tag:blogger.com,1999:blog-75998293485218719502024-03-14T05:33:50.759-07:00 The Linux WorksCaitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.comBlogger12125tag:blogger.com,1999:blog-7599829348521871950.post-20432343878754230392020-11-17T16:13:00.000-08:002020-11-17T16:13:44.104-08:00On Laptops: Thoughts On Using CentOS, Ubuntu LTS, and FedoraI recently participated in a discussion in a CentOS group I belong to about the suitability of <a href="https://www.centos.org/">CentOS<a/> for ordinary laptops. These were my thoughts, mostly taken from various points in the discussion and edited into a coherent whole. Is CentOS really good for laptops? Like so many things it depends on what you intend to do and what software you're going to use.<br><br>
I use CentOS 8 on several laptops and it mostly works well. It may be missing some drivers you might need. If so, <a href="http://www.elrepo.org">ELRepo</a> is a good source for those. You definitely won't find the number of apps you do in Ubuntu's repositories and will need to go with third party repos. The best of them is <a href=https://fedoraproject.org/wiki/EPEL>EPEL</a>, maintained by the <a href="https://getfedora.org/">Fedora project</a>. You can leave both ELRepo and EPEL enabled to get updates as needed probably 99.8% of the time. The rare conflict can be avoided by setting repo priorities in <a href="https://dnf.readthedocs.io/en/latest/conf_ref.html">dnf</a> to insure official repos have precedence.<br><br>
If you need to go to third party repos beyond that pull packages manually. Some repos conflict with each other or, on rare occasions, with CentOS packages. If you can stick with EPEL you avoid that.<br><br>
One thing <a href="https://ubuntu.com/">Ubuntu</a> does that CentOS does not do is automatically download and install proprietary packages required by some hardware. For example, I use an Epson all in one printer/scanner/copier. I had to get drivers and apps directly from <a href="https://download.ebz.epson.net/dsc/search/01/search/?OSC=LX">Epson's website</a> and install them manually. The good news is that Epson provides rpms for Red Hat Enterprise Linux that work perfectly well with CentOS.<br><br>
In my opinion CentOS is more difficult to setup and configure than Ubuntu on a typical laptop and to the find and install all the apps you want. However, if you do that work it's rock stable and reliable. It's also every bit as easy to keep up to date and secure as you will get notifications when updates and patches are available and can install them with a click.<br><br>
I never recommend Fedora. I don't like being forced to upgrade the OS as a whole frequently. For me laptops are for getting things done, not tinkering. I've also had too many problems with packages being updated without the requisite dependencies causing breakage in Fedora. I recommend either CentOS or Ubuntu LTS for those reasons.<br><br>
I haven't found any reasonably modern hardware on which I couldn't make CentOS work. The question is how much work does it take and how difficult is the process. That varies widely. One caveat: I've been working with Linux professionally since 1995. What's easy for me may not be easy for someone who has limited experience. Of course, for them, working through issues may be a great learning experience.<br><br>
I have yet to have a clean install of CentOS on a laptop that requires no further action, including laptops by ASUS, HP, Lenovo, and Toshiba. That may be because of hardware or because of how I use my laptops. Usage patterns make a huge difference. In general, for most people, Ubuntu LTS is going to be easier to install, configure, and add software to than CentOS. Once installed both are stable, reliable, and reasonably easy to use. Both work well.Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com0Chapel Hill, NC, USA35.9131996 -79.05584457.6029657638211532 -114.2120945 64.223433436178851 -43.899594500000006tag:blogger.com,1999:blog-7599829348521871950.post-34927589588083426092018-09-30T08:54:00.001-07:002018-09-30T08:57:59.219-07:00New version of Culmus (Hebrew) fonts releasedFor those of you who do some Hebrew computing, I received this from Maxim Iorsh on e-mail via the Culmus announce list. For those who don't know Culmus is an excellent set of Hebrew fonts that I've used on Linux for many years:
