Linux, XP, and my old PC

Linux, XP, and my old PC

Summary: My loyal commenters keep telling me I should give up on Windows and switch to Linux. I'm trying, I'm trying! For my latest attempt, I added some inexpensive hardware upgrades to a Y2K-era notebook, blew away Windows Me, and set it up to dual-boot Windows XP and Ubuntu Linux. Guess which one I'm using now?

SHARE:
TOPICS: Wi-Fi
244
Three weeks ago I reported on my experiences when I tried to install and use Ubuntu Linux. The reaction to that thread was mixed, with a fair number of commenters complaining that the VMWare test bed I chose wasn’t typical of what an average PC user would use.

Fair enough. To deal with that criticism, I put together two hardware test beds that are representative of what the world at large is likely to be using. One is a six-year-old HP 5135 notebook that had been running Windows Me. The other is a year-old Shuttle small-form-factor PC stuffed with industry-standard components. The newer machine has been a rock-solid performer for me, running Windows XP Media Center Edition 2005 day in and day out with hardly a hiccup. As for that Y2K-era notebook, it made the cut because I think no sensible person should run Windows Me, especially now that Microsoft no longer offers security updates for that OS. The question at hand is whether an upgrade to Windows XP makes sense, or whether it’s smarter to switch to Linux.

In today’s post, I’ll describe my surprising experiences with that old notebook. Next week I’ll tell the story of how the newer, more powerful desktop machine held up.

A client gave me this notebook more than a year ago when I helped him upgrade to a newer model, and I had only powered it up once, just long enough to transfer the data to hisnew machine and then erase any confidential files. So I was pleased to see that it booted right up. A quick check of the system properties revealed that this machine was seriously underpowered. It was limping along on 64MB of RAM, its hard drive was a puny 5GB in size, and even in its day the 533MHz Celeron processor hadn’t set any speed records.

Just for grins, I tried running the live CDs of Ubuntu 6.0.6 and Linspire. Neither one would get past the opening screens, complaining that there wasn’t enough memory. I was able to get Damn Small Linux to run off a CD, but that wasn’t an acceptable solution in the long term.

As it turned out, I was able to buy two 128MB memory sticks – enough to upgrade the machine to its maximum capacity of 256MB – for $13.50 each. With shipping, the total came to $36. Some rummaging around my spare parts bin turned up a 40GB notebook drive that I had replaced on another notebook a few years back. It was a perfect replacement – if I had purchased it from the same online merchant that sold me the RAM, it would have run me about $55 with shipping. The total hardware upgrade cost of $80 didn’t seem out of line.

I had an unused OEM copy of Windows XP Professional Edition hanging around; if I had had to purchase the software instead, I would have opted for an OEM copy of Windows XP Home Edition for about $90, bringing the total upgrade cost to $170. Ubuntu Linux is a free download.

First up, I installed Windows XP with Service Pack 2, partitioning the disk into two equal 20GB segments and using the first one for Windows. The install took less than an hour. After getting to a desktop I popped a D-Link CardBus-based wireless network adapter into the PCMCIA slot; it set up with no problems using the drivers from the CD that came in the box. After I had a working Internet connection, I turned on Automatic Updates and downloaded 49 High Priority updates. I then used Windows Update to snag a handful of replacement drivers and some optional updates. Total elapsed time: roughly 2 hours.

I was very pleasantly surprised at how well this machine ran Windows XP. Web pages loaded quickly, there was no noticeable lag when using any of the system tools, and the working set of memory was roughly 130MB, meaning there was plenty of room to run additional programs. As a basic web-surfing-and-email machine, this will do quite nicely.

Would installing Ubuntu Linux be as easy? It helped that I had spent a week or so practicing on a virtual machine and reading how-to articles, and the suggestions from a hundred or so commenters on the previous Talkback thread had given me a crash course in Linux configuration that came in handy here. The Live CD installation was quick and smooth. I was tempted to choose Esperanto as the default language for the OS, but I decided to go with English instead. The install was complete in well under an hour. The only glitch is that the notebook won’t shut down or restart properly under Ubuntu Linux; I have to power-cycle the machine after it finishes shutting down services and OS functions.

