Doug Riddle's GNU/Linux and Open Source Page

Search WWW Search dougriddle.com Search google.com

  This is the Linux Distribution I am currently using for my main workhorse and I could not be happier with a computer. Unless you have a good bit of experience with Debian, you will be completely blown away by this distribution. There are over 8000 free packages ready to go for this distribution. The Libranet team has done a splinded job of setting up a good standard all around desktop as the basic load. They put in enough of the complicated stuff to keep the geeks happy, but the ordinary user would never notice. I suspect Bill Gates is losing sleep over this Debian package. If he isn't, he should be.
 
Skip down to the link to the iceberg picture Bob Calhoun has everybody dying for!

  A very active Linux user group, that is very involved in the community.

Doug Riddle On Linux distributions:

If you go to www.linux.org you will find they generally recognize three main categories of distributions, Redhat, Debian, and Slackware.  Most GNU/Linux distributions are based on one of these three basic formats.  The distributions arose out of the user's desires to see certain attributes bundled with the kernel.  The website www.linux.org does a fantastic job of explaining this and rather than recreate their work, I will leave it to you to read their site.  Instead, I will focus on the two distributions I am familiar with, and their differences.  I also have some things to say about Open Source.

On LibraNet's Distribution versus Redhat's Distribution:

I started out with Linux about the time Redhat 6.0 came out, about 1998, or 1999.  I then purchased Redhat 6.2 and Redhat 7.0.  I think the Redhat distribution has a lot going for it.  I got my start with Redhat.  It was possible for me to get started because of all the books that included copies of the Redhat software.  In 2001 I was introduced to Debian.  I have come to prefer the Debian distribution of GNU/Linux.  I especially like the Libranet distribution of Debian. 

I always buy the latest release. They are very responsive to the users requests and a core group of users act as beta testers. Jon and Tal actually listen to their reports and when a new version is released, it is solid and always worth more than the low asking price. The Debian apt-get utility is far superior to Redhat's RPM.    But, this is sort of old news. Libranet has a widget called adminmenu that is very slick and very "friendly." It has wigets to update packages, itself, setup a firewall, heck, I think it folds clothes too.   There are packages such as Alien that can convert the RPMS to Debian's deb format, so I do not find the RPMs too inconvenient.  What I do find inconvenient about Redhat format is the inconsistant support. When you add the fact that Redhat abandoned the desktop for the server world, the question is moot. Add the relatively high price in, and RedHat loses to Libranet. Granted it still beats the stuffiing out of Microsoft.

Redhat basic is now going for $179.00 to 371.00 US.  That is pretty steep for what amounts to support for free software.  Libranet is also a package provider; likewise, they sell support as much as they sell their package.  The price difference is rather pronounced.  Libranet sells their (IMHO) superior product for about $80.00 US for the first purchase. Subsequent upgrades are currently half the initial price. This is as of February, 2004.  The support is via email, the user support list and their on-line forum.  There really is no one you can call for support as you can with Redhat; however I feel Libranet's support is superior.  When you purchase Redhat it comes with support as well, and a 1-800 number.  I found their 1-800 number to be a waste of time on the three occasions I attempted to use it.  Their email support is accurate and reasonably prompt, but not as fast as Libranet's support forum.  In short, in my experience, Libranet wins in the support category and that makes all the difference in the price category as well. 

As I already indicated, the distribution offered by Libranet is far more easy to use as a desktop than Redhat.  To add or remove a package in Redhat you have to run RPM.  Admittedly, this is a vast improvement from the manual install, and tarballs of the early days.  Compared to Libranet's adminmenu though, RPMs are a pain.  Convenience in package loading is all about not having "unmet dependencies."  I used to get so irritated about that.  Download the package you want and attempt the install, find out about the unmet dependencies, download the indicated package(s) and attempt the installation, find out about the dependencies, repeat until something installs correctly and then install all the other stuff you downloaded in reverse order and hope you do not replace something you were using for some package you did not want to spend the next hour upgrading, like Xwindows.  ARGH!  Dependancy hell!

Debian's apt-get does away with 98 percent of that.  There is no getting rid of all of it due to package updates and the march of progress, but even so, the solution is far easier in Debian.  Libranet is there for you again with a really slick interface for apt-get in their adminmenu.  Redhat is not really aimed at the desktop any more.  They offer one, and it is a good one.  Even if I prefer Debian, Redhat is a vastly superior product to Windows in the desktop market.  Redhat has taken aim at the enterprise level and is doing well at it. 

