NSA: Please Turn off the Lights When You Leave. Nothing to See Here.

Linux Advocate Dietrich Schmitz shows how the general public can take action to truly protect their privacy using GnuPG with Evolution email. Read the details.

Mailvelope for Chrome: PGP Encrypted Email Made Easy

Linux Advocate Dietrich Schmitz officially endorses what he deems is a truly secure, easy to use PGP email encryption program. Read the details.

Step off Microsoft's License Treadmill to FOSS Linux

Linux Advocate Dietrich Schmitz reminds CIOs that XP Desktops destined for MS end of life support can be reprovisioned with FOSS Linux to run like brand new. Read how.

Bitcoin is NOT Money -- it's a Commodity

Linux Advocate shares news that the U.S. Treasury will treat Bitcoin as a Commodity 'Investment'. Read the details.

Google Drive Gets a Failing Grade on Privacy Protection

Linux Advocate Dietrich Schmitz puts out a public service privacy warning. Google Drive gets a failing grade on protecting your privacy.

Email: A Fundamentally Broken System

Email needs an overhaul. Privacy must be integrated.

Opinion

Cookie Cutter Distros Don't Cut It

Opinion

The 'Linux Inside' Stigma - It's real and it's a problem.

U.S. Patent and Trademark Office Turn a Deaf Ear

Linux Advocate Dietrich Schmitz reminds readers of a long ago failed petition by Mathematician Prof. Donald Knuth for stopping issuance of Software Patents.

Thursday, November 21, 2013

Fedora Desktop 20 (Gnome): A Class Act

by Dietrich Schmitz

If there is one thing I have learned, it's that life is dynamic.  And so it is in life that many things change  -- not just the material objects -- but our social mores and mindsets evolve to such an extent that completely different views and perspectives are gained.

This is a story about Fedora Desktop 20 and how it has changed my view of several things.

I am using the pre-release version of Fedora Desktop 20, which is scheduled for release on December 10, 2013.  As pre-releases go (beta 5 at the time of this writing), one can expect a 'bumpy' ride.  That has not been my experience.  In fact, it has been quite stable compared to other betas I have tested in the past.


Community


You see, unlike Ubuntu, Red Hat-owned Fedora Desktop 20, is a 'true' community-based Distro that gets most of the feature enhancements added and chosen by 'community' participants.   The 'derivative' Ubuntu Distros?  Well, they are playing 'second fiddle' and rest atop the Canonical-supplied Ubuntu Linux Kernel and repository system coupling their own non-Unity chosen GUIs.

Despite Canonical Ltd.'s best efforts to lend the appearance of having a true community-driven Distribution (Distro), I have reached the conclusion that most of their decision making comes from corporate, not community, participants.  In fact, Canonical Ltd. does not differentiate between their 'commercial' Ubuntu and a Ubuntu community version.  There simply isn't one.


Fedora's Default Desktop GUI - Gnome

This is where I found myself pleasantly surprised.  Historically, I liked neither Unity nor the Gnome 3.x GUIs for many reasons stemming from my 20 years in IT software and user interface design development experience.

As was the case with the initial 4.x release of KDE Plasma Desktop, there was a period of 'instability', during which users responded with feedback for a year or more until the KDE Development Team replicated rearward features from the 3.5.x generation.  Ultimately, KDE prevailed and matured to the point where I would call it the 'best' Desktop GUI for Linux.

Gnome Shell 3.10 shown in 'Window Selection' mode
Today, I find myself chuckling because, despite 'major' past usability issues acknowledged by the Gnome Team, they've managed to surmount them and have reached what I call a stable usability plateau.  Fedora Desktop 20 uses The Gnome Project's Gnome 3.10.1 and I can honestly say that this is a far sight better than the previous versions of Gnome and it is well beyond Ubuntu in overall usability, fit and finish.

Hats off to both The Gnome Project and the Fedora Developer Team in doing a superb job of integration.  The name 'Fedora Desktop' now really takes on special meaning for me. It's drop-dead easy to use like Windows and quite professional in all respects.  

In surveying the Distrowatch.com Top 5 Distributions, I'd place Fedora Desktop as the best Gnome implementation, Canonical's Ubuntu as the Unity GUI, Mint as the best KDE, Xfce, Cinnamon and MATE implementations (which includes their Debian spin), and Lubuntu as the best LXDE Distro.  (That's the top 5 Distros, so, don't take it personally if I didn't mention your favorite Distribution.)





Security

Many of you already know I am an ardent security advocate so I view those Distros which promote advanced security features with great favor.

Fedora has a long-standing reputation for excellent security and implements by default Linux Security Module SELinux which places user activities in a 'Mandatory Access Control' 'sandbox'.  This ensures that if some unsuspecting exploit tries to escalate and gain administrative access to your system, the SELinux policy will simply kill the process.

