| DistroWatch Weekly
|DistroWatch Weekly, Issue 713, 22 May 2017
Welcome to this year's 21st issue of DistroWatch Weekly!
It is in the nature of the open source community to create new copies (also called forks) of existing technologies and attempt to improve them. Sometimes forks are created to rescue a dying project, other times there are differences in opinion on the direction a project should go. This week we talk a bit about forks and similar, competing technologies, beginning with a look at ROSA. The ROSA distribution was originally forked from Mandriva and is now maintained independently. We talk more about ROSA and its Plasma edition in our Feature Story. Also this week we talk about SELinux and related security technologies like AppArmor and provide an overview of how these two competing features improve an operating system's security. In our Opinion Poll we ask how many of our readers are using security features such as SELinux to protect their systems. Plus we discuss new networking features coming to Fedora, FreeBSD's latest status report and the UBports project setting up an app store to replace the Ubuntu Touch store that Canonical has decided to discontinue. We are also sad to announce the Parsix project will be shutting down in the near future. In addition we share the releases of the past week and provide a list of the torrents we are seeding. We wish you all a wonderful week and happy reading!
- Review: ROSA Fresh R9
- News: Fedora plans new networking improvements, FreeBSD's Quarterly Report, UBports sets up its own app store, Parsix project to shut down
- Questions and answers: How SELinux improves security
- Released last week: Untangle 13.0.0, elementary OS 0.4.1, Parrot Security OS 3.6
- Torrent corner: elementary OS, Emmabuntüs, OBRevenge, PCLinuxOS, ReactOS, ROSA, Untangle
- Opinion poll: SELinux and AppArmor
- New additions: SharkLinux
- New distributions: NHSbuntu, Gatter Linux, All in One - System Rescue Toolkit
- Reader comments
Listen to the Podcast edition of this week's DistroWatch Weekly in OGG (54MB) and MP3 (40MB) formats.
|Feature Story (by Jesse Smith)
ROSA Fresh R9
ROSA is a desktop distribution that was originally forked from Mandriva Linux, but now is independently developed. While the company which produces ROSA is based in Russia, the distribution includes complete translations for multiple languages. The ROSA desktop distribution is designed to be easy to use and includes a range of popular applications and multimedia support. ROSA R9 is available in two editions, one featuring the KDE 4 desktop and the second featuring the KDE Plasma 5 desktop. These editions are scheduled to receive four years of support and security updates.
I decided to download the Plasma edition of ROSA R9 and found the installation media to be approximately 2GB in size. Booting from the ROSA disc brings up a menu asking if we would like to load the distribution's live desktop environment or begin the installation process. Taking the live option brings up a graphical wizard that asks us a few questions. We are asked to select our preferred language from a list and accept the project's warranty and license. We are then asked to select our time zone and keyboard layout from lists. With these steps completed, the wizard disappears and the Plasma 5.9 desktop loads.
ROSA R9 -- The application menu
(full image size: 208kB, resolution: 1280x1024 pixels)
ROSA's desktop features a soft, blue background. On the desktop we find an icon for launching the project's system installer. An application menu, task switcher and system tray are placed on a panel at the bottom of the screen. The application menu, I was surprised to note, uses the classic tree style menu rather than one of the more common split-pane or application grid layouts. Personally, I found the tree style menu with a search field a welcome change. While exploring the live desktop environment, I found opening the Firefox web browser would display release notes for the ROSA distribution.
ROSA features a graphical system installer which should feel familiar to anyone who has used other members of the Mandriva family of Linux distributions. The installer begins by asking if we would like to manually partition our hard drive or automatically use the available space. Manual partitioning is fairly straight forward and the partition manager provides a nice, visual representation of the disk. I feel it is worth mentioning that taking the automated partitioning option immediately causes the hard drive to be formatted and the operating system to be installed, there is no confirmation screen or further configuration checks. Once the operating system has been installed we are asked where to install the project's boot loader. This option can be skipped if we already have a boot loader installed. The system installer then gets us to create a password for the administrator's account and we are asked to provide a name and password for our regular user account. The following screen asks us to select which services (CUPS, Samba and OpenSSH) should be run in the background. With these steps completed, the installer exits, returning us to the live desktop environment.
When we reboot the computer and launch our new copy of ROSA the distribution brings us to a graphical login screen. From the login screen we can sign into the KDE Plasma desktop. On the desktop the system installer icon has been swapped out for an icon which opens the Dolphin file manager. The ROSA desktop is fairly uncluttered and I rarely saw any notifications or distractions. One of the few exceptions was, a few minutes after logging in, sometimes a notification would appear to let me know software updates were available. Clicking the update icon in the system tray would launch a graphical update manager. During my trial there were not many new security updates, just six which totalled about 1MB in size. These updates installed quickly and without any problems.
I tried running ROSA in two test environments, a VirtualBox virtual machine and a desktop computer. In both environments, ROSA detected and used all of my hardware. In the VirtualBox environment, ROSA automatically enabled VirtualBox guest module support, allowing me to make use of my computer's full screen resolution. My desktop computer's audio and networking worked out of the box and I was able to set up my HP printer with a few mouse clicks in the settings panel. In either test environment, ROSA used about 420MB of memory when logged into the Plasma desktop.
My one issue with regards to hardware was that ROSA's Plasma desktop was sluggish, both on the desktop computer and in the virtual machine. There always seemed to be a brief pause between my input and elements on the screen responding. This appeared to be an issue with the Kwin window manager as it was regularly using more of my CPU than most of the other processes on the system. I found disabling visual desktop effects in the Plasma settings panel did not improve this poor performance. The settings panel has a lot of options and, after a bit of digging, I found one for disabling desktop compositing. With compositing turned off, the Plasma environment became much more responsive in both test environments and improved my estimation of the desktop experience.
ROSA R9 -- Creating backup archives
(full image size: 299kB, resolution: 1280x1024 pixels)
The distribution ships with a fairly standard set of popular open source applications, though there is a slight preference for Qt/KDE applications. Looking through the application menu we find both the Firefox and Chromium web browsers, featuring Flash support. The LibreOffice productivity suite is included along with the Okular document viewer. ROSA provides us with the KTorrent bittorrent client and the KPPP dial-up software to help us get on-line in environments that use modems or mobile networks. ROSA includes the GNU Image Manipulation Program, the KolourPaint drawing program, the Gwenview image viewer and a simple scanning tool. We can listen to music using Clementine, watch videos in the ROSA Media Player and activate our web cam using Kamoso. For editing media files we are given copies of the Audacity audio editor and the Kdenlive video editor. The distribution features a wide range of media codecs, allowing us to play and edit most media formats.
Digging further through the application menu we find an archive manager, text editor and calculator. The K3b disc burning software is included along with a number of system configuration tools. I will come back to these configuration tools again in a bit. ROSA features a few small games and programs for viewing system and hardware information. The distribution includes the GNU Compiler Collection, the systemd init software and version 4.9.20 of the Linux kernel.
ROSA uses a graphical package manager called Rpmdrake. The Rpmdrake application is divided into two panes. On the left we are shown a list of available software categories. On the right side of the window we see a list of packages in the selected category, sorted alphabetically. We can click a box next to each package's name to mark it for installation or removal. Packages are downloaded or removed in batches and the Rpmdrake interface locks while it is working.
ROSA R9 -- The Rpmdrake software manager
(full image size: 237kB, resolution: 1280x1024 pixels)
One feature of Rpmdrake I enjoy is the application's filter. There is drop-down menu on the left size of the window where we can select whether the software manager should show us all packages in a category, security updates, all updates, desktop applications or meta packages. This gives us some flexibility and greatly narrows down the package options we are shown. The default filter option is to show just desktop software, which is probably what most people will want.
Unlike most other descendants of the Mandriva family, ROSA does not ship with two separate control panels for managing the desktop environment and underlying operating system. ROSA provides users with one, unified settings panel. The top half of the control panel contains modules for working with the look and behaviour of the Plasma desktop. The bottom half provides us with controls for working with everything from backups, to network connections, to power settings. There are also modules for managing user accounts, setting up the firewall and managing printers.
