Category: Business

Ubuntu for the masses

Posted on by chris

Hot on the heels of my lament that the media doesn’t do Linux justice comes the news that Dell are to start shipping computers with Ubuntu. This is severn shades of greatness, and will hopefully lead to a dramatic rise in interest of Ubuntu (and free software in general) by people previously unaware of the beauty that is Linux.

But even more than that, what do I see on the Dell website? Only that Michael Dell, chairman and head honcho, uses Ubuntu and Evolution at home. Fantastic. This guy has more than enough money, business and common sense to choose anything he wants (nice set of computers, Mike), and he chooses Ubuntu.

Linux as a viable business desktop platform

Posted on by chris

While no-one can doubt the widespread use of Linux as a server platform – the latest figures still show a clear lead for Apache, Linux’s flagship web server software – it’s take-up on the desktop has been slow. OK, let’s be honest, it’s take-up on the desktop has been virtually non-existent. For example, ask any of your non-techy friends if they’ve ever used Linux and you’ll probably hear most of them say “no”. Or possibly even “what’s Linux?”.

It’s an unfortunate situation to be in, as trying to rock the monopoly of Microsoft isn’t an easy thing – I would guess just their marketing budget alone is bigger than the combined budgets of most Open Source software development companies. Still, Microsoft has brought the computer to the masses and without that there’s no chance anyone would use anything – whether it’s proprietary or free.

So it’s a bit disappointing to see that a respectable online magazine misses a trick in an otherwise excellent piece when talking about the new Microsoft OS Vista compared to Linux. The trick they’ve missed is this:

Alternatives? Desktop Linux is the obvious choice but there remain gotchas. For example, while the bases are pretty much covered in terms of basic applications such as OpenOffice, there’s still no credible open source replacement for the Outlook client, in which many workers live from day to day.

True, most workers do live in Outlook day by day, and they need to know they wont lose that functionality if they move to a non-Microsoft system. So it’s good that there is such software freely available.

Evolution, sponsored by Novell, is the free software world’s answer to Outlook. And it’s good, with features that would look respectable on anyone’s desktop. It even integrates with Exchange, Microsofts email server system.

I don’t pretend to believe that Linux is the be-all-and-end-all of computing, the world needs commercial software just as it needs commercial everything else. However the gap between Microsoft and the free software world is narrowing, and I’d love to see more businesses take on Linux for their desktops.

Me? I’m waiting for Ubuntu Studio. Once that is released, it’s been unfortunately delayed (see? it even happens to the good guys!) I see no reason to use Windows at home. Fantastic.

Website security

Posted on by chris

A few recent goings-on (going-ons?) have made me think about website security. Firstly was the flurry of interest about Open ID, which is an open, distributed identity system. Basically you set up one Open ID account and use that account to log into websites, applications and services which support it.

It’s not without it’s problems, but in general it seems like a good idea. You just have to remember your open ID address (which, for me, could be the address of my website and then you’re prompted for your Open ID password. Easy, and it’s the same for every Open ID-enabled site you visit.

Secondly we’ve had a whole series of – frankly quite animated – discussions at work about persistent logins for web applications. You know the type of thing: you log in, ticking the “Remember me” button, and next time you visit (a few days later, perhaps) you’re logged in automatically.

Great, but that does intoduce some problems. Mainly that as long as you’re on your computer, under your operating system login, it works great. When you go to someone elses computer, or use another login, or (even worse) you don’t have any logins on your operating system and your computer gets stolen, lost or hacked – anyone can pretend to be you in the web application.

It’s a well-known problem, and most developers get around it by putting a sensible expiry time on the automatic login cookie, something like a week or a month works fine. But some want customers to never have to log in after they’ve done so for the first time. Ouch.

You see, if we think that customer won’t be able to remember a password – even when we provide a “Forgotten your password?” link on the login screen – can we trust them to not load one of these indefinate login cookies on a non-secure system? I don’t think so, and once the cookie is there anyone just going to the right address has access to the data.

We’ll find a solution to this problem soon. We’re good at doing stuff like that; it’s what we do.

In the meantime, I had a thought. How about a browser plugin that handles security? My browser of choice has an entire universe of plugins that do all manner of clever things.

My thinking is like this. The user logs onto their operaing system (say, Windows) and opens a browser with the security plugin installed. Because the browser, and therefore the plugin, is part of the operating system it can get the currently logged in username and send that (via SSL) to the web application, which verifies it against a list of users. Perhaps a token/key could be used to make it even more secure. The web application then logs the user in as themselves.

That way, you log onto one system and the web application uses that login to verify who you say you are. Some websites with integrated Windows authentication use this already, admittedly without a browser plugin, but this way would be cross-platform (both client and server).

As long as you had the plugin (which could be verified regularly) and your operating system login was secure, you’d be laughing. Or chuckling a bit, at least.

Do you see any problems with that idea? Tell me, there’s normally something major I miss.