Friday, October 19, 2007

What does the Linux desktop need? Those who say "I want, I want..."

I've just read an article linked on entitled "What does the Linux desktop really need?".

Let's veer slightly and ask a similar question: "What does my car need?". I'd say it NEEDED a lot less rust, a sunroof that isn't held in by parcel-tape, a new wheel-bearing (AGAIN) and something to make my lights turn on at least once in every ten tries.

Personally, I'd say it could also do with electric windows, heated front windscreen and a CD changer/MP3 stereo. But wait. Hold on. If we're saying that I can have anything I've seen on a car... I "need" braking-power reclamation, a hybrid engine, 0-60 in 5 seconds, a five-year warranty, finger-print recognition for starting the engine and GPS vehicle tracking.

Now, that's ridiculous, because my car doesn't NEED those last things, but that's basically what this article was saying. The Linux Desktop doesn't NEED anything else. It's there. It's a viable alternative to Windows. It can do anything that Windows can do (given the developer time investment). Years of development on the Windows side is now recreated in a matter of months on the Linux side - take drivers for things like newly-released wireless cards, some of which have to be reverse-engineered before a driver can be made, take some of the fancy graphical effects present in Vista, some of the desktop "features" of MacOS and Vista and there are already equivalents and copies available for Linux that can do just the same, most of which were started AFTER someone had seen those features elsewhere.

There isn't a type of application that can't be run natively, in theory. Given enough horsepower, we can even replicate the majority of Windows functions enough that high-power applications and 3D games can be run in a Windows-userspace recreation (Wine) at astonishing speed considering the technical problems of doing such things. Not only that, Linux can do virtually everything that Windows can do natively, and usually does a better job at it. There's nowhere to go from here apart from getting people to a) use the thing and b) develop for the thing, both of which are mutually dependent.

Reading LWN comments on the article are even worse... it "needs" Photoshop, Office, Games... No, it doesn't.

It's been proven - it's technically possible to write top-class 3D games and powerful image-editing programs for the Linux desktop. It's not even any "harder" than doing so for Windows. When Adobe want to do it, they can. In fact, Linux is more standardised for such things. You don't need to worry about ATI vs nVIDIA vs Intel - just let OpenGL sort things out for you.

The fact is that the desktop doesn't NEED anything, unless you are intent on recreating Windows on Linux. That's the problem - the Windows mentality isn't suitable, or compatible, with the way Linux works. Windows people want firewalls that don't disrupt their games and let any application request an open port via uPNP. Windows people want antivirus because they think they need it. Windows people want perfect connection to the heap of junk that is Active Directory. Windows people don't want to enter passwords or manually configure their hardware in order to do dangerous things, like overclock their graphics card or turn their firewall off. You can't change those people. Not without a big stick.

The way to get Linux onto a desktop is not to perfectly emulate every undocumented Windows bug and quirk when connecting to an Active Directory server for login so that some poor sap can run Outlook the way he likes, but to build a Linux equivalent that has clear advantages - faster, smaller, easier to manage, more transparent, easily portable, easily extendible and which can do stuff not seen elsewhere. The people who are more likely to make decisions based on those criteria? Large organisations. Who use networks. Which are run by a poor sysadmin somewhere who "knows" Windows but only "plays" with Linux. They don't care that Linux can detect and use 99% of all PC hardware - they care that it takes an hour to set up a new type of PC to the way they want it to be, rather than a five-minute copy of a well-known model's hard drive.

Imagine a Linux distribution. You install it in a "server" mode via a menu. Then you install it on a client machine via the same menu. At no time did you have to install drivers for monitors or some such rubbish. You don't HAVE to license it. You don't HAVE to spend days setting up the user group structure and policies to a safe default. Yeah, they'll be parts of the machine that won't work without proper drivers but that's not important. Really. These sorts of places SPECIFY the machines. They say what hardware it will or will not come with, down to the individual components. Compatibility with some cheap winmodem is not their problem - they buy a different modem, especially if it affects their security or technician's free time.

Anyway, you've started a client and server from barebones. Then imagine that you have automatic, cross-network authentication to that server, client logon, desktop settings and "policies", which allow the network administrator to change every single setting and restriction on the clients in almost every program via one directory interface. Imagine it works just as well over wireless, VPN, a Bluetooth interface or a USB cable. Just as automatic. Just as simple. Just as fast.

