Slashdot Mirror
Microsoft Raises Security Game, Notes Shortcomings Elsewhere
LMCBoy writes "Steve Ballmer recently told an industry conference that Microsoft software is more secure than Linux. PJ at Groklaw has a nice, thorough analysis of this dubious claim. She points out that not only are there vastly more Microsoft exploits reported, but that the exploits tend to be much more severe, involving remote administrator access." In related news, mhesseltine writes "According to an article from the Washington Post, in an unusually ironic twist, Microsoft has started talking smack about their own products, instead of those of their competitors. Bill Gates said of Office 'it's too hard to find things in e-mail' and described some features of Word as 'clunky.'"
Do you think it could POSSIBLE be due to the fact that Office 2003 just came out and the need to find a reason to get people to buy it?
"Bill Gates said of Office 'it's too hard to find things in e-mail' and described some features of Word as 'clunky.'""
When the version of Linux is Lindows and it's adminstered by a monkey who leave it lying around a student lab logged in as root.
On a more serious note, securit depends more on the person administering it than the software itself up to a point. Sure you _can_ leave yourself wide open on Linux as well as on Windows, it's just that on Windows it's much easier (eg using OE or IE or not turning off messaging services or RPC) compared to Linux (installing something compromised or bad physical security).
Beep beep.
Microsoft has started talking smack about their own products, instead of those of their competitors
I guess when you are so proficient at talking smack you are likely to hit one of your own at some point.
Don't cream in your pants just yet... Gates actually "described early versions of the Word text-processing program as "clunky."
I've had to download 5 updates in the last 3 days, so it must be getting safer, but one assumes if you're constantly downloading security patches there's got to be something insecure about it...
I have over 70 freaks, do you?
Of course the clunkiest feature of Office is the part where you have pay several hundred dollars for it. I wish they'd get that bug ironed out already.
I watched C-beams glitter in the dark near the Tannhauser gate.
Wednesday, October 22 2003 @ 06:44 AM EDT
... disputed the notion that open-source code is more secure than Windows. 'The data doesn't jibe with that. In the first 150 days after the release of Windows 2000, there were 17 critical vulnerabilities. For Windows Server 2003 there were four. For Red Hat (Linux) 6, they were five to ten times higher,' he said.
...well, what would be the precise word here? You hate to say lying. It's so cold.
You know I couldn't resist covering this story. Microsoft's Steve Ballmer picked up his glove and slapped Linux across the face in a speech given at an industry conference thrown by...who else, Gartner?
In his speech, he said some peculiar things about security:
"Ballmer
"'The vulnerabilities are there. The fact that someone in China in the middle of the night patched it--there is nothing that says integrity will come out of that process. We have a process that will lead to sustainable level of quality. Not saying we are the cat's meow here--I'm saying it is absolutely not good reasoning to think you will get better quality out of Linux.'"
Ballmer's being a naughty boy again. China indeed. "In the middle of the night." Trying to frighten the children with overtones. And playing with numbers. What year is it again? Red Hat 6? Pardon me for pointing it out, but they are up to 9 now. He's choosing a 150-day period from back in the day -- and I wonder how long it took to pick the best segment of time to use -- and using that for comparison? There is a lot that can be said about this, but it's not really necessary to do any research on this sad subject, I don't think. Everyone on a Windows box just went through the worst summer and fall of security issues of all time. They already know he's just
However, let's do a little research, just for fun.
Judge for yourself which operating system is more vulnerable to security problems by going down the list on CERT's Incident Notes page. It goes back to 1998. And here is their Current Activity page. It's almost all Microsoft issues. Here's their Vulnerabilities Notes page. It's all Microsoft, except for one, which isn't Linux. Here is their most recent quarterly summary. And after you look at all the data, what do you think now? Was Mr. Ballmer accurate? The only way I could find Linux prominently on any list was to type it into the Customized Search engine by itself on this page , and then when you get to the list, it's a list for all vulnerabilities of all the distributions of Linux, not just Red Hat. I couldn't find anything equivalent to Microsoft announcing a vulnerability and then saying there was no patch and you should just shut that particular functionality down. Ballmer said there were 17 critical vulnerabilities in Windows 2000 in the 150-day period and that Red Hat had considerably more. But look at the list: it shows only 16 vulnerabilities for all flavors of Linux for the entire year of 2000. CERT only lists the big ones, but Ballmer did say "critical". It makes you wonder where he got his numbers from or how he defines "critical".
