I’m downloading it using BitTorrent right now. The update was put up sometime today. I went out for a long bike ride and it was waiting when I got back. If you want your copy, go here. This is the final beta release before it goes gold sometime next month. From what I’ve read, I anticipate there won’t be massive updates after you install this one. They are treating it like an RC (release candidate).
In times past I was all puppy dog on this stuff, wagging my tail with anticipation as I downloaded the latest gee-whiz ISO of this or that. And then most of the time it would be some huge disappointment. Once or twice something I installed on whatever system I had at the time was actually worth keeping. Some examples would be old Red Hat 6.3 and 7.3, SuSE 8.2, RHEL 6, and Debian Etch. Those were the highlights in some twenty years of messing with Linux.
After some rough patches in those days, I might spend some time running Windows instead. I still think Win2K was some of the best technology for its time. Did you know there is a handful of serious developers trying to keep it alive? They are gathering snippets of code to fix genuine security risks and major bug fixes and trying to keep it viable. You can still get a version of Opera to work on it, and at least one AV vendor keeps updating the definitions for a version that works on it. I expect the unofficial updates for XP to have an even bigger effort keeping it alive.
So unless Canonical does something totally stupid, this may well be one of the best releases in a long time. Since they dropped official support for Kubuntu some time ago, I think it has really made life better. That is, I don’t have to fight with the stuff they ram down the throat of Ubuntu users. The folks who repackage it with the K Desktop are free to leave out the junk. I’m not wagging my tail, but I have some tentative hopes this will be one of the good ones, coming at just the right time to help me migrate a bunch of XP refugees over to something genuinely better.
If you have any doubts about keeping Windows on your system, this is a really good time to consider Kubuntu.
If you render it into a digital format, it’s public domain.
When the only thing protecting you is government policy, you have no protection at all. The mere existence of any entity’s access means it will be used and abused. It’s not so much that government employees are immoral, but that their individual moral barriers are always low in areas where the system demands they be. A government employee possessed of high moral standards against government intrusion will be out of a job sooner or later.
Technology? The Internet has virtually no inherent ability to maintain your privacy. It was not designed for secrecy, either. The problem is that the information is accessible even after it has been encrypted. The existence of a networking link to any machine containing data is an invitation to snoop. Transmitting it might as well be broadcasting.
If you use encryption and password locking, you have some slim hope of keeping it private/secret. The trick after that is keeping things off the radar. If someone wants it bad enough, they are likely to eventually crack it. What protects most of us is the vast volume of data, and that most of it is of no interest to those who can crack it.
In quantum moral terms, you should never pretend that you have any real control over anything digitized. Government snooping is something you should take for granted. Private snooping is but a different flavor of the same thing. Encryption merely raises the price tag on access; complete denial simply does not exist. This is the primary flaw in government access control policies: They seldom formulate plans for the inevitable disclosure. Don’t make that mistake. Assume eventual disclosure of everything.
All this huff and puff about invasion of privacy/secrecy is egregiously dishonest, no more than the silliest acts of kids who say, “Let’s pretend.” Stop pretending.
It’s the same with any calculus for connecting to the Internet in the first place. You’d be a fool to count on your Windows OS and protective software to protect your privacy. Most of the threats you face are those randomly aimed at known vulnerabilities in the system almost everybody else is using. There are numerous prosperous companies and individuals doing nothing more than discovering and selling information about Windows vulnerabilities that remain unknown to Microsoft and unpatched. There is some reason to believe Microsoft leaves some of those doors open intentionally. MS owns the OS; you are just renting a copy. They retain the power and legal right to disable it any time they choose for no reason at all.
On top of the inherent insecurity of Windows, even the options to harden the system are well-hidden and never turned on by default. It requires a highly specialized knowledge to engage even the simplest low levels of genuine system security on Windows.
Other operating systems will make your computer a harder target. Not only are they inherently more difficult to crack, but the extra measures of security are often presented in-your-face in the process of installing it. But because humans are writing the software, security will always be relative. Other OSes have their own on-going discovery of security holes. For the most part, Open Source software tends to be fixed more quickly because the entire process is so very public. Shame is a powerful motivator.
