digg

Facebook Connect Join Digg About
See the original image at arstechnica.com

Ubuntu's OpenGL face browser will bring bling to GDM

arstechnica.com Developer Mirco Müller is designing a new login manager for Ubuntu that will use the OpenGL-based clutter library to provide a richer user interface with animations.

Who dugg this? Made popular Apr 30, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

114 Comments

show profanity settings
expand all
  • ptFoe, on 04/30/2008, -21/+83Most users at most have 2 logins on a computer, and will only spend a maximum of 10 seconds at the login screen. How does this bring bling to ubuntu? utter rubbish and waste of time if this code can't be used in another application like IM.
    I wish Macslow had spent his time finishing the Picture Sorter, which would have been quiet useful.
  • estaticd, on 04/30/2008, -6/+66This would be great for a PC shared by many people, like a classroom setting or public terminal.
  • dsn0wman, on 04/30/2008, -3/+54Call me old fashioned, but I'd rather just type in my user name and password.
  • dinostabOMG, on 04/30/2008, -0/+20I'm sure you'll be able to turn it off if you want.
  • harlowsmonkeys, on 04/30/2008, -4/+21One step forward, one step back. Having a user type their name on one screen, and their password on another, can be a security risk. Users sometimes get out of phase, and think they have progressed to the password screen when they are still on the login screen, and then type their password, where it is echoed in plain site.

    This should help greatly with that problem, because users will not be trying to type on the first screen. The password screen is different enough from the user selection screen to make it hard to get out of phase.

    So, that's one step forward. This will improve the security of the password entry procedure.

    But it also gives people who do not have accounts on the machine a quick way to find all the valid usernames. That's a security no-no, so one step backwards.
  • jsully, on 04/30/2008, -0/+16Hard disk utility like what? ext3 doesn't need to be defragmented. Ubuntu also comes with the Disk Usage Analayzer, which is one of the most useful drive utilities out there.
  • Mejogid, on 04/30/2008, -3/+18"But it also gives people who do not have accounts on the machine a quick way to find all the valid usernames. That's a security no-no, so one step backwards."
    Since, if you've reached GDM, you presumably have local access, there's not going to be much security any way (in so much as you could boot form a live cd and inspect the filesystem). Besides, you can be sure "root" is a valid username, so does it really matter if you know more? Cracking more, less privileged accounts by brute force isn't going to do you any good.
  • sirhomer, on 04/30/2008, -0/+15This will only be really used in personal homes and maybe small businesses and classrooms. It these cases the security risks are nonexistent to minimal. You can expect any large organization to be authenticating against some kind of LDAP directory.
  • sparrowkc, on 04/30/2008, -3/+16"...and waste of time if this code can't be used in another application like IM".

    Open Sauce is open.
  • Chakat, on 04/30/2008, -0/+13It has both the username and pic visible.
  • mizatt, on 04/30/2008, -2/+14In case they forget their names? This seems like a big waste of time to me.
  • schestowitz, on 04/30/2008, -9/+20Some more pictures and explanation here, for those interested: https://wiki.ubuntu.com/DesktopTeam/Specs/GdmFaceB ...
  • djbon2112, on 04/30/2008, -0/+11I think that's one of the beautiful things about Linux in general: you don't need to make "unauthorized" modifications to the OS to disable stupid eye candy or crap they add to the OS. There's options (somewhere) to change everything!
  • domlachowicz, on 04/30/2008, -0/+10"Besides, you can be sure "root" is a valid username"

    Most Linux systems run rootless these days, with a few privileged accounts in the "sudoers" file.
  • hyperair, on 05/01/2008, -0/+9Why don't you run fsck and just see exactly how many percent non-contiguous files there are? After years of using my /home partition (which also involves much deleting and downloading like you have), the percent of non-contiguous files is still less than 5%. What you're probably feeling is a placebo effect. You've run the script, you expect it to work better, and so you feel it does.
  • sparrowkc, on 04/30/2008, -1/+9Also, FTA:
    Tools like GNOME's new Cheese webcam utility could also potentially be integrated with GDM configuration utilities...
  • bumcheekcity, on 04/30/2008, -6/+14You mean "atrocious" surely? If there are 30 users on a PC or something, then picking out your picture or avatar is going to be a pain in the arse. You want usernames and passwords in a classroom setting.
  • inactive, on 04/30/2008, -0/+7Cheese is a really good utility.
  • radix2, on 04/30/2008, -0/+7of course, while this face browser is being developed, nothing else can be done. Is that right?

