Re: Availability of "Debian GNU/Linux Installation Guide" for OFFLINE use

[David Wright]

On Sat 21 Sep 2024 at 07:03:58 (-0500), Richard Owlett wrote:
> On 09/20/2024 10:57 AM, David Wright wrote:
> > On Fri 20 Sep 2024 at 07:53:28 (-0500), Richard Owlett wrote:
> > > On 09/19/2024 10:04 AM, David Wright wrote:
> > > > On Thu 19 Sep 2024 at 09:16:25 (-0500), Richard Owlett wrote:
> > > > > Is the AMD64 version of "Debian GNU/Linux Installation Guide"
> > > > > available as a single file.
> > > > > 
> > > > > I need it available when the network is not.
> > > > > 
> > > > > It would be convenient if a copy of the menus appearing when
> > > > > installing from DVD1 were available.
> > > > 
> > > > Have you tried googling:
> > > > 
> > > > debian stable installation guide pdf amd64
> > > > 
> > > > which should lead you to:
> > > > 
> > > > https://www.debian.org/releases/stable/amd64/install.en.pdf
> > > 
> > > No ;}
> > > For two primary  reasons:
> > > 1. due to vision/perception problems I avoid PDF in favor of HTML.
> > > SeaMonkey simplifies consistent font size across documents.
> > > 2. My work style uses tabs to group (and save across restarts)
> > > related references conveniently.
> > > 
> > > Secondarily, for those preferring PDF, in my use of SeaMonkey since
> > > days of Squeeze I never noticed mention of its documentation being
> > > available as PDF.
> > 
> > The PDF is ~650kB, but for ~17MB you can get all three formats
> > (PDF/text/HTML) as one file (in the sense it seems you mean) in
> > the Debian package installation-guide-amd64.
> 
> As you didn't give a URL, I went to
> https://html.duckduckgo.com/html?q=%22Debian%22%20%22package%22%20%22installation-guide-amd64%22

URLs aren't a sensible way to refer to Debian packages amongst Debian
users, as we all have the APT tools to locate/download/install them.

> That did not link to "all three formats (PDF/text/HTML) as one file"
> available to one who does not have Debian already installed.

If it linked to a .deb file, then technically that's not true, as .deb
files are just two compressed tar archives (.xz, formerly .gz IIRC)
in an ar archive. But I don't follow why that's of particular concern.

> 1st hit  of "Details of package installation-guide-amd64 in bullseye"
> prompted travel in right direction.
> 
> I've been using Debian since Squeeze. I have never been pointed to
> [ /usr/share/doc ] nor [ /usr/share/doc-base ]. The latter contains
> the "Installation Guide" as uncompressed HTML filed. PDF&text versions
> are there in compressed format.

Since ~woody, and taken here from squeeze's Installation Guide §7.3:

 "Documentation accompanying programs you have installed
  can be found in /usr/share/doc/, un-
  der a subdirectory named after the program (or, more
  precise, the Debian package that contains the
  program). However, more extensive documentation is
  often packaged separately in special documen-
  tation packages that are mostly not installed by
  default. For example, documentation about the pack-
  age management tool apt can be found in the
  packages apt-doc or apt-howto.

 "In addition, there are some special folders within
  the /usr/share/doc/ hierarchy. Linux HOWTOs
  are installed in .gz (compressed) format, in
  /usr/share/doc/HOWTO/en-txt/. After installing
  dhelp, you will find a browsable index of
  documentation in /usr/share/doc/HTML/index.html."

> > Using tabs isn't affected by whether the HTML code itself is in
> > a "single" file or a tree.
> 
> My mention of tabs was to point out why PDF was not useful.

I could expand my mention of tabs to include that you can have
multiple browser tabs showing different parts of one PDF file
in the same way as you can with an HTML file.

> > > Because I'm doing a "from scratch" install for the first time in
> > > several years, I said:
> > > > It would be convenient if a copy of the menus appearing when installing
> > > > from DVD1 were available.
> > 
> > Sorry, I would have thought you could recite them from memory by now :)
> 
> Tell me that with a straight face when you pass 80 ;)!
> [I haven't seen that set of screens in at least 5 years.]

I recalled a "SUCESSFUL INSTALL" [sic] status report from May 2022,
and also thought you had restarted installing about 3 months ago.
Perhaps I was assuming too much.

On Sun 22 Sep 2024 at 06:16:53 (-0500), Richard Owlett wrote:
> On 09/19/2024 09:16 AM, Richard Owlett wrote:
> > Is the A

Re: Availability of "Debian GNU/Linux Installation Guide" for OFFLINE use

[Richard Owlett]

On 09/19/2024 09:16 AM, Richard Owlett wrote:
Is the AMD64 version of "Debian GNU/Linux Installation Guide" available 
as a single file.


I need it available when the network is not.


IF you have *already* installed Debian, the individual HTML files and 
compressed copies of the PDF and plain text versions are in

/usr/share/doc/installation-guide-amd64/en/ .

I have not found where this would be available to a potential first time 
user of Debian.




It would be convenient if a copy of the menus appearing when installing 
from DVD1 were available.


Some(all?) of the images are available in the .../img sub-directory 
created when [ 
https://download.tuxfamily.org/debianbegin/the_beginners_handbook.html.tar.gz 
] is downloaded and decompressed.

Re: Availability of "Debian GNU/Linux Installation Guide" for OFFLINE use

[Richard Owlett]

On 09/20/2024 10:57 AM, David Wright wrote:

On Fri 20 Sep 2024 at 07:53:28 (-0500), Richard Owlett wrote:

On 09/19/2024 10:04 AM, David Wright wrote:

On Thu 19 Sep 2024 at 09:16:25 (-0500), Richard Owlett wrote:

Is the AMD64 version of "Debian GNU/Linux Installation Guide"
available as a single file.

I need it available when the network is not.

It would be convenient if a copy of the menus appearing when
installing from DVD1 were available.


Have you tried googling:

debian stable installation guide pdf amd64

which should lead you to:

https://www.debian.org/releases/stable/amd64/install.en.pdf


No ;}
For two primary  reasons:
1. due to vision/perception problems I avoid PDF in favor of HTML.
SeaMonkey simplifies consistent font size across documents.
2. My work style uses tabs to group (and save across restarts)
related references conveniently.

Secondarily, for those preferring PDF, in my use of SeaMonkey since
days of Squeeze I never noticed mention of its documentation being
available as PDF.


The PDF is ~650kB, but for ~17MB you can get all three formats
(PDF/text/HTML) as one file (in the sense it seems you mean) in
the Debian package installation-guide-amd64.


As you didn't give a URL, I went to
https://html.duckduckgo.com/html?q=%22Debian%22%20%22package%22%20%22installation-guide-amd64%22

That did not link to "all three formats (PDF/text/HTML) as one file" 
available to one who does not have Debian already installed.


1st hit  of "Details of package installation-guide-amd64 in bullseye"
prompted travel in right direction.

I've been using Debian since Squeeze. I have never been pointed to
[ /usr/share/doc ] nor [ /usr/share/doc-base ]. The latter contains the 
"Installation Guide" as uncompressed HTML filed. PDF&text versions are 
there in compressed format.




Using tabs isn't affected by whether the HTML code itself is in
a "single" file or a tree.


My mention of tabs was to point out why PDF was not useful.




Because I'm doing a "from scratch" install for the first time in
several years, I said:

It would be convenient if a copy of the menus appearing when installing
from DVD1 were available.


Sorry, I would have thought you could recite them from memory by now :)


Tell me that with a straight face when you pass 80 ;)!
[I haven't seen that set of screens in at least 5 years.]




I recall most of what has to be accomplished but am hazy on some
details. So I went looking at https://www.debian.org/ from a "newbie"
point of view. ~Nada:{
Drilling down leads to https://www.debian.org/do_c/ which first points


FTR remove the "_".


our possibly non-geek newbie to "Installation Guide" and "Debian
GNU/Linux FAQ" which, though brimming with facts, are inconveniently
organized.


Oh dear, I thought that was how the Installation Guide had been
organised since the days of yore.


YES! It has bugged me forever ;{




*HOWEVER* there is something _NEW_ on the page!
Who, me, excited ;}
There is now something called _The Debian Bookworm beginner’s
handbook_ [
https://debian-beginners-handbook.tuxfamily.org/index-en.html ].
For reasons stated above I'll be using the HTML more than the PDF.

This resource should be linked to on https://www.debian.org/ or at
most down only one level.


I don't think it makes sense to promote this above the two you've
already mentioned.


It should at least be in the same "Quick Start" paragraph.




I addresses some of my questions, though it only mentions others.
I'll be doing a lot of reading this weekend.


If you like it. I prefer the detail of the other two, and it now
sounds as if you might.


They suffer from too much detail.




One question. There are two HTML versions. What's difference between
the_beginners_handbook.html and the_beginners_handbook_night.html ?


It should be as clear as night and day from the very start of each,
but:

   $ diff -U0 the*/the* > diff (attached)


*ROFL*
Due to my vision problems, one of the first things done to SeaMonkey was 
choosing "Use my chosen colors, ignoring the colors and background image 
specified" option of Preferences->Appearance->Colors :}!




Cheers,
David.

Re: Availability of "Debian GNU/Linux Installation Guide" for OFFLINE use

[David Wright]

On Fri 20 Sep 2024 at 07:53:28 (-0500), Richard Owlett wrote:
> On 09/19/2024 10:04 AM, David Wright wrote:
> > On Thu 19 Sep 2024 at 09:16:25 (-0500), Richard Owlett wrote:
> > > Is the AMD64 version of "Debian GNU/Linux Installation Guide"
> > > available as a single file.
> > > 
> > > I need it available when the network is not.
> > > 
> > > It would be convenient if a copy of the menus appearing when
> > > installing from DVD1 were available.
> > 
> > Have you tried googling:
> > 
> >debian stable installation guide pdf amd64
> > 
> > which should lead you to:
> > 
> >https://www.debian.org/releases/stable/amd64/install.en.pdf
> 
> No ;}
> For two primary  reasons:
> 1. due to vision/perception problems I avoid PDF in favor of HTML.
>SeaMonkey simplifies consistent font size across documents.
> 2. My work style uses tabs to group (and save across restarts)
>related references conveniently.
> 
> Secondarily, for those preferring PDF, in my use of SeaMonkey since
> days of Squeeze I never noticed mention of its documentation being
> available as PDF.

The PDF is ~650kB, but for ~17MB you can get all three formats
(PDF/text/HTML) as one file (in the sense it seems you mean) in
the Debian package installation-guide-amd64.

Using tabs isn't affected by whether the HTML code itself is in
a "single" file or a tree.

> Because I'm doing a "from scratch" install for the first time in
> several years, I said:
> > It would be convenient if a copy of the menus appearing when installing
> > from DVD1 were available.

Sorry, I would have thought you could recite them from memory by now :)

> I recall most of what has to be accomplished but am hazy on some
> details. So I went looking at https://www.debian.org/ from a "newbie"
> point of view. ~Nada:{
> Drilling down leads to https://www.debian.org/do_c/ which first points

FTR remove the "_".

> our possibly non-geek newbie to "Installation Guide" and "Debian
> GNU/Linux FAQ" which, though brimming with facts, are inconveniently
> organized.

Oh dear, I thought that was how the Installation Guide had been
organised since the days of yore.

> *HOWEVER* there is something _NEW_ on the page!
> Who, me, excited ;}
> There is now something called _The Debian Bookworm beginner’s
> handbook_ [
> https://debian-beginners-handbook.tuxfamily.org/index-en.html ].
> For reasons stated above I'll be using the HTML more than the PDF.
> 
> This resource should be linked to on https://www.debian.org/ or at
> most down only one level.

I don't think it makes sense to promote this above the two you've
already mentioned.

> I addresses some of my questions, though it only mentions others.
> I'll be doing a lot of reading this weekend.

If you like it. I prefer the detail of the other two, and it now
sounds as if you might.

> One question. There are two HTML versions. What's difference between
> the_beginners_handbook.html and the_beginners_handbook_night.html ?

It should be as clear as night and day from the very start of each,
but:

  $ diff -U0 the*/the* > diff (attached)

Cheers,
David.
--- the_beginners_handbook/the_beginners_handbook.html  2024-08-30 
11:57:09.0 -0500
+++ the_beginners_handbook/the_beginners_handbook_night.html2024-08-30 
11:57:09.0 -0500
@@ -15 +15 @@
-background-color: #fafafa;
+background-color: #2F343F;
@@ -22 +22 @@
-color: #222;
+color: #D4D4D4;
@@ -28 +28 @@
-color: #005885;
+color: #0077B4;
@@ -33 +33 @@
-border-bottom: 1px dotted #005885;
+border-bottom: 1px dotted #0077B4;
@@ -61 +61 @@
-figure img {box-shadow: 0 0 3px 1px rgba(0, 0, 0, .2);}
+figure img {box-shadow: 0 0 3px 1px rgba(255, 255, 255, .2);}
@@ -92,3 +92,3 @@
-color: #111;
-background-color: #f4fbff;
-border: 1px solid #333;
+color: #ccc;
+background-color: #000;
+border: 1px solid #ccc;
@@ -105 +105,2 @@
-background-color: #eee;
+border: 1px solid #ccc;
+background-color: #222;
@@ -147 +148 @@
-
+

Re: Availability of "Debian GNU/Linux Installation Guide" for OFFLINE use

[Richard Owlett]

On 09/19/2024 10:04 AM, David Wright wrote:

On Thu 19 Sep 2024 at 09:16:25 (-0500), Richard Owlett wrote:

Is the AMD64 version of "Debian GNU/Linux Installation Guide"
available as a single file.

I need it available when the network is not.

It would be convenient if a copy of the menus appearing when
installing from DVD1 were available.


Have you tried googling:

   debian stable installation guide pdf amd64

which should lead you to:

   https://www.debian.org/releases/stable/amd64/install.en.pdf

Cheers,
David.



No ;}
For two primary  reasons:
1. due to vision/perception problems I avoid PDF in favor of HTML.
   SeaMonkey simplifies consistent font size across documents.
2. My work style uses tabs to group (and save across restarts)
   related references conveniently.

Secondarily, for those preferring PDF, in my use of SeaMonkey since days 
of Squeeze I never noticed mention of its documentation being available 
as PDF.


Because I'm doing a "from scratch" install for the first time in several 
years, I said:

It would be convenient if a copy of the menus appearing when installing
from DVD1 were available. 


I recall most of what has to be accomplished but am hazy on some 
details. So I went looking at https://www.debian.org/ from a "newbie" 
point of view. ~Nada:{
Drilling down leads to https://www.debian.org/do_c/ which first points 
our possibly non-geek newbie to "Installation Guide" and "Debian 
GNU/Linux FAQ" which, though brimming with facts, are inconveniently 
organized.


*HOWEVER* there is something _NEW_ on the page!
Who, me, excited ;}
There is now something called _The Debian Bookworm beginner’s handbook_ 
[ https://debian-beginners-handbook.tuxfamily.org/index-en.html ].

For reasons stated above I'll be using the HTML more than the PDF.

This resource should be linked to on https://www.debian.org/ or at most 
down only one level.


I addresses some of my questions, though it only mentions others.
I'll be doing a lot of reading this weekend.

One question. There are two HTML versions. What's difference between
the_beginners_handbook.html and the_beginners_handbook_night.html ?

Re: Availability of "Debian GNU/Linux Installation Guide" for OFFLINE use

[David Wright]

On Thu 19 Sep 2024 at 09:16:25 (-0500), Richard Owlett wrote:
> Is the AMD64 version of "Debian GNU/Linux Installation Guide"
> available as a single file.
> 
> I need it available when the network is not.
> 
> It would be convenient if a copy of the menus appearing when
> installing from DVD1 were available.

Have you tried googling:

  debian stable installation guide pdf amd64

which should lead you to:

  https://www.debian.org/releases/stable/amd64/install.en.pdf

Cheers,
David.

Re: Availability of "Debian GNU/Linux Installation Guide" for OFFLINE use

[DdB]

Am 19.09.2024 um 16:16 schrieb Richard Owlett:
> Is the AMD64 version of "Debian GNU/Linux Installation Guide" available
> as a single file
How about doing your homework?

> perplexity.ai:
> 
> Is the AMD64 version of "Debian GNU/Linux Installation Guide" available as a 
> single file?
> (...)
> 
> Yes, the AMD64 version of the "Debian GNU/Linux Installation Guide" is 
> available as a single PDF file. The search results indicate that the 
> installation guide for the 64-bit PC ("amd64") architecture can be found at 
> the following URL: 
> https://www.debian.org/releases/stable/amd64/install.en.pdf[2] This PDF 
> contains the complete installation instructions for Debian GNU/Linux on the 
> amd64 architecture, including information on hardware requirements, 
> partitioning, package installation, and post-installation configuration. The 
> guide is comprehensive and provides a step-by-step walkthrough for installing 
> Debian on 64-bit PCs.

Availability of "Debian GNU/Linux Installation Guide" for OFFLINE use

[Richard Owlett]

Is the AMD64 version of "Debian GNU/Linux Installation Guide" available 
as a single file.


I need it available when the network is not.

It would be convenient if a copy of the menus appearing when installing 
from DVD1 were available.