You’ll need to balance between the collection of reasons and needs for which you use a computer versus the risk of cracking and intrusion by governments and private enterprise, along with criminal interests. Snooping will happen because the Internet is simply not designed for privacy. Get over it.
You want privacy? Reconstruct the tribal social structure where your whole clan can deny physical access to the enclave, and make your communications face-to-face. Otherwise, privacy is just a fable — all the more so on the Internet.
After some feedback from users who are migrating from Windows to Linux, I realize XFCE probably isn’t the best choice for most of them. So after a little chatter here with someone about my various desktop concerns, I think I’ll be recommending most folks use KDE. To be honest, it’s about as close as you’ll get, demanding the fewest adaptations for the user.
I do think it’s best to change the defaults. For example, one of the biggest headaches from anyone who isn’t a fan boy is the Panel. It really needs taming, so I recommend this Plasma theme which should restore some sanity. It requires you understand how to unzip it and move the folder into your home file system:
That way you can choose it as your “Workspace Theme” and maybe get some work done. And since most folks like having icons on the desktop, I recommend you right click on the wallpaper and select “Desktop Settings” and change the Layout to “Folder view”. Otherwise your icons will be stuck in some little window on the desktop and it tends to hide itself from time to time.
The primary problem with KDE is there are way too many settings exposed to users who lack the experience. KMail, for example, is not at all self-explanatory and it does require some experience and expertise. However, it is by far one of the best email clients, bar none. Another nifty trick is that the file manager (Dolphin) can connect to your Windows boxes on the same network. Just click on the network links and work your way down to the machine in question and be ready to log in.
So if you are migrating from Windows to Linux in keeping with my information activist urging, I recommend you pick Debian with the KDE desktop, Kubuntu, or one of the others that appeals to you. If you choose Debian I’ll be glad to help you, and you can ask all the questions you need. For Debian go here and select debian-7.4.0-i386-kde-CD-1.iso.
The Enemy wants control.
He gets it by suckering us through our vices. Rarely does anyone have to worry about an attack unless they are already inside the Enemy’s camp. What we have to do is resist our weaknesses and learn how not to burn. As previously noted, stopping the NSA from taking control of your computer devices is the same as stopping any other criminal. There are no absolutes, only probabilities and risk factors.
Cellphones: If you use a smartphone offered by any of the regular providers, you will be vulnerable as a matter of course. Not only to all carriers sell their information to the NSA, but they also provide the means for highly invasive tools that take your phone out of your control without informing you. If you must use a smartphone, your one hope is using a device you fully own and installing an alternative operating system.
I can’t advise you about Firefox OS, but I’m inclined to trust it already. Tizen is probably the best hope for maintaining your independence. Sailfish and Ubuntu’s phone OS are probably a good compromise. Everything else chains you to the ground again.
Windows: If you use Windows, they own you at their leisure. You may have never had trouble with it in the past; that indicates good habits. You also may have something lurking in your system and not know it. Honestly, folks, I work with Windows machines all the time and the malware-virus field outpaces the number of hours I could devote to reading about the new threats every day. We can pretend for a moment Microsoft hasn’t left some back door open for them, but there are so very many security openings even MS and security researches haven’t found yet.
Nobody has to tell me Windows works better with most hardware configurations, that almost everything you do on Windows tends to be as convenient as it gets, and that it’s much easier to find really good free software that works much better for common user needs. The issue is that Windows is insecure from the start, and security is an afterthought. You need AV and anti-malware protections and I highly recommend Crypto Prevent which tightens permissions to what should have been the default security settings. However, you will never have real control over your Windows computer because MS specifically prevents it. You are just renting their OS, remember?
Mac is generally fine if you an afford it, but I can’t so I don’t mess with it much. It doesn’t matter how much you get for your money if you don’t have any money. Macs will never be priced for average consumers. You’re on your own, but I will give you a hint: Mac includes the IPFW firewall from FreeBSD and it has several really simple options you can choose with only minimal script editing. Look at the client or workstation options.
