| DistroWatch Weekly
|Linux Foundation Training
|Reader Comments • Jump to last comment
1 • SElinux alternatives: Tomoyo and Caitsith (by Boruch on 2017-05-22 01:34:36 GMT from United States) |
Jessie, in your description of SElinux, you didn't mention two alternatives, tomoyo and caitsith.
2 • SELinux alternatives (by George on 2017-05-22 02:09:01 GMT from United States)
You mentioned Firejail, which I use, but then didn't include it as an option in the poll.
3 • SELinux (by Jeff on 2017-05-22 03:11:11 GMT from United States)
@1 and @2
He only wants to know if readers run either of these two, not anything else
4 • place of origin (by The Count of Monte Cristo on 2017-05-22 04:43:59 GMT from United States)
You have to keep in mind where code comes from. Anyone who uses a distro from Russia is asking for it.
Similarly, SELinux was designed by the NSA. Neither the Russians nor the NSA can be trusted, and if you think otherwise, you should pick up a newspaper and read it.
5 • place of origin (by Alexandre Dumas on 2017-05-22 05:37:54 GMT from Australia)
@4: The next step in your argument is that we therefore cannot trust software designed in the US either as this is influenced by the NSA.
Luckily, with open source software, we can look through the code if we feel threatened.
6 • How SELinux improves security (by Alexandre Dumas on 2017-05-22 05:43:45 GMT from Australia)
Jesse wrote: "While SELinux can be very effective, the rules which govern how it works can be cryptic and are sometimes difficult to trouble-shoot. This results in people turning off the security feature rather than getting it to work properly."
This is such an important point and is so often overlooked. Very few developers address it - a rare counter-example is the approach taken by the OpenBSD developers in, for example, their PF rules. More developers should understand that if their very secure system is too hard to use, people will either a) not use it or b) will use it and make mistakes, thus defeating the purpose of the software.
7 • SELinux (by Roy Davies on 2017-05-22 06:18:36 GMT from United Kingdom)
Reading a newspaper is no nearer the truth than reading a Marvel comic. Get real.
8 • @4 Russia paranoia (by linuxista on 2017-05-22 06:54:25 GMT from United States)
Only Russians need to worry about Russian distros. For people in NATO, or other US friendly or puppet countries, any backdoors that the FSB or whatnot might have in that distro is safer because info is almost certainly NOT being shared with law enforcement or other authorities trying to suppress dissent in your home country. If I were a western dissident I'd be much more concerned with, say, the possibility of backdoors the GHCQ might be putting into Ubuntu.
9 • ROSA (by Dave Postles on 2017-05-22 07:19:12 GMT from United Kingdom)
It's a commercial company with a reputation to sustain and has partnerships to maintain: http://en.rosalinux.com/our-partners/ I'd trust it further than MS and that's a starting point. IMHO, distros which have their origins in the sadly defunct Mandrake/Mandriva (incl. OpenMandriva) have an enormous amount going for them.
10 • @4 SELinux vs. NSA (by Microlinux on 2017-05-22 07:27:19 GMT from France)
I'm using SElinux on my servers running CentOS. SElinux has indeed been developed by the NSA. It's been included in the mainline kernel back in 2003, if I remember correctly, after extensive peer review by the kernel developers. (No backdoors, nope.)
BTW, SELinux is a very nice addition for server security. Here's a comprehensive introduction to SELinux by Red Hat developer Thomas Cameron (who is also a nice and funny guy).
11 • Mageia (by Charlie on 2017-05-22 07:38:38 GMT from Hong Kong)
@Dave For Mandriva users there is already Mageia, backed by the community instead of a company, comparing to ROSA which adopts too much tweaks in addition to vanilla packages, as well as the adoption of the fork version of RPM: RPM5. Mageia's way of doing things is more closer to the traditional "big" distros like Fedora/Debian/openSUSE.
12 • AppArmor on Ubuntu (by Fernando Santucci on 2017-05-22 08:04:57 GMT from Brazil)
All Ubuntu users use AppArmor at least protected with sudo.
Many features of SELinux is falling into disuse in most of main distros.
13 • "the classic tree style menu" (by OS2_user on 2017-05-22 08:25:59 GMT from United States)
Jesse writes: "The application menu, I was surprised to note, uses the classic tree style menu rather than one of the more common split-pane or application grid layouts. Personally, I found the tree style menu with a search field a welcome change."
I've been musing about why GUIs have gotten so horrible.
EVERYONE likes tree style menus better, even those who believe otherwise. That's why was done in Mac, OS/2, Windows 3.1 and XP. It's the obvious way. No one gets as much info from icons, no matter how big and colorful, compared to a few words or even few characters of text.
Sure, can be okay once you're familiar with where the wanted icons are placed, but trying to read tiny fonts under big icons is just stupid GUI design. As is putting few up widely spaced over entire screen, so must be scrolled. What's the point, other than "different"? You don't get into a new car expecting basic controls to be fundamentally different from every other modern car. Where did ergonomics go in computerdom?
Why is change for sake of change thought clever in GUIs? Every new one is a frustrating and sometimes hazardous puzzle -- I'm thinking of the Puppy install that crashed on me by opening all the videos that I'd selected to copy, so badly that wouldn't even re-install itself -- but you'll notice that nearly all provide some way to revert to double-click selection, because it's the OBVIOUS way that everyone understands.
On other hand, keyboard commands are arbitrary, but there's no point to forcing users to learn another arbitrary set. At least this area is a bit standard between PCLinux and Windows: Alt-F4 closes the window; F2 renames a file, and so on.
Just grit your teeth and go with the choices made long ago in Windows so that new users don't waste time. You could at least have the decency to start with that set, rather than wacky. -- GUIs are supposedly very flexible, but in fact are rigidly defined, and essentially control YOU: Microsoft clearly has that as goal. -- Linux GUIs now seem intent on repeating what Microsoft does, only worse.
Then there's the speed of modern GUIs, as mentioned above. I now have computers literally a hundred times so fast as the one I wrote assembly language graphics primitives for, yet the interface is SLOWER and unreliable.
