Questions about Lite, mainly Ubuntu privacy oriented

[newtolight]

Hello again.

I’ve been doing some research in the meantime, both theory and practice. From the theory here are a few links which may bring more light into the subject:

https://distrowatch.com/weekly.php?issue=20160104#qa
https://distrowatch.com/weekly.php?issue=20160711#qa
https://www.dedoimedo.com/computers/ubuntu-spyware.html
https://www.dedoimedo.com/computers/linux-wrong-reasons.html

I’m not into Linux for the wrong reasons, I hope. What fascinated me from the start about the free software idea are its implications: a greater degree of trust in the software that one uses, less bugs, less power to capitalism...

Because capitalism is a self-defeating, self inflicting horror. Paraphrasing an ancient saying: “When two tigers fought, one will be dead while the other badly wounded.” Nobody is truly happy. Maybe by sharing resources both might have been?

Making a profit can be done in an ethical way, but that implies fair-play and the understanding that we are not masters of this planet, we are just simple, humble visitors who should respect one another.

How this translates into the software world: Software company/community X needs to earn some money from their hard work. Fair enough, no problem with that. But be transparent about it and don’t mislead customers. Invite them to test and audit your code, encourage them to use their faculty of reason and ask questions.

Make the product both user friendly and reliable. Offer some basic free support and get paid for extended one.

Need extra money at some point? Ask for donations, make a fund raising campaign, be up front with user data handling. That’s superior marketing.

Actually, that’s the best marketing. The one that is not cruel/uncaring/capitalistic at the core. The one that treats humans like partners, not sheep. The one that creates possibilities where all can win and where nobody is left right-less/home-less etc. You will win more hearts in this way.

From what I’ve seen so far, Linux Lite scores well at these points. But it can still be improved.
……………...

At an even more concrete level, I consider these three factors important enough in a product to influence trust in that product:

1. User friendliness

Few distros that I’ve tried so far are truly user friendly. Lite is definitely among them. It works out of the box and lets one get productive with minimum configuration effort. Wine and PlayOnLinux support greatly helps when Windows software is needed.

2. Reliability

Even fewer of the user friendly distros are reliable. By “reliable” I mean consistent, stable and not suffering from regressions.

I’ve used Xubuntu in the past a lot, since it was a simple and very user friendly distro (in no small part thanks to the Xfce desktop as well), less bloated and easier on system resources than either vanilla Ubuntu or Linux Mint.

But in the last days I’ve tried to boot Xubuntu 16.04.3 live from a usb stick. Didn’t work. Froze at boot without even any menu showing at all. On the very same hardware, Xubuntu 14.04 worked fine. From the very same stick, I’ve been able to boot the latest Lite. What conclusion can be drawn from these facts?

3. Communication with the team

This means both friendly attitude towards new users and competence in finding the best and simplest solutions.

This is the most sensitive factor. I don’t know if any distro community can achieve top score here, but I know from personal experience that Mint is low, while Lite is decent.

I’ll bring my own examples with Lite:

a) When I asked about how to unmount the iso, I still couldn’t understand what to do exactly, since I’ve never used that procedure before. I have feared to ask more about the matter, since I have felt some degree of impatience from my respondent after my tries.

Only accidentally I’ve discovered that there is a temporary folder that is created in the same directory where the iso file is mounted. That temporary folder only lasts as long as the iso file remains mounted. Only by right clicking on THAT folder was I able to unmount the previously mounted iso.

What added to my confusion was the fact that one can right click inside the mounted iso and no effect was achieved. I just think an ordinary user could not know all of these without proper instructions…

b) When I asked about:
https://www.linuxliteos.com/forums/on-topic/how-to-change-login-resolution-screen/

I have received a link containing many different opinions about how to approach the problem. Which one is right, up-to-date and doesn’t risk breaking the system, though? Again, confusing.
………………

In any case, I think overall Lite has achieved a lot in making Linux easier to use (as it should be). Hopefully it won’t ever let its users down.