Funny he would choose such an old time period, don't you think, for his comparison? Maybe it's because looking at July through October of this year would be devastating? I see only two Linux vulnerabilities on the list for that time period, both buffer overflow vulnerabilities, so evidently there has been considerable improvement on the Linux side.
Look at what could happen to you on a Windows box in the first two weeks of September 2003, though, just using a handful of the many recent vulnerabilities here and here and here and here and here and here and here. I didn't include July and August or October or the rest of September, out of kindness. Now, what Mr. Ballmer needs to do is show me anything like that kind of news coverage of security vulnerabilities in GNU/Linux, for any two week period. And speaking of critical, look at what the results could be from the Windows security issues:
"'An att
Mod me down with all of your hatred and your journey towards the dark side will be complete!
Since the sources to windows are not open, it would be most likely to have the fewest discovered security holes. Programs like OpenSSH and the Linux kernel itself (and many others) has sources available which makes it easier to locate the security holes but then again they are fixed quicker.
Now, since this isn't even true (according to PJ at Groklaw), we can only imaging how much more there is in Microsoft Windows.
Note to self: get smarter troll to guard door.
Gates highlights improvements in Office 2003 over Office 2000 during the product launch!
It's arma-fucking-geddon!
I don't need no instructions to know how to rock!!!!
The programs we sell right now are not any good!
So, as soon as the next version comes out, buy it! We will have everything fixed, honest!
Looking for people to chat about multicopters, coding, music. skype: gtsiros
Ballmer states that there's "nobody who has his rear end on the line" with Linux.
...
I posit that Linux developers have something rather important on the line; their reputations, professional and personal. When you ship open-source code, you are showing the world how good, or how bad, you are. Your reputation can be made or broken by the code you release.
Contrast that with all too many developers in commercial shops, whose code is read by nobody but their immediate co-workers and nobody takes responsibility for bugs.
If Microsoft employees' asses are on the line, show me a firing or two every time a security hole shows up. And not just the line programmers; bring me the heads of the designers who designed things badly, the project managers who made hitting deadline more important than getting it right, and the managers who let it all happen.
I would say that in the vast majority of cases, commercial programmers' asses are NOT on the line, in terms of security problems. As long as you crank out code fast enough to keep up with your co-workers
Of Course Windows is more secure than linux, once you disconnect it from the network...
Good security is based upon reality and common sense. Common sense is a function of having common knowledge.
Ballsack^H^H^H^Hmer said: "The data doesn't jibe with that. In the first 150 days after the release of Windows 2000, there were 17 critical vulnerabilities. For Windows Server 2003 there were four. For Red Hat (Linux) 6, they were five to ten times higher"
Why don't we compare Windows Server 2003 to RedHat Enterprise v3? Or Windows 2000 to RedHat 9? RedHat 6? That's what, 3-4 years old now!
And don't make me bring up WinME, Steverino.
"There is no road map for Linux, nobody who has his rear end on the line. We think it's an advantage a commercial company can bring--we provide a road map, indemnify customers. They know where to send e-mail." Steve Ballmer said. He neglected to add "It's not like we read that email, but at least you know where they can stick it - sorry, I mean send it", but was clearly thinking it.
Craft Beer Programming T-shirts
No, no and no.
Bullshit.
80% of the computer newbies I talk to have no idea what Linux or UNIX are. A lot of them do not make a clear distinction between the OS and the hardware it runs on.
"What kind of computer do you have?"
