Slashdot Mirror
Desktop Linux Sliding in Under the Radar?
Paul Johnson asks: "This article at ComputerWorld describes a sysadmin's discovery that many people in his company are installing Linux on their desktops without consulting IT. The writer is concerned with the security implications, but there is a wider issue. At present the 'official' penetration of Linux into the desktop market is something around 1%. The writer of this article doesn't give figures, but it sounds like he may have stumbled on several times that percentage of desktop Linux installations. If so then this is an important trend. Linux got its foot in the datacentre door in exactly the same way a few years ago, with unofficial installations doing odd server jobs.
If you are a sysadmin, in an organization that runs Windows on the desktop, have you stumbled on many unofficial Linux installations?"
I tripped over my mail server last week. Does that count?
If users will install random spyware and games on work machines, why wouldn't they do the same for an entire operating system? The only difference is that they have to insert a CD-ROM! And that seems to be what people are doing with their Linux installs as well as their Windows workstations too, according to the article.
Bash script for FP whores
Is the sysadmin sure he wasn't dreaming?
Wow, a lucrative publishing contract! I don't have to be evil anymore. --Meteor
"This article at ComputerWorld describes a sysadmin's discovery that many people in his company are installing Linux on their desktops without consulting IT. The writer is concerned with the security implications,..."
This could make the case for desktop Linux look worse, if people are not securing their dektops and/or keeping up with security updates.
Users have no place installing linux in the office without permission. Those who do it should be severely punished and forced to run Windows 95.
but rather a network guy but I have 3 Linux boxen that MIS does not know about and the dept laptop is booted with a Knoppix CD about %90 of the time.
Cypherpunks: Civil Liberty Through Complex Mathematics. Those who live by the sword die by the arrow.
I work at the comptuer science department of a major universtiy, we've got runaway LINUX everywhere. We've gone so far as to restrict our switches by MAC address and no longer allow anyone in our network unless they tell us what OS they are running and have installed all the security updates.
The article mentions VMWare. This is a truly
excellent application that runs in Windows and Linux and fully virtualizes
the hardware. You literally "switch on" a machine in a VMWare window and
you see a BIOS startup and then your favorite operating system starts.
You can do things like run Linux as your main operating and have Windows
as a Window within your window manager. Or you could run Windows as your
main operating system and have Linux in a window. In addition you can have
multiple versions of each OS. I have, for testing purposes, Windows 98,
Windows XP and RedHat Linux as VMWare images, at any time I can boot into
a clean version of them and test software. At the end of the session VMWare
asks me if I want to save the changes that have occurred in that session. If I
say "no" then none of the changes get committed to disk. For Windows that means
even the registry, so I am guaranteed a pristine environment next time.
At my company about 25% of people run Linux as their desktop with Windows in a
VM and the others the other way around. It's very cool...
John.
In a previous job I've found Linux and BeOS
desktop installations. While I was pro alternatives to Microsoft, there was the concern about security - e.g. open e-mail relays, unpatched servers. The company ended up with a policy of permitting Linux on the desktop, but not supporting it. If you had an application issue - you were on your own. The only users that ran it had a clue and we didn't run into issues. Being a research environment, Linux ended up replacing SGI systems as the scientific workstation standard.
Aside from my laptop and my desktop, we have no Linux desktops. I do network scans and such monthly, and aside from a few Linux-powered embeded devices, I've seen nothing interesting. Mind you, I work at a hospital. There are not very many technically inclined folks here.
Never eat more than you can lift -- Miss Piggy
One datapoint does not a trend make.
If you told me the guy who runs General Electric's desktops found that 50% were running Linux, then you might be onto something.
But Jr. Sysadmin flunky at tiny company in bumfuck Iowa means nothing. Nothing.
Lets apply those critical reasoning skills, people.
Mostly with "unused" computers.
...
Since they cut the training budget, we obviously had to learn new skills somehow
> --- All Of The Above --- >
Don't think my company would allow that, security is ubertight. For some reason the majority of OSes are MacOS 9.0. But the techs are running Linux, and a port on the open net around here will let us use any notebook we bring.
Back in the old days when ummmm... a guy I know was at SCO, people were intalling linux on their systems without consulting IT. That was in 1999.
I don't have any figures for you though.
I run Win2000 'officially', by Knoppix Debian on the sly - the only thing stopping me migrating completely is the lack of a working Novel client.
I wouldn't dare reformat a work machine with another OS. The feasibility isn't the problem - it's the wrath of an angry sysadmin that is. I would like to keep my job in this economy.
I DO, however, frequently boot my machine with knoppix. Most corporate IT environments prevent users from installing their own software - but Knoppix has pretty much every app I need. I sacrifice local file storage and some embedded data like PIM stuff, but its just more comfortable and doesn't raise the ire of the lesser IT geeks.
i don't deal much with desktops (i'm a server guy), but if i did "stumble across" unauthorized linux desktops, they'd be formatted with extreme prejudice. they almost certainly would have no antivirus software, no agents for our desktop license management, and almost certainly wouldn't be keeping up with security updates.
the users don't own their machines - the company does. if they want to piss around with _any_ os, let them do it on their own time, on their own network, and on their own equipment.
In the last infrastructure upgrade we did, all 60 machines were identical:
FreeBSD 4.7, autostart XFree86,
full-screen RDesktop to central Win2k Terminal Servers.
User's still think they have a windows
box(windows splash screen on boot).
Does this count?
i dont have you worry bout this. the people at my organisation aren't clever enough to send an email, let alone install Linux
The article is actually pretty good -- it's a reminder that if people are using a platform, that IT has to support it properly. This is a refreshing change from the traditional IT reponse that if IT hasn't decided to support it, it should be prohibited. I congratulate the author on realizing that IT's job is to facilitate people's jobs, not restricting them to what's convenient for IT. Help desks are always horribly overworked, so it's understandable that they start falling back on blaming users for breaking the rules, and refusing to support anything but the standard application set, instead of thinking more creatively to help users get their jobs done. The irony is that _every_ IT support person has tons of weird software on their machines that would cause them to refuse to support the machine if it were someone else's.
(and I say this as someone who's worked in IT, and managed IT departments, for _years_.)
Enable 3D printed prosthetics!
I work for a company with about 150 windows PCs, and surprisingly, a few cubicles down, a fellow worker is running Red Hat on his PC. I asked him, what are you doing? He says, if he ever gets fired, he will just boot to his Red Hat installation, and quickly format the hard drive! I almost fell over in my chair laughing! We all know that windows wouldn't let you do such a thing quickly, but if this needs to be done, linux can do it in a matter of minutes.
Try to explain to me why an ordinary user, who requires technical support in the first place, decides to forgo his or her preinstalled XP or something and go to the bother of putting Linux on their machine at all...?? Where is the advantage? The incentive? In may experience, even as a sysadmin in the computing department of a uni, 90% of users couldn't even install XP themselves, never mind linux, whether its getting easier to install or not. Sorry, I don't buy the idea that there are armies of secret linux users installing linux on their PCs at work behind their sysadmin's back. I just can't see it...
I work in a development-oriented division so sightings of linux boxes isn't that surprising.
However, I get my satisfaction when someone comes to me and asks for help on running .
That's preposterous! You have to get a LICENSE first, remember?
I used to work for a backbone isp as a *nix admin. Our internal IT said we MUST use M$ on our laptops. I think maybe 30% dual booted, the rest of us just running our choice of linux/bsd. It's not like we needed tech support for getting network printers to work or something.
In truth beyond the server farms ive worked with at said companies the only person possessing any *nix varient has been myself (including mac os X...) While i can see this as being an occasional happening in dorkier companies... even then i find it not very likely.
mainly because buisness use predominataly revolves around outlook exchange's shared meetings and various other stupid stuff.... in addition to the baseline ease of use (overall managerialy) network administration of an all windows environment.
I would NEVER support a linux desktop distro amongst my users.... MAC OS X ... yes.... but not Linux for any reason on gods green earth... can you say nightmare? I love Linux.... but it just is NOWHERE near as streamlined as windows or macintosh... especialy from a support stance.
My personal feelings are *nix for network devices.... Windows server/client for data sharing email and so on.... and Mac os X for end users who are more inclined towards media production (basicly people who arent finance/sales).
This setup puts the *nix boxes in my realm... and id be greatfull that no unwitting user *accidently* installs another DHCP, DNS, SMTP, etc... server on my network. Id also be thankfull not to be asked how to make packages work correctly between KDE, gnome, X, or whatever else joe moron decides to use.... or how to fix their freakin window manager because KDE offers 5 different programs just to change the layout/widgets.... no thank you.
Of course this poster assumes that the people who do so, do so knowing people like myself wont support them... and more than likely will be highly un-happy with their network being potentialy compromised...
not trying to spread FUD.... but ill wait for a tighter distro before i promote *nix on the desktop.... only one so far (with flying colors) is OSX.
--Idiots, Every single one of YOU, A flaming mass of conglomerated morons, hey wait a second, isnt that how RAID works?
Maybe one of the issues is that IT departments especially in larger companies are not very proactive in offering new "official support" for anything besides the latest Windows release, therefore any Linux installations are deemed "unofficial" and are not supported well if at all by IT. Once enough rogue employees are running Linux desktops though or if/when a company starts offering Linux support for their main products IT will probably be forced to catch up at some point by management. It would be nice if companies dropped proprietery mail/groupware/office suite solutions too as that would really make a Linux desktop that much easier to use and support.
From what I have seen, the person who installs GNU/Linux/BSD/etc on a work desktop is generally in the power-user category in the first place. Your average corporate user is not the "culprit" as she is not sufficiently interested in what is under the hood. Your early adopters (who adopted free software years ago) are more likely to install what they need, rather than what the corporate leviathan requires.
It was interesting to hear that my daughter (Ph.D. Candidate at University of Washington, Seattle) brought her own system into the lab, set it up with Linux, and uses it rather than the department standard systems. The reason? Lyx! UW has the standard dissertation formats all set up for lyx/latex, and so this is the best solution for her. The other reason is that all of the rest of the lab users do not get beyond her login prompt, and so her system does not get used by others and messed up regularly. The IT folks allow her access to the network, so she is fully equipped.
Free software? Life is good!
Soli Deo Gloria
That's really interesting and all that some compnay someplace has users installing some flavor of linux. Whatever. I have a suspicion this has a lot more to do with sloppy admin-ing than it does 'leet end users.
Cheers
-- RLJ
I can see how security might be lax. When I was new to Linux I enabled everything whether I needed it or not. I figured I'd get around to playing with bind, sendmail and ftpd sooner or later. Everyone I know who's tried Linux has only dipped his toe in, so to speak.
Now I know more and have played enough that I disable everything except what I need, make sure it's secure and then put up a firewall just to be sure. But heck, just the other day I realized I hadn't apt-get update'd and apt-get upgrade'd in a couple of months. Oops. I also had weak passwords until about a month ago.
I'm in a non-tech company, and the Linux penetration is well below 1%. Only one desktop--a dual-boot laptop--as far as I know (except when I boot up KNOPPIX), but I have three rouge servers of my own. (Squid, Nessus, nmap and Snort are my friends.)
I also have two Cygwin installs, but they're my workstations, not user PCs. Anyone seeing those on desktops yet?
In this article the guy chose RedHat. If you don't care for commercial support, why would you choose RedHat over Debian or Slackware? Especially if security is a concern.
I wonder how many people boot Live Linux Distro's like Knoppix, and reboot into whatever is installed (NT, XP, Win2k)when they only really have to.
As a ardernt Linux user, I would just change the BIOS settings to boot from CD first, and pop in Knoppix, or leave the CD-ROM tray empty when I wanted to use windows. No one in IT would need to know what I was upto.
New York City 911 EMS: When you absolutley, positivley cannot call a cab for your toothache
-- RLJ
Realize FIRST that you are there to SUPPORT the users NOT stick your nazi baton up their ass. Instead of getting pissed at them for trying something new (unless you are just a jerk and can't help it), pre-empt them by handing out knoppix cd's and have them boot to it. A 5min education and they are off and running. Tired of linux? pull the cd and boot back into windoze. Everyone is happy.
Sick of stupid ass admins who think that they are important. Without users, we would NOT have jobs...
When I was working for a game company, we had 2 Linux boxes in our machine... I installed them both... the only thing the SysAdmins said to me when I did it was, "We won't support that..." which was fine by me...
I had to Linux boxes to use, and needless to say, my Win2K machine at work became relegated to e-mail only...