Sorry for the long post, but some things need be said. My hat off to Jerry and the Lite team, my respects to everyone who has taken this matter seriously. Best regards.

[TheDead]

all on Windows 10. I am grateful to MS for a steady income

That made me LoL! So true! In this case they're indirectly financing Linux development. Strange days!

You remind me of Symantec, I'm pretty sure I can count YEARS of my salary on how buggy/crappy and insanely huge BackupExec was. They fed clients that crap for a decade at least. When they get too big to sit in their chair, somethin' gonna break.
In this case BackupExec's broken chair is now back in the hands of Veritas, the original creators.
MS has an solid adamantium throne (decorated with pilfered jewels and the bones of a thousand slaves) it seems.

But... Vulkan is coming!

[Jerry]

Just an FYI for consideration. I also do PC repairs. The job I just finished had:

- 2 unauthorized user accounts
- 1 remote connection set up
- Dozens of malware, viruses installed
- Registry infected

all on Windows 10. I am grateful to MS for a steady income

[TheDead]

Like Jerry mentioned, its impossible to go trough every line of code in an OS for verification. The time it would take, the OS would be years behind technology and useless.
I'm pretty sure, involuntary security holes are a bigger concern than voluntary spy wares or user information gathering sub-programs... well except for Windows 10, wink, wink.

That being said, like any program, once a piece of code makes it trough QA, it's released. Being patched and corrected during it's life cycle.
Same goes for a lot of things that are scarier like car manufacturer recalls or how the post or duty office can only check 1-5% of packages going trough.
Even NASA can have bad and really bad days. And don't check too much about food companies and what goes into food itself.

It's similar to when someone asks me how they can be 100% safe on the Internet, I tell them, "You can't be 100% safe on the Internet! It's like asking to be 100% safe when driving on the highway." You have to assume the risks versus the benefits and utility of the technology.
Even not on the road, the most secure car can be broken into and stolen. You could always up your security, having a guard dog inside can be discouraging,
pouring cement over it would be a great theft deterant. 99.9% secure but also 99.9%useless.

Getting back to OSes I prefer an open community where others can verify but also contribute, compared to a closed OS that can do whatever they want and patch things when they see fit or when facing public pressure. If you want the community to be able to check all parts your OS and programs, maybe staying away from closed source third party programs, drivers and extensions. In other words staying in the "libre" side of softwares.

Personnaly, I tried Libre-only, but since I play games on Linux also, when you get to recent nVidia videocard drivers, propriatary ones are so much faster (sorry Linus Torvalds).

Cheers!

- TheDead (TheUxNo0b)

[Digistylus]

So, in the end, one can simply flip a coin when choosing between two seemingly similar distros? Nevermind, no need to ask that, it's more of a rhetorical question...

A real answer seems to be right in this thread that the LL team seems dedicated to helping out users of the distro. So I'd say one does not simply flip a coin when choosing between seemingly similar distros.

If you really do have misgivings about LL or any other ubuntu based distros, especially if it does not meet your standard of security or trust. (Heck, that was the main reason why I decided to use windows only for offline or non critical machines and situations where there are no other practical alternatives. Because I personally can not trust MS anymore at this point.)

I don't say this to offend you but have you considered looking at other alternatives that might better meet your personal standards. How about Debian 6, iirc that one is used by the International Space Station.   

https://training.linuxfoundation.org/why-our-linux-training/training-reviews/linux-foundation-training-prepares-the-international-space-station-for-linux-migration

[Jerry]

You don't right click inside the mounted directory, you right click on the mounted directory. I don't know where you are finding Disconnect, but that is not what you use here. Hope that helps.

Sent from my Mobile phone using Tapatalk

[newtolight]

That's the communities job to audit. So who are you trusting? Other people on the internet.

It still remains a confusing issue, since it seems everybody points to others when asked about responsibility for what they are delivering. Not that this is exclusive to IT only...

So, in the end, one can simply flip a coin when choosing between two seemingly similar distros? Nevermind, no need to ask that, it's more of a rhetorical question...