If this trend keeps up, we'll indeed be waving our arms around like Tom Cruise in that movie "Minority Report" One of the funniest scenes ever.
14 • New distros added to data base (by tricky on 2017-05-22 11:26:30 GMT from Canada)
All of a sudden out of nowhere new distros are added to the data base, but those "in the waiting list" are still there. Maybe the newly added distro with a dangerous name might just say that SharkLinux might eat you or Linux?
There are some pretty good distros, mostly one man shows, hanging around in the net. Does Distrowatch search for them too? It is Distro Watch, incidentally.
15 • Waiting List / ROSA (by Winchester on 2017-05-22 12:00:48 GMT from United States)
The waiting list is a mystery to me. "Simplicity Linux" has been in the main database for over one year (if not more) but "LxPup" is "not ready" according to distrowatch. Yet Simplicity Linux up to 16.07 is a direct copy of LxPup only with more wallpapers and WBar added.
ROSA r8 KDE4 is the best implemented KDE4 I have tried so far. They seem slow to update software packages,however. Back to the positive,Enlightenment 21 is in the repositories and works well under ROSA.
16 • Poll (by DaveW on 2017-05-22 12:20:31 GMT from United States)
I voted for 'I use neither' because I have never gone looking for any such animal. However, I have since learned that Ubuntu and its derivatives use AppArmor. So, since I use Mint, should I have voted for AppArmor, or did I correctly vote neither because I have never written an AppArmor rule?
17 • ROSA/Mageia/Mandriva (by denethor on 2017-05-22 12:23:11 GMT from Serbia)
I like ROSA a lot and I had no performance problems as Jesse had. I also installed the plasma5 iso. Very good, stable, snappy and quite light on resources. I also trust ROSA more than MS! :-)
I was using, among others, Mandriva which was the best in my opinion. Mageia left me unimpressed and for the record, OpenMandriva is the community continuation of Mandriva...
18 • new distros (by bigsky on 2017-05-22 13:03:26 GMT from Canada)
@ 14 Paranoid much ? New distros are the norm and have been to Linux for ever, that's what makes it so interesting and one man shows ?? not so much. Relax and enjoy the Victoria day long weekend and chill. We are here to help not to criticize. Thanks
19 • @13 OS2_user: (by dragonmouth on 2017-05-22 14:30:36 GMT from United States)
"Why is change for sake of change thought clever in GUIs?"
That has been the trend in everything, not just GUIs and/or software. Manufacturers/developers have to justify their continued existence in one way or another They make incremental changes or problem fixes sound like major enhancements. Are this year's models of TVs, cars, widgets, etc so much better than last year's models as to make them "must buys"?
20 • sometimes, criticizing IS helpful (raises awareness) (by tim on 2017-05-22 15:38:05 GMT from United States)
$220 here (plus free sourceforge project hosting) can get BadActor's rootkitted "distro" deployed to target audience, licketysplit fast
vetting? Naw, dude, that's sooooo twentyif centuury
21 • Security (by OstroL on 2017-05-22 15:42:11 GMT from Poland)
Reading what Jesse wrote about security,
"However, if a malicious website manages to hijack Firefox and take control of the browser, the attacker will then have the same level of access to our files and we do not want that. "
remembered something about Firefox and checked it. In Options>Security>Saved Logins>Show Passwords would show all your passwords stored there to anyone, who opens Firefox in your computer. Some can get it to remotely, I believe. Anyone, who can "break" into Firefox can see these.
22 • FF password vulnerabilities (by Jordan on 2017-05-22 18:34:17 GMT from United States)
@21 Keep in mind that the user has the option to "never remember password" when invoking a pp protected website.
23 • Security & Trust (by M.Z. on 2017-05-22 18:40:23 GMT from United States)
Personally I use the default SELinux settings on my sole Fedora install, but I don't use that old desktop much. In addition I use MSEC on Mageia & PCLinuxOS, and I use Firejail on PCLinuxOS & my Mint systems.
"...since I use Mint, should I have voted for AppArmor..."
I use Mint a fair amount myself & to my understanding AppArmor is not set up or configured on Mint by default. For me the easy security option was figuring out how to set Firejail to run whenever I use Firefox. It runs flawlessly in Mint, though I've had sound issues on PCLinuxOS.
@4 8 & 10
I think #10 brings up a good point about trust & vetting. If you believe any software has been reasonably well vetted, then you should be able to trust it at a basic level. There may be reasons to avoid doing much to support any organization for certain countries; however, open software should be a bit more trustworthy than other software, especially coming form big projects that are likely to be well examined by third parties. That being said I see no reason to support projects in countries with bad records of freedom of speech or other significant issues & I tend to avoid projects from China & Russia because not only do I dislike the governments in those areas, I also have no reason to believe the projects from those areas are thoroughly vetted. In addition I am not interested enough to dig into any possible vetting.
For projects from major western countries, there may always be some questions & if you dig enough I firmly believe that every major western spy agency has done some bad things. On the off chance that you can't find an issue with a nations spy agency there are generally other issues with tracking (think I saw something on this in France) or restrictions on web access (isn't there some restrictive web filter in Australia?) etc. And of course the previously mentioned GCHQ in the UK (which does a lot more creepy stuff than many people realize) & NSA here in the USA; however, the main open projects in both are prominent & very likely to be vetted, & smaller projects aren't likely to be worth targeting. In addition those that fear Red Hat & US security should consider just how much of the entire GNU/Linux ecosystem is developed by major vendors to the US government like Red Hat & ask themselves if there is anything that can be trusted at all if they can't trust a system as openly developed as Linux. If you have that level of paranoia then you may as well use every computing device as a paperweight, because nothing is likely to meet your standards & not be connected to some major government entity somewhere. A little healthy paranoia can be a good thing, but there are limits.
24 • @23 (by kaczor on 2017-05-22 19:36:38 GMT from United States)
>I tend to avoid projects from China & Russia because not only do I dislike the governments in those areas, I also have no reason to believe the projects from those areas are thoroughly vetted. <
Have you lived in any of these countries? Do you think US is a saintly country? Have you checked your household, your car, your mobile lately? How many things are made in China? Do you use Google? Gmail etc? One of the guys, who created it has the name Sergei. Not an all American name, is it?