ROSA R9 -- The settings panel and Dolphin file manager
(full image size: 146kB, resolution: 1280x1024 pixels)
While there are a lot of modules and Plasma has many configuration settings, the control panel features a useful search function to help us find the specific option we need. The modules are all nicely arranged and I found them easy to navigate. One of my few concerns with the control panel was simply that there are so many options and some of them overlap. New users may take a while to work out the differences between Display & Monitor and Configure Video Card, for example. The only other issue I ran into was with the Parental Controls module. One of the features we are presented with allows us to blacklist websites, but I found I was unable to block websites using the site's hostname.
My experience with ROSA got off to a pretty good start. The installer is easy to navigate (though perhaps a bit too quick to format and install when using guided partitioning). The system ships with a useful collection of open source software, media support and I like the default layout of ROSA's Plasma desktop.
I ran into a snag with Plasma's performance. The desktop effects and compositing really dragged down the performance in both of my test environments and it took me a while to find and disable all of the settings that were making the Kwin window manager work so hard. However, with performance restored, the rest of my time with ROSA went very smoothly. The distribution ships with modern software while providing a stable and polished experience.
The configuration tools ROSA inherits from Mandriva are very easy to use and I like that ROSA has unified Mandriva's two control centres into one. The software manager worked well for me, as did most of the configuration tools. I particularly liked the backup utility which makes it straight forward for each user to backup their files to a local or remote location on an automated schedule.
During my entire trial I think I also saw one application crash (Chromium locked up and had to be killed) but otherwise my week with the distribution was smooth. ROSA provides four years of software support and offers a friendly environment without much clutter or distractions. I found it to be a good desktop workstation system and one which will likely appeal to new Linux users.
* * * * *
Hardware used in this review
My physical test equipment for this review was a desktop HP Pavilon p6 Series with the following specifications:
- Processor: Dual-core 2.8GHz AMD A4-3420 APU
- Storage: 500GB Hitachi hard drive
- Memory: 6GB of RAM
- Networking: Realtek RTL8111 wired network card
- Display: AMD Radeon HD 6410D video card
* * * * *
Visitor supplied rating
ROSA has a visitor supplied average rating of: 8.6/10 from 24 review(s).
Have you used ROSA? You can leave your own review of the project on our ratings page.
|Miscellaneous News (by Jesse Smith)
Fedora plans new networking improvements, FreeBSD's Quarterly Report, UBports sets up its own app store, Parsix project to shut down
The Fedora distribution is a cutting edge project that often showcases new technologies. James Hogarth has a write-up of some new changes coming soon to Fedora users, specifically new functionality in NetworkManager. Hogarth's post talks about privacy features for use on wireless networks, bridging connections and what to expect from NetworkManager in the upcoming release of Fedora 26: "Just as recently as Fedora 24 (and EL7.3) NetworkManager began using a random MAC whilst scanning for access points to use. The default at present is to use whatever the MAC of the interface is (or preserve if it's been set in advance with a tool like macchanger) however similar to the IP layer it's now possible to set cloned-mac-address on a connection to RANDOM for a totally random MAC each time that connection is activated or STABLE to mimic the IPv6 behaviour of a randomly generated address that stays consistent with a connection." The post on Fedora Magazine has more details.
* * * * *
The FreeBSD project has published a new status report which covers activity in the project during the first quarter of 2017. The report covers work going into porting the Rust language to FreeBSD's multiple architectures and security updates for MySQL. The number of ports and packages FreeBSD offers has topped 27,000 and several new contributors have joined the Ports team. The report also mentions ongoing work on the 64-bit PowerPC architecture, improvements to FreeBSD's Linux compatibility layer and security enhancements: "In this quarter, we are pleased to announce two (of many) works achieved in the Linuxulator. We added a new placeholder marker UNIMPLEMENTED to accompany the previously existing DUMMY, for distinguishing syscalls that the Linux kernel itself does not implement from those that we currently do not implement. Now our linux_dummy.c is clearer for newcomers to follow, and they will quickly know which areas they can start working on. Support for two new syscalls, preadv and pwritev, was added to the Linuxulator."
* * * * *
Canonical may have ceased development of the Ubuntu Touch operating system, but the open source community has continued work on the GNU/Linux mobile operating system. The UBports team has reported they are working on supporting both new devices for Ubuntu Touch and taking over support for legacy Ubuntu Touch devices. The project has received some additional funding and developers are working on the platform's core apps. Perhaps the most exciting news though is the community has created their own app store where developers can upload and share their Ubuntu mobile applications. Further information on UBports can be found in the project's recent question and answers blog post. Information on enabling the new Ubuntu Touch OpenStore app repository can be found here.
* * * * *
In some sad news, the Parsix GNU/Linux distribution will be shutting down, probably before the conclusion of 2017. In a brief post on the Parsix Project News page, the team reports Parsix will be discontinued six months after the launch of Debian 9 "Stretch". "Parsix GNU/Linux project is going to shut down six months after the release of Debian GNU/Linux 9.0 a.k.a Stretch. Parsix GNU/Linux 8.15 (Nev) will be fully supported during this time and users should be able to upgrade their installations to Debian Stretch without any significant issues. We will make all necessary changes, and updates to ensure a smooth transition to Debian Stretch. We take this moment to thank all users and community members who supported this project throughout the years by using Parsix, making donations or spending their time to improve it. A more accurate time line will be announced once we have more information in regards to the official release date of Debian Stretch."
* * * * *
These and other news stories can be found on our Headlines page.
|Questions and Answers (by Jesse Smith)
How SELinux improves security
Exploring-security-options asks: I have heard that SELinux can improve security, but many people turn it off. What exactly is SELinux and how does it help me?
DistroWatch answers: SELinux is a kernel feature which, when enabled, helps to protect the operating system from misbehaving services and applications. SELinux, and similar technologies such as AppArmor, protect the system when a process tries to access or edit resources it should not. This probably sounds abstract so let's look at an example.
When you run an application, that program runs with the same access to the system you have. If you launch the Firefox web browser, the browser can access all of your files, it can edit the same files you can, it can read the same documents your user account can. Normally, this is okay, you usually want your web browser to be able to edit your bookmarks, upload photos and save items to your Downloads directory. However, if a malicious website manages to hijack Firefox and take control of the browser, the attacker will then have the same level of access to our files and we do not want that.
SELinux allows the administrator to set up rules which limit what a program can do if it misbehaves or is taken over by an attacker. For instance, we can create rules with SELinux which prevent Firefox from being able to read the system's list of user accounts. We could also block write access from applications outside of certain directories, limiting Firefox to only saving information in its own configuration directory and our Downloads directory. This greatly reduces the amount of damage a hijacked program can cause. For example, we probably want to prevent Firefox from deleting files in our Documents directory.
One way to think of SELinux is to imagine it as a supervisor which keeps an eye on the programs running on our system. When the programs are behaving themselves and acting normally, SELinux does not need to do anything. But if a program suddenly tries to change a setting it shouldn't or access sensitive information like your password manager, then SELinux gets in the way and blocks the misbehaving program's access. SELinux does not know how to do this automatically, it needs to be taught using rules that define which resources are off limits.
SELinux is especially useful on computers where background processes like web servers are running. Network services are particularly vulnerable to outside attack and often need to have special access to parts of the operating system. Using SELinux, we can create rules which block the web server from accessing account passwords, personal files or other important pieces of information.
While SELinux can be very effective, the rules which govern how it works can be cryptic and are sometimes difficult to trouble-shoot. This results in people turning off the security feature rather than getting it to work properly. A better solution is usually to put SELinux in monitoring mode, where security issues will be reported without being blocked. This will generally reveal what the problem is and tweaking a rule will generally correct the issue, at which time SELinux can be turned back on.
Some technologies, like Firejail and AppArmor, offer similar safeguards against misbehaving or compromised programs accessing files they should not. These technologies are guided by rules which are easier for people to read and understand which helps a good deal with trouble-shooting issues. Further information on SELinux, AppArmor and Firejail, and how to use them, can be found on the projects' respective web pages.