You can throw software across the network by just clicking on a machine in a tree-diagram on the server and deploying a package (so it'll be an RPM, not an MSI, but who cares?). Managing a thousand users on a hundred workstations becomes a cinch. And as a bonus, the machines automatically share work between them when they are idle. They automatically discover each other (with according administrator control) and use each other's storage as a mass-RAID for the network data, including encryption to stop people looking at other people's work. It does it all without needing a millions ports open. It does it all without major security problems. It works just as well from outside the network, when one of your staff takes a clieent laptop home - they plug it into their broadband, maybe they have to click an option to connect remotely instead of locally, and bam! - it's just like they are at the office.

Now imagine that you can do all that on lower-end machines than Windows could. And you can do more, stuff that just isn't possible on Windows. You can plug four graphics cards into each PC, four USB mice and four USB keyboards and now four people can use the one machine without even knowing. And their CPU power is being shared across the network, with all the other four-man machines, maybe even with the server itself doing some CPU work on their behalf when it's not busy with other things. And you wouldn't even notice that was what was going on. We're *not* talking thin-client - but you can do that if you want, too. You just tick the "thin-client" option when you install the client and the system does the rest for you.

Now imagine that not only does it do all that but you can also trust the server to backup those clients too, whether they are working locally or remotely. The server remembers individual machines and any quirks you've had to apply (that binary modem driver, that setting on boot that prevents the ACPI problems etc.) and when you rebuild them you can re-include those quirks too. Saving data to the network is transparent and not only does the server RAID all it's data, but it shares it out with the network. Server blows up? No probs. Stick the CD into any machine, create a server, maybe supply it with the old servers private key and bam - all the data feeds back from the clients to the server and the network rebuilds itself.

Well... the problem is that most of that stuff exists in one form or another. Certainly everything listed above is perfectly "do-able" and there's at least a few bits of software for every single component of that sort of system. They're not all tied into one distribution (that I know) but they are there. The most "together" distributions are the paid-for ones, Red-Hat etc. But there is nothing there that isn't possible, it might take a few months work and you could probably do it all without nothing more than existing downloads and kernel patches and a bit of bash-glue. But it's not around. You can't actually get it. And most Windows admin's won't even try it while it involves a lot of messing about. Have you seen some of the HOWTO's? Have you seen the number of steps needed to get Kerberos, LDAP, Exotic Filesystems, remote-control, VPN's, etc. all working your way? Windows is no easier, either, so you're left in the "what's in it for me" valley.

What's needed is not more and more replication of existing features but new and exotic uses. What's the most interesting part of Google? The Google Labs. What's the thing that people ALWAYS buy an OS for? The new, interesting features. Yes, when Samba can perfectly manage every aspect of AD integration, it'll be sought-after. But people scrambled to Vista "because". There wasn't anything complicated in it, there was little groundbreaking stuff and popular opinion now says that Vista is more of a pain in the backside to run for the average user than previous versions. But it was bought because it "could". It could do "new stuff" that Windows people hadn't seen before. Remember Windows 98SE that could "do USB".

People are already talking about the next version of Windows Server because of what it can do. Not about how well it does it. Not even about how easy it is to do, that's normally left until review copies appear in the hands of magazine reporters, but about what's new. And, stupidly, not even about what it doesn't do any more. The fact that every single version of Windows Server has had a hundred features announced that have never appeared is overlooked. The hype surrounding it by the time it comes out MAKES people want it. Vista was supposed to include database-style filesystems, a download manager, filesystem "filters" (Libraries), Palladium "trusted systems", integrated anti-spyware, UEFI support, PC-to-PC Sync, a full XPS implementation, to have a better UI, to perform better than Windows XP, and that's before you even get into all the capabilities that they physically removed from the OS that were there before in XP.

And the fact is that Windows Vista was just a small upgrade. If it had had ALL of those things, it could possibly be the best OS in the world. And Linux CAN have the majority, if not all, of those things. Most of them even exist for Linux right now. We just aren't using them.

People who "push" developers to make a Linux-Windows just don't get it - Linux is already in front in terms of features and technical details. We all know that. It wipes the floor with it's "main" competitor (although, to be fair, so do a lot of other operating systems). It's not that we're not "there". We are. Something else is holding Linux back. Firstly, ease of use. That's usually a big trade-off with not only compatibility and security but also with system performance. However, Linux has power to spare. And then it's just a matter of making things work without a million settings. I'm a big fan of command-lines and text-based configuration files - there is no reason to lose them. But they don't have to have vi as their only interface.

