| |||||||||||||
Installing packages or updating is not a professionInstalling packages or updating is not a professionPosted Sep 13, 2009 20:57 UTC (Sun) by man_ls (subscriber, #15091)In reply to: Providing services is a profession by elanthis Parent article: Attacks against WordPress installations Ubuntu uses the Synaptic package manager, and it works pretty well. Updating your machine is not hard to do, and nobody forces you to upgrade the whole distro every 6 months -- you can pick up an LTS and go with it for two years. Even better, it's free. You can do mostly the same with Debian, and I'm sure that other distros have their own graphical tools. On Windows you have a plethora of software packages which want to update at random moments in time, need to run a package updater all the time -- or just when they feel like it. Guess what: most of it just goes without updates indefinitely. Including Windows itself, which is so obnoxious auto-updating that people just try to disable or ignore it. The result is that the typical Windows installation has a plethora of worms, Trojans and viruses fighting each other for supremacy. One model is best for software integrated in the distro. (Big surprise, distributions are better for distributed software.) The other model is better for installing random garbage from the web -- including all kinds of malware. (If people want to play games my advice is to get a console.) This is not a justification, we all know that the problem of installing external software on GNU/Linux is not solved. But Windows is most definitely not an example to follow. Now, if we could learn a thing or two from Mac OS X...
(Log in to post comments)
Installing packages or updating is not a profession Posted Sep 14, 2009 17:33 UTC (Mon) by NAR (subscriber, #1313) [Link] I think you didn't understand the problem. Not the "Updating your machine" is the problem - the problem is that new versions of applications tend to introduce new bugs (or trigger old ones). Just think about the headache pulseaudio caused. The problem of Linux software management is that if I want a new version of e.g. pidgin, because it supports a new protocol, I need to upgrade the whole distribution, which will install pulseaudio (among other stuff), so I won't have sound. This happens even when I had absolutely no intention of going anywhere near pulseaudio.The hardcore Linux-advocate's answer would be that in this case grab the code, compile and install, but it's definitely not as easy as clicking "Next -> Next -> Finish" and then the advantage of package management is lost (no automatic security fixes, no warning if a used library gets updated with some incomtaible code, etc.). The Windows solution might be uglier on the inside, might contain lots of duplicated libraries installed - but works, and that's what the user cares. Of course, until the FOSS developers treat their users as beta-testers, then noone should care about things like this, but this road doesn't lead to world domination.
Installing packages or updating is not a profession Posted Sep 14, 2009 21:08 UTC (Mon) by man_ls (subscriber, #15091) [Link] But that's not a problem -- it's a known trade-off, and GNU/Linux distributors have chosen one path. Nobody forces you to use a distributor -- in fact you might just compile everything statically and upgrade each bit independently. But nobody has chosen that path, because of the enormous waste and bloat. And also because, as the number of copies of a library grows, the probability that all of them are upgraded when a security hole is found approaches zero. Especially given that most of those programs cannot be upgraded automatically, and if users had to pay attention to all those upgrades they would do little else in their lives. The result? Tons of malware.The Windows solution does not work IMHO. World domination yes, but at what price?
|
|||||||||||||