What's That Outside the Windows?
Alternative operating systems and why they matter

This presentation can be considered Part 3 of my Free Software Trilogy.   It's more easily understood if you read my earlier articles on this subject for context: Free Software and Linux_1.  It accompanied a demonstration of the CD-based "live" Linux systems Knoppix and Gnoppix.

This piece is not intended to be a rant or screed against Microsoft; far from it.  I know that most of my intended audience are Windows users, and likely to remain ever so.  To both paraphrase and mangle Shakespeare, I come to neither praise Microsoft, nor to bury it.  But, that having been said, I need to explain why I have basically moved away from Windows.  I am not abandoning the Windows platform--far from it.  I use both Windows XP and Windows 98.  If I'm going to support Windows users, I must be current on Windows.

Another thing that must be pointed out is that I am talking here about the end users and the desktop, not servers.  In that space, Windows installations are already outnumbered by the alternatives; not just alternative operating systems, but Windows servers running non-Microsoft software such as the Apache server.  I understand that this is a Windows-centric PC universe for end-users (at least for now), but at the same time one must be aware of the inherent pitfalls in this path.

The biggest pitfall, the crater in the middle of the road that everyone must be aware of lest they fall in never to be seen again, is security.  For example, Internet Explorer has more than thirty unpatched flaws that are unlikely to be fixed any time soon.  The simple fact is that all versions of Windows up to the present cannot be made secure--no provisions were made for security in Windows 95, and all subsequent versions would break if it were added.  While this sounds like a bold statement, there are at least two things that demonstrate this fact.  One is that a long-known flaw in Windows has not yet been made secure--in fact it is so basic that it can never be made secure.  Another is that Microsoft purchased a company called Connectix.

The basic flaw is that any program under any version of Windows can send a message to any other running program without restriction.  This could allow a malicious program to hijack a system and do nearly anything.  This exploit has not been fully taken advantage of (some viruses have used related flaws), but it's only a matter of time before someone finds a way to use this to cause big trouble.  Windows NT versions (NT, 2000, and XP) are a bit better, but still vunerable.  Windows NT started out secure, but was literally broken to improve XP's performance and compatibility with earlier software--at the expense of security.

Why is the Connectix purchase significant? They make a program, originally for the Apple Macintosh, called Virtual PC.  This software allows a Mac user to run Windows in an emulated PC environment.  Why would Microsoft buy a Mac software company? Quoting Microsoft on their new product, Virtual PC for Windows:

Microsoft Virtual PC is a powerful software virtualization solution that allows you to run multiple PC-based operating systems simultaneously on one workstation, providing a safety net to maintain compatibility with legacy applications while you migrate to a new operating system.  It also saves reconfiguration time, so your support, development, and training staff can work more efficiently.

Pretty spiffy sales-speak, but exactly why would you want to run an emulator under Windows to run Windows? The long-term answer is simple: Longhorn.  This is the code name for the next version of Windows which will, in all likelihood, be totally incompatible with current and legacy versions.  This would allow Microsoft to solve all the problems with security in one fell swoop.  The answer to both the security and compatibility problems is Virtual PC; run it under Longhorn and run your Windows XP session in a virtual locked box.  Of course, there's a performance penalty (admittedly, computers will be more powerful by the time of Longhorn's release--in this regard, Microsoft is rescued by Moore's Law) and this is likely to require a user to own two versions of Windows...

Longhorn itself, then, can be considered an alternative operating system, but since Longhorn is not scheduled to be released for another two years at least  (second quarter 2006, possibly as late as 2008), what does a user do in the meantime, especially if they are extremely concerned about security (or just plain curious)?

There are two main alternatives at present time to running Windows on x86-based hardware (a generic term which includes Intel Pentium, AMD K6, Athlon/K7, & Hammer/K8, and VIA C3 based systems).  One is the Macintosh product lines; the combination of new Power PC-based hardware with the OSX operating system is very powerful--but this requires new (and relatively expensive) hardware.  It must be pointed out that OSX is based on Darwin, a version of FreeBSD, a Unix-like operating system.  BSD is available in several versions, some free, few of which (Darwin's an example) are considered suitable for desktop use.  The relative lack of hardware drivers under BSD, for example, is less important when there is a more-limited range of hardware to select from, which is the case with the Mac.   We will save the Macintosh for a later discussion, but it should be pointed out that there is an open version of Darwin for PCs, Darwin-x86.

