QuestionDudes, have you read "The Unix-Haters Handbook"? http://www.art.net/~hopkins/Don/unix-haters/handbook.html
      – BorgClown, 2009-11-06 at 08:55:24   (17 comments)

On 2009-11-06 at 08:58:53, BorgClown wrote...
It is an interesting flamebait with some golden nuggets of truth. It is freely downloadable as a 3.5Mb PDF from the same site. Also, don't forget it's old (14 yo), the author of "The Art of Unix Programming" gives it a good review in retrospective here: http://esr.ibiblio.org/?p=538
On 2009-11-06 at 09:02:00, BorgClown wrote...
All in all, this was a good flu rest. I've read a lot, watched anime, reorganized my hard drives and configured a few rough edges on my Karmic Koala installation. And I still get to work until Monday, yay!
On 2009-11-06 at 13:56:40, DigitalBoss wrote...
You did not mention strategic backups of your data. You are slacking. What the hell is Karmic Koala?
On 2009-11-06 at 20:31:55, Lee J Haywood wrote...
@BorgClown: tl;dr ages ago.
On 2009-11-07 at 00:10:22, BorgClown wrote...
@DigitalBoss: Those I tweaked last week. Back in time for Linux is pretty cool. Karmic Koala is the code name for Ubuntu 9.10. People often joke about the future code names, i.e., Ubuntu 10.04 = Lusty Locust
On 2009-11-07 at 00:17:25, BorgClown wrote...
@Lee J Haywood: You should read it full, it's not that extensive and it makes a few very good points then and now. My favorites: It's difficult to undelete, rename or find files Shell scripts syntax is unnecessarily convoluted C++ is a semi-OO inconsistent kludge on top of C The security model has important weaknesses
On 2009-11-07 at 05:39:07, DigitalBoss wrote...
I have never tried Unbuntu. Back in the day, when I tried several distros, I always went back to RedHat/Fedora. I tried Mandrake, Debian, Slackware, SuSe, and BSD, but never Unbuntu. Unbuntu came along late for me, after I had already decided Fedora was for me.
On 2009-11-07 at 07:02:41, BorgClown wrote...
My first distro was SuSe, played with it a week and loved it. Since it wasn't a full distribution (the commercial version was better) I changed to RedHat and liked it too. Ultimately Debian was my favorite, the repositories were simply huge, and the docs were very extensive, even if dense. Ubuntu is a Debian that you barely need to tweak on modern machines, before it I routinely compiled my kernels each time they were updated.
On 2009-11-07 at 07:07:36, BorgClown wrote...
At first I thought "Wow, I can recompile my OS whenever and however I want, cool!". After a dozen updates I thought "Another recompile because a security hole was updated? What a PITA!". It's good that the Ubuntu makers take care of a number of Debian nuances for me, and I still have the option to get my hands dirty if I want/need to.
On 2009-11-07 at 10:58:17, Lee J Haywood wrote...
I started with Debian in 1994, then RedHat, then Mandrake, then SUSE and now Xubuntu. I've actually had a lot more installations than that, but I cannot possibly remember them all. @BorgClown: <li>It's not difficult to find or rename files! You can use find/locate, and renaming a file can be done even whilst it's being accessed, unlike in MS Windows! Undeleting is very difficult in the filesystem, but both MS Windows and Linux use recycle bins in their UIs, don't they? <li>It's a matter of opinion if shell scripts are convoluted - I don't have any problem with them, and they are a hell of a lot more powerful than MS-DOS scripts. <li>I have no idea why anyone would learn C++, as I didn't bother, but C++ has nothing to do with Unix. <li>I'd have to read the handbook to understand which weaknesses you're talking about, but the strengths of the security model are numerous.
On 2009-11-07 at 18:43:55, BorgClown wrote...
Here's the direct link, in case you don't have it: http://web.mit.edu/~simsong/www/ugh.pdf
On 2009-11-07 at 19:17:37, BorgClown wrote...
@Lee J Haywood: A) Would you consider the find/locate+rename method easy? B) Recycle bins are useless if you work from the console C) Seriously? Bash scripts use quotes, double quotes, backticks and a few more symbols who are not explicit about what they do, unless you happen to know the intricacies of it. Fortunately we have better script languages to choose nowadays, like Python for example D) It makes several good points about security, but unfortunately it doesn't offer anything better to compare to. The security model of the IBM i is pretty strong in comparison, but it is detrimental to performance.
On 2009-11-08 at 09:49:16, Lee J Haywood wrote...
<li>Oh, you mean finding AND renaming as one step. I use Midnight Commander for that sort of thing usually, and I have a 'ren' script for renaming lots of files quickly. There is a Linux version of MS Windows' Explorer but I would never use such a thing - I dislike GUIs and switch everything off at the start. (: <li>Most filesystems fail to provide an undelete mechanism. It's certainly something that ought to be added, but the problem is that filesystems tend to be very fixed in their design once released. I don't think it's a Linux-specific problem though, any more than not having the filesystem based on an RDBMS is. <li>Come on, any language requires you to learn how to use it before you can use its full potential and will break if you get the syntax wrong. The only reason MS-DOS scripts seem 'friendlier' is because you either learnt them first or you don't have to learn as much because there's nothing to learn. <li>Yet Linux systems are well-known for being secure, in spite of the FUD. P.S. < LI > tag.
On 2009-11-09 at 00:36:28, BorgClown wrote...
About security, it made a good point. Before, you could make a root SUID script at home, take it on a removable drive to a friend's Linux machine, mount it and have instant root access. That was why only root could do mounts. Later we have automount, although I don't know if the default mount options forbid the same scenario. Even if it did, if you ask a more privileged officer to help you debug a program on your home, when run, said program can covertly make a copy of itself changing SUID and replace itself with a benign version. To be fair, this kind of attack works because of a stupid privileged user, not because of a flawed security model. Even the IBM i would be pwnable that way, but QSECOFRs (root-alike) are very resilient to social engineering.
On 2009-11-09 at 10:04:31, Lee J Haywood wrote...
@BorgClown: It's ridiculous to talk about security being flawed when you have physical access to a machine. You can simply boot a PC with a CD or whatever and do anything you want - it takes a full audit to make a computer physically secure, and even then you'd have to mess around encrypting the drives. Only the most paranoid come close to that level of security. Relevant security is about protecting against external attacks via the Internet (and possibly via wireless routers). Linux does a fantastic job here, having limited daemons/services running and having a 2-tier security model where root access is difficult to obtain (unlike MS Windows, where full privileges are usually already given). It does fail with things like flaws the web browser, where applications don't run in a sandbox, but then other OSes share this weakness.
On 2009-11-10 at 04:33:27, BorgClown wrote...
Root access was obtainable on Linux a few years ago by remote buffer/stack overflows. Today that's very untrue. Ubuntu was the first easy distribution to become quite secure, the list of features, starting with AppArmor is impressive and virtually transparent to the user: https://wiki.ubuntu.com/KarmicKoala/TechnicalOverview#AppArmor
On 2009-11-10 at 11:28:32, Lee J Haywood wrote...
I'll agree that even a root kit can be installed in Linux today, and a web browser is a sure way to get access to a machine. Buffer overflows are still a problem, although they tend to be reduced by choice of programming language. It's silly to say that the problems are due to bad design of Unix/Linux - there are too many varieties, and even Unix does well for saying that it mostly pre-dates the Internet as we know it today. There are Linux distributions specifically intended to be secure, but you have to want to have a secure system to go to the trouble of using them.