Slashdot Mirror
Desktop Linux Sliding in Under the Radar?
Paul Johnson asks: "This article at ComputerWorld describes a sysadmin's discovery that many people in his company are installing Linux on their desktops without consulting IT. The writer is concerned with the security implications, but there is a wider issue. At present the 'official' penetration of Linux into the desktop market is something around 1%. The writer of this article doesn't give figures, but it sounds like he may have stumbled on several times that percentage of desktop Linux installations. If so then this is an important trend. Linux got its foot in the datacentre door in exactly the same way a few years ago, with unofficial installations doing odd server jobs.
If you are a sysadmin, in an organization that runs Windows on the desktop, have you stumbled on many unofficial Linux installations?"
I tripped over my mail server last week. Does that count?
Is the sysadmin sure he wasn't dreaming?
Wow, a lucrative publishing contract! I don't have to be evil anymore. --Meteor
"This article at ComputerWorld describes a sysadmin's discovery that many people in his company are installing Linux on their desktops without consulting IT. The writer is concerned with the security implications,..."
This could make the case for desktop Linux look worse, if people are not securing their dektops and/or keeping up with security updates.
but rather a network guy but I have 3 Linux boxen that MIS does not know about and the dept laptop is booted with a Knoppix CD about %90 of the time.
Cypherpunks: Civil Liberty Through Complex Mathematics. Those who live by the sword die by the arrow.
I work at the comptuer science department of a major universtiy, we've got runaway LINUX everywhere. We've gone so far as to restrict our switches by MAC address and no longer allow anyone in our network unless they tell us what OS they are running and have installed all the security updates.
In a previous job I've found Linux and BeOS
desktop installations. While I was pro alternatives to Microsoft, there was the concern about security - e.g. open e-mail relays, unpatched servers. The company ended up with a policy of permitting Linux on the desktop, but not supporting it. If you had an application issue - you were on your own. The only users that ran it had a clue and we didn't run into issues. Being a research environment, Linux ended up replacing SGI systems as the scientific workstation standard.
Aside from my laptop and my desktop, we have no Linux desktops. I do network scans and such monthly, and aside from a few Linux-powered embeded devices, I've seen nothing interesting. Mind you, I work at a hospital. There are not very many technically inclined folks here.
Never eat more than you can lift -- Miss Piggy
One datapoint does not a trend make.
If you told me the guy who runs General Electric's desktops found that 50% were running Linux, then you might be onto something.
But Jr. Sysadmin flunky at tiny company in bumfuck Iowa means nothing. Nothing.
Lets apply those critical reasoning skills, people.
Mostly with "unused" computers.
...
Since they cut the training budget, we obviously had to learn new skills somehow
> --- All Of The Above --- >
Back in the old days when ummmm... a guy I know was at SCO, people were intalling linux on their systems without consulting IT. That was in 1999.
I don't have any figures for you though.
I wouldn't dare reformat a work machine with another OS. The feasibility isn't the problem - it's the wrath of an angry sysadmin that is. I would like to keep my job in this economy.
I DO, however, frequently boot my machine with knoppix. Most corporate IT environments prevent users from installing their own software - but Knoppix has pretty much every app I need. I sacrifice local file storage and some embedded data like PIM stuff, but its just more comfortable and doesn't raise the ire of the lesser IT geeks.
In the last infrastructure upgrade we did, all 60 machines were identical:
FreeBSD 4.7, autostart XFree86,
full-screen RDesktop to central Win2k Terminal Servers.
User's still think they have a windows
box(windows splash screen on boot).
Does this count?
i dont have you worry bout this. the people at my organisation aren't clever enough to send an email, let alone install Linux
I have a hard time getting my company to purchase anything beyond the minimum tools I need (NuMega and similar were out of my pocket, since I didn't mind owning them myself). VMWare's been on the wish list - but only as a wish.
I write code.
The article is actually pretty good -- it's a reminder that if people are using a platform, that IT has to support it properly. This is a refreshing change from the traditional IT reponse that if IT hasn't decided to support it, it should be prohibited. I congratulate the author on realizing that IT's job is to facilitate people's jobs, not restricting them to what's convenient for IT. Help desks are always horribly overworked, so it's understandable that they start falling back on blaming users for breaking the rules, and refusing to support anything but the standard application set, instead of thinking more creatively to help users get their jobs done. The irony is that _every_ IT support person has tons of weird software on their machines that would cause them to refuse to support the machine if it were someone else's.
(and I say this as someone who's worked in IT, and managed IT departments, for _years_.)
Enable 3D printed prosthetics!
..now how much would you pay for VMWare?
But wait! There's more! The first Karma-whore to post about VMWare on Slashdot will receive some moderation points... absolutely FREE!
Order your copy now, while there's still time!
---
Sheesh.
I *wish* I had to time to make obnoxious posts to slashdot all day.
Er.. wait a minute...
The company is Electric Cloud and yes we are rather small (our CEO is John Ousterhout of Tcl fame/infamy): the real web site is going up in early August.
However we didn't blow $400 on VMWare we needed it. Our product runs cross platform on Windows and Linux and wanted a way for the developers to be able to use both cheaply. Dual booting isn't an option because it's very slow to change context and you don't want to have two email clients, etc. to manage (or only be able to check email etc. when in one operating system), two machines was too expensive ($400 is a lot cheaper than a second PC). So VMWare was the answer.
We blew the money on two 19" flat screens per developer.
John.
That's preposterous! You have to get a LICENSE first, remember?
In truth beyond the server farms ive worked with at said companies the only person possessing any *nix varient has been myself (including mac os X...) While i can see this as being an occasional happening in dorkier companies... even then i find it not very likely.
mainly because buisness use predominataly revolves around outlook exchange's shared meetings and various other stupid stuff.... in addition to the baseline ease of use (overall managerialy) network administration of an all windows environment.
I would NEVER support a linux desktop distro amongst my users.... MAC OS X ... yes.... but not Linux for any reason on gods green earth... can you say nightmare? I love Linux.... but it just is NOWHERE near as streamlined as windows or macintosh... especialy from a support stance.
My personal feelings are *nix for network devices.... Windows server/client for data sharing email and so on.... and Mac os X for end users who are more inclined towards media production (basicly people who arent finance/sales).
This setup puts the *nix boxes in my realm... and id be greatfull that no unwitting user *accidently* installs another DHCP, DNS, SMTP, etc... server on my network. Id also be thankfull not to be asked how to make packages work correctly between KDE, gnome, X, or whatever else joe moron decides to use.... or how to fix their freakin window manager because KDE offers 5 different programs just to change the layout/widgets.... no thank you.