25 • @23 your paranoia (by lenn on 2017-05-22 20:00:30 GMT from Canada)
Whatever Linux distro you use, check /bin and /usr/bin and see how many of the files in there you can read. You don't have to understand what's written in them, but just read. You'd find there are many files you just can't open, scrambled files. Now, you don't know what they are, other than the name under the file. So, how do you know, if one of those files have a back door? You might find somewhere in the net , its source code, but how do you know, what was there, before the file was scrambled? You have to trust these guys, don't you? Not every file in the distro you use is readable, right?
26 • Doing what I can (by M.Z. on 2017-05-22 20:28:06 GMT from United States)
"Do you think US is a saintly country?"
No, but I can also recognize false equivalency when I see it.
"Have you checked your household, your car, your mobile lately?"
1) my what? 2) the car is union made in the USA 3) some things like cell phones have virtually no choice; however, I do have a fair amount of Union made in the USA clothing.
"...Sergei. Not an all American name, is it?"
No, nor is Serj Tankin, but I still like his rock band. I don't care about where people come from I care about the _actions of governments_ especially in dictatorships where there is no opposing opinion allowed. You can read something ugly into anything if you try hard enough, but that has no bearing on the actual intent.
I have major issues with things in a great many countries, some just happen to rise to the level of 'may as well avoid things from there if you can', even if you can't avoid all the things you dislike all the time. The countries that I prefer to get products & distros from all tend to have governments that can be replaced by voters & have governments open to more public scrutiny. I also TRY to avoid 'made in china' due to both sweatshop & environmental conditions associated with such products, which are of course caused by both major multinational companies & local officials putting profits ahead of ethics.
27 • firejail (by Jake on 2017-05-22 20:29:23 GMT from United States)
I starting using firejail after Distrowatch did a "Tips and Tricks" about it. I was never able to get AppArmor to work on my system--albeit I gave up because I thought it was too complicated. Using firejail is so much simpler.
Speaking of simplicity, systemd-free.org is requesting additional contributors (I am not affiliated with this website): http://systemd-free.org/news.php.
28 • @26 union made stuff... (by tricky on 2017-05-22 20:43:56 GMT from Canada)
Check in your "union made" car, how many parts are made in China. Is your computer also union made, but in China? You are the guy, who said you dislike Russia and China.
Even, if you go live in Antarctic, you'd still use Chinese made stuff and Russian coded apps in a Chinese made computer. Your TV is made in China or Korea. Most of the chips are made in Malaysia. And, it goes on and on...
29 • ROSA (by Dave Postles on 2017-05-22 20:56:52 GMT from United Kingdom)
Yes, it was just the way that I phrased the sentence; my meaning was that OpenMandriva is one of the continuations from Mandrake/Mandriva and which has much going for it (although not as much as ROSA). Ive used it in the past. Sorry, I've just had too many glitches with Mageia (although I have RC for 6 on a usb stick). Indeed, the distance between 5 and 6 indicates, I think, some issues. I( did actually make a donation to the development of Mageia when it was first being developed, but I've dropped it.
30 • poll (by Joe P on 2017-05-22 22:46:52 GMT from Latvia)
I too started using Firejail after the Distrowatch "Tips and Tricks" featured it. I use it in Linux Mint for Firefox, Image Viewer, Document Viewer, and Midori.
31 • Attempting to be an ethical consumer (by M.Z. on 2017-05-22 23:35:38 GMT from United States)
"Check in your "union made" car..."
The engine was made in New York & the transmission was made in Michigan.
"You are the guy, who said you dislike Russia and China."
Absolute & utter BS. I take issue with the political situation in certain areas & all of a sudden I dislike everything about the place? What logic does that follow?
I also avoided eating at Subway for a while because they got in a fight with their Tomato pickers. Does that mean I hate Subway? Does it mean I hate people picking Tomatoes in my home state? Or does it actually mean I wanted people to get fair compensation for fair work, regardless of the fact that they were all likely immigrant laborers?
"Your TV is made in China or Korea."
No it isn't, I took special note of the fact that it was made in Mexico. I took pride in that fact about the last TV we actually purchased for my household because I believed that labor & human rights conditions were better in Mexico than in China. Which is of course were all the alternative TV seemed to be made at the time.
It can be hard to attempt to be an ethical consume, but even if there are no perfect solutions it's worth trying. Cynicism gets you nowhere & can make things far worse, especially when nobody votes & a real nut job gets elected. For me Linux is part of that effort at ethical consumerism. Of course there are other ways to talk about the effort to actually do something proactive, such as one of my favorite songs by Minor threat:
"You tell me that I make no difference
Well, at least I'm #&@# trying
What the #&@# have you done?"
32 • SELinux (by Donnie on 2017-05-22 23:52:56 GMT from United States)
SELinux isn't as bad to troubleshoot as what people want to believe. If you install the "setroubleshoot" package, you'll see those cryptic SELinux messages from the audit log get converted into plain English*, complete with recommendations on how to fix the problem.
*Or, whatever your native language is.
33 • I don't use SELinux, it does not fit the Keept It Simple principle (by LiuYan on 2017-05-23 03:08:37 GMT from China)
As always I said, security is not my primary concern, easy to use is my primary concern.
As a normal user (like I'm 5, or a user without computer knowledge), SELinux brings more troubles than benefits, I don't want to encounter weird file access denied issue after files copied from one location to another location. I don't expect normal user can fix this issue by telling them "you need to change file security context to ...", "wtf is that".
As a software developer or system administrator, I may (or may not) use SELinux, depends on
(1).How security is needed.
(2).Will SELinux brings trouble to application ( http://asteriskdocs.org/en/3rd_Edition/asterisk-book-html-chunk/installing_base_configuration.html#Installing_id293578 ).
34 • Attempting to be an ethical consumer (by anticapitalista on 2017-05-23 08:46:36 GMT from Greece)
@28 - I took pride in that fact about the last TV we actually purchased for my household because I believed that labor & human rights conditions were better in Mexico than in China.
Hmm, however, have a read of this article. (One of many).