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVAl1Jd6sriM5PUIBauxy9uOl0ME-x3C8KB0srQzyriukqOEHdF3uUtVV2nYQn-zB5ehceZTf6PJtX3eo4CQ5BBWi-PugELuQwHibI0CNjT1Z04XK064ZhJQk-Nch-gadQPE7Ijettqd4N/s1600/culmus.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVAl1Jd6sriM5PUIBauxy9uOl0ME-x3C8KB0srQzyriukqOEHdF3uUtVV2nYQn-zB5ehceZTf6PJtX3eo4CQ5BBWi-PugELuQwHibI0CNjT1Z04XK064ZhJQk-Nch-gadQPE7Ijettqd4N/s320/culmus.png" width="550" height="427" data-original-width="646" data-original-height="501" /></a></div> Many popular Linux distributions have Culmus packages in their repositories. Whether they update those packages during a release cycle and how quickly they adopt new version varies widely from distribution to distribution.Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com0tag:blogger.com,1999:blog-7599829348521871950.post-82754507387607937622017-03-21T21:57:00.003-07:002017-03-21T21:57:56.593-07:00How Things Work Today or The Joys of Consulting<P>A person with company A has a concern about some work that needs to be done. They call outsource IT firm B with whom they have a contract. Firm B has nobody on staff with the required experience. Company B is big and well known. Their solution: call recruiter C who in turn checks their database and realizes that Linux systems consultant D has the experience. Hi! I'm D.</p>
<P>Unfortunately this is being handled like a game of telephone and the information C gave to D (me) didn't clearly explain what they needed so D (me) asked for more information. In the meanwhile I get a note from B forwarded by C that makes it very clear what is needed. Thank you, C, but... I now have to go back to C to tell them my question is irrelevant. Asking it would make me look stupid because it really isn't the issue at all. If that message gets through in time I give them what they need to present me successfully to B and A. Fortunately C did get the message before presenting D to B.</P>
<P>Why might this still not happen? B presents this as if A is demanding someone who has worked on the exact same hardware running the exact same application. That's why I asked an irrelevant application question in the first place. Software vendor E supports the revised environment for their application and actually has this all very well documented. I work with E for another client so I have access to their knowledge base. I can definitely solve the problem. That doesn't change the fact that I don't match on the irrelevant points of experience and they may turn around and look for someone who does.</P>
<P>Welcome to the world of IT consulting in 2017. Does this make sense to anyone? It doesn't to me.</P>Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com1tag:blogger.com,1999:blog-7599829348521871950.post-66725100367498639382016-12-21T16:53:00.001-08:002016-12-21T16:53:41.423-08:00A Holiday Gift From Conexant: an ALSA Driver For Recent Cherry Trail SOC Based Devices<P>Late on Monday Simon Ho of Conexant <a href=”http://mailman.alsa-project.org/pipermail/alsa-devel/2016-December/115899.html”>announced</a> the release of a driver for the company's driver for CX2072X codec to the ALSA-devel mailing list. I have to add a tip of the proverbial hat to Pierre Bossart who shared the information in <a href=”https://bugzilla.kernel.org/show_bug.cgi?id=115531”>kernel.bugzilla.org</a> where I found it. According to Mr. Bossart we can expect “a follow-up machine driver soon from Intel.” The machines where sound has been a problem have Intel SST sound on the SOC which uses the Conexant codec. On those systems the "sound card" is simply not detected.</P>
<P>This is good news for owners of many recent tablets and notebooks running on recent Intel Atom (Cherry Trail) based SOCs. These include systems by Acer, ASUS, HP, Toshiba and probably others. It impacts Android as well as more conventional Linux distributions. Preliminary testing in the user community, though limited at this point, appears to be entirely positive.</P>
<P>NOTE: I'll be posting a full review of my HP x2 Detachable 10-p010nr, the latest incarnation of that company's 10” 2-in-1 device shortly. Please watch this space.</P>
Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com2tag:blogger.com,1999:blog-7599829348521871950.post-24491878855093313452016-01-08T09:21:00.000-08:002016-01-10T15:58:55.661-08:00Goodbye, Debian 8.1Goodbye, <a href="http://www.debian.org">Debian</a> 8.1 (Jessie). I tried the distro for several months because RHEL clones (<a href="https://puias.math.ias.edu/">Springdale Linux</a> and <a href="https://www.centos.org/">CentOS</a>, both 7.0 and 7.1) didn't like my legacy nVidia GeForce 6150 SE in this old desktop and it was a pain to fix that. The system still is good enough to do all the work I need to do and performs reasonably well. Debian seemed like a reasonable alternative. I chose to install it with <a href="http://www.lxde.org">LXDE</a> as the desktop environment which is lightweight and ideal for old systems.<br><br>
