Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

When Does Usability Become a Liability?

Cliff posted more than 10 years ago | from the stuff-to-discuss dept.

GUI 930

nasteric asks: "I caught myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee. The discussion had to do with usability and security. Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. They claimed making Linux a friend of Joe User will require it to 'open itself up' and become more susceptible to attack. Needless to say, this became an endless debate between our Microsoft Administrators and our Linux/Unix Administrators that will undoubtedly continue into the morning. Therefore I pose this question to the Slashdot community. Will making Linux more user friendly result in it becoming less secure? Hopefully your expertise will help shed some light on (and bring to and end) our discussion." Does decent usability necessarily imply the presence of vulnerabilities? Macs seem to have this area down pretty well, with little in the way of vulnerabilities. Can Linux software follow the same route?

Sorry! There are no comments related to the filter you selected.

Wha? (3, Insightful)

monstroyer (748389) | more than 10 years ago | (#8840793)

Question: Is this an "Ask Slashdot" or an advertisement for Krispy Cream and Apple?

Also, since the editorial already starts us off with an "OS X vs Linux" flamewar, let me add to the discussion... Windows and Linux admins in the same organization? What organization is this?!

Why do people think that the command line [osnews.com] is *not* "user friendly"? Do we write books by pointing and clicking at icons, avatars, and pictures? Except under amazing cirumcstances (Steven Hawking, the blind, etc) would you hire an author that did? Then why a system administrator?

Re:Wha? (5, Insightful)

CountBrass (590228) | more than 10 years ago | (#8840878)

Do we write books by pointing and clicking at icons, avatars,

Extremely poor analogy.

We spend literally decades learning to read and write and even then very few people are actually any good at writing books. Natural language is also, compared to computer languages, extremely stable. Natural language are also exactly that - natural. Our brains evolved to support them and our languages evolved over millenia to suit our brains.

Understanding images is considerably more important than language and certainly long pre-dates any human language- written or spoken.

And I'm sure you've heard the expression "A picture is worth a thousand words".

So, your point would be?

Re:Wha? (5, Insightful)

Enry (630) | more than 10 years ago | (#8840928)

one picture is worth a thousand words?

Seriously though, I'm an author and do a lot of writing. We are a visual species - look at the popularity of TV, movies, and video games. Why are GUIs popular? It gives you a lot of information in a small amount of space. Think small applets, like CPU usage or disk usage. More information can be sent quicker using a pie graph and setting colors than just giving raw capacity and percentage used.

But writing is much more precise. When you write something down, you need to know *exactly* what you're saying and who you're saying it to. Otherwise the meaning could be lost.

Re:Wha? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8840935)

You've obviously never eaten them. It's Krispy Kreme, Einstein. Next time, take more than two seconds to post your message.

Re:Wha? (5, Insightful)

normal_guy (676813) | more than 10 years ago | (#8840943)

Because commandline is NOT END-USER FRIENDLY. Things are different when you're a system admin. Click a picture of a music note, you get music. Click a picture with a music note flowing into a CD, you burn your CD. That's much easier than " CD_DA TRACK AUDIO FILE "secret-pregap.wav" START FILE "track1.wav""

Command lines aren't *learner* friendly (5, Insightful)

kollivier (449524) | more than 10 years ago | (#8840959)

GUIs let you explore until you find what you want by pointing and clicking on things. With command lines, you need to know the commands, and the options, before starting. That means that you need some sort of training before you start using the command line. So in your analogy, you'd have to "learn" the language of the OS before you can start 'writing' anything at all. Learning English actually took you a very, very long time, even if you don't remember it.

Once you have that training, the command line is a very useful tool. But if you can't get the training, and aren't self-sufficient or technically apt enough to go to the bookstore and buy a book on how to use the command line, you're screwed.

That's why people like having icons for things. The message icon is your mail program. Don't have to remember what it's name is, or where it's at. Just click.

Re:Wha? (0)

leadfoot (159248) | more than 10 years ago | (#8840973)

My organization has "Windows" and Unix admins. Our desktops machines run Windows NT with Novell client and Novell servers for shares. Our databases, internal and external web servers and middleware run on several flavors of Unix and Linux.

TOAST (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8840796)

TOAST

Simple (5, Funny)

Limburgher (523006) | more than 10 years ago | (#8840797)

As soon as autoexec.bat runs.

Write better SQL! (4, Funny)

markv242 (622209) | more than 10 years ago | (#8840860)

You need a COMMIT; in there to make sure your transaction runs, otherwise my base will still belong to me. For great zig! COMMIT;

Re:Write better SQL! (0)

Anonymous Coward | more than 10 years ago | (#8840975)

He's obviously using MySQL.

Re:Simple (0)

Anonymous Coward | more than 10 years ago | (#8840920)

You mean the rc.local file?

What you need to do (4, Insightful)

Anonymous Coward | more than 10 years ago | (#8840798)

Is hide the more advanced/"dangerous" features from users that normally don't need them. They're there if you, but if you don't know about them, you shouldn't accidentally trigger them. That's part of good useability, too.

Here we go again... (4, Insightful)

weave (48069) | more than 10 years ago | (#8840800)

Joy, a slashdot-sanctioned troll post.

OK, here we go:

  • If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.
  • If Linux distros had everyone running with root perms, then yes, they will be screwed too. That means you, Lindows.
  • This argument ignores architecture and coding flaws. There is no reason why we have to settle for popularity meaning low security

Re:Here we go again... (4, Insightful)

RTPMatt (468649) | more than 10 years ago | (#8840868)

What will make it less secure is people using it without and idea of what they should be doing for security. Unless the average user can install it out of the box (they like boxes) and have all their security issues taken care of, they will most likley live with no security at all.