Of course this poster assumes that the people who do so, do so knowing people like myself wont support them... and more than likely will be highly un-happy with their network being potentialy compromised...
not trying to spread FUD.... but ill wait for a tighter distro before i promote *nix on the desktop.... only one so far (with flying colors) is OSX.
--Idiots, Every single one of YOU, A flaming mass of conglomerated morons, hey wait a second, isnt that how RAID works?
not only that, but my unoffical linux install is a good way for me to know that the corp doesn't have any spyware on my boxen. That and I stopped hitting my monitor so much after I installed linux.
"anti-virus software", "desktop license management agents"
Apparently you've confused Linux for a version of Windows.
This kind of sysadmin crap is why I prefer working for a small company.
Do not spread "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0" over the internet, thank you.
I can see how security might be lax. When I was new to Linux I enabled everything whether I needed it or not. I figured I'd get around to playing with bind, sendmail and ftpd sooner or later. Everyone I know who's tried Linux has only dipped his toe in, so to speak.
Now I know more and have played enough that I disable everything except what I need, make sure it's secure and then put up a firewall just to be sure. But heck, just the other day I realized I hadn't apt-get update'd and apt-get upgrade'd in a couple of months. Oops. I also had weak passwords until about a month ago.
I'm in a non-tech company, and the Linux penetration is well below 1%. Only one desktop--a dual-boot laptop--as far as I know (except when I boot up KNOPPIX), but I have three rouge servers of my own. (Squid, Nessus, nmap and Snort are my friends.)
I also have two Cygwin installs, but they're my workstations, not user PCs. Anyone seeing those on desktops yet?
In this article the guy chose RedHat. If you don't care for commercial support, why would you choose RedHat over Debian or Slackware? Especially if security is a concern.
I wonder how many people boot Live Linux Distro's like Knoppix, and reboot into whatever is installed (NT, XP, Win2k)when they only really have to.
As a ardernt Linux user, I would just change the BIOS settings to boot from CD first, and pop in Knoppix, or leave the CD-ROM tray empty when I wanted to use windows. No one in IT would need to know what I was upto.
New York City 911 EMS: When you absolutley, positivley cannot call a cab for your toothache
they almost certainly would have no antivirus software
:)
Oh, for the miniscule number of Linux viruses?
no agents for our desktop license management
Since *most* software that requires license management is either Windows-only or hard for Joe User to come by, I don't see this as a huge problem either.
and almost certainly wouldn't be keeping up with security updates.
Ah, now this is a real concern. I would hope that your company has firewalls, but I can certainly understand not wanting them to be your *only* line of defense.
the users don't own their machines - the company does. if they want to piss around with _any_ os, let them do it on their own time, on their own network, and on their own equipment.
I can certainly understand this. When you're responsible for eleventy jillion desktops, you can't have people going rogue on you. At least not without knowing that if you have to come fix their PC, it's getting reimaged.
Now, I personally happen to run a stealth RH install, dual-booting to Win2K for when I just have to do something in Windows. My workstation, however, is well-secured, and has updates applied regularly. I have *never* had to bug the IT department, and my workstation is exceedingly well-behaved on the network. If the IT department decide to be real hard-asses about it and reimage me, I'll understand. Doesn't mean I won't be cranky, though.
49 20 68 61 76 65 20 74 6F 6F 20 6D 75 63 68 20 66 72 65 65 20 74 69 6D 65 2E
and all our systems have rouge linux installs. Its true! ;)
New year Resolution: Don't change sig this year
Well, it's redundant because it's not a troll, it's not flamebait, and it's not offtopic. I suppose it could be overrated instead, but the point of the article was to hear experiences from people who have found desktop installations at work, not hear 600,000 "No" answers from people who haven't. If there was a "-1 Pointless Comment" mod, you'd have gotten that, but there isn't.
--That's the point of being root, you can do anything you want, even if it's stupid.
He says, if he ever gets fired, he will just boot to his Red Hat installation, and quickly format the hard drive!
Which is exactly why someday management will meet him early christmas morning in the parking lot instead of at his desk......
And "we all know" that if he gets fired, he'll be marched straight from being told, empty his desk under supervision, and be escorted off the premises.
Any company that lets him near a pc, networked or not, after he's been told that he's going to pursue opportunities elsewhere is being run by dolts.
T&K.
Political language
This was a regular occurrence in our engineering department for some time, and as any MCSE knows, Linux is insecure. As IT director, I was initially given the task of physically removing hardware when rogue Linux installations were found, but employees were actually discovered bringing in their own laptops to run Linux or using VMWare to host virtual Linux machines with active and unique MACs on the corporate network. To better battle this, I asked for and received the right to terminate employees. After several high-profile firings, our network is once again safe, and it has become policy to perform more extensive background checks on job applicants with a UNIX or Linux background to ensure that they haven't caused similar grievance elsewhere.
I used to be a manager at Dell, and I can tell you that if you had presumed to format one of my or my developers machines without first getting authorization from me, you'd be fired and "walked out of the building" the following day.
Maybe the authorization got misrouted.
Maybe you are wrong about either the authorization or the requirement for it.
Maybe it was an experiment on a dept. system.
Maybe it wasn't hooked to the network.
Maybe we were testing the system's Linux compatibility at the end of the day and left it 'till the morning to finish.
In my tenure at Dell, all these things were true at some point or another, and no one formatted our systems. We were too busy to get in the pissing matches that would have started.
Certainly you should quit abusing your very limited power and try to help rather than simply jumping to conclusions.
I dunno about everyone else, but as a sysadmin there are only two reasons for unapproved installs of ANYTHING in an organisation for which I'm working - I'm not doing MY job, or the IT management is refusing to stand firm on policy.
This is why IT is not consulted. Extreme prejudice indeed!
If end users are not supposed to do something it's your job to configure the gear so they can't. Rules forbidding something are a failure in IT.
If the user has no agent for the desktop license management how is that a problem exactly? Either they are not using any licensed software our your management software is not to hot on the managing front.
If you're running round playing tattle tale who do you think the finger is really pointing at? Go back to your sever room and lock the door.
Bill is that you? I didn't know you had a puppet on slashdot!
> Last time I checked, there weren't
:)
> any imminent linux virus threats.
That attitude works up until the world gets surprised by the first real nasty one.
> Desktop license management?
> I thought linux was free.
Perhaps, if your time is worthless. But anyhow, he was refering to license management for any potential commercial software they may have illicitly installed.
> If you have the ability to install linux,
> you probably have the ability to install
> security updates.