Linux: You would naturally think that, since I wrote a book on learning to use Debian, that’s what I run. You’d be right. Of all the various kinds of Linux out there, it’s the one I consider the most trustworthy, as in least likely to cooperate with the NSA accidentally or intentionally. Download the free book and get started learning how to take back control of your computer. I’ll be right here to help you.
I have learned to use multiple browsers for different kinds of surfing. I don’t ever use just one for all tasks. I use Lynx for reading generally, and some sites are simply too visually noisy. Lynx is the one browser least likely to react to any attempts to hijack. If I have to see the pictures, the next best things is Dillo. I still use Opera for email and some specific sites because Opera does a better job of securing your passwords. Opera has not yet given Linux users the fancy new toy they have for Windows, but it’s probably coming. Otherwise, I use Chromium, the Open Source version of Google Chrome. My book discusses how to make Chromium encrypt the password storage on Linux.
Each browser has dozens of options, controls, add-ons, etc. — any number of ways to change how it behaves. On top of that, you should always run a cache cleaner (BleachBit or CCleaner). Become an expert in what it takes to reduce tracking and threats of all kinds.
I cripple the email display in Opera Mail. I don’t want images autoloaded and attachments are kept in cold storage until I peel them off the message. I use some of the most primitive means of examining all attachments because those are the safest ways: Evince for PDFs, Libre Office for most Office attachments, Ristretto for images, Parole for media. The only AV you can get for Linux is to protect from Windows viruses — typically used on Linux machines that handle files transferred to Windows computers. Linux is simply not as vulnerable to attacks of that sort, and viruses are exceedingly rare. Most of them become obsolete as soon as the developers figure out how it works. Debian doesn’t wait for a “Patch Tuesday” once a month. You have to check manually for updates, but things are fixed quickly.
As you can see, it boils down to avoiding unjustified convenience. That is, if convenience equals risk, do it the hard way. I still install WINE so I can run Notepad++ because nothing in Linux comes even close. I still run either Word 97 or Word 2000, both working well under WINE. For all the other Windows-based stuff, I keep a virtual machine compliments of VMWare with XP. I can decide whether it connects to the Net (which is almost never). I also keep a backup copy of the XP image in case something nasty gets into the one I use.
As noted previously, these measures do not keep the NSA from targeting me individually. Rather, these measures make them pay a higher price so that is has to be very intentional. It is wholly unlikely they’ll scoop me up with a bunch of other people and take over my system. It has already been revealed that they have been trying for quite some time.
Paranoid? Call it what you like, but I’ve used Linux for years and I’m quite comfortable with it. I’m not pushing it, just trying to make it as easy and reasonable as possible. Mainly, it’s simply my best gospel tool for the moment. The issue of self-discipline is resolved when you are committed to the mission.
God supports His mission and will honor your efforts to secure the tools dedicated to His Kingdom.
Computers are just a tool, not the prime mover of human future.
If we could stuff a soft, fat rubber ball in the mouths of the world’s mindless fanboys, the silence would be suddenly deafening. That includes the vast majority of Linux users I encounter online. Somebody take away their keyboards — please! There are easily millions of Linux users who aren’t making that much noise, and I wish I could make their lives better. Fanboys make everything worse for everyone regardless of what sort of interest we are discussing.
So we have some good thoughtful articles about why Linux hasn’t hit the mainstream of computer use. Without fail, the stupid fanboys — and sadly way too many developers — pop up insisting that the real problem is users are afraid of change or something equally insipid. People don’t fear change; they don’t give a damn. That is, they don’t care enough about what drives the fanboys to have any kind of strong emotion at all. They don’t adopt Linux because Linux is too strange and — horror! — it’s not worth the trouble to change.
That’s what I was trying to say when I wrote about how wrong Open Source GUIs are. In the first place, they are not user friendly or intuitive. They might be intuitive in the sense that fanboys can quickly figure it out, but to common users the interface is alien. Unlike Windows 95, it does not answer the crying need of a billion users who are pretty much forced to learn how to run a computer or suffer major consequnces. They don’t love computers; they can’t escape them. So when Microsoft spent that millions of dollars testing ordinary humans, they found out what works. It bores the fanboys and developers who eat, sleep and live computers. When fanboys design a computer, the world can’t be bothered.
