Re: There is a scary discussion on the Ubuntu Developers mail list.
Quote:
Originally Posted by
koenn
Trolls dont usually have 4000 posts on a forum, 99% of which are in support sections. Maybe thats why I find this whole idea scary, I have helped to make Ubuntu better. It feels like a knife in the back.
Quote:
Originally Posted by
koenn
How about keeping this article in perspective :
1/ the author clearly states it's a personal opinion. So let's keep the generalisations about "the devs" out of it.
2/ the author is clearly floating an idea in porder to get feedback. It's on a publically accessible mailing list, out there for anyone to read.
[if they were facists, they'd know better than that]
The author puts it on a closed mailing list that only developers can reply to.
Re: There is a scary discussion on the Ubuntu Developers mail list.
Trolls or no trolls,
I think I get the gist of the what's happening with the devs. I've worked in IT for sometime now.
First though, I don't believe this will ever come to pass. Revoking user access is a classic knee jerk reaction to a security issue. IT managers face it every day. This is the philosophy of group policy management implemented in a Windows Domain environment and as a Pro IT manager I quite appreciate that the students at my school can't monkey with the systems.
HOWEVER,,
The home user can't be limited in this kind of way. A home user can't be treated as though they are a computer virus. In learning ubuntu I crashed a few installs before I learned what to do and what not to do. That's how I learned, people need the freedom to make these kinds of mistakes. I trust that this DEV who started this "scary discussion" will be set straight. Surely sanity and clear heads will prevail.
Re: There is a scary discussion on the Ubuntu Developers mail list.
Quote:
Originally Posted by
Kilz
Trolls dont usually have 4000 posts on a forum, ...
true.
Quote:
Originally Posted by
Kilz
The author puts it on a closed mailing list that only developers can reply to.
We all can read it, can't we ?
Re: There is a scary discussion on the Ubuntu Developers mail list.
reading it its meaningless if you cannot reply, it means you'll have to go along with whatever they decide without being able to voice opinions, or ( what they'll accomplish if they keep it up ) change distro.
And yes, to whoever it said so, having to change a distro IS a big deal. Just how many times we had an "IN" distro that grows huge and promises to raise the Linux out of complete obscurity? Way too many times and for one reason or another, most just end up fading back instead of getting anywhere. Ubuntu losing support from many users would mean it would lose momentum and it would be another huge setback for Linux awareness in general.
Re: There is a scary discussion on the Ubuntu Developers mail list.
Quote:
Originally Posted by
SonicSteve
HOWEVER,,
The home user can't be limited in this kind of way. A home user can't be treated as though they are a computer virus. In learning ubuntu I crashed a few installs before I learned what to do and what not to do. That's how I learned, people need the freedom to make these kinds of mistakes. I trust that this DEV who started this "scary discussion" will be set straight. Surely sanity and clear heads will prevail.
I trust that the dev in question had a genuine concern, is looking for sollutions, and bounces his ideas to fellow devs ... Ain't that how things are done in teams ?
While i not necessarilly agree with the proposed sollution (actually, a vague idea as to what direction a sollution might be found in), I do share the guys concern. When looking at posts on these forums, i too get visions of malware-infested and zombified ubuntu systems.
Re: There is a scary discussion on the Ubuntu Developers mail list.
I do not, I already stated this many times: linux as a whole is not popular enough to be this paranoid. Ubuntu on its own, much much less likely to be a target. You guys need to get realistic about where we stand. You don't need more proof but the article to know the devs themselves are not being realistic about the possibilities of targeted security threats.
Developers cannot afford to be that naiive, neither should users. I just simply think there is no need for this, there is no need to fix things that are not broken, this is specially true if this will end up breaking other things in the process.
Re: There is a scary discussion on the Ubuntu Developers mail list.
Uhh, how about we just fork gDebi and and incorporate user-specified white-lists about where they wish to install software from? AdBlock is the model we need to look at here, not some stupid Trusted Computing malarkey. The most you can ever hope to do is warn people that what they're about to do is potentially dangerous - it's just that currently, Ubuntu doesn't do this very well at all. All we really get is a 'Enter your password' dialog, not some check that the .deb in question is from a whitelisted source (or even just included in a blacklist), a warning (not an outright ban on that .deb) that harm could come to your system if you continue, and then some 'inconveniencing' wait time - like Firefox's add extension dialog, before the 'Next' button is available to click. All of this should be turned on by the default Ubuntu installation, and able to be turned off if the user wants to.
We do not need Canonical / the Ubuntu devs babysitting us and censoring us from the big bad world, but I'm sure many would appreciate a more visible warning about potential harm.
Re: There is a scary discussion on the Ubuntu Developers mail list.
For those who want this feature, there's Ubuntu. For those who don't, there's always the mothership Debian.
Re: There is a scary discussion on the Ubuntu Developers mail list.
Quote:
Originally Posted by
koenn
How about keeping this article in perspective :
1/ the author clearly states it's a personal opinion. So let's keep the generalisations about "the devs" out of it.
2/ the author is clearly floating an idea in porder to get feedback. It's on a publically accessible mailing list, out there for anyone to read.
[if they were facists, they'd know better than that]
3/ the author clearly states the assumptions his conclusion is based on. If you don't agree, all you need to do is provide proof/indications that one or more of the assumptions are wrong, or demonstrate that the conclusion doesn't follow from the (assumed) premises.
4/ the author identifies a problem and takes steps towards a sollution. He deserves credit for that.
5/ the author is aware of the fact that he's dealing with a trade-off between security on one hand, user convenience (both the 'naive new user' and the 'power user who wants control') on the other hand. His proposal attempts to accommodat all these. That makes it a good effort.
Exactly. I read it the same way you did, and I thought the discussion expressed a reasonable concern. Some people here seem to be oversensitive or just not very realistic/practical at all.
Re: There is a scary discussion on the Ubuntu Developers mail list.
Quote:
Originally Posted by
Dimitriid
I do not, I already stated this many times: linux as a whole is not popular enough to be this paranoid. Ubuntu on its own, much much less likely to be a target. You guys need to get realistic about where we stand. You don't need more proof but the article to know the devs themselves are not being realistic about the possibilities of targeted security threats.
Developers cannot afford to be that naiive, neither should users. I just simply think there is no need for this, there is no need to fix things that are not broken, this is specially true if this will end up breaking other things in the process.
Ubuntu (and Linux in general) has been gaining popularity *rapidly* in recent 2 years or so, and if the trend continues, and it is not unreasonable to assume that it will, security is going to become a much larger problem for Linux desktop users, and the most popular Linux distros like Ubuntu are likely to be targeted specifically. You can afford to live in the moment and with a false sense of security - developers can't, or at least shouldn't IMO.