"Windows 95!"
geeky shirts and more
unusually ironic twist, Microsoft has started talking smack about their own products,
When you get into the big leagues, a league of your own, a world of your own, then the only critic you can accept is yourself.
Because, after all, everyone else is incompetent, a sniping dog of a rival, etc., or they wouldn't be as successful as us!
A consistent attitude from a company that brings us Innovation through embrace, extend and extinguish.
"Provided by the management for your protection."
I'll bet a few bucks that it does not allow customers to "indemnify" MS in any manner that the agreement could possibly defend against in a court of law, and a few that it couldn't, just for good measure.
"Neque enim lex est aequior ulla, quam necis artifices arte perire sua."
"It's too hard to find things in e-mail." translation: "We're going to start the murmurings now for a proprietary database-backed email system, from back end to user interface."
By making comments like this now, Bill will have leverage against the DoJ when they bring up the spectre of the anti-trust settlement. "It's a necessary feature--we recognised that back in 2003."
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
1. Microsoft now has to spend as much of its time competing against itself as it does everyone else. (Quote: "With each version of Office it gets harder for Microsoft to move customers up," said Michael A. Silver, vice president and research director at the research and advisory firm Gartner Inc.)
DUH. Pretty much everyone admits this. If they never EOL'd anything, people would probably just stay on NT4 with Office 97 (assuming it works for them).
2. Microsoft thinks it offers more advanced, and usually better products, and offers metrics to prove those points.
DUH. In other news, Linux organizations (along with "grass-roots" sites like Slashdot) offer counter-points and different metrics of performance, value, and success.
In 10 words or less, "Microsoft practices marketing, others offer rebuttal."
How's the new Office if you're a home user with small email volume? Is it a compelling upgrade?
ZOMG I WOULD LOVE TO KNOW ABOUT YOUR FEELINGS ON MACINTOSH VERSUS WINDOWS, VI VERSUS EMACS, AND HOW YOU'RE NOT A DORK
I guess that's what happens when you bloat Office up with pinball games, flight simluators and 3D Doom clones.
"Should there be a reason to believe that code that comes from a variety of people around the world would be higher-quality than from people who do it professionally? Why is its pedigree better than code done in a controlled fashion? I don't get that,"
I can see that: random security modules being submitted by guys at NSA. I mean really, what does the NSA know about computer security? Clearly the MS campus is streets ahead of those unprofessional losers...
Jedidiah
Craft Beer Programming T-shirts
That's the most ignorant thing I've read on here in a long time. Call your parents right now and ask them what their computer runs. They'll say Windows. Then ask them what Linux is. They'll say "A character in Charlie Brown?" Then call your kids junior high teacher and ask her, then call your priest and ask him, then call your gay uncle and ask him. The masses have no idea what Linux is, let alone anything about it's security vs. that of Windows.
Ballmer did make a questionable claim, but the submitter of this story made it more general than it really was.
In other words, he didn't say Microsoft Software (people start imagining IE, Outlook, etc...) in general is more secure than Linux, he said Windows 2000 and 2003 had fewer 'critical vulernabilities' than Redhat 6.
Now, I'm not defending Ballmer here, but I do wish story submitters would chill on the flame-bait headlines.
Now, with that aside, here's a few things wrong with that statement:
- One of those 'critical vulnerabilities' in Windows 2000 facilitated a very wide spread attack, something that hasn't happened with Linux.
- Redhat is up to what.. 9 now? Redhat 6 is going back at least a couple of years. It's disappointing that he didn't pick a more recent version of Redhat. Something tells me that their numbers for critical issues wasn't so interesting.
- The number of security issues is not a very good measure of security. Though it sounds great for the PHB's out there, but it is well documented that Microsoft's foundation is, in general not very secure. Those critical vulnerabilities are going to do more damage on a Microsoft Platform than a Linux based one.
So, to summarize: Ballmer's full of shit and the authors need to be more responsible in their reporting, especially when sites can be Slashdotted.
"Derp de derp."
