You're welcome You caught me on a morning where I was feeling at peace with the universe, I guess. I've been known to be snarkier

It's really just the classic thing about not having time for everything :/ We could throw a checklist item for 'does it boot in VirtualBox' onto the test list, but realistically speaking, we probably wouldn't be taking a lot of time to make sure everything works perfectly. For the record - I work on the Fedora QA team. At a rough estimate, we test about 0.01% of all the stuff I *wish* we tested. Because we have ~10 staff and ~100 volunteers, rather than ~1000 staff and ~100000 volunteers like I wish we had.

So there's one very important thing I forgot to mention here, just to make sure you assign all the credit appropriately - the installer design *is* a Fedora thing. That's 100% our installer. You would see a completely different installer in SUSE or any other distro. Ours *is* probably the most unusual of the mainline distro installers. Some people love it, some people hate it. That's life. The others still broadly use the step-by-step-wizard model (which is what Fedora and RHEL used prior to Fedora 18 and RHEL 7, where this new UI was introduced).

The reason for this design is that not all the spokes are mandatory. Most people don't actually have to change their network settings, or their keyboard layout. Many accept the default package set.

In the really radical original implementation, you didn't have to visit *any* of the spokes at all in order to complete an install. If there was only one disk attached to your system, you could just boot the installer, pick a language, then click Start Installation and it'd install with default settings into whatever free space was available on the disk.

Radical designs have a way of getting the edges sanded off, however, and it turned out this really freaked people out. Turns out if you don't force people through a step where we basically say 'yes, we know there's other stuff on your hard disk, don't worry, we're not going to wipe it' they'll kinda assume you're just going to eat the entire disk and wipe whatever else was there. So now we force everyone to complete at least the 'INSTALLATION DESTINATION' spoke. That's still the only spoke on the pre-install hub that's always mandatory, though: you can usually complete an install without visiting any of the others (and I frequently do, for testing). On the during-install hub, you have to *either* set a root password *or* create an admin user. Those are the only mandatory steps.

It *is* a bit of an uphill slog trying to explain all this over and over, especially when we are (as I mentioned) still an outlier. Working on Fedora's installer is also complicated by the fact that, as the upstream for RHEL's installer, it's kinda required to have a whole bunch of rather complex and exotic capabilities that 99% of Fedora users don't use, or even see.

Again, just to emphasize here, this one is not GNOME's fault, but ours. =) The button placement is a specific design element of the installer, not a GNOME stock thing. As I said, it is something that comes up for consideration for re-designing every so often (you're not the first person with the same complaint), but I'm not sure what the current status of this is.

Yeah, it's just a grey button. This isn't, I think, any specific attempt to 'trick' you, though, it's just kinda how gnome-initial-setup (that's the tool in question) is set up. The 'Next' buttons are given a blue background to make them pop, but the 'Skip' buttons are just standard grey buttons. It's the same for every step in the tool which has a skip button. I'm not sure if GNOME folks consider this an issue, it'd be worth filing a report on just to see what they think. GNOME isn't trying to monetize your accounts in any way, I know that much for sure It doesn't use any of the information for its own purposes or get paid by Facebook or Google for you entering the information, or anything. It's just a nice handy feature that integrates access to specific features from those services into the desktop if you want it (and it does work with stuff like ownCloud as well as proprietary services).

This is a very interesting question and topic. Frankly, I'd say the answer is that for a couple of those topics, the Linux desktop (again, on mainline distros, I haven't checked more unusual ones like Tails) just *isn't* terribly secure, no.

One interesting example here is that X11 is a huge security fail by default: any X app running in any X session can access all kinds of information about any *other* X app running in the same X session and there's just nothing much you can do about that, it's inherent to X's entire design. This is one of the major reasons we want Wayland in the first place - it solves that problem. So in a sense, Fedora 25 is a big step forward here. There's still an awful lot to work on.

I'd say Fedora satisifies your points 1, 2, 3 and 4 pretty well. Point 5, though, no, not really. As you say, I'm not sure any desktop operating system does that.

I guess the way I'd put it is that 'security' is a very complex concept and I'm generally suspicious of any claim that *anything* as large and complicated as an operating system is fundamentally 'more secure' than anything else in the same category.

The basic argument that Linux is 'more secure' hinges on a few things:

1) Some stuff that's kinda not terribly valid any more. Like how IE, Outlook and Office used to be absolute security disasters and the Linux equivalents were fundamentally more securely designed. This is really just no longer true, but the thought hangs around.