* * * * *
We have more answers in our Questions and Answers archive.
|Released Last Week
Untabgle NG Firewall 13.0.0
Untangle NG Firewall is a Debian-based network gateway with pluggable modules for network applications like spam blocking, web filtering and anti-virus. The company behind this distribution, Untangle Inc., has announced the release of Untangle 13.0.0. The new version introduces MAC-based device tracking, user tracking (via multiple methods) and the ability to override Untangle's OpenVPN settings. This release also introduces two new features: Tags and Triggers. "Tagging is a new feature that allows administrators to tag a host, device or user to quickly create policies based on entities that have a specific tag associated with them. Tags can be applied manually by an administrator or automatically based on conditions. Triggers allow administrators to tag hosts, devices, and users when specific events occur. The admin can then create policies and rules to manage behaviour. Similar to alert rules, trigger rules evaluate all events and can be configured to tag or untag entities based on the rules applied. Once tags and triggers are configured, they proactively manage hosts, devices and users without intervention by the network administrator." Further information can be found in the company's release announcement and in the changelog. Download (MD5): untangle_1300_x64.iso (550MB, pkglist).
OBRevenge OS 2017.05
OBRevenge OS is an Arch Linux-based desktop distribution featuring a custom desktop environment based on the Openbox window manager and an easy-to-use system installer (Calamares). A new version 2017.05 was announced earlier today: "New release, OBRevenge OS 2017.05. Changelog: updated to newest Calamares; fixed bug with hotkeys when changing desktop settings; Bluetooth support; updated software install tool; added more support for multimedia keyboard keys; added GUI screenshot tool; added more touchscreen drivers; Linux kernel 4.10.13; updated compositing configuration for better hardware support; removed Compiz (still available in the repository)." Here is the brief release announcement as published on the distribution's news page.
elementary OS 0.4.1
Daniel Foré has announced the release of elementary OS 0.4.1, the first point update of the project's "Loki" series. The new version is based on Ubuntu 16.04.2: "We're proud to announce the release of a major update to elementary OS Loki - version 0.4.1. This release brings a new hardware enablement stack, all of the updates to Loki thus far, plus a brand new AppCenter. Thanks to the wonderful work of the folks at Canonical and Ubuntu, Loki 0.4.1 ships with a newer kernel and X.Org server as part of the Ubuntu 16.04.2 core. This means Linux 4.8 and better support for 7th generation Intel (Kaby Lake) chipsets, among other hardware compatibility and performance improvements. Notable updates include a significant upgrade to Epiphany, several fixes in Files, a redesigned metadata sidebar for Photos, new Bluetooth settings, a microphone indicator and bluetooth device controls in the sound indicator, a brightness slider in the power indicator, the ability to start an AppCenter search from the applications menu, look & feel updates, better support for CJK input methods, better translations, and more." See the release announcement for further information and screenshots.
elementary OS 0.4.1 -- Running the Pantheon desktop
(full image size: 1.0MB, resolution: 1280x1024 pixels)
ReactOS is an open source operating system which strives to be binary compatible with Microsoft Windows and features the ability to run many Windows applications. The project has released ReactOS 0.4.5 which features several improvements to the system's graphics, including better application and font rendering. The ReactOS team has also reported their operating system can run Microsoft Office 2010 and several stability improvements have been added to this release: "The ReactOS Project is pleased to release version 0.4.5 as a continuation of its three month cadence. Beyond the usual range of bug fixes and syncs with external dependencies, a fair amount of effort has gone into the graphical subsystem. Thanks to the work of Katayama Hirofumi and Mark Jansen, ReactOS now better serves requests for fonts and font metrics, leading to an improved rendering of applications and a more pleasant user experience." Further information can be found in the project's release announcement. ReactOS is available in a Live edition and an installation edition.
Parrot Security OS 3.6
Lorenzo Faletra has announced the release of Parrot Security OS 3.6, an updated build of the project's Debian-based specialist distribution featuring useful tools for penetration testing, forensic analysis, hacking, privacy, anonymity and cryptography: "After some months of hard work we were finally able to release Parrot Security OS 3.6. In this new version we didn't want to introduce new features and functionalities; we have worked instead on making the existing environment better, more reliable and less memory-hungry by applying many minor fixes to our build platform and packages and by tuning our startup daemons management system (Parrot 3.6 'Lite' 32-bit can use less than 200 MB of RAM). Anonsurf was improved too, and now the section dedicated to anonymity and privacy is very reliable and well tested, and some nightmares of the previous Anonsurf versions now belong to the past. We also wanted to give more attention to our 'Lite' and 'Studio' editions." Read the rest of the release announcement for more information.
* * * * *
Development, unannounced and minor bug-fix releases
The table below provides a list of torrents DistroWatch is currently seeding. If you do not have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.
Archives of our previously seeded torrents may be found in our Torrent Archive. We also maintain a Torrents RSS feed for people who wish to have open source torrents delivered to them. Thanks to Linux Tracker we are able to share the following torrent statistics.
Torrent Corner statistics:
- Total torrents seeded: 413
- Total data uploaded: 65.1TB
|Upcoming Releases and Announcements
Summary of expected upcoming releases
SELinux and AppArmor
In our Questions and Answers column this week we talked about SELinux and the benefits of using this technology to secure Linux-based systems. We also touched briefly on another, similar security option called AppArmor. This week we would like to find out how many of our readers run either of these two mandatory access control technologies.
You can see the results of our previous poll on buying a new computer with Linux pre-installed in last week's edition. All previous poll results can be found in our poll archives.
New projects added to database
SharkLinux is an Ubuntu-based distribution featuring the MATE desktop. The distribution automatically upgrades packages on the system and offers a rolling release approach to software upgrades. The distribution also enables sudo access by default without requiring a password for user convenience.
SharkLinux -- Running the MATE desktop
(full image size: 404kB, resolution: 1280x1024 pixels)
* * * * *
Distributions added to waiting list
- NHSbuntu. NHSbuntu is a Linux distribution based on Ubuntu and developed with the needs of the British NHS agency in mind.
- Gatter Linux. Gatter Linux is a Ubuntu-based distribution featuring the Openbox window manager as its primary user environment.
- All in One - System Rescue Toolkit. The All in One distribution is an Ubuntu-based live disc for performing system rescue, data retrieval and hardware tests. It is intended to be used by computer technicians in the field.
- Minimyth2. Minimyth2 is a Linux distribution dedicated to running the MythTV software on dedicated, diskless computers.
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 29 May 2017. Past articles and reviews can be found through our Article Search page. To contact the authors please send e-mail to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews/submissions, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, donations, comments)
- Bruce Patterson (podcast)
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip.
(Tips this week: 0, value: US$0.00)
|Reader Comments • Jump to last comment
1 • SElinux alternatives: Tomoyo and Caitsith (by Boruch on 2017-05-22 01:34:36 GMT from United States) |
Jessie, in your description of SElinux, you didn't mention two alternatives, tomoyo and caitsith.
2 • SELinux alternatives (by George on 2017-05-22 02:09:01 GMT from United States)
You mentioned Firejail, which I use, but then didn't include it as an option in the poll.
3 • SELinux (by Jeff on 2017-05-22 03:11:11 GMT from United States)
@1 and @2
He only wants to know if readers run either of these two, not anything else
4 • place of origin (by The Count of Monte Cristo on 2017-05-22 04:43:59 GMT from United States)
You have to keep in mind where code comes from. Anyone who uses a distro from Russia is asking for it.
Similarly, SELinux was designed by the NSA. Neither the Russians nor the NSA can be trusted, and if you think otherwise, you should pick up a newspaper and read it.
5 • place of origin (by Alexandre Dumas on 2017-05-22 05:37:54 GMT from Australia)
@4: The next step in your argument is that we therefore cannot trust software designed in the US either as this is influenced by the NSA.
Luckily, with open source software, we can look through the code if we feel threatened.
6 • How SELinux improves security (by Alexandre Dumas on 2017-05-22 05:43:45 GMT from Australia)
Jesse wrote: "While SELinux can be very effective, the rules which govern how it works can be cryptic and are sometimes difficult to trouble-shoot. This results in people turning off the security feature rather than getting it to work properly."
This is such an important point and is so often overlooked. Very few developers address it - a rare counter-example is the approach taken by the OpenBSD developers in, for example, their PF rules. More developers should understand that if their very secure system is too hard to use, people will either a) not use it or b) will use it and make mistakes, thus defeating the purpose of the software.
7 • SELinux (by Roy Davies on 2017-05-22 06:18:36 GMT from United Kingdom)
Reading a newspaper is no nearer the truth than reading a Marvel comic. Get real.
8 • @4 Russia paranoia (by linuxista on 2017-05-22 06:54:25 GMT from United States)
Only Russians need to worry about Russian distros. For people in NATO, or other US friendly or puppet countries, any backdoors that the FSB or whatnot might have in that distro is safer because info is almost certainly NOT being shared with law enforcement or other authorities trying to suppress dissent in your home country. If I were a western dissident I'd be much more concerned with, say, the possibility of backdoors the GHCQ might be putting into Ubuntu.