First, <a href="https://wiki.debian.org/Iceweasel">Iceweasel</a> is not simply <a href="https://www.mozilla.org/en-US/firefox/new/">Firefox</a> with the branding stripped out as is often claimed. It slows down, takes all the system resources and locks for anywhere from a few seconds to almost a minute on many websites and does this repeatedly. It did it across multiple versions. Firefox simply works without this nonsense. Of course, I can use genuine Mozilla Firefox on Debian, but only outside their package management system unless I build and maintain packages myself. Yes, other browsers offer better performance on Debian, but for some sites Firefox is my preference and sometimes I really need to test in Firefox.<br><br>
Speaking of packages, their vaunted large repository would often have broken updates because of version mismatches and/or a lack of timely dependency updates. I also had to give up on Iceweasel language packs for a while because the browser was updated but the language packs were not. I had the choice of a browser with a known vulnerability that wouldn't upgrade or ripping out the language packs. Granted, I don't need browser menus in another language, but a lot of people do and there are things I wanted to test in a localized environment. I've seen this sort of really poor repository/package management in other distros, of course. I just haven't seen it much recently.<br><br>
Despite the large package selection I was surprised that some very ordinary things I use regularly that are found in lots of other distros weren't in Debian. No matter what distro I use I seem to end up building packages. Debian is no different.<br><br>
Then there is <a href="http://www.freedesktop.org/wiki/Software/PulseAudio/">PulseAudio</a>. Yes, it works. I couldn't get it to remember that I wanted line out as the default, not headphones, so I kept having to change it. Sure, that's a really minor annoyance, but it just works on most distros. User error? In this particular case quite possibly. I just couldn't be bothered to research it. I shouldn't have to spend the time to do so on something that just works in literally every other distro I've tried in recent years.<br><br>
Performance was decent, but a distro designed to be lightweight can be faster on older equipment. I went back to an old favorite, <a href="http://www.vectorlinux.com/">Vector Linux</a>, who have a very solid release in 7.1, and my system is faster. I'm not supporting Debian for work at the moment so there was no reason to keep it. Look, it's not a bad distro. Most of what I've described is relatively minor and entirely fixable. I don't want to tinker and I do want performance on legacy equipment. Debian 8.1 is simply not the best choice for me. Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com18tag:blogger.com,1999:blog-7599829348521871950.post-73598496837694279532015-10-19T11:47:00.000-07:002015-10-19T11:47:50.581-07:00List of Linux System Hardening ResourcesMy recent post about <a href="http://thelinuxworks.blogspot.com/2015/10/pcworld-recently-published-article.html">how quickly newly commissioned Linux systems can be attacked</a> and possibly compromised led to a bunch of e-mail queries about resources which explain how to lock down a variety of Linux distributions. Most such guides are distribution specific because, while the basic principles are always the same, there are significant differences between distributions and even versions of the same distribution that make writing a generic guide difficult at best.<br><br>
I did compile a list which I added to the comments. However, based on the number of questions I've received I thought it would be best to publish the list as a blog post, something people could easily find and bookmark, with some additions to what I originally posted. I've limited this list to distributions commonly used in businesses (large and small), academia, and in non-profits. I have not included specialized distributions, including those designed for use by security professionals. Most of these distributions also are excellent choices for personal use.<br><br><br>
<b>Red Hat Enterprise Linux / Centos / Scientific Linux / Springdale Linux</b><br><br>
<ul>
<li><a href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/">Red Hat Enterprise Linux 7 Security Guide</a><br>
<dir><a href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/chap-Hardening_Your_System_with_Tools_and_Services.html">Chapter 4: Hardening Your System with Tools and Services</a></dir>
<li><a href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/index.html">Red Hat Enterprise Linux 6 Security Guide</a>
<br>
<li><a href="https://wikis.utexas.edu/display/ISO/Red+Hat+Enterprise+Linux+7+Hardening+Checklist">University of Texas Red Hat Enterprise Linux 7 Hardening Checklist</a><br>
<li><a href="http://benchmarks.cisecurity.org/downloads/browse/index.cfm?category=benchmarks.os.linux.redhat">CIS Red Hat Enterprise Linux Security Benchmarks</a></ul><br>
<b>Debian</b><br><br>
<ul>
