Xandros Linux conquers a hostile Sony laptop

A little something for everyone

Mobile application security vulnerability report

OS Review I have an impressive talent for buying laptop computers hostile to Linux. Right now I'm using a Sony Vaio VGN-FS840/W, with more proprietary drivers than you can shake a stick at. It's so bad that even a retail edition of Windows XP won't run on it; you need the OEM Windows (and sure enough, Sony is too cheap to include the CD), or you need to go to the Sony support site, download all of the drivers, and make your own supplement CD.

As for Linux drivers, forget it. Sony has more important things to worry about, like recalling millions of inflammable batteries. So naturally, this machine represents quite a challenge for a Linux distro.

My personal favourite, SuSE, won't run on it without a tiring vi session, trying to edit xorg.conf to get a screen to appear. But Xandros Home Edition Premium ran fine right out of the box. Indeed, it has turned out more functional on this Linux-hating computer than even a vanilla Windows installation, which is not something one expects.

The installation routine will be familiar to any Windows user: you put in the disk, and click OK every now and then. It isn't possible to do much tweaking during the install, although I was able to re-partition my hard disk and set up my Linux filesystems as I saw fit. Otherwise, there isn't a great deal for an advanced user to do, except set up the network and printer towards the end.

The desktop system is KDE, nicely decorated to look like Windows XP. Actually, KDE is pretty Windowsey to begin with, but if one feels that Xandros has gone too far in that direction, it's easy enough to customise.

There have been some improvements since our last review, with KMail now serving as the default mail client, as it should. A packet filter is installed by default; the Gimp is installed by default; and KWrite is the default text editor. These are all good choices.

But KDE is an excellent desktop, not just a good one: far superior to Windows in its wealth of useful applications and utilities. It's a pity that Xandros has limited its KDE packages to those that a Windows user would expect to find. Thus we're missing the KBear FTP client, KGpg, KMplayer, Kaffeine, KPackage, the K3b CD utility, Ark, and many others.

The Xandros file manager has been designed to look and feel like Windows Explorer, and this is fine; but I wish Konqueror were included in the start menu so that users could find it easily and experiment with it. It's present, of course, but you have to hunt for it. Still, the Xandros file manager handles a number of tasks, including compression and archiving, FTP, CD creation, and file sharing between Windows and *nix networks. A great deal of work has gone into it, and it's clearly meant to replace a number of KDE utilities. Yet there's no need to hide or neglect to install them; it's always nice to have a choice.

The default browser is Firefox, not Mozilla as it previously had been. Firefox is a bit leaner and faster, although it has lagged behind Mozilla in a number of important security features. It has certainly not lived up to the hype surrounding it, at least until recently. At this point, though, it's nearly on an equal footing with Mozilla security-wise, and definitely more responsive. So I would call that a good choice.

Overall, Xandros's security is improving, but there are lapses. GnuPG is included, but the KGpg front end is not. Shred is included, but it's not integrated with the file manager. There do seem to be fewer networking daemons enabled by default than there had been when we first looked at Xandros, and this is quite encouraging. I had only to turn off NFS and Samba (file and print sharing was off by default). I couldn't find a way to turn off the portmap daemon via the rather limited admin interface in the KDE Control Centre, and had to do it manually. But that's about it.

These daemon processes are called "services" to conform to Windows parlance, and they include some surprising items. For example, there's remote desktop sharing (VNC), which, on home machines, makes me uncomfortable from a security point of view.

The company has taken great pains to look security conscious, in the way that Windows looks security conscious. This means that the panel is buzzing with little applets popping up and interrupting your work to warn you to scan for viruses and the like. They have icons shaped like little shields; they look like things you associate with Norton and McAfee, and the Microsoft "Security Centre".

Windows users expect this so, apparently, Xandros felt it ought to give the computing public what it's used to, whether it needs it or not. But unless you're running a mail or file server, you simply don't need a virus scanner on a Linux box. And there's no need to be so showy about the rest of it, either. The company should enable packet filtering by default, leave the networking daemons off unless they're needed, tighten up the file permissions, and leave it at that. Users can get behind a NAT box, and forget about all those threats that used to terrify them running Windows. It's ridiculous for Xandros to remind people of the horrors they've just escaped by switching to Linux; I say, let them enjoy their computers for a change, instead of worrying about them constantly. Bag those silly little security applets.

The Essential Guide to IT Transformation

More from The Register

next story
KDE releases ice-cream coloured Plasma 5 just in time for summer
Melty but refreshing - popular rival to Mint's Cinnamon's still a work in progress
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
prev story


Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.