Language Selection

English French German Italian Portuguese Spanish

Xandros 4: Home Edition - Premium

Filed under
Linux
Reviews
-s

I just received my boxed set of Xandros Desktop Premium Home Edition. The box was heavy. I thought to myself, "the box is heavy!" That's because it contains not only the sealed packet of 3 cds, but also a quick start guide and a rather thick User Guide. I beta tested an early early version of Xandros years ago, so my memory of it has all but faded. I do recall that at that time, it wiped out my entire disk. I'm hoping it has a partitioner this time. A little older and wiser now, I thought I could avoid catastrophe even if it doesn't. So, how did it go?

Packaging

The box itself is a rather enticing package. Presented in primarily shades of blue, the front contains a large xandros logo in blue and gray as the focal point accented by a few graphics of some of the apps awaiting the user. The back of the box depicts a desktop screenshots highlighting some of xandros' multimedia capabilities while pointing out some of the other system traits. Inside the front flap we find a page listing some more capabilities of xandros, such as Music Management, Office Suite, Windows Compatible, Security Suite, and Wireless Networking. The other inside covers features more screenshots emphasizing the point and click capabilities through examples of applications. It's quite an attractive presentation.

            

Inside the box we find a packet of 3 cds: Installation CD, Applications CD, and Versora Progression Desktop for Xandros cd. Also included is the Getting Started Guide. This little booklet is a full color summary of the install choices & procedures, howto start the system, and a basic quick introduction to starting applications. In addition, there is this 380-page User Guide. This book is a detailed guide to using the Xandros Desktop. It goes into such detail, any user is almost guaranteed success. One could write a full review just of this book. For example, within its 18 chapters we can find out how to install, use, and customize the desktop, connect to the internet, and manage files and the system. But that's not all. It also details how to use all the various applications. And it all focuses on point and click. I haven't seen a reference to the commandline yet. This book appears to be a wonderful asset. The User Guide alone is probably worth the price of the Xandros package to the new Linux user.

            

Bonus: As a surprize I suppose, some other neato stuff in the box are Xandros stickers. One is a computer case sticker. Xandros also gives their new user 30 Skype minutes. Your serial number is also in the cd packet, so look for that and don't lose it. It's also in sticker form, so you can stick it on the side of your monitor, in your User Guide, or on your case.


The Install

The installer starts off with a text screen telling how to access some Troubleshooting tips. It must default to about 3 seconds tho because the full screen blue splashscreen soon appears. The background looks very much like their wallpaper in the desktop screenshot, with a thin red progress bar marking the progress of the process output in text. The next screen I see is the NVIDIA logo. I thought that was quite interesting. This is the first installer I've seen that uses NVIDIA drivers. The result was amazing. I got a full high res screen with 3D effects. The interactive installer presents its information in a modern looking 3d box of another lovely shade of blue. It looked great. The first screen is a Welcome screen advising the user that the upcoming wizard will guide them through their install. The next is the license agreement. It was relatively short and briefs the user on the concept of gpl'd software and asks one to comply with the rules for it as well as the proprietary software included. Then comes the fun stuff.

On the left side of the interface windows the steps are listed. As each step is begun, the listing bolds. It is organized as follows:

  • Welcome
  • License
  • System
    • Software Selection
    • Disk
    • Network
  • Administration
  • User Accounts
  • Summary

Software Selection is fairly easy as applications are called by task name rather than their actual development name and the list is categorized by broader task-sets such as Accessories, Games, Graphics, or security. I ended up choosing about everything except some printer specific drivers. Full install was about 1.4 gigs.

Under the Disk section, one now has several choices available.

