Kevin Carmony: Because we're trying to get the average computer user to try Linux, we think it's best to not scare them with a flood of new words. Picture dropping someone who speaks English into a foreign land where they only speak a different language. How comfortable do you think she'd feel? How long do you think she'd want to stick around if they never spoke her language and she couldn't understand anything? That's how most computer users would feel when they see Linux for the first time. They get bombarded with so many new terms, like Kernel, Root, Mozilla, Kate, KDE, X, GNOME, GAIM, GIMP, Debian, MPlayer, XMMS, K-this, G-that, and on and on. 95% of the world doesn't understand these terms, and when they see them they just get confused and run back to their comfort zone of Microsoft Windows. People shouldn't have to learn a new language to use Linux.
So, yes, we rename things like GAIM to "Instant Messenger," Kate to "Text Editor," and XMMS to "MP3 Player." We don't do this to take credit, but to make it easy on the user. For example, when you start the "Instant Messenger" in LindowsOS, it says "Instant Messenger" but very clearly, right underneath it also says, "Powered by GAIM." When you choose "MP3 Player" from the Launch Menu, it brings up a program called "MP3 Player," but if you go to the menus or the about box, it says "About XMMS."
We give credit where credit is due, and users can easily see the name of the underlying technology. We just put a friendlier name in the menus and title bar to make things easier to use for those new to Linux. I've noticed many of the other distributions have followed our lead on this.
4. A lot of Linux users think that Lindows.com doesn't do enough to push its users to create user accounts and hence most LindowsOS users run as root. What is your opinion on the issue?
Kevin Carmony: Let me just say that LindowsOS is extremely secure, in some ways, more than most Linux distributions, and certainly more than MS Windows.
I think this stems mostly from the very first "Sneak Preview" of LindowsOS that came out two years ago. In that version, we didn't yet have the system in place to set up users, even though it was always planned. As we have seen with the whole issue of people thinking we run MS Windows software, it's hard to shake a first impression. If the way we do it today would have been what was in our very first Sneak Preview release, this would have never been an issue.
It's true we don't force users to run as user, but we certainly do everything short of that. We have the user set up an Admin password during install, and then present them with an easy-to-use screen to set up Users. We even have a page, right during install, that discusses security with the user, and explains how to use passwords, set up users, understand the LindowsOS firewall, etc. to increase the security of their computer.
By default, LindowsOS ships with a very strict firewall in place and no open network services. For this reason, remote hacks to the average user are extremely unlikely. The average user will not open ports to their computer and therefore the default settings of LindowsOS are very secure for these users. Fortunately, most advanced users who are knowledgeable enough to open a port, are also knowledgeable enough to use the firewall properly to avoid introducing any security vulnerabilities as well as know enough to click the "Add User" button.
As a Linux user, I think Linux should try to become as secure as possible while keeping the number of hoops the user must jump through to a minimum. I'd like to see Linux get smarter, not require training the user. The maintainers of the Kernel are working on making Linux just as secure when running as root as when running as a user. Now THAT'S what I'm talking about! Smarter technology so users can USE their computer, not be used by it.
Someone once told me that Lindows.com should in fact force users to run as user, and not even allow them to run as root. He used the example of how we have laws that force users to stop at red lights. I'd suggest the best thing to do is to build an overpass so that no one has to stop at red lights AND are even safer than using traffic lights at intersections. Smarter technology, not more training for users.
One great example of "smarter technology" is capabilities-based security, which provides a finer granularity of security. The best current practical implementation of this is "security enhanced" or SE Linux. Capabilities-based security shifts focus from what users can do to what each OS component can do. In the world of computing, we think it makes more sense to track computational objects, not humans. This is another open source technology we are proud to be supporting.
BUT...until Linux is smarter, we do all we can to educate users about using User accounts and make it very easy for them to do just that.
Finally, I'd offer there is actually one way in which LindowsOS is more secure than most other desktop Linux products, and that's with the deployment of security patches. Because of our built-in CNR Technology which allows users to easily install any security patches as soon as they become available. We provide this in a way that even the most novice Linux user will get these patches, and they do not need to be a member of CNR to get these.
- "Kevin Carmony interview, Page 1"
- "Kevin Carmony interview, Page 2"
- "Kevin Carmony interview, Page 3"
- "Kevin Carmony interview, Page 4"
