Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Why I Use Generic Computers and Open Source Software
OSNews ^ | 24 November 2012 | Howard Fosdick

Posted on 11/26/2012 11:13:00 AM PST by ShadowAce

Do you depend on your computer for your living? If so, I'm sure you've thought long and hard about which hardware and software to use. I'd like to explain why I use generic "white boxes" running open source software. These give me a platform I rely on for 100% availability. They also provide a low-cost solution with excellent security and privacy.


People's requirements vary, so what I use may not be the best choice for you. I'm a support person for databases and operating systems. I also do consulting that involves research, presenting, and writing. I use my own computers and work from home. This article is about desktops and laptops, not handheld devices.

Replaceable Hardware

I need 100% system availability. If I don't have a functioning computer at all times, I can't do my job. I'm unhappily "on vacation" if I'm fixing my computers. My solution is to use only hardware I can fix or replace immediately.

One could adopt other strategies to meet these strigent hardware requirements. Some pay more for higher quality equipment, betting that this results in fewer failures. Some rely on vendors for support. They select a responsive company with a good reputation for service. Knowledgable help is vital. Many prefer local support staff who are easily accessible. Thom Holwerda wrote an excellent article explaining why he picks iMacs for high availability.

I take a different approach. I use generic white boxes with all stock parts. Since computers are inexpensive I keep several on hand, along with extra parts. It's easy to swap parts if necessary. PCs are highly standardized -- if you acquire them with an eye to non-proprietary components. I open up and inspect every machine before I use it. (Watch it with laptops. Some vendors will mold their DVD drives to non-standard shapes or add proprietary plastic you have to fit on your hard disk to properly connect it.)

For my self-service approach to work, you have to know how to perform basic hardware problem identification. You don't need to be hardware-trained. I'm not. The key is to be able to quickly identify common problems, because the hardware fixes are easy with a replacement strategy. A good problem ID procedure and a few rules of thumb are all you need. (I'll share mine in another article if people are interested.)

If a hardware problem requires more than a few minutes, use a backup computer. Once this was prohibitively expensive. Today cheap generic boxes make it feasible. Another change from years past is that you no longer need current hardware to run current software. I run resource-heavy apps like enterprise DBMS and website generators with a few gig of memory and a low-end dual core processor. That's a five year old machine. You can get a fleet of them for the cost of one hot new gaming box.

Critical to my approach is that you keep your work -- your data -- portable. Back it up and move it between machines with a USB memory stick. Don't ever get in a situation where your data resides only on a single machine. Same with software. If you depend on certain applications for your work, ensure they're available on more than one machine.

To do this just copy data directories or entire partitions between computers. If you need a certain application or configuration for your work, copy it. If a USB memory stick isn't big enough to hold your copies, use a USB hard disk. Or, perform network copies. I run them in the background while I do other work. Virtual machines are also useful. Just move guest OS files between VM hosts. Virtualization lets you easily, safely, and securely run multiple OS's on one computer.

Vendors are well aware that generic hardware and portable software threaten their profits. That's why most proprietarize any way they can. Unified Extensible Firmware Interface (UEFI) is the latest of many attempts to kill competition by an artificial barrier. The rationale for UEFI lockdown you often read about -- that it prevents boot viruses -- is intended to mislead. The last time secure booting was a major problem was back when people booted from floppies. It's not boot viruses you have to worry about, it's those within Windows that cause the problems.

Applying this Philosophy to Software

To apply this philosophy to software, I use stock parts that can easily be installed, copied, or replicated across machines and backup devices.

There's a name for such software: open source. While open source software (OSS) saves you money, flexibility and licensing are the big benefit. You control it, it doesn't control you.

Let me give you a single example: backup and recovery. In Windows World, there must be a dozen ways to recover a lost system (off-hand, I can think of the Recovery Console, System Backup and Restore, recovery partitions managed by OEM software from vendors like HP or Dell, the Last Known Good Configuration, Safe Boot mode, Registry Export/Import, and performing a Repair Install). Why so many different ways to solve a single problem?

The answer is that vendors want to control your backup and recovery. Otherwise they can't lock you in and make you a source of continuing revenue. Vendors claim "ease of use" -- but is it really when you face this tower of B/R babble? With OSS, I issue a single command to either backup or recover. I don't have to navigate a half-dozen different apps designed to "help" me.

