Lindows.com - Friend or Foe? [LWN.net]

[This article was contributed by Ladislav Bodnar]

Lindows.com has been regarded with suspicion by the Linux community ever since the company and its LindowsOS distribution were announced in October 2001. Perhaps it's time that we extended an olive branch to Lindows.com and took its product for what it is - a Linux-based operating system for the general public.

Let's state one thing loud and clear: up until now, Lindows.com has made very little money out of its Linux venture. Depictions of the company's founder Michael Robertson being a ruthless vulture ready to pilfer other people's work for his own benefit are far too common on Linux forums. But if we take a look at some numbers, the picture is vastly different. Sales figures are hard to come by, nevertheless web sites where LindowsOS users congregate can give us some indication about its installed base. The unofficial Lindows forum at openlindows.com has fewer than 300 registered members. The official user forum does not provide numbers, but judging by the activity there, a few thousands of users might be a good estimate. Contrast this to the Gentoo forum, which has nearly 22,000 registered members! Judging by other similar examples, it is unlikely that LindowsOS has a market share of more than 1% of all desktop Linux installations. It is also unlikely at this point that Lindows.com is a profitable company.

Another important point to note is that there is nothing inherently wrong with LindowsOS. It is a Linux distribution like any other, it has a solid base in Debian GNU/Linux and all the power one would expect from a Debian-based system. Some readers will argue that running the operating system as root by default is a major security risk, but remember that the market segment the product is aimed at simply does not want to deal with any passwords. Yes, it would be more desirable to educate the population about the dangers of using the system as root. In an ideal world, this would work. Unfortunately, a picture of a Debian developer joyously conversing about file access permissions with Aunt Tillie is an unlikely sight. It goes without saying that LindowsOS does not prevent security conscious users from setting up user accounts and passwords.

What has Lindows.com achieved? If you take some time to visit the official forums of LindowsOS users and read through some of the posts, you will find examples of ecstatic users who are genuinely happy to have been able to switch to Linux. These simple stories of joy are perhaps the most liberating examples of success of Linux - not in noisy server rooms full of skilled system administrators with years of UNIX education and experience, but by ordinary folk. Many of these users don't know how to check the kernel version of their operating system and don't care about the name of the desktop environment they use daily. But the software enables them to get on the Internet, scan their precious photographs and write up important documents - and that's all that matters. Yes, the open source software programmers and Debian developers deserve most of the credit for this achievement. But if it wasn't for folks like those at Lindows.com (and numerous other distributors), we would probably never see a software installation program that can be operated with a mouse.

LindowsOS 4.0 was released earlier this week. The product appears to be a bug-fix and consolidation release, rather than a version full of exciting new features and cutting edge software. The versions of XFree86 and KDE, as well as most of the server software were left unchanged from LindowsOS 3.0. But a lot of work has gone into making the Click-N-Run software warehouse and installation infrastructure reliable, lack of which used to be a sore point with many reviewers in the past. The company is also shipping a Knoppix-like live evaluation CD called "LindowsCD", which should be available for free download within the next few weeks. The prices start at $49.95 for LindowsOS 4.0 digital delivery and this includes a 15-day free trial access to the Click-N-Run warehouse. A full one-year Click-N-Run membership retails at $49.95, but this excludes commercial applications, such as StarOffice or Bitstream Deluxe Fonts, which have to be purchased separately. First reviews of LindowsOS 4.0 have been written and both TuxReports and ExtremeTech were highly impressed by the product.

In short, we need each other. We need talented developers willing to spend most of their time in cryptic programming code, but at the same time, we also need people who are experts at doing usability studies, user interface design and market research. If we can work together without hostility and disrespect and if we can give credit where it is due, we can accelerate the success of Linux and get it accepted by a growing number of users, irrespective of how technically skilled they are. If Lindows.com becomes profitable and successful in the process, we will all benefit. Many Lindows.com critics find it hard to admit it, but the company has channeled some of their income back to open source software projects and will no doubt continue to do so.