The main thing it's missing, however, is a short, simple, easy demonstration of powers that Vista and even future versions of Windows either can't or don't have. It's needs a show-distro to turn up, either from the depths of one of the established ones, or out-of-the-blue. It doesn't need that distro to say "Look at me, I'm just like Windows, only slightly better", it needs to say "Why on Earth would you bother to look at an OS that can't do X, Y and Z", where X, Y and Z are things that either have never been done before, or always been "promised" or "desired" and never materialised. And I don't mean a flashy-gui interface. The nearest we ever got to that sort of hype was the Kororaa Xgl Live CD and look at what it did - very little of any practical use. But it was NEW. It was even NEWER than what Windows could do at the time. So it got a lot of press.

Being able to access an AD domain isn't something new. It's not impressive to people. It's not even that innovative - there's a major OS that does it automatically and (fairly) reliably. What's needed is to play to Linux's strengths - flexibility, malleability, speed of development, freeform and accessible API's. That means coding quickly, easily, without barriers and restrictions and expensive SDK's. Just get in there and write stuff. In half the time it's taken Windows to get where it is, Linux has replicated and/or surpassed every aspect of Windows. Now it needs to overtake it - you can't do that by blindly copying features from Windows, or even other OS's.

Now, the article doesn't push Linux for anywhere near as much as the comments on LWN. To them I say: Just because Windows does something, doesn't mean that Linux should follow suit. It that were the case, Linux would BE Windows. I don't WANT my Linux desktop to have a built-in GUI firewall that's difficult to configure the way I want. I don't WANT automatic update dialogs that are a pain to turn off. I don't WANT something to automatically detect all wireless networks the second it sees a wireless card.

On the software front, what would be the point of "getting" Exchange, Adobe, Office as Linux-native versions or equivalents. By doing that, you would have to integrate a significant portion of Windows infrastructure, including Active Directory and DirectX. So what you've done is made a "free" version of Windows. Whoopee. Everyone who's currently using Linux is using it NOW while it's not a version of Windows... why? Because it's BETTER. It isn't bound by some stupid corporate decision or two decades of backward compatibility quirks.

Take a look at some edited highlights of Vista SP1:

Performance improvements
New security APIs
A new version of Windows Installer, version 4.1.[47]
Users will be able to change the default desktop search program
Support for the exFAT file system (FAT extended for USB sticks, basically)
Support for 802.11n.
Terminal Services can connect to an existing session.
IPv6 over VPN connections.
Support for booting using Extensible Firmware Interface on x64 systems.
An update to Direct3D, 10.1.
Support for the Secure Socket Tunneling Protocol.

What's there that Linux won't have by the time it comes out, if it hasn't got it already? What's there that Linux couldn't do? Nothing. And to be honest, as a changelog for a major upgrade to even a stable release of an OS, that's pretty pathetic. What about Server 2008? It's all pretty much the same. There's nothing in there that Linux doesn't already or couldn't do with a year or so's work.

Let's stop faffing about asking Windows users what they think they need from a Linux machine. Let's SHOW them. Let's just get stuff done and forget emulating Windows. We all know that Windows has it's death coming to it. The longer we give it credibility by attempting to copy everything it does, the more time we waste away from the interesting stuff, the stuff that will have people hooked. We have SELinux, we have file-server compatibility, we have directory management software, we have all of this but nobody cares. We need to show stuff that Windows can't do.

We need a five-machine network that can outperform the best Windows servers and individual desktops, when both are running 20 simultaneous clients (as in four people ACTUALLY WORKING on each of the five machines, locally). We need filesystems that "heal" (and not like self-healing NTFS in Server 2008 which is basically thread-safe Scandisk), network filesystems that can let Google do it's job without worrying and with which small companies no longer need to worry about tape backup (although, obviously, they still could) - which adds 50% to the price of any server.

We need perfect, logical, simple directory systems that can do stuff that Windows AD can't even dream of, in an easily editable/recoverable/backup-able format - it doesn't matter if it's Fedora Directory Server or Apache Directory Server - no-one cares. We need it all to run, automatically but securely. We need automatic secure communcations across a network to pick up new machines and integrate them directly into the Directory. We need systems that (with proper admin control over the process) auto-patch underneath systems that are still running. We need one-click Setup, Trusts, Backups and merges of entire Domains.

We need client systems that can repair themselves from known-good images (which, hell, should be stored in the cross-network filesystem) while they are still working - no, we don't acquire viruses but you still need to Ghost stuff back sometimes. We need machines that detect faulty hardware and compensate automatically - memory just failed in the server? Fine. Isolate the memory areas responsible (BadRAM), alert the admin, allow them to work-around the problem temporarily until they can get a replacement, restart and check all services and then carry on like nothing happened. And all the time you spotted it where Windows would have just crashed.