That said, I wouldn't be surprised if there were more people doing the same thing with their office machines...
Yes folks for every criminal actually caught installing linux there are ten more fiends out there flaunting the authorities and trying to get one over on "the man". But it's only a matter of time till they pay for their deed because here in Champion City we still do a brisk trade....in justice.
In other breaking news SCO has begun issuing Rogue licensing requests based on calculated potnetial use of rogue linux installations on corporate networks. Darl McBride was quoted as saying "Damn those monkeys, AAAAAGGH BRIGHT COLORS!!!"
and all our systems have rouge linux installs. Its true! ;)
New year Resolution: Don't change sig this year
If the slicker project ever gets going again then KDE will be FAR ahead of any other desktop IMHO, and become more just a ripoff of other UIs. The CVS is already quite usable, but has only 5% of the features they say that they are working on.
Well, it's redundant because it's not a troll, it's not flamebait, and it's not offtopic. I suppose it could be overrated instead, but the point of the article was to hear experiences from people who have found desktop installations at work, not hear 600,000 "No" answers from people who haven't. If there was a "-1 Pointless Comment" mod, you'd have gotten that, but there isn't.
--That's the point of being root, you can do anything you want, even if it's stupid.
My company has quite a large LAN with at least 20,000 Windows NT/200 PC's. There are some SGI machines floating around for specialized jobs...but for %99.9 of people involved Microsoft is the only machine allowed to be connected to the network.
And the sysadmins keep it that way. >:(
Well...this naturally sucks if you are an engineer and need something that fits: "I can make this with things I already have...for FREE!".
I currently have Slackware 9.0, w/ Apache, MySQL running for a development program I am writing in PHP. It works well on the *spare* PC (read: old and nobody wants)...but as all computers it will be forever limited as it can only talk to 127.0.0.1.
In my personal opinion, unless the IT department approves, corporate machines should NOT have operating systems installed that are not officially sanctioned by the IT department.
The reason is simple: system and network maintainance. When the IT help desk clearly knows what operating system each desktop machine is running, they can easily standardize on setup, security, what apps need to be installed, and so on.
Clearly, right now the situation for corporate IT setups is often going to be Linux or BSD variants for servers, Windows 2000 Pro or Windows XP Pro for x86 desktop clients or MacOS X 10.x versions for newer Macintosh machines.
And "we all know" that if he gets fired, he'll be marched straight from being told, empty his desk under supervision, and be escorted off the premises.
Any company that lets him near a pc, networked or not, after he's been told that he's going to pursue opportunities elsewhere is being run by dolts.
T&K.
Political language
This was a regular occurrence in our engineering department for some time, and as any MCSE knows, Linux is insecure. As IT director, I was initially given the task of physically removing hardware when rogue Linux installations were found, but employees were actually discovered bringing in their own laptops to run Linux or using VMWare to host virtual Linux machines with active and unique MACs on the corporate network. To better battle this, I asked for and received the right to terminate employees. After several high-profile firings, our network is once again safe, and it has become policy to perform more extensive background checks on job applicants with a UNIX or Linux background to ensure that they haven't caused similar grievance elsewhere.
I dunno about everyone else, but as a sysadmin there are only two reasons for unapproved installs of ANYTHING in an organisation for which I'm working - I'm not doing MY job, or the IT management is refusing to stand firm on policy.
But then again, I am a Unix developer. On my desktop I have my workstation running HPUX 11i and my laptop with Gentoo.
People ask me about it all of the time and there have been more than a few people go out and install Red Hat on test boxes.
Even though I love my Gentoo box and all of my Unix work is done through ssh, I don't recommend it to others or go around trying to promote it. I figure that eventually it will just sort of catch on the same way it has slowly made its way into our server room.
...YMMV
Since when is anecdotal discussions of possible Linux installs at a single location even worth discussing?
Is the general Linux audience this starved for success stories that they need to pay any attention to this sort of thing?
Where I work (part of Harvard University), Linux is definitely growing, but is a distant third behind Windows and MacOS. The IT department here is pretty strict about what they say you can and cannot do (kind of odd in an academic environment, if you ask me); as an example, one is not supposed to deploy ethernet hubs without seeking permission first. This just to give you an idea about them.
I've been here 3 years. Last year and the year previous to that, all of the IT web pages said that the only officially supported OSes were Windows and MacOS, with a stern implication that that was it (and don't you think about using anything else, grrr!). This year, they've acknowledged that Linux exists, and are giving some support for it. The IT folks are at least aware of Linux now, a change for the better.
Why is this happening? Because there are a few researchers (including me) who have installed Linux on their desktop/analysis machines, and are doing their own system administration. But, these users still need to fit into the global IT picture, for example, communicating with the email servers. As we have migrated from one email system to another recently, the IT folk have visited every single user (no, not kidding) to move their email system over. The fact that I was running Linux was not only no big deal, but they even correctly guessed which mail client I was using, given that I was running Linux. We are, slowly, winning.
Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
While I was working at Convergys doing outsourced Windows 95/98/ME tech support for Microsft I would install various ditros on the second "Break box" machines all the time. Sometimes I'd add it to the existing 95/98/ME triple boot, other times I'd do a clean install, sometimes I'd just use Knoppix.
It didn't increase productivity, but it did increase employee morale (well, mine at least).
All ther cubicle where 'communal' so I'd usualy have to sit at a differnet station each day.
Reimaging the things to the Triple MS-OS config was as easy as using a custom boot floppy... but it sure was fun watching some of those techs look at the Linux screen and wonder what happened to the Start Button and the My Computer Icons, or try and step a cutomer though t a printer install... humm... maybe I'm to blame for all this MS bashing! nah... that started long before Linux was around.
~Z
Oh, and to actually answer the question, I run a 350 workstation .gov network and haven't seen a single linux install. (There's 1 apple, though.)
I don't buy the analogy between desktop and server market penetration. Servers interoperability is not an issue -- the standards for HTTP, SMTP, FTP aren't moving targets. MS networking standards are not as well supported by linux -- interoperability is far from assured. The point is that dropping the odd linux server into your data center is unlikely to be as big a hassle as getting a working desktop install, and the average desktop user is much less technically sophisticated than the average person responsible for making changes to a company's server farm.
Besides, aesthetics don't matter for server UI the same way they do for desktops -- and although habituation to Windows is the main culprit, there is a lot more work to be done on a linux install to get what a normal desktop user would consider an equivalent aesthetic experience.
I suspect this article is simply borne of a new generation of employees coming up with a higher percentage falling under the "tech savvy" category and the traditional percentage falling under "bored at work"
While Linux desktop versions may not have the issues of virus attacks (for the most part) or licensing issues, the default installations of the current distributions of Red Hat, Mandrake and SuSE Linux may not be set up to have the proper security precautions in a networked environment.
I'd rather have an IT department-approved setup of a Linux distribution that already has been configured by the IT department so when it is push-installed onto a client machine over a network the installation already has all the proper security settings for the corporate network in place.
A company that I own has sold over 1000 desktop Linux computers into a small business market. These are diskless systems. During the user setup, we arrange to have konqueror send MSIE id. Not because we want to, but because it causes us less admin work. We are anticipating selling about another 1000 systems in the next month. No doubt that it is taking off.
I prefer the "u" in honour as it seems to be missing these days.
I have done work for a number of companies over the past 5 years, and there has been one recurring theme: wherever you find the techies - programmers, sys admins, webmasters, etc - you find linux desktops in use, often under the radar to avoid the involvement of clueless managers who feel threatened by what they don't understand.
Fortunately for us, in these lean times, managers are having to start thinking about how to get the most bang for the buck, and maximize their IT investments. This has opened the door for linux somewhat, despite the fear and ignorance which motivates so much of the opposition to it.
I remember one large well known company where I worked as webmaster a few years ago. The inner circle of web techies used mostly linux or macs, because we were using what best empowered us to do our jobs. At one point an extreme microsoft-head manager took over and began a huge move in a microsoft direction, much to our dismay. One of his first moves was to switch our remote access server to windows nt. surprise, surprise, all of a sudden the mac and linux users could no longer connect from home. bad move. The microsoft tech support troops came around and fumbled and puzzled over our setups, making comments like "why on earth aren't you using ms windows?" and "why do you have to be different?" We tried all their suggestions and never could connect, so the company was forced to reinstall the old remote access server. This was some years ago, but the last I heard the microsoft-head manager had been canned, and things were moving back in a more sane direction.
The good news is that linux desktop trickle appears to be turning into a stream.
}
}
}
} In the matter of SCO
} vs.
} Electric Cloud
}
}
}
Said defendent is alleged to have been running an unlicensed version of Lie-nucks, violating vaguely alluded to (but impossible to produce) 'intellectual property' alleged to belong to litigant, by virtue of having been written independently to superficially resemble an unpopular operating system the litigant overpayed to acquaire the rights of (c.f. UNIX), said litigant thusly excersizing their Constitutional Rights (tm) to sue uppity upstarts who dare make use of a legally engineered and freely provided system that competes with their abysmally unsuccessful, outdated, and buggy commercial offering.
Said litigant cites as prima facia evidence of infringement "a post to slashdot that indicated a successful deployment of the demonic system."
Defendents declined to comment, but did point out to the court that the daemon was a mascott for another, competing free operating system, and that perhaps counsel for the plaintiff would be so kind as to wipe the froth from his mouth and clarify.
The Future of Human Evolution: Autonomy
localhost / # format c:
-bash: format: command not found
localhost / # fdisk c:
Unable to open c:
localhost / # deltree *.*
-bash: deltree: command not found
localhost / # del *.*
-bash: del: command not found
localhost / # sys c:
-bash: sys: command not found
localhost / # help
GNU bash, version 2.05b.0(1)-release (i686-pc-linux-gnu)
<snip>
</snip>
{ COMMANDS ; }
localhost / # fsda;lkjafdjl;kwfoied
-bash: fsda: command not found
-bash: lkjasdjl: command not found
-bash: kwfoied: command not found
localhost / # <insert_vcr_led>
Sobbing....I HATE LINUX....
Somewhere a penguin smiles.
(B) + (D) + (B) + (D) = (K) + (&)
would kind of count as a security risk in itself, wouldn't it?
> --- All Of The Above --- >
5) It has enterprise class RDBMS support (mysql == toy)
You can already run Oracle and DB/2 on Linux. How much more "enterprise class" can you get than the two leading Enteprise RDBMS's in existence?
// TODO: Insert Cool Sig
"If I had real work to do, then I would use XP"
But you don't because you're an unemployed has been MSCE. haha
When we don't know what's out there, how can we protect people from themselves and others? And yes, I do know who in the company is IT-literate, and who is dangerous because of their little-bit-of-knowledge.
-- All your bass are below two Hz
-- search the web
let's see here, it's not your network, it's the company's. Any sensible netadmin should do the same. Most won't have any problems with people running linux IF THEY ASK. However, an UNAUTHORIZED linux box is a potential security threat.
This guy actually seems like a competant sysadmin. Hope he's getting paid decently.
I would guess that PCs are a fairly large percent of the desktop market since many people use computers at home and at work.
----- "Type theory is like pretzels on crack." -- random friend
In late 2001 I switched my desktop from Win2K to Linux, with the permission of the team responsible for managing the desktop systems (kept it duel-boot to keep things official but never have booted into it). Now, there are a handfull of others using Linux for their desktop systems with more slowly coming over.
I have infected the organization and there's no going back.
--
If I actually could spell I'd have spelled it right in the first place.
I work at a medium-sized real estate firm in New York. Our secretary and our receptionist are both computer-incompetant; the comptroller has difficulty with spreadsheets in Excel; and there is one Unix box sitting alone in the corner of what I like to call the Miracle of Legacy Technology Room. This room contains a typewriter, an old green-and-white continuous-feed printer about 4 feet tall, and a Unix computer bought sometime in the 1980s. All of our legacy database information is in one program that we are terrified of losing. There are really bad methods of exporting it to Excel, all of which involve combined columns, lost rows, and ALL TEXT BEING LIKE%THIS!ocASionally. We have no way of fixing this behavior. We are afraid to update the OS for fear of losing this valuable software in the New York City rent-controlled/stabilized environment. Afraid of someone installing Linux? Not in this group of techno-morons.
Webmaster Wanted - Entropic Reactions
> the 'official' penetration of Linux into the desktop market is something around 1%.
> he may have stumbled on several times that percentage of desktop Linux installations.
If this is true it would be really great for us at Slashdot because then we could brag about a higher Linux desktop market share to our girlfriends...