9 • ROSA (by Dave Postles on 2017-05-22 07:19:12 GMT from United Kingdom)
It's a commercial company with a reputation to sustain and has partnerships to maintain: http://en.rosalinux.com/our-partners/ I'd trust it further than MS and that's a starting point. IMHO, distros which have their origins in the sadly defunct Mandrake/Mandriva (incl. OpenMandriva) have an enormous amount going for them.
10 • @4 SELinux vs. NSA (by Microlinux on 2017-05-22 07:27:19 GMT from France)
I'm using SElinux on my servers running CentOS. SElinux has indeed been developed by the NSA. It's been included in the mainline kernel back in 2003, if I remember correctly, after extensive peer review by the kernel developers. (No backdoors, nope.)
BTW, SELinux is a very nice addition for server security. Here's a comprehensive introduction to SELinux by Red Hat developer Thomas Cameron (who is also a nice and funny guy).
11 • Mageia (by Charlie on 2017-05-22 07:38:38 GMT from Hong Kong)
@Dave For Mandriva users there is already Mageia, backed by the community instead of a company, comparing to ROSA which adopts too much tweaks in addition to vanilla packages, as well as the adoption of the fork version of RPM: RPM5. Mageia's way of doing things is more closer to the traditional "big" distros like Fedora/Debian/openSUSE.
12 • AppArmor on Ubuntu (by Fernando Santucci on 2017-05-22 08:04:57 GMT from Brazil)
All Ubuntu users use AppArmor at least protected with sudo.
Many features of SELinux is falling into disuse in most of main distros.
13 • "the classic tree style menu" (by OS2_user on 2017-05-22 08:25:59 GMT from United States)
Jesse writes: "The application menu, I was surprised to note, uses the classic tree style menu rather than one of the more common split-pane or application grid layouts. Personally, I found the tree style menu with a search field a welcome change."
I've been musing about why GUIs have gotten so horrible.
EVERYONE likes tree style menus better, even those who believe otherwise. That's why was done in Mac, OS/2, Windows 3.1 and XP. It's the obvious way. No one gets as much info from icons, no matter how big and colorful, compared to a few words or even few characters of text.
Sure, can be okay once you're familiar with where the wanted icons are placed, but trying to read tiny fonts under big icons is just stupid GUI design. As is putting few up widely spaced over entire screen, so must be scrolled. What's the point, other than "different"? You don't get into a new car expecting basic controls to be fundamentally different from every other modern car. Where did ergonomics go in computerdom?
Why is change for sake of change thought clever in GUIs? Every new one is a frustrating and sometimes hazardous puzzle -- I'm thinking of the Puppy install that crashed on me by opening all the videos that I'd selected to copy, so badly that wouldn't even re-install itself -- but you'll notice that nearly all provide some way to revert to double-click selection, because it's the OBVIOUS way that everyone understands.
On other hand, keyboard commands are arbitrary, but there's no point to forcing users to learn another arbitrary set. At least this area is a bit standard between PCLinux and Windows: Alt-F4 closes the window; F2 renames a file, and so on.
Just grit your teeth and go with the choices made long ago in Windows so that new users don't waste time. You could at least have the decency to start with that set, rather than wacky. -- GUIs are supposedly very flexible, but in fact are rigidly defined, and essentially control YOU: Microsoft clearly has that as goal. -- Linux GUIs now seem intent on repeating what Microsoft does, only worse.
Then there's the speed of modern GUIs, as mentioned above. I now have computers literally a hundred times so fast as the one I wrote assembly language graphics primitives for, yet the interface is SLOWER and unreliable.
If this trend keeps up, we'll indeed be waving our arms around like Tom Cruise in that movie "Minority Report" One of the funniest scenes ever.
14 • New distros added to data base (by tricky on 2017-05-22 11:26:30 GMT from Canada)
All of a sudden out of nowhere new distros are added to the data base, but those "in the waiting list" are still there. Maybe the newly added distro with a dangerous name might just say that SharkLinux might eat you or Linux?
There are some pretty good distros, mostly one man shows, hanging around in the net. Does Distrowatch search for them too? It is Distro Watch, incidentally.
15 • Waiting List / ROSA (by Winchester on 2017-05-22 12:00:48 GMT from United States)
The waiting list is a mystery to me. "Simplicity Linux" has been in the main database for over one year (if not more) but "LxPup" is "not ready" according to distrowatch. Yet Simplicity Linux up to 16.07 is a direct copy of LxPup only with more wallpapers and WBar added.
ROSA r8 KDE4 is the best implemented KDE4 I have tried so far. They seem slow to update software packages,however. Back to the positive,Enlightenment 21 is in the repositories and works well under ROSA.
16 • Poll (by DaveW on 2017-05-22 12:20:31 GMT from United States)
I voted for 'I use neither' because I have never gone looking for any such animal. However, I have since learned that Ubuntu and its derivatives use AppArmor. So, since I use Mint, should I have voted for AppArmor, or did I correctly vote neither because I have never written an AppArmor rule?
17 • ROSA/Mageia/Mandriva (by denethor on 2017-05-22 12:23:11 GMT from Serbia)
I like ROSA a lot and I had no performance problems as Jesse had. I also installed the plasma5 iso. Very good, stable, snappy and quite light on resources. I also trust ROSA more than MS! :-)
I was using, among others, Mandriva which was the best in my opinion. Mageia left me unimpressed and for the record, OpenMandriva is the community continuation of Mandriva...
18 • new distros (by bigsky on 2017-05-22 13:03:26 GMT from Canada)
@ 14 Paranoid much ? New distros are the norm and have been to Linux for ever, that's what makes it so interesting and one man shows ?? not so much. Relax and enjoy the Victoria day long weekend and chill. We are here to help not to criticize. Thanks
19 • @13 OS2_user: (by dragonmouth on 2017-05-22 14:30:36 GMT from United States)
"Why is change for sake of change thought clever in GUIs?"
That has been the trend in everything, not just GUIs and/or software. Manufacturers/developers have to justify their continued existence in one way or another They make incremental changes or problem fixes sound like major enhancements. Are this year's models of TVs, cars, widgets, etc so much better than last year's models as to make them "must buys"?
20 • sometimes, criticizing IS helpful (raises awareness) (by tim on 2017-05-22 15:38:05 GMT from United States)
$220 here (plus free sourceforge project hosting) can get BadActor's rootkitted "distro" deployed to target audience, licketysplit fast
vetting? Naw, dude, that's sooooo twentyif centuury
21 • Security (by OstroL on 2017-05-22 15:42:11 GMT from Poland)
Reading what Jesse wrote about security,
"However, if a malicious website manages to hijack Firefox and take control of the browser, the attacker will then have the same level of access to our files and we do not want that. "
remembered something about Firefox and checked it. In Options>Security>Saved Logins>Show Passwords would show all your passwords stored there to anyone, who opens Firefox in your computer. Some can get it to remotely, I believe. Anyone, who can "break" into Firefox can see these.
22 • FF password vulnerabilities (by Jordan on 2017-05-22 18:34:17 GMT from United States)
@21 Keep in mind that the user has the option to "never remember password" when invoking a pp protected website.
23 • Security & Trust (by M.Z. on 2017-05-22 18:40:23 GMT from United States)
Personally I use the default SELinux settings on my sole Fedora install, but I don't use that old desktop much. In addition I use MSEC on Mageia & PCLinuxOS, and I use Firejail on PCLinuxOS & my Mint systems.
"...since I use Mint, should I have voted for AppArmor..."
I use Mint a fair amount myself & to my understanding AppArmor is not set up or configured on Mint by default. For me the easy security option was figuring out how to set Firejail to run whenever I use Firefox. It runs flawlessly in Mint, though I've had sound issues on PCLinuxOS.
@4 8 & 10
I think #10 brings up a good point about trust & vetting. If you believe any software has been reasonably well vetted, then you should be able to trust it at a basic level. There may be reasons to avoid doing much to support any organization for certain countries; however, open software should be a bit more trustworthy than other software, especially coming form big projects that are likely to be well examined by third parties. That being said I see no reason to support projects in countries with bad records of freedom of speech or other significant issues & I tend to avoid projects from China & Russia because not only do I dislike the governments in those areas, I also have no reason to believe the projects from those areas are thoroughly vetted. In addition I am not interested enough to dig into any possible vetting.