<li><a href="https://www.debian.org/doc/manuals/securing-debian-howto/">Securing Debian Manual</a><br>
<li><a href="https://wiki.debian.org/Hardening">Debian Wiki: Hardening</a></ul><br>
<b>SUSE</b><br><br>
<ul>
<li><a href="https://www.suse.com/documentation/sles11/singlehtml/book_hardening/book_hardening.html">Suse Linux Enterprise Server 11 SP4 Security and Hardening</a><br>
<li><a href="https://en.opensuse.org/Portal:Security">OpenSUSE Security Portal</a>
</ul><br>
<b>Ubuntu</b>
<ul>
<li><a href="http://hardenubuntu.com/">Harden Ubuntu</a><br>
<li><a href="https://help.ubuntu.com/community/Security">Ubuntu Community Help Wiki: Security</a></ul>
Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com1tag:blogger.com,1999:blog-7599829348521871950.post-60915766856594763662015-10-07T10:42:00.000-07:002015-10-07T10:44:20.607-07:00Linux Security: Lock Down a New System ImmediatelyPCWorld recently published an <a href="http://www.pcworld.com/article/2987580/security/a-linux-botnet-is-launching-crippling-ddos-attacks-at-more-than-150gbps.html">article about Linux botnets</a> launching DDoS attacks. The attackers find and exploit poorly secured Linux systems. Some Linux users have a fairly cavalier attitude about security, assuming the supposedly superior design of the OS somehow protects them. It doesn't. Now that <a href="http://www.zdnet.com/article/npd-chromebooks-outsell-windows-laptops/">Chromebooks outsell Windows laptops</a> and Amdroid devices are ubiquitous the days when Linux was a secondary target for malware are long gone. Linux' prominence in both the server room and on consumer devices make it a prime target.<br><br>
How quickly will a newly commissioned system be attacked? Here's my recent experience. I did a build of a webserver with CentOS 7.1 and Drupal 8. That went smoothly. Then I installed all the latest patches. On to configuring and hardening the server. The first time I issued a su command to allow me to configure sudo I got a message about failed logins. I looked at the logs and sure enough, someone was already trying to break in with a scripted brute force attack. I immediately configured ssh to disallow root login and to disconnect after three failed attempts. That slowed but did not stop the attacks. OK, I checked the IP address they were coming from, knowing full well it might be spoofed, and found the owner was a French ISP. To satisfy my curiosity I put in a temorary firewall rule to disallow that IP range and the attack stopped and did not resume. So... either the IP address was not spoofed and some script kiddie was trying to break in from their actual connection or else the attack came through a proxy server with an IP address in that range. Cute.<br><br>
Anyway, I finished my usual tasks for hardening a server and Apache, uploaded my backed up files and put them in the appropriate places with the appropriate permissions. My idea of hardening Apache includes both mod_evasive and mod_security with a current rule set. My idea of securing a server includes blocking pretty much all inbound connections not needed by either the web server, software used on the website or SSH.<br><br>
I should also add that IP address blocking, up to and including geolocking, is generally not an effective defense. Knowledgeable hackers use proxies. Many change their apparent IP addresses frequently. Blocking IPs, even at the firewall level, is a lot like playing Whac-a-Mole. The attack simply continues from a different IP in short order. The brute force attacks I'm still experiencing are trying to login as root and since remote root logins are disabled that simply won't work. However, the excess traffic to my server continues and there is relatively little I can do about it.<br><br>
How long between my rebuild and the start of the attacks? A few minutes. Such is life on the Internet today. The first thing anyone should do with a new system, any system, is lock it down. Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com15tag:blogger.com,1999:blog-7599829348521871950.post-7139444554968874472014-05-30T20:07:00.000-07:002014-06-02T16:51:48.789-07:0032-bit Enterprise Linux Still MattersI've been testing the <a href="http://www.redhat.com/about/news/archive/2014/4/red-hat-enterprise-linux-7-release-candidate-now-publicly-available">Red Hat Enterprise Linux 7 Release Candidate</a>. One thing that stuck out right away was the lack of a 32-bit x86 build. In last week's <a href="http://distrowatch.com/weekly.php?issue=20140526">DistroWatch Weekly</a> Jesse Smith questioned the need for such a build, which is only useful on legacy hardware, in the enterprise. He wrote:<br>