Re:Here we go again... (4, Insightful)

LostCluster (625375) | more than 10 years ago | (#8840978)

What will make it less secure is people using it without and idea of what they should be doing for security. Unless the average user can install it out of the box (they like boxes) and have all their security issues taken care of, they will most likley live with no security at all.

When a hole is discovered, the number of people who get hacked is equal to the number of people who are running the affected software who don't patch in time.

If a luser wants to run telnet to get to their Linux server as root... they're just asking for trouble. Good thing most people who understand what to do at a bash prompt already know that. The problem comes when people who don't understand that SSH is better for a huge reason want to see a Linux command prompt on a remote server...

Re:Here we go again... (0)

Anonymous Coward | more than 10 years ago | (#8840896)

Feed the Troll

Lindows does not logon as root by default. This was one of the first things they changed after the initial BETA Test

Re:Here we go again... (2, Insightful)

Anonymous Coward | more than 10 years ago | (#8840974)

-----
This was one of the first things they changed after the initial BETA Test
-----
The initial Beta test? That was the one that shipped 10 billion copies to every Best Buy, Target, Wal-Mart, KMart, and BusyBee Electronics in the nation, wasn't it? :-)

It's too late to change it _after_ the fact. That's a lesson that Microsoft, with its political connections and limitless funding, has never had to learn.

+++ATHZ

Re:Here we go again... (5, Insightful)

LostCluster (625375) | more than 10 years ago | (#8840904)

If popularity breeds vulnerability, Apache should have far more vulnerabilities than IIS. It doesn't.

This theory needs only a slight modification to become valid...

It's popularity among stupid people that breeds vulnerabilities.

Apache may not have very many holes, but it's far too easy to write a PHP script that gives away the keys to the kingdom if you're not careful. A password of "password" is insecure on any system.

Just Called Tech Support... (3, Funny)

Anonymous Coward | more than 10 years ago | (#8840919)

and an Indian fellow named "Jack" was assigned my case.

I cannot wait to hear from "Jack" and hear how his beloved "Mets" are doing in this fine baseball season.

I await with interest to hear his small talk about traveling on the "NJ Turnpike" to work.

Tech Support. You gotta love it.

FP (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8840801)

FP

Yes (4, Insightful)

Tango42 (662363) | more than 10 years ago | (#8840802)

Yes, because users are stupid. Most "viruses" at the moment need a stupid user. Also, more users=more damage=more chance of someone wanting to attack it.

Re:Yes (4, Insightful)

LMCBoy (185365) | more than 10 years ago | (#8840907)

Most "viruses" at the moment need a stupid user.

Hmm, I was under the impression that most viruses these days just need a stupid email client (read: Outlook), with no intervention by the user required one way or the other.

Yes, I suppose there may be a way to disable the braindeadedness of Outlook, and that some may regard users as "stupid" if they do not lock down their system in this way. But, given that MS pitches Windows as the everyman's OS, does it not make much more sense to place the burden on *them* to provide a reasonably secure default setup, such that it is reasonably resistant to simple script-kiddie attacks "out of the box"?

There's a difference between stupidity and ignorance. In this case, it seems to me that the OS design is stupid, and if the user is ignorant of this fact, then they are in trouble.

fp (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8840803)

linux suxks you f{}ckers

Usability is always a liability. (5, Funny)

ArsSineArtificio (150115) | more than 10 years ago | (#8840804)

I agree absolutely. If only we'd go back to using toggle-switches for computer input, the risk of viruses or security breaches would diminish enormously.

Re:Usability is always a liability. (5, Funny)

platypibri (762478) | more than 10 years ago | (#8840884)

But with toggles switches, I could do a DoS attack on your machine with a pair of pliers. What is more primitive than that?

Re:Usability is always a liability. (5, Funny)

SpaceLifeForm (228190) | more than 10 years ago | (#8840922)

A large rock.

Mac Security (-1, Flamebait)

Sinjun (176671) | more than 10 years ago | (#8840807)

One of the best defenses Apple has by way of security is low market share, meaning fewer targest, and being able to swipe from other developers for free by having a Unix base to their OS. But right now, what's the point in targeting Apple boxen for attacks?

Re:Mac Security (1)

dead nancy (239321) | more than 10 years ago | (#8840946)

Such a tired argument. It's more that marketshare that makes Windows such a target. This has been so well discussed that it hardly bears repeating, but: insanely liberal permissions on default install, heavy browser/os integration, and so on. I don't think Windows would have spread MyDoom and SoBig so rapidly if a security dialog had popped up asking the user to supply these worms with admin passwords as would have had to happen under OS X no matter what marketshare it had.

IHBT. IHL.

xox,
Dead Nancy

look to OS X (1, Redundant)

gatoresque (559442) | more than 10 years ago | (#8840809)

Mac OS X is user-friendly and secure. Linux can
follow the same route.

It's all in the install program... (4, Insightful)

LostCluster (625375) | more than 10 years ago | (#8840810)

One of the biggest design flaws in Windows from a security perspective is that nearly every service that comes with the system is turned on by default.

One of the biggest design flaws in Linux from a usablity perspective is that nearly every service that comes with the system is turned on by default.

Re:It's all in the install program... (4, Informative)

LostCluster (625375) | more than 10 years ago | (#8840839)

ugh... foobared that post up... you know what I meant. Linux has everything off by default.