One of the biggest issues is that rarely do these claims stack up comparable products. I was just reading the claim by Balmer saying Win2K is more secure (i.e., less patches) than RedHat 6.2, IIRC. Compare the kinds of vulnerabilities Balmer was referring to: in MS, there were a ton of holes that were rooted into the OS, making the whole system vulnerable (in general). In RH, many of the patches were for apps and tools that aren't installed automatically. Sure, your SSL-secured dildo-plus-IM app might have a hole in it, but it's probably not installed by default. Compare that to everyone's favorite RPC hole, or IE hole, found in EVERY version of Windows 2000.
Fuck it, not worth my time. I'm not a anti-MS zealot by any means, but it's time to /ignore what some of the annoying corporate PR trolls are screaming. If you want to get my attention, get an independent 3rd party (no, Gartner DOESN'T count) to show me some results and back them up with meaningful data.
"Hell hath no fury like a woman scorned for SEGA. ..."
sPh
"There is no road map for Linux, nobody who has his rear end on the line."
Quick, alert Linus and the rest of the kernel maintainers and planners. Also, better not spread around the road map for Linux so Ballmer won't look like a fool.
" We think it's an advantage a commercial company can bring--we provide a road map, indemnify customers."
ROFL! Indemnify?! Ever read a Microsoft EULA? You're on your own, buddy. How stupid does he think people are? Never mind, don't answer that...
" They know where to send e-mail. "
Oh, puleeeze! Ever try to complain to Microsoft about a bug in their software? Now, take that to the next level. Ever try to complain to one of their software developers about a bug in the particular software they wrote? What's that? You have no idea who wrote that piece of software? And you have no way of finding out? So tell me again where the accountability is.
"None of that is true in the other world. "
Uh, precisely the opposite of what you said, but thanks for playing anyway. Tell Steve what he's won. Seriously, it really is just the opposite. Linux code comes with people's name on it. You want accountability? Put your name on software used by millions and put it out into the world to be dissected.
"So far, I think our model works pretty well,"
(Wiping the tears from my face while I shake with laughter) If the current mess of the state of Windows is his idea of things working "pretty well," oh never mind...This speech sure wasn't directed at the cluefull.
That means, of course, that most reporters will report it verbatim and at face value. *sigh*
in an unusually ironic twist, Microsoft has started talking smack about their own products
finally microsoft does something innovative.
my pet machine
Ballmer proceeded to point at the thin air next to him for three minutes while muttering what sounded like 'their little pig eyes they bore into my soul like dirty knives' and scanning the audience.
"What about the security issues?" asked Jayson Blair, cub reporter for D-Cup Magazine.
"And those button bars with the sometimes incomprehensible tiny icons. Those are works of art!" cried Ballmer. "If you can't understand what one means, you are nothing more than an animal. An animal, I tell you! Do you hear? An animal who sleeps in his own wastes and eats his own children! Die!"
"Do you have any data to back up your claim of being more secure than Linux?" asked Asian reporter Trish Takinawa of Channel 104 Public Access in Parumph, Nevada.
"Data!" thundered Ballmer. "We're freaking Microsoft, toots! We don't need any stinking dat-"
Ha ha! This has gone far enough!" said a swarthy man in ninja clothing from the back of the crowd as he leapt up onto a dusty platform festooned with tattered remnants of long dead happiness.
"So! Phil Schiller. Head of Marketing at Apple Computer," Ballmer said. "I wondered when we'd meet again."
"And it is as I said, ha-ha, at a time and place of my design, ha-ha!" heckled Schiller has he drew his adamantine katana from it's sheath. Gold plated depleted uranium throwing stars twinkled and glistened with righteousness in his other hand.
Strange alien devices began to scuttle threatingly from Ballmer's massive pores. They dripped with sweat. The sweat hit the floor and burned little holes.
Reporters scattered in a storm of makeup and microphone cable. Somewhere, a bird of prey cried out. A baby cried. Someone broke Godwin's law for the 5000th time that day. An charmed quark spontaneously appeared, but only briefly.
