Why I Use Generic Computers and Open Source Software

OSNews ^ | 24 November 2012 | Howard Fosdick

[ShadowAce]

Do you depend on your computer for your living? If so, I'm sure you've thought long and hard about which hardware and software to use. I'd like to explain why I use generic "white boxes" running open source software. These give me a platform I rely on for 100% availability. They also provide a low-cost solution with excellent security and privacy.

People's requirements vary, so what I use may not be the best choice for you. I'm a support person for databases and operating systems. I also do consulting that involves research, presenting, and writing. I use my own computers and work from home. This article is about desktops and laptops, not handheld devices.

Replaceable Hardware

I need 100% system availability. If I don't have a functioning computer at all times, I can't do my job. I'm unhappily "on vacation" if I'm fixing my computers. My solution is to use only hardware I can fix or replace immediately.

One could adopt other strategies to meet these strigent hardware requirements. Some pay more for higher quality equipment, betting that this results in fewer failures. Some rely on vendors for support. They select a responsive company with a good reputation for service. Knowledgable help is vital. Many prefer local support staff who are easily accessible. Thom Holwerda wrote an excellent article explaining why he picks iMacs for high availability.

I take a different approach. I use generic white boxes with all stock parts. Since computers are inexpensive I keep several on hand, along with extra parts. It's easy to swap parts if necessary. PCs are highly standardized -- if you acquire them with an eye to non-proprietary components. I open up and inspect every machine before I use it. (Watch it with laptops. Some vendors will mold their DVD drives to non-standard shapes or add proprietary plastic you have to fit on your hard disk to properly connect it.)

For my self-service approach to work, you have to know how to perform basic hardware problem identification. You don't need to be hardware-trained. I'm not. The key is to be able to quickly identify common problems, because the hardware fixes are easy with a replacement strategy. A good problem ID procedure and a few rules of thumb are all you need. (I'll share mine in another article if people are interested.)

If a hardware problem requires more than a few minutes, use a backup computer. Once this was prohibitively expensive. Today cheap generic boxes make it feasible. Another change from years past is that you no longer need current hardware to run current software. I run resource-heavy apps like enterprise DBMS and website generators with a few gig of memory and a low-end dual core processor. That's a five year old machine. You can get a fleet of them for the cost of one hot new gaming box.

Critical to my approach is that you keep your work -- your data -- portable. Back it up and move it between machines with a USB memory stick. Don't ever get in a situation where your data resides only on a single machine. Same with software. If you depend on certain applications for your work, ensure they're available on more than one machine.

To do this just copy data directories or entire partitions between computers. If you need a certain application or configuration for your work, copy it. If a USB memory stick isn't big enough to hold your copies, use a USB hard disk. Or, perform network copies. I run them in the background while I do other work. Virtual machines are also useful. Just move guest OS files between VM hosts. Virtualization lets you easily, safely, and securely run multiple OS's on one computer.

Vendors are well aware that generic hardware and portable software threaten their profits. That's why most proprietarize any way they can. Unified Extensible Firmware Interface (UEFI) is the latest of many attempts to kill competition by an artificial barrier. The rationale for UEFI lockdown you often read about -- that it prevents boot viruses -- is intended to mislead. The last time secure booting was a major problem was back when people booted from floppies. It's not boot viruses you have to worry about, it's those within Windows that cause the problems.

Applying this Philosophy to Software

To apply this philosophy to software, I use stock parts that can easily be installed, copied, or replicated across machines and backup devices.

There's a name for such software: open source. While open source software (OSS) saves you money, flexibility and licensing are the big benefit. You control it, it doesn't control you.

Let me give you a single example: backup and recovery. In Windows World, there must be a dozen ways to recover a lost system (off-hand, I can think of the Recovery Console, System Backup and Restore, recovery partitions managed by OEM software from vendors like HP or Dell, the Last Known Good Configuration, Safe Boot mode, Registry Export/Import, and performing a Repair Install). Why so many different ways to solve a single problem?

The answer is that vendors want to control your backup and recovery. Otherwise they can't lock you in and make you a source of continuing revenue. Vendors claim "ease of use" -- but is it really when you face this tower of B/R babble? With OSS, I issue a single command to either backup or recover. I don't have to navigate a half-dozen different apps designed to "help" me.

Here's a real-world example. My motherboard died last summer. I removed the boot disk from the dead system and plopped it into another, then booted that Linux instance on the target computer. Problem solved! Windows won't let you do this. Its hardware-bound Registry, authentication procedures, and licensing all specifically prevent it. They're designed to. Why? So you don't steal Microsoft's software. Microsoft places its needs to protect its ownership of Windows software above your need to solve your crisis. (Remember, you do not own the copy of Windows you "bought," Microsoft owns it. You only licensed it.)