Perhaps, but you're assuming people have the attention span. They usually don't. Don't depend on your users to go out of their way here.
> Also, unlike windows, linux is a bit
> more secure straight out of the box....
> or rather, iso.
And just as easy to make insecure, with the running of a single config script or shell script.
I feel sorry for IT people. Users aren't generally as saavy as they think they are.
Where I work (part of Harvard University), Linux is definitely growing, but is a distant third behind Windows and MacOS. The IT department here is pretty strict about what they say you can and cannot do (kind of odd in an academic environment, if you ask me); as an example, one is not supposed to deploy ethernet hubs without seeking permission first. This just to give you an idea about them.
I've been here 3 years. Last year and the year previous to that, all of the IT web pages said that the only officially supported OSes were Windows and MacOS, with a stern implication that that was it (and don't you think about using anything else, grrr!). This year, they've acknowledged that Linux exists, and are giving some support for it. The IT folks are at least aware of Linux now, a change for the better.
Why is this happening? Because there are a few researchers (including me) who have installed Linux on their desktop/analysis machines, and are doing their own system administration. But, these users still need to fit into the global IT picture, for example, communicating with the email servers. As we have migrated from one email system to another recently, the IT folk have visited every single user (no, not kidding) to move their email system over. The fact that I was running Linux was not only no big deal, but they even correctly guessed which mail client I was using, given that I was running Linux. We are, slowly, winning.
Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
}
}
}
} In the matter of SCO
} vs.
} Electric Cloud
}
}
}
Said defendent is alleged to have been running an unlicensed version of Lie-nucks, violating vaguely alluded to (but impossible to produce) 'intellectual property' alleged to belong to litigant, by virtue of having been written independently to superficially resemble an unpopular operating system the litigant overpayed to acquaire the rights of (c.f. UNIX), said litigant thusly excersizing their Constitutional Rights (tm) to sue uppity upstarts who dare make use of a legally engineered and freely provided system that competes with their abysmally unsuccessful, outdated, and buggy commercial offering.
Said litigant cites as prima facia evidence of infringement "a post to slashdot that indicated a successful deployment of the demonic system."
Defendents declined to comment, but did point out to the court that the daemon was a mascott for another, competing free operating system, and that perhaps counsel for the plaintiff would be so kind as to wipe the froth from his mouth and clarify.
The Future of Human Evolution: Autonomy
It may come as a shock to you - but the IT guys don't actually own the PCs either.
It may be suprising to you that his job depends on ensuring corporate standards are in place and enforced on IT infrestructure.
I understand a user wanting to run thier own show on the workstation assigned to them, but if a major problem with Linux surfaces and the sysadmin didn't do anything about a non-standard installation that they knew about, that's akin to dereliction of duty, and they should be fired. A corporate environment requires stringent management, or it spirals into a huge, black, money sucking pit.
IOW, it's up to the SA to ensure that everyone plays nice on the network. If you want to use Desktop Linux at work, ask . Maybe the sysadmin be a lot more friendly towards the idea - I know I would.
Soko
"Depression is merely anger without enthusiasm." - Anonymous
I certainly see your point. The company pays to maintain my laptop for me, the company pays for the support and pays for me not to have to worry about it. They pay you to do all that for me.
I see my employer as someone who pays me to do a job. I'm not that good at windows. I can do many things with *nix better or faster or both. If I asked my manager if I could modify my laptop and my productivity would increase by 10%, she'd approve it. Personally, I can keep a Linux install up to date, well maintained and all the appropriate patches on it. Certainly better than the company can do that to my windows equipped laptop while they tiptoe around taking me down at inconvenient times.
The company pays you to keep me out of trouble. The company pays me to be efficient. If I can be more efficient and keep myself out of trouble, why should you care that you have one less Windows machine to maintain (to say nothing of the grumpy luser you have to deal with)? Of course, if I get 0wned, you need to come down on me hard and make sure that my manager knows you're here to keep that from happening to me but I didn't let you.
As far as license management goes, maybe you could work with a rogue Linux user and find out how to satiate your needs and his / hers?
localhost / # format c:
-bash: format: command not found
localhost / # fdisk c:
Unable to open c:
localhost / # deltree *.*
-bash: deltree: command not found
localhost / # del *.*
-bash: del: command not found
localhost / # sys c:
-bash: sys: command not found
localhost / # help
GNU bash, version 2.05b.0(1)-release (i686-pc-linux-gnu)
<snip>
</snip>
{ COMMANDS ; }
localhost / # fsda;lkjafdjl;kwfoied
-bash: fsda: command not found
-bash: lkjasdjl: command not found
-bash: kwfoied: command not found
localhost / # <insert_vcr_led>
Sobbing....I HATE LINUX....
Somewhere a penguin smiles.
(B) + (D) + (B) + (D) = (K) + (&)
would kind of count as a security risk in itself, wouldn't it?
> --- All Of The Above --- >
"If I had real work to do, then I would use XP"
But you don't because you're an unemployed has been MSCE. haha
And I'm sure you'd be shortly disciplined or out of a job for destroying valuable data, negotiations, documentation, whathaveyou. Sheesh, some moderators don't recognize a troll when they see one.
While the parent post is rather harsh, there are plenty of organizations which would discipline you for installing unauthorized software on your machine. I know of some departments where you need authorization to install stupid stuff like ICQ or winzip.
Lots of managers would wonder why you just spent company time to install a new OS on your machine. You would be expected to justify your actions in that the new OS somehow assists in your job performance. That would be a difficult thing to justify, seeing that if the management team believed in the benefits of Linux, your shop would probably use it already.
-- search the web
> the 'official' penetration of Linux into the desktop market is something around 1%.
> he may have stumbled on several times that percentage of desktop Linux installations.
If this is true it would be really great for us at Slashdot because then we could brag about a higher Linux desktop market share to our girlfriends...
No wait, that can't be right...
Well anyway, he said "Penetration". That's gotta be good, right?
- For the complete works of Shakespeare: cat
I am not a member of IT in my company... though heaven knows I should be... I work for a support organization and I'm a field service engineer (but not part of corporate IT), and they (IT) get in our way all the time...which is amazing considering they have no on-site personnel (3000 miles away in CA) and their only domain controller is an underspec PPro 200 with 128MB of RAM running Windows 2000 AS (yes it is always out of memory and functionally useless).