    Personally, I won't get any value from it but FTA the developer is trying to streamline the login process (that is one of the jobs he is employed by Canonical for). This may well be a dead end, but in the meantime he is gaining experience in the new toolset.
  • foo25, on 04/30/2008, -1/+78.04...?
  • irgeorge, on 04/30/2008, -0/+5Or sarcasm. This hypothesis of mine is supported by the use of the phrase 'but seriously.'
  • Hangly, on 05/01/2008, -0/+4You, or the guy who stole your face.

    Oh yeah, don't think someone won't try that.
  • mmlenz, on 04/30/2008, -0/+4you'll never mistype your user name while logging in now will you?
  • corde5, on 04/30/2008, -0/+4Old fashioned.
  • mistergoomba, on 04/30/2008, -3/+7perfect for me since i live in a house full of 20 people and everyone is learning linux on my computer.... but seriously, this seems like more clutter rather than less clutter to me
  • akkibaba, on 04/30/2008, -4/+8A comment that exactly describes itself. Damn, I think you just divided by zero.
  • blackjack75, on 05/01/2008, -1/+4Last time I tested Ubuntu8:
    - I clicked to enable compiz effects, told me that I needed ATI proprietary drivers
    - I clicked in the preferences to do so (yes now they have a GUI for that!), rebooted and got a black screen
    - I rebooted in recovery mode and picked the option to restore my X11 gui.

    Since then my keyboard layout is set to Azerty (which is french and makes loging in A BIT complicated). And of course changing the keyboard once logged in has no effect on the login.

    But sure, let's add some bling effects right now, since there are no other issues to fix.
  • HonestAbe, on 04/30/2008, -0/+3"Since, if you've reached GDM, you presumably have local access"