Microsoft has every right to protect its property. But that's not our problem. Our problem is fixing our motherboard failure. Because of their agenda, Microsoft makes our life more difficult. Their software limits your flexibility -- on purpose. Heck, you can't even move an installed app from one disk to another without special software. The Registry -- Microsoft's control choke point -- prevents it.

OSS lets you easily move software across machines or disks or operating systems with just a command or two. I replicate operating systems, applications, and data how and when I need to. No Registry, licensing, authentication, hardware binding, or other artificial barriers make my job more difficult.

Here's another tip: Don't use an operating system you don't install. There was a time when a vendor-installed OS meant peak performance and a malware-free system. Those days are gone. Major incidents have shown that preinstalled malware is now a reality, ranging from spyware to rootkits to adware to craplets. This problem will get worse before it gets better.

Security and privacy require that you control your computer. If you use an OS someone else installed, you don't control it.

Compatibility

Most of the business world uses Microsoft's desktop software. So a big issue for those using my strategy is compatibility. How will you fit into Windows World? The answer depends on the kind of work you do.

For some IT professionals, this means running Windows and the Microsoft stack. "Use what your clients use." I hear you and agree 100%. Do what you need to do.

For most people, however, compatibility merely requires file interchange. I'm in this group. All we need for compatibility is the ability to create, update, send, and receive Microsoft Office files.

Using LibreOffice, I've encountered very few problems in exchanging word processing and spreadsheet files. Just stick to the features common to both LibreOffice and MS Office and avoid complex formats and layouts. The web has many articles on how to use LO and MS Office compatibly. (Ironically, LO is often more compatible with older versions of MS Office than is the current version of MS Office!)

The compatibility picture isn't quite as rosy when it comes to presentation graphics. Move a 40-slide PowerPoint file between office suites and you'll see many minor changes (spacing and fonts, for example). I circumvent this by presenting to clients with my LibreOffice laptop and handing out hardcopies of the foils.

Years ago, I used to double-check how my OSS-produced files looked on Windows XP. For example, I'd check that a Word document I created with OpenOffice looked the same in MS Word, or I'd verify that web pages created with Kompozer and Firefox rendered properly on Internet Explorer. I don't know whether it's because OSS compatibility has improved, or that I've learned how to avoid incompatibilities, but I haven't bothered with double-checking for a long while.

Applications availability is another concern. Do all the products you need run under Linux? Everything I need runs natively. For some folks Microsoft products are an important exception, since all are Windows-only. You can usually solve this problem with Wine, a compatibility app that runs nearly 20,000 Windows programs on Linux.

Business Savings

I'm an independent consultant. What works for me may or may not work for you. Or for small or large businesses. Still, when I see how some companies operate, I wonder if they're wasting money. Many could remain on Windows while strategically replacing components to their great advantage. This avoids a disruptive platform change while capitalizing on open source tools and apps.

Office suites are the perfect example. Microsoft Office licenses are not cheap, especially for smaller companies that can't swing the big discounts. LibreOffice and OpenOffice are functionally very competitive. You really have wonder why more companies don't even evaluate them.

Some would answer: support. But what kind of support do you get from a vendor that you can't get from the Internet? I'm old enough to remember when vendors created bug fixes for customer problems. Today they just tell you to wait for the next release (which they always insist you install, whether or not it fixes your problem). Support consists merely of work-around's and how-to's. You can get that online for free.

Another possibility is to keep Windows but replace Microsoft's proprietary development environment. Leave the ever-shifting sands of Microsoft's frameworks in favor of open source IDEs, programming languages, tools, and databases. Some companies score good savings while producing excellent apps with WAMP (Windows + Apache + MySQL + PHP/Perl/Python ).

These ideas aren't for everyone, but it always amazes me that some IT pros are so tightly wrapped in the vendor security blanket that they don't even evaluate alternatives. Some security blankets are well worth the money. Others only represent inexperience or inertia. Only you know which statement applies to your organization.

The Bottom Line

Inexpensive stock parts work well for my hardware and software needs. They're easily replaceable so I enjoy 100% availability. Low cost, high security, and good privacy are extra benefits. What are your requirements and what desktop strategy do you use?

[ShadowAce]

[Responsibility2nd]

Or you could just source and store on the cloud.

There. A 2 thousand word solution verses a 10 word solution.

[ShadowAce]

You answered a "what" or a "how" question.