You can run a network, cluster or desktop with any distribution of GNU/Linux.  The question is whether or not you need to install/enable and/or configure the widgets you want.  What Redhat has done is bundle the tools and customize the installation CDs to allow you the option of choosing a firewall, server, or desktop/laptop installation to allow you to tailor your load to suit your needs.  They also offer some very powerful networking tools already loaded and configured.  As I already said, you can install any of these tools on any GNU/Linux system.  Redhat has already done it for you though.  With their corporate-level support and 24-hour 1-800 number, they are a force to be reckoned with in the medium to large-scale business market.

Still, in my humble opinion, Debian is the only distribution worth serious consideration. It has the reputation of being the geek's geek's distribution. It is un-arguably the most powerful distribution on the market. Highly configurable, you can choose between stable as a rock, or bleeding edge. That tends to mark it "for experts only." Libranet has solved that issue for the desktop. I really cannot say enough about this distribution.

My first comment on the subject of Open Source versus proprietary software is that in the world of Open Source software, how well and how widely accepted a piece of software becomes is based almost exclusively on how well it does the intended job.  Who produced it, and how "cool" it looks or "feels" matters too, but if it doesn't perform, or isn't supported, then it is toast in short order.  No one spends any money gathering support.  No one has to.  Word of mouth is, was, and always will be the best selling tool any product ever needs.  (Trust me on this one; I have a degree in Marketing)  Nothing sells like success.  If it works, it gets adopted.  In the world of proprietary software, which most of the users of computers now live in (sadly enough), that isn't the case.  Michael Dell makes good computers.  His are not really any different than any other IBM clone, but mostly as good.  IBM clone?  The hell you say.  Yep.  Michael Dell's computers are still clones of the basic IBM model licensed so long ago.  So why are there only four or five makers left around?  Scale.  It is all about scale.  Hardware requires factories.  You need big burly machines to make machines.  The more you can make an hour, the cheaper you can sell them.  In marketing, we call that economy of scale.  That was what put Ford and the U.S.A. on the map.  In software, the same model fails.  If I design a car and build one, I need a factory to make more copies.  With a program, I just need a machine to produce more disks.  It doesn't matter if I spent three dollars, three thousand dollars, or three million dollars to produce the initial piece of software, I can reproduce it for pennies.  Now, how do I get my money back?  I have three basic choices; I can license and sell the software.  I can sell the support, or I can combine the two.  If I am going to sell the software, I have two problems.  Illegal copies and backward engineering.  Illegal copies are prohibited by law.  Someone figuring out what I did and inventing a new way to do it is not.  Enter the lawyers and F.U.D.  If I cannot make money because I have the best product and offer the best support, I can make money by preventing anyone from competing with me.  If that theory was in practice when the automobile was coming of age we would all be driving black model T's today and forever more.

Look here for what wiser people than I have to say about Open Source:
 http://www.opensource.org/

 There are a variety of Open Source models and licenses.  I will not try to recount them all here, or discuss their various advantages and disadvantages.  For that discussion I can recommend "Open Source, the Unauthorized White Papers" by Donald K. Rosenberg, Ph. D., MBA.

 

 On the topicof Microsoft versus Open Source:

I do not think I have ever heard Open Source explained or defended better than Peruvian Congressmen Edgar Villanueva Nunez did when he defended his Bill in a letter to Microsoft General Manager Mr. Juan Alberto Gonzales. 

 You can find it here:  http://www.opensource.org/docs/peru_and_ms.html
 Or, you can find it here:  Peruvian Congressmen refutes Microsoft's "Fear, Uncertainty and Doubt" (F.U.D.) concerning free and open source software.

What I have to say can be summed up very simply.  If the code is available for everyone to see and troubleshoot, you have a better product.  The claims that everyone knowing the code makes a product vulnerable are specious nonsense.  Microsoft's code is theoretically private, but their software has more holes in it than all my colanders, strainers and graters put together.  Microsofts reaction to Linux should tell you all you need to know, but just as an exercise in logic, let us compare and contrast the approaches GNU/Linux and Microsoft use to combat a mutual threat, computer viruses.