We need systems that can tolerate as much failure as possible. Primary hard drive or RAID array failed? Warn the admin, carry on as normal, read what you need off the network. Network failed? Route around it, over a USB connection if the admin only has a USB cable left, or FireWire, or wireless, or Bluetooth, or Serial, or Parallel, or... We need a real, "intelligent" help system. When it sees that admin hunting through menus looking at DNS settings, it tries to (unobtrusively) help. It brings up a checklist and works through things one at a time by itself until it says to the admin "The DNS server is fine. But you forgot to point that client machine at it." or "The DNS server doesn't have a reverse-DNS for that IP, that's why what you're trying isn't working".

We need systems that collectively monitor, detect and shutdown other rogue systems within their sight, a kind of distributed-IDS built into the system. We need systems that do all this 100% securely, with full certificate-chains and verification and let the admin control exactly what's going on if he wants. And when someone breaks that particular method of encryption? Ah, just choose one of the thousand-and-one encryption methods and do a one-time re-encryption to change every server, client and software over. Well, yes, do pick up local Windows systems and tie into them as much as you can but forget making that a priority. Set NEW standards. Make people say "I absolutely NEED a system that can do that." Let the other OS manufacturers play catch-up for a change.

Let's stop playing catch-up. We already won that one, there's no competition there any more, there's no more fun to be had. Let's start wiping the floor. Let's get JUST ONE feature in that people decide they absolutely NEED. And let's do it before Windows can even get a sniff. Let's do it so that, when the time comes for Microsoft to replicate it, they want to be able to read OUR code in order to get it done well enough. Let's stop playing about asking 90-year-old grannies why they don't like Linux when they know nothing BUT Windows... their answer will always be some variant of "It's not like Windows".... either that or "That penguin is scary". Let's make the people that are really scared of the Penguin be Microsoft and Apple. Because, at last and for once, they can't keep up with Tux.


Anonymous said...

Hey man,

you seem like a guy I can talk to. I haven't read the article you're responding to in this post, but would still like to say something on the subject.

You are spot on when you say Linux has no need for ports of Photoshop and such application. There is also a good point in adding new features that other OSes don't have, and that may attract attention, especially in this world of consumerism, but I don't think it will shift the balance unless something else happens.

You mentioned it as well. Ease of use. Now you may say that Linux is very usable and you may be right, I'm not familiar yet with the latest releases of the big distributions, but it is my experience that Linux provides a really horrible user experience.

I've been using linux for maybe 10 years now. I've used SuSE 6, SuSE 8 or 9, Debian Woody and OpenSuSE 10.0. But I only use it for specific features, never for my allround computing solution.

The Linux user experience is just crap. I think the most important cause of this is that it's developers may be professional coders (or not) but most often there is not enough attention going to the user experience. The end user is not the focal point of development. There is no one monitoring the user experience and giving feedback. There are no superiors that lay out user experience requirements and mandate UI testing. Apple is known to design for experience, spending a lot of energy on the user model.
Microsoft is more about designing for functionality, with less thought about user models, less innovative and insightful thinking, but experience is still a big part of the package because they simply have to sell the thing. They can't neglect the end user.

In Linux however it seems to be fully about functionality, and then somebody discovers: hey, this isn't working so well, let's hack in some user experience. That doesn't work of course. You can't first buy the furniture of your home and then start thinking about style, harmony and living experience. You have to have a well thought-out plan, in which everything fits together and nothing is left out, and then you can go and realize it. If you didn't think about the colour of the wall before you decided on your floor covering because it was to hard for you to think of something good, and you'll 'just think of something afterwards', you're in for a bad end result.

And everything shows that the user experience of the linux desktop wasn't well thought out and well coordinated. Take for example the copy-paste system in KDE. There are at least two disjunct 'clipboard' systems: the old 'select to copy' and the newer 'select and press a key combo to copy'. Many applications have different ways of dealing with this. I often prefer to use Ctrl-Insert to copy a piece of text, and many times it works, but many times it does not, and I never know what's going to happen. It is just completely unreliable from a system-wide perspective. That's why I don't do any text editing in Linux. It's horrible. We're talking about a BASIC feature of any desktop system here, one of the MOST basic features you could think of, and it is just incredibly poorly implemented. And select-to-copy is just a very poor choice for editable text. How am I going to select a portion of my browsers address field without overwriting my clipboard contents? I can't. It annoys the hell out of me. I have to just overwrite it and then get it back by way of the Klipper - which is, btw, an excellent tool.

I could go on and think of other basic things that are left partially broken but I don't feel like it right now and I think any interested observer will know these things for himself.