Not blaming you, just saying that t almost impossible to be an ethical consumer when capitalism is no unethical.
35 • @25 binary bullshit (by curious on 2017-05-23 08:58:57 GMT from Germany)
You wrote "... check /bin and /usr/bin and see how many of the files in there you can read" and claim that these files are "scrambled".
Don't you think that the folder name "bin" might possibly be an indication that these are BINARY files? These are the executable files - of course you can't read them as they must be in machine code that your processor can understand - which is something totally different than "scrambled".
And one can check whether the binary files correspond to the source code: compile the source code and compare the result with the binary in question.
36 • Linux to run UNITY Game Programming environment (by David Weddle on 2017-05-23 09:51:37 GMT from United States)
I want a distro to run UNITY game programming environment. With BLENDER, and GIMP and WINE to run some Windows programs. The UNITY Linux distribution will run on UBUNTU 14.0 and up. Which distro to choose? UBUNTU I find a little bulky. I like snappy little distros like MX-16 and Puppy. I can use Linux, but I'm not familiar with it's scripting. Like sudo apt- get, etc.. Not familiar with the shell commands. I wonder if it would be a improvement over Windows 7? I have a Dual core DDR2 machine with a low end Graphics card. Thanks.
37 • @31 Ethical buyer.. (by lenn on 2017-05-23 12:07:58 GMT from Canada)
> "Your TV is made in China or Korea."
No it isn't, I took special note of the fact that it was made in Mexico.<
Check again. Made from parts from China, Korea or Malaysia. The company manufacturers in Mexico, but not owned by Mexicans. If the company is American, then you are helping Americans not having those jobs. (Remember, make America great again?)
Glad to hear from someone in China!
Thank you for the link.
38 • Discussion (by Samuel Vimes on 2017-05-23 15:27:17 GMT from United States)
Can we please discuss Linux instead of politics?
39 • About security... (by OstroL on 2017-05-23 19:14:17 GMT from Poland)
Checked few other web browsers. In Opera, you can see your stored passwords, if only you know the password to your computer. In Firefox, anyone, who can open Firefox in your computer can find your stored passwords. Of course, you can stop storing your passwords, but how many of us can remember all the passwords?
40 • @Storing Passwords in Browsers (by Jake on 2017-05-23 19:50:45 GMT from United States)
Use Lastpass or similar. Browsers store passwords for convenience, not security.
41 • Trying My Best (by M.Z. on 2017-05-23 20:10:52 GMT from United States)
"Can we please discuss Linux instead of politics?"
Frankly I find that using Linux is a bit of a political act. It both attacks the monopoly of MS, & supports consumer rights (which are stronger under the GPL than anywhere else I can think of) & supports consumer choice.
"...almost impossible to be an ethical consumer when capitalism is no unethical."
I do try my best, but things are never perfect. The world has just enough terrible people that every highway overpass in the US has a chain-link fence along the side to keep evil people from throwing things at the cars on the highway below. It seems to me that unregulated 'free market' capitalism is much the same way even though a majority of business owners are decent people. I still believe that a better form of capitalism is possible & try to support it however I can.
Along those lines, avoiding Russian & Chinese distros is a simple lazy way to avoid supporting regimes even though I really don't know if there is any connection there. If the disto makers came out against their government I wouldn't mind getting something from them at all, but that's sort of a catch 22 because they could be disappeared depending on how vocal they were. It's not a perfect solution, but it's better to me than indirectly supporting regimes I have so many issues with.
"Made from parts from China, Korea or Malaysia."
Frankly my biggest issue there is the sweatshop & environmental conditions common in China. I'm quite certain that North Korea has few if any exports due to sanctions, so I know the parts aren't from there. Given what I know of politics & human rights in South Korea I'd by happy to buy a TV made from parts there over one from China. I don't understand why #28 thought parts/TVs from Malaysia or _South_ Korea were as bad as China, because that's the same kind of false equivalency that #24 was engaging in. If a South Korean TV is in your budget & seems like the best alternative to one from China I say go for it. There is at least a reasonable chance it was more ethically made than one from China.
"(Remember, make America great again?)"
I never used those words or voted for anyone who did, don't put them in my mouth.
42 • @41 governments... (by OstroL on 2017-05-23 21:38:02 GMT from Poland)
"Along those lines, avoiding Russian & Chinese distros is a simple lazy way to avoid supporting regimes even though I really don't know if there is any connection there. If the disto makers came out against their government I wouldn't mind getting something from them at all, "
You are bit funny, pal, would you use only distros that goes against the US regime (hmmm.. government)? I have a feeling that you've never been to China or Russia, but you have "feelings" against them. I've been to both countries. I found very nice people in both.
Btw, do you know, who made PCManFM?
43 • False Equivalency (Again) (by M.Z. on 2017-05-23 22:05:55 GMT from United States)
"...would you use only distros that goes against the US regime (hmmm.. government)?"
Being as there is no implicit assumption that the US government has the right to control or otherwise subjugate any US organisation it wants, what would be the point of that? That is yet another example of false equivalency. I believe there was someone in Russia who recently had his oil company turned over to groups seen as more friendly to the local regime due to his outspoken political stance (& yes that one is a real regime).
I will however admit that I stopped buying my blue jeans from a certain company when they sent me some weird email about them having some global warming 'skeptic' give a speech at their plant in Tennessee. My politics can easily cut against US companies when they are doing the wrong thing be it ethically or environmentally.
"I found very nice people in both."
I have no doubt of that, but tyrannical governments have a way of trying to creep into everything. For me it's easier to try to avoid products & distros from certain areas, even though it might not be the best approach. I hope people in both those places can live under less corrupt & controlling governments, but I can't think of anyway to easily affect that.
44 • Russian ROSA (by Platypus on 2017-05-24 08:11:37 GMT from Australia)
Hey, I use Deepin from China and I reckon it is a mile ahead of most other distros (Budgie is making a fair copy of it). But because it is from China, am i supposed to scared? No! I don't give a brass razoo about what they see on my machine - (but don't believe they are spying). They are welcome to all of it if they want it. Now THAT is true open source, isn't it!!