 GNU/Linux is based on Minix, which is in turn based on UNIX.  These operating systems are so similar it is generally accepted to discuss them in terms of differences, not similarities.  The first computer virus ever written ran on these types of operating systems.  There are still viruses being written to attack them.  The basic approach to combating viruses in GNU/Linux is to find out what weakness(es) the virus was attacking and to correct the weakness/flaw/hole/daemon/script/whatever.  Correcting the source of the attack makes GNU/Linux stronger and more secure.  This is an important point. Once a weakness is corrected it is gone. It does not reappear in later releases, and it is not hidden and dependant on outside software to protect it, it is gone. A new weakness may emerge, but the one originally attacked is no longer an issue. GNU/Linux (the free flavors) is distributed as is, with no guarantees.  Out of the box, it may have flaws, but if you stay alert you will find out about the flaws and how to fix them.  The fixes come out quickly, in days if not hours, and you are secure again.  Additionally, it takes someone with a good deal of technical expertise (to put it mildly) to compromise a GNU/Linux system.  Yet, someone will compromise a GNU/Linux system.  It will be soon.  Why they do it varies, but they do.   With Open Source software there is no guarantee, but there is a certainty that if you chose your software wisely any vulnerability will be corrected soon after they are detected.  Soon.  As in as soon as the package maintainer and the interested parties can correct it.  Remember, they are using the software too, and they have agreed to give you the source and the software.  Neat huh?  I thought so too. You may have noticed I have emphasized that GNU/Linux offers no guarantees. Here is the point I am trying to make. Microsoft and the companies that write software for Microsoft’s products make no guarantees either. They bury it in a very long EULA (End User License Agreement). All they promise is that if you hire enough lawyers that you MIGHT get the purchase price back. So, GNU/Linux does not offer a guarantee. Welcome to the real world. What GNU/Linux does offer is verifiable stability, and a better track record in security. Why? Well, as I said, let us take a look at the Microsoft approach to viruses.

 Microsoft and other proprietary software producers do not reveal their code.  Their product positioning in the market is based to a large extent on commercials and marketing.  They will not reveal the code (unless you are a foreign government considering Linux and they really, really want the billions of dollars you have) and only the people that they employ can work on the code.  Even the people employed by these companies do not know all of the code (which is part of what leads to the instability), so even if the will to correct a problem in a timely manner is there, the ability to do so probably is not.   This has led to a huge industry based on trying to secure the Windows and Windows type environments.    Almost any teenager with the will do so and a modem can write a virus to attack a windows-based machine.  The problems center around three core flaws: Microsoft uses an integrated environment where each aspect of the software has free reign within the OS. Microsoft was not originally designed for a networked/Internet environment. Microsoft uses the same basic memory handles and objects across their software suite and OS (programmers call these handles and objects DDE, OLE and DLLs).

Here is why those three issues are flaws.  Microsoft has used their OS, Internet browser and office product suite to stifle competition.  Their contention was that the customer was more concerned with whether or not their email client could pull up data from their spreadsheet than whether or not someone they never heard of in a competing company could open the same spreadsheet without them knowing it.  So, they tied the core of their OS to the nuts and bolts of their software using things they call "Direct Data Exchange", Object Linking and Embedding" and "Dynamic Link Libraries".  Those of us that do programming know these as DDE, OLE and DLLs.  They are powerful tools and very handy if you want to write a program to pull data from a spread sheet, put it in a database and display it in a power point presentation.  They also open up many, many holes to viruses, disk corruption, and general protection faults (also known as Blue Screens of Death).  The BSOD stem from the "do not left the right hand know what the left hand is doing mentality." That wasn't enough.  To combat Netscape's share of the Internet they opened all these handles (the programmer's term for the way to use DDE, OLE, and DLLs) to the Internet calling it Active X.  Now any moron with a Visual Basic (formerly Visual C, but they "remade it") script can attack your PC. Seriously, I can create a web page that will directly address the hardware on your PC. An easy one simply pops open your CD-ROM drive. This is the script. I will leave it to you to test it. If you cannot use this to create a page and test it, you’re probably not reading this article. I consider this sort of script a real annoyance, so I will not post it in an active form.

 <html>
<head>
 
   <title>This should not be allowed to happen!</title>
</head>
<SCRIPT LANGUAGE="VBScript">
<!--
 
Set oWMP = CreateObject("WMPlayer.OCX.7" )
Set colCDROMs = oWMP.cdromCollection
 
if colCDROMs.Count >= 1 then
        For i = 0 to colCDROMs.Count - 1
                colCDROMs.Item(i).Eject
        Next ' cdrom
End If
-->
</SCRIPT>
</body>
</html>

Can you imagine how angry you would be if that had been a link and you were busy burning a CD when you clicked on it? I am glad I do not use windows at home. Imagine what could be done with a web cam and a larcenous heart.