As part of my job I set up the office G4 (OS X...which they thought was Linux... probably because of Smb) for training... I am in charge of Apple desktop support for our largest client in the area, an HP 9000 D class for my support of the 9000's in the data center (24/7 on-call), a Windows 2000 AS box for training (Citrix Metaframe XP, etc.) and the box I interface it all with... my Powerbook Pismo. I was told to shutdown and remove these from the network... they have a point about security holes and unauthorized access points...but I kind of chuckle because their infrastructure is very poorly built and my machines are 10 x as secure as theirs (case in point I run only SSHd for the most part and lock down everything)
They decided to send us a switch and give us an external IP... (IP only after bitching that a lab environment is useless without an internet connection) which is fine except we can't use the local printers... so instead I built a NetBSD firewall and put everything us techs use behind it and then configured it to never respond to any outside services nor pings. So yes I have unofficial non-Windows and technically oriented OS's... and I had Gentoo Linux on my last laptop... but I probably don't count because I am an admin just not by job this time around (I've been director of IT before)
when I was promoted/transfered from help desk to engineering was add a 2nd drive and install linux on the box that came with the cube I moved to.
Months later, I walked away after initiating an (infrequent) reboot. After making the rounds, I came back to an NT login. WTF I thought - then realized I'd set NT as the default in lilo in case someone needed to use the copmuter.
Personally its not God I dislike, its his fan club I cant stand (bash.org)
As a developer, this is why I hate IT departments. They are very often stupid, irrational people who follow "policy" insteading of *thinking*. Fact is, the only time I need their "help" is when they have something locked up and I don't have the password or the access rights, or know the IP address of the proxy server, etc. I just had a run in with some dolt who first accused me of using a personal laptop on the company network (its a company laptop) and who then tells me that I can't have the laptop on the network at all because it is not allowed. Why? Its a Macintosh PowerBook running OS 10.2. My job here: write software for the Macintosh. Yet, I'm not supposed to have a Mac on the network. (It has to be on the network to get to the source repository at the bare minimum.) (My solution was to lie to her and tell her it wasn't attached to the network and I was "doing tests" with the Mac. She left me alone.) Why was this dolt at my desk? Some glitch in their system caused my Windows machine to be removed from the domain and I didn't have the admin password to re-add it. I've dealt with lots of IT people - some are better than others. Generally in small companies you get people who are okay. They will at least think and respond realistically to a situation. In larger companies, I've mostly dealt with power tripping dolts. I would really prefer these folks keep their shit working and leave the responsibility of keeping my machine running correctly to me.
Avoid Missing Ball for High Score
>> Last time I checked, there weren't any imminent linux virus threats.
.... and linux and BSD run about 50% of the mid-range servers....)
> That attitude works up until the world gets surprised by the first real nasty one.
should i even bother explaining why it is damn near the most unlikely thing to happen in IT ? or should i just point out that _if_ a virus ever hits a unix there would be open source anti-virus software within a few days ? (few months max) or point out that the unix type of OS is about 30 years old. and to date there havent been any virus's in the "wild". (and dont give me that "not attractive target" for virus writers crap either, unix still runs mainframes, bank computers, ATM's etc
se the wonderful thing about linux is you dont have to run a damn thing as root, and the few things you do have to run as root can be chroot'd so the virus/worm can't do diddley. some linux distros come like this by default.
>> Desktop license management? I thought linux was free.
> Perhaps, if your time is worthless. But anyhow, he was refering to license management for any potential commercial software they may have
> illicitly installed.
oh please. take your gartner studies (microsoft funded BTW) and shove em'. the amount of time it takes to install and optimally config a std. linux system is in the hours worth of time. admining that same install MIGHT take 30minutes per month. windows ? yeah friggin right, pick one of their OS's if you spend less than two hours per month admining that box its vulnerable. this argument is moot. since anyone who is going to install linux by choice obviously wasnt bugging the IT guys and hence didnt need to be trained, so there is no time lost their.
Linux is FREE to any person who knows what they are doing, simply because spending the few hours it takes to install free's them of the years of misery that lies behind them, and the years that would have laid ahead of them if they had still been running windows.
"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe." --Albert Einstein
I killed my ISP access at home, so I need ways of moving new version of applications to my home machine without needing a network connection. While I'm at work, I download the latest .rpm's or tar files (or even Windows .exe's for my Win desktop). The problem them becomes, how to get them home? Well, I have a USB keychain device (128 megs, more than enough to hold stuff that I download, like blender (a hefty 2 megs)). The problem is, our IT "image" disables the use of removable storage devices, such as USB keychains. So, I just boot up my Knoppix CD, it automagically mounts all my drives, pop in the USB keychain and copy the files over, reboot back into Windows, done! :)
We also have several Linux servers, but no desktops as of yet.
If you were me, you'd be good lookin'. - six string samurai
You need to find a good surgeon to remove the stick from your ass...
Basically, what you're saying is that you aren't confident enough with your security measures that anyone inside your network can wreak havok? In a big company, that's pretty fuckin' pathetic; a rogue user had better not be that big of a security concern!
the users don't own their machines - the company does. if they want to piss around with _any_ os, let them do it on their own time, on their own network, and on their own equipment.
IMO, this is exactly what is wrong with corporate America. You're not a person, you're a drone, don't try to learn anything.
Sticking feathers up your butt does not make you a chicken - Tyler Durden
I am not a sysadmin.. but I can tell you that there are MANY MANY "rogue" Linux desktops within HP... including mine. Using Crossover Office, I have completely eliminated the need for Windows at work altogether. We also have an "authorized" internal distribution network for doing network installations of Linux for whatever purpose you may need. I am confident, that if you queried our site system administrators as to what percentage of desktops they have running Linux, they would be off by at least a factor of 10.
-K.
I'm not running Linux under the radar, I'm running FreeBSD. I'm so much more productive with FreeBSD/KDE than with the mandated Win2K. Especially since the network is Solaris. (Why we're supposed to use Windows on a UNIX network is something I still haven't figured out).
But IT doesn't know about it. I don't have their permission. But guess what? IT doesn't own this computer, my department does, and I got my boss's permission, his boss's permission, and the permission of the VP above him. I would have told IT, but then they would have a cow and it would become a big pile of political crap. But IT doesn't know, so they're happy, I'm happy and my boss is happy.
I'm certainly not going to tell them about the development lab being switched over the FreeBSD, the Dicom lab running Mandrake, or any of the internal websites running Redhat and SuSE.
A Government Is a Body of People, Usually Notably Ungoverned
how can it be spy-ware when IT IS THEIR BOXEN ? The one thing in our enterprise that MUST be present to access ANY shared resource is the Tivoli agent with the config checksum matching, much with it and you don't get anything from the network. Don't get me wrong I hate the crap too but it IS a place of employment....
errr....umm...*whooosh* *whoosh* Is this thing on ?
