Automatix 'Actively Dangerous' to Ubuntu 284
exeme writes "Ubuntu developer Matthew Garrett has recently analyzed famed Ubuntu illegal software installer Automatix, and found it to be actively dangerous to Ubuntu desktop systems. In a detailed report which only took Garrett a couple of hours he found many serious, show-stopper bugs and concluded that Ubuntu could not officially support Automatix in its current state. Garrett also goes on to say that simple Debian packages could provide all of the functionality of Automatix without any of the problems it exhibits."
I think it screws up when upgrading. (Score:5, Interesting)
But I noticed that all the Ubuntu distros, which it is installed upon, get a range of problems with upgrading to the next release of Ubuntu.
Automatix is not as necessary as it once one, codecs are done by Ubuntu itself in the meantime - Automatix was good two years back when it was a PITA to get DVDs and mp3s to play without editing files and going crazy on the command line.
It still is nice to use to install some programs like virtualbox, but the problems it causes are not worth it.
Re:I think it screws up when upgrading. (Score:3, Interesting)
Re:I think it screws up when upgrading. (Score:5, Interesting)
Re:I think it screws up when upgrading. (Score:2, Interesting)
Then again there are plenty of Linux distributions that play MP3s on a fresh install, my personal favorite being Linux Mint [linuxmint.com] which is a reworked Ubuntu distro with non-free software included by default.
Re:Illegal? (Score:5, Interesting)
As TFA points out, it also gives dubious legal advice. Downloading MP3 codecs or Win32 codecs is far from a crime in the United States. For example, for the Microsoft-created codecs like WMA or WMV, Microsoft only requests that you have a Windows license in order to download them, but does nothing to prevent you from downloading them (WGA checks are not required, for instance.) It could be argued that as long as one has a valid Windows license, using them on Linux is not illegal. As for MP3 or other patent-encumbered codecs, it is a violation of patent law to distribute such codecs. Whether it is a violation of patent law to use or download these codecs without paying a license is a legal gray area.
OTOH, downloading libdvdcss may, in fact, be a violation of the DMCA.
Note that I'm not a lawyer, and if you're looking for legal advice, go pay one.
Re:Illegal? (Score:4, Interesting)
Re:Illegal? (Score:5, Interesting)
Re:What about EasyUbuntu? (Score:3, Interesting)
The ideal solution would add universe and multiverse and then grab everything from there, w32codecs be damned (or installed a la EasyUbuntu. I'm thinking about writing something that does just that.
how bout making dist-upgrade work right... (Score:3, Interesting)
I've been running Ubuntu since Hoary, and while i can usually upgrade to new versions using apt dist-upgrade or the ubuntu-supplied upgrade-manager, it has never worked flawlessly. and always required manual searching of the forums and config-editing to get things working again. With the lastest 2 upgrades, Dapper->Edgy made my system unusable after boot due to X problems, and Edgy-> Feisty broke my virtual consoles.
If Canonical themselves can't make an update system that works, how do they expect Automatix to do it?
Re:Could someone clarify why it is illegal? (Score:3, Interesting)
Re:I think it screws up when upgrading. (Score:3, Interesting)
Re:Illegal? (Score:3, Interesting)
It is a shame that those with the ability to make correct, safe software installers and those with the inclination to make souht-after-but-problematic-software installers are two seperate camps.
Personally I do not like Automatix anyway, from experience trying to help those in IRC for whom these problems have surfaced, but for the most part its functionality seems to be that of an extremely limited package installer, ie. a vast amount of the stuff it installs (Java, Flash, MP3/etc. codecs, media player browser plugins, etc.) can be found in Synaptic or the Add/Remove tool along with thousands of other packages, Automatix just limits the selection to the most popular ones, along with some third-party unpackaged software (the installation and removal of which seems to be the main cause of its problems). I can't help feeling, however, that if people actually want to install a Java VM or multimedia codecs then looking for them in Applications>Add/Remove is very straightforward, whereas Automatix gives such a small selection that users of it would end up installing stuff they might not need or want simply because it is there for free so they might as well. If they spent their time in the Add/Remove tool doing this then they might end up finding better quality, better integrated, better supported software for a much broader range of things, but of course that might end up *shock horror* introducing people to new software which doesn't pay whatever company dominates that particular field.
Re:Why? (Score:3, Interesting)
Some things not so benign. (Score:3, Interesting)
What, he's never heard of a symlink attack [google.com]?