Iso mount - right clicking on the folder you have mounted to unmount it, does work. I use the exact same Thunar action here.

I have followed your exact specifications. In Thunar, under "Devices", under "File System" appears the mounted volume. Right clicking there and choosing "Disconnect" gives some error and does nothing. Left clicking the mounted .iso (under "File System") and then right clicking inside the mounted directory and choosing "Unmount" does nothing. Right clicking on the original .iso file has no "Unmount" option. Is there another directory in the "File System" where the "Unmount" command should be used?

[Ottawagrant]

I use Linux Lite to do my banking & buying. I sleep very well, thank you.

[Artim]

The minimal Ubuntu core that Jerry & Co. build from is as secure as any other core operating system.  Now add Xfce, and modify it extensively to run on very modest hardware yet retain it's "user-friendly" awesomeness, then selected applications, tools, etc. to make Linux Lite.  Any distro is only as secure as it's core and selected applications. 

None of the infamous stuff in Ubuntu appears in Linux Lite.  NONE.  The only issue with Ubuntu (and all of it's derivatives) in my opinion, are it's updates.  When their updates include beta (experimental) versions of critical software, that's just unforgivable in my opinion.  To make unwitting beta testers out of newcomers to Linux is just over the top.  I say they should save the beta stuff from the in-betweens, and not in the long-term-support versions of Ubuntu.

These updates are avoidable in distros with their own "filter," like the one available here for Linux Lite.  DISCLAIMER:  This is not approved by our lead developer and head of the Linux Lite project!  I, however, wouldn't use Linux Lite without the added safety margin of this wonderful little tool. 

Jerry's points about ethics and trust are important!  If security and such are your chief concerns, there are distros aimed specifically at users like you.  If you're new to Linux and looking for simplicity, a nice easy learning curve, and using modest hardware that can't handle the newer versions of Windows, it doesn't get any better than Linux Lite. 

[Jerry]

It doesn't boil down to saying what percentage of existing software is in LL. I was hoping that I made a clear point that it is all about trust and auditing. From that, you get the answer. We could include only 5 pieces of Ubuntu software and one of those could contain malicious code, or could it? That's the communities job to audit. So who are you trusting? Other people on the internet.

I will always respond to you frankly and honestly. I'm not trying to educate or sell you on what distro or software to trust. I'm trying to educate you on trust.

Iso mount - right clicking on the folder you have mounted to unmount it, does work. I use the exact same Thunar action here.

If you need support for Linux Lite, eg. your login screen, please start a new thread in the correct Forum section. Thank you.

[newtolight]

Linux Lite uses Ubuntu as a base. I start with a minimal build (30mb iso) which is devoid of all applications and is simply a bootable network medium and build it one application at a time, adding our own custom features to it as I go. To answer your question, it is so completely different, its unrecognizable visually, in terms of applications and features.

I hope you don't mind that I ask this: How much, in an approximate percentage, is LL just Ubuntu unchanged and, therefore, how much is LL a different entity?

No one entity has the time to audit every single line of code created by Ubuntu. The free and open source community as a whole performs that task.

I understand the difficulty of the situation, but I still have 2 questions here:

1. Regarding the small parts (from what I understand so far, they are small, right?) that LL takes unmodified from Ubuntu, does someone inspect their integrity?

2. Suppose you would choose a distro for the first time. Besides the visual aspects, on what factors would you place your trust in any distro and its devs? What would influence your choice?

So then, it all boils down to trust. Who do you trust 100% newtolight? Friends, family, colleagues, acquaintances? This is fundamentally a human question. And because humans are flawed and have the capability to do both wrong and right, anything is possible, right? Do you trust the internet 100%? I don't, but I still use it. Do you trust Google 100%? I don't, but I still use it.

I agree, but still there are degrees of trust, right? Taking the current situation, for example, based on what Ubuntu has imposed on its users in the past, one would be entitled to be suspicious of them, while viewing Ubuntu based distros with still a reasonable dose of skepticism. Other distros would be perceived from a neutral point of view, so far at least.