After a restart, I was ready to tackle wireless networking. And that’s where the fun stopped. I began in the Networking control panel, where I was happy to see that the system had detected my wireless adapter. But it couldn’t see my access point, and a quick bit of Googling confirmed that I needed to download a whole bunch of packages to get up and running. Catch-22: I needed a network connection to run apt-get, but the notebook didn’t have a built-in Ethernet adapter. I tried downloading packages from ubuntu.com and transferring them to the notebook via a USB flash drive, but each download I tried to install balked, complaining of dependencies and telling me I needed to install several other packages first. After more than an hour of this I gave up and plugged in a USB Ethernet adapter (add $30 to the hardware upgrade cost). Ubuntu recognized the new adapter immediately and I was able to begin installing 100+ security updates and then try to get the wireless adapter working.

The good news? In fairly short order I was able to see the wireless access point from the notebook. The bad news? It still wouldn’t connect, because my access point is configured for WPA encryption, and the networking components I downloaded only support the horribly insecure WEP encryption. I’m not about to lower the security of my wireless network, especially when every other computer on this network is able to use the full-strength encryption.

I spent the better part of an afternoon Googling and reading in search of the secret to getting WPA encryption working on this notebook. Turns out I’m not the only one with this problem (see the tales of woe here and here and here and just try to follow the MEGO-inducing instructions here). This page promised “seven steps to WPA encrypted Wifi with Ubuntu Dapper Drake” but alas, after following the instructions to the letter and rebooting, I got a couple baffling error messages and yet another prompt for a WEP key that results in no network access.

And that’s where it stands. This computer is destined to sit on a desk in a guest room where no wired connection is available, so wireless access is the only option. Windows XP works perfectly; Ubuntu Linux won’t connect to my secure wireless network. It’s no contest.

Maybe I’ll have better luck on my newer desktop machine. Stay tuned.

Topic: Wi-Fi

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

244 comments
Log in or register to join the discussion
  • WEP and WPA

    I can see why you don't want to compromise on the security of your network, but one reason WPA isn't a priority is that it really doesn't make a difference. All of the wireless networks that I use, for instance, are presumed insecure anyway. If I have sensitive traffic to send over them, I use a VPN.

    The only risk to my wireless, for instance, is that some neighbor might "catch a ride" on my broadband. There's a theoretical risk that someone might park out front to send spam or some such, but that's frankly more trouble than it's worth.

    In both cases WEP, though breakable, is good enough to send the "attacker" looking for easier targets. Beyond that, a background log-sniffer doe the trick.

    Should wpasupplicant be standard issue? Yup. However, the distributions don't just toss unproven software in (especially for networking) and at present it doesn't have much milage on it. In large part because, as above, it's not really a big deal.

    Except to people like you. Sorry 'bout that.
    Yagotta B. Kidding
    • Ha ha ha

      OK, here's a gueation. Imagine the circumstances were reversed, and that Windows only supported an old and insecure standard that has been obsolete for more than two years. Meanwhile, the Linux distro supports robust encryption. Would you still be saying, "Oh well, it doesn't really matter anyway"?

      Just sayin'.
      Ed Bott
      • You misunderstand me

        [i]Would you still be saying, "Oh well, it doesn't really matter anyway"?[/i]

        Not a matter of "it doesn't really matter."

        In fact, the post was informative rather than argumentative. Thought you might actually be interested.
        Yagotta B. Kidding
        • I misunderstood, obviously

          I read "it's not really a big deal" and "it really doesn't make a difference" and it's "frankly more trouble than it's worth" and concluded that you were saying WPA encryption "doesn't really matter." Where did I go wrong?
          Ed Bott
          • Itch => Scratch

            [i]Where did I go wrong?[/i]

            All developers have priorities. I was explaining the priorities of the Linux network stack developers. They don't match yours, and as a user yours are the ones that matter in the present instance.

            On the other hand, needs are infinite and resources are finite. I was explaining where the disconnect comes from -- which is not the same as justifying it.

            The same (and, no, I'm not trying to shift attention or start a flamewar) goes for Microsoft's non-implementation of CSS2. It's just not a priority to them; they have bigger fish to fry and even their resources are limited.

            The net result is that, for someone in your situation, there are basically three choices:

            1) Stick with MS for wireless.
            2) Acquire the use of Linux expertise, either through learning or assistance.
            3) Use a network architecture that isn't sensitive to WEP/WPA.

