Comments
Showing all 29 comments [View the article]
@ Erhan
So you want Windows without licence? "Free" Windows...
People seeking "to find" Windows in Linux, hum, I am not sure that be good news for UNIX systems...
"Are you working in MS?"
No, I use GNU/Linux (but not Pardus)
So you want Windows without licence? "Free" Windows...
People seeking "to find" Windows in Linux, hum, I am not sure that be good news for UNIX systems...
"Are you working in MS?"
No, I use GNU/Linux (but not Pardus)
You’re right, Erhan, the two aren’t in any way comparable.
Beginning with Vista, Window’s security architecture doesn’t deliberately blur the distinction between normal user and administrator privileges.
Beginning with Vista, Window’s security architecture doesn’t deliberately blur the distinction between normal user and administrator privileges.
Blue Knight says:
"But then why do you use GNU/Linux? Again if you don’t want UNIX model, don’t use a UNIX system. Use the "real thing", i.e. Windows (And even Microsoft tried to improve the security in Vista)"
Why windows? Goverment pays to Microsoft 600.000 x (Windows License + office licence ...) dolars for every year for totally very simple tasks. Are you working in MS? Pardus is much more than enough and abs-bloody-lutely no need for any WINDOWS for govermantal offices. they will just use firefox.
By the way I made up the total number of computers :)..
"But then why do you use GNU/Linux? Again if you don’t want UNIX model, don’t use a UNIX system. Use the "real thing", i.e. Windows (And even Microsoft tried to improve the security in Vista)"
Why windows? Goverment pays to Microsoft 600.000 x (Windows License + office licence ...) dolars for every year for totally very simple tasks. Are you working in MS? Pardus is much more than enough and abs-bloody-lutely no need for any WINDOWS for govermantal offices. they will just use firefox.
By the way I made up the total number of computers :)..
I will try pardus,ı hope it’s better than windows...
Yerli Malı Yurdun Malı Herkes Onu Kullanmalı
yaw keşke meb felan da bunu kullansa
Yerli Malı Yurdun Malı Herkes Onu Kullanmalı
yaw keşke meb felan da bunu kullansa
Erhan says:
"Yes we can say it Window 98..The users mostly will be Windows 98 users.. So this is good for them..
By the way I am not developer .. I am just user"
And what? According to what you say, you thus want that Pardus behaves like Windows 98? Excuse me but why pervert a system which proved to be reliable to make it resemble another which was everything except protected?
But then why do you use GNU/Linux? Again if you don’t want UNIX model, don’t use a UNIX system. Use the "real thing", i.e. Windows (And even Microsoft tried to improve the security in Vista)
"Yes we can say it Window 98..The users mostly will be Windows 98 users.. So this is good for them..
By the way I am not developer .. I am just user"
And what? According to what you say, you thus want that Pardus behaves like Windows 98? Excuse me but why pervert a system which proved to be reliable to make it resemble another which was everything except protected?
But then why do you use GNU/Linux? Again if you don’t want UNIX model, don’t use a UNIX system. Use the "real thing", i.e. Windows (And even Microsoft tried to improve the security in Vista)
> By the way I am not developer .. I am just user..
Naturally I defer to your learned expertise.
Naturally I defer to your learned expertise.
Yes we can say it Window 98..
It will be used in govermantal places.. The users mostly will be Windows 98 users.. So this is good for them..
By the way I am not developer .. I am just user..
It will be used in govermantal places.. The users mostly will be Windows 98 users.. So this is good for them..
By the way I am not developer .. I am just user..
> We dont say Pardus linux.. We say Pardus..
Why not just call it Windows 98? If memory serves, that also had a "trusted user" security philosophy.
Why not just call it Windows 98? If memory serves, that also had a "trusted user" security philosophy.
Erhan says:
"If you dont like Pardus use another distro :).."