Schiller's bright eyes started down the angry monkey eyes of his eternal nemesis, and the world held it's breath...
--- Ban humanity.
These threads invariably involve, at the top mod levels, derogatory comments about the quality of Microsoft code and products, conspiracy theories about the true motives behind Microsofts intentions (always), sarcastic jokes agreeing with the action in question, a sad reflection on how new users, PHBs and/or the world at large is accepting this action, and an impressively-inventive-if-completely unneccesary variety of miscellaneous other anti-Microsoft rhetoric.
I am not going to rehash the old and tired arguments about Microsoft, or even say I disagree with much of it. That is beside the point.
What is important is that open source in general and slashdot in particular should be different, and they are utterly NOT. Steve Ballmer comes out and spreads some FUD on Linux. Ya, it's FUD, and it's not true, and he's fundamentally wrong about quality and open source, and besides Microsoft just this and that and blah blah blah. So what.
I can see how the first two or three or ten times you hear this shit from Microsoft you want to scream from the mountaintops how wrong it is. What I utterly will never ever understand is how you can get off, get this big rhetorical hard on, four and five times a day week in and week out over the SAME BULLSHIT. It's FUD now just like it was FUD last year and FUD the year before that and, as far as the slashdot crowd is concerned at least, FUD in 1976 when Bill Gates wrote an Open Letter to Hobbyists.
It would seem to me that, confronted with all of this disagreeable stuff coming out of Microsoft, the slashdot crowd would eventually learn the productive and elevated response is to
A> Shrug.
B>Take the high road and acknowledge every sliver of truth in every criticism, ignoring the juvenile manner in which it may have been delivered, and use this reflection to further improve open source. Parse FUD for constructive crisiticism. If there is none to be gleaned see A>. Is there *anything* about Linux's patching model or security that could be improved? Is there the slightest kernel of truth in what Ballmer says?
But when I think about it I realize the benefit of anti-Microsoft jihad posts filled with propagandist comments isn't to convey any new information or spark new insights but to further reinforce and perpetuate the community formed around slashdot. Read Clay Shirky's brilliant A Group Is Its Own Worst Enemy. External enemy, religious veneration, it's all here. It's here to perpetuate the group, as human groups naturally want to do -- even when such patterns are against the interest of the original or stated goal of the group. A choice excerpt:
I'm sick of it, so what, everyone seems to love it, I'll just go now and click a preference and never look at the borg crap again. I just hope in time there is enough other content to read.
"Thank you for your "insight", Captain Obvious! "
and
"Thank you for explaining your "insight", Captain Obvious. "
I think I'm stuck in a Turing test. Are you a human or a chatbot?
You are a regular laugh riot. RTFM. There is a preferences setting if you don't want to read about MS. Use it or shut up about the number of MS stories. It's really that simple. The quantity of different types of stories on Slashdot is probably directly related to the number of submissions on those topics made by readers.
.sig) of MS and Linux security issues.
I'm not even going to get into the logical fallacies going on with your comparison (via
I do not have a signature
I can guarantee you that the average NASDAQ broker knows more about technology than you do.
Actually, a few clients at my computer repair store are NASDAQ brokers, and I can assure you that's not the case. One of them actually wanted to get rid of Windows XP in favor of Windows ME because they thought XP was incompatible with a linksys router.
in an unusually ironic twist, Microsoft has started talking smack about their own products, instead of those of their competitors.
It's not ironic, because Microsoft stands to suffer nothing by pointing out problems with Outlook. And that is because 1) it is still probably the most widely used email program, 2) there are no real significant challenges or competitors to Outlook (or Excel, or Word) out there, and 3) the problems BG is pointing out are relatively trivial and plague every other email program anyways. So MS can make these kinds of knocks on their products as much as they want...they just can't knock Windows.
And, as someone else has already pointed out, it always helps to sell new product. Doesn't almost every new feature set in any product imply there was something wrong with the previous versions ?