45 • Security (by Pat Menendez on 2017-05-24 13:15:15 GMT from Canada)
This whole debate is amusing. I have Rosa installed on a computer and like it. SELinux, etc., worrying about where your distro comes from ... Excuse me!? To agree to a Google+ social media account, you give Google unlimited access to your data by unnamed third party entities, you agree that they get to keep a copy of everything to post or comment on FaceBook. If you agree to Apple software, you give them the right to track everything you do on your computer, change any system setting, and delete any file they choose. You log out of Facebook and it still tracks what you do on-line! By default your browser is set to allow every web bot to do whatever it wants, every script from whomever is allowed to run unrestricted, every slug nutty is allowed to set "flash super cookies" etc. If you do not allow every ner do well to set data mines you aren't allowed to access some web sites. You are concerned about Russian or Chinese distros??? Everywhere you turn entities want a slice of your digital hide and we are more than willing to give it! Have you noticed that every browser has done everything they can to hide the security and privacy settings and intentionally acted to remove user control? Have you read the computing news and seen the number of times Google has been sued for invasion of Privacy and watched how Google has worked relentlessly to undermine European privacy legislation? There is no Linux distro on the planet that invades or sells out your privacy and security as the entities we allow to rule our desktops! When Linux firewall and security is so complex you have to wonder how the guys at F-Secure were able to make control so graphic and easy. The many users who have said that they don't use SELinux or other security base should be sounding the bell raising attention to a chronic issue; This is the 21st century! Graphical desktops have been around for 20 years. Why are we having to still struggle with the archaic command line and manually write rules? Examples of being able to do it simply in a GUI have been around for a long time! A far bigger threat to privacy and security than where a distro is geographically based is the ever extending tentacles of government spy agencies and "social networks" and more importantly those who want the internet strictly controlled (privately), regulated, monitored, etc., etc.
46 • Linux World (by Tux Puppy on 2017-05-24 14:00:49 GMT from Canada)
"For me Linux is part of that effort at ethical consumerism."
In Linux Community World, Developers who are yet not sold their souls have to
decide either to give-in to corporate oligarchy, if so, they have to decide at what cost?, or, simply just to show finger or blow the whistle.
In Linux Community World, Consumers and Users have to decide what parts and linux-ware are needed to be installed under inspection.
Linux World needs Open-Hardwares with Open-Softwares and Open-Drivers.
Freedom was never ever been FREE. One has to fight for it.
Check again. Made from parts from China, Korea or Malaysia. The company manufacturers in Mexico, but not owned by Mexicans. If the company is American, then you are helping Americans not having those jobs. (Remember, make America great again?)
Most of the American Manufactures (like Apple) outsource assembly-parts either from China or Taiwan (like Foxcon). If American Manufacturers try to roll manufacturing back to USA which a NSA Territory where NSA is expecting every single consumer device to be a snooping-and-spying device. America will be sooner a Great Device Disaster as in Defective Devices by
Deepin, Devuan or Debian or whatever not much different.
The difference is what you install, what you use and how you use.
Every single distro has some definite purpose to be used for.
For example when I prefer NSA snooping, I use NSA-Linux.
47 • security and snooping (by OstroL on 2017-05-24 20:37:58 GMT from Poland)
I find US citizens here are more worried about being watched, snooped. In this digital world we live, are whereabouts and what we buy can be found by credit/debit card usage, mobile phone usage, gps usage etc. Interestingly, most times your usage of the web cannot be checked, if you use certain web browsers. There are more such browsers for Windows than for Linux.
I really like Deepin from China, but I find it too heavy, heavier than even KDE 5.9. Solus is copying a little bit from Deepin, ChromeOS and so on, but this being the Linux world, that's allowed.
I also like the Gentoo based Calculate Linux from St. Petersburg, Russia
In every major distribution team, you'd find people from all over the world, so guys don't be so xenophobic.
48 • Calculate Linux (by Alexandre Dumas on 2017-05-24 22:53:50 GMT from Australia)
@47: "I also like the Gentoo based Calculate Linux from St. Petersburg, Russia"
+1, It has been my daily driver for over a year. If you want less hand-holding than Ubuntu etc., if you don't mind the command-line and you want a gentle introduction to Gentoo, it is a great distro, I really enjoy using it and I have learned a lot even after 15+ years of using other distros.
49 • stop the open source BS (by privacy to create on 2017-05-25 01:32:49 GMT from Australia)
"Open Source" applies to software that is accompanied by a licence to say that you can copy it and change it and even make some money from it. So even with Open Source there are legal conditions attached to its works.
"Open Source" does not mean that all information should be "free and shared". If there is no licence attached to a work, then by law it is protected by copyright - so you cannot take it and use it any way you like.The hacker Aaron Schwarz believed that all information should be "free and shared", so he stole lots of docs and made them available for the public to download - and look what happened to him.
People who profess that the world should obey "Open Source" principles (just like software) are trying to impose their own views onto the public. They actually get involved in invading privacy and theft of information - just like some large corporations do. So please spare us all the Open Source everything should be free and shared BS.Society doesn't work like that.
50 • SELinux and others (by Corentin on 2017-05-25 03:16:36 GMT from France)
> "SELinux is especially useful on computers where background processes like web servers are running."
Hum, maybe, but all these things are absolutely useless for a simple average home user...
51 • Wrong Debate (by Arch Watcher 402563 on 2017-05-25 03:26:00 GMT from United States)
For a secure kernel DO NOT use Linux...Linus being who he is. Use some BSD or custom microkernel on open-source firmware, if possible. The idea of 'fixing' Linus's monolithic kernel with its fluidly changing and borked subsystems running atop backdoored IntelAgencyInside CPUs is wrong. The only, repeat only, reason to run Linux kernel is the drivers. If your hardware can run OpenBSD, do it.
Actual vulns in the wild often target basic libs, OpenSSL and glibc. Replace with LibreSSL and musl-libc. Very few Linux distros do (Alpine, Void, and Hardened Gentoo).
Worry more about open network ports and firewalls than kernel. If you close ports, even a 0-day can't get online. So why is your audio open to network? You enlarged your attack surface because devs want the hip new thing or think resistance is futile. Lose those lemmings and apply PressureAudio.