Hungry and greedy vultures with little integrity have indeed been spotted in the free software world. Lindows.com is most certainly not one of them. No, the company is not perfect, and yes, it has made mistakes (who hasn't?). But it has a solid product and many happy users to prove that it deserves our respect.

to post comments

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 3:35 UTC (Thu) by lpbbear (guest, #4827) [Link]

Thank you for the nice article. I am not a Lindows user but I was very disgusted by the attitude some in the community displayed toward
Lindows early on. Lindows, along with several other newer distributions, represents the direction Linux needs to take to begin to impact the
desktop
market. Lindows may have made some mistakes here and there but far more mistakes have been made by several longtime Linux distributions who
until recently seemed to believe that Linux belonged ONLY in the server room. I sometimes wonder how much farther along Linux would be in the
desktop marketplace if it weren't for that misguided attitude?

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 4:33 UTC (Thu) by TimCunningham (guest, #10316) [Link] (6 responses)

Maybe the only thing I'm not totally sold on is the reason we 'need' to reach the masses. Sometimes, I feel like I'm the only one who couldn't really care less if the less technically-inclined use Linux on their desktops.

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 6:23 UTC (Thu) by ttonino (guest, #4073) [Link] (2 responses)

"Reaching masses" will not make Linux worse, but will give rise to many more applications, and thus many more developers. And more eyes finding bugs - which is good.

If you want to run something your neighbour doesn't, there's always something to be found I think. BSD - Plan9 - Hurd - ???

Thomas

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 10:16 UTC (Thu) by beejaybee (guest, #1581) [Link]

'"Reaching masses" will not make Linux worse`

Well, actually, this _is_ a real concern. Installing unneccessary services is a security hazard, as is having more than is neccessary running with root privelege. In the interests of "convenience" Lindows has unfortunately run foul of both of these traps.

I for one do not want to see the legendary reliability & security benefits of linux over Windows undermined by insecure distributions, however large their user base.

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 20:34 UTC (Thu) by TimCunningham (guest, #10316) [Link]

If you want to run something your neighbour doesn't, there's always something to be found I think. BSD - Plan9 - Hurd - ???

I never said that I wanted to run something specifically because other people don't; all I ment was that I don't care one way or the other. I suppose the argument can be made that that'll increase the software support for Linux, but I'm not dissatisfied as it stands, so I'm not overly concerned about that, either.

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 14:15 UTC (Thu) by bshowalter (guest, #538) [Link]

Keep in mind that the more masses we reach, the more pressure is exerted on hardware vendors to support their products on Linux, and at the very least, to provide Linux-compatible drivers for those products that offer *all* of the capabilities that their Windows drivers do, instead of just a small subset of the more important functions. Wireless networking is one particular area where vendors seem to be gravitating more and more towards chipsets that are simply not supported on Linux.

It's only selfishness

Posted Jun 30, 2003 14:30 UTC (Mon) by mwilck (subscriber, #1966) [Link] (1 responses)

The other answers to your excellent question show that the reason we want to attract the masses is actually selfishness - masses exert pressure on Hardware and Software vendors who will then deliver the drivers and applications we (the nerds) would like to have.

Ok, there are also some other reasons (political - we don't want Microsoft to rule the world, economical - we want more competition in the software market, philosophical - we think all software should be free, etc.). But I think the selfish motivation is the strongest one.

In weak moments, I wonder if providing the best solution for the mass user is also among our goals. In other words: if we really, honestly think that a Linux distro like Lindows serves them better than Windows.

What does Mom do after Lindows has passed the "Mom test"? What if she tries to install the latest Windows game or cool screen saver? I still fear (selfishness, of course) that, after the initial easy-to-use appeal, many users will face bad experiences with Lindows, and turn away from Linux for years to come. This may be worse than if they had never used Linux at all.

It's only selfishness

Posted Jul 3, 2003 20:34 UTC (Thu) by haraldt (guest, #961) [Link]

That's called "oversell". It's not a problem if the salespeople don't make it one.
Remember, these guys do like to sell an expensive system. MSwindows-based if it is so. It's just, happy customers makes long-term income.

The right customers for these systems like to stretch their budgets. They need their tasks done with a minimum of hassle, and don't like to make things more difficult than they see a need for. Plus, they see computers as work, not play. Computer games means something on the scale of Solitaire for their own needs, but kids would like something fun and educational.
There are quite a lot of them.
If sales force please that market, that's fine. It means customers they might not have had otherwise. But the rest will have to pay for their needs, and that's even better.