TIA

Re: linux-image-6.10.6 fails to build in nvidia-tesla-470

[Charles Curley]

On Sun, 15 Sep 2024 21:04:18 +0200
Christian Britz  wrote:

> Am 09.09.24 um 10:27 schrieb David:
> 
> > `apt auto-remove'  
> 
> You generally might want apt --purge auto-remove
> This also cleans up configuration files.

Which is the same as "apt autopurge", which I suggested earlier in this
thread.

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: linux-image-6.10.6 fails to build in nvidia-tesla-470

[Christian Britz]

Am 09.09.24 um 10:27 schrieb David:

> `apt auto-remove'

You generally might want apt --purge auto-remove
This also cleans up configuration files.

Re: linux-image-6.10.6 fails to build in nvidia-tesla-470

[David]

On Mon, 2024-09-09 at 11:04 +0300, Anssi Saari wrote:
> Charles Curley  writes:
> 
> > apt purge linux-image-amd64 linux-headers-amd64
> > apt install linux-image-amd64 linux-headers-amd64
> > 
> > You may want an "apt autopurge" in between.
> 
> That should do it although it's apt autoremove 

`apt auto-remove'

Cheers!
> I believe but if not you
> can explicitly remove the backport kernel image and headers.
> 
> Running dpkg -l linux-headers-\* and dpkg -l linux-image-\* will list
> the relevant packages, rows that start with ii mean installed.
> 
> Backport kernels will have bpo in the version column and those are
> the
> ones that are from backports and can be removed.
> 

Re: linux-image-6.10.6 fails to build in nvidia-tesla-470

[David]

On Mon, 2024-09-09 at 11:04 +0300, Anssi Saari wrote:
> Charles Curley  writes:
> 
> > apt purge linux-image-amd64 linux-headers-amd64
> > apt install linux-image-amd64 linux-headers-amd64
> > 
> > You may want an "apt autopurge" in between.
> 
> That should do it although it's apt autoremove 

`apt auto-remove'

Cheers!
> I believe but if not you
> can explicitly remove the backport kernel image and headers.
> 
> Running dpkg -l linux-headers-\* and dpkg -l linux-image-\* will list
> the relevant packages, rows that start with ii mean installed.
> 
> Backport kernels will have bpo in the version column and those are
> the
> ones that are from backports and can be removed.
> 

Re: linux-image-6.10.6 fails to build in nvidia-tesla-470

[Anssi Saari]

Charles Curley  writes:

> apt purge linux-image-amd64 linux-headers-amd64
> apt install linux-image-amd64 linux-headers-amd64
>
> You may want an "apt autopurge" in between.

That should do it although it's apt autoremove I believe but if not you
can explicitly remove the backport kernel image and headers.

Running dpkg -l linux-headers-\* and dpkg -l linux-image-\* will list
the relevant packages, rows that start with ii mean installed.

Backport kernels will have bpo in the version column and those are the
ones that are from backports and can be removed.

Re: linux-image-6.10.6 fails to build in nvidia-tesla-470

[Charles Curley]

On Fri, 6 Sep 2024 16:39:46 -0600
Rick Macdonald  wrote:

> Well, this is embarrassing. I found in the bash history that I ran
> this:
> 
> apt install -t bookworm-backports linux-image-amd64
> linux-headers-amd64

> 
> Sorry to sound so lame, but I do I remove the backport such that it
> goes back to the stock Bookworm kernel?

No worries; we've all done something similar. Well, except for the
wet-behind-the-ears know-it-alls. But that's why they're
wet-behind-the-ears know-it-alls.

Anyway, I seem to recall doing something like:

apt purge linux-image-amd64 linux-headers-amd64
apt install linux-image-amd64 linux-headers-amd64

You may want an "apt autopurge" in between.

You may also find yourself rebooting and manually purging surplus
kernels and headers packages.
-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: linux-image-6.10.6 fails to build in nvidia-tesla-470

[Rick Macdonald]

Well, this is embarrassing. I found in the bash history that I ran this:

apt install -t bookworm-backports linux-image-amd64 linux-headers-amd64

but I have no idea why. The timestamp of the deb file is July 18. I 
don't remember why I did this. Getting old sucks. Looking at the 
history, it looks like at the time I was having problems with 
pulseaudio, and it being replaced by pipewire.


Sorry to sound so lame, but I do I remove the backport such that it goes 
back to the stock Bookworm kernel?


Rick

On 2024-09-06 14:12, Anssi Saari wrote:

Rick Macdonald  writes:


I'm running an up-to-date Bookworm desktop. I have an NVIDIA GeForce
GTX 760 (192-bit) using the NVIDIA Driver Version 470.256.02, coming
from the nvidia-tesla-470 packages. I've searched this list and the
package pages and don't see any bugs reported.

The 6.10.6 image fails to build:

Errors were encountered while processing:
  linux-image-6.10.6+bpo-amd64
  linux-image-amd64
  linux-headers-6.10.6+bpo-amd64
  linux-headers-amd64

Is there some reason to run the backport kernel? Maybe just run with the
stock Bookworm kernel and consider upgrading hardware before Trixie?

Re: linux-image-6.10.6 fails to build in nvidia-tesla-470

[Anssi Saari]

Rick Macdonald  writes:

> I'm running an up-to-date Bookworm desktop. I have an NVIDIA GeForce
> GTX 760 (192-bit) using the NVIDIA Driver Version 470.256.02, coming
> from the nvidia-tesla-470 packages. I've searched this list and the
> package pages and don't see any bugs reported.
>
> The 6.10.6 image fails to build:
>
> Errors were encountered while processing:
>  linux-image-6.10.6+bpo-amd64
>  linux-image-amd64
>  linux-headers-6.10.6+bpo-amd64
>  linux-headers-amd64

Is there some reason to run the backport kernel? Maybe just run with the
stock Bookworm kernel and consider upgrading hardware before Trixie?

linux-image-6.10.6 fails to build in nvidia-tesla-470

[Rick Macdonald]

I'm running an up-to-date Bookworm desktop. I have an NVIDIA GeForce GTX 
760 (192-bit) using the NVIDIA Driver Version 470.256.02, coming from 
the nvidia-tesla-470 packages. I've searched this list and the package 
pages and don't see any bugs reported.


The 6.10.6 image fails to build:

Errors were encountered while processing:
 linux-image-6.10.6+bpo-amd64
 linux-image-amd64
 linux-headers-6.10.6+bpo-amd64
 linux-headers-amd64

I see the following in the build log:

/var/lib/dkms/nvidia-tesla-470/470.256.02/build/common/inc/nv-linux.h: 
In function ‘nv_ioremap_wc’:
/var/lib/dkms/nvidia-tesla-470/470.256.02/build/common/inc/nv-linux.h:579:33: 
warning: suggest braces around empty body in an ‘if’ statement 
[-Wempty-body]

  579 | NV_MEMDBG_ADD(ptr, size);
  | ^
/var/lib/dkms/nvidia-tesla-470/470.256.02/build/common/inc/nv-linux.h: 
In function ‘nv_vmap’:
/var/lib/dkms/nvidia-tesla-470/470.256.02/build/common/inc/nv-linux.h:666:51: 
warning: suggest braces around empty body in an ‘if’ statement 
[-Wempty-body]

  666 | NV_MEMDBG_ADD(ptr, page_count * PAGE_SIZE);
  |   ^
/var/lib/dkms/nvidia-tesla-470/470.256.02/build/nvidia/os-mlock.c: In 
function ‘nv_follow_pfn’:
/var/lib/dkms/nvidia-tesla-470/470.256.02/build/nvidia/os-mlock.c:23:12: 
error: implicit declaration of function ‘follow_pfn’; did you mean 
‘follow_pte’? [-Werror=implicit-function-declaration]

   23 | return follow_pfn(vma, address, pfn);
  |    ^~
  |    follow_pte
/var/lib/dkms/nvidia-tesla-470/470.256.02/build/nvidia/nv-kthread-q.c: 
In function ‘thread_create_on_node’:
/var/lib/dkms/nvidia-tesla-470/470.256.02/build/nvidia/nv-kthread-q.c:180:5: 
warning: ‘static’ is not at beginning of declaration 
[-Wold-style-declaration]


There are a great number of warnings pointing at NV_MEMDBG_ADD with the 
"suggest empty braces...: message.


I think the "error: implicit declaration..." mentioned is what fails the 
build, although elsewhere there's a message "cc1: some warnings being 
treated as errors".


According to the "NVIDIA X Server Settings" GUI, the 
nvidia-tesla-470/470.256.02 that is failing to build is actually the 
same version that I'm already running now with kernel 6.9.7.


# uname -a
Linux timshel 6.9.7+bpo-amd64 #1 SMP PREEMPT_DYNAMIC Debian 
6.9.7-1~bpo12+1 (2024-07-03) x86_64 GNU/Linux



What can I do?

Windows Update and dual booting linux

[George at Clug]

Hi,


I noticed the below issue today.


I think it only affects certain configuration of dual booting so not
too many people should be affected.

Does anyone know of people who have been affected?



https://www.theverge.com/2024/8/21/24225108/microsoft-security-update-windows-linux-dual-boot-errors

 Distributions including Ubuntu, Debian, Linux Mint, Zorin OS, and
Puppy Linux have all been affected by Microsoft’s patch.


Microsoft has been using Secure Boot in Windows for years, and made it
a key requirement for Windows 11 [1] to use the technology to secure
against BIOS rootkits. Researchers have found plenty of
vulnerabilities in Secure Boot over the years, and recently it was
discovered that Secure Boot is completely broken on many PCs [2].




George.



Links:
--
[1]
https://www.theverge.com/2021/6/29/22555371/microsoft-windows-11-cpu-support-hardware-requirements-tpm-response
[2]
https://www.theverge.com/2024/7/26/24206711/secure-boot-is-completely-broken-on-many-pcs

[RESOLVED] Re: Was linux-image-6.1.0-22-amd64 spontaneously rebooting?

[Mike]

Andrew M.A. Cater wrote:
> If you have problems after using a live image, it might be that the first
> of those was to use a live image :(
> 
> The netinst and DVD installers are more mature and potentially better tested.
> The live installer generally relies on different code if you use calamares,
> for example.
> 
> Repeat the install with a netinst if possible and report back.

I repeated the install with the Live USB image.

While doing so, I recalled that *during* the "Finish the installation" step,
I initially had the system spontaneous rebooting; later attempts finished
that step properly.  That alone points not to the image, but to the hardware.

The Live install--reformatting but not repartitioning the storage--completed
successfully.  So, again, I don't think it was the Debian image.

Re: Was linux-image-6.1.0-22-amd64 spontaneously rebooting?

[Andrew M.A. Cater]

On Thu, Aug 15, 2024 at 06:45:33AM -0400, songbird wrote:
> Mike wrote:
> 
> > I just installed Debian 12.6.0 (from a Debian Live ISO image) on new server
> > hardware.  On the way to getting it installed, it was suddenly rebooting.
> > I even got so far as installing it and running "apt upgrade", when it
> > rebooted again.
> >
> > Then that upgraded linux-image-6.1.0-22-amd64 to -23-.  So far, the system
> > seems stable.  I'll let it run for awhile before I believe that.
> >
> > So the question is: Has there recently been such an issue with the -22-
> > package?  It seems that there were a *lot* of changes from the upstream
> > 6.1.94 to 6.1.99, so maybe something was repaired.
> >
> 
>   however, i will note that when you are dealing with live
> images you pretty much need to look at that specific thing
> because other common assumptions about installation and
> booting may be different than the regular images.
> 

> 
>   i hope things remain stable.  :)
> 
> 
>   songbird
> 

If you have problems after using a live image, it might be that the first
of those was to use a live image :(

The netinst and DVD installers are more mature and potentially better tested.
The live installer generally relies on different code if you use calamares,
for example.

Repeat the install with a netinst if possible and report back.

All the very best, as ever,

Andy
(amaca...@debian.org)

Re: Was linux-image-6.1.0-22-amd64 spontaneously rebooting?

[songbird]

Mike wrote:

> I just installed Debian 12.6.0 (from a Debian Live ISO image) on new server
> hardware.  On the way to getting it installed, it was suddenly rebooting.
> I even got so far as installing it and running "apt upgrade", when it
> rebooted again.
>
> Then that upgraded linux-image-6.1.0-22-amd64 to -23-.  So far, the system
> seems stable.  I'll let it run for awhile before I believe that.
>
> So the question is: Has there recently been such an issue with the -22-
> package?  It seems that there were a *lot* of changes from the upstream
> 6.1.94 to 6.1.99, so maybe something was repaired.
>
> I'm not sure what to doubt right now: the CPU (Intel's been having issues
> with Raptor Lake, but mine's a "T" series), the motherboard (may have been
> mishandled by the retailer), or Linux.
>
> This is an offbeat question, so I understand if I never get an answer.

  i didn't even see this post to begin with (busy time so i did
skip some message reading for a few weeks)...

  however, i will note that when you are dealing with live
images you pretty much need to look at that specific thing
because other common assumptions about installation and
booting may be different than the regular images.

  it's been many many years since i last booted Knoppix or
anything other than a netinst image copied to a USB stick.

  on top of that if you are using new hardware the manufacturer
of the motherboard may have the bios set to do certain things
upon the first power on.

  to help in the future it would have gotten a few more 
eyeballs and braincells engaged had you specified which live
image and details about the motherboard.

  i hope things remain stable.  :)


  songbird

[RESOLVED] Re: Was linux-image-6.1.0-22-amd64 spontaneously rebooting?

[Mike]

I'll call this "resolved", not "solved".

> I'll let it run for awhile before I believe that.

I ran the -23- kernel for four days without issue.  Then I rebooted into the
previous -22- kernel, still installed.  That has run for a day so far.  So
the problems no longer seem to be present.

I don't know what caused them.  Maybe it was just a burn-in issue with the
power brick, the motherboard, the memory, or the NVMe SSD.

Re: Was linux-image-6.1.0-22-amd64 spontaneously rebooting?

[Mike]

On Fri, Aug 09, 2024 at 06:23:41PM +1000, George at Clug wrote:
> run a memory test.

Did that already, right after the build.  Memtest86+.

Also ran S-TUI stress for awhile.  Temps never got above 60C.

> Intel have been experiencing some instability

That's only affected their "K" and "S" series Raptor Lake CPUs.  I have an
i9-14900T.  And it's been seemingly a thermal issue, with the chips running
at 90-100C.

> I would prefer to start with a new, clean, working installation

Well that's what this is.  I just assembled the hardware, and just installed
Debian last night.

If I have the time, I may try that, i.e., "downgrade" to a new Debian 12.6.0
install to see if the instability returns.  But only after I've let the
current 6.1.99 kernel show its strength.


So, anyways, my question still is just what the subject line says.

Re: Was linux-image-6.1.0-22-amd64 spontaneously rebooting?

[Justin Piszcz]

On Fri, Aug 9, 2024 at 1:37 AM Mike  wrote:
>
> I just installed Debian 12.6.0 (from a Debian Live ISO image) on new server
> hardware.  On the way to getting it installed, it was suddenly rebooting.
> I even got so far as installing it and running "apt upgrade", when it
> rebooted again.
>
> Then that upgraded linux-image-6.1.0-22-amd64 to -23-.  So far, the system
> seems stable.  I'll let it run for awhile before I believe that.
>
> So the question is: Has there recently been such an issue with the -22-
> package?  It seems that there were a *lot* of changes from the upstream
> 6.1.94 to 6.1.99, so maybe something was repaired.
>
> I'm not sure what to doubt right now: the CPU (Intel's been having issues
> with Raptor Lake, but mine's a "T" series), the motherboard (may have been
> mishandled by the retailer), or Linux.
>
> This is an offbeat question, so I understand if I never get an answer.

I posted to this list awhile ago thinking my issues were related to
the stable kernel used by debian stable.  I was running into NVME
errors and seeing stack smashing errors, my i9-14900k began to fail:
https://forum.level1techs.com/t/debian-linux-stable-on-pro-ws-w680-ace-ipmi-application-segfaults-kernel-panic/212854/2

After RMA'ing the CPU with Intel and getting a new one, so far all of
the errors have resolved (for now..)

Not sure if your CPU is impacted but until I ran across the various
threads about the i9-13900/14900k (and some CPUs below are impacted as
well), it was very difficult to troubleshoot as this is the first CPU
I ever had that went bad.  As others have mentioned, start with memory
tests, test the NVME drives, try to rule out other things first.  Then
if everything else checks out OK, it may be worth focusing on
troubleshooting the CPU.

Justin

Re: Was linux-image-6.1.0-22-amd64 spontaneously rebooting?

[George at Clug]

Mike,

My thought would be to run a memory test.

Either download from the memtest86 web site, and make a bootable USB, or 
install the Debian memtest86+ package and then reboot and select memtest86+.

memtest86 has helped me a few times. Once with picking up mismatched RAM 
modules and one time with faulty RAM.

https://www.memtest.org/
Memtest86+ v6 is a unified, free, open-source memory testing tool, released 
under GNU GPL v2.0

There are still plenty of other sources that can cause the odd strange reboot.

If you can (e.g. have the free time, and maybe a different disk drive), maybe 
try another new installation? 

My main computer does it from time to time, but so infrequently, I still keep 
using it. I guess one day the computer will die, but until then...