Re:It's all in the install program... (1, Funny)

H3lldr0p (40304) | more than 10 years ago | (#8840877)

I don't know...you might get a "funny" or two out of it.

Re:It's all in the install program... (2, Insightful)

Anonymous Custard (587661) | more than 10 years ago | (#8840939)

"Linux has everything off by default"

WinXP SP2 will supposedly change that, to increase security by decreasing the number of services enabled by default. I think this question is good now, but should also be revisited after WinXP SP2.

Re:It's all in the install program... (0)

Anonymous Coward | more than 10 years ago | (#8840981)

That wasn't always the case -- a lot of oldtime RedHat and Mandrake users got 0wned because they did an "everything" install which turned on a 100 exploitable services.

You blew it (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#8840926)

fool

It's all about the end user (5, Interesting)

mindless4210 (768563) | more than 10 years ago | (#8840811)

I think that the claim has very little validity. I think the truth is that it "becomes more vulnerable" when the average user is less educated about security issues.

Making Linux more user friendly, in my mind, means improving upon the features that revolve around the GUI. The great thing about Linux is how much you can customize it; you can strip away the GUI and have a powerful production-level server environment. This is different from Microsoft products, as the ease of usability encompases the operating system.

Linux is much more "modular", in that you can build exactly what you want; an installation could take up anywhere from a few megs to a few gigs. The security and vulnerability lies in the end user.

oh of course! (3, Interesting)

cartman837 (766019) | more than 10 years ago | (#8840814)

windows, linux it doesnt matter... Lusers will FIND a way to screw things up... If linux had the larger market share, worm writers would tailor code for it. I dont really think it would change the world as we know it.

"windows, linux it doesnt matter" (0)

Anonymous Coward | more than 10 years ago | (#8840927)

I've been seeing a lot of this attitude lately.

Were I paranoid I'd say the Microsoft boosters have finally given up trying to make the absurd claim that Microsoft's products aren't security nightmares, and they have begun to try to shift the blame on the users of Microsoft's products.

And of course, just because you're paranoid doesn't mean no one is out to get you. Heck, we need to be paranoid because Microsoft is scared shitless of Linux - because Linux represents the commoditization of software, and the commoditization of software will kill Microsoft's business. So Microsoft is desperate to slow or stop Linux in any way they can - see the money provided to SCO, see the astroturfing, see the paid shills like Enderle.

Tinfoil hat alert: why not a bunch of Microsoft "talking points" attacking Linux? (Kinda like the weekly Democratic talking points attacking Bush...)

Re:oh of course! (2, Informative)

oberondarksoul (723118) | more than 10 years ago | (#8840938)

People need to learn that this is not necessarily the case. One only needs to look at the fact that Apache, while being dominant over Microsoft's webserver (the abbreviation eludes me), suffers far fewer exploits than the latter, to know that it is not the case.

I cought myself (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8840816)

That must've been difficult, perhaps you might've caught yourself?

Mac OS X "trojan"? (5, Insightful)

daveschroeder (516195) | more than 10 years ago | (#8840820)

Please, no comments about how Mac OS X was "attacked" by a trojan.

It doesn't "expose" some fatal flaw in the OS, nor is it some newly discovered exploit. All it is was an application that displayed a dialog box. Mac OS applications (with the exception of Cocoa applications) have always been able to have:

a.) any icon, and
b.) any name

The only remotely slightly interesting feature of this proof-of-concept was that it stored the executable code within an MP3 ID3 tag, and even contained valid MP3 data. But that's mostly irrelevant, since the executable code could be anywhere, and the code can't even be moved in raw binary form without destroying the resource fork. Though the major media outlets haven't picked up on the subtleties of this thanks to Intego's FUD-mongering and self-serving press release, this "trojan" is nothing more than a Carbon application. (Though, the discussion that comes of this will be fruitful: maybe Apple will revisit yet again the filesystem metadata vs. file extension dichotomy, and discuss novel ways of visually identifying executables, perhaps in the same fashion as aliases.)

So, to get on-topic, no, an OS doesn't necessarily have to become less secure to become user-friendly. Some (most?) of the security of an operating system, both from a user perspective and network perspective, comes from underlying philosophical design principles and fundamentals - not to mention the intensive peer examination that open source software encourages. Sure, some user-friendly "features", such as auto-opening attachments in the preview pane of Outlook, exist to make things "easier" for the user. But this is a wrongheaded approach: a sensible focus on security can solve the majority of problems without necessarily making it harder on the user. Ease of use and security aren't entirely, or even mostly, mutually exclusive.

The key is making security easy to use.

But the age-old technique of "tricking the user" will ALWAYS be possible via various means, on any OS on any platform.

Re:Mac OS X "trojan"? (4, Informative)

IntlHarvester (11985) | more than 10 years ago | (#8840945)

the code can't even be moved in raw binary form without destroying the resource fork

I assume that most Mac mailers observe the MacMIME [cmu.edu] spec. This makes sending forked files through email a transparent process.

(Not arguing with the rest of your post -- I think it would be a lot easier to trojan Mac users with a "Install this Cool Screensaver" thing instead of jumping through hoops with a fake MP3.)

totally incorrect (4, Insightful)

VAXGeek (3443) | more than 10 years ago | (#8840829)

I fail to see any such correlation between usability and security. As many others have said (and will say), OS X really does have it down in regards to their security model, which I hope is embraced on OSS *nix soon.

