Forgot your password?
typodupeerror

Comment: Re:No. (Score 1) 451

by Burz (#46730325) Attached to: Ask Slashdot: How To Start With Linux In the Workplace?

Its very typical in FOSS to think UI design goes no further than the 'doorknob' level. That's a big part of the problem right there. Y'all don't get it.

I do 'like' KDE. But as a SuSE and Xandros veteran, I can say that the more finely you tune the surface looks to Windows, the more the user will later feel dismay when they should have their curiosity piqued instead. The default KDE look isn't too bad in that regard.

The irony here is that KDE also lets you get closer to OS X look and behavior than Gnome will. Unity, however, comes pretty close in its default config.

What makes Unity a better OSX than heavily tweaked KDE is at being Windows-like is that Canonical actually does pay close attention to how well these cutesy graphical details line up with the vertical integrations they provide (and with each other). Xandros (around versions 3/4) could probably lay claim to an equivalent level of excellence, except that was achieved with a bunch of proprietary components.

Comment: Unity is actually very nice. Its Dash that sucks. (Score 1) 53

by Burz (#46700099) Attached to: A Conversation with Ubuntu's Jono Bacon (Video)

Removing Dash/shopping and adding Classicmenu makes for a system that's easy to navigate.

Having people text-search for everything all at once--when all they want is that banking or other occasional tool they run occasionally (what's the name?)--and getting tons of cruft in the results just isn't working.

Comment: This is risible! (Score 2) 312

by Burz (#46681113) Attached to: Why No Executive Order To Stop NSA Metadata Collection?

Sites like Salon and The Guardian broke the Snowden story, and they keep running with it. There is a very long list of left-leaning sites that keep the issue highly visible, including HuffPo, DKos, Raw Story, TruthOut, DemocracyNow! and I dare even list Ars Technica in that group. Yes, there are Obama-worshippers who try to paint anti-NSA info and sentiment as fifth-column betrayal, but overall if you sample the comments in places like DKos and DU, you'll see some skirmishes over the issue of party loyalty (and accusations of racism) with the anti-NSA crowd handily coming out on top.

As for the lack of protest, lets just say the story was still developing in the fall and its been one heck of a winter.

Comment: Is all the firmware open? (Score 1) 88

by Burz (#46646583) Attached to: Bunnie Huang's Novena Open Source Laptop Launches Via Crowd Supply

I have toyed with the idea of installing CoreBoot on my Thinkpad as a way to enhance security. The Noveena doesn't appear to have a BIOS, however, and there is little mention about firmware in their pitch... I'm more concerned about this than who designed the motherboard traces.

I'm not much of a hacker, but I do love the overall concept here. Hopefully they will divulge more details as the time progresses.

Comment: Re:Infighting: Linux's biggest weakness (Score 2) 155

by Burz (#46590467) Attached to: Canonical's Troubles With the Free Software Community

Here's a thought experiment:

Imagine you're a 7th grader who has become intrigued by computers. If that kid tries programming on "Linux" and creates her first couple of apps using whatever tools and libraries she can grasp at the start-- then what will happen??

1. She becomes a web developer. OK, fine... but don't expect desktop apps from her. In fact, don't even expect "Linux" to enter her mind when she thinks of users.

2. She gains a yen for all the *nix plumbing and becomes a system-level tinkerer, writing some KDE or Gnome apps as a way to fill some acute voids in a way that fits into her elite usage patterns. Again, don't expect *good* apps from her. She is interested mainly in cool new ways to arrange the plumbing and impressing only her hacker friends.

3. She STOPS coding when those first tentative steps toward her big ideas ended up having zero chance of running on her uncle's or her classmate's "Linux" systems; copying her code to those other systems resulted in a flop. What's more, she wasn't able to describe to those people ways of troubleshooting the problems that prevented the apps from running, getting puzzling descriptions back from them that she didn't recognize.

3. a) She discovers Windows and Mac systems have the consistency she needs to show-off to her non-technical friends and family, and since those are the people she's trying to impress early on (instead of impressing hackers) her personal development as a coder gains a healthy appreciation for the non-techies' point of view and she becomes a good app developer.

TL;DR; The Linux distro eco system cannot "grow" good app developers. It just cannot. Its too chaotic for the right kind of nurturing of talent to take place.

I think Shuttleworth has been inching away from the distro culture and this is part of the reason why Canonical is frequently criticized; they have needs for future releases of Ubuntu that the non-forked 'plumbing' projects aren't meeting. And then there is ElementaryOS, which seems to have a fully realized platform philosophy that doesn't include "Linux compatibility" (whatever that means) in its future; They plan to diverge increasingly in the future for the sake of internal consistency and usability. I wish them both great luck, and advise Canonical to commit to diverging the way ElementaryOS has, because the pack they're associated with now are just pretenders.

Comment: Re:Infighting: Linux's biggest weakness (Score 4, Insightful) 155

by Burz (#46587165) Attached to: Canonical's Troubles With the Free Software Community

The apps don't materialize because serious app developers (instead of the system tinkerers in FOSS who like to imagine themselves as good apps developers) with passion and committment to their ideas try out "Linux" and experience the following:

1. Scant control of hardware features (even getting the screen to turn off can be a challenge) and the controls that exist suck, because the proper level of vertical integration isn't there.

2. Myriad desktop environments and administration applets that make the thought of guiding users through tech support a nightmare. This is the most obvious reason why "Linux" is not a desktop platform, because most non-techie users of said distros wouldn't even be able to recognize most other distros (or the same distro with a different DE).

3. Myriad combinations of support libraries; even the common ones are bundled together with versions of each other that create a unique and unsupportable platform 'landscape' for each distro.

4. Distro culture itself: 'Thou art a creepy skank if you sell apps and/or offer direct downloads of a product.' Invoking Yum and Apt are almost like genuflecting before entering a pew. Only its a cult, not a religion, because strong dynamic relationships with people outside the repository are frowned upon.

Comment: Re:The chain of trust is broken. (Score 1) 110

by Burz (#46557773) Attached to: Fake PGP Keys For Crypto Developers Found

How do you trust these proxies not to be run by state intelligence organizations?

1. The attackers can't be omnipresent at all times

2. Doing a MITM against all randomly-located HTTPS links is probably impossible to do without being discovered.

3. Some orgs like Torproject have an .onion address. Then you don't have to worry about MITM as long as your original copy of Tor was OK. If you're worried about Tor or other program being tampered with, try using one or more Linux Live CDs: Boot, update then install Tor or other secure proxy, then download keys and certs... leverage the built-in keys of the Linux distros.

Really, for anyone planning this type of attack, consistency is a HUGE problem and you only have to be slightly crafty to be reasonably sure about the keys you're getting. The only other thing to increase your certainty is to get key fingerprints from these people in person.

Comment: Re:The chain of trust is broken. (Score 1) 110

by Burz (#46555453) Attached to: Fake PGP Keys For Crypto Developers Found

It ought to start by making certs and keys first-class GUI objects, starting with file browsers. Seriously, people should not see a blank square when they are copying or otherwise manipulating a key.

Further, there should be write-once devices that allow us to add keys and other identity info without worrying an attack will subvert that data.

Comment: Re:The chain of trust is broken. (Score 1) 110

by Burz (#46555409) Attached to: Fake PGP Keys For Crypto Developers Found

You may have something there. Alarm bells were going off in my head when I saw the summary advocating a move toward not away from X.509. If someone wants us to move toward the tech used by (famously subverted) PKI, they better damn well spell out how PKIs mistakes won't affect verification procedures.

We are experiencing system trouble -- do not adjust your terminal.

Working...