52 • paranoia @ 51, @43 and others (by lenn on 2017-05-25 12:39:55 GMT from Canada)
It appears that paranoia is a part of living in the US. Practically everyone from the US, writing here are pretty worried, either about their own government's "snooping" services, or of other countries. Maybe, you should travel across the border bit often, in both directions.
53 • No polemics please (by StayOnTopic on 2017-05-25 14:14:55 GMT from United States)
Re: @23 • Security & Trust by M.Z.
Fine, you do what you want/choose to do about politics and software. That's important to you, and that's your business for you to decide for yourself what you want to do.
But in the general overall picture, what does politics have to do with software and using it? NOTHING! It is an irrelevant, illogical argument!
Re your subsequent post in @26 and two after that: If you want to write political and social polemics, go find POLITICAL and SOCIAL FORUMS in which to present your views! A single, short sentence or two here on why you won't use someone's software, would have sufficed - and been enough for here!
54 • @52 (by Bellan on 2017-05-25 15:20:46 GMT from United States)
How edgy! You could cut a can and then a tomato on that comment!
Also, both directions? The border goes around the entire directions, so either you have two very specific directions in mind or you mean all directions.
55 • @54 (by Bellan on 2017-05-25 15:22:33 GMT from United States)
Welp, and in trying to make a joke I messed up and said 'directions' instead of country. Don't do late nights kids, it ruins everything.
56 • Ubuntu Touch and Parsix (by Georgia on 2017-05-25 16:03:55 GMT from Canada)
Sad to hear Parsix is winding down. I hope the team members can find a new home in different project. They have too many skills to let go to waste.
Glad to hear others have picked up Ubuntu Touch. Again, too much to let go to waste.
Good luck to all.
57 • Re Linux World (by M.Z. on 2017-05-25 19:31:51 GMT from United States)
"Most of the American Manufactures (like Apple) outsource assembly-parts either from China or Taiwan (like Foxcon)."
There are many unethical companies all over the world that are well worth avoiding, & Apple is certainly included in that. I avoided Canonical for some time due to the privacy problems built into the default DE in Ubuntu. I was also vocal about that. In fact there was a large number of people that took issue with what was going on there & things eventually changed for the better. Now that things are better I have been meaning to give Ubuntu a bit more of a chance since their last release but haven't found the time. I'm fairly impressed by how well they turned around their privacy issues. In a somewhat similar vain, I'm fairly impressed by how good the direction of things seems to be going in Iran at the moment. If things keep going in the right direction there I could easily see myself trying a distro from there in a few years, if only to say I did. I would have never guessed that I would say that a few years ago, but sometimes things really do get better.
"But because it is from China, am i supposed to scared?"
No, but it would be nice for distro developers to realize that bad governments are bad for all sorts of businesses. My core message to the good people involved in such projects in areas with bad regimes would simply be that I'm weary of any product or service coming from such an place. I really don't expect them to change anything directly like Canonical was able to (see comment above). It would however be nice for all businesses to see that there can be a negative drag related to a bad government & try to at least nudge things in a better direction. I don't expect them to do anything that could get someone 'disappeared' in such a place, but every little nudge in the right direction makes lazy boycotters like myself feel better about where we get our products or distros from.
Put another way, I doubt that anyone was 'scared' of people from North Carolina when a large number of musicians & athletic organizations decided to stop playing there. They still created a drag on local organizations who asked themselves what the right thing to do was & created pressure to change a recently enacted state law that so many people found objectionable. Then things changed, regardless of how you feel about the particular issue or if you care. The difference with me is that I'm not organized & not trying to create any sort of overwhelming pressure, but I feel there are others who might see things my way who would otherwise boost such projects. There are probably plenty of users doing similar things on simple gut feelings just because they don't like certain governments, but would not have a negative gut reaction if reform took place. Frankly I feel that things are bad in my own county right now, but I know things are far worse for others & I hope things improve for all of us.
58 • @ 57 (by kaczor on 2017-05-25 20:03:48 GMT from United States)
>> No, but it would be nice for distro developers to realize that bad governments are bad for all sorts of businesses. My core message to the good people involved in such projects in areas with bad regimes...<<
You mean the bad US regime...
59 • Linux world (by Bonky ozmond on 2017-05-26 01:35:34 GMT from Nicaragua)
Personally I have no problems where in the world a distro comes from, I use Calculate (Russian) at the moment, up till a year ago it was a German one, and some of their developers were Turkish,
I Trust all of them more than Microsoft, Apple, or Android etc, and to be Honest probably more than anything American who have been caught many times invading privacy spying on own people and installing backdoors etc on comps the recent release of hacking exploits and malware by wikileaks sort of proves that USA is as bad if not worse than the places the deem as evil..and of course they never interfere with elections and so on like the Russians i guess many forget the whole central/ south american episodes..
I have been to most countries in the world many have got a lot of bad press and reputations yet you feel like you have more freedom than in USA ,UK etc.
The reason why a lot of stuff is now from China , malaysia Mexico india and so on is to make it at a price people can afford ....most of the old industrial powerhouses produced substandard product, overpriced due to paying high wages etc i.e $25 per hour in USA $6 in Mexico even less in far eastern countries....and they are loving it as they get $2 hr where as before they had nothing...
60 • Re Linux World (by M.Z. on 2017-05-27 22:00:25 GMT from United States)
"...and to be Honest probably more than anything American who have been caught many times invading privacy spying on own people and installing backdoors etc on comps..."
I think if you fear US surveillance your toast on any OS to begin with because every major PC OS has strong to to US companies that do work on core parts of the OS that tend to be reused across all Linux distros & BSDs as well. That means to truly trust any Linux distro or BSD you would have to be able to check it against source code & have experts make sure the source code looked right.
"...wikileaks sort of proves that USA is as bad if not worse..."
Again I see false equivalency. If you want to walk up the the Vice President of the USA & cuss him out to his face, you can do it without going to jail. The guy who did it to Cheney was questioned to make sure he wasn't violent or crazy, & let on his way. Some people may want to change this, but it seems unlikely that they will get away with taking away much. In other places people are jailed for far less than saying rude things to the second to the top, such as acting in general protests.
