Preferd apps for a "fat" Puppy

[bark_bark_bark]

GIMP has too big of an interface. We need something better.

LibreOffice is great, We can slim it down by removing kde stuff from it.

Seamonkey for sure

A fast DE that support multi monitors with an extended desktop (rather than just cloning it) would be nice. MATE fills this requirement.

GNOME-MPlayer/Gecko-mediaplayer for sure. VLC is great, but streaming in a web browser with it is a nightmare.

qbittorrent is my preferred bt client, but it uses qt (and a fat puppy shouldn't use qt anywhere). Transmission is an okay alternative.

[gcmartin]

Puppy Linux continues to mature. I'm not sure that I would agree with the JAVA comment. For nondevelopers and developers, alike, users experienced or new, JAVA is a simple subsystem that brings much needed crossplatform uses.

As our future unfolds, the computer industry, whether Apple, Microsoft, Intel, Google, Sun, IBM, smartPhone, smartTablet, smart Device, Unix, Linux, whatever; JAVA allows any developer to develop a subsystem for our use on any one platform, and for users to be able to use it on any other platform.

JAVA has its place in Puppy Linux, as so many new users are coming to Puppyland with all types of new configurations and needs where PUPs can be deployed to take advantage and provide useful services.

Let's not be missing the usefulness that it has and continues to provide us.

[ThoriumBlvd]

Do you mean JavaScript? Thats fairly well standard. LO4 uses the full JRE/JDK environment. Thats rather bulky, and browsers are moving away from it. "Popular" websites like POGO use Java Language, and as of now most modern FF browsers make it next to impossible to play games there. I know that in Slack55-XL the Java/LO4 pairing consume A LOT of space... IIRC about 630Mb/2.2Gb fully inflated.

[gcmartin]

There were 2 distros, not mentioned here, which have addressed all of what this thread brings to light by all commenters, above. The following 2 provide these out of the box (OOTB) with NO NEED TO INSTALL anything from the PPM. They are:

• PhatSlacko (32bit PCs)
• LightHouse Mariner version (64bit PCs)

These 2 are in addition to the work shared in this thread's opening post of Puppy Slacko 5.5 XL

LightHouse, in particular, provides FM facilities which bring visual "Tree" usage as a part of dealing with filesystem folders.

Here to help

[gcmartin]

Do you mean JavaScript? ...

The issue of space only really relates to download sizes. But, what JAVA contributes is the ability for crossplatorm application use which allows Puppy to be the central or the bridge to apps that run everywhere. JAVA is more of an OS subsystem with the services it provides rather than a browser implementation.

BTW, which websites are you referring? There is a movement in HTML use. The handhelp/smartDevices/smartCars/etc market, which is what many websites address in their mobile implementations all know that Apple, Microsoft, and Android are JAVA platforms. You may have seen some references that speak otherwise. I may have missed that industry direction.

In any event, we are offering ideas for developers to consider as they move us forward into the Puppy Linux future.

[bark_bark_bark]

Java and Javascript are bad. Java attracts malware and JavaScript can track you and even deliver malicious code.

[gcmartin]

Hi @Bark_bark_bark

If JAVA is not a port based subsystem, how could it attract?

... Java attracts malware ...

Just curious on this idea you share.

[James C]

Java-based malware driving DDoS botnet infects Windows, Mac, Linux devices

http://arstechnica.com/security/2014/01 ... x-devices/

Researchers have uncovered a piece of botnet malware that is capable of infecting computers running Windows, Mac OS X, and Linux that have Oracle's Java software framework installed.

http://siliconangle.com/blog/2014/01/29 ... x-systems/

Java 'Icefog' Malware Variant Infects US Businesses

http://www.darkreading.com/attacks-and- ... id/1113451

Beware Java-based malware that's been used to exploit at least three US-based organizations.

That warning of a new advanced persistent threat (APT) attack campaign came via Kaspersky Lab, which said that it's traced a malicious Java archive (a.k.a. JAR) file to eight infected systems inside three US-based organizations, which it declined to name. "Based on the IP address, one of the victims was identified as a very large American independent oil and gas corporation, with operations in many other countries," Kaspersky Lab researchers Costin Raiu, Vitaly Kamluk, and Igor Soumenkov said in a joint blog post Tuesday. "As of today, all victims have been notified about the infections. Two of the victims have removed it already."

Java-based malware turns Mac, Linux machines into zombies

http://www.gmanetwork.com/news/story/34 ... to-zombies

The choice of Java in this case does make the malware piece more modern. Java is multiplatform and therefore will allow the malware to run on more platforms. It may also use the fact that hackers are very focused on Java now for vulnerability research, so there is a likelihood that the malware can evolve with new ways to exploit and onboard a system,

[gcmartin]

My posting, here is removed. Discussion retracted as it invites debates.

The ideas presented suggest that since more systems run JAVA,this could be a vehicle used as an attack surface across all platforms which use JAVA. So, in order for one to be attacked, one MUST download and run some malicious JAVA app.

JAVA is an environment; not a program. I wonder, that since JAVA is a present, does that mean that it is dangerous. If you are NOT running the malicious JAVA app which you download, it cannot attack. Is this is a good view?

Every Android/Apple phone on the planet has JAVA. Without the malicious code, how could they be attacked. You/I must download, I would guess. If that is the case, we, consumers, are the harvesters of the malicious code. This is the only way, it appears, it could invade to be used. This is pointed out by the posting on Tom's hardware site you show.

AND, its important to stay current with the security updates.

[James C]

http://www.usatoday.com/story/cybertrut ... g/2447305/

Java has emerged as arguably the No. 1 Web threat – and you'd be wise to disable it.

No surprise, then, that cybercriminals have been intensively probing Java for security flaws. One way they take advantage is to use Java to force malicious software onto your computing device in what's called a "drive-by download," says Corey Nachreiner, strategy director at WatchGuard.

Drive-by downloads unfold silently and invisibly. You click on a Web link or visit a website booby-trapped to steer you to an infection. The bad guys then steal your account log-ons, contacts and personal information. But they don't stop there. "Once they control your computer, they can access pathways to information and other devices on any network you may be part of, " Nachreiner says.

Java-based attacks have been implicated in data breaches at big media companies such as The New York Times and Wall Street Journal, tech giants such as Google, Twitter and Yahoo, and many big banks.

The Department of Homeland Security earlier this year advised Americans to disable Java, endorsing a consensus in the security community that Java's risks now overshadow its benefits for most consumers and many businesses.

[gcmartin]

Thanks @James C. With what you show, you've proven what I ask. Since JAVA is an attack surface, like browsers, flash, operating systems, and etc. we, in the world who use such attack surfaces are vulnerable to attackers. Yes, I agree.

Kinda like houses, isn't it.

Not to make light of what is shared here, I mentioned houses. Over the prior 5 posts, if one substituted the word HOUSE for every instance you see the word JAVA, I think you see the comical irony. Funny isn't it.

[slavvo67]

Wouldn't disabling Java actually hinder the NSA? Yep, I went there...

[ThoriumBlvd]

Though I was concerned with purely the bulk of the office/platform, I will opine that JAVA has and does have security concerns. Does one always know a malicious app when one sees one? and of course newbs what want this cross-compatibility, might not be as saavy as the average Linux user, so the doorway gets opened. It is a minor reason why I asked for soft-office. If FF browsers are moving away, and certain ginormous corporations are embracing, my alarms go off. I like to think about being involved in a dedicated independent trustworthy community, not some ginormous corp. attitude with habitual/ritual security updates. /opine

Sorry for the can o' worms, but ultimately the discussion enlights.