No wait, that can't be right...
Well anyway, he said "Penetration". That's gotta be good, right?
- For the complete works of Shakespeare: cat
Well...and this 1% statistic only represents SOLD Linux packages, and has no bearing on the number of different OS's that are downloaded, like some Linux distributions. They (like Gartner) are just tracking marketshare via sales. They really need to do an analysis on operating system USE.
Like this article states for MacOS, operating system saturation and use is more interesting than just tracked sales are. Linux likely has more like a 5 to potentially 15% saturation by itself (not counting other free OSs) on desktops.
Some computer sales including MacOS or Windows are reinstalled with Linux or FreeBSD (or other) once they are set up...but those are going to be recorded as sales for Microsoft or Apple. This can be deceiving.
Here is the article:
Shattering the five percent myth
At my company we allow linux but it is not supported (We design embeded linux onto DSP chips) Last week, they decided because of the usage, that they are going to send me to formal linux training so that we can support it. I'm stoked.The biggest problem we have with them (Linux servers) is that they install with the DHCP service running by default and they end up stealing all the ip's. And because they installed the server we don't know where it is. We only have about 200 computers on the floor, but its a pain to find them. Happens about twice a month.
I'm only human!
We were installing Linux desktops at AT&T about 4 years ago, and I doubt our group was the first (by a long shot). There are a lot more Linux desktops out there than anyone knows. By definition, Linux is a "stealth" OS. No license, no registration, and interoperable with almost any environment. By the time IT departments get around to certifying Linux for desktop use, the conversion will be done. :-)
Can You Say Linux? I Knew That You Could.
One can get a "free" VMWare version if you buy the 9.1 Mandrake Linux POWERPACK EDITION... (for linux of course)
-- search the web
How many secret, unreported installations of Windows are there?
I know when the BSA sent us our "Welcome to Self Audit Hell" stuff, there were at least 5 machines which we pulled from the network first...
Hey freaks: now you're ju
I am not a member of IT in my company... though heaven knows I should be... I work for a support organization and I'm a field service engineer (but not part of corporate IT), and they (IT) get in our way all the time...which is amazing considering they have no on-site personnel (3000 miles away in CA) and their only domain controller is an underspec PPro 200 with 128MB of RAM running Windows 2000 AS (yes it is always out of memory and functionally useless).
As part of my job I set up the office G4 (OS X...which they thought was Linux... probably because of Smb) for training... I am in charge of Apple desktop support for our largest client in the area, an HP 9000 D class for my support of the 9000's in the data center (24/7 on-call), a Windows 2000 AS box for training (Citrix Metaframe XP, etc.) and the box I interface it all with... my Powerbook Pismo. I was told to shutdown and remove these from the network... they have a point about security holes and unauthorized access points...but I kind of chuckle because their infrastructure is very poorly built and my machines are 10 x as secure as theirs (case in point I run only SSHd for the most part and lock down everything)
They decided to send us a switch and give us an external IP... (IP only after bitching that a lab environment is useless without an internet connection) which is fine except we can't use the local printers... so instead I built a NetBSD firewall and put everything us techs use behind it and then configured it to never respond to any outside services nor pings. So yes I have unofficial non-Windows and technically oriented OS's... and I had Gentoo Linux on my last laptop... but I probably don't count because I am an admin just not by job this time around (I've been director of IT before)
In the company where I work, we have 3 linux desktop machines. My own (which I got as a condition of employment. I refused to use windows) and more recently the IT manager and another developer have moved to linux.
:)
Most of the work we do is php/web development, and mostly on intranet stuff (mozilla and netscape! no IE!) and we find its fantastic.
All our servers are linux or SCO, and have been for over 10 years, but thats another story
So far we haven't found anyone else in the company outside of the IT dept installing linux, but I believe we have a salesperson who was peviously selling linux cheat sheets (mousepads and stuff) on ebay while he was out of work.
Most of the work that some of our staff do is basically Browser+Email, so we could feasably move those staff over to linux. But really its been a matter of "it ain't broke, ain't costing any more, don't fix it". (This is company with a 15 person IT dept, and no IT support people).
A little overkill never hurt anybody.
If they can afford it, organizations ought to support the use of Linux on employee desktops.
In turn, employees ought to be reasonable and not insist on using Linux exclusively if that means they can't fulfill their job responsibilities.
That said, I onced worked at a place that locked down desktop configurations, and policed it by running periodic inventories of all the software on every desktop. If someone was running software that wasn't on the approved list, they got called to the principal's office.
-- Slashdot: When Public Access TV Says "No"
Hey I guess you must be an MCSE :))))
Cygwin goes on every PC I touch. I can't do my job without it. Also the native Unix tools from the GNU Win people.
Cypherpunks: Civil Liberty Through Complex Mathematics. Those who live by the sword die by the arrow.
when I was promoted/transfered from help desk to engineering was add a 2nd drive and install linux on the box that came with the cube I moved to.
Months later, I walked away after initiating an (infrequent) reboot. After making the rounds, I came back to an NT login. WTF I thought - then realized I'd set NT as the default in lilo in case someone needed to use the copmuter.
Personally its not God I dislike, its his fan club I cant stand (bash.org)
On numerous occasions, the people in charge of networking come to me crying (seriously), CRYING because I have installed Linux on peoples machines.
From BLAST to DNA analysis software, Linux is highly supreme in our environment strictly for cost. That's right, I said it, COST. There are freely available *nix based software that runs circles around software, for Windows, that costs in the ten's of thousands of dollars. Plus these researchers can utilize our Beowulf to do their research much faster. And did I mention ALL these utilities are freely available?
From my perspective, Linux is KING in research. And that is where it's always been.
This is a test. This is a test of the emergency sig system. This has been only a test.
As a developer, this is why I hate IT departments. They are very often stupid, irrational people who follow "policy" insteading of *thinking*. Fact is, the only time I need their "help" is when they have something locked up and I don't have the password or the access rights, or know the IP address of the proxy server, etc. I just had a run in with some dolt who first accused me of using a personal laptop on the company network (its a company laptop) and who then tells me that I can't have the laptop on the network at all because it is not allowed. Why? Its a Macintosh PowerBook running OS 10.2. My job here: write software for the Macintosh. Yet, I'm not supposed to have a Mac on the network. (It has to be on the network to get to the source repository at the bare minimum.) (My solution was to lie to her and tell her it wasn't attached to the network and I was "doing tests" with the Mac. She left me alone.) Why was this dolt at my desk? Some glitch in their system caused my Windows machine to be removed from the domain and I didn't have the admin password to re-add it. I've dealt with lots of IT people - some are better than others. Generally in small companies you get people who are okay. They will at least think and respond realistically to a situation. In larger companies, I've mostly dealt with power tripping dolts. I would really prefer these folks keep their shit working and leave the responsibility of keeping my machine running correctly to me.
Avoid Missing Ball for High Score
I'm helping my daughter and son in law open a new business. They need web access for ordering. I am going to use Linux on the two computers that will be networked and I've decided on Quasar POS & accounting software. No windows! I really feel safer this way, especially using DSL.
This store will sell gaming cards (yugi oh), PC games, consoles (PS2, Gamecube...)and their games.
At suggestions are welcome!!!!
Professional Politicians are not the solution, they ARE the problem.
Well I hope there aren't too many IT guys out there with Mod points, but I have Karma to burn and something that needs to be said. But then again there are plenty of people who agree with me to mod me back up!
"IT is incompeent" Every university, or place I've worked at IT has sucked. There are many situations where I've fixed other peoples computers when IT couldn't, and I' a chemical engineer not a trained IT professional. IT people are generally lazy and don't get things done.
What do you have to say for yourselves? huh?
Veramocor
I killed my ISP access at home, so I need ways of moving new version of applications to my home machine without needing a network connection. While I'm at work, I download the latest .rpm's or tar files (or even Windows .exe's for my Win desktop). The problem them becomes, how to get them home? Well, I have a USB keychain device (128 megs, more than enough to hold stuff that I download, like blender (a hefty 2 megs)). The problem is, our IT "image" disables the use of removable storage devices, such as USB keychains. So, I just boot up my Knoppix CD, it automagically mounts all my drives, pop in the USB keychain and copy the files over, reboot back into Windows, done! :)
We also have several Linux servers, but no desktops as of yet.
If you were me, you'd be good lookin'. - six string samurai
...I worked for an ISP in the Data Services Group. Besides our corporate issue laptops running windows, everyone in our dept. had at least one machine running either BSD or linux. These machines were sourced from the trash pile at corporate HQ. Most everything we did production wise was done on these machines, while the corproate laptops were merely for checking our calenders...
I think we'll see the desktop share rise exponentially fairly soon, but I don't think this is the result of corporations switching to Linux.
Large corporations, with a large existing IT infrastructure, probably can't be bothered to switch thousands of servers and workstations to Linux -- to ensure that the move is seamless, it requires more resources than just buying more damned Windows licenses.
However, as more smaller, thriftier companies spring up with little money, I think we'll begin to see Linux make a bigger and bigger splash on the desktop. With sub-$400 PCs becoming commonplace, we may see many budget systems that would cost $800 or more if they were bundled with Windows 2000/XP Professional and MS Office. These little companies will add up, and these little companies will eventually become big companies. Then we'll see the figures start to rise.
It's always hard, especially in the corporate world, to be an early adopter. But if there are no interoperability concerns (you have no existing Windows infrastructure) then there's really no barrier to entry and market penetration will be quick and painless (double entendre because I'm a pervert).
I don't think Linux is really "ready" for the desktop just yet. Not mine, anyway. But the corporate desktop? Absolutely.
Now if only Linux had something akin to those ubiquitous Group Policies in Windows.
dude. get of y3r rinky dink ass pony. it's not even a horse. if you used quotas and permissions correctly you wouldn't have a problem with people dumping crapola where they shouldn't be. "defeat a virus on a WAN that spans 1000km". are you kidding me, over glorified that task a bit didn't you? it's not like the virus lives on the wan. thinkning that if you did your job right in the first place it wouldn't be a problem. After all, there ARE only 3 of you, your company can't be that big.
I recently visited a few companies in the so-called High-Tec sector (software houses, manufacturers of electronic gear etc.) and I was surprised how many of them actually use Linux (and other open-source solutions) or are at least very interested in it.
At one big company (actually one of the biggest companies in German High-Tec sector) I went to the bureau of the manager I wanted to meet, opened the door and right in front of me i saw a big Penguin sitting in the corner. I asked him later about it and he openly said, that they were evaluating Linux and in general open standards, and that they are quite sure that it will play an important role in the future.
At another company I visited the rooms and noticed a PC which had a label "WINE Testing Computer" on it. I asked what it was used for and if they had experience with it, and they told me, they would be using MS Visual C++/MFC at the moment, but they already have done studies to make their tool cross-platform and part of the tool would already be supported on Linux.
In general, many people I spoke with (from developers to sysadmins) had installed open-source tools, be it Perl, Python, Cygwin or Linux and almost everyone was very informed about free software, and looked for a possibility to use more of it.
Just a few experiences...
I am not a sysadmin.. but I can tell you that there are MANY MANY "rogue" Linux desktops within HP... including mine. Using Crossover Office, I have completely eliminated the need for Windows at work altogether. We also have an "authorized" internal distribution network for doing network installations of Linux for whatever purpose you may need. I am confident, that if you queried our site system administrators as to what percentage of desktops they have running Linux, they would be off by at least a factor of 10.
-K.
Giving Linux the time udner the radar to mature as a desktop OS with real user feedback could be a good thing. If you took a couple of standard office computer users (not morons here, just regular non-geeky people), Linux would probably just confuse them. While KDE and Gnome can reproduce the look and feel of windows, they can't always match the actual behavior. People hate it when things don't work.
I've often wondered why MS doesn't preemptively dog the Linux desktops by doing more side by side comparisons. They could really divert people from considering Linux at all in the near future. First impressions last a long time.
I'm not running Linux under the radar, I'm running FreeBSD. I'm so much more productive with FreeBSD/KDE than with the mandated Win2K. Especially since the network is Solaris. (Why we're supposed to use Windows on a UNIX network is something I still haven't figured out).
But IT doesn't know about it. I don't have their permission. But guess what? IT doesn't own this computer, my department does, and I got my boss's permission, his boss's permission, and the permission of the VP above him. I would have told IT, but then they would have a cow and it would become a big pile of political crap. But IT doesn't know, so they're happy, I'm happy and my boss is happy.