Yes. But one must also try to help, to explain why such or such thing is good or not. The newbies for example need explanations to understand a new system, “not to swallow anything” and to believe that it is normal and usual, to understand why it is good or not. ;-)
Pardus is otherwise a promising distro, it is a pity really that there is this severe breach in security. This security "relaxation" is outrageously evil, not even other user friendly initiatives, to my knowledge, have not try to "innovate" that much ( and I hope nobody will do it!)
So again: Pardus is a very promising distro but because of the UNIX security perverted, it can’t be recommended.
"If you dont like Pardus use another distro :).."
Yes. But one must also try to help, to explain why such or such thing is good or not. The newbies for example need explanations to understand a new system, “not to swallow anything” and to believe that it is normal and usual, to understand why it is good or not. ;-)
Pardus is otherwise a promising distro, it is a pity really that there is this severe breach in security. This security "relaxation" is outrageously evil, not even other user friendly initiatives, to my knowledge, have not try to "innovate" that much ( and I hope nobody will do it!)
So again: Pardus is a very promising distro but because of the UNIX security perverted, it can’t be recommended.
> If you dont like Pardus use another distro :)..
When one of Pardus’s lead developers boasts about his feckless incompetence ("I remember SMIT in AIX 3.1 did not ask me any passwords for administrative tasks, someone correct me if I’m wroing [sic] - maybe it’s because I was using AIX machine as root.") perhaps it’s not quite the same as the choice between strawberry and vanilla ice-cream.
When one of Pardus’s lead developers boasts about his feckless incompetence ("I remember SMIT in AIX 3.1 did not ask me any passwords for administrative tasks, someone correct me if I’m wroing [sic] - maybe it’s because I was using AIX machine as root.") perhaps it’s not quite the same as the choice between strawberry and vanilla ice-cream.
If you dont like Pardus use another distro :)..
We dont say Pardus linux.. We say Pardus..
We dont say Pardus linux.. We say Pardus..
glasiad wrote:
> "Pardus dispenses with conventional UNIX security culture"
>
> That’s one of the reasons this distro is great for the 99% of home users
> who don’t live in a state of paranoia and just use their computers for work,
> communication, knowledge seeking, and entertainment.
>
> To all those UNIX SECURITY junkies - please note: the Cold War is over!
glasiad wrote (elsewhwere):
> Security is a state of mind.
So you don’t think that the years of data currently stored on your PC’s worth protecting from remote and local exploits? To each his own.
> Computers are just mashines [sic]. Easily replaced when defective.
I think I’ll decamp to Wales, it’s obviously a land of unimaginable wealth!
> "Pardus dispenses with conventional UNIX security culture"
>
> That’s one of the reasons this distro is great for the 99% of home users
> who don’t live in a state of paranoia and just use their computers for work,
> communication, knowledge seeking, and entertainment.
>
> To all those UNIX SECURITY junkies - please note: the Cold War is over!
glasiad wrote (elsewhwere):
> Security is a state of mind.
So you don’t think that the years of data currently stored on your PC’s worth protecting from remote and local exploits? To each his own.
> Computers are just mashines [sic]. Easily replaced when defective.
I think I’ll decamp to Wales, it’s obviously a land of unimaginable wealth!
@ glasiad
"That’s one of the reasons this distro is great for the 99% of home users who don’t live in a state of paranoia and just use their computers for work, communication, knowledge seeking, and entertainment."
Doesn’t the home user need protection? It is surely for that on Windows for example people use anti-viruses/spyware/maleware/firewall........ They don’t want to be protected, that is just for the fun...
"the Cold War is over! "
hey, no war here! But again If you don’t want UNIX model, security, state of mind etc, don’t use UNIX system.
"That’s one of the reasons this distro is great for the 99% of home users who don’t live in a state of paranoia and just use their computers for work, communication, knowledge seeking, and entertainment."
Doesn’t the home user need protection? It is surely for that on Windows for example people use anti-viruses/spyware/maleware/firewall........ They don’t want to be protected, that is just for the fun...