<blockquote>"Something which caught my attention while reading this question was the requirement for a 32-bit operating system with newer software than Red Hat Enterprise Linux 6 offers. It seems unusual that someone would want new software versions, enterprise support and a 32-bit operating system. New software and legacy hardware (or new software and enterprise environments) rarely go together and it might be worth looking into whether these criteria are really necessary."</blockquote>
While I certainly understand Jesse's point about 32-bit being legacy hardware, there are still many use cases where 32-bit and current enterprise quality software and OS are necessary. Many current Linux apps are still very light and can run very well on rather old hardware, both in the server room and on the desktop.<br><br>
I've done a lot of support of government servers and they run for about forever, as in until they serve no further use. Even retired, old servers are often repurposed and put back into service due to budget restrictions and/or long lead times to order new equipment under the required procedures for government procurement. In the United States this is especially true at the state level. When a server is repurposed it is usually reloaded with the current enterprise standard Linux distrubution release and applications, not legacy releases. That's one common use case.<br><br>
Non-profits and small businesses often get by with older equipment as well, and in the case of non-profits it may even be donated second hand equipment that was no longer useful in it's former commercial enterprise home. Once again, a 32-bit OS and current software makes sense in cases like this.<br><br>
My personal hope is that the free enterprise Linux clones will take Red Hat's 64-bit sources and create a 32-bit version. It isn't hard to do but it is time consuming. <a href="http://www.centos.org/">CentOS</a> has already made clear they will release a 32-bit build(see comment by developer Johnny Hughes below), which leaves <a href="https://www.scientificlinux.org/">Scientific Linux</a> and <a href="http://springdale.math.ias.edu/">Springdale Linux</a>.<br><br>
[Note: This article was expanded from my comments on DistroWatch Weekly, Issue 560.]<br><br>Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com14tag:blogger.com,1999:blog-7599829348521871950.post-36688950897456880962014-04-25T16:28:00.000-07:002014-04-25T17:34:19.948-07:00The Lucrative Linux Job Offer I Turned DownI haven't written about sexism in the Information Technology field in six and a half years. Any time I have ever written about gender issues, sexism or discrimination in IT, and particularly <a href="http://www.oreilly.com/pub/au/2654?all=yes#Blog">when I wrote for O'Reilly</a>, there would be many comments by men who would get all defensive, tell me it's all in my pretty little head or if I would just get tougher and ignore it it would all go away. Others would fall back on sexist stereotypes, claiming women are just not interested in computing or are simply not as good at anything related to math, science and engineering than their male counterparts. Those who inevitably argue that the problem doesn't exist demonstrate just how pervasive the problem is with their comments. Never mind that IT is still dominated by young, white men plus a smattering of young Asian men. Other minorities and women are grossly underrepresented. Never mind that women have left IT in droves over the past 14 years and when interviewed they cite the hostile workplace that is the reality of many if not most IT shops. Nope, there's nothing wrong at all.<br><br>
Last month I went through an interview process with a large company in a nearby state. I turned down what would have been the highest rate of my career as a Senior Linux Engineer. It paid about $10K more than I earned in a contract in Texas last year. Why did I walk away from an offer like that? I was told there are 400 people in IT, all male. I would have been woman #1 in 2014. When I asked about whether I might have problems in that environment the gentleman who would have been my boss said, "I'm the manager. I'm in a position to make sure you have no problems." That's when I knew that I had to walk away. If he had said, "I know my people. You won't have problems." I might still have taken the job. To think he can dictate attitudes and corporate culture told me that a lot more was wrong than even I saw in my interview process, and I had a bad feeling about this position pretty early on.<br><br>
It's 2014, isn't it? I've been in IT since 1980. I have <b><i>never</i></b> seen an all male IT department before. Even worse: I worked for one of this company's direct competitors years ago and the ratio of men to women in my group was 60/40. Sexism in IT hasn't gotten better in recent years. It's gotten far, far worse. Still, I expect lots of comments from people, mostly men, in denial about this. After all, things are just fine for them.<br><br>