In addition to the standard Linux security features that all Distros inherit from the Linux Kernel, the Fedora Desktop 20 now incorporates stronger gcc compilation controls to mitigate risk of buffer overflow using a new compiler switch, -fstack-protector-strong.


New Features

From a Red Hat press release, here's a brief summary of Fedora 20's new features taken verbatim:



What’s New in Fedora 20First and foremost, we are pleased to announce that, in keeping with Fedora’s commitment to leading edge open innovation, ARM is now a primary architecture. While Fedora has supported a number of hardware architectures over the years (with x86/x86_64 being the default for the majority of Fedora users), the ARM team has made massive strides over the past year. The technology already dominates the mobile market and shows great promise for the server world as well, hence Fedora’s adoption of the architecture to satisfy end users and developers targeting the ARM platform.
Cloud and Virtualization EnhancementsOS Installer Support for LVM Thin Provisioning – With the introduction of thin provisioning via Logical Volume Manager (LVM) in the Linux kernel, Fedora 20 can now support the configuration of thin clients during OS installation.
VM Snapshot UI with virt-manager – While QEMU and libvirt are fully capable of performing safe virtual machine (VM) snapshots/checkpoints, a simple, discoverable UI did not exist previously. This feature adds a UI to virt-manager, simplifying the VM process.
Developer GoodiesFedora features a host of new features and updated packages to interest developers using a wide variety of languages, including Ruby on Rails 4.0 and Perl 5.18.
Maturity/Advanced FeaturesNetworkManager Improvements – Users can now add, edit, delete, activate and de-activate network connections via the nmcli command line tool, and support for bonding and bridging interfaces is now included, improving usability for enterprise and virtualization users.
No Default Sendmail, Syslog – As systemd continues to mature, the systemd journal now takes its place as the default logging solution in place of syslog, while Sendmail is no longer installed by default.


Conclusion


I've really been trying hard to come up with some justification which would sway me to prefer Ubuntu over Fedora Desktop 20.  I can't.  The security is better.  The package manager, YUM, I have reviewed and it is simply superior to APT.  

Fedora is Linux Standard Base (LSB) compliant and the staging area for any new LSB enhancements which merge to Red Hat Enterprise Linux.  Fedora also takes the technology lead by being the first community Distro to have implemented systemd.  Many other Distros have followed suit, yet, Ubuntu chose some time ago to develop and still employs Upstart.  

Laggard Debian only recently made a feature freeze decision for Debian 8 and chose Upstart, despite the long-term benefits of systemd.  Gnome 3.10.1 as I mentioned has reached a new plateau of stability and usability and is a cut above Canonical Ltd.'s competing Unity overall.  

Yes, Gnome's time has come.  It integrates exceedingly well with Fedora to provide a  professional Linux Desktop experience.   

Fedora Desktop 20 -- It's a 'class act'.  -- Dietrich
Enhanced by Zemanta

Wednesday, November 13, 2013

Sandbox? What Sandbox? -- Fedora Has You Covered

by Dietrich Schmitz

It's not something the average user thinks about -- security.  But as with most Linux Distributions (Distro) Fedora, a Red Hat community-based Distro, has some things going for it that are not apparent.

The single biggest asset going for Fedora is security.  You see, just about everything you do while on Fedora is under what's called 'Mandatory Access Control'.  That's security-speak for basically having everything you do 'watched' by a third-party 'Linux Security Module', (LSM) including even actions taken by the system kernel.  That may not mean much to you but to system administrators and security experts alike, it is 'peace of mind'.

Simply put, bad things won't happen on Fedora's watch.

No, unlike Microsoft Windows, this 'third-party' is always cross-checking what your PC is doing and if anything isn't in your SELinux 'policy' say trying to gain administrative privilege to control your system without your expressed permission, SELinux steps in and kills the process.

That's the way security should be.  And you can rest assured your PC won't be hit by silent 'drive-by' javascript DLL injection attack as is still prevelant with Microsoft Windows legacy x86; even Windows 8.1 uses the legacy WinNT 2000 kernel.  That's ancient by today's standards and it is fraught with security issues like the one described above.

I've written about how Google's Engineers have posted a general 'disclaimer' on their chromium.org website for Chrome that effectively says:  
 
"W'eve tried our best to sandbox Chrome on Windows, but we can't guarantee you won't get infected.  Sorry."  (shrugs)

So, if you've been bitten one too many times by a virus from out of nowhere on Windows, maybe now is a good time for you to make a switch for the better.