Here's a real-world example. My motherboard died last summer. I removed the boot disk from the dead system and plopped it into another, then booted that Linux instance on the target computer. Problem solved! Windows won't let you do this. Its hardware-bound Registry, authentication procedures, and licensing all specifically prevent it. They're designed to. Why? So you don't steal Microsoft's software. Microsoft places its needs to protect its ownership of Windows software above your need to solve your crisis. (Remember, you do not own the copy of Windows you "bought," Microsoft owns it. You only licensed it.)

Microsoft has every right to protect its property. But that's not our problem. Our problem is fixing our motherboard failure. Because of their agenda, Microsoft makes our life more difficult. Their software limits your flexibility -- on purpose. Heck, you can't even move an installed app from one disk to another without special software. The Registry -- Microsoft's control choke point -- prevents it.

OSS lets you easily move software across machines or disks or operating systems with just a command or two. I replicate operating systems, applications, and data how and when I need to. No Registry, licensing, authentication, hardware binding, or other artificial barriers make my job more difficult.

Here's another tip: Don't use an operating system you don't install. There was a time when a vendor-installed OS meant peak performance and a malware-free system. Those days are gone. Major incidents have shown that preinstalled malware is now a reality, ranging from spyware to rootkits to adware to craplets. This problem will get worse before it gets better.

Security and privacy require that you control your computer. If you use an OS someone else installed, you don't control it.

Compatibility

Most of the business world uses Microsoft's desktop software. So a big issue for those using my strategy is compatibility. How will you fit into Windows World? The answer depends on the kind of work you do.

For some IT professionals, this means running Windows and the Microsoft stack. "Use what your clients use." I hear you and agree 100%. Do what you need to do.

For most people, however, compatibility merely requires file interchange. I'm in this group. All we need for compatibility is the ability to create, update, send, and receive Microsoft Office files.

Using LibreOffice, I've encountered very few problems in exchanging word processing and spreadsheet files. Just stick to the features common to both LibreOffice and MS Office and avoid complex formats and layouts. The web has many articles on how to use LO and MS Office compatibly. (Ironically, LO is often more compatible with older versions of MS Office than is the current version of MS Office!)

The compatibility picture isn't quite as rosy when it comes to presentation graphics. Move a 40-slide PowerPoint file between office suites and you'll see many minor changes (spacing and fonts, for example). I circumvent this by presenting to clients with my LibreOffice laptop and handing out hardcopies of the foils.

Years ago, I used to double-check how my OSS-produced files looked on Windows XP. For example, I'd check that a Word document I created with OpenOffice looked the same in MS Word, or I'd verify that web pages created with Kompozer and Firefox rendered properly on Internet Explorer. I don't know whether it's because OSS compatibility has improved, or that I've learned how to avoid incompatibilities, but I haven't bothered with double-checking for a long while.

Applications availability is another concern. Do all the products you need run under Linux? Everything I need runs natively. For some folks Microsoft products are an important exception, since all are Windows-only. You can usually solve this problem with Wine, a compatibility app that runs nearly 20,000 Windows programs on Linux.

Business Savings

I'm an independent consultant. What works for me may or may not work for you. Or for small or large businesses. Still, when I see how some companies operate, I wonder if they're wasting money. Many could remain on Windows while strategically replacing components to their great advantage. This avoids a disruptive platform change while capitalizing on open source tools and apps.

Office suites are the perfect example. Microsoft Office licenses are not cheap, especially for smaller companies that can't swing the big discounts. LibreOffice and OpenOffice are functionally very competitive. You really have wonder why more companies don't even evaluate them.

Some would answer: support. But what kind of support do you get from a vendor that you can't get from the Internet? I'm old enough to remember when vendors created bug fixes for customer problems. Today they just tell you to wait for the next release (which they always insist you install, whether or not it fixes your problem). Support consists merely of work-around's and how-to's. You can get that online for free.

Another possibility is to keep Windows but replace Microsoft's proprietary development environment. Leave the ever-shifting sands of Microsoft's frameworks in favor of open source IDEs, programming languages, tools, and databases. Some companies score good savings while producing excellent apps with WAMP (Windows + Apache + MySQL + PHP/Perl/Python ).

These ideas aren't for everyone, but it always amazes me that some IT pros are so tightly wrapped in the vendor security blanket that they don't even evaluate alternatives. Some security blankets are well worth the money. Others only represent inexperience or inertia. Only you know which statement applies to your organization.

The Bottom Line

Inexpensive stock parts work well for my hardware and software needs. They're easily replaceable so I enjoy 100% availability. Low cost, high security, and good privacy are extra benefits. What are your requirements and what desktop strategy do you use?