I have pretty much decided to continue to build my consulting business even if it means less money in the short run than a corporate or government position. At least in my own business I have some control of the environment, even if I have to work a lot harder for every dollar.Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com60tag:blogger.com,1999:blog-7599829348521871950.post-53010282420037565062013-05-24T15:57:00.000-07:002013-05-24T18:50:04.082-07:00It Seems I Won't Be Writing For Linux Advocates After AllLast week I had announced in the <a href=http://www.lxer.com">LXer</a> forums that I would be a contributing author to <a href="http://www.linuxadvocates.com">Linux Advocates</a>. That was followed by a post on the site announcing that I would be joining their team. I was honestly excited about this. I felt that writing for Linux Advocates would add credibility to my stories and bring me back some of the wider audience I had when <a href="http://www.oreillynet.com/pub/au/2654?all=yes#Blog">I wrote for O'Reilly Media</a>. The additional exposure would help me market my consulting business which brings Linux and FOSS solutions to businesses and organizations looking to reduce IT costs and enhance the reliability, stability and security of their IT infrastructure. <br><br>
Today it became clear that I wouldn't be writing for Linux Advocates after all. I've learned a lot in the past week and I've come to the conclusion that this is for the best. <br><br>
First, a number of prominent writers and developers in the Linux community tried to get me to reconsider. The big issue for them was what they saw as heavy handed moderation by Dietrich Schmitz, including banning a number of them from the site entirely. I've argued that website owners have the <a href="http://ever-increasing-entropy.blogspot.com/2009/11/strange-ideas-about-freedom-of-speech.html">right to moderate and control the content</a> on their sites. I've made clear that such editorial control is most definitely <a href="http://ever-increasing-entropy.blogspot.com/2009/12/legitimate-limitations-on-freedom-of.html">not censorship</a> as <a href="http://www.montanalinux.org/opinion-linux-site-comment-censorship.html">some have claimed</a>. The dispute between Mr. Schmitz and those who felt they were unfairly treated, including several former Linux Advocates writers, spilled over into five different threads in the LXer forums and several Google+ pages and included a great deal of rather heated language.<br><br>
After reading all the comments back and forth I decided to go ahead as planned and I began an article on <a href="http://www.freedesktop.org/wiki/Software/systemd/">systemd</a> to be published as my first post for Linux Advocates. Unfortunately little things like earning a living plus one day where I was a bit under the weather got in the way of my finishing the article until today. Following instructions sent to me by Mr. Schmitz I added myself as a contributor to the site. So far, so good.<br><br>
Only then did I really read and digest everything else Mr. Schmitz wanted me to do, like setup an account in his personal domain so that I could have a Linux Advocates e-mail address. He also wanted me to install a Zemanta plugin for Chrome. I have deliberately chosen not to use Chrome (an article about that soon) and wasn't happy about that at all. I went to install the Zemanta plugin for Firefox instead and was presented with a Microsoft-style End User License Agreement (EULA). As many in the open source community would expect, that set off all sorts of red flags for me.<br><br>
In the seven years since my identity was stolen and used for criminal purposes I've become increasingly paranoid about data security. I already feel I've left way too much information about myself out on the net. I'm very concerned about what companies like Google, Facebook and Microsoft do when they collect data about me. I'm very concerned about who they might sell or give that data to. Suddenly, I found myself reading a license agreement for a proprietary piece of software that explicitly had terms relating to collecting and retaining data.<br><br>
I felt deeply uncomfortable and didn't go through with the installation. It's one thing to be forced to use proprietary software to service a client or do work required by an employer. It's quite another for someone who is getting my labor at no cost and benefiting from it to demand I install something on my own system. I first asked if Zemanta was mandatory and then wrote a follow-up e-mail making clear that I wasn't about to install it.<br><br>