    Why would you presume that?
  • djbon2112, on 04/30/2008, -0/+3You're not alone.
  • newwatch51, on 05/01/2008, -0/+3It always surprises me how the little things influence what software people use. I know someone who wanted to use pidgin, just because I had a buddy pounce that played music when some one started typing. Conversely, I know someone who didn't want to use Firefox because the bookmarks imported from Internet Explorer didn't have favicons on them.
    Thus, there may be people who try Linux because of this
  • voyvf, on 04/30/2008, -1/+4Bitching about a feature that someone has contributed, just because you think there are "better things" to add is a bit daft. Nobody said that you couldn't work on those "cooler things".
  • TheWindBlows, on 05/01/2008, -0/+3I got your nose.
  • Culyt, on 05/01/2008, -0/+3Just be aware that facial recognition as a login is a security hole. Theres is no way to tell if its a face or a picture of a face so anyone with a picture of you can get in.
    It would be useful for home users though.
  • Myztry, on 05/01/2008, -0/+3Public/private key based. Where no identity is exchanged. Just the fact that you have the private key with which you signed up with, and are thus the originally verified entity.
    I'm not going to get long into it because it's not really the topic on hand but.
    Site generates a random token and encrypts with private key. Your security device decrypts it internally with their public key, re-encrypts with your private key and sends back. They can check if you have the required private key, forming a 'loop' of trust. Likewise you can do the same.
    No software on the computer is aware of the key, so there is no chance of rogue programs or buggy OS's exposing it. For further communications, the security keys returns unencrypted data locally, keeping snoopers out.
    Theres more to it, but that's the gist... Needless to say, you could have 100's of USB security keys for different purposes. No passwords. Just a device that identifies the trust association, not the person.
  • porl, on 05/01/2008, -0/+3it is an ubuntu project. nothing would stop other distros using it though. this is one of the best things about open source in my opinion, different groups are mature enough to acknowledge when another group does something great and incorporate it into their own, without so much of the whole 'ours is different! look, it's got a button in a different spot!!!! they copied us first!!' that seems to be prevalent in a lot of proprietary software (not that it doesn't occur at all, but i'm talking in general)
  • inactive, on 04/30/2008, -1/+4They should really get rid of the brown.
  • 0xception, on 04/30/2008, -0/+2i guess the whole point will come down to the purpose of the install, if your install is used as a semi public access terminal then chances are the live boot will be disabled, however security is an issue then chances are the admin of the system would just change the GDM or secure it in the first place. So i dont think this is much of an issue so long as this login is an Optional login (even if it is the default, if you can change it back then i see no harm)
  • ethana2, on 04/30/2008, -0/+2I can't wait 'till they have a facial recognition PAM module. Open the laptop, smile, and you're in as you.
  • Hangly, on 05/01/2008, -0/+2Give that back you son of a bitch.
  • mathwizkid, on 04/30/2008, -4/+6There are so many improvements that could have been made with the hours used for developing this.
    "The general advantage of a face-browser for login is the avoidance of superfluous typing". Is it that hard to type your login name? Maybe we should have a picture of your password too?
  • akkibaba, on 04/30/2008, -2/+4Don't like it? Turn it off. The developer is coding this feature to scratch his own programming itch, and giving it to you ingrates for free. Why are you trying to tell him what he should be doing?
  • inactive, on 04/30/2008, -1/+3Or like Disk Manager to mount HDDs with a GUI: http://flomertens.free.fr/disk-manager/download.ht ...
  • rulus, on 05/01/2008, -0/+2Except that your name might not be the same as your username.
  • Ademan, on 05/01/2008, -0/+2I would much rather see a working guest account system in GDM than this... I remember there was some work being done as a part of fedora, i dunno if it made it into mainline gdm though. (and if it is there, it would be awesome if there was an easy way to enable it)
  • matrixbandit, on 04/30/2008, -0/+2I don't think this would be horribly useful for logging in, but I do like the idea of having a network of public terminals where users can create an account and have their picture taken via an attached webcam for their account profile, where other people could browse the photos for the purposes of sending a user an email. In a class setting for example, this would be useful for people whose names you don't know.
    I know a million people will scream about privacy issues, but your face and name aren't private in the classroom anyways, and there could be all kinds of account specific security settings to let you be as veiled as you want.
    Also might be fun to do this at coffee shops, but limit the user listing to people who are currently logged in so you can only see people who are already there anyways, and send them creepy stalker messages :D
  • TrevorPace, on 04/30/2008, -1/+3In places like a classroom students/staff should simply log on over the internet using a user-server. Like Novel does.

    For a public terminal like a library there should just be a guest account or something.
  • inactive, on 04/30/2008, -0/+2I wouldn't say that is a given.
  • KageSenshi, on 05/01/2008, -0/+2And the infrastructure which made this possible, comes from the hard work of some Fedora developers..
    http://fedoraproject.org/wiki/Features/NewGdm
    Fedora9 will ship with the new GDM .. though no bling bling for now, just the base infrastructure ..
  • Culyt, on 05/01/2008, -0/+2It might not be much use to your average computer geek but the bling factor will draw in the breeders. In addition to that typing in a username for logging into the computer is an alien experience for many normals, often they just have 1 admin account which automatically logs in. Vista just makes you click a box to autenticate you want to do something as a admin user, and that already anoys a great many people.

    Having a simple "Click your face" browser will probably be quite useful for Joe user, his wife and stereotypical nuclear family of 3 and a 1/2 children, I would even think that providing and option to disable the password for GDM logins would be a good idea for home users. Granted its a security hole, but for an average person it doesn't matter unless someone breaks into their house with the intent to steal documents off their computer, they can of course steal the whole computer a whole lot quicker.
  • dualscreenman, on 04/30/2008, -0/+2A *simple* face browser has been an option for GDM and KDM since, like, forever. (Though not in GDM by default; and no, not literally since forever)
  • Fetching more discussions...
    Show 51 - 100 of 114 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.