« Good-enough | Main | Coding ethics »

The lost penguin

Little_penguin_(Eudyptula_minor)_at_Kwinana_Beach,_September_2021_13-370.jpgOne of the large, ignored problems of cybersecurity is that every site, every supplier, ever software coder, every hardware manufacturer makes decisions as if theirs were the only rules you ever have to observe.

The last couple of weeks I've been renewing my adventures with Linux, which started in 2016, and continued later that year and again in 2018 and, undocumented, in 2020. The proximate cause this time was the release of Ubuntu 22.04. Through every version back to 14.04 I've had the same longrunning issue: the displays occasionally freeze for no consistent reason, and the only way out is a cold boot. Would this time be the charm?

Of course, the first thing that happened was that trying to upgrade the system in place failed. This isn't my first rodeo (see 2016, part II), and so I know that unpicking and troubleshooting a failure often takes more than doing a clean install. I had an empty hard drive at the ready...

All the good things I said about Ubuntu installation in 2018 are still true: Canonical and the open source community have done a very good job of building a computer-in-a-box. It installed and it worked, although I hate the Gnome desktop it ships with.


Everything is absolutely fine unless, as I whined in 2018, you want to connect to some Windows machines. For that, you must download and install Samba. When it doesn't work, Samba is horrible, and grappling with it revives all my memories of someone telling me, the first time I heard of Linux, that "Linux is as user-friendly as a cornered rat."

Last time round, I got the thing working by reading lots of web pages and adding more and more stuff to the config file until it worked. This was not necessarily a good thing, because in the process I opened more shares than I needed to, and because the process was so painful I never felt like going back to put in a few constraints. Why would I care? I'm one person with a very small (wired) computer network, and it's OK if the machines see more of each other's undergaments than is strictly necessary.

Since then, the powers that code have been diligently at work to make the system more secure. So to stop people from doing what I did, they have tweaked Samba so that by default it's not possible to share your Home directory. Their idea is that you'll have a Public directory that is the only thing you share, and any file that's in it is there because you made a conscious decision to put it there.

I get the thinking, but I don't want to do things their way, I want to do things my way. And my way is that I want to share three directories inside the Home directory. Needless to say, I am not the only recalcitrant person, and so people have published three workarounds. I did them all. Result: my Windows machines can now access the directories I wanted to share on the Ubuntu machine. And: the Ubuntu machine is less secure for a value of security that isn't necessarily helpful in a tiny wired home network.

That was only half the problem.

Ubuntu can see there's a Windows network, and it will even sometimes list the machines correctly, but ask it to access one of them, and it draws a blank. Almost literally a blank: it just hangs there going, "Opening >machine name<" until you give up and hit Cancel. Someone has wrapped a towel around its head, apparently thinking, like the Bugblatter Beast of Traal, that if it can't see you, you can't see it. I now see that this is exactly the same analogy, in almost the identical words, that I used in 2018. I swear I typed it all new this time.

That someone appears to be Microsoft. The *other* problem, it turns out, is that Microsoft also wanted to improve security, and so it's made it harder to open Windows 10 machines to networking with interlopers such as people who run Ubuntu. I forget now the incantation I had to wave over it to get it to cooperate, but the solution I found only worked to admit the Ubuntu shares, not open up the Windows ones.

Seems to me there's two problems here.

One is the widening gap between consumer products and expert computing. The reality of mass adoption confirms that consumer computing has in fact gotten much easier over time. But the systems we rely on are more sophisticated and complex, and they're meeting more sophisticated and complex needs - and doing anything outside that mainstream has accordingly become much harder, requiring a lot of knowledge, training, patience, and expertise. I fall right into that gap (which is why my website has no Javascript and I'm afraid to touch the blogging software that powers net.wars). In 2016, Samba just worked.

The other, though, is a problem I've touched on before: decisions about product security are made in silos without considering the wider ecosystem and differing contexts in which they're used. Microsoft or Apple's answer to the sort of connection problem I have is buy our stuff. The open source community's reaction isn't much different. Which leaves me....wanting to bang all their heads together.

Illustrations: Little penguin swimming (via Calistemon at Wikimedia).

Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.


TrackBack URL for this entry:

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)