TOPICS: Computers/Internet
KEYWORDS: floss; generic; hitech

1 posted on 11/26/2012 11:13:08 AM PST by ShadowAce
[ Post Reply | Private Reply | View Replies]

To: rdb3; Calvinist_Dark_Lord; Salo; JosephW; Only1choice____Freedom; amigatec; stylin_geek; ...

2 posted on 11/26/2012 11:14:40 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

Comment #3 Removed by Moderator

To: ShadowAce

Or you could just source and store on the cloud.

There. A 2 thousand word solution verses a 10 word solution.


4 posted on 11/26/2012 11:16:55 AM PST by Responsibility2nd (NO LIBS. This Means Liberals and (L)libertarians! Same Thing. NO LIBS!!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Responsibility2nd
You answered a "what" or a "how" question.

The article addressed a "why" question.

5 posted on 11/26/2012 11:20:02 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 4 | View Replies]

To: ShadowAce

Yes by FR criteria that’s the only permissable option.

Apple is run by a gay guy and Ballmer and Gates gave big money to the Wash State “marriage initiative”


6 posted on 11/26/2012 11:21:31 AM PST by nascarnation (Baraq's economic policy: trickle up poverty)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Responsibility2nd

Could you give an example?


7 posted on 11/26/2012 11:22:09 AM PST by rurgan (give laws an expiration date:so the congress has to review every 4 years to see if needed)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Responsibility2nd
I'm not putting my data on a computer I don't have physical control over. I'm not going to rely on applications on a computer/computers that I have no control over.

Cloud may work for some. For others, it's a huge potential liablitity.

/johnny

8 posted on 11/26/2012 11:25:07 AM PST by JRandomFreeper (Gone Galt)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Responsibility2nd

Can’t “cloud” things in my business due to privacy concerns.

However, I do not agree with running my business on brand x computers, either.

After having been in the business for 30 years prior to my current job, brand x just won’t cut it.....


9 posted on 11/26/2012 11:33:49 AM PST by illiac (If we don't change directions soon, we'll get where we're going)
[ Post Reply | Private Reply | To 4 | View Replies]

To: rurgan

Could you give an example?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

How about Free Republic? It may not be the best example, but Jim and John certainly use their own in-house systems and software. And last month when it was non-operative for days on end...

How’d that work out?


10 posted on 11/26/2012 11:34:51 AM PST by Responsibility2nd (NO LIBS. This Means Liberals and (L)libertarians! Same Thing. NO LIBS!!)
[ Post Reply | Private Reply | To 7 | View Replies]

To: ShadowAce
The great thing about open source is that anyone can contribute to it.

The bad thing about open source is that anyone can contribute to it.

Unless you are personally reviewing and merging changes, there is a potential security risk.

11 posted on 11/26/2012 11:39:48 AM PST by 5thGenTexan
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
[by] Howard Fosdick
Any relation to "Fearless?"

12 posted on 11/26/2012 11:43:14 AM PST by oh8eleven (RVN '67-'68)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Responsibility2nd
Or you could just source and store on the cloud.

Maybe it is my age but I am just not comfortable with the cloud. In fact it creeps me out.

My customers rely on my keeping their information confidential so notes and such are kept on a non-internet connected computer. You want it then you are going to have to break into my house and take the computer it's self and good luck decrypting it.

Even my less confidential stuff I would not store out in cyberspace. There is too much loss of control.

13 posted on 11/26/2012 11:49:03 AM PST by Harmless Teddy Bear (Fate plays chess and you don't find out until too late that he's been using two queens all along)
[ Post Reply | Private Reply | To 4 | View Replies]

To: ShadowAce

I keep as much of my network Beige Box as I can: basically everything but infrastructure.

I’m trapped by software, though.


14 posted on 11/26/2012 11:49:22 AM PST by Psycho_Bunny (Thought Puzzle: Describe Islam without using the phrase "mental disorder" more than four times.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

And when you try to find the blasted thing after the birds sh*t in your cloud, you have a zero word solution.

But the hw-makers are doing what they can to lock you into hw you have no use for. Like Intel.


15 posted on 11/26/2012 11:53:40 AM PST by Hardraade (http://junipersec.wordpress.com (Vendetta))
[ Post Reply | Private Reply | To 5 | View Replies]

To: ShadowAce
That's why most proprietarize any way they can. Unified Extensible Firmware Interface (UEFI) is the latest of many attempts to kill competition by an artificial barrier. The rationale for UEFI lockdown you often read about -- that it prevents boot viruses -- is intended to mislead.