"...i guess many forget the whole central/ south american episodes.."
I know exactly what your talking about, it also happened in Iran. Helping install dictators back fired big time in both Iran & Cuba, & it looks to me to be a thing of the past as far as mainstream US officials are concerned. The last time major political meddling happened was probably Iran-Contra & that at least threatened to take down numerous officials for violating US law. Trying asking if you'll ever get even that much out of Russia. Things certainly aren't black & white, but regardless of the problems the US system is ultimately both less meddlesome & easier to reform.
"...overpriced due to paying high wages etc i.e $25 per hour in USA $6 in Mexico..."
Wages in the US are generally bellow your quoted figure, though an experienced person can certainly earn that $25/hr figure or more in a factory. Even so I know there are factory jobs near me in the $8.10/hr state minimum wage range.
In addition there is the factor of what 'overpriced' really is. From my perspective, everything is sold at a significant markup over production & distribution costs & the main thing driving jobs in other parts of the world are simply profit margins rather than the actual prices being too high. I do think there are competitors trying to undercut other producers by selling closer to cost, but after other competitors disappear prices generally settle into something as high or higher than before. IN addition there are factors such as offloading pollution to places like China & avoiding laws designed to ensure worker safety. Despite these rather ugly cost cutting measures when I've looked into options I often see competitive prices on products made in the US, Germany, Canada, etc., & I'm left again to conclude it's about margins over ethics.
"...they are loving it as they get $2 hr where as before they had nothing..."
Given what I know about certain factories like the infamous FoxxCon plant in China, which included suicide nets around the roof, that's not always the case. If I were convinced that such plants were run ethically I'd have less problems with them, but again they seem to be done because profits matter more than anything else.
61 • Lubuntu 17.04 "net-tools" missing from LiveCD! And Debian LiveCDs missing UFW! (by /-/uman on 2017-05-27 22:10:38 GMT from Canada)
The Lubuntu 17.04 Desktop/Live CD(ISO) is missing:
"This package includes the important tools for controlling
the network subsystem of the Linux kernel. This includes
arp, ifconfig, netstat, rarp, nameif and route."
It's pathetic when you use a LiveCD today and discover
you don't even have something as simple as netstat and other
important tools available.
It's also quite pathetic to discover the recent Debian LiveCDs
are missing UFW.
62 • @60 (by OstroL on 2017-05-28 12:33:16 GMT from Poland)
You are in the wrong forum.
Or if you are talking a about Linux, have you ever tried to unscramble files in /bin or in /usr/bin? How do you know they match the "source code"?
63 • DRM? I don't think so! (by RJA on 2017-05-28 15:16:07 GMT from United States)
@25 The files that you talk about being "scrambled" is not some DRM fest. Those are files compiled to machine code...
64 • Reproducible Builds? (by M.Z. on 2017-05-29 00:42:45 GMT from United States)
Yes, we got a bit off topic. What's being poorly referenced there is reproducible builds:
That way we know that machine code is the same as audited source code.
Number of Comments: 64
Display mode: DWW Only • Comments Only • Both DWW and Comments
|• Issue 801 (2019-02-11): Project Trident 18.12, the meaning of status symbols in top, FreeBSD Foundation lists ongoing projects, Plasma Mobile team answers questions|
|• Issue 800 (2019-02-04): FreeNAS 11.2, using Ubuntu Studio software as an add-on, Nitrux developing znx, matching operating systems to file systems|
|• Issue 799 (2019-01-28): KaOS 2018.12, Linux Basics For Hackers, Debian 10 enters freeze, Ubuntu publishes new version for IoT devices|
|• Issue 798 (2019-01-21): Sculpt OS 18.09, picking a location for swap space, Solus team plans ahead, Fedora trying to get a better user count|
|• Issue 797 (2019-01-14): Reborn OS 2018.11.28, TinyPaw-Linux 1.3, dealing with processes which make the desktop unresponsive, Debian testing Secure Boot support|
|• Issue 796 (2019-01-07): FreeBSD 12.0, Peppermint releases ISO update, picking the best distro of 2018, roundtable interview with Debian, Fedora and elementary developers|
|• Issue 795 (2018-12-24): Running a Pinebook, interview with Bedrock founder, Alpine being ported to RISC-V, Librem 5 dev-kits shipped|
|• Issue 794 (2018-12-17): Void 20181111, avoiding software bloat, improvements to HAMMER2, getting application overview in GNOME Shell|
|• Issue 793 (2018-12-10): openSUSE Tumbleweed, finding non-free packages, Debian migrates to usrmerge, Hyperbola gets FSF approval|
|• Issue 792 (2018-1203): GhostBSD 18.10, when to use swap space, DragonFly BSD's wireless support, Fedora planning to pause development schedule|
|• Issue 791 (2018-11-26): Haiku R1 Beta1, default passwords on live media, Slax and Kodachi update their media, dual booting DragonFly BSD on EFI|
|• Issue 790 (2018-11-19): NetBSD 8.0, Bash tips and short-cuts, Fedora's networking benchmarked with FreeBSD, Ubuntu 18.04 to get ten years of support|
|• Issue 789 (2018-11-12): Fedora 29 Workstation and Silverblue, Haiku recovering from server outage, Fedora turns 15, Debian publishes updated media|
|• Issue 788 (2018-11-05): Clu Linux Live 6.0, examining RAM consumpion, finding support for older CPUs, more Steam support for running Windows games on Linux, update from Solus team|