  • Use Free Space (which was grayed out on mine)
  • Take Over Entire Disk
  • Resize Windows Partition (also grayed out)
  • Replace Existing Xandros (grayed)
  • Manage Disk & Partitions Manually (For Experts)

Since my disks are already sliced up, I chose to manage disks manually. This consistantly attractive screen looks very much like qtparted, but perhaps a bit more simplified. The operations include Assign, Unassign, Edit, Delete, and Browse. I don't believe I've seen a browse option in a partitioner before. How convenient! In case you've forgotten what might be on a particular partition, which I do quite a bit. Another extra found was Xandros amazing ability to detect the operating system or data installed on many of my partitions. Never before has an auto-detect been so complete and correct. So, I chose my target partition and clicked Assign. Under Assign one can choose the filesystem from Ext2, Ext3, Reiserfs, or Reiser4. Having been bit the initrd snake on more than one occasion, I typically choose Ext3 - as I did this time. Next one must confirm their choices and choose a bootloader option. One can 'untick' the box for the option of installing one or choose where to install one. I unticked and was warned that my new system wouldn't boot without manual intervention and confirmed this was correct.

Next came the Network configuration step. I say configuration in that one has edit, add, delete, etc option as well as dhcp or static - all the standard configuration options. However, my on-board Gigabyte chip (that I've been using lately) was auto-detected, set as eth0, and setup as dhcp. This was my desired setup, so all I did was click Next.

Now was Administation time. This is where one sets their root password, as Xandros uses the Linux standard of user/root priviledges as opposed to the new trend of sudo. This is a good thing in my book as I don't like the sudo philosophy of complete system management. To me sudo is something that should be configured by the admin for a few user/command specific tasks if needed. Also at this point one could choose some higher security restrictions such as making users' homes private and enforcing strong passwords). Interestingly, one also sets their hostname during this step.

Next is User Account(s). Then finally a Summary screen outlining all choices for confirmation before making any changes to your disk. Click Finish and we're on our way. Xandros took about 10 or 15 minutes to install and the user is entertained by a lovely slide show, as well as a progress bar with percentage is used to keep the user informed. Then the usual user can reboot into their new system.


Xandros4

Hmmmm. Very detailed review of this distro. Does this mean you're considering switching from Gentoo?
(Just kidding.) Nice review. I had wondered if Xandros was really as easy as the reviewers say it is.
But, for ease of use, I'll stick with good ol' PCLinuxOS.

re: Xandros4

djohnston wrote:

Hmmmm. Very detailed review of this distro. Does this mean you're considering switching from Gentoo? (Just kidding.) Nice review. I had wondered if Xandros was really as easy as the reviewers say it is.

Naw, I guess I'll stick with gentoo. It'll be nice have Xandros around for another backup tho. SUSE has been my usual backup (I'm running ~x86), but Xandros might take it's place. I need to boot over there and pretty it up a bit more.

I don't know why they go to the trouble to pretty up the panel and add customized wallpapers then leave the kde default windec.

Yeah, Xandros is a nice system. I don't know why I was surprised. Big Grin

----
You talk the talk, but do you waddle the waddle?

Laptop on Xandros

Did you also do your test on a laptop ?
It would be really interesting to learn how Xandros handles the suspend, hibernate, wifi, etc..

re: Laptop on Xandros

heri wrote:

Did you also do your test on a laptop ? It would be really interesting to learn how Xandros handles the suspend, hibernate, wifi, etc..

No, sorry, I don't have a modern laptop.

----
You talk the talk, but do you waddle the waddle?

Xandros4

Yes, an excellent review. I purchased the original version1 when first checking-out Linux for which the least expensive edition was at the time, rather expensive at Au$98. In the meantime having tried-out a score of other distros, I have become a devoted PCLinuxOS user which is not only a great "newbie friendly", easy to install and use distro but is also the only distro I've ever found that uses BPALogin to automatically connect me to my ISP Bigpond Cable. Not being adept using the command line, I have been unsuccessful connecting to the internet with RPM distros although I have no problem with Debian distros due to the printed help I received from the now defunct Libranet. I'd be very surprised if Xandros had a similar facility to PCLinuxOS!