That's not true. The UEFI is used to verify the OS or OS kernel before it loads. It prevents unauthorized changes to the OS. The real reason the author doesn't like UEFI is that is can be used to local a piece of hardware to a particular OS, no other OS can then be loaded on it.

16 posted on 11/26/2012 11:57:04 AM PST by palmer (Jim, please bill me 50 cents for this completely useless post)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

I have 2 identical machines and use one as a backup. My backup policy is to pull one of the mirrored RAID hard drives and replace it with a freshly wiped drive twice each week (and let the system rebuild overnight). If my system goes down, I pop the snapshot drive into the backup and I’m up and running immediately while I troubleshoot and repair the main system. This happened only a month ago when the power supply in my system died and I had to get a replacement.


17 posted on 11/26/2012 12:04:03 PM PST by BuffaloJack (Children, pets, and slaves get taken care of. Free Men take care of themselves.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

Pretty much matches what I do, although I don’t care whose name is on the box, as long as I can fix what’s inside it.

I’ve run into situations where file compatibility isn’t enough. And the incredible number of free apps for the Windows platform keep me on it, although I use Linux too.


18 posted on 11/26/2012 12:05:25 PM PST by bigbob
[ Post Reply | Private Reply | To 1 | View Replies]

To: 5thGenTexan
Unless you are personally reviewing and merging changes, there is a potential security risk.

I find it to be quite the opposite - Closed source software tends to have way more security holes than OSS. BY FAR. Closed source relies upon obfuscation and has significantly less programmers at their disposal. Open source and many eyes naturally results in more elegant code and far quicker discovery of exploitable code. I don't use ANY closed source programs anymore... that I can think of... Other than Windows on some boxes, and the antivirus applications it requires BECAUSE of it's closed source mentality.

And 'merging changes'? Most programs nowadays handle their updates automatically - You may have to hang out on the application's forum for a while to see if there are problems, but other than that, it is much the same as closed source, with the only difference being that you, the end user, have the option of actually SEEING the changes, and can go right to the source code to do so. You don't get to see the crappy code hiding behind closed source - If that gives you some feeling of 'professionalism', let me assure you that is not the case.

19 posted on 11/26/2012 12:05:27 PM PST by roamer_1 (Globalism is just socialism in a business suit.)
[ Post Reply | Private Reply | To 11 | View Replies]

To: 5thGenTexan
The great thing about open source is that anyone can contribute to it.

Not exactly. While anyone can submit a contribution to an open source project, that does not mean that the submitted change will automatically be incorporated into the project. Submissions are reviewed for malicious code.

The bad thing about open source is that anyone can contribute to it.

Again, not exactly. Most larger open source projects only allow submissions from an approved list of volunteer coders. If Juan Dough programmer has a better idea about how to do something is the project, he can submit the changes to the appropriate volunteer coder who reviews it and if it looks good, then submits it to the larger project community, who review it and test it again.

At least that has been my experience on open source projects, but your mileage may vary.

20 posted on 11/26/2012 12:21:30 PM PST by DarthFuzball ("Life is full of little surprises." - Pandora)
[ Post Reply | Private Reply | To 11 | View Replies]

To: Responsibility2nd
Or you could just source and store on the cloud. There. A 2 thousand word solution verses a 10 word solution.

I was thinking the same thing. I'm setting up a small business tech system right now, and I'm not going to have anything locally, no files, no applications, nothing except the operating system (right now, Google Chrome). All of the problems cited by the OP are thereby eliminated. Everything's backed up always, hardware failures will always result in zero downtime because there will always be other devices around to log-in from, no software to purchase, no compatibility issues, no malware, viruses, or manual updates. All files are available anywhere out in the field, from all kinds of device, including smartphones and tablets. Yes, it's not "confidential", but the only way to entirely eliminate the possibility of someone seeing your files is to stay off the internet completely (at least on the computer in question) and a computer not connected to the internet in 2012 makes about as much sense to me as a cell phone without a voice and data plan.

21 posted on 11/26/2012 12:21:39 PM PST by Behind the Blue Wall
[ Post Reply | Private Reply | To 4 | View Replies]

To: Behind the Blue Wall

That makes sense.


22 posted on 11/26/2012 12:28:02 PM PST by rurgan (give laws an expiration date:so the congress has to review every 4 years to see if needed)
[ Post Reply | Private Reply | To 21 | View Replies]

To: ShadowAce

This is great if your software requirements are vanilla, I suppose. If all we are talking about is Office type documents than fine. But good luck if you have any special needs as a business. Most of this article is generalized, self important claptrap.