Just because you can only boot from the HDD doesn't mean you cannot install anything you want! You just have to work around the problem. For example you could use VMWare to boot your distro and then install to the real hard disk. Alternatively you could simply use rawrite to overwrite the mbr (tricky to construct your mbr ... but possible). Now if your OS that you can boot from won't let you access the mbr and the raw disk, then you'll just have to whip out the hard disk to do your installing and then return it.
Bottom line is that yes, every desktop in a large install should be secured both physically and through software to prevent the users from modifying anything non-trivial.
As for personal experiences, I have owned "stealth" linux installs and a good friend of mine who works for one of the largest ISPs in Ireland has one, as he has told me do many others throughout the company.
Never underestimate the dark side of the Source
While I believe myself to have some linux background, when I first started my current job, I went straight down to the LAN team (I started in desktop support, which still blows) and asked for any workstations that still turned on, and that were being thrown away to be sent to my cube. By the end of the week, I had 4 p2/333 with 128mb each. I brought in a 10/100 switch (5port) and started cranking away at installing openmosix.
Before I knew it, I had Samba installed, MRTG, and was sniffing anything that came accross the network. A few weeks into, after compressing all my CDs (And a few others) using the openmosix cluster, someone asked me if they could install some software for testing, before you know it (right now in fact) I'm lead tech in a project to bring linux file servers to our clients instead of pushing the Win2k3 servers. Samba is working great as a replacement for the Win2k/2k3 servers that are in our market place.
I think its great, and it simply started by asking for junk hardware.
think before you write, it'll save me moderator points.
After we began shipping a linux version of our main server product, I began to notice more and more linux desktop ( and cygwin ) installation on our staff systems. Now, even my project manager and the company owner have seperate or dual boot linux desktops that see significant use. All it took to get all this going was a few internal howto documents that walked them through a simple secure installation.
This obviously couldn't happen in a more regulated atmosphere, but at small companies like mine you can often get away with anything you want so long as you continue to be productive and do not cut into the IT budget.
BLH
The point is, a sysadmin can patch and update winders machines remotely and en masse. If he doesn't know about the linux machine, then he obviously has a hole in his security plan.
"Faith: Belief without evidence in what is told by one who speaks without knowledge, of things without parallel." - A.B.
Just in case you didn't already know...
Novell Client for Linux
Dont install KDE? For a user? are you expecting them to use X? or maybe the CLI? or should i dictate them to simply use my preferred manager? Once again... poster said these would be boxes i didnt set up.... so theyd probably install whatever they wanted. Support contracts are certainly cool... but even still... my job is to fix things quickly ... not to wait on the phone.
if you think supporting linux amongst a bunch of users looking for ease of use and smooth inter-operability with a windows world (especialy in sales and buisness app's) your out of your freaking mind. While i certainly do agree ssh is a powerfull tool for remote support (though i prefer VNC) your totaly missing the point.... resolving issues QUICK. the amount of variables involved with a *nix are much greater than windows.... this is the power of *nix. And also why support can be problematic.
As to your "no" policy... i seriously laugh at you. If your in the buisness of shooting down your users ... your not a very good sysadmin. While you most certainly shouldn't encourage or offer active support for non-approved SW... Users are users, and simply want their shit to work. The more you can facilitate that with ease the better the admin you are. thats "support".
People who hold the above attitude are very BAD admins.... our role in general is to make people happy as best we can without going over-board. I suppose that's why my company has gone through 8 admins until they found me... your job security is BASED upon your user satisfaction. In which case ease of support IS important.
--Idiots, Every single one of YOU, A flaming mass of conglomerated morons, hey wait a second, isnt that how RAID works?
If users will install random spyware and games on work machines, why wouldn't they do the same for an entire operating system?
Ummm... because they can't "click" to install Linux. Sure, some of the bootable installers are pretty easy and click-able but it generally requires removing the Windows partition.
Users are dumb.
Create a Windows-installable Linux distro that will coexist/dual-boot on NTFS and you will have tens of MILLIONS of Linux installations. Hell... if you could make it install itself with a pop-up active-x applet, you could pull a Gator and install it without most users even knowing.
Now *that* would be cool...
Life is the leading cause of death in America.
Company shall remain nameless for my protection -
.
The home office has a special network security "swat team". Last year, they did a security audit of our site, which consisted of trying to hack into our network, from the inside.
They found several rogue Linux boxes, and were able to hack into them through ftpd. Holy hell was raised. All Linux was purged from our network. Oddly enough, here it is, 8 months later, and nearly every developer has a second box on his or her desk, with, you guessed it, Linux. However, it's a distribution and configuration, approved and controlled by IT.
It's all about control with these guys. .
You'd think that black leather keyboards with spikes and clamps would be popular with these freaks.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
god forbid they have a bootable CD of morphix or some shit... Elitists are dumb.(sic)
Carpe Canem - Seize the Dog
"And you didn't even spell MCSE right"
I can't spell dinasaur either.
Actually, in almost any corporate environment ...
" The number of end-users with the skills, permission and motivation to install" WINDOWS or any other OS "on their work desktop is extremely low."
I really can't stand it when people proclaim that Linux is some how more complicated than Windows. It most certainly is NOT. Its simply different.
There is something fundamentally wrong with the world when something like a Linux desktop is rejected not for its own faults, but because its "different" than what we are used to... and what we are used to... it sucks.
I doubt very seriously that any corporate environment, excluding a place that actually DOES computer support or development of some kind, has more than a handful of people that could install anything on any system.
I think what MS needs to really worry about is the world waking to the fact that there are other options beside MS's proprietary document formats. In the meantime... CrossOver office anyone?
-K.
If you were actually any good at your jobs you should be asking why these people (who may or may not be risking their jobs) feel the need to install linux? What is it that the current policy doesn't provide? Why has sysadmin become so unapproachable that they did it without asking (this should be an easy one)?
Actually do something useful rather than wandering around the network marking your territory.
Nerd: Derogatory term typically directed at anybody with a lower Slashdot ID than you.
Management!
I don't really care about support either. Most of the time I don't use it and when I'm forced to I'm often way out of there league already.
The main reason why you pay for support that you don't need is for managemnet. Support is like insurance you don't really want to use it but if something goes wrong you want it to be fixed. If you died tommorow they want someone that can fix it if it breaks.
So while it doesn't make sence at first in the end it does.
If you did format my system with extreme prejudice, you had better be sure you have the authority to do so. The computer doesn't belong to you. It belongs to the company. So check with your boss, his boss, and his boss's boss first. Then double check with my boss, his boss, and his boss's boss.