Mr. Schmitz' response was direct and to the point. If I can't accommodate how he chooses to run his site then I should go elsewhere. Once again, he was getting writing from me on a voluntary basis on a website were he is currently <a href="http://www.linuxadvocates.com/2013/05/a-matter-of-survival.html">begging for money</a> to make ends meet. This is a Linux advocacy site. You'd think he'd be the one to accommodate an aversion to proprietary tools that aren't in any way necessary for him to publish my writing. I guess not.<br><br>
So.. no, sorry, Mr. Schmitz, I won't be accommodating you. I'll find ways to bring traffic to my blog which don't require sacrificing my security, privacy or principles. I still have other outlets who would like me to write for them as well. I wish Dietrich Schmitz all the best with his website. I just won't be a part of it.Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com43tag:blogger.com,1999:blog-7599829348521871950.post-5867170598545275042013-05-17T16:15:00.000-07:002013-05-18T08:18:34.800-07:00Linux, Standards and the Enterprise: Why Red Hat Enterprise Linux Remains the Best ChoiceDietrich Schmitz, writing for the <a href="http://www.linuxadvocates.com">Linux Advocates</a> website, posted <a href="http://www.linuxadvocates.com/2013/05/red-hat-enterprise-linux-lsb.html">an article</a> yesterday about how Red Hat's adherence to the <a href="http://www.linuxfoundation.org/collaborate/workgroups/lsb">Linux Standards Base (LSB)</a> guarantees stability and reduces costs in the enterprise. While I agree with Mr. Schmitz wholeheartedly, from my perspective the reasons by <a href="http://www.redhat.com/products/enterprise-linux/">Red Hat Enterprise Linux</a> remains both the leader and the best choice in business, government and non-profit spaces goes far beyond the LSB.</br><br>
I've been a professional UNIX/Linux systems administrator for 18 years now. I've had to implement, maintain and support servers from all of the enterprise distributions and a few distributions not generally used in the enterprise as well for my employers and customers over the years. I'm a big advocate for Red Hat and the various free clones (<a href="http://www.centos.org/">CentOS</a>, <a href="http://www.scientificlinux.org/">Scientific Linux</a> and <a href="http://springdale.math.ias.edu/">Springdale Linux</a>) as the best solution for most organizations. First, it's exceptionally stable as Mr. Schmitz points out. Second, it offers the longest support period at 10 years. Third, they have excellent and professional support.* Fourth, they do the best job at insuring compatibility with both FOSS and commercial apps during the full 10 year release cycle.<br><br>
My big issue with <a href="https://www.suse.com/">SUSE Linux Enterprise</a> (SLES/SLED) is that they do push <a href="http://www.linuxuser.co.uk/reviews/suse-linux-enterprise-server-11-sp2-review">major version changes of the kernel</a>, tool chain and apps in what they euphemistically call Service Packs. The Service Packs are actually major releases recently and have been known to cause major breakage and pain. My experience with their support organization here in the U.S. has been less than satisfactory, particularly the time needed to respond to and resolve issues.<br><br>
Canonical (<a href="http://www.ubuntu.com/server">Ubuntu</a>) has much shorter support periods than either Red Hat or SUSE. They also don't backport additional hardware support or patches into their kernel, forcing you to either do the SUSE style update gamble even more frequently than with SUSE or else to run without needed support and/or vulnerabilities.<br><br>
The free clones of Red Hat Enterprise Linux I mentioned earlier are not permitted to name their source, referring merely to "the upstream provider," but pretty much everyone in the Linux community knows precisely what they mean. They represent a real advantage to Red Hat (the distribution if not the business) in that they allow businesses to try before they buy. They provide the opportunity to run a test bed or non-critical system at reduced cost. The clones also allow non-profits and cash strapped small businesses to forgo commercial support, at least for a time, and still use software that is entirely compatible with the leading enterprise Linux distribution. As organizations grow and their needs change converting a server or workstation running a clone to a genuine, supported Red Hat system is a simple process.<br><br>
Finally, I'm sure fans of <a href="http://www.debian.org">Debian</a> and <a href="http://www.slackware.com">Slackware</a> packaging will disagree with me, but keeping to standards, specifically the LSB, also goes a long way to insure application compatibility. I think it's vital that all enterprise distros follow standards.<br><br>
*= Disclaimer: I was part of the support team for seven months as a consultant in 2005. I no longer am affiliated with Red Hat in any way, shape or form.