"the Cold War is over! "
hey, no war here! But again If you don’t want UNIX model, security, state of mind etc, don’t use UNIX system.
"Pardus dispenses with conventional UNIX security culture"
That’s one of the reasons this distro is great for the 99% of home users who don’t live in a state of paranoia and just use their computers for work, communication, knowledge seeking, and entertainment.
To all those UNIX SECURITY junkies - please note: the Cold War is over!
That’s one of the reasons this distro is great for the 99% of home users who don’t live in a state of paranoia and just use their computers for work, communication, knowledge seeking, and entertainment.
To all those UNIX SECURITY junkies - please note: the Cold War is over!
Ismail "cartman" Donmez says:
"This security FUD bores me to hell. Asking passwords again and again won’t make anything secure."
Wow! And this guy is " the head of Pardus security team"? My God! An additional reason not to use Pardus!
KimTjik says:
"However I can’t understand his arguments about security: why on earth should every distro push some proclaimed UNIX culture about security down the throat of every single user of Linux? Why not give users the right to choose?"
If you don’t want UNIX security, don’t use a UNIX system and use Windows rather than seeking to pervert something which proved reliable.
"Pardus is aimed at the typical desktop user who doesn’t protect information of the dignity of national security on his/her system. He/she simply wants a smooth system whether at home, office or school. Pardus delivers a good user experience in this respect."
Again with this state of mind, use Windows, you are not at the good place. And even Microsoft tried to improve the security in Vista and to educate the home user not to use an administrative account, and there is a Linux project trying to do exactly the opposite. I’m sorry but can perform a wide range of administrative tasks (adding/removing packages, starting/stopping services or the firewall, etc.) without being ever asked for a password is a very bad habits to give even for a home users. For the sake of the user’s convenience, basic Linux principles were broken.
Stepelevich says:
"The developers, when questioned about the security implications of their work, are inclined to say "if you don’t like it, use another Linux distribution"."
One must hope that people will not ask from other distributions to provide them with such a feature..........
Pardus is otherwise very promising but because of the UNIX security perverted, it can’t be recommended.
"This security FUD bores me to hell. Asking passwords again and again won’t make anything secure."
Wow! And this guy is " the head of Pardus security team"? My God! An additional reason not to use Pardus!
KimTjik says:
"However I can’t understand his arguments about security: why on earth should every distro push some proclaimed UNIX culture about security down the throat of every single user of Linux? Why not give users the right to choose?"
If you don’t want UNIX security, don’t use a UNIX system and use Windows rather than seeking to pervert something which proved reliable.
"Pardus is aimed at the typical desktop user who doesn’t protect information of the dignity of national security on his/her system. He/she simply wants a smooth system whether at home, office or school. Pardus delivers a good user experience in this respect."
Again with this state of mind, use Windows, you are not at the good place. And even Microsoft tried to improve the security in Vista and to educate the home user not to use an administrative account, and there is a Linux project trying to do exactly the opposite. I’m sorry but can perform a wide range of administrative tasks (adding/removing packages, starting/stopping services or the firewall, etc.) without being ever asked for a password is a very bad habits to give even for a home users. For the sake of the user’s convenience, basic Linux principles were broken.
Stepelevich says:
"The developers, when questioned about the security implications of their work, are inclined to say "if you don’t like it, use another Linux distribution"."
One must hope that people will not ask from other distributions to provide them with such a feature..........
Pardus is otherwise very promising but because of the UNIX security perverted, it can’t be recommended.
> However I can’t understand his arguments about security: why on earth
> should every distro push some proclaimed UNIX culture about security
> down the throat of every single user of Linux? Why not give users the right
> to choose?
Because when use of a particular service (such as the package manager) has far-reaching, potentially disastrous consequences to all of a system’s users, the most rudimentary of security considerations dictate that
(i) the service is only available as and when it’s actually required
(ii) the service is accessible only to those with whom it can actually be trusted
Pardus in its default configuration *objectively fails* in respect of both of those requirements.