Usability should increase security... (0, Troll)

NemosomeN (670035) | more than 10 years ago | (#8840830)

By making it harder for Joe User to change settings to something unsafe/stupid.

If Usability implies vunerability... (5, Insightful)

AnonymousKev (754127) | more than 10 years ago | (#8840831)

...then you should have asked for their explanation of why OS X is more secure than Windows.

Let me sum this up for you. (2, Insightful)

bludstone (103539) | more than 10 years ago | (#8840832)

The answer is "No, because of peer review."

Lets move on..

Cought? (-1, Flamebait)

Aardpig (622459) | more than 10 years ago | (#8840834)

I cought myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee.

I take it your English professor wasn't involved in the discussion?

Re:Cought? (2, Funny)

kruczkowski (160872) | more than 10 years ago | (#8840876)

What had me thinking is why did the editor let us know that he was at Krispy Kreme's having donuts and coffee. That could have been left out.

Absolutely Inevitable. (4, Insightful)

onyxruby (118189) | more than 10 years ago | (#8840837)

It's the same thing that has happened to other fields that eventually grew to the point where people could do some of the work on their own. For comparison think of publications, once restricted to highly specialized professionals and now available to anybody with a printer and a copy of printshop. Those home-brew print jobs make the pros squeem in pain. Amateur work will always be amateur, and the results will reflect this.

Once Linux gets to the point that it can be administered by people who aren't dedicated specialists, it's inevitable they will try it out and that most of these people will be less careful administrators. After all they aren't dedicated *nix admins and will often wear many hats in their organization. This doesn't mean that Linux is insecure, it's just a growing pain that it has to go through.

Don't forget how many people fall into the "it's working, it's now forgotten" category. These are the people that only perform oil changes on their cars and wonder why it eventually breaks down on them - and there are a lot of them. They won't patch it, back it up or anything else until the day it inevitably comes crashing down around them.

Ok, we're on to you. (4, Funny)

winkydink (650484) | more than 10 years ago | (#8840838)

I cought myself in the middle of a very interesting discussion last Friday over Krispy Kreme donuts and coffee

Cheese it, it's the cops!

Re:Ok, we're on to you. (1)

Xerp (768138) | more than 10 years ago | (#8840963)

It can't be the cops, there wasn't any mention of Freecell...

Why argue? (0, Flamebait)

sumac (714320) | more than 10 years ago | (#8840841)

Seriously, just avoid the discussion. It always degrades into one of 2 arguments anyway: #1 you're stupid #2 you're gay There's no way to win the debate. Just ignore it.

Dumbest Ask Slashdot ever (-1, Flamebait)

JohnGrahamCumming (684871) | more than 10 years ago | (#8840843)

1. Tell your buddies to quit hitting the Krispy Kremes so hard, it's obviously going to their heads
2. Why are you taking Linux advice from Microsoft admins?

and lastly

3. Usability implies less security? WTF Perhaps that's some law up at Microsoft, but not thinking about the security implications of what you are doing leads to poor security.

Oh wait, I forgot that Microsoft "usability" means everyone runs as root. Now I see what they meant.

John.

Whoosh... (1)

Run4yourlives (716310) | more than 10 years ago | (#8840894)

That's the sound of the point passing you by...

One of the biggest knocks on Windows is the whole "you have to be admin to do anything" security flaw. As linux gets more and more "user friendly", it'll be difficult not to follow microsoft's example, in certain respects.

Don't tell me you've never heard of linux users surfing the web as root...

No wonder... (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8840844)

Friday night and you're eating DONUTS discussing computer security?
And you wonder why you have no girlfriend?

Re:No wonder... (0, Offtopic)

Professr3 (670356) | more than 10 years ago | (#8840862)

I believe I saw you posting on Slashdot Friday night... need I say more?

If by "making Linux more friendly"... (1, Insightful)

Anonymous Coward | more than 10 years ago | (#8840845)

...they actually mean something like to run everything as root so as to not bother the user with that all that pesky permissions-thingy nonsense, then yes Linux will of course become much more vulnerable.

When using a spellchecker.... (-1, Redundant)

FerretFrottage (714136) | more than 10 years ago | (#8840849)

that has the word "cought" added to it.

depends (3, Interesting)

sumdumass (711423) | more than 10 years ago | (#8840851)

Depends on how the make it more user friendly. Most of microsofts flaws come from coding errors and automaticaly opend ports and services that aren't used.

I think linux can be user friendly without all that but with anything the more layers you add to it the complexity and ability to keep it secure will become harder. Not impossible but harder. At least with linux you will know were the problems are instead of having it for 2 years and then finding a patch for it one day.

Uh... (0)

Anonymous Coward | more than 10 years ago | (#8840855)

NO?

Yes (5, Interesting)

YrWrstNtmr (564987) | more than 10 years ago | (#8840857)

Take the basic Linux safety measure. Having to log in as root to do anything significant. Win has this as well (admin, power user, etc) , but most people run as admin, partly because of crappy, admin-rights demanding software, partly because Win doesn't really tell you not to, but also partly because its a PITA to remember, and log in with, that secure PW to do any installs or maintenance.

A "user friendly Linux" (Lindows, anyone?) will have to be very, very careful not to end up down this same path.

Re:Yes (5, Informative)

weave (48069) | more than 10 years ago | (#8840958)

That's what's great about OS X. If you want to install an app and the installer requires admin rights, it prompts you to enter in your user accounts' regular password. This stops automated trojan installers, but doesn't require a separate id/password for doing system level work. It also alerts you that "Hey, I'm doing something that will change by system."