I'm certainly not going to tell them about the development lab being switched over the FreeBSD, the Dicom lab running Mandrake, or any of the internal websites running Redhat and SuSE.
A Government Is a Body of People, Usually Notably Ungoverned
We tell end users that anything they store on the local hard drives is entirely at their risk. You care about the file; you store it on the server where it's on a RAID, backed up nightly, and tapes get taken offsite regularly.
And yes, we've had users lose files off their local hard drives--we shrug our shoulders and tell them that's why we have file servers.
When I was working in the IT field, I found a number of people running unofficial Linux desktop distros... and whenever things got broken, as the unofficial Linux Sysadmin, I got forced to play help desk... So I didn't like it much
SuPz.orG
I work at a call center, which amounts to a huge field of cubicles and machines, most of which are pretty decent hardware.
As far as I know, we are entirely windows here. But a few of us have joked about how cool it would be to install linux on all the machines in the department, start them up as an auto-balancing mosix cluster, and then run vmware on top of it all, installing all the tools everyone expects, so noone is the wiser.
We'd then use the uber-cluster to take over the world or something. Would be cool.
Good for you Coward!!
This is a test. This is a test of the emergency sig system. This has been only a test.
While I believe myself to have some linux background, when I first started my current job, I went straight down to the LAN team (I started in desktop support, which still blows) and asked for any workstations that still turned on, and that were being thrown away to be sent to my cube. By the end of the week, I had 4 p2/333 with 128mb each. I brought in a 10/100 switch (5port) and started cranking away at installing openmosix.
Before I knew it, I had Samba installed, MRTG, and was sniffing anything that came accross the network. A few weeks into, after compressing all my CDs (And a few others) using the openmosix cluster, someone asked me if they could install some software for testing, before you know it (right now in fact) I'm lead tech in a project to bring linux file servers to our clients instead of pushing the Win2k3 servers. Samba is working great as a replacement for the Win2k/2k3 servers that are in our market place.
I think its great, and it simply started by asking for junk hardware.
think before you write, it'll save me moderator points.
After we began shipping a linux version of our main server product, I began to notice more and more linux desktop ( and cygwin ) installation on our staff systems. Now, even my project manager and the company owner have seperate or dual boot linux desktops that see significant use. All it took to get all this going was a few internal howto documents that walked them through a simple secure installation.
This obviously couldn't happen in a more regulated atmosphere, but at small companies like mine you can often get away with anything you want so long as you continue to be productive and do not cut into the IT budget.
BLH
The point is, a sysadmin can patch and update winders machines remotely and en masse. If he doesn't know about the linux machine, then he obviously has a hole in his security plan.
"Faith: Belief without evidence in what is told by one who speaks without knowledge, of things without parallel." - A.B.
Dont install KDE? For a user? are you expecting them to use X? or maybe the CLI? or should i dictate them to simply use my preferred manager? Once again... poster said these would be boxes i didnt set up.... so theyd probably install whatever they wanted. Support contracts are certainly cool... but even still... my job is to fix things quickly ... not to wait on the phone.
if you think supporting linux amongst a bunch of users looking for ease of use and smooth inter-operability with a windows world (especialy in sales and buisness app's) your out of your freaking mind. While i certainly do agree ssh is a powerfull tool for remote support (though i prefer VNC) your totaly missing the point.... resolving issues QUICK. the amount of variables involved with a *nix are much greater than windows.... this is the power of *nix. And also why support can be problematic.
As to your "no" policy... i seriously laugh at you. If your in the buisness of shooting down your users ... your not a very good sysadmin. While you most certainly shouldn't encourage or offer active support for non-approved SW... Users are users, and simply want their shit to work. The more you can facilitate that with ease the better the admin you are. thats "support".
People who hold the above attitude are very BAD admins.... our role in general is to make people happy as best we can without going over-board. I suppose that's why my company has gone through 8 admins until they found me... your job security is BASED upon your user satisfaction. In which case ease of support IS important.
--Idiots, Every single one of YOU, A flaming mass of conglomerated morons, hey wait a second, isnt that how RAID works?
Actually any unauthorized box, reguardless of OS, is potentially a security threat. The only way you know about these potential security threats is by having an active map of all the systems on your network all the time. You must know every MAC address that connects to your network and which system it belongs to, which users and groups, and who is attempting to authenticate from said box.
Then and only then might you be able to understand how much of a potential security threat a rogue box could be.
Use linux, even trying to slip in a knoppix disk will get you FIRED! Why? Because KDE gave my boss nightmares due to its persittant use of the K, Kde, Kthis, kthat, kshit, kcrap, kkk. So our boss who is ironicly called Kharles Klapton has banned linux pernamently.
Posting anoynmously from Kracksburg korporation.
Company shall remain nameless for my protection -
.
The home office has a special network security "swat team". Last year, they did a security audit of our site, which consisted of trying to hack into our network, from the inside.
They found several rogue Linux boxes, and were able to hack into them through ftpd. Holy hell was raised. All Linux was purged from our network. Oddly enough, here it is, 8 months later, and nearly every developer has a second box on his or her desk, with, you guessed it, Linux. However, it's a distribution and configuration, approved and controlled by IT.
It's all about control with these guys. .
You'd think that black leather keyboards with spikes and clamps would be popular with these freaks.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
The number of "end-users" with the skills, permission and motivation to install Linux on their work desktop is extremely low. I don't doubt the trend, but I do doubt that it would have any significant effect on desktop penetration.
The Linux crowd cracks me up. Yes, Linux is important on the server. Yes, it poses a threat to Windows 2003. But let's not forget that Windows took a full 10 years from 1.0 until 95 when it really busted out on the desktop and took over DOS once and for all. The Linux desktop hasn't even started down that path in my opinion, except with hobbyists, UNIX-bigots and a few European workers that are finally glad they have a PC.
When Open Office can read and write MS Word/Excel files with absolutely no damage to the file or the rendering, then I'd think Microsoft needs to start worrying. Until then, it's just a hobby.
There's a HUGE difference between getting the SOFTWARE and getting a LICENSE. SuSE gives you the software too, but no license. Ditto for Mandrake. You still need to shell out $300 for a license. This is the sole reason why I refuse to purchase a VMWare license and stick with my $90 Win4Lin. If VMWare offered their product for $100-$125, then they'd get me as a customer.
Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws-Plato
Created? Yes.
I work for a huge company 100K+ people 190+ subsidiaries. Until recently, Linux on anything was a no no. I'm happy to report that tomorrow we're scheduled to receive our 32 node HPC Linux cluster from IBM (and we actually got it through official channels).
If for some reason I disappear over the weekend, then I guess that'll just go to prove that someone at corporate really doesn't want Linux in there.
...but nobody wants to do it. Even the programmers don't seem to want to, sadly.
This is "non starter post" obviously from a gui glued non startx human imitation of a bot, who would not even know a real desktop if it bit it. Try taking apart the XP top and making it do whatever the hell you want or creating a single purpose top for yourself that you can use in combination with any other top you choose, and try doing that without buying any other software to re-write your lame duck windows registry for you. You know nothing, and are better off using windows anyway you have sucker written all over your post.
OH THE SHAME I fell off the wagon and use sigs again!
"And you didn't even spell MCSE right"
I can't spell dinasaur either.
Formatted with extreme prejudice, eh?
Its for nimrods like you with wonton disregard for my data that Ghost was invented. Every few weeks (or days, sometimes) I Ghost my machines to another drive (or CD rom in some cases, or now USB external drives) just because some idiot in IS decides that my data is less important than his/her rules.
I can't tell you how many times being able to roll back a "fix" has saved my fat from the fire.
And I'm not talking about when a security patch gets installed that actually works seamlessly. When I don't know about IS updates, I'm happy, because I'm still working. I'm talking about those Monday mornings when you boot up your machine and it crashes every time you try to print, or click the Start button, or move the mouse. Yup, some IS genuis didn't bother to reboot the system and check to make sure things worked AS THEY FOUND IT before moving on to the next PC to "update". I've had co-workers lose months of work because the IS "solution" to a crashing PC after an update was to reformat and reinstall. Fucking brilliant!
As for Rogue OS'es, in my experience, the average IS person isn't skilled enough to recognize one if it bit them in the rear. If they did and they reformatted my drive without asking, well, not only would I have a Ghost image to get right back where I was, but there'd be a quite a few angry calls, I think.
The only qualification for most IT workers is a little piece of paper that says you can run Windows
Server. This does not mean you really need to know squat. Just which GUIs to use to assign priviledge, and how to set up networking clients for business, if you need big data bus application links then you need someone with real knowledge. After taking an MS IT course you might as well be brain dead. Which unfortunately most MS trained IT people are.
OH THE SHAME I fell off the wagon and use sigs again!
If you were actually any good at your jobs you should be asking why these people (who may or may not be risking their jobs) feel the need to install linux? What is it that the current policy doesn't provide? Why has sysadmin become so unapproachable that they did it without asking (this should be an easy one)?
Actually do something useful rather than wandering around the network marking your territory.
Nerd: Derogatory term typically directed at anybody with a lower Slashdot ID than you.
Management!
I don't really care about support either. Most of the time I don't use it and when I'm forced to I'm often way out of there league already.
The main reason why you pay for support that you don't need is for managemnet. Support is like insurance you don't really want to use it but if something goes wrong you want it to be fixed. If you died tommorow they want someone that can fix it if it breaks.
So while it doesn't make sence at first in the end it does.
All the places I've worked had them and an unauthorized replacement your OS or what was most probably pirate software (VMWare) would easily be seen as grounds for termination. ...or did I always work for pricks? :)
pigfukr
I'd love to know where they get this 1% from anyway.
Last big company worked for there were maybe 150 people with Linux installed at the desk. Out of 96 thousand employees.
I'd REALLY like to know where they get the 1% figure from. (looks at the boxed, downloaded and magazine-front Linux CDs on the shelf and his ZERO Linux installations)
A competent admin would give the user a chance to back up important files before nuking the hard drive. 'nuff said.
You want the truthiness? You can't handle the truthiness!
"If you are a sysadmin, in an organization that runs Windows on the desktop, have you stumbled on many unofficial Linux installations?"
No, but I do have a software dev team that is running Win2k under VM-Ware because their desktop experiences with Linux haven't exactly been grande. In Linux's defense, though, our dev platform is Redhat 7.3, and RH isn't exactly well known as a desktop OS. If we were using SuSE or something I'm not sure that'd be happening.
I wish they'd told me earlier.. now I'm going to have to rebuild ans swap back :-( :-P
"Consider how lucky you are that life has been good to you so far. Alternatively, if life hasn't been good to you so far
We have about 145 Linux machines here. Windows desktops of laid-off employees are re-formatted and added to the penguin cluster.
But those aren't desktop machines. Most of the 60 or so desktops are Windows.
I have 6 Linux desktops scattered around the lab for lab control and display. And the one in my cube is, of course, Linux.
Just easier in an engineering firm, I guess.
I am posting this from a Debian desktop that used to be a corporate Win NT desktop until one fateful evening. ;-p
Simply put, the change order process is too slow for dev work. I want something changed, I change it. This all came about because of the glacial nature of our outsourced support and is now an accepted part of how we do things. I have promised BOFH that I will not to do stupid things like advertise my desktop as a primary domain controller, and apps go into production through the normal channels.
Virii? *if* such a beast appeared and *if* I was stupid enough to run it, it would trash my userland stuff.
Desktop licence management? There's not a single proprietary application on this box.
Security? security.debian.org. And it's not visible to the Real World anyway.
As you said, the *company* owns the machine. Be sure you check with the relevant exec lest you trash something important.
"Everything is adjustable, provided you have the right tools"
At the government lab where I work, Linux has penetrated much more than IT knows. We have an extremely braindead IT staff, and the five-year-old unpatched Groupwise servers simply don't work. The email system is completely bogged down with the viruses everyone trades. The people in my research group got fed up, so we finally just set up our own network. It's mostly Ethernet, with some patchy WiFi. The cables are hidden in PVC piping. This is a lab, so nobody notices when new pipes get put up. We have a few Linux servers doing mail, a website with a Tiki, Jabber, and a few other assorted tasks, as well as a bridge to the real network. IT has no idea, but I can't help feeling that in a few years, they're going to notice that all the scientists are using Linux.
Litigious bastards
By the powers vested in me by the gods on Mount Pentium I hereby proclaim you a verifiable .NUT.
billg
Xix.