For projects from major western countries, there may always be some questions & if you dig enough I firmly believe that every major western spy agency has done some bad things. On the off chance that you can't find an issue with a nations spy agency there are generally other issues with tracking (think I saw something on this in France) or restrictions on web access (isn't there some restrictive web filter in Australia?) etc. And of course the previously mentioned GCHQ in the UK (which does a lot more creepy stuff than many people realize) & NSA here in the USA; however, the main open projects in both are prominent & very likely to be vetted, & smaller projects aren't likely to be worth targeting. In addition those that fear Red Hat & US security should consider just how much of the entire GNU/Linux ecosystem is developed by major vendors to the US government like Red Hat & ask themselves if there is anything that can be trusted at all if they can't trust a system as openly developed as Linux. If you have that level of paranoia then you may as well use every computing device as a paperweight, because nothing is likely to meet your standards & not be connected to some major government entity somewhere. A little healthy paranoia can be a good thing, but there are limits.
24 • @23 (by kaczor on 2017-05-22 19:36:38 GMT from United States)
>I tend to avoid projects from China & Russia because not only do I dislike the governments in those areas, I also have no reason to believe the projects from those areas are thoroughly vetted. <
Have you lived in any of these countries? Do you think US is a saintly country? Have you checked your household, your car, your mobile lately? How many things are made in China? Do you use Google? Gmail etc? One of the guys, who created it has the name Sergei. Not an all American name, is it?
25 • @23 your paranoia (by lenn on 2017-05-22 20:00:30 GMT from Canada)
Whatever Linux distro you use, check /bin and /usr/bin and see how many of the files in there you can read. You don't have to understand what's written in them, but just read. You'd find there are many files you just can't open, scrambled files. Now, you don't know what they are, other than the name under the file. So, how do you know, if one of those files have a back door? You might find somewhere in the net , its source code, but how do you know, what was there, before the file was scrambled? You have to trust these guys, don't you? Not every file in the distro you use is readable, right?
26 • Doing what I can (by M.Z. on 2017-05-22 20:28:06 GMT from United States)
"Do you think US is a saintly country?"
No, but I can also recognize false equivalency when I see it.
"Have you checked your household, your car, your mobile lately?"
1) my what? 2) the car is union made in the USA 3) some things like cell phones have virtually no choice; however, I do have a fair amount of Union made in the USA clothing.
"...Sergei. Not an all American name, is it?"
No, nor is Serj Tankin, but I still like his rock band. I don't care about where people come from I care about the _actions of governments_ especially in dictatorships where there is no opposing opinion allowed. You can read something ugly into anything if you try hard enough, but that has no bearing on the actual intent.
I have major issues with things in a great many countries, some just happen to rise to the level of 'may as well avoid things from there if you can', even if you can't avoid all the things you dislike all the time. The countries that I prefer to get products & distros from all tend to have governments that can be replaced by voters & have governments open to more public scrutiny. I also TRY to avoid 'made in china' due to both sweatshop & environmental conditions associated with such products, which are of course caused by both major multinational companies & local officials putting profits ahead of ethics.
27 • firejail (by Jake on 2017-05-22 20:29:23 GMT from United States)
I starting using firejail after Distrowatch did a "Tips and Tricks" about it. I was never able to get AppArmor to work on my system--albeit I gave up because I thought it was too complicated. Using firejail is so much simpler.
Speaking of simplicity, systemd-free.org is requesting additional contributors (I am not affiliated with this website): http://systemd-free.org/news.php.
28 • @26 union made stuff... (by tricky on 2017-05-22 20:43:56 GMT from Canada)
Check in your "union made" car, how many parts are made in China. Is your computer also union made, but in China? You are the guy, who said you dislike Russia and China.
Even, if you go live in Antarctic, you'd still use Chinese made stuff and Russian coded apps in a Chinese made computer. Your TV is made in China or Korea. Most of the chips are made in Malaysia. And, it goes on and on...
29 • ROSA (by Dave Postles on 2017-05-22 20:56:52 GMT from United Kingdom)
Yes, it was just the way that I phrased the sentence; my meaning was that OpenMandriva is one of the continuations from Mandrake/Mandriva and which has much going for it (although not as much as ROSA). Ive used it in the past. Sorry, I've just had too many glitches with Mageia (although I have RC for 6 on a usb stick). Indeed, the distance between 5 and 6 indicates, I think, some issues. I( did actually make a donation to the development of Mageia when it was first being developed, but I've dropped it.
30 • poll (by Joe P on 2017-05-22 22:46:52 GMT from Latvia)
I too started using Firejail after the Distrowatch "Tips and Tricks" featured it. I use it in Linux Mint for Firefox, Image Viewer, Document Viewer, and Midori.
31 • Attempting to be an ethical consumer (by M.Z. on 2017-05-22 23:35:38 GMT from United States)
"Check in your "union made" car..."
The engine was made in New York & the transmission was made in Michigan.
"You are the guy, who said you dislike Russia and China."
Absolute & utter BS. I take issue with the political situation in certain areas & all of a sudden I dislike everything about the place? What logic does that follow?
I also avoided eating at Subway for a while because they got in a fight with their Tomato pickers. Does that mean I hate Subway? Does it mean I hate people picking Tomatoes in my home state? Or does it actually mean I wanted people to get fair compensation for fair work, regardless of the fact that they were all likely immigrant laborers?
"Your TV is made in China or Korea."
No it isn't, I took special note of the fact that it was made in Mexico. I took pride in that fact about the last TV we actually purchased for my household because I believed that labor & human rights conditions were better in Mexico than in China. Which is of course were all the alternative TV seemed to be made at the time.
It can be hard to attempt to be an ethical consume, but even if there are no perfect solutions it's worth trying. Cynicism gets you nowhere & can make things far worse, especially when nobody votes & a real nut job gets elected. For me Linux is part of that effort at ethical consumerism. Of course there are other ways to talk about the effort to actually do something proactive, such as one of my favorite songs by Minor threat:
"You tell me that I make no difference
Well, at least I'm #&@# trying
What the #&@# have you done?"
32 • SELinux (by Donnie on 2017-05-22 23:52:56 GMT from United States)
SELinux isn't as bad to troubleshoot as what people want to believe. If you install the "setroubleshoot" package, you'll see those cryptic SELinux messages from the audit log get converted into plain English*, complete with recommendations on how to fix the problem.
*Or, whatever your native language is.
33 • I don't use SELinux, it does not fit the Keept It Simple principle (by LiuYan on 2017-05-23 03:08:37 GMT from China)
As always I said, security is not my primary concern, easy to use is my primary concern.
As a normal user (like I'm 5, or a user without computer knowledge), SELinux brings more troubles than benefits, I don't want to encounter weird file access denied issue after files copied from one location to another location. I don't expect normal user can fix this issue by telling them "you need to change file security context to ...", "wtf is that".
As a software developer or system administrator, I may (or may not) use SELinux, depends on
(1).How security is needed.
(2).Will SELinux brings trouble to application ( http://asteriskdocs.org/en/3rd_Edition/asterisk-book-html-chunk/installing_base_configuration.html#Installing_id293578 ).
34 • Attempting to be an ethical consumer (by anticapitalista on 2017-05-23 08:46:36 GMT from Greece)
@28 - I took pride in that fact about the last TV we actually purchased for my household because I believed that labor & human rights conditions were better in Mexico than in China.
Hmm, however, have a read of this article. (One of many).
Not blaming you, just saying that t almost impossible to be an ethical consumer when capitalism is no unethical.
35 • @25 binary bullshit (by curious on 2017-05-23 08:58:57 GMT from Germany)
You wrote "... check /bin and /usr/bin and see how many of the files in there you can read" and claim that these files are "scrambled".
Don't you think that the folder name "bin" might possibly be an indication that these are BINARY files? These are the executable files - of course you can't read them as they must be in machine code that your processor can understand - which is something totally different than "scrambled".
And one can check whether the binary files correspond to the source code: compile the source code and compare the result with the binary in question.