Get smart.  Get Fedora Linux with LSM SELinux found here:
http://fedoraproject.org/
 
Fedora has you covered.  Be safe. -- Dietrich
Enhanced by Zemanta

Wednesday, November 6, 2013

Google: You've Been Owned. Fix Your F'ing Security

by Dietrich Schmitz


Theatrics.  That's all it is.  We see blustering, cries of 'outrage' by Eric Schmidt in a public reaction of 'surprise' to the fact that the NSA penetrated their firewall and set up camp reading any and all of their 'clear text' data files with impunity.

This same company, prides itself on selling Chromebooks with an unblemished record at Pwnium 2013 of no successful hack which resulted in fully owning the ChromeOS operating system.

How is it that so much effort can be put forth to develop ChromiumOS with a sincere intent to make security a prime order of concern yet Google's data centers store data in clear text?

This isn't being discussed in any of the media stories.

The real 'top dog' priority for Google is advertising revenue.  And, they know full well that if they encrypted the public's data they could no longer parse it to exploit, mine, for advertising purposes and that would put a major choke hold on a part of their revenue stream they so cherish.

The public's trust, good faith, and right to privacy takes a 'back seat' to Google's penchant for profit.  Google is colliding directly with 'Do No Evil' as they continue to change their ways with a clear intent to take major portions of their technology base proprietary

That is the bottom line and there is no clear indication from them policy-wise, one way or another, as to what they plan to do at this point, if at all, other than public 'feel good' talk and expletives from Google Engineers seen in today's news.

Google.  You've been owned real bad and at the Public's expense.  It's time for you to fix your F'ing security.  I think you just might have screwed the pooch this time.

-- Dietrich
Enhanced by Zemanta

Bodega - The Missing Piece

by Daniel Sandman

Some might not have heard of it but Bodega, a missing piece in the Linux ecosystem, was released not long ago. Many might not have put much thought about how important this little piece of software really is. As I talked about in my previous article the usual approach commercialized Linux take is to have their ecosystem closed. This can be a danger for open source and do limit the participation of others. In a way it takes the benefit and intent away from what open source really is and should be about. What the infamous +Aaron Seigo (shown right) did was to take the complete opposite approach and made his open. An infrastructure the open source world else would have lacked. This is not a small feat and a crucial part of the open source ecosystem have been filled. (Image credit: Wikipedia.org)

It's not just a content redistribution manager either. It is a more complete solution and on top of that almost completely decentralized. It does not just contain a singular entity where a central power enact it's control. It is built as if he took a blueprint of the real world with individual stores and warehouses and applied it to Bodega. People can join up and create their own business so to speak by partnering up. Which is really exactly how it should be done. I think the future will hold many specialized solutions and just as in the real world competition will be at it's core driving it forward. Anyone who have read his blog posts about the subject can see that he has put a lot of thought into this. He must have understood it's potential very early on and made sure to incorporate as much of it he could in Bodega.


Bodega - An open market for digital content


This means the reach for a content provider could be direct and limitless. It could even create jobs and lower the barrier for people who want to start a business. It is truly a vital piece filled that have been missing. At this point it might only be dream to be able to generate enough revenue to pay a rent but who knows about the future. Someone very service minded and driven could make something really good from it. The potential is really there and as it has just been release a true potential for anyone interested.

As it is still early days it do lack some parts I want to see. The only client I've seen so far is the one for Plasma Active. That is nice but I am missing a GTK one so if someone is up to it, give me a ping. I would love to test it. I know Aaron would love to see one too. He wrote about it on gnome-look.org.
Enhanced by Zemanta

Tuesday, November 5, 2013

Does it really matter?


by Daniel Sandman

I have lately contemplated over Linux and it's market share on desktop. We have seen a little upswing the last year and depending who you ask it is somewhere between 1.6-3 percent of all desktop computers. It's a small percentage but what people tend to forget is that it is a HUGE number. There are around 2 billion desktop computers running in the world today. The estimation is hard to do but it's the general number I tend to see on this. So that means it would be roughly 30-60 million desktop computers running with Linux in today's world. Not a small number. Even if you only took a third of that number it would still be 10 million computers which are actively being used. That is a lot of people.

I mean how many people do we need to have an active ecosystem? I have no clue, but would guess a couple of thousand is enough. That means a couple of thousands technical users. Those who can develop and maintain. It's a non-issue for desktop Linux currently. It's always nice to have a couple of more developers but a general feel is that we are good. So I have no fear to be honest. As long as we grow I am good. It doesn't need to jump several percentages to make me happy. Just a steady slow grow is enough and that is how it looks today. For me it's more important the openness is preserved than a market majority.