|• Issue 787 (2018-10-29): Lubuntu 18.10, limiting application access to specific users, Haiku hardware compatibility list, IBM purchasing Red Hat|
|• Issue 786 (2018-10-22): elementary OS 5.0, why init keeps running, DragonFly BSD enables virtual machine memory resizing, KDE neon plans to drop older base|
|• Issue 785 (2018-10-15): Reborn OS 2018.09, Nitrux 1.0.15, swapping hard drives between computers, feren OS tries KDE spin, power savings coming to Linux|
|• Issue 784 (2018-10-08): Hamara 2.1, improving manual pages, UBports gets VoIP app, Fedora testing power saving feature|
|• Issue 783 (2018-10-01): Quirky 8.6, setting up dual booting with Ubuntu and FreeBSD, Lubuntu switching to LXQt, Mint works on performance improvements|
|• Issue 782 (2018-09-24): Bodhi Linux 5.0.0, Elive 3.0.0, Solus publishes ISO refresh, UBports invites feedback, Linux Torvalds plans temporary vacation|
|• Issue 781 (2018-09-17): Linux Mint 3 "Debian Edition", file systems for SSDs, MX makes installing Flatpaks easier, Arch team answers questions, Mageia reaches EOL|
|• Issue 780 (2018-09-10): Netrunner 2018.08 Rolling, Fedora improves language support, how to customize Kali Linux, finding the right video drivers|
|• Issue 779 (2018-09-03): Redcore 1806, keeping ISO downloads safe from tampering, Lubuntu makes Calamares more flexible, Ubuntu improves GNOME performance|
|• Issue 778 (2018-08-27): GuixSD 0.15.0, ReactOS 0.4.9, Steam supports Windows games on Linux, Haiku plans for beta, merging disk partitions|
|• Issue 777 (2018-08-20): YunoHost 188.8.131.52, limiting process resource usage, converting file systems on Fedora, Debian turns 25, Lubuntu migrating to Wayland|
|• Issue 776 (2018-08-13): NomadBSD 1.1, Maximum storage limits on Linux, openSUSE extends life for 42.3, updates to the Librem 5 phone interface|
|• Issue 775 (2018-08-06): Secure-K OS 18.5, Linux is about choice, Korora tests community spin, elementary OS hires developer, ReactOS boots on Btrfs|
|• Issue 774 (2018-07-30): Ubuntu MATE & Ubuntu Budgie 18.04, upgrading software from source, Lubuntu shifts focus, NetBSD changes support policy|
|• Issue 773 (2018-07-23): Peppermint OS 9, types of security used by different projects, Mint reacts to bugs in core packages, Slackware turns 25|
|• Issue 772 (2018-07-16): Hyperbola GNU/Linux-libre 0.2.4, UBports running desktop applications, OpenBSD auto-joins wi-fi networks, boot environments and zedenv|
|• Issue 771 (2018-07-09): Linux Lite 4.0, checking CPUs for bugs, configuring GRUB, Mint upgrade instructions, SUSE acquired by EQT|
|• Issue 770 (2018-07-02): Linux Mint 19, Solus polishes desktop experience, MintBox Mini 2, changes to Fedora's installer|
|• Issue 769 (2018-06-25): BunsenLabs Helium, counting Ubuntu users, UBports upgrading to 16.04, Fedora CoreOS, FreeBSD turns 25|
|• Issue 768 (2018-06-18): Devuan 2.0.0, using pkgsrc to manage software, the NOVA filesystem, OpenBSD handles successful cron output|
|• Issue 767 (2018-06-11): Android-x86 7.1-r1, transferring files over OpenSSH with pipes, LFS with Debian package management, Haiku ports LibreOffice|
|• Issue 766 (2018-06-04): openSUSE 15, overview of file system links, Manjaro updates Pamac, ReactOS builds itself, Bodhi closes forums|
|• Issue 765 (2018-05-28): Pop!_OS 18.04, gathering system information, Haiku unifying ARM builds, Solus resumes control of Budgie|
|• Issue 764 (2018-05-21): DragonFly BSD 5.2.0, Tails works on persistent packages, Ubuntu plans new features, finding services affected by an update|
|• Issue 763 (2018-05-14): Fedora 28, Debian compatibility coming to Chrome OS, malware found in some Snaps, Debian's many flavours|
|• Issue 762 (2018-05-07): TrueOS 18.03, live upgrading Raspbian, Mint plans future releases, HardenedBSD to switch back to OpenSSL|
|• Issue 761 (2018-04-30): Ubuntu 18.04, accessing ZFS snapshots, UBports to run on Librem 5 phones, Slackware makes PulseAudio optional|
|• Issue 760 (2018-04-23): Chakra 2017.10, using systemd to hide files, Netrunner's ARM edition, Debian 10 roadmap, Microsoft develops Linux-based OS|
|• Issue 759 (2018-04-16): Neptune 5.0, building containers with Red Hat, antiX introduces Sid edition, fixing filenames on the command line|
|• Issue 758 (2018-04-09): Sortix 1.0, openSUSE's Transactional Updates, Fedora phasing out Python 2, locating portable packages|
|• Issue 757 (2018-04-02): Gatter Linux 0.8, the UNIX and Linux System Administration Handbook, Red Hat turns 25, super long term support kernels|
|• Issue 756 (2018-03-26): NuTyX 10.0, Neptune supplies Debian users with Plasma 5.12, SolydXK on a Raspberry Pi, SysV init development|
|• Issue 755 (2018-03-19): Learning with ArchMerge and Linux Academy, Librem 5 runs Plasma Mobile, Cinnamon gets performance boost|
|• Issue 754 (2018-03-12): Reviewing Sabayon and Antergos, the growing Linux kernel, BSDs getting CPU bug fixes, Manjaro builds for ARM devices|
|• Issue 753 (2018-03-05): Enso OS 0.2, KDE Plasma 5.12 features, MX Linux prepares new features, interview with MidnightBSD's founder|
|• Issue 752 (2018-02-26): OviOS 2.31, performing off-line upgrades, elementary OS's new installer, UBports gets test devices, Redcore team improves security|
|• Issue 751 (2018-02-19): DietPi 6.1, testing KDE's Plasma Mobile, Nitrux packages AppImage in default install, Solus experiments with Wayland|
|• Issue 750 (2018-02-12): Solus 3, getting Deb packages upstream to Debian, NetBSD security update, elementary OS explores AppCentre changes|
|• Full list of all issues|
|Random Distribution |
Kaella, Knoppix Linux Azur
Kaella (Knoppix Linux Azur) was a French effort at remastering the KNOPPIX live CD with complete support for French.