Just one thing to show just how little attention the KDE designers give to their system. The KDE taskbar. The default size of the taskbar is so large, that your 'quicklauch' icons start to fill up way too much space. You can custimize it's size (height) but as you make it smaller, the icons will snap right into a miniature version of the icon which is way too small given the design of the taskbar as a whole, and there is no scaling possible. But, even if you do decide to use the smaller icons, with a small taskbar, then the area available to your window-bricks shrinks as well and they become unusuable. So all of this freedom in configuration is worth shit, and you have choice but to stick with the default. Have these people even *thought* about the usability? I'm left to wonder...

So, in short, there is just VERY little attention going to user experience, which is just, plainly, broken. There are only two applications that have impressed me with their quality, and those are K3B (the burner) and Inkscape (the vector editor), oh, and gEdit gives off a nice impression (even though it cannot even customize it's key bindings) as opposed to Kate and KWrite, which are just horrible programs.

Well, enough for now. Love to hear how you think about this.

Ledow said...

Thanks for reading and commenting.

I have to agree, at least in part, with your comments. They don't affect me as much as they do you because there are certain parts of modern desktops that I just don't use (anything with "Quick" in the title or anything tray-like... I like my "start bar"/KDE "K" and a clock and that's it).

But there's nothing in your comment that can't be done, is my point. And most of what has to be done is to make things more "Windows-like".

Ease of use is a problem on Linux in general - it has to be said. I can distinctly remember literally HOURS of getting a basic soundcard to work the way I liked, getting KDE to load up the way I wanted it looking and each time I reverted to the command-line at many points in order to do stuff, even if it was just backing up my .kde folder so that I could revert my changes.

But having said that, every time I upgrade my distro (which happens to be Slackware, the most un-user-friendly distro in the world but also the most basic, powerful and configurable) a lot of stuff gets easier.

Slackware 10, I spent a little while creating scripts and editing fstab to automount a USB storage device. Slackware 11, I just needed a single extra line. Slackware 12, it did it all for me automatically - however I did have to turn off a security option in an arcane file for udev to do it properly.

That's a trivial example but it would be enough to put off a novice, no problem. But the solution is not to automatically mount and run an "autorun" program on any inserted USB device - Windows gets some things drastically wrong.

Concerning how we (as Linux users or programmers) do this: Ease of use is about making things easier, not just for the user but for the programmer. The more options that a user has, the more chances that there is some strange interaction of options that causes problems. I can't count how many times I've broken my Xine setup by clicking the wrong box in it's configuration dialog - one which isn't there on the "easy" settings.

I've seen it happen on Open Source projects. When there is developer dead-time, that's when ease-of-use and the most useful features drop in. When you're in the middle of creating a new powerful AI for your OS game, you don't have time to make sure that you can't click the "highly experimental, doesn't do anything any more" button which you're planning to remove at a later point.

Ease of use is quite "easy" to do. It's about removing possibilities and choosing safe options that work for everyone. That, unfortunately, means disabling all the high-performance options that the developers are used to having switched on. That means that the nice shiny dialogs and auto-configure functionality that "users" want always get left to last - or when someone isn't working on anything else.

As an example, I'm a big fan of OpenTTD - a clone of a transport management game from the DOS days - and pull in and read the latest code almost every day. It's taken several years for a "signal GUI", an essential piece of the game for a beginner, to be implemented because all the people who test the bleeding-edge installs know that they can get all the same options by holding the Ctrl key down and clicking a certain number of times. It's even documented that way. But as a novice user or an old gamer who played the original game, the signal GUI is a 100 times easier to see, use and learn.

It wasn't that people didn't want it. It wasn't that it couldn't be done. It wasn't that nobody wanted to do it. It was just that it wasn't a priority to the developers and it needed "dead" time in order to eventually end up in the latest code. Even now it's not in an official release - that's another few months away. And there are countless other features in the same game that have had the same problem. They get there in the end but just never make it to the top of the list because they aren't "interesting" to a developer.

That's the problem we are facing - Linux is far, far too interesting. The basic stuff is boring. Nobody WANTS to spend time making it even simpler because it's just not interesting enough compared to the alternative of coming up with a new direction. But to users, it's a killer.

It can be done. It's just that we need to stop focusing on copying the deep internals of Windows and focus on getting those people who are complaining about Linux's ease-of-use to motivate the big software companies to do something about it. Waiting for people to re-implement every feature of Windows so that they can port their big apps isn't the way to make software user-friendly. Taking development time away from Windows-duplication and putting it on general ease-of-use would solve the problem in no time at all.