My father has his own accounting firm. When the software vendor for his tax program told him they were announcing end-of-life support for their Windows 98 software, he faxed back their announcement with "so support LINUX!" written across it in big black sharpie ink.
Stupid sexy Flanders.
Do we really need another bash-Microsoft article obsessively dissecting one sentence Bill Gates made at some promotional speech or interview or whatever?
Um, it was the Washington Post reporting on the "sentence" (although it was probably more on the orders of a paragraph or two), not Slashdot. We're not dissecting the sentence here. It's pretty clear that MS is going to have to make the sale based on overhyping the features of the new version and badmouthing the old. This sort of thing happens in companies all the time -- Clorox bleach had a big promo for powdered Bleach by badmouthing liquid bleach, their #1 product.
Just like a site focusing on Green Party politics would be crazy not talking about news concerning the Bush administration, it's important to talk about Microsoft here because for the forseeable future it will be that 800-lb gorilla that affects everything else in the tech industry.
If you really want to complain about excessive coverage, it seems like Apple has gotten more than its fair share of articles in the past week, too. Gee, maybe that's because there are a lot of newsworthy events going on with that company.
Things are happening with both Microsoft and Apple this week; big news items ( horrible security exploits patched followed by big talk from Balmer, iTunes for Windows, a Mac-based cluster possibly making #4 or #5 of the top 500 supercomputers). Maybe some things are happening on the Linux front; maybe not. But Linux is based around a community of nerds, not on a corporation with a snazzy PR department.
In a sense, this is exactly what makes Linux an ideal server platform: it's not "features" focused, and it's more into substance than style. It's also why it's less likely to break into the home desktop market any time soon (although it stands a chance in large-volume corporation and school environments).
Karma: Chevy Kavalierma.
So many people here love to claim that MS Word sucks ass, and Outlook blows donkey dicks. In fact, they don't. They do what they're supposed to do, and they do it well.
Yes! Your quite right!
It's Word that blows donkey dicks, not Outlook.
Outlook just looses your emails after 2 megs of data - oh, and it fucks you in the eye if you don't feed it.
Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.
Microsoft's greatest value to customers is building these features into the core operating system, he contended. "We essentially take cost and complexity out of the system ... as opposed to having to force our customers to cobble them together themselves," he said. "That is part of the open source world, the customer puts things together. We think part of our value proposition has to be we have to take a lot of that effort out. N
Wrong. You take the "cost and complexity" out of 3rd party software, so instead of the money going into other company's accounts, it goes into your own pockets.
As for 'putting things together' in the open source world, doing apt-get isnt harder than popping CDs in and doing installations. We do the putting together because we like to customize rather than being forced stuff down our throats. People order from a menu at the restaurant because they want to choose what they eat.
my blog
It's hard not to laugh at the bully when he complains about being picked on.
Anyways, I'm ready to keep bashing Microsoft until they get their bloody act toghether and no amount of whimpering will change my mind.
Open source is about calling things the way they are: saying as loud as possible when something important sucks and need to be re-written. In Linux, thats what happens: when it sucks badly, it gets re-written. This is a concept most corporations often have a hard time digesting because it's too expensive for them.
Do not spread "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0" over the internet, thank you.
Um... I'm sorry you're stupid. Does windows come with a built in firewall? No. Does Linux install with everything turned on? Nope.
Do MCSE qualified professionals know how to do anything outside of the gui? Rarely.
Not only is the OS more stable, comes with it's own firewall and forces you to turn on only the options you plan to use, Linux gurus/sys admins have to know how things work and are far more knowledgable than the average MCSE expert.
And do you know why there are so many version of Linux? because they are constantly patching their own security holes, adding new features and not sitting on their asses waiting for those security holes to go away on their own.
Wasn't it Steve Ballmer who said he wished those security experts would just shut up? Does that REALLY sound to you like he is concerned with computer security or just wants security through obscurity?
Get a brain then get a life.
This is my sig. There are many like it but this one is mine.