"Everything is adjustable, provided you have the right tools"
What I dont get is how a desktop behind a firewall by mere nature of installing Linux on it present a greater security risk than any other OS? Nobody from the outside world should be able to connect to it, so the vulnerabilities mentioned in the articles such as issues with ftp/ssh services, etc dont matter much. As far as having some spyware/trojan connect to the outside host and pipe some secret data over, well there are much more of thos for the Windows platform I suppose. So I dont get whats the issue here? A knowledgeable sysadmin should be able to restrict external access as much as possible while allowing the employees do their job regardless of the OS they are running.
The weaknesses from the rogue installs ...come from the installation of third-party applications and utilities, which can leave a desktop or server vulnerable to attack if set up incorrectly.
Huh? What total Microsoft brain washing! What is a "third party application" in the free software world? This dude has his head shoved so deep into the M$ world that he confuses all the crap and spyware that accumulates on windoze boxes and runs as root with free software. I don't know how he's transfered his complete lack of control over Windoze onto software that works. I don't get it.
He goes on, after mentioning that he might be man enough to run Red Hat. He thinks it could do his company good to replace the hideous pile of Word Docs that is their QA tool because it sucks to have to do a "word search" to find information in the 300 reporst/year they generate. So true, just putting those things on a Samba server so you can use grep and find would be really helpful. Imagine how nice his life would be with a nice little mySQL/PHP webform for entry and search instead of a Word template. Progress, forge on brave man!
But, oh no, he shrinks from the fear of vulnerability:
For example, there always seem to be vulnerabilities associated with programs such as file transfer protocol, sendmail and Apache. And other open-source software is vulnerable, especially when the developer hasn't written the program with security in mind.
Poop. Plain and simple poop. Sendmail handles most email. Apache handles most web sites. Who needs ftp when you've got ssh? Well, anonymous ftp is a nice way to share big piles of files and programs like proftp are plenty secure. This is total shit to scare people who don't know what file tranfer protocal is, but like the ease of windoze file sharing. It's ignorant if not intentionally misleading. This line says volumes:
We can't eliminate Linux
No, but some fools wish they could. Other people everywhere are learning all the good things free software can do for them.
Anyone who's worried about security should use Debian's stable distribution. Not only is it all field tested, upgrades can be applied everyday from http://security.debian.org via shell script. Unlike the windows world, these updates install easily and don't break other "third-party" applications.
You say:
This could make the case for desktop Linux look worse, if people are not securing their dektops and/or keeping up with security updates.
That seems to be the intent of the article. Fortunately, only the very ignorant will pay attention to such nonsense and it can easily be deflated. Microsoft is going to have to try much harder than this to keep people away from superior software. Then again, I'm not sure how they can do that. The thing that makes the best case against the Windows desktop is it's record. That now including the author's laborious treck around his company caused by yet another Windows failure. There is not software anywhere with such bad performance.
Friends don't help friends install M$ junk.
While many here may think its cute, its a bad bad bad thing to have users running around installing an OS on your network with out your prior approval.
Not cool.
---- Booth was a patriot ----
I have 1 user that installed linux, because I was messing with creating a linux router box, and now he has linux duel booting on his box, and on all of his home pc's, he convinced one of my techs to put it on his laptop, and now I have 2 pcs duel booting linux to learn it better. I am about to install my 3rd duel boot on my PVR box to see if I like some of the linux PVR software better than the ATI PVR which isn't very good at all. So I'd say that no it wasn't hidden, but it's spreading around IT like wildfire.
Surprise, surprise - clueless ravings from an anonymous coward... I suppose I wouldn't want anyone to know who I was either, were I to go around spouting such silly nonsense...
Isn't there a problem with getting windows users to update their machines? Everywhere I have worked they never have put in the security patches.
Wasn't there a virus the used this knowledge??
Can you ping me now?... Good!
boxen = German-style plural for "box", especially popular with KDE fans. Weissen?
The company makes volume licensing agreements which means we HAVE to use certain software. Since software licensing can be a liability, ALL machines are required to have audit software, including *nix boxes! In fact, Linux is explicitly prohibited except where VP approval is obtained, so as SA for my site, I definitely would show extreme prejudice if I found a Linux installation. Moreover, we even tell users that we reserve the right to reimage their PCs at any time. They keep things on their local drives at their own risk. Again, it's not about the way *I* think things should be (because I definitely hate administering Windows boxes), it's about what I'm paid to do (and when I'm ready to find another job because I don't like these software policies, I'll do that).
The point is, if it's against the rules, prepare to face the consequences, whatever they may be (be happy if your workplace doesn't care). If you get approval to run a box, good for you, but your local IT damn well should know about.
I quote the article: "The problem is that each Linux installation is different, and that's a security issue."
What he means to say, or should say, is "The problem is that we don't feel like security policies for the various distributions that exist". Let me explain.
Cracking 101: a homogenous network is really easy to break. I'm not revealing anyone's trade secrets here. That's basic security. The dream network to have if you never want to get rooted, is a network with many linux, osX, beOS, *BSD or any other modern unix variant, being correctly configured. This is heterogenity. It is a balace. It is the yang of sysadmin
Having several years of sysadmin under my belt, I know that this might require more thinking and potentially more working on the security guys part (i'm a security guy). But it's the best.
If you can think like a cracker, try to imagine finding some foo on how to root a router running Dell Unix System V/386 R4.04 issue 2.2 or perhaps ESIX System V R3 and R4. Ok i know that redhat kinda likes to use system V type scripts sometimes, but i don't think that there are very many EASY cracks for all of the variety. Go try googling for how to hack a network with every OS in use today
I'm not condoning tring to install a different distro or even different unix on everyone's desk, that would be too much of the ying of sysadmin and not enough yang. But we need to get away from M$-type "security from obscurity" and "usability from homogenity" type ideaology. Today's booming antivirus and security industry shows that microsoft's ideas don't make the world a more secure place.
somewhere, on a Big Red Sign:
if(color==blue){speed--;}
I have friends who work in IT where Linux boxes are popping up "unauthorised". Mostly they're compromised within hours of being installed and provide real headaches for support. I think anyone that pulls this stunt gets sent the bandwidth bill and has their IP addresses blocked at the gateway to the organisation, but don't quote me.
"If you are a sysadmin, in an organization that runs Windows on the desktop, have you stumbled on many unofficial Linux installations?"
... get busy!
And if you are a sysadmin in an organization that runs Windows on the desktop, but you have not stumbled on many unofficial Linux installations
-kgj
Well, I don't know about +4. "No" is not particularly informative. Now, "I admin 500 workstations at a manufacturing plant (lots of CAD), plus do on the side consulting for an insurance company, and I've never seen a linux desktop, nor have I ever been asked about one. When I brought it up at our weekly IT meeting, I got a lot of blank stares. (Hey, at least their eyes were open [grin])" might have earned you a +4.
"I'm not impatient. I just hate waiting." - My Dad
Look here.
Tarsnap: Online backups for the truly paranoid
Personally, I prefer my experts well done, with a bit of parsley on the side
Just out of curiosity: What are the unofficial channels to get such a cluster from in a 100K+ employees company?
At my company, my friend and I run IT and use a Win2k domain. Another guy runs our public servers and uses a mixed *nix set.
./ one day, of someone saying they rolled out linux desktops at work and to manage application installs on workstations they made everyone mount /home and /usr/local via NFS. That way all they did was pump out a basic image with some /etc tweaks and everyone mounted their homes and applications via NFS so setting up a new workstation was incredibly painless. I'm a huge fan of this idea and definately want to try it.
I'm a BSD man at heart and use a BSD machine as my primary workstation for coding, managing the network, and I use X2VNC from it to connect to a Windows workstation just for using the "computer management" tool on the domain and a few other Windows centric tools.
Since I started using a FreeBSD machine on the LAN, a few others have asked me if they could too including our NOC and my other IT guy. This is great for us unix and network junkies, but what about the common corporate desktop user?
With the help of the other two guys I mentioned above, I've started a project of setting up a linux desktop that any of the employees can use. I'd love to give some of the more experienced computer users the option to try it for a few weeks and teach them about unix at the same time.
We've got some Windows apps that are used quite heavily (and were priced heavily too) that I have to contend with. For starters, and my nemesis thus far, Interactive Intelligence (I3) Client for our Cisco IP Phone system. I've managed to get it working with WineX but not so stable with Wine.
Next on the list of course is Outlook and the MS Office suite. I haven't seen anything nearly as tight as the Office suite and certainly not compatible with it. Yes yes people say "open office, evolution, etc" but my experiences have proven that the average corporate bonehead doesn't want or need the hassles I've had with these apps when Office integrates them so smoothly. I'm not dismissing open office and evo, but they aren't there yet.
All the other apps we use I've managed to squirrel away into Citrix. The citrix ica client for linux is great (but seems to have probs with xinerama btw). I've taken apps that we never intended or needed to be on citrix and put them on it just for easy use in linux. I'm still not quite sure how licensing will work with those apps but I'd say that if your citrix server(s) can handle it, get your windows apps on there and linux desktops are cake.
I read a post, maybe on
Another idea lulling around was the linux terminal server project. We tested it on a 100mb lan with an AMDk-2 500 w/ 256mb ram as the terminal server and the same machines as clients and it was pretty darn quick, almost no noticible lag. I'd have to say with a beefy server we could support a good number of people off it.
Do you guys have policies against installing things like that? If so, get those policies reversed to say that anyone that doesn't install something is fired. Then fire everyone who doesn't install linux.
"You'd think that black leather keyboards with spikes and clamps would be popular with these freaks."
Hey! I wouldn't mind a keyboard done in leather and crome, with clamps, and rings. Whips and chains...er, um. Excuse me I got to go. My dominatrix is call me.
When I started my current job in January I was given a Windows 98 box (just like everybody else in the sales department). After having a slew of (usual) problems with 98, I started asking around and found that many of the developers were running Red Hat. I decided to avoid Red Hat but needed something more reliable than Windows 98 so one weekend with the help of Partition Magic I installed an "undercover" copy of Gentoo.
:).
FWIW I had never used desktop Linux before (except one brief stint in '95 that didn't go well), though I have been running Linux on the server side for years (mostly Debian). So far I've been a thousand times more productive on KDE than I was in Windows. It's amazing to see the things that are difficult or impossible to do on Windows that I can't live without now.
I'm officially a convert! Gentoo & Mac OS X at home and Gentoo at work. And yes, my box at work is very secure
They might start watching you when your computer does go down with the latest worm, like the author had to go hunt down on foot. Runnig from a CD is one of the least secure ways to run free software, but it will never be 1/10 as bad as running Windows. These click and drool administrators live in Microsoft's reality and have no clue.
Microsoft is working hard to eliminate this. Look for them to tell their slaves to password bios till Paladium comes. The idiot author summed up his position in that article with, "We can't eliminate Linux" as if that were a desirable goal. Computerworld sucks.
Friends don't help friends install M$ junk.
I'm not a sysadmin either, but primarily a hardware guy. I kinda snuck Linux onto my workstation without anybody actually noticing for some time. Basically I started with an XP install...and a 4 gig drive on an old Pentium II. I complained about a lack of space, and was given another drive..I installed Debian into a 1 GB partition carved off the new drive, and started to experiment to see how well I could get it to work on our exclusively Windows network.
Initially I still used Windows for most of my work. But I eventually got file and print to work with SAMBA, and the Lotus Notes client to work with WINE (using instructions from IBM's website, no less!). I found I had to upgrade WINE to a later version for Notes to work 100% correctly, I upgraded Mozilla to 1.2.1, and installed OpenOffice.org and mplayer. Almost everything else is from Debian stable.
When I was found out (boss noticed me switching desktops in Windowmaker), there wasn't much fuss. He was impressed that Notes was running, and obviously I was getting all my work done using Linux...so no problem. It's a very small company, so there weren't really network security concerns. I was able to do some other things that got their attention, like changing the login screen to feature the company logo, and access Windows sessions using rdesktop. And I was happy because I had an environment I was comfortable with.
In the long run, Linux has even touched the server side of the company. Basically being a Sun reseller, we had stuff running on a 280-R. During a period recently where we had to change T-1 providers, we had a scenario in which we had to purchase more licensing for our Checkpoint firewall on another Solaris box in order to have some extra IPs for the transfer. I suggested a Linux solution and used a four-line iptables ruleset on an Ultra5 running Debian to replace a few hundred dollars worth of licenses. That raised a few eyebrows and along with some customer inquiries about Linux on Intel, things changed course somewhat...
I became the company's first RHCE and with the coming of our second RHCE soon we are anticipating becoming a Red Hat distributor.