Sure I am happy to see Valve and gang joining the club. I mean it is good to have the choice. It also improves the support for drivers and hardware which could be better on Linux. I am not complaining though. My hardware on my machines has worked more or less flawlessly since 2008 or so.

So does it really matter?

Yes, I think so. The state of Linux today are big changes. We are watching Linux being commercialized at a rate never seen before. Android and ChromeOS have been good for Linux but Google are no RedHat. Sure RedHat do have some proprietary solutions but mainly aimed at enterprise. With Google we get core functionality like the distribution of software closed off. That is an essential difference from what we are used to. We are seeing Canonical taking steps toward a similar business model and others are surely thinking of it too. Heck even Apple have a similar solution with some parts open but others not. Is this the future of open source? Is the future a mix of open and close?

Maybe. I hope it is not but money talk and Linux is dependant on businesses donating developers to make code. In a perfect world this would not be needed but the world today is anything but perfect. Just because we need some commercialization does not mean I am happy about Google and Canonical. I wish they could have taken a more similar approach to RedHat and SUSE which base their revenue on support. If so it would have meant they might have not felt the need to use CLA and closed source on core functionality. So my main concern today lay in the commercialization of Linux and what that might bring us tomorrow. Not so much in the actual percentage of market share.

It could be fine but it could also mean that openness proves to be a failure. I hope on the former. We have to stay vigilant and especially on software with core functionality that is not open and demand opening them up. The danger lay in dependence on commercial software with core functionality. We as a community can not allow such things to happen. If we do it would mean the end of openness and the end of Linux as we know it.

So to me supporting Systemd, Wayland and Bodega are important for the future of Linux.


Enhanced by Zemanta

Sunday, November 3, 2013

Moving Away from Google's Proprietary Ways

by Dietrich Schmitz

As a result of drawing a line with GoogleI've spent considerable time considering a range of options to avail myself to in replacing Google services

As for Blogger, I intend to use Wordpress and will convert my Linuxadvocates website soon and am hoping to have some of Kev Quirk's guidance on tap as I move forward.

As for my browser, I've turned to looking at Chromium.

Why?

Because The Chromium Projects is fully open source and not proprietary, unlike Google Chrome. The two are quite different beasts. In fact, I am using Chromium right now and it is working nicely as many of my colleague Friends have reported. That word 'proprietary' will mean more to you below when you continue your reading of this piece of verbosity.

So, I've also shifted from Lubuntu 13.10 to Linux Mint 15 "Olivia" Xfce Edition.  That's Mint below for those of you interested in making the 'leap' from Windows to Linux who may be wondering just how difficult the transition may be.



Linux Mint 15 "Olivia" Xfce Edition - My Desktop


If you are new to Linux, you may think of the graphical user interface (gui) as being 'loosely coupled'. Linux doesn't care if you have one or not. In fact, linux web servers are set up without one in command line 'headless' fashion. But, as far as choices go, the move to Mint Linux is a safe bet. You see, they are #1 on Distrowatch.com for a reason. It's that good. I call it Ubuntu +1.

The choice of guis was easy for me. Xfce. It's still a lightweight gui, like Lubuntu's LXDE, but it is really more feature complete. There are trade-offs for using LXDE which for me are taken in stride but for a newcomer, Xfce will make any Windows user feel quite at home. There is little to do after installation. Just boot and use.

Here's some background information on Xfce: http://en.wikipedia.org/wiki/Xfce

Many newcomers will find the naming of things in the Linux world funny, but that's open source for you. It is rather benign but much of it will make sense as you become accustomed to the "Linux Way" of doing things.

The "Linux Way" of doing things incorporates many concepts but there is none more important in light of the Snowden revelation than open source 'Transparency'. This is a good place for you to stop and read a link on the topic to frame in your mind this abstract but yet so vital concept:

http://www.concurringopinions.com/archives/2013/09/open-source-values-transparency-in-the-post-snowden-era.html

It's basically this. Proprietary = Exploitation. That's how I see it.
And at growing levels I see Google's expansion in the name of profitability colliding with their "Do No Evil" mantra that so many of us, including myself, believed in.

So, on principle, I am looking to non-Google solutions to continue using the Internet.

I find using Chromium safe and acceptable by virtue of the pure open source footing on which it is developed. That will assure transparency going forward as with Mozilla's Firefox.

As for the array of Google services like Drive, Gmail, etc.?

I don't need them. I am looking at Kim Dot Com's Mega for its Zero Knowledge Encrypted free 50MB space support and also their upcoming encrypted end-to-end email. Phil Zimmerman, the Founder of Silent Circle and Lavabit's Ladar Levison are forming Dark Mail Alliance.

Those are my two target email solutions going forward.

That should do it for now.  -- Dietrich
Enhanced by Zemanta