I had heard that Intel have been experiencing some instability which has been 
of concern.

I will be curious what others may suggest, like using stress-ng or s-tui ?

https://support.system76.com/articles/hardware-failure/

FYI: To my knowledge, a new installation (when connected to the Internet) 
should result in a totally up to date system, such if you run "apt update && 
apt full-upgrade -y" afterwards, there should be no updates to apply.  Your 
comment "Then that upgraded linux-image-6.1.0-22-amd64 to -23-" does concern 
me, I would prefer to start with a new, clean, working installation, even if 
that means installing all over again.

George.



On Friday, 09-08-2024 at 15:09 Mike wrote:
> I just installed Debian 12.6.0 (from a Debian Live ISO image) on new server
> hardware.  On the way to getting it installed, it was suddenly rebooting.
> I even got so far as installing it and running "apt upgrade", when it
> rebooted again.
> 
> Then that upgraded linux-image-6.1.0-22-amd64 to -23-.  So far, the system
> seems stable.  I'll let it run for awhile before I believe that.
> 
> So the question is: Has there recently been such an issue with the -22-
> package?  It seems that there were a *lot* of changes from the upstream
> 6.1.94 to 6.1.99, so maybe something was repaired.
> 
> I'm not sure what to doubt right now: the CPU (Intel's been having issues
> with Raptor Lake, but mine's a "T" series), the motherboard (may have been
> mishandled by the retailer), or Linux.
> 
> This is an offbeat question, so I understand if I never get an answer.
> 
> M

Was linux-image-6.1.0-22-amd64 spontaneously rebooting?

[Mike]

I just installed Debian 12.6.0 (from a Debian Live ISO image) on new server
hardware.  On the way to getting it installed, it was suddenly rebooting.
I even got so far as installing it and running "apt upgrade", when it
rebooted again.

Then that upgraded linux-image-6.1.0-22-amd64 to -23-.  So far, the system
seems stable.  I'll let it run for awhile before I believe that.

So the question is: Has there recently been such an issue with the -22-
package?  It seems that there were a *lot* of changes from the upstream
6.1.94 to 6.1.99, so maybe something was repaired.

I'm not sure what to doubt right now: the CPU (Intel's been having issues
with Raptor Lake, but mine's a "T" series), the motherboard (may have been
mishandled by the retailer), or Linux.

This is an offbeat question, so I understand if I never get an answer.

Re: linux-image 6.9.7+bpo-amd6 installed without problem from backports this morning

[Keith Bainbridge]

On 4/8/24 09:31, Keith Bainbridge wrote:
I've seen that some recent kernel has had trouble so I thought I'd 
report some good news





Error

Update

My vboxdrv module has disappeared.   I don't have time this side of a 4 
week trip to try to sort it.   I'll look for help when I got home.I 
leave the laptop at home

--
All the best

Keith Bainbridge

keithr...@gmail.com
keith.bainbridge.3...@gmail.com
+61 (0)447 667 468

UTC + 10:00

linux-image 6.9.7+bpo-amd6 installed without problem from backports this morning

[Keith Bainbridge]

I've seen that some recent kernel has had trouble so I thought I'd 
report some good news




--
All the best

Keith Bainbridge

keithr...@gmail.com
keith.bainbridge.3...@gmail.com
+61 (0)447 667 468

UTC + 10:00

Re: why reliable linux hasn't gained more market share?

[John Hasler]

Children are taught in elementary school that computer == Windows.
-- 
John Hasler 
j...@sugarbit.com
Elmwood, WI USA

Re: why reliable linux hasn't gained more market share?

[tomas]

On Tue, Jul 30, 2024 at 10:44:37AM +0800, hlyg wrote:

[...]

> PS: i am aware that linux has more success in server market

... and the mobile market. Android is, on its underbelly, Linux
after all. So Linux might have the most installations out there,
I guess.

Not that Microsoft didn't try -- they even bought one big phone
manufacturer (Nokia) and killed [1] it in the process of trying
to ram Winphone down the people's throats (Sony paid its price
too). They failed miserably.

The downside of all of that is that it took another monster of
surveillance capitalism to float Linux on that platform, and that
this Linux is unfree in many other strange ways.

It's capitalism: it takes money to make money.

Cheers

[1] See Steven Elop if you want to have some spectacular corporate
   drama: https://en.wikipedia.org/wiki/Steven_Elop#CEO_of_Nokia

-- 
t


signature.asc
Description: PGP signature

Re: why reliable linux hasn't gained more market share?

[hlyg]

i realize i have asked hard question: why free OS hasn't beaten M$ in 
past 30 years? there's no easy answer, it requires years of experience 
in Windows and Linux


1st, programmers from proprietary software company are as clever as best 
from open source community. perhaps they are better organized, their gui 
is more consistent and smooth than linux's, comment by  Michael Grant


2nd, users that have intention to migrate to linux have already done so. 
in crowdstrike crisis, no one talk about replacing MS with linux. Andy 
Smith  point out that linux will have same problem if linux is used.


3rd, situation isn't favorable to linux, M$'s share is overwhelming, 
more users attract more developers, who write more apps, which attract 
more users. some apps run in Windows, not linux, making migration difficult


4th, price isn't decisive factor, switching cost is too high, learning 
to use M$'s applications takes significant time, effort, and training 
costs, few users are willing to switch away.


https://www.investopedia.com/terms/s/switchingcosts.asp

it's almost correct if Intuit is replaced by MS in web page above

it seems safe to bet that linux's share in desktop market won't change 
significantly in next 10 years.


PS: i am aware that linux has more success in server market

Re: Failed to boot on linux-image-4.19.0-27-cloud-amd64 under Xen 4.7

[DdB]

Am 25.07.2024 um 06:52 schrieb Sam Lander:
> Rackspace Xen 4.7 linux-image-4.19.0-26-cloud-amd64 works,
> linux-image-4.19.0-27-cloud-amd64 does not work.
FWIW: I do not use the *clowd* kernels, but the regular ones in my VM's:

>  uname -a
> Linux SuperServer 4.19.0-27-amd64 #1 SMP Debian 4.19.316-1 (2024-06-25) 
> x86_64 GNU/Linux

BTW: This is old-old-stable and is AFAICT out of maintenance. But it
does work well ln my end.

Failed to boot on linux-image-4.19.0-27-cloud-amd64 under Xen 4.7

[Sam Lander]

Summary
Rackspace Xen 4.7 linux-image-4.19.0-26-cloud-amd64 works,
linux-image-4.19.0-27-cloud-amd64 does not work.

I am running Buster on Rackspace inside a 1GB basic model VM
At the end of June, linux-image-4.19.0-27-cloud-amd64 was added as  a
security update
My unattended-upgrades script trusts security updates.
Upon its first reboot, the machine failed.

It is certain that: linux-image-4.19.0-26-cloud-amd64 work,
linux-image-4.19.0-27-cloud-amd64 does not.
choosing -27... (recovery mode) fails in an apparently identical fashion
(a screen grab of the console is attached. another line is written before
the crash, but I cannot read it)
this screengrab ends with "Last level dTLB entries: 4kb 512, 2MB 128, 4MB
64, 1GB 0"

I thought I should put a message here in case someone else suffers in the
same way. I do not have the skills to burrow further into the issue.

Here is dmesg for a -26- (working) boot, showing DMI: Xen HVM domU, BIOS
4.7 09/01/2021 and Xen version  4.7:
I have snipped it half a second after the dTLB line. I feel pretty sure the
-27- kernel fails within a few lines of th dTLB line, but of course,
hypervisors,  who knows?


[0.000000] Linux version 4.19.0-26-cloud-amd64 (
debian-ker...@lists.debian.org) (gcc version 8.3.0 (Debian 8.3.0-6)) #1 SMP
Debian 4.19.304-1 (2024-01-09)
[0.00] Command line: BOOT_IMAGE=/boot/vmlinuz-4.19.0-26-cloud-amd64
root=/dev/xvda1 ro vsyscall=emulate nosplash text biosdevname=0
net.ifnames=0 console=tty0 console=ttyS0,115200 earlyprintk=ttyS0,115200
consoleblank=0 systemd.show_status=true
[0.00] BIOS-provided physical RAM map:
[0.00] BIOS-e820: [mem 0x-0x0009dfff] usable
[0.00] BIOS-e820: [mem 0x0009e000-0x0009]
reserved
[0.00] BIOS-e820: [mem 0x000e-0x000f]
reserved
[0.00] BIOS-e820: [mem 0x0010-0x3fbf] usable
[0.00] BIOS-e820: [mem 0xfc00-0x]
reserved
[0.00] bootconsole [earlyser0] enabled
[0.00] NX (Execute Disable) protection: active
[0.00] SMBIOS 2.4 present.
[0.00] DMI: Xen HVM domU, BIOS 4.7 09/01/2021
[0.00] Hypervisor detected: Xen HVM
[0.00] Xen version 4.7.
[0.00] Xen Platform PCI: I/O protocol version 1
[0.00] Netfront and the Xen platform PCI driver have been compiled
for this kernel: unplug emulated NICs.
[0.00] Blkfront and the Xen platform PCI driver have been compiled
for this kernel: unplug emulated disks.
   You might have to change the root device
   from /dev/hd[a-d] to /dev/xvd[a-d]
   in your root= kernel command line option
[0.14] HVMOP_pagetable_dying not supported
[0.024709] tsc: Fast TSC calibration using PIT
[0.029406] tsc: Detected 2099.892 MHz processor
[0.032668] tsc: Detected 2100.028 MHz TSC
[0.034456] e820: update [mem 0x-0x0fff] usable ==> reserved
[0.039483] e820: remove [mem 0x000a-0x000f] usable
[0.039489] last_pfn = 0x3fc00 max_arch_pfn = 0x4
[0.046720] MTRR default type: write-back
[0.046723] MTRR fixed ranges enabled:
[0.046726]   0-9 write-back
[0.046727]   A-B write-combining
[0.046729]   C-F write-back
[0.046730] MTRR variable ranges enabled:
[0.046732]   0 base F000 mask F000 uncachable
[0.046734]   1 disabled
[0.046735]   2 disabled
[0.046736]   3 disabled
[0.046736]   4 disabled
[0.046737]   5 disabled
[0.046738]   6 disabled
[0.046739]   7 disabled
[0.046741] TOM2: 00084000 aka 33792M
[0.046841] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT

[0.060062] Using GB pages for direct mapping
[0.065871] RAMDISK: [mem 0x36375000-0x371b1fff]
[0.069947] ACPI: Early table checksum verification disabled
[0.073682] ACPI: RSDP 0x000EA020 24 (v02 Xen   )
[0.091540] ACPI: XSDT 0xFC00CF40 44 (v01 XenHVM
  HVML )
[0.100101] ACPI: FACP 0xFC00CC80 F4 (v04 XenHVM
  HVML )
[0.108466] ACPI: DSDT 0xFC0042A0 008956 (v02 XenHVM
  INTL 20150619)
[0.117871] ACPI: FACS 0xFC004260 40
[0.126807] ACPI: FACS 0xFC004260 40
[0.132844] ACPI: APIC 0xFC00CD80 D8 (v02 XenHVM
  HVML )
[0.148327] ACPI: HPET 0xFC00CED0 38 (v01 XenHVM
  HVML )
[0.161005] ACPI: WAET 0xFC00CF10 28 (v01 XenHVM
  HVML )
[0.175606] ACPI: Reserving FACP table memory at [mem
0xfc00cc80-0xfc00cd73]
[0.186395] ACPI: Reserving DSDT table memory at [mem
0xfc0042a0-0xfc00cbf5]
[0.190816] ACPI: Reserving FACS table memory at [mem
0xfc004260-0xfc00429f]
[0.210849] ACPI: Reserving FACS table memory at [mem
0xfc004260-0xfc00429f]

Kali Linux is not Debian - no support here [WAS Re: LINUX-IMAGE-6.8.11 headers cannot be installed]

[Andrew M.A. Cater]

On Wed, Jul 24, 2024 at 12:33:51PM +0200, Aleix Piulachs wrote:
> How do you install them and tell me the characteristics of your computer
> 
> El El mié, 17 jul 2024 a las 2:38, Greg Wooledge 
> escribió:
> 
> > On Tue, Jul 16, 2024 at 19:30:20 -, Prajnanaswaroopa wrote:
> > > Hello,
> > > I am using a Kali Linux
> >
> > https://www.google.com/search?q=kali+linux+support
> >
> >

Aleix,

That's not a Debian kernel version, potentially.

Kali Linux? We've tried to tell you - most of us don't run / have
never run Kali for any length of time.

Kali is based on snapshots of Debian testing and is specialised for
penetration testing and secxurity tasks. It includes many packages
that aren't necessarily in mainstream Debian - ahat makes you think
that this is an appropriate forum to keep asking similar questions
in a similar way?

Accordingly, we _cannot_ help you with Kali. You have been directed
to Kali forums and other sources: please use these or an Internet 
search engine to answer your queries.

All the very best, as ever,

Andy
(amaca...@debian.org)

Re: LINUX-IMAGE-6.8.11 headers cannot be installed

[Aleix Piulachs]

How do you install them and tell me the characteristics of your computer

El El mié, 17 jul 2024 a las 2:38, Greg Wooledge 
escribió:

> On Tue, Jul 16, 2024 at 19:30:20 -, Prajnanaswaroopa wrote:
> > Hello,
> > I am using a Kali Linux
>
> https://www.google.com/search?q=kali+linux+support
>
>

Re: why reliable linux hasn't gained more market share? [Dvorak]

[Russell L. Harris]

On Sun, Jul 21, 2024 at 07:55:29PM -0600, Shawn Jefferds wrote:
Your final statement makes me curious about learning Dvorak. 


Shawn Jefferds
??n ??f?rdz
Noli fovere canem ardentum

Vote Vader 2024!

On Sun, Jul 21, 2024, 11:37 Russell L. Harris  wrote:

   On Sun, Jul 21, 2024 at 04:48:19PM +0800, hlyg wrote:
   >
   >On 7/21/24 02:33, Russell L. Harris wrote:
   >>The same reasons the standard typewriter keyboard is QWERTY rather
   >>than Dvorak:
   >>
   >>= The precedent set by the first to market is powerful.
   >>
   >>= The influence of advertising upon a populace lacking in discernment
   >>and addicted to novelty is deadly.
   >>
   >>Add to that extortion and bribes and a compromised legal system.
   >>
   >>The QWERTY system was designed to slow down typists so as to reduce
   >>the problem of jamming of keys of a poorly-designed mechanism.
   >>
   >is it possible to remap keyboard to??Dvorak in X Window? does anyone
   >use it to speed up typing?
   >

   ISO published a Dvorak standard, but it was compromised, for the top
   (numeric) rows of keys were in the order 1234567890 .  Dvorak has the
   keys in the order 7531902468 .

   For several years now, Debian has offered both the bastardized ISO
   mapping ("US > Dvorak") and the original Dvorak arrangement ("US >
   Dvorak Classic").

   IBM manufactured a Selectric with the ISO Dvorak keyboard.  This was
   the original Selectric, not the Correcting Selectric II.

   Back when I ran Window$, one or two keyboard manufacturers (I seem to
   recall the name "Northgate") made Dvorak keyboards and even included a
   set of Dvorak keycaps.

   For me, a Macintosh guru changed the key mapping on a MacClassic to
   Dvorak.

   And long ago in Debian, with a bit of help, I managed to change the
   key mapping file to Dvorak.

   When in High School (A.D. 1963) I learned to type (QWERTY), the
   typewriters in the classroom had blank keycaps.  A layout chart was
   hung on the wall in the front of the room.  We learned to "touch
   type," and were able to reach 95 words per minute.

   I switched to Dvorak circa A.D. 1985, when I was given a project which
   required much typing.  I made learning Dvorak a matter of "swim or
   sink."  The first couple of weeks were painful, but within a month all
   was well.

   And when touch-typing, the labels on the keycaps do not matter.  All
   my keyboards are standard QWERTY.

   In an office environment, the guy using Dvorak with a keyboard labeled
   QWERTY has no worries about others messing with his computer.

   RLH



I always was a good typist, but before switching to Dvorak, I hated to
type numeric material.  But with the original Dvorak layout (in
Debian, Dvorak Classic) numbers are a joy.

Of course, with recent Debian systems, the keyboard mapping can
automatically change depending on the user, in which case the login
screen ought to be QWERTY; see SETTINGS MANAGER > KEYBOARD.

RLH

Re: why reliable linux hasn't gained more market share?

[Nicholas Geovanis]

On Sun, Jul 21, 2024, 10:03 AM Joe  wrote:

> 
>
> Basically, I think that with many more users, we would see more Windows
> users and they would be less secure in their habits. We've already seen
> this to some extent with Ubuntu. I don't think it's any more difficult
> to write a virus for Linux than for Windows, but the R number for such
> a virus, as epidemiologists would put it, would be very much less than
> one, so there's no point. No propagation. I think this would change,
> but this is of course just an opinion.
>

Linux servers are running headless in data centers, not on many desktops in
comparison. So the desktop set of intrusion vectors are not present on
them. Rarely does a human log into them, they're managed and usually
installed remotely using ansible, salt, CloudFormation on AWS, etc.
Software running on them answers requests at TCP ports, that's what they
do.

