Having spent enough time using all three of the major OS's to have a decent understanding of their flaws, it's easy to explain why I use Linux whenever I have a choice: its flaws are much easier to manage. Part of that is the Unix tradition: everything is visible, and you can always take full manual control of something if you really need to. On Windows, there's a lot of stuff happening behind the scenes that you can't really see, and can't really control. On my Linux box, I know exactly what every single running process is there for, what data it is able to clobber, and what functionality will go away if I kill it. On Windows there are all these "system services" lying around that I can't make go away and can't know what they could potentially mess up. And then there's the Windows Registry...

But Mac OS X also has Unix under the hood, so the Unix tradition isn't all there is to it. The problem I have with Mac OS X is that there are too many layers of spackle over the Unix core, and those layers are not transparent the way Unix is supposed to be. And although OS X lets you do things in the traditional Unix way, without going through all the layers of spackle, it strongly discourages you from doing it very much. And yet, some basic GUI tools simply aren't there, such as a task scheduler (even Windows has a GUI task scheduler) to automate things like backups. Yes, I know OS X has Time Machine, but that's another example of the same problem. If I want to use some other mechanism for backups, such as rsync, or pushing to a version control repository, I can't use Time Machine and the other GUI tools; I have to drop back to the Unix command line, and OS X doesn't even like you to use crontab the way it was designed. Basically, OS X wants you to do everything in the One True Apple Way, which is fine if that works for you, but when it doesn't, things get very difficult.

Linux has flaws too, of course, but as I said above, they are much easier to manage. For example, KDE 4 sucks, but I don't have to use KDE 4; I can use KDE 3, or any of a number of other desktops. Or I can be more minimalist and just pick a good window manager, of which there are quite a few, and build my own GUI desktop tailored to my needs. Or I could be even more hard-core minimalist and run bare-bones X Windows. (I'm pretty sure that there are very few, if any, nerds left who are so hard-core that they refuse to run a GUI at all; even if you're just running emacs, a terminal, and a text-only browser, it's still nice to have multiple windows on screen at the same time.) As another example, Ubuntu's standard GUI for network configuration is braindead enough not to have a way to specify DNS servers when you're using DHCP, even though the DHCP config files have an option designed precisely for this purpose. I need this option because, for reasons explained by Rick Moen in this article, I run my own recursive DNS server on my home network instead of just defaulting to the ones run by my ISP (who shall remain nameless here because, at least in this particular case, they're no worse than any of the others). If Windows lacked this option in its GUI, I'd be helpless (ok, maybe not totally helpless, since I suppose there's some registry key somewhere that might help with this, but it might take a lot of pointless work to find it). If OS X did, I'd be, if not exactly helpless, certainly wearied after what I would have to do to make sure the config change persisted across reboots. On Linux, I make a quick change to /etc/dhcp3/dhclient.conf and I'm done.

Another thing the various Linux distributions have done very well is providing a cryptographically verified distribution chain for software, both binary and source. On Windows, yes, you can get software updates from the Windows Update site, but that only covers software that Microsoft distributes, and many of the so-called "updates" aren't really for your benefit anyway; they are to enable Microsoft to control more of what you do with your computer. On OS X, again, you can get updates for Apple's software from Apple, but not for third party software. For third party software on both Windows and Mac, you are pretty much stuck with surfing to some website, downloading an .msi or .dmg file that may or may not have any means of verifying that it's actually what you think it is, and installing the thing by hand in the hope that it isn't a virus or spyware. And, of course, in neither case is the source code open to you. With Linux, you use the package management tool that comes with your distribution, which can verify that every piece of software it downloads and installs for you is digitally signed and comes from a trustworthy source.

I realize that this doesn't sound much like making flaws easier to manage, but bear with me for a moment. When people find out I run Linux, they often ask how I keep my system free from viruses. The definitive answer to this question is by Rick Moen, here, and basically boils down to this: viruses and malware are not problems in themselves; they are symptoms of deeper problems with either the OS or the user or both. No OS is perfect; there are always flaws in any software system that can in principle be exploited. But one can still design an OS to not only make it as free of flaws as possible, but also to minimize the impact of flaws when they are found. And included in "flaws" from this point of view are ways that a user can make mistakes and do damage to the system. Linux, and Unix variants generally, are designed explicitly to contain such damage, and so the kinds of anti-virus, anti-spyware, anti-whatever tools that are ubiquitious on Windows are simply not necessary. Mac OS X, being built on Unix, gains this advantage to an extent, but the key thing it lacks, compared to Linux, is precisely the cryptographically secure distribution chain, which removes an obvious way for users to make mistakes and do damage. (Windows, by contrast, has had what security features it has bolted on as afterthoughts, and it shows.)

Of course, as computer users go, I am a statistical outlier. I am a programmer, which means that I have to have a degree of control over my computer that most users do not, because I have to be able to configure it to build and test software, not just use it. It also means that I actually like doing things like editing /etc/dhcp3/dhclient.conf by hand to make sure DNS is set up just the way I want it. Users with different requirements for their computers will make different tradeoffs between control and convenience, and that's fine. This post is about why I run Linux, not why everyone should.

But to close, I do want to say one thing about Linux that should be important to everyone. Control over your own computer is not just for programmers. I'm not saying that every user should have to edit /etc/dhcp3/dhclient.conf; but every user should own their computer, and the software that runs on it. If you run Windows, you may not realize it, but you don't own your software; you are "licensed" to use it by Microsoft, and if you read the fine print in all those license agreements that you probably clicked through without thinking, you will find that you have signed up to allow Microsoft some pretty draconian control over not just the specific software they gave you, but your whole computer. And if the RIAA and MPAA get their way, it could be law in the US that you have to allow such external control over your computer, in the name of preventing "piracy". Apple is somewhat better, since you can run the core of Mac OS X without signing up for their DRM, but as soon as you use iTunes, you're in about the same position as a Windows user. Only Linux has remained a fully open OS where you own your computer, and you don't have to "license" anything from anyone, or cede any of your rights to anyone, to use it.