RN
However, the machines we would've ended up using would have of course not been anywhere near the dual 2 GHz servers that we bought. The other downside if we had tried to do it ninja style is that we wouldn't have been able to buy vendor support.
New machines are not necessarily needed. I'm guilty of such Linux/BSD installations but my systems are configured to dual boot, a small FAT32 partition to transfer files locally, ...
At my job, about 6 months ago, I moved from one part of a building to another. I had been using an NT system for a couple years -- it was slow, but it rarely crashed. When I moved, IT wanted to upgrade the computer to XP. I balked, but they did it anyway. Short summary: over the next 2 months, they did 3 RE-installs, with my downtime being almost 100% the entire period. I worked from home, I complained, I brought in my own laptops, but they refused to let me do an installation myself, and they refused to put me back on NT.
Finally, I realized that my work was suffering so badly that my boss was ready to blame me. But my boss is the head of IT, and knew of the problems. So at last I took the broken computer they gave me -- which was heavily locked down (no admin rights for me, no CMOS access), pulled off the cover, pulled out the battery, waited for CMOS to clear, then installed SuSE Linux 8.1, and finally set YAST to manage packages via the network (so I didn't have to keep bringing in my CDs if I needed a new app).
Finally, I was productive. I've had some problems for the last 3 months, though. Mozilla on Linux can't do those IE-only logins via HTTPS (the ones that require username, password, and domain), and we're heavily into Exchange server, so I had a very difficult time doing email/calendaring. Also, OpenOffice is mostly good, but some of my presentations looked BAD when I'd bring 'em up in PowerPoint. And I couldn't shut off the frigging autocomplete in Quanta. But the intranet, which is where I do most of my work, displayed fine. So I finally got some good work done. Recently, they gave me a new XP machine with some admin rights, and it's been a little better. I can fix my own problems, usually. But I've kept the Linux box, just in case. :)
My Greasemonkey scripts for Digg &
Or else "they" reinstall Windows! How many Windows users have security to the level of chaining the PC to the desk and padlocking the case shut?
Yes, it takes some careful planning to foil the evil minions of Desktop Support.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Some of developers also use Xfree under Cygwin to run remotely GUI applications from few Linux servers.
Many our developers use Linux as a desktop at home, does it count?
Less is more !
They might start watching you when your computer does go down with the latest worm is supposed to be "when your computer does NOT go down".
Friends don't help friends install M$ junk.
the users at our company can barely use Windows. If they ever did something like install Linux on their systems, I'd fight for them to get an increase in pay.
so much of our software is vital to what we do, and it has to be on MS. I have repeatedly requested that I have permission to just port it all over to a Unix system - and they are all for it, they just don't want to have to pay for it... so I basically would have to do it all at home in my free time.
Can't say I really want to give up my own interests to then just do it at home.
There are some odd things afoot now, in the Villa Straylight.
So there I am in my cubicle playing my usual rounds of mental foursquare with three other cube-mates. One of them still refers to her desktop wallpaper as a "screensaver." One of the men passes corrupted floppy disks around with the glee of an idiot passing out used condoms; and the other still thinks no one can see him playing Solitaire. As for me, I routinely spill coffee and break the no smoking policy while clogging the email system with idiotic Flash movies...
So who and where the hell are these marauding rogue agents running around installing Linux on office desktops. It can't be IS, they're too busy, and it can't be cube workers, they're afraid of their CDROMs!
well... heh... I actually haven't stumbled over any installations of Linux... when I was first hired on, there was no linux... So I helped ... er... "introduce" linux to a couple of useless windows boxes. Actually I've been very active in encouraging the switching over from Windows to Linux within our organization, and am happy to say that it's giving the 'MS certified - legit' SA's of the organization fits. Funniest thing is watching their faces when the users tell them they don't want Windows re'installed... Windows Purchase = $300, Hardware Purchase = $3000, Looks on SA's faces when told their jobs are going to go away because the users like Linux = Priceless.
Then I installed Linux at work on a spare server (supposed to be for DRP but what the hey!). The best part is that I set it up with PXE support. I have about 25% of the company running linux without touching their OS on their systems. Just set the workstation to network boot and presto Linux (similar to Knoppix). They like it alot better 'cause they are sharing a 2.8Ghz Xeon with 4GB of RAM. Most were used to PII300's. They can always skip the network boot and boot into Windows but they are doing it less and less now Especially since I have really cool games on the server =).
I hope to have the whole company converted by christmas!
From excellent karma to terible karma with a single +5 funny post...
Today I was browsing the network neighborhood to remap a drive to a new server and I did notice
MDKGROUP
So I'm pretty sure someone out there has a Mandrake install running on the network.
Actually, the real issue with having users installing boxes, is that statistically, the majority of hacking/cracking doesn't come from outside sources, but from within an organization. I know this may sound arrogant to some, but I've found that 90% of the SA's I've met are little more than MSCE's running around touting their rubber stamp cert as professional qualifications -- or to put it more bluntly, they're morons; and frankly when it comes down to it, I can secure my own system better than any SA I've met, on top of that, since I'm the only user, and I'm constantly on there, that I will be the one to notice when things go screwy...
Uh... actually it's very simple to find out how many linux box you have in an organization... Use a software package like SARA and restrict the ip searches to the domain/subnet of the company... you'll be able to get a full listing of each system in the subnet and a generic idea of what OS is being run... from that point... do the math.
Stop the Slashdot effect! Don't read the articles!
I thought it was in analogy with ox/oxen (which comes from Old English, so in the same family as German). It's easier to pronounce -xen than -xes endings, so rather a shame it's not in more general use.
Months of work refers to settings and tools in a production environment that took months to stabilize. Projects get archived in Notes and such.
These days *I* am the backup routine around our department for environments. Ghost to USB drives, burn them to CDs.
IS has no backup routines at all anymore. Apparently they were taking up too much server space! Why the hell is it there then?!
Oh yeah, we've got this going on in the federal government. We are standardized on Windows 98, but several prominent users are getting sick of BSOD / lost work and doing something about it.
Several directors at the agency I work for (not saying which) have taken an interest in Linux purely out of curiousity. I spend a lot of time answering questions from folks I usually never speak to, mostly about features of Gnome, and some of the people who work for them are starting to notice and do the same. About 10% of our laptops right now are linux or dual boot linux / Win98 machines.
I enjoy helping people understand the features of Linux (and don't take this next comment out of context), but it is really annoying when someone comes to you wanting to know all about this amazing new feature in Linux that is also present in Windows. For instance, someone recently told me Windows would be a lot more fabulous if someone would just put a calculator in it like there is in RedHat...
M
Whilst I haven't gotten into it deeply, I've heard that knoppix is debian-based (unstable). As a debian user, printers are a pain, but not impossible. Is this not so on knoppix?
Or they are compromised as soon as they boot up.
As you can see I don't care about my karma.
Running FreeBSD as the primary and only OS on three machines at work, I have a really hard time with these forms. What further investigation revealed (as I wanted to give them the CORRECT information despite their problematic form) was that their bonehead Access database required a primary OS from the list, with an optional secondary OS from the secondary list - no other options could be entered. So my three computers were registered as Win 2000 primary OS and Linux for secondary OS. Despite repeated pleas by me, we're paying Microsoft for three unnecessary liceses.
What annoys me most is that when ever I say "FreeBSD," my supervisors always hear "Linux." They aren't against Linux (or FreeBSD for that matter) as it seems many of your bosses are. Linux is a keyword in marketspeak, so it's acceptable. When asked about why they hear "Linux" when I say "FreeBSD," I was told that the "Free" in "FreeBSD" makes it sound cheap (in quality) to administration and potential customers. Using it is OK, but not to the outside world (or department).
I installed Red Hat on my Thinkpad two years ago and bought Crossover Office so I could run Outlook to connect with the Exchange server. I never authenticated on the domain, so I'd login to somebody else's computer once a month for the mandatory password change so I could still get my email and use the network shares.
All worked beautifully until IT migrated to Active Directory and EVERYTHING stopped working. Well, actually only the shares and Outlook stopped working, but not having email is enough to end my Linux using days. IT wouldn't help at all on the AD server so my options are running low. SCO actually has software that would help, but I shiver at the thought of using a SCO product.
IT is now going to open up Outlook Web Access... I thought this would solve everything, but they are somehow locking it down so every client that connects to OWA will need to be running some sort of Windows-only Symantec software (we also use a Symantec firewall... maybe this is some sort of PPTP client, but IT wouldn't say). This makes me doubtful of getting it to work under Linux unless I can emulate the Symantec software.
Where I am going with this is that I used Linux on my work desktop for two years and some helpdesk guys even knew about it, but I was out on my own when IT went to AD, so this sort of thing sure isn't going to get any support from many IT departments. Good luck to you in running Linux at work. I wish I had more luck.
The global economy is a great thing until you feel it locally.
Cygwin goes on every PC I touch. I can't do my job without it.
:-). You can even run cmd.exe and have a remote cmd shell! (Although some things don't work well in it, especially ANSI colors.)
That's cool. I've thought about doing that at work as you can do a whole lot of useful stuff with sshd running as a service
Also the native Unix tools from the GNU Win people.
Why both? I haven't bothered installing GNU Win stuff because all the Cygwin tools work natively under Windows once the Cygwin DLL is installed and the path includes %cygwin%/bin. What do you get from GNU Win that you don't get from Cygwin (or vice versa; I haven't tried GNU Win yet.)
I have used some DJGPP tools on PCs where I don't have Cygwin installed. Specifically unzip32.exe, gzip.exe and tar.exe. Very handy; who needs WinZip anymore? (Actually I use the free Power Archiver when I want a GUI zipper.)
In the 80's, IT departments were concerend about the deployment of Personal Computers without IT knowledge or approval.
In the 90's, it was departmental servers. First on NetWare, then on Windows NT.
Today, it's wireless networks, cr^h^hblackberry devices, and (you guessed it) Linux.
Anyone see a trend? What's deployed behind the backs of the IT department today is often an intergal part of the computing environment tomorrow.
I was surprised by the number of posts that mentioned Knoppix. Almost no mention of Knoppix in C/ZD NET, Gartner, PC Mag, etc.
Yet, lots of people here are using it.
I'm using it right now.
Back in the 60s it was a fun thing to turn people on to marihuana for the first time. I've had fun giving Knoppix CDs away. Interestingly, with both Knoppix and marihuana, the first word was often: Wow!
1000 SlashDot sigs
A competant admin would have informed the user beforehand whereon the server they are to place their files. If the user didn't follow instructions in the first place then it's their loss.
At present the 'official' penetration of Linux into the desktop market is something around 1%. The writer of this article doesn't give figures, but it sounds like he may have stumbled on several times that percentage of desktop Linux installations.
What the hell is that supposed to mean? Has the author examined 5% of the PCs in the entire world? Or is he saying "1 out of 20 PCs in this department are Lunix, therefore the statistics are all wrong!!!"
Just to stay on topic, I happen to be employed at a Fortune 100 company with about 2.5 billion in revenue yearly. Several months ago, our Sr. VP and CIO was on the "Lunix buzzword kick".
He wanted us to consider using the Lunix wherever possible and feasible in the enterprise, because he had recently told an interviewer that we were using Lunix (We don't really even have any Unix, unless you count a z/OS mainframe).
So anyways, we were trying to get him to realize that there are certain places where Lunix is a good fit, and it's not like we were going to drop it on people's desktops and suddenly erase our licensing costs (well we would, but the business would be well-fucked since it depends on a lot of custom VB stuff, as well as some items which I could not find a good open soarce alternative for--trust me, Wine wouldn't help)
Just the other day I heard that Mr. CIO had heard something about the SCO lawsuit, and got cold feet altogether. The Lunix enthusiasm was on hold until further notice. As a matter of fact, don't touch it with a 10 foot pole.
Amazing how this industry works.
Gee, looks like somebody doesn't want
I had a downloaded copy of Redhat 9 which I have installed, I have lent it to 2 friends who have also installed it, one of them also has a computer running Mandrake 8.2 which he got free with a copy of a computer magazine.
Would these be included in the 1% statistic? because if that stats just going by sales of Linux distros its way off
mouse, mouses box, boxen virus, viruses That is is known as American English I suppose.
Oh well, what the hell...
Im that dude, I sneek it on where-ever I can.
So far I'm up to a samba server, ldap, ftp, and my desktop.
-makoffee
> I have worked for 3 separate companies where almost every male employee ran linux.
So what did the female employees use?