-- 
> Joe
>
>

Re: why reliable linux hasn't gained more market share? [Dvorak]

[Russell L. Harris]

On Sun, Jul 21, 2024 at 04:48:19PM +0800, hlyg wrote:


On 7/21/24 02:33, Russell L. Harris wrote:

The same reasons the standard typewriter keyboard is QWERTY rather
than Dvorak:

= The precedent set by the first to market is powerful.

= The influence of advertising upon a populace lacking in discernment
and addicted to novelty is deadly.

Add to that extortion and bribes and a compromised legal system.

The QWERTY system was designed to slow down typists so as to reduce
the problem of jamming of keys of a poorly-designed mechanism.

is it possible to remap keyboard to??Dvorak in X Window? does anyone 
use it to speed up typing?




ISO published a Dvorak standard, but it was compromised, for the top
(numeric) rows of keys were in the order 1234567890 .  Dvorak has the
keys in the order 7531902468 .

For several years now, Debian has offered both the bastardized ISO
mapping ("US > Dvorak") and the original Dvorak arrangement ("US >
Dvorak Classic").

IBM manufactured a Selectric with the ISO Dvorak keyboard.  This was
the original Selectric, not the Correcting Selectric II.

Back when I ran Window$, one or two keyboard manufacturers (I seem to
recall the name "Northgate") made Dvorak keyboards and even included a
set of Dvorak keycaps.

For me, a Macintosh guru changed the key mapping on a MacClassic to
Dvorak.

And long ago in Debian, with a bit of help, I managed to change the
key mapping file to Dvorak.

When in High School (A.D. 1963) I learned to type (QWERTY), the
typewriters in the classroom had blank keycaps.  A layout chart was
hung on the wall in the front of the room.  We learned to "touch
type," and were able to reach 95 words per minute.

I switched to Dvorak circa A.D. 1985, when I was given a project which
required much typing.  I made learning Dvorak a matter of "swim or
sink."  The first couple of weeks were painful, but within a month all
was well.

And when touch-typing, the labels on the keycaps do not matter.  All
my keyboards are standard QWERTY.

In an office environment, the guy using Dvorak with a keyboard labeled
QWERTY has no worries about others messing with his computer.

RLH

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Jeffrey Walton]

On Sun, Jul 21, 2024 at 12:19 PM Hans  wrote:
>
> I do not agree to this. Updates should be installed as soon as they are
> available. Especially security updates. It shows , that within 24 hours after
> the release of an update, an exploit is available for this security hole.

I think you may be conflating two different updates. The first is the
OS or application's updates for a vulnerability, and second is the
antivirus updates to detect an attack using the vulnerability.

The science tells us that most compromised servers happen long after
an exploit is disclosed and patched. The majority of compromises
happen after 90 days, and continue for years afterwards. Confer,
.

So a Patch Management program that tests the OS or application
vendor's updates within about two weeks is usually going to be Ok.
Since it is the OS vendor or application vendor, it might be Ok to be
very aggressive in applying the updates since the OS or application
vendor are the experts for their product. That covers the first case -
OS or application updates for a vulnerability.

The second case is trickier - detecting an attack using the
vulnerability. This is where antivirus comes into play. In my mind's
eye, antivirus companies are an externality/third party, and their
work needs to be tested even more than the OS or application. The
testing needs to be more thorough because the third party does not
have specialized knowledge of the organization or the OS or
application. Yet the third party will likely run with highest of
privileges, and violate a number of the tenets laid out by Saltzer and
Schroeder. Confer,
.

> But you should do it corrdectly, like some hospitals did: First check with a
> canary (a testserver or some unimportant server), then, when everything is
> working without any problems, roll it out to the rest of the servers.

Are the hospitals checking the OS or application updates; or are they
checking the antivirus updates?

> Waiting for some days is a very very bad idea!
>
> I admit, that many people do not so, because they are comfortable and this
> requires more work. But it is the correct way!
>
> And really: This is not a new knowledge, this practice is standard since years
> (or should be everywhere).
>
> If one think, he must not do it and rely on the manufacturer, well his
> decision. If it breaks, i have no pity for him.

Jeff

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Dan Ritter]

Stefan Monnier wrote: 
> >   - software updates that run as root (including Debian updates)
> > can run anything else as root
> 
> So, maybe a more relevant discussion is: what will happen when a Debian
> stable security update comes with a "big blunder" that crashes the most
> machines in early boot?
> 
> Admittedly, the wider variety of Debian installs might make the "most"
> above much less likely, but it's still something that can
> definitely happen.
> 
> What does Debian do to try and avoid that, and what do *we* (Debian
> users) do to try and mitigate that?


Testing is necessary but not sufficient. If you can afford to have a
spare machine or a spare VM that gets upgraded a few days before your
other machines do, and test the heck out of that.

At sufficient scale -- a scale which is within the reach of increasingly
many people as storage costs continue to reduce -- we can keep our own
mirrors of upstream.

-dsr-

Re: why reliable linux hasn't gained more market share?

[Anssi Saari]

hlyg  writes:

> why free OS hasn't gained more share even after 30 years of development?

But it has. The internet and what connects to it now mostly run Linux,
other than Microsoft's single niche. Mobile phones run a Linux
variant. The PC desktop is the only exception where they have
domination, anywhere else MS is an also-ran or nothing.

Microsoft was recently in near panic since they have nothing on mobile
and their main business (Windows + Office on PC desktops) is
shrinking. I guess they managed to compensate by becoming a cloud player
with Azure. Selling virtualized Linux now.

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[The Wanderer]

On 2024-07-20 at 22:07, Jeffrey Walton wrote:

> On Sat, Jul 20, 2024 at 9:46 PM The Wanderer 
> wrote:
> 
>> On 2024-07-20 at 09:19, jeremy ardley wrote:

>>> The problem is the Windows Systems Administrators who contracted
>>> for / allowed unattended remote updates of kernel drivers on
>>> live hardware systems. This is the height of folly and there is
>>> no recovery if it causes a BSOD.

>> All the sysadmins involved did is agree to let an
>> antivirus-equivalent utility update itself, and its definitions. I
>> would be surprised if this could not have easily happened with
>> *any* antivirus-type utility which has self-update capability; I'm
>> fairly sure all modern broad-spectrum antivirus-etc. suites on
>> Windows do kernel-level access in similar fashion. CrowdStrike just
>> happens to be the company involved when it *did* happen.
> 
> I was around when Symantec Antivirus did about the same to about
> half the workstations at the Social Security Administration. A
> definition file update blue screened about half the Windows NT 4.0
> and Windows 2000 hosts. That was about 50,000 machines, if I recall
> correctly.

There *is* a difference between this incident and that one, in the form
of the *scale* of the issue. But otherwise, yes, I've seen less-severe
breakages of this sort occur in the past as well.

>> That the sysadmins decided to deploy CrowdStrike does not make it 
>> reasonable to fault them for this consequence, any more than e.g.
>> if a gamer decided to install a game, and then the game required a
>> patch to let them keep playing, and that patch silently included
>> new/updated DRM which installed a driver which broke the system (as
>> I recall some past DRM implementations have reportedly done), it
>> would then be reasonable to fault the gamer. In neither case was
>> the consequence foreseeable from the decision.
> 
> Sysadmins don't make that decision in the Enterprise. That decision 
> was made above the lowly sysadmin's pay grade.

It does depend on the enterprise. In my organization, I'm fairly sure
the people who made the decision at least did so with informed input
from the sysadmins, including specifically the people who were
administering the existing antivirus solution (McAfee).

>>> The situation is recoverable if all the windows machines are
>>> virtual with a good backup/restore plan. The situation is not
>>> recoverable if the kernel updates are on raw iron running
>>> Windows.
>> 
>> The situation is trivially recoverable if you can get access to
>> the machine in a way which lets you either boot to safe mode and
>> get local-administrator access, or lets you boot an alternative
>> environment (e.g. live-boot media) from which you can read and
>> write to the hard drive.
> 
> I don't think it's trivial for some enterprises due to the sheer 
> number of machines and the remote workforce.

Yeah - after the fact it occurred to me that I hadn't specified that
what this is *not* is *automatable*, which has inevitable consequences
for the difficulty of scaling the solution out.

At most you could provide bootable media which would, when booted to,
fix the issue and reboot. (If you could set things up for that to be
available by PXE boot, and if you have everything configured to try PXE
booting first before booting locally, then maybe you could automate it
with nothing more than telling people to reboot any computer they see
affected? But even that type of solution has its limits.)

> I'm guessing the company I work for will spend the next week or month
> sorting things out. And the company is a medium size enterprise with
> about 30,000 employees. Imagine how bad it's going to be for an
> enterprise with 100,000 employees.

Oh, I can.

>> I've spent a fair chunk of my workday today going around to
>> affected computers and performing a variant of the latter process.
>> 
>> Once you've done that, the fix is simple: delete, or move out of
>> the way, a single file whose name claims that it's a driver. With
>> that file gone, you can reboot, and Windows will come up normally
>> without the bluescreen.
> 
> Unfortunately, I don't see this as scalable. It works fine for a
> small business with 100 employees, but not an enterprise.

My own organization has thousands of computers, something like 1000-3000
of which have CrowdStrike Falcon as their antimalware solution. The part
of our IT department which would typically be expected to handle the
client-side remediation of something like this (including making and
keeping appointments with remote workers who were impacted) is a maximum
of 16 people, and I believe we're currently working with two positions
empty.

That said, a *lot* of our CrowdStrike-using computers seem to have not
been affected; as far as I can tell, most of them were *off* for the
entire active-issue period, and so never received the problematic
update. Someone has estimated that only 8% of our total computers are
affected. (I don't know where they got the figure f

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Hans]

I do not agree to this. Updates should be installed as soon as they are 
available. Especially security updates. It shows , that within 24 hours after 
the release of an update, an exploit is available for this security hole.

But you should do it corrdectly, like some hospitals did: First check with a 
canary (a testserver or some unimportant server), then, when everything is 
working without any problems, roll it out to the rest of the servers.

Waiting for some days is a very very bad idea!

I admit, that many people do not so, because they are comfortable and this 
requires more work. But it is the correct way!

And really: This is not a new knowledge, this practice is standard since years 
(or should be everywhere).

If one think, he must not do it and rely on the manufacturer, well his 
decision. If it breaks, i have no pity for him.

Best

Hans
> At the very least, updates should be avoided for a few days after
> release, unless they are the exceeding rare 'Oh my God, patch this
> yesterday' kind, such as when the malware writers of the world realised
> that Windows MetaFiles could contain executables...
> 
> Small businesses cannot really do as you say, but any business large
> enough to have logistics problems in fixing all of their machines
> quickly should do so.

Re: why reliable linux hasn't gained more market share?

[The Wanderer]

On 2024-07-21 at 10:42, Joe wrote:

> On Sat, 20 Jul 2024 15:27:17 -0400 gene heskett
>  wrote:
> 
>> And even you Hans, leave out the major, all encompassing, reason
>> for the lack of market share, which is that most business that have
>> a computerized system to run things also value what their MBA
>> says. And since there is no one to sue to cover their personal butt
>> in case the system goes south like cloudflare has in the last 3
>> days, M$ & cloudflare are a brick and morter legal target they can
>> sic the legal team onto.
>> 
>> Their is essentially no one in the linux arena to sue if things go
>>  south, so it doesn't take more than an eighth grade education to
>> see why they won't ever recommend linux no matter how superior it
>> may be at the end of a P&L report.  They have to have someone to
>> sue.  Bill Shakespear said it best when he wrote "first, we kill
>> all the lawyers." But MBA's had not yet crawled out of the slime
>> schools yet, so he can't be blamed for not including MBA's when he
>> wrote that famous phrase.
> 
> It's a little bit more subtle than that. Debian offers exactly the
> same software warranty as MS or CloudStrike i.e. zilch. Larger
> businesses generally buy service contracts from middlemen, who are
> the ones who get sued. And so they should be if they have not
> provided, as part of their contract, quick and reliable recovery
> systems, and immediate response to emergency calls.
> 
> Overnight full backups would have solved this problem,

How? That is, how would they have eliminated the need to go touch each
computer in order to get it reverted to a state where it can be managed
by e.g. the systems which could restore from the most recent backup?

> and it would never have arisen if the system admins had disabled
> automatic updates and waited the customary few days before applying
> them manually, to see how many people screamed on the day of
> release. Quite a few, in this case.

While I agree that the admins of the CrowdStrike backend systems should
have done more testing before releasing this update to be deployed to
client endpoints in the wild, I have no reason to think that that
release is controlled by an "automatic updates" mechanism, nor that it
is the type of update which it is customary to wait before releasing.

For the admins of the endpoint systems which are running the CrowdStrike
Falcon sensor, it really depends on which kind of update this was. If
this was a new version of the sensor software itself, then there is
indeed a delay mechanism available, and in fact built in to the control
console for the software, and I fully expect that most people who
administer the software for the client enterprises are taking advantage
of it.

That new-version-delay mechanism lets sysadmins divide their endpoints
into groups, and decide which sensor version each group will run: the
latest, the next-to-latest, or the one before that. (You can even move
endpoints from one group to another, and see them change versions - even
potentially downgrading - within short order.) At my own workplace, we
have nearly everything set to "the one before that", i.e. two versions
prior to the current release - exactly in order to avoid being hit by
problems like this one.

In this case, however, the problematic update appears to have gone out
to *all sensor versions simultaneously*.

That tells me that rather than being an update to the sensor itself,
this almost has to have been an update to the *data files* used by the
sensor as it operates - the equivalent of a definition update, for other
common antivirus-type tools. With most such tools that I'm aware of,
those type of updates are typically released *daily*, and being even one
day behind can leave you vulnerable to a zero-day exploit.

I am not at all certain that there is any mechanism to disable
"automatic update" of that type of data, or even that there *should* be;
I am certainly not aware of any customary practice of waiting a few days
before deploying that type of update. Even if there is such a mechanism
and such a practice, the frequent releases and the potentially high
impact of a delay would seem to make it unreasonable for sysadmins to be
expected to make use of them.

(I've snipped the rest of what you wrote, as I have no particular
disagreement with any of it, and agree with some in ways that I don't
feel the need to express.)

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Richmond]

Dan Ritter  writes:

> Richmond wrote: 
>> Jeffrey Walton  writes:
>> 
>> Yes the updates should be tested at every stage. Maybe people think that
>> they cannot stop updates, but they can use Group Policy to stop Windows
>> Update. Or maybe they are afraid if they don't allow virus updates then
>> they will allow a virus?
>
> This wasn't Windows Update. This is more akin to Firefox's
> Mozilla-owned self-updating.
>

Windows Updates should be tested too. I worded what I said quite
carefully.

Re: why reliable linux hasn't gained more market share?

[Nicolas George]

Joe (12024-07-21):
> And the important phrase there is 'if you want to'. The point is that
> many people, especially those accustomed to running with admin
> privileges on their Windows computers, would continue to do that.

 No, they will not. They will continue to follow the system
default, whatever it is.

And once again, this is a waste of time because being root is not what
matters on a personal computer.

-- 
  Nicolas George

Re: why reliable linux hasn't gained more market share?

[Nicolas George]

Alain D D Williams (12024-07-21):
> I only needed root as it was for another user.

Exactly. On a computer with only one user account, once the pirate have
access to that account, they can do everything that matters. Including
spy the root password next time it is typed, but why waste the time when
everything profitable is already there.

The root account is important for multi-users systems and servers with
privilege separation of services.

Regards,

-- 
  Nicolas George

Re: why reliable linux hasn't gained more market share?

[Alain D D Williams]

On Sun, Jul 21, 2024 at 05:18:46PM +0200, Nicolas George wrote:

> And it does not matter, because on a personal computer the root account
> is not what matters, what matters is the user account where you can
> install a key logger and get banking credentials or encrypt all the data
> and ask for a ransom.

Which is one of the big problems with MS Windows -- telemetry - which can do
that. Also things like Recall (which only lasted a few weeks recently -
thankfully, but I fear will reappear in some form).

But web browsers are a big problem: Chrome logs all sort of stuff to Google
(but not keystrokes I think), MS Edge does likewise - which is why I stick to
Firefox.

But if you have root access it is easy, I did it on a Unix system V machine in
the late 1980s, a few minutes work. I only needed root as it was for another
user.

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT 
Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers. Registration Information: 
https://www.phcomp.co.uk/Contact.html
#include 

Re: why reliable linux hasn't gained more market share?

[Nicolas George]

Joe (12024-07-21):
> I accept what you say, the point I was making is that the more users,
> and they will be less IT-competent users, the more will login as root.

No, they will not.

And it does not matter, because on a personal computer the root account
is not what matters, what matters is the user account where you can
install a key logger and get banking credentials or encrypt all the data
and ask for a ransom.

Regards,

-- 
  Nicolas George

Re: why reliable linux hasn't gained more market share?