            The computer-clueless could use #3, since they're usually in an "insecure network" situation anyway.

            The adventurous could go with #2 in one form or another.

            The majority will be sticking with #1 if for no other reason than that it's the path or least resistance regardless of their needs, but it also fits someone like you with "power user" needs and a large investment in Microsoft-specific skills and equipment.
            Yagotta B. Kidding
          • Well, OK, I guess...

            Then I guess I just don't understand Ubuntu.

            Their website says their software is designed with "a clear focus on the user and usability (it should 'Just Work', TM) and a commitment to security updates..."

            In my case, even basic, insecure, no-encryption wireless networking didn't "just work." And that "commitment to security updates" ought to extend to a standard that was officially ratified more than two years ago and is universally supported by every piece of networking software and every notebook sold in at least the past 18 months.

            Given that 50+% of all computers sold today, to both businesses and homes, are notebooks, and that WiFi is ubiquitous in home and business networking with notebooks ... given all that, you'd think that the focus on usability and security would move this item a lot higher on the priority stack.

            Like I said, I just don't understand.
            Ed Bott
          • Separate issues

            [i]Their website says their software is designed with "a clear focus on the user and usability (it should 'Just Work', TM) and a commitment to security updates..."[/i]

            That's the plan. See post regarding imperial wardrobes.

            [i]In my case, even basic, insecure, no-encryption wireless networking didn't "just work." [/i]

            It's a problem -- the wireless card vendors don't support Linux, so it's a reverse-engineering job. In fact, the wireless card vendors make it as hard as possible on the grounds that if people knew how to operate their cards they might do Bad Things and the Government would hold the manufacturers responsible.

            Again, just FYI. I'll put in a good word here for Intel, who [b]do[/b] support Linux. Of course, they're getting rid of the wireless group at last word. Rats.

            [i]And that "commitment to security updates" ought to extend to a standard that was officially ratified more than two years ago and is universally supported by every piece of networking software and every notebook sold in at least the past 18 months.[/i]

            Don't overstate the case. "Every piece of wireless software" amounts to: Microsoft Windows XP. Full stop.

            However, to the extent that the device drivers do the encryption you could argue that the list is longer. I'll especially note that there are some chipsets that do the encryption in hardware. Please see above.

            [i]Given that 50+% of all computers sold today, to both businesses and homes, are notebooks, and that WiFi is ubiquitous in home and business networking with notebooks ... given all that, you'd think that the focus on usability and security would move this item a lot higher on the priority stack.[/i]

            Makes sense to me. Be nice if the manufacturers would at least cooperate, though.
            Yagotta B. Kidding
          • Sorry, meant to say...

            "Every piece of networking <em>hardware</em>," not software.
            Ed Bott
          • Hardware support

            See comment below on hardware support, esp. for wireless cards.

            It sucks. I know some very good people working on the problems, so don't think it's for lack of trying. What's more, it's not a problem that throwing bodies at can solve since the job is one of the toughest around -- you need [i]good[/i] people on it.

            They're in the position of white-hat crackers. They're not only not getting the support that a hardware vendor normally gives to people trying to support their products, they're working against active opposition. Personally, I'm impressed with what they've managed to accomplish.

            In the mean time, however ...
            Yagotta B. Kidding
          • What you are coming up against Ed...

            ...is the #1 problem with Linux / open source development:

            FOSS developers develop what THEY want, not what the COMMUNITY wants.

            Look at any major Linux distribution's community forums and it is the same old question - Why won't anyone support brand x, feature y?, and the simple answer is that things get developed for FOSS because someone needed it at one point in time and decided to create a hack for it. That hack then gets worked upon until there is a group of developers working on it.

            Now, regarding the actual problem ;-) Did you try [url=http://hostap.epitest.fi/wpa_supplicant/]looking here[/url] for an answer to your problem? Also there is a $$$ version of a Linux WLAN driver [url=http://www.linuxant.com/driverloader/]here[/url] but, as I do not know what model of card you have, I cannot guarantee whether this will be of any help to you.