23 posted on 11/26/2012 12:30:38 PM PST by Catholic Canadian
[ Post Reply | Private Reply | To 1 | View Replies]

To: oh8eleven

Ha ha! My first thought exactly. Fearless Fosdick. No school like the Old School.


24 posted on 11/26/2012 12:30:57 PM PST by Bloody Sam Roberts ('Need' now means wanting someone else's money. 'Greed' means wanting to keep your own...)
[ Post Reply | Private Reply | To 12 | View Replies]

To: DarthFuzball; 5thGenTexan

Well, you can see the source. If there is something malicious or bad, everyone familiar with that source in the world would be commenting/complaining about it.

A ticket gets opened, it gets fixed.

Yes, the projects (source) are locked down. It’s not like joe blow edits the master copies of the source files. They have a project team, source control, etc.

They just have the source publicly available for the world to see if they care to.

I like Linus’s comments. Lotsa dopes out there in high places, and he doesn’t mince words. Funny.

With windows, M$ keeps a monstrous stack of poo called their architecture with the source only known to M$.

So you’re relying on M$ to keep it secure and of good quality.

IMHO, they’ve got to be coding what amounts to empty loops to soak up CPU with the speed of today’s CPUs.

If they did a great job at keeping their architecture straightforward, extensible and secure, and they did not overcharge, open source would not really be necessary.

If Windows could be had for $29, and M$ was not trying to throw curve balls to developers and “lock them in” to M$, etc., by always implementing things their own weird way, and they kept configurations secure by default instead of insecure by default, and M$ never entered the applications market in a big way, using their brand name to blow away every application software company they could once their products got popular, they would have an OS platform that made sense to build software on.

But since they don’t do these things, a software company knows that M$ will only let them get so big before they crush them with an M$-branded competitive product (that stinks but will sell anyway) or buy them out for not too great of a price.

They got too big, however, with BG wanting to take over the whole software industry, instead of just run a business and leave it go at that, which leads to the trap of revenue increase addiction despite the fact that they’ve long since grew beyond the natural market size for an OS company. Such an addiction naturally motivates towards monopoly as opposed to efficiency and innovation to bring in more revenue. This is why MSFT share price in the last 10 years has gone - nowhere. It’s got nowhere to go.

And M$ has single-handedly held back innovation for all these years since most people are stuck with whatever Redmond comes up with.

Someday maybe we can get beyond the goofiness that OSs and the internet are today. Thanks to the idiocy of government, I’m in no hurry.


25 posted on 11/26/2012 1:00:20 PM PST by PieterCasparzen (We have to fix things ourselves.)
[ Post Reply | Private Reply | To 20 | View Replies]

To: ShadowAce
Wow. If you want to do all that to avoid profiting big corps, fine. I have been using computers professionally for many, many years. The only hardware failures, I have had were from brown outs/ or power surges. Unplugging during lightning storms, and uninterruptable power supplies take care of that. Almost everything “problem” you mention, it seems like your solution is way overkill. If your happy with what your doing good for you. Thank God, I don’t have to go to that much trouble to be successful in computers.
26 posted on 11/26/2012 1:17:49 PM PST by EyeSalveRich (its not so hard)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Psycho_Bunny

Thought you were using some Linux.


27 posted on 11/26/2012 1:18:35 PM PST by Ernest_at_the_Beach ((The Global Warming Hoax was a Criminal Act....where is Al Gore?))
[ Post Reply | Private Reply | To 14 | View Replies]

To: Hardraade
And look at what Intel may do....FR Thread:

Intel kills off the desktop, PCs go with it

28 posted on 11/26/2012 1:20:57 PM PST by Ernest_at_the_Beach ((The Global Warming Hoax was a Criminal Act....where is Al Gore?))
[ Post Reply | Private Reply | To 15 | View Replies]

To: ShadowAce

I just want it to work... I don’t want to have a new hobby

Every few years we have to upgrade and it is 3 months of HELL... I would hate to deal with that on a daily basis... fix this, that doesn’t work, my printer doesn’t work etc etc etc

I could write DB Programs myself that did everything except have pretty pictures back during the dos days ... today ... not so much

TT


29 posted on 11/26/2012 1:25:04 PM PST by TexasTransplant (Radical islam is islam. Moderate islam is the Trojan Horse.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: roamer_1
Closed Source versus Open Source does not in and of itself make for better security. If that were the case, the discussions about the need for antivirus solutions on mobile devices would be around iOS, but they are not. They are about Android.

