Here’s the top feeds you should be subscribed to (CVE tags are reported in brackets):

1. NIST Vulnerability Database.
2. US Cert Technical Security Alerts [CERT].
3. SecurityFocus Vulnerabilities [SF-INCIDENTS].
4. Open Source Vulnerability Database [OSVDB].
5. IBM Internet Security Systems Threats [ISS].
6. Vupen Security Advisories [VUPEN].
7. Secunia Latest Security Advisories (Unofficial) [SECUNIA].
8. eEye Security Advisories [EEYE].

The above list is also available as OPML file you can import into your feed reader.

Furthermore, you should subscribe to Operating Systems product-centric vulnerability feeds to ensure you receive timely information regarding updated packages and suggested workarounds for your infrastructure. Here’s a comprehensive list, sorted alphabetically:

1. Apple Security Announce (Mac OS X, iPhone, etc) [APPLE].
2. Checkpoint’s SmartDefense Service [CHECKPOINT].
3. Cisco’s Product & Service Security Advisories [CISCO].
4. Debian Security Advisories [DEBIAN].
5. Fedora Security Updates [FEDORA].
6. FreeBSD Security Advisories [FREEBSD].
7. Gentoo Linux Security Advisories (GLSA) [GENTOO].
8. Mandriva Security Advisories [MANDRIVA].
9. Microsoft’s Security Notification Service Comprehensive Edition [MS].
10. NetBSD Security Advisories [NETBSD].
11. OpenPKG Security Advisories [OPENPKG].
12. OpenBSD Errata [OPENBSD].
13. Red Hat Security Advisories [REDHAT].
14. Slackware Linux Security Advisories [SLACKWARE].
15. Solaris SunSolve Alerts [SUNALERT].
16. SUSE Linux Enterprise Security Advisories (also contains OpenSUSE advisories) [SUSE].
17. Ubuntu Security Notices [UBUNTU].

OS security advisory feeds are available as OPML file as well.

Have I missed anything? Please report if you find some advisory feed I accidentally missed. Also, if you’re into an Operating System security team and you don’t offer a security announcement feed, please consider making it available.

The installation was straightforward and hardware support was really seamless (whew! ACPI works like a charm on new Dells), however I noticed that once the system is running, the “works with clueless user” claim (they call it “alternative to Windows“, but that’s the actual meaning) lasts only five minutes.

There are two main issues on the table:

1. Documentation: several aspects of the system have changed but documentation lags behind. For instance, upstart replaced old service management facilities and Services applet was removed from System -> Administration menu, but documentation still refers to it. Furthermore, internal documentation search feature is very primitive compared to Mac OS X or Windows ones and “search the forums” option cannot really replace a knowledge base like Microsoft’s.
2. Robustness: Ubuntu should take the release-early-release-often agility rule with a grain of salt: if replacing a subsystem completely takes a certain amount of time, you cannot really split replacement in two phases just to respect release scheduling. A lot of users are complaining about the fact that every upgrade adds more quirks than the ones it solves.

Open source applications that build up the Ubuntu’s image of Windows alternative are getting more and more mature and a lot of work has been done to make Linux look like a desktop operating system and not just a bunch of pieces put together. Now it’s time for distributions like Ubuntu to step up and fix higher quality standards for the whole development community.

For a start, they could set a common standard for documentation and knowlegde base: to offer a real post-install support, you need to have a common error reporting API, clear error messages (not like Microsoft’s “contact your System Administrator” message) and a central repository for documentation and solutions, with a common writing style (haven’t you noticed a regression since man pages days?), a decent search engine and translations in supported languages. Since no Linux distribution has enough work force to make it all alone, the only alternative is to find an agreement for an interoperability standard with large software projects (Samba, Open Office, Gnome, Cups, etc).

So now my mom is using Ubuntu: I’ve enabled remote controlling (ssh and rdesktop) to help her with the transition and I’ve installed a VirtualBox instance with Windows XP, just in case. I replaced standard theme and wallpaper with something she could find attractive (first impression counts!). If you have any good tips for making Ubuntu experience more comfortable, please share them using the comment box below.