I don't mean to nitpick here; I agree on all other points, but perhaps you could clarify which view was represented by the MCSE type you've specified.
-
And the Angel said unto me, "These are the cries of the carrots! The cries of the carrots!"
The parent poster writes:
and id be greatfull that no unwitting user *accidently* installs another DHCP
I believe that, with a standard Windows OS (98, ME, 2k, XP), its rather trivial to start a DHCP server with the supplied Windows OS.
I've never found it to be a problem though. Windows users are more likely to install/be tricked into installing every inane app out there.
Actually, I doubt that it is, and certainly not a lot cheaper if any. My reasoning:
The Linix box certainly does not need to pay the Windows tax.
You can avoid multiple monitors by rather inexpensive monitor/keyboard/mice switches.
If using multiple PC's rather than multiple OS's then you can get buy with a little less hard drive on each, but ever large drives are inexpensive nowadays. I would expect you could easily have set the developers up with second PC for Linux around the $400 price.
One downside to this argument that I see is if you keep upgrading hardware it could cost you more long run to upgrade more systems, as long as there are no reoccuring or update costs that you would incur with VMWare. But I don't see VMWare as a really atractive alternative to two real system at a $400 price point. And there are certainly advantages to running the computers in real world non-VMWare environments that justify electing to do with seperate systems.
I'm an American. I love this country and the freedoms that we used to have.
what happens here. 150 desktops. 1 Linux co residing with Win2000. People can barely cope with 98/2000/xp let alone anything with more options.
Where ever I go, there I am
I'd guess a Macintosh, they're stable, easy to use and have a low TCO. These days the purchase price is even competitive.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
Where I work there are 15 or 20 people who run linux as a desktop beside their windows pcs. For the most part, these are qa (like myself) or development users.
Shocking I know.
Would you believe that our arts & crafts department (multimedia) uses Macintosh?
I think it's all about what you need to do your job. We can all pick our own OS (provided you have the ability to maintain it on a basic level yourself) and we are tasked, as professionals, to getting our jobs done. period.
if we need linux, we use it. if we need window$, we use it. and yes, we do even use macs where we have to.
Just what I see where I work. I can understand security concerns, but believe most of them to be groundless where it comes to OS. if a standard user in a company has the rights to affect anything of import in a lan or wan... someone has screwed up setting up the security in general.
Cheers
We don't have Linux desktops at work and whilst they would be nice we wouldn't even consider putting them on ourselves without permission from our management. To do so would at the very least be a disciplinary offense as it would be a breach of various IT and Security policies, no matter if running Linux would actually be more secure.
The relative security and ease of admin of running Linux or Windows is not the issue. It doesn't matter if running Evolution on SuSE 8.2 is better then running Outlook on an NT4 Workstation. The machines which you are using are company property and if you are using them then you are subject to the companies policies over the use of that equipment. At the end of the day it doesn't matter what you do or what you know; it doesn't matter if you support dozens of high end Unix boxes as far as the company desktop is concerned you are, right or wrong as it may be, just another user. You would not expect your mail users to come along without telling you and reinstall your Exchange server to run PrimeOS running Text/Memo (hardware incompatibilities aside!!!) ...
If you have a genuine need to run a desktop OS rather than your corperate standard one then you really need to do the following:
Tim
1) You have to be kidding. You can use attack software on *any* OS. Linux is no weaker (and actually a bit stronger in that it has some semblance of local security) than Windows here.
2) If you sieze machine and reimage them to fit with some policy you're following, your ass would be heading out of town from mass user complaints at any company I've been at. You are IT. You are present to help workers get their damn work done, not to push some random personal agenda. If you wipe an entire system and kill that employee's work, you are a serious impediment to getting work done. I simply am amazed at the total lack of regard for the employee, and lack of perspective you've displayed. You could disconnect the thing from the network. You could ask the user to move his files to another machine so that you can reformat it, though I think you're already pushing the limits. But when you simply grab a machine and reformat it, you're in a position where you are a liability to your company. When the developer tells his boss that IT wiped out his work, his boss tells his boss, and his boss tells his VP, I guarantee that your boss will not cover for you.
You want him having direct access to the 'net without a proxy?
WTF does this have to do with what OS you're running?
I doubt it, especially not after that email where he asked questions about what type of traffic you monitor and how you do audits.
This is ridiculously paranoid. I've seen the occasional IT type who considers the users he is supporting his enemies, but this is beyond belief.
What if he's okay but his box ended up getting owned because he downloaded bad BitchX source?
What if the same damn thing happened because he downloaded a Word file to his Windows box? Which of the two happens in far greater numbers?
That would mean another three day stint of no sleep doing emergency penetration tests, mirroring HD images, finding the exploits, sitting in meetings and explaining what all was affected hoping you didn't miss something critical.
You've worked in an 8,000 unit shop and you honestly believe you have zero penetrations? And your setup is such that you need to spend three days and nights mirroring HD images *after* an attack?
This brings productivity for the money-making sides of the company to a crawl while sysadmins and security folks work to get things safe again
And again, WTF does the OS have to do with this?
Likely, there will be a news source online with details of how the exploit took place, but completely wrong and now the public and shareholders are going to wonder if credit card numbers were stolen, your ability to properly maintain infrastructure, etc. Then your stock price falls $2/share.
Ridiculous. This is a theoretically possible but completely impractical story of what might happen in an attack.
Sorry to ramble, I just wanted to stress the importance of IT policy and the headaches that can happen when the policy is too lax.
Amazing. God, I'm glad the IT people that support me have different views.
(All those workstations came with an OS you paid for anyway).
The infamous sunk cost fallacy. Which they teach you to avoid in Business 101.
I also think this treatment of unapproved OS's is very common due to thoughts and situations like the one above.
It's not. That kind of behavior from IT would generate serious user complaints where I work. Matter of fact, IT is trying to quickly adapt to support people that want to use Linux here, and has compiled resources for them. That's what I consider doing a good, solid job. Helping the users instead of attacking them.
May we never see th
Now this is a big bank, with thousands of desktops, and very strict policies on what you can run on your desktop (ie: you can run the heavily modded and locked down corporate build of Windows 2000, or you can work elsewhere), and this guy, global head of one of the two network security bits flaunted the rules - talk about setting an example.
He ran VMWare on his Red Hat box, and had the corporate build of Windows 2000 running on that.
He took great delight in quietly telling the story that he ran up Red Hat, and ran up the virtual machine with the corporate build on it and asked the 'corporate build' team to check it out and tell him if they found anything up with it. They didn't.
When you consider that around 50% of this particular corporate's network security is in the hands of someone who behaves like this, you start to wonder how secure some of these large corporates can possibly be!
The mob I work with is a very large organisation that has ongoing severe financial problems. Think national air carrier for .uk here. Desktops are pure MS with *nix and MS servers in abundance.
Some one in IT has realised the beauty of Opensource, it's cheaper than MS. Cheap is good, saving money is good. Where an open source solution exists that can replace a commercial solution, it is on the desktop. Out went eXceed, in came Xfree 86 on Cygwin. Out went Reflections, in came Putty. And so on.
Several servers are already running Linux and I've heard they are trialling a rack of blades using Linux for something or other. I envisage more servers going over to Linux to save money and more of the desktop converting to Linux or at least Cygwin/Opensource for the same reason.
Watch this Heartland Institute video
About 4 years ago I was working for a largeish European computer supplier in their laptop software install development team.
:-)
I started to run Linux on my desktop (a laptop ironically) and made a point of trying to do everything though Linux.
When IT came round making sure everyone was upgraded to the latest version of MS Office, I was away from my desk, I came back to a note saying, "we couldn't install this because we don't know your username and password, I have left the CD so you can do it yourself."
I certainly don't think they were aware that this was going on.
My coup de grais was evangelising enough so a couple of other colleages (including my boss) had a play with Linux
SYSADMIN OF 15-YEAR OLD COMPANY - find 71,000 Linux installations hidden in his company.
Does this headline look familiar? Of course it does. You most likely have seen this story recently featured on a major nightly news program (USA).
This 15 year old company's sysadmin was cleaning and putting backups away when he came across a large brown department that was suspiciously buried beneath some red tape and a WindowsXP EULA in the back of the 15-year-old company's closet. Nothing could have prepared him for the shock he got when he opened the department and found it was full of linux installations. Red Hat, SuSE, Debian, Slackware and Gentoo - all neatly beowulf-clustered in labeled piles...
- Peter Brodersen; professional nerd
Where do you people work that you have users that have time to reinstall the OS on their desktop machines?
Where I work there are a few factors preventing this sort of thing. First, people have actual work to do, and don't have time to be reinstalling their software. Second, we have a lot of custom apps that require Windows. I'm sure you might argue that there are functional equivalents, but you'd be wrong. Call Center software, cellular radio equipment, mapping software... None of it has anything similar on Linux. Finally, most of the users here have difficulty plugging in a keyboard. I wish they had the savvy to understand what an OS is, even the ones that are fond of telling us they "know a lot about computers".
I don't really need to worry though: the desktops for regular users don't have CD-ROMs.
XeoMage
If the 'knowledgable users" will never ever require IT support again for their machine(i.e. they become their own little SA) then they are very welcomed to have the root password.
Actually I would demand they change it and I don't want to know it.
IANAL but write like a drunk one.
have no sense of humour!
or just point their brower to here
Like Sweepstakes? Try out my service @ http://www.yourpowersweeps.com -- Free 21 day trial, no cc needed.
I have seen instances of one single, non accounted for, machine bringing down corporate services on its own.
A badly compiled program like top brought one enterprise wide service (formed of 4 big servers) to its knees.
Do not tell me I am marking my territory. I love Linux and I do anything I can to promote it, but once a policy is agreed I will ensure it is complied with because otherwise everybody can be affected. This means $$$ which is what pays my salary and the one of the jock that thinks he is too 3l33t to follow corporate policies.
IANAL but write like a drunk one.
I have seen top killing NIS+ servers running ins Solaris desktop.
I have seen one Linux workstation DOSing big NFS servers.
I have seen a Gnome sound applet generating so many syslog messages that our monitoring servers could not check for real alerts.
Take your cavalier attitude to where it belongs: to your home network.
IANAL but write like a drunk one.
In 1997, I was on a government project. The platform was NT, but I needed a DNS server to meet some requirements, too, so I set it up in Linux. I never told them. I guess they must have found out after I left....
:-) // sms
On my current project, I took a box that was just sitting around, a P2/400 running W98, and installed Debian on it so I could have a sandbox where I could do things as root (as a contractor, they won't give me root on their machines). They took the box away when I was out on holiday. When I came back, I shrugged, figured they had decided to clean house, and found another old machine,abandoned in a storeroom that wasn't being used. Turns out they delivered my original machine to some intern at their corporate HQ for a desktop machine. I hear they were very puzzled when, instead of the comforting Windows 98 splash screen, they saw: "Linux login:"
Through the crazy fortunes of the New York IT industry these last couple of years, I find myself heading up a QA team in an office in Midtown Manhattan. They're basically a bunch of out of work actors moonlighting as online product reviewers. So, I untangle the mess my predecessor left (who got fired because it was a mess) and I figure the reviewers should be able to get through X number of products a day. But they're not. I can't figure it out. Then I catch them chatting on AIM or Yahoo IM all day.
So I'm thinking, and decide to wipe their machines and install a nice RH distro on all of them. Set them up with StarOffice, Mozilla, and Samba and hey presto they're doing 50% more products per day now (I'm not naive--I know they're gonna write emails, but it's not the time sink IM-ing is). Furthermore, their old Pentium machines are faster, and I can SSH into their boxes to fix anything that's wrong.
That last bit is key, because the tech dept. at this company is so bad they don't even know what an IP address is. But, they like to spy. There are cameras everywhere, and believe me, they ain't protecting national secrets at this place. So I figure, if they like to spy on you with cameras, they probably also like to spy on your computer. So with linux, no more spyware.
Yep, stealth linux works for me.
Do what you can, with what you have, where you are.
It's a bit difficult for a corporate user to get away with flat out installing Linux on his box, as that sort of thing shows up rather quickly in security audits.
;)
Where I work, we have 3 or 4 developers who use Linux. They requested it when hired, and other than making sure they don't have rogue DHCP servers screwing up our networks, we have a hands-off policy where we don't officially support the box because it's not Windows. Unofficially I help them all the time, of course.