[Joe]

On Sat, 20 Jul 2024 22:13:00 +0200
Hans  wrote:

> > You missed one: Linux is virtually a virus-free environment, and a
> > large user base would mean many more people running as root, and it
> > would become worth the time of malware writers to target Linux.
> > Linux would become as virus-ridden as Windows.
> > 
> > It would also become a target for data harvesting, from which
> > Debian, at least, is refreshingly free. I have no doubt that MS
> > makes more money from user data sales than it does from sales of
> > domestic versions of Windows.  
> 
> I do not agree. This is an argument, i am often get confronted with.
> The more linux, the more malware? No, it isn't. See, linux is the
> most used OS in the server world. All important companies rely on it.
> EBay, Google, Amazon, and even Microsof. Its DNS running Linux.
> Cloudflare and others, too. 
> 
> So, these are really interesting targets, where you can really hurt
> lots of people. If linux would bre so easy to crack like Windows, the
> attackers would do. But it isn't. It is (mostly) secure by design. 
> 
> There are millions of "viruses" for Windows, but only a handfull of
> viruses (or rootkits) for linux. 
> 
> And think of OpenBSD: Only 2 security holes in more than 15 years.
> How many security holes got Windows in th elast 10-15 years? With all
> their money, which can buy any super, duper coder look at the result. 
> 
> No, I see it else. It can be done (OpenBSD is showing it). It is the
> arrogance of Microsoft (and many other companies). 
> 
> It is not the spread of Windows, it is theire bad quality what makes
> crackers attack this system. Low fruits, you know?
> 
> And there is another thing, that makes linux better: The developers
> want to write stable and secure software. It is theire joy and
> happiness. They do not mourn, when someone is telling a bug or a
> security hole. They are happy, to fix it. Making theire software,
> theire "baby" better. 
> 
> In market, the developers MUST do it, for them fixing software is
> just annoying and more work (for the same money). That is the
> differnce.
> 
> Note: I do not want to claim, linux developers are the better coders.
> But they are coding with theire heart. That makes the difference. 
> 
> It is not the spreading of software.
> 

I accept what you say, the point I was making is that the more users,
and they will be less IT-competent users, the more will login as root.
Windows still makes the first user an administrator, and it takes a bit
of fiddling to set up an unprivileged user and *always* *use* *it*.
It's inconvenient to keep entering the admin password (there's still no
sudo, as far as I know), so people prefer to run with admin privileges.
In most cases, nobody has ever told them why they shouldn't.

This never happens with Linux servers, and not usually with MS ones. I
spent a couple of years on the MS Small Business Server newsgroup,
before it went to web forum, and in every case of a server compromise
it turned out that the admin had been using the web from the server
console, obviously as an administrator. I tried to make this point over
and over, as did the more sensible regular contributors: don't surf the
web with admin privileges, and don't let your users do it.

Basically, I think that with many more users, we would see more Windows
users and they would be less secure in their habits. We've already seen
this to some extent with Ubuntu. I don't think it's any more difficult
to write a virus for Linux than for Windows, but the R number for such
a virus, as epidemiologists would put it, would be very much less than
one, so there's no point. No propagation. I think this would change,
but this is of course just an opinion.

-- 
Joe

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Stefan Monnier]

>   - software updates that run as root (including Debian updates)
> can run anything else as root

So, maybe a more relevant discussion is: what will happen when a Debian
stable security update comes with a "big blunder" that crashes the most
machines in early boot?

Admittedly, the wider variety of Debian installs might make the "most"
above much less likely, but it's still something that can
definitely happen.

What does Debian do to try and avoid that, and what do *we* (Debian
users) do to try and mitigate that?


Stefan

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Dan Ritter]

Richmond wrote: 
> Jeffrey Walton  writes:
> 
> Yes the updates should be tested at every stage. Maybe people think that
> they cannot stop updates, but they can use Group Policy to stop Windows
> Update. Or maybe they are afraid if they don't allow virus updates then
> they will allow a virus?

This wasn't Windows Update. This is more akin to Firefox's
Mozilla-owned self-updating.

Are we sufficiently far away from Debian now?

The relevant bits for Debian:

  - when you give root privileges to someone, they own your
computer

  - software updates that run as root (including Debian updates)
can run anything else as root

  - insiders and organizations you hire need to be part of your
security assessment

  - intentional and unintentional acts can do the same amount of
damage


-dsr-

-dsr-

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Richmond]

Jeffrey Walton  writes:

> This is alarming (to me) from the YC post:
>
> "we push software to your machines any time we want,
> whether or not it's urgent, without testing it" seems to be
> core to the model...
>
> Updates need to be tested inside an organization's lab, and then
> tested with a sampling of the organization's computers. Then, an
> organization is free to release the update to all machines. All of
> that has to happen in two weeks to 30 days.
>

Yes the updates should be tested at every stage. Maybe people think that
they cannot stop updates, but they can use Group Policy to stop Windows
Update. Or maybe they are afraid if they don't allow virus updates then
they will allow a virus?

Re: why reliable linux hasn't gained more market share?

[Nicholas Geovanis]

On Sun, Jul 21, 2024, 12:40 AM  wrote:

> On Sat, Jul 20, 2024 at 03:27:17PM -0400, gene heskett wrote:
>
> [...]
>
> > And even you Hans, leave out the major, all encompassing, reason for the
> > lack of market share, which is that most business that have a
> computerized
> > system to run things also value what their MBA says.  And since there is
> no
> > one to sue to cover their personal butt in case the system goes south
> like
> > cloudflare has in the last 3 days, M$ & cloudflare are a brick and morter
> > legal target they can sic the legal team onto.
>
> First: it wasn't cloudflare -- it was CrowdStrike (a sec firm, of all
> things!)
>
> Second: nobody's going to sue them. Guess what? The big ones have lawyers,
> lots of them. And their best protected tech is "law tech". They wouldn't
> be skimping on quality if it didn't pay off.
>
> Case in point: Solarwinds. 2020, they had a row of high-level attacks
> which knocked off their customer's customers (AFAIR, one third of
> Sweden's supermarkets had to close for three to four days, among many
> other things).
> They were sued for $26 million, that's it.
>

Every time I meet or work for someone who is still running SolarWinds
products (many many :-)  I remind them of this: SolarWinds' source-code
repositories were broken into, the source-code modified by the intruders,
and their changes checked back in like good software developers :-) Then
the corporation sent you that software and you paid for it.

How do you feel? Suppose that the same thing was done to the software in
your car? Would you drive it again? Or in the aircraft you will fly-in next
month? Would you take that plane?

Cheers
>
> [1]
> https://en.wikipedia.org/wiki/SolarWinds#2019%E2%80%932020_supply_chain_attacks
>
> --
> t
>

Re: why reliable linux hasn't gained more market share?

[George at Clug]

Contrary to popular belief, the QWERTY layout was not designed to slow the 
typist down, but rather to speed up typing. 

Indeed, there is evidence that, aside from the issue of jamming, placing 
often-used keys farther apart increases typing speed, because it encourages 
alternation between the hands.

https://en.wikipedia.org/wiki/QWERTY




On Sunday, 21-07-2024 at 18:54 Nicolas George wrote:
> hlyg (12024-07-21):
> > is it possible to remap keyboard to Dvorak in X Window?
> 
> Yes, of course.
> 
> https://letmegooglethat.com/?q=Debian+dvorak
> 
> >   does anyone use it
> > to speed up typing?
> 
> No, only to feel smug.
> 
> # Later experiments have shown that many keyboard designs, including some
> # alphabetical ones, allow very similar typing speeds to QWERTY and Dvorak
> # when typists have been trained for them, suggesting that Dvorak's
> # careful design principles may have had little effect because keyboard
> # layout is only a small part of the complicated physical activity of
> # typing.[19]
> 
> https://en.wikipedia.org/wiki/Dvorak_keyboard_layout
> 
> Regards,
> 
> -- 
>   Nicolas George
> 
> 

Re: why reliable linux hasn't gained more market share?

[Nicolas George]

hlyg (12024-07-21):
> is it possible to remap keyboard to Dvorak in X Window?

Yes, of course.

https://letmegooglethat.com/?q=Debian+dvorak

> does anyone use it
> to speed up typing?

No, only to feel smug.

# Later experiments have shown that many keyboard designs, including some
# alphabetical ones, allow very similar typing speeds to QWERTY and Dvorak
# when typists have been trained for them, suggesting that Dvorak's
# careful design principles may have had little effect because keyboard
# layout is only a small part of the complicated physical activity of
# typing.[19]

https://en.wikipedia.org/wiki/Dvorak_keyboard_layout

Regards,

-- 
  Nicolas George

Re: why reliable linux hasn't gained more market share?

[hlyg]

On 7/21/24 02:33, Russell L. Harris wrote:

The same reasons the standard typewriter keyboard is QWERTY rather
than Dvorak:

= The precedent set by the first to market is powerful.

= The influence of advertising upon a populace lacking in discernment
and addicted to novelty is deadly.

Add to that extortion and bribes and a compromised legal system.

The QWERTY system was designed to slow down typists so as to reduce
the problem of jamming of keys of a poorly-designed mechanism.

is it possible to remap keyboard to Dvorak in X Window? does anyone use 
it to speed up typing?

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Jeffrey Walton]

On Sun, Jul 21, 2024 at 2:15 AM Andy Smith  wrote:
>
> On Sun, Jul 21, 2024 at 10:28:28AM +0800, Bret Busby wrote:
> > Crowdstrike did not strike at Linux or BSD UNIX systems - only MS Windows
> > systems.
>
> Except that time just a few months ago when it *did* happen to
> Crowdstrike+Linux?
>
> https://news.ycombinator.com/item?id=41005936

This is alarming (to me) from the YC post:

"we push software to your machines any time we want,
whether or not it's urgent, without testing it" seems to be
core to the model...

Updates need to be tested inside an organization's lab, and then
tested with a sampling of the organization's computers. Then, an
organization is free to release the update to all machines. All of
that has to happen in two weeks to 30 days.

> Nothing in this story would be different if it was Linux deployed on
> those machines. And nothing would be different if Crowdstrike didn't
> exist, as some other equally useless vendor would be involved.
>
> There is a need to examine why companies are putting high privilege
> junk software on their machines. It's got nothing to do with Linux
> vs Windows.

Jeff

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Alain D D Williams]

On Sun, Jul 21, 2024 at 08:17:54AM +0800, jeremy ardley wrote:

> The CrowdStrike outage emulated the very thing it is alleged to protect
> against - a zero day exploit.

It was also a demonstration of a huge vulnerability. If $EvilActor were to get
an agent employed at CrowdStrike/whoever then they could take down a lot of
important infrastructure world wide. This could give them a great advantage if
done, for instance, just before they invade another country or something.

In a cynical moment on Friday I did wonder if this was a dry run.

Unfortunately I suspect that the lesson will not be learned and that most will
largely forget this before too long.

:-(

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT 
Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers. Registration Information: 
https://www.phcomp.co.uk/Contact.html
#include 

Re: why reliable linux hasn't gained more market share?

[Alain D D Williams]

On Sun, Jul 21, 2024 at 08:46:24AM +0800, jeremy ardley wrote:

> A plug for SELinux. It's been around for a long time. It was invented by the
> NSA for use by Government agencies but they kindly open sourced it and it's
> available on many Distros including Debian.
> 
> SELinux is a real pain to get right but when it finally works it's a
> tremendous security boost for internet facing systems.

+1

I use SELinux.

The documentation is awful - there are many different labels that are not
documented as to how they should be used. When there is an issue ausearch will
tell you what to do but not why, I have sometimes found that the recommendation
is wrong and that enabling something else is a better solution.

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT 
Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers. Registration Information: 
https://www.phcomp.co.uk/Contact.html
#include 

Re: why reliable linux hasn't gained more market share?

[tomas]

On Sat, Jul 20, 2024 at 03:27:17PM -0400, gene heskett wrote:

[...]

> And even you Hans, leave out the major, all encompassing, reason for the
> lack of market share, which is that most business that have a computerized
> system to run things also value what their MBA says.  And since there is no
> one to sue to cover their personal butt in case the system goes south like
> cloudflare has in the last 3 days, M$ & cloudflare are a brick and morter
> legal target they can sic the legal team onto.

First: it wasn't cloudflare -- it was CrowdStrike (a sec firm, of all
things!)

Second: nobody's going to sue them. Guess what? The big ones have lawyers,
lots of them. And their best protected tech is "law tech". They wouldn't
be skimping on quality if it didn't pay off.

Case in point: Solarwinds. 2020, they had a row of high-level attacks
which knocked off their customer's customers (AFAIR, one third of
Sweden's supermarkets had to close for three to four days, among many
other things).

They were sued for $26 million, that's it.

Cheers

[1] 
https://en.wikipedia.org/wiki/SolarWinds#2019%E2%80%932020_supply_chain_attacks

-- 
t


signature.asc
Description: PGP signature

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Andy Smith]

Hi,

On Sun, Jul 21, 2024 at 10:28:28AM +0800, Bret Busby wrote:
> Crowdstrike did not strike at Linux or BSD UNIX systems - only MS Windows
> systems.

Except that time just a few months ago when it *did* happen to
Crowdstrike+Linux?

https://news.ycombinator.com/item?id=41005936

Nothing in this story would be different if it was Linux deployed on
those machines. And nothing would be different if Crowdstrike didn't
exist, as some other equally useless vendor would be involved.

There is a need to examine why companies are putting high privilege
junk software on their machines. It's got nothing to do with Linux
vs Windows.

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Bret Busby]

On 21/7/24 10:07, Jeffrey Walton wrote:



All this points to an incompetent board. If someone's head is going to
be taken (figuratively), then it should start with the CEO and other
executives.



Yes.

But, the people who should be sacked, with loss of benefits, are the 
board members and the CEO's and the CIO's of the institutions - 
government departments and businesses, who were not running Linux or BSD 
UNIX instead of MS Windows.


Crowdstrike did not strike at Linux or BSD UNIX systems - only MS 
Windows systems.


..
Bret Busby
Armadale
West Australia
(UTC+0800)
..

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[Jeffrey Walton]

On Sat, Jul 20, 2024 at 9:46 PM The Wanderer  wrote:
>
> On 2024-07-20 at 09:19, jeremy ardley wrote:
>
> > On 20/7/24 18:35, George at Clug wrote:
> > [...]
> > The problem was not CrowdStrike as such. It happens in the best of
> > operations.
> >
> > The problem is the Windows Systems Administrators who contracted for
> > / allowed unattended remote updates of kernel drivers on live
> > hardware systems. This is the height of folly and there is no
> > recovery if it causes a BSOD.
> [...]
>
> All the sysadmins involved did is agree to let an antivirus-equivalent
> utility update itself, and its definitions. I would be surprised if this
> could not have easily happened with *any* antivirus-type utility which
> has self-update capability; I'm fairly sure all modern broad-spectrum
> antivirus-etc. suites on Windows do kernel-level access in similar
> fashion. CrowdStrike just happens to be the company involved when it
> *did* happen.

I was around when Symantec Antivirus did about the same to about half
the workstations at the Social Security Administration. A definition
file update blue screened about half the Windows NT 4.0 and Windows
2000 hosts. That was about 50,000 machines, if I recall correctly.

> That the sysadmins decided to deploy CrowdStrike does not make it
> reasonable to fault them for this consequence, any more than e.g. if a
> gamer decided to install a game, and then the game required a patch to
> let them keep playing, and that patch silently included new/updated DRM
> which installed a driver which broke the system (as I recall some past
> DRM implementations have reportedly done), it would then be reasonable
> to fault the gamer. In neither case was the consequence foreseeable from
> the decision.

Sysadmins don't make that decision in the Enterprise. That decision
was made above the lowly sysadmin's pay grade.

> > The situation is recoverable if all the windows machines are virtual
> > with a good backup/restore plan. The situation is not recoverable if
> > the kernel updates are on raw iron running Windows.
>
> The situation is trivially recoverable if you can get access to the
> machine in a way which lets you either boot to safe mode and get
> local-administrator access, or lets you boot an alternative environment
> (e.g. live-boot media) from which you can read and write to the hard
> drive.

I don't think it's trivial for some enterprises due to the sheer
number of machines and the remote workforce. I'm guessing the company
I work for will spend the next week or month sorting things out. And
the company is a medium size enterprise with about 30,000 employees.
Imagine how bad it's going to be for an enterprise with 100,000
employees.

> I've spent a fair chunk of my workday today going around to affected
> computers and performing a variant of the latter process.
>
> Once you've done that, the fix is simple: delete, or move out of the
> way, a single file whose name claims that it's a driver. With that file
> gone, you can reboot, and Windows will come up normally without the
> bluescreen.

Unfortunately, I don't see this as scalable. It works fine for a small
business with 100 employees, but not an enterprise.

> > Heads should roll but obviously won't
>
> What good would decapitation do, here?

I think it's a figure of speech; not a literal.

> At most, CrowdStrike's people are
> guilty of rolling out an insufficiently-tested update, or of designing a
> system such that it's too easy for an update to break things in this
> way, or that it's possible to break things in this way not with an
> actual new client version (which goes through a release cascade, with
> each organization deciding which of the most recent three versions each
> of their computers will get) but just with a data-files update (which,
> as we have seen here, appears to go out to all clients regardless of
> version).

At minimum, it is negligence.

> The first would be poor institutional practice; the others would be
> potentially-questionable software design, although it's hard to know
> without seeing the internal architecture of the software in question and
> understanding *why* it's designed that way.
>
> In either case, it's not obvious to me why decapitating a few scapegoats
> would *improve* the situation going forward, unless it can be determined
> that specific people were actually negligent.