There is no need to log into an admin account to do any of this kind of stuff under OS X.

I've also never seen an OS X app that says you have to give all users all perms to the root folder, or have everyone running as admin, or open up the program folder for everyone to write to because settings are being stored in the wrong dang place.

Windows could be a lot more secure, but Microsoft doesn't go far enough to shame software vendors into sticking to the logo requirements. How many times have you Windows admins had to support a desktop app or driver for a peripheral that REQUIRES admin or power user rights? It's insane that there are Windows programmers that are still writing crap like this today.

I call bullshit (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8840858)

This is a Slashdot troll dressed up as a penthouse letter.

Easy to refute. (1)

greg_barton (5551) | more than 10 years ago | (#8840863)

OSX

It's all in the account setup... (5, Insightful)

LostCluster (625375) | more than 10 years ago | (#8840864)

On Windows they call it Administrator, on Linux they call it Root. It's the same thing, the user account that has no restrictions on it. Every user wants to run that way, because seeing a "permission denied" message on their own box just isn't going to make them consider the system user-friendly.

It's really more of a user eductation issue than a technical one. The best security practices are usually in counter to an element of ease of use.

"Microsoft Administrators" have no perspective (4, Interesting)

IO ERROR (128968) | more than 10 years ago | (#8840866)

The problem here is your "Microsoft Administrators" have only one frame of reference for the question, and that's Windows, which is
  • user-friendly
  • vulnerable
and so they think anything that's user friendly must be vulnerable. A classic logic error, whose name I forget right now.

User friendly does NOT imply vulnerable, nor vice versa. I've posted before about building secure systems and securing existing ones. The techniques are, for the most part, well known albeit tedious, though I do anyway. (I even posted a security advisory to BUGTRAQ today...)

As long as the people making Linux user friendly keep security in mind when designing and implementing the new features, there will be no problem.

Re:"Microsoft Administrators" have no perspective (0)

Anonymous Coward | more than 10 years ago | (#8840956)

so they think anything that's user friendly must be vulnerable. A classic logic error, whose name I forget right now.

How about "familiarity breeds contempt"? :-)

The anti-usability bullshit must stop. (5, Insightful)

TempusMagus (723668) | more than 10 years ago | (#8840869)

To equate good usability with bad security is retarded and prejudicial. People who endorse that thinking in the linux community are, in my mind, the biggest hurdle to the widespread adoption of Linux on the desktop. Adding ill-conceived and ill-planned COMPLEXITY can lead to security issues but usability concerns, whether command line or GUI, don't have to.

Of course if you have elitist programmer types who use their case-modded Amiga's to talk to talk to each in Klingon don't expect your user experience to be one 'Joe User' can use or enjoy. If you are one of those people who are disdainful of people not as smart as you and want to keep Linux/OSS in the hands of your CRT tanned brethren then by all means continue to disparage and FUD usability all day long - just don't complain about Linux's adoption - EVER.

A few things for folks to remember:
  • Usability does not mean GUI. It's about performing tasks in the fewest steps requiring the least amount of memorization by the greatest number of targeted users.
  • Computer savvy people are atypical users. I may respect how a race-car driver drives his car and maintains his machine and there is no-doubt that he is a better driver than me. But if I need to go to the store and buy groceries or go out drinking with some-friends - not only is in inefficient for me to use a car designed for someone like that but its also uncomfortable and dangerous.

Windows isn't less secure (1)

MerlynEmrys67 (583469) | more than 10 years ago | (#8840870)

Since it is easer to use - the average user of Windows has significantly less experience. This leads directly to more vulnerabilities as inexperienced users do things that no sane experienced person would do.

Inevitably as you create environments that any idiot can use (see Windows) any and every idiot will use them - leading to more security problems.

As an example - up until the last couple of windows exploits, the user of the infected machine was required to open an encrypted .zip file with a provided password, see the executable inside of it, then execute the program to be infected.

How many experienced Unix admins would take a shell script out of an e-mail and execute the shell script that did an cd / rm -rf ? Not too many, windows users did it by the droves.

Yes. (2, Insightful)

FreeLinux (555387) | more than 10 years ago | (#8840872)

Have a look at Lindows. They make Linux easy enough for Windows users and supposedly, your grand mother to use. The first major step towards ease4 of use was the use of root as the primary logon. Security on these systems obviously just took a major step backwards.

Now let's face it, the ease of use your friends are talking about is things like not having to use a user ID and password when you turn on the PC and, most especially, not having to "su" to install spyware ^H^H^H^H^H^H^H pop-up blockers.

Yes... but not for the reason you think. (2, Insightful)

h4rm0ny (722443) | more than 10 years ago | (#8840880)


[As | If] Linux becomes more 'userfriendly,' security will suffer. This is not because it becomes inherently more vulnerable, but because it becomes accessible to ever less competent people.

A *NIX system does have inherent security advantages over Windows, but it still requires a very competent Admin to do a thorough job. Right now, I'd lay money (based on experience) that the average Linux Admin has a far better understanding than the average Windows admin simply because he needs to. This is going to change.

Consider that in my day, a programmer was still a computer scientist. Nowadays, I have to work with people who took a few months at a college course using a Visual design package and couldn't even program a Bubble Sort routine. It'll be similar with Linux security.

How about the implementation? (2, Interesting)

michael path (94586) | more than 10 years ago | (#8840882)

I'm not sure how I understand how the product could be less secure. My concern, the same concern I have for Windows, is the implementation.