And, there are plenty of moms out there who'll find it entirely all right if their kids can't install Half Life at home. Freely available screensavers can be impressive compared to the standard MSwindows ones.

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 5:24 UTC (Thu) by captbunzo (guest, #1234) [Link] (1 responses)

<rant type=silly>
This article, which was very well written, commented that there is nothing inherently wrong with Lindows.

I would have to disagree.

The NAME! The name IS INHERENTLY WRONG! Who in their right mind would even CONSIDER naming an linux distribution LINDOWS!

Bah!
</rant>

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 6:41 UTC (Thu) by angor (guest, #999) [Link]

You're right, of course. I told Mr. Robinson over and again that SCONUX would be a much better choice, but he wouldn't listen...

Guestimating user bases

Posted Jun 26, 2003 8:37 UTC (Thu) by mark (guest, #1921) [Link]

Comparing the userbase of Gentoo with the userbase of Lindows based only on user registration at online forums makes no sense at all.

Unlike people who might consider using Gentoo, most people don't care about their computer's operating system, and in fact have specific reasons for using a PC in the first place (eg, email). These people are unlikely to even know what their OS does, let alone join an online forum that discusses it.

A far better comparison would be with online forums dedicated to, say, Windows or MacOS.

Regards
Mark

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 11:09 UTC (Thu) by ecureuil (guest, #3507) [Link] (3 responses)

Your article says that Lindows has contributed to the Open Source
movement.

Lindows has used KDE a lot but contributed very little back. They have
paid a small fee to be member of the KDELeague, a moribund PR effort to
promote KDE in the USA but to my knowledge. They have also sponsored the
hosting of KDELook.org. But, they have never contributed one patch or
line of code to the KDE CVS. They have neither hired or sponsored one KDE
lead developper. For a wealthy startup like Lindows, what they have done
is trinket.

In my opinion, a company selling open source and using the huge pool of
GPL code should add some water to the pool by contributing some code.
That is the acid test.

In this view, they have been and are bad citizens of the Open Source
community. Until they pass the acid test, we should promote other
distributions.

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 12:34 UTC (Thu) by zmower (subscriber, #3005) [Link]

Dude you sound like the Linux Router Project guy.

I suspect this article was inspired by the recent interview with Michael Robertson on slashdot. There he says he has funded Wine in the past and put up the Xbox prize. Any worthwhile changes will go back into KDE 'cos it's GPLed right?

Lindows.com - Friend or Foe?

Posted Jun 26, 2003 14:20 UTC (Thu) by butcher (guest, #856) [Link]

One might argue that their contribution is "promulgation" - getting Linux into more computers than would have happened if they hadn't made it a little easier to use.

Lindows.com - Friend or Foe?

Posted Jun 27, 2003 12:01 UTC (Fri) by Guhvanoh (subscriber, #4449) [Link]

If all they have done is sponsor kde-look.org, then they have done alot.
With the traffic that kde-look gets, hosting costs are not going to be
pocket change. I do not use Lindows, but I would like to thank them for
sponsoring kde-look.

running as root is inherently wrong

Posted Jun 26, 2003 12:09 UTC (Thu) by ballombe (subscriber, #9523) [Link] (8 responses)

The article say 'there is nothing inherently wrong with LindowsOS'.

I don't agree, running everything as root is inherently wrong.

The article say 'simply does not want to deal with any passwords.'

It is a technical confusion: a user account with a blank password
is still much more secure than running as root, e.g. rm -rf / will fail.
suid wrappers can be used for task that need root. Even the most crippled
wrapper is safer than running as root.

Windows XP and OS X have a concept of user account, so why not LindowsOS ?

The article say ' If Lindows.com becomes profitable and successful in the process, we will all benefit.'

I will certainly not benefit from the deployement of completly insecure
Linux box. This will only serve to destroy Linux reputation about security

What happens to root then?

Posted Jun 26, 2003 13:36 UTC (Thu) by GreyWizard (guest, #1026) [Link] (3 responses)

Who *does* get the root password in that case? Or should the installation be unable to do anything not in the original specification? As long as a user can log in with no passphrase and install packages, they are effectively running as root. For example, a virus would simply install a small package (possibly downloaded from somewhere) containing malicious code and invoke it rather than doing harm directly.