The incident affected the company's share price. Shares were down $10
or $15. If the potential issues were not detailed in company
literature and prospectus, then the Securities and Exchange Commission
might get involved for misrepresenting risk and liabilities. There
could be big fines, and that will cost the shareholders more money.

All this points to an incompetent board. If someone's head is going to
be taken (figuratively), then it should start with the CEO and other
executives.

Jeff

Re: why reliable linux hasn't gained more market share?

[jeremy ardley]

On 21/7/24 07:28, Nicholas Geovanis wrote:
Again lacking data center experience? Every server in your data center 
that is outward-facing will be contacted by intruders on its open ports. 
That includes your Debian servers. If your apache server or application 
server running on Debian is vulnerable and open to outside, they will 
knock on your door. What happens _after_ that determines how vulnerable 
you are.


A plug for SELinux. It's been around for a long time. It was invented by 
the NSA for use by Government agencies but they kindly open sourced it 
and it's available on many Distros including Debian.


SELinux is a real pain to get right but when it finally works it's a 
tremendous security boost for internet facing systems.


It assumes, correctly, that your internet facing service will be 
compromised and the baddy will try to further the exploit. It's 
Permissive Action in that unless you specifically permit something to 
happen it won't. A web server trying to read any directories that aren't 
specified as valid by SELinux will be blocked. A web service trying to 
do any system calls not permitted by the policy will be blocked. A web 
server trying to send an email will be blocked. etc. etc.


Even better it logs every attempted breach so log monitors can identify 
anomalous behaviour in seconds if not milliseconds.


The philosophy of SELinux seems quite different to CrowdStrike

SElinux: "If I don't permit it, it won't happen"

CrowdStrike: "I permit eveything until I get an update to block 
something or I suspect something is dodgy"

Re: CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[jeremy ardley]

On 21/7/24 06:38, The Wanderer wrote:

The first would be poor institutional practice; the others would be
potentially-questionable software design, although it's hard to know
without seeing the internal architecture of the software in question and
understanding*why*  it's designed that way.

In either case, it's not obvious to me why decapitating a few scapegoats
would*improve*  the situation going forward, unless it can be determined
that specific people were actually negligent.


The CrowdStrike outage emulated the very thing it is alleged to protect 
against - a zero day exploit.


The difference is CrowdStrike has a far better distribution mechanism as 
all its victims willingly accepted it being put on their machines and 
willingly accepted automatic updates, each of which potentially could 
cause a failure.


Given the time delays in recovery and in many organisations reports of 
people having to drive to physical locations to reset machines there was 
clearly no effective mitigation or recovery plans in place.


There are ways to mitigate a zero day exploit such as Out-of-Band 
Management (OOBM) or Baseboard Management Controller (BMC) so at least 
the system can be recovered, at least remotely, and likely 
automatically. Alternatively services can run virtually and can be reset 
automatically by monitoring systems.


There is also the system design issues that even if the majority of 
systems are immune, key system failures will take down a network. Active 
Directory servers seem a particularly weak point.


So my point still stands. Those responsible for mitigation of 
faults/zero day exploits in many cases were negligent in their system 
and process design. Specifically they did not install hardware and 
software that could be remotely and automatically managed out of band 
and they provided essential services such as Active Directory on 
vulnerable hosts with often no easy way to recover them.


On a second level I do have to ask if CrowdStrike and equivalent 
reactive monitoring systems actually provide value? Yes, they reduce the 
time a zero day exploit has to be effective, but you have to assume 
there *will* be a serious exploit and you *will* lose functionality 
and/or data. Focusing on resilience of service, hardening of software, 
and management of data that even if stolen is of no value seems to be 
more useful.

Re: why reliable linux hasn't gained more market share?

[gene heskett]

On 7/20/24 16:45, debian-u...@howorth.org.uk wrote:

Andy Smith  wrote:

Hi,

On Sat, Jul 20, 2024 at 11:54:06AM +0800, hlyg wrote:

crowdstrike makes news headlines, many Windows become blue screens

it is evident that many people around still use Windows

i wonder if linux is more reliable than Windows


For this specific issue, if Linux were used at the same scale and
for the same purposes as these affected Windows machines, then a
similar issue would affect Linux sooner or later.

The reason why this is the case is that the current motivation for
the use of Crowdstrike's software on those Windows machines would
be exactly the same if they were Linux machines, and so these
companies would do the same thing with the same end result.

In fact, Crowdstrike already made a similar mistake earlier this
year with one of their Linux solutions which resulted in end user
machines having a kernel panic. Debian stable end user machines. So
there is no practical difference between Crowdstrike+Windows and
Crowdstrike+Linux.

 https://news.ycombinator.com/item?id=41005936

So then you might assume that the problem here is Crowdstrike's
incompetence and a better vendor would solve all problems. You would
be wrong, because the world is full to the brim with inept software
vendors and there is no real consequence for software failures.


It seems clear to me that what's needed is a change in the law. At the
moment here in the UK we have national news services explaining that
airline passengers won't be able to get compensation because the
'event' was outside the airline's control. That's clearly nonsense
since some airlines weren't affected so perhaps sense will eventually
prevail and the companies that have had problems will be held liable
for damages to their customers. But it would be better if they could
then sue Crowdstrike for installing the faulty update. (Perhaps they
can? I don't know, IANAL.) That might provide some incentive to improve
the systems and processes so problems like this don't occur again.

.
That bit of legaleze should have been addressed about the time NT3.51 
came out.  Maybe by now M$ would have been stung in the bank balance 
enough to have learned they will get caught out eventually. NT deleted 
the main OS library, and of coarse would not boot. I put the drive in 
another machine and poked around a bit, finally finding a file that was 
apparently part of the drives housekeeping but only called if a call to 
rand returned a certain date in the future which turned out to be about 
a day in the past. But it contained nothing in the way of a check to see 
if the file belonged to the os.  I called support, but had no 
registration for that copy because it was a bulk purchase by the 
network, and all the tv stations got was the machine pre-installed, the 
network had not given us the paper work. So I explained to M$ support 
and got called a pie rat by support. Screw M$ and the camel that rode in 
on them. I packed the drive in a padded box & handed it to the fedex 
driver. The network net guru reinstalled and overnighted it back. But 
while it was down, the lack of data to program our 7 meter C band dish 
cost us about 5k$ a day because we were not airing the commercials we 
were contracted to transmit.


So now you know why my hatred of M$ is very long term and incurable.

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[George at Clug]

On Sunday, 21-07-2024 at 08:38 The Wanderer wrote:
> On 2024-07-20 at 09:19, jeremy ardley wrote:
> 
> > On 20/7/24 18:35, George at Clug wrote:
> > 
> >> On Saturday, 20-07-2024 at 13:54 hlyg wrote:
> >> 
> >>> crowdstrike makes news headlines, many Windows become blue
> >>> screens
> >> 
> >> The CrowdStrike issue was not a Windows issue, it was a CrowdStrike
> >> issue.
> >> 
> >> The problem did not affect our Windows computers as we have not
> >> installed CrowdStrike software.
> >> 
> >> I think the media have a habit of over exaggerating things.
> > 
> > The problem was not CrowdStrike as such. It happens in the best of
> > operations.
> > 
> > The problem is the Windows Systems Administrators who contracted for
> > / allowed unattended remote updates of kernel drivers on live
> > hardware systems. This is the height of folly and there is no
> > recovery if it causes a BSOD.
> 
> Speaking as someone who administers (part of) a CrowdStrike Falcon
> deployment at my workplace, although I was not involved in selecting it
> and would not be able to decide to switch to something else: I do not
> believe this is a fair description of what happened.
> 
> CrowdStrike Falcon does not manage kernel drivers in general. It manages
> its own locally-installed client, which happens to include some
> kernel-level drivers. The update in this case does not appear to have
> actually modified any of those drivers; it appears to have added a new
> data file for use by such a driver, and those data files appear to be
> misleadingly named in such a way that they look like drivers.
> 
> (I have not confirmed that personally yet, although I have access to the
> files in question and intend to do so, but people who are more familiar
> with Windows drivers than I am have stated that the files in question do
> not comport with the binary file format used by Windows driver files.)
> 
> All the sysadmins involved did is agree to let an antivirus-equivalent
> utility update itself, and its definitions. I would be surprised if this
> could not have easily happened with *any* antivirus-type utility which
> has self-update capability; I'm fairly sure all modern broad-spectrum
> antivirus-etc. suites on Windows do kernel-level access in similar
> fashion. CrowdStrike just happens to be the company involved when it
> *did* happen.
> 
> That the sysadmins decided to deploy CrowdStrike does not make it
> reasonable to fault them for this consequence, any more than e.g. if a
> gamer decided to install a game, and then the game required a patch to
> let them keep playing, and that patch silently included new/updated DRM
> which installed a driver which broke the system (as I recall some past
> DRM implementations have reportedly done), it would then be reasonable
> to fault the gamer. In neither case was the consequence foreseeable from
> the decision.
> 
> > The situation is recoverable if all the windows machines are virtual
> > with a good backup/restore plan. The situation is not recoverable if
> > the kernel updates are on raw iron running Windows.
> 
> The situation is trivially recoverable if you can get access to the
> machine in a way which lets you either boot to safe mode and get
> local-administrator access, or lets you boot an alternative environment
> (e.g. live-boot media) from which you can read and write to the hard
> drive.
> 
> I've spent a fair chunk of my workday today going around to affected
> computers and performing a variant of the latter process.
> 
> Once you've done that, the fix is simple: delete, or move out of the
> way, a single file whose name claims that it's a driver. With that file
> gone, you can reboot, and Windows will come up normally without the
> bluescreen.
> 
> > Heads should roll but obviously won't
> 
> What good would decapitation do, here? At most, CrowdStrike's people are
> guilty of rolling out an insufficiently-tested update, or of designing a
> system such that it's too easy for an update to break things in this
> way, or that it's possible to break things in this way not with an
> actual new client version (which goes through a release cascade, with
> each organization deciding which of the most recent three versions each
> of their computers will get) but just with a data-files update (which,
> as we have seen here, appears to go out to all clients regardless of
> version).
> 
> The first would be poor institutional practice; the others would be
> potentially-questionable software design, although it's hard to know
> without seeing the internal architecture of the software in question and
> understanding *why* it's designed that way.
> 
> In either case, it's not obvious to me why decapitating a few scapegoats
> would *improve* the situation going forward, unless it can be determined
> that specific people were actually negligent.

Thanks Wanderer,

Please no 'decapitating', or I would have lost my head many years ago, and 
often (if that is possible).

Testing is important. Like 

Re: why reliable linux hasn't gained more market share?

[Nicholas Geovanis]

On Sat, Jul 20, 2024, 2:09 PM Joe  wrote:

>
> You missed one: Linux is virtually a virus-free environment, and a
> large user base would mean many more people running as root, and it
> would become worth the time of malware writers to target Linux. Linux
> would become as virus-ridden as Windows.
>

There is no reason for "many more people running as root" so I don't think
that's a valid point. Ubuntu is derived from Debian and Ubuntu eliminated
direct root login years ago. But you can do that easily with your own
Debian installation if you want to.

It would also become a target for data harvesting, from which Debian,
> at least, is refreshingly free.


Again lacking data center experience? Every server in your data center that
is outward-facing will be contacted by intruders on its open ports. That
includes your Debian servers. If your apache server or application server
running on Debian is vulnerable and open to outside, they will knock on
your door. What happens _after_ that determines how vulnerable you are.

-- 
> Joe
>
>

CrowdStrike and drivers (was Re: why reliable linux hasn't gained more market share?)

[The Wanderer]

On 2024-07-20 at 09:19, jeremy ardley wrote:

> On 20/7/24 18:35, George at Clug wrote:
> 
>> On Saturday, 20-07-2024 at 13:54 hlyg wrote:
>> 
>>> crowdstrike makes news headlines, many Windows become blue
>>> screens
>> 
>> The CrowdStrike issue was not a Windows issue, it was a CrowdStrike
>> issue.
>> 
>> The problem did not affect our Windows computers as we have not
>> installed CrowdStrike software.
>> 
>> I think the media have a habit of over exaggerating things.
> 
> The problem was not CrowdStrike as such. It happens in the best of
> operations.
> 
> The problem is the Windows Systems Administrators who contracted for
> / allowed unattended remote updates of kernel drivers on live
> hardware systems. This is the height of folly and there is no
> recovery if it causes a BSOD.

Speaking as someone who administers (part of) a CrowdStrike Falcon
deployment at my workplace, although I was not involved in selecting it
and would not be able to decide to switch to something else: I do not
believe this is a fair description of what happened.

CrowdStrike Falcon does not manage kernel drivers in general. It manages
its own locally-installed client, which happens to include some
kernel-level drivers. The update in this case does not appear to have
actually modified any of those drivers; it appears to have added a new
data file for use by such a driver, and those data files appear to be
misleadingly named in such a way that they look like drivers.

(I have not confirmed that personally yet, although I have access to the
files in question and intend to do so, but people who are more familiar
with Windows drivers than I am have stated that the files in question do
not comport with the binary file format used by Windows driver files.)

All the sysadmins involved did is agree to let an antivirus-equivalent
utility update itself, and its definitions. I would be surprised if this
could not have easily happened with *any* antivirus-type utility which
has self-update capability; I'm fairly sure all modern broad-spectrum
antivirus-etc. suites on Windows do kernel-level access in similar
fashion. CrowdStrike just happens to be the company involved when it
*did* happen.

That the sysadmins decided to deploy CrowdStrike does not make it
reasonable to fault them for this consequence, any more than e.g. if a
gamer decided to install a game, and then the game required a patch to
let them keep playing, and that patch silently included new/updated DRM
which installed a driver which broke the system (as I recall some past
DRM implementations have reportedly done), it would then be reasonable
to fault the gamer. In neither case was the consequence foreseeable from
the decision.

> The situation is recoverable if all the windows machines are virtual
> with a good backup/restore plan. The situation is not recoverable if
> the kernel updates are on raw iron running Windows.

The situation is trivially recoverable if you can get access to the
machine in a way which lets you either boot to safe mode and get
local-administrator access, or lets you boot an alternative environment
(e.g. live-boot media) from which you can read and write to the hard
drive.

I've spent a fair chunk of my workday today going around to affected
computers and performing a variant of the latter process.

Once you've done that, the fix is simple: delete, or move out of the
way, a single file whose name claims that it's a driver. With that file
gone, you can reboot, and Windows will come up normally without the
bluescreen.

> Heads should roll but obviously won't

What good would decapitation do, here? At most, CrowdStrike's people are
guilty of rolling out an insufficiently-tested update, or of designing a
system such that it's too easy for an update to break things in this
way, or that it's possible to break things in this way not with an
actual new client version (which goes through a release cascade, with
each organization deciding which of the most recent three versions each
of their computers will get) but just with a data-files update (which,
as we have seen here, appears to go out to all clients regardless of
version).

The first would be poor institutional practice; the others would be
potentially-questionable software design, although it's hard to know
without seeing the internal architecture of the software in question and
understanding *why* it's designed that way.

In either case, it's not obvious to me why decapitating a few scapegoats
would *improve* the situation going forward, unless it can be determined
that specific people were actually negligent.

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: why reliable linux hasn't gained more market share?

[hlyg]

Thank Clug and all that reply !

On 7/20/24 18:36, George at Clug wrote:


Do you think Windows is not reliable? Why is that?
Windows used to crash often, i rarely use it now, they say it's more 
stable these day

Do you use Linux yourself?

surely i use as this is debian user list

Have you tried to convincing any Windows users into moving to Linux?


no

many Chinese use pirated Windows, not affected by Crowdstrike issue

Windows has better support for Chinese, some Chinese distro might have 
good Chinese support, but i haven't tried them because debian has better 
reputation


more common reason for sticking with Windows is some apps don't run in 
Linux


i have thought desktop linux fare better in developed countries where 
ipr are better protected

Re: why reliable linux hasn't gained more market share?

[Nicolas George]

Andy Smith (12024-07-20):
> And yes here in the UK where we allowed the Post Office to pay
> billions to Fujitsu to develop the Horizon IT system that
> incorrectly accused hundreds of postmasters of fraud, resulting in
> criminal prosecutions and at least one case of suicide.

That was not a bug, that was a feature.

This kind of thing happens not because the industry is clumsy: all
industries are somewhat clumsy.

This kind of thing happens because politicians are perfectly to let a
clumsy industry handle people' lives. The scope statement probably
insisted more in avoiding false negatives than false positives.

Regards,

-- 
  Nicolas George

Re: why reliable linux hasn't gained more market share?

[Andy Smith]

Hi,

On Sat, Jul 20, 2024 at 09:44:52PM +0100, debian-u...@howorth.org.uk wrote:
> It seems clear to me that what's needed is a change in the law. At the
> moment here in the UK we have national news services explaining that
> airline passengers won't be able to get compensation because the
> 'event' was outside the airline's control. That's clearly nonsense
> since some airlines weren't affected so perhaps sense will eventually
> prevail and the companies that have had problems will be held liable
> for damages to their customers.

And yes here in the UK where we allowed the Post Office to pay
billions to Fujitsu to develop the Horizon IT system that
incorrectly accused hundreds of postmasters of fraud, resulting in
criminal prosecutions and at least one case of suicide.