The article addressed a "why" question.

[nascarnation]

Yes by FR criteria that’s the only permissable option.

Apple is run by a gay guy and Ballmer and Gates gave big money to the Wash State “marriage initiative”

[rurgan]

Could you give an example?

[JRandomFreeper]

I'm not putting my data on a computer I don't have physical control over. I'm not going to rely on applications on a computer/computers that I have no control over.

Cloud may work for some. For others, it's a huge potential liablitity.

/johnny

[illiac]

Can’t “cloud” things in my business due to privacy concerns.

However, I do not agree with running my business on brand x computers, either.

After having been in the business for 30 years prior to my current job, brand x just won’t cut it.....

[Responsibility2nd]

Could you give an example?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

How about Free Republic? It may not be the best example, but Jim and John certainly use their own in-house systems and software. And last month when it was non-operative for days on end...

How’d that work out?

[5thGenTexan]

The great thing about open source is that anyone can contribute to it.

The bad thing about open source is that anyone can contribute to it.

Unless you are personally reviewing and merging changes, there is a potential security risk.

[oh8eleven]

[by] Howard Fosdick
Any relation to "Fearless?"

[Harmless Teddy Bear]

Or you could just source and store on the cloud.

Maybe it is my age but I am just not comfortable with the cloud. In fact it creeps me out.

My customers rely on my keeping their information confidential so notes and such are kept on a non-internet connected computer. You want it then you are going to have to break into my house and take the computer it's self and good luck decrypting it.

Even my less confidential stuff I would not store out in cyberspace. There is too much loss of control.

[Psycho_Bunny]

I keep as much of my network Beige Box as I can: basically everything but infrastructure.

I’m trapped by software, though.

[Hardraade]

And when you try to find the blasted thing after the birds sh*t in your cloud, you have a zero word solution.

But the hw-makers are doing what they can to lock you into hw you have no use for. Like Intel.

[palmer]

That's why most proprietarize any way they can. Unified Extensible Firmware Interface (UEFI) is the latest of many attempts to kill competition by an artificial barrier. The rationale for UEFI lockdown you often read about -- that it prevents boot viruses -- is intended to mislead.

That's not true. The UEFI is used to verify the OS or OS kernel before it loads. It prevents unauthorized changes to the OS. The real reason the author doesn't like UEFI is that is can be used to local a piece of hardware to a particular OS, no other OS can then be loaded on it.

[BuffaloJack]

I have 2 identical machines and use one as a backup. My backup policy is to pull one of the mirrored RAID hard drives and replace it with a freshly wiped drive twice each week (and let the system rebuild overnight). If my system goes down, I pop the snapshot drive into the backup and I’m up and running immediately while I troubleshoot and repair the main system. This happened only a month ago when the power supply in my system died and I had to get a replacement.

[bigbob]

Pretty much matches what I do, although I don’t care whose name is on the box, as long as I can fix what’s inside it.

I’ve run into situations where file compatibility isn’t enough. And the incredible number of free apps for the Windows platform keep me on it, although I use Linux too.

[roamer_1]

Unless you are personally reviewing and merging changes, there is a potential security risk.

I find it to be quite the opposite - Closed source software tends to have way more security holes than OSS. BY FAR. Closed source relies upon obfuscation and has significantly less programmers at their disposal. Open source and many eyes naturally results in more elegant code and far quicker discovery of exploitable code. I don't use ANY closed source programs anymore... that I can think of... Other than Windows on some boxes, and the antivirus applications it requires BECAUSE of it's closed source mentality.

And 'merging changes'? Most programs nowadays handle their updates automatically - You may have to hang out on the application's forum for a while to see if there are problems, but other than that, it is much the same as closed source, with the only difference being that you, the end user, have the option of actually SEEING the changes, and can go right to the source code to do so. You don't get to see the crappy code hiding behind closed source - If that gives you some feeling of 'professionalism', let me assure you that is not the case.

[DarthFuzball]

The great thing about open source is that anyone can contribute to it.

Not exactly. While anyone can submit a contribution to an open source project, that does not mean that the submitted change will automatically be incorporated into the project. Submissions are reviewed for malicious code.

The bad thing about open source is that anyone can contribute to it.

Again, not exactly. Most larger open source projects only allow submissions from an approved list of volunteer coders. If Juan Dough programmer has a better idea about how to do something is the project, he can submit the changes to the appropriate volunteer coder who reviews it and if it looks good, then submits it to the larger project community, who review it and test it again.

At least that has been my experience on open source projects, but your mileage may vary.