On the other hand, this might still protect against accidental damage (dragging /usr to the trash...).

What happens to root then?

Posted Jun 26, 2003 16:31 UTC (Thu) by iabervon (subscriber, #722) [Link] (1 responses)

Nobody gets the root password. Being root (if necessary at all) requires a shell started by init on the console. That's how I have my home desktop machine set up: no passwords, physical access is necessary and sufficient for everything (except ssh identity, of course, which is protected on disk with a passphrase). The root password is untypable, but there are root shells started automatically on virtual consoles. So root access is protected by requiring the actual keyboard. If I were setting this up for distribution, I'd also make the root account inconvenient for running non-maintenence programs (e.g., remove /usr/X11R6/bin from root's path).

In most desktop situations, it's impossible and unnecessary to secure the system against people with physical access, and vital to secure it against remote attackers; but it's also unnecessary to permit remote users at all and inconvenient to support them usefully anyway (Mom hangs up the modem and turns off the computer when she's done).

It would be interesting to design an package management tool which could be run on a virtual console out of init in a way that end users could handle easily.

What happens to root then?

Posted Jul 9, 2003 16:09 UTC (Wed) by maphew (guest, #1147) [Link]

I'm intrigued, where can I find info on how to setup a linux computer in the manner you describe?

What happens to root then?

Posted Jun 26, 2003 18:35 UTC (Thu) by ballombe (subscriber, #9523) [Link]

Just make a suid wrapper to apt-get with source.list pointing to LindowsOS and Debian. This will allow non-root users to install packages but only from reputable sources.

running as root is inherently wrong

Posted Jun 26, 2003 14:40 UTC (Thu) by cdmiller (guest, #2813) [Link]

I concur.

Widely distributing an inherently insecure and crash prone distro will not help Linux in the short or long term. Any system with an inexperienced user running as root will be insecure and crash prone.

running as root is inherently wrong

Posted Jun 26, 2003 15:02 UTC (Thu) by tjc (guest, #137) [Link]

The article say 'simply does not want to deal with any passwords.'

Even Windows XP has user accounts and passwords, so I have to agree; running as root is a Real Bad Idea. A potential user who has trouble with passwords might not be able to do anything useful with a computer even if they did manage to log in.

Running as root because it's easier for novice users is sort of like replacing the ignition key on a car with a big red button.

running as root is inherently wrong

Posted Jun 26, 2003 15:11 UTC (Thu) by ladislav (guest, #247) [Link]

In case some of you've missed the Slashdot interview, here is Mr Robertson's reasoning in his own words:

"There aren't administrators in many of the homes, businesses and schools we are selling to. These are personal computers where the owner needs to be able to set the clock, change the wallpaper, configure a printer, install a flash drive, or load a new piece of software without bumping into nuances of computer science.

Take a Microsoft Windows XP or Mac OS X machine out of the box and use it and it operates in a similar manner to LindowsOS the first person to touch it can do whatever they want. If we make Linux harder to use then other operating systems, users will not embrace it. Users just want to get their work done, they don't want to be computer experts and they shouldn't have to be. Of course, if they want to add a default password or setup multiple accounts and restrict access to their own machine, they can of course do it on all of these operating systems, including LindowsOS, even though none default that way."

You can read the rest of the interview here: http://interviews.slashdot.org/article.pl?sid=03/05/05/1225249

running as root is inherently wrong

Posted Jun 9, 2004 5:33 UTC (Wed) by kasl_33 (guest, #22188) [Link]

I may be reading this long after it was posted, but I am currently using Lindows 4.5 on one of my partitions. After two weeks, I don't even hardly touch my Windows XP Pro partition (except to modify my website through Front Page to save time in the GUI of FP vs. FTP Progz).

I am very impressed with Lindows (By the way, they changed the name to Linspire).

I am semi-new to Linux - played with Red Hat for a while unsuccessfully, but Linspire is helping me to learn a lot about it. I can now navigate the command line and install programs in command as well - just because Linspire was easy enough for me to use to get started in figuring things out.

Another great feature for you Linux/Windows users is Win4Lin which lets you run Windows 98 and below simeutaneously with Linux at the same time. I have never seen Windows boot up so fast or run so secure!

Re: Lindows.com - Friend or Foe?