36 • Linux to run UNITY Game Programming environment (by David Weddle on 2017-05-23 09:51:37 GMT from United States)
I want a distro to run UNITY game programming environment. With BLENDER, and GIMP and WINE to run some Windows programs. The UNITY Linux distribution will run on UBUNTU 14.0 and up. Which distro to choose? UBUNTU I find a little bulky. I like snappy little distros like MX-16 and Puppy. I can use Linux, but I'm not familiar with it's scripting. Like sudo apt- get, etc.. Not familiar with the shell commands. I wonder if it would be a improvement over Windows 7? I have a Dual core DDR2 machine with a low end Graphics card. Thanks.
37 • @31 Ethical buyer.. (by lenn on 2017-05-23 12:07:58 GMT from Canada)
> "Your TV is made in China or Korea."
No it isn't, I took special note of the fact that it was made in Mexico.<
Check again. Made from parts from China, Korea or Malaysia. The company manufacturers in Mexico, but not owned by Mexicans. If the company is American, then you are helping Americans not having those jobs. (Remember, make America great again?)
Glad to hear from someone in China!
Thank you for the link.
38 • Discussion (by Samuel Vimes on 2017-05-23 15:27:17 GMT from United States)
Can we please discuss Linux instead of politics?
39 • About security... (by OstroL on 2017-05-23 19:14:17 GMT from Poland)
Checked few other web browsers. In Opera, you can see your stored passwords, if only you know the password to your computer. In Firefox, anyone, who can open Firefox in your computer can find your stored passwords. Of course, you can stop storing your passwords, but how many of us can remember all the passwords?
40 • @Storing Passwords in Browsers (by Jake on 2017-05-23 19:50:45 GMT from United States)
Use Lastpass or similar. Browsers store passwords for convenience, not security.
41 • Trying My Best (by M.Z. on 2017-05-23 20:10:52 GMT from United States)
"Can we please discuss Linux instead of politics?"
Frankly I find that using Linux is a bit of a political act. It both attacks the monopoly of MS, & supports consumer rights (which are stronger under the GPL than anywhere else I can think of) & supports consumer choice.
"...almost impossible to be an ethical consumer when capitalism is no unethical."
I do try my best, but things are never perfect. The world has just enough terrible people that every highway overpass in the US has a chain-link fence along the side to keep evil people from throwing things at the cars on the highway below. It seems to me that unregulated 'free market' capitalism is much the same way even though a majority of business owners are decent people. I still believe that a better form of capitalism is possible & try to support it however I can.
Along those lines, avoiding Russian & Chinese distros is a simple lazy way to avoid supporting regimes even though I really don't know if there is any connection there. If the disto makers came out against their government I wouldn't mind getting something from them at all, but that's sort of a catch 22 because they could be disappeared depending on how vocal they were. It's not a perfect solution, but it's better to me than indirectly supporting regimes I have so many issues with.
"Made from parts from China, Korea or Malaysia."
Frankly my biggest issue there is the sweatshop & environmental conditions common in China. I'm quite certain that North Korea has few if any exports due to sanctions, so I know the parts aren't from there. Given what I know of politics & human rights in South Korea I'd by happy to buy a TV made from parts there over one from China. I don't understand why #28 thought parts/TVs from Malaysia or _South_ Korea were as bad as China, because that's the same kind of false equivalency that #24 was engaging in. If a South Korean TV is in your budget & seems like the best alternative to one from China I say go for it. There is at least a reasonable chance it was more ethically made than one from China.
"(Remember, make America great again?)"
I never used those words or voted for anyone who did, don't put them in my mouth.
42 • @41 governments... (by OstroL on 2017-05-23 21:38:02 GMT from Poland)
"Along those lines, avoiding Russian & Chinese distros is a simple lazy way to avoid supporting regimes even though I really don't know if there is any connection there. If the disto makers came out against their government I wouldn't mind getting something from them at all, "
You are bit funny, pal, would you use only distros that goes against the US regime (hmmm.. government)? I have a feeling that you've never been to China or Russia, but you have "feelings" against them. I've been to both countries. I found very nice people in both.
Btw, do you know, who made PCManFM?
43 • False Equivalency (Again) (by M.Z. on 2017-05-23 22:05:55 GMT from United States)
"...would you use only distros that goes against the US regime (hmmm.. government)?"
Being as there is no implicit assumption that the US government has the right to control or otherwise subjugate any US organisation it wants, what would be the point of that? That is yet another example of false equivalency. I believe there was someone in Russia who recently had his oil company turned over to groups seen as more friendly to the local regime due to his outspoken political stance (& yes that one is a real regime).
I will however admit that I stopped buying my blue jeans from a certain company when they sent me some weird email about them having some global warming 'skeptic' give a speech at their plant in Tennessee. My politics can easily cut against US companies when they are doing the wrong thing be it ethically or environmentally.
"I found very nice people in both."
I have no doubt of that, but tyrannical governments have a way of trying to creep into everything. For me it's easier to try to avoid products & distros from certain areas, even though it might not be the best approach. I hope people in both those places can live under less corrupt & controlling governments, but I can't think of anyway to easily affect that.
44 • Russian ROSA (by Platypus on 2017-05-24 08:11:37 GMT from Australia)
Hey, I use Deepin from China and I reckon it is a mile ahead of most other distros (Budgie is making a fair copy of it). But because it is from China, am i supposed to scared? No! I don't give a brass razoo about what they see on my machine - (but don't believe they are spying). They are welcome to all of it if they want it. Now THAT is true open source, isn't it!!
45 • Security (by Pat Menendez on 2017-05-24 13:15:15 GMT from Canada)
This whole debate is amusing. I have Rosa installed on a computer and like it. SELinux, etc., worrying about where your distro comes from ... Excuse me!? To agree to a Google+ social media account, you give Google unlimited access to your data by unnamed third party entities, you agree that they get to keep a copy of everything to post or comment on FaceBook. If you agree to Apple software, you give them the right to track everything you do on your computer, change any system setting, and delete any file they choose. You log out of Facebook and it still tracks what you do on-line! By default your browser is set to allow every web bot to do whatever it wants, every script from whomever is allowed to run unrestricted, every slug nutty is allowed to set "flash super cookies" etc. If you do not allow every ner do well to set data mines you aren't allowed to access some web sites. You are concerned about Russian or Chinese distros??? Everywhere you turn entities want a slice of your digital hide and we are more than willing to give it! Have you noticed that every browser has done everything they can to hide the security and privacy settings and intentionally acted to remove user control? Have you read the computing news and seen the number of times Google has been sued for invasion of Privacy and watched how Google has worked relentlessly to undermine European privacy legislation? There is no Linux distro on the planet that invades or sells out your privacy and security as the entities we allow to rule our desktops! When Linux firewall and security is so complex you have to wonder how the guys at F-Secure were able to make control so graphic and easy. The many users who have said that they don't use SELinux or other security base should be sounding the bell raising attention to a chronic issue; This is the 21st century! Graphical desktops have been around for 20 years. Why are we having to still struggle with the archaic command line and manually write rules? Examples of being able to do it simply in a GUI have been around for a long time! A far bigger threat to privacy and security than where a distro is geographically based is the ever extending tentacles of government spy agencies and "social networks" and more importantly those who want the internet strictly controlled (privately), regulated, monitored, etc., etc.
46 • Linux World (by Tux Puppy on 2017-05-24 14:00:49 GMT from Canada)
"For me Linux is part of that effort at ethical consumerism."
In Linux Community World, Developers who are yet not sold their souls have to
decide either to give-in to corporate oligarchy, if so, they have to decide at what cost?, or, simply just to show finger or blow the whistle.
In Linux Community World, Consumers and Users have to decide what parts and linux-ware are needed to be installed under inspection.
Linux World needs Open-Hardwares with Open-Softwares and Open-Drivers.
Freedom was never ever been FREE. One has to fight for it.
Check again. Made from parts from China, Korea or Malaysia. The company manufacturers in Mexico, but not owned by Mexicans. If the company is American, then you are helping Americans not having those jobs. (Remember, make America great again?)
Most of the American Manufactures (like Apple) outsource assembly-parts either from China or Taiwan (like Foxcon). If American Manufacturers try to roll manufacturing back to USA which a NSA Territory where NSA is expecting every single consumer device to be a snooping-and-spying device. America will be sooner a Great Device Disaster as in Defective Devices by
Deepin, Devuan or Debian or whatever not much different.
The difference is what you install, what you use and how you use.
Every single distro has some definite purpose to be used for.