It has more to do with the target's market share than the sourcing model. Hacking Mac OS when it was 9% of the market share wouldn't make news. Hackers went after Windows because that made news. Interestingly, now that Mac OSX is getting to he 30% share, it is coming under attack. In the mobile space, Android is the market leader. So it gets teh attention target on its back.

The difference is that Android's internals are open for analysis. Yes, there is a large, faster moving community that is evolving the code base quicker than a big company minded Microsoft. But there is also opportunity for someone to find adn exploit the hole rather than fix it. This was exactly what happened with the Android game malware that sent your contacts adn personal information to a server in China a year or so ago. And that fast moving dynamic is changing as well under Google, who is becoming the big company minded beast. They will become "the man" to the economic politics driven hacker. And to the attention seeking hacker.

My comment on merging sources was that unless you personally review source changes to both the OS and the apps you use (compiling them all locally), you are placing some implicit trust in the open source community. Nothing more.

It is a matter of where you personally want to place trust and accept risk. Just don't be lulled into believing the open source community is fully trustworthy - remember, many of the Windows hackers are part of the open source community.

30 posted on 11/26/2012 1:37:50 PM PST by 5thGenTexan
[ Post Reply | Private Reply | To 19 | View Replies]

To: PieterCasparzen
Well, you can see the source. If there is something malicious or bad, everyone familiar with that source in the world would be commenting/complaining about it.

A ticket gets opened, it gets fixed.

If a ticket gets opened, it gets fixed. Or if a hacker finds it first, by reading the code, and exploits it without reporting it, as happened on Android recently.

And the apps go thru no review process at all. There are pluses and minuses to both models. And there is more than on closed source operating system out there. You just have to weight the risks and rewards and make the decision appropriate for you.

31 posted on 11/26/2012 1:51:19 PM PST by 5thGenTexan
[ Post Reply | Private Reply | To 25 | View Replies]

To: ShadowAce

Had a hardware crash on a Xp box. Yup, restoring the system is not just making a hard disk swap.


32 posted on 11/26/2012 1:59:28 PM PST by FastCoyote (I am intolerant of the intolerable.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: 5thGenTexan

A couple thoughts:

No smartphones for me. I want control, or forget having the device. I don’t want auto updates on anything.

The only way something can get in is if something is listening or malicious code installs itself.

I keep only software that I want installed; my ports are essentially all not listening. And I know for a fact that nothing has changed, so there’s no new software that I don’t know about, no update, etc., that planted itself in my machine and by default is a hacker magnet. I do everything in paranoid mode.

I don’t want to deal with software on a simple device like a phone, then actually conduct personal transactions on it, save personal data on it, etc.

Unix in general is just a pc-like O/S, i.e., the default file systems are primitive. Root can write to executable files. It’s idiotic. It was never intended to be what it is today, that is, having to exist in the free-for-all unsecure world.

I would much prefer that several proprietary OSs were competing and available to give me a choice, but M$ killed all of them off.

Open Source works and it’s cheap. It’s also rinky-tink in terms of arbitrary, cryptic, cutesy naming conventions, commands that have bazillion options for a truckload of functionality in one command etc. TC/IP is nuts, IMHO.

But... at least I’m not paying thousands per year to M$ for the same amount of goofy complexity and having the whole thing change every 5 years or so. M$ is constant BS that one has to pay exhorbitant amounts for. An old executable on linux has a good shot a running.

IMHO, after 50 years, there should be OSs that had the core functions, be rock solid and cheap.

Yeh, I agree 100%, ya pay yer money, ya take yer choice.


33 posted on 11/26/2012 3:43:22 PM PST by PieterCasparzen (We have to fix things ourselves.)
[ Post Reply | Private Reply | To 31 | View Replies]

To: Responsibility2nd
There. A 2 thousand word solution verses a 10 word solution.

What about if you left your Ouija Board in your other suit and can't access the cloud?

34 posted on 11/26/2012 11:19:09 PM PST by publius911 (Formerly Publius 6961, formerly jennsdad)
[ Post Reply | Private Reply | To 4 | View Replies]

Bookmark


35 posted on 11/26/2012 11:30:23 PM PST by freds6girlies (many that are first shall be last; and the last shall be first. Mt. 19:30. R.I.P. G & J)
[ Post Reply | Private Reply | To 1 | View Replies]

To: 5thGenTexan

That is a common critique but a baseless one in the case of the major open-source enterprise programs like Linux, Apache, etc. Those programs are rock-solid in security.


