root vs. user

You’ve no doubt heard the rumors that Linux (or Mac OS) doesn’t get viruses.  You’ve probably come across the rumor that Linux is more secure because of the way it’s built.

Those rumors are true, for the most part.  But, specifically why are they true?

One of the biggest reasons Linux doesn’t get viruses is because of the way user accounts are set up.  When you create an account in almost any Linux distro, you’re created a user account, which has limited privilages.  It is the root user that can alter the Operating Systems guts.

In a server environment (an office or school), the only person who has access to the root account is the System Administrator.  In a Home environment, since you personally installed the Linux OS onto your computer, you get to choose a password for accessing the root account, but the default is still the user account.

So, as a user, you have basic privilages, and you have access to only certain files in the Operating system.  The privilages of a user account are almost always sufficient for the average computer user.  The root account allows access to all files, including the important files that the OS uses, and you can perform certain functions like partitioning hard disks, installing software, or adjusting firewall settings.

This seperation of privilages makes Linux a tough environment for viruses to reproduce in, given that the default user account’s file access privilages are limited to non-critical files.  Attacking the root account is extremely difficult, particularly if you have a good password, and a little bit of encryption; a firewall like SELinux also helps to identify “illegal” tasks, like when an application tries to run in root without telling the user.

“But open-source code is more insecure because all the source is free for the virus makers to exploit!”

If you haven’t heard that argument, I’d be surprised.  Well, let’s set the record straight.

The argument that open-source is less secure because it’s open, is self-defeating.  In fact, open source is more secure, because it’s open.  How can you hide a virus inside an application if all the code is open for anyone to see?  Because it’s open source, a virus would be spotted before the app is even close to public release, and when it is released, thousands upon thousands of developers will examine the code before deploying the app for their own purposes.

The root account/user account separation, along with the open-source nature of Linux is what makes it virus free.  That’s not saying a virus can’t happen, but Linux is part of an ecosystem that is extremely unfriendly to a virus.

Some might add that another reason Linux is virus free is because of it’s small market share, but I really don’t think that has anything to do with.  Linux could have 100% market share, and as long as every part of the OS is open-source, viruses will not get far.

Fedora 11 Beta release notes - FedoraProject.

The beta of Fedora 11, codenamed “Leonidas”, has been released to the world.  Some of the most notable changes include the new Gnome 2.26, KDE 4.2.1, and Xfce 4.6.0 desktop environments, along with a new default filesystem, Ext 4, and an experimental release of a brand new filesystem, Btrfs.

There are lots more new features with Fedora 11, see the entire list here.

Full Story

TomTom is now an official licensee in the OIN, which means they can take advantage of all patents owned by OIN, so long as they don’t “assert its patents against the Linux System.”

This comes a month after Microsoft filed a patent lawsuit against TomTom and it’s linux-based GPS systems.  Although TomTom uses proprietary software on top of their linux-based GPS’s, the fact that they’re now a lincensee in the Open Invention Network could mean a step closer to a purely free GPS device.

open-source software development is like cooking.  Let me explain.

Let’s imagine for a moment that you want to make an apple pie from scratch.  You’ll need a recipe for the pie, that’s certainly easy to find, there are tons of pie recipes in one of the many cook books you own.  Just find the apple pie recipe you like the most and set it on the counter.

Next you’ll need the dishes and utensils to manage all the ingredients you’ll have.  You probably have a nice size bowl, and rolling pin, a wooden spoon, and a pie pan, but if not, I bet your neighbor has some, or your friend down the road.  If not, then you can go to the store and buy the dishes and utensils.

Okay, now your ready to gather all the ingredients, which, if you don’t have yourself, you could borrow from a neighbor or friend, or buy them from the convenience store.  Now comes the fun part, mixing all your ingredients together.  Your following the recipe when, about halfway through the process, you decide to vary the recipe a bit.  You put an extra block of butter in, a little more sugar then it calls for, and you mix some ground cinnamon into the dough.  Why not right?

After forming something out of nothing, you stick it in your oven, set the timer, and wait.  Images of gooey apple filling, and crisp, buttery, cinnamon crust float around in your head.  You can smell the sweet concoction of cinnamon and apple in the air as it bakes into perfection.

When it’s done, you invite some friends over to share the pie, your excited when you tell them how you made it and you give them each a copy of your new recipe, which you derived from some strangers recipe.  Your friends enjoy the pie and many of them want to make it for themselves, and some of them even said they would try vanilla instead of cinnamon in the crust.

