSSL, encrypted package downloads|
|• Issue 568 (2014-07-21): Antergos 2014.06.24, Mint based on Debian stable, upgrading CentOS, BinaryTides|
|• Issue 567 (2014-07-14): Manjaro 0.8.10, PC-BSD jails, Debian and glibc, Fedora's DNF, Xiki and Opera 24|
|• Issue 566 (2014-07-07): LXLE 14.04, OpenBSD's SimpleDE, openSUSE artwork, home security basics|
|• Issue 565 (2014-06-30): Chakra 2014.05, Fedora on BeagleBone, Matthew Miller interview, e-book readers|
|• Issue 564 (2014-06-23): Antergos 2014.05.26 and Q4OS 0.5.11, Debian LTS and glibc, Fedora DNF|
|• Issue 563 (2014-06-16): Mint 17, CentOS 7 pre-release, Debian MATE, accessing encrypted content|
|• Issue 562 (2014-06-09): GoboLinux 015, Gentoo interview, Fedora leader change, climagic tricks|
|• Issue 561 (2014-06-02): OpenMandriva 2014.0, Debian GNU/Hurd, Lubuntu and LXQt, Final Term, TrueCrypt|
|• Issue 560 (2014-05-26): KaOS 2014.04, Wayland and KDE 5 on Fedora, distros with commercial support, DenyHosts|
|• Issue 559 (2014-05-19): VortexBox 2.3, LTS-only Linux Mint, FreeBSD 11 ambitions, KDE 5 beta|
|• Issue 558 (2014-05-12): RHEL 7 Workstation impressions, LXQt and Lumina, Haiku interview|
|• Issue 557 (2014-05-05): Xubuntu 14.04, Ubuntu 14.10 roadmap, Fedora Workstation, ownCloud|
|• Issue 556 (2014-04-28): Ubuntu 14.04, LibreSSL, Lumina desktop, Deepin interview|
|• Issue 555 (2014-04-21): Robolinux 7.4.2, Ubuntu release day stats, Debian security, Porteus update|
|• Issue 554 (2014-04-14): Review of FreeNAS, OpenSSL bug, Fedora.next, Robolinux Stealth VM, measuring memory|
|• Issue 553 (2014-04-07): Puppy 5.7 "Slacko", end of Ubuntu One, file encryption with GPG|
|• Issue 552 (2014-03-31): Tanglu 1.0, Ubuntu GNOME LTS, SliTaz for ARM|
|• Issue 551 (2014-03-24): Linux Mint "Debian" 201403, call for end to proprietary firmware, LVM|
|• Issue 550 (2014-03-17): Review of NixOS 13.10, Lubuntu seeking feedback, Android-x86 4.4-rc1 impressions|
|• Issue 549 (2014-03-10): ClearOS 6.5 and UCS 3.2, Gentoo interview, Ubuntu app contest, Into the Core|
|• Issue 548 (2014-03-03): Review of Mageia 4, FreeBSD console driver, filtering web content, Pitivi fundraiser|
|• Issue 547 (2014-02-24): Chakra 2014.02, Ubuntu privacy, preventing unwanted remote logins|
|• Issue 546 (2014-02-17): Review of PC-BSD 10.0, Red Flag closure, Ubuntu and systemd, SlackE18, Fedora book review|
|• Issue 545 (2014-02-10): Impressions of FreeBSD 10.0, Debian votes systemd, Ubuntu file manager, server security|
|• Issue 544 (2014-02-03): Netrunner 13.12, openSUSE future, Ubuntu Touch in emulator, running commands in multiple places|
|• Issue 543 (2014-01-27): Review of Korora 20, FreeBSD 10.0, DNF, ZFS rescue CD, Bridge Linux interview|
|• Issue 542 (2014-01-20): QupZilla, Ubuntu with MATE, Arch on Raspberry Pi, best applications|
|• Issue 541 (2014-01-13): openSUSE 13.1 and Zentyal 3.3, CentOS joins Red Hat, Bodhi on Chromebooks|
|• Issue 540 (2014-01-06): SMS 2.0.6 and SME Server 8.0, Hawaii desktop, PHR statistics 2013, more on multi-part archives|
|• Issue 539 (2013-12-23): Centrych 12.04.3, Fedora 20 and its spins, dividing archives across multiple discs|
|• Issue 538 (2013-12-16): Mint 16 review, RHEL and CentOS 7 plans, SteamOS, Windows XP replacement suggestions|
|• Issue 537 (2013-12-09): OpenMandriva 2013.0, Gentoo developer interview, project Neon, Linux Mint and security|
|• Issue 536 (2013-12-02): Impressions of openSUSE 13.1, Ubuntu Touch, FreeBSD 10 delay, troubleshooting OS lock-ups|
|• Issue 535 (2013-11-25): GhostBSD 3.5, Debian and MATE, Ubuntu 14.04 features, security updates|
|• Issue 534 (2013-11-18): Review of OpenBSD 5.4, Fedora on ARM, menu names vs command-line names|
|• Issue 533 (2013-11-11): Point Linux 2.2, Pisi update, Debian and Xfce, Bruno Cornec interview|
|• Issue 532 (2013-11-04): Ubuntu and Kubuntu 13.10, Debian's init, FreeBSD's PKG-NG, Linux on ARM|
|• Issue 531 (2013-10-28): PC-BSD 9.2, openSUSE testing, nftables, upgrade pros and cons|
|• Issue 530 (2013-10-21): Kwheezy 1.2, DPL interview, Zenwalk's future, keeping up with vulnerabilities|
|• Issue 529 (2013-10-14): Ubuntu's Mir, dmesg and photorec tips, Tiny Tiny RSS|
|• Issue 528 (2013-10-07): Semplice 5, Haiku package management, Klaus Knopper interview, making custom distro|
|• Issue 527 (2013-09-30): Tiny Core Linux 5.0, SteamOS, moving operating system to new computer|
|• Issue 526 (2013-09-23): Look at ArchBang 2013.09.01, BSD Now, kernel stats, command-line tips|
|• Issue 525 (2013-09-16): The Official Ubuntu Server Book, FreeBSD 10 and OpenBSD 5.4, Skype alternatives|
|• Issue 524 (2013-09-09): Look at LXLE 12.04.3, Ubuntu's new package format, Secure Boot and dual-booting|
|• Issue 523 (2013-09-02): OpenIndiana 151a8, openSUSE "Evergreen", GNOME and DuckDuckGo, running apps from RAM|
|• Issue 522 (2013-08-26): Look at gNewSense 3.0, Ubuntu Edge fundraising failure, exploring GPL|
|• Issue 521 (2013-08-19): Review of Korora 19, Fedora considers return to "Core", Haiku package management|
|• Issue 520 (2013-08-12): Salix OS 14.0.1 "KDE", Xubuntu experiments with XMir, managing passwords with KeePass|
|• Issue 519 (2013-08-05): Review of Porteus 2.0, Kubuntu lays out plans for Wayland adoption, adjusting system swappiness|
|• Full list of all issues|