[Promotion] key features

Martijn Klingens klingens at kde.org
Wed Jan 25 13:25:43 PST 2006 

On Wednesday 25 January 2006 21:21, Santiago Roza wrote:
> On 1/25/06, Martijn Klingens <klingens at kde.org> wrote:
> > The competence of the sysadmin is a lot more
> > important.
>
> but we aren't promoting that are we?  :)

Well, if you ignore it the whole promise of security falls apart and turns 
into a _false_ promise.

Linux and the Free desktop are more secure *IF* (and ONLY if)
- the user patches in time and is careful when dealing with untrusted
    information
- we remain small enough to not make our platform attractive for malware
   authors to commercially exploit

Those two constraints are way outside our control. Well, the latter actually 
is, and our very mission statement is to make it become true, since we WANT 
to become big players on the desktop market.

The security argument at first glance looks like many other advantages of our 
platform, like it being Free as in speech, cheap or even free as in beer 
depending on the distro, more flexible, easier to administer, more 
consistent, developing at a quicker pace, more openminded and many more.

You listed quite a "nice" list yourself, which I've snipped for brevity's sake 
(but I do acknowledge it ;) ).

The difference is that the stakes are different. If people complain about 
feature XyZ missing, let them. If people notice that we don't deliver the 
"promised" security they will not simply feel disappointed, they will feel 
betrayed. Security is the one feature one shouldn't play games with. There's 
a reason why all major browser teams, both open and closed (MSIE, Opera) sat 
around together recently to fight phishing in a joint effort. I don't see 
that happening in many other areas of the software landscape anytime soon, at 
least not including software from parties like MS. Also be aware that press 
is more likely to jump on security issues rather than on, say, Linus not 
wanting to write a patch for you.

> > The word "YET" is missing here. There *will* be viruses and spyware. It's
> > only a matter of enough installed systems to make it commercially viable.
>
> i don't know.  but i do know we don't have them now, and i don't see
> why we shouldn't be promoting it.

Because it's a ticking time bomb. There are still a gazillion of people saying 
that Windows sucks because it crashes so often. That's the main reason that 
got me from Win98 to Linux. However, if you are running Win XP or 2003 with 
drivers from responsible manufacturers fact of the matter is that the Windows 
kernel is an impressively stable beast. A beast still, but not because of 
stability issues. Blue screens are a relic of the past, or of cheap hardware 
and/or buggy drivers (which is mostly caused by cheap hardware :) ).

Why am I stating this point? Because what used to be true is a myth now. A 
convenient myth since it's free marketing for us, but a myth nevertheless. 
Look at how long the myth is still living on. Now consider us tauting our 
current security. Since we can already know that that situation won't last, 
think about the effect that our security-myth will have on people switching 
to our platform in 3 or 4 years time. They will be disappointed. A lot. How's 
that for bad marketing? If MS delivers only 10% of what it promises for Vista 
and security in general (and I think they will, the code they're writing now 
is a hell of a lot better than their old stuff, and although they have a LOT 
of legacy crap biting them again and again, and they will continue to make 
mistakes from time to time they WILL gradually become more secure) people 
will simply move back to Vista and we lose.

Summarizing a darn long paragraph we *could* use it as a short-term argument 
at the current point in time, but in the long run it does more harm than 
good.

> imagine it was only because we have a smaller user base (which is not
> the reason imho)... so what?  you'd still be more secure by switching.

LOL... and our very goal is to become a big and major player. So either we'll 
be destroying our very argument or we will have failed at marketing in the 
first place :)

-- 
Martijn

More information about the promotion mailing list