Posted Jun 26, 2003 21:33 UTC (Thu) by Ross (guest, #4065) [Link] (3 responses)

> Another important point to note is that there is nothing inherently
> wrong with LindowsOS.

I completely and utterly disagree.

> Some readers will argue that running the operating system as root by
> default is a major security risk ...

Yes, that would be my primary concern. One of the advantages and selling
points for Linux is the amount of design and care which has been put into
the security of the system. The lack of viruses and email trojans is very
attractive to companies and individuals who have been damaged by such
software in the past.

> ... but remember that the market segment the product is aimed at
> simply does not want to deal with any passwords.

That is wrong in at least two ways.

1) Windows desktops often use passwords. Most companies I know of use a
Domain structure. Home users using Windows XP deal with passwords and
I would hope their email and ISP accounts are password protected.

2) Because the distribution is aimed at inexperienced users and people
moving from Windows to Linux, proper security is more important at the
system level precisely because we can't depend on the use to make safe
choices ("hmm... it says in this message I should double click on the
icon so I don't see why I shouldn't do so").

> Yes, it would be more desirable to educate the population about the
> dangers of using the system as root.

Just don't tell the users about root. Have a daemon or well written suid
program so that the system has final say (unless the user knows about root)
about what is installed on the system. If it wants to be really paranoid,
it could require signed packages.

> In an ideal world, this would work.

It can work in the world we live in if we cared enough to do something
about it (actually if Lindows' creators cared enough).

> Unfortunately, a picture of a Debian developer joyously conversing
> about file access permissions with Aunt Tillie is an unlikely sight.

Hmm... who brought Aunt Tillie into this? Once again she is messing with
things that should be better left alone. Why does she need to recompile
her kernel? Why does she need to make /usr/bin writable to herself? She
doesn't.

> It goes without saying that LindowsOS does not prevent security
> conscious users from setting up user accounts and passwords.

Exactly the problem. As you yourself stated above, the target audience
won't know how to do this or even know that they can do this. These are
the people that should be given a safe environment by default. It should
be difficult for them to make it an unsafe environment.

Now don't get me wrong, using a different user id than root and different
than the owner of the important system files is important, but I don't
think it is the only consideration for security a system, but it is an
important one.

Re: Lindows.com - Friend or Foe?

Posted Jul 1, 2003 13:38 UTC (Tue) by wookey (guest, #5501) [Link] (2 responses)

I'm very nervous about the root thing too. I'm actively looking for a
distro to give my mother, who's grasp of computing is 'tenuous' at best,
and Lindows sounds ideal except that I feel I can't, in good conscience,
give her a box with everything running as root.

So in fact, if there are technical intermediaries, it's not getting to
it's desired target audience due to the apparently complete disregard for
user security. There was a time when this wouldn't matter, but sadly it
is now long gone.

Re: Lindows.com - Friend or Foe?

Posted Jul 1, 2003 15:18 UTC (Tue) by ris (subscriber, #5) [Link] (1 responses)

Lindows does not force people to run as root. It encourages people to set up user names with passwords, it just doesn't insist and will allow people to bypass that part if they want to. Most novices will follow the instructions and set up user accounts. It is the people who think they are Windows power users who are most likely to skip this step and run into trouble.

I believe the first version of Lindows only ran as root, but that is not the case any more.

lindows does not force you to be root

Posted Sep 11, 2003 6:09 UTC (Thu) by gwx03 (guest, #14980) [Link]

I would like u ppl to get your facts right before commenting... lindows does allow you to add users and not run root. Though it runs root by default, now it adds the 'user manager' link onto the kde menu and also under a pop-up box which starts after it is installed, the 'advanced' button, it allows you to add users. Besides, advanced users who can use the terminal can by all means set up othe rusers and not use the root a/c.

plz get your facts right. Im no fan of lindows but i feel its a great and easy2 use OS though the ease can be irritating to me ( lindows is not the def. OS i use; i use redhat. ).... its quite insecure ... but not to the extent of windoze i guesss.

The only thing which bugs me is that lindows imposes a fee onto its open source software and contribute very less back..

the lindows software costs tens of dollars and THEN.... look at their click-n-run. four dollars a month to run a cache of software that can be available for free on the web ! (like opera, mozilla, gimp )!!!! is this some big, evil moneymaking scheme??