End users generally either accept defaults, or install everything they can - regardless of if it's anything they'd ever use. This also means opening all the ports for the applications they install (by default, in Windows). They're simply not experienced enough to appreciate what they do.

My limited experience in Linux (I consider myself a very average user at best) with Red Hat and Fedora distributions is that it opens itself up for whatever I install as well. I often find myself fortunate if I can get 80% of what I install working, so I suppose that's inherantly more secure.

However, I still use 14 character passwords in Windows and Linux. I still set appropriate permissions on files in both Windows and Linux. Vulnerabilities will always exist, regardless of platform. I fail to see how wider use would make the produce less secure, however.

Lindows (1)

epcraig (102626) | more than 10 years ago | (#8840888)

Since Lindows has chosen to trade security for usability, we have a perfect test case.

oxymoron (0, Troll)

linuxislandsucks (461335) | more than 10 years ago | (#8840900)

oxymoron def:

Computer Usuability equals MS Windows..

Try mandrake 10! (1)

Krik Johnson (764568) | more than 10 years ago | (#8840901)

Mandrake 10 is very usable, and is SECURE! To everyone who think usabillity and security can't exisit please try it! I am using it now! I wish people wouild stop going on about Linux usabillity it has been usable for YEARS! Stop using shit distros!

possibly, but (0)

Anonymous Coward | more than 10 years ago | (#8840908)

A lot of security issues are related to either underlying architecture or social engineering. You can't always do anything about social engineering (leaving passwords in the open, providing information to a query on the phone), but the low-level architecture is a different creature entirely.

Why do Windows and other Microsoft-related products have so many security risks? It has nothing to do with the user-friendliness. It's at the core. Until and unless Microsoft is willing to write something from the bottom up which is not vulnerable to buffer overruns, you will always see security leaks (and hopefully, patches) in the news.

I haven't kept count, has anyone else? What percentage of the patches and security alerts are related to buffer overruns? (I'll wager dollars to those Krispy Kreme doughnuts it's a significant number)

And it's obvious Microsoft does not understand this issue is in the code's "DNA". Taking that month off to address "security issues" obviously did nothing. The security bulletins continue to flow as before. They just don't get it.

Using Security (5, Interesting)

DreadSpoon (653424) | more than 10 years ago | (#8840909)

Usability doesn't mean "avoids security." It means the interface is easy to use. You can do this *with* security. For example, just asking the user to re-type their password before running admin tools, even if they have rights to run them. (No su'ing to root; no process should *ever* run as root with user input/control.) That means that a virus can't just start running admin commands without the user knowing.

SELinux (or, hopefully, a similar system with a sane configuration/management interface) can also assist with this by limiting what vulnerabilities can do.

And the interface design itself helps. Microsoft's attempts at usability equate to "do everything automatically." Compare this to GNOME where the design is based not on automation, but on streamlining. I fully believe GNOME is *more* usable than Windows in almost every way, yet it hasn't the security problems as apps don't try to auto-run executables from untrusted sources, embed scripting languages with system-modification abilities, etc.

In truth, the interface can be designed such that it makes using security easier, vs hiding security away.

Krispey Cream affects usability (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8840910)

Fat guys can only marry fat girls (if they are lucky) and produce fat children. The whole cycle is useless.

Convenience vs Security (3, Insightful)

Speare (84249) | more than 10 years ago | (#8840912)

The argument is usually phrased as "Convenience vs Security." They can be seen as being opposed. That's not quite the same as "Usability vs Vulnerability" but that's the direction your friends' arguments were pointing.

I'm not sure that it always holds true that you have a single gradient between Convenience and Security. You can have elements of both, and it's not just a fractional position between two extremes.

For example, the 'root' problem is that root or Administrator can do anything on the system, so cracker types will focus their attention on the major prize. The alternative would be to spread rights and responsibilities into fine-grained accounts like "backup" and "network" and "installer" and other capabilities. An attacker has to work harder, but the machine's owner does too.

However, that doesn't mean that you're going to have to allow web browsers and email clients to execute unknown privileged code. Many of Microsoft's engineers in the 90s had no concept of trust and privilege, and it showed. Those few who understood the implications couldn't drive the rest of the overwhelmingly "convenience-driven" corporate culture to really care about the down-sides to an all-root-all-the-time lack of security. Now that Microsoft knows the implications, their inertia has them at a strict disadvantage: they must change, and in so changing, they break their #1 asset: long-term backwards compatibility.

OSX? (0, Redundant)

DamienMcKenna (181101) | more than 10 years ago | (#8840913)

OSX is easy to use and purdy secure. Why can't Linux be too?

Re:OSX? (1)

TempusMagus (723668) | more than 10 years ago | (#8840933)

Because you have all these anti-usability and anti-GUI dunderheads running amok.

Define Usability (1)

Eberlin (570874) | more than 10 years ago | (#8840914)

Someone once jokingly said that a broader userbase will result in less security. Thus the best way to secure software is to make sure nobody uses it.

The main issue here is that the simpler an interface is, the less the user has to understand about the entire system. IF the system can sustain itself with minimal administration, it can survive.