This is what prompted the term "script kiddies".    Now there are a gazillion viruses circulating just waiting for a PC that doesn't have an up to date virus scanner so they can be infected.   At this point, there really isn't anything Microsoft can do to combat the problem.  Correcting the problem would require a completely different approach to the way Microsoft writes and thinks about programming.   For Microsoft to secure their software they would have to redesign from the ground up, get rid of their Internet Explorer and make all of their old software incompatible.  To say the very least, they are not likely to do so.   Oh, I expect a lot of lip service, and announcements about what they are going to do in the next release, and in a year or two, but it has always been, and will remain a crock. Pre-selling is the market term. Don't leave, we're working on it. Hype, trash, and nonsense. This is not a new problem. Viruses have been around since before the first PC. The early viruses were all aimed at Unix, but a Unix or Linux virus can not infect the whole machine, at best it trashes a single careless user's files. Microsoft only recently implemented the administrative versus normal user, and they screwed that up, because almost all their applications run with full priviledges. Hack the app, you hacked the box and user. What a brain trust they must have. Duh, all our handles are unprotected, but we'll lock the user down. This is much the same as putting all of the blasting caps next to the box holding the matches and hoping nobody ever lights a match. Maybe the latest Microsoft aimed virus will only delete some files; maybe it will do that and send itself to a few hundred other victims.  Maybe it will launch an attack on the U.S. Government.  Who knows?  And guess what else; if you use Microsoft Windows, odds are you won't even know if you are infected.  Windows comes with no tracking system to let you know who is doing what to your machine.  Microsoft's products come with no guarantee.  In fact, the license tells you up front that you are on your own.  Enjoy.  I hope you have deep pockets too, because Microsoft's answer to flaws is to make you buy an upgrade.  They can do that, because you do not own the software, they do, you are only renting it and not allowed to modify their code - read the license. Wherever it says User, that is you. Oh, and where the EULA says they can scan your hard drive, pull in your information and use it for "marketing purposes," you agreed to that when you loaded the software. You know those DOSS attacks that everyone screams about? Like the worms and viruses launch? Microsoft could do the same thing using your machine, and it would be legal. You gave the right to access your machine, review the contents, and use your bandwidth. The site they attacked might have a legal leg to sue them, but you, the willing victim, paying for the bandwidth, have even given them rights to review for files and use your hardware. Scary huh? No one ever reads those EULA thingies. You should have...

 

--Let me be certain to explain that I am not talking about firewalls and common port problems when I berate Microsoft's absurdly poor record with security.  The Internet was designed to be an open system by extremely smart people who knew exactly what they were doing.  They designed it for a small scientific body to enable the rapid, easy exchange of information. They thought it would remain a closed system, and the security necessary would be provided by restricting who had access. Surprise! Poor assuption. It is a very open system.  Much like America, it can be exploited by people who do not think openness and freedom are good ideas.  It is all but impossible to make an Internet connection secure.  Even if you do accomplish data security, some filthy (what is a good word, fit to print, for someone you would willingly skin alive and dip in a brine, or acid bath?) will still be able to send nasty pictures through to your little girl unless are very careful, and you are there with her when she is on-line.  Even then, the pop-up ads will show her things you aren't old enough to see.  I believe in the freedom of speech.  However, I also believe I should have the option as to whether or not I am exposed to just anyone's expression of their freedom.  I should not have to worry about the content of advertisements I did not ask for while trying to show my kids information on the web.  What really worries me though is that no matter how much time and money you spend on a firewall and a proxy, the Windows operating system is still vulnerable. If a windows machine is on the Internet and using Microsoft's Internet Explorer or Netscape, it is vulnerable to malicious scripts, and applets. I do not need to tell you about the email problems, and I assure you, there are problems that have not been discovered yet. Microsoft is only liable for the cost of their software though, so don't worry. If your PC and valuable data get trashed, you won't affect Microsoft's ledger even a little bit. Sleep soundly knowing Bill Gates and Microsoft are not liable for the billions in losses their bad code has caused and will cause; your Microsoft stock is safe. Your data isn't, but your stock is. Or, it is as long as they can keep the public ignorant of all of the issues and pump cash to the politicians.

I say that the next time you are sitting at your Microsoft PC and pornographic SPAM comes in, or an ad comes in that you find offensive, you sue Microsoft, the Bill gates Foundation, and Bill Gates. Put the thumb screws where they belong.Let's start a class action suite. Pine never had these problems. Let's sue the source.

Personal rant here:  {PAY ATTENTION MANAGEMENT: The DOT COM BUST DID NOT RUIN THE ADVERTISING BUSINESS ON THE WEB, THE ADVERTISERS DID.}  Morons.  That is why I have a degree in marketing and do not use it.  I had twelve offers after I graduated, two for slave wages with decent companies and ten for children's advertising.  I kept my soul and work in computers.  My TV stays off on Saturday mornings!  My kids and I are outside.  I hope all porn and children's advertisers die slowly, unmourned, and unheeded of crack overdoses and painful STD's in small, filthy, roach-infested trailers next to broken septic disposal dumps...  Right next to their lawyers.  But I mean that in a nice way.
 

  Site Entrance Page

  Doug Riddle's main page