Then explain the rise in SCO stock.
"that's not encryption - it's a new perl script that I'm working on..." - from some Matrix parody
Besides, even if they don't know where to send the email, I'm sure SoBig does.
Stop the Slashdot effect! Don't read the articles!
"What kind of person are you?"C affeinated!"
"Engineer!"
"Left-dominant!"
"Hindu!"
"
"CowboyNeal!"
"Windows 95!"
More or less the same hardware, different software. Your answer depends on what factors you consider relevant. The hardware all behaves more or less the same modulo how fast things run; the software is far more interesting!
"The biggest problem with communication is the illusion that it has taken place."
Here's the number of updates for various Windows according to the MS SUS (Software Update Services) server.
Name Number of Updates
IE 5.0X 295
IE 5.5X 268
IE 6.X 567
Windows 2000 1476
Windows 2003 250
SUS server software is a free download from MS for non-domain controller Windows 2000/2003 server OS. If you don't believe my figures, download it and see for yourself.
1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
On the other hand, when I contribute stuff to Apache projects, I write tons of comments about why a particular approach was chosen and how the code might be extended. Plus I can do all the testing I want before I check it in. I don't about others, but I tend to write a piece of code, let it sit for a couple of days and review it. I try to be as brutal as I can and see where it's stupid or sucks. then once I am happy with the quality of the actual code, I test the hell out of it. That includes profiling, benchmarking and writing good documentation. How can MS compete against programming done correctly in the long run? I don't think they can change their culture over night or in a couple of years.
Actually, Windows 2003 Server only has 13 updates (including IE 6 updates for 2003 Server).
What you're seeing is the count of all updates for all versions for a given product (i.e. Server, Advanced Server, Datacenter, etc).
Same is true for the other numbers.
Dan
# of high and medium vulnerabilities, last 3 months:
Windows2000 = 11
RedHat -- Linux = 4
# of high and medium vulnerabilities, last 6 months:
Windows2000 = 13
RedHat -- Linux =11
# of high and medium vulnerabilities, last year:
Windows2000 = 24
RedHat -- Linux = 11
It's really that stupid. You can't kill the GPL without gutting copyright law. The GPL is a license that is much less restrictive than ordinary copyright. Ordinary copyright forbids copy without the permision of the owner. The GPL has conditions of copy so that permision does not have to be asked. The strength of the GPL is based on the strength of copyright. You can't kill one without the other.
Friends don't help friends install M$ junk.
Obviously, when you're a monopoly and you want people to believe in your company you're going to say, "We know all of our shortcomings and our only goal is fixing them".
However, if you're the _underdog_, you're NOT going to put the focus on your flaws. But, if you're the only bully on the block and everyone hates you for it, you're going to play the symphathy role: "My parents beat me into beating you".
Yeah right.
Fool me once, shame on you. Fool me twice, shame on me.
Don't think that a small group of dedicated individuals can't change the world. It's the only thing that ever has.
"With each version of Office it gets harder for Microsoft to move customers up," said Michael A. Silver, vice president and research director at the research and advisory firm Gartner Inc.
Therein lies the devil, ladies and gentlemen. Microsoft had the victory, but has no other business model than to sell Windows and Office (all other products fail to generate enough revenue to sustain the company). They have failed to move people over to a continuing license model, and with Linux slowly moving across the landscape like a juggernaut, Linux and products like Open Office will be "good enough" for Joe User and Ma & Pa Small Business. If Microsoft cannot come up with other solid revenues other than Windows and Office, they will lose.
Torvalds was right: "We want to take over the world but we don't have to do it by tomorrow - its OK to do it by next week, or even next month"
Ruby on Rails Screencast
I like to develop on Windows but for anyone to claim that Windows networking is easier is obviously smoking crack.
.NET either corrects or masks some of those deficiencies, except, most notably, in socket and file handle and process support. However, even in the case of .NET, "hard" problems of sockets are traded for make work for admins dragging and dropping and touching configuration files, with no clue.