For example when I prefer NSA snooping, I use NSA-Linux.
47 • security and snooping (by OstroL on 2017-05-24 20:37:58 GMT from Poland)
I find US citizens here are more worried about being watched, snooped. In this digital world we live, are whereabouts and what we buy can be found by credit/debit card usage, mobile phone usage, gps usage etc. Interestingly, most times your usage of the web cannot be checked, if you use certain web browsers. There are more such browsers for Windows than for Linux.
I really like Deepin from China, but I find it too heavy, heavier than even KDE 5.9. Solus is copying a little bit from Deepin, ChromeOS and so on, but this being the Linux world, that's allowed.
I also like the Gentoo based Calculate Linux from St. Petersburg, Russia
In every major distribution team, you'd find people from all over the world, so guys don't be so xenophobic.
48 • Calculate Linux (by Alexandre Dumas on 2017-05-24 22:53:50 GMT from Australia)
@47: "I also like the Gentoo based Calculate Linux from St. Petersburg, Russia"
+1, It has been my daily driver for over a year. If you want less hand-holding than Ubuntu etc., if you don't mind the command-line and you want a gentle introduction to Gentoo, it is a great distro, I really enjoy using it and I have learned a lot even after 15+ years of using other distros.
49 • stop the open source BS (by privacy to create on 2017-05-25 01:32:49 GMT from Australia)
"Open Source" applies to software that is accompanied by a licence to say that you can copy it and change it and even make some money from it. So even with Open Source there are legal conditions attached to its works.
"Open Source" does not mean that all information should be "free and shared". If there is no licence attached to a work, then by law it is protected by copyright - so you cannot take it and use it any way you like.The hacker Aaron Schwarz believed that all information should be "free and shared", so he stole lots of docs and made them available for the public to download - and look what happened to him.
People who profess that the world should obey "Open Source" principles (just like software) are trying to impose their own views onto the public. They actually get involved in invading privacy and theft of information - just like some large corporations do. So please spare us all the Open Source everything should be free and shared BS.Society doesn't work like that.
50 • SELinux and others (by Corentin on 2017-05-25 03:16:36 GMT from France)
> "SELinux is especially useful on computers where background processes like web servers are running."
Hum, maybe, but all these things are absolutely useless for a simple average home user...
51 • Wrong Debate (by Arch Watcher 402563 on 2017-05-25 03:26:00 GMT from United States)
For a secure kernel DO NOT use Linux...Linus being who he is. Use some BSD or custom microkernel on open-source firmware, if possible. The idea of 'fixing' Linus's monolithic kernel with its fluidly changing and borked subsystems running atop backdoored IntelAgencyInside CPUs is wrong. The only, repeat only, reason to run Linux kernel is the drivers. If your hardware can run OpenBSD, do it.
Actual vulns in the wild often target basic libs, OpenSSL and glibc. Replace with LibreSSL and musl-libc. Very few Linux distros do (Alpine, Void, and Hardened Gentoo).
Worry more about open network ports and firewalls than kernel. If you close ports, even a 0-day can't get online. So why is your audio open to network? You enlarged your attack surface because devs want the hip new thing or think resistance is futile. Lose those lemmings and apply PressureAudio.
52 • paranoia @ 51, @43 and others (by lenn on 2017-05-25 12:39:55 GMT from Canada)
It appears that paranoia is a part of living in the US. Practically everyone from the US, writing here are pretty worried, either about their own government's "snooping" services, or of other countries. Maybe, you should travel across the border bit often, in both directions.
53 • No polemics please (by StayOnTopic on 2017-05-25 14:14:55 GMT from United States)
Re: @23 • Security & Trust by M.Z.
Fine, you do what you want/choose to do about politics and software. That's important to you, and that's your business for you to decide for yourself what you want to do.
But in the general overall picture, what does politics have to do with software and using it? NOTHING! It is an irrelevant, illogical argument!
Re your subsequent post in @26 and two after that: If you want to write political and social polemics, go find POLITICAL and SOCIAL FORUMS in which to present your views! A single, short sentence or two here on why you won't use someone's software, would have sufficed - and been enough for here!
54 • @52 (by Bellan on 2017-05-25 15:20:46 GMT from United States)
How edgy! You could cut a can and then a tomato on that comment!
Also, both directions? The border goes around the entire directions, so either you have two very specific directions in mind or you mean all directions.
55 • @54 (by Bellan on 2017-05-25 15:22:33 GMT from United States)
Welp, and in trying to make a joke I messed up and said 'directions' instead of country. Don't do late nights kids, it ruins everything.
56 • Ubuntu Touch and Parsix (by Georgia on 2017-05-25 16:03:55 GMT from Canada)
Sad to hear Parsix is winding down. I hope the team members can find a new home in different project. They have too many skills to let go to waste.
Glad to hear others have picked up Ubuntu Touch. Again, too much to let go to waste.
Good luck to all.
57 • Re Linux World (by M.Z. on 2017-05-25 19:31:51 GMT from United States)
"Most of the American Manufactures (like Apple) outsource assembly-parts either from China or Taiwan (like Foxcon)."
There are many unethical companies all over the world that are well worth avoiding, & Apple is certainly included in that. I avoided Canonical for some time due to the privacy problems built into the default DE in Ubuntu. I was also vocal about that. In fact there was a large number of people that took issue with what was going on there & things eventually changed for the better. Now that things are better I have been meaning to give Ubuntu a bit more of a chance since their last release but haven't found the time. I'm fairly impressed by how well they turned around their privacy issues. In a somewhat similar vain, I'm fairly impressed by how good the direction of things seems to be going in Iran at the moment. If things keep going in the right direction there I could easily see myself trying a distro from there in a few years, if only to say I did. I would have never guessed that I would say that a few years ago, but sometimes things really do get better.
"But because it is from China, am i supposed to scared?"
No, but it would be nice for distro developers to realize that bad governments are bad for all sorts of businesses. My core message to the good people involved in such projects in areas with bad regimes would simply be that I'm weary of any product or service coming from such an place. I really don't expect them to change anything directly like Canonical was able to (see comment above). It would however be nice for all businesses to see that there can be a negative drag related to a bad government & try to at least nudge things in a better direction. I don't expect them to do anything that could get someone 'disappeared' in such a place, but every little nudge in the right direction makes lazy boycotters like myself feel better about where we get our products or distros from.
Put another way, I doubt that anyone was 'scared' of people from North Carolina when a large number of musicians & athletic organizations decided to stop playing there. They still created a drag on local organizations who asked themselves what the right thing to do was & created pressure to change a recently enacted state law that so many people found objectionable. Then things changed, regardless of how you feel about the particular issue or if you care. The difference with me is that I'm not organized & not trying to create any sort of overwhelming pressure, but I feel there are others who might see things my way who would otherwise boost such projects. There are probably plenty of users doing similar things on simple gut feelings just because they don't like certain governments, but would not have a negative gut reaction if reform took place. Frankly I feel that things are bad in my own county right now, but I know things are far worse for others & I hope things improve for all of us.
58 • @ 57 (by kaczor on 2017-05-25 20:03:48 GMT from United States)
>> No, but it would be nice for distro developers to realize that bad governments are bad for all sorts of businesses. My core message to the good people involved in such projects in areas with bad regimes...<<
You mean the bad US regime...