The problem lies in making interfaces so easy that "mouse clicking solutions experts" can be lulled into thinking they've secured everything just because they've clicked on a few icons. If they understand the system fully, usability is a good thing. If you're a clueless user, a usable pointy-clicky interface can be a very dangerous thing that'll bork your system faster than you can su to root and type "rm -rf /"

MS Admins are experts on Linux security? (5, Funny)

contrapuntalmindset (697143) | more than 10 years ago | (#8840917)

"Many of the Microsoft Administrators I work with argued the more user friendly Linux becomes, the more vulnerable it becomes. " Ummm... what makes a Microsoft Admininstrator the authority on vulernability and usability?

thats always the issue with security (1)

Nykon (304003) | more than 10 years ago | (#8840929)

whether you talk about Windows,Linux, OS X....

its not a security + useablilty, it's a balance between the two.

As you increase useability, security goes down by rule.

For example: In terms of network security.
A box not connected to the network is 100% secure form outside hackers, but 0% useable to outside users.

Example #2: A machine that installs with all services running and ready to go right out of the box and slapped on a network is 99% useable to remote users on the network but 1% secure.

No matter what OS you are using, it generally boils down to a balance between the two,because as you make things easier to use you inherently lose some of the control over securing the machine.

Same route as Macs (1, Interesting)

Anonymous Coward | more than 10 years ago | (#8840930)

Macs seem to have this area down pretty well, with little in the way of vulnerabilities. Can Linux software follow the same route?

Sure. Just keep your market share at 3% or less and few people will bother to write viruses and worms to take advantage of your vulnerabilities.

Take 10 jumps on Windows : 0.9^10 ~= 35% chance of getting 10 Windows machines in a row that might be vulnerable (assuming they haven't patched, and there has always been a patch for any of these widespread worms).

Mac: 0.03^10 ~= 6*10^-14%. Linux: 0.01^10 ~= 1*10^-18%.

I wonder why there are more Windows exploits. Hmm.

Macs are also closed source for most of their stuff - think that would work for Linux? Going closed source?

Apple doesn't think so (5, Interesting)

Random BedHead Ed (602081) | more than 10 years ago | (#8840931)

GNU/Linux development can really benefit from observing what Apple did with OS X. It's easy to use for pretty much anyone, but it's similar to a Linux-based system under the hood. It's easy, yet has very few vulnerabilities.

One nice trick Apple discovered is to have the users be non-root, yet still administrative. (Did you hear that, Lindows?) They did this by creating tools that run as root, but which require authentication to run. For example, a mortal user who is an administator can't trash the whole filesystem by dragging and dropping important items, because they are not root. But they can run Software Update, an application for downloading patches, by supplying a username and password.

On Linux you can add users to the group "wheel" and make them sudoers with much the same effect.

Apple also made many important directories like /etc invisible from within the GUI, which I think is a great idea as long as power users can turn it off.

Seems easy and secure to me...

sysadminning (0)

Anonymous Coward | more than 10 years ago | (#8840936)

There are Unix/Linux and Windows sysadmins in the organisation I work for.

There are around 5000 servers and 58,000 desktops to support across the globe.

Security is always at the expense of convenience.

Windows suffers from being immature compared to *nix, that's for sure.

Linux is already as easy to use as Windows, certainly for any sysadmin.

Why is it a MCSE doesn't understand how Ethernet and Token Ring can exist on the same network? That says everything if you ask me.

False correlation (0)

Anonymous Coward | more than 10 years ago | (#8840944)

The usability / security or usability / reliability paradox isn't inherent in the system. You're really looking at the product of years of tradeoffs. Windows has been an exercise in ease, backward compatilbility and ubiquity, at the expense of careful design; OSS products tend to be designed and written by folks who live in a world a CLI is usable enough and the product should be bulletproof.

Also, don't forget the "many eyes make bugs shallow" phenomenon. It holds true for both scenarios. It's just that it happens to be a weakness for Windows where it's a strength for OSS.

Guess what (5, Insightful)

stratjakt (596332) | more than 10 years ago | (#8840949)

All the "secure code" in the world wont shield the system from a clueless user.

As secure as you think OSX is, anyone who wanted to write an application to fuck stuff up, call it "Super Happy Funtime Sexy Game", and email it to morons, could do so just as easily as they could with a VBScript file.
I could write:

#!\bin\sh
rm -rf /
cat /dev/rand > /dev/dsp
echo Linux is teh gay!

Email it to some stupid people, tell them they have to run it as root or else they wont see the video of Condoleeza Rice's tits.

Stupid people will run what came with the box they bought at Best Buy. When those boxes start shipping with linux, they'll be on linux. The REALLY stupid people shop at K-Mart, who I understand are in the business of ubercheap linux boxes these days.

Be afraid, be very afraid, of the rootkits that get put on this new army of lindows boxes.

To their level (1)

The_Mystic_For_Real (766020) | more than 10 years ago | (#8840950)

I don't think that linux afficionados would like to see what a distro that would be at the level of the infamous "Joe User" would look like. To do this, you would have to copy the Windows method of trying to prevent you from using anything besides Word and IE on your computer. This is not the best path for Linux. Linux should remain the better OS for the computer literate. There are certainly things that it could do to improve "usability" by the non-elite, but it should not dumb itself down. Furthermore, I don't agree that Windows is user-friendly. It seems like I have to do battle with it every time I want to do anything. It also hides a lot of things from you by default such as file extensions. Hiding file extensions certainly compromises security, especially for "Joe User".

The UI doesn't kill security... (2, Insightful)

jcjewell (675426) | more than 10 years ago | (#8840951)

...people kill security.