The question should be: what advantages are to be had deviating from the traditional UNIX security model? None that I can see, for sure.
> He/she simply wants a smooth system whether at home, office or school.
> Pardus delivers a good user experience in this respect.
Well in that case, Windows XP Home Edition would also fit the bill.
> should every distro push some proclaimed UNIX culture about security
> down the throat of every single user of Linux? Why not give users the right
> to choose?
Because when use of a particular service (such as the package manager) has far-reaching, potentially disastrous consequences to all of a system’s users, the most rudimentary of security considerations dictate that
(i) the service is only available as and when it’s actually required
(ii) the service is accessible only to those with whom it can actually be trusted
Pardus in its default configuration *objectively fails* in respect of both of those requirements.
The question should be: what advantages are to be had deviating from the traditional UNIX security model? None that I can see, for sure.
> He/she simply wants a smooth system whether at home, office or school.
> Pardus delivers a good user experience in this respect.
Well in that case, Windows XP Home Edition would also fit the bill.
Pardus 2007.2 is very slick and easy to use, it is on a par with
pc linux and I hope it continues to be so, I shall be using it more
and maybe replace Ubuntu with Pardus once I have explored it
more.
pc linux and I hope it continues to be so, I shall be using it more
and maybe replace Ubuntu with Pardus once I have explored it
more.
I’ve tested and used Pardus for several months now. It’s not my main working horse, but I have it set up as default on one system which is used by a small organization of volunteers. When PCLinuxOS finally released its stable 2007 version I’ve been able to compare them and in certain fields it comes out as a winner and overall I would say it’s a close call; if you want a KDE environment in another language than English though Pardus is for obvious reasons the certain and only choice. Some more options added to Tasma would be nice, but on the other hand the menus in KDE are better organized than in PCLinuxOS. Performance wise Pardus proves to be well configured and do from time to time get the upper hand. OK, I stop here, but my point is that Pardus isn’t behind and if quality counts it should gain popularity.
My main system is Fedora, now 7 64bit, and I suppose Mr. Stepelevich would approve the security policy it’s based on. However I can’t understand his arguments about security: why on earth should every distro push some proclaimed UNIX culture about security down the throat of every single user of Linux? Why not give users the right to choose? A Linux system might of course be modified to perform a bunch of specialized tasks, but as far as I can understand Pardus is aimed at the typical desktop user who doesn’t protect information of the dignity of national security on his/her system. He/she simply wants a smooth system whether at home, office or school. Pardus delivers a good user experience in this respect.
My main system is Fedora, now 7 64bit, and I suppose Mr. Stepelevich would approve the security policy it’s based on. However I can’t understand his arguments about security: why on earth should every distro push some proclaimed UNIX culture about security down the throat of every single user of Linux? Why not give users the right to choose? A Linux system might of course be modified to perform a bunch of specialized tasks, but as far as I can understand Pardus is aimed at the typical desktop user who doesn’t protect information of the dignity of national security on his/her system. He/she simply wants a smooth system whether at home, office or school. Pardus delivers a good user experience in this respect.
Hi,
Firstly thanks for the review, I am the head of Pardus security team and let me tell you sometimes we fix security bugs months before other distributions do. This security FUD bores me to hell. Asking passwords again and again won’t make anything secure.
Security advisories might be lacking but security updates are faster than light that I can assure you.
Back to the review, I now added a package-manager link to main menu, above of Tasma icon so your concern about making it hard to find should be solved for 2007.2 release.
Firstly thanks for the review, I am the head of Pardus security team and let me tell you sometimes we fix security bugs months before other distributions do. This security FUD bores me to hell. Asking passwords again and again won’t make anything secure.
Security advisories might be lacking but security updates are faster than light that I can assure you.
Back to the review, I now added a package-manager link to main menu, above of Tasma icon so your concern about making it hard to find should be solved for 2007.2 release.
"... The Bluefish package missed the "libgnomeui" dependency which I then installed ..."
It has just been fixed in svn.
http://liste.pardus.org.tr/contrib-commits/2007-June/005308.html
Please report any bugs you found, http://bugs.pardus.org.tr/
Only category page is in Turkish, just click a "Paketler" link, which means "Packages"
Regards
It has just been fixed in svn.
http://liste.pardus.org.tr/contrib-commits/2007-June/005308.html
Please report any bugs you found, http://bugs.pardus.org.tr/
Only category page is in Turkish, just click a "Paketler" link, which means "Packages"
Regards
I remember now the other reason. The LiveCD is codenamed "Calisan" and, sharing many letters with "Caracal," I thought that your wallpaper was the LiveCD default. I expected to see "Kurulan" on the desktop instead.
>Urr...? Yeah? Why would I use a LiveCD when I install every other distro I review. Not that I feel the need to prove myself but what makes you feel that it is "clearly from the LiveCD"?
My fault :^)
Just after I posted that, I realized that I was incorrect. The reason I thought it was the LiveCD is because I never set the background manually, but rather set it through Kaptain Desktop to the blue birds image. In my sleepiness, I thought that was the default wallpaper.
I think I have a bias against some Linux reviews because most seem to take the easy way out and just use VMWare.
My fault :^)
Just after I posted that, I realized that I was incorrect. The reason I thought it was the LiveCD is because I never set the background manually, but rather set it through Kaptain Desktop to the blue birds image. In my sleepiness, I thought that was the default wallpaper.
I think I have a bias against some Linux reviews because most seem to take the easy way out and just use VMWare.
AUTHOR COMMENT
>Your screenshot is clearly from the LiveCD. Are you sure you installed this?
Urr...? Yeah? Why would I use a LiveCD when I install every other distro I review. Not that I feel the need to prove myself but what makes you feel that it is "clearly from the LiveCD"?
>Your screenshot is clearly from the LiveCD. Are you sure you installed this?
Urr...? Yeah? Why would I use a LiveCD when I install every other distro I review. Not that I feel the need to prove myself but what makes you feel that it is "clearly from the LiveCD"?
The pisi package manager icon can be placed in the group of icons
with time and volume control by running the Kaptan utility.
The last screen offers to put the pisi icon there.
The ’contrib-2007’ repository can be added to pisi:
Open pisi, settings, configure package manager.
’add new repository’.
click the down arrow on the repository address box
to show the main repository.
change ’pardus-2007’ to ’contrib-2007’
I got ’Opera’ from the ’contrib-2007’ repository.
with time and volume control by running the Kaptan utility.
The last screen offers to put the pisi icon there.
The ’contrib-2007’ repository can be added to pisi:
Open pisi, settings, configure package manager.
’add new repository’.
click the down arrow on the repository address box
to show the main repository.
change ’pardus-2007’ to ’contrib-2007’
I got ’Opera’ from the ’contrib-2007’ repository.
Your screenshot is clearly from the LiveCD. Are you sure you installed this?
I’ve been using the 2007.2 first beta (the second beta is out as of this post) for two weeks and have found it to be a lovely distro that I hope to use for a long time. It is better at grabbing and holding wireless connections that any distro I’ve used, and hardware support is excellent all around. Once I enabled the single community repository, I was able to grab all my needs, from Bluefish to Agave, with ease. PiSi is a solid package manager. Nothing spectacular, but it gets the job done, and it’s fairly attractive. The system is extremely stable, especially for a beta. In two weeks, I’ve only run into two problems: The Bluefish package missed the "libgnomeui" dependency which I then installed, and once my computer wouldn’t wake from suspend.
From the very attractive design to the solid base system this is now one of the top three distros that I recommend to new users, along with Debian and PCLinuxOS. I think you should give this a long hard look for "most usable distro" once 2007.2 goes final, or even if 2007.3 makes it out as expected.
I’ve also found support to be very good in the English Pardus World Forum, although slow. It seems that this distro doesn’t give many people problems, because the helpers are there, just not many users with questions!
From the very attractive design to the solid base system this is now one of the top three distros that I recommend to new users, along with Debian and PCLinuxOS. I think you should give this a long hard look for "most usable distro" once 2007.2 goes final, or even if 2007.3 makes it out as expected.
I’ve also found support to be very good in the English Pardus World Forum, although slow. It seems that this distro doesn’t give many people problems, because the helpers are there, just not many users with questions!
Since, from the point of view of security, *nothing* has essentially changed from 2007.1, I may as well post this again...
Along with other reviewers, you haven’t picked up on Pardus’s truly bizarre attitude to security.
In Pardus, all but the most severe vulnerabilities are patched only as and when feature updates are also made available, i.e. once a fortnight (which, for example, is the time it took for the Firefox 2.0.0.3 patch to filter into the Pardus repositories).
This is a matter of explicit policy on Pardus’s part. In the words of a senior developer: "Instantly merges only allowed for if the problem is a security one, and _if and only if_ its severity is high. This is a clear policy."
*Far* more seriously, Pardus dispenses with conventional UNIX security culture for the sake of attracting new users. I quote: "a) current Linux security model is complex, b) complexity brings desktop abandoning."
What this means is that the first user to set up a (non-root) account in Pardus is able to deploy Pardus’s powerful config and package management tools *without first having to log in as root*.
In addition, Pardus does not provide an easy way for its newbie constituency to ensure that these tools are only made available when logged in as root.
Even apart from the question of remote exploits, there’s the matter of what can happen to a PC’s system files when it’s left briefly unattended -- after all, how can Pardus ensure that the person sitting in front of your computer at any given moment *is* this mythical "trusted user"?
Essentially, Pardus thinks that ordinary users are less deserving of a secure operating system than people administering servers. I quote: "We only provide that simple policy which is enough (i think) for desktop usage but of course you may want some more."
The developers, when questioned about the security implications of their work, are inclined to say "if you don’t like it, use another Linux distribution". Their obvious cynicism aside, never a truer word was spoken!
Along with other reviewers, you haven’t picked up on Pardus’s truly bizarre attitude to security.
In Pardus, all but the most severe vulnerabilities are patched only as and when feature updates are also made available, i.e. once a fortnight (which, for example, is the time it took for the Firefox 2.0.0.3 patch to filter into the Pardus repositories).
This is a matter of explicit policy on Pardus’s part. In the words of a senior developer: "Instantly merges only allowed for if the problem is a security one, and _if and only if_ its severity is high. This is a clear policy."
*Far* more seriously, Pardus dispenses with conventional UNIX security culture for the sake of attracting new users. I quote: "a) current Linux security model is complex, b) complexity brings desktop abandoning."
What this means is that the first user to set up a (non-root) account in Pardus is able to deploy Pardus’s powerful config and package management tools *without first having to log in as root*.
In addition, Pardus does not provide an easy way for its newbie constituency to ensure that these tools are only made available when logged in as root.
Even apart from the question of remote exploits, there’s the matter of what can happen to a PC’s system files when it’s left briefly unattended -- after all, how can Pardus ensure that the person sitting in front of your computer at any given moment *is* this mythical "trusted user"?
Essentially, Pardus thinks that ordinary users are less deserving of a secure operating system than people administering servers. I quote: "We only provide that simple policy which is enough (i think) for desktop usage but of course you may want some more."
The developers, when questioned about the security implications of their work, are inclined to say "if you don’t like it, use another Linux distribution". Their obvious cynicism aside, never a truer word was spoken!
i have just start to use Pardus it is really really nice and very easy user friendly fantastic distribution.however i am not expert on linux distro but i like pardus
This has changed in Pardus 2008. In the installation, if u give a user ’administration rights’, he’s no longer able to do some things without password, he’ll be only added to the sudo list. But, if you want, you can check a box: ’remember password’, when installing a package or something, but then you only have acces to that one application, but still don’t have write acces to the / folder or something.