[NOTE: This article originally appeared as <a href="http://lxer.com/module/forums/t/34632/">a comment on LXer.com</a> in abbreviated form.]Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com35tag:blogger.com,1999:blog-7599829348521871950.post-76691816007998775312012-09-07T13:54:00.000-07:002012-09-07T13:54:44.974-07:00Linux on the Desktop: New OpportunitiesLately we’ve been treated to (or bombarded by) a slew of articles and blog posts proclaiming the failure and/or the death of Linux on the desktop. I could describe what I really think of these articles but my language would be a bit more colorful than would be appropriate. Suffice it to say it’s all bunk as far as I am concerned.<br><br>
I have <a href="http://broadcast.oreilly.com/2012/04/the-new-desktop-paradigm-blame.html">written</a> about why I believe Linux remains under 10% of the desktop market: the lack of preloaded systems available in stores and the slow uptake of Linux on the enterprise desktop. The enterprise desktop is critical if Linux is to make progress on the consumer desktop without a presence in big box stores. People use what they know and like. If they use and like Linux at work they may well want to use it at home as well.<br><br>
During my recent travels I had the opportunity to talk to a manager in a cash strapped part of government. Linux has been making inroads there not only on servers but also as a thin client solution. One high point of the discussion was when he showed me a magazine article, one I had already read, about how unsuitable Linux is for the desktop. He had read several articles like that one and had bought the oft repeated conclusion that Windows is still the only option for doing real work. Once again, it’s all bunk.<br><br>
I was able to seize upon the opportunity, talking about my experience with Windows to Linux migrations I had seen in companies I have worked with. I also could point to a few large corporations that had made the change and had saved millions of dollars in the process. There is a real possibility I may be able to do a demonstration project using <a href="http://www.opensuse.org/en/">openSUSE</a>. If that is successful it could lead to a significantly large enterprise migration, one I would get to participate in. This particular piece of government already has largely replaced Microsoft Office with <a href="http://www.openoffice.org/">OpenOffice</a> so that’s one piece of the migration which would be simple for them.<br><br>
Of course, if this did go forward, which is by no means a certainty, it would not be unique or in any way ground breaking. I’ve dealt with any number of companies and organizations that have done it already. Linux enterprise desktop penetration is still small, but there are some very large deployments out there. I’ve seen a few that have been absolutely successful in terms of lowering costs and increasing stability and security.<br><br>
As anyone who reads the news knows, the economy in the U.S. is recovering slowly and the economy in much of Europe is back in recession. As businesses, governments and organizations look at ways to survive and even thrive in what is still a difficult financial climate it is very likely that Open Source solutions will get another serious look. If adoption grows in any meaningful way, even in a relatively small way, yet more consumers will be aware that there is an alternative to Windows out there, one which may well be superior for their particular needs. Once they’ve used Linux at the office, and perhaps Android (which is just a Linux distribution after all) on their phone or tablet, the fear of trying a different OS than Windows may be gone. The explosion of tablets and smartphones that generally don’t run Windows coupled with some expansion in corporate adoption may give Linux one perhaps final opportunity to gain traction on the consumer desktop as well.Caitlyn Martinhttp://www.blogger.com/profile/08066943172339740116noreply@blogger.com53