Comments on: Ubuntu’s biggest threat

By: Rafa Vargas

Rafa Vargas — Mon, 15 Dec 2008 16:39:22 +0000

@linuxcanuck I propose that installing something downloaded outside of the repositories should not be so straightforward.

By: linuxcanuck

linuxcanuck — Mon, 15 Dec 2008 14:07:46 +0000

I wonder why you have singled out Ubuntu. Clicking on a DEB in any Debian distro can do the same thing. It will launch a programme associated with DEB, Gdebi or Kpackage whatever. I don’t use RPM distros, but suspect that the same thing will happen which you open an RPM.

However, there is nothing to stop anyone from using the command line to do the same thing, which means your whole argument comes down to picking on the GUI which is dumb, IMO.

What do you propose? Should we prevent people from downloading DEBs or people from posting them to the Net? Both are absurd.

This “problem” is not as scary as someone who is trying to make something out of nothing and singling out Ubuntu in your title. You cannot protect people from their own stupidity. To try to do so is a waste of time as stupidity knows no bounds.

By: A.Y. Siu

A.Y. Siu — Sun, 14 Dec 2008 19:56:07 +0000

Well, of course you can’t count on user education, but you can try your best to make it happen.

If people want to do stupid things with their computers, you can’t prevent them from doing stupid things.

By: PePa

PePa — Sun, 14 Dec 2008 16:38:56 +0000

Like you, I prefer to use only repositories for installing software on Ubuntu. Skype is in the popular and reliable Medibuntu repo (medibuntu.org). It’s also packaged and hosted in a repo by Skype itself: http://download.skype.com/linux/repos/debian (for Debian and Ubuntu).

By: JohnMc

JohnMc — Sun, 14 Dec 2008 16:02:19 +0000

Siu, is correct. Just in the debian based distros there are some 30k+ program suites. A treasure trove of resource. The YUM based ones are the same. Been using Debian or Ubuntu for 6 years and it is rare that I need to ‘head for the wilds’ to find a program.

Second observation that is for the average Joe User, the mainline distros probably already have what they want — installed. Most users want 3 things — email, web browser and office suite. Well most of the distros provide Thunderbird, Firefox, and Open Office. Adobe Reader even has FOSS based replacements in the repository.

I hazard therefore that the average user is safer. Having little need to go on the wild side they load up the distribution, set up the accounts and keep the system updated. Malware never passes the lips of the machine as it was all serviced by the provider.

By: Jim Price

Jim Price — Sun, 14 Dec 2008 15:30:52 +0000

The app examples you’ve given are available in the medibuntu repositories. The solution is to go down the Mozilla route and promote trusted external repositories as addons – currently it is left to the user’s googling abilities to discover whether the apps they want are provided from a repository, and you make it sound like you failed that test yourself.

By: smudo

smudo — Sun, 14 Dec 2008 13:30:14 +0000

Mediabuntu repo has Skype.

By: Alecs Jonson

Alecs Jonson — Sun, 14 Dec 2008 12:53:09 +0000

> Ubuntu’s biggest threat is users!

How about we do not let users start using Ubuntu?

Oh man… As you know yourself, Rafa, worst unexpected error can happen by module which is located between chair and keyboard. You can’t change it, you can’t influence it. Just look at windows and all malware that is preading there. Application exploits are high, but it is higher issue using social engineering on users. Some of them can’t learn, because they are overstrained by computer usage, other just simply don’t want to learn further because they think they know how to use computer.

And saying users are our problem, is equal to RIAA/MPAA that every user is a pirate and they have to be controlled.

For your info. I use windows at home and i do visit “non standard” websites, but still i never managed to get infected/zombied :) It is question how users work with a tool called computer.

Alecs

By: Carl Snyder

Carl Snyder — Sun, 14 Dec 2008 12:43:16 +0000

Unfortunately, I agree with someone I remember reading from the Internet, something like “You should never depend on training and education of the user, because the user will do whatever they darn well please, will not read documentation, and avoid any training that prevents them from doing what they want.”

By: A.Y. Siu

A.Y. Siu — Sun, 14 Dec 2008 05:18:18 +0000

Unfortunately, that’s not something Ubuntu can help. It has very extensive repositories, but it’d be possible to package every single conceivable application in trusted repositories.

The solution can only be educating users about deciding what non-repository software is trustworthy or not.

And, of course, having them look first in the repositories for software before trolling the net for third-party stuff.