The problem is not with the common user, but with the developers and fanboys. The code monkeys are dismissive, if not spiteful, toward common user concerns. You would think they designed all this out of some dark hatred for ordinary people, as if ordinary is somehow evil. This is why Game considers computer nerds Gamma; they can be useful when they decide to interact with humans, but they don’t have a clue what makes humans tick. Worst of all, some fanboys and coders are outright Omega, the damaged and twisted perverts who are lucky no one has killed them yet.
Granted, plenty of developers keep their heads down and do good work. I’m sitting here typing this on my Debian Wheezy desktop. I love it, but I’m not a fanboy. For good or ill, the God I serve has called me to watch over and meet the needs of the common folks out there who have to deal with the complexities of real life. I’ll teach them Linux if they feel the need, but most of the time I help them fix Windows and try to keep it secure. That’s sacrilege to the fanboys. They can’t stop me from learning and using their precious Linux for my own needs, but I can surely stop them from harassing me. They haven’t been around much this past year.
Oh, and I have Windows XP running in a virtual machine on this system for stuff that Linux can’t or won’t do. And Windows 7 running on another system around here. Win7 is the new XP in the marketplace, because it’s close enough to the original human default UI that people can still instinctively figure out most of it. Open Source UI developers are too arrogant to take advice from common users, so they keep coming up with lots of computer cool, but nothing anyone can tolerate. This is what happens with developer-centric software.
Somehow I seriously doubt the Linux UI projects will ever figure it out.
The current trend in computer user interface is racing up a dead end street. I could be entirely wrong about this, but we’ll see. I am certain the current leadership in development projects are almost uniformly stupid about it. That is, they are too focused on the “cool” factor, as if that were their only hope of market survival. Granted, that “cool” factor does have strong vibes with the consumer market. It’s trendy; gotta run with the trends to stay in business, no?
No. It’s an old myth by now, but still a myth. Any economy, macro or micro, that depends solely on consumer tastes, is dead where it stands. Not simply because someone else will come along with a cooler idea and steal your market share, but the consumer market itself is entirely too fragile. The underlying economic system is rather like an impossibly tall structure with a high center of gravity. It will eventually become unbalanced. While it won’t fall quickly, it will crash very hard. (Hint: It’s being done to us intentionally by those who control the banking system.)
We are just about there. Whatever it was the computer GUI designers thought they were chasing five years ago, it’s just about to evaporate. The consumer economy is going to shrink to insignificance for anything not essential. People will do their best to keep the devices they have, or maybe seek a used one when they break the older one. Sales of new tablets and cellphones will probably fade before this year is out. Pretty soon the biggest market for computing devices will be business and government. That is, it will be a PC workstation market.
Even if the market is only somewhat reduced, it will be catastrophic for any vendor heavily invested in consumer grade products that aren’t on the bottom edge of the price range. The consume-only device will cease to dominate unless it becomes dirt cheap. Barring some earth-shattering technology discovery that can replace current devices for less than the buying power of $50 (US) today, that market will fade or die.
Way back when the home PC first became possible for what was then a prosperous consumer class, a couple of big outfits came up with the Graphical User Interface. Their market share was small, but surging on the GUI. Someone at Microsoft realized the only way they could dominate was to do it better than anyone else. So they invested millions of dollars hiring genuine human behavior PhDs and tested hundreds of ordinary people with no computer experience for months. They sat them down in front of a computer and let them do whatever it was they would naturally do without any instructions. Then they refined the interface and did it again. They repeated the process until what they had was as close as they could possibly get to instinctual human behavior — Windows 95.
By any useful meaning of the term, it was an intuitive GUI. Go ahead and snicker, but it worked.
Granted, the exposure of almost every human on the planet to that and other GUIs since then means we no longer have a pool of inexperienced users to test. You could suggest that the consumers have moved on from that first intuitive model. But if you’ve ever visited any corporate or government workplace, the first thing you’ll notice is that they have not moved on. So if you take away the Win9x/Win7 style interface, productivity sags very quickly in most offices. Something about that basic design still reflects fundamental human wiring, not just current habit. Right now, HP is getting a boost in sales because they realized there was such a big demand for Win7 over Win8 that they could make lots of money. So if you go to their sales sites, you’ll find lots of Win7 stuff prominently featured. And sales are good.