Number of Comments: 58
|• Issue 713 (2017-05-22): ROSA Fresh R9, Fedora's new networking features, FreeBSD's Quarterly Report, UBports opens app store, Parsix to shut down, SELinux overview|
|• Issue 712 (2017-05-15): NixOS 17.03, Alpha Litebook running elementary OS, Canonical considers going public, Solus improves Bluetooth support|
|• Issue 711 (2017-05-08): 4MLinux 21.0, checking file system fragmentation, new Mint and Haiku features, pfSense roadmap, OpenBSD offers first syspatch updates|
|• Issue 710 (2017-05-01): TrueOS 2017-02-22, Debian ported to RISC-V, Halium to unify mobile GNU/Linux, Anbox runs Android apps on GNU/Linux, using ZFS on the root file system|
|• Issue 709 (2017-04-24): Ubuntu 17.04, Korora testing new software manager, Ubuntu migrates to Wayland, running Nix package manager on alternative distributions|
|• Issue 708 (2017-04-17): Maui Linux 17.03, Snaps run on Fedora, Void adopts Flatpak, running Android apps on GNU/Linux, Debian elects Project Leader|
|• Issue 707 (2017-04-10): PCLinuxOS 2017.03, Canonical stops Unity development, OpenBSD on a Raspberry Pi, setting up a VPN for privacy|
|• Issue 706 (2017-04-03): Super Grub2 Disk, Snap packages of deepin applications, Subgraph OS routes network traffic for one application, announcements from Linux Mint|
|• Issue 705 (2017-03-27): Minimal Linux Live, sharing control of the operating system, new KaOS features, Uplos32 provides 32-bit fork of PCLinuxOS|
|• Issue 704 (2017-03-20): ToarusOS 1.0.4, Linux Mint's security record, Debian starts Project Leader election, Ubuntu 12.04 reaches end-of-life|
|• Issue 703 (2017-03-13): SolydXK 201701, CloudReady, Solus announces new features, KDE Connect sends text messages from desktop, openSUSE's YaST module for Let's Encrypt|
|• Issue 702 (2017-03-06): Fatdog64 Linux, elementary OS bundled with new netbook, Haiku announces new features, security and the size of a distro's development team|
|• Issue 701 (2017-02-27): OBRevenge 2017.02, Mageia 6 delays, NetBSD reproducible builds, questions about swap space, trying to steam video on a Raspberry Pi|
|• Issue 700 (2017-02-20): RaspBSD, Debian replaces Icedove with Thunderbird, Fedora's licensing guidlines, tips for switching shells, finding battery charge, getting IP address and killing processes|
|• Issue 699 (2017-02-13): Clear Linux, GhostBSD network utility ported to FreeBSD, Ubuntu coming to Fairphone, elementary OS crowd funding an app store|
|• Issue 698 (2017-02-06): Solus 2017.01.01, comparing containers with portable applicatins, Tails dropping 32-bit support, Debian Stretch enters freeze|
|• Issue 697 (2017-01-30): Subgraph OS 2016.12.30, running Ubuntu on an Android phone, Arch Linux phasing out 32-bit support, Linux Mint testing updated LMDE media|
|• Issue 696 (2017-01-23): GoboLinux 016, remotely running desktop applications, Solus adopting Flatpak, KDE neon using Calamares, TrueOS tests OpenRC|
|• Issue 695 (2017-01-16): Zorin OS 12, Peppermint team fixes installer bug, Debian refreshes Jessie media, Ubuntu improves low graphics mode, Exciting things coming in 2017|
|• Issue 694 (2017-01-09): MX Linux 16, Fedora considers systemd security features, DragonFly BSD to support massive swap space, Ubuntu Touch roadmap, Puppy's newsletter, sudo's password prompt|
|• Issue 693 (2017-01-02): Comparing small distros, fig language, video driver comparsion, Debian+PIXEL, Wayland on FreeBSD|
|• Issue 692 (2016-12-19): Bodhi Linux 4.0.0, Cappsule containers, Calculate's new Utilities package, Solus and Ubuntu MATE build new application menu|
|• Issue 691 (2016-12-12): SalentOS 1.0, openSUSE improves YaST, Fedora considers slower release cycle, KDE neon gets LTS branch|
|• Issue 690 (2016-12-05): Fedora 25, Ubuntu adopts rolling HWE kernel, running Android apps on GNU/Linux, Haiku working toward EFI support|
|• Issue 689 (2016-11-28): openSUSE 42.2, Fedora's upgrade path, plans for Korora 25, transitioning from PC-BSD to TrueOS, Webconverger's reproducible builds|
|• Issue 688 (2016-11-21): Endless OS 3.0.5, KDE neon fixes security hole, FreeBSD's Quarterly Status Report, Rolling release trial #2 concludes|
|• Issue 687 (2016-11-14): NAS4Free 10.3.0.3, Fedora gains MP3 playback, budgie-remix becomes Ubuntu Budgie, Ubuntu flavours compared, Rolling release trial #2|
|• Issue 686 (2016-11-07): FreeBSD 11.0, rolling release trial #2, Debian announces supported architectures, Simplicity switching to antiX base, farewell to Mythbuntu|
|• Issue 685 (2016-10-31): elementary OS 0.4, SUSE gains ARM support, Mint improves language support, Dirty COW explained, Rolling release trial #2|
|• Issue 684 (2016-10-24): Ubuntu 16.10, Linux popularity in different markets, Fedora runs on Raspberry Pi, Ubuntu features live kernel patching|
|• Issue 683 (2016-10-17): Refracta 8.0, making packages for distributions, Alpine switches to LibreSSL, 386BSD website publishes classic code|
|• Issue 682 (2016-10-10): KDE neon 20160915, Android-x86 6.0, Fedora warns of update bug, HandyLinux drops English translation, LXQt benchmarks|
|• Issue 681 (2016-10-03): OpenBSD 6.0, DragonFly BSD to support LibreSSL in ports, systemd denial of service bug, upgraded Mintbox Mini|
|• Issue 680 (2016-09-26): Uruk GNU/Linux 1.0, blocking applications at the firewall, Lenovo controversy, Ubuntu running on the Nextcloud Box|
|• Issue 679 (2016-09-19): OpenMandriva 3.0, 32-bit vs 64-bit performance, openSUSE updates, KaOS unveils first run wizard|
|• Issue 678 (2016-09-12): Apricity 07.2016, Mageia adopts DNF, KDE neon to use Wayland, FreeBSD updates Linux compatibility, creating cron jobs|
|• Issue 677 (2016-09-05): Peppermint OS 7, Manjaro updates leadership, TrueOS becomes rolling release, organizing files, creating torrents|
|• Issue 676 (2016-08-29): Korora 24, Fedora 25 to use Wayland by default, Linux turns 25, PC-BSD becomes TrueOS, finding software licensing information|
|• Issue 675 (2016-08-22): Gentoo LiveDVD "Choice Edition", moreutils, Ubuntu improves terminal convergence, MATE packaged for Openindiana, FreeBSD improves video support|
|• Issue 674 (2016-08-15): Zenwalk Linux 8.0, Ubuntu phone follow-up, Lubuntu transitioning to LXQt, Steam running on FreeBSD|
|• Issue 673 (2016-08-03): noop linux and EasyNAS, Debian's GnuPG switch, Fedora "Flock", using "nice"|
|• Issue 672 (2016-08-01): Ubuntu Phone 15.04, Solus embraces rolling release model, interview with Jane Silber, FreeBSD Quarterly Report|
|• Issue 671 (2016-07-25): Slackware 14.2, Point Linux 3.2, OpenBSD disables usermount, KaOS releases significant changes, Fedora 22 reaches end of life.|
|• Issue 670 (2016-07-18): Linux Lite 3.0, Bodhi team plans 4.0.0, pfSense changes licensing, running software across distributions, Linux Mint upgrade path|
|• Issue 669 (2016-07-11): Linux Mint 18, proving a system is secure, LibreSSL in FreeBSD, Ubuntu plans phasing out 32-bit, pfSense status report|
|• Issue 668 (2016-07-04): Fedora 24, Linux Mint plans for 18.1, FreeBSD and DragonFly BSD improve their file systems, comparing Flatpak, Snap and AppImage|
|• Issue 667 (2016-06-27): GeckoLinux 421, Fedora supports Flatpak, Solus unveils new features, running GNU/Linux on tablets|
|• Issue 666 (2016-06-20): Comparing more live update methods, Ubuntu's snap packages, Antergos drops 32-bit media, GeckoLinux unveils Rolling edition, learning Linux resources|
|• Issue 665 (2016-06-13): BunsenLabs Linux Hydrogen, Fedora 24 delayed, NetBSD grows in size, Clonezilla questions|
|• Issue 664 (2016-06-06): Sabayon 16.05, Debian updates install media, the cost of free software, Qubes explains secure build process|
|• Issue 663 (2016-05-30): Comparing live update methods, Ubuntu MATE's progress, distros debate systemd change, DistroWatch turns 15|
|• Issue 662 (2016-05-23): Clonezilla Live, new Fedora community repository, DragonFlyBSD runs Wayland, a live edition of Slackware and kernel components|
|• Full list of all issues|
|Free Tech Guides
NEW! JBoss Drools Cookbook
NEW! JBoss Drools is a powerful hybrid reasoning system; it allows you to define your business logic using business rules in various formats (for example using decision tables).
FREE 91-page ebook