Someone did this in my company to a laptop four years ago. Just last week I noticed he was still sitting funny after the impromptu buttectomy the VP gave him.
A Government Is a Body of People, Usually Notably Ungoverned
I'd love to know where they get this 1% from anyway.
Last big company worked for there were maybe 150 people with Linux installed at the desk. Out of 96 thousand employees.
I'd REALLY like to know where they get the 1% figure from. (looks at the boxed, downloaded and magazine-front Linux CDs on the shelf and his ZERO Linux installations)
At the government lab where I work, Linux has penetrated much more than IT knows. We have an extremely braindead IT staff, and the five-year-old unpatched Groupwise servers simply don't work. The email system is completely bogged down with the viruses everyone trades. The people in my research group got fed up, so we finally just set up our own network. It's mostly Ethernet, with some patchy WiFi. The cables are hidden in PVC piping. This is a lab, so nobody notices when new pipes get put up. We have a few Linux servers doing mail, a website with a Tiki, Jabber, and a few other assorted tasks, as well as a bridge to the real network. IT has no idea, but I can't help feeling that in a few years, they're going to notice that all the scientists are using Linux.
Litigious bastards
Ummm...actually, in 1988 (fifteen years ago) Robert Morris wrote a worm that attacked UNIX machines via a number of different routes (holes in sendmail, finger, and a few other approaches that I don't recall at the moment). In the space of something like 24 hours, Morris' worm brought thousands of computers to a grinding halt (a fair percentage of the machines that were networked in the US at that time), and those computers were running UNIX.
This is actually the worrisome issue: a *NIX is not inherently more secure than anything else. I think that there are UNIX-based machines out there that are far more secure than anything else you can find, but that's becuase those particular machines are administered by paranoid freaks...paranoid freaks that are extremely good at what they do... :)
I'm guessing that this isn't the case, but if your position is that "'I don't have to run a damn thing as root' and therefore my linux box is by definition going to be secure forever," then going to get screwed -- and screwed hard -- one of these days.
* * *
It is a dada story -- it has no moral.
Because they're doing it behind his back maybe? Methinks you should look up the word spy in the dictionary.
If I ever found out my employers were spying on me, they would probably have my resignation by the end of the day.
The weaknesses from the rogue installs ...come from the installation of third-party applications and utilities, which can leave a desktop or server vulnerable to attack if set up incorrectly.
Huh? What total Microsoft brain washing! What is a "third party application" in the free software world? This dude has his head shoved so deep into the M$ world that he confuses all the crap and spyware that accumulates on windoze boxes and runs as root with free software. I don't know how he's transfered his complete lack of control over Windoze onto software that works. I don't get it.
He goes on, after mentioning that he might be man enough to run Red Hat. He thinks it could do his company good to replace the hideous pile of Word Docs that is their QA tool because it sucks to have to do a "word search" to find information in the 300 reporst/year they generate. So true, just putting those things on a Samba server so you can use grep and find would be really helpful. Imagine how nice his life would be with a nice little mySQL/PHP webform for entry and search instead of a Word template. Progress, forge on brave man!
But, oh no, he shrinks from the fear of vulnerability:
For example, there always seem to be vulnerabilities associated with programs such as file transfer protocol, sendmail and Apache. And other open-source software is vulnerable, especially when the developer hasn't written the program with security in mind.
Poop. Plain and simple poop. Sendmail handles most email. Apache handles most web sites. Who needs ftp when you've got ssh? Well, anonymous ftp is a nice way to share big piles of files and programs like proftp are plenty secure. This is total shit to scare people who don't know what file tranfer protocal is, but like the ease of windoze file sharing. It's ignorant if not intentionally misleading. This line says volumes:
We can't eliminate Linux
No, but some fools wish they could. Other people everywhere are learning all the good things free software can do for them.
Anyone who's worried about security should use Debian's stable distribution. Not only is it all field tested, upgrades can be applied everyday from http://security.debian.org via shell script. Unlike the windows world, these updates install easily and don't break other "third-party" applications.
You say:
This could make the case for desktop Linux look worse, if people are not securing their dektops and/or keeping up with security updates.
That seems to be the intent of the article. Fortunately, only the very ignorant will pay attention to such nonsense and it can easily be deflated. Microsoft is going to have to try much harder than this to keep people away from superior software. Then again, I'm not sure how they can do that. The thing that makes the best case against the Windows desktop is it's record. That now including the author's laborious treck around his company caused by yet another Windows failure. There is not software anywhere with such bad performance.
Friends don't help friends install M$ junk.
While many here may think its cute, its a bad bad bad thing to have users running around installing an OS on your network with out your prior approval.
Not cool.
---- Booth was a patriot ----
The company makes volume licensing agreements which means we HAVE to use certain software. Since software licensing can be a liability, ALL machines are required to have audit software, including *nix boxes! In fact, Linux is explicitly prohibited except where VP approval is obtained, so as SA for my site, I definitely would show extreme prejudice if I found a Linux installation. Moreover, we even tell users that we reserve the right to reimage their PCs at any time. They keep things on their local drives at their own risk. Again, it's not about the way *I* think things should be (because I definitely hate administering Windows boxes), it's about what I'm paid to do (and when I'm ready to find another job because I don't like these software policies, I'll do that).
The point is, if it's against the rules, prepare to face the consequences, whatever they may be (be happy if your workplace doesn't care). If you get approval to run a box, good for you, but your local IT damn well should know about.
assuming for a second that the person involved is actually able to install Linux(not stuffing a CD-Rom and/or floppy drive into a machine does wonders) and has sufficient rights under Win2k/XP the answer would be to reduce the main partition a bit in size using for example partition magic, and then happily installing mandrake on the side. Red hat might be an option too, but that'd require installing NTFS "support" separately, which, otoh, isn't all that hard to do either...
From a personal perspective, my previous employer didn't give a rat's ass what OS I ran, as long as it ran the software we used. The reply I got when I asked if I could was something like "oh sure, but you do it on your own time, and if it breaks, don't come whining to us..."
People replying to my sig annoy me. That's why I change it all the time.
So there I am in my cubicle playing my usual rounds of mental foursquare with three other cube-mates. One of them still refers to her desktop wallpaper as a "screensaver." One of the men passes corrupted floppy disks around with the glee of an idiot passing out used condoms; and the other still thinks no one can see him playing Solitaire. As for me, I routinely spill coffee and break the no smoking policy while clogging the email system with idiotic Flash movies...