2) The fact that software from random third parties is just generally rarer and less widely used by desktop Linux users. This is the point I noted in my original message. It still does hold true, to a reasonable extent. If you stick to the 'old-school' system of only using F/OSS applications provided through distribution repositories, this *does* provide a meaningful enhancement to overall 'security' in some senses. It's in absolutely no way a 'perfect' system, though. For a start perfect security is impossible, and for a second thing, while the F/OSS development model does provide some help with inadvertent security issues and a decent measure of protection against actively malicious software, it's not perfect in either case.

3) Some specific elements of OS design like user privilege separation (which used to basically not exist on Windows especially; it now does but people are still kinda used to running all sorts of stuff 'as administrator') and systems like AppArmor and SELinux.

There is definitely a stronger argument that Linux as a *server* environment, with specific widely-followed usage patterns, is a reasonably secure environment than there is an argument that desktop Linux is a reasonably secure environment, however precisely you want to define 'secure' (again, this is a difficult thing to do in itself). I personally just would not consider any computer to be fundamentally secure, *especially* for desktop tasks. I don't put anything particularly sensitive on any computer (including cellphones) without taking specific steps to isolate and encrypt it. I think if you talk to anyone who's really seriously thought about security (including anyone who actually *works* on OS security - look up Josh Bressers, he's one of our security folks), they'd tell you the same thing. The more you think about it, the more you realize:

i) It's incredibly hard
ii) Everyone's fundamentally awful at it
iii) No computer is secure

I can't resist pointing out, though, that you have no way at all to know that what your 'proprietary firewall' is showing you is the truth. You might choose to believe it is, and trust the people who made it, but fundamentally you can't know.

Well, there are other ways to do that. You can bookmark folders and files so they show up in the sidebar of the file picker, for instance. Personally I never got the whole 'throw everything on the desktop' approach, though I know it's popular - it seems incredibly messy to me, because I always have apps running and I don't want to have to move them around, 'minimize' them or use some hacky global 'temporarily hide all windows so I can see my desktop' button to find something on the desktop. But it's entirely an issue of personal taste.

It's supposed to happen very fast, yeah. You can actually turn off animations in GNOME, meaning that when the hardware is capable, the overview appears pretty much instantly. On my desktop it appears in about half a second. You can trigger it with the 'Start' key, it doesn't need any clicks, so to me it's kinda equivalent to having to minimize apps or click a button or press a key to 'hide all apps' so you can see the desktop, with the bonus that in the overview you can still see shrunk-down versions of all your app windows (these are live, so you can actually see stuff changing in them - that's why it's called the Overview).

I have a particular bugbear about "forced to do a thing only one way", so allow me to rant for a minute:

Software is *always* 'forcing' you to do things in certain ways. I mean, that's the whole point of software. If you don't want to be 'forced' to do things in certain ways, you can start from a breadboard and build things up from scratch to work exactly how you want them to. The entire job of any person who writes any piece of software is to say "OK, I want to design a system to achieve <some task> so that every other person in the world doesn't have to make their own decisions about precisely how to achieve <some task> and design it themselves." From the first line of code onwards, as a developer, you're constantly making decisions about how the software is going to work.

You say you were a web developer - well, you did this all the time. You made decisions about how the site would display stuff to the reader, you didn't give the reader infinite choice about that. You made decisions probably about how the site would store data and what data it would store, which have inevitable consequences for the reader, but you didn't give the reader infinite choice about that. Etc, etc.

To put it another way, if you took the philosophy of making software 'configurable' to its logical extreme, you wouldn't ever ship anyone a piece of software: you'd just give them an empty document and say "there you go, open it up in a text editor and write it however you want it to work. It's so flexible!"

Of course, if you take the opposite philosophy to its extreme, you don't ship people apps (or a computer) at all, you just tell them "I decided what you wanted to do and did it for you already". It's like being Apple! (rimshot please)

Basically what I'm saying is, absolutely all software falls in a pretty narrow area of a very wide spectrum. If you think about all the ways you theoretically could do something in any app, but which the app does not actually let you do, that list is essentially infinite. Why can't I rearrange all the buttons in my text editor, just because I want to? Why can't I make the text flow top to bottom, or bottom to top, or round in little circles? (Well, unless my editor is emacs, in which case I can probably do all of that...) Etc etc etc. It's kind of silly to 'complain' about software making choices for you about how to get the task done, because this is *fundamentally what software is for*.

So basically I'd say this: if you don't like the choices the designers of a particular piece of software made about how its users should use it to achieve the task it's meant for, then hey, that's entirely your right. It sounds like you don't like GNOME. Okay! That's fine. By all means, use something else. If you care deeply about it, you can even talk constructively to its designers about the decisions they made. But I personally think that basing your arguments on the premise that 'you're forcing me to do things a certain way and that's bad!' is a) silly and b) unlikely to get you anywhere.