You made this pie from scratch, you know exactly what its made from, so you know its perfectly safe to eat, and you know it tastes better than those store bought pies, and you like to think you improved upon the recipe you worked from.

developing software is the same way, and when you’re working with open-source tools or deriving your work from another open-source project, you can look at the source so that you know exactly what your working with, and just like making an apple pie, there is nothing stopping you from changing it up a bit (or completely).  All the tools you need are there, for free, and when you finish the project, you are free to do with it anything you want.

Let’s say I want to download the source code for Ubuntu Linux.  I could either go to archive.ubuntu.com and find what I need, or download the source from Synaptic or the terminal.  It’s all there, I can customize it ’till my heart’s content.

This simile is the same when it comes to using open-source software.  The cleanest and safest (though not the easiest) way to install an application is to compile it from the source code.  Just download all the source (its usually packaged nicely in a .tar archive), and run a few commands from the terminal.  Installing it this way, you can specify where to put the installation files, so that you know where all components of the program are, plus you have all the source code in a nice archive.  You made this pie from scratch, you know exactly what its made from, so you know its perfectly safe to eat.

Although Wikapedia is very mainstream, and is a commonly used some may still not know where the functionality, and ease of use comes from. The software for Wikapedia is actually available for free download and has a GNU license. Recently I had the chance to work on a project for work that allowed me to install, test, and observe the flexibility and ease of use of this software.

Starting with the good. The installation process only took 10-15 minutes. The majority of the time was spend setting up a folder with write privileges, and the MYSQL database, and users. Once installed it only required that the localsettings.php file be moved to the main directory.

Once up and running it is incredibly easy to just start throwing information and documents into the WIKI. I however recommend that you take a moment to first decide what additions to the main layout you may need in terms of user management, and extra functionality as it is much easier to add this prior to filling up your wiki with everything in your hearts desire. There is one other bonus to setting up all your preferences ahead of time, the oops I broke it rule is pretty much a given on the first time install of any new software.

In addition to ease of install, and use the wiki also allows for one of the best search features I have ever seen. The only issue found with searching was from sub name spaces (sub sections of the wiki) not searching for less that 4 characters.

For the bad the user management features are limited without adding additional extensions. This would not be a real issue if you have access to PHP files, and know how to edit them. With the theme of ease of use it is surprising that user management still required knowledge of PHP.

Overall the software is a great addition to any site that needs to store mass amounts of information provided by its users, or for any company looking to centralize their training documents, and other company information. Please feel free to visit the link below, and download a copy for yourself.

MediaWiki

And it’s codenamed “Karmic Koala”. Mark Shuttleworth writes about what he hopes to achieve with 9.10 server edition and desktop edition:

During the Karmic cycle we want to make it easy to deploy applications into the cloud, with ready-to-run appliances or by quickly assembling a custom image. Ubuntu-vmbuilder makes it easy to create a custom AMI today, but a portfolio of standard image profiles will allow easier collaboration between people doing similar things on EC2.

EC2 , or Amazon Elastic Computing Cloud, is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers. EC2 makes server operation faster by significantly reducing configuration time, and server capacity is elastic, so you only pay for what you need, when you need it.

Or you can make your own cloud, on your own hardware, with the Eucalyptus project.

On the desktop side of things, the focus is on netbooks:

So the good news is, boot will be beautiful. The bad news is, you won’t have long to appreciate it! It only takes 35 days to make a whole Koala, so we think it should be possible to bring up a stylish desktop much faster. The goal for Jaunty on a netbook is 25 seconds, so let’s see how much faster we can get you all the way to a Koala desktop. We’re also hoping to deliver a new login experience that complements the graphical boot, and works well for small groups as well as very large installations.

Ubuntu Netbook Remix is also getting some attention with this development cycle. The developers are shoving Moblin technology into the netbook version of Ubuntu, and considering the Alpha version of Moblin is suppose to be able to boot in 15 seconds, that’s very exciting news.

The default theme for 9.10 may not be brown any more, the new theme(s) will be revealed at the Ubuntu Developers Conference, May 25-29, in Barcelona.

Cloud-computing is a fascinating concept and I am glad to see so much focus on it coming from FOSS community.

It looks like HP is attempting to get into the Linux net book game, although there Operating system is Ubuntu the GUI is radically different.  For more information on the HP Mini Mi edition click on the link below for the full article on downloadsquad.com

Click Here

Full Story

The Alpha 3 Build of Ubuntu “Jaunty Jackalope” 9.04 boots in 21.4 seconds, but there is a catch.  The fast boot time is due to the new Ext 4 file system which is a declared stable, but will not be the default file system of 9.04.

.

Tips for Linux Explorers.

Check this out if you are ever board and want to learn some random new linux trick.