Maybe... Need more sandboxes/restricted userids... (5, Insightful)

FyRE666 (263011) | more than 10 years ago | (#8840952)

As you've noted, Mac OSX has managed it (although in all honesty it probably isn't the focus of as many attacks as Windows). I think that the main problem is that if users are running their browsers, email clients etc under their own uid, and they contract a virus then it's going to cause damage to all their files. I don't know about anyone else here, but I value the files in my /home more than the rest of the OS, which can easily be reinstalled (yes, I do back up, BTW).

I think that maybe all vulnerable processes, like web browsers, irc clients etc should run under a separate uid from the user (maybe each user should have 2 uid's - one normal, and one restricted so that it can only access a subdirectory of the users home). So rather than Mozilla launching as user fredbloggs:fredbloggs, it launches as "fredbloggs_restricted:fredbloggs_restricted" by default. The user could then chown some directory to be writable to fredbloggs_restricted" for downloads, cache etc.

Maybe this is already implemented? The real problem though is that a user could still build and run something they downloaded, potentially wiping all their files, unless a mechanism automatically made anything they installed themselves, run as the restricted user and not their own uid:gid.

Does any of that make sense? ;-)

It's not usability (2, Insightful)

Pranjal (624521) | more than 10 years ago | (#8840955)

...it's popularity. The more popular an OS gets, more script kiddies will target that OS as that is where they can do maximum damage.
The trick to usability is to have a power interface which allows you to change everything and anything in the system and have a newbie interface which allows you to customize to your hearts content but not change the underlying core components. Because what most "joe users" want is modifying the look and feel of their desktop and not going into changing network settings or CPU settings. If they want that and can do that I think they are already ready for the power interface.

user friendly means stable code (4, Insightful)

happyfrogcow (708359) | more than 10 years ago | (#8840960)

I'm in the process of rewritting some small freely available application because the original caused my computer to segfault under two circumstances which I consider normal use. In rewritting it, i've eliminated those errors and maintained the same performance. As well, I decided to start using a memory profiler, Valgrind [kde.org] . The end result is a more user friendly tool because it doesn't crash in normal operation giving bad error messages that only a programmer would understand. It is also more secure... no more buffer overflows.

My point is, moving towards usability shouldn't mean that we should loosen our belts, allowing the user to run amock in the system, we should tighten them.

Memory Permissions (4, Insightful)

RailGunner (554645) | more than 10 years ago | (#8840964)

Last time I checked, usability had nothing to do with allowing a user created process to stomp all over memory, like DOS / Win 16 / Win 32 did (and does). Usability also had nothing to do with being able to extend Office applications with Visual Basic For Applications, giving the world Marco virii.

Usability, however, does have to do with coherent UI design: picking icons that communicate what the button does on a toolbar, grouping menus is a logical way, making sure that there are keystrokes available for commonly used features, etc.

It sounds like the Microsofties have confused usability with Feature Creep.

Now.. the more people running Linux may in fact lead to more vulnerabilities being found, since testing only proves the existence of bugs, not the absence. However, history shows that bugs are fixed much quicker in open source then in closed source, so that's a race Linux wins easily. But as far as usability, comparing the latest KDE and GNOME desktop to Windows XP just shows that as far as usability, Linux may have already surpassed Windows.

Depends on your priorities (1)

Perl-Pusher (555592) | more than 10 years ago | (#8840968)

Would you choose to run as root because it's easier? Or would you try to find a reasonable compromise and if that cannot be made always choose security over ease of use? If you said yes to the first, then no. You will probably have an unsecure system. If you answered the second yes, then yes you probably can make it a little more useable and still be secure.

What you can't do is disregard security totally for years, get a large market using your product and then start thinking about security. Or at least it hasn't worked for Microsoft.

No (1)

Ckwop Johnson (696069) | more than 10 years ago | (#8840970)

Usability and security are not at loggerheads.
I mean, take for example recompiling the whole of Windows again with a compiler that magically fixes buffer overflows.

That would considerably raise the security of the entire internet.

The consider the fact that the role that most people want to use their computers for like Word Processing Games, Web Browser, E-mail, Music etc.. don't require the administrator privileges to be useful then the real problem becomes apparent.

I have a windows box down stairs that is highly usable for my customers (my family) yet is highly internet hardened without any great loss in functionality..

Windows insecurity is a configuration problem as much as it's it's also a bad software development problem.

Simon.

The List (5, Funny)

Henry V .009 (518000) | more than 10 years ago | (#8840977)

Hmm, I'll have to add one to my list.
  1. Security through obscurity.
  2. Security through obsolescence.
  3. Security through unusability.

simple answer is: (1)

Anonymous Coward | more than 10 years ago | (#8840983)

Yes. when you add ease of use and transparency for the users' benefit you almost always have to give a little on the security. likewise, when you make something more secure, more often than not you have to make it a little less user friendly.

an easy example is Windows 2000/XP. XP comes by default with each user in the Administrators group. this is very bad security, as part of the point behind having normal user accounts is so that when a virus or something infects a user account it doesn't affect the whole system. the problem is, if the user isn't in the Administrators group they can't do things like install software or drivers. they'd then have to log out and log back in as Administrator and continue the install process (making sure to select Install For All Users And Not Just This one). then they'd log back out and back into their normal user account. if this was (for example) a laptop with one user then it would be too annoying a process for most users and they would either ditch their passwords or stick with the Administrator account or both. if they just put up with the annoyance their system would be much safer, but they want ease of use, so they say "oh who cares that i don't back up. how often do viruses delete files anyway?"

the more user friendly you make linux, the more _LIKELY_ it is that it'll become less secure, but if you do it right there's a much less likely chance of opening up new holes. it definetly takes work to keep it secure though.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?