Activation

Good to see that you mentioned the new product activation, as there is not a lot of documentation about this available on Xandros's website at the moment.

The way this works is that Xandros Networks, the updating tool that is needed to download criticial product and security updates, is set as disabled out of the box, and you cannot enable it and use it until you activate your product. You can still get updates via regular apt-get or synaptic and using debian sources, but you run the risk of breaking your system, especially proprietary Xandros-specific apps which only they can update safely through Xandros Networks. So, Xandros Networks is pretty crucial to maintaining an up-to-date system unless you really know what you're doing with other methods. And Xandros Networks is crippled without activation.

The actual activation process is fairly painless - register at the Xandros site, punch in your serial number, they send you a code, you then punch that in to unlock Xandros Networks. The code is only valid for ten activations, and you must re-activate (i.e. use up one activation) on each new install, be it a new machine or the same machine. After ten activations, you will no longer be able to activate the product until you contact Xandros Support and assure them that you are a legitimate user. It's up to them, then, whether they believe you and grant you further activation codes.

I am intrigued to see how people will take to this new feature in Xandros. On the Xandros Forums there is a lot of debate, with many against and many defending it. Thinking of Windows users, they mostly consider trying Linux because they are tired of certain things in Windows, primarily all the viruses and spyware and then things like product activation and "Windows Genuine Advantage". Imagine their reaction when they boot up their fresh Xandros installation and are greeted with a first-run wizard that tells them they have to ... activate their product! And then once that's done, the new Xandros security centre starts nagging them about virus protection and the like. I wouldn't be surprised if they said to themselves, "So, what did we leave Windows for if Linux contains exactly the same nonsense? And look, we can't even do certain things now like play streaming Quicktime media!"

I question whether this was a smart move by Xandros, especially labelling it "activation", which carries so many connotations from its use in the Microsoft world.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Leftovers: BSD

Security Leftovers

  • Stop using SHA1 encryption: It’s now completely unsafe, Google proves
    Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm's use for security-sensitive functions should be discontinued as soon as possible. SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made. However, despite these efforts to phase out the use of SHA-1 in some areas, the algorithm is still fairly widely used to validate credit card transactions, electronic documents, email PGP/GPG signatures, open-source software repositories, backups and software updates.
  • on pgp
    First and foremost I have to pay respect to PGP, it was an important weapon in the first cryptowar. It has helped many whistleblowers and dissidents. It is software with quite interesting history, if all the cryptograms could tell... PGP is also deeply misunderstood, it is a highly successful political tool. It was essential in getting crypto out to the people. In my view PGP is not dead, it's just old and misunderstood and needs to be retired in honor. However the world has changed from the internet happy times of the '90s, from a passive adversary to many active ones - with cheap commercially available malware as turn-key-solutions, intrusive apps, malware, NSLs, gag orders, etc.
  • Cloudflare’s Cloudbleed is the worst privacy leak in recent Internet history
    Cloudflare revealed today that, for months, all of its protected websites were potentially leaking private information across the Internet. Specifically, Cloudflare’s reverse proxies were dumping uninitialized memory; that is to say, bleeding private data. The issue, termed Cloudbleed by some (but not its discoverer Tavis Ormandy of Google Project Zero), is the greatest privacy leak of 2017 and the year has just started. For months, since 2016-09-22 by their own admission, CloudFlare has been leaking private information through Cloudbleed. Basically, random data from random sites (again, it’s worth mentioning that every site that used CloudFlare in the last half year should be considered to having fallen victim to this) would be randomly distributed across the open Internet, and then indefinitely cached along the way.
  • Serious Cloudflare bug exposed a potpourri of secret customer data
    Cloudflare, a service that helps optimize the security and performance of more than 5.5 million websites, warned customers today that a recently fixed software bug exposed a range of sensitive information that could have included passwords and cookies and tokens used to authenticate users. A combination of factors made the bug particularly severe. First, the leakage may have been active since September 22, nearly five months before it was discovered, although the greatest period of impact was from February 13 and February 18. Second, some of the highly sensitive data that was leaked was cached by Google and other search engines. The result was that for the entire time the bug was active, hackers had the ability to access the data in real-time by making Web requests to affected websites and to access some of the leaked data later by crafting queries on search engines. "The bug was serious because the leaked memory could contain private information and because it had been cached by search engines," Cloudflare CTO John Graham-Cumming wrote in a blog post published Thursday. "We are disclosing this problem now as we are satisfied that search engine caches have now been cleared of sensitive information. We have also not discovered any evidence of malicious exploits of the bug or other reports of its existence."