Innocent people died and went to jail — lives were ended and ruined
— and there will be no real consequences for those people to blame.
We will be lucky to see any criminal prosecution of Post Office
management, if there are any they will be a joke, and absolutely
nothing will happen to the vendor Fujitsu UK.

There is still nothing stopping a Horizon IT incident on Linux.

So yes, agreed, the software industry needs to grow up and it's
pointless arguing for our tribe within it at this level.

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: why reliable linux hasn't gained more market share?

[debian-user]

Andy Smith  wrote:
> Hi,
> 
> On Sat, Jul 20, 2024 at 11:54:06AM +0800, hlyg wrote:
> > crowdstrike makes news headlines, many Windows become blue screens
> > 
> > it is evident that many people around still use Windows
> > 
> > i wonder if linux is more reliable than Windows  
> 
> For this specific issue, if Linux were used at the same scale and
> for the same purposes as these affected Windows machines, then a
> similar issue would affect Linux sooner or later.
> 
> The reason why this is the case is that the current motivation for
> the use of Crowdstrike's software on those Windows machines would
> be exactly the same if they were Linux machines, and so these
> companies would do the same thing with the same end result.
> 
> In fact, Crowdstrike already made a similar mistake earlier this
> year with one of their Linux solutions which resulted in end user
> machines having a kernel panic. Debian stable end user machines. So
> there is no practical difference between Crowdstrike+Windows and
> Crowdstrike+Linux.
> 
> https://news.ycombinator.com/item?id=41005936
> 
> So then you might assume that the problem here is Crowdstrike's
> incompetence and a better vendor would solve all problems. You would
> be wrong, because the world is full to the brim with inept software
> vendors and there is no real consequence for software failures.

It seems clear to me that what's needed is a change in the law. At the
moment here in the UK we have national news services explaining that
airline passengers won't be able to get compensation because the
'event' was outside the airline's control. That's clearly nonsense
since some airlines weren't affected so perhaps sense will eventually
prevail and the companies that have had problems will be held liable
for damages to their customers. But it would be better if they could
then sue Crowdstrike for installing the faulty update. (Perhaps they
can? I don't know, IANAL.) That might provide some incentive to improve
the systems and processes so problems like this don't occur again.

Re: why reliable linux hasn't gained more market share?

[Jeff Pang]

I would think linux is better as server OS due to reasons of security, 
performance and

Operability etc.

Once aol mail was running on windows. But now aol is merged into yahoo 
mail which was originally run on freebsd but now linux mostly.


And the initial hotmail was running on freebsd too IIRC. Thought MS 
bought it and changed its running environment to windows.


Google FB and many other huge players are using linux as server OS.



On 2024-07-20 21:57, Larry Martell wrote:

I’ve never owned a machine running windows in my life.


--
Jeff Pang
jeffp...@aol.com

Re: why reliable linux hasn't gained more market share?

[Andy Smith]

Hi,

On Sat, Jul 20, 2024 at 11:54:06AM +0800, hlyg wrote:
> crowdstrike makes news headlines, many Windows become blue screens
> 
> it is evident that many people around still use Windows
> 
> i wonder if linux is more reliable than Windows

For this specific issue, if Linux were used at the same scale and
for the same purposes as these affected Windows machines, then a
similar issue would affect Linux sooner or later.

The reason why this is the case is that the current motivation for
the use of Crowdstrike's software on those Windows machines would
be exactly the same if they were Linux machines, and so these
companies would do the same thing with the same end result.

In fact, Crowdstrike already made a similar mistake earlier this
year with one of their Linux solutions which resulted in end user
machines having a kernel panic. Debian stable end user machines. So
there is no practical difference between Crowdstrike+Windows and
Crowdstrike+Linux.

https://news.ycombinator.com/item?id=41005936

So then you might assume that the problem here is Crowdstrike's
incompetence and a better vendor would solve all problems. You would
be wrong, because the world is full to the brim with inept software
vendors and there is no real consequence for software failures.

I expect Crowdstrike's stock value to recover and for this incident
to be forgotten, but even if it isn't it doesn't really matter
because there is an infinite line of similar companies to step into
their clown shoes.

The state of the software supply chain on Linux is not any better
than on Windows, and it may even be worse. You don't notice because
Linux is extremely niche for everything but Internet services and we
don't often look outside our bubble.

We have nothing to be smug about.

To be clear I would never run anything like Crowdstrike on any
machine I had authority over, but my opinion does not change the
fact that demonstrably the majority of the market thinks
and acts differently. This event will not change that, either, but
if you had said, "people need to stop running software like this"
instead of "people need to run Linux", I would be able to agree with
you. Just saying "we need better software" isn't a very catchy
polemic though is it.

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: why reliable linux hasn't gained more market share?

[Hans]

> You missed one: Linux is virtually a virus-free environment, and a
> large user base would mean many more people running as root, and it
> would become worth the time of malware writers to target Linux. Linux
> would become as virus-ridden as Windows.
> 
> It would also become a target for data harvesting, from which Debian,
> at least, is refreshingly free. I have no doubt that MS makes more
> money from user data sales than it does from sales of domestic versions
> of Windows.

I do not agree. This is an argument, i am often get confronted with. The more 
linux, the more malware? No, it isn't. See, linux is the most used OS in the 
server world. All important companies rely on it. EBay, Google, Amazon, and 
even Microsof. Its DNS running Linux. Cloudflare and others, too. 

So, these are really interesting targets, where you can really hurt lots of 
people. If linux would bre so easy to crack like Windows, the attackers would 
do. But it isn't. It is (mostly) secure by design. 

There are millions of "viruses" for Windows, but only a handfull of viruses 
(or rootkits) for linux. 

And think of OpenBSD: Only 2 security holes in more than 15 years. How many 
security holes got Windows in th elast 10-15 years? With all their money, 
which can buy any super, duper coder look at the result. 

No, I see it else. It can be done (OpenBSD is showing it). It is the arrogance 
of Microsoft (and many other companies). 

It is not the spread of Windows, it is theire bad quality what makes crackers 
attack this system. Low fruits, you know?

And there is another thing, that makes linux better: The developers want to 
write stable and secure software. It is theire joy and happiness. They do not 
mourn, when someone is telling a bug or a security hole. They are happy, to 
fix it. Making theire software, theire "baby" better. 

In market, the developers MUST do it, for them fixing software is just 
annoying and more work (for the same money). That is the differnce.

Note: I do not want to claim, linux developers are the better coders. But they 
are coding with theire heart. That makes the difference. 

It is not the spreading of software.

Have fun!

Hans  

Re: why reliable linux hasn't gained more market share?

[gene heskett]

On 7/20/24 09:59, Hans wrote:

Hello,

well, the thing is: Do we really want to go to more market share?

Let's imagine, Debian becomes market relevant, what will happen? Sure, more
developers get paid, what is very nice. But not all developers will.

Many good developers will not be paid and when the market will rule things,
then many good developers will be pushed away or demoralied. Because it will
become common, that people will no more cherish theire work.

The development of a few people will be cherished, those, who create programs,
the market wants.

I am using linux since more than 30 years and it is impressive, what people
can do, when they can do, what they want and what they like.

And look at the quality, look, what has been created since the beginning. This
was only possible, because no market forced people, to do things the market
wants, not what the developers want.

I think, we all can be happy, that we are not dependent from any market, the
developers, because theire freedom and theire contentement is not been
deminished, and the users, who get very good and high qulitative software to
work with.

And if you really think, the more you spend, the better the software, you can
of course buy software only from the market.

Or, you can donate linux developers and/or distributors of your money.

Personally(!) I think, the second way is better, because I can speak directly
to developers, could (if I would be capable of) fix things myself together
with the developers and maybe can even ask him, to implenent some functions
especially for me.

All things, a market driven software will never offer.

So, I think, we can be happy, that linux (and debian) is not market relevant.
It will lose its freedom, its high quality and the joy of many people.

Sorry, if I did not always find the right expression, I am not native English.


And even you Hans, leave out the major, all encompassing, reason for the 
lack of market share, which is that most business that have a 
computerized system to run things also value what their MBA says.  And 
since there is no one to sue to cover their personal butt in case the 
system goes south like cloudflare has in the last 3 days, M$ & 
cloudflare are a brick and morter legal target they can sic the legal 
team onto.


Their is essentially no one in the linux arena to sue if things go 
south, so it doesn't take more than an eighth grade education to see why 
they won't ever recommend linux no matter how superior it may be at the 
end of a P&L report.  They have to have someone to sue.  Bill Shakespear 
said it best when he wrote "first, we kill all the lawyers." But MBA's 
had not yet crawled out of the slime schools yet, so he can't be blamed 
for not including MBA's when he wrote that famous phrase.


Best regards

Hans
  



.


Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: why reliable linux hasn't gained more market share?

[Joe]

On Sat, 20 Jul 2024 15:59:14 +0200
Hans  wrote:

> Hello,
> 
> well, the thing is: Do we really want to go to more market share?
> 
> Let's imagine, Debian becomes market relevant, what will happen?
> Sure, more developers get paid, what is very nice. But not all
> developers will.
> 
> Many good developers will not be paid and when the market will rule
> things, then many good developers will be pushed away or demoralied.
> Because it will become common, that people will no more cherish
> theire work.
> 
> The development of a few people will be cherished, those, who create
> programs, the market wants. 
> 
> I am using linux since more than 30 years and it is impressive, what
> people can do, when they can do, what they want and what they like. 
> 
> And look at the quality, look, what has been created since the
> beginning. This was only possible, because no market forced people,
> to do things the market wants, not what the developers want.
> 
> I think, we all can be happy, that we are not dependent from any
> market, the developers, because theire freedom and theire
> contentement is not been deminished, and the users, who get very good
> and high qulitative software to work with.
> 
> And if you really think, the more you spend, the better the software,
> you can of course buy software only from the market. 
> 
> Or, you can donate linux developers and/or distributors of your
> money. 
> 
> Personally(!) I think, the second way is better, because I can speak
> directly to developers, could (if I would be capable of) fix things
> myself together with the developers and maybe can even ask him, to
> implenent some functions especially for me.
> 
> All things, a market driven software will never offer. 
> 
> So, I think, we can be happy, that linux (and debian) is not market
> relevant. It will lose its freedom, its high quality and the joy of
> many people.
> 
> Sorry, if I did not always find the right expression, I am not native
> English.
> 

You missed one: Linux is virtually a virus-free environment, and a
large user base would mean many more people running as root, and it
would become worth the time of malware writers to target Linux. Linux
would become as virus-ridden as Windows.

It would also become a target for data harvesting, from which Debian,
at least, is refreshingly free. I have no doubt that MS makes more
money from user data sales than it does from sales of domestic versions
of Windows.

-- 
Joe

Re: why reliable linux hasn't gained more market share?

[Russell L. Harris]

The same reasons the standard typewriter keyboard is QWERTY rather
than Dvorak:

= The precedent set by the first to market is powerful.

= The influence of advertising upon a populace lacking in discernment
and addicted to novelty is deadly.

Add to that extortion and bribes and a compromised legal system.

The QWERTY system was designed to slow down typists so as to reduce
the problem of jamming of keys of a poorly-designed mechanism.

Much of the evil in the world is due to the unbridled pursuit of
money:

For the love of money is the root of all sort of evil: which while some
coveted after, they have erred from the faith, and pierced themselves
through with many sorrows. - I Timothy 6:10

RLH

Re: why reliable linux hasn't gained more market share?

[Nicholas Geovanis]

On Sat, Jul 20, 2024, 12:16 AM  wrote:

> On Sat, Jul 20, 2024 at 02:45:37PM +1000, David wrote:
> > On Sat, 2024-07-20 at 11:54 +0800, hlyg wrote:
>
> [...]
>
> > > why free OS hasn't gained more share even after 30 years of
> > > development?
> >
> > Because people don't have it hammered into them via the educational
> > formats, it doesn't come preinstalled on almost every computer you buy:
> > offered as the only option, Linux isn't advertised, and probably never
> > will be.
>

Both writers are ignoring the places where the vast majority of Linux
images run:
The corporate data center.
Linux rules the corporate data center and cloud these days. Not so much
Debian there but plenty of Ubuntu and Red Hat/fedora/CentOS.

All of them good factors. I may add yet another: because in the current
> economic ideology, investing in things seems preferrable than investing
> in people --


Any "capital good" like a semi-tractor or a corporate server and the
software on it is "depreciated": We pretend that it lost 6% or more of its
value each year, and we let the corporation write that "loss" off its taxes.

But I'm not allowed to do the same with my car or with the Dell Poweredge
R710 sitting next to me that used to live in the world's largest data
center.

This isn't really ideology except where ideology permits tax cheats to
thrive. Capitalism does that for tax cheats who have power and wealth, not
so much for those who dont.

and Windows (and MacOS) were marketed as "can be administered
> by anyone". Which, of course, as often in marketing, is a lie.
>
> Cheers
> --
> t
>

Re: why reliable linux hasn't gained more market share?

[Hans]

Which is not quite correct. As a hamradio (I am one), you are allowed to 
develop your very owh rf-devices. Transceivers, measure equipment, whatever 
you like.

Many things, we are using today in consumer devices are first developed by 
radio amateurs (example shorthand "packet radio", which is data over hf).

When you have a radio amateur license, you can do lots of things in the air. 
Sure, there are regulations, you are not allowed to transmit anywhere and your 
transmit power is reduced to 750W, but this does not technical restrict you.

Hamradio is the freedom in the air, you have in coding in linux. Also here are 
some rules (GPL, ethicness, kindness whatever), but those do not techniocal 
restrict you in any way.

Best regards

Hans   

> Which the current rules for such does not allow, by FCC edicts, only
> sealed FCC approved blobs are allowed to play in the rf field.
> So don't blame the coders, blame the regukatory agencies.
> 
> > Regards,
> 
> Cheers, Gene Heskett, CET.

Re: why reliable linux hasn't gained more market share?

[gene heskett]

On 7/20/24 09:58, Larry Martell wrote:

I’ve never owned a machine running windows in my life.
I've owned one. I needed a lappy I could use with a gps for roadmap, had 
the then new XP on it, cleared the disk a week later and put mandrake on 
it because XP had no drivers that could run the broadcom radio in it, 
should have been a free module update from hp. I don't think that 20 
years later there has ever been a driver for that particular radio that 
Just Works. The lappy has long since suicided. Typical hp chinese 
sourced stuff even before they sold it all to lenovo.


Now there are around 10 linux installs here, half running armbian, they 
get better uptimes than x86-64's.


Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: why reliable linux hasn't gained more market share?

[Nicolas George]

gene heskett (12024-07-20):
> > If they were, you'd have support for software-defined radio signal
> > processing in FFmpeg, for example.
> Which the current rules for such does not allow, by FCC edicts, only sealed
> FCC approved blobs are allowed to play in the rf field.
> So don't blame the coders, blame the regukatory agencies.

signal processing ≠ emitting

-- 
  Nicolas George

Re: why reliable linux hasn't gained more market share?

[George at Clug]

On Saturday, 20-07-2024 at 23:59 Hans wrote:
> Hello,
> 
> well, the thing is: Do we really want to go to more market share?
> 
> Let's imagine, Debian becomes market relevant, what will happen? Sure, more 
> developers get paid, what is very nice. But not all developers will.
> 
> Many good developers will not be paid and when the market will rule things, 
> then many good developers will be pushed away or demoralied. Because it will 
> become common, that people will no more cherish theire work.
> 
> The development of a few people will be cherished, those, who create 
> programs, 
> the market wants. 
> 
> I am using linux since more than 30 years and it is impressive, what people 
> can do, when they can do, what they want and what they like. 
> 
> And look at the quality, look, what has been created since the beginning. 
> This 
> was only possible, because no market forced people, to do things the market 
> wants, not what the developers want.
> 
> I think, we all can be happy, that we are not dependent from any market, the 
> developers, because theire freedom and theire contentement is not been 
> deminished, and the users, who get very good and high qulitative software to 
> work with.
> 
> And if you really think, the more you spend, the better the software, you can 
> of course buy software only from the market. 
> 
> Or, you can donate linux developers and/or distributors of your money. 
> 
> Personally(!) I think, the second way is better, because I can speak directly 
> to developers, could (if I would be capable of) fix things myself together 
> with the developers and maybe can even ask him, to implenent some functions 
> especially for me.
> 
> All things, a market driven software will never offer. 
> 
> So, I think, we can be happy, that linux (and debian) is not market relevant. 
> It will lose its freedom, its high quality and the joy of many people.

Hans, I find much wisdom in your above statement regards 'freedom', thank you, 
George.

> 
> Sorry, if I did not always find the right expression, I am not native English.
> 
> Best regards
> 
> Hans  
>  
> 
> 
> 

Re: why reliable linux hasn't gained more market share?

[gene heskett]

On 7/20/24 04:28, Nicolas George wrote:

hlyg (12024-07-20):

Thank David! market share is important though it isn't "reliable
recommendation for quality": more users attract more programmers, who
develop more apps,


The programmers who are attracted by market share are not necessarily
the ones who are interested in developing quality and/or innovative
software, though.

If they were, you'd have support for software-defined radio signal
processing in FFmpeg, for example.

Which the current rules for such does not allow, by FCC edicts, only 
sealed FCC approved blobs are allowed to play in the rf field.