Sockets are much easier to develop in Unix because Unix does the right thing with them. You can easily pass file handles between processes in Unix and it works quite well. All programming languages in Unix have convenient mechanisms that make it straightforward to pack and unpack data from streams, fairly easily. The whole concept of "rolling a protocol" that seems so mysterious on Windows is mysterious because the tools suck for that task on that platform!
Imagine, on Unix, you've been able to printf across a network [via a socket] for at least 10 years. What's up with Windows where even binding a socket to a c style file handle has to even take place?
Needless to say, Windows and Windows development tools have traditionally lacked in the networking department. Prior to the above, the official MS networking solution was DCOM, the languages were weak, the O/S APIs unfathomable, and the string handling facilities sucked and file handling was abyssmal.
Sockets and files themselves have not gotten fundamentally better in Windows since Windows NT 3.5. The only way this socket sharing across apps [ a prerequisite for stable web services ] is the kludgey HTTP.SYS driver that is in the next go around of Windows 2003 Server. Processes are still fundamentally peered, not owned, and killing an application still strands DLLs, and, the tools, while much better, generally either wrap an expansive library around an anemic O/S that by all rights should do it, or, write mountains of "wizard" generated code.
For thousands of dollars, you can go ahead and buy yourself a crappy version of what Linux has done since 1992 for free, and then spend thousands of dollars more on the tools required to program it.
Just keep in mind that if networking was so easy on Windows, then, Web Browsers, Web Servers, Email, Chat and virtually every other application that uses internet protocols in general and networking in particular was invented on UNIX, AND NOT WINDOWS.
I have 38GB on a new hard drive on my machine, and it's going to be partitioned for Linux.
This is my sig.
In a sense, this is exactly what makes Linux an ideal server platform: it's not "features" focused, and it's more into substance than style.
No, that's BSD. I mean come on... Linux is as much about hype as anything else.
-a
It may be funny, but I wasn't kidding. He's been asking me about linux for years, and as his small office grew from one machine to two, then three and four, he found out the hard way that Windows was never built to "share", that it's always just been one kludge on top of another to print to a remote printer, share files, and share applications.
That last one is the real sticking point. A good server with several clients is the ideal solution for a place like his (think thin). The way he's got it now, because of his slow growth into it, he's got to install the software on all the machines, the data is spread out all over the place, all the drives have different names on different machines (like I said - he grew into it without planning ahead, so you can blame that on him, but to name drives differently now would break everything).
When I told him about the ideal thin client solution, he thought that was an amazing concept. What's more amazing is how long the concept has been around and not implemented without kludgy hacks in Windows.
I could blather on and on about it, but it's not worth it. The software company doesn't care about Linux, and I've reminded him he's got other software that won't work in Linux. However, I believe he'd make the effort to switch if his primary accounting software was available in Linux - and if he could keep around the old versions (he's got to keep records for a certain number of years), maybe by using WINE or something.
Stupid sexy Flanders.
No, you're right. We should leave poor MS alone. They're obviously confused. After all, this is the same company who during the antitrust trial, said they couldn't share their source code with anyone due to national security concerns if the code got into the wrong hands.
Then later (2002) they told a federal court that sharing information with competitors could damage national security. And even said the code was so flawed it could not be safely disclosed.
Then in early 2003, they agreed to share the source code with China.
So it seems clear to me that they are confused and just need our sympathy. After all I'm sure they wouldn't intentionally risk our national security nor lie about the risks of sharing their source on the stand in federal court.
I like OSS as much as the next guy(well so long as the next guy isn't a slashdotter), but even KDE, which is IMHO the most attractive piece of OSS I've ever seen, has some clunky aspects to it's GUI.
Some would of course argue that a good GUI isn't the same thing as a good program, but those people aren't going to see office workers or home users using their product any time soon. Ever been to a cube farm? You think the kind of people who decorate their office to the point of madness are going to put up with staring at something unecessarily ugly all day if they don't have to?