Security Leftovers

  • Change all the passwords (again)
    Looks like it is time to change all the passwords again. There’s a tiny little flaw in a CDN used … everywhere, it seems.
  • Today's leading causes of DDoS attacks [Ed: The so-called 'Internet of things' (crappy devices with identical passwords) is a mess; programmers to blame, not Linux]
    Of the most recent mega 100Gbps attacks in the last quarter, most of them were directly attributed to the Mirai botnet. The Mirai botnet works by exploiting the weak security on many Internet of Things (IoT) devices. The program finds its victims by constantly scanning the internet for IoT devices, which use factory default or hard-coded usernames and passwords.
  • How to Set Up An SSL Certificate on Your Website [via "Steps To Secure Your Website With An SSL Certificate"]
  • SHA-1 is dead, long live SHA-1!
    Unless you’ve been living under a rock, you heard that some researchers managed to create a SHA-1 collision. The short story as to why this matters is the whole purpose of a hashing algorithm is to make it impossible to generate collisions on purpose. Unfortunately though impossible things are usually also impossible so in reality we just make sure it’s really really hard to generate a collision. Thanks to Moore’s Law, hard things don’t stay hard forever. This is why MD5 had to go live on a farm out in the country, and we’re not allowed to see it anymore … because it’s having too much fun. SHA-1 will get to join it soon.
  • SHA1 collision via ASCII art
    Happy SHA1 collision day everybody! If you extract the differences between the good.pdf and bad.pdf attached to the paper, you'll find it all comes down to a small ~128 byte chunk of random-looking binary data that varies between the files.
  • PayThink Knowledge is power in fighting new Android attack bot
    Android users and apps have become a major part of payments and financial services, carrying an increased risk for web crime. It is estimated that there are 107.7 million Android Smartphone users in the U.S. who have downloaded more than 65 million apps from the Google App Store, and each one of them represents a smorgasbord of opportunity for hackers to steal user credentials and other information.
  • Red Hat: 'use after free' vulnerability found in Linux kernel's DCCP protocol IPV6 implementation
    Red Hat Product Security has published details of an "important" security vulnerability in the Linux kernel. The IPv6 implementation of the DCCP protocol means that it is possible for a local, unprivileged user to alter kernel memory and escalate their privileges. Known as the "use-after-free" flaw, CVE-2017-6074 affects a number of Red Hat products including Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7 and Red Hat Openshift Online v2. Mitigating factors include the requirement for a potential attacker to have access to a local account on a machine, and for IPV6 to be enabled, but it is still something that will be of concern to Linux users. Describing the vulnerability, Red Hat says: "This flaw allows an attacker with an account on the local system to potentially elevate privileges. This class of flaw is commonly referred to as UAF (Use After Free.) Flaws of this nature are generally exploited by exercising a code path that accesses memory via a pointer that no longer references an in use allocation due to an earlier free() operation. In this specific issue, the flaw exists in the DCCP networking code and can be reached by a malicious actor with sufficient access to initiate a DCCP network connection on any local interface. Successful exploitation may result in crashing of the host kernel, potential execution of code in the context of the host kernel or other escalation of privilege by modifying kernel memory structures."

Android Leftovers