36 posted on 11/27/2012 5:45:18 AM PST by LifeComesFirst (http://rw-rebirth.blogspot.com/)
[ Post Reply | Private Reply | To 11 | View Replies]

To: LifeComesFirst
How can my critique baseless when it included specific real world examples in it? Android, an open source Linux based OS has been hit by malware attacks already. The need for anitivirus programs is being suggested by industry pundits.

Narrowing the discussion to only enterprise versions does not include the whole open source world. Having worked in the enterprise server industry for 25 years, I am well aware of where enterprise Linux is and how long it took to get there.

The premise I was addressing was the assertion that open source in and of itself creates more secure solutions. And his reference point was the personal desktop, not the enterprise server. If he must buy one of the enterprise Linux solutions to get the level of security you speak of, the price part of his argument goes out the window.

37 posted on 11/27/2012 6:32:05 AM PST by 5thGenTexan
[ Post Reply | Private Reply | To 36 | View Replies]

To: Ernest_at_the_Beach

Yes, where I can. Firewalls/DMZs - that kind of thing.

But - functionally - my employer is a mall, as opposed to a single-purpose business like a law firm. So, while I have just under 300 users, I have 8 primary database systems from different industries. As opposed to Seafirst Bank where we had 1 primary industry database system surrounded by a bunch of secondary systems.

So, I have no flexibility when it comes to software infrastructure.

Which sucks.


38 posted on 11/27/2012 8:27:48 AM PST by Psycho_Bunny (Thought Puzzle: Describe Islam without using the phrase "mental disorder" more than four times.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: 5thGenTexan
Closed Source versus Open Source does not in and of itself make for better security. If that were the case, the discussions about the need for antivirus solutions on mobile devices would be around iOS, but they are not. They are about Android

Actually, the issues with mobile devices has more to do with the security model they implement. From what I've seen, with most of these devices, users are pretty much running as ROOT, which is a big no-no.

Your ideas about market share being such a large factor has been debunked so many times, I think a few FR posters have macros for it.

39 posted on 11/27/2012 8:38:11 AM PST by zeugma (Those of us who work for a living are outnumbered by those who vote for a living.)
[ Post Reply | Private Reply | To 30 | View Replies]

To: zeugma
True. Running as root is a big no-no. So system configuration is a big player in its security. A poorly configured open source system is less secure than a properly configured closed source system. So if security is the issue, the source model is orthogonal.

Your ideas about market share being such a large factor has been debunked so many times, I think a few FR posters have macros for it.

What is an alternative explanation for Android being a bigger target than iOS? If its not market share related, then what? Is Android inferior to iOS?

And if the market share aspect is not a part of why hackers target a given platform, why do so many former hackers who have gone public say it was? Many relish the notoriety they recieved by making the news. None of them got famous hacking Symbian or OS/2.

40 posted on 11/27/2012 10:15:23 AM PST by 5thGenTexan
[ Post Reply | Private Reply | To 39 | View Replies]

To: 5thGenTexan

Google has done a poor job with Android....RE : Secutiry.


41 posted on 11/27/2012 10:21:22 AM PST by Ernest_at_the_Beach ((The Global Warming Hoax was a Criminal Act....where is Al Gore?))
[ Post Reply | Private Reply | To 30 | View Replies]

To: 5thGenTexan

Maybe Microsoft with there phone and tablet systems will do something good regarding security....we will see.


42 posted on 11/27/2012 10:23:22 AM PST by Ernest_at_the_Beach ((The Global Warming Hoax was a Criminal Act....where is Al Gore?))
[ Post Reply | Private Reply | To 30 | View Replies]

To: 5thGenTexan
I'd say it's largely the implementation. Any system can be hacked if basic design decisions are mishandled. There have been hacks launched against platforms that had installed bases of 15,000 total hosts, (google: witty worm) so market share doesn't seem to be an impediment to dedicated hackers. Apparently, being closed source hasn't help Microsoft avoid being a target at all.

Some types of software such as crypto systems shouldn't be even considered by professionals because the devil of such things is in small niggling details that needs lots of eyes to locate potential vulnerabilities.

Security needs to be designed in from the ground up, and then implemented correctly in order to work. I am constantly amazed at how poorly even large companies that should know better implement security. Here's a great example. Cicso makes a VPN client for windows. Many companies deploy it with a group-level password set that isn't disclosed to the users so they can't set it up themselves on non-company approved devices. Unfortunately, the configuration file contains a 'encrypted' copy of the password. The 'crypto' used for this purpose is so laughably weak that a python script can break it trivially in so little time, that there is not a noticeable delay. Granted, their stupidity made my life easier, but it is criminally dumb IMO for them to actually depend upon such stuff.