So long as almost no one but a few computer nerds and dweebs are using Linux, the GUI doesn’t matter. But when you start looking at corporate-friendly distributions of Linux, they all look somewhat like that basic Win95 layout with minor variations. There are numerous other factors involved, but there will not be a year of the Linux desktop until the dominant offering looks like Win95. It also has to work about the same, with all the convenient features right there in easy-to-discover “intuitive” locations in the menus.
GNOME Project? Those people must be from another planet. It’s almost Orwellian how they use the same words to describes things no ordinary human would recognize. That whole project treats ordinary computer users as a species that should be wiped off the earth. KDE Project? They aren’t quite so hostile, but they still try to reprogram humans into something non-human. They abandoned the intuitive model. LXDE is the project that will never be finished because they keep arguing amongst themselves over insignificant details like academic communists. XFCE is workable, but still not very responsive to basic human expectations. You can make it look like Win95, but it’s not fully integrated into the underlying system the way even Win95 was. There are no other viable contenders for the comfort of common computer users. You would think it was a part of your Open Source licensing that you first commit to hostility against ordinary computer users.
Don’t get me wrong; I still run Linux. There’s nothing like the Linux command line. And these days it runs on just about every piece of hardware and is easier to install than Windows. Best of all, you need not concern yourself with activation and licensing (unless you purchase commercial tech support). Most of the essential applications and suites are approaching parity in most areas, clearly better in just a few points. Server setup and configuration is much easier to find on Linux than on Windows, and much simpler to do. If you follow all the rules for both, Linux is still incomparably more secure and stable than Windows Server, and considerably more flexible in ways that really count. Yeah, Linux is that good.
Until you look at the GUI. It sucks. And all the people running the show are literally unable to hear when you tell them so. Should you actually get their attention to the nature of the problem, you’ll be lucky if all they do is snicker like you were some kind of idiot. Who gives a flying f*** about ordinary computer users? Not the Open Source guys, that’s for sure.
I’m waiting to see how this turns out.
Update: Stated in different terms, Matt Asay says the same thing, in that Linux is not an alternative if people have to learn from scratch all over again. If Linux developers are too arrogant to accept standard computer UI conventions for whatever reason, they clearly have no interest in wider adoption. If she has to learn different habits, you cannot sell it to the Valeries of the world.
I admit it: I really get more work done on Windows 7, so that’s what I run on my primary machines. The integration with the hardware simply cannot be matched in Linux and it’s almost boring how things keep working so well without a bunch of tweaking. Most Linux users are constantly tweaking their systems, in part trying to resolve long-term issues. Were I facing a higher threat context, I would probably run Linux on the metal, but it simply does not work as well.
Instead, I run virtual machines. I keep Debian Wheezy on VMWare and I also have XP Mode for stuff that doesn’t work on Win7.
The latest VMWare Player (free version) does a really good job of making Debian easy to install. It correctly identifies the installer CD and may offer to install the tools for you right away. Don’t; wait until you get Debian installed. The menu on VMWare Player allows you to add the tools later. What happens is that it mounts the tools as a virtual CD, typically at
/media/cdrom/. You can’t run it from there; you have to copy those files somewhere within the file system of the running Debian VM. I used
/opt/. There, you can unzip the untar the files and run the installer logged in as root.
Basically the command is
perl vmware-installer.pl — you pretty much need only accept all the defaults for every question it will ask you. Then log out and log back into your user account; this will restart X with all the drivers.
This allows you to integrate it more fully into your Windows desktop and add permissions on your Win7 system folders and files for Debian to read and write. Frankly, the primary value is being able to run the weird networking stuff Linux offers and all the security. Your running Debian VM is just as secure as Debian stand-alone from viruses and malware. I know a few folks who do all their surfing and email on a Linux VM to protect their Win7 desktop system. The one thing you simply cannot get is the Linux X-server mouse behavior using mouse-paste.