What gets me is Cygwin. The last time I ran a software audit, I checked for Cygwin just for a goof. HALF THE COMPANY (that's 50 people) has Cygwin installed. Well, why not? It lets you comply with management's wishes for a Windows world, but still gives you the lion's share of Linux's power. If you count Cygwin I'll wager you'll find the 1% figure to be much lower than reality.
Of course, if you're comfortable with Cygwin, switching to Linux is that much easier.
Hell is being intelligent in a world full of idiots.
At my current position, I haven't seen this. There's only 8 of us in the office where I work now, and even I use Win2K on the desktop here in my office. (I just started last month, maybe after I get more comfortable in my position, I'll switch my desktop to GNU/Linux.) In case you're wondering, I'm basically CIO for a consortium of 35 libraries, so I pretty much get to decide what technology is used in our main office and on the network. I can also recommend what the individual libraries use, but not make them buy any particular product.
At my previous position, as a UNIX sys. admin. on a college campus, I used to see all kinds of GNU/Linux installations that we weren't told about, usually after the machine had been compromised and used as a warez or pr0n server. People would complain about their network segment being slow and sure enough there'd be a compromised box on it.
Of course, we also had a number of "official" desktop GNU/Linux installations, usually on a second desktop computer next to the prof's Windows box. Generally, they'd use GNU/Linux for their own software to do those tricky calculations where Windows just won't cut it. (It was an engineering school.) IIRC, the CS dept. all had GNU/Linux on the desktop, it was a requirement there or something.
Oh, and those unofficial GNU/Linux desktops would become official, once we scrubbed the disks and installed a more recent distro. It's amazing how many people were installing unpatched RH 6.2 on these things and just letting them sit there.
Just be sure to wear the gold uniform when you beam down -- you know what happens when you wear the red one.
Isn't 'en' an archaic dual ending (when you have 2 of them, i.e., a yoke of oxen)? Doesn't it go to 'oxes' when there are more than two?
So, if you have 3 machines, a Win2k and a linux and a solaris, you have 2 *nix boxen, 3 boxes, and a box.
Skal! AMS
when I was working at HP, i had to repartition my disk on my laptop to install RH Linux. The IT guys freaked. I was "cut off" from support. I was on my own, which really sucked especially after my hard drive went.
I was a sysadmin at a law school. Granted, that was years ago, but your average law professor doesn't have the chops to install and use Linux. That's _average._ There are exceptions. I didn't work with any. They could hardly handle Windows. Hell, some could hardly handle DOS.
I was a sysadmin at a law firm. Again. Your average lawyer doesn't have the chops. Danny is an exception. There are others. I didn't work with any. They could hardly handle Windows.
I'm a network admin in a small department in a huge multinational corporation. The employees here, Todd excepted, don't have the chops to install and use Linux. Most of the employees at my current employer (my immediate coworkers excepted) have a hard enough time with Windows.
I could see in some industrial design shop, or research lab, or other, more technical shops the surreptitious installation of Linux on the Desktop.
But in most businesses? I can't see it. And a well run and organized IT shop should notice a non-'doze host quite quickly.
Linux servers entered into the server rooms because
- the people there had a need for them, and
- the people there knew what to do with them
Unless you're working in a technology consulting company, or some other computer-related business where the average employee actually knows a thing or two about computers, then your average office-worker is a complete idiot as far as computers go and won't be capable of installing anything beyond a screensaver or - of course - KaZaa.The average office user also doesn't need Linux, because Linux doesn't offer them anything that Windows doesn't provide. Yet.
Not according to the Oxford Dictionary (plural of Oxford?).
I work for what would be considered a small business based solely on the number of employees we have. The people in our network operations center, myself included have moved our own workstations over to RH 9 and I couldn't be happier with it. The IT guy (yes we only have one) found out, asked a couple questions and then scratched our names off the list of people that he needed to get XP licences for in an upcoming upgrade. We were also able to get rid of the very expensive licences we held for an xwindows server since this is build into linux. The only thing I have noticed that we lack is really good image editing software since I find Gimp difficult to use and clumsy compared to Illustrator or Photoshop. ~Nelm
unlike a lot of posts in this subject! :-)
This is very positive. The author is not fighting the change, but facilitating it by narrowing the focus to a single distro and a limited number of applications. Sensible.
This is a guesstimate, but I have installed Linux (and some *BSD) boxes at various job sites without managements knowledge or permission, often on 'surplus' hardware (someones old PC sitting in a closet), for about 8 years now. Only about 1 in 60 of these was in some way countable by outsiders.
/etc/hosts file -- which was a comment. I think it was every 30 or 60 minutes or something. Years later, I was talking to a friend of mine who worked at a site that housed one of the root servers, and he was in a position to count how many of these queries came in...there were HUGE numbers. What is interesting is that we found that older versions of Red Hat also had this odd DNS behavoir, but that newer versions of RH and Slackware did not. So this was an interesting method of counting older installs of a few types of linux, but in the end not effective.
This starts to be the question, how is Linux counted? Three broad categories: media sales, net scans, and installation reports.
Media Sales - simple count up the sales reports from major vendors. Using this method alone, one would get an unrealisticly low estimate of Linux users. Though I have installed Linux on over 250 machines, I have only purchased CDs from a vendor twice (OpenBSD 2.7 and Slackware 3.3). I have purchased CDs from other sources: flea markets, computer stores, etc - but these are not 'official' pressings and probably are not counted.
Net Scans - Netcraft does a srvey to see what OS / web server various sites are using. WHile this is handy, a lot of the servers I have installed have not been accessible to the outside world, for security reasons. Ones that are available to the outside world have a limited number of services running, and a firewall (usually the Linux machine itself) for access control. So this still isn't accurate.
Installation Reports - Various OSs request permission to inform a central location of a new Linux installation upon the installs completion. The ease of this process varies quite a bit. I used to never report, out of general paranoia, but I have started to in the past few years. I think we all should. I also think that there needs to be a standard method on installtion counting and reporting: some way to determine if a specific install is actually an upgrade, a switch, or whatever, and a way to protect users' privacy, but give some good statistics about the install. For instance, it would be great to report the platform (including CPU type & speed, memory, HD space, peripheral cards) and even the package selections. I know this is what redhat does with their RH network stuff, and though some people may find it annoying and opt out it does provide useful information to help developers and businesspeople in their decisions about where to concentrate support resources.
Here's an interesting bit of historical trivia: Back years ago, mayb 1996 or so, I was running tcpdump and noticed some very strange DNS queries. Every so often my Slackware machine would query to root servers for what turned out to be the last line of my
I work with a Government Network Security Team, and just about the entire team is running Linux on the desktop. We use rdesktop to connect to one central terminal server to run exchange clients and things like the ticketing system here
Sig.i>
I have found such an install at my place of work. it's my laptop ;)
seriously, i am a unix administrator, and w2k is the default operating system in our company. all my other coleagues continue to use w2k. They are always amazed with the flexibility and easy of how i work with all our boxes.
Sure, you could do all this on your windows box, i have been helping some of them to find suitable replacements under windows, but in the end none of them match what linux can do for other unix boxes.
my manager knows too, he did come by one day to take a look at 'how i did things'. he said i could keep my linux install, while others who installed xp were ordered to go back to w2k.
recently i discovered that our the people working in our in house unix dev. department are now mostly switched over to linux too.
regular users however, most of them are clueless, i doubt they will ever take the initiave to install any other os.
On a long enough timeline, the survival rate for everyone drops to zero.
When I started at my current job late last year, the sysadmin asked me what I wanted for a desktop, with the choices being:
1. RH Linux.
2. RH Linux + Win2k, dual-boot.
3. RH Linux + VMware/Win2k
4. Win2k
5. A Sparc/Solaris box
Everyone has what he/she wants here, with most desktops being Linux.
I am a plant engineer at a food plant. I wrote a web-database application using PHP/MySQL/Apache to track maintenance work orders. During coding I ran it all off of my Win200 machine at work and Linux at home. After it was polished enough to go live I requested a computer to use as a server from our IT dept. I informed the them that it need not be fast because I was going to use Linux. The head IT guy's first question was: 'Do have licenses for this or is it something you are bringing from home?'
Sometimes it sucks to be the mechanical engineer that is more tech savvy than the entire PC support staff.
Simple people talk of people, better people talk of events, great people talk of ideas.
Most people don't read this far down, I guess
"I'm not impatient. I just hate waiting." - My Dad
I have been using Linux for years on the desktop. I started by moving my Windows needs to a VMware session and lately, moving to CrossOver Office.
Now the developers are starting to ask how to create the same setup.
Our company is only about 300 users...but I have worked for Fortune 500s before - and while they tend to be slower in implementation of good technologies, the fact that we are starting to see users outside of the Infrastructure group want to run a *nix as their desktop tells me that it should not be long before the larger companies follow suite.
I agree with your post ... almost... What you actually should have stated in the end was:
The average office user also doesn't need Windows, because Windows doesn't offer them anythig that Linux doesn't already provide, and have already improved upon. Period.
As a Network Manager, you should know that the more you secure the system, the less likely it is to be secure. Clearing the bios is a simple matter of dip switchs, and unlike you, I appreciate folks that take the incentive to learn an OS that you can't seem to appreciate. Despite your bravado, and beating your chest at your own sense of self importance, the reality is that if I was in your organization, I would install linux first, lock you out, and then when you attempted a reformat, would have to you terminated. The reality is that some folks are much higher in the 'pecking' order than you. It would behoove you 'to learn your place', and mind that you don't step on the toes of someone with the ability to end your career. Just a thought of course...
What you write is simply gobledygook, for the following reason:
No company with half a brain would allow users access to data and systems that they don't need to get their work done. And if a user cannot be trusted with the data and systems they need to get their work done, they should be fired.
I know, however, that many companies ARE stupid enough to do this wrong. And then they have to chase the dragon, as you point out.
But it doesn't matter. Joe hacker brings his laptop pre-configured with every hacking kit available to work, plugs it in, create an IP-over HTTP tunnel right through the web-proxy, bridging the intranet with the Internet and does whatever mischief he wants.
And there is nothing you can EVER do about it, except assume that it will happen and architect your networks accordingly. The most important aspect of corporate network architecture are DOMAINS and SEGMENTATION. Do not allow engineers access to marketing, and vice versa. Even in engineering, create small domains and strongly seperate them. Do it with CABLES and FIREWALLS not with *passwords*.
The common Intranet should *never* contain anything that would cause a scandal if it hit the streets.
Moral of the story? Let the engineers and sysadmins do whatever the hell they like, in their domains - they need to anyway in order to be productive. Running around imaging machines DOES NOT PREVENT the disaster scenario that you are invoking and it makes everyone unhappy and less efficient.
It is your personal duty to fight for what is right on a daily basis. Ignoring injustice is identical to approving
You go back to being a scientist and I'll go back to saving people like you from yourselves with your lack of understanding regarding the need for real security policy. I promise I won't pick apart or call FUD when you speak of something technical regarding your line of work... That is, if you don't tell me ficticous realities about how employees are to be trusted.
You are damned lucky you never encountered me in your control-freak carreer. You and your kind create the atmosphere that you talk about with such disdain (employee is not trusted, enemy of corporation).
You have no clue how to build or operate a secure network which empowers it's users and provides them with the FLEXIBILITY and FREEDOM REQUIRED for them to DO THEIR JOBS.
Let me give you a hint: DOMAINS and SEGMENTATION with CABLES and FIREWALLS. Not a bunch of winny little software nazis running around abusing the tiny squirt of power they have. I have encountered your kind before, trying to waylaste productivity in order to ego masterbate. I enjoy bleeding people like you, slowly, before putting you in the HR meatgrinder.
While you are running around pissing off all of those that you are jealous of becuase they have better jobs than you, the dude in the corner with the laptop is sucking data off the sensitive fileservers that you set up (with the mistaken belief that no-one could connect to them because everyone is running your software).
It is your personal duty to fight for what is right on a daily basis. Ignoring injustice is identical to approving
Doesn't matter. It doesn't matter if the employee should have been keeping the project--the one she spent the last six weeks slaving over--on the server. It doesn't matter if the server and network have five-nines reliability, so there was no excuse for her to store it on the hard drive.
The fact is, she did store it locally, she did lose six weeks of work, and she lost it because some prick admin decided to not even discuss the issue with her before swinging into action.
Now the admin has the unenviable job of convincing both his boss and her boss that she was totally at fault. He'd better be extremely convincing, because his job is now on the line.
You want the truthiness? You can't handle the truthiness!
Well, if this technique becomes popular, the IS people will proably go around disable boot-from-cd, then password-protecting the BIOS configuration!