If it just 'powered off' instantly then you almost certainly hit a suspend button, yes. There is no 'instant poweroff' button, all the buttons that actually power the system down show a confirmatory dialog before doing it (with a timeout so if you do nothing at all for a while, the system will power down).

Suspend does work fine on most systems, these days. I use it all the time on my desktop and my laptops, and sometimes in VMs. Hibernate is still a disaster area, though.

GNOME actually has rather a lot of good documentation, that explains a lot of what I wrote. A lot of the behind-the-scenes design thinking is documented in the GNOME wiki, too. It just seems that for whatever reason, people mostly don't read it...

Just a quick correction - the core performance-critical bits aren't written in JS, they're written in C. GTK+ is C, the Shell itself is C, mutter is C, etc. Some (not all) GNOME *apps* are written in JS.

I think 'minimalistic' is a *bit* simplified, but as simplifications go it's not a bad one. No, it's not intended for use on 'embedded devices' or anything like that. He means 'minimalistic' in the sense of design philosophy, not resource use; GNOME is a relatively resource-heavy desktop like KDE or Cinnamon, it's not intended as a 'light' one in the sense of 'low resource use'. (Though these days it's the web browser that eats most of your RAM and CPU time on the desktop anyway, so which desktop environment you use is relatively less important).

It's just, some people think that's a good way to build a desktop. Not just the developers, but users too. Not everyone does, and that's fine. But personally I use an almost completely stock GNOME desktop (I don't run any extensions, I just tweak a couple of slightly-hidden settings to get stuff like 'date always shown as well as time') and I really like it. I personally hate dealing with desktops like KDE that have a button for everything, because I never know if I'm doing things the 'right' way, and as a QA guy, I know damn well that having twice as many codepaths means you have twice as many bugs. Testing KDE is a nightmare and I hate it. We have one test case which is basically 'run everything you can find and check it works'. On GNOME that test case takes me ~2 hours; on KDE it takes a whole afternoon and I still skip a bunch of stuff because there's just no time to check *everything*. A couple of years ago I did a deep dive into KDE's control panel and found that it contains several controls that literally do *nothing at all*. Like a control for xkb's 'physical keyboard geometry' setting, which is used for absolutely nothing besides rendering keyboard layout illustrations...but KDE has its own code for that which ignored the setting. Stuff like that gets right up my left nostril. But we're all different people! You like KDE and I like GNOME, and that's fine. Just illustrating the point that, while it's not what *you* want, GNOME actually is what some of us want.

The 'Videos', 'Music', 'Pictures' etc. directories are actually part of a cross-desktop project:



they're intended to be relocatable. As well as that page, Arch has a nice write-up:



in theory you can tell the desktop that your 'video' folder is, in fact, /mnt/somewhereelse/videos if you like. I don't know how well that works these days, as I don't do it myself. But of course, the GNOME video player *can* play files from anywhere else. It just defaults to looking in the XDG 'Videos' folder, and the GNOME screen recorder defaults to saving there, for e.g.

I was tempted to install it over bare metal on my desktop. Yesterday I downloaded it. On the first try it tryed to push me an .exe file (wtf?), maybe because I was using Firefox on Windows. Finally I downloaded the ISO file and installed it as a VM on VirtualBox 5.1.10. Then I discovered that VBox 5.1.10 add-ons does not support that Xorg version (too much recent !). I think I won´t install it over bare metal (AMD Radeon 7800 HD) because I don't know if (and how)I will be able to switch back to Xorg from LIGHTDM in case of problems. (I don't use GNOME 3 or GDM at all, for me they are heavily counter-intuitive, I always put MATE on Fedora). I will remain using F24.

Gnome on Wayland doesn't support icons on desktop. Oh my God, come on boys...

You won't get Wayland in the first place, if you use MATE. Only the Workstation GNOME session is set to use Wayland by default. If you just install the MATE live image, it'll be X all the way.

Yes, we changed to making Fedora Media Writer the default download. See https://fedoraproject.org/wiki/Chang...ryDownloadable for more details. This really makes a lot of sense: almost no-one writes to optical discs any more, everyone writes to USB, but to most people the path from ISO file to USB stick is not at all obvious. Making FMW the default download makes it very easy. The direct ISO downloads are still available if you're attaching to a VM, actually writing an optical disc, or just want to use a different tool to write the USB stick, but we want to encourage people in the right direction for the most common case. We especially don't want people writing the stick with a third-party tool that doesn't do it properly and then being sad because it doesn't boot.