The other is the combination of the Linux kernel (framework) with other free software.   The combination, sometimes referred to as GNU/Linux, is  more casually referred to as just plain Linux.  The total package is called a  distribution (distro for short--for more information on GNU, see the article Linux_1).   The version of Linux that most business users are aware of is Red Hat; another version that consumers have become more aware of is Linspire (formerly Lindows)  The distributions of Linux that I am discussing here are both based on the free Debian distro.  So is Lindows.

Linspire/Lindows has one major drawback: security.  Normally, a Unix-like operating system has two basic modes, root and user.  As administrator, root mode can do anything on the system--including malicious acts.  User mode is more limited and must be granted privileges by root to do administrative tasks such as installing new software or making major system changes.  This is one aspect that makes Linux and other Unix-like operating systems more secure than Windows.  For example, Mac OSX has root disabled by default.  A default Lindows installation runs as root, hence is insecure by design in much the same way as Windows, though the problem is not as severe.

Also, this is not to say that Unix, Linux, and the BSDs are perfect.  For example, flaws in program code can lead to a variety of exploits, including a problem called privilege elevation (tricking the system into "thinking" that a program has root privileges), but they usually can be exploited best locally (someone actually at the machine).  Operating in user mode minimizes the damage (unless the hacker has the root password).  Viruses are rare (but not unknown) in Linux, and very few desktop machines have ever been infected.  Also, it 's a smaller target, since fewer desktops run Linux--but Windows is also so much the easier target for the reasons listed above.

 So why have I switched to Linux from Windows?  Besides the reasons listed above, part of the reason is cost.   By installing Linux from Knoppix, it's free (both free-as-in-free-speech and free-of-cost).   Also, I have no worries about bootleg software or activation.   Furthermore, when you purchase Windows, that's just what you get--the operating system and a few relatively low-level applications.   Nearly everything else must be purchased at additional cost; with Linux, most distributions come with a number of excellent applications, including OpenOffice.org (a free ofice suite comparable to Microsoft Office), the GIMP (a free image-manipulation program comparable to Adobe PhotoShop), and others.   Much more software is available for free download and easy installation--and of course much of it is available for Windows, as well; for example, a version of the GIMP.

In order to make things as direct as possible for Windows users, I am discussing CD-based "live" distros here to avoid the need for installation to a hard drive, something which is basically impossible for Windows.  With the discs available, it's possible to try out and compare both of the major desktops used by Linux--without having to install a new operating system.  The no-install option is useful not only for trying things out, but also teaching on others' systems.

One of the aspects of Linux, for good or ill, is the number of different desktop environments that are available.  The two best-known desktops are exemplified by Knoppix, which is based on KDE (the K Desktop Environment) and Gnoppix, which is based on GNOME (the GNU Object Modeling Environment).  There are some similarities, but KDE is more Windows-like.  Many, though not all, programs operate under both environments.

Even a Windows user can find a CD-based Linux such as Knoppix useful, since it contains utilities that can be used for backup/restore and rescue.  My home system is triple-boot (I can select from Linux, Windows 98, or Windows XP), but the ability to CD-boot into Knoppix makes maintaining all three environments easier.  My Linux and Windows XP installations are each on a 10 GB partition; much of the rest of my drive space is FAT32 so that it can be read by all three operating systems (Windows can't read Linux file systems natively, Windows 98 can't read NTFS without help.  In these days of 120-GB-and-up hard drives, 10 GB chunks are easy to free up.

It is not my intention to convert the Windows users among us into Linux users, but to make people aware of the context that Windows fits into and the wider world of computer operating systems.  I hope that this article has proven useful to that end.

Last revised: 25-May-2004.  Copyright © 2004 Michael Rudas.   All rights reserved.   The opinions expressed in this article are not necessarily those of the other members of the Oak Park Computer Club.   All trademarks are the property of their respective owners.   This article was created using the EditPad Classic text editor and OpenOffice.org 1.1.1 word processor, both free.   Permission is hereby granted to publish this article in an unmodified form, except for formatting (contact me for changes or updated versions).   Technical questions and help requests can be directed to my tech-support mailbox, the link to which can be found on this site or the OPCC site.