So who and where the hell are these marauding rogue agents running around installing Linux on office desktops. It can't be IS, they're too busy, and it can't be cube workers, they're afraid of their CDROMs!
well... heh... I actually haven't stumbled over any installations of Linux... when I was first hired on, there was no linux... So I helped ... er... "introduce" linux to a couple of useless windows boxes. Actually I've been very active in encouraging the switching over from Windows to Linux within our organization, and am happy to say that it's giving the 'MS certified - legit' SA's of the organization fits. Funniest thing is watching their faces when the users tell them they don't want Windows re'installed... Windows Purchase = $300, Hardware Purchase = $3000, Looks on SA's faces when told their jobs are going to go away because the users like Linux = Priceless.
Then I installed Linux at work on a spare server (supposed to be for DRP but what the hey!). The best part is that I set it up with PXE support. I have about 25% of the company running linux without touching their OS on their systems. Just set the workstation to network boot and presto Linux (similar to Knoppix). They like it alot better 'cause they are sharing a 2.8Ghz Xeon with 4GB of RAM. Most were used to PII300's. They can always skip the network boot and boot into Windows but they are doing it less and less now Especially since I have really cool games on the server =).
I hope to have the whole company converted by christmas!
From excellent karma to terible karma with a single +5 funny post...
Or maybe I'm the only one here who saw "MDK*" and thought MurderDeathKill...
"Alcohol, Tobacco, & Firearms" should be a convenience store, not a government agency.
I thought it was in analogy with ox/oxen (which comes from Old English, so in the same family as German). It's easier to pronounce -xen than -xes endings, so rather a shame it's not in more general use.
Running FreeBSD as the primary and only OS on three machines at work, I have a really hard time with these forms. What further investigation revealed (as I wanted to give them the CORRECT information despite their problematic form) was that their bonehead Access database required a primary OS from the list, with an optional secondary OS from the secondary list - no other options could be entered. So my three computers were registered as Win 2000 primary OS and Linux for secondary OS. Despite repeated pleas by me, we're paying Microsoft for three unnecessary liceses.
What annoys me most is that when ever I say "FreeBSD," my supervisors always hear "Linux." They aren't against Linux (or FreeBSD for that matter) as it seems many of your bosses are. Linux is a keyword in marketspeak, so it's acceptable. When asked about why they hear "Linux" when I say "FreeBSD," I was told that the "Free" in "FreeBSD" makes it sound cheap (in quality) to administration and potential customers. Using it is OK, but not to the outside world (or department).
I installed Red Hat on my Thinkpad two years ago and bought Crossover Office so I could run Outlook to connect with the Exchange server. I never authenticated on the domain, so I'd login to somebody else's computer once a month for the mandatory password change so I could still get my email and use the network shares.
All worked beautifully until IT migrated to Active Directory and EVERYTHING stopped working. Well, actually only the shares and Outlook stopped working, but not having email is enough to end my Linux using days. IT wouldn't help at all on the AD server so my options are running low. SCO actually has software that would help, but I shiver at the thought of using a SCO product.
IT is now going to open up Outlook Web Access... I thought this would solve everything, but they are somehow locking it down so every client that connects to OWA will need to be running some sort of Windows-only Symantec software (we also use a Symantec firewall... maybe this is some sort of PPTP client, but IT wouldn't say). This makes me doubtful of getting it to work under Linux unless I can emulate the Symantec software.
Where I am going with this is that I used Linux on my work desktop for two years and some helpdesk guys even knew about it, but I was out on my own when IT went to AD, so this sort of thing sure isn't going to get any support from many IT departments. Good luck to you in running Linux at work. I wish I had more luck.
The global economy is a great thing until you feel it locally.
In the 80's, IT departments were concerend about the deployment of Personal Computers without IT knowledge or approval.
In the 90's, it was departmental servers. First on NetWare, then on Windows NT.
Today, it's wireless networks, cr^h^hblackberry devices, and (you guessed it) Linux.
Anyone see a trend? What's deployed behind the backs of the IT department today is often an intergal part of the computing environment tomorrow.
I was surprised by the number of posts that mentioned Knoppix. Almost no mention of Knoppix in C/ZD NET, Gartner, PC Mag, etc.
Yet, lots of people here are using it.
I'm using it right now.
Back in the 60s it was a fun thing to turn people on to marihuana for the first time. I've had fun giving Knoppix CDs away. Interestingly, with both Knoppix and marihuana, the first word was often: Wow!
1000 SlashDot sigs
1) You have to be kidding. You can use attack software on *any* OS. Linux is no weaker (and actually a bit stronger in that it has some semblance of local security) than Windows here.
2) If you sieze machine and reimage them to fit with some policy you're following, your ass would be heading out of town from mass user complaints at any company I've been at. You are IT. You are present to help workers get their damn work done, not to push some random personal agenda. If you wipe an entire system and kill that employee's work, you are a serious impediment to getting work done. I simply am amazed at the total lack of regard for the employee, and lack of perspective you've displayed. You could disconnect the thing from the network. You could ask the user to move his files to another machine so that you can reformat it, though I think you're already pushing the limits. But when you simply grab a machine and reformat it, you're in a position where you are a liability to your company. When the developer tells his boss that IT wiped out his work, his boss tells his boss, and his boss tells his VP, I guarantee that your boss will not cover for you.
You want him having direct access to the 'net without a proxy?
WTF does this have to do with what OS you're running?
I doubt it, especially not after that email where he asked questions about what type of traffic you monitor and how you do audits.
This is ridiculously paranoid. I've seen the occasional IT type who considers the users he is supporting his enemies, but this is beyond belief.
What if he's okay but his box ended up getting owned because he downloaded bad BitchX source?
What if the same damn thing happened because he downloaded a Word file to his Windows box? Which of the two happens in far greater numbers?
That would mean another three day stint of no sleep doing emergency penetration tests, mirroring HD images, finding the exploits, sitting in meetings and explaining what all was affected hoping you didn't miss something critical.
You've worked in an 8,000 unit shop and you honestly believe you have zero penetrations? And your setup is such that you need to spend three days and nights mirroring HD images *after* an attack?
This brings productivity for the money-making sides of the company to a crawl while sysadmins and security folks work to get things safe again
And again, WTF does the OS have to do with this?
Likely, there will be a news source online with details of how the exploit took place, but completely wrong and now the public and shareholders are going to wonder if credit card numbers were stolen, your ability to properly maintain infrastructure, etc. Then your stock price falls $2/share.
Ridiculous. This is a theoretically possible but completely impractical story of what might happen in an attack.