From the very fact that the Internet and the whole software world is not 100% safe, it follows that the average, non-tech user had better study the offers carefully before deciding on one product. Better to ask questions in advance, even with the risk of being perceived as annoying, than asking them too late when the damage is already done.

And even if there was not the danger of malicious software -- it is still good to make an informed choice, to see which of the products suits one best. That goes for any product, not just software.

For some people, me included, part of the decision making process involves seeing how the product developers respond to users' questions and needs, while also seeing how do they tackle the ethical implications of their product...

I apologize if I've offended anyone somehow. I thought such a discussion would help everyone, for obvious reasons.
............

Regarding the iso mount commands. Mounting works fine, but unmounting does not. Right clicking on the mounted disk and choosing "Disconnect" does not unmount. Right clicking into the mounted disk and choosing the Thunar command "Unmount" does nothing. The only way to unmount the iso was a system restart...

If I may, another technical question: Can the resolution of the login screen be adjusted to fit the entire screen, like the desktop one?

Thank you.

[Jerry]

1. How different is LL (Linux Lite) from Ubuntu and how different is it from other Ubuntu-based distros? Is it just “Ubuntu with a different wallpaper”, like someone said in a review about many small Ubuntu-based distros?

Of course, I realize that the LL team have done a great job of easing the transition from Windows to many newcomers, especially with a good, informative guide and the nice “Lite Software” interface.  But is there more to LL? Does LL audit something in the general code or improve upon it somehow?

Linux Lite uses Ubuntu as a base. I start with a minimal build (30mb iso) which is devoid of all applications and is simply a bootable network medium and build it one application at a time, adding our own custom features to it as I go. To answer your question, it is so completely different, its unrecognizable visually, in terms of applications and features. I don't make comparisons to other distros, that's better left to reviewers and bloggers. I laugh when I see a comment like "Linux Lite is just Ubuntu with a theme", that gives me a good belly chuckle I'm 100% focused on Linux Lite and it's community.

2. Somewhat related to the previous question:
Ubuntu was known for gathering some user data in the past (the Amazon search present in Unity). Now, I understand that the data gathering was “anonymous” (or so they say…) and limited to Unity desktop (Really – how do we know?!?)

One one hand, Ubuntu users cannot be certain that Ubuntu does not contain more data surveillance code hidden inside its general code, can they?…

On the other hand, Ubuntu did make the Linux desktop easier and more friendly to use and thus it set a model to follow for many other distros and that helped the free open source world in general…

So I am divided here (am I the only one thinking like this?): It seems Ubuntu has done both good and harm. What is your position on this? How does LL ensure that the Ubuntu code they receive from the Ubuntu source is forwarded to the LL users in a safer way?…

The first answer I gave you directly relates to this question.
I don't have a position on what Ubuntu has done, because we don't and never have, built in that Amazon feature or anything else.
How does LL ensure that the Ubuntu code they receive from the Ubuntu source is forwarded to the LL users in a safer way? No one entity has the time to audit every single line of code created by Ubuntu. The free and open source community as a whole performs that task. So then, it all boils down to trust. Who do you trust 100% newtolight? Friends, family, colleagues, acquaintances? This is fundamentally a human question. And because humans are flawed and have the capability to do both wrong and right, anything is possible, right? Do you trust the internet 100%? I don't, but I still use it. Do you trust Google 100%? I don't, but I still use it.

3. Does anyone know of a simple, non-root way of mounting an .iso file? I know of AcetoneIso and Furiusiso, but they seem to install quite many extras with them. I will probably use one of them as a last resort, but I was searching for something simpler (for example, in Manjaro one can mount an .iso by right click mouse)

Code: [Select]

sudo apt-get install fuseiso
Then create 2 custom Thunar Actions:

Name: Mount
Description: Mount
Command: fuseiso -n -p %f %f.mount
File Pattern: *.iso;*.ISO;*.bin;*.BIN;*.nrg;*.NRG;*.mdf;*.MDF
Appear if selection contains: Other files

Name: Unmount
Description: Unmount
Command: fusermount -u %f
File Pattern: *.mount
Appear if selection contains: Directories

Creating actions can be found here - http://docs.xfce.org/xfce/thunar/custom-actions

[newtolight]

Thank you for your answers so far. However, they do not make the matter more clear.