43 posted on 11/27/2012 11:05:56 AM PST by zeugma (Those of us who work for a living are outnumbered by those who vote for a living.)
[ Post Reply | Private Reply | To 40 | View Replies]

To: ShadowAce

Anyone relying on hardware and software for a living that doesn’t have a business continuity plan to include extra copies of said software is a cheap idiot. I have been using Microsoft software for over 30 years without the problems described in this article. Not a hitch.


44 posted on 11/27/2012 11:24:14 AM PST by CodeToad (Liberals are bloodsucking ticks. We need to light the matchstick to burn them off.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: 5thGenTexan
Closed Source versus Open Source does not in and of itself make for better security.

While technically true, reality must somehow be taken into account: There is a reason why all the big iron runs on 'nix. And if there is anything that hackers would love to hack, it is that big iron. There's your 'credz'. Not being some script kiddie whackin' at Android. And by-and-large, that simply doesn't happen.

I am not conversant with Android, as I am still fighting vainly against moving into the handheld world. But I can guarantee that it is not the underlying 'nix that is at fault. In order to control a 'nix box, one must gain root - and left to it's native design, that is next to impossible from afar (it really IS impossible, but like a scientist, one has to leave room for an impossibility to be possible).

If root is gained on Android, I can nearly guarantee it is something Google has done in it's interface, or in it's config.

That it persists would suggest to me that whatever is wrong is not in an OSS part of the OS, or it would have been found out almost immediately and corrected - as the OSS community's record on such things plainly evidences... IOW, the culprit is probably a closed-source addition.

But then again, that is just my opinion on the general matter - I don't know Android at all. Even so, any OS has a loooong way to go to catch up to what, 3/4 of a million virii that have exploited MS...

That isn't because MS is popular - It is because it is inherently exploitable and promiscuous by nature... Else that big iron, which has always been Linux or some brand of Unix, and precedes Windows by a decade would have comparable numbers. How many nix virii have ever been? But a handful, by any comparison. A negligible amount.

But that being said, I am not defending 'nix - I am speaking to the greater OSS community... including application level software too. Even on my Windows boxes, I tend toward OSS software. Especially on Win boxen because they tend to be portable and avoid the registry. They also tend to be quicker at their function, less intrusive, more intuitive, and more precise in function... not to mention weight.

The upshot tends to be that a programmer doing OSS is not doing it for $$, but for love of programming and a peculiar dedication to whatever function the software performs. it is an art to him. A labor of love. And that, FRiend, is hard to find in the chunked and formed production of for-money software by it's very nature.

That doesn't preclude a certain amount of eccentricity however (GIMP springs immediately to mind). but even that eccentricity becomes a beautiful thing, once one learns to expect it at times. GIMP, a tool like photoshop, is one of my very favorite apps, but it took me years of intimate use to understand it well, and I still freely admit I don't understand it fully. By now though, it's eclectic nature is almost as endearing as it's function... And I would hate it if it changed.

45 posted on 11/27/2012 11:35:07 AM PST by roamer_1 (Globalism is just socialism in a business suit.)
[ Post Reply | Private Reply | To 30 | View Replies]

To: 5thGenTexan

Oh I didn’t know you were talking about systems being used by idiot end-users who download whatever, the ultimate security hole.


46 posted on 11/27/2012 2:46:38 PM PST by LifeComesFirst (http://rw-rebirth.blogspot.com/)
[ Post Reply | Private Reply | To 37 | View Replies]

To: LifeComesFirst

A plain vanilla install of Red Hat Linux does not default to a high secure configuration. That covers the usage model for a lot of non-idiot computer users who are not themselves experts, but simply people who use computers to do their actual work. Not everyone can or should have to be a computer expert. Some people have a business to run and just need to computer to work.


47 posted on 11/27/2012 7:01:37 PM PST by 5thGenTexan
[ Post Reply | Private Reply | To 46 | View Replies]

To: ShadowAce

here are some facts to jugle in your computer religion wars

http://www.microsoft.com/hk/windowsserver/compare/reports.mspx
http://www.microsoft.com/hk/windowsserver/compare/linux/server-security.mspx


48 posted on 11/28/2012 8:02:59 AM PST by EyeSalveRich (microsoft is better)
[ Post Reply | Private Reply | To 1 | View Replies]

To: EyeSalveRich
Those aren't facts. Those are propaganda. In the five minutes I spent (total) looking at those links, I spotted at least a dozen flaws.

Find something from a source that is at least *apparently* unbiased.

49 posted on 11/28/2012 8:08:48 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 48 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson