Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 01 Sep 2014, 23:06
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Announcements
Announcing the OBVIOUS: Puppy, Replacement - WinXP/Vista/7/8
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 6 of 8 [116 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8 Next
Author Message
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Sat 15 Mar 2014, 10:26    Post subject:  

mikeb wrote:


dropbox...have you played with dropbox uploader bash script...if not it might be right up your street.

mike


Built it into my apps, and put it into the menu. Great for moving from data amongst computers and devices.

Quote:
I rejected a device recently as we have a ton of creative software that requires windows and I saw nothing that came close to it on android.


I'm more interested in exploring new functionality vs replicating what already works well. The quality and quantity of available applications, however, is nothing short of phenomenal and rapidly moving into the serious business arena.

Quote:
myth... its worth learning about browser integration, active x dcom and the adverse effect it had the security of the operating system.


All bets are off with an unsecure browser for any OS. Same holds true for unprotected sex.
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8230

PostPosted: Sat 15 Mar 2014, 13:37    Post subject:  

If you understood the structure of the IE 'browser ' you would not be calling it a browser...its worth getting familiar and understand how its insecurity model has nothing to do with web browsers as stand alone programs.

thats over use of the word browser so heres some more...

comparing IE to any other browser comes under the apples and pears heading in terms of system security.

All browsers have potential security leaks.... IE on the other hand is merely a part of an integrated internet connected desktop system with fundamental security flaws in its design that can never be fully addressed.

I only stress this as its core to the understanding of what we are all dealing with (or not ) when it comes to safeguarding our machines on the internet.

I only came across the information on a journey from miserable windows existance like everyone else to it ceasing to be a problem. So did others mis inform me as if so its uncanny how i have survived this long based on flawed data.

anyway... there is a house to repaint so time to leave such matters back under the rug....


mike
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Sat 15 Mar 2014, 15:51    Post subject:  

mikeb wrote:


comparing IE to any other browser comes under the apples and pears heading in terms of system security.


I think that's certainly apropos for this thread, "Announcing the OBVIOUS."
There are probably many excellent reasons not to use IE, but it's been well over a decade since I've heard anyone discussing it.

edit: Maybe not...I think I recall hearing the tail end of some show on NPR where someone claimed that IE isn't really as bad as people think it is.
Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 308

PostPosted: Sun 16 Mar 2014, 07:35    Post subject:  

mikeb wrote:
If a mechanism for virus intrusion is removed or simply not present in the first place then adding additional protection seems mute .... I have never taken any steps with regard to additional security when running linux...I regard it as inherently safe..so do others...I suspect so do you

That's the wrong way to think about it IMO. Reverse it completely and assume any system to have been breached and be insecure.

A fortress is only as strong as its weakest point. Have a look at just one instance of a single browser and its historic versions and the potential weaknesses that existed at one point or another http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html. I'm not specifically suggesting that browser to be bad, just using it as one example only. Similar risks can equally have existed for all other programs .. of which there are ... many.

All it takes is for one breach at one point in time that perhaps let it a small program. Let's assume a simple wget type program that sends out a 'I'm here, what command would you like me to try' request, receives something back from the external server and then tries that code .... repeatedly asking and trying. I'd sugget within less than a minute it could have identified the operating system and installed something more disguised and permanent. Virus checkers can only test and remove known virus/trogans. Potentially for each known virus/trogan there could be a unknown virus/trogan, sitting deeply within a system and heavily disguised.

Linux is not imune to such threats, or more cleverer threats. As such it should be considerd as open as any other system. The best defence is to treat a private PC as being as open as a public PC and not store anything you wouldn't mind being made public, nor use it to connect to banking/financial systems. For banking - use a fresh read only (single session DVD) image of the operating system (with firewall) and browser, power down the PC, power up again and boot to that fresh image, only connect directly with the banks system (i.e. don't browse elsewhere before or after), perform the transactions and power down again and reboot into a normal session. Puppy is great for that as you can create a bootable CD just for that purpose, you could even recompile from source code to do that if you desired (but that is perhaps extreme). To a large extent is doesn't matter if the op system or browser is old/weak as there is little opportunity to exploit weaknesses when used in that manner (so you don't have to repeatedly recreate new boot DVD's - but obviously its worth doing so once in a while).

The latest windows versions that (generally) lock out booting from USB or DVD as a claimed security mechanism is rubbish. The enclosed system will be exposed to exploits and be breached relatively easily which totally negates that boot device security - and worst still makes alternative security measures such as booting a clean DVD puppy/browser a less viable option.
Back to top
View user's profile Send private message 
greengeek

Joined: 20 Jul 2010
Posts: 2510
Location: New Zealand

PostPosted: Sun 16 Mar 2014, 10:52    Post subject:  

rufwoof wrote:
The latest windows versions that (generally) lock out booting from USB or DVD as a claimed security mechanism is rubbish. The enclosed system will be exposed to exploits and be breached relatively easily which totally negates that boot device security
Exactly - UEFI seems to me to be an ironclad, rock solid way to boot an insecure system. Not for me thanks.
Back to top
View user's profile Send private message 
gcmartin

Joined: 14 Oct 2005
Posts: 4238
Location: Earth

PostPosted: Sun 16 Mar 2014, 16:03    Post subject:  

Yes, UEFI (all PC manufacturers) and EFI (Apple) is merely a means to "brand" a PC for a given OS vendor.

We just saw, last week, one vendor who had planned to release a dual boot (Windows8+ & Android) have its plans halted. What is not reported is the reason: UEFI licensing, maybe??? We have seen the reporting suggest marketing and branding.

We have enough understanding in this community to get past the hype and the emotion to focus on a great RAM based OS that mimics Apple and Microsoft as it should be attractive to people who seek to discover how to use what they have heard about without compromising their existing configuration. Puppy offers this as well as providing pathways to a more traditional solution of running from an HDD, as well as non-traditional removal media approaches. Flexibility!

We just need to insure our functionality provides equivalent, up to date technology, in the packaging as PUPs have traditionally followed allowing community members to provide support that they understand and are accustomed to. Not just the ever-important kernel, but the subsystems as well; namely video, audio, multimedia, LAN services, Office, along with newer Cloud and up to date external attachment capabilities. We need to focus on functionality and insure that the minimalist understand or have some tool to throw out what "they" don't want. Remember: Minimalist already understand Linux and have no problems navigating their ways thru any distro; whereas, converts are new, naive, and seeking understanding in something they are unaccustomed to.

We are already seeing forum members with forward-thinking solutions. Examples have already been mentioned by me as well as a look at the 2 very forward approaches by ETP and company.

This shows that PUPs "CAN" be generated that embraces new OS delivery on PC platforms of all kinds.

Everyone, we have bits and pieces scattered, we just need a true Apple/Windows functional replacement where NOTHING needs be installed to allow any user to launch with exactly similar functionality seen from mainstream vendors. And when we have it WE need to flaunt it!

In my years in Puppyland, noone seems to want to look at this, this way. I'm not sure why, but, I think we are so mature in PUP and PUP development (WOOF-CE for example) that our focus just needs a little twerking (I meant that word) to change how we have avoided looking at things to look at going full steam into the future without compromising what we have already accomplished with the solid products of our past.

Maybe we should put together a checklist or functionality list. Your additional thoughts?

_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engine or use DogPile
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8230

PostPosted: Sun 16 Mar 2014, 17:27    Post subject:  

theres a lot of experience versus opinions in these parts... some examples of actual breaches would be handy to help quantify the situation.

mike
Back to top
View user's profile Send private message 
greengeek

Joined: 20 Jul 2010
Posts: 2510
Location: New Zealand

PostPosted: Sun 16 Mar 2014, 19:29    Post subject:  

gcmartin wrote:
Everyone, we have bits and pieces scattered, we just need a true Apple/Windows functional replacement where NOTHING needs be installed to allow any user to launch with exactly similar functionality seen from mainstream vendors....
In my years in Puppyland, noone seems to want to look at this, this way. I'm not sure why,
I guess what you are asking for is a 'turnkey' solution that does everything the user wants it to. The problem with that is that end users are not all the same - one solution does not fit all. This is one of the reasons why Windows (and Ubuntu) are so bloated - they try to cater for every person and every level of experience.

Also new converts from Windows simply MUST learn a different way of doing things if they come to Puppy - that learning process is critical and I'm not sure that attempting to build a turnkey solution will solve their problems - it might just encourage them to reach for too much too soon. No point hooking your puppy up to your corporate network in the hope that it will be a straightforward replacement for whatever PC or Mac your IT department has specified and qualified for that environment. Maybe Puppy simply IS NOT ready to be a replacement.

Maybe Puppy users NEED to be more prepared to fine tune their own systems and find alternative ways of doing things, rather than expecting such a turnkey solution?

I'm definitely not against progress but I am against generation of false expectations.
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Sun 16 Mar 2014, 20:49    Post subject:  

greengeek wrote:
I guess what you are asking for is a 'turnkey' solution that does everything the user wants it to. The problem with that is that end users are not all the same - one solution does not fit all. This is one of the reasons why Windows (and Ubuntu) are so bloated - they try to cater for every person and every level of experience.

Also new converts from Windows simply MUST learn a different way of doing things if they come to Puppy - that learning process is critical and I'm not sure that attempting to build a turnkey solution will solve their problems - it might just encourage them to reach for too much too soon. No point hooking your puppy up to your corporate network in the hope that it will be a straightforward replacement for whatever PC or Mac your IT department has specified and qualified for that environment. Maybe Puppy simply IS NOT ready to be a replacement.

Maybe Puppy users NEED to be more prepared to fine tune their own systems and find alternative ways of doing things, rather than expecting such a turnkey solution?

I'm definitely not against progress but I am against generation of false expectations.


I'll take a stab at translating your post into gcspeak, so it can be better understood.

We might assume that what is asked for is a 'turnkey' solution that does everything the user wants it to. Others might assume that end users are not all the same - one solution does not fit all. This is one of the reasons why Windows (and Ubuntu) may be considered overly bloated, in that they try to cater to every level of experience.

It is commonly thought that new converts from Windows simply MUST learn a different way of doing things if they come to Puppy. Some developers (mentioned in my previous posts) have already begun solving that problem. We are almost there!

We in the Puppy community NEED to be more prepared to offer users the advantages of fine tuned systems with alternative modes (hint: improved documentation) of addressing the developmental needs of the future. We should have the foresight and courage to see the immediate opportunities for moving forward that is right before our eyes, for those with the vision to see it.

This is meant only to be helpful. Ideas/suggestions?

gcmartin: am I close? Smile
Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 308

PostPosted: Sun 16 Mar 2014, 21:12    Post subject:  

I'm relatively new (3 weeks) to puppy (Slacko 5.7) and started off by remastering my own that had loads of things in it.

Subsequently I've gone the complete opposite and deleted out abiword, gnumeric and firefox, replacing those with a libre office SFS that I can load when needed, and opted for portable-firefox, such that my boot DVD (frugal running) is very lean.

I found a means to combine PET's and SFS's into a single SFS and have build a single multi-media SFS that contains xvidcap, openshot, audacity and blender. I have both those sfs's (libre and muti-media) on the desktop (dragged/dropped) so I can load/unload them as required.

I came from a XP background, not having liked the office upgrades in later versions of windows, and originally created a virtual box fresh image of XP and office that ran under puppy, but have since just dropped that as puppy does all I need.

One thing I do miss is the plug-n-play however, as puppy is more plug and read a lot/try/configure ....

My goal is to have the puppy desktop PC connected to the TV (display) and then use a tablet to control that (as a form of intelligent remote control). i.e. vnc. So as long as the tablet can detect devices (plug-n-play) that will resolve the problem. And whilst out and about, I'll still be able to connect/control the puppy desktop, albeit at a lower resolution (wireless internet speed rather than internal home wireless speed). For that purpose I've installed xvkbd in puppy. (I've also opted for sakura terminal rather than urxvt as that better supports copy/paste the way I prefer it to do so (and fonts/colours and a whole lot of other things)).

Rather than the whole/everything approach (Knoppix LiveDVD style), I think the lean core and add in what you want approach is the better of the two.

What would be nice would be to have better guidance of which kernel/puppy to initially select to build upon. I worked through loads before finally settling for Slacko 5.7, more due to blindness of which kernel and puppy would be the more appropriate for my hardware (many puppies wouldn't work with my particular hardware (in particular the wireless USB adapter)). And one that was relatively bear, just a means to get a gui up and running with internet connected, and then add whatever browser was preferred and then .... add additional packages as deemed to be appropriate for needs.

Having waded through loads of sneekylinux youtubes and the wide range of linux choices, the conclusion I came to was that they're all just a basic desktop GUI (program) that enables launching other programs (spreadsheet etc), but just presented 101 different ways. At the heart however is a kernel that works with the particular hardware, a preferred choice of GUI (to install and run required programs), and a means to browse the internet.
Screenshot_2014-03-16_190846.png
 Description   
 Filesize   245.91 KB
 Viewed   230 Time(s)

Screenshot_2014-03-16_190846.png

Back to top
View user's profile Send private message 
greengeek

Joined: 20 Jul 2010
Posts: 2510
Location: New Zealand

PostPosted: Mon 17 Mar 2014, 11:58    Post subject:  

rufwoof wrote:
...and have build a single multi-media SFS that contains xvidcap, openshot, audacity and blender. .
How big is the multimedia sfs? I'd be keen to download a copy if you're willing to host it somewhere?
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Mon 17 Mar 2014, 12:41    Post subject:  

greengeek wrote:
rufwoof wrote:
...and have build a single multi-media SFS that contains xvidcap, openshot, audacity and blender. .
How big is the multimedia sfs? I'd be keen to download a copy if you're willing to host it somewhere?


They're simple to make, but can cause problems when overly combined. I think it's wise to use SFSs with discretion.
Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 308

PostPosted: Mon 17 Mar 2014, 14:29    Post subject:  

greengeek wrote:
rufwoof wrote:
...and have build a single multi-media SFS that contains xvidcap, openshot, audacity and blender. .
How big is the multimedia sfs? I'd be keen to download a copy if you're willing to host it somewhere?

127MB http://www.murga-linux.com/puppy/viewtopic.php?t=92616

Created by downloading appropriate individual PET's/SFS's and then using createsfs script from http://www.murga-linux.com/puppy/viewtopic.php?search_id=1426292272&t=38432 and running the command :

./createsfs -f multimedia audacity-1.3.14.pet Blender263.sfs openshot-1.4.2.sfs xvidcap-1.1.7.pet

For portable firefox I downloaded shinobar's http://www.murga-linux.com/puppy/viewtopic.php?t=91945 - which works really well IMO. Dowloads the latest version at first run and then keeps everything outside/separate.
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8230

PostPosted: Mon 17 Mar 2014, 15:21    Post subject:  

so any actual accounts of a system intrusion via say firefox...think it has a large enough user base to not come under the obscurity heading?

mike
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Mon 17 Mar 2014, 15:55    Post subject:  

mikeb wrote:
so any actual accounts of a system intrusion via say firefox...think it has a large enough user base to not come under the obscurity heading?

mike


Deriving any conclusions based on opinions of a few responders would be almost meaningless.

http://www.mozilla.org/security/known-vulnerabilities/firefox.html
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 6 of 8 [116 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Taking the Puppy out for a walk » Announcements
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1463s ][ Queries: 12 (0.0338s) ][ GZIP on ]