Simply saying something like “Hey, look, the code is freely available there on the web!” does not really help, because one cannot easily find out if that code is exactly the same as the one that is in the compiled file.

Making a parallel with the food industry: If you know that after an audit company X was found out of mismatching the ingredients in the actual product with those on the product’s label, how much would you be inclined to still buy and eat their product, assuming decent alternatives exist?

So how can a normal, non-tech user can really trust Ubuntu and LL?

As for the .iso mounter, I need a program that mounts the .iso as a disk, similar to DaemonTools from Windows.

[Artim]

I tend to think of it as "Xubuntu done right," because it has the Xfce desktop, but very highly modified to make it easy on older, modest hardware.

It's also particularly "newbie friendly," more than any other distro I know (and I know several!).  As a sufferer from "moderate-to-severe technophobia," I especially enjoy the simplicity of this very thoughtfully modified Xfce desktop, and it's fast and nimble on my old relic Dell Dimension with not even 1 GB of RAM.

[Digistylus]

Hello.

I'm quite new to using Linux and have some experience with Ubuntu, Mint and Manjaro so far.

Howdy. I'm still relatively new level to using linux as well, I switched the majority of my computers OS and workflow to linux based around the time of windows8. I did not like the direction of where windows is going and win10 just cemented my misgivings about MS. I still have and use a win7 workstation that is kept offline. Linux distros I've used so far were mostly ubuntu based starting from 14.04 onward such as Kubuntu, Xubuntu, Lubuntu, Mint cinnamon and xfce version, Zorin, a few very lightweight ones such as puppy, antix (debian based?) that I tried but did not fit my use and needs. A few others that I probably forgot. I did not bother trying ubuntu with unity since the Unity DE is not my cup of beer.

Out of my distro hopping, I've made Linux Lite my first go to choice, and lubuntu second. Kinda interested in gallium os if I ever pick up a cheap chromebook maybe. Currently using LL 2.8 and dabbling in 3.4.

LL is basically my favorite distro. It's not superfluously flashy though it is decent looking, 3.4 made some visual improvements on that imo. Yet not so minimalistic that it becomes difficult to use for most people. It's a good porridge.     

My questions are:

1. How different is LL (Linux Lite) from Ubuntu and how different is it from other Ubuntu-based distros? Is it just “Ubuntu with a different wallpaper”, like someone said in a review about many small Ubuntu-based distros?

It delivers what it says on the box at least for me. There were some small glitches that was and is mostly tied to either ubuntu or xfce, but for a large part LL succeeds at what it aims to do. It's a good balance between light and practical, it respects the user and does not get in the way. The LL team seems to understand what someone from a windows based OS needs to see and use in a newbie friendly distro.

Does LL audit something in the general code or improve upon it somehow? 

That question is above my paygrade, all I can say is even though LL is based on ubuntu. And I've tried the various official flavors of -buntus. LL just works for me. Great if others prefer the other -buntus, but it takes nothing away from them when I say LL just works, the LL team "gets it". While there is no 100% perfection I can say that most of my migration to linux has been seamless enough, thanks to Linux Lite.

So I am divided here (am I the only one thinking like this?): It seems Ubuntu has done both good and harm. What is your position on this? How does LL ensure that the Ubuntu code they receive from the Ubuntu source is forwarded to the LL users in a safer way?…

I'm just an end user, and I don't have the deep know how to read the codes to verify it. I rely on the other users who are more savvy and the LL team for that, and so far based on their actions I've seen they do seem committed to respecting the user's privacy and user control.

https://www.linuxliteos.com/forums/release-announcements/linux-lite-3-6-beta-released/msg34015/#msg34015