I still recommend folks installing Debian if they can get by without a full-blown Windows installation. If your system has enough horsepower, go ahead and install VMWare on Debian and run XP or whatever version you need for Windows stuff. If you are just surfing the Net and doing simple stuff, that should work. Still some hardware is just not compatible with Linux and if you do any significant real work with specialized software, sometimes Linux won’t do it for you.
Make up your own mind, but don’t ignore the possibilities.
Addendum: I should have noted the laptop runs Debian Wheezy as before. There are too many factors I can’t control when I take that thing somewhere and try to use wifi connections I can find.
Despite my years of tinkering with Linux, I find the printing framework (CUPS) still lags what you can get on Windows or Mac. Most people might never notice the difference, but when I need something out of the ordinary, I can’t do it on Linux. We all know that while some printer manufacturers do turn out nice drivers for CUPS, they never go beyond the driver itself by providing the rich software controls with their own packaged drivers for Windows. On the other hand, you also don’t have to worry about running those huge, fat printer control packages on Linux that bog down your Windows computer. Still, I sometimes need what Linux will probably never provide in terms of printed product. That most of the world is quickly abandoning paper output means this will become irrelevant soon enough, but for now, I have to run Windows for some things.
The headache of running Windows is that it remains unsecured by design. It’s not as if you can’t make Windows pretty tight against most malware, but doing so has always been the domain of serious and secretive MS engineers and expensively trained technicians. There are a wealth of policy tools built into the professional grade versions of Windows used in many corporate networks, but they are obscure and challenging to implement. Most of these are very sensible and really should be set by default, but MS is all about convenience and lowest-common-denominator. Your Home Premium Windows box lacks those tools. The underlying restrictions still work, but the suite of policy tools is part of the difference in price compared to the Professional version or higher.
Implementing those restrictions sensibly for you is what CryptoPrevent does.
It’s pretty simple. Download the free version of “setup.exe,” launch it and accept the defaults, then click “Apply.” You’ll have to reboot, but once it comes back up, chances are really good you’ll never notice the difference in how your system acts. Relaunch the application and hit the “Test” button to see if it works as designed. Only rarely does it fail and the site offers some guidance. Honestly, folks: This thing will disable a really large swath of malware out there today. The changes it makes should be the default on Windows for home users.
Another smart habit is simply using web browsers that lack all the bells and whistles for general surfing. I always keep multiple browsers installed, in part for testing, but also because each has different strengths and works better for one site or another. Most browsers allow you to disable lots of features, but it can be inconvenient unless you understand how to create additional profiles on the same browser you normally use. Even then, the browser might still do some things that are risky. One of my favorite browsers is called D+. It began as the Windows version of Dillo, available on Linux and BSD for quite some time. The current version of D+ actually works better than Dillo. You’ll need to run through the configuration options and test things to see how they work. You make the changes, close it, and then relaunch before they take effect.
The rendering is really quite different and takes getting used to. If you’ve used Lynx a great deal, you’ll recognize the layout is very similar, as both tend to ignore columns and tables. What you’ll see is usually more like what cellphone and tablet users see as the “mobile version” of most sites in a plainly vertical display. If you read the longer version of the description of D+, you’ll learn a lot of common browser features are left out on purpose. A crippled and simplified browser protects you from bad stuff, yet allows you to read the text and view most static images. A few sites won’t work at all for Lynx or D+, but that’s what “full feature” browsers are for.
If you really want to run Lynx, as I often do, you really should work through the Cygwin Project. Run the installer and check in the various categories like Networking and find a checkbox for the “lynx” package. The installer will take care of adding anything else needed to run Lynx. I rather like this excellent visual tutorial, even though it’s primary purpose is to allow running an obscure software project called PhysioNet. The point is, that particular page will show you how to get Cygwin installed and set up to run. You can adjust the size of the terminal window to suit your tastes via the usual context menu. It’s also a really great way to learn the Linux CLI without running a virtual machine. Lynx running from Cygwin is actually a better experience than it is on Linux because it reliably renders more common symbols and special characters that tend to disappear in the Linux version.