So don't blame the coders, blame the regukatory agencies.


Regards,



Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: why reliable linux hasn't gained more market share?

[Hans]

Hello,

well, the thing is: Do we really want to go to more market share?

Let's imagine, Debian becomes market relevant, what will happen? Sure, more 
developers get paid, what is very nice. But not all developers will.

Many good developers will not be paid and when the market will rule things, 
then many good developers will be pushed away or demoralied. Because it will 
become common, that people will no more cherish theire work.

The development of a few people will be cherished, those, who create programs, 
the market wants. 

I am using linux since more than 30 years and it is impressive, what people 
can do, when they can do, what they want and what they like. 

And look at the quality, look, what has been created since the beginning. This 
was only possible, because no market forced people, to do things the market 
wants, not what the developers want.

I think, we all can be happy, that we are not dependent from any market, the 
developers, because theire freedom and theire contentement is not been 
deminished, and the users, who get very good and high qulitative software to 
work with.

And if you really think, the more you spend, the better the software, you can 
of course buy software only from the market. 

Or, you can donate linux developers and/or distributors of your money. 

Personally(!) I think, the second way is better, because I can speak directly 
to developers, could (if I would be capable of) fix things myself together 
with the developers and maybe can even ask him, to implenent some functions 
especially for me.

All things, a market driven software will never offer. 

So, I think, we can be happy, that linux (and debian) is not market relevant. 
It will lose its freedom, its high quality and the joy of many people.

Sorry, if I did not always find the right expression, I am not native English.

Best regards

Hans  
 

Re: why reliable linux hasn't gained more market share?

[Larry Martell]

I’ve never owned a machine running windows in my life.

Re: why reliable linux hasn't gained more market share?

[jeremy ardley]

On 20/7/24 18:35, George at Clug wrote:

On Saturday, 20-07-2024 at 13:54 hlyg wrote:
 > crowdstrike makes news headlines, many Windows become blue screens

The CrowdStrike issue was not a Windows issue, it was a CrowdStrike issue.

The problem did not affect our Windows computers as we have not 
installed CrowdStrike software.


I think the media have a habit of over exaggerating things.


The problem was not CrowdStrike as such. It happens in the best of 
operations.


The problem is the Windows Systems Administrators who contracted for / 
allowed unattended remote updates of kernel drivers on live hardware 
systems. This is the height of folly and there is no recovery if it 
causes a BSOD.


The situation is recoverable if all the windows machines are virtual 
with a good backup/restore plan. The situation is not recoverable if the 
kernel updates are on raw iron running Windows.


Heads should roll but obviously won't

Re: why reliable linux hasn't gained more market share?

[Jeff Pang]

My reason to keep windows is that I can’t play Starcraft under Linux.

--
Jeff Pang
jeffp...@aol.com

Re: why reliable linux hasn't gained more market share?

[Michel Verdier]

On 2024-07-20, Michael Kjörling wrote:

> On 20 Jul 2024 16:57 +0800, from hlyg2...@outlook.com (hlyg):
>> statistics about market share might come from web servers and game servers,
>> they know how many users use linux and Windows.
>
> No. They at most can know what platform user agents report.

There is also some web server surveys with some stats. For exemple
https://www.netcraft.com/blog/june-2024-web-server-survey/
where you see that apache and nginx are clearly leaders.

I also read bind reaches 60% (80% ?) of dns servers, but I failed to
retrieve my source.

Re: why reliable linux hasn't gained more market share?

[Michel Verdier]

On 2024-07-20, Michael Grant wrote:

> OpenOffice is quite featureful, it is not 100% bug for bug compatible with
> real MS Office products.

I failed to read an old version word file on a newer word. And succeed
with libreoffice. So yes it's not 100% bug compatible :)

> choices.  There is no clear single choice.   And then there's the different
> packaging systems...

Differences and choices are a good thing for evolution

> 4) I've not see a single X-windows based desktop that looked as slick and as
> polished as modern Windows or MacOS.  Everything seems to just look and work
> more clunkily and a bit slower.

You don't search the right place. Better than windows and macos exists and
works much better.

> 6) Support.  Who does the non-technical user go to for tech support?

I never found a *free* windows support. I got much for debian :)

But I stop here for this so obvious disinformation troll. Same thing for
George at Clug.

Re: why reliable linux hasn't gained more market share?

[Michael Kjörling]

On 20 Jul 2024 16:57 +0800, from hlyg2...@outlook.com (hlyg):
> statistics about market share might come from web servers and game servers,
> they know how many users use linux and Windows.

No. They at most can know what platform user agents report.

Which isn't necessarily the same thing at all.

-- 
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Re: why reliable linux hasn't gained more market share?

[Michael Kjörling]

On 20 Jul 2024 17:25 +0800, from jeremy.ard...@gmail.com (jeremy ardley):
>> A lot of paid-for programmer time isn't necessarily for what the
>> individual programmer_wants_  to do. If one's employer dictates that
>> their products should support Mac OS and Windows, for example, then
>> there's usually little that a programmer, no matter how motivated, can
>> do to extend that support to include Linux; especially if the product
>> in question is heavily dependent on OS-specific APIs.
> 
> There are plenty of applications that run O/S agnostic.

Yes. And there are plenty of (quite possibly a far larger number of)
applications which require one of a small set of particular operating
systems, especially once you get into specialized expert tools; and
even people who need those particular applications for their
day-to-day work, and who _can't_ easily switch to an alternative
implementation of the same general concept.

That there exist counterexamples doesn't help those who _need_ to run
applications which don't run well - or at all - under Linux.

And it puts quite a lot of people off to be told "just switch to an
open-source alternative, it's easy" when they mention that their
day-to-day use requires _particular, specific_ applications which are
only available for proprietary operating systems; often without even
naming them or what those applications do, sometimes because they are
so specialized that few outside of some specialized field would even
recognize the name, much less be able to intelligently suggest
alternatives.

Don't get me wrong; I advocate for Free alternatives where those are
reasonable. Most people don't actually need specialized tools, and for
a large subset of those who do, reasonable alternatives _do_ indeed
exist. But quite a few do need specific tools that _aren't_
cross-platform, and failing to recognize that reflects poorly on
_everyone_.

-- 
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

why reliable linux hasn't gained more market share?

[DdB]

Am 20.07.2024 um 05:54 schrieb hlyg:
> why free OS hasn't gained more share even after 30 years of development?

I want to kickoff by reminding, that WHY questions are rarely useful, it
is what small kidz are asking, when they want to learn, how to argue
with adults. ;-)

But approaching the topic some more, let me add:
As a former developer, i came to linux quite late, and although my
willingness to learn was huge, i found it not exactly easy to switch. At
least, i can say: "I do not regret a single bit following my decision to
change, and i can do more things now, than what i could do at the time
with an MS OS.

But it is also true, that i just spoke with an old friend (aged 75+) who
is quite desperate about new ways of windows/Bing and the upcoming
launch of a new version. Honestly, i did not dare recommending linux to
him, because that would make me a full time supporter for years to come,
as he fails to show ownership of his decisions. He really just surfes
the web and uses email at times, but ... his thinking about how
computers _should_ work feels somewhat out of sync with reality.

just my 2 cents, DdB

Re: Re[2]: why reliable linux hasn't gained more market share?

[George at Clug]

Well said, Michael.

On Saturday, 20-07-2024 at 20:19 Michael Grant wrote:
> My opinions only...
> 
> 1) MS Office (Word/Excel/PPT/etc) has never been available for 
> Unix/Gnu-Linux.  Word and Excel have long been 2 apps users require.  
> Not OpenOffice.  While OpenOffice is quite featureful, it is not 100% 
> bug for bug compatible with real MS Office products.  Similar for 
> Outlook vs say Thunderbird with respect to the way Outlook is integrated 
> into the MS universe.
> 
> 2) Windows vs Unix/Gnu-Linux, Windows is a single operating system.  
> Whereas on the Unix/Gnu-Linux side you have so many choices it's 
> overwhelming.  Different distros, you have several pure Unix variants, 
> multiple Linux variants for the underlying OS and then you have 
> X-Windows with it's myriad of choices.  There is no clear single choice. 
>   And then there's the different packaging systems...
> 
> 3) X-Windows, though as cool as it is to be able to run things remotely 
> and display them locally, this is rarely used--most individual users 
> will never use that functionality.  Aside from that, X-windows is an 
> unmitigated disaster from a UX perspective.  X's original underlying 
> programming interface left it up to the programmer to do everything.  
> This caused every early programs to look and work differently without 
> any consistency.  To fix this, toolkits came along and along with the 
> toolkits came the toolikit wars and then the window manager wars and 
> then the wars between Gnome and KDE and other desktops (desktop wars?).  
>   Even multiple ways copypaste works.  From a user point of view nothing 
> is consistent across all apps on Unix/Gnu-Linux and X-Windows.  All of 
> this has kept Unix/Gnu-Linux and X in the "geek space".
> 
> 4) I've not see a single X-windows based desktop that looked as slick 
> and as polished as modern Windows or MacOS.  Everything seems to just 
> look and work more clunkily and a bit slower.  This is very much my 
> aesthetic opinion, I know.  Things like consistent font sizes and icons 
> and their proportion and slickness.  All very subjective I realize but 
> in my opinion, this too has made the difference.  The "wow" factor just 
> isn't there.  There isn't even a single approximate "look and feel" to a 
> graphical UI on top of all Unix/Gnu-Linux systems that one could point 
> to, though some are more popular than others.
> 
> There have been efforts to standardize things in the Unix space like 
> Posix and The Open Group but again, without a single consistent user 
> paradigm.  The people in this space have rallied around choice and not 
> trying to get programmers to write to one standard but let programmers 
> create.  I have sat on Posix committees and the standards that got 
> written were to include everything rather than narrow it down to the 
> best thing to do.  Many people have told me over the years that they 
> really appreciate the diversity of the way applications work under X 
> windows, that each one has a different UX, some with scroll bars on 
> left, some on right by default, some square buttons, some rounded, 
> nothing the same from one to the next.  This "wild wild west" approach 
> has kept Unix/Gnu-Linux from being more mainstream.
> 
> 5) There is less main stream software available for Unix/Gnu-Linux.  As 
> mentioned above the MS tools suite.  Most of the Adobe tools like 
> Photoshop.  Financial tools like Quicken.  Some of these things have 
> moved to online web-based tools.  Web based MS Office tools are 
> definitely not the same as the real ones though.  You can argue that 
> there's a replacement for almost every tool like Gimp for Photoshop but 
> it's not Photoshop.  Most photographers have heard of or used Photoshop, 
> but not many know or know about Gimp.  These are just a few examples, 
> there are many others.  This effect has a knock-on effect of lower 
> uptake for Unix/Gnu-Linux.
> 
> 6) Support.  Who does the non-technical user go to for tech support?
> 
> Since the Unix/Gnu-Linux OS and windowing tools were developed all over 
> the place, not in some walled garden of Microsoft or Apple, this is why 
> all this competing and inconsistency has occurred.  It's great that we 
> have Unix/Gnu-Linux don't get me wrong.  I'm just giving you my opinion 
> of the history of why a single Unix or Gnu-Linux system has never had 
> the same uptake as Windows or MacOS has.
> 
> So some mainstream things ARE Unix/Gnu-Linux... MacOS is Unix based, or 
> at least Mach which has it's lineage from Unix, so there's a mainstream 
> Unix based OS.  But you can't just run MacOS things on anything othe

Re: why reliable linux hasn't gained more market share?

[George at Clug]

On Saturday, 20-07-2024 at 13:54 hlyg wrote:
> crowdstrike makes news headlines, many Windows become blue screens

The CrowdStrike issue was not a Windows issue, it was a CrowdStrike
issue.

The problem did not affect our Windows computers as we have not
installed CrowdStrike software.

I think the media have a habit of over exaggerating things. 

I am not long back from shopping at a supermarket, I asked if they
were affected. Well they were, but not for long as their IT staff
worked furiously to apply the CrowdStrike fix, and soon had things
working again. Not sure how long they were out for, but it did not
adversely affect me, in fact I would never had known if not for the
media hype.

At least I was not travelling on any flights at the time the faulty
update had been pushed. I can wait a day to go buy food, but changing
flights while travelling is something you do not want delays with.

> 
> it is evident that many people around still use Windows

I would agree that Windows is the most used OS for desktop PCs.

> 
> i wonder if linux is more reliable than Windows

Do you think Windows is not reliable?  Why is that?

> 
> according to some statistics linux has only 4% desktop market, 73%
for 
> MS, 15% for MacOS

Windows is loosing ground?, they have over 90% market share once, when
I was checking out stats.

> 
> why free OS hasn't gained more share even after 30 years of
development?

Do you use Linux yourself?

If not, why not?

Have you tried to convincing any Windows users into moving to Linux?

The usual reasons I am given from Windows users are:  

1) They see Microsoft Office as a necessity so then can share
documents with other people. Or they want to use Outlook as their
email client.
(a benefit of having market dominance with a product that can only
effectively run on your own OS)

2) Windows Users believe Windows has more real-time virus scanners
than Linux does.  Please remind me of the list of real-time virus
scanners available for Linux.

3) One thing that concerns me when I try to recommend Linux to Windows
users, is that I cannot get by without using terminal commands in
Linux, but in Windows powershell and command prompt are not required
to be used by standard users. Is it possible to use Linux only from
GUI programs? Many Windows users I know struggle just finding where
their photos are.

4) Software which runs on Windows but is not available on Linux. Photo
shop, various games, etc.   (I am curious how Windows on Copilot+ PC
will go, I expect companies will eventually recompile their software
for the new Snapdragon hardware, but unlikely to rewrite their
software for Linux)

For me, Linux has and does all I require, and I don't mind using
terminal commands now and then. But I am unable to recommend Linux to
anyone who does not 'want' to use it.

> 
> 
> 
>

Re: why reliable linux hasn't gained more market share?

[hlyg]

On 7/20/24 15:02, Michel Verdier wrote:

Linux is not on the market. I buy M$ but download debian. How can you say
how many people is using debian? Once upon a time there was a
linuxcounter...


Thank tomas, Verdier and George!

statistics about market share might come from web servers and game 
servers, they know how many users use linux and Windows.

Re: why reliable linux hasn't gained more market share?

[jeremy ardley]

On 20/7/24 16:56, Michael Kjörling wrote:

On 20 Jul 2024 10:28 +0200, fromgeo...@nsup.org  (Nicolas George):

Thank David! market share is important though it isn't "reliable
recommendation for quality": more users attract more programmers, who
develop more apps,

The programmers who are attracted by market share are not necessarily
the ones who are interested in developing quality and/or innovative
software, though.

A lot of paid-for programmer time isn't necessarily for what the
individual programmer_wants_  to do. If one's employer dictates that
their products should support Mac OS and Windows, for example, then
there's usually little that a programmer, no matter how motivated, can
do to extend that support to include Linux; especially if the product
in question is heavily dependent on OS-specific APIs.


There are plenty of applications that run O/S agnostic.

The earliest were the utterly awful apps in Java that thankfully are now 
biting the dust - "Write Once Run Anywhere" actually meant Write Once 
and run anywhere the identical JVM is in place and the identical O/S.


A while later QT came along and a lot of software uses the QT API fairly 
successfully.


Even later Javascript/Typescript have popped up so applications like 
Visual Studio Code run seamlessly on different O/S


And of course Python is now the language du jour and runs equally well 
on Windows and Linux especially in the AI realm.

Re: why reliable linux hasn't gained more market share?

[Michael Kjörling]

On 20 Jul 2024 10:28 +0200, from geo...@nsup.org (Nicolas George):
>> Thank David! market share is important though it isn't "reliable
>> recommendation for quality": more users attract more programmers, who
>> develop more apps,
> 
> The programmers who are attracted by market share are not necessarily
> the ones who are interested in developing quality and/or innovative
> software, though.

A lot of paid-for programmer time isn't necessarily for what the
individual programmer _wants_ to do. If one's employer dictates that
their products should support Mac OS and Windows, for example, then
there's usually little that a programmer, no matter how motivated, can
do to extend that support to include Linux; especially if the product
in question is heavily dependent on OS-specific APIs.

And let's not forget how many regularly conflate "common" with
"popular". That something is _common_ doesn't necessarily mean that it
is _popular_; it can rather be simply the choice of least resistance.
To within experimental error Linux is always going to face resistance
on the individual level because switching to Linux involves
_replacing_ something which one _knows is working_ on the hardware in
question (as well as something one has a sense of _knowing how to
use_), which is always going to be a rather big step. Myself, I often
emphasize that yes, Linux is _different_ from Windows, but it's not
necessarily _harder to use_, especially for typical office-style tasks
and after a brief period of adjustment.

That said, I've seen a lot of chatter in the creative communities on
the Fediverse (writers/authors in particular) about switching from
Windows to Linux because of Microsoft's recent Recall debacle. I think
I've personally seen three or four people say things to the effect of
"that's it, I'm switching to Linux"; and several more saying things to
the effect of "when I can no longer run my current version of Windows
on my computer I'm switching to Linux". With regards to this week's
Crowdstrike mess, most people who _can_ switch from Windows to Linux
aren't in a position of even having that software on their systems, so
for them personally switching won't have any impact either way. With
Microsoft's Recall, the situation is somewhat different.

-- 
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”