Sorry to ramble, I just wanted to stress the importance of IT policy and the headaches that can happen when the policy is too lax.
Amazing. God, I'm glad the IT people that support me have different views.
(All those workstations came with an OS you paid for anyway).
The infamous sunk cost fallacy. Which they teach you to avoid in Business 101.
I also think this treatment of unapproved OS's is very common due to thoughts and situations like the one above.
It's not. That kind of behavior from IT would generate serious user complaints where I work. Matter of fact, IT is trying to quickly adapt to support people that want to use Linux here, and has compiled resources for them. That's what I consider doing a good, solid job. Helping the users instead of attacking them.
May we never see th
The mob I work with is a very large organisation that has ongoing severe financial problems. Think national air carrier for .uk here. Desktops are pure MS with *nix and MS servers in abundance.
Some one in IT has realised the beauty of Opensource, it's cheaper than MS. Cheap is good, saving money is good. Where an open source solution exists that can replace a commercial solution, it is on the desktop. Out went eXceed, in came Xfree 86 on Cygwin. Out went Reflections, in came Putty. And so on.
Several servers are already running Linux and I've heard they are trialling a rack of blades using Linux for something or other. I envisage more servers going over to Linux to save money and more of the desktop converting to Linux or at least Cygwin/Opensource for the same reason.
SYSADMIN OF 15-YEAR OLD COMPANY - find 71,000 Linux installations hidden in his company.
Does this headline look familiar? Of course it does. You most likely have seen this story recently featured on a major nightly news program (USA).
This 15 year old company's sysadmin was cleaning and putting backups away when he came across a large brown department that was suspiciously buried beneath some red tape and a WindowsXP EULA in the back of the 15-year-old company's closet. Nothing could have prepared him for the shock he got when he opened the department and found it was full of linux installations. Red Hat, SuSE, Debian, Slackware and Gentoo - all neatly beowulf-clustered in labeled piles...
- Peter Brodersen; professional nerd
Through the crazy fortunes of the New York IT industry these last couple of years, I find myself heading up a QA team in an office in Midtown Manhattan. They're basically a bunch of out of work actors moonlighting as online product reviewers. So, I untangle the mess my predecessor left (who got fired because it was a mess) and I figure the reviewers should be able to get through X number of products a day. But they're not. I can't figure it out. Then I catch them chatting on AIM or Yahoo IM all day.
So I'm thinking, and decide to wipe their machines and install a nice RH distro on all of them. Set them up with StarOffice, Mozilla, and Samba and hey presto they're doing 50% more products per day now (I'm not naive--I know they're gonna write emails, but it's not the time sink IM-ing is). Furthermore, their old Pentium machines are faster, and I can SSH into their boxes to fix anything that's wrong.
That last bit is key, because the tech dept. at this company is so bad they don't even know what an IP address is. But, they like to spy. There are cameras everywhere, and believe me, they ain't protecting national secrets at this place. So I figure, if they like to spy on you with cameras, they probably also like to spy on your computer. So with linux, no more spyware.
Yep, stealth linux works for me.
Do what you can, with what you have, where you are.
It's a bit difficult for a corporate user to get away with flat out installing Linux on his box, as that sort of thing shows up rather quickly in security audits.
;)
Where I work, we have 3 or 4 developers who use Linux. They requested it when hired, and other than making sure they don't have rogue DHCP servers screwing up our networks, we have a hands-off policy where we don't officially support the box because it's not Windows. Unofficially I help them all the time, of course.
What gets me is Cygwin. The last time I ran a software audit, I checked for Cygwin just for a goof. HALF THE COMPANY (that's 50 people) has Cygwin installed. Well, why not? It lets you comply with management's wishes for a Windows world, but still gives you the lion's share of Linux's power. If you count Cygwin I'll wager you'll find the 1% figure to be much lower than reality.
Of course, if you're comfortable with Cygwin, switching to Linux is that much easier.
Hell is being intelligent in a world full of idiots.
I agree. Most users do not like to waste time on a piece of machinery when they know that they have legitimate work to do. Frankly, as you pointed out, most of them do not have what it takes to install, configure, and support it.
I am the network engineer for a manufacturing firm, and I can tell you that (not counting the guys in production lines) our office workers could probably handle cut-and-paste on a good day. So I get to teach them how to add a printer while doing other system and network admin stuff.
This is a guesstimate, but I have installed Linux (and some *BSD) boxes at various job sites without managements knowledge or permission, often on 'surplus' hardware (someones old PC sitting in a closet), for about 8 years now. Only about 1 in 60 of these was in some way countable by outsiders.
/etc/hosts file -- which was a comment. I think it was every 30 or 60 minutes or something. Years later, I was talking to a friend of mine who worked at a site that housed one of the root servers, and he was in a position to count how many of these queries came in...there were HUGE numbers. What is interesting is that we found that older versions of Red Hat also had this odd DNS behavoir, but that newer versions of RH and Slackware did not. So this was an interesting method of counting older installs of a few types of linux, but in the end not effective.
This starts to be the question, how is Linux counted? Three broad categories: media sales, net scans, and installation reports.
Media Sales - simple count up the sales reports from major vendors. Using this method alone, one would get an unrealisticly low estimate of Linux users. Though I have installed Linux on over 250 machines, I have only purchased CDs from a vendor twice (OpenBSD 2.7 and Slackware 3.3). I have purchased CDs from other sources: flea markets, computer stores, etc - but these are not 'official' pressings and probably are not counted.
Net Scans - Netcraft does a srvey to see what OS / web server various sites are using. WHile this is handy, a lot of the servers I have installed have not been accessible to the outside world, for security reasons. Ones that are available to the outside world have a limited number of services running, and a firewall (usually the Linux machine itself) for access control. So this still isn't accurate.
Installation Reports - Various OSs request permission to inform a central location of a new Linux installation upon the installs completion. The ease of this process varies quite a bit. I used to never report, out of general paranoia, but I have started to in the past few years. I think we all should. I also think that there needs to be a standard method on installtion counting and reporting: some way to determine if a specific install is actually an upgrade, a switch, or whatever, and a way to protect users' privacy, but give some good statistics about the install. For instance, it would be great to report the platform (including CPU type & speed, memory, HD space, peripheral cards) and even the package selections. I know this is what redhat does with their RH network stuff, and though some people may find it annoying and opt out it does provide useful information to help developers and businesspeople in their decisions about where to concentrate support resources.
Here's an interesting bit of historical trivia: Back years ago, mayb 1996 or so, I was running tcpdump and noticed some very strange DNS queries. Every so often my Slackware machine would query to root servers for what turned out to be the last line of my