            I understand what Yagotta B. Kidding is trying to say, but this thinking / style of development is the precise reason that Linux will never succeed fully in the desktop arena. If the developers are not interested in the "joe public" type of ex-windows users, then Linux will surely fail.
            Scrat
    • So WPA is as insecure as WEP?

      This isn't my understanding from what I've read. Do you know different? I understand what you're saying about most instances hackers will go for easier pickings, but I imagine there are some who won't want to take that chance, particularly businesses if they have a wireless LAN set up. Even some contractors might feel iffy about it if they telecommute and may be transferring sensitive information wirelessly, though I agree a VPN is better.

      I use WEP myself, because I haven't been able to get WPA to work reliably, on WinXP. I got my laptop a couple years ago. I can set it up to use WPA, but every once in a while the connection drops out and it's difficult to get back without doing a soft reset on the router. I figure maybe my network adapter is a little too old for it.
      Mark Miller
      • Locks on Doors and Windows

        The thing to understand is that security is only good up to the point where an attacker moves on to another mode of attack.

        WEP can be cracked by someone sitting outside the building, if they want to bother. If the only traffic on your wireless network is Internet traffic anyway, it's not worth the trouble to crack that -- or, if it is, not worth sweating for you.

        [i]I imagine there are some who won't want to take that chance, particularly businesses if they have a wireless LAN set up.[/i]

        There are plenty of attacks against a wireless LAN that don't involve cracking the encryption. It's often easier to just get one of the keys from an employee, for instance. That's one reason why a VPN approach makes more sense for sensitive traffic regardless of how good WPA might be (and please note that it can also be cracked -- it's just a question of whether it's worth the considerably greater trouble involved.)

        For most home users WEP is fine -- unless you're running a home network with sensitive data on it unsecured by anything other than the network encryption.
        Yagotta B. Kidding
        • I think you mis-read the question

          which was:

          [i]"IS WPA AS INSECURE AS WEP?"[/i]

          which of course the answer is no, but you don't want to admit that because you are embarressed that Linux doesn't support WPA very well.

          BTW I agree with you that the application is important, but that was not the question ;-)
          Scrat
      • Latest firmware?

        XP w/ SP2 supports WPA without problems.

        You should check that you have the latest firmware in your router and the latest driver for your card.

        And yes, there is a big difference in the security provided by WPA vs. WEP.
        sylerner
        • Checked it

          I have XP SP2. I've checked for the latest drivers for my wireless adapter, from Intel. I tried upgrading the firmware of my Linksys router, but that caused other problems. I don't remember, but WPA may have worked better afterwards. A problem that made the upgrade intolerable though was every time I tried to stream video over it, it crashed the router! So I rolled back the firmware upgrade...
          Mark Miller
    • Typical response to a missing Linux feature.

      1) It is not important.
      2) There is a work arround
      3) Your to dumb to figure it out

      That is why Linux is not ready for the desktop and at least in this case less secure then Windows.
      ShadeTree
      • ...or integrating hetergenous networks

        With the VPN solution, he can tunnel over wireless, or with a simple port forward on the router it works as well over the internet - a secure connection to your local network can be a convenience when you are at starbucks, the in-laws, or at work and want to have some extra security for the snooping boss.

        A WPA solution is great for a local connection but can't help on the internet - and your argument will be "I have no need for that, I only care about wireless".
        ~doolittle~
    • just run in access point only, on a dedicated nic

      That worked for me, so I have no worries if some script kiddie breaks my WEP, they only see tunneled ssh and OpenVPN traffic - so that should keep them busy for a while, especially w/o routing things will get boring quick.
      ~doolittle~
  • More Secure

    You see, linux really is more secure. In you current configuration you cannot get worms, or virus, or accidently reveil any private information.
    tyrax
    • Don't be silly

      [i]In you current configuration you cannot get worms, or virus, or accidently reveil any private information.[/i]

      Of course he could. Assume, for instance, that he cut back to WEP and used SAMBA from the notebook to access his private files on one of the other network machines.

      Sending data in the clear isn't a bright move regardless. The choice of WEP vs. WPA is a network architecture decision, and for his network WPA really is a better choice. For me, there's no benefit. For $EMPLOYER, neither would be sufficient. For a hotspot, no encryption at all makes sense.

      It all comes down to network requirements. Don't get too proud.
      Yagotta B. Kidding